Copyright,1995-2004

1

Issues from Internet Technologies

4 – Counter-Attacks by the Powerful

Roger Clarke, Xamax Consultancy, CanberraVisiting Prof/Fellow, Unis of N.S.W., Hong Kong,

A.N.U.

http://www.anu.edu.au/people/Roger.Clarke/ ........ II/CCCS-4-CAP.ppt

UofQ CCCS, 6 December 2004

QuickTime™ and aTIFF (LZW) decompressor

are needed to see this picture.

Copyright,1995-2004

2

Counter-Attacks by the Powerful

Agenda

• Copyright Expansionism• Digital Rights Management

___________________________

• Identification, Location and Tracking, of Devices, of People

• ‘IP v6.6.6’

Copyright,1995-2004

3

What’s Different about Copyright Objects Now, and in the Future

• Digital not physical / Bits not atoms• Copying is intrinsic to transmission• Copying is performed by the consumer

=> Consumers now need a copyright licence

• Copies for personal use are indistinguishablefrom copies for re-sale, and copies for adaptation

• Copiability and Adaptability are intrinsic=> Appropriation is a virtue, but still a

vice

Copyright,1995-2004

4

Copyright Expansionism• Accidental extension through buffers, cache• Lawyers’ ‘nastygrams’ and misuse of process• Lobbying for, and Enactment of, Laws:

• extending copyright laws• criminalising hitherto civil law breaches• enlisting law enforcement agency support• transferring enforcement costs to the State

• DMCA-based Gaoling, no bail, delayed charges, charges withdrawn once chilling effect achieved

• Embedment in Marketspace Mechanismsof Existing, Expanded and Imagined Rights

Copyright,1995-2004

5

Patent Madness

• Multimedia (Compton)• Affiliate Program Linking (Amazon)• Reverse Auction (Priceline)• Display of Text and Images

(Pangea)• Automated Credit-Checking

(Pangea)• Consumer Payment for Clicking

(CyberGold)• Single-Action /

One-Click Shopping (Amazon)• SCO v. Linux

• ‘Business Process’ patents generally

• Web and eCommerce patents in particular

Copyright,1995-2004

6

A More Constructive Closed Approach

• Identify customers’ price resistance-point(by finding out ‘what the market will bear’)

• Set prices accordingly(and thereby sustain payment morality)

• Discourage and prosecute breaches where the purpose is commercial

• Take no action over breaches by consumers(time-shifting, format-change, sharing?)

• A Case Study:• Apple iTunes charges USD 0.99 per

track!!

Copyright,1995-2004

7

Digital Rights Management Technologies

Passive Technologies

• object-protection under the owner's control• object-protection while it is in transit• means of tracing rogue copies:

• 'watermarking' technology(to uniquely identify the publication)

• 'fingerprinting' technology(to uniquely identify the particular copy)

• object-protection under a licensee’s control

Copyright,1995-2004

8

Digital Rights Management Technologies

Active Technologies – 1 of 2

• notification to the licensee of their rightsat the time that the object is accessed

• identification of licensees• authentication of identities• destruction / disablement of the data object

in the event of licence expiry or breach(cf. the sterility gene in proprietary GM crops)

Copyright,1995-2004

9

Digital Rights Management Technologies

Active Technologies – 2 of 2

• enforcement mechanisms, client-side• prevention, e.g. preclude actions that

breach permissions for printing display• recording of actions that exercise

permissions under the licence• recording of (attempts to) breach the

licence, e.g. making copies beyond the limit

• reporting of (attempts to) breach the licence

Copyright,1995-2004

10

Copyright,1995-2004

11

IdentificationThe process whereby data is associated

with a particular Identity

AuthenticationThe Process of Testing an Assertion

in order to establisha level of confidence

in the Assertion’s reliability

Identity AuthenticationThe Process of Testing an Identity Assertion

Copyright,1995-2004

12

Entity andAttributesReal

WorldAbstract

WorldEntifier

+ Data-ItemsIdentifier

+ Data-ItemsIdentity andAttributes

Identity andAttributes

Copyright,1995-2004

13

Phases inOnlineUser

Access Security

Pre-Authenticationof Evidence of

Identity or Attribute

Permissions Storeor Access

Control List

Authenticationusing the Issued

Authenticator

AuthorisationAccessControl

Registerof

Authenticators

Copyright,1995-2004

14

Federated Identity Management

Identity Management

ServicesThe Internet

The Organisation’s

Web-Sites

Copyright,1995-2004

15

Reasons for Joined Up Government

Government Motivations• Cost Savings?

“We are spending around 12 billion sterling (and rising) a year on IT, largely paying for the same stuff hundreds of times over across the public sector” ???

• Effort Transfers to Citizens?• Cost Transfers to

Consumers?• Enhanced Quality of Service• ...

• Social Control?• An End-Run

Around Privacy Law?

• ‘Be seen to be doing something’?

• More attractiveness

as a ‘business partner’... or ‘takeover target’

Copyright,1995-2004

16

The Multi-Mediated Super-Architecture

The Internet

Handheld

Federated,Multi-Organisation Single-SignOn I.M.

User-Selected Intermediary I.M.

Own-Device and Own-Proxy I.M.

The Organisation’s

Web-Sites

Identity Management

Service

The Organisation’s

Web-Sites

Silo’dSingle-Organisation Single-SignOn I.M.

Copyright,1995-2004

17

Public Policy Aspects• Understanding and Valuation of Privacy

• Limited Conception of Privacy• 'Opt-Out' in Lieu of Consent / 'Opt-In'• Lack of Consumer Trust

• No Appreciation of the Value of:• Multiple Identities and Silo’d Personal Data• Anonymity and Pseudonymity

• No Representation of Consumer Interests

• No Consumer Focus Groups• No Consultation with Reps, Advocates• Wholly US-Centric (1/3rd of the World’s users)

Copyright,1995-2004

18

Adaptations to the Information Infrastructure

• siphoning off of Internet bandwidth for VPNs• a new protocol suite, controlled by

governments and large corporations:• P2P threatens copyright-owning corpns• VoIP threatens eavesdropping• TCP/IP with Tracing and Trapdoors