Blinded by hindsight

Wendy Grossman discusses airport security procedures and recommendations for reform in her report on last week's mini-conference by the Electronic Privacy Information Center on the TSA

This article is cross-posted from Wendy M. Grossman's regular column net.wars.

There are four reasons, Bruce Schneier said last week at the Electronic Privacy Information Center (EPIC) mini-conference on the TSA, why airport security deserves special attention, even though it directly affects a minority of the population. First: planes are a favourite terrorist target. Second: they have unique failure characteristics – that is, the plane crashes and everybody dies. Third: airlines are national symbols. Fourth: planes fly to countries where terrorists are.

There's a fifth he didn't mention but that Georgetown lawyer Pablo Molina and We Won't Fly founder James Babb did: TSAism is spreading so much that there are random bag searches on the DC Metro and the New York subways, and the TSA are talking about expanding its reach to shopping malls and hotels. And something I found truly offensive: giant LED signs posted along the Maryland highways announcing that if you see anything suspicious you should call the (toll-free) number below. Do I feel safer now? No, and not just because at least one of the incendiary devices sent to Maryland state offices last week apparently contained a note complaining about those very signs.

Without the sign, if you saw someone heaving stones at the cars you'd call the police. With it, you peer nervously at the truck in front of you. Does that driver look trustworthy? This is, Schneier said, counter-productive because what people report under that sort of instruction is "different, not suspicious".

But the bigger flaw is the TSA's cover-our-ass mentality. For example, if someone tries to bomb a plane with explosives in a printer cartridge, the TSA seem to think it imperative that they impose a ban on flying with printer cartridges over 500g and, during December, restrictions on postal mail, something few people in the US even knew about.

Jim Harper, a policy scholar with the Cato Institute and a member of the Department of Homeland Security's Data Privacy and Integrity Advisory Committee, outlined even more TSA expansion. There are efforts to create mobile lie detectors that measure physiological factors like eye movements and blood pressure.

Associate Director of EPIC, Lillie Coney observed that technology has become "like butter – few things are not improved if you add it."

If you're someone charged with blocking terrorist attacks you can see the appeal: no one wants to be the failure who lets a bomb onto a plane. Far, far better if it's the technology that fails. And so expensive scanners roll through the nation's airports despite the expert assessment – on this occasion, from Schneier and Ed Luttwak, a senior associate with the Center for Strategic and International Studies – that the scanners are ineffective, invasive, and dangerous. As Luttwak said, the machines pull people's attention, eyes, and brains away from the most essential part of security: watching and understanding passengers' behavior. "[The machine] occupies center stage, inevitably," he said, "and becomes the focus of an activity – not aviation security, but the operation of a scanner."

Equally offensive in a democracy, many speakers argued, is the TSA's secrecy and lack of accountability. Even Meera Shankar, the Indian ambassador, could not get much of a response to her complaint from the TSA; Luttwak quipped, "God even answered Job." The agency sent no representative to this meeting, which included Congressmen, security experts, policy scholars, lawyers, and activists.

"It's the violation of the entire basis of human rights," said the Stanford and Oxford lawyer Chip Pitts around the time that the 112th Congress was opening up with a bipartisan reading of the US Constitution. "If you are treated like cattle, you lose the ability to be an autonomous agent."

As Libertarian National Committee executive director Wes Benedict said, "When libertarians and Ralph Nader agree that a program is bad, it's time for our government to listen up."

So then, what are the alternatives to spending—so far, in the history of the Department of Homeland Security, since 2001—$360 billion, not including the lost productivity and opportunity costs to the US's 100 million flyers?

Well, first of all, stop being weenies. The number of speakers who reminded us that the US was founded by risk-takers was remarkable. More people, Schneier noted, are killed in cars every month than died on 9/11. Nothing, Ralph Nader said, is spent on the 58,000 Americans who die in workplace accidents every year or the many thousands more who are killed by pollution or medical malpractice.

"We need a comprehensive valuation of how to deploy resources in a rational manner that will be effective, minimally invasive, efficient, and obey the Constitution and federal law," Nader said.

So: dogs are better at detecting explosives than scanners, and intelligent profiling can whittle down the mass of suspects to a more manageable group than "everyone" in a giant game of airport werewolf. Instead, we have the flawed hind-sighted approach of protecting ourselves from the last attack.

