The New York Times has a fantastic writeup of the criminal activities and investigation of Alberto Gonzalez, a black-hat hacker who masterminded the TJX and Heartland Payment Systems credit card data breaches and who was sentenced to 20 years’ imprisonment earlier this year. The story has a cinematic, but slightly tragic quality:
At the same time that Gonzalez was stealing all this bank-card data, he was assembling an international syndicate. His favored fence was a Ukrainian, Maksym Yastremskiy, who would sell sets of card numbers to buyers across the Americas, Europe and Asia and split the proceeds with him. Gonzalez hired another EFnet friend, Jonathan Williams, to cash out at A.T.M.’s across the country, and a friend of Watt’s in New York would pick up the shipments of cash in bulk sent by Williams and Yastremskiy. Watt’s friend would then wire the money to Miami or send it to a post-office box there set up by James through a proxy. Gonzalez established dummy companies in Europe, and to collect payment and launder money he opened e-gold and WebMoney accounts, which were not strictly regulated (e-gold has since gone out of business). He also rented servers in Latvia, Ukraine, the Netherlands and elsewhere to store the card data and the software he was using for the breaches. Finally, he joined up with two Eastern European hackers who were onto something visionary. Known to him only by their screen names, Annex and Grig, they were colluding to break into American card-payment processors — the very cash arteries of the retail economy.
To ask the Secretary of State for Business, Innovation and Skills if he will make it his policy to ensure that internet service providers do not discriminate against competitors and new entrants in the speed at which websites and services reach their customers.
To which the Honourable Member replied:
The Government expect all internet service providers (ISPs) providing an internet access service-both fixed and mobile-to offer all legal content. Consumers should always be able to access any legal content or service they want to and content providers and applications should be able to access consumers. ISPs should not be able to discriminate unfairly against services or users. That means no blocking or discriminatory degradation of services or applications for commercial reasons.
There is not yet any evidence that discriminatory practices are emerging, or that there is a problem with regards to how ISPs or networks manage the traffic that flows over them (something they all engage in for technical reasons to deliver the best possible service to consumers). And this is enforced by the initial responses to Ofcom’s recent consultation on the issue. Read more »
As has been widely reported, the three co-founders of file-sharing website The Pirate Bay have lost their appeal before the Stockholm Court of Appeal against criminal convictions imposed in April 2009.
The Court upheld the trio’s convictions for contributory copyright infringement and increased the collective financial sanctions from $2m to 46 million kroner (USD$6.5m), largely on the basis of the recording industry’s evidence, which was accepted to a greater extent than by the trial judge.
The Court reasoned that ‘The Pirate Bay has facilitated illegal file-sharing in a way that results in criminal liability for those who run the service. For the three defendants the court of appeal believes it is proven that they participated in these activities in different ways and to varying degrees’. Curiously, they were liable to pay the fine in equal amounts.
The really interesting barb in yesterday’s decision is the reaction by the British Phonographic Industry spokesperson, who demanded that English ISPs ‘act responsibly and stop providing unfettered access to this criminal website’. The idea that ISPs could ever come under a duty to block access to a third party website that enables contributory infringement is, of course, absurd, but if these comments are anything to go by, it’s something that ISPs will face increasing pressure to do.
Financial intermediaries are little more than rent seekers, says a thought-provoking article in this week’s New Yorker magazine:
One is the role of financial intermediaries, such as banks. Rather than seeking the most productive outlet for the money that depositors and investors entrust to them, they may follow trends and surf bubbles. These activities shift capital into projects that have little or no long-term value, such as speculative real-estate developments in the swamps of Florida. Rather than acting in their customers’ best interests, financial institutions may peddle opaque investment products, like collateralized debt obligations. Privy to superior information, banks can charge hefty fees and drive up their own profits at the expense of clients who are induced to take on risks they don’t fully understand—a form of rent seeking. “Mispricing gives incorrect signals for resource allocation, and, at worst, causes stock market booms and busts,” Woolley wrote in a recent paper. “Rent capture causes the misallocation of labor and capital, transfers substantial wealth to bankers and financiers, and, at worst, induces systemic failure. Both impose social costs on their own, but in combination they create a perfect storm of wealth destruction.”
Ed Vaizey, the Secretary of State for Business, Innovation and Skills, has made comments in a speech which suggest that he favours abandonment of the neutrality (non-discrimination) principle in internet traffic management. The comments have, perhaps rightly, triggered an avalanche of vitriolic abuse.
