The RIAA is sending
subpoenas to a lot of ISPs to try to identify people. As
we previously explained in an amicus brief, the procedure
they're using for this, created by 17 USC 512(h), lacks a
lot of procedural safeguards normally associated with
subpoenas.
I've looked at a large number of the subpoena requests.
They're obviously generated by a script -- "mail merge",
as they used to say -- and that's a good thing from a
certain point of view, but it's kind of frightening. Your
identity is essentially being requested by a computer,
and then Yvette Molinaro is in the loop seemingly for the
sole purpose of signing her name to attest, in effect,
that the computer was programmed properly.
It's almost as though you could have XML-RPC or some other
function call through which the RIAA could get the user's
identity.
In fact, there are many press reports to the effect that
the D.C. District
Court is overwhelmed by having to process all of these
subpoenas -- already in the dozens per day -- and if the
court is having so much trouble just stamping and scanning
and docketing, think about the compliance burden for the
ISPs. Perhaps RIAA hopes that ISPs will eventually decide
to create automated mechanisms, through private agreements
with RIAA, in order to keep this out of the courts and
lower everyone's costs. An ISP could set up a particular
e-mail account. RIAA would send signed e-mail attesting
that a particular user's identity was sought for the
purpose of enforcing copyrights; the ISP would respond
automatically, identifying the user. It could work.
This has happened in other contexts. Under the current
512(h) regime, there would seem to be a strong incentive
for ISPs to negotiate private alternatives, which would
be cheaper but typically even less privacy-protective
than the status quo.
It is troubling to think that a single typo would now
result in the automatic exposure of an Internet user's
true name and contact information. Suppose the RIAA
transposes two digits in the IP address. Now the ISP
is likely to disclose that other user's identity instead
of the identity of the person who was actually sought,
and there is likely to be no review and no recourse. In
fact, the user who's wrongly identified might never know
(unless he or she is subsequently sued).
These errors are pretty easy to make, and the subpoena
power is very strong. There are lots of ways to
mitigate this harm somewhat, but those which don't involve
politics mainly involve effort by ISPs. The cheapest
course for the ISPs might just be to give up and not
do anything to protect their users' privacy. That would
make the entertainment industries' frequent claim that
you aren't anonymous when you use the Internet become
much closer to the truth.
Anyway, I got to do some fun coding as a result of this
and learn about Python's modules for CGI scripting
and MySQL access. It's surprisingly easy. Dan Moniz
created a
nice front-end to the database we built, and now you
can search to see whether your identity has been subpoenaed.
I think it's silly that people are only searching for their
KaZaA usernames and the like. The ISPs won't identify you
by your KaZaA username, even if you're a KaZaA user, because
the ISP doesn't know your KaZaA username or whether you're
a KaZaA user. The ISP will identify you by your IP address,
because that's what the ISP knows. And the ISP will identify
you by your IP address whether you're a KaZaA user or not,
whether you're a copyright infringer or not. The risk of
misidentification is extremely great -- especially with this
prelitigation subpoena process -- and all Internet users
should be concerned, not just copyright infringers.
Bill Frantz has
a signature file which says "Due process for all used to be
the American way". I don't think he has these subpoenas in
particular in mind. But you are now, right this moment, a
single typographical error away from being identified,
possibly without your knowledge.
United Airlines has a great
feature where they let you listen to the radio communications
between the plane and the air traffic controller. I don't fly on
United very often because it seems expensive compared to airlines
like Southwest and JetBlue, but whenever I fly United, I find this
feature endlessly fascinating. You can predict what your flight
is going to do, because certain actions are almost never taken
without instructions from the ATC (like significant altitude
changes).
(Pretty much all of my assertions about aviation below are based
on my experiences listening to the radio during flights; some of
them might be wrong, since I don't have any formal aviation training
and am not a pilot.)
There's a whole jargon and set of conventions used in communications
between pilots and the ground. For example, there are all the
phrases like "climb and maintain flight level X", rules about
how to address planes and how to identify yourself, ways to
instruct a pilot to contact a different controller, and so on.
You can pick up quite a lot of it quickly by listening to the
various towers encountered on a transcontinental flight or two.
