legislation

Ihre Papiere, bitte

Sunday, December 23rd, 2007 | Personal | No Comments

The surveillance society is upon us, whether we would like it or not. All in the name of catching serious criminal offenses like ‘terrorism’. In particular the digital realm is being monitored with phone calls, phone text messages and communications on the internet. Based on the EU data retention law, which I have written about here and here, my dear country, Denmark, enacted their surveillance laws a few months ago: Bekendtgørelse om udbydere af elektroniske
kommunikationsnets og elektroniske kommunikationstjenesters registrering og opbevaring af oplysninger om teletrafik (logningsbekendtgørelsen); in short, the logging proclamation. According to it, the following items must be logged in an internet session:

  1. Transmitter’s IP address
  2. Receiver’s IP address
  3. Transport protocol
  4. Transmitter’s port number
  5. Receiver’s port number
  6. Time for the start and end of the communication

So what does this leave us with? Sure, we can see what machine you connect to and how long your connection lasts, so for the fun of it, and because this is about as ridiculous as it gets, I decided to take a try at logging all my TCP connects/disconnects an entire afternoon and evening and see what that would lead us to discover about me. Since the originating IP in this instance is a bit irrelevant, let us focus on the receiver’s IP address and port number.

A day’s worth of log information takes up a good bunch of lines, so instead of going through all of it, I will go through enough of it to illustrate the pointlessness of the entire thing. This took less than eleven minutes to do.

11:43:11 - 11:43:13: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:11 - 11:43:16: 81.19.246.12:www (RDNS N/A)
11:43:11 - 11:43:20: 81.19.246.12:www (RDNS N/A)
11:43:12 - 11:46:41: 193.88.32.86:www (RDNS N/A)
11:43:13 - 11:43:14: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:13 - 11:43:20: 81.19.246.12:www (RDNS N/A)
11:43:15 - 11:43:16: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:15 - 11:43:16: 64.158.223.144:www (RDNS img.snv.mediaplex.com)
11:43:20 - 11:43:27: 81.19.246.12:www (RDNS N/A)
11:43:29 - 11:43:31: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:31 - 11:43:55: 81.19.246.12:www (RDNS N/A)
11:43:32 - 11:43:33: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:34 - 11:43:35: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:35 - 11:43:36: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:35 - 11:43:36: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:37 - 11:43:40: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:37 - 11:43:43: 81.19.246.12:www (RDNS N/A)
11:43:38 - 11:48:51: 80.167.236.88:www (RDNS a80-167-236-88.deploy.akamaitechnologies.com)
11:43:38 - 11:49:19: 80.167.236.88:www (RDNS a80-167-236-88.deploy.akamaitechnologies.com)
11:43:39 - 11:43:45: 81.19.246.96:www (RDNS N/A)
11:43:49 - 11:44:14: 128.242.125.13:www (RDNS N/A)
11:43:51 - 11:43:53: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:51 - 11:43:52: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:51 - 11:43:55: 81.19.246.12:www (RDNS N/A)
11:43:54 - 11:43:55: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:54 - 14:20:33: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:55 - 11:43:56: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:55 - 14:20:35: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:43:55 - 11:44:04: 81.19.246.12:www (RDNS N/A)
11:44:00 - 11:44:01: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:00 - 11:44:01: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:02 - 11:44:03: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:02 - 11:47:13: 64.158.223.128:www (RDNS ad.snv.mediaplex.com)
11:44:02 - 11:44:16: 83.133.64.252:www (RDNS N/A)
11:44:03 - 11:44:05: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:03 - 11:44:05: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:03 - 11:46:36: 193.88.32.86:www (RDNS N/A)
11:44:04 - 11:44:09: 81.19.246.12:www (RDNS N/A)
11:44:06 - 11:44:07: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:07 - 11:44:08: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:09 - 11:44:14: 81.19.246.12:www (RDNS N/A)
11:44:10 - 11:44:12: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:14 - 11:44:17: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:15 - 11:44:20: 81.19.246.12:www (RDNS N/A)
11:44:19 - 11:44:20: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:20 - 11:44:21: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:20 - 11:44:23: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:20 - 11:44:47: 128.242.125.13:www (RDNS N/A)
11:44:20 - 11:44:32: 83.133.64.252:www (RDNS N/A)
11:44:22 - 11:44:23: 193.88.71.163:www (RDNS N/A)
11:44:24 - 11:44:26: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:27 - 11:44:28: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:28 - 11:44:29: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:29 - 11:44:32: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:30 - 11:44:32: 194.126.131.130:www (RDNS adserver2.adtech.de)
11:44:37 - 11:44:38: 77.79.194.194:www (RDNS 77.79.194.194.adocean.pl)