It is worth setting out the Minister’s remarks in full:
The issues here are complex. People don’t even agree what is meant by net neutrality. It is a term which means different things to different people.
At the heart of this debate, however, is the extent to which traffic should be managed on the Internet, and more
specifically whether ISPs should ever have the right to favour one content provider over another, particularly for commercial reasons.
That seems a fair, if simplistic summary of the central issue. Vaizey went on to identify three principles that he thinks should ‘guide the debate’:
First, openness — Consumers should always have the ability to access any legal content or service. Content and service providers should have the ability to innovate and, most importantly, to reach end users.
Secondly, transparency — This is a fundamental principle … [P]roviders must present information about their
service, including the nature and extent of their traffic management policies and their impact on service quality in a
clear, visible and easy to understand form for all their customers. Read more »
Tim Wu’s excellent new book, The Master Switch: The Rise and Fall of Information Empires, chronicles a history of communications policy and the long-term behaviour of firms in information industries. His basic thesis is that such firms acquire market power by a combination of network effects and industry consolidation, then exert a form of regulatory capture that allows them to alter the rules of the game so as to drive out competitors and extract rents from their monopoly infrastructure.
A recent piece published in The Wall Street Journal provides a neat summary of these ideas and serves as a kind of postscript to the book itself:
Today’s Internet borders will probably change eventually, especially as new markets appear. But it’s hard to avoid the conclusion that we are living in an age of large information monopolies. Could it be that the free market on the Internet actually tends toward monopolies? Could it even be that demand, of all things, is actually winnowing the online free market — that Americans, so diverse and individualistic, actually love these monopolies?
The article goes on to examine how information monopolies develop. Wu’s basic method is historical, examining how similar patterns emerged in the telegraphy and telephony industries during the late 19th century: Read more »
Unsurprisingly, it turns out that online dating websites make algorithmic choices that strongly influence influence (and are tailored to) their users’ behaviour. But are they better?
I asked Yagan whether OkCupid might try tailoring its algorithm to surface more statistically successful racial combinations. Such a measure wasn’t out of the question, he said. “Imagine we did a lot of research, and we found that there were certain demographic or psychographic attributes that were predictors of [successful relationships]. Hispanic men and Indian women, say,” Yagan suggested. “If we thought that drove success, we could tweak it so those matches showed up more often. Not because of a social mission, but because if it’s working, there needs to be more of it.” …
Algorithms are made to restrict the amount of information the user sees—that’s their raison d’être. By drawing on data about the world we live in, they end up reinforcing whatever societal values happen to be dominant, without our even noticing. They are normativity made into code—albeit a code that we barely understand, even as it shapes our lives. … We’re not going to stop using algorithms. They’re too useful. But we need to be more aware of the algorithmic perversity that’s creeping into our lives.
First Pakistan, then Bangladesh, Iran and — if anecdotal reports are to be believed — China. Now Saudi Arabia has reportedly blocked Facebook, on the basis that the website “crossed a line” in not conforming to the “values” of the country. It could turn out to be just another Mohammed-cartoon incident, but this raises a question: how are non-democratic states to engage with Western intermediary platforms that, if allowed to be accessed, cannot easily be regulated, monitored or controlled? So far, the answer seems to be an all-or-nothing approach: full access, or no access. What’s a social network to do?
The official says Saudi’s Communications and Information Technology Commission blocked the site Saturday and an error message shows up when Internet users try to access it. He says Facebook’s content had “crossed a line” with the kingdom’s conservative morals, but that blocking the site is a temporary measure. The official spoke on condition of anonymity because he wasn’t authorized to speak to the media.
Pseudonymity, liability, no copyright, and a $250 advance. Sounds like a pretty crappy publishing deal:
It’s an agreement that says, ‘You’re going to write for me. I’m going to own it. I may or may not give you credit. If there is more than one book in the series, you are on the hook to write those too, for the exact same terms, but I don’t have to use you. In exchange for this, I’m going to pay you 40 percent of some amount you can’t verify—there’s no audit provision—and after the deduction of a whole bunch of expenses.” He described it as a Hollywood-style work-for-hire contract grafted onto the publishing industry—“although Hollywood writers in a work-for-hire contract are usually paid more than $250.”