Computer Ethics, Fall 2020, Mondays

November 16
Class 12 Readings
By this point you should have read all of Baase Chapter 4 on copyrights and patents, and started reading Chapter 5 on computer crime.


Muslim Pro

Remember our discussion on app location information?

Based on the article below, I installed Muslim Pro on my android phone. This app is used by Muslims worldwide. When started, it said

    The app needs your location to calculate accurate prayer times

Of course, that meant enabling location on the phone, and also granting that permission to the app. The app does have an option to work without location data, but it's definitely something one has to search for.

It turns out that someone is buying this location data from the app maker: the US military.

See https://www.vice.com/en/article/jgqm5x/us-military-location-data-xmode-locate-x.

The developer,  Bitsmedia, by default shares information with a company named Tutela, and a company named Quadrant. From the privacy policy:

Bitsmedia partners with Quadrant to collect and share precise location information via mobile SDKs. You can supposedly opt out of their reselling of the data.

But if you do not, Quadrant apparently sells your location data to a company named X-Mode, who in turn sells it to the US army.

Again, a big issue here is that Android does not support different levels of location data. There's a big difference between location data accurate enough to determine the approximate time of sunrise and location data accurate enough for a drone strike.

YouTube-dl

It's baack! See github.blog/2020-11-16-standing-up-for-developers-youtube-dl-is-back.

Section 1201 does not include language for immediate takedowns claims (that's in Section 512), but Github presumably wanted to play it safe. Github writes:

And our reinstatement, based on new information that showed the project was not circumventing a technical protection measure (TPM), was inline with our values of putting developers first.

Also, Google issued a takedown request to Github for the takedown of the widevine-L3-decryptor. Widevine is Google's DRM for streaming video in the browser, used by Netflix and everyone else. Level 3 is the weakest level; a vulnerability was announced in early 2019. Level 3 is used by most desktop viewers; it does not allow for HD content streaming.

See github.com/github/dmca/blob/master/2020/11/2020-11-09-Google.md. This takedown may stick.

Austria and world censorship

See slate.com/technology/2020/11/austria-facebook-eva-glawischnig-piesczek-censorship.html. Here's what's going on:

[The] Austrian Supreme Court ordered, pursuant to local defamation rules, that Facebook remove a post insulting a former Green Party leader, keep equivalent posts off its site, and do so on a global scale

The CJEU ruled a year ago that the EU's e-commerce directive, forbidding member states from creating content-monitoring requirements, did not prevent the Austrian action. That was a little weird, but as I understand it the point is that this is a specific post that must be taken down, not a general category.

The case is not entirely over, but is definitely part of a disturbing trend.



Patents

Here are the practical grounds for appealing someone else's patent

  1. Find prior art, proving someone else had the idea before the patent filing date
  2. Show that the patent is obvious by showing it is a straightforward application of a known algorithm (Flook)
  3. Show that the patent is obvious by showing it is a straightforward combination of prior-art ideas (KSR v Teleflex)
  4. Show that the patent is obvious by showing it represents doing on a computer a process that was well-known without computers (Alice)
  5. Show that the patent is "abstract" (hard, as the standard for "abstract" is not clear; Bilski)

What about the XOR-mouse patent? KSR doesn't help here (though prior-art algorithms might). This example galvanized a lot of opposition to software patents, by software engineers who felt the use of XOR here was entirely obvious.

What about the 1994 Eolas patent? Points 2, 4 and 5 don't apply. Point 3 is difficult, as there was no prior art for embedding applets in a browser. Browsers were very obscure until 1993. However, once you have a browser, and use it regularly, the idea of embedding other content is quite compelling.

(The Patent Office often sets a very low bar for how innovative an application of an algorithm must be, so the XOR patent might win on that.)

KSR v Teleflex / Bilski / Alice / Heartland v Kraft

Crime

Hacking was not always about crime.

Hacking and the CFAA

TJX, Target and PCI-DSS

Some felonies: