Tech Politics - Technology Issues in Plain English

First of many posts regarding the RIAA and MPAA

2008-03-25T16:06:00.004-04:00

As this is a very hot issue, and one very central to many a technology-in-politics flavored debate, you will hear from me often on the subject, as there is a lot of ground to cover, and I just so happen to have a lot of strong opinions on the matter.

First off: The premise.

In June of 1999, a little piece of software debuted called Napster. This software allowed its users to trade music files directly, without the need for a central file server, as is customary in most other internet transactions. This allowed for users to trade copyrighted material in a manner that was highly unregulated, and difficult to track. All of a sudden, millions of people (who were not previously members of hardcore newsgroups and private server rings) realized that they could get the music they wanted without having to pay for it. It was, of course, not legal. However the ease of use, and the relative anonymity placed it a far gaze from shoplifting that same CD from the mall.

This led to the advent of what would become a multi-million dollar industry: Litigation of intellectual property for profit. Simply put, record companies used their deep pockets and high connections to figure out who had been "stealing" from them, and then proceeded to sue the pants off of them, in an effort to apply a tourniquet to their hemorrhaging bottom lines.

It is important to note at this point, when there was a revolution in the way a lot of people sought out their favorite music, another revolution was happening simultaneously. People, courtesy of Napster, and the numerous similar download services to follow, were getting used to the idea of obtaining only the music they wanted. In the case where a customer wanted to purchase the song he or she heard on the radio, they would be forced to buy the CD, which had packaged with it a dozen songs that they could care less about. In same cases, they might enjoy these songs, and in some cases, not. When downloading music became popular, consumers realized there was a way to go out and find only the song they wanted, and leave the rest alone.

Napster became very popular, very fast. Particularly in the college demographic, people used Napster to download literally gigabytes of unpurchased music. When one Napster user bought a CD legitimately, they would upload it, and soon the disc would be available to millions of people. Quite expectedly, there was a major backlash from both the recording industry, and also individual artists, who felt particularly slighted from this shift in thinking. Some of you may recall the way that Metallica became villains overnight when they brought forth lawsuits against numerous people; suing them for illegally downloading their songs. While artists such as Metallica had a legitimate beef, their quick and severe brand of justice brought considerable bad PR for them from the consumer base.

Napster was eventually shut down through numerous legal threats. However, as the concept behind the software had also been disseminated in a similar fashion to the songs it delivered, many similar services quickly popped up to take up the slack. Most of these were known as Peer-to-Peer download services, behind a technology called Gnutella. Some of these included Morpheus, LimeWire, Kazaa, and BearShare. These, for the most part, also allowed the trading of virtually any other type of file, well beyond the realm of recorded music. The rate at which pirated software, movies, books, and television shows began to skyrocket.

As these services were systematically shut down (all but LimeWire have been more or less forced out of existence. LimeWire has survived on the intent to "go legit" by offering paid downloads and ad-sponsored links. Coincidentally, LimeWire, and before it, Kazaa, happen to be one of the largest sources of spyware in the world), one new technology rose from the ashes, and became the one force to be reckoned with. The technology is known as BitTorrent, and was developed by Bram Cohen in April of 2001. BitTorrent was everything good about its predecessors, and none of the bad. It more or less perfected the anonymity factor between users, and without a centralized searching function, left no paper trail to follow for investigators trying to catch file sharers in the act. BitTorrent files are traded through use of a "tracker" file, which gives the necessary details to download the file, not from one user, but collecting pieces from potentially thousands of people with identical copies of the sought-after file. Because the tracker files are listed on independent websites, who do not actually carry any of the offending files, the means by which the RIAA and MPAA have used in the past to track their quarry were obscured to the point where ZERO lawsuits have been filed against file sharers using the BitTorrent protocol.

The Recording Industry Association of America (RIAA) and the Motion Picture Association of America (MPAA) quickly became the face of opposition in these matters, where individual artists either bowed out due to the poor image which resulted from striking out at their fans, or for other reasons, such as sympathy for a change in the market. Both organizations began storming the country with threatening letters, demanding settlements, usually in the neighborhood of about $30,000, in exchanging for any alleged downloading that may have taken place. Those who decided to fight these allegations were generally met with astronomical damages in the event of a loss in court.

