No doubt we could debate a few specifics, but I couldn't agree more with your basic points that we criminalize too many things and that what consenting adults do in private is their own business.
"We want all the perks of being taxi drivers, but none of the responsibilities. But you don't need to ban or regulate us, we're not doing any harm, just disrupting an out-of-date industry with a new business model!"
And if someone is trying to find large numbers of people from a certain demographic they don't like in order to capture and do unpleasant things to those people, do you think having a detailed profile of everyone's entire life available at the touch of a button will make this (a) harder or (b) easier?
If the parallel isn't obvious enough for you, please consider a controversial subject like gay marriage and the power of the Christian Right in the US, or the attitudes towards Muslims exhibited by some people in Europe and the rise of far right political parties in the same places.
No. Just as correlation does not imply causation but can certainly suggest a potential causal effect worth investigation, so a very clear difference but in only a small sample can suggest something worth investigating using a larger sample and proper controls. The kind of behaviour I describe has been widely reported anecdotally, so unless you've actually do have some more robust data that shows otherwise, it remains a plausible theory that the situation I described among the younger generation I know is also the case more widely.
In other words, I'm not claiming that my own experience is necessarily representative, but I am claiming that it might be until better data shows otherwise.
You're right, it's not representative; I carefully phrased it as a statement of personal experience rather than a general claim for precisely that reason.
It is suggestive of a generational change in attitude, though.
Surely you're not suggesting that there might be some correlation between people willing to answer questions on a potentially sensitive subject from a complete stranger and people who might be less concerned about government spying? That's just crazy talk!
Here's another one still: people who grew up sharing everything publicly on the Internet already take steps to conceal their true identity from anyone they don't want to share with.
Most of the generation before me use their real names on Facebook. I'm struggling to think of anyone of the generation after me who does.
In fact, I'm struggling to think of many who actually use ID-tied sites like Facebook at all, or at least not for extended periods. Multiple accounts, shifting rapidly from one platform to the next, disposable communications via the likes of Snapchat... These kinds of behaviours are almost universal for the younger generation.
Personally, I tend to think that's a very good thing. My major concern is that sometimes the technologies the kids use aren't nearly as private or as temporary as they have been led to believe: plenty of supposedly deleted Snapchat material mysteriously reappears later by one mechanism or another, popular communication tools like WhatsApp might actually be owned by data hoarders like Facebook, modern data mining techniques can still ID people with high reliability from surprisingly small parts of "anonymized" data sets, etc.
Interesting story. One of the things I find most reassuring about the police service* in the UK is that they have long maintained, great consistency and at almost any rank, that good community relations are the heart of good policing. Officers who go out on patrol** have consistently and overwhelmingly said they do not want to routinely carry firearms, because that goes against the basic principle of policing by consent, and instead they tend to assume that the solution to local problems often starts with trying to improve those relations if they are failing. Concerns are also raised often by the police themselves about the balance between having officers patrolling in vehicles for rapid response and having officers literally walking the beat and actually making contact with the public. I get the feeling that police officers in certain other parts of the world have a very, very different attitude to their relationship with the public.
*I remember well that when the local police schools liaison officer visited us, he made a point of saying he didn't like the term "police force" because it had the wrong connotations before you even started to look at what the police did.
**It's curious how often police officers and politicians in some places refer to officers "on the front line", this being about as overt a military metaphor as I can think of (short of being "on the front line in the war against $ABSTRACT_NOUN" I suppose).
The key point from an ethical/legal point of view might be the warrant. The key safeguard from a practical point of view is that to plant those bugs someone has to actually visit the site and do something. This requires time, effort, and a risk of getting caught, which means it's potentially an option if you really do have a good reason to consider a specific individual to be a threat but it's prohibitively expensive to spy on everyone all of the time. As far as defending democracy is concerned, that is a much healthier balance than mass surveillance of the many by the few.
All agreed, though I am increasingly of the view that systemic bias in favour of the accused is not sufficient. Merely being dragged through the legal system even if ultimately found not guilty is sure to be stressful, time-consuming, and possibly costly in more ways than one. People who have committed even quite serious crimes are sometimes released immediately after conviction on the basis that they've already served as much or more time than their sentence -- but of course, someone who was entirely innocent and not convicted in court also served that time. Right now you're unlikely to get much financial compensation for any of that, and even less any obligation for those who caused the damage to do anything else to set the record straight or otherwise make things right as much as possible.
