Saturday, 10 August 2013

Googling for lobsters will net you prawn sites

David Cameron would like to see ISPs implement a filter to block indecent images. This also follows proposals to get companies to do more when it comes to searches for child porn. Anyone who has any common sense should see the policy is headline grabbing. It's a shame there are not more MPs who understand technology and the dangers of bad legislation. The Internet is not a series of tubes and you can't turn it off at a drop of a hat. There are technical hurdles, the filter will be broad and legitimate things will get censored. How can you distinguish between satire, art and criticism and genuine inappropriate content?

The Wild West Internet myth is already dispelled by David Cameron. He refers to the work by CEOP and Google to block child pornography. There has always been monitoring, to some extent, by authorities and the law does apply. Anonymity is not entirely accurate because people can be traced. The number of social media related incidents (mostly over zealous policing / prosecuting) is a recent reminder of this. There is a discussion to be had about the effectiveness of policing and existing legislation being applied to the online world (eg. harassment). However, it is disingenuous to say there are no rules, regardless of the perception of a lawless playground.

The role of advertising, traditional media and other influences is ignored. The Daily Mail site runs stories about the porn filter while having questionable images plastered everywhere. Children may be negatively affected by all sorts of things - tv programmes, advertising, upbringing. Where are the policies to deal with these issues? This also undermines the basis of the current Conservative philosophy of Government not interfering. This is more legislation and shaping society under the guise of 'doing the right thing'. Is it such a leap to expect parents to ensure they children are not exposed to such material. There is plenty of information available, filters are not difficult to set up. Google already filters out search terms and bans content. In relation to child pornography - CEOP's former head said it was just rhetoric. His suggestions were more sensible that Cameron's. Making arrests public, finding the source of the material and looking at the other ways material is shared (peer to peer networks) are more effective than complaining about Google.

There is cross party consensus - in that Labour have demonstrated their ignorance in the past when it comes to technology. ICO having to investigate and fine departments. It's only addresses and personal details - discs being lost, files left on trains, website leaks and laptops with patient data being sold on. The recent incident with NSA and countries spying on each other mean there is a level of distrust by all. Censorship comes in many forms. We have seen mobile phone providers place a filter and this results in keywords in any context being flagged. This lays a foundation where the Government can decide what content is appropriate. Australia had a go at doing this and that didn't turn out so well. The Government - past, present and future - don't have the understanding when it comes to technology. The fact the Government doesn't consider the consequences of a block demonstrates that point. There is no willingness to understand and that's not going to change anytime soon. The saving grace is that this particular policy has virtually no support amongst Conservatives.

Monday, 6 May 2013

Self-defence redux

The idea of reasonable force in the old law worked fine. The notion of not grossly disproportionate is more or less the same thing. It's easy to suggest vigilantism is now encouraged and downplay the fear homeowners may have. But the law has been flexible enough and while it may not be a 'castle doctrine' approach - it does its best.

There has been an exaggerated suggestion of having to consult a textbook or being hesitant to use force because the was against you. The changes are superficial and it's a reworking of something which wasn't broken or damaged. Tory MPs were asked what force is appropriate and the response was 'it depends' - the same answer you would get before the change.

This issue won't play out for most people. According to the CPS, 11 prosecutions involving preventing intruders - 7 for households (between 1990-2005). The media like to run with a story and the high profile cases will often lead to the suggestion the law needs to be tougher.

You hardly need permission to protect yourself but cases like that of Munir Hussain show the difficulty of where you can draw a line. There isn't anything in writing which can give a definitive answer for obvious reasons. Setting a burglar on fire would still be illegal (that actually happened) - so the changes are not a free pass to re-enacting your favourite scene from Saw.

Sunday, 9 December 2012

Social media guidelines

Social media continues to highlight the need to balance expression against the law. The Twitter joke trial is the most extreme example of how the law can get it so wrong. Paul Chambers was finally successful in his appeal because 'the message was not objectively menacing'. Keir Starmer's reasoning to prosecute will remain a mystery because it didn't serve any public interest. The prosecution has been criticised as being disproportionate, interfering with free speech and should never have been pursued.

We've seen examples of messages on Facebook and Twitter which are offensive but a prison sentence, or even a criminal record, may be overkill. Punishment could include an apology, a fine, community service or restricting use of certain websites. New prosecution guidelines are coming to address this and it finally seems the CPS recognises you can't adopt a 'trial and error' approach when prosecuting individuals. Regardless of whether the media pick up on the story or it involves a well known person, there should be an even handed approach which doesn't restrict the ability to express yourself (even if it's considered offensive). This doesn't mean zero consequences but the recognition of context is important.

