March 11, 2005

The Infrastructure of Democracy

The Infrastructure of Democracy
Strengthening the Open Internet for a Safer World
March 11, 2005

I. The Internet is a foundation of democratic society in the 21st century, because the core values of the Internet and democracy are so closely aligned.

1. The Internet is fundamentally about openness, participation, and freedom of expression for all - increasing the diversity and reach of information and ideas.
2. The Internet allows people to communicate and collaborate across borders and belief systems.
3. The Internet unites families and cultures in diaspora; it connects people, helping them to form civil societies.
4. The Internet can foster economic development by connecting people to information and markets.
5. The Internet introduces new ideas and views to those who may be isolated and prone to political violence.
6. The Internet is neither above nor below the law. The same legal principles that apply in the physical world also apply to human activities conducted over the Internet.

II. Decentralized systems - the power of many - can combat decentralized foes.

1. Terrorist networks are highly decentralized and distributed. A centralized effort by itself cannot effectively fight terrorism.
2. Terrorism is everyone's issue. The internet connects everyone. A connected citizenry is the best defense against terrorist propaganda.
3. As we saw in the aftermath of the March 11 bombing, response was spontaneous and rapid because the citizens were able to use the Internet to organize themselves.
4. As we are seeing in the distributed world of weblogs and other kinds of citizen media, truth emerges best in open conversation among people with divergent views.

III. The best response to abuses of openness is more openness.

1. Open, transparent environments are more secure and more stable than closed, opaque ones.
2. While Internet services can be interrupted, the Internet as a global system is ultimately resilient to attacks, even sophisticated and widely distributed ones.
3. The connectedness of the Internet – people talking with people – counters the divisiveness terrorists are trying to create. 4. The openness of the Internet may be exploited by terrorists, but as with democratic governments, openness minimizes the likelihood of terrorist acts and enables effective responses to terrorism.

IV. Well-meaning regulation of the Internet in established democracies could threaten the development of emerging democracies.

1. Terrorism cannot destroy the internet, but over-zealous legislation in response to terrorism could. Governments should consider mandating changes to core Internet functionality only with extraordinary caution.
2. Some government initiatives that look reasonable in fact violate the basic principles that have made the Internet a success.
3. For example, several interests have called for an end to anonymity. This would be highly unlikely to stop determined terrorists, but it would have a chilling effect on political activity and thereby reduce freedom and transparency. Limiting anonymity would have a cascading series of unintended results that would hurt freedom of expression, especially in countries seeking transition to democratic rule.

V. In conclusion we urge those gathered here in Madrid to:

1. Embrace the open Internet as a foundation of 21st Century democracy, and a critical tool in the fight against terrorism.
2. Recognizing the Internet's value as a critical communications infrastructure, invest to strengthen it against attacks and recover quickly from damage.
3. Work to spread access more evenly, aggressively addressing the Digital Divide, and to provide Internet access for all.
4. To protect free speech and association, endorse the availability of anonymous communications for all.
5. Resist attempts at international governance of the Internet: It can introduce processes that have unintended effects and violate the bottom-up democratic nature of the Net.

December 31, 2004

Indian Ocean Earthquake: Arthur C. Clarke suggests help Sarvodaya charity in Sri Lanka

Although there is very good coverage of the desaster by Wikipedia's 2004 Indian Ocean earthquake coverage on donation, some additional info came in.

A Sri Lanka resident SciFi writer Arthur C. Clarke suggests to help Sri Lankan charity Sarvodaya. The organization has 45 years operating locally. (mirror)

They definately need medical supply.

April 10, 2004

Manipulated as Lost in Translation

How can you trust TV news media's accuracy if it is from the source with foreign languages? Or, how do you know your countries news media is providing news in other languages as same as you watch or read?

Especially for live TV news reports, interpretation voice over often fails. There's something always lost in translation and usually there are two types of reason:
1. Live interpreters' skill insufficient in the available time period.
2. Scripts provided for them had modifications by some reason.

But when the topics are critical, suspicion for the reason 2. often rise.

When the TV news on the incident of three Japanese hostage captured in Iraq by Saraya al-Mujahdeen militant group, Japan's TV didn't show shocking footage how hostage treated in the video. Not only that, live English interpretation in the footage on NHK TV news aired on Apr 9 night that family and relatives of the hostage meeting with Japan's Foreign Minister had suspicious words drop off.

