Courtesy of Nat Torkington of O'Reilly and BoingBoing,
video interview with Susan Crawford about why the Internet should be treated like a utility. She’s the only policy person I see talking sense. There’s a multilarity coming, when a critical mass of everyday objects are connected to each other via the Internet and offline devices become as useful as an ox-drawn cart on railway tracks. At that point it’s too late to argue you need affordable predator-proof Internet, because you’re already over the (sensing, e-ink covered, Arduino-powered) barrel.
In some countries, it would be obtaining a service (the takedown) based upon a false and fraudulent pretense. That's a criminal offence, and an injured party can call upon the Crown to prosecute it as such. Consult a lawyer in the jurisdiction in question, get a quote and take them with you to the fraud squad, to ensure the process happens correctly. It's arguably hard to do correctly in the U.S, as suggested by the low number of convictions reported...
This is a classic solved problem in computer science: chose an algorithm that you can support in the generation of machines you plan to deploy, even if it's slow in the lab.
MIT specified an amazing fast processor for Project Athena, an entire 1 MIPS. Unheard of! Of course, it was perfectly normal when Athena rolled out. [Origin: the guys there explaining we could use the DEC 2100s we already had at York if we wanted to deploy Athena]
To be fair, he's proposed a classic solution to a queuing problem, albeit from outside. My usual response to "I suggest X" in such a scenario is a quick sanity check followed by "do you volunteer to implement it?"
We're seeing a natural result of a lack of refactoring (;-))
The law in this area is now complex enough that one can easily hold two mutually contradictory opinions with decent precedent for both. That calls for a superior court to disambiguate them, and/or a legislature to set a legislative intent and test.
And yes, this means that antitrust law is suffering from technical debt.
Yup!
Some days I think judges and (in this case) lawyers are the politest people in the world, even more understated than the English. I'm just hoping this chap is as polite and implacable as an englishman who's luggage has been stolen in a foreign country.
--dave
[* Historically, killing englishman was OK, but stealing their luggage could get your country a new and improved government, or at least a visit from the Fleet (:-)]
Thanks of the background information! We have several telcos, but they tend to be later generations of the Ma Bell family, roughly one per province. They in turn own non-regulated cell companies, who compete mostly nation-wide.
The things which, IMHO, need to be regulated monopolies are the companies who own the poles in front of my house. One set carries the wires for the local baby Bell, the other carries hydro and the TV cables. As you might guess from the first paragraph, there is one cable company in any given area, often province-wide.
I'd be perfectly happy to ease up Bell and Rogers Cable* if we had a common carrier that they didn't own outright, have a huge stake in, or have overlapping boards with.
--dave
[* To paraphrase a friend, "The company to go to when Bell isn't hard enough on you"]
I like that: I'd only hash data about recipients, locations, etc, but not sender and duration, so I could use it when disputing usage with the phone's owner.
Thanks!
I wonder if we could encrypt the sensitive bits with the phone's public key, so the owner could read the details off the bills but we couldn't???
Of course, but they keep everything for long periods of time, not just what they need. It's stupid, and causes them some horrendous capacity problems. I've been on several diagnosis gigs where telcos couldn't complete a month's billing in a month... which is known in the trade as "we're going out of business soon".
To be fair, they're mandated to do so by the RCMP and CSE, who use them as an unpaid organizer for fishing expeditions.
The cell companies I know reduce them to statistical information as soon as they're allowed to.
I entirely agree it's better the security services not have the data without a warrant, but I'd still prefer the phone companies obey the privacy laws in the first place, and not have motivated CSE, NSA and their friends to mandate their keeping it for even longer.
Oops, you have older equipment than I have encountered! (My former landlady ran a crossbar switch, though (:-))
Cell companies in Canada are required to keep all their call data records for some multi-month period: I tried to get one to throw CDRs for fixed-rate plans away, and they couldn't. The tried moving them to a different relation on the same array and still bogged the system badly. They finally pre-archived them to a different array and were then able to complete calls* during the billing period...
Libraries are smart: as soon as the book comes back (or is paid for if lost/damaged), the records are expunged.
--dave
*They also claimed there was no capacity problem: I think they're bankrupt now
Phone companies need call detail records ("CDR"s) to do their billing, which happens monthly. After thgat they have no business need for the data, and retaining it has been an "attractive nuisance", and tempted governments into demanding they hand it over.
The only good thing about this is the idea that, after getting a legal subpoena, the phone company will stream data about new calls. That's the valuable stuff when you're trying to catch a crook or spy, once you've identified them. Historical records are useful if you're trying to identify other possible crooks/spies, with some overlap between the two.
US courts have held that there are privacy rights and limitations on the military, in part based on a constitutional prohibition on quartering soldiers in private homes (?!). The extent of rights to retain private data varies from state to stare, and is, IMHO, weaker than in Canada and much weaker in the EU. Thus my comment about jurisdictions not honouring rights, including ones their constitutions seem to enumerate.
