The Threats

These last couple of months have seen no shortage of threats to the open internet. Most readers of this blog have probably heard about SOPA, the U.S. Congress's attempt to grant the government powers to censor websites. If it were not for the backlash that stopped the bill in its tracks, the U.S. government would have been able to force internet service providers to block domain names; essentially, ISP's would have needed to lie about the existence of any website that the government deemed blacklistable, all on the basis of questionable U.S. copyright policies.

The internet has been no safer on Canada's side of the border. Earlier this week, the government introduced "lawful access" legislation aimed at giving law enforcement wide surveillance powers, including authority to collect information on anyone using the internet -- without even so much as a warrant.

Such threats will continue next week. Tunisia's top court is set to rule on whether the Tunisian Internet agency can choose to censor websites they deem to be pornographic.

Now, fortunately, SOPA is dead. The Canadian government back-tracked is also back-tracking on their online spying proposals (though they have not promised to get rid of them). But the threats will keep coming.

The problem

Although these three aforementioned threats arise from different policy issues, they have roots in the same technology weaknesses: in each case, the proposed implementation relies on what I like to call "internet choke points".

Problematic state activities such as censoring and mass spying both rely on the state misappropriating points of the internet infrastructure in places where it can to exert power over a large number of internet users. In most cases, this point of power is an internet service provider, where the state can tap into the communications of all users and filter their traffic. In other cases, the power point could be the domain name system with its top-down architecture.

Like trying to fit a peg into a round hole, these internet choke points don't fit well with the internet's overall architecture and abilities. Like trying to fit a round peg in a square hole, these choke points end up ramming a power pyramid onto a beautifully interconnected rhizome.

Getting rid of the choke points

It doesn't have to be this way. The high density of connections on the internet means that it's easy to distribute infrastructure -- and therefore distribute power and freedoms. Protocols such as bittorrent and tor are already leading the way in flattening out the internet to a state where equality can thrive. However, we need to work on removing the remaining internet choke points and making the internet as peer-to-peer as possible.

I have a few ideas on how to do this, which I'll be sharing over the next few blog posts; once I finally finish my bar exams next month, I might even have time to implement some of them!

Canada's first namecoin DNS server!

Right now, however, I want to share a new initiative that's paving the way to removing the internet's archaic DNS pyramid. Based on bitcoin technology, namecoin is an entirely peer-to-peer DNS system. It creates a new set of ".bit" domains which anyone can obtain for next-to-nothing (other than a bit of technical know-how in its infancy right now) and which involves no single choke point of failure. I encourage you to check out how you can get on-board to browse ".bit" domains.

I've also setup and currently host Canada's first namecoin DNS server at 199.19.215.104. Please feel free to use it! The easiest way to get started with namecoin is to simply point your network settings (or router settings) at this DNS server. You'll then be able to visit sites that have the “.bit” ending.

Last week, I discussed cutting the cord cable television and switching over completely to the internet. In this article, I talk about doing the same for the old telephone.

The Current Context

Remember back when long distance rates were sky-high? Well, I barely do, but I do remember they were high. Really high. Rates were a few dollars for a phone call lasting only a few minutes, even within Canada.

The reason? Largely, because the CRTC permitted only a single company to serve each area in Canada. These high rates are what happens in a monopoly market.

Granted, there were legitimate reasons for the monopolies. The infrastructure cost of creating a telephone network was enormous. But this is all history. In 1992, we got deregulation. The CRTC took down the walls and started allowing competition in the long distance market. Sure enough, long distance rates took a steep plunge.

Unfortunately, phone bills remained high! The Big Seven incumbent phone companies simply raised their local calling rates to compensate. The CRTC hadn't deregulated local phone plans, so the major phone companies were able to continue raking in revenues after a period of "rate rebalancing" in favour of higher local rates.

Finally, the CRTC did deregulate the local market in the late 1990's. Unfortunately, the local rates have still remained high, as the infrastructure cost of setting up local services has remained enormous. This fact has been true until recently -- that is, until the advent of high-quality VOIP (voice-over-IP internet phones).

