Tuesday, 8 December 2009
For disapproval, "If You Gain Unauthorized Access To A Character In A Virtual World, Is It Theft?" (TechDirt, 01 December 2009)
Contra: "Is virtual boom our industrial revolution?" (TheGuardian, 10 September 2009)
And for encryption issues, "UK Man Jailed For Refusing To Decrypt His Files" (TechDirt, 02 December 2009)
"Facebook denies mass hijack was down to flaw" (ZDnet.co.uk, 11 November 2009) but a few weeks later, decides to change its approach to security as company policy! "Facebook forms safety advisory board" (07 December 2009)
I think here Google is over optimistic. Actually data security and privacy is the very reason why I choose not to use the different services available, despite the fact that it would have made my life much easier. "Google: Data is more secure in the cloud" (ZDnet.co.uk, 03 November 2009)
"UK police make Zeus Trojan arrests" (ZDnet. co.uk, 19 November 2009)
"Former YouSendIt chief accused of DoS attack" (ZDnet.co.uk, 02 November 2009)
A similar policy would not be amiss in the UK given the new UK cybersecurity Centre and the complete inadequacy of the RIPA to protect citizens' privacy from interference by whichever government agencies "Government curbs councils' Ripa powers" (ZDnet.co.uk, 04 November 2009)
"UK cybersecurity centre starting operations in March" (ZDnet.co.uk, 13 November 2009)
and the more general view of Thomas Berners-Lee "Web under threat from 'snooping' authorities" (Euractiv, 04 December 2010)
because "Home secretary considers Nasa hacker plea" (ZDnet.co.uk, 11 November 2009)
"McKinnon case puts IT ethics in the dock" (ZDnet.co.uk, 05 October 2009)
"iPhone worm could be used to create botnets" (ZDnet.co.uk, 23 November 2009)
"Un nouveau virus s'attaque à l'iPhone" (JDN. 24 November 2009)
which in turn, means good jobs for technicians and ex-hackers/malware writers "Rickroll virus author hired by iPhone app company" (ZDnet.co.uk, 27 November 2009)
Moreover, the list of 'offenders' can be requested by anybody victim of copyrights infringement. But in the past, did we not need a search warrant? i.e. a judge assessing the claim made by prosecution/victims?
For the bill itself, http://www.publications.parliament.uk/pa/ld200910/ldbills/001/10001.i-ii.html
For a preview before the Bill went to Parliament, "Mandelson puts 'three strikes' internet plan in motion" (ZDnet.co.uk, 28 October 2009)
"Digital Economy Bill gets tough on file-sharers" (ZDnet.co.uk, 20 November 2009)
"Digital Economy Bill: Industry disputes gov't claims" (ZDnet.co.uk, 20 November 2009)
"Web giants attack Digital Economy Bill" (ZDnet.co.uk, 02 December 2009)
"GCHQ supplier pans government file-sharing plans" (ZDnet.co.uk, 27 November 2009) and
"UK Politicians Pushing Back On Mandelson's Digital Economy Bill" (TechDirt, 03 December 2009) but on the contrary, "Virgin Media to monitor traffic for file-sharing" (ZDnet.co.uk, 26 November 2009)
"Yes, But Will Sergey Brin Take Peter Mandelson Out To Dinner At A Fancy Resort?" (TechDirt, 02 December 2009)
The funny side of things is that mobile industry cannot identify offenders. So guess what? do not use your home computer. Use your smartphone! "Mobile industry 'cannot identify pirates' " (ZDnet.co.uk, 24 November 2009)
To put the whole debate in perspective, read this interesting article that shows how powerful is the lobby against piracy. There is nothing about morals here, but only about economic gain, and some cynics may add, about economic greed. "European ISPs attack secret Acta copyright talks" (ZDnet.co.uk, 02 December 2009)
See also, more generally on the use of the internet for surveillance purposes but without the traditional safeguards of a warrant, the interview of Tim Berners-Lee, the "Web inventor: 'Snooping' authorities threaten Internet" (Euractiv.com, 03 December 2009)
And the EU stand against this new trend of legislation, even before the UK Bill was drafted: "European 'internet freedom' law agreed" (ZDnet.co.uk, 05 November 2009) "One promise needed for internet freedom" (ZDnet.co.uk, 05 November 2009)
Monday, 7 December 2009
- first, Blackstone's understanding of property was that of physical property (one author calls it physicalisation of property, Vandevelde K, "The new property of the nineteen century: the development of the modern concept of property", (1980) 29 Buffalo Law Review 325 ; most of us still use the term of tangibility) and that of exclusivity of property. Obviously, with information, the two paradigms are challenged: full intangibility with no possibility to transform it into something tangible; no exclusive control that would exclude per se the (legal) intervention of another
- secondly, the origins of copyrights are indeed into protecting the printing guilds. They had the right to copy; protection of the book trade. With the licensing system being abolished in 1694, the printing "firms" could not benefit from copy rights. Hence, they demanded that the authors should be granted copyrights, a request made with the hope that they, as printing press, would benefit indirectly from this right in the same way that they benefited from the original copyrights existing prior to 1694. The lobbying of Parliament resulted in the Statute of Anne 1709. Hammon G., "The legal protection of ideas", (1991) 29 Osgoode Hall Law Journal 93. I found this piece of history fascinating because most articles published (but not books!!!) do not bring a single penny to their authors, but do allow publishers to make a living out of it ... like in the good old days of the licensing system enforced at the time when printing was invented. Not that everything is bad with the new system, but, as I highlighted earlier, copyrights are not simply about the authors. The problems we face with online piracy should be seen under that light.