The big consideration is what private data is kept. If the material is, for example, public court reports, then they're absolutely fine to retain and distribute them. If they're material seized under a court order, they can keep them until all appeals have been exhausted and the parties have been dead for some years, or for a stated period of years. If they're material that they don't have a lawful reason to retain, then they need to clean it out. If it's material they are prohibited from having (e.g., social insurance numbers of non-criminals) they they need to delete them forthwith, or be prosecuted.
The same logic applied to retaining copies of another police force's information, and applies to requests as well: if my police force wants material they need a reason to make the request, it has to be one the courts have previously approved, and they have to enforce the same limitations on other who want copies from them.
"Fishing expeditions" are strongly disapproved by the courts, and this kind of fish-factory-like collection has been treated harshly in Canada. I'll be interested in seeing what happens in the the U.S!
I'm interested in the bill, as I've not seen a trackable reference to it previously. Could you post a link?
I'd hope the constitution still applies to them, and that they get warrants to collect information form other policing agencies. [See the other comment, too, re limited powers of the military in peacetime]
Even King John was subject to the law (although he certainly didn't want to be), and policing agencies in the US are subject to the constitution.
A policing agency in most jurisdictions can keep records about persons they are investigating, and about their own investigations, but generally require a court order to get anyone else's information.
A military policing organization is much more restricted. For example, QR Army granted the Canadian Provost Corps unusual powers over soldiers, but because of that strongly restricted their powers over civilians outside of the field of battle.
Sharing information between security services, policing agencies and private businesses is now a subject of debate, with the Canadian government forbidding CSE (our NSA equivalent, a military establishment like NCIS) from getting information about Canadians from foreign security services without a warrant. Other jurisdictions allow differing degrees of sharing without warrants.
Failing to share has also come into question: the NSA and the FBI have earned criticism for failing to share warnings of "imminent danger".
And, just to make it more exciting, in certain* jurisdictions, police are allowed to break the law. This blows up the Magna Carta and takes us back to square one!
--dave
[* In Hawaii, police can have sex with prostitutes. Source: google news, yesterday]
Which would be something one wouldn't want to admit in front of the Privacy Commissioner of Canada (:-))
She's an officer of Parliament, and doesn't answer to the party in power*.
--dave
[* Which causes parties in power to worry about being called out near an election. Note the current push to geld theenforcement branch of Elections Canada, after they publicly chastized the party in power breaking the funding law]
Slashdot Mirror
Courtesy of Nat Torkington of O'Reilly and BoingBoing, video interview with Susan Crawford about why the Internet should be treated like a utility. She’s the only policy person I see talking sense. There’s a multilarity coming, when a critical mass of everyday objects are connected to each other via the Internet and offline devices become as useful as an ox-drawn cart on railway tracks. At that point it’s too late to argue you need affordable predator-proof Internet, because you’re already over the (sensing, e-ink covered, Arduino-powered) barrel.
In some countries, it would be obtaining a service (the takedown) based upon a false and fraudulent pretense. That's a criminal offence, and an injured party can call upon the Crown to prosecute it as such. Consult a lawyer in the jurisdiction in question, get a quote and take them with you to the fraud squad, to ensure the process happens correctly. It's arguably hard to do correctly in the U.S, as suggested by the low number of convictions reported...
I would expect it to be updated, just like the updates to ssh that have added newer encryption schemes. We're talking IETF, not Telcos!
This is a classic solved problem in computer science: chose an algorithm that you can support in the generation of machines you plan to deploy, even if it's slow in the lab.
MIT specified an amazing fast processor for Project Athena, an entire 1 MIPS. Unheard of! Of course, it was perfectly normal when Athena rolled out. [Origin: the guys there explaining we could use the DEC 2100s we already had at York if we wanted to deploy Athena]
--dave
To be fair, he's proposed a classic solution to a queuing problem, albeit from outside. My usual response to "I suggest X" in such a scenario is a quick sanity check followed by "do you volunteer to implement it?"
We're seeing a natural result of a lack of refactoring (;-))
The law in this area is now complex enough that one can easily hold two mutually contradictory opinions with decent precedent for both. That calls for a superior court to disambiguate them, and/or a legislature to set a legislative intent and test.
And yes, this means that antitrust law is suffering from technical debt.
--dave
Yup!
Some days I think judges and (in this case) lawyers are the politest people in the world, even more understated than the English. I'm just hoping this chap is as polite and implacable as an englishman who's luggage has been stolen in a foreign country.
--dave
[* Historically, killing englishman was OK, but stealing their luggage could get your country a new and improved government, or at least a visit from the Fleet (:-)]
That's snail-mail he's talking about.
(Courtesy John Winterton)
Thanks of the background information! We have several telcos, but they tend to be later generations of the Ma Bell family, roughly one per province. They in turn own non-regulated cell companies, who compete mostly nation-wide.
The things which, IMHO, need to be regulated monopolies are the companies who own the poles in front of my house. One set carries the wires for the local baby Bell, the other carries hydro and the TV cables. As you might guess from the first paragraph, there is one cable company in any given area, often province-wide.
I'd be perfectly happy to ease up Bell and Rogers Cable* if we had a common carrier that they didn't own outright, have a huge stake in, or have overlapping boards with.
