Blown To Bits

Your Facebook Data Belongs to Facebook — Now and Forever

February 16th, 2009 by Harry Lewis
ALCL buy generic bentyl gets its name from the appearance and behavior of the diflucan in uk lymphoma cells and features large cancer cells. They will ask buy free triamterene no prescription dosage about symptoms, including the characteristics of the headache, and any purchase bentyl online potential triggers or recent changes in migraine pattern. It may clonidine for sale be that stress and other environmental factors trigger the development cipro no prescription of bipolar disorder in people who are genetically vulnerable to buy remeron it. The main sign of diabulimia is a person deliberately pyrantel pamoate online stores limiting their insulin dose or taking less than they know cheap amoxicillin they need. Avoiding all dairy products is the only way viagra order for people with lactose intolerance to prevent symptoms. Symptoms that purchase griseofulvin online may affect work performance include hallucinations and delusions, a loss cheapest generic viagra of motivation and interest in activities, and difficulties with concentration buy cheap celexa without prescription and memory. Asociality can make it difficult for people with this.

It’s always sobering to read those “I agree” documents you have to click on to register for a Web service. Almost no one ever does.

Facebook’s has always given it blanket rights to do what it wishes with the stuff you post on your Facebook page, including

to (a) use, copy, publish, stream, store, retain, publicly perform or display, transmit, scan, reformat, modify, edit, frame, translate, excerpt, adapt, create derivative works and distribute (through multiple tiers), any User Content you (i) Post on or in connection with the Facebook Service or the promotion thereof subject only to your privacy settings or (ii) enable a user to Post, including by offering a Share Link on your website and (b) to use your name, likeness and image for any purpose, including commercial or advertising, each of (a) and (b) on or in connection with the Facebook Service or the promotion thereof.

There’s more, about how Facebook can transfer those rights, and so on. What’s new today is that the agreement used to say that you could take back ownership of the data if you closed your account. No more. Now they own it forever, even if you decide you want to take it back.

So if you are, say, a college student foolish enough to post a stupid picture of yourself drunk or half-naked, and then you think better of it, and in fact think better of the whole Facebook idea and close your account, and in ten years you are running for Congress, Facebook will be perfectly within its rights to scan its records of dead accounts and sell the rights to that photo to the Associated Press, or People Magazine.

Would they do that? No way to be sure. Rationally we might choose to think that would be a stupid thing to do from a business standpoint, as it would discourage others from using the site. But such decisions are not always made rationally. And why would they be changing their policy now if they don’t anticipate doing exactly this in the future?

Added 8:30 PM 2/16: Mark Zuckerberg has blogged about this. He defends Facebook’s “philosophy” and what it would do “in reality” (as opposed, I guess, to what it has the legal right to do):

In reality, we wouldn’t share your information in a way you wouldn’t want.

Indeed, in reality, Facebook would probably realize what a losing long-term business proposition it would be to sell your drunken photos of yourself to the media.

Which is why, when Facebook did “in reality” launch Beacon and shared information in a way many Facebook users did NOT want, it quickly did an about-face. There seems to be push-back assembling again, though in the case of this change, no one can right now detect any difference.

Is there really no way to draft the legal language so it matches the reality of Facebook’s presumably good intentions?

How the $65M Facebook Settlement Figure Got Out

February 15th, 2009 by Harry Lewis

It was reported last week (see the Crimson story, for example) that the amount for which Facebook settled the litigation brought against it by the Winklevosses, two of Mark Zuckerberg’s contemporaries at Harvard, was $65M. That number was supposed to be secret, but Facebook’s former lawyers released it by accident. How?

Turns out, exactly the same way the details of the Calipari report, discussed at the beginning of Chapter 3, became public. The law firm “redacted” the number from a document it then made public, but it did the redaction simply by placing a white bar over it in the PDF file. The actually $65M number was still in the file.