To people who have spent some time looking into DNS, it should come as no surprise that reverse DNS is shaky at best, since most companies either don’t have the correct PTR records or they do not have them at all. So what did trigger all these calls to adtech? Well, that’s fairly easy: I visited pol.dk, which is the 81.19.246.12 entry above without an available reverse DNS. Pol.dk is the online version of the Danish newspaper Politiken, which is slightly on the left of the political spectrum, so if I consistently visit this news source as my primary source for news, people watching the logs could probably peg me to be on the left of the political spectrum as well.

11:52:16 - 11:52:17: 66.35.250.150:www (RDNS slashdot.org)
11:52:17 - 11:52:18: 216.73.86.153:www (RDNS annymegaadvip3.doubleclick.net)
11:52:18 - 11:52:22: 69.28.241.125:www (RDNS static-vip.srv.jobthread.com)
11:52:19 - 11:52:29: 66.35.250.55:www (RDNS images.slashdot.org)

Next is a trip around Slashdot to check for the latest geekish news. A huge portion of their readers are strong privacy advocates and for the most part they think copyright is too far-reaching in its current form and refer to MPAA and RIAA as the MAFIAA. At least the vocal part of their readers seem to hold these opinions. If I follow a lot of the yro.slashdot.org stories (your rights online) then odds are that I am also interested in these things and hold these views; however, from this log entry we can only tell that I’ve visited the main slashdot site.