"We're constantly preparing for the rematch," said Lillie Coney. "There is no rematch, only tomorrow and the next day." She was talking as much about Katrina and New Orleans as 9/11: there will always, she said, be some disaster, and the best help in those situations is going to come from individuals and the people around them. Be prepared: life is risky.

Image: CC-AT Flickr: xlibber (Jon)

Charity shop blues

Emily Goodhand explains why charities should be exempt from paying an additional licence fee to Phonographic Performance Ltd

Charities who use a radio to play music on their premises have not had to pay royalty fees to record companies and performers for the playing of sound recordings. But that’s all set to change with the introduction of plans as part of a statutory instrument to remove this privilege given to charities by the Copyright, Designs & Patents Act (CDPA).

The statutory instrument went before Parliament yesterday and will be passed in 40 days. Parliament doesn’t have to debate the plans or vote them in, so unless a resolution is passed in either parliamentary house to annul them, charity shops and community groups will be charged extra music licence fees from January 2012.

So what does this mean for charity shops? Well, if they do have a radio playing in store, they would already be paying a licence fee to the Performing Rights Society for Music (PRS for Music), probably in the region of £70-£100 depending on the size of the store (and if anyone can understand the tariffs on their website). PRS for Music pass on the majority of their licence fees to music publishers, composers and songwriters - in other words, the first writers of the songs and the publishers who first notate them. Up until now, however, charity shops have been exempt from an additional licence fee to Phonographic Performance Ltd (PPL). 

From next January that is all set to change. The Intellectual Property Office have said that a charge of between £40-£54 would be levied for each individual shop, with the tariff based on the size of the shop. This licence fee will collected by PPL and distributed to the performers and record companies who created the sound recordings. So, a charity organisation which has 150 shops in the UK would have to pay somewhere in the region of £12,500 if it wants to play music in each of its stores.

This removal of the royalties exemption for charities looks like the kind of licensing scheme that would have been in place during Robin Hood’s time – taxing the poor so the rich can get richer. It is also important to recognise the distinction between PRS for Music and PPL; one supports artists and creators whilst the other supports big label performers and record companies - for the latter group to demand royalties from the not-for-profit sector is, quite frankly, a travesty. Copyright law has a section devoted to moral rights: charities were exempted for a reason, and this change is simply appalling.

So what can the not-for-profit sector do about it? Not a lot unfortunately, short of hoping that a campaign group will bring this statutory instrument to the attention of those in parliament. In the meantime, it would be best to cease the playing of music in charity shops – that way, the money that would have been spent on the licence fees can be pumped back into supporting those who have most need for it, rather than indulgent corporations. 


Emily Goodhand is Copyright Officer at the University of Reading.  She takes a keen interest in copyright law and its implications for education, and tweets as @copyrightgirl.


Image: CC-AT Flickr: spiritquest

She came in through the bathroom window

Following allegations that the FBI paid developers to install a backdoor in OpenBSD, Milena Popova examines the security advantages of open source software

Just over a fortnight ago, it was alleged that the FBI paid developers to put backdoors into the OpenBSD operating system. This story--and OpenBSD's response to the allegations--serves to highlight the importance of open source software.

OpenBSD is one of a number of small and fairly obscure Unix-like operating systems, distinguished by using only open source code, licensed under the BSD License, and taking particular pride in its proactive approach to security.

A former US government contractor contacted the leader of the OpenBSD project, Theo de Raadt, informing him that he believed the FBI had installed a backdoor--a deliberate security vulnerability which they knew how to exploit--in OpenBSD’s encryption programme. It is fair to assume that Microsoft (or any other large proprietary software company), in a similar instance, would set a small army of programmers and software engineers on the code and try to find the vulnerabilities; they would create a fix, and quietly push it out with a service pack or regular update. What I think they would be highly unlikely to do is tell the entire world that there might be a backdoor or security flaw in their system until they were sure they had a fix for it. In the meantime, the computers of millions of people would continue to be vulnerable, with the company’s full knowledge.