With the help of the internet, it's finally time to take down the last barriers keeping the monopolies of the telecom era intact. Voice over the internet means zero infrastructure other than what's already there for the internet, leaving the market open for competition...right?

Right. Just about. There are still some regulations that are slowing VOIP uptake in Canada. For example, Skype blames these regulations for the lack of Skype-in in Canada. Canadians can make calls with Skype, but cannot get a local Skype phone number to receive calls.

Overall, I think Canadian VOIP services are merely slowed, but not halted. Other companies are taking the leap to comply with the CRTC regulations. Unlike the largely paternalistic regulation of the Broadcasting Act (thou-shalt-watch-Canadian-TV), I also actually have few qualms about these remaining VOIP regulations. Most of them are minimal and necessary. We're talking about essential services such as 911, and consumer protection measures such as requiring phone number portability.

The Solution

Excellent solutions to cutting your phone cord are already here. First, the cheapest way to take advantage is of VOIP is to make internet-to-internet calls. Both Google and Skype allow you to do this for free. The rates for this in Canada are as cheap as anywhere else. In fact, there is not even the possibility for any regulation to increase rates in Canada, as the Telecommunications Act only applies to a "transmission facility". This is the wires between any two points, but not the points themselves. The internet calls of Skype and Google only operate to connect people, but the companies own only servers to accomplish this task and no phone lines.

However, internet calls probably isn't enough for most people. As handy as it is to be able to call someone from my GMail sidebar, there's a lot of people that I'm never going to see there. A phone number is necessity.

Fortunately, there has recently been a small explosion of companies offering local phone numbers. I use Vbuzzer, paying all of $5 for my Ottawa phone number and an additional $15 for absolutely unlimited calling to anywhere in 32 countries. This is just the service I happen to use -- there are other similar services available.

Most of these VOIP services use the SIP protocol. You can get an app for an Android phone called CSimpleSIP that works seamlessly to receive and dial out phone calls. I have WIFI at home and at work, so can make calls at these locations for free, avoiding costly cellphone charges in addition to already avoiding the cost of a land line.

<Snip>, coaxial cable. <Snip>, telephone cord. It's all just internet now.

One cord for telephone, one cord for cable, and another for the internet. Why do we all have so many cords when it's all just internet in this modern day and age?

The short answer is, in fact, very short: money. The ability to bill you multiple times for the same product is a boon for cable and telephone companies. A consumer they can bill four times is a jackpot for these industry players. The quadruple sale of cable, phone, internet and wireless is commonly known in the industry as the "quadruple play". It's not clear whether the origin of this term derives from the baseball triple play, or from the fact that the consumer gets played -- four times.

All four of these services are simply an exchange of digital bits. I don't mind paying a reasonable fee to send and receive my 0's and 1's over the internet, but paying for different costly cable infrastructures that do the exact same thing is ridiculous. In this four-part blog series, I will discuss what's holding back the convergence of these services into one pipe. I will also discuss the available options for cutting the cord today. First up: cable television.

The Present Predicament

If you think that hefty cable bill you received last month was justifiable to pay for all the content you watched, think again. Under a basic cable package, you weren't paying for the content. Rather, you were paying for the distribution of the television signal. You paid the cable company to send you the cable signal down a coaxial cable, even though the internet could have sent you it just as well.

In fact, cable companies pay no more than a whopping $0.71 cents per subscriber to content providers for the rights in the basic content they send you (based on 2008 figures). The broadcasters providing the content have no choice but to license their broadcasts to the cable companies at this rock-bottom rate. Under the regime set out in the Copyright Act, this low royalty fee is set out by the Copyright Board (as the Retransmission of Distant Radio and Television Signals tariff).

Having to pay only this low fee, cable companies install receivers to pick up over-the-air signals which they then retransmit to their subscribers. They, of course, place many near the U.S. to pull in the coveted U.S. channels that us Canadians love. The cableco pays their $1, sends the signal to you for many many dollars, and walks away with a pocket full of money.

