Thoughts

This category identifies postings that are philosophical in nature.

Rendering CCTV (Somewhat) More Transparent

/ Christopher Parsons

CCTV meets consumerismIn a conversation with Prof. Andrew Clement this summer we got talking about the ever-increasing deployment of CCTV cameras throughout Canada. The conversation was, at least in part, motivated by the massive number of cameras that are being deployed throughout Vancouver with the leadup to the 2010 Olympic games; these cameras were one of the key focuses of the 10th Annual Security and Privacy Conference, where the BC Privacy Commissioner said that he might resign if the surveillance infrastructure is not taken down following the games.

I don’t want to delve into what, in particular, Prof. Clement is thinking of doing surrounding CCTV given that I don’t think he’s publicly announced his intentions. What I will do, however, is outline my own two-pronged approach to rendering CCTV a little more transparent. At the onset, I’ll note that:

  1. My method will rely on technology (augmented reality) that is presently only in the hands of a small minority of the population;
  2. My method is meant to be more and more useful as the years continue (and as the technology becomes increasingly accessible to consumers).

The broad goal is the following: develop a set of norms and processes to categorize different CCTV installations. Having accomplished this task, a framework would be developed for an augmented reality program (here’s a great blog on AR) that could ‘label’ where CCTV installations are and ‘grade’ them based on the already established norms and processes.

Continue reading

Google Dashboard – Does It Need Another Name?

/ Christopher Parsons / 6 Comments

TheWrongGoogleDashI like to pretend that I’m somewhat web savvy, and that I can generally guess where links on large websites will take me. This apparently isn’t the case with Blogger – I have a Blogger account to occasionally comment on blogs in the Google blogsphere, but despise the service enough that I don’t use the service. I do, however, have an interest in Google’s newly released Dashboard that is intended to show users what Google knows about them, and how their privacy settings are configured.

Given that I don’t use Blogger much, I was amazed and pleased to see that there was a link to the Dashboard in the upper-right hand corner of a Blogger page that I was reading when I logged in. Was this really the moment where Google made it easy for end-users to identify their privacy settings?

Alas, no. If I were a regular Blogger user I probably would have known better. What I was sent to when I clicked ‘Dashboard’ was my user dashboard for the blogger service itself. This seems to be a branding issue; I had (foolishly!) assumed that various Google environments that serve very different purposes would be labeled differently. In naming multiple things ‘dashboard’ it obfuscates access to a genuinely helpful service that Google is now providing. (I’ll note that a search for ‘Google Dashboard’ also calls up the App Status Dashboard, and that Google Apps also has a ‘Dashboard’ tab!)

Continue reading

Thinking About a ‘Privacy Commons’

/ Christopher Parsons / 7 Comments

unclesamsurveillanceIn some privacy circles there is a vision of creating a simple method of decoding privacy policies. As it stands, privacy policies ‘exist’ in a nebulous domain of legalese. Few people read these policies, and fewer still understand what they do (and do not) say. The same has traditionally been true of many copyright agreements. To assuage this issue surrounding copyright, the creative commons were created. Privacy groups are hoping to take some of the lessons from the creative commons and apply it to privacy policies.

I need to stress that this is a ‘thinking’ piece – I’ve been bothered by some of the models and diagrams used to express the ‘privacy commons’ because I think that while they’re great academic pieces, they’re nigh useless for the public at large. When I use the term ‘public at large’ and ‘useless’ what I am driving at is this: the creative commons is so good because it put together a VERY simple system that lets people quickly understand what copyright is being asserted over particular works. A privacy commons will live (or, very possibly, die) on its ease of access and use.

So, let’s think about use-value of any mode of description. The key issue with many commons approaches is that they are trying to do way too much all at once. Is there necessarily a need for a uniform commons statement, or is privacy sufficiently complicated that we adopt a medical privacy commons, a banking privacy commons, a social networking privacy commons, and so forth? Perhaps, instead of cutting the privacy cake so granularly (i.e. by market segment) we should try to boil down key principles and then offer real-language explanations for each principle’s application in particular business environments instead. This division of the commons is a topic that researchers appreciate and struggle with.

