Re:I like my privacy, so please, no email ID
on
The Internet Of Things
·
· Score: 4, Interesting
Today, only your IP address is associated with downloading a copy of Shrek 3. IPv6 is going to make sure that your cable modem, your computer, your RAM and your hard disk are all associated with downloading a copy of Shrek 4.
One way or another, no it's not.
I am becoming increasingly conscious of my on-line footprint, the sheer scale of collection of data about me in real life, and the ways it is being used to my disadvantage. Some of those are sinister, but most are simply businesses or government departments using their greater resources to screw me out of things. Either way, I am personally damaged as a result.
I have always challenged things like asking for all my contact details in a shop when they have no need of them, and I'm sure a lot of people simply lie on various sign-up web pages that ask for information that isn't necessary to provide whatever feature or service is being requested. Now I've got to the point of actively disconnecting from social networking sites that are harvesting information about me, and I'm considering filing formal complaints with my representatives about certain well-known organisations who are obviously storing my credit card details in their databases beyond the end of our transactions.
I care enough about this issue — and more to the point, I suspect enough other people do as well — that if the pressure keeps ramping up, and damaging incidents like losing a whole database of credit card numbers keep happening, I think pretty draconian pro-privacy laws will gain political will long before universal tracking is a reality. All the lobbying and campaign funding in the world won't buy the law back once enough voters have personally been hurt by someone screwing this up.
Yeah, yeah, I know. The HTML generated by the new quote tags is pretty daft as well. But at least it doesn't ignore my explicit formatting as blockquote does!
EVERYONE can read ODF files. They may need to install extra software to do so, but the software is free (as in speech and as in beer)
Really? And how long do you think it will take someone who's never heard of the format to work out what it is, identify a source for software that will read it, and then download that software over a 56K modem?
And for the record, the "it's an open standard so they can write their own" argument is nonsense, and always has been. It's like saying anyone can fork a major OSS project and build whatever new features they want. Sure you can, as long as you're a skilled programmer and you have weeks spare to learn the code base and read up on the relevant documentation. For the other 99.9999% of the population (it's probably more than that, actually), the argument is nothing but wishful thinking.
<Obligatory trollish note> Given that a scarily high proportion of people in the US seem to think Intelligent Design is science, and three presidential candidates said on the record that they do not believe in evolution, I doubt these people have even noticed the decline in scientific advance, never mind questioned why it might be happening. </Obligatory trollish note>
Do you honestly believe that promoting a monopoly desktop is in the public interest?
Not necessarily. I simply acknowledge that it is a close approximation of the reality today, and therefore it is not unreasonable for what the BBC is planning today to be based on that assumption. No-one says they have to keep doing things the same way tomorrow if their audience start demanding other formats.
Doesn't the BBC have a duty to look at the long term rammifications of only supporting a convicted monopolist and locking everyone else out instead of purely focussing on their commercial interests?
Ironically, it is probably commercial interests (needing to resell their material to foreign audiences who don't pay for a TV licence, and/or being contractually required to supply bought-in material only with DRM attached) that are responsible for them choosing the "safe bet" of Windows Media. If these considerations did not exist, I wouldn't be surprised to see them giving their material away in a free format as others have suggested.
And, with respect, the mistake you're making is the same as the other Linux advocates here. ODF is all well and good, but the simple fact is that almost no-one can read ODF files on their computers right now, and many of them wouldn't know how to set it up either. In contrast, almost everyone can read Word documents, and those who can't can find a way at least as easily as they could find a way to read ODF.
That's not strictly true. If your hardware is never used to receive television signals, you can notify the TV Licensing people about this in writing and claim an exception. This is mentioned in their FAQ under the "General questions" category.
I've got no problem with paying my licence fee so long as I am allowed to access the content. Sadly the BBC seems to be adding artifical restrictions to ensure that I can't access the content without me purchasing an expensive product from exactly one vendor with whome I have ethical problems.
No-one's stopping you accessing the content. You will still be able to watch the shows on TV, just as you always could; some of the more popular shows are often repeated now, in fact, for those who have access to the digital channels. This is more like the "listen again" feature they've been offering to radio listeners for some time: an extra, not a replacement.
Also a worry is that the BBC appears to believe that being "platform agnostic" involves only supporting Windows and Mac - no mention of other platforms at all.
So they should say Windows, Mac and Linux? Or should that be Windows, Mac, Linux and FreeBSD? Or Windows, Mac, Linux, FreeBSD and my toy OS that I wrote in CS class?
You have to draw the line somewhere, and whether some people here like it or not, Linux users represent a vanishingly small part of the potential audience. I am happy for the BBC to spend a reasonable amount of money adding useful new features that are available to almost everyone. I would not be happy if they started spending a silly amount of money catering to every tiny but highly vocal minority who deliberately chose to go down a different route to most people knowing that this sort of issue was likely and then complain afterwards.
As someone from outside the US and therefore not deeply familiar with your legal system, I hadn't realised it was possible to forfeit the copyrights in their entirety. Is this a normal penalty provided for in statute law (in as much as anything is "normal" under these circumstances), or is the person bringing this case asking the court to make some sort of special order under more generic legislation?
If the court finds this way, does this mean the works become public domain? Or does it really not matter much to the music fan, because there are multiple copyrights that apply to the material and only one would be revoked so copying still wouldn't be legal? Presumably this would still hurt the music firms, because they wouldn't sue in connection with these works any more.
Hmm... The whole legal can of worms that gets opened up if revoking copyright is on the table has all sorts of interesting possibilities...
Oh whilst Im on the subject,- a FTL drive, I'd like one of those, plus a teleportation device, oh and a replicator, a light saber, a rocket pack, some sort of time machine....
Oh, man, I was with you right up until the replicator part. You don't want one of those. One teensy, weensy little replicator is enough to take over a whole Asgard ship, and they're way, way smarter than we are. Light sabres, fine, teleportation, great, but do us all a favour and drop the replicator idea, mkay?
Sure. I'm not claiming that anonymity is always a bad thing (though I suspect most people aren't nearly as anonymous on-line as they think anyway). I'm merely suggesting that given other, known problems caused by those hiding behind anonymity and reducing the quality of life for many people, we shouldn't automatically assume that on-line anonymity is a good thing. Pragmatically, even in the current dubious political climate in some major western powers, do you think the average citizen is more likely to be a victim of government abuse or a victim of something like credit card fraud or identity theft that started with a phishing attack or similar?
OK, but your problem there is nothing to do with privacy, and everything to do with having a government completely lacking in adequate checks and balances. Given that it's a pretty safe bet that the US intelligence services are currently spying on everyone they can, legally or otherwise, as well, pseudo-anonymity of the kind generally found on the Internet is little defence under these circumstances, either. You have elected leaders who will allow this to happen in your name, and until you fix that, you're screwed whatever the law says on anonymity, privacy, or for that matter policemen not walking through the streets shooting anyone they don't like.
Yes, it seems we do agree on most of this. Just to be clear: I am only talking in this discussion about being able to identify, given due legal authority, the person responsible for writing that breaks the law. We can see that there are real problems here, so I question the use of anonymity because it makes it difficult to solve these problems. I think this is a very different question to monitoring what people choose to watch/read, tracking where they go, data mining who they associate with, or anything along those lines. I do not support general surveillance of these normally private things by the state (or anyone else, for that matter).
Perhaps the closest analogy I can think of is number plates on cars. I do not object to having a number plate on my car per se. These help to prevent people getting away with crimes such as hit-and-runs or not paying for fuel, both of which are all too common. As with on-line identification, I think this is a matter of being able to hold someone accountable for their actions, in a context where abuse is relatively widespread and others are being harmed. I do object to the kind of number plate tracking schemes that are now being used, storing permanent, searchable records of where cars have been long after any legitimate reason to keep that information has passed. IMHO, the solution to this is not to ban number plates that also allow drivers breaking the law to be held accountable, but rather to ban anyone from compiling such a database and then punish anyone caught doing so severely. (You can reasonably argue that someone might still do so covertly, but at least it's difficult to use it for anything damaging without giving away the fact that you're doing it, and the risk of being caught is probably sufficient disincentive to most people.) I also object to the DLVA, who administer number plates here in the UK, giving out the name and address corresponding to a given number plate to pretty much anyone who asks; this removes the separation-of-information safeguard, which I argued in favour of elsewhere in this discussion.
I certainly do agree with your first comment: when in doubt, preserve a right. I have commented here previously that I think the most difficult decisions in law and ethics come when rights we would in general seek to preserve come into conflict.
The thing is, anonymous speech is not a natural right. The natural way of things is that if you say something, you can be seen and heard when you say it, and you can therefore be held responsible by your peers for what you say. If what you say is fair, there is no problem. On the other hand, if what you say causes unfair damage to another, then you can be penalised, just as with any other action you might take that unfairly damages someone.
