Yes, they do, which is precisely the problem here.
Also apparently applies to Canada, Australia, and New Zealand, then. Doesn't sound very coercive; does anyone see New Zealand pressuring the UK into an unequal extradition treaty? It looks more like a special provision made for some major former English colonies. Heck if I know, though. As I said, it's not really surprising if treaties aren't always perfectly balanced.
Anyone care to try posting some images from Getty on Wiki....?
Feel free, as long as they're verifiably slavish copies of out-of-copyright works. Wikimedia's stance on the issue is crystal-clear, no one will delete them. There are already some Getty images on Commons marked as public domain, like this portrait of Shakespeare.
It would be a lot more work for me to manually type the text from an old KJ bible than it would for me to write an article on the history of that bible. Doesn't make the former more worthy of copyright than the later.
I'm seriously torn here about whether I support the museum or the little guy. I don't think anyone would argue that the original pictures are in the public domain but that isn't what is being shown on Wikipedia, what is getting shown there is a photograph of a public domain work. I think it's fair to argue that a non-trivial amount of work went into taking these photographs and therefore they fall under copyright legislation.
It's fair to argue that they should. But in the US, at least, you can't argue that they do. The Supreme Court has explicitly held that copyright is for creativity only, and effort or technical expertise are irrelevant. (In the UK, it's more arguable.)
Photographs of Public Domain works are not copyrightable under US law. This is a special exception to the general rule concerning copyright and photographs, and only applies to works in the Public Domain. In the specific case of Public Domain works, photographic reproduction of the works is treated as a mechanical process, and not a creative process (the way photographs are normally treated under US law).
This isn't a special exception, it's an application of a general principle: in the US, a work can be copyrighted only insofar as it's at least minimally creative. The biggest general precedent here is Feist v. Rural. So when you do something technically very demanding, but uncreative, you get no new copyright.
If you reproduce ("slavishly copy") a work that was copyrighted by Bob Smith, then your reproduction is also copyrighted by Bob Smith, not you. If you reproduce a work that was in the public domain, then so is your reproduction. The reproduction always has the same copyright status as what's being copied, in all cases, as long as it's a slavish copy.
As I stated in another post, the most fair and equitable solution for all sides is for Wikipedia to remove the high-res versions and replace them with the still high-quality but lower-res versions offered to them for 'Fair Use' by NPG.
Everybody wins, no courts or ambulance-chasers need to be involved.
No, someone has to lose. Either the NPG has to lose a revenue stream they thought they'd get, or anyone who wants high-res images has to lose the ability to get them for free from the Wikimedia Commons. There's no way for everyone to win here.
You miss GP's point. The problem isn't that UK will extradite people to Iran (it doesn't). The problem is that UK will extradite people to US, because US demanded that, and a corresponding treaty was signed; however, US will still not extradite people to UK. That's where the hypocrisy is.
There is no policy that "the UK will extradite people to the US" or "the US will not extradite people to the UK". Extradition treaties have all sorts of provisos and lots of executive discretion.
Extradition is not about arrogant countries forcing others to enforce their laws. (At least, no more than any international agreements are coercive.) It's about countries that are friendly and cooperative working together to allow crimes to be prosecuted by the country that was most affected. America doesn't and can't force any country to extradite anyone. I can guarantee you that Iran doesn't extradite to America any more than the reverse.
The UK does not always extradite to the US. Look at David Carruthers or Peter Dicks. Both are UK citizens, whom the US wanted to prosecute for violating US law. How did the US do so? By arresting them when they entered the US. They weren't extradited — probably because the UK would have refused, since they did nothing that was illegal in the UK. By the same token, as far as I know, the UK will not extradite anyone who might be subject to capital punishment.
On the other hand, the US sure does extradite to the UK. We have an extradition treaty that we're required to comply with. If maybe the terms differ between the US and the UK (do they?), well, that's politics for you. When you have to compromise over a range of issues, the result isn't likely going to look perfectly coherent on any specific issue. If the UK was more generous with extradition, it probably got some other concession from the US in exchange.
I seem to recall that people from the UK have been extradited to the US and charged, for things they did in the UK that the UK authorities decided were legal (or at least things that they should not be prosecuted for).
Those are not the same thing. Just because a particular crime isn't so important to you, and you aren't willing to invest resources into prosecuting it, doesn't mean you have any reason to be uncooperative if someone else wants to prosecute it.
And a certain Russian programmer was arrested and jailed in the US for things he did in Russia that were legal there... remember that one ?
Because he entered the US. Every country can prosecute someone who enters its territory, modulo diplomatic objections from their home countries. Travelers can decide whether they want to take that risk or not. But Russia would not have extradited Skylarov to the US, and nor should the US extradite Dcoetzee to the UK (if it comes to that, which I doubt).
I'm wondering why this is different to the music mess caused by allofmp3; everyone was so upset that the Russians system was different and against "our" laws.
It's not really different. In both cases, you had a site hosted in country X that was providing content to users of country Y in violation of the laws of country Y (but in compliance with the laws of country X). In such a case, country Y has a few options: they can block the site, they can try to get cooperation from country X, or they can prosecute anyone involved who sets foot in their territory. AllOfMP3 was eventually shut down, primarily by the second method.
Of course, in this case some people's sympathies are with the opposite side as in the other. But that's not really any more inconsistent than supporting one law and opposing another within the same country. The analogy is legal, not moral.
