Archive for the ‘Activism’ Category

C-32 making you a criminal

Monday, June 21st, 2010

Regarding Mr. Shellenberg’s letter in support of bill c-32.

The C-32 bill before parliament this session is a reboot of the failed C-61 bill we saw die after Parliament’s dissolution in 2008. While the bill has come a small way to providing a fairer balance between industry and consumer interest there is a glaring flaw in the digital locks provision that nullifies many of these balances.

The Bill makes it illegal to break a digital lock, period, regardless of who you are or what you are doing. You may ask, “But picking locks is wrong, of course it should be illegal?”. That type of knee-jerk mental reaction is off base and wrong, here’s why.

C-32 allows for individuals to copy and transfer copyrighted contents for private use, which means you’re going to be able copy that song you bought online to a CD or your ipod or whatever new fangled device you buy in the future. You bought the song you’re allowed to copy it for your own use. UNLESS, the company you bought it from puts a digital lock on it. See you still have the right to copy it, but  in order to be able to copy it you need to break that digital lock first, the breaking of the lock is illegal even though why your breaking it is not.

Another example would be a librarian or educator, C-32 makes specific provisions in the bill for these professions to use copyrighted material, to store, copy and remix it for educational purposes. However if you’re trying to access or remix a video for a project in a Digital Arts class, or catalog and archive a digital work that’s fallen out of copyright you are stopped if the provider used a digital lock. While again these uses are perfectly legal and right, you can not exercise that right b/c of the digital lock, no matter what your purpose the act of breaking of that lock is illegal.

Finally, just a few years ago the NBA.com spent a few years selling downloadable versions of it’s games that were digitally locked. Every time you copied your legal purchase to another computer or had to reinstall Windows your digital lock had to be re-verified by an NBA.com server. This system was eventually replaced with newer technology and the lock verifier was removed. Users who had bought videos, paid money for the right to have them on their computer and to watch them as many times were suddenly unable to. Without the server they could not copy the videos to a new computer when their old one died, they could not watch them after they got a virus and had to reinstall windows, b/c the lock was broken and stuck in the locked position they could not enjoy what they had bought. Under the old law users effected by this in Canada found and shared ways on the NBA forums to remove the digital locks, this was legal b/c the act of breaking the lock was not illegal, and they had to legal rights to the content behind the lock.

I’ll cut my examples short at that, but you can be sure I have at least three more good ones just off the top of my head.

The main problem with C-32 is this digital locks provision. We need to look to the physical/real world for our guidance here. It’s not breaking the lock that should be illegal it’s whether you broke that lock for an illegal purpose. I speak from experience, as a Network Specialist I personally break digital locks all the time, I do so with a high ethical standard and for the purpose of giving access to owners who locked themselves out of their own computers or networks. Even having these tools in my bag would become illegal under this bill, I’m a professional and I wont’ even be able to do my job without breaking a ridiculous provision in C-32.

If you put your CD collection in a box and locked it you would be perfectly fine to break that lock when you lost the key. So why would you want a law that made the digital equivalent illegal.

Keith Page, Nelson BC

Posted in Activism, Censorship, Copyright | No Comments »

The Folly of CIRA WHOIS Privacy Changes

Friday, January 29th, 2010

We are currently in the midst of trying to re-obtain an expired .ca domain for one of our customers. This particular individual decided many years after a re-branding they no longer needed their old domain name and let it expire. Letting your domain expire is typical, getting it back is hard, CIRA is now making it close to impossible.

Most times a domain squatter will pick up one of these domains and advertise something benign something totally harmless like backpacks, school supplies or baby products. Although they can also host not so benign material. The particular domain squatter that grabbed this domain decided on some rather obscene content instead. The former holder being a family oriented business was shocked when customers started calling and asking why some web searches were taking them to this material.

In hurried panic we were brought in, our first step was to establish trademark rights. Did the customer own the trademark to the name itself? A little bit of digging and the whirl of our fax machine shortly produced a collection of legal documents showing the customer in fact owned the trademark completely and outright. The problem now seems like an easy win. Contact the domain holder, present the documents showing trademark, and pay their modest ransom fee to re-obtain the domain. As we found out, not so easy.