Another principle I firmly believe in is that with freedom must come responsibility. I believe that, other things being equal, people should have the right to say what they wish, but that does not mean I condone everything they ever say or that I believe that they have no responsibility for the consequences.
The kind of telecommunications and mass publication technology that are available today have given people the ability to speak "louder" than ever before, but we have not yet developed a compensating system where people are held responsible for how they use that freedom. The artificial anonymity granted by the current system tips the balance, and renders the existing legal framework impotent. That framework has evolved over many years, often in remarkably similar ways even in different jurisdictions, and for good reasons. There is ample evidence that the imbalance is causing damage to innocents, and therefore I believe we must question whether on-line anonymity really is more important than protecting those people from unfair damage.
In order to combat these problems, it would seem prudent to limit such data retention to the strictly necessary minimum.
I couldn't agree more.
This is why permitting anonymity is not a sufficient substitute for legislating to protect privacy, with penalties that reflect the real damage that can be done by violations, and then enforcing those laws effectively.
Your comment is irrelevant, AC. I am not talking about the decryption keys aspect of RIPA. In fact, that was exactly what I had in mind when I observed that there were some parts of the Act that I don't think should be law.
What I am talking about is the ISP records of people's on-line activity. If these were being used against innocents in court, then since most courts are open, it is likely that this would have come to light long ago. (And the issue of closed courts and secret terrorist trials and so on is another dubious legal area that isn't relevant to the principle at hand.)
Once you try to start saying some anonymous speech is ok and some is not you have lost the value of anonymity.
Some anonymous speech is OK and some is not. That much is clear. The problem is that there is no objective way to define which category any given piece of anonymous speech falls into.
On this basis, since IME far more of the stuff done anonymously on-line is damaging to innocent people than helping them, I take the pragmatic position that on-line anonymity is not automatically a good thing, and may even be something we should not defend. I know that's heresy around here, but sometimes the truth hurts.
If the data exists, the government can get hold of it. You only have privacy if the data was never collected in the first place.
Sorry, but I don't agree with that for two reasons.
For one thing, nebulous arguments about "government" like this are always weak. "Government" is rarely a single person or institution operating executively (and when it is, that's usually an abuse of the intended system of representation that needs to be fixed for a whole host of other reasons anyway).
For another thing, I'm not arguing that everyone must have access to all of the relevant data. If enough data is collected to identify you given all of it, but the data is split between multiple parties and no individual party can identify you, there is a big safeguard there. This is, after all, a principle on which many security systems are based.
So, to give a personal example, I actually have no problem with my ISP and the hosts at Slashdot keeping sufficient records to identify me in combination as the author of this post, as long as there are sufficient safeguards such as not releasing it without proper legal requirement to do so and only keeping it for a reasonable period of time. Neither organisation individually need have enough material to identify me, so it is only if the information released by both is combined that I can be connected to a post. In the system I am advocating in this thread, that should happen only in response to a proper order from a legitimate court, where a fair case has been made that I should be identified so I can be tried because I am accused of having broken the law.
As long as we have a culture where both businesses and governments follow this basic principle (because they are required to by law and that law is effectively enforced), it is no more subject to abuse by "government" than any other prosecution under the law, and I will still have the same due process available to defend myself if I am accused of wrongdoing. Moreover, there is no way for anyone else — businesses, random government weenies, aggressive advertising groups, anyone — to find me. Thus I can still be fairly tried under the law if I commit an offence, but otherwise I am basically safe (other than if someone manages to abuse that legal system, but that same argument means I could be arbitrarily arrested and put in prison even though the law prevents it, and is unrealistic in most countries today).
There is never a black and white best answer in these discussions, but I submit that the above is a much more pragmatic view than the current one, where we effectively allow on-line anonymity (because even where an identity could be identified, it is prohibitively expensive to do so in most cases) and this leads to widespread abuse that hurts real people all the time.
Finally, before anyone brings up the oppressive regime/free speech argument, please consider that if the identifying data is split (e.g., bulletin board keeps content + IP + timestamp and ISP keeps record of which account was using that IP at that time), having any link of the chain in a "free" country that respected a general agreement about disclosure of potentially identifying information would be sufficient to break the chain in a case where the court cases was unreasonable under international standards. In other words, the above means of identifying someone only works if all the parties involved are in countries where the law is compatible on these concerns.
