CyberLaw Blog

Archive for September 10th, 2008

British Firm Phorm Trudges Through the Deep Packet Storm: “Deep packet inspection — the secret harvesting of granular details about individual internet activity so companies can make better guesses about what to sell you — has been facing a slow death in the U.S. But British firm Phorm, which provides a similar service abroad, has so far managed to steer through the death-inducing scrutiny and negative press that has enveloped NebuAd.

(Via Wired News.)

Bits: Dealing With I.S.P. Snooping: “A law professor argues that Internet providers are probably violating wiretap laws if they monitor the surfing of their users for advertising, but he still proposes making the laws even tougher.

(Via NYT > Technology.)

Bits: Google Tightens Data Retention Policy – Again: “Under pressure from regulators and activists, Google tightened its data retention policies, saying it would anonymize search records after nine months.

(Via NYT > Technology.)

Another step to protect user privacy: “Posted by Peter Fleischer, Global Privacy Counsel; Jane Horvath, Senior Privacy Counsel; and Alma Whitten, Software Engineer

(Cross-posted from the Official Google Blog)

Today, we’re announcing a new logs retention policy: we’ll anonymize IP addresses on our server logs after 9 months. We’re significantly shortening our previous 18-month retention policy to address regulatory concerns and to take another step to improve privacy for our users.

Back in March 2007, Google became the first leading search engine to announce a policy to anonymize our search server logs in the interests of privacy. And many others in the industry quickly followed our lead. Although that was good for privacy, it was a difficult decision because the routine server log data we collect has always been a critical ingredient of innovation. We have published a series of blog posts explaining how we use logs data for the benefit of our users: to make improvements to search quality, improve security, fight fraud and reduce spam.

Over the last two years, policymakers and regulators — especially in Europe and the U.S. — have continued to ask us (and others in the industry) to explain and justify this shortened logs retention policy. We responded by open letter to explain how we were trying to strike the right balance between sometimes conflicting factors like privacy, security, and innovation. Some in the community of EU data protection regulators continued to be skeptical of the legitimacy of logs retention and demanded detailed justifications for this retention. Many of these privacy leaders also highlighted the risks of litigants using court-ordered discovery to gain access to logs, as in the recent Viacom suit.

Today, we are filing this response (PDF file) to the EU privacy regulators. Since we announced our original logs anonymization policy, we have had literally hundreds of discussions with data protection officials, government leaders and privacy advocates around the world to explain our privacy practices and to work together to develop ways to improve privacy. When we began anonymizing after 18 months, we knew it meant sacrifices in future innovations in all of these areas. We believed further reducing the period before anonymizing would degrade the utility of the data too much and outweigh the incremental privacy benefit for users.

We didn’t stop working on this computer science problem, though. The problem is difficult to solve because the characteristics of the data that make it useful to prevent fraud, for example, are the very characteristics that also introduce some privacy risk. After months of work our engineers developed methods for preserving more of the data’s utility while also anonymizing IP addresses sooner. We haven’t sorted out all of the implementation details, and we may not be able to use precisely the same methods for anonymizing as we do after 18 months, but we are committed to making it work.

While we’re glad that this will bring some additional improvement in privacy, we’re also concerned about the potential loss of security, quality, and innovation that may result from having less data. As the period prior to anonymization gets shorter, the added privacy benefits are less significant and the utility lost from the data grows. So, it’s difficult to find the perfect equilibrium between privacy on the one hand, and other factors, such as innovation and security, on the other. Technology will certainly evolve, and we will always be working on ways to improve privacy for our users, seeking new innovations, and also finding the right balance between the benefits of data and advancement of privacy.

“

(Via Google Public Policy Blog.)

Scientology critics fight YouTube takedown notices: “

Push Me F*ck You

Net users are fighting back against attempts to remove content critical of the Church of Scientology (CoS) from YouTube.…

“

(Via The Register – Public Sector.)

(Via TorrentFreak.)

Europe Gets Prison Break Fix via BitTorrent: “

Last week the fourth season of Prison Break aired in the US with over 6 million viewers on TV. On BitTorrent the season premiere was downloaded more than 2 million times this week. The majority of the downloads go to Europe though. Poland alone is responsible for 12%, compared to only 4% US downloads.

