2008.05.29
Is internet privacy giving way to internet security?
There is an inherent paradox with security and privacy issues surrounding the internet. They seem to be unable to work in harmony even though their definitions are exclusive of each other. Could this be due to pressures from the music and film industries with regard to file? A look into other areas where privacy and security issues have been addressed, possibly in the area of terrorism, something to which file sharers have been accused of.
A large part of this and in fact what has brought this to light is file sharing and the problems & controversy that it is causing. ISPs are being forced to take responsibility for what their customers are downloading which means they are forced to void their subscribers’ privacy through ‘deep packet inspection’ which has issues within itself. To try and combat this, the ‘three strike rule’ was proposed which was narrowly defeated. Neither the government nor the music / film industries know how to combat illegal file sharers or ‘unauthorised distribution of copyrighted material’ so they are trying to see what EVERYONE is downloading in order to catch those few who with nefarious purposes.
Historically there has been a problem with security and privacy, none more so than during times of war. The privacy of other nations was being invaded but it was needed to ensure the security of the home nation. Is this the reason people when we examine privacy vs security within the borders of a nation? Is the problem now an international one and should it be dealt with on an international scale with all countries signing a document? There is a possible reference to the enigma machine, message encryption and code breaking. Has anything really changed since then and is it just the technology that has advanced on both sides of the current ‘cyber war’?
Why is illegal or copyright file-sharing so prolific? Is the government to blame or is it the greed of the industries which are being infringed?
Sony BMG has released their entire music collection for free, with a 10 second advert at the start of each song. It is free to download and listen to but costs to transfer to an mp3 player, for which one would hope they would have removed the advert. This is a sign that things are changing and industries are realising they cannot simply BAN everyone who they suspect is illegally getting their content. Instead they are seeing that there are other financial models that gives users’ and themselves what they want, without pressuring governments and regulatory bodies into taking foolhardy ’seen to be taking action’ actions.
The aim is to find out why we need security and why we want privacy. The key difference is in the need vs want. Security is paramount as without it we are vulnerable yet we want privacy which seems to be infringed upon by security. Can we ever find a way that we are being protected and anonymous?
People to Contact
Torrent Users – as part of the Bit Torrent community I am able to easily contact people about how they use the service. Some of the largest copyright infringement lawsuits are aimed at the users directly or at the people who provide ‘trackers’.
Torrent Trackers – such as Torrent Leech and The Pirate Bay the latter of which is a more prominent name and is currently undergoing a legal battle in Sweden which started by the Swedish police confiscated 180 servers. The site remains operational.
Phorm - internet advertising agency that have been in the media recently about violating internet privacy laws even though they tried to make their targeted ad system anonymous. Their video indicated that it was anonymous so I would be interested as to what they have violated.
ISPs - internet service providers such as BT, Virgin, Tiscali, Pipex etc. would be a great source of information with regard to the pressures they faced recently with the government’s proposed ‘three strike ban’. Luckily this was voted out, but only narrowly.
Government - contacting any area of the government that deals with this area would be very beneficial as the argument needs to have an official line in order to get both sides and ensure a balance and having a direct quote from a government official would be a fantastic example.
Sony BMG - it would be interesting to find out how long they have been thinking about their move to freely distribute their content. They are in partnership with one site which would also be worth contacting to find out how they managed to get a huge distributor to do what no one said could be done.
2008.03.31
According to an ex-xbox employee “consoles will be dead in 5-10 years”. The article says that this is because of the increase in convergence of technologies like set top boxes, media centers and mobile phones. He also says that virtualization and internet distribution will negate the need for physical distribution networks.
I think people will always want ‘dedicated consoles’ as otherwise the units would get cluttered up with unrelated ‘junk’ (like my laptop) which would inhibit the performance. I’ll always want the ’switch on and play’ console with performance that never dwindles. Otherwise it would be like playing games on my laptop… ok but not top.
Steam already release all their games via the internet as well as in stores and because a digital download costs less to distribute than a disc with loads of unnecessary (but costly) packaging, you get a great deal on the game. The downloads can be a bit slow sometimes, even if you have a big connection. I have a 20Mb connection and it still took too long. Using a peer 2 peer system might be more effective in the future and also might drive down the price as they won’t have large bandwidth and server bills.
While I agree that we will see physical distribution shrink in favour of ‘anywhere’ delivery systems over the web, the speeds needed to download entire HD films and games in an acceptable time will need to be much higher than they are at the moment. This is obviously going to happen as the speeds have been increasing steadily for years. The only way people are going to save on bandwidth however is to use a Peer2Peer style network. Not in the way that we see it today but it will definitely spawn a new generation of network for fast, easy global distribution with the emphasis on sharing ANY kind of media.