Actually, and perhaps rather paradoxically, very few of my on-line writings have my real name attached to them. I wrote here a little while ago about how I'd cancelled all my accounts on social networking sites as well.
I have a very clear reason for doing this: in today's culture, posting under my real name gains me nothing and risks a lot. This is, in fact, where I came in. What we should have are real privacy laws, which prevent the kind of arbitrary collection, sharing and mining of personal information that businesses and governments are increasingly using as technology makes it easy. Until we have these, pseudo-anonymity is a somewhat effective defence, but it's only a band-aid for a greater problem.
The other problem is that society hasn't yet learned that you shouldn't trust everything you read on-line and no-one is perfect. In a sensible world, a prospective employer finding a picture of you doing something stupid while you were a student a decade ago wouldn't be a problem, because they'd just think "Oh, well, a lot of us did stupid stuff when we were students". In a sensible world, a hint in a personal blog that you enjoyed chemistry would not result in police visiting your home because someone reported you as a terrorist. In a sensible world, mentioning your employer by name in a blog wouldn't get you fired (or at least, told to close down the blog or you'd be fired). And so it goes. But this is not, yet, a sensible world.
Before we can reach that world, people need to grow up and realise that no-one is perfect. Finding the odd character flaw or past indiscretion is not the best criteria on which to judge another human being. As I've noted before, if I had taken personal offence every time one of my friends did something that hurt another of my friends, then I would long since have run out of friends. And yet, I know that all of my friends are basically decent people, and that it is just an unfortunate reality that sometimes relationships don't work out and people get hurt, so I am very glad to have the friends I do regardless of any isolated incidents that I might have disliked if I'd been on the wrong end of them.
I am optimistic about this, but I think things have to get worse before they get better. With the current generation growing up with social networking sites who are data mining them like crazy, and who have little concept of personal privacy and why it matters, I think a lot of people are going to get screwed over the next 5–10 years. But after a little while, it will become pretty obvious to everyone that this is stupid. People will stop believing every little thing they read about someone, employers will stop vetting people extensively on their Internet footprint because the method will lack credibility, and when citizens/consumers realise how much they're getting screwed I think they will demand privacy laws that prevent the kinds of abuse that are increasingly happening today.
So, until we reach that point some way down the line, when society has grown up enough to understand the value of privacy and the need to respect people's public personas in a world where most people have an Internet presence somewhere, I choose to protect myself from the damage by posting under pseudonyms on "casual" forums like this one. But I would rather live in a world with serious privacy laws and a grown-up society, where I could write my genuine thoughts here and put my real name to them, knowing that I wasn't going to risk being sued for saying something that inadvertently gave the wrong impression. In that world, I wouldn't need anonymity, and I would be happy to stand by what I write here, with my real name attached.
Maybe I'm missing something, but this law sounds like a storm in a teacup, and this story sounds like yet another PR exercise on behalf of Google.
Privacy is not the same as anonymity. I have often suggested around here that on-line anonymity may do more harm than good in practice. For the record, that does not mean that I think ISPs should release personal data about their subscribers to just anyone, nor that they should retain such data indefinitely, nor that governments should be able to look up such data on a whim.
But frankly, I suspect that most people who use anonymising techniques on-line do have something to hide, and that something is usually connected to damaging others. There seem to be way, way, way more instances of spammers, phishing expeditions, fraudsters, character assassins and others taking advantage of the relative inability to enforce laws against Internet-based targets — thanks in large part to the relative anonymity you can easily achieve on-line today — than there are examples of genuinely good things like whistle-blowing and free expression under non-free regimes that might legitimately be protected by anonymity. Clearly there is a fine line here between setting dangerous precedents and undermining what might to some people be a vital tool in the defence of liberty, and pragmatically acting to protect lots of people from things that are actually damaging them right now, and I don't for an instant claim that there is a single right answer to this or that I am 100% convinced what I suggest here would always be the way to go.
Incidentally, we already have some similar-sounding laws in the UK, as far as the keeping of records go (under the Regulation of Investigatory Powers Act, primarily) and these haven't led to widespread abuse even under the way-too-controlling Blair administration. There are some things in RIPA that really shouldn't be law, but so far this doesn't seem to be one of them.
Otherwise, the police tend to lie about the incidents, even going so far to claim in the killing of Jean Charles de Menezes in Britain that 5 different cameras watching the action were all somehow not functioning.