It was during this phase where the water got muddy. While the sharing of copyrighted material is against the law, there are numerous important issues that are generally cast aside by the recording/motion picture associations. First of all, there have been numerous stories about full-out raids of people's homes in which SWAT teams have sometimes been deployed, as part of the investigation of file sharing cases. This is something that should be taken of particular note, as trading copy-protected material is a CIVIL offense, not a CRIMINAL offense. The difference being that CIVIL matters are handled by individual entities, and generally result in financial punishment, whereas CRIMINAL offenses are handled by the state or federal government, and generally result in jailtime. To raid a person's house in relation to a civil matter shows a grossly weak willed, and misinformed local authority, and worse, a potentially corrupt one. The use of potentially deadly force was never intended to resolve civil matters. Period.

Also, the RIAA in particular began to send threatening letters with less caution, sending letters, and at times bringing charges against people to whom there was little or no evidence of file sharing. Because the **AA had a team of crafty lawyers, often these notices were served with little or no time in which to mount a legitimate response, even in the event of innocence, before a summary judgement was rendered against them. In other cases, people were forced to pay the ~$30,000 settlement because they could not afford to adequately defend themselves against a well funded adversary.

The **AA legal teams continued to display questionable legal morals, apparent when challenged with any sort of public discovery of evidence, cases were summarily dropped to avoid revealing any lack of evidence on their part.

While the act of sharing copyrighted material may be illegal, the **AA has proven themselves to possess considerably looser morals. This can be seen in the many instances in which the **AA has been investigated by local authorities for RICO offenses (tactics punishable under legislation to prevent Mafia and organized crime activities). There have also been recent victories by the consumer to force these organizations to stand trial, as opposed to their usual tactic of cutting and running anytime a reasonable opposition is mounted.

Also to be noted is the fact that there are several legitimate uses for file sharing. The Linux operating system exists under the umbrella of Open Source Software, that is, in most cases, designed to be freely distributable. Because Linux programs and operating systems can vary in size from a few megabytes to a few gigabytes, BitTorrent is an ideal technology in which to convey free software to numerous users. However, BitTorrent as a whole has been vilified by the **AA as an illegal act, and many actions are now taking place in Congress and many major telecommunications companies to disable or discourage the use of the BitTorrent protocol.

This has led to intense lobbying my the **AA associations as well as partnering organizations to get large internet carriers such as Comcast and AT&T to either throttle down the bandwidth they offer to their customers, to "shape" the bandwidth in such a way that it blocks the specific traffic originating from BitTorrent connections, suspending service for users with high bandwidth records, or monitoring of internet traffic. Or, some or all of the above.

There are numerous ethical and legal reasons why these various techniques are being fought by consumers. The most apparent one is in the case of monitoring as it violates many, many laws enacted both to protect the privacy of consumers, as well as keep telecom carriers immune in the event that illegal or actionable activities occur over their lines. If an email passes from one person to another containing company secrets, the people involved are at risk, and not the carrier who allowed the email to go from one party to the other. This is for everyone's benefit.

Also, many carriers have been caught throttling down the bandwidth of users who have the tendency to use higher amounts of bandwidth on a regular basis. This has also caused a great deal of outcry from the public, as many carriers have advertised certain available speeds (e.g. 7Mb per second) which is marketed as unlimited. These carriers have then gone and suspended service to people that operate their internet connections at their peak for sustained periods. In essence, they are being penalized for utilizing the bandwidth they were promised by the internet provider. Comcast has been in the news lately for this topic, as well as attempting to disable use of the BitTorrent client without notifying their customers. The FCC is currently investigating them for this, as among other things, it is a direct violation of their own Terms of Service agreement.

This is a good stopping point for now. I will continue this series later this week, speaking both of the history of the debate, as well as the legal and ethical issues, and my personal opinions. Stay tuned!

FreePress.net

2008-03-21T11:58:00.005-04:00

I wanted to point out any interested readers to these guys. If you find yourself in a position of what is sometimes known as "voter outrage" over media and technology issues, this is a good site to find easy and effective ways of letting the powers that be hear your voice. FPDN is the parent organization for SaveTheInternet.com, and StopBigMedia.com. I think you can get a general guage on their motives from the names of their websites. Whenever a bill is introduced that affects the way the public interacts, these guys are usually working on ways to make sure congress votes in favor of the public, and not large corporations.