This is not how OpenBSD works. The first thing that Theo de Raadt did was tell the world. The logic behind this openness was that users would immediately start auditing the code for the vulnerability (as well making informed choices about whether to continue using the code), and if the allegations were untrue those accused could defend themselves. And although it is highly unlikely that a backdoor--even if it was ever written--made it into OpenBSD’s code base, the increased attention on the code has uncovered a few other issues which are in the process of being fixed.

I find this story fascinating as it illustrates beautifully the advantages of an open approach to security. Open source is a philosophy or approach to making things which provides access to the end product’s source materials - if you buy a garment for instance, you might also get the pattern used to make it; you might get the sheet music or lyrics with your CD. Open source is particularly popular in some software development circles, including OpenBSD developers. Programmers who follow the approach release not only the compiled piece of software (the programme you run on your computer), but also the source code - the basic instructions to the computer which make up that programme. This has a number of advantages: it allows others to learn from your code, it lets them build on it, and it has some very interesting security effects.

Science, academia and education work on a similar principle - sharing knowledge and skills in order to constantly push the boundaries of what we know, whilst allowing for a comprehensive peer-review system. When proprietary software like Microsoft gives me its Windows operating systems, it asks me to blindly trust that there are no vulnerabilities, no backdoors, and no security issues. OpenBSD, Linux, and any number of other open source pieces of software allow me and others to check. if I’m not a coder myself, I am still able to acquire the necessary skills if I really want to, but I can also trust hundreds of independent programmers out there to have checked that code during the development process and after.

Exposing your security solutions to public scrutiny is one of the best ways to stay ahead of the game. This is why RSA Laboratories (the people behind some of the most-widely used encryption on the internet) fund things like the RSA Secret Key Challenge where they actively encourage the general public to have a go at breaking their security.

From a user’s point of view, open platforms are key to being able to take control of your digital rights. If the platform you are using is not open, how are you going to know that the government isn’t spying on you, the software company isn’t keeping an eye on what you’re doing, or a random script kiddie isn’t stealing your credit card data as you order that book on security engineering from Amazon?


Milena is an economics & politics graduate, an IT manager, and a campaigner for digital rights, electoral reform and women's rights. She blogs at and tweets as @elmyra

Image: CC-AT Flickr: Bohman (Linus Bohman)

All in favour?

Google's digitisation of books holds tremendous potential for academic research and education - but that doesn't mean everyone's happy.

Google’s database of digitised books has the potential to radically enhance academic research with the application of dynamic tools enabling lexical searching across not just one but centuries of books. If Google had restricted the project to works in the public domain, they may not have sparked such controversy amongst authors and publishers, who were quick to file a lawsuit for copyright infringement.

‘Public domain’ is a simple phrase meaning ‘a work in which copyright has expired’, not (as some would believe) anything available on the Internet. For literary works, copyright expires 70 years after the death of the author. Incidentally, ‘out of print’ does not mean the same as ‘out of copyright’ either. As there is no provision for format shifting in US copyright law, Google’s digitisation of copyright works can be seen as an infringement of authors’ and publishers’ copyright – Google had not sought their permission before scanning the works and rightsholders were understandably upset at Google making their works available for free.

What’s quite interesting is that, potentially, had Google approached publishers and authors for permission before scanning, they may not have succeeded with the modern-day aspect of this project. It may be that they took a risk, deeming public interest to be a greater driver than the risk of copyright infringement. Google’s database of digitised books highlights perfectly the tension that exists between users and copyright holders; the technology exists to revolutionise literary research, yet the law throws restrictive fetters around it. 

Google’s presence in legal disputes is not uncommon. Settlements seem to be their favoured resolution, and like their settlement with PRS over the use of music on YouTube, they have agreed (for the most part) a settlement with authors and publishers who hold the rights to works still in copyright. Authors’ requests for books not to be digitised will be honoured until March 2012. In the meantime, it should be assumed that twentieth century works in their collection are there by permission of the rightsholder. 

For further reading on the educational and academic potential of digitising books, read Patricia Cohen's feature in the New York Times.

Emily Goodhand is Copyright Officer at the University of Reading.  She takes a keen interest in copyright law and its implications for education, and tweets as @copyrightgirl.


Image: CC-AT Flickr: PugnoM (Nancy Sims)

Sharing values

Google versus the BPI - whose side are you on?