And it's really fun to know when your plane is about to go up
or down or turn.
At least in some parts of the world, the pilots and the
controllers have a really endearing habit of saying "good
day" to one another, which originally made me wonder if they
were all Australian. (They're not.) They also like to
call one another "sir" and "ma'am". They're very polite and
very, very terse.
The main activity of pilots at cruising altitude on long flights,
at least during days with substantial "chop", seems to be
changing altitudes to avoid turbulence. It's not permitted
to change altitudes without prior permission, so pilots have to
figure out exactly what altitude they want, and then request it.
If the altitude is available, the tower will usually allow the
requesting pilot to take it. Different altitudes at a single
location will have dramatically different amounts of "chop",
and the level turbulence at a particular place will be fairly
steady at a particular altitude for what is apparently a period
of several hours.
Therefore, pilots are always giving each other reports, and
asking for reports, about what (empirically) the flying
conditions are like along various routes at various altitudes.
If one pilot says an altitude is good, other pilots following
behind will want to use that altitude; if a pilot says an
altitude is very choppy, other pilots will want to avoid it.
When pilots are concerned about turbulence, then, they want
the controller to do work for them (inquiring about and tracking
the weather conditions), but they need the controller's help
and don't want to be pests. They're dependent on the controller's
kindness and goodwill, since the controller could simply say
that permission to climb or descend to a particular flight level
was denied. The controller does not have to justify his or her
decisions at all. The authority of the tower is quite profound,
at least if pilots are operating under flight rules in which the
tower has to approve their decisions.
So a pilot has a self-interested reason to want to ask for
weather reports (and associated changes in altitude or flight
path) as frequently as possible, but it would really irritate
the tower if every pilot did so at every opportunity. The
tower just wants to get rid of planes quickly and safely, and
isn't extremely interested in how much turbulence particular
planes experience -- mild turbulence is unlikely to cause any
harm, but merely makes passengers uncomfortable.
The pilot and the tower have a mutual interest in having a good
working relationship, and so the pilot tries to be friendly to
the tower by controlling the frequency of requests, and the
tower tries to be friendly to the tower by researching weather
conditions and granting requests whenever possible. This
informal negotiation is very interesting. Imagine it were your
job to approve requests, and it didn't cost you anything but
your time to do so. But many, many people depended on your
approval, and were constantly clamoring for your attention.
Managing these requests would be an intricate and challenging
responsibility -- given that some of them are mutually
incompatible -- and the requesters would quickly discover that
it wasn't in their interest to annoy you, wouldn't they?
I wish that an anthropologist would do a study of the
culture of air traffic control communications. It's a
totally oral culture, it's a worldwide culture, it's a
fairly old modern technical culture, and it has its own
extensive jargon and is totally unfamiliar to most people.
There are relatively very few participants, they deal with
each other very frequently, and they might not even know
one another's names. They would probably not recognize
one another if they met on the street. They're partly
accountable to various bureaucracies, but nobody can
really tell them what to do. (Well, I guess Ronald Reagan
can fire them all, which might count as telling them what
to do.)
It would be interesting to read a description of the
jargon and of the kinds of social practices which can
occur in these terse, static-filled, utilitarian bursts
of communication. Is there a subtext? Can pilots tell
when the tower is annoyed or overworked? Is there an
informal quid pro quo? Do participants even realize when
they are participating in an exchange of value or power?
Are there rivalries and friendships? Where did all of
the jargon come from, and how do participants learn it?
My desire for that particular study reminds of other
things I'm curious about, outside the fascinating world
of ATC. I want someone to study the role of cranks,
for example, in fields which are more contested and
less contested. I should write something about cranks
to explain more clearly what I mean.
The AP did an
article
on anonymous file-sharing and quoted me:
"I'm not aware of independent testing or review
to verify the claims that people are making," he said.
The article as a whole seems to suggest that anonymous
file-sharing may be impossible. But I think it's perfectly
possible: I would just be worried about trusting your
privacy to Brand X File-Sharing Software without having
a clear idea of how it tries to protect your identity
and whether that method is secure against attacks you're
concerned about.
One important lesson of security and privacy is that things
marked "Secure" or "Private" need not be.