11:52:23 - 11:52:24: 212.187.213.175:www (RDNS uk-pix05.quantserve.com)
11:52:56 - 11:53:00: 66.96.26.214:www (RDNS uf.ServerNorth.net)
11:52:56 - 11:53:17: 82.165.177.183:www (RDNS u15185240.onlinehome-server.com)
11:52:57 - 11:53:05: 209.172.63.166:www (RDNS iw-fb-apache-2.zeservers.com)
11:52:58 - 11:53:00: 66.96.26.214:www (RDNS uf.ServerNorth.net)
11:52:58 - 11:53:01: 66.207.163.2:www (RDNS N/A)
11:52:58 - 11:53:01: 64.131.83.210:www (RDNS princess.questionablecontent.net)
11:52:59 - 11:53:00: 64.4.241.33:https (RDNS www.paypal.com)
11:52:59 - 11:53:00: 64.4.241.33:https (RDNS www.paypal.com)
11:52:59 - 11:53:04: 209.172.63.166:www (RDNS iw-fb-apache-2.zeservers.com)
11:52:59 - 11:53:10: 66.96.26.211:www (RDNS uf2.ServerNorth.net)
11:52:59 - 11:53:09: 66.96.26.211:www (RDNS uf2.ServerNorth.net)
11:52:59 - 11:53:10: 66.220.2.5:www (RDNS ['ns1.keenspot.com', 'ns1.keenspace.com', 'binky.keenspace.com'])
11:53:00 - 11:53:10: 208.122.4.178:www (RDNS N/A)
11:53:00 - 11:53:01: 207.7.147.85:www (RDNS optimize.indieclick.com)
11:53:00 - 11:53:01: 64.4.241.33:https (RDNS www.paypal.com)
11:53:00 - 11:53:01: 204.11.109.21:www (RDNS a.tribalfusion.com)
11:53:01 - 11:53:08: 208.122.4.178:www (RDNS N/A)
11:53:01 - 11:53:05: 74.208.78.7:www (RDNS s214871675.onlinehome.us)
11:53:01 - 11:53:27: 66.220.2.5:www (RDNS ['ns1.keenspot.com', 'ns1.keenspace.com', 'binky.keenspace.com'])
11:53:02 - 11:53:05: 66.220.2.19:www (RDNS nineteen.keenspot.com)
11:53:02 - 11:53:09: 69.17.116.124:www (RDNS webhosting.speakeasy.net)
11:53:02 - 11:53:05: 66.220.2.25:www (RDNS twentyfive.keenspot.com)
11:53:03 - 11:53:13: 69.17.116.124:www (RDNS webhosting.speakeasy.net)
11:53:04 - 11:53:05: 66.220.2.25:www (RDNS twentyfive.keenspot.com)
11:53:04 - 11:53:14: 66.96.26.211:www (RDNS uf2.ServerNorth.net)
11:53:04 - 11:53:14: 66.96.26.211:www (RDNS uf2.ServerNorth.net)
11:53:05 - 11:53:06: 67.15.50.37:www (RDNS ev1s-67-15-50-37.ev1servers.net)
11:53:05 - 11:53:13: 66.249.93.166:www (RDNS ug-in-f166.google.com)
11:53:05 - 11:53:09: 69.17.116.124:www (RDNS webhosting.speakeasy.net)
11:53:05 - 11:53:11: 66.220.2.25:www (RDNS twentyfive.keenspot.com)
11:53:06 - 11:53:13: 66.249.93.166:www (RDNS ug-in-f166.google.com)
11:53:06 - 11:53:11: 66.207.163.2:www (RDNS N/A)
11:53:07 - 11:53:25: 12.18.170.211:www (RDNS frost.mtaonline.net)
11:53:08 - 11:53:13: 216.197.119.157:www (RDNS N/A)
11:53:08 - 11:53:11: 66.220.2.25:www (RDNS twentyfive.keenspot.com)
11:53:09 - 11:53:10: 207.7.147.85:www (RDNS optimize.indieclick.com)
11:53:09 - 11:53:11: 66.207.163.2:www (RDNS N/A)
11:53:09 - 11:53:10: 195.78.94.245:www (RDNS N/A)
11:53:10 - 11:53:25: 66.220.2.19:www (RDNS nineteen.keenspot.com)
11:53:10 - 11:53:11: 8.7.217.43:www (RDNS N/A)
11:53:10 - 11:53:11: 204.11.109.24:www (RDNS a.tribalfusion.com)
11:53:11 - 11:55:28: 209.101.90.33:www (RDNS dndorks.com)
11:53:11 - 11:53:13: 66.33.217.213:www (RDNS basic-kant.dawber.dreamhost.com)
11:53:11 - 11:53:12: 80.252.93.102:www (RDNS N/A)
11:53:11 - 11:53:13: 195.78.94.245:www (RDNS N/A)
11:53:12 - 11:53:19: 66.207.163.2:www (RDNS N/A)
11:53:12 - 11:53:13: 66.220.2.25:www (RDNS twentyfive.keenspot.com)
11:53:12 - 11:53:15: 72.29.92.15:www (RDNS server.whiteninjacomics.com)
11:53:13 - 11:54:22: 192.217.199.107:www (RDNS N/A)
11:53:13 - 11:53:19: 66.207.163.2:www (RDNS N/A)
11:53:13 - 11:53:19: 66.33.217.213:www (RDNS basic-kant.dawber.dreamhost.com)
11:53:14 - 11:53:17: 64.131.83.210:www (RDNS princess.questionablecontent.net)
11:53:15 - 11:53:16: 216.197.119.157:www (RDNS N/A)
11:53:15 - 11:53:19: 209.101.90.33:www (RDNS dndorks.com)
11:53:16 - 11:53:17: 8.7.217.43:www (RDNS N/A)
11:53:16 - 11:53:20: 64.233.171.104:www (RDNS rn-in-f104.google.com)
11:53:16 - 11:53:20: 64.233.171.104:www (RDNS rn-in-f104.google.com)
11:53:17 - 11:53:18: 8.7.217.43:www (RDNS N/A)
11:53:18 - 11:53:24: 208.122.4.178:www (RDNS N/A)
11:53:18 - 11:53:24: 208.122.4.178:www (RDNS N/A)
11:53:18 - 11:53:29: 66.249.93.166:www (RDNS ug-in-f166.google.com)
11:53:20 - 11:53:22: 207.44.216.40:www (RDNS 1002-3.lowesthosting.com)
11:53:20 - 11:53:22: 66.228.125.212:www (RDNS server3.blibs.com)
11:53:23 - 11:53:24: 217.163.21.31:www (RDNS ad1.vip.rm.ch1.yahoo.net)
11:53:23 - 11:53:24: 217.163.21.31:www (RDNS ad1.vip.rm.ch1.yahoo.net)
11:53:24 - 11:53:42: 69.89.31.88:www (RDNS box288.bluehost.com)

This bunch of sites are the webcomics I read. There are a few of them, as you can see. Now, we don’t actually need to go any further than this in dissecting my personal browsing habits to see where this falls apart. A few of them are hosted on a hosted solution for a bunch of webcomics on keenspot. So how do we discern between what we actually visited on that specific address given the logs? Well, you can’t! This has all to do with the fact of how webservers host non-SSL webpages.