Normally, the marketplace in a capitalistic system corrects these market failures. However, in this case the cable companies have a natural monopoly. The cost of installing coaxial cables into every home is tremendous, creating a barrier to would-be market entrants.

Of course, there is no such barrier to internet distribution. You'd think that the grand monopoly of the cableco's would collapse under internet competition. You'd think quick-thinking entrepreneurs would pay the $1 content fee, stream television to internet users for $2, and collect a dollar from every single Canadian as they make the switch.

Well, entrepreneurs did just that. Back in 1999. In fact, these entrepreneurs didn't even charge their customers any money at all, but rather chose to support this low-cost operation through internet advertising.

The first of these, iCraveTV, became ensnared in legal battles in the U.S. and soon closed shop as a result. The company was unfortunately reckless about putting in place any safeguards to localize access to within Canada (the $1 royalty doesn't cover U.S. subscribers).

Next up, JumpTV came on the scene. Trying to avoid iCraveTV's mistakes, they proceeded to do everything by the book. However, before they could get off the ground, the legislature stepped in to put a stop to all this internet funny business. This was the kicker and the real set back for convergence and innovation: Parliament effectively banned use of the internet as a broadcasting pipe.

Parliament accomplished this ban in 2002 through a Catch 22 that's a devious mind would find quite beautiful in its circular form. With amendments to the Copyright Act by Bill C-11, An Act to Amend the Copyright Act, the low $1 content fee way snatched away from any broadcaster that transmits over the internet through reliance on the CRTC's New Media Exemption Order. That is, in simpler terms, Parliament told internet broadcasters to go ask the CRTC. The CRTC replied that they don't do internet licensing (they have still not created any new license categories for internet rebroadcasters nearly ten years later).

This may not be true for too many more years. The CRTC is once again taking a look at New Media in its current OTT ("over-the-top" video) hearings. Perhaps, in time, we'll see an end to the New Media Exemption in the next while and the establishment of new license categories -- though a much better solution would for Parliament to reconsider the door it slammed shut with its Copyright Act amendments.

For now, although regular broadcasts are off-limits for internet users, you can still cut the cable and partake in the over-the-top and internet video goodness that the CRTC is immediately discussing. Netflix reports to the CRTC that there is currently virtually no evidence of Canadian cord cutting. It's time for this to change. Let's cut 'em.

The Solution

While Netflix is the cord-cutting option that immediately comes to mind for those looking to cut the cord, the offerings of their Canadian version isn't exactly stellar or scissor-inducing.

However, there are other options. A surprisingly strong alternative (or a Netflix companion) is Boxee. On the plus side, it's also free (you can either buy the set-top box that the company offers, or simply download the software and install it onto any old computer or laptop with a tv-compatible output).

A couple weeks ago, I tried installing several other applications such as XBMC, but it appears only Boxee caters to Canadians. This software works by aggregating the many online offerings of websites that make videos available, such as CBC and CTV. Here are a couple screenshots demonstrating a few of the shows available:

Over-the-air is an another alternative not to pass up, especially now that Canada's digital tv transition is finally a go for August 31. For hi-definition lovers, keep in mind that over-the-air digital television is even better quality than it's HD cable counterpart (cableco's compress the signals a lot so as to fit them all down their one little pipe).

I get great over-the-air quality from a $50 Hauppauge WinTV antenna that I plug-in to the same old computer system on which I run Boxee. With the combination of the two, I get all the television I need.

While I'm admittedly not a television addict by any stretch, this setup is great if you only want a few basic channels and a reasonable selection of on-demand shows. Cutting the cable is a real option, right now.

For those television viewers that require more, you'll have to wait until the CRTC and Parliament stop protecting an obsolescent monopoly.

Wired Magazine posted an intriguing article yesterday about some allegedly questionable business practices of Groupon, the group-buy website that has exploded in popularity over the past year. Consumer protection advocates Benjamin Edelman and Paul Kominers estimate that Groupon may potentially pilfer consumers out of $140 million in 2011.