It's funny (as in suspicious, not amusing) how often that happens. A few years ago, during May Day in London, police held thousands of people for several hours against their will, under dubious circumstances. (There are often protests/riots on May Day, but it's not at all clear than many innocent people weren't caught up involuntarily.) All of the CCTV cameras covering a large area of London were mysteriously off-line for maintenance — an odd choice of timing, given that such things are presumably planned in advance, it was fairly predictable the cameras would be needed to monitor the crowds on that day, and there was obvious potential for police abuse where the cameras could be used in evidence. Curiously enough, it's now quite difficult to find any web sites that comment on this, too...
One way or another, no it's not.
I am becoming increasingly conscious of my on-line footprint, the sheer scale of collection of data about me in real life, and the ways it is being used to my disadvantage. Some of those are sinister, but most are simply businesses or government departments using their greater resources to screw me out of things. Either way, I am personally damaged as a result.
I have always challenged things like asking for all my contact details in a shop when they have no need of them, and I'm sure a lot of people simply lie on various sign-up web pages that ask for information that isn't necessary to provide whatever feature or service is being requested. Now I've got to the point of actively disconnecting from social networking sites that are harvesting information about me, and I'm considering filing formal complaints with my representatives about certain well-known organisations who are obviously storing my credit card details in their databases beyond the end of our transactions.
I care enough about this issue — and more to the point, I suspect enough other people do as well — that if the pressure keeps ramping up, and damaging incidents like losing a whole database of credit card numbers keep happening, I think pretty draconian pro-privacy laws will gain political will long before universal tracking is a reality. All the lobbying and campaign funding in the world won't buy the law back once enough voters have personally been hurt by someone screwing this up.
Fair point, but in this context I'd take "correct" over "faster" any day.
Any sufficiently advanced undocumented feature is indistinguishable from a bug. :-)
Yeah, yeah, I know. The HTML generated by the new quote tags is pretty daft as well. But at least it doesn't ignore my explicit formatting as blockquote does!
This is a quote.
This is a quote with italics.
Hey, they've fixed at least one bug! :-)
Really? And how long do you think it will take someone who's never heard of the format to work out what it is, identify a source for software that will read it, and then download that software over a 56K modem?
And for the record, the "it's an open standard so they can write their own" argument is nonsense, and always has been. It's like saying anyone can fork a major OSS project and build whatever new features they want. Sure you can, as long as you're a skilled programmer and you have weeks spare to learn the code base and read up on the relevant documentation. For the other 99.9999% of the population (it's probably more than that, actually), the argument is nothing but wishful thinking.
<Obligatory trollish note> Given that a scarily high proportion of people in the US seem to think Intelligent Design is science, and three presidential candidates said on the record that they do not believe in evolution, I doubt these people have even noticed the decline in scientific advance, never mind questioned why it might be happening. </Obligatory trollish note>
Not necessarily. I simply acknowledge that it is a close approximation of the reality today, and therefore it is not unreasonable for what the BBC is planning today to be based on that assumption. No-one says they have to keep doing things the same way tomorrow if their audience start demanding other formats.
Ironically, it is probably commercial interests (needing to resell their material to foreign audiences who don't pay for a TV licence, and/or being contractually required to supply bought-in material only with DRM attached) that are responsible for them choosing the "safe bet" of Windows Media. If these considerations did not exist, I wouldn't be surprised to see them giving their material away in a free format as others have suggested.
And, with respect, the mistake you're making is the same as the other Linux advocates here. ODF is all well and good, but the simple fact is that almost no-one can read ODF files on their computers right now, and many of them wouldn't know how to set it up either. In contrast, almost everyone can read Word documents, and those who can't can find a way at least as easily as they could find a way to read ODF.
That's not strictly true. If your hardware is never used to receive television signals, you can notify the TV Licensing people about this in writing and claim an exception. This is mentioned in their FAQ under the "General questions" category.
No-one's stopping you accessing the content. You will still be able to watch the shows on TV, just as you always could; some of the more popular shows are often repeated now, in fact, for those who have access to the digital channels. This is more like the "listen again" feature they've been offering to radio listeners for some time: an extra, not a replacement.
So they should say Windows, Mac and Linux? Or should that be Windows, Mac, Linux and FreeBSD? Or Windows, Mac, Linux, FreeBSD and my toy OS that I wrote in CS class?
