Category Archives: 法 | legal | 법률학

by

Lady Gaga, the lawyer and the Irish Web 2.0 debacle

The Irish Independent ran the story of Ate My Heart Inc.; a company owned and controlled by popstar Lady Gaga who

‘demanded I roll over and hand over my ladyaga.ie domain name and trademark’

This action was taken against an Irish-based cookery blogger. This surprised me for a number of reasons:

  • The two brands and domains whilst similar couldn’t be mistaken for each other, giving the Ate My Heart legal team a relatively weak positon if it ever went to court
  • You would have a harder time differentiating the Lady Gaga brand from the many social accounts run by dedicated Lady Gaga fans
  • Lady Gaga and her management seem to be exceptionally savvy about the use and abuse of social media; and its power hence the LittleMonsters.com community that they run

It also reminded me of IT@Cork / O’Reilly Publications debacle that broke out over the use of web 2.0 in 2006. IT@Cork was a small local group interested in business technology who decided to host a session on web 2.0. They invited Tim O’Reilly along to speak alongside other representatives from web 2.0 firms. They were legalled by CMP who run the Web 2.0 Expo and Web 2.0 Conference with a cease and desist letter.

The subsequent online firestorm caused Tim O’Reilly to come back off holiday and broker a smarter solution.

Ate My Heart could have reduced their risk and had a win-win situation like O’Reilly eventually opted for, but instead went all in on a relatively weak legal position, hoping presumably that the blogger would buckle rather than publishing their letter online and calling them out, but they chose not to.

I guess the implicit message to Irish Lady Gaga fans were that they didn’t matter all that much.  From a PR perspective, something to keep an eye on in case clients take a similar gung-ho approach to reputation management through litigation; not everyone will be as lucky as Lady Gaga was on this occasion.

Archived from blog posts I wrote for PR Week

by

Brand extension or violation?

I saw this on the way into work yesterday morning at the café-bar around the corner from the office. I just imagine the lawyers in Sunnyvale hitting the speed dial button for the corporate travel agent and booking a business class return flight to Hong Kong.
Untitled

by

Network analysis and why people are so afraid of the Draft Communications Bill

This is going to be a convoluted long post, so I just decided to pick a point and start.

The Draft Communications Bill, what is it?

The Draft Communications Bill is a piece of legislation that builds upon work done by the European Union and the previous Labour administration. It is designed (as the government sees it) to maintain capability of law enforcement to access communications. It builds on a number of different pieces of legislation.

Communications Data Bill 2008 – sought to built a database of connections:

  • Websites visited
  • Telephone numbers dialled
  • Email addresses contacted

This data would be collected by internet service providers. The current government had described these plans at the time as Orwellian.

Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or public communications networks and amending Directive 2002/58/EC – requires data retention to identify users and details of phone calls made and emails sent for a period between six months and two years. This information is to be  made available, on request, to law enforcement authorities to investigate and deal serious crime and terrorism.

The UK already has used non-legislative means to force 95 per cent of internet access through a filtered system, predominantly BT’s Cleanfeed which blogs blacklisted sites or pages. It has been used to filter child pornography, there were discussions about using it to block content that was deemed to glorify terrorism and has the potential to block content in a similar way to other more authoritarian nations. In a well-known case Cleanfeed had blocked a Wikipedia page on The Scorpions Virgin Killer album originally issued in 1976.

In addition, the UK government had evaluated (and rejected) internet connections being filtered for pornographic content by default – apparently due to a lack of appetite from parents for content filtering.

The Digital Economy Act of 2010 allowed sites to be blocked and allowed prosecution of consumers based on their IP address which was problematic.

So there is already a complex legal and regulatory environment that the Draft Communications Bill is likely to be part of.

In essence, the Draft Communications Bill gives the capability to build a database of everyone’s social graph. Everyone you have called, been in touch with or been in proximity to.  It requires:

  • A wide range of internet services, not just ISPs to keep a record of user data for 12 months
  • That retained data to be kept in safe and secure way; just like say credit card information or user names and passwords
  • The ability to search, filter and match data from different sources allowing a complex near-complete picture to be built up of our digital lives. Which would be of interest to hackers, criminals, private investigators or over-zealous journalists (a la the recent News International phone hacking scandals)

What the government have been keen to stress is that the process would not look at the content inside the communication. If we use the analogy of the postal service, recording all the external information on an envelope or parcel, but not peaking inside. The reason for this can be found in a successful case taken by Liberty and other organisations against the UK government in 2008. Article eight of the European Convention on Human Rights focuses on respect for private and family life, home and correspondence.