Well...not quite. This hypothetical amount rests on the assumption that merchants collect tax on the full, undiscounted amount of a good or service. In the U.S., as well as for most cases for Groupon deals under Canadian tax law, merchants should only collect tax on the amount actually paid (not the regular-priced "value").

Groupon leaves the collection practices up to the individual merchants, who may or may not follow proper procedure in calculating the tax. Perhaps Groupon should take more initiative in properly educating its partners, but it is centainly not at fault per se for any miscollection of tax.

In fact, overall, Groupon's policies appear quite commendable from a consumer perspective. Their stated return policy is wide in scope: "if your Groupon experience ever lets you down, let us know and we'll refund your purchase. Period."

However, the one area where their practices do often fall short of consumer protection requirements is in the expiry date of coupons. For example, in Ontario, in spite of Groupon's stated coupon expiry dates, a longer expiration date is often applicable under the Consumer Protection Act, 2002, SO 2002, c 30 and associated regulations:

• In the case of a Groupon that is for more than one good or service, or for a non-specific good or service, the Groupon does not expiry (CPAR, s. 25.1 & 25.3.)

• In the case of a Groupon for one specific good or service, the merchant needs to give detailed information on delivery of the good or service, if it costs more than $50. This includes, among other details, their exact address, a detailed description of the services, the total price including any taxes, any additional charges that apply, and the exact date that the coupon is to be redeemed (CPA, s. 21(1), 22; CPAR, s. 23.1, 24). Unless all of these specific details are provided by the merchant and agreed upon, the coupon may be cancelled up to one year later (CPA s. 23, 26(1); see also CPA s. 26(4)). In my experience, Groupons for services never comply with this requirement; thus, you have the option to cancel within a year.

• Only in the case of a Groupon for one specific good or service that costs under $50 (or where the exact date and details are pre-agreed upon) does Groupon's written expiry date fully apply.

In summary, I'd still give Groupon a B+ on their practices. Just watch out for the correct calculation of tax; also try to hit the expiry dates--but double check your rights before fretting about missed ones.

At the First Summit on the Future of Health Privacy last Monday, there was a lot talk of interesting talk about electronic health records, as these are are now being widely rolled out in the U.S. In general, I'm an advocate of technological solutions to policy problems, with the law to backup the technology where necessary. The privacy issues raised by electronic health records are no exception.

Professor Ross Anderson and several other speakers lent strong support to ensuring privacy through "system architecture". The essence of this proposal is that we should avoid central databases. Where a database is local to a particular clinic, hospital, or even municipality, the number of people with access to the database is inherently limited. Thus, the thinking is that The consequences of any data breach are likewise limited to only those patients in the database.

To illustrate the architectural problem, Ross gave a great example from the U.K. Within hours of a central health records system going live, one doctor had accessed the records of the Prime Minister, as well as that of many celebrities. With every doubling of the system size, you double the number of health professionals with access and double the likelihood of authorizing an unscrupulous individual.

This is the right type of thinking. However, although limiting the system size is one solution to this problem, it's not a great one overall. One of the key advantages of an electronic health records system is that it can allow patient data to be quickly and easily transmitted to where its needed. A doctor should be able to pull up the relevant and necessary health history data of an unconscious patient wherever it's needed. Patients should also be able to fill prescriptions at any pharmacies where they choose to give the pharmacy access to electronic prescriptions.

Location-restricting encryption

Fortunately, there's technological way to limit the scope of access to patient data, even while maintaining the convenience of a central database. In fact, this can be done with much better granularity than limiting access through system architecture to a particular region. The data needs to be encrypted, with careful consideration as to who is given the keys.

A first layer of encryption needs to mirror the security that architectural limits can provide. The read/write key should, in the first instance, only be accessible by a patient and her or his GP. The patient's health card should contain this key, giving the patient the ability to hand it over to any health clinic, hospital, or pharmacy that the patient visits. A patient's GP could also transmit to any health facility or pharmacy that requires it.

This effectively constrains the scope of an individual's records to only the places physically visited or otherwise authorized; this is much finer granularity than would be provided by limiting the size of a database, and with more flexibility.

