CAMBRIDGE, Mass., March 31, 2008 - Nearly 90 percent of Americans say they feel safe online despite the rising tide of spyware, phishing and other badware threatening Internet users, according to a new poll sponsored by StopBadware.org, the consumer protection initiative aimed at combating dangerous software.

…

“What we have here is an Internet security paradox,” said Maxim Weinstein, who manages the StopBadware.org team at Harvard Law School’s Berkman Center for Internet & Society. “Americans see themselves as safe online, even as we see an ongoing trend of organized criminal elements using the Internet to target unsuspecting users.” Weinstein will testify at the Federal Trade Commission on April 1 about how to better educate users about the dangers of phishing, a deceptive practice responsible for $2.1 billion in identity theft damages last year, according to Consumer Reports.

I wonder, though, do we think that mistaken feeling of safety is a bad thing? I don’t — I think it’s great that we have enough of a safety net that people who don’t have the technical competence to deal with PC security threats nonetheless are being generative and participatory. I don’t think we’d gain by scaring those Internet users, even through education. While malware problems are often compared to public health, we don’t have a solution that’s as easy and effective as one-time vaccination to make computer users safer.

I’d suggest instead that social insurance and systematic efforts to prosecute criminal use of malware are better responses than demanding that individual Internet users pay attention, educate themselves, and stay vigilant against ever-mutating threats.

If the government created this work, then the DMCA claim is improper. Works of the U.S. government are not copyrightable. But the statute allows the government to receive copyright assignments, so if an independent contractor created the video, still available at the Air Force’s (non .mil) site, the government could meet that technical requisite of the DMCA.

The DMCA also requires that the notifier assert the posting was unauthorized. Poulsen’s article, however, says the Air Force sent Wired the ad and “thanked THREAT LEVEL for agreeing to run it.” That doesn’t quite square with the DMCA-required statement that the notice-sender “ha[s] a good faith belief that none of the materials or activities listed above has been authorized by the U.S. Air Force, its agents, or the law.”

Even if the Air Force’s DMCA claim is truthful, however, it’s still a policy overreach. Wired posted the video in order to report on government recruiting efforts; the video’s dissemination is part of that First-Amendment protected discussion, whether it happens on or off government websites. The DMCA makes it too easy to takedown first, think later.

Performances are March 5 (black tie opening), 7, 8, 9, 11, 12, 14 and 15, 2008, at 8:30 p.m. Join us!

For its 70th annual production, and in celebration of the 150th year since Puccini’s birth, the LOWELL HOUSE OPERA presents TURANDOT, a lyric drama in three acts, with music composed by Giacomo Puccini and libretto by Giuseppe Adami and Renato Simoni. Sung in Italian with English supertitles.

Congressman Ed Markey introduces the panel with recollections of his fight against mandated access charges for dial-up connections. Flat rate connections, initially allowed Internet to flourish, as Internet users built out a Net freed from the shackles of long-distance timers.

Markey clearly gets the ‘Net: “The Internet is as much mine and yours as it is AT&T’s, Verizon’s, and Comcast’s…. The nature of the ‘Net is not about the carriers and the services they provide… they provide access, not service. … This is ‘No Country for Old Bandwidth.’”

Markey understands that the value of the Internet’s potential, is greater than even the best current application: “The beauty of the internet is its wonderfully chaotic, ever-evolving nature… its ability to reinvent itself every single year.” Let’s hope the rest of the hearing strengthens that vision.

Join in: Join the Berkman IRC channel or post questions.

The triennial wheel has turned to the At-Large Advisory Committee, and ICANN, through Westlake Consulting, is calling for input as they consider “whether the ALAC has a continuing purpose in the ICANN structure; and, If so, whether any change in structure or operations is desirable to improve its effectiveness.”

ALAC exists “to consider and provide advice on the activities of ICANN, insofar as they relate to the interests of individual Internet users.” ALAC is supposed to be the Internet using public’s chief voice within ICANN. As ALAC’s liaison to the ICANN Board, I clearly believe that’s an important function. I also think ICANN could be doing better: I’d like to see that voice enhanced for members of the public concerned with topics such as availability of domain names in useful and non-English scripts, privacy in domain name registration, and security of Internet addresses.

If you’ve worked with ALAC or have ideas for facilitating public input to ICANN, I encourage you to get in touch with the review team. The more perspectives they hear, the better they can assess ALAC and offer recommendations.

Your artistic works are copyrighted upon creation, as soon as they’re “fixed in a tangible medium of expression.” If you do nothing further, the law forbids others from copying that goes beyond fair use. Readers can’t take the patten and detailed descriptions you’ve posted and copy them verbatim, but can they make and sell the craft described? That depends on the copyright in the crafted object: a richly patterned sweater’s surface design could be copyright-protected, but its shape would not. Further, if you’ve published a pattern, readers probably get an implied license at least to make the craft from it. That means too, that when you’re on the other side, using someone else’s patterns, you’re free to take uncopyrightable methods and “useful articles,” but limited in taking full-blown expression.

Part two of “Crafting Laws” will follow in the next issue.

The Mukurtu Wumpurrarni-kari archive Kimberly Christen helped the Australian Warumungu community in Tennant Creek to construct puts digital restrictions in a very different light.

As Kim described when I met her at a conference over the summer, the Warumungu have a set of protocols around objects and representations of people that restrict access to physical objects and photographs. Only elders may see or authorize viewing of sacred objects; other objects may be restricted by family or gender. Images of the deceased shouldn’t be viewed, and photographs are often physically effaced. When the Warumungu archive objects or images, they want to implement the same sort of restrictions.