Continue reading

Copyright and the Blank Media Levy

/ Christopher Parsons

mediaplayer2I’ve been watching with some interest the new Artist 2 Fan 2 Artist project, recently started up by Jon Newton and Billy Bragg. The intent of the site is to bring artists and fans together and encourage these parties to speak directly with one another, without needing to pass through intermediaries such as producers, labels, public relations groups, managers, and so on. It will be interesting to see how the dialogue develops.

One of the key elements of the site that interest me the discussion of paying artists (and other content creators); how can we avoid demonizing P2P users while at the same time allocating funds to artists/copyright owners in a responsible manner. On October 5th, this topic was broached under the posting ‘In Favour of a Music Tax‘, and I wanted to bring some of my own comments surrounding the idea of a music tax to the forefront of my own writing space, and the audience here.

I think that an ISP-focused levy system is inappropriate for several reasons: it puts too much authority and control over content analysis than carriers need, puts carriers at risk when they misidentify content, and would make carriers (for-profit content delivery corporations) in charge of monitoring content without demanding consumers that pay ‘full value’ for content moving through their networks. This last point indicates that an ISP-based levy puts ISPs in a conflict of interest (at least in the case of the dominant ISPs in Canada). Another solution is required.

Continue reading

Analysis: ipoque, DPI, and Network Neutrality

/ Christopher Parsons / 10 Comments

netneutralityrallyottawaGerman Deep Packet Inspection (DPI) manufacturer, ipoque, has produced a white paper titled “Deep Packet Inspection: Technology, Applications & Network Neutrality.” In it, the company distinguishes between DPI as a technology and possible applications of the technology in a social environment. After this discussion they provide a differentiated ‘tiering’ of various bandwidth management impacts on network neutrality. In this post I offer a summary and comment of the white paper, and ultimately wonder whether or not there is an effective theoretical model, grounded in empirical study, to frame or characterize network neutrality advocates.

The first thing that ipoque does is try and deflate the typically heard ‘DPI analysis = opening a sealed envelop’ analogy, and argue that it is better to see packets as postcards, where DPI analysis involves looking for particular keywords or characters. In this analysis, because the technology cannot know of the meaning of what is being searched for, the DPI appliances cannot be said to violate one’s privacy given the technology’s lack of contextual awareness. I’ve made a similar kind of argument, that contextual meaning escapes DPI appliances (though along different lines) in a paper that I presented earlier this year titled “Moving Across the Internet: Code-Bodies, Code-Corpses, and Network Architecture,” though I think that its important to recognize a difference between a machine understandingsomething itself versus flagging particular words and symbols for a human operator to review. Ubiquitous, “non-aware,” machine surveillance can have very real effects where a human is alerted to communications – its something of a misnomer to say that privacy isn’t infringed simply because the machine doesn’t know what it’s doing. We ban and regulate all kinds of technologies because of what they can be used for rather than because the technology itself is inherently bad (e.g. wiretaps).
Continue reading

The Business of Infringing Content

/ Christopher Parsons

CreepycopyrightinfringementWhen people are about to download content from the ‘net that is copywritten, many often ask ‘will I get caught doing this?’ For many, the response is ‘no’ and then continue to download that episode of Seinfeld or whatever. Given that there are so many people downloading, and that record companies in the US have claimed to have abandoned filing new lawsuits against individuals, then things (in North America) appear to be getting better.

At issue, however, is that filing lawsuits is big money, and in Europe especially it looks like Digiprotect has moved in to assume first-mover advantage. Digiprotect gets “the legal rights from the companies to distribute these movies to stores, and with these rights we can sue illegal downloaders. Then we take legal action in every country possible, concentrating on the places where such action will be profitable” (Source). They avoid demanding too much money from infringers, on the basis that few judges like the idea of imposing million dollar fines on individuals – usually opting for suits demanding in the vicinity of 500 Euros. This amount of money ‘teaches’ individuals and provides enough money to keep the employees paid. No staff member has a fixed salary – they are paid according to the ‘cases’ that are won. The actual method of determining the financial burdens are based on the business expenses, profit, and money to be distributed to artists. In effect, the company sets up a honeypot and then sues whomever it is profitable to sue.

Continue reading