No access by Data Providers

For these "location-restricting" keys, the data provider (where the records are stored) must NOT have access to them.

To illustrate, consider another great example from the U.K. that was discussed by Ross. A police officer asked a gynecologist for all health records of patients under the age of 16 years. The justification was that anyone under the age of 16 who has been involved in sexual relations has committed a crime. The doctor at the clinic rightfully refused and told the officer she'd see him in court. Problematically, could we really trust a network administrator at a data centre to do the same? It's important that the data centre itself is not able to access the records.

Additionally, where the keys are not even at the data centre, the information would not be compromised by unauthorized access. Quite frankly, I'd be very concerned about any type of electronic health record system whatsoever where the data is either unencrypted, or where the data provider has full access. With all the security breaches recently, including major banks and even the CIA, it would only be a matter of time before everyone's records would be compromised.

Access control

Of course, the scope of employees at a particular health clinic that has been given this encryption key is still a wide net. An audience member at the Health Privacy Summit, who worked at Oracle, noted that just about everyone from the top management down to the janitors at the U.S. Department of Veteran Affairs have access to the records there. There needs to be finer-grained control.

This is where a second layer of encryption comes in. The data provider needs to create services for granting and controlling access to different groups of personnel. Ideally, the data provider should provide a web portal through which a patient and a patient's doctor can monitor the various access grants.

Importantly, an access control system implemented in this manner inherently creates traceability. A data provider can easily record each access in an audit log. I think it's only reasonable that a patient should at least know who has access to this personal information records. If a medical insurance company provides health data to third parties for analysis, a patient should be able to track who this third party is and what records they are accessing. With access control, the data provider can even record what particular records any person accesses.

At the conference, there was also a lot of talk about data segregation. This technology allows different access controls on different health records. If a patient wants to hide certain records that are not relevant to a particular doctor, he or she can do so. It appears there are a lot if companies pouring a lot of money into these solutions.

A server-side access control system could seamlessly provide this type of control, although I'm not sure it's entirely necessary (and it could introduce another layer of complexity that must be dealt with by over-resourced doctors). I think it's much more important to control WHO has access, rather than WHAT they have access to.

Fiduciary Duties

The WHO of who has access should remain small. In fact, this WHO should only be people that can be trusted with the privacy of your health data. Primarily, this is the patients themselves and their own physicians. The law protects this trust between patients and their doctors by making it a fiduciary relationship, mandating the highest standard of care and good faith.

Doctors who are legally mandated with this high standard of care should be the only ones (other than patients) that can grant others access to health records. This is analogous to the paper-world, where doctors have physical control of health records and are responsible for who they give them to. If a doctor carelessly or needlessly distributes access to others, he or she would be in breach of fiduciary duties. A legal remedy would be available.

To recap, a first layer of encryption should provide data safety from unscrupulous law enforcement officers, compromised data centres, and anyone facility without the authority to access any particular patient's records. A second layer should provide access control on a person or group-based granularity, allowing access auditing and flexible security measures such as data segregation and the removal of previously-issued security certificates. This second layer should be controlled only by patients and their doctors, keeping control of the records within the trust circle of a fiduciary relationship.

Last week, the Electronic Frontier Foundation (EFF) launched The EFF Tor Challenge to encourage individuals and organization to setup Tor server relays. Tor is a P2P security network that permits users to protect online anonymity and to access an open internet. EFF writes:

• Activists worldwide use Tor to protect their anonymity online and to circumvent Internet censorship. But they all rely on a limited number of user-provided "relays" to protect themselves and communicate with others. Internet users worldwide need your help to make the Tor network stronger and faster, so take the Tor Challenge today!

I've taken up this challenge to do my part in support freedom of expression online. The Tor relay took only 15 minutes to setup -- I'd encourage anyone with any extra server capacity and even a little bit of tech savvy to do the same. EFF has a how-to video; preferring a static document that I could keep glancing at, I personally chose to follow the Tor Project's instructions.

