Slashdot Mirror
Cybercrime and Patents in Europe
Hairy1 writes: "The Council of Europe has been working on a Cyber Crime Treaty for some time. The final version is now available, and makes interesting reading." The submitter points out that treaty signers will be obligated to create legislation, as the UK already has, to force people to disclose passwords and encryption keys to the authorities. The U.S. may well sign this treaty - we've participated in the drafting process. On a slightly different note, people are up in arms because the European Patent Office has decided, apparently on its own, that software programs are patentable. Update: 11/09 15:23 GMT by M : A reader sent in this interesting bibliography of the treaty's history.
The Register has a piece on the patents issue here...
Eurolinux goes ballistic over Euro patent 'coup'
The EU recently released a report encouraging business & individuals to encrypt data, as the Americans, and sympathetic governments (UK) can read it via Echelon. Now they are saying that once you`ve encrypted it, you have to give the passwords to...uh, the UK government!
This site details RIP (the Regulation of Investigatory Powers Act (2000)), which has nothing to do with reglation, but with allows unwarrented searches of computer data, without the data holders knowledge or permission.
I'm dubious.
Ok, I'm sure loads of other countries have participated, but it seems to me that this will be nothing but red tape to businesses.
As a citizen of "europe" I have yet to see the EU write one single peice of legislation that a) makes sense, b) actually has an effect other than to annoy people c) does any good. d) doesnt cost tonnes of money for sod all.
Don't get me wrong, I'm glad government are trying to get a hand into formalising these sorts of things, but what we really need is competant people advising them. I mean, look at what incompetance in these matters gave us the last time.
I won't hold my breath.
"So there he is, risen from the dead. Like that fella, E. T." - Father Ted Crilly
but a software implementation of an invention does not render the invention unpatentable either.
All this latest directive does is clarify that an implementation in software has no effect on an invention's patentability: If you could get an patent on a method for doing something by using LEGO bricks, you could likewise get a patent on a method for doing the same thing using software.
What's the big deal?
Tarsnap: Online backups for the truly paranoid
On November 13 the EU Parliment will vote on the the proposal for a European Parliament and Council directive concerning the processing of personal data and the protection of privacy in the electronic communications sector
:)
Read the report here . If passed it would make it illegal to idenitfy users on the internet without their permission. Keep your fingers crossed.
Not all things that come out of the EU are bad. Belive it or not
If software becomes a patentable, er... commodity, what implications will this have for free software? Will the length of legal disclaimers attached to code eventually be greater than the code itself?
And everyone fighting against encryption... it's a losing battle. "Criminals" don't exactly pay attention to "the law", and if they're not completely braindead and know that a given piece of encryption software is crippled by the fact that the government has the keys to the backdoor, don't you think that they'll either use something else or maybe just not incriminate themselves via any digital media? Law-abiding citizens are the only ones that lose here, unless you like the idea of every Jane Government sticking their nose in your business whether you've done anything wrong or not.
On the bright side, if software becomes patentable, maybe this will strengthen the notion of Code As Speech in the US courts? I sure hope that the US legislators in charge of ratifying this bill (are there any? what body would be in charge of this?) runs this by the RIAA and MPAA before they sign it.
Easy does it!
This comment has been submitted already, 276865 hours , 59 minutes ago. No need to try again.
The US didn't help write the treaty. The US DOJ wrote the damn legislation. This is what is called "policy laundering" in Washington. If you can't pass the surveillance powers you want in the US, just shop the same provisions around in a treaty in other countries.
So, what can we (EU citizens) actively do?
I've already signed the EuroLinux Petition
Maybe a membership with FSF Europe?
What else? Find politicians that'll listen?
Look, They can regulate to their hearts content on transmission of stuff over the internet, But How the Heck can they now tell me my computer, and notably the hard drives, are subject to search and seizure , and that I am REQIRED to protect the information they want on MY OWN PROPERTY.