CIRA has decided recently to offer domain privacy as an option. On it’s face this is great, it stops you from being spammed, it stops other registries from sending the less tech savvy domain holders misleading renewal bills. However these protection must be balanced with the legitimate need of the Public to know who is behind a particular domain. For instance, the if domain operator has registered a domain in bad faith and is damaging the trademark holders name and reputation with obscene content one needs this information in order try and resolve the problem in  any method short of a full blown lawsuit.

Going to the Registry of the domain obviously get’s you sent back to CIRA, which does offer a privacy bypass contact form on their site. Using this form you may contact the domain holder, without any of their information being revealed. The form even says that if the domain holder does not respond to contact CIRA after two weeks.This seems like a very fair and balance solution, it protects the majority but seems to indicate that one can still obtain the information if required through a two week waiting process and by going through CIRA directly.

After waiting those two weeks and getting no response we just found out that this is in fact a farce. We received this response from CIRA today.

Individual registrant information is always private and will not be given out. You can try again to contact the registrant and hopefully they will reply. You message will be again forwarded to the Registrant’s Administrative Contact but CIRA cannot guarantee that messages will be read, and/or responded to.”

It appears that CIRA was not all that enlightened in doing it’s public duty. I’m not quite sure why they bother to even invite us to contact them after two weeks. It seems obvious that while a domain holder has a right to some privacy they also have an obligation to respond to these contacts, and if they fail to do so then they waive that right to privacy. Just as one can do a search in the public registry for who has registered a trademark, or corporation name, so too should one be able to search for who owns a domain.

Allowing domain holders to hide under a complete veil of secrecy invites all sorts of problems. As I stated earlier barriers to this information are fine and very much correct, but complete obstruction undermines the fact that this is ultimately public information. .CA is a domain property owned by Canadians, CIRA is a government body in charge or registration, and most importantly domains are publicly accessible portals.

We have a right to be able to know who is running these portals, and we shouldn’t have to resort lawsuits just to find out who is damaging a trademark. Why are we protecting the needs of domain squatters over the needs of legitimate business? Balance CIRA, balance!

Posted in Transparency | No Comments »

Google slaps the Peeking Duck.

Tuesday, January 12th, 2010

Google justified going into Chinese market by saying they would back track on that decision if their presence was doing more bad then good, aka if they became and agent of the repression instead of an agent of change. Today Google announced they are going to the Chinese Government with an ultimatum of sorts, Google.cn will be uncensored or Google.cn won’t exist.

China doesn’t need Google in a real sense, they are more then adequately blessed with technical talent, know how and search engines of their own. Google pulling out would however put pressure on other western based providers to do the same, if this cascade effect were to take place some serious pressure might come to play. Google being the big dog has the ability to cause such cascades.

Power regimes being what they are tend to be susceptible to perceived slights and therefore love to engage face saving. The Chinese may very well opt to agree to  Google request with glowing support and hearty handshakes, or they might punch Google/The West directly in the face. Both responses designed to save face.

All of this has been brought about by a recent Cyber attack on Google that originated from China. Follow ups have shown to Googles powers that be that someone was trying to get into the Gmail Accounts of Chinese Human Rights Activist. On top of that a number of other activist accounts from around the world have been routinely accessed by third parties. These are people who would generally be considered dissidents in their own countries. It stands to reason the only party interested in infiltrating their email accounts would be the Governments that they are fighting.

The legitimate concern of third parties reading your gmail/hotmail/yahoo mail brings up a question. What can be done to help people know when their account has been compromised?

Gmail Last LoginGoogle/Hotmail/Yahoo would do well to implement a last login banner in their email service to protect against this. The IP geo tagged and timestamped indicating  the last ip to login to your account would go very far in notifying concerned individuals that someone maybe reading their email, and for some people that can mean the difference between life death, or false imprisonment.

Read Googles announcement for yourself.

Posted in Activism, Censorship, Human Rights | No Comments »