English law sides with you, and the gallery, American law sides with Wikipedia.
To be precise, there's no clear precedent in UK courts, and nobody's quite sure how the claim would play out in the UK. At least as far as I can gather. Of course, NPG and their allies will say that UK law is on their side, if there's any doubt.
Who (by his own admission) committed acts that are a crime in the UK as well as in the US. Different story. He's already subject to penalties by the British government for what he did. The only question is who gets to punish him, not whether his actions were illegal in the first place.
Actually all this begs the question of what typographic controls are available? Can one access things like contextual ligatures and the ssalt## (stylistic alternates 1--20) tags?
This is all Greek to me, but my impression is "Not yet, but we're thinking about it." The recent www-style thread "advanced font features in CSS" seems to discuss this kind of thing. Not that I have the faintest idea what the features being discussed are.
Being able to embed "@font=sexagesimal.ttf" (or whatever the syntax is) would be very handy, but not if we're forced to convert our ttfs to Microsoft's worthless alternative format.
It's trivial to do with open-source utilities, such as ttf2eot for Linux. Not a big barrier, just serve both formats.
This isn't about protecting copyrights on fonts, its about Microsoft making sure IE isn't quite compatible with every other browser, and making sure we have to use their tools if we want anything to work on their dominant platform (and, if history is anything to judge by, eventually buy a license to do so).
(The only bit that's not an open standard at this point is MTX compression — Microsoft doesn't hold patents to that, Monotype Imaging does. Monotype has said they're willing to license them in a GPL-compatible fashion if browsers are willing to support the compression as part of a web standard [it looks like they're not]. In any event, you can ignore that if you're only encoding the fonts, not decoding: just don't use that feature.)
The reason to object to EOT is things like RootStrings. But again, you don't have to use those if you don't want to. One major contender for a future web standard all browsers are willing to support is some form of "EOT Lite" that's EOT with some objectionable features removed.
The web page in the example really has no place specifying the exact font which should be used, as people with visual impairments, people with low-res portable devices, or people whose native language isn't based on a latin script, might have extreme difficulty reading it.
That's ridiculous. You may as well say that sites shouldn't specify colors, because people who are color-blind might not be able to read it. We shouldn't cripple content served to typical people for the benefit of tiny minorities. We should just make sure that those minorities can adapt their browser to get things to work for them.
Someone who doesn't like web fonts can disable them. Not so easy if the fonts are hardcoded into bitmap images or Flash, which is how non-standard fonts are used today.
Now the real problem is largely solved but these font weenies are still coming-up with crazy schemes to make text look a certain particular way and it is pretty ridiculous the amount of effort that has been spent over the years on this with schemes that end-up only working for a few short years before something new shows-up on the horizone when for the most part electronic text is about information rather than the appearance. Don't try and tell me that this is simple until you look up EOT.
I'm not sure what you're saying here. EOT is a very thin wrapper around OTF, it doesn't deserve to be called a font format. You can read the EOT spec yourself: "FontData points to a TrueType or OpenType font whose format is specified in The Open Font Format (ISO/IEC 14496-22)." It just adds some metadata, some obfuscation, and optionally MTX compression.
If Adobe had their way, we never would have seen TrueType and you would have to pay $100 for every typeface and each would have to be installed on only your machine. Of course, it would look very good. If MS had their way, everything would be TrueType and you could only use the fonts that come installed with the OS, and any extra would be excluded at the OS level... and they would all suck.
Adobe and Microsoft are on the same side here: in favor of a font format with as much protection for authors as possible. Microsoft is siding completely with the font foundries. They're opposed by Mozilla, Apple, Google, and Opera, who have all implemented support for raw TTF in their browsers and don't think another format is necessary to protect font authors' interests.
Net result? If MS adopts @font-face for IE, game over (in a good way), and we will see a flowering of online type design. If MS drags its heels on this, @font-face could die on the vine, and we'll be stuck with Arial, for a VERY long time.
IE has supported @font-face since IE4. I.e., for twelve years. It works perfectly fine in practice. You just need to provide two separate rules, and two separate font files: one in EOT format for IE, one in TTF for everyone else. IE implements CSS 2's @font-face, which was dropped from CSS 2.1, while the others implement CSS 3's version, so probably IE doesn't have as many web font-related features. But basic support is definitely there. So yes, you will be seeing web fonts used, I pretty much guarantee it.
Why is font licensing any different from image licensing?
Because Microsoft refuses to implement raw TTF support, for the sake of font foundries. If Microsoft didn't care, there would be no discussion: we'd just all use whatever preexisting format was most convenient. But now everyone has to actually care what the font authors think, because Microsoft says so. At least if you hope to get a single interoperable format, and not have to serve EOT+TTF forever.
FWIW, some Microsoft employees have said they think images should also have had some sort of impediments to casual unauthorized reuse, but it's obviously too late for that. You can read all the gory details if you go back through the www-font archives. There's been lengthy but scattered discussion on www-style too, including a gigantic thread just a month or so ago that moved to www-font when fantasai complained that it was off-topic.