Now, I will say that while I tend to agree with most of what these guys tend to say, I will make sure I mention that this is a governmental lobby. That means that while their cause may be admirable, they will do as much as they can to get as many people as they can to see things from their point of view. They seem to have scruples when it comes to this, unlike other lobbyist groups, but I would advise at least doing your own research. I like these guys, but I'm against lobbyist groups in general. Please try to make up your own mind about the issues, and don't let an organization, FPDN or any other, tell you what to think.

So, with that addendum aside, I will say these guys fight the fight for the little guy, and I'm all for that. I sign up for their email updates, and I get an email from them anytime something is shaking in media or internet legislation. Usually they will link to a form letter or email you can send to your congressman (or whatever governing body is in question). It's actually about the easiest way to get your voice heard. They usually send you to a page on their site, where all you have to do is enter your home zip code, and it will tell you who your elected officials are, and give you the option of sending the form letter with just a few mouse clicks. Usually there is some text in there about how a letter is better than an email, and a phone call is better than a letter. I'm going to go ahead and agree there. I would also recommend that you might want to read that form letter, then go ahead and type one up on your own. The more personal the communication, the better chance you have of your congressman not just casting it aside in what I am sure is a sea of correspondence they get on a regular basis. If it's important to you, make sure you study up on the issues (nothing worse than getting to talk to the head honcho and not having your facts straight) and pick up the phone. Or, better yet, make an appointment if you live nearby. Be prepared to wade through a lot of subordinates. These people are busy (hopefully), and there's a reason they have a staff trying to screen out the riff-raff.

At any rate, I happen to think FPDN is an organization trying to do some good. I developed a bit of a anti-corporation attitude early on in my adult life after being screwed over by my cell phone and cable companies, sometimes to the point of outright fraud, and realizing there was little to nothing that could be done about it. I realize I'm just one man, and one man trying to go against a multi-billion dollar corporation isn't generally going to make it very far. Therefore I will admit that there is definitely some value to organizations like FPDN, even if they tend to be a little ...slanted sometimes. I suppose my final position in the subject is that these people are doing good, but make sure you do plenty of your own research, as always.

MD lawmaker moves to make accessing open WiFi illegal

2008-03-20T16:31:00.003-04:00

I thought this would make a fitting inaugural entry, as it involves a lawmaker who is pushing a law on what appears to be an questionable position. The idea at stake here is that it is illegal (or should be) to access a wireless network that is left open.

The first problem here is the lack of specificity. If the law is worded in such a way, there is no difference between someone sitting on the side of the road next to your house (off your property) and checking his email, and someone who maliciously accesses your system in order to exploit your identity, glean information off of other computers connected to the same network, or otherwise purposely use that connection to take advantage of you.

There are several people, like me, who leave their wireless router open (at least in part) as a community service. I take some fairly elaborate measures to secure my internal network, and to make sure that anonymous users are not able to use my connection to commit illegal acts. However the point is that there are some people, (and it does not even have to be a large number) that choose to keep their network open.

The (first) problem here is ambiguity of intent. Some people keep their network open on purpose. Therefore it is flawed logic to assume that anyone who has an open wireless network has it that way because they don't know any better. This leads to the next problem, that there are many people out there that deploy wireless access points without knowing how to properly secure them. These people are unknowingly putting themselves at risk to not just unauthorized internet access, but to malicious attack to (only slightly) more savvy users with the intent to break the law.

The analogy I see most often is usually something along the line of "if I broke into your house and used your phone, it would be illegal". Well, that's a little faulty. Let's adjust that analogy so it applies here. To say your house is unlocked in this scenario would still not cover it, since an unauthorized wireless user is presumably doing so from outside your property. Let's say your phone line ran out of your house, and onto the sidewalk. Now, an open wireless network has an SSID broadcast tagging along with every radio wave identifying it, and giving out all the necessary information needed to connect to it. In the phone scenario, this would be like putting a large sign on the sidewalk, next to your phone that says "phone" in big letters, and an arrow pointing down to your actual phone. Also, for the sake of the analogy, let's assume your phone plan has multiple lines, and unlimited minutes, in such a way that someone coming by and using your phone would have little or no financial effect on you, and would not bar you from using the phone as needed.

