Two Cultures?

by on July 6, 2007 · 0 comments

Don Marti, a writer for LinuxWorld, describes “the other side” of the software patent debate:

To the “think tank” types [on the Technology Liberation Front], lawyers are basically free and software innovation is hard to get. Most of the think tanks are in Washington, DC, where you can’t swing a cat without hitting a bunch of lawyers. To a think tank staffer, it’s just as obvious that you’d get a lawyer to patent your software idea as that you’d back up your files. Lawyers are background noise, and software innovation is something that you see on the cover of Wired and wonder “how did they do that?” (If there’s a breeze on Technology Liberation Front, it’s all the pro-software-patent posters hand-waving the transaction costs.)

To the people opposed to software patents, lawyers are expensive, and software innovation is abundant. As a working programmer with a white board, software innovation comes to you faster than you could actually get the software working, so software innovation might as well be free. The limiting factor in producing software value is debugging, testing and integration time, not patentable ideas.

In the real world, transaction costs around software patents—mainly the price of lawyers—matter way more than the think tankers are able to see, what with taking swarms of lawyers for granted. And software innovation, to most people, isn’t just a nusiance that leaves you with a stack of notes and half-baked programs, it’s actually rare.

Is this a fair criticism? One of the things I like about TLF is that we have a non-trivial number of both lawyers and geeks in our audience, so there’s some opportunity for these “two cultures” to become better acquainted with one another’s perspectives.

TechCrunch has a write-up of a Belgian court ruling, based on the EU copyright directive, that Internet Service Providers bear responsibility for stopping illegal file-sharing on their networks. Apparently, though, the ruling doesn’t create a general obligation to monitor.

We get a lot of benefit from treating ISPs as common carriers, empty vessels without any obligation other than to serve their customers. I wrote a piece in Regulation magazine a while back arguing against imposing a responsibility on ISPs to control viruses. Though they can do so as a service to customers, requiring it of them sets a precedent that leads to all kinds of regulation and monitoring being imposed through the ISP bottleneck.

No TPW This Week

by on July 5, 2007 · 0 comments

The podcast is taking the week off. In the meantime, check out the smart comments on last week’s episode. This one from john b. was particularly interesting:

Your discussion of discovery was a bit off. (1) Coca Cola actually *was* once required to divulge a formula in discovery. It refused to comply. Famous case in lots of CivPro casebooks. (2) The usual result of not divulging information requested in discovery is that all inferences are drawn against you that could be reasonably drawn from the evidence. In this case, the inference would have to be that the code was flawed and threw off the election results. Or, they could simply do what happens routinely in such matters and work with the judge and opposing counsel to keep the discovered material private and so on. Their choice.

We’ll be back next week with fresh content for your listening pleasure.

Longtime TLF readers may recall the Great Shopping Cart Debate of 2006, in which Jim Delong, Jim Harper, myself, and others made increasingly strained analogies between DRM and those wheel locks you find on shopping carts.

At the time, the debate was entirely theoretical, since the shopping cart cartel had succeeded in keeping a tight rein on the supply of shopping cart circumvention devices. Well no longer. Slashdot reports that some troublemakers have reverse-engineered those shopping cart wheel locks:

The two major shopping cart theft prevention systems are called CAPS and the GS2. From our escapades, we have found the GS2 system is far more effective at actually stopping carts on smooth ground. It also has a longer range (!) and a more sophisticated locking and unlocking signal. Best of all, it can be reset remotely, meaning double the fun as you play “red light/green light” with unsuspecting customers.

The picture below is of the GS2 wheel, found only at your finer supermarkets.

Discussion topic for the day: it appears that such a device could be used to steal shopping carts, at least the type of cart that can be reset remotely. If that’s true, should these “circumvention devices” be illegal? Should information about them be illegal? If someone wrote software that could be installed onto software-defined radio to perform the same function, should that software be illegal?

Secrecy is Unsafe

by on July 5, 2007 · 2 comments

There’s a commendable piece called “Strictly Confidential” (summarized; full article behind paywall) by Jacob Shapiro in the current issue of Foreign Policy.

Shapiro makes an intelligent case that opening government improves security. “When government officials curb access to information,” he writes, “they cut themselves off from the brain power and analytical skills of a huge community of scientists, engineers, and security experts who are often far better at identifying threats, weaknesses, and solutions than any government agency.” Shapiro provides a couple of examples where openness has improved security systems.

“Putting information behind lock and key does not make targets safe from attack. It leaves security analysts unable to find solutions to other weaknesses in the future. It also leaves government and industry less motivated to find safeguards of their own.”

Good stuff.

Over at Ars, Ryan Paul has a great article that analyzes Microsoft’s contention that free software firms are refusing to facilitate interoperability with Microsoft’s products:

Echoing similar statements already made by Mandriva CEO Francois Bancilhon and Ubuntu founder Mark Shuttleworth, Paul Cormier, Red Hat’s executive vice president of engineering, tells eWeek that his company is still very eager to pursue interoperability collaboration and “solve real customer problems without attaching any unrelated strings, such as intellectual property.”