During the 1990s, the UK government had intercepted calls, faxes and electronic communication placed internationally by people in Ireland via a specially built microwave communications tower in Capenhurst. The Electronic Test Facility was uncovered by Richard Lamont in 1999 and was subsequently covered by Channel 4 news and The Independent.

Once the Electronic Test Facility came out into the public domain, the court case followed.

There are concerns about how this information can be used indiscriminately to build up a Stasi-like picture of the UK population. This is more sensitive given the controversial  black list provided to the construction industry by The Consulting Association. Latent public anxiety about commercial services like Facebook and behavioural advertising also contribute to this mindset.

Why all the power?

Modern police work and intelligence work doesn’t look like Spooks, James Bond or Starsky and Hutch. In reality, it looks more like The Wire. Investigations revolve around informants and painstaking investigation work.

A key part in this is network analysis. Understanding the structure of  relationships between participants allows them to be caught. A key part in the film The Battle of Algiers shows how French paratroopers looked to break suspects to find out the structure of their terrorist cells. If they can break them fast enough before conspirators flee, the French could roll up the terrorist infrastructure. The film’s main protagonist who instigates this policy is a portmanteau of numerous counterinsurgency specialists including Jacques Massu, Marcel Bigeard and Roger Trinquier, all of whom had been involved in the French counterinsurgency campaign from 1954 – 57 which had successfully  rolled up Algerian separatist networks in the capital Algiers.

Move forward five decades and the US counterinsurgency work in Afghanistan and Iraq puts a lot of focus on degree centrality and social network analysis as part of its efforts to dismantle al-Qaeda and other fellow travellers.

Secondly, good operational security techniques from the use of stenography or encryption of communications if implemented well can be difficult even for governments to crack. If you know the network structure, this gives you two options to gain information on the communications:

  • Look at the communications metadata: how much is going on, where is it being sent to, is the volume larger or less than normal. These can all be used as indicators that something maybe happening, changes in power within an organisation (who is giving the orders)
  • Focus resources on cracking communications that would be deemed important, for instance those to a particular number

The all-up data picture would be deemed important to provide a better picture of network analysis. When I think about myself for a minute:

I have a range of different online identities, many of which are due to the limitations of the service on which they are held or when I set them up.

I have one main UK mobile phone number, but I have had different ancillary ones:

  • Work phones
  • Temporary PAYG numbers to sell things on The Gumtree and Craigslist
  • SIMs that I have used for data only on my iPad and smartphones over the years

Now, let’s do a thought experiment, imagine a gang of drug dealers each with a set of pill boxes like old people have labelled up for each day of the week. In each section of the box would be a SIM card. They would then swap those SIMs in and out of their phones on a regular basis making their communications hard to track if you were just following one number. They could be using regularly changed secondhand mobile phones so that the IMEI number changes as well.

The SIMs could be untraceable, they could be bought and topped up for cash if they were bought outside the UK. I can go into my local convenience store here in Hong Kong and buy and top-up them up for cash or a pre-paid credit card with no one asking to see my ID.

Untraceable UK SIMs could be acquired along with bank accounts from students going home, paid off electronically, perhaps even with the debit cards attached to the accounts and the accounts topped up with ATM deposits.

But if you interrogate a database once you have one or more numbers and look for numbers that appear on a network in the same location immediately after the number you know disappears you are well on the way to tracking down more of the mobile graph of the drug dealers.

Now imagine the similar principles being applied to messaging clients, email addresses or social networking accounts in order to provide the complete network analysis of the gang of drug dealers created in the thought experiment.

How does this fit in with the people?

Under the previous Labour administration councils were given wide-ranging surveillance powers that were used to deal with incidents such as putting the wrong kind of materials in the recycling bins. This annoyed and educated British consumers on privacy. The Draft Communications Bill smacks to many as a similar kind of snoopers charter.

The internet itself, has been political and has become political. If one goes back to the roots of the early public internet, one can see the kind of libertarian themes running through it in a similar way to the back to the land efforts of the hippies which begat the modern environmental movement. This was about freedom in the same way the American pioneers could go west for physical freedom the internet opened up a new virtual frontier where one could make one’s own fate. It was no coincidence that people involved in ‘the hippy movement’ like Stewart Brand and Kevin Kelly were involved in setting the political tone of the internet.  Or that the Grateful Dead have had an online presence since 1995.