This article is cross-posted from Wendy M. Grossman's regular column net.wars.


The notion that the copyright industries' war on file-sharing would eventually rise to the Google level of abstraction used to be a sort of joke. It was the kind of thing the owners of torrent search sites (and before them, LimeWire and Gnutella nodes) said as an extreme way of showing how silly the whole idea was that file-sharing could be stamped out by suing people. It was the equivalent in airport terms of saying, "What are they going to do? Have us all fly naked?"

This week, it came true. You can see why: the British Phonographic Institute's annual report cites research it commissioned from Harris Interactive showing that 58 percent of "illegal downloaders" used Google to find free music. (Of course, all free music is not unauthorized copies of music, but we'll get to that in a minute.)

The rise of Google in particular (it has something like 90 percent of the UK market, somewhat less in the US) and search engines in general as the main gateway through which people access the Internet made it I think inevitable that at some point the company would become a focus for the music industry. And Google is responding, announcing on December 2 that it would favour authorized content in its search listings and prevent "terms closely related with piracy" from appearing in AutoComplete.

Is this censorship? Perhaps, but I find it hard to get too excited about, partly because AutoComplete is the annoying boor who's always finishing my sentences wrongly, partly because having to type "torrent" doesn't seem like much of a hardship, and partly because I don't believe this action will make much of a difference. Still, as Google's design shifts more toward the mass market, such subtle changes will create ever-larger effects.

I would be profoundly against demonizing file-sharing technology by making it technically impossible to use Google to find torrent/cyber locker/forum sites—because such sites are used for many other things that have nothing to do with distributing music—but that's not what's being talked about here. It's worth noting, however, that this is (yet another) example of Google's double standards when it comes to copyright. Obliging the music industry's request costs them very little and also creates the opportunity to nudge its own YouTube a little further up the listings. Compare and contrast, however, to the company's protracted legal battle over its having digitized and made publicly available millions of books without the consent of the rights holders.

If I were the music industry I think I'd be generally encouraged by the BPI's report. It shows that paid, authorized downloads are really beginning to take off; digital now accounts for nearly 25 percent of UK record industry revenues. Harris Interactive found that approximately 7.7 million people in the UK continue to download music "illegally". Jupiter Research estimated the foregone revenues at £219 million. The BPI's arithmetic estimates that paid, authorized downloads represent about a quarter of all downloads. Seems to me that's all moving in the right direction - without, mind you, assistance from the draconian Digital Economy Act.

The report also notes the rise of unauthorized, low-cost pay sites that siphon traffic away from authorized pay services. These are, to my view, the equivalent of selling counterfeit CDs, and I have no problem with regarding them as legitimately lost sales or seeing them shut down.

Is the BPI's glass half-empty or half-full? I think it's filling up, just like we told them it would. They are progressively competing successfully with free, and they'd be a lot further along that path if they had started sooner.

As a former full-time musician with many friends still in the trade, it's hard to argue that encouraging people towards services that pay the artist at the expense of those that don't is a bad principle. What I really care about is that it should be as easy to find Andy Cohen playing "Oh, Glory" as it is to find Lady Gaga singing anything. And that's an area where the Internet is the best hope for parity we've ever had; as a folksinger friend of mine said a couple of years back, "The music business never did anything for us."

I've been visiting Cohen this week, and he's been explicating the German sociologist Ferdinand Tönnies' structure with the music business as gesellschaft (society) versus folk music as community (gemeinschaft)

"Society has rules, communities have customs," he said last night. "When a dispute over customs has to be adjudicated, that's the border of society." Playing music for money comes under society's rules - that is, copyright. But for Cohen, a professional musician for more than 40 years with multiple CDs, music is community.

We've been driving around Memphis visiting his friends, all of whom play themselves, some easily, some with difficulty. Music is as much a part of their active lives as breathing. This is a fundamental disconnect from the music industry, which sees us all as consumers and every unpaid experience of music as a lost sale, This is what "sharing music" really means: playing and singing together - wherever.

Image: CC-AT Flickr: digika

How do you solve a problem like copyright?

There are many things that are wrong with our copyright law, but the part that says you've got to compensate the rightsholder and get their permission if you want to profit from their work, isn't one of them.