They wanted an archive that was built around Warumungu protocols for accessing and distributing materials (in many forms). One of the first mandates was that everyone had to have a password so that they could only see materials that they were meant to see based on their family/country/community status.

Kim’s response was to help construct a digital archive with access controls — ACLs based not on copyright but on the various elements of a person’s community status. Your identity sets your view-port into the archive; the computer will show only items you have permission to see. The community can thus give objects context in the online archive similar to that which situates them offline. As an object’s status changes, the database can be updated to reflect new rights or restrictions.

Yet the Mukurtu’s form of “DRM” is fragile. Users are encouraged to print images or burn CDs, which have no controls built-in.

People can also print images or burn CDs and thus allow the images to circulate more widely to others who live on outstations or in other areas. In fact, one of the top priorities in Mukurtu’s development was that it needed to allow people to take things with them, printing and burning were necessary to ensure circulation of the materials.

Unlike copyright-DRM systems, which fall back to the most restrictive state when exporting or communicating with “unsigned” devices (such as blocking all copying and breaking or lowering playback resolution on high-definition monitors), this one defaults to granting access. It’s up to the people using the system to determine how new and unknown situations should be handled.

Because the Murkurtu protocol-restrictions support community norms, rather than oppose them, the system can trust its users to take objects with them. If a member of the community chooses to show a picture to someone the machine would not have, his or her interpretation prevails — the machine doesn’t presume to capture or trump the nuance of the social protocol. Social protocols can be reviewed or broken, and so the human choice to comply gives them strength as community ties.

One of the lessons of the recording industry lawsuits and growing shift from DRM’d music is that community norms don’t support current copyright law. Rather than fight copyright norms with bad code, we should learn from the Warumungu and build code (and law) to support social practice.

Further good news: Kim says she and Craig Dietrich will be releasing the archive’s code as Free Software.

Then, it was removed from YouTube, “due to a copyright claim by a third party.”

Photographer Lane Hartwell says she objected to use of her photograph of Valleywag’s Owen Thomas, so she sent a DMCA takedown notice to YouTube. Hartwell says she owns copyright in the image and did not license its use. In response, YouTube appears to have disabled the video pursuant to its copyright policy (perplexingly, it did not identify the “third party” sender of the complaint.)

Now, the video is back, in a revised version that omits Hartwell’s photograph.

To me, the original situation seems to lie near the blurry edge of copyright’s fair use exception. The Richter Scales would argue that their use was “transformative,” using the photograph to comment on the bubbly scene the photographer chose to depict; commentators on Silicon Valley foibles might be unable to get permission for photos used to skewer the establishment. Hartwell, by contrast, tells us that “Photography is my livelihood. It’s how I pay my bills. I’m not treating the band any differently than any other group that uses my work without my permission.” She sells or licenses her work to magazines and others who want to use photo illustrations, and sees no reason to treat the Richter Scales differently.

Is the momentary use of Hartwell’s photo an unfair substitute for something she should have had the right to license, or a fair use the law should license irrespective of the copyright holder’s wishes? I’d be inclined to find the use fair, as transformative commentary, but I couldn’t guarantee that a court would agree with me.

The DMCA harbors no such ambiguity, however. The moment someone claims an infringement, the law encourages the service provider to act “expeditiously” to remove the offending material. The strict penalties in copyright’s “property rule” nature support that response: One who can prove copyright infringement can often get both an injunction and stiff statutory damages. Acting individually, the parties might stand firm or be pushed by the costs of legal uncertainty to settle their differences, but the service provider in the middle changes the calculus.

The intermediary service provider rarely wants to risk outsize damages or get into negotiations with copyright claimants and small content-posters, and so tends to take down rather than face even a remote chance of liability. If, on the other hand, intermediaries’ secondary liability were limited as it is for defamation, content creators would be freer to make and defend fair use arguments. A liability rule or compulsory license, enforcing rights through payment rather than removal, could leave these items in the public view.

Absent copyright reform, we’re stuck with the likelihood that clever montages — which depend on pulling content from many sources — get popped even more quickly than tech bubbles.

The Tor Project, Inc. develops anonymity software to help users navigate the web without being tracked — helping whistleblowers blog anonymously and dissidents browse past national firewalls. The Tor Project will be concluding its first year as a 501(c)(3) non-profit, and I’m proud to be on its Board of Directors. While your there, download the Tor software and add a node to the anonymity network.

Electronic Frontier Foundation relies on members’ donations to champion online freedoms in the courts. Its litigation against AT&T for participation in warrantless wiretapping has helped to expose the depth of the administration’s evasions. While you’re there, keep the pressure on congress to let the public hold telecommunications carriers accountable when they break the law.

Creative Commons celebrates five years of helping creators to share their works and the public to find them, through standard copyright-permissions licenses. Science Commons is extending this spirit to enable web-like collaboration in scientific research. While you’re there, search for CC-licensed work or license a work of your own.

One Laptop Per Child Through the end of the year, donors to OLPC can give one and get one — give one laptop to a child in a developing country and get one of their rugged yet open-source machines for your (inner) child.

Free Software Foundation produces both great software and the original great legal hack — copyleft. Grab some free software while you’re there.

American Civil Liberties Union isn’t tax-deductible, but we need allies lobbying for our rights in Washington too.