You have to draw the line somewhere, and whether some people here like it or not, Linux users represent a vanishingly small part of the potential audience. I am happy for the BBC to spend a reasonable amount of money adding useful new features that are available to almost everyone. I would not be happy if they started spending a silly amount of money catering to every tiny but highly vocal minority who deliberately chose to go down a different route to most people knowing that this sort of issue was likely and then complain afterwards.
As someone from outside the US and therefore not deeply familiar with your legal system, I hadn't realised it was possible to forfeit the copyrights in their entirety. Is this a normal penalty provided for in statute law (in as much as anything is "normal" under these circumstances), or is the person bringing this case asking the court to make some sort of special order under more generic legislation?
If the court finds this way, does this mean the works become public domain? Or does it really not matter much to the music fan, because there are multiple copyrights that apply to the material and only one would be revoked so copying still wouldn't be legal? Presumably this would still hurt the music firms, because they wouldn't sue in connection with these works any more.
Hmm... The whole legal can of worms that gets opened up if revoking copyright is on the table has all sorts of interesting possibilities...
<Jack> Does it matter? Can't we just shoot them? </Jack> :-)
Oh, man, I was with you right up until the replicator part. You don't want one of those. One teensy, weensy little replicator is enough to take over a whole Asgard ship, and they're way, way smarter than we are. Light sabres, fine, teleportation, great, but do us all a favour and drop the replicator idea, mkay?
Sure. I'm not claiming that anonymity is always a bad thing (though I suspect most people aren't nearly as anonymous on-line as they think anyway). I'm merely suggesting that given other, known problems caused by those hiding behind anonymity and reducing the quality of life for many people, we shouldn't automatically assume that on-line anonymity is a good thing. Pragmatically, even in the current dubious political climate in some major western powers, do you think the average citizen is more likely to be a victim of government abuse or a victim of something like credit card fraud or identity theft that started with a phishing attack or similar?
OK, but your problem there is nothing to do with privacy, and everything to do with having a government completely lacking in adequate checks and balances. Given that it's a pretty safe bet that the US intelligence services are currently spying on everyone they can, legally or otherwise, as well, pseudo-anonymity of the kind generally found on the Internet is little defence under these circumstances, either. You have elected leaders who will allow this to happen in your name, and until you fix that, you're screwed whatever the law says on anonymity, privacy, or for that matter policemen not walking through the streets shooting anyone they don't like.
Yes, it seems we do agree on most of this. Just to be clear: I am only talking in this discussion about being able to identify, given due legal authority, the person responsible for writing that breaks the law. We can see that there are real problems here, so I question the use of anonymity because it makes it difficult to solve these problems. I think this is a very different question to monitoring what people choose to watch/read, tracking where they go, data mining who they associate with, or anything along those lines. I do not support general surveillance of these normally private things by the state (or anyone else, for that matter).
Perhaps the closest analogy I can think of is number plates on cars. I do not object to having a number plate on my car per se. These help to prevent people getting away with crimes such as hit-and-runs or not paying for fuel, both of which are all too common. As with on-line identification, I think this is a matter of being able to hold someone accountable for their actions, in a context where abuse is relatively widespread and others are being harmed. I do object to the kind of number plate tracking schemes that are now being used, storing permanent, searchable records of where cars have been long after any legitimate reason to keep that information has passed. IMHO, the solution to this is not to ban number plates that also allow drivers breaking the law to be held accountable, but rather to ban anyone from compiling such a database and then punish anyone caught doing so severely. (You can reasonably argue that someone might still do so covertly, but at least it's difficult to use it for anything damaging without giving away the fact that you're doing it, and the risk of being caught is probably sufficient disincentive to most people.) I also object to the DLVA, who administer number plates here in the UK, giving out the name and address corresponding to a given number plate to pretty much anyone who asks; this removes the separation-of-information safeguard, which I argued in favour of elsewhere in this discussion.
I certainly do agree with your first comment: when in doubt, preserve a right. I have commented here previously that I think the most difficult decisions in law and ethics come when rights we would in general seek to preserve come into conflict.
The thing is, anonymous speech is not a natural right. The natural way of things is that if you say something, you can be seen and heard when you say it, and you can therefore be held responsible by your peers for what you say. If what you say is fair, there is no problem. On the other hand, if what you say causes unfair damage to another, then you can be penalised, just as with any other action you might take that unfairly damages someone.