Thursday, 26 November 2009
Label Exec Arrested For Not Using Twitter To Disperse Crowd At Mall To See Singer (TechDirt, 23 november 2009)
Wednesday, 18 November 2009
Emprisonment for a theft he has not committed, a man managed to be freed and charges dropped after his lawyer tracked down a message he sent at the precise time when the robbery happened.
Obviously, the alibi has been corroborated by witnesses; hopefully also, when one thinks of the ease it is on facebook to fake identities.
Sauvé de la prison grâce à Facebook (o1net., 13 november 2009)
Facebook As Your Alibi (TechDirt, 12 November 2009)
L'usurpation d'identité, côté juridique (Les Echos, 7 October 2009)
Frankly, given the short comings of the Hadopis, one really wonders whether Parliament should not have just paused and thought a bit, rather than rushing about.
See (all in French) Marinese http://www.juriscom.net/actu/visu.php?ID=1157 (3 november 2009)
Rojinsky, http://www.juriscom.net/actu/visu.php?ID=1155 (28 October 2009)
Thoumyre being interviewed, 3 November 2009 http://www.pcinpact.com/actu/news/53927-claire-chazal-reponsabilite-diffamation-hadopi.htm
And for a longer analysis by V. Benabou, Glose de la loi favorisant la création et la protection de la creation (dite HADOPI) (Juriscom.net. 7 november 2009)
And the link towards the two Acts: http://www.service-public.fr/actualites/001268.html?xtor=EPR-140 that are on Legifrance
Obviously, the UK contemplates introducing similar legislation and does not seem to be put off neither by the peripetieas of French law, nor by the criticism the system attracted/attracts.
UK Gov't Official: Innocent People Won't Get Kicked Off The Internet; Trust Us (TechDirt, 12 November 2009)
On the international dimension of piracy, there is the Anti-Counterfeiting Trade Agreement (Rees, 9 November 2009, http://www.pcinpact.com/actu/news/54030-acta-hadopi-riposte-surveillance-internet.htm)
Thursday, 12 November 2009
Teens Sue School After Being Disciplined For MySpace Photos (TechDirt, 2 November 2009)
According to comments, the tools are not very good and 'bad guys' use better tools. For the UK, that relates to section 3A of the revised CMA 1990.
Microsoft's COFEE Computer Forensic Tools Leaked (techDirt, 9 November 2009)
That's Rich: China Accuses Google Of Censorship (TechDirt, 28 October 2009)
But what really is interesting are the comments made after that post. I particularly liked one made by JGM on NOvember 9th, who explained, if I understood him/her well, that virtual goods are a valid business model because it is programmers selling the fruit of their labor in a very competitive market. As such, the sale of virtual goods was completely different from scam/spams which rely on illegal actions to force somebody into spending money (=fraud).
Virtual Goods, Scams, Investigative Reporting And The Media (TechDirt, 9 November 2009)
Advance Fee Scams Are Based On Greed, So Their New Favorite Target? Lawyers! (Tech Dirt, 22 October 2009)
Wednesday, 11 November 2009
Judge Says No Twittering From The Courtroom (TechDirt, 10 November 2009)
THis is rather silly and a complete misunderstanding of what Twitter as a company does. Levi Johnston's Lawyers Threaten Twitter, Despite No Legal Basis (TechDirt, 9 November 2009)
And the issue of spam also seems a bit hyped up. It Doesn't Matter How Many Twitter URLs Are Malware... Only If People Are Clicking (TechDirt, 30 October 2009)
Will Three Strikes Ever Really Get Implemented In The UK? (TechDirt, 30 October 2009)
As Expected, Mandelson To Introduce Plan To Kick File Sharers Off The Internet (TechDirt, 28 October 2009)
UK Law Enforcement Tells UK Gov't: Please Don't Kick File Sharers Offline (TechDirt, 27 October 2009)
France Agrees To Kick File Sharers Off The Internet Again; Lobbyists Call It 'Consumer Relief' (TechDirt, 22 October 2009)
Tuesday, 27 October 2009
apart from the issue of the audience, there is the issue of the message contents: 140 characters means strong language to be used in order to accept defamation. Here, there seems to be confusion between criticism and defamation...
Monday, 26 October 2009
Linden Lab Sued Over Copied Virtual Goods (TechDirt, 18 September 2009)
Is It ID Theft Or Was The Bank Robbed? (TechDirt, 19 August 2009)
Is It Identity Theft Or A Bank Robbery, Part II: Couple Sues Bank Over Money Taken (TechDirt, 11 September 2009) - well the side effect of crime: civil liability for the banks, especially if they were grossly negligent. However, in criminal terms, there is rarely crime by omission.
Michigan Supreme Court Issues New Stop Twittering Rule For Juries (TechDirt, 17 July 2009)
Google deactivates Gmail account after bank error (ZDnet.co.uk, 29 September 2009)
And the US Governement is looking for 10000 IT experts US on hunt for 1,000 cybersecurity experts (ZDnet.co.uk, 05 October 2009)
And the new Centre for Secure Information Technologies (CSIT), has been opened at Queen's University Belfast (ZDnet.co.uk, 24 september 2009)
Trojan swipes money from your banking site (ZDNet.co.uk, 30 september 2009)
with a similar method:
Facebook closes fake profiles spreading malware (ZDnet.co.uk, 2 oct 2009)
Fake Outlook Web Access update sets malware trap (ZDnet.co.uk, 16 October 2009)
Un botnet s'attaque aux résultats de recherche des moteurs (JDN, 05 October 2009) with a botnet allowing fraud/spread of malware resulting from clicks on results from search engines, the click redirecting towards a website. See its English version, Botnet click fraud hits a high (ZDnet.co.uk, 23 October 2009)
Access/use of webmail accounts
Phishing attack hits thousands of Hotmail accounts (ZDnet.co.uk, 06 october 2009)
and a resurgence of the 419 scams! Washington Post Says Economy Is Bad... No, Good... No, Bad For Nigerian 419 Scammers (TechDirt, 10 August 2009)
Hacked web mail accounts used to send spam (ZDnet.co.uk, 09 October 2009)
E-crime victims uncertain where to turn (ZDnet.co.uk, 27 August 2009)
Three indicted in largest-ever US hacking prosecution (ZDnet.co.uk, 18 August 2009)with one of them pleading guilty to ID theft
Hacker pleads guilty to ID thefts worth millions (ZDnet.co.uk, 2009)
It is quite fascinating in terms of what it reveals: how people use different websites and adapt to them, how adverts could better target consumers...