The use of peer 2 peer technologies is already seeping into the mainstream with this set-top box having a built in bitTorrent client as well as being able to play 1080i HD content - something which the Xbox 360 lacks (when playing from an external device).
To accommodate the new style of network sharing we will see the end to the traditional supplier/consumer financial model. With the high availability of ‘free’ music and films on the internet already using peer 2 peer networks I believe the answer lies in the death of the fixed price per media - rather a fixed price for access to unlimited media. Like with the internet, we started with a ‘pay for what you use’ but now we pay a fixed fee for unlimited access each month. Why couldn’t a service like this be implemented for media?
All it takes is someone to try and succeed, then others will follow. If you build it, they will come!
The legal Napster was doing this years ago but their selection of music was poor and their fees were still too high. Plus it cost extra to transfer the files to an external device such as an MP3 player or CD. I’m not sure what they’re doing now. Worth a look though.
This proves that it can be done people! Sit up and take notice!
2008.03.17
If the creator of the web itself, Sir Tim Berners-Lee, says he will change his ISP if they start to monitor his web activity then we are in a sorry state of affairs. In interview with the BBC he said “consumers need to be protected against systems which can track their activity on the internet”
Seriously, is nobody listening? Although it wouldn’t be the first time the creator of something has watched it turn into something terrible. Anyone remember the Atom Bomb?
The article from the BBC cites a company called Phorm to monitors user information etc but their site itself clearly states “Phorm technology dispels the argument that in order to make online advertising relevant for consumers you must use and keep consumer surfing behaviour or their personally identifiable information“
They also state they are “setting a new, higher standard on privacy and anonymity“.
So I fail to see what the company will do, and if it does will it violate it’s own set of guidelines?
I STILL feel this is a breach of our rights to have unmonitored communications. This is exactly what my contextual studies essay was about.
This would make me FURIOUS if this actually comes to fruition!
2008.03.04
The following is an essay I wrote as a polemic as part of a Contextual Studies elective.
Peer To Peer is an internet distribution network allowing users to share content without using dedicated servers or utilizing bandwidth. The users share information directly with each other using a centralised ‘tracker’ which directs the relevant information to the correct recipient.
‘Such networks [contain] audio, video, data or anything in digital format, real-time data such as telephony traffic is also passed using P2P technology.’
(Wikipedia - 2008)
Many small businesses use peer-to-peer to keep distribution costs low as constant downloading from web servers results in high server costs for the client and slow download speeds for the customer.
‘10Mbps connection on a 3GHz Xeon server is priced at $324 per month.’
(www.thewhir.com/)
The VoIP telephone services such as Skype also use peer-to-peer networks to enable phone calls over the internet for free for this very reason.
So why then is there so much controversy over the use of such technologies? If there are so clearly so many benefits why is the government so adamant about stricter regulations, more stringent monitoring and new legislation meaning ISPs have to track the content?
This is what makes me very angry, the government really doesn’t know what it’s talking about. The reason they want to restrict peer-to-peer infrastructure is because the technology can be used for file sharing / distribution. A subset of this is ‘copyright infringement’ whereby music / film / TV / software and games are shared without the proper licences.
‘The UK government wants to introduce a three strike system and users will be policed via their ISPs, though a decision has yet to be made whether ISPs will be allowed to share their data to stop users jumping ship to new packages.’
(www.trustedreviews.com – 2008)
Copyright infringement is one thing, but what about an infringement of a person’s basic civil rights, the privacy of their communication.
‘If the law were enacted it would turn ISPs, like BT, Tiscali and Virgin, into a pro-active net police force.’
(Darren Waters, Technology Eeditor, BBC News - 2008)
Also they would be breaking current data protection law (by sharing internet traffic data with other ISPs) but more seriously they would be monitoring what every person was looking at on the internet at any given time. What this amounts to is a modern day phone tap, which requires ‘reasonable cause’ and needs to be approved by a Justice Minister.
There are many things wrong with this, if we entertain the idea preliminarily and use the phone tapping procedure and according lawful requirements and hindrances as a base model for comparison it soon becomes clear that even if the government DID in fact enact this three strike plan, it wouldn’t work.
Firstly the government listens to around 2,200 number of phone conversations each year.
Justice Minister Michael McDowell… refused to reveal the number of phone taps he has authorised during his time in office.
(www.digitalrights.ie – 2008)
There were 2,243 phone tap warrants issued there last year. This included 66 mistakes, in which security services were listening in to the wrong numbers.
(www.digitalrights.ie – 2008)
A phone tap, or in possibly a web tap (?), must be approved by the justice minister personally and the only way you can apply for a phone tap is if you have reasonable cause to suspect wrong doing on the part of the individual or group accused. So they must have OTHER EVIDENCE to support their need for a phone tap, but in the case of a possible ‘web tap’ no other evidence will be available as the government is going to be forcing ISPs to instigate what amounts to the same as a phone-tap on ALL it’s customers all the time with no reasonable cause.