At the core level a webserver runs on a machine, typically listening on port 80 (the www port). This webserver may provide any number of pages using what in the Apache world is known as virtual hosts, so if you request a page from foo.com it will serve you one set of pages, and if you request a page from bar.com it will serve you another set of pages, but all this will happen just by you connecting to port 80 on some machine. If we couple this with the fact that a terrorist could be running a webserver that serves two sites: a reputable site that logs calls and a shady terroristy site (advocating privacy, or what have you) that does not log visits then it does not require huge amounts of training in Computer Science or in systems administration in general to quickly see zillions of ways through this.

Fortunately we have expert politicians dealing with these things. In fact, in Danish law we have something called §20 questions where a minister can be forced to answer some question from a member of parliament (folketinget). Here we have a question asking the justice minister’s opinion on the fact that a survey indicated that 54% of educated Engineers and Computer Scientists thought they could circumvent the legislated logging. For the non-Danish readers I will translate the minister’s answer:

I have no further knowledge of the survey that is referred in the question, including how and on what accounts Computer Scientists and Engineers think they can circumvent the requirements in the logging proclamation.

The purpose of the rules on logging is to prevent and solve very serious crime and it is difficult for me to imagine that Computer Scientists and Engineers in general would have a wish to try to circumvent the rules in this area.

It should be noted that it, in itself, will cause an increased attention on a person if the police, in the course of an investigation of a person, discover that he has tried to circumvent the logging proclamation.

In other words, it is suspicious to circumvent the logging, even though over half the higher educated IT workforce believe they can circumvent it without issues. I guess the criminals are extra fearful on account of this, it’s not as if the criminals are breaking a bunch of other laws already. Since I prefer to not be a suspect, I will not regale you with the ways this can be circumvented, but suffice it to say, the law is a joke, and the justice minister’s understanding of the implications are a joke. If it wasn’t so very sad, I’d probably be laughing my ass off.

If you wish to redo this experiment, or if you just want to see exactly how much information is logged about what you are doing online, grab a copy of tcpspy and leave it running for a while. If you are in Denmark, then all this is logged and is related to you personally (another requirement of the proclamation), or rather it is related to the account holder of the internet connection you are using, because there is no way to discern between the individuals using a connection, and it is saved for a year and made available for all investigations into ‘serious crime’. Welcome to the surveillance society, your privacy is gone.

Tags: , ,

Digital Rights Management and Culture

Monday, June 12th, 2006 | Personal | No Comments

Digital Rights Management (DRM) is all the craze these days, as companies are vying for ever more control over how we consumers use their products. Imagine those non-skip-able parts on your new DVD movie. You know them: the anti-copying schtick, the promotional advertisements for other movies you probably don’t want to watch, because you’ve already seen them a dozen times. Now imagine it was illegal to get a player that allows you to skip them. That is part of what DRM is about.

The world of television is soon moving to digital broadcasting, where those same DRM rules will apply. Let us presume that the broadcasting companies get a special flag added to the digital stream that says “you must not change channel now” and use this flag while sending commercials. This means that if you got a digital TV that allowed you to change channel despite of this flag then you would potentially be violating DRM laws. Philips has already sought a patent for doing exactly this.

In the audio world, CD publisher Sony was happily distributing a DRM system with some of their newer CDs to make sure that their CD wasn’t copied. It did this by adding what is called a filter driver to your CD-ROM device, among other things. This filter driver, apart from containing bugs, was always active, regardless of whether your Sony CD was in the drive or not. So what does it do? It tries to interfere with burning software so you might find yourself unable to burn that CD with your backups because you listened to a Sony CD sometime earlier. Apart from this there was no indication of this software, nor any way to uninstall it. Worse, this DRM that kindly allows Sony to “protect” their interests contained a bug that allowed any website to execute arbitrary code on your machine. In human terms that means Sony just opened a door for a hacker to control your system. After public outcry over this how was this corporation punished? Oh wait, they weren’t. They magnanimously promised customers who contacted them about their DRM CDs to get free non-DRM CDs. That was it.

The games industry has been doing this for year with various copy protections. One of the worse ones is the StarForce DRM software that in many cases renders the system completely unstable. Most people just attribute it to Windows being bad.

These are just a few examples of DRM things that have come up in recent years, and this will just be the beginning. We are moving to a world where it is not the laws of your country that defines what you are allowed to do. No, in the future it may very well be companies who can define how you may use your digital equipment: you may not use a CD burner once you’ve listened to this CD, you may not watch this DVD on two different players, you may not copy the song you bought online to another device than your iPod.