A few weeks ago Cooks Source, a small for-profit magazine, published a piece on medieval apple pie recipes by Monica Gaudio. They had picked up the piece from a website Gaudio had published it on and neglected to inform her that they were using her writing, or to compensate her. When the writer complained, the Cook’s Source editor responded with the claim that everything published on the Internet is in the public domain.

The story caused what seemed the entire Internet to descend on Cooks Source and pretty much put them out of business. Of course, the editor's assertion, that content published on the Internet is in the public domain, is manifestly untrue - it displays a profound lack of understanding of copyright law. And yet, chances are at least some of the people who were so outraged by the editor's behaviour and comments are perhaps not quite so observant of copyright law when it comes to other matters, say the downloading of music and movies. The story illustrates some complex questions on the thorny relationship between copyright and digital content.

To recap where I stand on digital content, I firmly believe that it is a public good, within the strict economic definition of "public good". A public good has two characteristics: it is non-rival and non-excludable. Non-rival means that my consumption of the good doesn’t diminish the amount of it available for you to consume. Apples are clearly rival: If I eat one, you can’t eat it. A piece of music is non-rival: if I listen to it, that doesn’t stop you from doing so too. Non-excludable means that you can’t stop me from consuming the good. Again, apples are excludable: You can stop me from eating the apple by keeping it inside your locked house. With pieces of music, it’s become technologically practically impossible (DRM notwithstanding) to stop me from making an infinite number of copies. So pieces of music, and other digital content, economically behave as public goods. What this really means is that using the market to distribute the public good—content in our case—is neither possible, nor desirable as it doesn't produce the most efficient outcomes.

So although the editor of Cooks Source may have tried to get away with arguing her case in the above terms, she still wouldn't be justified. The simple fact that content behaves as a public good from an economic standpoint, does not mean it's free for the taking. It especially does not mean that it's right for a company to take content created by someone else and, without compensating them, make a profit from it. There are many things that are wrong with our copyright law (for instance the way it makes us criminals for ripping our CDs to put them on our iPods), but the part that says you've got to compensate the rightsholder and get their permission if you want to profit from their work, isn't one of them.

All too frequently, copyright is used to protect the vested interests of established distribution industries (think record labels), rather than for its original purpose - to incentivise and protect creators. Hopefully, the Cooks Source case shows that there is still some recourse for creators whose copyright has been infringed, and that copyright still benefits creators. What is worrying is that most content creators don't have the resources to really enforce their rights through the courts, so they have to rely on being able to publicise their case sufficiently for the public at large to act as judge and jury, as in the Cooks Source case. Unfortunately, for every Monica out there, there are countless other artists, musicians and creators whose work is being taken advantage of with no compensation and whose stories don't reach the general public.

David Cameron recently announced a review of copyright law in the UK. Some of his comments were very encouraging, others somewhat worrying. We need to kick off the public debate now to help our government redress the copyright balance in a way which reflects the public-good nature of of digital content and returns to the original intent of copyright.


Milena is an economics & politics graduate, an IT manager, and a campaigner for digital rights, electoral reform and women's rights. She blogs at and tweets as @elmyra

Image: CC-AT-SA Flickr: Opensourceway

WikiLeaks day of action


Tuesday, 14 December 2010


The Assange bail hearing attracted a small group of protesters, voicing their opposition to the arrest and detention of the Wikileaks founder which they consider to be politically motivated.

There was a high media turnout and plenty of police, as this clip shows:


Later that day ORG attended the Digital Economy All Party Political Action Group at Portcullis House. Run by MPs Julian Huppert and Eric Joyce, the group provides a parliamentary forum for informed debate on digital economy issues. Here are some statements from attendees following the meeting:

Image: CC-AT-SA Flickr: takver

Dead-tree functionality

Amazon Kindle's plans to acquire "lending" functionality: an archaic model of the 16th century.

I was both amused and puzzled by the recent news that Amazon is to allow book lending on the Kindle. At first glance this is great news: e-books will finally match some of the basic functionality available in the dead-tree format! At least this move shows that the content industry is beginning to get its collective head around some of the problems created by locking down and controlling users' devices and the content they have paid for.

