Thursday, August 30, 2007

OOXML and the prostitution of an international standardisation process

According to Wikipedia,

International standards is one way of overcoming technical barriers in international commerce caused by differences among technical regulations and standards developed independently and separately by each nation, national standards organisation, or company. Technical barriers arise when different groups come together, each with a large user base, doing some well established thing that between them is mutually incompatible. Establishing international standards is one way of preventing or overcoming this problem
and following its own website we learn that the International Organization for Standardisation (ISO) is “a network of the national standards institutes of 155 countries, on the basis of one member per country, with a Central Secretariat in Geneva, Switzerland, that coordinates the system”, which seeks to fulfils the ideal of a technical barriers’ free world. Due to the highly technical nature of ISO’s work, an ISO certification is understood to guarantee that a process or product satisfies the most stringent quality requirements (although ISO’s aim is to eliminate technical barriers, for many it has become a quality assurance label). File formats are not an exception and since the creation of the Open Document Format (caveat with the link: is a 706 pages PDF) by the Organization for the Advancement of Structured Information Standards (OASIS) in May 2005 and its subsequent approval by the ISO/IEC Joint Technical Committee 1 (JTC1) in November 2006 as the ISO/IEC 26300:2006, Microsoft has looked for the way to get its own version of Open Office XML format recognized as an international standard (it is to note that the original name of ODF was also Open Office XML and its development was started by OASIS in 2002, but its name was changed to Open Document Format when the European Union suggested to Microsoft and OASIS to initiate a process of standardisation of their Open Office formats using the phrase Open Document Format).The problem is that once you put Microsoft into the game things get complicated, because it is known the propensity of Microsoft to finance “independent” studies that coincidentally tend to find that Microsoft products are the best, including this standard, and it is also known that some people or groups would oppose anything created by or even with the smell of the Redmond company. And it seems that this time they are right.

One of the issues with the Microsoft proposed Open Office XML Standard is its complexity (6,000 pages), which does not compare well with the 600 pages of the Open Document Format that, in addition, is already and international standard. Another even more interesting issue with the OOXML is that, although is open from the copyright point of view, it seems to incorporate a number of procedures for which Microsoft has patents (to which users would have a licence to use freely unless they decide to use it in a way different that the established one…is that freedom?)

In its favour is normally mentioned that the standard has been already approved by Ecma International, but those using that information as supportive to the standard forget to mention that the European Computer Manufacturers Association changed its name to Ecma International (with Ecma being now a name without further meaning) when it became a private association of which Microsoft is member, and that it approved the OOXML as standards through its technical committee 45, which is co-chaired by Mr J. Paoli and Mrs. I. Valet-Harper, both employees of Microsoft. A further blow to Microsoft’s standardisation drive was given by the US Department of Defence that made reference to the potential problems associated with the OOXML standard, as

  1. Binary information in the standard that would lead to security concerns
  2. The referencing of unexplained backward compatibility modes that might pose a problem for third party implementers
  3. The use of proprietary file formats within the open standard appear to cause potential intellectual property ownership concerns

Notwithstanding those concerns, there seem to be national standardisation institutions that are willing to give the green light to the OOXML, especially if there are substantial piles of “green bills” on (or under) the table for those voting.

The blogosphere is red-hot about the Swedish Standards Institute (SIS) vote on the OOXML approval (what they are actually voting is what would be the country’s vote in ISO) and what entitles for both Microsoft and the Swedish. It appears that Microsoft was going to loose the vote when suddenly a group of companies that had never shown any concerns about the standards (before voting these type of things there are months of analysis of the format) or actually shown up at all, decided to show up, pay the little less than U$S2,500 membership fee and vote in favour of the standardisation of the Microsoft’s OOXML. As you may have already imagined, most of these suddenly-concerned companies are Microsoft partners, and in order to avoid any accusation of resembling Oliver Stone here you have the list of those joining at the last moment:

  • Camako Data AB (Microsoft Gold Certified Partner),
  • Connecta AB (Microsoft Gold Certified Partner),
  • Cornerstone Sweden AB (Microsoft Gold Certified Partner),
  • Cybernetics (Microsoft Gold Certified Partner),
  • Emric AB,
  • Exor AB (Microsoft Certified Partner),
  • Fishbone Systems AB (Microsoft Gold Certified Partner),
  • Formpipe Software (Microsoft Gold Certified Partner),
  • FS System AB,
  • Google (which joined at last moment to vote against the standardisation and it has been heavily involved in the process at global scale),
  • HP (Microsoft Gold Certified Partner),
  • IBizkit AB (Microsoft Certified Partner),
  • IDE Nätverkskonsulterna (Microsoft Gold Certified Partner),
  • IT-Vision AB, Know IT (Microsoft Gold Certified Partner),
  • Modul1 (Microsoft Gold Certified Partner),
  • Nordic Station AB (Microsoft Certified Partner),
  • ReadSoft AB (Microsoft Certified Partner),
  • Sogeti (Microsoft Gold Certified Partner),
  • Solid Park AB (Microsoft Gold Certified Partner),
  • SourceTech AB,
  • Strand Interconnect AB (Microsoft Gold Certified Partner) and
  • TietoEnator (Microsoft Gold Certified Partner).