The more I've thought about these kinds of issues as I get older, the more I think our modern "justice" systems are no longer fit for purpose, if indeed they ever were. In particular, they take an absurd amount of time and resources to deal with trivial infractions, sometimes at a cost to all involved that is far greater than any damage done by the alleged act itself. For major cases, the court proceedings can cost millions and drag on for years, and by the time they are finally over the result is no longer relevant anyway.
I think we would probably do much better if we built on the kinds of distinction we already make about severity: misdemeanour vs. felony in the US, magistrates vs. crown courts here in the UK, small claims courts with less formal procedures for minor civil disputes, and so on. For example, I don't see why any very minor offence can't be fully tried and a judgement made within a single court session and within a matter of days after the alleged infraction. Either there is clear evidence to convict, or you acquit. If you convict in a fast track procedure, you have strict limits on the level of penalty that can be imposed.
Then for repeated minor offences within some defined time period or for more serious crimes (probably anything including violence that allegedly caused significant injury and/or damage needing repairs exceeding a certain cost, for example) you can extend the timescales involved to a degree to allow for more careful preparation of the case, perhaps increase the degree of scrutiny in terms of magistrates vs. judge and jury and allow the use of expert witnesses, and so on.
Crucial to all of this, in my ideal world, would be the idea that there was also proper compensation for anyone brought through the system at any given level but not ultimately found guilty, making it not cost effective to bring cases in the first place without a reasonable expectation of a conviction. No doubt experienced lawyers could come up with much better ideas for the specific details of any such system, but I think the idea of having more well-defined tiers with strict limits on applicability and proportionate compensation arrangements is basically a sound one.
I agree with your basic point about the need for balance. Of course there are bad people in the world and of course we need police and courts and the like.
I think the problem today is that many in our current political class don't recognise that need for balance so much as they see "them and us" and even start to forget whose side they are supposed to be on. The truly evil part of the situation is that this result seems almost inevitable. The people calling the shots are exactly the people who necessarily deal with the worst of humanity as part of their job. How could this not affect their perspective? They naturally want to trust their allies, who are the people who would be empowered under all these proposed security measures and aided by restrictions on the privacy and security of others. And of course being influential figures within the government, it is highly unlikely that they will personally ever find themselves on the wrong side of a government screw-up and unable to get the problem fixed very quickly.
I don't think these people are evil. On the contrary, I suspect most people in government, including their agents in the police and security services, are probably just normal people who have a job to do and who genuinely want to do the right thing. As with any large group, there will eventually be a few bad actors included as well and it is necessary to identify and contain them, but that isn't usually the main problem.
However, I do think we're talking about people who are heavily biased, even paranoid, because it would take a superhuman level of detachment not to be when you look at the kind of people they have to deal with at times. I also think in most cases they are ignorant about the technologies they are dealing with, and therefore unable to make rational, objective judgements about the likely effects of the technical measures they propose as policy. Finally, I think that the more senior these figures get within the government and its agencies, the more detached they tend to be from reality for average citizens and the more ignorant or dismissive they can become of how things tend to play out for innocent people in less privileged positions who are nevertheless caught up by the measures the politicians propose.
As the saying goes, power corrupts. It doesn't necessarily have to be malicious or intentional. Obviously in some cases it has been, but often I think the corruption is more of a slow but almost inevitable change in perspective caused by the situations you find yourself in when you have power to wield.
And so it is necessary for those who are looking from outside, those who don't spend disproportionate amounts of their time dealing with a particularly nasty minority of the human race, those who understand the technical issues, to speak out about what is happening and where it could lead. As with any issue of civilised government, in the long run you're going to get much further by educating people about relevant issues and promoting intelligent discourse than you are with wildly exaggerated rhetoric and extreme positions backed by intimidation and ultimately violence. The latter are seductive, and often appear quite effective in the short term, but I doubt they've ever truly solved much.