At the same time, however, this move demonstrates Amazon's firm grasp of the wrong end of the stick. We live in a world where it takes some random 16-year-old about 24 hours to crack the latest DRM. Faced with technological progress which makes it easy and practically free to create an infinite number of copies of any piece of digital content, the content distribution industry's faith in DRM and Amazon's magnanimous "relaxation" of their DRM to allow book lending on the Kindle is a classic example of the Emperor's new clothes. Instead of accepting and then working with the economic reality that technology has turned content into a public good, Amazon, along with pretty much every other major content distributor, continues to invest in obsolete and ineffective DRM technology.

Lendable e-books are not the first paradox created by this approach. Remember when Amazon deleted the e-book version of 1984 from users' devices when they discovered they didn't have the rights to sell it? Have you ever thought about how much more fun it is to watch a pirated movie than having to sit through all the unskippable trailers on your legally acquired version? 

And really, just how absurd is it to have all your e-books tied to one particular kind of device? What if tomorrow you get bored of the Kindle and decide you'd actually like a Sony e-reader? Would you put up with only being able to listen to your music on your iPod but not on your Android phone; or with having a toaster which ties you to a particular bread manufacturer?

We need to be thinking about radically different business models for content creation and distribution, rather than trying to build 16th century dead-tree functionality into 21st century technology.

Milena is an economics & politics graduate, an IT manager, and a campaigner for digital rights, electoral reform and women's rights. She blogs at and tweets as @elmyra

Image: CC-AT Flickr: goXunuReviews

Not just the usual suspects

After the fallout from Google's accidental capture of personal data from Wifi networks made savage headlines, it's important to remember the real debate at stake

Google's collection of personal data from wi-fi networks resulted in a huge public outcry. Google, in turn responded in the correct and dignified manner by apologising and promising to delete this data. Yet, in my opinion, the outcry was somewhat misdirected, as well as disguising an abdication of responsibility by many.

It is essential to remember that Google only collected data from Wi-Fi networks which were open or unsecured, and whilst Google was unquestionably wrong to do so and must be held to account, there are other parties to blame.

The nature of reality is such that people really should take basic security measures for their own peace of mind. Leaving your Wi-Fi network unsecured is that same as leaving your doors and windows unlocked; you can hardly be surprised, then, when your traffic is watched. In both cases, the thief is wrong but for your safety you should take basic precautions.

Google collected data from unsecured Wi-Fi networks by driving past houses – it only took a few seconds for them to collect private data. Imagine if a hacker sat outside your house with a laptop for a hour? Imagine if one of your neighbours listened in to your network? Can you imagine how much personal data can be gleaned if done so intentionally?

So how should you protect your personal data, and whose responsibility is it?

Firstly, it is the responsibility of whoever provides you with a wireless access point; neglecting to ensure that it is secure means that they are not respecting your right to privacy. 

Secondly, web services are responsible to some extent. When using a web service, many companies will ensure they use encryption between your computer and their server to stop others listening in. This is what is happening when you see a padlock icon in your web-browser toolbar. Although it is expensive, it's an essential measure for sensitive data like credit cards.

Those services that deal with sensitive or private information should be using encryption. Google's access to such data was enabled simply because these services were not encrypting data. Google is actually relatively good for this - if you use Gmail, your data is encrypted. So all the complete emails that Google picked up, aren't—ironically—from Gmail. 

But thirdly and more importantly, the debate is far bigger than this issue. We, as a society, need to assess how companies are entitled to use our personal data. Our information is often abused, albeit entirely legally. But how comfortable are you with more and more of your life being lived publicly online? What about your data being locked up and held captive by large multi-national companies? How happy are you about being profiled more and more by computer algorithms, and these algorithms governing your access to services?

Whilst Google's wi-fi controversy has been brought to the public's attention, we should be aware that there exists a much larger debate that is not being adequately discussed in a public forum. 

James Baster is a professional computer programmer living and working in Edinburgh, and tweets @jarofgreen. 


Image: CC-AT-NC Flickr: pipot83 (Fabio Premoli)

The long arm of copyright

Don't scroll down for more - all copyrights to content below the fold are reserved.

The High Court in England and Wales has just delivered a somewhat surprising judgement that sees copyright reach much further than many previously thought.