I followed all the discussion for a while, but it's clear at this point that no one is going to agree on a format in the immediate future. The non-Microsoft browser vendors in the discussion (mainly Mozilla and Opera) seem content to take a wait-and-see approach. Meanwhile, none of the browser vendors have given a completely unambiguous statement of their requirements, so we don't know if there's even any common ground for a shared format even in principle. There seems to be the potential for agreement on a format that's obfuscated enough not to work out-of-the-box if you dump it on your desktop, plus served with same-origin restrictions by default. But the details have to be worked out, and nobody seems to be doing that.
So I don't foresee anything actually happening unless a rep from each vendor is locked in a room and they aren't let out until they shove a completed specification with all their signatures on it under the door. For now everyone will just serve two font formats.
I believe that this is fundamentally mistaken. This seems to be a commonly shared error among the Slashdot commentators on this thread. It requires us to respect _British_ copyrights as valid. It's part of a treaty: it requires that the US respect UK copyright, and vice versa.
Okay, well, you're wrong. I'll quote from the treaty itself Article 5(2):
Consequently, apart from the provisions of this Convention, the extent of protection, as well as the means of redress afforded to the author to protect his rights, shall be governed exclusively by the laws of the country where protection is claimed.
If you're claiming that an American is violating your copyright in America, your claim is governed exclusively by the laws of America.
Even if this weren't enough, the Berne Convention as ratified by the United States is not self-executing. According to 17 U.S.C. Â 104(c), "no right or interest in a work eligible for protection under this title may be claimed by virtue of, or in reliance upon, the provisions of the Berne Convention or the adherence of the United States thereto."
Our obligations under the Berne Convention have been codified, and only the codified law may be cited in United States legal cases. The codified law (Title 17 of the United States Code) makes no mention that copyrights from foreign nations that would not be recognized under United States law are valid. It sets out essentially the same requirements for foreign and national works to be copyrightable. Works not original under U.S. law are not copyrightable here. That was part of Bridgeman's decision:
Section 102(a) limits copyright protection in relevant part to "original works of authorship . . .." Accordingly, there is no need to decide whether the Berne Convention adopts any rule regarding the law governing copyrightability or whether the treaty power constitutionally might be used to extend copyright protection to foreign works which are not "original" within the meaning of the Copyright Clause. Congress has made it quite clear that the United States' adherence to the Berne Convention has no such effect in the courts of this country.
The judge clearly states at the beginning of [26] that the question of copyrightability under British law is moot. It makes no difference to copyrightability in the United States.
We absolutely do _not_ want to open up the idea that by simply publishing on the Internet from a country where the material is not copyrighted, once can ignore copyright altogether. While there may be social benefits, serious amounts of international trade would get screwed up. I can't see leaving that can of worms open, instead.
That's not the alternative. The alternative is saying that someone sitting behind his computer in the United States cannot be penalized for doing something that's legal in the United States. That would not result in any chaos. Each country could still ban activities within its own borders — but not outside.
The Bridgeman versus Corel case is fascinating. I'd like to review that in more depth. That's a _much_ more interesting set of issues related to this case than merely whether the Berne Convention applies, which I'm pretty confident it does.
If you had read the decision (which isn't very long), you'd know it doesn't, because the entire beginning of the decision explains why it doesn't. Although again, IANAL, and perhaps I'm hallucinating. If so, enlighten me.
Not at all. The only excessive step is making sure it's removed from all other computers that downloaded the images, and as the violator of copyright, that seems a very normal step to demand, and insist that the defendant at least attempt within the available means.
Well, I'd say it's "excessive" to make demands that are literally impossible for the person you're talking to to fulfill. The only part of their demands he could actually do would be to delete the images from his own hard drive, and not do it again. He cannot delete the images from the Wikimedia Commons, so I'd have to say it's pretty unreasonable to demand he do so. (Except that they probably didn't realize he couldn't.)
They're being cautious, certainly because reaching overseas through the Berne Convention makes it more expensive and difficult, and because they are, in fact, a non-profit educational organization.
The Berne Convention doesn't affect this issue, to the best of my knowledge. It requires that America give British works the same rights as American works. Since American works of this sort would be public-domain, America doesn't have to respect British law to the contrary. Bridgeman v. Corel explicitly noted this: "In most circumstances, choice of law issues do not arise under the Berne and Universal Copyright Conventions. Each adopts a rule of national treatment."
I certainly think they're being cautious because of the difficulty of international prosecution. Because they're an educational organization — well, maybe. Plenty of ruthless educational organizations out there.
They don't want to interfere with Wikimedia: they just want to protect their assets, and they have a legal right to do so.
You mean, they have a legal right to prevent an American in America from downloading images from their website in accordance with American law, and uploading them to an American-owned server in America also in accordance with American law? Well, maybe. The other server was in Britain, and under British law he (allegedly) violated their database rights, etc., by the mere act of downloading the images in the first place. I don't know what sorts of treaties we have with Britain (IANAL of course), so I don't know whether a judgment under British law would be binding here.
It would open up a can of worms if I could be prosecuted for breaking the law of a country, merely by accessing a website hosted in that country in a manner illegal there. If I, from America, accessed a neo-Nazi website hosted in Germany, could I be extradited to Germany for breaking German law? That sounds pretty scary to me.
It's bad enough to expect me to know the laws of my own country: am I supposed to know the law of every country whose websites I'm accessing? How do I even know what country it is? Some sites serve different parts of their content from different countries, like static files from a nearby CDN and the page content from a more distant server.
