diff --git a/HarmfulCommunications201908.org b/HarmfulCommunications201908.org index 927b874..304b9b6 100644 --- a/HarmfulCommunications201908.org +++ b/HarmfulCommunications201908.org @@ -327,7 +327,7 @@ - The new Copyright Directive... - -* CONSDONE Introduction +* Introduction My name is Éibhear Ó hAnluain and I have been working in software engineering and IT systems design since 1994. I thank you for the @@ -343,8 +343,8 @@ I will also address some additional concerns I believe are relevant to this analysis. -* CONSDONE Self-hosting -** CONSDONE Self-hosting +* Self-hosting +** Self-hosting For the purposes of this submission, /self-hosting/ is where an individual or small group has opted to provide their own internet services, making use either of computer capacity provided by an ISP @@ -369,8 +369,8 @@ *** CONSTODO Real examples of self-hosting I host a number of services: - - [[http://www.gibiris.org/eo-blog][/Éibhear/Gibiris/]] is my blog site. - - [[https://social.gibiris.org/][/Social Gibiris/]] is a micro-blogging service that is federated + - [[http://www.gibiris.org/eo-blog][/Éibhear/Gibiris/, http://www.gibiris.org/eo-blog]] is my blog site. + - [[https://social.gibiris.org/][/Social Gibiris/, https://social.gibiris.org/]] is a micro-blogging service that is federated with others using the /AtomPub/ technology. Thus, /Social Gibiris/ is federated with many other instances of /GNU Social/, /Mastodon/ and /Pleroma/. This network of federated services, @@ -383,10 +383,10 @@ - [[https://news.gibiris.org/][/news.gibiris.org/]] is a news-aggregation service that allows me to gather all the news sources of interest to me into one location, which I can then access from wherever I am. - - [[https://cloud.gibiris.org/nextcloud][/cloud.gibiris.org/]] is a file-sharing platform that I use with + - [[https://cloud.gibiris.org/nextcloud][https://cloud.gibiris.org/]] is a file-sharing platform that I use with my family when we are collaborating on projects (e.g. school projects, home improvement projects, etc.) - - [[https://matrix.gibiris.org/][/matrix.gibiris.org/]] is an instant-messaging system which I set + - [[https://matrix.gibiris.org/][https://matrix.gibiris.org/]] is an instant-messaging system which I set up for the purposes of communicating with my family and close friends. @@ -434,9 +434,9 @@ Very often, as with me, the reason to self-host is a combination of more than 1 of these reasons. -** CONSDONE How accessible is self-hosting. - In a previous, similar, submission[fn:dccae:Available [[http://www.gibiris.org/eo-blog/posts/2019/04/15_harmful-content-consultation.html][here]] and - [[https://www.dccae.gov.ie/en-ie/communications/consultations/Documents/86/submissions/Eibhear_O_HAnluain.pdf][here]].], I provide an outline of the challenges before someone who +** How accessible is self-hosting. + In a previous, similar, submission[fn:dccae:Available [[http://www.gibiris.org/eo-blog/posts/2019/04/15_harmful-content-consultation.html][here (http://www.gibiris.org/eo-blog/posts/2019/04/15_harmful-content-consultation.html)]] and + [[https://www.dccae.gov.ie/en-ie/communications/consultations/Documents/86/submissions/Eibhear_O_HAnluain.pdf][here (https://www.dccae.gov.ie/en-ie/communications/consultations/Documents/86/submissions/Eibhear_O_HAnluain.pdf)]].], I provide an outline of the challenges before someone who wants to set up their own services. They are few, and they are small. In summary, the reasons for this are: - The Internet is mechanism for computers to find each other and @@ -462,7 +462,7 @@ operating system that was accessible to all. Linux-based operating systems now form the basis of a significant proportion of internet connected computing devices - globally[fn:LinuxProportions:https://en.wikipedia.org/wiki/Usage_share_of_operating_systems] + globally[fn:LinuxProportions:[[https://en.wikipedia.org/wiki/Usage_share_of_operating_systems][Usage share of operating systems (https://en.wikipedia.org/wiki/Usage_share_of_operating_systems)]]] (including 73% of smartphones and tablet computers, somewhere between 36% and 66% of internet-facing server computers), and 100% of supercomputers. @@ -470,7 +470,7 @@ software developers wanted to add functionality to one of the original web server software packages, /NCSA httpd/. The Apache web server now powers 43.6% of all web - sites[fn:apacheProportions:[[https://w3techs.com/technologies/overview/web_server/all][https://w3techs.com/technologies/overview/web_server/all]]. Incidentally, + sites[fn:apacheProportions:[[https://w3techs.com/technologies/overview/web_server/all][Usage of web servers]]. Incidentally, the no. 2 on that web page, with nearly 42% share of websites is /nginx/. It also started out as a project by an individual who wanted to solve a particular project.]