The case was brought by almost all major UK newspapers (besides News Corp titles and the FT) and their copyright licensing umbrella body, Newspaper Licensing Agency Ltd (NLA ltd), against the users of a media monitoring service run by Meltwater Holding BV.

Meltwater operates a commercial site-scraping service that delivers newspaper headlines and the first few words of an article, according to keywords you give it. This helps keep track of your business' brand or your name as and when the media covers it.

Let's be clear: they aren't competing with newspapers for audiences using copyrighted content; this isn't destroying the newspapers' commercial incentive to write stories. Yet somewhat amazingly, the judge in the case held that under UK law, copying newspaper headlines is an activity that is in breach of copyright unless you are licensed to reproduce them or benefit from one of copyright's ever-shrinking exemptions. And weirdly, the judge seems to have ruled that this even applies to the copies created when you share, forward, commercially store ("in the course of business") or even open an email in your inbox.

Once upon a time, copyright used to only apply to substantial literary works, not short things like slogans or brand names. But according to the judge, under UK law, headlines are also protected. By the same logic, would reading a Metro headline aloud to your co-workers, or copy-pasting headlines into an email to a friend, make you a pirate unless you can rely on an exemption?

Worse still, it makes digital readers pirates. Incredibly, the judge in the case held that "the temporary copies exception is solely concerned with incidental and intermediate copying so that any copy which is ‘consumption of the work’, whether temporary or not, requires the permission of the copyright holder. A person making a copy of a webpage on his computer screen will not have a defence under s. 28A CDPA simply because he has been browsing."

On the point of whether scraping and/or caching websites without permission is an act in breach of copyright, the following was stated:

101. When an End User receives an email containing Meltwater News, a copy is made on the End User's computer and remains there until deleted. Further, when the End User views Meltwater News via Meltwater's website on screen, a copy is made on that computer.

102. Therefore the End User makes copies of the headline and the text extract in those two situations and there is prima facie [copyright] infringement.

103. When an End User clicks on a Link a copy of the article on the Publisher's website which appears on the website accessible via that Link is made on the End User's computer. (...) it seems to me that in principle copying by an End User without a licence through a direct Link is more likely than not to infringe copyright.

104. An End User who uses the share function to forward a headline Link (and, a fortiori, an End User who simply forwards an email) to a client will make further copies and thus further infringe. Such forwarding will also be issuing a copy to the public under s. 18 CDPA.

Previously, Google's caching of websites was covered by a copyright exception protecting temporary, incidental copies. Yet this judgement says that under UK copyright law, from the moment the content is "consumed" by a viewer/listener, a copy isn't incidental or temporary, and copyright is breached by a person using a digital device that "copied" the work to show/play it to to them:

111. The exception cannot be used to render lawful activities which would otherwise be unlawful. On the contrary, the purpose of Articles 2 and 3 is to ensure that copyright is protected against all forms of electronic copying unless falling within the narrow scope of the exceptions in Article 5.

Because I made it clear that I reserved all rights to this content at the beginning of this article, I'm afraid by bringing this sentence up on your monitor you are in fact in breach of UK copyright law, and a pirate, equivalent to a video or music pirate (see para 110 of the judgement). Unless you can rely on one of the other ever-diminishing exceptions, that is.

Needless to say, when the Government Minister for Intellectual Property, said "An IP system created in the era of paper and pen may not fit the age of broadband and satellites. We must ensure it meets the needs of the digital age" - when copyright now apparently applies to opening websites on your monitor, the upcoming review of copyright law is wholeheartedly welcomed. The last government granted rights-holders new rights to punish copyright infringement after its IP review. Let's see what this one does.

Now away with you, foul pirate.

Image: CC-AT-SA Flickr: biwook (Ioan Sameli)

Featured Article

Schmidt Happens

Wendy M. Grossman responds to "loopy" statements made by Google Executive Chairman Eric Schmidt in regards to censorship and encryption.

ORGZine: the Digital Rights magazine written for and by Open Rights Group supporters and engaged experts expressing their personal views

People who have written us are: campaigners, inventors, legal professionals , artists, writers, curators and publishers, technology experts, volunteers, think tanks, MPs, journalists and ORG supporters.

ORG Events