Last week we reported that the season premiere of Fox’s Prison Break was downloaded more than a million times just a day after it was aired on TV. Fox, which offers a free and legit Prison Break stream on Fox.com for US viewers, thinks that most downloads come from overseas, where the episodes haven’t aired yet, let alone that it can be streamed online.

It turns out that Fox’s assumption is right. We decided to look into the download locations of one of the most popular Prison Break torrents and found that, based on a sample of more than 250,000 downloads, most downloaders are located in Europe.

In our sample, which represents approximately 10% of the total downloads this week, the show was most downloaded in Poland (12%). UK and France were in second and third place respectively, followed by Canada and The Netherlands. The US was sixth in the list with only 4% of the total downloads, and Greece, Spain, Australia and Brazil complete the top 10.

As we have said before, availability seems to the key issue why people turn to BitTorrent. Non-US Prison Break fans sometimes have to wait for weeks or even months before the show airs on TV in their country, and many of them are not that patient, or willing to torture themselves. Until this problem is addressed, we’re not likely to see a decrease in TV-show downloads from BitTorrent.

The 4% US downloaders that preferred to get the show via BitTorrent instead of streaming it online probably did so because they wanted to watch it on their TV or get a higher quality copy – streaming isn’t all that. Both Fox and Hulu, the two sites that offer Prison Break streams have not published any numbers, so it’s hard to compare the number of US downloaders (~100.000) with the US streamers.

We do have a new TV-torrent download chart, with plenty of newcomers. So, let’s take a look at the 10 most downloaded shows this week. The data for the weekly download chart is collected by TorrentFreak from a representative sample of BitTorrent sites and is for informational and educational reference only.

Top Downloads August 31 – September 07

Google says EU data laws do not catch its search logs: “Google will anonymise search engine data after nine months instead of 18 months after pressure from EU and US privacy activists and regulators. The company also said that EU law does not apply to crucial parts of its data processing operations.”

(Via OUT-LAW News.)

(Via TorrentFreak.)

BitTorrent Tracker Admin Jailed for 18 Months: “

The fallout from the FBI raid on EliteTorrents in 2005 continues. Today, 26 year-old Daniel Dove has been sentenced to 18 months in prison and a $20,000 fine for the work he put in on the private BitTorrent tracker Elitetorrents.

During 2005, Federal Agents assisted by U.S. Immigration and Customs Enforcement (ICE), first infiltrated and then shutdown EliteTorrents, a BitTorrent tracker with more than 130,000 members. In a May they took down the server and left this message, which was viewed more than 500,000 times in the week following the raid.

Daniel Dove, one of the arrested administrators of the Elitetorrents tracker initially opted for a ‘not guilty’ plea, but his gamble didn’t pay off. The jury was told that Dove was responsible for managing and recruiting the crucial ‘uploaders’ on the site (original seeders) and that he also operated a server which was used to distribute pirate material.

The jury believed this version of events and found Dove guilty on one count each of conspiracy and felony copyright infringement. Today, Dove has was sentenced to 18 months in prison, three years of supervised release and a $20,000 fine.

Dove is the only administrator of Elitetorrents to plead ‘not guilty’. In 2006, Scott McCausland pleaded guilty to one count of conspiracy to commit criminal copyright infringement and one count of criminal copyright infringement for his uploading of Star Wars: Episode III.

McCausland received jail time and home confinement and on his release told TorrentFreak: ‘After 5 months in prison, and another 5 months on home confinement, I have just one obstacle left: my 1.5 years left of probation.’

Fellow site admin Grant Stanley, then aged 23, pleaded guilty to the same offenses as Scott and received the same sentence with the addition of a $3,000 fine. Other admins and uploaders who pleaded guilty include Sam Kuonen, then aged 24, 22 year old Scott D. Harvanek and An Duc Do, aged 25.

Dove’s sentence is the eighth resulting from Operation D-Elite but this federal crackdown didn’t end up causing a decrease in overall private BitTorrent tracker availability. Instead, soon after the raids the Elitetorrents members spread out to other trackers, the major difference is that most of them are now hosted outside the US.

Home Office screws prison data bunglers: “

PA Consulting feels Jacqui’s wrath

The Home Office has today terminated a £1.5m contract with PA Consulting after it lost the personal details of the entire UK prison population.…

“

(Via The Register – Public Sector.)