In this analogy, I have a feeling you would have a hard time convincing anyone that the person using your phone that you have effectively made freely available is at any sort of fault. You could argue that, despite the fact that the phone line was accessible from a public location, you did not want anyone to use it. However, you made no effort to tell anyone that you didn't want this phone to be used. Would you expect someone to create legislation to protect you from people using this phone, or would it be easier to take precautions to make sure everyone knows it's off limits? You could put a password on the phone line (encrypt the network), you could write "Private, do not use" on the sign (turn off the SSID broadcast), or you could just reel the whole thing inside where no one has access to it (turn off the wireless portion of the network).

To assume that anyone who accesses these open networks is a criminal is a backward step, legislatively. It leads to numerous cases of the wrong people being penalized. For example, the default SSID (network name) from any wireless access point or router bought from a store shelf from, say, the brand Linksys, is simply "Linksys". If you live in a large metro area, there is a good chance, as the number one dealer in home networking gear, that there will be other is your immediate area that have also purchased a Linksys access point. If no one in this area has the technical knowledge (really, it's not that hard. And furthermore, the directions are included in a bright, colorful guide right inside the box) to secure their access point, the only way to differentiate your access point from the other Linksys access points is to examine the MAC address (a twelve digit alpha numeric code unique to your network hardware). This procedure is (in most cases) MANY times more difficult than the simple steps to set up your router ONE TIME to be encrypted. While setting up what is considered a "secure" wireless connection by today's standards might take a slightly larger grasp of the technology, setting up the very minimum will at least rule out whether or not you welcome access to your network.

This, I think might be where the issue really needs to be heading. Not to legislate the entire act as criminal, but to separate the criminals from the people who are using the equipment exactly as it is intended. To introduce even a basic means of "closing" this network, one can determine the people that access a free network, from those that must take further (illegal) action in order to gain access.

There are a few ways of doing this that won't land half of the apartment-dwelling public behind bars. First would be to require access point manufacturers to set the wireless network to closed by default. This would rule out all those people who are theoretically being victimized because they don't possess the technical knowledge to close their own network. This can be done by either enabling a default password to access the network, or requiring a mandatory setup session when the device is first set up (kind of like how Internet Explorer has a 'one time' screen that comes up the first time you launch the program).
The next way would be simply to put the onus on the network owners. If a city park wants to keep people off the grass, they put up a "Keep off the Grass" sign. Otherwise, they have no reason to be upset if people walk on the grass. I am seeing a lot of people advocating parental responsibility in the case of school shootings, (a severe analogy, I know) but then saying it's not the owner's responsibility to spend 10 minutes reading a reasonably simple guide and setting up their network properly. This does not make sense to me. If you do not designate your network as private, it is impossible to separate you out from a person who runs an open network on purpose. To look at this another way, this legislation would, in a sense, make it illegal to operate an open network, as those who accessed it would be immediately punishable by law, in the strictest sense. This means coffee shops and restaurants who offer free WiFi too.
I suppose, in closing, that I am not necessarily against some sort of legislation regulating, or really, defining the terms when it comes to WiFi access. I just think that lawmakers need to understand all the angles here. This bill is not the answer. If you live in MD and you have the means to contact your lawmaker. Do so, and tell them that there are other, better ways of making sure people are made safe from unauthorized attempts to access their wireless networks.

Introduction

2008-02-18T10:51:00.002-05:00

Hi!

A little information before we jump off. I am a veteran in the IT industry, and have been passionate about the area of technology and digital rights for some time now. I had planned on writing a book on the subject, but I ran up against a few issues. First, the rate in which the landscape changes in this field would render any book I wrote obsolete before it could even be printed. Second, after writing a few dozen pages, it became clear that, as impartial as I try to be, I can't really offer a completely unbiased view of the situation, and most of my information turns into very well composed rants. I thought that a blog might be a more appropriate means of delivering the information and opinions I have, since the articles can be dated, and not subject to withering away into irrelevance on a bookshelf. Perhaps I will write a book at some point, but I think the material might have to be a little more stationary in order for me to commit to spending the volumes of time necessary to turn out something meaningful.

I hope you find this blog informative and as always, a staging ground to finding out more information. I will not mask the fact that I have my own ideas, and I want to emphasize that I don't want my ideas to become your own, at least without some research and insight on your part. So, take the ideas and opinions found here and digest them. Debate with me, agree with me, point out where I'm wrong, or where I shed some light for you. I enjoy a constructive conversation. As will be a common theme here, I believe in the dissemination of free thought and ideas. Take that to heart as you read on. I hope that my offerings will raise your awareness, but will not by any means be your final destination in seeking answers. Welcome, and happy reading!