I know America sometimes arrests people who market gambling sites to Americans. That's scary too. But it's slightly better: at least they don't try to get the owners extradited. Probably because the other countries would refuse. I'm hoping that the same would apply here.
It's interesting to note that Bridgeman v. Corel also involved Brits suing Americans. It not only held British law made no difference to the case, but also that the copying would probably have been legal under British law as well. It only considered the question of copyright infringement per se, however, not the other issues that NPG brings up like database rights and breach of contract, at least AFAICT.
Ithey ask for (almost entirely) reasonable steps to avoid the lawsuit
They may not realize it, but the steps they ask for are impossible. Even if Dcoetzee wanted to, he couldn't "permanently delete" images, even if he's uploaded them. He was a sysop at the time of the request, but a) sysops can't permanently delete anything, only hide it from the public; and b) policy would prevent him from deleting the images. If he tried, he'd just be desysopped and they'd be restored by another sysop.
Now he's no longer even an administrator. He was temporarily demoted while the implications of this threat play out. It's even more obviously impossible for him to comply with their demands now.
The fact of the matter is that the only ones who could delete the images are either the Wikimedia Foundation, or the Commons community by discussion and vote. No individual user has the power to remove images en masse like this just because they personally want to. This is not Flickr, where users have any control whatsoever over the content they upload.
If I ever get sued, I want to be sued by these people. They're working with the law and with their client's needs, and not violating the public's needs for information.
Only because they know their case is incredibly weak. If he lived in the UK, you can bet they'd be coming down on him with a sledgehammer. I'm going to guess they were desperately hoping he'd get scared and go along with their demands (not that he even could, as noted; but they probably didn't realize that). When he says he won't, I'm going to bet they drop it, because they can't do squat. (But IANAL.)
Bridgeman v Corel establishes firmly in US law that the photos are not in fact creative works, and that the images are public domain. The NPG's letter actually acknowledges this.
It doesn't firmly establish anything. It's a district court decision and sets no binding precedent anywhere in the United States. It is, however, probably an accurate reflection of how other U.S. courts would rule, since other U.S. courts would rely on the same precedents Bridgeman did (e.g., Feist v. Rural).
Here, I do not agere at all. This is a privacy issue. And a privacy issue can become very fast a security issue (phishing). And, even if is not phishing, I do not want/. or any other page to let find out what I looked at before. Of course, for tracking sites this is a very cool possibility to get more information from you (and to earn more dollars with this information). Your tactic may work for you, but for most users it's a privacy nightmare. And you don't need to be paranoiac...
I strongly suspect that most users don't really care that much. And I don't think it's very worrisome even if you're concerned about privacy. The concept has been public for eight years now, but there's not a single attack that's ever been identified in the wild, nor is there any indication that one is likely anytime soon.
It's a complicated and slow technique that gets you very little useful information. Phishers could (and do) more profitably spending their time trying to get more people to visit their site, rather than trying to go to great lengths to get slightly higher success rates for people who do visit.
The tactics are completely ineffectual without JavaScript (or at least, they could be easily fixed by browser vendors to not work without JavaScript). If you're really so concerned about privacy as to think this theoretical issue is a serious concern, then you should already be using NoScript anyway â otherwise you're going to be sending much more detailed private data to Analytics and ad services anyway.
So the browser defaults are fine, not an issue. Paranoid people could be given some options, of course (as in Firefox 3.5), but most people won't want:visited crippled because of a theoretical and not very effective attack. Browsers may as well load images unconditionally, so that non-JS attacks don't work and NoScript users are protected, but that's about the limit of what can reasonably be done by default here.
Oh it's interesting alright. Does it still have that "Do not report bugs! There are too many of them and reporting does not help because we are in Alpha!" screen?
On Linux and Mac it does, because on Linux and Mac it's still in alpha, just as Chrome is (and I assume Chrome shows the same screen). Chromium on Windows has no such screen and never has. Chrome is just the name for official Google compiles of Chromium.
That's not an accurate way of looking at it. WebKit has no support for video codecs, period. WebKit delegates media decoding to the underlying platform, much like it does with image decoding.
I did say it supports Theora "just as well as" H.264. "Not at all for either" counts as "just as well".:) (I deliberately hedged my wording ther because I didn't know how it worked.) The point is that it's Safari (and Nokia's browser, etc.) that's relevant here, not WebKit.
It can also be done using CSS and then grepping accesslog. NoScript will not help you there.
That could be easily circumvented if browsers just fetched the image unconditionally for:visited. The script methods are impossible to stop without locking down what properties are valid to use for:visited.
The Web page (HTML, Javascript code,...) should not be able to detect such differences and be able to report them back home; it's OK to tell the browser how to render visited links, but not to get the feedback by the browser how it rendered which links.
So say I make my:visited links twice as tall as my regular links. Are you saying JavaScript shouldn't be able to read the height of the element? That would break all scripts that position anything. Once I can read it with JavaScript, I can always send it back home (e.g., via AJAX, add an image or iframe with a magic URL the browser will load, . ..).
The only way I see to fix this would be to sharply limit the properties that can be set based on:visited, to things like color and background-image; fetch background images for:visited links even if they aren't visited and the image won't be used; and lie to script when it asks about the color of a visited link (by pretending it's not visited in all cases). You can't even allow things like font-weight to be set: anything that affects sizes is going to be impossible to hide from script.