For a less positive outlook on social networking, a series of reports/news:
- the EU preoccupation with Facebook as a portal to cybercrime. Facebook: A new battleground for cyber-crime (Euractiv, 27 July 2009)
- the security issues Facebook faced and that allowed for data to be 'stolen'. Warning as rogue Facebook apps steal log-in data (ZDNet.co.uk, 20 August 2009)
Apart from the costs of it all, what is interesting is the fact that the attack against one person/entity triggered problems for everybody else using the services of Twitter, Facebook and Google. The collateral effects are damning.
Blogger targeted in Twitter, Facebook DoS (ZDnet.co.uk, 7 August 2009) and Cyberattack That Brought Down Twitter & Facebook Only Highlighted The Guy It Hoped To Silence (TechDirt, 10 August 2009)
French version: Twitter rendu indisponible par une attaque visant un internaute (JDN, 7 August 2009)
Facts of 2nd attacks:
Twitter suffers outage following fresh attack (ZDnet.co.uk, 12 August 2009)To which extend the botnet was part of the 2 attacks, it remains to be seen: Security firms reveal botnet on Twitter (ZDnet. co.uk, 17 August 2009)
For an explanation on the Court's reasoning, the interview of Karen Todner on 31 July 2009 is extremely useful despite its brevity (1mns 20). The Court did not think the DPP had enough evidence to charge Mr McKinnon in the UK; and the secretary of State's decision on the basis that the Asparagus syndrome was not serious enough was also justified.
McKinnon's lawyer notes that the process has been going on for the past 7 years. How much waste of money and time will trigger a revision of the US-UK extradition treaty?
This lost suit triggered a series of appeal to compassion, although one has to note that compassion is usually a ground for sentencing...
Mr. McKinnon's mother (ZDnet.co.uk 31 july 2009)
Given that the appeal against the High COurt's decision is unlikely to succeed, the last option is for the prison sentence, if to be pronounced, to be executed back in Britain rather than in the US. Political support builds for Nasa hacker (ZDnet.co.uk, 3 August 2009)
This depends on the US willingness to do so, often on the condition not to release the prisoner on other grounds than medical.
Since, some MPs thought of asking for an appointment with the US ambassador (ZDNet.co.uk, 10 September 2009)
And McKinnon filed suit, for the second time, before the European Court of Human Rights: Nasa hacker fight heads to Europe (ZDnet.co.uk, 09 October 2009)
For a more general outlook on the case in relation to IT professionals and work ethic: McKinnon case puts IT ethics in the dock (ZDnet.co.uk, 05 October 2009)
Friday, 24 July 2009
"Twitter hacké : 310 documents confidentiels volés" (JDN, 16 July 2009)
More surprising: "Cisco reports rise in text-message scams" (ZDnet.co.uk, 15 July 2009)
And quite welcome: France now has its Agence nationale de la sécurité des systèmes d'information, or National Agency for security of information systems, with a budget of 90 millions euros and 120 people working and potentially 250 by 2012. Its role is to detect and prevent cyberattacks on information systems (=the net)
"La cybersécurité hissée au rang de priorité nationale" (JDN, 09 July 2009)
12% of Americans do open spam messages and fall in the trap according to the Messaging Anti-Abuse Working Group (MAAWG)
Le spam séduit 12% des internautes nord-américains (JDN, 16 July 2009)
which seems in line with the following story: that the social networking firm Tagged.com spammed in order to get people to subscribe to its services. Le 3ème résau social US accusé de spammer l'Internet mondial (JDN, 10 July 2009). Obviously in breach of CAN-Spam Act and fined by the Federal Trade COmmission
Nasa hacker 'more hopeful' (ZDnet.co.uk,
McKinnon judicial review application on Tuesday (ZDnet.co.uk, 13 July 2009)
Thursday, 23 July 2009
The article is definitely not a cybercrime perspective as such: there is piracy, but I think the issue of piracy is first of all an issue about what we want with copyrights; domain names attribution is looked at and again there is no incidence in criminal law for that.
However there is an interesting parallel with telephone companies when it comes to surveillance. We all know that surveillance of contents on phone conversation requires preliminary investigation: governments are not allowed to wiretap telephone conversations just to find out about illegal contents (or let's put it that way: in democracies, they are not supposed to do random wiretapping without warrant). Why should the net be treated different? Apart from the non feasibility of spying on all contents, it's nothing different and privacy is key.
Politicians should stay out of internet policing (ZDnet.co.uk, 22 July 2009)
which is obviously not what the UK Government does as it poured 10 millions pounds on monitoring.