Another principle I firmly believe in is that with freedom must come responsibility. I believe that, other things being equal, people should have the right to say what they wish, but that does not mean I condone everything they ever say or that I believe that they have no responsibility for the consequences.
The kind of telecommunications and mass publication technology that are available today have given people the ability to speak "louder" than ever before, but we have not yet developed a compensating system where people are held responsible for how they use that freedom. The artificial anonymity granted by the current system tips the balance, and renders the existing legal framework impotent. That framework has evolved over many years, often in remarkably similar ways even in different jurisdictions, and for good reasons. There is ample evidence that the imbalance is causing damage to innocents, and therefore I believe we must question whether on-line anonymity really is more important than protecting those people from unfair damage.
I couldn't agree more.
This is why permitting anonymity is not a sufficient substitute for legislating to protect privacy, with penalties that reflect the real damage that can be done by violations, and then enforcing those laws effectively.
Your comment is irrelevant, AC. I am not talking about the decryption keys aspect of RIPA. In fact, that was exactly what I had in mind when I observed that there were some parts of the Act that I don't think should be law.
What I am talking about is the ISP records of people's on-line activity. If these were being used against innocents in court, then since most courts are open, it is likely that this would have come to light long ago. (And the issue of closed courts and secret terrorist trials and so on is another dubious legal area that isn't relevant to the principle at hand.)
Some anonymous speech is OK and some is not. That much is clear. The problem is that there is no objective way to define which category any given piece of anonymous speech falls into.
On this basis, since IME far more of the stuff done anonymously on-line is damaging to innocent people than helping them, I take the pragmatic position that on-line anonymity is not automatically a good thing, and may even be something we should not defend. I know that's heresy around here, but sometimes the truth hurts.
Sorry, but I don't agree with that for two reasons.
For one thing, nebulous arguments about "government" like this are always weak. "Government" is rarely a single person or institution operating executively (and when it is, that's usually an abuse of the intended system of representation that needs to be fixed for a whole host of other reasons anyway).
For another thing, I'm not arguing that everyone must have access to all of the relevant data. If enough data is collected to identify you given all of it, but the data is split between multiple parties and no individual party can identify you, there is a big safeguard there. This is, after all, a principle on which many security systems are based.
So, to give a personal example, I actually have no problem with my ISP and the hosts at Slashdot keeping sufficient records to identify me in combination as the author of this post, as long as there are sufficient safeguards such as not releasing it without proper legal requirement to do so and only keeping it for a reasonable period of time. Neither organisation individually need have enough material to identify me, so it is only if the information released by both is combined that I can be connected to a post. In the system I am advocating in this thread, that should happen only in response to a proper order from a legitimate court, where a fair case has been made that I should be identified so I can be tried because I am accused of having broken the law.
As long as we have a culture where both businesses and governments follow this basic principle (because they are required to by law and that law is effectively enforced), it is no more subject to abuse by "government" than any other prosecution under the law, and I will still have the same due process available to defend myself if I am accused of wrongdoing. Moreover, there is no way for anyone else — businesses, random government weenies, aggressive advertising groups, anyone — to find me. Thus I can still be fairly tried under the law if I commit an offence, but otherwise I am basically safe (other than if someone manages to abuse that legal system, but that same argument means I could be arbitrarily arrested and put in prison even though the law prevents it, and is unrealistic in most countries today).
There is never a black and white best answer in these discussions, but I submit that the above is a much more pragmatic view than the current one, where we effectively allow on-line anonymity (because even where an identity could be identified, it is prohibitively expensive to do so in most cases) and this leads to widespread abuse that hurts real people all the time.
Finally, before anyone brings up the oppressive regime/free speech argument, please consider that if the identifying data is split (e.g., bulletin board keeps content + IP + timestamp and ISP keeps record of which account was using that IP at that time), having any link of the chain in a "free" country that respected a general agreement about disclosure of potentially identifying information would be sufficient to break the chain in a case where the court cases was unreasonable under international standards. In other words, the above means of identifying someone only works if all the parties involved are in countries where the law is compatible on these concerns.
I'm hiding my full real name. :-)
Actually, and perhaps rather paradoxically, very few of my on-line writings have my real name attached to them. I wrote here a little while ago about how I'd cancelled all my accounts on social networking sites as well.
I have a very clear reason for doing this: in today's culture, posting under my real name gains me nothing and risks a lot. This is, in fact, where I came in. What we should have are real privacy laws, which prevent the kind of arbitrary collection, sharing and mining of personal information that businesses and governments are increasingly using as technology makes it easy. Until we have these, pseudo-anonymity is a somewhat effective defence, but it's only a band-aid for a greater problem.