Or you could, you know, not worry that random sites can figure out that omg you visit Slashdot (very inefficiently, by the way). That's the tactic I'm taking, personally.
Slashdot Mirror
Yes, they do, which is precisely the problem here.
Also apparently applies to Canada, Australia, and New Zealand, then. Doesn't sound very coercive; does anyone see New Zealand pressuring the UK into an unequal extradition treaty? It looks more like a special provision made for some major former English colonies. Heck if I know, though. As I said, it's not really surprising if treaties aren't always perfectly balanced.
Anyone care to try posting some images from Getty on Wiki....?
Feel free, as long as they're verifiably slavish copies of out-of-copyright works. Wikimedia's stance on the issue is crystal-clear, no one will delete them. There are already some Getty images on Commons marked as public domain, like this portrait of Shakespeare.
It would be a lot more work for me to manually type the text from an old KJ bible than it would for me to write an article on the history of that bible. Doesn't make the former more worthy of copyright than the later.
Funnily enough, the KJV is still copyrighted in the United Kingdom, so bad example given the nations involved here. ;)
I'm seriously torn here about whether I support the museum or the little guy. I don't think anyone would argue that the original pictures are in the public domain but that isn't what is being shown on Wikipedia, what is getting shown there is a photograph of a public domain work. I think it's fair to argue that a non-trivial amount of work went into taking these photographs and therefore they fall under copyright legislation.
It's fair to argue that they should. But in the US, at least, you can't argue that they do. The Supreme Court has explicitly held that copyright is for creativity only, and effort or technical expertise are irrelevant. (In the UK, it's more arguable.)
Photographs of Public Domain works are not copyrightable under US law. This is a special exception to the general rule concerning copyright and photographs, and only applies to works in the Public Domain. In the specific case of Public Domain works, photographic reproduction of the works is treated as a mechanical process, and not a creative process (the way photographs are normally treated under US law).
This isn't a special exception, it's an application of a general principle: in the US, a work can be copyrighted only insofar as it's at least minimally creative. The biggest general precedent here is Feist v. Rural. So when you do something technically very demanding, but uncreative, you get no new copyright.
If you reproduce ("slavishly copy") a work that was copyrighted by Bob Smith, then your reproduction is also copyrighted by Bob Smith, not you. If you reproduce a work that was in the public domain, then so is your reproduction. The reproduction always has the same copyright status as what's being copied, in all cases, as long as it's a slavish copy.
As I stated in another post, the most fair and equitable solution for all sides is for Wikipedia to remove the high-res versions and replace them with the still high-quality but lower-res versions offered to them for 'Fair Use' by NPG.
Everybody wins, no courts or ambulance-chasers need to be involved.
No, someone has to lose. Either the NPG has to lose a revenue stream they thought they'd get, or anyone who wants high-res images has to lose the ability to get them for free from the Wikimedia Commons. There's no way for everyone to win here.
You miss GP's point. The problem isn't that UK will extradite people to Iran (it doesn't). The problem is that UK will extradite people to US, because US demanded that, and a corresponding treaty was signed; however, US will still not extradite people to UK. That's where the hypocrisy is .
There is no policy that "the UK will extradite people to the US" or "the US will not extradite people to the UK". Extradition treaties have all sorts of provisos and lots of executive discretion.
Extradition is not about arrogant countries forcing others to enforce their laws. (At least, no more than any international agreements are coercive.) It's about countries that are friendly and cooperative working together to allow crimes to be prosecuted by the country that was most affected. America doesn't and can't force any country to extradite anyone. I can guarantee you that Iran doesn't extradite to America any more than the reverse.
The UK does not always extradite to the US. Look at David Carruthers or Peter Dicks. Both are UK citizens, whom the US wanted to prosecute for violating US law. How did the US do so? By arresting them when they entered the US. They weren't extradited — probably because the UK would have refused, since they did nothing that was illegal in the UK. By the same token, as far as I know, the UK will not extradite anyone who might be subject to capital punishment.
On the other hand, the US sure does extradite to the UK. We have an extradition treaty that we're required to comply with. If maybe the terms differ between the US and the UK (do they?), well, that's politics for you. When you have to compromise over a range of issues, the result isn't likely going to look perfectly coherent on any specific issue. If the UK was more generous with extradition, it probably got some other concession from the US in exchange.
I seem to recall that people from the UK have been extradited to the US and charged, for things they did in the UK that the UK authorities decided were legal (or at least things that they should not be prosecuted for).
Those are not the same thing. Just because a particular crime isn't so important to you, and you aren't willing to invest resources into prosecuting it, doesn't mean you have any reason to be uncooperative if someone else wants to prosecute it.
And a certain Russian programmer was arrested and jailed in the US for things he did in Russia that were legal there... remember that one ?
Because he entered the US. Every country can prosecute someone who enters its territory, modulo diplomatic objections from their home countries. Travelers can decide whether they want to take that risk or not. But Russia would not have extradited Skylarov to the US, and nor should the US extradite Dcoetzee to the UK (if it comes to that, which I doubt).
I'm wondering why this is different to the music mess caused by allofmp3; everyone was so upset that the Russians system was different and against "our" laws.
It's not really different. In both cases, you had a site hosted in country X that was providing content to users of country Y in violation of the laws of country Y (but in compliance with the laws of country X). In such a case, country Y has a few options: they can block the site, they can try to get cooperation from country X, or they can prosecute anyone involved who sets foot in their territory. AllOfMP3 was eventually shut down, primarily by the second method.