Do we really want companies to be able to control in detail how we may use what we buy? Would it be alright if publishers told us that it was illegal to lend a book to a friend? Let the laws define what we may, not the corporations, and don’t let the corporations write the laws. Our culture is too important to be turned into nothing more than profit on the bottom line.

Tags: ,

Propagandising the audience

Sunday, June 11th, 2006 | Personal | No Comments

You may think of me as you please, but I have always been a fan of the Hollywood action movies like Die Hard, I, Robot, The Rock and Mr. and Mrs. Smith (the Pitt and Jolie version), to name a few. Tonight we were taking a break from our studies and put on Mr. and Mrs. Smith to watch, and what pops up first? A propaganda movie by the MPA(A). A propaganda movie that you cannot skip as it utilises the non-skip-able DVD setting (which was conveniently added to the format). Of course, there are players that allow me to skip past these things, but let us leave that for another time. Let us, rather, look at the contents of this rather educating production.

We are greeted with the message that You would not steal a purse, You would not steal a movie. And finally what this property theft appeal leads up to: Downloading a pirated movie is stealing. So they’re saying that copying a movie is the equivalent of stealing property from someone, rather than what it really is: copyright infringement. Now, copyright infringement is, according to the current laws in most places, of course, also illegal, but it is not the same thing as property theft. In property theft one party gains something and another one loses it. With copyright infringement one person has something, and now the other person has it too. It’s rather like ideas in that respect. Copyright protection is basically a protection of the collective ideas represented in your work. So what is this that the movie industry is trying to insinuate? That copyright infringement should be punished as property theft? What they’re doing is feeding us falsehood. Oh but it was only meant as an allegory would be a plausible defense on their part. An allegory indeed.

Over the past centuries these interest organisations have lobbied for longer and longer copyright periods. Copyright was originally An Act for the Encouragement of Learning, by vesting the Copies of Printed Books in the Authors or purchasers of such Copies, during the Times therein mentioned set down by the British in Statute of Anne and enacted from 1709/1710. This statute provided content providers (publishers in this case) 28 years protection of their works from being copied and thereafter the work would pass into what is known as the Public Domain. Since then content providers have lobbied governments to give them longer and longer copyright protection. So what started as 28 years is now up to (hold on to your hat and loose appendages) the lifetime of the author plus 70 years. The now more liberal Statute of Anne has allowed things like Project Gutenberg to exist. Imagine we would have to wait an average of 150 years until works become available for the encouragement of learning. All there is today is encouragement for companies to make money, unfortunately.

All this comes down to, of course, is whether the laws are made in the interest of the prosperity of the people, or in the interest of the prosperity of the corporate interests that donate money to our law-makers. The interest organisations for the music, software and movie industries are all trying to change the model of copyright, not into something we get (a CD, a program, etc.), but something we lease/rent from them. Something to which we have no rights. Something where we have to pay them money for each distinct place that we use it. This will, of course, be very interesting to these people as that will make them a lot of money. To make things a bit more concrete let us imagine that I want to buy the new Evanescence CD that is coming out in October. Now, I lease this once to be able to play it on my computer. But I also want to be able to listen to it at the stereo, so I have to pay again. Oh, and I’d like to put it on my MP3-player too, so I will have to pay again. This is the content provider’s dream. Imagine all the money they will get from those pesky consumers! The losers will, of course, become the consumers. The consumers would be you and me.

Now, I am not only saying this because I am a consumer and I think what the interest organisations are doing is immoral and against the benefit of society in general. I am also a content provider. I write books and papers. I have recorded music. I would get the same benefits. The difference is that I see no need to extort my fellow people of their every penny in order for them to be allowed to read my material. Imagine if publishers from 1710 had been given the right to lifetime plus 400 years. There would be no Project Guternberg. There would not be an encouragement of learning. The public domain would contain few of the great masterpieces of this world.

This made it into a fairly long post, which I had not intended, but I think society, and in particular our politicians, need to learn that copyright is a system that gives incitement for the content providers to invest money in providing content and at the same time, providing society with an enrichment of their culture, an encouragement of learning. There will be precious little new material for anyone to learn from for a long time with lifetime plus 70 years. We are hoarding our cultural legacy from ourselves by allowing these laws to be passed. I find it sad that interest organisations and politicians run free to ruin culture like this for some more money. Sad. Fortunately I am not alone in my perspective, in particular Stanford Law Professor Lawrence Lessig is working hard in favour of returning to a copyright statute in spirit with the Statute of Anne. Limited protection for the content provider and cultural enrichment after this. Let us not sign away our culture to provide added revenue for a select group. Please?