"Gov't boosts spending on web monitoring" (ZDnet.co.uk, 13 July 2009)
whereas in France, Mr. Alain Bravo for the Assemblee Nationale (Parliament), published his report on security and digital economy to explain six scenarios, from no control apart from big firms' to too much control... http://www.assemblee-nationale.fr/13/rap-info/i1670.asp
Will France's Three Strikes Law Also Allow Gov't Email Surveillance? (TechDirt, 21 july 2009)
Le vote de la loi Hadopi 2 reporté au mois de septembre (JDN, 21 July 2009)
Saturday, 18 July 2009
Friday, 10 July 2009
(9 July 2009)
Surprising that Prof Goldsmith would accept more monitoring of the net by Government, because education and information sharing are not proven methods to secure the internet.
Sandrine Rouja, Une deuxième loi "création et internet" pour juillet, versant pénal (25 June 2009)
Le Sénat adopte le projet de loi HADOPI 2 (Juriscom. 9 July 2009)
for the details (in French) on the French Senate website: http://www.senat.fr/dossierleg/pjl08-498.html
The bill has now been approved by Senate. Two main measures: one against the person pirating with the already existing 3 years prison and 300.000 euros fine, but with the additional sentence of forbidden access to the internet; the second measure is against the person who would not have secured her/his connexion once warned that his/her IP address was used for pirating, under the basis of "characterised negligence". The latter offence would be a misdemeanour.
The procedure remains that of the "ordonnance penale" thus an expeditive procedure used for mass offences (contentieux de masse) like driving offences. On that see Masnik's view from the US:
On the general debate on intellectual property and whether the rules should be changed, a.k.a. created products should be available for free, Pierre-Yves Gautier, French Professor at Paris-Assas, was interviewed on 1st July 2009 in the (left-wing) newspaper Liberation. He notes the sociological phenomenom of illegal downloading and criticises the idea that intellectual property is not equivalent to property or is a sub-class of property not worthy of protection, and that their owners/inventors should beg to make a living out of it.
La propriété intellectuelle, un sous-droit (1st July 2009)
I feel it is a very simplified view of the matter, given that the people really opposing piracy are mostly linked with Hollywood and that artists like the Monthy Pythons chose a different route. For my own work, as an academic, I don't like the fact that my articles are not freely available once I published them. Frankly the publisher nowadays does not do much: I am the one typing the article, reviewing all references and proof-reading at least twice (publisher only once). The peer-review is done free of charge for the publisher who rarely pays the reviewers. And the cost of printing is becoming inexistent as most journals are available online or only online. yes there is all the coordination stuff; by experience, I know how time-consuming it can be. But worst of all if the argument of IP is that creators should get their share of the money, well: I am not paid a single bit of a penny to publish. Arguably, as an academic I am paid by the University which employs me, but I am certainly not paid per article, and publishing is just one out of three jobs I am supposed to fulfill. So why should my work not be freely available?
Monday, 6 July 2009
Thursday, 2 July 2009
An analysis of the CNIL's 2008 report on its work to protect privacy. There seems to be a shift in liability from Government to private firms which, in French law, are responsible to protect access to private data and to ultimately destroy it. The liability is actually of a criminal nature with heavy fines, up to 1.5 millions of euros and 5 years emprisonment. Considering that most firms do not know what the law is about and do not have the capacity to comply with the legislation, this is quite scary. The CNIL also notes that it does not have the means to continue its role in the field as the audits, which would help the firms to understand what they need to do, cannot be financed.
China Government announced it was cracking on the practice. As noted in the post, hard to see why such a stance. The practice does not have an immense impact on the country's economy. Social rights of workers? hardly so. Does the Government want to control the practice in order to do it itself?
Interesting impact assessment of the new proposal conducted by the newspaper La Tribune. If 50 000 cases per year are to be treated, 109 posts would have to be created of which 26 for judges. In 80% of cases, the judge will use the abbreviated procedure of "ordonnance penale". The remainder will go to the equivalent of the Crown Court (Tribunal correctionnel)
It is not an accusation against Google, just an acknowledgment of the powerful tool that is Google Earth. In other words, thieves of rare fishes are smart enough to look at gardens from the sky to detect ponds and unusual features indicating potential rare catches.
After the uproar when people learnt that China ordered computers made in the US to incorporate a filtering software, there seems to be a back up. Obviously, the Minister of Industry and Information Technology refused to acknowledge attempts to curtail free speech. As in the West, the official line is that filtering is necessary because of child porn. But I wonder what it really means? Will they do it next time without bothering to say anything, 'hidding' the software in the hard drive?
PC makers lobby, but prepare for China censorware (ZDnet.co.uk 29 June 2009)
See also in French:
Logiciel de filtrage Web : la Chine fait marche arrière (JDN, 1 July 2009)
I don't think the EU Chamber of commerce's opinion had any influence, although one never knows how much concerns about money may have weighted in the balance.
EU Chamber urges China to rethink internet filter (ZDnet.co.uk, 30 June 2009)
Friday, 26 June 2009
Cloud computing et confidentialité des e-mails (Euractiv, 17 June 2009)
Child Porn Blacklist Group Claims Its Approach Is Working, But There Are Lots Of Questions(TechDirt, 30 April 2009)
See previous post http://cybercrimeatessex.blogspot.com/2009/02/transparency-in-cybercrime.html
The information originates from the Financial Times with its correspondent.