If such a practice were considered with regard to a phone tap (if a company / agency were to start monitoring people’s phones without consent for the minister or reasonable cause) then this would be regarded as a criminal act and would be dealt with accordingly.
Finally, phone tap evidence is inadmissible in court so even if a person says on the phone that they killed someone, it will not get them convicted in a court of law. So if a recorded phone conversation of a killer’s confession won’t incriminate him then how can monitoring of an individual’s internet traffic (downloads) result in a conviction or fine if the process of monitoring is the same?
Apart from the obvious legal ambiguities this approach would evidently fall rise to, what about the practical application of such a scheme? Is it feasible for any ISP to physically track not only the packets of information travelling through their network infrastructure (some of which are encrypted), but also their starting point and destination? Considering the sheer volume of data that is being transmitted, the speed at which it’s being transmitted and the current monitoring applications that are available it is an extremely unlikely event that ISPs will be able to accurately monitor a users’ data.
‘Internet providers are no more able to inspect and filter every single packet passing across their network than the Post Office is able to open every envelope.’
‘ISPs bear no liability for illegal file sharing as the content is not hosted on their servers’
(Internet Service Providers Association - 2008)
So what is the alternative to all the intrusion, monitoring and accusing? Blocking apparently as Spain have decided in 2006 to block all peer-to-peer activity on all of it’s ISPs.
‘A law enacted last week makes it a criminal offence for ISPs to “facilitate file sharing”. Added to this is a tax on recordable digital media, such as blank CDs and DVDs. The tax will go into a fund which will be shared among copyright holders to compensate for piracy.’
(Quentin Reade – 2006)
This is one way to ‘cope’ with the file sharing ‘problem’ but it’s kind of like cutting off the nose to spite the face. Spain will have greatly reduced the effectiveness of if not cut altogether its VoIP services, it’s IPTV services and any chance of getting files distributed solely via peer-to-peer network.
If the UK government’s ‘three strike’ plan is put into effect, the part of the ISPs, to ban users who download illegal content, will be soured with many wrongful accusations and subsequent applications for compensation.
‘ISPA is worried about the cost to its members if users targeted by rights holders for copyright infringement turn out to be innocent.’
(Internet Service Providers Association – 2008)
So the ISPs can’t monitor data being transferred and even if they could they would need permission for each individual they targeted, and then they would require reasonable cause for such an action to be undertaken, along with subsidisation from the government (or those fighting for the imposing of such restrictions) in case they accidently target the wrong users. So why are the government still pushing this if even the ISPA say it can’t be done with any degree of success?
‘We still need to establish the proof points’
(Internet Service Providers Association – 2008)
This is however in stark contrast to Comcast, a large US cable service provider who has been in legal battles recently after being sued for deliberately sacrificing peer-to-peer bandwidth under the pretext of ‘traffic shaping’ to reduce the strain of the network at peak times.
A Comcast customer filed the lawsuit after being fed up with slow speeds while using peer-to-peer software.
‘…a lawsuit against the nation’s biggest cable operator, alleging the company “intentionally and severely” impedes the use of peer-to-peer file-sharing applications.’
(www.multichannel.com – 2007)
A few months later, a few more Comcast customers had a similar qualm and responded in the same way by filing a similar lawsuit which prompted a review of the company’s policies and practices on ‘management’ of their network traffic for specific protocols.
‘…claims that service frequently stops or slows to a crawl when using file-sharing applications’
(www.multichannel.com – 2007)
Whereas I was expecting the lawsuit to get thrown out, surprisingly it stuck and eight months later an independent researcher discovered that Comcast HAD been ‘managing’ (also known as throttling) certain peer-to-peer protocols.
‘Comcast was secretly throttling BitTorrent and other P2P traffic’
(www.theregister.com)
Record labels and film studios need to stop fighting the system and losing; they need to rethink their own distribution arrangement and start working with peer-to-peer. A successful adoption of such technology is Napster that, for a low monthly charge, allows you to download and play as much music as you like; transfer it to an mp3 player for a small amount extra each month or burn to CD with a one-off payment.
There appears not to be a real solution to the ‘problem’ of peer-to-peer activity on the internet. The users favour it over any other download method; distributors who use it favour it over any other distribution method as it saves bandwidth on their servers and the government is obviously under pressure from film studios and record labels because of ‘copyright infringement’ and as a result must be seen to be doing something about it. The fact is there is not real way to do what they’re asking and by the time there is, technology in this area with have made another leap forward to be able to avoid / circumvent and restrictions that are put in place.
This is a serious issue that could affect the future of distribution of media.
I have been running a bit Torrent client, sharing content to users whilst writing this. Long live the revolution!