Although the DPP may consider it's now time for 'an informed debate about the boundaries of free speech in an age of social media' - I would say it's overdue. Nobody could foresee all the problems and it always takes time to adapt but social media has not been a sudden overnight change. This should have been considered as part of the wider picture of how the law would cope with new technology. Having a discussion is a positive sign but future changes should be carefully considered.

Saturday, 28 July 2012

Username1234

Google would like to you use your real name when you post a (un)funny comment on YouTube.

There is a desire to reduce some of the offensive remarks you find and it's difficult task, given the number of comments. A real name policy is meant to promote a more civil place for everyone. It's understandable that Google want to improve the site's reputation but this approach may not be the best one.

They also came under criticism when they introduced real names for Google+. A survey conducted has revealed reasons why using real names would be problematic. These include the fear over death threats, being more well known under an alias and putting someone's career at risk.

Although, at times, it does encourage the worst in people, the choice should still remain and can be important. Surveys are anonymous to get the most accurate feedback and voting doesn't happen in the open. Moderation and filtering may be better suited in situations like leaving comments on a site. We may see a shift where real names become mandatory but this isn't coming from users, companies are driving this change.

Wednesday, 11 July 2012

Enemy of the State

The Government has decided that monitoring internet usage is vital because of crimes and, as an upstanding citizen, you have nothing to fear. America has already taken steps to monitor their citizens and we may adopting out approach, in the form of black boxes, but nothing has been finalised.

Information about your movements online would be recorded which includes - boring emails, inspirational quotes left on Facebook, annoying celebrities on Twitter, swearing at kids while you shoot them in game and your personal history of watching cat videos on YouTube. The Communications Data Bill is going to be scrutinised and the consultation encourages the public to share their views. Although content would not be visible, officers could request it through a warrant and a judge would not be required - only a senior officer. Investigation of a crime or national security concerns has a wide, and unquestioned, scope and the pursuit of such measures combat crime may come at the cost of our privacy - is it worth it?

Those who feel they have nothing to hide and think there is nothing wrong don't understand the implications or see this as just a security measure. We lose something as a society and David Davis has called it 'increidbly intrusive' and it 'would only catch the innocent and incompetent'. I don't think it's too much of a stretch for serious criminals to use proxies, encrypt messages, use public wi-fi and not post their plans on Facebook and Twitter. Privacy should not be associated with being a (potential) criminal. You may wish to ensure your right to privacy for a number of reasons -

- A person is looking after a vulnerable person who depends on not being identified
- Information which uncovers a conspiracy or corruption at a high level which could be suppressed
- There is information which is very sensitive and may affect your social / professional life
- Information such as medical details, sexual activities, religious / politcal beliefs, bank details could be sold or used to blackmail
- You may have moved as a result of past events, keeping your history and details private would be a necessity

It's a false dichotomy we are presented with - safety comes at the cost of our privacy. It seems we are expected to be transparent and comply because that's what all good citizens naturally do. The social aspect plays a big role and it does have an impact of how you go about your day-to-day life and affects what you say and think. The Twitter joke trial means it's not such a far fetched concept, a joke can be construed as a threat.

This is not a fine tuned approach, it's large scale surveillance to deal with the problems and there is a lot of useless data to sift through. Exaggerating numbers, when they are available, appealing to fears and terms like 'cyber warfare' encourages support because you're given a side to choose. The blanket measures applied are considered justified because of the modern trifecta argument (paedophillia, terrorism and cybercrime) and why would any good citizen stand in the way of that?

We won't be able to see which individuals and departments access our data, when it was accessed and the reasons. If innocent people are monitored, there should be no harm in seeing what the authorities are doing with their data. It's not clear what details would be stored and for how long and the criteria applied for someone who may be considered a security threat. I wouldn't trust any Government to store data safely, prevent and minimise any security breaches given their awful track record. There may also be problems over data held outside of the UK and how this would be obtained. A recent article covers how black boxes could be used to collect traffic from overseas services and mentions that Charles Farr, director of the Office for Security and Counter-Terrorism, acknowledges that legislation alone isn't enough and there are always workarounds.

Saturday, 28 April 2012

Mobile gaming redux

The announcement of the new iPad didn't come with anything revolutionary but the additional pixels are no doubt welcomed. Developers benefit from the upgrade but has made me rethink how effectively it can disrupt the games market. Despite Cook's boast about the graphics and the iPad being the favourite games device - there may be a limit.