The result, as expected, was 25 yes, 6 no and 3 abstentions. Well, information technology and software came to revolutionize and change everything, even the form and place where is conducted the oldest profession in the world…

Tuesday, August 28, 2007

Google and YouTube in hot waters over Nazi videos and the need for international cooperation

Today several Internet news outlets have carried the news that the Central Council of Jews in Germany has demanded that a criminal investigation be started into Google and YouTube for airing Nazi and Neo-Nazi videos that contravene German anti-hatred laws (Volksverhetzung as stated in Section 130 of the Strafgesetzbuch, Germany's criminal code). Whether YouTube-Google, a company located in the US and with its servers in US, has to comply with German anti-hatred laws could be argued as to be res judicata following the LICRA v. Yahoo! cases, both in France and the US and the voluntarily compliance of Google with Chinese censorships laws saying that had to do that “in response to local law, regulation or policy”. Furthermore, unless you are some sort of weirdo, there is a general agreement between civilized thinking people that Nazi things are not good and are abhorrent (vision that I assume the people of Google share, and I am tempted to say that I am sure about that). However, the problem is with the limit. As it was many times expressed by many people at many forums, if every company in the planet publishing in Internet needs to comply with the censorship regulations of every country, then every country will end having the same regulations of the most restrictive one, which would also imply that the freedom of expression and speech guarantees incorporated into constitutions and human rights agreements around the globe would turn meaningless. Some would argue that the solution rests on geographically specific filters, but then we would need to rewrite every book and paper on Internet and e-commerce and erase the part referred to global reach. So, it seems that the only solution, not an easy one, is some sort of global agreement on the topic, which was the reason I started studying Internet legal issues: while my area of interest was international cooperation on legal regime creation, back in 1998 I thought that the peculiar characteristics of Internet would force countries to give up part of the sovereignty and seriously cooperate on creating global regulatory regimes (since I chose to write my masters and PhD dissertations on taxations issues to show the need for such cooperation, they are both outdated, irrelevant and burnable, but the idea was not to deal with taxes and to show the mentioned need of cooperation, and I think that the underlying principle still stands) . While many may agree with the vision of an unregulated environment where everyone is free to do as she/he pleases, reality shows that people and companies need certainty to operate and plan, and that self-regulation normally does not provide such (although it is very often strongly defended as conducive to the creation of positive business environments without much data supporting the affirmations and a lot of vested interests and ideology behind), which leaves properly balanced and not excessive regulation as the necessary solution, in this case at international level. It does not go saying that it will be an easy task, and the experience with TRIPS is not encouraging due to the imposition of a handful of corporate groups’ interests into the rest of the globe with consequences in health, technology transfers and access to knowledge still difficult to measure, but situations like the one involving Google/YouTube seem to show that the need is there and will become soon unavoidable.

Metaverses law? Study Korean

As Andres reports in his Technollama and as I have been seen lately while researching about legal issues of MMORPGs, it seems that the forefront of the legal discussion on this topic is in Korea. The explanation can be quite simple and linear because although the origins of MMORPGs can be traced to Island of Kesmai and before, the real popularisation of the genre came with Ultima Online, and its sequences in Japan (more than half of the total subscribers for this game have been Japanese), and Nexus: The Kingdom of the Winds, an adaptation from a Korean game.These with the impressive penetration rate of broadband in Japan and Korea, now been supplanted by fibre connections directly to the home, laid the foundations for the current phenomenon (according to the OECD, “Japan leads the OECD in fibre connections directly to the home with 7.9 million fibre-to-the-home subscribers in December 2006. Fibre subscribers alone in Japan outnumber total broadband subscribers in 23 of the 30 OECD countries”, and when I moved from Japan to UK I was surprised after calling here to an ISP and asking for the fastest connection available to be given a 512K connection, when the day I was leaving Japan I got an add offering connections of 100M, back in January 2003). To the technological aspects two cultural ones need to be added to complete the picture: a culture of manga and games that goes back a couple of hundreds years, plus the aversion that is felt generally in Japan about resorting to court to settle disputes, leaving Korea as the venue for the legal developments. Thus, Korea is the place to look at if you want cases dealing with metaverses and MMORPGs. Some of the disputes that are arising or are bound to arise soon between users and owners of platforms have been already decided in Korea, and some of the cases made it up to the Supreme Court. Unfortunately, there is a tendency in the business, legal and academic world to not take notice of things unless they happen at either side of the North Atlantic (things need to be really big to get noticed if they are happening anywhere else). This could become a post about the inequalities in the flows of information and how tragedies affecting a single person in developed countries make it to the front pages of every newspaper and news portal of the planet when dozen of thousands kids die daily due to collective neglect around the globe and they are not even mentioned, or how, for example, for the UK RAE a paper published in some foreign journal that is read by thousands is less important than other published here that is read by the editor, the author and three students who have it as assignment, but the focus is still the need to look for solutions in the places where the problems have been dealt with before, and to not try to re-invent the wheel. There are differences of legal systems and it might well be that some of the facts of the cases are peculiar to the situations in dispute, but if it is possible to harmonize laws and regulations pertaining to matters as domestic as IP law (IP rights have effect on technology transfers, innovation, health and a very long list of issues related to national policies), there are clearly ways to take advantage of the existing and growing body of Korean case law on metaverses.