. @@ -538,7 +538,7 @@ that if one node goes down or is attacked, the others can continue with a minimum of interruption. -** CONSDONE Regulation of self-hosted services +** Regulation of self-hosted services While it is attractive to create regulations to manage the large, profit-making organisations, it is imperative that such @@ -580,13 +580,13 @@ pop into the heads of individuals, who would realise them with nothing more than a computer connected to the internet. -* CONSDONE Other considerations +* Other considerations While the main focus of this submission is to highlight the potential risk to self-hosters from regulations that neglect to consider the practice, I would like to take the opportunity to briefly raise some additional concerns -** CONSDONE Abuse of the systems +** Abuse of the systems To date, all systems that seek to protect others from harmful or other objectionable material (e.g. copyright infringement, @@ -594,7 +594,7 @@ example, in a recent court filing, Google claimed that 99.97% of copyright infringement notices it received in from a single party in January 2017 were - bogus[fn:googleTakedown:https://www.techdirt.com/articles/20170223/06160336772/google-report-9995-percent-dmca-takedown-notices-are-bot-generated-bullshit-buckshot.shtml]: + bogus[fn:googleTakedown:[[https://www.techdirt.com/articles/20170223/06160336772/google-report-9995-percent-dmca-takedown-notices-are-bot-generated-bullshit-buckshot.shtml][Google Report: 99.95 Percent Of DMCA Takedown Notices Are Bot-Generated Bullshit Buckshot]]]: #+BEGIN_QUOTE A significant portion of the recent increases in DMCA submission @@ -618,7 +618,7 @@ that claims of copyright ownership on the part of the claimant are to be made under penalty of perjury. However, that provision is very weak, and seems not to be a deterrent for a determined agent: - https://torrentfreak.com/warner-bros-our-false-dmca-takedowns-are-not-a-crime-131115]. + [[https://torrentfreak.com/warner-bros-our-false-dmca-takedowns-are-not-a-crime-131115][Warner Bros: Our False DMCA Takedowns Are Not a Crime]]]. The GDPR's /Right to be Forgotten/ is also subject to abuse. An individual from Europe continues to force stories related to him @@ -647,7 +647,7 @@ claimant suffers nothing for abusive claims, the regime is guaranteed to be abused. -** CONSDONE Content Moderation +** Content Moderation Much of the focus of legislative efforts to deal with harmful or objectionable material that appear on services that permit uploads @@ -718,7 +718,7 @@ didn't have time to determine the full context, or because it misinterpreted or misunderstood the context. -** CONSDONE User Behaviour +** User Behaviour Many believe that the way to deal with abusive or harmful material online is to punish the services that host the material. This is reasonable if the material was placed onto the service by those who @@ -751,20 +751,20 @@ there is no attempt to change behaviour, then abusive people will simply work around the controls and continue to abuse. -** CONSDONE Investigation support +** Investigation support In response to the live-streaming of that horrific shooting dead of more than 50 people in New Zealand earlier this year, that country - has proscribed the video recorded by that white supremacist - terrorist as "objectionable", making it a criminal offence to share - it[fn:banNotice:https://www.classificationoffice.govt.nz/news/latest-news/christchurch-attacks-press-releases/#christchurch-attack-video-footage-and-document-has-been-banned-in-nz-what-this-means-for-you]. + has declared the video recorded by that white supremacist terrorist + as "objectionable", making it a criminal offence to share + it[fn:banNotice:[[https://www.classificationoffice.govt.nz/news/latest-news/christchurch-attacks-press-releases/#christchurch-attack-video-footage-and-document-has-been-banned-in-nz-what-this-means-for-you][Christchurch attack video footage and document has been banned in NZ – what this means for you]]]. While one can understand the thinking that sharing the material could only be done by people who support the atrocity, this is not necessarily true. Other reasons to share the video or portions of it might include - to appeal for help in finding someone caught up in the massacre - - Legitimate news reporting of such an event. + - legitimate news reporting of such an event. - to help investigate the shooting and its circumstances[fn:ForArch:Forensic Architecture, https://forensic-architecture.org/, is a research group that @@ -772,7 +772,10 @@ records of events. To criminalise the sharing of such imagery and videos with no regard as to the purpose for the sharing plays directly into the hands of those who disregard victims' civil - rights.] + rights. Similarly, it's not correct to assume that police or + intelligence services alone perform these types of + investigations, so limiting permission to share to these + organisations would not be sufficient.] - training for law enforcement or terrorism- or disaster-response personnel. @@ -788,35 +791,35 @@ that it is now very easy for anyone to forge screen-shots of online postings. -** CONSDONE Encrypted services +** Encrypted services Some believe that if end-to-end encryption services that prevent security services from accessing material were banned or controlled, there would be less abusive behaviour online. This is not true, nor is it a good public policy. - Encryption is just mathematics, and it knows neither whether its - use is for ill or good. However, when you consider the extent to - which encryption is being used -- every website that uses =https= - as part of its address encrypts the traffic between itself and its - users, and that is nearly every website around the world -- the - good uses vastly outnumber the bad uses. If people are forced to - use an encryption system that has been modified to make it easy for + Encryption is just mathematics, and it knows neither that its use + is for ill or good. However, when you consider the extent to which + encryption is being used -- every website that uses =https= as part + of its address encrypts the traffic between itself and its users, + and that is nearly every website around the world -- the good uses + vastly outnumber the bad uses. If people are forced to use an + encryption system that has been modified to make it easy for security services to gain access to the messages, it means that all the good, innocent uses of encryption are at risk. Recent news that - Russian spies managed to infiltrate the - FBI[fn:Oath:https://news.yahoo.com/exclusive-russia-carried-out-a-stunning-breach-of-fbi-communications-system-escalating-the-spy-game-on-us-soil-090024212.html - (Please note that to access this story the user has to agree to - many hundreds of forms tracking or spend many up to an hour - examining those forms and disabling each one individually. It is - recommended that this story be access using "Incognito" or "Private - Browsing" mode in order to be protected against tracking).], - highlights how unreliable are assurances from security services - that they can keep secrets such as the keys to all encryption safe - from harm. + Russian spies managed to infiltrate the FBI[fn:Oath:[[https://news.yahoo.com/exclusive-russia-carried-out-a-stunning-breach-of-fbi-communications-system-escalating-the-spy-game-on-us-soil-090024212.html][Exclusive: + Russia carried out a 'stunning' breach of FBI communications + system, escalating the spy game on U.S. soil]] (Please note that to + access this story the user has to agree to many hundreds of forms + tracking or spend up to an hour examining those forms and disabling + each one individually. It is recommended that this story be access + using "Incognito" or "Private Browsing" mode in order to be + protected against tracking).], highlights how unreliable are + assurances from security services that they can keep secrets such + as the keys to all encryption safe from harm. All it takes is one determined intruder, and all the good uses of - encryption are put at risk in order to safe money and effort on + encryption are put at risk in order to save money and effort on investigating illegal activities. I have written a number of articles on this matter providing more @@ -829,10 +832,10 @@ - [[http://www.gibiris.org/eo-blog/posts/2018/09/04_some-questions-5-eyes-countries-what-can-they-do.html][Some questions for the "5 Eyes" countries on what they think they can do]] -* CONSDONE Answers to consultation questions +* Answers to consultation questions The follows are some answers to the questions posed in the call for submissions. -** CONSDONE Definition of communication in legislation +** Definition of communication in legislation - Question 1 :: There are currently significant gaps in legislation with regard to harassment and newer, more modern forms of communication. Is there a need to expand @@ -866,7 +869,7 @@ as /FOSTA-SESTA/[fn:FOSTA-SESTA:https://en.wikipedia.org/wiki/Stop_Enabling_Sex_Traffickers_Act] in the US, that seeks merely to punish web sites, - will to more harm than good[fn:SOSTAEffect:Lura + will do more harm than good[fn:SOSTAEffect:Lura Chamberlain, FOSTA: A Hostile Law with a Human Cost, 87 Fordham L. Rev. 2171 (2019). Available at: https://ir.lawnet.fordham.edu/flr/vol87/iss5/13]. The @@ -879,21 +882,24 @@ failure of the law to consider the effect of a straight ban. - The recently-passed new EU Copyright directive + The recently-passed new EU Copyright Directive mandates the filtering of user uploads based on prior notice that such uploads *may* be infringing - copyright, subject to severe penalties, but requires - mere respect for users' freedom of