Notice that I very carefully said secure against a certain attack in my previous post. You are talking about something different to breaking the encryption technically: the xkcd attack, which any large organisation with weapons can apply, but not covertly and not without consequences if they try to apply it systematically against innocent people.
There used to be a saying, something about it being better to let ten guilty men go free than to imprison one innocent one.
Tragically, in today's culture of politics dominated by fear, it almost seems like everyone is presumed to be guilty of something. That means the idea that it might be necessary to protect someone who might actually be innocent, or simply to leave them alone to live their lives without interference, is not given a lot of thought.
Your position seems reasonable enough from an ethical/moral standpoint. Unfortunately, in reality, a device or communication channel is either secure against a certain attack or it isn't. There is not and never can be a middle ground of being secure against a certain attack unless that attack has been lawfully authorised by a competent court.
In short, if the government wants access to your encrypted information, even with appropriate oversight, then it must require your information to be insecure and therefore vulnerable to other parties accessing it as well. If the government wants to encourage security in communications, then it must accept that covert interception of those communications will no longer be possible. You can't eat your cake and have it.
I suspect that in fact we probably agree on most of this issue then. The difficulty in this sort of case is that merely having a copy of software or other digital work (and thus fitting in just fine with traditional copyright law) is not sufficient to make that work useful if it has been artificially crippled with some sort of phone home functionality.
By its nature, that functionality might depend on a third party. That third party might have had nothing to do with the original sale to the person using the software/digital work. They may or may not want to make the software/work usable by the purchaser for commercial reasons. Most importantly at present, they may have no actual legal obligation to make the work useful even if every other deal in the process has been completely above board.
This creates a potential problem of abuse with DRM schemes, leading to the sort of case we've been discussing. It's also a real liability in terms of lots of things breaking if the authorising system is taken off-line and potentially its owning organisation isn't even there any more to be held responsible and make amends.
Sadly, I suspect there are about three elected representatives in the universe who are even close to understanding these issues. They have nowhere near enough influence to raise this issue at high levels within their legislative bodies alone, and even if they did, they'd be up against Big Software and Big Media concerned about copyright infringement and bribing other officials with substantial contributions to look that way first.
You're falling into the trap of confusing ethics and the law. Whatever you -- or I, since I expect we'd agree -- think of the ethics of the situation, so far I haven't seen anything to suggest their actions in not respecting keys used other than under the conditions they were sold with is actually illegal. The law with respect to digital purchases, DRM, and remote access/activation schemes may be some anachronistic dinosaur, but if it's the law right now then complaining about the action on a forum like Slashdot isn't going to change that.
Maybe, but for better or worse, the situation today is that Ubisoft is effectively empowered to "confiscate" keys acquired through illegitimate channels in violation of whatever terms of sale or licensing agreements those keys came with.
Now, you might argue that the law should be updated to address the rights of customers buying digital products in a more even-handed way. If you did, I'd be the first to agree. But even then, it's hard to see why those rights would or should protect someone with the digital equivalent of stolen property. If you wanted to legitimise reselling keys across borders as a matter of policy then you'd probably also need an explicit change so that DRM schemes attempting to prevent cross-border trade were prohibited and anyone operating them on a commercial basis was required to honour otherwise valid keys for any sort of activation or customer support purposes.
In that case, perhaps it's more closely analogous to paying someone abroad to buy something cheap and ship it to you, but then complaining when your delivery arrives that you got charged the import taxes your oh-so-honest supplier didn't pay.
Sometimes things that look too good to be true really are, but usually there's a catch. Seeing a deal that good and not checking thoroughly for the catch is just asking for trouble.
Chargebacks can seriously hurt the affected merchants. For one thing, usually the merchant has to pay a fee on top of refunding the full amount for each individual chargeback, possibly losing that fee even if they subsequently challenge the chargeback and win. For another thing, an unusually high chargeback rate overall can result in much worse terms for future card payment services or even being denied the facility entirely, which for many businesses is effectively a mortal injury.
If it's Ubisoft that was taking the money directly, this hurts them directly. It potentially even follows their officers if they move to other businesses later as well. If it's not Ubisoft taking money directly, then it hurts their resellers, and word quickly gets around that being a reseller for Ubisoft is a lousy gig. Either way, Ubisoft are losing something.