Tuesday, August 21, 2007

Official: SCO does not own UNIX copyright!

The US District Court for the District of Utah issued last 10 of August a decision regarding the case SCO v Novell, where the plaintiff (claimant in this side of the Atlantic) tried to get the court to acknowledge its ownership of the UNIX and UnixWare software (between many other things), which arose from a single cause of action originated by statement made by Novell claiming that it had retained the UNIX and UnixWare copyrights when it sold certain assets of its UNIX and UnixWare business to SCO's predecessor in interest, a statement that SCO found slanderous (the original cause of action was slander of title). There were many claims in both the SCO’s suit and Novell’s countersuit, but the most important conclusion made by the judge was that “Novell is the owner of the UNIX and UnixWare copyrights” (at p. 99), which will have important consequences for all the other court procedures initiated by SCO and the licence fees it extracted from many parties. Since the stance of Novell in the open source and Linux development community is well known, it is also a boost for those using/developing the software of the penguin.

Monday, August 20, 2007

Free and ilimited music downloads with your ISP in France

The French Internet service provider Neuf Cegetel announced that its subscribers to the Neuf Box (Internet+telephone+TV) have now a free and unlimited music downloading service with the package. In order to do that the French company has signed an exclusive agreement with Universal Music, which is providing an extensive catalogue of music and video clips. The music and video files are protected by DRMs, which need to be “renewed” every month by connecting the device being used to listen/watch them to Internet. It seems that the DRM in use is Windows based, so not a friendly move for Apple and its iTunes/iPod empire (in the non-exhaustive list of compatible players nothing made by the Cupertino-based company seems to appear).

One thing that may raise some eyebrows is the fact that both Neuf Cegetel and Universal Music have a common shareholder (Vivendi owns 40.5% through SFR and 100% respectively), which would make an interesting case for analysing some competition and antitrust issues. Is Vivendi using its shareholding power to make UM and Neuf Cegetel enter into an exclusive agreement that has as its object or effect the distortion of competition within the common market by applying “dissimilar conditions to equivalent transactions with other trading parties” as expressly prohibited by art 81.1 (d) of the Treaty of Rome? We will have to see whether other ISPs get the same deal, but it also can be argued that, regardless how unfair the deal may seem to others, it wouldn’t be fair to target only this deal because the whole “legal” music and video download business needs a deep (or deeper than until now) revision by the European Commission.

Friday, August 10, 2007

House of Lords report on Internet personal security

Today the House of Lords Science and Technology Committee 5th Report of Session 2006-07 on Personal Internet Security has been published. The full publication is, as expected, quite voluminous (121 pages the report plus 449 the evidence) and it will take more than this coming weekend to go through it (I do have other commitments during weekends). However, having participated in the meetings that led to the Society for Computers and Law submission to the inquiry, I still find that for reasons that now seem obvious, some of the policies that developed countries pursue in relation to the information society always have the disadvantage of these countries having established that the protection of intellectual property rights is one of the most (or the most) important policies in the area. Again, it is clear that IP rights are necessary and allow the legal fiction of treating creations as property and, therefore, facilitate their transactibility, but putting them as the most important policy issue seem to create problems in other areas. From skimming through the report, it seems that the Lords suggest that more recourses need to be devoted to deal with Internet personal security issues, both at corporations and government level, but the issue is that money for protection and enforcement is a finite resource and needs to be prioritized it, and, if the priority is to use public resources to protect IP rights, Internet security takes, at best, a second row seat. The case is far more problematic in developing countries where due to external pressure and the globalisation of the developed countries’ level of IP rights, which includes criminalization of IP rights infringement, a substantive amount of very scarce resources needs to be devoted to the protection of certain industries rights, which lead the rest of the society “unprotected” from the growing threat of cybercrime. So it is not a problem of resources alone but one of allocation of them and societies will have to decide if protecting the profits of the IP-related industries is more important than the identity, finances and well being of the rest of the society (it will be too long to explain here, but it can be argued that the real threat of terrorism relates to cyber-terrorism). The danger exists though, that the entertainment industry will try, and succeed in, to tie security with IP rights violation and then increase the pressure to divest even more resources to protect them...and the winner is...