Of course, the Conservative government may force me to take my Tor relay down within the next couple months. An omnibus crime bill that the Conservatives have promised to push through this fall is likely to put a legal stopper on individuals running Tor servers in Canada.

This omnibus crime bill will most likely include a rehash of some previously proposed legislation which I've recently been looking in my work at CIPPIC. The government dubs it "Lawful Access", but, in a less Orwellian world, we would call it "State Surveillance". It sets out requirements for internet service providers, and other parties, to maintain the technological capability for police to conduct internet wiretaps. It also sets out how they must provide law enforcement with information on subscribers. Additionally, the proposals set out the various legal mechanisms by which police can gain access to this information -- in some cases, no warrant is necessary and even a hunch will do

Aside from the headline issues that have seen some public debate in the past, there are smaller but serious sideblows in the legislation that could severely impact some existing and emerging technologies. Although the proposed legislation provides many exemptions to its burdensome technological requirements for wiretap support, there are many organizations and technology enterprises that may still suddenly face the task of having to maintain wiretap capabilities. This is definitely not a task for the faint of heart, nor any organization with a shallow pocketbook. Simply put, the legislation could stifle many innovative ventures and technologies.

Tor is one such technology service caught in the legislation's overly wide net. Under Bill C-52, the Investigating and Preventing Criminal Electronic Communications Act, nearly anyone running a service, whether it's peer-to-peer or not, is a "telecommunications service provider" and must provide wiretap capabilities. For individuals with servers and non-profit advocacy groups, both of whom are amongst the primary supporters of Tor, there are no exemptions that apply. These individuals and organization will have to implement and maintain the capability to allow law enforcement to wiretap all communications.

Problematically, even if a wiretap setup is within your capabilities and budget, it would be highly problematic to leave such a gaping wiretap-able hole in your Tor relay. The compromised security would jeopardize those depending on the security of Tor.

Now, if you were considering setting up a Tor network, perhaps at this point you're heaving a sigh and thinking, "well, okay, I'll resign to just running my Tor relay as a middleman, not communicating with any end users." Unfortunately, even this will not protect you from the legal and technology burdens of the proposed legislation. Although exemptions exist for telecommunications middlemen, they only apply to servers "that do not modify particular communications transmitted and that do not authenticate the end users". A Tor relay encrypts the traffic, most likely placing it outside of the scope of this exception.

It is not clear whether the legislators intend to shutdown services such as Tor, or whether their inclusion is an oversight. In any case, I can assure you that these issues have not been debated in the legislature, nor will they be debated in any depth if the lawful access legislation is pushed quickly through with the government's omnibus crime bill. The heavy-handed lawful access legislation as previously proposed needs a sober, careful look and a substantive debate to consider all of its potential impacts.

Please setup a Tor relay now, then tell your MP that you want to keep running it!

Canada is widely recognized as a hot-bed for spammers. In 2008, we ranked 5th in the world for total volume of e-mail spam, finishing behind only Iran, Nigeria, Kenya and Israel. Last year, Montreal-based "Spam King" Adam Guerbuez was fined a record $1 billion fine by a U.S. court.

Hopefully, the situation will vastly improve in the near future. Last December, the government finally passed a much-overdue anti-spam bill, An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act.

"The what?!!", you may ask. As an interesting aside, this act has no official short title. Every other Act that refers to it in the future will have to use this lengthy, unwieldy name. The reasons have everything to do with Christmas.

This bill was first known as the Electronic Commerce Protection Act, but it died on the order paper when parliament prorogued for the holidays in December 2009. When reintroduced last year, the government changed the title to the sensational U.S.-style name of "Fighting Internet and Wireless Spam Act". Reportedly unimpressed by the change, the Industry Committee members approved the entire bill except for the short title. Then, rather than follow a lengthy process to introduce a new short title--and with Christmas once again looming--the committee, House, and Senate all passed the bill as it was.

Now, back to the topic of spam. The law is finally updated, but I remain skeptical that market practices in Canada have yet changed. So I'm going to find out.