Surprise: Beijing Court Sides With Victim Of Internet Censorship (TechDirt, 27 May 2009)
Victim of Beijing internet censorship wins landmark court ruling (FT, 26 May 2009)
and a French summary of the report on JDN 17 June 2009
Swedish Appeals Court Denies Pirate Bay Retrial -- Says No Bias By Judge(TechDirt, 25 June 2009)
No access to internet for a maximum of a year; any attempt to reinstate the connexion would attract up to 2 years imprisonment and 30 000 euros fine (about 21 000 pounds). I find it fascinating that at a time where copyrights regulations, hence piracy, are strongly criticised in their very existence, the Government chose to take a stand harsher than what happened sometimes when somebody's life and well being is at stake. In other words, money linked with copyrights has more value than the protection of the person, say on social networks. This discrepancy in priorities is typical of the regulatory approach to the internet (think of the US where striking down the legislation on child porn in the name of free speech meant property is better protected than the child's person/body abused by adults), but I can't get over it, and hope I actually won't get over it.
Moreover the procedure used will not involve a contradictory debate but will be one of those simplified ordonnance type of procedure, which when one thinks that freedom of communication is at stake here (including jobs because today one cannot work without internet), is pretty troubling.
Un texte plus répressif pour sanctionner le piratage (JDN 25 June 2009)
Given that the basis of those networks is to share information, often without consent, the recommendation would be a blow to those technologies. I personally think it is not the way forward; rather, we should differentiate between those participating in the network and those not participating. Those in, by the fact of subscribing, should have a opt-out; those not in should have an opt-in.
More sensible is the recommendation that social networks warn clearly and extensively at the level of disclosure faced by their users and how that information could be used against them or their family and friends.
See the summary on Euractiv
For the report itself, Article 29 Data Protection Working Party
It is worth comparing with the 2007 report from ENISA, the rather silent EU agency on cyber issues, Enisa Position Paper EU agency for network and information security suggests updating legislation to face new social networking-related risks (25 October 2007)
Thursday, 25 June 2009
Hence the importance of the Agreement on Mutual Legal assistance http://www.statewatch.org/news/2009/may/uk-eu-usa-extradition-mutual-assistance.pdf
Position on the processing of traffic data for “security purposes” (21 March 2009) on the statewatch website
beaware: Europol exists since 1992
UK launches dedicated cyberattack agency (ZDnet.co.uk, 25 June 2009)
Pentagon moves to protect military networks (ZDnet.co.uk, 24 June 2009)
Before it was even adopted by Parliament, the French bill that promoted the three strikes policy in its attempt to fight piracy was doomed.
The EU Parliament condemned it (See TechDirt, 6 May 2009) EU Says No To Three Strikes On Accusation Only; Requires Court Order
and even the UK TalkTalk ISP (TechDirt, June 9, 2009) director considered it was silly to forbid, "pirats will always win" UK ISP Boss: 'The Pirates Will Always Win'
Without surprise, the bill, passed by an empty Assembly, was declared unconstitutional by the Constitutional Council and thus in effect can only become a Statute if the unconstitutional provisions are withdrawn.
"French Constitutional Council Guts 'Three Strikes' As Unconstitutional" (TechDirt, 10 June 2009)
Legally, the decision is particularly enlightening when it comes to the grounds of unconstitutionality. The Council found several flaws, all in line with what I have been writing about in this blog:
- violation of freedom of speech and communication because the sanction was not decided by a court, but by an administrative agency; I keep saying that a court/ the judiciary has to decide on withdrawing illegal content as much as who committed any other illegal behaviour
- "16. Considérant que les pouvoirs de sanction institués par les dispositions critiquées habilitent la commission de protection des droits, qui n'est pas une juridiction, à restreindre ou à empêcher l'accès à internet de titulaires d'abonnement ainsi que des personnes qu'ils en font bénéficier ; que la compétence reconnue à cette autorité administrative n'est pas limitée à une catégorie particulière de personnes mais s'étend à la totalité de la population ; que ses pouvoirs peuvent conduire à restreindre l'exercice, par toute personne, de son droit de s'exprimer et de communiquer librement, notamment depuis son domicile ; que, dans ces conditions, eu égard à la nature de la liberté garantie par l'article 11 de la Déclaration de 1789, le législateur ne pouvait, quelles que soient les garanties encadrant le prononcé des sanctions, confier de tels pouvoirs à une autorité administrative dans le but de protéger les droits des titulaires du droit d'auteur et de droits voisins ;"
- violation of presumption of innocence by reversing the burden of proof to the accused; it is what I always found disturbing in those cases where the RIAA in the US bring lawsuits/charges before the Court and it is most of the time for the defendant to find proof s/he did not commit the action.
- "18. Considérant, en l'espèce, qu'il résulte des dispositions déférées que la réalisation d'un acte de contrefaçon à partir de l'adresse internet de l'abonné constitue, selon les termes du deuxième alinéa de l'article L. 331-21, " la matérialité des manquements à l'obligation définie à l'article L. 336-3 " ; que seul le titulaire du contrat d'abonnement d'accès à internet peut faire l'objet des sanctions instituées par le dispositif déféré ; que, pour s'exonérer de ces sanctions, il lui incombe, en vertu de l'article L. 331-38, de produire les éléments de nature à établir que l'atteinte portée au droit d'auteur ou aux droits voisins procède de la fraude d'un tiers ; qu'ainsi, en opérant un renversement de la charge de la preuve, l'article L. 331-38 institue, en méconnaissance des exigences résultant de l'article 9 de la Déclaration de 1789, une présomption de culpabilité à l'encontre du titulaire de l'accès à internet, pouvant conduire à prononcer contre lui des sanctions privatives ou restrictives de droit ;"
- 27. Considérant que la lutte contre les pratiques de contrefaçon sur internet répond à l'objectif de sauvegarde de la propriété intellectuelle et de la création culturelle ; que, toutefois, l'autorisation donnée à des personnes privées de collecter les données permettant indirectement d'identifier les titulaires de l'accès à des services de communication au public en ligne conduit à la mise en oeuvre, par ces personnes privées, d'un traitement de données à caractère personnel relatives à des infractions ; qu'une telle autorisation ne saurait, sans porter une atteinte disproportionnée au droit au respect de la vie privée, avoir d'autres finalités que de permettre aux titulaires du droit d'auteur et de droits voisins d'exercer les recours juridictionnels dont dispose toute personne physique ou morale s'agissant des infractions dont elle a été victime ;
Censure du Conseil constitutionnel : pas d'happy end pour l'HADOPI (Juriscom. 10 June 2009)
"French court curbs internet piracy legislation" (ZDnet.co.uk, 11 June 2009)
David El Sayegh (Snep)"Couper l'accès Internet comme on envoie les contraventions établies par les radars" (JDN, 11 June 2009)
Use of 3D games to train pilot - positive use of technology, but one cannot be left but to wonder whether the reality of those games could have adverse effects in certain conditions and be responsible for more violence?