Don't get me wrong - child porn is bad, But taking away my rights to my own property is NOT the way to stop it. By all means, monitor for child porn, nail the ftp sites that hst it, but stay the hell away from my hard drive.
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
I thought the U.S. had decided a few centuries ago to do without European legislation. I suppose I was wrong, as it appears that the U.S. Federal Government is now using the European federal legislative body to create law here in the U.S., via treaty.
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
You would think that a law like this would violate everyone's '5th Amendment Rights':
nor shall be compelled in any criminal case to be a witness against himself... full text.
Being force to disclose passwords to authorities, IMHO, would be equivalent to testifying agaist yourself...
Looking for any old 8-bit Heathkit/Zenith software/hardware - http://heathkit.garlanger.com
According to the EuroLinux article,
Patenting mathematics is outright crazy. It's the same sort of crazy that allows the patenting of software, but in the past one could always say: patenting algorithms is like patenting mathematics, and thus clearly nonsense. reductio ad absurdum has come along and bit us all on the arse.Trying to imagine a world where mathematics is patentable is both hard and disturbing. Can you imagine if only licensed physicists were allowed to use Hilbert space theory? If one needed to pay a levy every time one used Shannon's law to help design a product? Where would we be if the finite element methods could only be applied to engineering analyses with the blessings of its creators?
How much mathematical progress would be made, if every mathematician had to check whether the work they were building on was patent-encumbered? If every publication had to first get the approval of some patent holders, with the possibility of a required payment?
It quickly gets surreal. Many statements in mathematics are equivalent when viewed in the appropriate fashion. Many too are based on certain sets of axioms. What does patentable mean when viewed in this light?
This to me is a clear sign that extreme IP advocates have just completely lost the plot.
This Wired Article makes interesting reading. It gives the impression that the preasure to alter Europes (mainly very strict) privacy laws has come from as high up as Bush Himself
As we all know, wherever America goes, Europe gets dragged along kicking and screeming!
However, I definately couldn't imagine the Duch or the Danes going along with such draconian anti-privacy laws, even if we in the UK seem complacent about our privacy and rights.
Anyone quoted by a reporter knows how little they understand
Don't believe what you read is the truth.
How will that help?
So you get your crypto written in a non-signatory country, so what? You still live in a country that's signed the treaty and acted on it, you still have to hand your keys over.
The only ways to avoid this are to emigrate, or to make sure it never becomes law.
Cheers,
Tim
It's official. Most of you are morons.
First, remember that the Council of Europe is not the EU. It doesn't even have the same members. Just because this organisation passes a stupid law, doesn't mean the EU is evil, and doesn't mean the EU is contradicting itself.
Second, the Council of Europe didn't write this law, the US did; as such, I wouldn't expect many (if any) continental EU countries to sign it, especially considering it may contradict some of their EU responsibilities and they'd rather be part of the EU than pass this law.
Third, if they somehow did pass this law, we could always create a country in Antarctica.
Sorry, I dont want to sound like flame-bait but I must chukkle at your nievety! (sp)
The 5th amendment only applies in the US!
If the US applied its own laws (including the 5th amendment) to other citizens of the world then maybe the US wouldn't have such a sh*te forign policy. (And I didnt say anything about Afghanistan!)
My main point however is that the US uses this to its advantage.
Since it is illegal for the US gov. to spy on its own citizens, it gets the UK to do it for them.
Since it is illegal (atm) for the UK to spy on its citizens it gets the US to do it for them.
They then simply swap the information.
And no I haven't been reading alt.conspiricy! This was mentioned in the European parliments report into ECHELON.
Anyone quoted by a reporter knows how little they understand
Don't believe what you read is the truth.
and how would that work with the right to refuse self incriminiation?
2 1337 4 u!
Thanks for the links!
It does appear though, tbat this is a copyright issue rather than a patent one. Copyright has long been applicable to mathematical papers and diagrams (for good or ill), and has far less damaging potential consequences than patenting.