Wednesday, August 01, 2007

P2P in colleges and the promiscuous relations between the US Congress and the entertainment industry

Some places have been commenting about US Senate Majority Leader Harry M. Reid dropping his proposed amendment to the Higher Education Act, called “Campus-based Digital Theft Prevention”, but while the news could be a good one, the fact that the amendment was ever proposed or drafted raises every form of concern. The amendment, incredibly bizarre from the legal and ethical point of view, was designed to give to the RIAA and the MPA police powers by asking them to draft annuals lists of the 25 colleges receiving the most notices of copyright infringement and then subject those colleges in the list (which again, was going to be made by the RIAA and MPA) to the obligation of using technological tools or losing federal student aid! It sounds impossible and incredible but yes, the leader of the US Senate majority proposed to put on the entertainment industry’s hand the decision of which college can and cannot receive federal student aid (do we need to check whether Senator Raid’s house is also been refurbished?).
The now defunct proposal, which seems that will be picked by the House of Representatives, does not make any sense and it is based on several mistakes of fact and law, that at that level cannot be ignored, so we have the right to wonder whether the representatives of Alaska are the only ones in need of FBI investigation (it seems that no). First, it takes as res sancta the simply untrue statements given by the entertainment industry in the Congress, which contradict the same industry’s official publications. According to Kenneth Green, director of the Campus Computing Project, in a comment to an article of the Inside Higher Ed.

[t]he comments by Mitch Bainwol, chairman and CEO of the Recording Industry Association of America, misrepresent the RIAA’s own data on who is engaged in illegal downloading and which (broadband) networks are being used for illegal downloading. Some examples: — only 4 percent (329) of the more than 8400 “John Doe” lawsuits filed by the RIAA in 2004-2005 involved college students; the rest were “civilians” using consumer broadband services. — a RIAA news release dated 28 Feb 07 states that “college students are the most avid music fans.” Yet data from the RIAA’s 2005 Consumer Profile reveal that consumers ages 18-24 (including but not limited to college students) account for approximately one-sixth (15-17 pct.) of the music buying population in the United States; in contrast, consumers ages 25 and older purchase two-thirds (66.9 pct.) of all recorded music.— “half” the nation’s more than 16 million college students ages 16-67 are NOT engaged in illegal downloading as claimed by Mr. Bainwol and others from the RIAA.

Other important problem of fact is that, particularly in colleges, is plainly not true that all the P2P traffic is devoted to infringing activities. Furthermore, most of the technologies that are now making the US competitive (this whole thing started from some of of committee for 21st Century Competitiveness or something like that) have been devised and tried in campuses and, due to the size of some of the files, P2P technology is what enables students and researchers to share them. And what happens with people perfectly-legally sharing music that is licensed under the Creative Commons? Is this another form that the RIAA and the MPA have found to stop people using alternative forms of licensing not needing them?
From the legal point of view, it is difficult to know where to start from. First, we have the issue of giving police powers and, indirectly, power to decide over the allocation of federal funds to trade groups that should be subject to investigation under antitrust legislation, seems a “bit” illegal, even within the current American situation where the rule of law is subject to so many exceptions. Then, to force third parties to take positive actions to protect the profits of copyright owners seems a step to far in the American Congress efforts to ensure that the entertainment industry keeps having profits far beyond what the market is ready to allow them. There are also concerns about whether such a measure would be compatible with the US Constitution 14th Amendment, because it puts an obligation into colleges that does not put into other networks and Internet Service providers and with the 4th Amendment because it will also imply that colleges will have to search all traffic going through them even when the researcher or student is connecting to the network from a private computer outside campus using a private Internet Service provider.
Other very important issue it that by monitoring and blocking certain type of traffic, colleges are likely to loose their status as transitory Internet Service Providers, which could make them liable for any type or infringement and also responsible for criminal activities taking place over their networks, and therefore, exclude them from the safe harbour provision of the Digital Millenniums Copyright Act. Then, many crimes are committed using cars…should the car vendors (providers) be liable unless they fit in every car a transponder that allow for localization and/or they also create some sort of technology to stop cars from working if a crime is committed with it? And the companies making the roads? And the gun industry? And…? There are so many examples to be given where the principle is that the one supplying the medium or the technology is not liable for the use of them that this sort of proposals are simple repulsive, because they come from people that won the last election promising to change the way things were done in DC…

(In order to not make a book out of this simple blog, I just left outside the issues relating of the inefficacy of the filtering technology and the even greater issues of academic freedom, freedom of speech and privacy)