ACTA, CISPA, and TPP

Leave a comment

There is more alphabet soup to concern us today — ACTA,  CISPA, and TPP.  While they are two entirely different things, they both potentially threaten our privacy on the Internet and that is bad.   Let me clearly state that I am a published author and I too worry about people stealing my intellectual property and making a profit from their own use of it.  However, I worry about rights being taken in the name of protecting intellectual property.

ACTA is the Anti-Counterfeiting Trade Agreement signed by the US, Australia, Canada, Japan, Morocco, New Zealand, Singapore, and South Korea, and expected to be signed by the European Union, Mexico, and Switzerland.  It is not “treaty” so it does not need to be approved by Congress. The goal of ACTA is to protect copyright and intellectual property, such as music and movies from pirating and counterfeiting.  I am not a lawyer and certainly not an international treaty expert, but the phrases, ” … including expeditious remedies to prevent infringements and remedies which constitute a deterrent to further infringements” and “authority to issue an order against a party to desist from an infringement, and inter alia, an order to that party or, where appropriate, to a third party over whom the relevant judicial authority exercises  jurisdiction, to prevent goods that involve the infringement of an intellectual property right from entering into the channels of commerce” sound like the government is asking ISP’s to watch over users — and such surveillance cannot be a good thing.  According to the EFF, “ACTA contains new potential obligations for Internet intermediaries, requiring them to police the Internet and their users, which in turn pose significant concerns for citizens’ privacy, freedom of expression, and fair use rights.”

TPP is the Trans Pacific Partnership Agreement.  It too is multinational and it attempts to protect intellectual property.  It states that any party that “manufactures, imports, distributes, offers to the public, provides, or otherwise traffics in devices, products, or components, or offers to the public or provides services, that: (A) are promoted, advertised, or marketed by that person, or by another person acting in concert with that person and with that person’s knowledge, for the purpose of circumvention of any  effective technological measure, (B) have only a limited commercially significant purpose or use other than to circumvent any effective technological measure, or (C) are primarily designed, produced, or performed for the purpose of enabling or facilitating the circumvention of any effective technological measure, shall be liable and subject to the remedies set out in Article [12.12].  That sounds a lot like ISPs will need to monitor all of our transmissions to be sure they are not in trouble.

CISPA is The Cyber Intelligence Sharing and Protection Act.  According to Demand Progress, CISPA “could let ISPs block your access to websites — or the whole Internet.  CISPA also encourages companies to share information about you with the government and other corporations.  That data could then be used for just about anything — from prosecuting crimes to ad placements.  And perhaps worst of all, CISPA supercedes all existing online privacy protections.”

None of these measures make clear how much authority the ISPs will have or what a citizen’s rights to argue will be.  That is the part that worries me most.  It seems perfectly possible in this era for this to be the first step to certain sites having more rights than others (such as movie sites or book publishers) because of these laws.  If they really are innocent protection of IP, then why have the discussions not been more transparent?  Why is the government determined to keep experts out of the discussion until after treaties have been signed.  Let us not allow anyone the right to evaluate the appropriateness of a site without oversight.

Individual Privacy: Is 1984 finally here?

Leave a comment

When I was in high school, everyone was required to read the book entitled 1984 by George Orwell.  According to Amazon’s description of the book, “In 1984, London is a grim city where Big Brother is always watching you and the Thought Police can practically read your mind.”  I recall there being much discussion of how horrible that would be and how it would never happen.

Yesterday I read an article on BBC.com that states, “The government will be able to monitor the calls, emails, texts and website visits of everyone in the UK under new legislation set to be announced soon.”  That sounds to me like 1984 may have arrived.  Of course, those proposing the new law state that it is critical to have access to information about terrorists and their contacts in order to protect the country.  The difference between this proposal and one that failed a few years earlier is that police will not be able to access the data without a warrant.  But, the article goes on to say that the law would “enable intelligence officers to identify who an individual or group is in contact with, how often and for how long. They would also be able to see which websites someone had visited.”

Most law-abiding citizens have no difficulty with the concept that terrorists or criminals would have their information recorded.  However, the law does not limit data collection to known criminals or terrorists, or even those under suspicion — it opens the door to collecting this information about everyone.  Once collected, will the government be able to help itself in doing more with the data than intended?  What is the difference then between the British government and that in China or Iran in modern times, or Nazi Germany and Communist Russia in more distant times?  Will the government not face the risk of taking action because of some communications that when put together look alarming?  How long will it take for the government to try to mine the data to find other “terrorists” or “criminals” who are so identified simply because they have similar surfing or communications patterns?

In addition, how will all of these data be protected from hackers?  We have recently seen hackers breech the security of Scotland Yard meetings, military data, corporate data, and, of course, credit cards.  In that same article, the author notes, “The Sunday Times quoted an industry official who warned it would be “expensive, intrusive [and] a nightmare to run legally.”  Most professionals respond to that quote as “to say the least!”

Police have always wanted this kind of information, but society has said that individual freedom is more important.  Just because it is (relatively) easy to get and keep such data now that it is electronic, does that make it right?   It is almost impossible to get privacy back once it is lost … shouldn’t we ponder this a bit more before we risk the loss of privacy forever?