The Dangers of Digital Law

Laws are in general supposed to make us safer and more secure, I think most of us would agree.  However there are areas where this is not the primary concern and even some where the opposite is true.  This is almost certainly the case in one of the older digital based laws created in the US called the Digital Millennium Copyright Act (1998) better known as the DCMA Act.

mobile-630289_640-1

It sounds safe enough at first glance but there’s a huge flaw at the very heart of this legislation which could seriously undermine the safety of the internet.  It sounds rather dramatic but it’s certainly a possibility with the increasing reach of devices connected to the internet – particularly the expansion of the Internet of Things (IoT) .  The problem is that all of these devices from smart phones through TVs to toasters and fridges all contain software embedded in them in order to communicate across the internet.  Software of course often contains bugs and flaws which can constitute a security risk, in fact there have been many reports of these ‘smart devices’ being used in DDoS attacks.

That’s where the problem lies with the DCMA Act, which contains a law stating that flaws in these devices cannot be disclosed without express permission from the manufacturer of the device.  Consider the issue, a security researcher or ethical hacker discovers a security flaw in a device, they cannot release this information legally and the manufacturer is unlikely to want to publish it’s own security problems.  What happens is that the flaws remain and don’t get fixed, and almost certainly then get exploited by computer hackers.

In fact there are situations where DCMA makes it not only illegal to disclose a software fault but also to fix it.   There have been test cases, most famously brought by John Deere tractors where it has been stated that it is illegal for owners to attempt to fix their tractors instead being forced to return them to dealers instead.  This is because the tractors like most equipment now contain a certain amount of software which control the devices bringing them into the remit of the act.

It’s of considerable concern to all of us, the devices we have bought are not really our property and the issue is extending to all sorts of situations.  We can’t use third party disks or cartridges in printers and game consoles because the manufacturer controls the software and access to that device even after we’ve bought it.  With digital services it’s even more extreme with media giants like Netflix enforcing blocks on proxies and VPNs as described in this article – The Great Netflix VPN Ban.

It’s a dream come to true for the manufacturers who are able to implement specific profit maximizing business models which are extremely restrictive to the end owners.  Control of the device is effectively kept with people who created it not with the people who bought it. Don’t think you can do what you like with that HP printer, because you can’t the law says so!

Further Reading:

Using Residential VPN services: http://www.theninjaproxy.org/technology/is-a-residential-vpn-service-essential-now/

Do I have a Digital Nationality?

Where are you from?  What do you consider your nationality?  For most of us it’s fairly straight forward – we are born, live and even die in a single country.   For others it’s a little more complicated, born somewhere, grow up somewhere else – living a life spread among a variety of countries.   Picking your nationality isn’t always as simple as looking at your passport.

This is further complicated now because of the way we live part of our lives  in the internet ether, most of us have a digital identity too.   You might think it doesn’t matter, after all when your online everyone is just an electronic presence at best a series of numbers making up your IP address.  However here’s the issue, your internet address is part of your identity and seriously impacts what you can and can’t do online.  Your digital nationality might not be something you’ve considered however nearly every web site and online service you use does consider this piece of information.

nokia-623939_640

The simple fact is that a US citizen using the internet does have a different experience from a Mexican, a European or a Turkish web user.   What you can do, what you can see will vary extensively simply based on that one piece of information – the location of your IP address.   This is your digital nationality and if you don’t believe it, try visiting China and try surfing the internet – you’ll be amazed at the difference.

The global giants who are dominating online multimedia are a perfect example, Netflix for example provides an account which is usable in over 160 different countries.   However it changes based on your location, in fact it varies hugely depending on your physical position.  Unfortunately this means that in many countries, Netflix has nowhere near as many movies available compared to connecting from a US location for example.  It’s so different that many people use software to spoof their location and access a different version, something that has led to this scenario – Netflix Blocking VPNs and Proxies.

Is this all fair? Should your online experience be affected  your location.  Your point of view will probably depend on where you are based – people in the US and Europe for example generally have a much better time online.   Just for illustration, Turkish web users were blocked from Facebook and Twitter for several days last week as the Government decided to restrict access.

There is no doubt that your digital identity is something that we all now need to consider.  To many people think that they are not linked to their online experience,  that they can remain totally anonymous without any privacy tools in place.  Every day millions of people download stolen digital goods like software and movies from torrent sites, thinking that they are safe and untraceable.  The truth is that anonymous torrenting although possible is actually fairly difficult to achieve and it certainly needs some technical tweaking to hide both your identity and location.

The reality is tinged with an element of sadness that commercialization and the need for control is starting to take over the digital world.  In the early days of the internet, your nationality and location was largely irrelevant – we were all just citizens of the world when online.  Those days though are now long behind us and it is imperative that we realise that when we post those funny clips or visiting those controversial websites that these are being linked to our online, digital profiles.