Friday, August 03, 2007

Assault on liberty

The Daily Telegraph's Philip Johnston won this year's Charles Douglas-Home Memorial Trust Award for an essay on Nu Labour's ten-year assault on civil liberites.


"IN his first statement to Parliament as Prime Minister, Gordon Brown said that “Britain is rightly proud to be the pioneer of the modern liberties of the individual.” Little noticed among the cascade of pronouncements about constitutional reform, was a promise to reconsider the ban on unlicensed political protest in the vicinity of the Palace of Westminster. Mr Brown implied that when it came to balancing the need for public order with the right to public dissent, this was a law too far.

A commitment to personal liberty is only to be expected from a British prime minister, and especially from a son of the manse brought up in Adam Smith’s home town. Yet Mr Brown sat in a Cabinet that did more than any other in recent years to alter the balance in the relationship between the State and the individual.

If Clement Attlee is remembered for post-war welfare provision and the NHS, Harold Wilson for Sixties optimism, Edward Heath for joining Europe, James Callaghan for the Winter of Discontent, Margaret Thatcher for reducing the size of government and John Major, however unfairly, for sleaze then we will look back on the past ten years as marking a serial assault by the State on the civil liberties of the citizen.

To be sure, the State always wants to limit the liberties of its people. But it is normally restrained by an executive that understands the limits of illiberalism or is contained by a parliament that considers itself to be a guardian of freedoms.

For a number of reasons, neither of these brakes was applied under Tony Blair’s premiership. The huge Commons majority he enjoyed, the craven pusillanimity of his party, the implosion of the Conservatives and the consequent absence of opposition, other than in the Lords ¬ and, to an extent, in the courts – conspired with a genuine, though irrational, fear of terrorism and rising street crime to let the State take greater control over the citizen than it has enjoyed in modern peacetime...

This assault on freedom has come from all directions. Surveillance of a sophistication never dreamt of in Orwell’s worst nightmares; the gradual dismantling of the judicial protections afforded to defendants in criminal cases, even to the point of questioning the presumption of innocence; the criminalisation of dozens of activities that would never previously have been considered immoral; the limits on freedom of speech; restrictions on movement and detention without trial or even charge; and the creation of databases containing information on us all and which will track the movements of our children and theirs from cradle to grave.

Taken singly, each one of these might be considered justifiable. For instance, the removal of the double jeopardy rule in trials, whereby a suspect found innocent cannot be tried again for the same offence, may seem sensible given the advances in DNA technology. But when this is combined with proposals to give police greater summary powers or attempts are made to limit, or even to dispense with, trial by jury then the sum of the parts appears far less benign...

are we a free country any longer? Were we ever? It is said, though less often now than it used to be, that the basis of English liberty is the rule of law, under which everything is allowed unless specifically prohibited. According to AV Dicey, the 19th-century constitutionalist, this was one of the features that distinguished England from its continental counterparts, where people were subject to the exercise of arbitrary power and actions that were not specifically authorised were proscribed...

The proliferation of state databases, again very much a recent occurrence, has also rendered the concept of the private individual a thing of the past, and from the earliest age. From next year, the children’s database will go online, containing confidential details on every child in the land, including a record of school achievements, police and social services records and home address. Each child will be assigned an identifying number so that the authorities can access his or her records. This database, known as the Integrated Children’s System, is being developed ostensibly to curb child abuse, but it goes much farther than the Child Protection Register, which holds information about children considered to be “at risk”. One reason all children are to be included is to avoid “stigmatisation”. Astonishingly, this plan has attracted little public hostility, though the Joint Parliamentary Select Committee on Human Rights pointed out: “The information which may be included on the database about a child goes beyond purely objective facts about a child, such as name, address and date of birth. It includes information, such as contact details of persons providing services including health services, which may reveal very sensitive information, such as the fact that a 17-year-old girl has been referred to family planning services.”

It also includes “the existence of any cause for concern” about a child, “an extremely subjective and open-ended phrase which is almost bound to include very sensitive information.” How long will this information remain on the database? Will it be erased when the children turn 18 or will some youthful, even childish, transgression return to haunt them in adulthood? We do not know...

But we have not yet got to the main event, the ultimate weapon of state control: the national identity system. This is something that the State qua State, as opposed to an individual minister or government, has long sought to introduce. When it comes to softening up the country for an ID card, the Home Office has been prepared to play a very long game. Officials have presented every home secretary for the past 50 years with a proposal for an ID scheme."

Highly recommended and thanks to the good folks at NO2ID for the pointer.

Out of the Theater, Into the Courtroom

From the Washington Post: A teenager is facing a year in jail and a $2500 fine for recording a 20 second clip of a film in a cinema, in order to get her brother hyped up to go and see it too. Some of the folk in the entertainment business certainly know how to overreact. Personally I can't see how it can be good business practice to terrorise a long term loyal customer who was interested in promoting your product.