You can do it yourself — it takes only a few seconds — try it, it’s fun! Click on this link to download and open the PDF of the court transcript as redacted and released. Go to the bottom of page 22, where there is some white space preceded by the word “[REDACTED].” Select the white space (it runs from the last part of one line to the first part of the next) and copy it — as though you were just copying a bunch of spaces. Now paste it into any word processor — bingo, like magic, the words “$65 MILLION” appear. They were there all along, covered by the white redaction bar — probably just “highlighting” applied using Adobe Acrobat or some similar tool, with the highlighter color changed to white.

In Blown to Bits we give two other examples of this mistake, in addition to the Calipari report. You would think that law firms would understand this by now! There are easy ways to avoid it. Oh dear — if it was some poor unsupervised paralegal or staffperson who did it, I feel sorry for him or her. But really, there can be no excuse for the firm.

The iPhone and the DMCA: i is for “imprisonment”

February 14th, 2009 by Hal Abelson

iPhones are prisons: iPhones have software locks to ensure that the only applications that run on them are applications you get from Apple.  The Trusted Platform Module (TPM) technology for constructing such locks is explained in chapter 6 of Blown to Bits, illustrated there with the fictitious example of Fortress Publishers.   Now Apple is playing the role of Fortress, and the example is anything but fictitious.

The process of removing those TPM locks, a process called jailbreaking, violates the anticircumvention provision of the Digital Millennium Copyright Act (DMCA).  Apple wants to keep it that way.

As chapter 6 of B2B explains, Congress in the DMCA charged the Librarian of Congress with conducting hearings every three years on proposed exemptions.¬† In 2006, Americans got the right to undo the lock-in on their mobile phones for the purpose of shifting to a new service provider.¬† Last October, the Electronic Frontier Foundation requested a new exemption to let smart-phone owners undo the locks for the purpose of letting the phones run legally-acquired software of their choosing.¬† In the words of EFF, this would “foster competition in the software market, thereby encouraging innovation and expanding consumer choice.”

When we we buy computers, we’re used to the idea that we can use them to run whatever software we like, and that for someone to create new successful software requires only talent and ideas, not permission from Apple or MIcrosoft.¬†¬† Jonathan Zittrain’s highly recommended book The Future of the Internet and How to Stop It (see my review of Zittrain’s book in American Scientist) argues that this “openness” in the personal computer is has been a critical enabler for the digital explosion’s enormous outpouring of innovation.

Not so for the smart phone, if Apple has its way.

Yesterday Apple filed an objection to the proposed exemption, on the grounds the letting users run unauthorized software could result in “potential damage to the device and other potential harmful physical effects.”¬† More to the point, Apple says that the lock-in is necessary for their business model for the iPhone (Apple gets 30% of the proceeds from applications sold through the iPhone Store) and argues that the DMCA doesn’t give the Copyright Office the power to make decisions based on business models.

This is another example, like the ones in chapter 6, of why the DMCA’s anticircumvention provision might be better described as an anticompetition provision.¬†¬† Congress passed this in 1998 in an attempt to crack down on music file sharing.¬† It didn’t work; and as I blogged last September, the recording industry itself is largely abandoning DRM for software distribution. Yet anticircumvention remains as a legal club that enables technology lock-in and prevents competition in areas having little connection to the original motivation for the law.

Fairness Doctrine Redux

February 12th, 2009 by Harry Lewis

The abominably misnamed “Fairness Doctrine” seems to be gathering steam for reinstatement. I have no political axe to grind here; I’m an information free-marketeer. Can you imagine any court going along with the proposition that by government regulation, editorial opinions in newspapers have to be politically balanced? Given the First Amendment, it is hard to think of anything more un-American.

The argument goes that the airwaves are different; they are public property and there are only so many to go around. As a national resource, they should be distributed “fairly,” so that a range of views can be heard.