All true, but paying actual money for a licence key at an unusually low price from an unlikely source is like paying five bucks for a 60" 4K TV off the back of a lorry. If you're the recipient of stolen goods, however unwitting, the law in most places will leave you empty-handed if the goods are identified and returned to their original owner, unless you can find and take legal action against whoever sold you the goods.
I'm not saying the situation doesn't suck for the innocent party, and I'm certainly not supporting Ubisoft's generally aggressive use of DRM, but in this case it does seem that the situation is exactly analogous on-line to how the law has worked in the real world for a long time.
A human adult with average vision can't distinguish anything much above current HD resolutions from normal TV viewing distances at typical physical TV screen dimensions either. This is one of the big problems all the businesses creating flashy new 4K TVs haven't quite worked out how to deal with yet.
Meanwhile, plenty of people still have DVD players rather than Blu-Ray, because even moving to HD doesn't make much difference for a lot of material in practice, and the old "get them to buy Star Wars for the seventeenth time two step" has run out of music.
Then you have to consider the rise of on-line sources and the generally poor experience of the physical disc systems. Most of that poor experience isn't actually because of swapping discs. It's because of all the other silly things that all legally manufactured players are required using tortured legal tricks to implement, preventing otherwise obvious improvements in competing devices such as skipping to the !~%# movie straight away.
So personally, I'm expecting 4K and other very high resolution formats to flop outside of niche markets, like say luxury home cinema systems with a projector and a screen several metres across. Even where they do get adopted, I'm expecting the market to demand less messy distribution, which would make any sort of disc-based successor to Blu-Ray even less likely to succeed.
I agree with you about the difficulties of scope creep when the scope is determined by people who aren't technical experts.
I'm genuinely surprised about the Netflix-Comcast situation you described. That doesn't sound like my idea of net neutrality at all. Is that actually what some law in the US (or elsewhere) now requires, or is it just what Netflix would like a future law to require for obvious reasons?
Slashdot Mirror
No doubt we could debate a few specifics, but I couldn't agree more with your basic points that we criminalize too many things and that what consenting adults do in private is their own business.
Yes, this seems certain to be an own goal.
"We want all the perks of being taxi drivers, but none of the responsibilities. But you don't need to ban or regulate us, we're not doing any harm, just disrupting an out-of-date industry with a new business model!"
And if someone is trying to find large numbers of people from a certain demographic they don't like in order to capture and do unpleasant things to those people, do you think having a detailed profile of everyone's entire life available at the touch of a button will make this (a) harder or (b) easier?
If the parallel isn't obvious enough for you, please consider a controversial subject like gay marriage and the power of the Christian Right in the US, or the attitudes towards Muslims exhibited by some people in Europe and the rise of far right political parties in the same places.
No. Just as correlation does not imply causation but can certainly suggest a potential causal effect worth investigation, so a very clear difference but in only a small sample can suggest something worth investigating using a larger sample and proper controls. The kind of behaviour I describe has been widely reported anecdotally, so unless you've actually do have some more robust data that shows otherwise, it remains a plausible theory that the situation I described among the younger generation I know is also the case more widely.
In other words, I'm not claiming that my own experience is necessarily representative, but I am claiming that it might be until better data shows otherwise.
You're right, it's not representative; I carefully phrased it as a statement of personal experience rather than a general claim for precisely that reason.
It is suggestive of a generational change in attitude, though.
Surely you're not suggesting that there might be some correlation between people willing to answer questions on a potentially sensitive subject from a complete stranger and people who might be less concerned about government spying? That's just crazy talk!
Here's another one still: people who grew up sharing everything publicly on the Internet already take steps to conceal their true identity from anyone they don't want to share with.
Most of the generation before me use their real names on Facebook. I'm struggling to think of anyone of the generation after me who does.
In fact, I'm struggling to think of many who actually use ID-tied sites like Facebook at all, or at least not for extended periods. Multiple accounts, shifting rapidly from one platform to the next, disposable communications via the likes of Snapchat... These kinds of behaviours are almost universal for the younger generation.