Of course, in this case some people's sympathies are with the opposite side as in the other. But that's not really any more inconsistent than supporting one law and opposing another within the same country. The analogy is legal, not moral.
English law sides with you, and the gallery, American law sides with Wikipedia.
To be precise, there's no clear precedent in UK courts, and nobody's quite sure how the claim would play out in the UK. At least as far as I can gather. Of course, NPG and their allies will say that UK law is on their side, if there's any doubt.
UK resident.
Working on a UK machine.
Who (by his own admission) committed acts that are a crime in the UK as well as in the US. Different story. He's already subject to penalties by the British government for what he did. The only question is who gets to punish him, not whether his actions were illegal in the first place.
Actually all this begs the question of what typographic controls are available? Can one access things like contextual ligatures and the ssalt## (stylistic alternates 1--20) tags?
This is all Greek to me, but my impression is "Not yet, but we're thinking about it." The recent www-style thread "advanced font features in CSS" seems to discuss this kind of thing. Not that I have the faintest idea what the features being discussed are.
Being able to embed "@font=sexagesimal.ttf" (or whatever the syntax is) would be very handy, but not if we're forced to convert our ttfs to Microsoft's worthless alternative format.
It's trivial to do with open-source utilities, such as ttf2eot for Linux. Not a big barrier, just serve both formats.
This isn't about protecting copyrights on fonts, its about Microsoft making sure IE isn't quite compatible with every other browser, and making sure we have to use their tools if we want anything to work on their dominant platform (and, if history is anything to judge by, eventually buy a license to do so).
Well, originally EOT might have been that. But it's been openly specified since March, months before any non-IE browser shipped web font support AFAIK. There's a fully open-source ttf -> eot converter.
(The only bit that's not an open standard at this point is MTX compression — Microsoft doesn't hold patents to that, Monotype Imaging does. Monotype has said they're willing to license them in a GPL-compatible fashion if browsers are willing to support the compression as part of a web standard [it looks like they're not]. In any event, you can ignore that if you're only encoding the fonts, not decoding: just don't use that feature.)
The reason to object to EOT is things like RootStrings. But again, you don't have to use those if you don't want to. One major contender for a future web standard all browsers are willing to support is some form of "EOT Lite" that's EOT with some objectionable features removed.
The web page in the example really has no place specifying the exact font which should be used, as people with visual impairments, people with low-res portable devices, or people whose native language isn't based on a latin script, might have extreme difficulty reading it.
That's ridiculous. You may as well say that sites shouldn't specify colors, because people who are color-blind might not be able to read it. We shouldn't cripple content served to typical people for the benefit of tiny minorities. We should just make sure that those minorities can adapt their browser to get things to work for them.
Someone who doesn't like web fonts can disable them. Not so easy if the fonts are hardcoded into bitmap images or Flash, which is how non-standard fonts are used today.
Now the real problem is largely solved but these font weenies are still coming-up with crazy schemes to make text look a certain particular way and it is pretty ridiculous the amount of effort that has been spent over the years on this with schemes that end-up only working for a few short years before something new shows-up on the horizone when for the most part electronic text is about information rather than the appearance. Don't try and tell me that this is simple until you look up EOT.
I'm not sure what you're saying here. EOT is a very thin wrapper around OTF, it doesn't deserve to be called a font format. You can read the EOT spec yourself: "FontData points to a TrueType or OpenType font whose format is specified in The Open Font Format (ISO/IEC 14496-22)." It just adds some metadata, some obfuscation, and optionally MTX compression.
If Adobe had their way, we never would have seen TrueType and you would have to pay $100 for every typeface and each would have to be installed on only your machine. Of course, it would look very good. If MS had their way, everything would be TrueType and you could only use the fonts that come installed with the OS, and any extra would be excluded at the OS level... and they would all suck.
Adobe and Microsoft are on the same side here: in favor of a font format with as much protection for authors as possible. Microsoft is siding completely with the font foundries. They're opposed by Mozilla, Apple, Google, and Opera, who have all implemented support for raw TTF in their browsers and don't think another format is necessary to protect font authors' interests.
Net result? If MS adopts @font-face for IE, game over (in a good way), and we will see a flowering of online type design. If MS drags its heels on this, @font-face could die on the vine, and we'll be stuck with Arial, for a VERY long time.
IE has supported @font-face since IE4. I.e., for twelve years. It works perfectly fine in practice. You just need to provide two separate rules, and two separate font files: one in EOT format for IE, one in TTF for everyone else. IE implements CSS 2's @font-face, which was dropped from CSS 2.1, while the others implement CSS 3's version, so probably IE doesn't have as many web font-related features. But basic support is definitely there. So yes, you will be seeing web fonts used, I pretty much guarantee it.
Why is font licensing any different from image licensing?
Because Microsoft refuses to implement raw TTF support, for the sake of font foundries. If Microsoft didn't care, there would be no discussion: we'd just all use whatever preexisting format was most convenient. But now everyone has to actually care what the font authors think, because Microsoft says so. At least if you hope to get a single interoperable format, and not have to serve EOT+TTF forever.