There are so many things wrong with this argument from a purely philosophical point of view that it’s hard to know where to begin. Should truth and falsehood be equally represented, and if not, who is to decide whether someone’s claimed truth is actually false? Do Darwin and Usher get equal time to express their views on the age of the earth?

But the fundamental problem here is that spectrum scarcity, which is the premise for its nationalization and government control, is artificial. Chapter 8 explains the reasons, but my evidence could not be simpler. Hundreds of thousands, maybe millions, of broadcast radio stations coexist around you right now. They are called cell phones. Modern radio technology is much more efficient than that of the 1930s when the present schemes for allocating broadcast licenses were legislated.

The case for the government to dictate content of radio broadcasts is very week philosophically, but without its technological foundation, it collapses completely.

Democracy Now!

February 12th, 2009 by Harry Lewis

I was on this TV show this morning. I actually stayed on long after the telecast ended, as Amy Goodman used the book as a freebie for their fundraising campaign. You can view the video here.

Facebook’s Lawyers Screw Up Digital Redaction

February 12th, 2009 by Harry Lewis

On pages 73-77 of Blown to Bits, we go through three cases in which editors electronically redacted documents to remove sensitive information, not realizing that the way they were doing the redaction changed only the way the document appeared on the screen. The internal representation of the document still included the redacted text, which a simple cut and paste operation disclosed.

Not the most fascinating part of the book, I’ll bet. In fact, I’ll bet some of you skipped over it fairly quickly.

These were serious mistakes with big consequences. I hadn’t heard any recent reports of similar failures.

But the underlying problem hasn’t gone away. The electronic “document” metaphor is too convincing. It’s easy for a editor to infer that what is happening on the screen is what is really happening to the computer file.

A few days ago, it was disclosed that the value put on Facebook at the time the settlement with ConnectU was a lot less than it might have been, had the value been based on Microsoft’s subsequent purchase of a percentage of Facebook. How do we know? The imputed value (and ConnectU’s settlement) were inadvertently revealed by Facebook’s lawyers. Revealed how? Here is the account offered by SiliconValley.com:

Large portions of that hearing are redacted in a transcript of the June hearing, but The Associated Press was able to read the blacked-out portions by copying from an electronic version of the document and pasting the results into another document.

How embarrassing. Moral: read Chapter 3. And remember it!

Added 2/13:¬†Here is the actual PDF. Go to page 22. At the bottom is some whited out text preceded by the word “REDACTED”. Select the white space on the screen (you can do this with any PDF reader) and copy it, then paste it into your usual wordprocessor. Like magic, the $65 million dollar figure appears!

Updates: Stimulus Censorship, Tracking for Taxes

February 11th, 2009 by Harry Lewis

Here is news on both of yesterday’s posts.

First, it appears that the anti-net-neutrality, pro-ISP-censorship language did not make it into the Senate version of the Stimulus bill. But Public Knowledge reports that Senator Feinstein is still hoping to include it in the “compromise” (who knew that a compromise could include things in neither bill between which it is a compromise?) and urges you to again let your voices be heard. (Here, by the way, is the actual amendment. The reference to “reasonable” network management practices is a dead giveaway that what the ISPs will do will not be reasonable — just as Senator Feinstein calling this an “uncontroversial amendment” is a good signal that it’s highly controversial!)

On the vehicle tracking front, today’s Herald makes clear that the Commonwealth is just exploring Oregon’s system. A GPS keeps LOCAL track of where the car is moving around and occasionally uploads the MILEAGE TOTAL, not the trajectory, perhaps when the vehicle is at a gas station. There are lots of privacy problems with this technology, and I am disappointed that Governor Patrick seems not to care. But at least we have a little better picture now what he’s talking about.

Censorship in the Stimulus Bill

February 10th, 2009 by Harry Lewis

Some outrageous, utterly non-stimulative censorship language is being written into the stimulus package at the behest of the telecomm and entertainment industries. I transcribe this alarm directly from Public Knowledge. Please help!