It was noticed when the camera focussed at the brother of humanitarian aid worker Nahoko Takato, who'd been visiting Iraq since last year to help street children also previously worked as humanitarian aid in India. He had sharply criticized Japanese government not putting immediate withdrawal of SDF from Iraq as an option. The words "immediate withdrawal of SDF from Iraq" was not translated in the English voice over. He also said as "it doesn't mean that the government considering everything set in full" (caution: this is my translation) and it was dropped off too.

Reuters caught that and later written in the news article as:

No Word on Kidnapped Japanese as Cheney Visit Nears

"To be honest, I want the government to accept the withdrawal (of the troops) as an option," said Shuichi Takato, the brother of hostage Nahoko Takato, a 34-year-old aid worker.

The other drop off was in the footage of petition on the street. The petition was started by the friends of other hostage Noriaki Imai who wanted to research on effects of Depleted Uranium in the weapons that US military used. Of course the petition is asking immediate withdrawal of SDF from Iraq. But again, the English voice over didn't explain the purpose of the petition.

Since 9/11 many people in the US learned to check other countries news while US news media were not carrying the details of the subjects. Here, it is becoming similar in Japan.

Now some of Japanese are seeking info on these Japanese hostage in other countries media such as Euronews or Al-Jazeerah.

Maybe some of Japanese hope the US troops for the rescue. However, it is interesting that DARPA hosted web site TIDES Iraq Reconstruction Report has almost nothing on Japanese hostage related news collection. Maybe such hope has nowhere to go.
TIDES Iraq Reconstruction Report Apr 10, 2004

March 21, 2004

Coming Attractions: Embedding CreativeCommons Licenses by Digital Watermarking

Larry Lessig had quick visit to Japan on the weekend. While it was only three days, he had speech gigs. In my view, the one hosted by NTT's Inter Communications Center on Mar 20 was a could-be-remarkable event for the future of CreativeCommons. Or, it was possibly a preview of what to come.

The event started out with Larry's talk based on Free Culture. Then transformed as three member panel discussion with Hiroo Yamagata who translated the Code and The Future of Ideas into Japanese and Joi Ito of Neoteny who is very well known for his blog

During the session, there was an interesting tech demo was inserted. It was by Digital Commons Project team from NTT Cyber Solutions Laboratories based in Yokosuka, Japan. The team showed their latest development of web based system that binds CreativeCommons licence data with actual data of artist works by using digital watermarks and hush functions.

Particularly, the mechanism with digital watermarking is quite interesting. The technology embeds CC licence data (XML format) into JPEG and other type of graphics data as well as moving image data. The technologies for audio digital watermarking wasn't available yet on this demo. However, there are various algorithms to make audio watermarking so it would be a matter of time.

As some of you know that the digital watermark is a technique that to hide small size of data such as text into larger size of data such as graphics file by changing small bits of larger data in some spreading manner and mathematical functions. When used to graphics and audio files, usually there are artifacts. If you look or listen to the watermarked files very carefully, you might be able to notice. But it is very subtle if the settings are right. Also, these days almost every graphics and audio files are compressed so they all have some artifact. If the amount of the artifact is less than the amount that compression techniques produce, practically you can find it acceptable. (ok, I know that many of high end audiophiles disagree. but I think they won't accept any of compression schemes anyway.)

The technology is possibly coming available on their web site at within next several month. I suppose that, after this technology is widely available, searcher of artistic content can be guided to actual data file quite easily. It would boost interaction between artists and content searchers and could make more CreativeCommons licence based collaboration possible and easy.

March 09, 2004

Law, Norms, Market, Architecture

Here's just a thought.

The left is based on an illustration from Larry Lessig's Code, as many of you can imagine. I just rotated it CCW 90 degrees.

The right is my view of same 4 regulators in computer networked society. In the networked society, technological architecture totally surround an individual and he/she can only be able to communicate to others through the architecture. In that situation even the reach of law, norms, and market to the individual come only through the architecture.


February 20, 2004

Social Networks, Privacy Policy & Privacy Data Protection

I see several different areas in privacy issues of social network sites. these are just some thoughts.

- privacy policy:
some people are upset about the content of site's privacy policy. but it may be not the core issues. what important is how the site and operation organization is complying to its own privacy policy and how they manage it. then a queation is how to measure the level of compliance.

- damages to site's reputation and site's obligation to comply policy:
since businesses on the net popped up, there have been number of law suites on privacy matters. corps are learning that mishandling of user's privacy info is disastous to their biz and reputation. but what they don't know is how to manage the info.