This is the most brilliant slashdot comment I've seen all year. If I had any modpoints right now I would surely spend them to mod this up.
Bryguy
microsoftword.mp3 - it doesn't care that they're not words...
All patents are 'strings of numbers'. That is, all of them can be represented as data. (otherwise a patent database would be kind of difficult, eh?)
Genetic patents are patents on 'strings of numbers.'
Even most devices nowadays are designed using CAD type tools, meaning that they are simply strings of numbers as well. The fact that something can be represented numericaly dosn't really have any baring on anything.
autopr0n is like, down and stuff.
*Bangs head against the wall*
And what makes you think that every country in Europe has laws to protect self incrimination!
Example: The police "miranda warning" in the UK
Then the police will start asking you questions and "putting you on the spot"
Now tell me America, Where is my right to silence and my right to not incriminate myself!
Anyone quoted by a reporter knows how little they understand
Don't believe what you read is the truth.
Best Practices says that if your password or keys are compromised, you need to change them as soon as possible.
Or we need to develop an "under duress" password capability that destroys the data if used.
Whoops, I gave you the wrong password. My bad.
Except patents last for 17 years, while copyright lasts for 75+life of author.
__
Do ya feel happy-go-lucky, punk?
Gee, sorry, I can't seem to remember it. Contempt of court? Fine. Hey, charge my company while you're at it, they're the ones who make me change it every other month and never write it down...
To be honest.. I find the whole RIP bill disgusting.. It's a complete violation of your privacy.. but saying this is nothing new and I won't go there..
One things i've noticed though, is the amount of UK ISP's (Freeserve, AOL to name two), to me, seem to be abusing their shadow proxies (cisco cache engines I presume)..
For, whilst using AOL or FreeServe, you try and telnet to _any_ outside mailserver on port 25, you get their mailserver. It's actually _impossible_ to get to any other SMTP service whilst dialled-up with one of these ISP's.
Now, sure this could be because they're attempting to optimize their network, but on the other hand, they could have their SMTP relays configured to store/cache messages locally - ideal for RIP bill investigations..
Scary thought..
"Never let the truth get in the way of a good story..."
Copyright has long been applicable to mathematical papers and diagrams (for good or ill), and has far less damaging potential consequences than patenting.
Except that copyright is growing both in duration and scope.
It states:
Article 3 Illegal interception
Each Party shall adopt such legislative and other measures as may be necessary to establish as criminal offences under its domestic law, when committed intentionally, the interception without right, made by technical means, of non-public transmissions of computer data to, from or within a computer system, including electromagnetic emissions from a computer system carrying such computer data. A Party may require that the offence be committed with dishonest intent, or in relation to a computer system that is connected to another computer system.
Given the number of organisations that the UK government is planning to give access to your IT data under "anti terrorist legislation" (eg Guardian article), this will surely require some tricky legal manouvers to get every man and his dog working for the government classed as "with right" to intercept?
Also, what it'll be interesting to see how the data that the ISPs are being told to collect for "anti terrorist" means will be classed as "with right" to intercept, given the provisions in the human rights act on privacy...
This post will enter the public domain 70 years after my death, unless Disney buys another extension.
I find precious little evidence that the US PTO wants to improve its handling of patents. It seems to be rathe a case of, to paraphrase a Bell executive, "We're a monopoly, we don't have to care."
Experience can't make up for lack of interest in quality. And that's what the US PTO has been exhibiting to increasing degree the last couple of decades (possibly longer, judging by earlier reports, but I wasn't watching then, so I can't tell whether or not this is just a continuation of a longer trend).
This is only to be expected. Monopolies, whether commercial or governmental, tend to develop in the same way. Expect things to get worse. The only way to really improve something in this mess is to adopt the "waterfall development model" and start a new design from scratch, based on what has been learned from the prior design.