speech with no - penalties attaching to failing to do so. The + copyright and failure to implement this filtering is + subject to severe penalties. However, the directive + requires mere respect for users' freedom of speech + with no penalties attaching to failing to do so. The incentive for the service operators here is to err on the side of suppressing material regardless of anyone's freedom of expression, as the consequences - of not doing so could be catastrophic for the service - operator. + of keeping the material up could be catastrophic for + the service operator and the consequences of + infringing on someone's freedom of expression are + non-existent. The proposal in the UK to apply a duty of care to - service operators is also destined for failure, as a - duty of care is a physical-world concept that has no + service operators is destined for failure, as a duty + of care is a physical-world concept that has no suitable analogy in the context of internet services. Ironically, the likely best regulatory approach is @@ -902,7 +908,8 @@ liability protection. All these services maintain terms and conditions ("Community Rules", "Code of Conduct", etc.) and confirmed violations of these - result in sanctions on the users. However, where + result in sanctions on the users, up to and including + permanent exclusion from the service. However, where services aren't aware of violations, they are protected on the grounds that the behaviour that is objectionable is not that of the service operator, @@ -914,14 +921,14 @@ and advancing technologies, new apps and other online forums, including the more familiar social media sites? - + Answer :: This is this submissions core concern. For + + Answer :: This is this submission's core concern. For legislation to focus on the technology, and not on the behaviour, to focus on the service operator and not on the real offender, runs real risks of damaging - human rights of totally innocent parties, as well as - stifling innovation and consolidating the market - positions of the major operators -** CONSDONE Harassment, stalking & other forms of online abuse + human rights of innocent parties, as well as stifling + innovation and consolidating the market positions of + the major operators +** Harassment, stalking & other forms of online abuse - Question 4 :: Online harassment can take the form of on-consensual taking and distribution of intimate images or videos, otherwise known as ‘revenge @@ -1025,14 +1032,14 @@ who offers commentary on many aspects of society frequently posts messages on Twitter designed to elicit angry responses. I describe this person as "A - master of the false equivalence". This is the classic + master of the false equivalence". This is classic online trolling behaviour. Similarly, on the 18th September 2019, a prominent UK journalist tweeted personal details of a father who publicly challenged UK Prime Minister Boris Johnson regarding the state - of the NHS. This was construed by many as a - deliberate trolling to inflict a measure of - unofficial retribution on the man.]. + of the NHS. This act by the journalised was construed + by many as deliberate trolling designed to inflict a + measure of unofficial retribution on the man.]. It should not be assumed that pseudonymous accounts are created in order for the users to escape legal @@ -1053,21 +1060,21 @@ Ireland's are. - It should not be assumed that a pseudonymous account has been - created for reasons of abuse or harmful communication. In fact, - there's good reason to assume that the significant majority of - pseudonymous accounts operate for completely innocent - reasons[fn:realnames:facebook excepted. However, facebook's - real-name policy is itself wrong, and does a great deal of - damage to people who have good reasons for their names not to - be associated with their online presences.]. + It should not be assumed that a pseudonymous account has been + created for reasons of abuse or harmful communication. In fact, + there's good reason to assume that the significant majority of + pseudonymous accounts operate for completely innocent + reasons[fn:realnames:facebook excepted. However, facebook's + real-name policy is itself wrong, and does a great deal of damage + to people who have good reasons for their names not to be + associated with their online presences.]. - Question 12 :: Do other jurisdictions have statutory measures to protect victim identities in cases of online harassment being released online posthearings, etc? + Answer :: This submission is not offering any answer to this question. -** CONSDONE Harmful online behaviour and young people +** Harmful online behaviour and young people - Question 13 :: How do we most appropriately regulate social media platforms to prevent cyberbullying and inappropriate sharing of personal images?