And what if the robots copy 'bad' behaviours and commit crimes? fiction? not so much if one believes this article about a child robot which memory increases by copying real human behaviour. "CB2 : parfait pour un prochain film d'horreur" http://www.journaldunet.com/hightech/salon-multimedia/dossier/ils-sont-la-et-nous-ressemblent-les-robots/cb2-parfait-pour-un-prochain-film-d-horreur.shtml
this made me think about the work of Michelle Hildebrand from Rotterdam/Brussels...
For new areas of fraud coming up soon given the huge development of mobile phone banking:
Le m-paiement atteindrait 250 milliards de dollars d'ici 2012 (JDN, 23 June 2009)
The problem is as usual: safety is done through sharing of information. But how this information is collected and used remained very much undefined... So not surprisingly, there are oppositions to the Stockholm programme
See the Statewatch's summary: http://www.statewatch.org/future-group.htm (
and also the seminar organised on 31 may 2009 http://www.statewatch.org/news/2009/may/surveillance-states-seminar.pdf
with references to the European Civil Liberties Network's own analysis http://www.ecln.org/ECLN-statement-on-Stockholm-Programme-April-2009-eng.pdf
One can only agree when one looks at the EU Council's report of the "Check the Web" project launched in 2007 and presented by Europol to the COuncil on 15 May 2009 http://www.statewatch.org/news/2009/jun/eu-europol-use-of-personal-data-in-the-check-the-web-project-9604-09.pdf
and the analysis provided by Cryptohippie on Statewatch's website, which describes well what is a police state and how blissfully unaware we can be until it is too late http://www.statewatch.org/news/2009/jun/electronic-police-state-2008.pdf
See also, Watching the computers. Function creep allows EU states to use intrusive remote computer searches to target any crime, however minor (TheGuardian, 9 June 2009)
the fact that the surveillance attitude is widespread does not help Canadian Politicians Want To Pass Internet Snooping Legislation (TechDirt, 19 June 2009)
And contrary to the wide-spread feeling, security is not a justification per se for surveillance even if obviously increased CCTV and the like can help detecting crime As Google Agrees To Delete Unblurred Street View Images In Germany, One Is Used To Solve A Crime
Finally, see EU Parliament on the subject
with its "REPORT with a proposal for a European Parliament recommendation to the Council on strengthening security and fundamental freedoms on the Internet
(2008/2160(INI))" (25 February 2009)
and the HL view on procedural rights in EU criminal proceedings http://www.statewatch.org/news/2009/may/eu-hol-ec-procedural-rights.pdf
As pointed out, one cannot settle when the facts established demonstrate an impossibility to commit the action. The RIAA is manipulating the language to appear victorious when its actions embody utter failure.
More troubling, is the issue of evidence. What would have happened if this woman owned a computer but never filed share? How is the RIAA collecting its evidence? Are we not here faced with illegal surveillance?
In that sense, Norway's position to avoid general surveillance for just an issue of IP makes much more sense.
Norway Decides Privacy Is More Important Than Protecting The Entertainment Industry's Business Model (TechDirt, 24 June 2009)
Obviously, Norway's position obliges to rethink piracy and the IP rules. The analysis of Shakespeare's work and how the famous poet and writer borrowed from traditional folk tales and their various interpretations by other authors is quite enlightening about the real issue IP legislation create, especially in a world which works on the basis of networks and sharing.
"Would King Lear Ever Have Been Written If Copyright Law Existed?" (TechDirt, 23 June 2009)
"The Guardian Embraces Crowdsourcing The News In Useful Ways" (techDirt, 24 June 2009) (The Guardian put online all the data on the MPs' expenses scandal - ordinary people digged out what they found interesting and journalists just check and put the information within a broader perspective
How sending an e-mail can breach the peace, I am puzzled. It was not a collective e-mail, say to the whole of the University, what would have justified (maybe) the analogy of the public forum. At most, the e-mail, if repeated at least once, would fall within harassment, but certainly not breach of the peace.
Disciplinary actions might also be foreseen if the university charter of conduct was breached
Tuesday, 16 June 2009
Court hears Nasa hacker 'at risk of psychosis' (ZDnet.co.uk, 9 June 2009)
Judges delay decision in Nasa hacker case (ZDnet.co.uk, 11 June 2009)
The Conseil constitutionnel (French Constitutional Court) rejected part of the Bill nicknamed Hadopi in its provisions that were allowing an administrative authority to cut the right to access the internet. The Authority, although independent, did not provide sufficient safeguards to the internet user, given that was at stake freedom of expression. Only a court, as part of the judiciary with its own requirements of independence and impartiality, could take such decision.
The decision is interesting for several reasons:
1- in relation to the "independent administrative authority" system which France is so fond of, the decision puts a halt to a recurrent trend to transfer legal issues from the courts to non judicial authorities.
