Here's a nice controversial one for discussion — should Internet access providers filter pornographic content, requiring someone who wants access to such content to "opt in"? Or is it not appropriate for an access provider to restrict what someone can access? The BBC presents a good overview of the debate currently going on in the UK at the moment, with a range of views from feminists, open rights campaigners and others.
Some years back, under threat of regulation, mobile providers in the UK created a self-regulatory code, imposing blocking obligations — as a result of this, if you buy a SIM for a UK mobile network, you will not be able to access content deemed to be suitable only for adults, which includes, but is not limited to, pornography, unless you prove your age and have the access control removed.
An approach based on filtering on the mobile networks made sense at that time, when a mobile phone only talked to a mobile network but, more recently, it makes far less sense, at least on its own. Many mobile phones — particularly popular devices, such as the iPhone, and Android devices — contain other methods of communication, including Bluetooth and Wi-Fi, which are outside a network operator's control — restricting access on the cellular network alone is a very limited form of protection. Similarly, even within the cellular domain, not all connections can be filtered — in particular, RIM's BlackBerry devices are currently not filtered, since browsing traffic passes in an encoded form to RIM's own infrastructure for onwards transmission. (RIM are currently discussing with Ofcom how this can be fixed quickly.)
The debate at the moment has a number of different fronts — what should mobile operators be doing, what should other players (such as Facebook, Apple and so on) be doing and, importantly, what should fixed line providers be doing. It does not make sense to me for mobile providers to go forward alone.
The issue is not just a communications one, of course — the more fundamental question is whether certain content is, or is not, appropriate for children to view. But, if we decide that certain content should not be accessible by children, it would seem to follow that there should be a convenient and user-friendly method for helping parents enact these suggestions. Whether the approach should be opt-in, "active choice" (whereby the setting is chosen when the device is first powered on) or opt-out, there's a whole range of views.
My view, for what it might be worth, is that, whatever solution is chosen, it should not be down to operator discretion — the government needs to pick a solution, and then mandate it. The role of an operator is one of a technical services provider, not a moral arbiter.
What do you think? How do things work where you are?
Wednesday, 25 April 2012
Friday, 20 April 2012
USA v. Nosal
Perhaps more closely connected to the material in the information security module than the more regulatory aspect of telecoms law dealt with on the telecoms law module, the case of USA v. Nosal is likely to be of interest to those of you considering issues of access to a computer system without a right — the chief judge in the case draws a number of parallels with more general communications activities in making his decision.
This is a US decision from the ninth circuit, and was a 9-2 ruling — it's likely that this will reach the Supreme Court in the US for another appeal. The case looks at an employee's extraction of data from his employer and examines whether, under the US legislation, "access without a right" (as per the Convention on Cybercrime) means solely unauthorised access (such as an external hacker), or else the use of authorised access for unauthorised purposes, such as a user downloading data to which they have legitimate access, but for non-approved purposes.
The case sides in favour of unauthorised access only.
How should employers protect their data, then? Is it right that an external hacker who removes data commits a criminal offence, but that some form of breach of fiduciary duty or breach of contract would be required to take action against an employer who has access for authorised purposes, but abuses this access?
This is a US decision from the ninth circuit, and was a 9-2 ruling — it's likely that this will reach the Supreme Court in the US for another appeal. The case looks at an employee's extraction of data from his employer and examines whether, under the US legislation, "access without a right" (as per the Convention on Cybercrime) means solely unauthorised access (such as an external hacker), or else the use of authorised access for unauthorised purposes, such as a user downloading data to which they have legitimate access, but for non-approved purposes.
The case sides in favour of unauthorised access only.
How should employers protect their data, then? Is it right that an external hacker who removes data commits a criminal offence, but that some form of breach of fiduciary duty or breach of contract would be required to take action against an employer who has access for authorised purposes, but abuses this access?
Thursday, 19 April 2012
traditional operators vs OTT. fair rules?
After having submitted by theme 2 report about traditional operators vs OTT obligations, I've just found this article that goes exactly in the same direction.
I think the "pipization" (aka operators becoming mere bit pipes) of telcos is a real thing and all kind of traditional services are now offered also OTT (skype, whatsapp, OTT TV,...) . Is it realistic (and fair) to consider these services differently when operated by the network operator or when operated by a third party (and mainly from abroad).
http://coleago.wordpress.com/2012/02/22/ott-communication-services-vs-rich-communication-services/
I think the "pipization" (aka operators becoming mere bit pipes) of telcos is a real thing and all kind of traditional services are now offered also OTT (skype, whatsapp, OTT TV,...) . Is it realistic (and fair) to consider these services differently when operated by the network operator or when operated by a third party (and mainly from abroad).
http://coleago.wordpress.com/2012/02/22/ott-communication-services-vs-rich-communication-services/
Sunday, 1 April 2012
CCDP is coming?
Although not at all unexpected, it sounds as if the Communications Capabilities Development Programme is coming soon:
The government will be able to monitor the calls, emails, texts and website visits of everyone in the UK under new legislation set to be announced soon.
Internet firms will be required to give intelligence agency GCHQ access to communications on demand, in real time.
Subscribe to:
Comments (Atom)