I think we've pushed this "anyone can grow up to be president" thing too far.
First, governments cooperate on creating a treaty with provisions that would never pass muster with the folks back home if they tried to pass it directly. Once signed, they then work to pass laws implementing the treaty. If people complain about the provisions, the lawmakers disclaim responsibility, saying they have to do this to comply with the treaty.
It HAS happened and It DOES happen, EXACTLY like this. Let's not get fooled again.
Ooh, a sarcasm detector. Oh, that's a real useful invention.
Yes, but if there is a diagram that is useful to explain or understand a subject, or there is a paper which explains it well, but they are copyrighted, you can redraw the diagram or rewrite the paper. You cannot copyright ideas only implementations. If they are patented then you cannot.
The legal theory behind this law is that the encryption around a file is equivalent to a safe holding a document. If the authorities have a warrant to search the contents of that safe (or the contents of that location, for that matter), they will ask you for the key.
The difference is, of course, that if you don't give them the key, they can cut open a safe. With data under a high level of encryption, they can go spit. So instead, a judge issues an order requiring you to disclose your password, and if you refuse, you're held in contempt and jailed indefinitely. Never mind the conflict with the 5th Amendment; they want to search your (virtual) personal papers, and you aren't allowed to stop them.
(As an aside: The FBI wanted passwords to files they got from Kevin Mitnick's hard drive, the last time they caught him. Mitnick refused to provide them... But on Mitnick's release, the judge ruled that Mitnick couldn't have his files back, since he couldn't prove they didn't contain pirated information. I'd call it a violation of 4th Amendment rights.)
As to whether such a law would hold up in court, for that we'll just have to wait.
What effect might this have down the road on the few countries like Bulgaria where neither the culture nor the law recognizes things like copyright protection? If one of these countries wishes to join, what laws will be imposed upon them?
For your security, this post has been encrypted with ROT-13, twice.
It may be a felony to pertend to be a government official, but for a government official to exceed his authority is usually quite safe. One would only be in danger if one's superiors wanted to "get" one for unrelated reasons. (Or if it became a political hot potato.)
And leaking information is almost never sucessfully prosecuted.
I think we've pushed this "anyone can grow up to be president" thing too far.
By Steve Gold, Newsbytes Special to the E-Commerce Times January 14, 2000
Unconfirmed reports circulating on the Usenet suggest that the U.S. government is working with the European Union (EU), Japan, Canada and other countries, including South Africa, on a draft cybercrime treaty that would try to ban hacking and Internet eavesdropping utilities.
Interesting how only the powers that be should now be allowed to eavesdrop and crack into computer systems, even though they're so intent on making it illegal for everyone else.
It's too bad that we have to trust a bunch of mostly technologically uninformed politicians to draft law these days. I'm sure their intentions are all good in trying to prevent terrorism, but sadly they've been duped, like much of American society, into believing that government can provide us with safety and security in all aspects of life. Unfortunately, in this effort to provide a safe and secure country, our liberties are getting trampled on in the process.
if they somehow did pass this law, we could always create a country in Antarctica.
Where? Big sectors of Antarctica are claimed by countries (some from the Southern Hemisphere, but also many EU countries). They are held back because of the Antarctic Treaty, but if the treaty is broken, these countries are going to claim First Post! And they (at least some of them) have the resources to back their claims.
__
Men with no respect for life must never be allowed to control the ultimate instruments of death.
GW Bu
Two points here, both similar:
When the patent is granted for an algorithm, the public patent documents will reveal the algorithm in some form, maybe source code. That's the deal with patents. The inventor reveals their "secrets" in exchange for a limited-term government-granted monopoly. You can't infringe on the patent unless you apply the algorithm. In fact, if you can figure out a way to apply the algorithm to solve a problem not covered in the original patent, you can get your own patent for that new application.