To conduct my investigation, I'm using a little-known feature available on most e-mail servers: the catch-all address. By configuring a particular domain name to place all emails in a catch-all inbox, every email sent to the domain will go to this single place. Whether the domain is bob@domain.com or almagwatchi_3141592554@domain.com, the e-mails will all end up in the same box.

By creating accounts on various internet services and using a unique e-mail address for each, I can track the ways that each address is used, sold, shared, or inadvertently exposed. The "from" header in each message will indicate the internet website or service originally responsible for sending or sharing each e-mail sent.

I'll simply tally up the numbers of e-mails that arrive, keeping tracking of both "proper" e-mails that originate from the site's own domain and spam e-mails sent by other internet sites. For each site, I'm signing up two accounts: one that refuses all e-mails and messages and another that consents to all of them.

I'm starting with the top websites in Canada, as listed by Alexa, but let me know if there's a suspect site that you would like me to add to the test!

I recently posted about a privacy project proposal I submitted to the "Ideas for a Better Internet" project by Harvard and Standford Law and Computer Science students. This great initiative is now seeking further public input and comments on how the group should start about re-engineering the internet:

• [W]e're announcing our Call 2.0, where we're asking the world for feedback to help develop the ideas for a better Internet. We've selected and consolidated the ideas that most resounded with our team, gathered and divided them into topic groups, and posted them on our new website: http://www.i4bi.org.

There are a lot of great ideas here, but here's a quick rundown of a few of my favourites:

1. Mesh networks. Essentially, a mesh network is an internet without the top-down architecture that currently allows governments--such as the recent regimes in Egypt and Tunisia--to hit the internet kill-switch. An organization called the Open Technology Initiative proposes "an open source 'device-as-infrastructure' distributed communications platform that integrates low-cost and preexisting, off-the-shelf devices, such as users' existing cell phones, WiFi-enabled computers...".

A P2P internet architecture that uses existing devices is absolutely key at this stage in trying to get a viable mesh network off the ground. The most likely early adopters are persons in areas afflicted by oppressive regimes, and in areas unable to afford traditional internet access. In both of these regions, any requirement for new and different technologies would be either prohibitively expensive or simply not permissible by the government.

2. User Rating of Certificate Authorities. The internet's current system of Certificate Authorities, which we all rely upon to certify our secure https connections, are problematic in many ways. First of all, purchasing a certificate is expensive. Prices can easily run into the hundreds, or even thousands of dollars. This creates a significant barrier for small websites and individual webmasters to secure their sites. Secondly, the trust worthiness of even a few thousand dollar certificate is sometimes highly questionable.

Crowd-sourcing the validation and verification of a particular server's trustworthiness could make the certificate authority system more secure, and free!

3. Last, but not least, I *happen* to be a fan of my own proposal that has made the initial cut: ISP level privacy protections, which I've previously discussed here.

Remember that the crews at Harvard and Standford are actually going to start working on a couple of these innovative ideas! Comments are most welcome on the feasibility and possibilities for both my proposal and the others.

As I begin to wind down the Nomus project (see my comments here), I'm beginning to look at some smaller projects to keep my hands a bit dirty with software code. Although I have my feet more in the legal world these days, I still absorb myself in bits and bytes during my free time. I have a few ideas...and would appreciate any comments or offers to join these efforts!

One idea I have is the development of a tool to allow users to easily manage privacy settings across multiple social networking platforms.

I think a great start would be to branch Creepy, adding functionality to allow a user to remove their sensitive location information. For readers that haven't heard of Creepy, it's an aptly named tool that fetches and aggregates location data on any person. It searches and parses geodetic metadata from any user's posts to Twitter, as well from any photos posted to a variety of other websites such as Flickr. As the Office of the Privacy Commissioner warns, "Creepy can harvest data from a dozen of the most popular photo hosts...then illustrate any found location data with Google Maps. The result is a visual cluster of your usual whereabouts: your favourite park, your place of employment, or your home."