The other problem is that society hasn't yet learned that you shouldn't trust everything you read on-line and no-one is perfect. In a sensible world, a prospective employer finding a picture of you doing something stupid while you were a student a decade ago wouldn't be a problem, because they'd just think "Oh, well, a lot of us did stupid stuff when we were students". In a sensible world, a hint in a personal blog that you enjoyed chemistry would not result in police visiting your home because someone reported you as a terrorist. In a sensible world, mentioning your employer by name in a blog wouldn't get you fired (or at least, told to close down the blog or you'd be fired). And so it goes. But this is not, yet, a sensible world.
Before we can reach that world, people need to grow up and realise that no-one is perfect. Finding the odd character flaw or past indiscretion is not the best criteria on which to judge another human being. As I've noted before, if I had taken personal offence every time one of my friends did something that hurt another of my friends, then I would long since have run out of friends. And yet, I know that all of my friends are basically decent people, and that it is just an unfortunate reality that sometimes relationships don't work out and people get hurt, so I am very glad to have the friends I do regardless of any isolated incidents that I might have disliked if I'd been on the wrong end of them.
I am optimistic about this, but I think things have to get worse before they get better. With the current generation growing up with social networking sites who are data mining them like crazy, and who have little concept of personal privacy and why it matters, I think a lot of people are going to get screwed over the next 5–10 years. But after a little while, it will become pretty obvious to everyone that this is stupid. People will stop believing every little thing they read about someone, employers will stop vetting people extensively on their Internet footprint because the method will lack credibility, and when citizens/consumers realise how much they're getting screwed I think they will demand privacy laws that prevent the kinds of abuse that are increasingly happening today.
So, until we reach that point some way down the line, when society has grown up enough to understand the value of privacy and the need to respect people's public personas in a world where most people have an Internet presence somewhere, I choose to protect myself from the damage by posting under pseudonyms on "casual" forums like this one. But I would rather live in a world with serious privacy laws and a grown-up society, where I could write my genuine thoughts here and put my real name to them, knowing that I wasn't going to risk being sued for saying something that inadvertently gave the wrong impression. In that world, I wouldn't need anonymity, and I would be happy to stand by what I write here, with my real name attached.
Maybe I'm missing something, but this law sounds like a storm in a teacup, and this story sounds like yet another PR exercise on behalf of Google.
Privacy is not the same as anonymity. I have often suggested around here that on-line anonymity may do more harm than good in practice. For the record, that does not mean that I think ISPs should release personal data about their subscribers to just anyone, nor that they should retain such data indefinitely, nor that governments should be able to look up such data on a whim.
But frankly, I suspect that most people who use anonymising techniques on-line do have something to hide, and that something is usually connected to damaging others. There seem to be way, way, way more instances of spammers, phishing expeditions, fraudsters, character assassins and others taking advantage of the relative inability to enforce laws against Internet-based targets — thanks in large part to the relative anonymity you can easily achieve on-line today — than there are examples of genuinely good things like whistle-blowing and free expression under non-free regimes that might legitimately be protected by anonymity. Clearly there is a fine line here between setting dangerous precedents and undermining what might to some people be a vital tool in the defence of liberty, and pragmatically acting to protect lots of people from things that are actually damaging them right now, and I don't for an instant claim that there is a single right answer to this or that I am 100% convinced what I suggest here would always be the way to go.
Incidentally, we already have some similar-sounding laws in the UK, as far as the keeping of records go (under the Regulation of Investigatory Powers Act, primarily) and these haven't led to widespread abuse even under the way-too-controlling Blair administration. There are some things in RIPA that really shouldn't be law, but so far this doesn't seem to be one of them.
It's funny (as in suspicious, not amusing) how often that happens. A few years ago, during May Day in London, police held thousands of people for several hours against their will, under dubious circumstances. (There are often protests/riots on May Day, but it's not at all clear than many innocent people weren't caught up involuntarily.) All of the CCTV cameras covering a large area of London were mysteriously off-line for maintenance — an odd choice of timing, given that such things are presumably planned in advance, it was fairly predictable the cameras would be needed to monitor the crowds on that day, and there was obvious potential for police abuse where the cameras could be used in evidence. Curiously enough, it's now quite difficult to find any web sites that comment on this, too...