The California appeals court ruled that source code is protected free speech in much the same spirit. Source code is protected speech for purposes of discussing the algorithm. Is it efficient? Does it have weaknesses? They did not rule that it is legal to compile the source and execute it to (in the DeCSS case) decrypt a DVD VOB.
is bad now, if the White house had gone up it would have been Martial Law in the US. With the military partolling the srteets, curfew, travel papers and all..
errr....umm...*whooosh* *whoosh* Is this thing on ?
That's funny. I was thinking that a power vacuum, US military, or UN martial law would provide a good opportunity to prosylatize Christianity and educate women with impunity. Free DVDs were pretty far down on the list.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Of course, the authorities may have already backed up your data. And the new password can be compelled out of you by various means. (So-called "rubber hose cryptography", as in, "We beat the password out of him with a rubber hose.")
So you use a cryptographic filesystem that has several passwords. One retrieves mildly incriminating data, and another one gets the real data. So you can look like you complied but it doesn't do them any good.
Available for Linux 2.2, *BSD ports coming along.
PHEM - party like it's 1997-2003!
In the UK you must provide the decryption key upon being presented with a court warrant. Providing the unencrypted text is not enough, they may force you to hand over the key (which, unfortunately, also allows law enforcement to read all past communications encrypted with that key and not just the communications covered by the court warrant). If required to turn over the encryption key for someone else (eg a boss for an employee) you may not tell the person that uses the encryption key you have revealed it to law enforcement or you face 5 years in jail. This is called a 'tipping off offence'.
As for the EU patent office, they are typical of EU beaurocracy gone mad. The UK had already decided against software patents. I hope we see more software groups lining up behind the EuroLinux call.
Phillip.
Property for sale in Nice, France
The important point here is that the definition has nothing to do with physical devices. Of course, most computer languages can be understood by particular physical devices (electronic computers), but that is not required--and it only came about later. Even after the advent of electronic computers, some computer languages were still being invented for the purpose of communicating with people. Two good examples illustrating this are APL and MIX.
APL (A Programming Language) was invented by Ken Iverson, a Harvard mathematician. His sole purpose was to have a good way to describe algorithms to people. Physical computers were not even a consideration. Later, other people thought that it would be a good idea to implement the language, and interpreters for computers were crafted, but that was strictly secondary.
MIX was invented by Don Knuth, a Stanford mathematician. His primary purpose was to have a "formal, precise way" to "present the various techniques" detailed in his book Art of Computer Programming (I'm quoting from the preface). Although algorithms described in MIX could be executed on a (idealized) computer, Knuth's primary purpose was communicate to people.
Both these languages are intended to be used to describe algorithmic calculations, but not all computer languages need do this. Prolog is an example, where you just describe the input and output of the program (e.g. input "a list" and output "an ordered list", where "ordered" means "i LE j implies list[i] LE list[j]"), without necessarily describing how to calculate the output. And Prolog was invented primarily to be executed on a computer.
If an algorithm is described in English, then plainly, there are free-speech protections. What if Esperanto were used? Again, free-speech protections should apply, but note that Esperanto is an artificial language. So, I think that the same provisions should apply if the language is APL or MIX. From there, we surely get protection for Prolog, Java, C, etc.: all human-readable languages.
Has this line of reasoning been used in the courts? If not, why?
So all we need now is for Sadam to launch a Nuclear missile and a massive fire to wipe out half the planets petroleum. Maybe then the U.S. will stop behaving like big babies who are in fear of losing their toys!
Never underestimate the dark side of the Source
I am guessing that you are a UK citizen. Unfortunately certain sectors of the UK press takes a delight in printing "Brussels demands straight bananas" type stories, and don't report all the other things the EU is doing.