FWIW, some Microsoft employees have said they think images should also have had some sort of impediments to casual unauthorized reuse, but it's obviously too late for that. You can read all the gory details if you go back through the www-font archives. There's been lengthy but scattered discussion on www-style too, including a gigantic thread just a month or so ago that moved to www-font when fantasai complained that it was off-topic.
I followed all the discussion for a while, but it's clear at this point that no one is going to agree on a format in the immediate future. The non-Microsoft browser vendors in the discussion (mainly Mozilla and Opera) seem content to take a wait-and-see approach. Meanwhile, none of the browser vendors have given a completely unambiguous statement of their requirements, so we don't know if there's even any common ground for a shared format even in principle. There seems to be the potential for agreement on a format that's obfuscated enough not to work out-of-the-box if you dump it on your desktop, plus served with same-origin restrictions by default. But the details have to be worked out, and nobody seems to be doing that.
So I don't foresee anything actually happening unless a rep from each vendor is locked in a room and they aren't let out until they shove a completed specification with all their signatures on it under the door. For now everyone will just serve two font formats.
I believe that this is fundamentally mistaken. This seems to be a commonly shared error among the Slashdot commentators on this thread. It requires us to respect _British_ copyrights as valid. It's part of a treaty: it requires that the US respect UK copyright, and vice versa.
Okay, well, you're wrong. I'll quote from the treaty itself Article 5(2):
If you're claiming that an American is violating your copyright in America, your claim is governed exclusively by the laws of America.
Even if this weren't enough, the Berne Convention as ratified by the United States is not self-executing. According to 17 U.S.C. Â 104(c), "no right or interest in a work eligible for protection under this title may be claimed by virtue of, or in reliance upon, the provisions of the Berne Convention or the adherence of the United States thereto."
Our obligations under the Berne Convention have been codified, and only the codified law may be cited in United States legal cases. The codified law (Title 17 of the United States Code) makes no mention that copyrights from foreign nations that would not be recognized under United States law are valid. It sets out essentially the same requirements for foreign and national works to be copyrightable. Works not original under U.S. law are not copyrightable here. That was part of Bridgeman's decision:
The judge clearly states at the beginning of [26] that the question of copyrightability under British law is moot. It makes no difference to copyrightability in the United States.
We absolutely do _not_ want to open up the idea that by simply publishing on the Internet from a country where the material is not copyrighted, once can ignore copyright altogether. While there may be social benefits, serious amounts of international trade would get screwed up. I can't see leaving that can of worms open, instead.
That's not the alternative. The alternative is saying that someone sitting behind his computer in the United States cannot be penalized for doing something that's legal in the United States. That would not result in any chaos. Each country could still ban activities within its own borders — but not outside.
The Bridgeman versus Corel case is fascinating. I'd like to review that in more depth. That's a _much_ more interesting set of issues related to this case than merely whether the Berne Convention applies, which I'm pretty confident it does.
If you had read the decision (which isn't very long), you'd know it doesn't, because the entire beginning of the decision explains why it doesn't. Although again, IANAL, and perhaps I'm hallucinating. If so, enlighten me.
Not at all. The only excessive step is making sure it's removed from all other computers that downloaded the images, and as the violator of copyright, that seems a very normal step to demand, and insist that the defendant at least attempt within the available means.
Well, I'd say it's "excessive" to make demands that are literally impossible for the person you're talking to to fulfill. The only part of their demands he could actually do would be to delete the images from his own hard drive, and not do it again. He cannot delete the images from the Wikimedia Commons, so I'd have to say it's pretty unreasonable to demand he do so. (Except that they probably didn't realize he couldn't.)
They're being cautious, certainly because reaching overseas through the Berne Convention makes it more expensive and difficult, and because they are, in fact, a non-profit educational organization.
The Berne Convention doesn't affect this issue, to the best of my knowledge. It requires that America give British works the same rights as American works. Since American works of this sort would be public-domain, America doesn't have to respect British law to the contrary. Bridgeman v. Corel explicitly noted this: "In most circumstances, choice of law issues do not arise under the Berne and Universal Copyright Conventions. Each adopts a rule of national treatment."
I certainly think they're being cautious because of the difficulty of international prosecution. Because they're an educational organization — well, maybe. Plenty of ruthless educational organizations out there.
They don't want to interfere with Wikimedia: they just want to protect their assets, and they have a legal right to do so.
You mean, they have a legal right to prevent an American in America from downloading images from their website in accordance with American law, and uploading them to an American-owned server in America also in accordance with American law? Well, maybe. The other server was in Britain, and under British law he (allegedly) violated their database rights, etc., by the mere act of downloading the images in the first place. I don't know what sorts of treaties we have with Britain (IANAL of course), so I don't know whether a judgment under British law would be binding here.
It would open up a can of worms if I could be prosecuted for breaking the law of a country, merely by accessing a website hosted in that country in a manner illegal there. If I, from America, accessed a neo-Nazi website hosted in Germany, could I be extradited to Germany for breaking German law? That sounds pretty scary to me.
It's bad enough to expect me to know the laws of my own country: am I supposed to know the law of every country whose websites I'm accessing? How do I even know what country it is? Some sites serve different parts of their content from different countries, like static files from a nearby CDN and the page content from a more distant server.
I know America sometimes arrests people who market gambling sites to Americans. That's scary too. But it's slightly better: at least they don't try to get the owners extradited. Probably because the other countries would refuse. I'm hoping that the same would apply here.