--dave
[* To paraphrase a friend, "The company to go to when Bell isn't hard enough on you"]
I like that: I'd only hash data about recipients, locations, etc, but not sender and duration, so I could use it when disputing usage with the phone's owner.
Thanks!
I wonder if we could encrypt the sensitive bits with the phone's public key, so the owner could read the details off the bills but we couldn't???
Of course, but they keep everything for long periods of time, not just what they need. It's stupid, and causes them some horrendous capacity problems. I've been on several diagnosis gigs where telcos couldn't complete a month's billing in a month... which is known in the trade as "we're going out of business soon".
To be fair, they're mandated to do so by the RCMP and CSE, who use them as an unpaid organizer for fishing expeditions.
I entirely agree it's better the security services not have the data without a warrant, but I'd still prefer the phone companies obey the privacy laws in the first place, and not have motivated CSE, NSA and their friends to mandate their keeping it for even longer.
Oops, you have older equipment than I have encountered! (My former landlady ran a crossbar switch, though (:-))
Cell companies in Canada are required to keep all their call data records for some multi-month period: I tried to get one to throw CDRs for fixed-rate plans away, and they couldn't. The tried moving them to a different relation on the same array and still bogged the system badly. They finally pre-archived them to a different array and were then able to complete calls* during the billing period...
Libraries are smart: as soon as the book comes back (or is paid for if lost/damaged), the records are expunged.
--dave
*They also claimed there was no capacity problem: I think they're bankrupt now
In the above title, I had said "> 30 days", but /. removed the greater-than symbol
Phone companies need call detail records ("CDR"s) to do their billing, which happens monthly. After thgat they have no business need for the data, and retaining it has been an "attractive nuisance", and tempted governments into demanding they hand it over.
The only good thing about this is the idea that, after getting a legal subpoena, the phone company will stream data about new calls. That's the valuable stuff when you're trying to catch a crook or spy, once you've identified them. Historical records are useful if you're trying to identify other possible crooks/spies, with some overlap between the two.
Indeed: the answer to the question is a venn diagram, not a boolean (:-))
Ah, sorry, I thought there was a new law I didn't know about. Thanks! --dave
Whoops, fish factories just came up on slashdot, at http://yro.slashdot.org/story/..., including discussion of general warrants
US courts have held that there are privacy rights and limitations on the military, in part based on a constitutional prohibition on quartering soldiers in private homes (?!). The extent of rights to retain private data varies from state to stare, and is, IMHO, weaker than in Canada and much weaker in the EU. Thus my comment about jurisdictions not honouring rights, including ones their constitutions seem to enumerate.
The big consideration is what private data is kept. If the material is, for example, public court reports, then they're absolutely fine to retain and distribute them. If they're material seized under a court order, they can keep them until all appeals have been exhausted and the parties have been dead for some years, or for a stated period of years. If they're material that they don't have a lawful reason to retain, then they need to clean it out. If it's material they are prohibited from having (e.g., social insurance numbers of non-criminals) they they need to delete them forthwith, or be prosecuted.
The same logic applied to retaining copies of another police force's information, and applies to requests as well: if my police force wants material they need a reason to make the request, it has to be one the courts have previously approved, and they have to enforce the same limitations on other who want copies from them.
"Fishing expeditions" are strongly disapproved by the courts, and this kind of fish-factory-like collection has been treated harshly in Canada. I'll be interested in seeing what happens in the the U.S!
I'm interested in the bill, as I've not seen a trackable reference to it previously. Could you post a link?
And this wasn't from him, anyway: see https://firstlook.org/theinter...
See also https://firstlook.org/theinter...
I'd hope the constitution still applies to them, and that they get warrants to collect information form other policing agencies. [See the other comment, too, re limited powers of the military in peacetime]
Even King John was subject to the law (although he certainly didn't want to be), and policing agencies in the US are subject to the constitution.
A policing agency in most jurisdictions can keep records about persons they are investigating, and about their own investigations, but generally require a court order to get anyone else's information. A military policing organization is much more restricted. For example, QR Army granted the Canadian Provost Corps unusual powers over soldiers, but because of that strongly restricted their powers over civilians outside of the field of battle.
Sharing information between security services, policing agencies and private businesses is now a subject of debate, with the Canadian government forbidding CSE (our NSA equivalent, a military establishment like NCIS) from getting information about Canadians from foreign security services without a warrant. Other jurisdictions allow differing degrees of sharing without warrants.
Failing to share has also come into question: the NSA and the FBI have earned criticism for failing to share warnings of "imminent danger".
And, just to make it more exciting, in certain* jurisdictions, police are allowed to break the law. This blows up the Magna Carta and takes us back to square one!
--dave
[* In Hawaii, police can have sex with prostitutes. Source: google news, yesterday]
She's an officer of Parliament, and doesn't answer to the party in power*.
--dave
[* Which causes parties in power to worry about being called out near an election. Note the current push to geld theenforcement branch of Elections Canada, after they publicly chastized the party in power breaking the funding law]