2 - it is a reminder that freedom of communication and expression are so intrinsic to the internet, that any measure curtailing it, whatever the justification offered, must be assessed by the courts. Compared with what is happening with ISPs taking down materials, the decision makes one think about the appropriateness of those take down notices procedure not validated by courts...
3 - I am not as sure as the Commission that net neutrality is not needed; resorting to courts is not the main method within Europe. Harmonisation at EU level should be certain before engaging into a dangerous path
How the desire to control child pornography turns into a piracy/ illegal trade issue...Apparently, upon request of China, computers shifted from the US to China must contain a 'Chinese' filtering software... which code is partly stolen from a US company!
Chinese censorware has stolen code, says US firm (ZDNet.co.uk, 15 June 2009)
update: "US asks China to drop filtered software " (ZDnet.co.uk, 25 June 2009)
Wednesday, 10 June 2009
"Local Version Of China's Great Firewall Now Required On All PCs In China" (TechDirt, 8 June 2009)
Two things spring to mind. Is the fake account doing any harm, for example by impersonating a real life person so well one could not easily guess what was true and false? if so, civil law at least applies and Twitter can delete the account. However, there should be court proceedings rather than threats and bullying.
"La Russa & The AP Claims Twitter Settled Lawsuit... Twitter Sets The Record Straight
"French Law has actually taking the step of making it an offence, with a maximum of one year emprisonment, following a few MPs whose name have been 'abused'. "Loppsi : 1 an de prison pour la fraude à l'identité sur Internet" (Numerama, 27 May 2009)
Then, this affair/case seems a matter of education of people and companies on the internet.
"Lifelock Found To Be Illegally Placing Fraud Alerts On Credit Profiles" (TechDirt)
"So-Called 'Friendly Fraud' On The Rise" (TechDirt 27 May 2009)
"Lawyer: Home Office unlikely to U-turn on hacker " (ZDNet.co.uk, 8 June 2009)
But there may be some hope in the mid-term future: (ex) "Hacker joins US Homeland Security in advisory role" (ZDnet.co.uk, 8 June 2009)
with the following update: "Mitnick: from 'computer terrorist' to consultant " (ZDnet.co.uk, 23 June 2009)
I can't believe people are silly enough to sell on e-bay disks that have not been reformated with complete erasure of data, especially in high-risk domains.
"Des disques durs d'occasion très bavards sur eBay" (JDN, 13 May 2009)
And it is no better when data is not even encrypted like the Royal Air Force's data!
Vols de données dans l'armée de l'air britannique (JDN, 28 May 2009)
"Hacked ATMs let criminals steal cash, PINs" (ZDnet.co.uk, 5 June 2009)
"Judges Divided On Right Of Schools To Punish Students For Mocking Principals Online" (TechDirt, 9 June 2009)
Wednesday, 3 June 2009
Sébastien Darnault (MarkMonitor)"Nous bombardons les serveurs de mails frauduleux jusqu'à les faire tomber" (JDN 2 June 2009)
In terms of criminal procedure it is absolutely essential.
"Info sur le web : Le syndrome inversé de la fille du RER D" (JDN, 26 May 2009)
On a similar note, the explanations about information safekeeping/safeguarding, which is linked with its reliability. "Cycle de vie des données informatiques, du berceau à la tombe !" (JDN 7 mai 2009)
"Ces réseaux sociaux qui résistent à Facebook Sonico.com au Brésil" (JDN, 2 June 2009)
I wonder if their business models are better than those of Facebook. Note though that the Russian internet business man just 'bought' Facebook ...
"If You Rob A Bank, Perhaps You Shouldn't Brag About It On MySpace" (TechDirt 2 June 2009)
Not criminal as such, but interesting about the degree of non privacy (to be expected really):
"Analyzing Labor Data Via Facebook Status" (TechDirt, 2 June 2009) or how the words hired/fired on posting were used to analyse the trend in financial crisis management....
Wednesday, 27 May 2009
But this is as bad as it gets: Google would look at its employees' behaviours to detect those who wish to leave the company... "Google recherche maintenant dans les cerveaux de ses employés" (JDN. 21 May 2009)
Tuesday, 19 May 2009
"Legal Questions About Facebook's Blocking Of Links To The Pirate Bay" (TechDirt 8 May 2009)
"Contrôler un ordinateur par la pensée, est-ce possible ?" (JDN, 15 May 2009)
with more info on http://www.journaldunet.com/hightech/magazine/actualite/la-recherche-met-au-point-l-ordinateur-commande-par-la-pensee/la-recherche-met-au-point-l-ordinateur-commande-par-la-pensee.shtml?f_id_newsletter=1040
"The Rise Of Corporate Identity Fraud" (TechDirt, 11 May 2009)
Baidu, the chinese Google (state owned?), is partly paralysed because of its workers' strike to obtain better pay after a 30% cut, and for some not to be forced to resign to meet increased sale targets with a lesser salary
Le Google Chinois paralysé par une grève (JDN, 18 May 2009)
"El Efecto Streisand As Guatemala Arrests Twitterer" (TechDirt 15 May 2009)
"What is Cyberbullying Anyway?"(TechDirt, 11 May 2009)
The law, especially criminal law, has symbolic aspects. But in no way should it be distorted or used purely on those grounds... Justice is not simply about appearing to defend the victims. "Prosecutors Want To Give Lori Drew 3 Years In Jail For Symbolic Reasons" (TechDirt, 7 May 2009)
"ACPO: Police swamped by CCTV data" (ZDnet.co.uk, 15 May 2009)
and "UK Police Learn That More Surveillance Data Doesn't Mean Better Surveillance Data" (TechDirt, 18 May 2009)
The above obviously should make us think about any type of data mass collection: "Bad Idea: UK Launches Database Of Info On Every Child" (TechDirt, 18 May 2009)
Update: "British Cops Creating Nationwide License-Plate Surveillance System" (TechDirt 22 May 2009)
Thursday, 7 May 2009
"Move Over, Craigslist: Twitter Gets Prostitution Ads" (TechDirt, 29 April 2009)
"EFF Agrees That Copyright In Second Life Is A Mess" (TechDirt, 4 May 2009)
"More Swedish ISPs Decide To Keep No Logs To Protect Users" (TechDirt, 29 April 2009)
The movement is linked with the piracy case against Pirate Bay which is also a party with a seat in the EU Parliament "Swedish Pirate Party may win EU Parliament seat" (ZDnet.co.uk, 6 May 2009). Maybe there'll be a change in policy in the future?