Tech industry complain to FTC re content cos overreaching on copyright

Here's an interesting development:

"The Computer and Communications Industry Association, which includes Google, Microsoft, and other major tech companies, has filed a complaint in the U.S. with the Federal Trade Commission over the copyright notices used by sports leagues (the NFL and MLB are named), broadcasters, movie studios, and publishers. The gist of the complaint is that these industries use notices or warnings to misrepresent consumer rights with regard to copyright law as they often warn of significant liability for copying with no mention of fair use rights."

Wednesday, August 01, 2007

California evoting machine audit shows vunerabilities

Bruce Schneier and Ed Felten have been considering the University of California reports on the review of California's evoting machines.

Schneier:

"This was a serious review, with real security researchers getting access to the source code. The report was issued last week, and the researchers were able to compromise all three machines -- by Diebold Election Systems, Hart Intercivic, and Sequoia Voting Systems -- multiple ways. (They said they could probably find more ways, if they had more time.)...

This is no surprise, really. The notion that electronic voting machines were somehow more secure every other computer system ever built was ridiculous from the start. And the claims by machine manufacturers that releasing their source code would hurt the security of the machine was -- like all these sorts of claims -- really an attempt to prevent embarrassment to the company.

Not everyone gets this, unfortunately. And not everyone involved in voting:
Letting the hackers have the source codes, operating manuals and unlimited access to the voting machines "is like giving a burglar the keys to your house,'' said Steve Weir, clerk-recorder of Contra Costa County and head of the state Association of Clerks and Election Officials.

No. It's like giving burglars the schematics, installation manuals, and unlimited access to your front door lock. If your lock is good, it will survive the burglar having that information. If your lock isn't good, the burglar will get in."

Felten:

"So far only the red team (and accessibility) reports have been released, which makes one wonder what is in the remaining reports...

The bottom-line paragraph from the red team overview says this (section 6.4):
The red teams demonstrated that the security mechanisms provided for all systems analyzed were inadequate to ensure accuracy and integrity of the election results and of the systems that provide those results.
The red teams all reported having inadequate time to fully plumb the systems’ vulnerabilities (section 4.0):
The short time allocated to this study has several implications. The key one is that the results presented in this study should be seen as a “lower bound”; all team members felt that they lacked sufficient time to conduct a thorough examination, and consequently may have missed other serious vulnerabilities...
Despite the limited time, the teams found ways to breach the physical security of all three systems using only “ordinary objects” (presumably paper clips, coins, pencil erasers, and the like); they found ways to modify or overwrite the basic control software in all three voting machines; and they were able to penetrate the backend tabulator system and manipulate election records."

Update: I also should have said there was a parallel study going on in Florida. A study by Florida State University has reported that Florida's optical scan machines are still flawed despite efforts to fix them. Further information on the study available at http://www.sait.fsu.edu/news/2007-03-05-essr.shtml

Update 2: The evoting machine vendors have attacked the California study, saying all it proves is that all computer systems are vulnerable.

Tuesday, July 31, 2007

Candian Supreme Court and the chocolate case

The Canadian Supreme Court recently ruled in the Euro-Excellence v. Kraft Foods case that copyright cannot be used as a technical legal barrier to the parallel importing of chocolate. Michael Geist tells the story better than I can.

Of course in the EU, IP holders don't need to resort to such copyright trickery. The protectionism... er... complications of the free market...

Interestingly and rarely for a copyright case the question of economic interests was central to the key opinions penned by the majority justices. Justice Bastarache wrote:

"sometimes a substantial reproduction of a copyrighted work will not be an infringement, because copyright protection is limited to protection of legitimate economic interests which are the result of an exercise of skill and judgment, and that protection must not be extended beyond its proper limits. The CCH decision thus confirms that in order to protect the essential balance which lies at the heart of copyright law, care must be taken to ensure that copyright protection is not allowed to extend beyond the legitimate interests of a copyright holder... once copyright is granted in a given work, the protection that it provides must not be extended beyond its natural limits, and must take proper account of user rights such as the right to deal fairly with a copyrighted work."

Nurses have reseravations about NHS NPfIT

From William Heath's KableNet: Nurses have strong reservations about the benefits of electronic patient records, a survey for the Royal College of Nursing has found

Photoleap

Photleap seems like a good idea - apparently it "makes it easy to send photos and videos to your friends and family."

Given the limit on the size of files that can be attached to emails it's only a matter of time before they get bypassed by something more useful. I haven't looked at how Photoleap works - utility, privacy issues etc. - but it sounds promising.