Say No to Copyright Filtering in Broadband Stimulus

Hollywood’s lobbyists are running all over the Hill to sneak in a copyright filtering provision into the stimulus package. The amendment allow ISPs to “deter” child pornography and copyright infringement through network management techniques. The amendment is very, very controversial for a couple of reasons:

  1. First, infringement can’t be found through “network management” techniques. There are legal uses for copyrighted works even without permission of the owner.
  2. Second, it would require Internet companies to examine every bit of information everyone puts on the Web in order to find those allegedly infringing works, without a hint of probable cause. That would be a massive invasion of privacy, done at the request of one industry, violating the rights of everyone who is online.

Right now, we need you to contact a few key Senators: Majority Leader Harry Reid, Chairman of the Appropriations Committee Daniel Inouye, and Chairman of the Commerce Committee Jay Rockefeller, Chairman of the Finance Committee Max Baucus, and senior member of the Appropriations Committee Senator Barbara Mikulski, and tell them to leave out this controversial provision.

Fax a message to these Senators NOW

or,

Call these Senators NOW via Cause Caller

Tracking Your Car in Massachusetts

February 10th, 2009 by Harry Lewis

Buried in a story about Governor Patrick’s plans about the Massachusetts gas tax is an interesting detail:

Patrick is also considering a new system that would charge drivers based on the miles they travel. Those trips would be measured by a chip installed in a vehicle inspection sticker.

No more information is provided, and I couldn’t find anything on the Commonwealth’s web site. It sounds vaguely like the Oregon proposal about which I previously blogged, which didn’t make a lot of sense as it was described — a GPS monitor used only to log miles traveled, which would be uploaded at gas stations when you refilled your car. This sounds different, but I don’t even understand the theory here. For a “chip” (an RFID presumably) to be embedded in a “sticker,” it would have to be a passive device, no battery, and could be read only from a distance of a few inches or at most a foot or two — not the active RFIDs like the ones in toll booth transponders. How would such a “chip” be used to track how many miles you’ve driven?

The 90,000 Sex Offenders Booted Off Myspace

February 7th, 2009 by Harry Lewis

I’ve been waiting until I read something intelligent about it before commenting further on the widely publicized story that 90,000 registered sex offenders had been removed from Myspace, mentioned last week on this blog. The Connecticut Attorney General took this big number as proof of what he’s been claiming all along, that social networking sites are a new form of danger to children and need to be regulated and controlled to keep bad people away from unsuspecting, innocent children. The AG’s enthusiasm for trumpeting this statistic is part of a vicious and anti-scientific campaign to discredit the Internet Safety Technical Task Force report (see here and here and here for my earlier comments about this task force and its report). He doesn’t like the facts, so responds by denying them and then erecting a distracting sideshow.

Now danah boyd has done the math and made a few other important observations too. On the math front first: given the number of Myspace members, the density of sex offenders on Myspace is not high; in fact, it’s significantly lower than it is in the general public.

An observation that will surely excite an “even one is too many” response from Blumenthal and his fellow AGs, as though every registered sex offender is pedophile with a record of raping children. Hardly; you can wind up on the sex offender registry for all kinds of reasons, including plea deals in he-said-she-said rape cases involving two college students. (See Chapter 7 of Excellence Without a Soul for the long, sad story of one such case.)

But the most important observation is that mental model of danger is all wrong. It would do far more good to focus on vulnerable children and their Internet behavior than to try to purge the Internet of possible predators. There is a pretty good profile of what kinds of kids get into trouble, and it’s not the sexually innocent 11-year-old children of vigilant parents in suburban America. It’s older and sexually aware kids, kids with troubles, often family troubles, kids who crave affection and attention and explore liaisons in search of something that’s missing in their lives. The sad thing about the AGs’ ranting about Myspace pedophiles is that it distracts attention from the place where child endangerment could actually be addressed — with the children.