Personally, I tend to think that's a very good thing. My major concern is that sometimes the technologies the kids use aren't nearly as private or as temporary as they have been led to believe: plenty of supposedly deleted Snapchat material mysteriously reappears later by one mechanism or another, popular communication tools like WhatsApp might actually be owned by data hoarders like Facebook, modern data mining techniques can still ID people with high reliability from surprisingly small parts of "anonymized" data sets, etc.
Indeed. Next week, your Jewish German grandparents are more sceptical of state surveillance than your Christian American grandparents.
Interesting story. One of the things I find most reassuring about the police service* in the UK is that they have long maintained, great consistency and at almost any rank, that good community relations are the heart of good policing. Officers who go out on patrol** have consistently and overwhelmingly said they do not want to routinely carry firearms, because that goes against the basic principle of policing by consent, and instead they tend to assume that the solution to local problems often starts with trying to improve those relations if they are failing. Concerns are also raised often by the police themselves about the balance between having officers patrolling in vehicles for rapid response and having officers literally walking the beat and actually making contact with the public. I get the feeling that police officers in certain other parts of the world have a very, very different attitude to their relationship with the public.
*I remember well that when the local police schools liaison officer visited us, he made a point of saying he didn't like the term "police force" because it had the wrong connotations before you even started to look at what the police did.
**It's curious how often police officers and politicians in some places refer to officers "on the front line", this being about as overt a military metaphor as I can think of (short of being "on the front line in the war against $ABSTRACT_NOUN" I suppose).
The key point from an ethical/legal point of view might be the warrant. The key safeguard from a practical point of view is that to plant those bugs someone has to actually visit the site and do something. This requires time, effort, and a risk of getting caught, which means it's potentially an option if you really do have a good reason to consider a specific individual to be a threat but it's prohibitively expensive to spy on everyone all of the time. As far as defending democracy is concerned, that is a much healthier balance than mass surveillance of the many by the few.
All agreed, though I am increasingly of the view that systemic bias in favour of the accused is not sufficient. Merely being dragged through the legal system even if ultimately found not guilty is sure to be stressful, time-consuming, and possibly costly in more ways than one. People who have committed even quite serious crimes are sometimes released immediately after conviction on the basis that they've already served as much or more time than their sentence -- but of course, someone who was entirely innocent and not convicted in court also served that time. Right now you're unlikely to get much financial compensation for any of that, and even less any obligation for those who caused the damage to do anything else to set the record straight or otherwise make things right as much as possible.
The more I've thought about these kinds of issues as I get older, the more I think our modern "justice" systems are no longer fit for purpose, if indeed they ever were. In particular, they take an absurd amount of time and resources to deal with trivial infractions, sometimes at a cost to all involved that is far greater than any damage done by the alleged act itself. For major cases, the court proceedings can cost millions and drag on for years, and by the time they are finally over the result is no longer relevant anyway.
I think we would probably do much better if we built on the kinds of distinction we already make about severity: misdemeanour vs. felony in the US, magistrates vs. crown courts here in the UK, small claims courts with less formal procedures for minor civil disputes, and so on. For example, I don't see why any very minor offence can't be fully tried and a judgement made within a single court session and within a matter of days after the alleged infraction. Either there is clear evidence to convict, or you acquit. If you convict in a fast track procedure, you have strict limits on the level of penalty that can be imposed.
Then for repeated minor offences within some defined time period or for more serious crimes (probably anything including violence that allegedly caused significant injury and/or damage needing repairs exceeding a certain cost, for example) you can extend the timescales involved to a degree to allow for more careful preparation of the case, perhaps increase the degree of scrutiny in terms of magistrates vs. judge and jury and allow the use of expert witnesses, and so on.
Crucial to all of this, in my ideal world, would be the idea that there was also proper compensation for anyone brought through the system at any given level but not ultimately found guilty, making it not cost effective to bring cases in the first place without a reasonable expectation of a conviction. No doubt experienced lawyers could come up with much better ideas for the specific details of any such system, but I think the idea of having more well-defined tiers with strict limits on applicability and proportionate compensation arrangements is basically a sound one.
I agree with your basic point about the need for balance. Of course there are bad people in the world and of course we need police and courts and the like.