For the origin of piracy, a truely international crime at the time, see "A Look Back At The History Of The Word 'Pirate'" (TechDirt, 30 April 2009) who refers to a SSRN paper "The Framing of 'Piracy': Etymology, Lobbying & Policy" from K. Matthews Dames
"US red tape leaves Conficker on medical devices " (ZDNet.co.uk, 5 May 2009)
The Conficker worm also reveals that the real and most dangerous threat is invisible. This is particularly stressed in the French article where it is explained that the purpose of botnets is not be noticed, to be as invisible as possible even though the damages can be enormous for the person infected or for others not related.
"Forget Conficker — focus on the real threats" (ZDnet.co.uk, 29 April 2009)
Frédéric Guy (Trend Micro)"Nous identifions 800 à 1300 nouveaux virus par heure" (JDN, 20 April 2009)
"Un botnet ciblant les ordinateurs Mac" (JDN, 17 April 2009) with the scale of the threat being minimum given the few users of Apple
"Le zapping de la sécurité (avril 2009)" (JDN, April 2009)
I did it for myself and, having always been careful, I found what I knew would be there. The only odd thing was that there is another Audrey Guinchard living in Besançon (France) with a Facebook page and confusion of identity could be made
"Supreme Court Justice Scalia Given Lesson In Internet Privacy" (TechDirt, 5 May 2009)
Most people are more aware about privacy issues though and are notably conscious that when they use the net they leave tracks easily retrievable... But also most people (60% according to the poll) do not want to sacrifice privacy to security measures, which is quite reassuring and counteracts the Governments' claim that security measures ought to be implemented at whatever costs.
"Sécurité IT : l'ingérence de l'Etat inquiète les internautes" (JDN, may 2009)
- "knowingly transfers or uses, without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, any unlawful activity that constitutes a violation of Federal law, or that constitutes a felony under any applicable State or local law;"
- Identity Theft and Assumption Deterrence Act of 1998, amending Section 1028(a) of title 18, United States Code
The use of a fake identity, again fictional rather than of a real person, let to another story, as sad and distressing as the previous albeit for different reasons. This time, the fake identity led to the recipient of the 'friendship' to commit suicide. The law is indeed powerless as so far ID fraud has been built on the use of a real identity but by another person.
"Congressional Rep Wants To Put Internet Trolls In Jail" (TechDirt, 6 May 2009)
THe two cases certainly raise issues of the adaptability of criminal law. Fraud and ID fraud are offences targeting the use of real identity with the aim for fraud to obtain money. Phishing is just an adaptation to the internet of the traditional means to commit fraud. (see "Facebook fends off two days of phishing attacks", ZDnet.co.uk, 1 May 2009)
The protection of a person's feelings with the use of this false identity was never taken into consideration. Should it with the internet? I would be reluctant to affirm so. The two cases reported here revolve around either immigration issues or the use of internet by children or vulnerable people. The latter is a matter of education: not to take at face value what is said online and understanding that anybody can invent an identity purely fictional like in games or Second Life.
Wednesday, 6 May 2009
"International experts launch anti-cybercrime plan" (ZDnet.co.uk, 29 April 2009): not so international as it may appear as it involves primarily the US and the UK, but at least the Cyber Security Knowledge Transfer Network (KTN), a UK government-funded organisation, is supposed to "liaise[...] between agencies around the world, co-ordinated the formulation of the roadmap". A plan by N. Jones from KTN was published that argues that businesses should be more proactive and important partners in security.
"Building in… Information Security, Privacy and Assurance - A high-level roadmap" on KTN website
Viviane Reding is the European commissioner on new technologies; she suggests to create a European post/job of "internet police/policing officer" so as to coordinate European responses to cyberattacks and develop a strategy to increase cybersecurity
"Un Monsieur sécurité pour défendre l'Europe contre les cyber-attaques ?" (JDN, 27 April 2009)
This very much echoes what has already started in the US, with a change of policy under Obama new presidency, where Melissa Hathaway has already highlighted the new trends in cybersecurity the US will focus on, with notably a multi agencies and institutions cooperation "La cybercriminalité dans le collimateur de l'administration Obama" (JDN, 24 March 2009)
And for France, this interesting article decrypting the French President's promises during the election campaign and their outcomes in 2009. "Sécurité et libertés : les données personnelles en danger ?" (JDN, 5 May 2009). On security, what has been delivered so far is a Report (Livre blanc/White Book) on Defence and Security in June 2008 which highlighted the policies up to 2020 notably in terms of warfare.
In terms of right to privacy, the biometic passport has been launched despite the CNIL (a quango) opposition to it; the obligation for ISPs to block paedophilia websites, and the three strikes law on copyrights infringement. Generally, the CNIL tends to be sidelined as none of its advices has been followed by the Government.