It's interesting to note that Bridgeman v. Corel also involved Brits suing Americans. It not only held British law made no difference to the case, but also that the copying would probably have been legal under British law as well. It only considered the question of copyright infringement per se, however, not the other issues that NPG brings up like database rights and breach of contract, at least AFAICT.
Ithey ask for (almost entirely) reasonable steps to avoid the lawsuit
They may not realize it, but the steps they ask for are impossible. Even if Dcoetzee wanted to, he couldn't "permanently delete" images, even if he's uploaded them. He was a sysop at the time of the request, but a) sysops can't permanently delete anything, only hide it from the public; and b) policy would prevent him from deleting the images. If he tried, he'd just be desysopped and they'd be restored by another sysop.
Now he's no longer even an administrator. He was temporarily demoted while the implications of this threat play out. It's even more obviously impossible for him to comply with their demands now.
The fact of the matter is that the only ones who could delete the images are either the Wikimedia Foundation, or the Commons community by discussion and vote. No individual user has the power to remove images en masse like this just because they personally want to. This is not Flickr, where users have any control whatsoever over the content they upload.
If I ever get sued, I want to be sued by these people. They're working with the law and with their client's needs, and not violating the public's needs for information.
Only because they know their case is incredibly weak. If he lived in the UK, you can bet they'd be coming down on him with a sledgehammer. I'm going to guess they were desperately hoping he'd get scared and go along with their demands (not that he even could, as noted; but they probably didn't realize that). When he says he won't, I'm going to bet they drop it, because they can't do squat. (But IANAL.)
Bridgeman v Corel establishes firmly in US law that the photos are not in fact creative works, and that the images are public domain. The NPG's letter actually acknowledges this.
It doesn't firmly establish anything. It's a district court decision and sets no binding precedent anywhere in the United States. It is, however, probably an accurate reflection of how other U.S. courts would rule, since other U.S. courts would rely on the same precedents Bridgeman did (e.g., Feist v. Rural).
Here, I do not agere at all. This is a privacy issue. And a privacy issue can become very fast a security issue (phishing). And, even if is not phishing, I do not want /. or any other page to let find out what I looked at before. Of course, for tracking sites this is a very cool possibility to get more information from you (and to earn more dollars with this information). Your tactic may work for you, but for most users it's a privacy nightmare. And you don't need to be paranoiac ...
I strongly suspect that most users don't really care that much. And I don't think it's very worrisome even if you're concerned about privacy. The concept has been public for eight years now, but there's not a single attack that's ever been identified in the wild, nor is there any indication that one is likely anytime soon.
It's a complicated and slow technique that gets you very little useful information. Phishers could (and do) more profitably spending their time trying to get more people to visit their site, rather than trying to go to great lengths to get slightly higher success rates for people who do visit.
The tactics are completely ineffectual without JavaScript (or at least, they could be easily fixed by browser vendors to not work without JavaScript). If you're really so concerned about privacy as to think this theoretical issue is a serious concern, then you should already be using NoScript anyway â otherwise you're going to be sending much more detailed private data to Analytics and ad services anyway.
So the browser defaults are fine, not an issue. Paranoid people could be given some options, of course (as in Firefox 3.5), but most people won't want :visited crippled because of a theoretical and not very effective attack. Browsers may as well load images unconditionally, so that non-JS attacks don't work and NoScript users are protected, but that's about the limit of what can reasonably be done by default here.
Oh it's interesting alright. Does it still have that "Do not report bugs! There are too many of them and reporting does not help because we are in Alpha!" screen?
On Linux and Mac it does, because on Linux and Mac it's still in alpha, just as Chrome is (and I assume Chrome shows the same screen). Chromium on Windows has no such screen and never has. Chrome is just the name for official Google compiles of Chromium.
That's not an accurate way of looking at it. WebKit has no support for video codecs, period. WebKit delegates media decoding to the underlying platform, much like it does with image decoding.
I did say it supports Theora "just as well as" H.264. "Not at all for either" counts as "just as well". :) (I deliberately hedged my wording ther because I didn't know how it worked.) The point is that it's Safari (and Nokia's browser, etc.) that's relevant here, not WebKit.
It can also be done using CSS and then grepping accesslog. NoScript will not help you there.
That could be easily circumvented if browsers just fetched the image unconditionally for :visited. The script methods are impossible to stop without locking down what properties are valid to use for :visited.
The Web page (HTML, Javascript code, ...) should not be able to detect such differences and be able to report them back home; it's OK to tell the browser how to render visited links, but not to get the feedback by the browser how it rendered which links.
So say I make my :visited links twice as tall as my regular links. Are you saying JavaScript shouldn't be able to read the height of the element? That would break all scripts that position anything. Once I can read it with JavaScript, I can always send it back home (e.g., via AJAX, add an image or iframe with a magic URL the browser will load, . . .).
The only way I see to fix this would be to sharply limit the properties that can be set based on :visited, to things like color and background-image; fetch background images for :visited links even if they aren't visited and the image won't be used; and lie to script when it asks about the color of a visited link (by pretending it's not visited in all cases). You can't even allow things like font-weight to be set: anything that affects sizes is going to be impossible to hide from script.
Or you could, you know, not worry that random sites can figure out that omg you visit Slashdot (very inefficiently, by the way). That's the tactic I'm taking, personally.