Microsoft’s senior vice president for server and tools, Bob Muglia, denies that intellectual property issues are unrelated to interoperability. Although Muglia concedes that there are still ways to achieve interoperability without indemnification agreements, he thinks that Linux distributors “haven’t actually solved the customer’s interoperability problem unless [they] have also solved the licensing issue.”

Continue reading →

From time to time concern has erupted over the tendency of P2P filesharing software to “share” user files and directories that the user would not want shared–excel files, for example. Identity thieves were known to be mining shared files for social security numbers. Software distributors have several times denied that this continues to be a problem. Apparently that is not so. A new report from the Copyright Office shows that the problem is very much much a current one, and that filesharing software continues to default to settings that share much much more rather than less, sometimes covering the default with deceptive screen displays. TheHouse Committee on Oversight and Government Reform has taken an interest.

Privacy advocates, so far, have not; buy in too far to “business is bad” ideology (ironically perpetrated by Hollywood) and one ends up not being able to see what is right in front of one’s face.

Continue reading →

WASHINGTON, July 3, 2007 – The Federal Trade Commission intends to monitor the information that telecom and cable companies provide about high-speed Internet service in the service plans they offer to customers, according to a report issued last week by the agency.

The FTC asserts in the report, released on June 27, that since it has jurisdiction over matters involving consumer protection, it “will continue to enforce the consumer protection laws in the area of broadband access.”

Continue reading →

This very fine Ars story on the emergence of contactless payments is a terrific opportunity to spot examples of people minding other people’s business.

Example 1, Federal Reserve minding consumers’ business: “The Federal Reserve sets rules for receipts, and last week the Feds said that purchases of $15 or less don’t even require a receipt now, let alone a signature.”

I’m sure the Federal Reserve cares, and I’m sure they’ve done a careful job, but I really think that the need for, and content of, receipts can be hashed out among buyers and sellers. I now wonder how many billions of receipts are handed out each year because of this “protection.” (If it’s one billion more than consumers actually want and need, think paper, ink, print mechanism, and a second or two of people’s time x 1,000,000,000 – costs all borne by consumers directly, or indirectly in the form of higher prices, without a commensurate benefit.)

Example 2, Security researchers minding credit card companies’ business: “Security researchers independent from credit card companies are sounding alarms, while the credit card companies themselves believe that they have the right balance of security and functionality.”

The researchers care, and they want the best possible system, but they’re security researchers. Almost by definition, they are going to overweight security.

Payment systems are actually supposed to balance many competing interests, security being just one. Others include convenience, level of repudiability, privacy, and so on. So long as the credit card associations bear the risk of loss (and in these low-dollar transacations, they do), security is the credit card associations’ problem.

(Yes, the costs of insecurity are also passed to merchants and consumers. The solution that will keep these costs in check, yet in balance with other demands on the system, is competition among credit card associations and among payment systems for both kinds of customers. The job of each credit card association is then to constantly tweak the mix of interests its products serve. With each tweak, it aims to bring more customers on board than it loses.)

If the researchers convince the Fed to hold up experimentation with RF payments, that’s two busy-bodies getting together to run transactions for which consumers, merchants, and credit card associations are supposed to be responsible.

When lines of authority break down, results suffer. No one is better positioned to balance risks than self-interested parties.

Faithful readers will recall that I frequently pen essays responding to calls by politicians or other critics to regulate media content or the Internet “for the children.” One of the most intriguing things about these calls to regulate to protect children is that they are seemingly completely devoid of any historical perspective. Politicians or critics either imply or state directly that children are at grave danger from media content or the Internet, but I think we’ve lost all perspective about what really harms kids.

Cynthia Crossen of The Wall Street Journal has an excellent column on this issue today entitled “Lemonade Stands? Children Used to Toil 14 Hours, Every Day.” She notes that:

about a century ago, some two million American children between 10 and 15 years old had “gainful employment,” according to census data. And unlike teenagers with summer jobs now, these children often worked 12- or 14-hour days, seven days a week. Most of them worked on family farms, but others were employed in mines, mills, canneries or city streets, polishing shoes, hawking newspapers or delivering messages. They attended school sporadically, if at all.

For industrial employers, young workers were cheap and tractable. They could do simple, repetitive tasks for long hours, and their small size often worked to their advantage. To many people, it seemed as natural for children to work in factories as it did to work alongside their parents planting seeds, washing dishes or milking cows.

That really gives you some appreciation for how far we’ve come, doesn’t it? I’ll take the problems we have today versus those of 100 years ago! And I feel the “harm” associated with media content or the Internet is something most parents can handle on their own without resorting to government regulation.

I do not mean to completely belittle concerns about online child safety or access to inappropriate media content — after all I just wrote a whole book entitled “Parental Controls & Online Child Protection“! But I do think we need to put things in a little perspective when it comes to “child safety” and appreciate the strides we’ve made.