When these freedoms have been overly curtailed or threatened, internet users have struck back; sometimes unsuccessfully. The Pirate parties that sprang out of The Pirate Bay | copyright discussion have had limited political success, which has misled many to believe that the internet isn’t a political issue. What they managed to do is highlight the issue and their concerns to a wider range of people, in a similar way to how far right movements put immigration on mainstream political agendas across Europe.

It is also coupled with a decline in trust in authority, partly due to the financial crisis and the cosy relationship with the media which came to light during the phone hacking scandal.

Even The Economist realised that something was going on and called internet activism the new green. It takes mainstream political systems a while to adjust to new realities. It took at least two decades for green issues to become respectable amongst mainstream politicians and it seems to be even harder for them to grasp the abstract concepts behind the digital frontier.

The signs are all there for a change in the public’s attitude; when you have The Mail Online providing critical commentary of the Draft Communications Bill and providing recommendations of encryption software readers can use to keep their communications confidential you know that something has changed.

How does this differ from what companies can derive anyway?

This is probably where I think that things get the most interesting.

Network analysis tools are available off the shelf from the likes of Salesforce.com, IBM or SAS Institute. They have been deployed to look for fraudulent transactions, particularly on telecoms networks, and are also used to improve the quality of customer service. Many of them get inputs directly from social network such as Twitter and Facebook.

Deep packet inspection software and hardware again is available off the shelf from a number of suppliers. Companies like Narus and TopLayer Networks pioneered deep packet inspection for a wide range of reasons from surveillance to prioritising different types of network traffic. The security implications became more important (and lucrative) after 9/11; now the likes of Cisco and Huawei provide deep packet inspection products which are used for everything from securing corporate networks, preventing denial of service attacks and in the case of Phorm – behavioural advertising.

Skyhook Wireless and Google have location data that services can draw down on providing accurate information based on cell tower triangulation and a comprehensive map built-up of wi-fi hotspots.

Credit information can be obtained from numerous services, as can the electoral role. If this data is put together appropriately (which is the hard part), there is very little left of a life that would be private anyway.

Companies are trying to get to this understanding, or pretend that they are on the way there. Google’s Dashboard shows the consumer how much it infers about them and information that consumers freely give Facebook makes it an ideal platform for identity theft.

One of the most high-profile organisations to get close to this 360 view of the consumer is Delta Airlines who recently faced a backlash about it.

So what does this all mean?

We should operate on the basis that none of our electronic information is confidential. Technology that makes communication easier also diminishes privacy.  The problem isn’t the platforms per se but our behavioural adjustment to them.

More information
Giant database plan Orwellian | BBC News
Directive 2006/24/EC (PDF)
Written answers on internet pornography – They Work For You
UK government rejects ‘opt in’ plans for internet porn – TechRadar
Internet Filtering: Implications of the “Cleanfeed” System School of Law, University of Edinburgh Third Year PhD Presentation Series TJ McIntyre Background Document for 12 November 2010 Presentation (PDF)
Councils’ surveillance powers curbed | The Guardian
The new politics of the internet Everything is connected | The Economist
Blacklist Blog | Hazards magazine
UK government plans to track ALL web use: MI5 to install ‘black box’ spy devices to monitor British internet traffic | Mail Online
Most UK citizens do not support draft Data Communications Bill, survey shows | Computer Weekly
How Britain eavesdropped on Dublin | The Independent
Cases, Materials, and Commentary on the European Convention on Human Rights By Alastair Mowbray
U.S. Army Counterinsurgency Handbook By U S Dept of the Army, Department of Defense
Draft Communications Data Bill – UK Parliament
Deep packet inspection (DPI) market a $2 billion opportunity by 2016 – Infonetics Research
Google Dashboard
Big Brother Unmasked… As Delta Airlines – smarter TRAVEL

by

Olympic brand ambush marketing?

I wonder if Haribo is an Olympic sponsor? I wasn’t aware that they were and didn’t see anything obvious on their website to indicate that they were an Olympic sponsor. So I was a bit surprised to see these Gold Medal sweets that I thought would have violated the brand protection measures of the UK Olympic Act?
Are Haribo an Olympic sponsor?