I think the problem today is that many in our current political class don't recognise that need for balance so much as they see "them and us" and even start to forget whose side they are supposed to be on. The truly evil part of the situation is that this result seems almost inevitable. The people calling the shots are exactly the people who necessarily deal with the worst of humanity as part of their job. How could this not affect their perspective? They naturally want to trust their allies, who are the people who would be empowered under all these proposed security measures and aided by restrictions on the privacy and security of others. And of course being influential figures within the government, it is highly unlikely that they will personally ever find themselves on the wrong side of a government screw-up and unable to get the problem fixed very quickly.
I don't think these people are evil. On the contrary, I suspect most people in government, including their agents in the police and security services, are probably just normal people who have a job to do and who genuinely want to do the right thing. As with any large group, there will eventually be a few bad actors included as well and it is necessary to identify and contain them, but that isn't usually the main problem.
However, I do think we're talking about people who are heavily biased, even paranoid, because it would take a superhuman level of detachment not to be when you look at the kind of people they have to deal with at times. I also think in most cases they are ignorant about the technologies they are dealing with, and therefore unable to make rational, objective judgements about the likely effects of the technical measures they propose as policy. Finally, I think that the more senior these figures get within the government and its agencies, the more detached they tend to be from reality for average citizens and the more ignorant or dismissive they can become of how things tend to play out for innocent people in less privileged positions who are nevertheless caught up by the measures the politicians propose.
As the saying goes, power corrupts. It doesn't necessarily have to be malicious or intentional. Obviously in some cases it has been, but often I think the corruption is more of a slow but almost inevitable change in perspective caused by the situations you find yourself in when you have power to wield.
And so it is necessary for those who are looking from outside, those who don't spend disproportionate amounts of their time dealing with a particularly nasty minority of the human race, those who understand the technical issues, to speak out about what is happening and where it could lead. As with any issue of civilised government, in the long run you're going to get much further by educating people about relevant issues and promoting intelligent discourse than you are with wildly exaggerated rhetoric and extreme positions backed by intimidation and ultimately violence. The latter are seductive, and often appear quite effective in the short term, but I doubt they've ever truly solved much.
Notice that I very carefully said secure against a certain attack in my previous post. You are talking about something different to breaking the encryption technically: the xkcd attack, which any large organisation with weapons can apply, but not covertly and not without consequences if they try to apply it systematically against innocent people.
Well, if it worked for Cardinal Richelieu...
Imprison sounds like "whoops, we fucked your life", but at least isn't taking one away.
If you're locked up for years, despite having done nothing wrong, I'm not sure I see much difference.
There used to be a saying, something about it being better to let ten guilty men go free than to imprison one innocent one.
Tragically, in today's culture of politics dominated by fear, it almost seems like everyone is presumed to be guilty of something. That means the idea that it might be necessary to protect someone who might actually be innocent, or simply to leave them alone to live their lives without interference, is not given a lot of thought.
Your position seems reasonable enough from an ethical/moral standpoint. Unfortunately, in reality, a device or communication channel is either secure against a certain attack or it isn't. There is not and never can be a middle ground of being secure against a certain attack unless that attack has been lawfully authorised by a competent court.
In short, if the government wants access to your encrypted information, even with appropriate oversight, then it must require your information to be insecure and therefore vulnerable to other parties accessing it as well. If the government wants to encourage security in communications, then it must accept that covert interception of those communications will no longer be possible. You can't eat your cake and have it.
I suspect that in fact we probably agree on most of this issue then. The difficulty in this sort of case is that merely having a copy of software or other digital work (and thus fitting in just fine with traditional copyright law) is not sufficient to make that work useful if it has been artificially crippled with some sort of phone home functionality.
By its nature, that functionality might depend on a third party. That third party might have had nothing to do with the original sale to the person using the software/digital work. They may or may not want to make the software/work usable by the purchaser for commercial reasons. Most importantly at present, they may have no actual legal obligation to make the work useful even if every other deal in the process has been completely above board.
This creates a potential problem of abuse with DRM schemes, leading to the sort of case we've been discussing. It's also a real liability in terms of lots of things breaking if the authorising system is taken off-line and potentially its owning organisation isn't even there any more to be held responsible and make amends.