Another idea I've been thinking about for some time is to implement the law as computer code. I was excited to read last week on Slaw that a group from Stanford’s Center for Computers and Law is starting to work on exactly this project, called Hammurabi. They describe the aim of their effort as follows:

Though not often thought of this way, law is inherently computational. It is a set of algorithms that prescribe how various computations are to be carried out. What is my standard (tax) deduction? Am I eligible for family and medical leave? On what day did I become liable for unemployment taxes? Determinations such as these are like mathematical functions: given various inputs, they produce corresponding outputs.

The Hammurabi Project provides a vehicle for representing portions of the law in an executable format, so that the process of logical inference can be offloaded from human to machine. Once executable, it can be embedded into our computing infrastructure where it can drive other applications.

I envision a project of this sort being very useful in helping self-represented individuals to find the key issues to a legal problem. After the logic of legislation and case law is codified, a user interface could easily ask a user pertinent questions that would collect the relevant facts and, after applying these facts to the law-as-code, drill down to the legal issues that arise.

It looks like the Hammurabi project is just starting out, and it'll be interesting to see what comes out of it in the future.

As I'm particularly interested in a similar implementation of Canadian law, hopefully their initiative will develop some useful tools. For now though, after a brief look of their existing project, I would be a bit hesitant to entirely adopt their current approach for a Canadian version. Rather than using C# classes to describe the law, I think it's highly important that the code structure follow the structure of legislation, rather than vice-versa. With a more flexible language--perhaps Ruby--the data structures that are to reflect the legal text could be defined after each provision, in a document that containing both the code and the legal text. This way, as legislation changes or as case law modifies and adds to existing legal rules, the rules will be easy to modify. In fact, each new case could simply be another source file that modifies the existing rules-as-code.

If either of these ideas sound interesting to you, or you have any comments, send me a line at kmewhort@gmail.com!

I came across this call for proposals for "Ideas For a Better Internet" today. A group of Stanford and Harvard Law and Computer Science group are soliciting submissions on ways to "make the Internet more secure, more accessible, more open, or just plain better" -- and then they're going to try to make the best ideas happen!

I'd encourage every who has any ideas to jot them down and send them in (it's only 350 words max). It's a great opportunity to hopefully get a couple innovative projects off the ground.

I have one recent idea on this front -- I think many benefits could be realized by middleman ISP's taking a more active role in privacy protection. Here's what I submitted:

---

Recent innovations in web browsers such as Firefox and Internet Explorer are starting to address some of the growing obstacles facing privacy on the internet. Regulatory possibilities, such as a do-not-track protocol that relies on advertising agencies respecting users' privacy wishes, may also help mitigate increasing concerns. However, some of the best privacy protections might come from the middleman -- ISPs.

A few examples of privacy protections that could be implemented at the ISP-level are as follows:

• Removal or falsification of geodetic information from any images uploaded

• Removal of "tracking" information, such as third-party cookies by advertising agencies (perhaps through the use of a community-maintained filter list)

• Automatic redirection to HTTPS services, where supported

The major benefit of this approach from a technological perspective is the inherent platform independence (from the perspective of an internet customers). With the proliferation of alternative web browsers such as those on mobile devices, it is not always possible for users to take advantage of browser-based privacy protections. An ISP-based solution would work for all devices.

ISP-level solutions are also advantageous from a policy perspective. Conflicts of interest often arise in the actual implementation of browser-based tools. For example, Microsoft owns a subsidiary advertising agency, which may already have resulted in watered down privacy protections in IE.

If there is ever to be regulation of privacy, ISPs are also the ideal candidate to bring legal requirements to fruition. Whereas jurisdiction will always be an issue for browser software developers and for advertising companies, who can be located anywhere in the world, an ISP is always local to the jurisdiction of the internet user.

As far as implementation goes, ISP-level filtering would involve a web-based interface and underlying filtering/firewalling technologies (which could be based off of existing client-level solutions). It may also be possible to leverage existing filtering technologies already used by ISPs for traffic shaping.

If implemented, this will be advantageous over existing privacy technologies in its platform compatibility, the lower level of conflicts of interest, and the feasibility of regulatory enforcement.