Tags: , ,

Let the recording begin

Wednesday, December 14th, 2005 | Personal | No Comments

In my last post It’s a sad day for Europe, I spoke about the European Council trying to fast-track the data retention bill through the Parliament for approval. Well, today was the day of the plenary vote and it was passed with a majority of 387 versus 204. Now the individual member states need to incorporate the bill in their laws and by the turn of the year it should be required most places for ISPs and the likes to store all transaction end-point information for no less than six months and no more than two years (except for exceptions from some member states).

Today the privacy of the individual has been given a devastating blow.

The man who trades freedom for security does not deserve nor will he ever receive either.

– Benjamin Franklin

Sources:

Tags: , ,

It’s a sad day for Europe

Saturday, December 3rd, 2005 | Personal | No Comments

Yesterday the ministers of justice in the European Council agreed on their position on the directive of mandatory retention of communications data, as reported on Statewatch. Data retention is no solution has a wiki with further pertinent information on the directive.

With that out of the way, how come an otherwise politically disinterested member of the European Union takes this up on his blog? Why does he have to anyway, haven’t the ministers read Orwell’s 1984? Or perhaps more contemporarily relevant we have Scott Adams’ The Religion War that illustrates what may happen when we push our privacy aside in order to “fight” “terrorism”.

So let us ignore my dysfunctional paranoia for a moment, if you would like to call it that, and look at what is taking place for fighting terrorism in this thing. We have a directive that has been four years under way, that has been sought silently accepted by the council and is being pushed as a fast-track item for approval of non-controversial laws in the parliament later this month, on a first reading. If this law is really that useful for doing societal analysis for the police why not let it stand up to a full scrutiny of a second reading? Why push this hard so the public has almost no time to respond or take notice of it? I consider it more chance than not that I discovered they were actually trying to pass this directive this month already. I am appalled.

So what does this law do anyway? The data rentention law makes it mandatory for all telecommunications and internet service providers to retain all traffic data for no less than six months and no more than two years (four years have been mentioned as well). So what does this mean? It means that your location when you call someone is stored. It means that who you send mails to are stored. It means what websites you visit are stored. A complete blueprint of your interactions with people will be stored, available to the police and other parties that need the data (but more on this in a few seconds). Of course, I might just be pessimistic, but with the many millions of citizens in Europe, how many false-positives will we have? How much invasion of our privacy must we allow in order to ward off terrorists? Will it ward them off at all or will they just invent new and innovative ways to communicate? By accepting these things are we not doing what the terrorists intended in the first place? Giving up our freedoms and accepting a controlled and monitored society in order to lull us into a false sense of security? It saddens me.

The directive states that the data should only be made available in connection to a serious crime or terrorism. So far so good, it has been limited a bit (not enough, but a bit). Now, I live in the EU and I have a vague inkling of an idea about how the EU legislative aspects work, but only a very vague idea. For the uninitiated the member states are allowed to make exemptions to the directives (to some degree that I haven’t figured out yet). It intrigues me to see that some member states have sought not to limit this directive to only serious crime, they want it to be available in connection to any crime at all. This is where the interest organisations for the music industry enter and try in their righteous indignity to have the data available in order to prosecute copyright infringers. Copyright infringers! As if it wasn’t bad enough that we give up our privacy to fight terrorism, we have to give it up so an irrelevant industry fighting for its existential right can extort money from kids whose crime it is to love music and wanting to share it with their friends (yes, I realise there are other aspects to copyright infringement, but let us ignore that for the moment. They’re ignoring our privacy anyway)! The temerity! I am shocked.

So with sadness I sit here and think on the future. No, not sadness, that’s too mild. I sit here looking into the vast decrepit, dystopian future. When I want to talk to someone without being monitored I will have to remember not to use my computer as that leaves a digital trail that will be stored. I shall remember to turn off my cell phone as its location will be tracked (so far only when I make calls, sure, but entertain the thought for a bit). I will have to disappear from the communications grid altogether if I want a confidential conversation with someone. How long until the day where it becomes illegal to do this? You know, in the cause of fighting terrorism. When will I have to register all my friends in order to be allowed to call them, as with Adams’ The Religion War?

Let us hope that this law will not be passed when the parliament convenes between the 12th and the 15th. We do not welcome a new and fascist regime. We value our privacy rights. I will hope, but it seems irrational to me. Frightfully irrational. A sad day for Europe indeed.

Tags: , ,