Indeed, it is a tradition of the UK press to be vigourous investigators of what those that pass laws are really up to. Just recently the head of the Scottish parliment had to step down for taking money for renting out office space that was being paid for by the government and pocketing the money. Unfortunately the EU has had a lot of problems, nepotism, cronism, fraud, embesslement etc etc and the only really positive thing is the single market, which seems to be more the product of individual governments than the EU apparatus. As for the single currency AKA the Euro, that has lost >20% of its value against the US Dollar since its launch, which means your money is worth less. Having chatted with bankers before the launch of the Euro, they said it would gain value, whenI explained why the Euro was sure to be weak they laughed at me, so thats International Bankers 0 (except the guys at UBS-Warburg, they were as thick as pig shit, they get -666 Troll), analytical geek 1, then look at how the decisions of the European Central Bank are made, in secret, with representives of different countries saying different things to the press/market, you only have to look at how one member was saying earlier this week that there would be no base rate cut and then there was one, do you think anyone is going to have confidence in this sort of doubletalk? No, obviously not. Then look at some of the EUs other policies, like the CAP (Common Agricultural Policy) which has kept ineffecient farmers afloat by giving them subsidies and kept out cheaper imports from places like Poland, thus helping to keep the former Eatern Bloc dependent on basic commodity trading and organised crime to make money, then there is the Common Fisheries Policy that has helped drive down the fishing stocks in the North Sea to unsustanable levels while not punishing those that catch undersized (i.e. immature and therefore non-breeding) fish thus helping to kill the fishing stocks even further. Then there is the "democratic deficit", i.e. the fact that only the European Parliment is elected and not the Commission hence alot of the corruption and other misdeeds. I personally can't see the point in it at all, just another layer of petty beurocrats, if you can point to one important thing the EU has acheived I'd love to hear about it, and by important I mean life changing in a positive way. Each country has its own legal system, its own style of government, and in many cases its own language.
You hit the nail on the head there. To have a unified system, you need to start at the bottom, with language, unfortunately that is politically unacceptable (do you remember when English words were banned by the French?), so they build on quicksand instead. At some point people will start to use the differences in language to drive trucks through some of the laws, and I will laugh my arse off.
I do business between various EU countries so I aware of the issues.
Yeah the most fun one I have come across is regarding having paid VAT (Value Added Tax) on a boat that I sailed across to Holland, if you do not produce a VAT receipt they impound your boat, if the company you bought it from is no longer in business and you don't have the receipt pay up or get impounded, repeat until made bankcrupt.
The EU is doing a good and necessary job easing trade and legislation between all the countries of Europe.
Yeah, I mean it's not like the WTO is there as a global organisation to do that.
- aren't you forgetting, for instance, the introduction of the Euro as the principal currency of most of the EU countries in just under two months time? That a) makes sense b) will have a profound effect on trade in the EU c) will greatly improve ease of trade and competitiveness and d) will greatly lower administration overheads and costs for nearly inter-EU trade.
The Euro is transfering risk of exchange rate fluctuations from companies doing business inside Europe to the EU as a block, before if one country was doing badly its exchange rate would be affected, now it affects everyone else, as there is no real accountability this can go on and on taking the life out of the Eurozone economies by hitting confidence that anything will be sorted out. If you wanted to do the project right, you start from a common language, then common laws created by forming a "superstate" and doing away with national democracies, having common tax, defence, and foregn relations policies, common defence and common currency, if you did that, it would work. Right now we have already seen the strains that Ireland and Italy have had on the project and it's not looking good. As there is no strategy or unwinding the Euro as a currency and going back to national currencies it means there is no way out, if the markets get fed up of the BS coming out of the EU and the Central Bank the currency could take a nose dive, imagine if the Euro was worth the same as a Rupee, how would that hit you? The EU was borne of protectionism (it was originally about protecting coal and steel industries) and the Euro was borne out of political fudging (the Euro was originally drafted as a "common currency", Maggie Thatcher got some things changed in the negotiations for the Treaty and for that some other leaders changed "common" to "single" for the currency, so instead of just having a common currency that could be used as alternative to national currencies it became a single one that all had to bow down to).
Any sufficiently advanced man is indistinguishable from God