Mapping Hacks

I dropped by the launch event for the GPL 3.0 discussion draft today, hoping to catch sight of Nagarjuna, which i completely failed to do. I hung about to listen to a discussion on Digital Rights Management policy - one materially new area that the GPL 3.0 covers is DRM, a new kind of attack on the freedom to write one’s own software, and an issue that’s causing a lot of heated debate.

The debate around “digital rights” looks as deep and fundamental as the debate over “human rights”. This boils down to: if you need a policy to ensure collective security, who is deciding on that policy, and how is it being enforced?

Seth’s short speech on the current state of DRM provoked some interesting streams of thought in me. First, a confirmation that a definable feature of the “new thing” is the melting of the boundaries between hardware and software. In the current thinking of the “Trusted Computing” industry consortium, digital rights - e.g. your right to view a copyrighted work, or use a piece of patented software - are enforced by a hardware cryptography component that cannot be reverse engineered or replicated in software alone.

Secondly, that there are two major metaphors for computing security policy that map to spatial security policy - a “tripwire” vs a “tollbooth”, or if you like, a “checksum” vs a “checkpoint”. A checkpoint is at a predictable place, and all traffic is constrained to pass through it. A tripwire is in a variable place, and who sets it off depends on who or what else is nearby at the time. As i understand it, the European Union’s Schengen system is a tradeoff of a checkpoint system - allowing free traffic within a given area - for something more like a tripwire system, where a temporary rights-managment border can be put up in any area that needs a short-term, custom security policy.

At this point, my mental narrative is running: “DRM… spatial data… tripwires… geofences… oh dear.”

Last year the Open Geospatial Consortium started a GeoDRM working group. If you leapt to the assumption that it would be directed and chaired by representatives of the Ordnance Survey, those pioneers of paranoid data protectionism at the expense of civic innovation, then you would be right in leaping to that assumption.

Our old familiar Ed Parsons wrote a blog entry about DRM in the geographic information industry a couple of months ago, after a meeting of the AGI at which Graham Vowles, the chair of the OGC’s GeoDRM-WG, made a presentation on his work (Warning! PowerPoint!). GeoDRM is probably a wet dream for the OS, allowing them to simplify their punitive data licensing regimes, and guarantee that when they distribute data to handpicked, “trusted” academic and arts research efforts, or are legally obliged to put their data into deposit libraries, that no-one without the hardware/software crypto component will even be able to look at the data to see what it contains, let alone redistribute it.

Ed’s blog commentary places him in the a little bit of DRM is a good thing camp. And viewed from 10,000 feet, this doesn’t seem such a bad position to take: in the way that every human deserves guarantees that they can control the disposition of their physical person in a way that does not negatively affect others; so each and every one of us deserves to be able to autonomously dispose of our digital person, the data that our actions leave behind in the world.

The implementations surrounding the FOAF (Friend of a Friend) project attracted a lot of this kind of critique: if i put my social network information in machine-intelligible form on a webserver, anyone who wants can use and recombine that information in ways that i may not know about or approve of. (At least one FOAF-powered picture sharing site, plink.org, closed down because of complaints from people featured in other peoples’ FOAF files, nervous that pictures of them could be so easily identified and correlated with their surroundings.)

I’d quite like to have more digital rights, or at least hear more discussion in the mainstream of what digital rights actually are or can be. (Back in the UK, the Open Rights Group is doing a nice job of providing a press clearinghouse and common point of contact for the widely scoped “digital rights” scene.)

I’d quite like to have a choice as to what policy i can subscribe to in order to ensure more of my digital rights. I’d quite like to have a cheap and simple open hardware and software implementation available in free public documents, so that if i want to manage other peoples’ rights to what i emit, i’m able to do so. But this does not seem to be where the DRM discussion is going.

Perhaps the first implementation of spatial DRM was DVD zoning - arbitrarily limiting where “in the world” a DVD will play, according to where the player for it was purchased. As more hardware manufacturers started to ignore the region flag, as software workarounds for it proliferated, as alternative formats for distributing the same information were developed, the idea of DVD regions as a sensible rights enforcement policy died away. But now there are a new set of potent tools to do a lot more of the same thing.

There are lots of neat little dystopian scenarios one can imagine once the loop of industry DRM, spatial data access, and sensing information starts to close on itself:

• “You seem to be trying to watch this movie in a room with more than three people in it. Access Denied.“
• “You have walked past the spatial boundary beyond which this movie cannot be legally watched. Access Denied.“
• “This movie cannot be legally watched after 7pm within 3 miles of a school. Access Denied.“

Caveats: I know very little about any of this, really, but write it down in the hopes that someone will find my inchoate, poorly-formed, ill-researched thoughts stimulating, and write down some better ones somewhere else.

Corrections: I thought this was Seth Finkelstein that i heard speak, but as he kindly emailed me to point out, he wasn’t there, nor is he writing a book about DRM. He suggested that it was very likely to have been Seth Johnson from NY Fair Use, which appears much more likely to be the case. I apologise once again for lying to the internet.

Notes: Seth Johnson, if you ever read this, and are actually the Seth i heard speak today, please finish your book; i’d very much like to look at it.

Posted in data |

You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.