There is something to be said for a set piece of hardware which you can make use of. Learning all the tricks and focusing on making the best of the given hardware can result in gaming being more
of an experience. Innovative and ambitious titles require patience rather than just more power.

The casual games are likely to worry the likes of Nintendo but how much long term investment do you get with Apple? The brand is powerful and the audience large but the iPad still remains a tablet first. It has a competent game side but the risk of it overtaking appears less likely than originally imagined.

Gaming, as a medium, is pushed and expanded by the traditional players - Apple are not gamers at heart. The success of the iPad can be part of the overall picture.

And at what point does this become a viable alternative? Adding a controller would neglect the main touch input. Competing with Steam, already established, seems futile - even with the low pricing of iOS titles. Nintendo and Sony already offer titles which are priced lowered to compete.

You could argue this was like the Wii's success - we fell in love but the long term strategy was unfulfilled / unsustainable. It is still an important part of game history, much like Apple are contributing now. It may turn out that the threat is overplayed - competition but not a killer.

Tuesday, 13 March 2012

Valve under pressure

It seems that Valve are no longer under pressure, following the security breach, and hacking has become 'commonplace'. Chris Morris mentions the hostility toward Sony, following the breach, and the notion of overcoming a 'faceless empire' persona. The goodwill aspect helped to reassure users but it's a shame that this wasn't fully reciprocated. I didn't get an IM from Gabe Newell and I read about the incident in a news story. It may be surprising to Valve but not everyone will be connected to Steam at all times. Valve took notes from Sony's (mis)handling of their security breach but they didn't learn.

Morris also mentions the emailing between Newell and customers but Sony were competent enough to send an email out (albeit, a bit late). What happened to goodwill toward us - why didn't Valve bother with the basic courtesy of sending an email to all registered users?

Sony's backdrop is important but I think we should take Valve's failure on its own merits rather than saying 'it wasn't as bad as last time'. Also, I don't think the hysteria is overblown - information has money attached. Regardless of the liability factor, we should always be vigilant and be critical over any company who fail to take all the steps to notify us. I don't buy into the notice of implicit trust, however friendly the CEO may appear to be. My own experience with Valve, over this issue, is less than stellar.

The data protection laws in Europe wouldn't apply and ICO couldn't investigate because Valve is based in the US - even though there are many users from UK (and elsewhere). It's more worrying when your credit card data is meant to be safe, an email notification is not guaranteed.

Valve is not to blame for the attack but data protection is highly important and, encrypted or not, the delay in communication and lack of email updates is disappointing especially given the PSN fiasco. I contacted Steam Support asking why no email was sent out but they advised me to contact the Legal Department. There was no email address given - a letter was posted out.

From the legal department:

We’ve received your note dated 30 November. You asked about why Valve hasn’t sent emails to inform users about our recent intrusion. We believed that the most effective way to communicate to the Steam community was through Steam IM, which we did on November 10. This is how Steam users are accustomed to receiving information from Valve and we thought it had the highest likelihood of getting the message out. We wanted to get the information out quickly. We also posted the notice on the Steam forums site and at valvesoftware.com, and the story was picked up and published in many online and print publications. In those jurisdictions where an addition notice was required by local law we delivered those notices.

We apologize the any concern this may have caused you and we appreciate your support.

Another update came when it transpired that it was 'probably that the intrudes obtained a copy of a backup file with information about Steam transactions...' The final message I got when I pressed the issue:

We've kept users appraised of the situation in the way that seemed most effective. We make other communications as required to comply with U.S. law. We understand that users care about data security and we care about that a lot as well. We will continue to do our best.

The reasoning behind not sending an email is that it's unnecessary and only applicable if legally required. The notion that a security breach doesn't warrant an approach to cover all avenues - to reassure and update users - isn't something that fills me with confidence. It shouldn't take a legal push either. You could replace Valve with another company and the complaint would still be justified. The encryption aspect doesn't mitigate the point I'm making. Lessons should have been learnt from Sony in regards to handling the situation. Let users know quickly and send out emails and don't rely on the media to inform them. Having notifications on Steam is like the default setting. An email doesn't equate to causing mass panic and hysteria - the media picking up the story is more likely to do that.

The minimum we expect from those looking after data is good security. The next important issue is effective communication to inform users and keep them updated in the event of a breach. It may not affect the severity of the breach but it would be nice to know that every effort will be made to alert and update users should the worst happen. The different jurisdictions mean it's difficult to enforce on relying on goodwill is all we have.