Sadly, I suspect there are about three elected representatives in the universe who are even close to understanding these issues. They have nowhere near enough influence to raise this issue at high levels within their legislative bodies alone, and even if they did, they'd be up against Big Software and Big Media concerned about copyright infringement and bribing other officials with substantial contributions to look that way first.
You're falling into the trap of confusing ethics and the law. Whatever you -- or I, since I expect we'd agree -- think of the ethics of the situation, so far I haven't seen anything to suggest their actions in not respecting keys used other than under the conditions they were sold with is actually illegal. The law with respect to digital purchases, DRM, and remote access/activation schemes may be some anachronistic dinosaur, but if it's the law right now then complaining about the action on a forum like Slashdot isn't going to change that.
Maybe, but for better or worse, the situation today is that Ubisoft is effectively empowered to "confiscate" keys acquired through illegitimate channels in violation of whatever terms of sale or licensing agreements those keys came with.
Now, you might argue that the law should be updated to address the rights of customers buying digital products in a more even-handed way. If you did, I'd be the first to agree. But even then, it's hard to see why those rights would or should protect someone with the digital equivalent of stolen property. If you wanted to legitimise reselling keys across borders as a matter of policy then you'd probably also need an explicit change so that DRM schemes attempting to prevent cross-border trade were prohibited and anyone operating them on a commercial basis was required to honour otherwise valid keys for any sort of activation or customer support purposes.
In that case, perhaps it's more closely analogous to paying someone abroad to buy something cheap and ship it to you, but then complaining when your delivery arrives that you got charged the import taxes your oh-so-honest supplier didn't pay.
Sometimes things that look too good to be true really are, but usually there's a catch. Seeing a deal that good and not checking thoroughly for the catch is just asking for trouble.
Chargebacks can seriously hurt the affected merchants. For one thing, usually the merchant has to pay a fee on top of refunding the full amount for each individual chargeback, possibly losing that fee even if they subsequently challenge the chargeback and win. For another thing, an unusually high chargeback rate overall can result in much worse terms for future card payment services or even being denied the facility entirely, which for many businesses is effectively a mortal injury.
If it's Ubisoft that was taking the money directly, this hurts them directly. It potentially even follows their officers if they move to other businesses later as well. If it's not Ubisoft taking money directly, then it hurts their resellers, and word quickly gets around that being a reseller for Ubisoft is a lousy gig. Either way, Ubisoft are losing something.
All true, but paying actual money for a licence key at an unusually low price from an unlikely source is like paying five bucks for a 60" 4K TV off the back of a lorry. If you're the recipient of stolen goods, however unwitting, the law in most places will leave you empty-handed if the goods are identified and returned to their original owner, unless you can find and take legal action against whoever sold you the goods.
I'm not saying the situation doesn't suck for the innocent party, and I'm certainly not supporting Ubisoft's generally aggressive use of DRM, but in this case it does seem that the situation is exactly analogous on-line to how the law has worked in the real world for a long time.
A human adult with average vision can't distinguish anything much above current HD resolutions from normal TV viewing distances at typical physical TV screen dimensions either. This is one of the big problems all the businesses creating flashy new 4K TVs haven't quite worked out how to deal with yet.
Meanwhile, plenty of people still have DVD players rather than Blu-Ray, because even moving to HD doesn't make much difference for a lot of material in practice, and the old "get them to buy Star Wars for the seventeenth time two step" has run out of music.
Then you have to consider the rise of on-line sources and the generally poor experience of the physical disc systems. Most of that poor experience isn't actually because of swapping discs. It's because of all the other silly things that all legally manufactured players are required using tortured legal tricks to implement, preventing otherwise obvious improvements in competing devices such as skipping to the !~%# movie straight away.
So personally, I'm expecting 4K and other very high resolution formats to flop outside of niche markets, like say luxury home cinema systems with a projector and a screen several metres across. Even where they do get adopted, I'm expecting the market to demand less messy distribution, which would make any sort of disc-based successor to Blu-Ray even less likely to succeed.
I agree with you about the difficulties of scope creep when the scope is determined by people who aren't technical experts.
I'm genuinely surprised about the Netflix-Comcast situation you described. That doesn't sound like my idea of net neutrality at all. Is that actually what some law in the US (or elsewhere) now requires, or is it just what Netflix would like a future law to require for obvious reasons?