- privacy policy in opration:
if managing privacy policy depends on human factors such as ethics, there's pretty good chance that the policy fails. to prevent this, there are technical measures such as encrypted data base, etc so called Privacy Enhancing Technologies. (yeah, I'm promoting PETs to gov with same logic)

- different values of personal info to differint group of data gatherers:
people feel threats about their personal information, but who are giving them such threats? gov? law enforcement? spy agencies? marketers? spammers? ID thieves? religeous cults? political campaigners? if you think values of the info, it's different to different groups.

- privacy info self defence by jamming
probably gov, and law enforcement are happy if they can get your name, living and work address, phone#. but marketers see more values in what you like and what you buy. and religeous cults want to know what is your religion. political campaigners want to know your political view. then, you may want to choose what types of info you want to reveal when registering. or you can put fake info and pseudonyms for more self defence.

- issues with USA PATRIOT
if the site had good privacy policy and good data control, but what will happen if the FBI comes to them with USA PATRIOT claims? this is real problem in site operators in the US. if the site operation has encrypted databases only allows original users to have decryption key, then may it be going into trouble?

January 03, 2004

The Last CyberWire Dispatch

The end of 2003 came with a little melancholic news to me. It was a forward of the last CyberWire Dispatch came into my inbox. "And so, finally, really, I'm not kidding... Meeks out..." as he wrote.

It was some time in 1993 when I read the Cyberwire Dispatch for the first time, I was fascinated, definitely. As many know that, it wasn't named as CWD at the time. But it was CyberWire Dispatch that made me decided to get into journalistic field in cyberspace. Without reading that CWD, I'm not here now.

Cyberwire Dispatch brought me an example of what an independent journalist could do online. It was a proof of online journalism could make a difference.

I must confess that Brock Meeks was one of my star journalist at the time. When someone introduced me Brock at one of Computers Freedom & Privacy conferences, I became uptight and could not speak well about what I was on. When Wired Japan magazine printed translation of Brock's news article and my article in the same page, I felt I was honored.

It had a great run, Brock. I miss CWD. But probably I'm missing it as a part of early days of the Internet I spent my time with. Now things are up to us. So let's move on to the next level. As someone said, an ending is a beginning...

Continue reading "The Last CyberWire Dispatch" »

December 14, 2003

Obfuscation Technique for Privacy Data

"Cash on the Table" Example

There is a $100 bill on the table. You know putting off it without the owner's agreement is a crime. But not everyone think so. Then the $100 bill is in vulnerable condition. Because the bill is valuable. Then you would like to take some step to protect it by:

- putting it in wallet
- putting it in ordinally looking bags
- putting it in picture frame
- putting it underneath of doormat
- putting it in steel safe
- putting it in your bank account

These are techniques of making the $100 bill "not looking valuable" and setting "access difficulties".

Then now imagine the $100 bill is your privacy data. How can you protect it?

- putting data some different label
- mapping to multiple label
- encryption of data
- multiple encryption wrapping
- mixing with unrelated data
- chopping up data
- distributing chopped data to separate storage
- random sort of data I/O query
- randomized data I/O timing
- obfuscating sender/destination address
- moving the data through encrypted path
- moving the data peer to peer
- making data redundant
- sending redundant data through multiple paths

Any more thoughts?

December 13, 2003

Scale of Anonymity, Pseudonymity and Identity

Ian Goldberg, a well known crypto researcher and CTO of Zero Knowledge Systems in Canada at the time, introduced the idea of "Nymity Slider" at RSA Conference several years ago. Basically, he saw different state of characteristics between true Identity and true Anonymity. It has four levels in the scale:

- Anonymity
- Non Reversible Pseudonymity (not tied to true identity)
- Reversible Pseudonymity (tied to true identity)
- Identity

I guess that those two kind of Pseudonymity is still new for many audience outside of crypto, security and privacy community.

Non Reversible Pseudonymity or Disposable Pseudonymity is like nick names sometimes called as Nym. They are not strongly linked to person's true identity. If the person happen to want to discontinue the Nym it can be done by disposing.
Actually the use of Non Reversible Pseudonymity is already popular for many ordinally Internet users. We see large number of people are using nick names or handle names for accessing online forums, and taking free email addresses for casual communication.

Reversible Pseudonymity is maybe as nick names backed by true identity. It has to link to true identity. However, making it without disclosing true identity needs some effort. Digital signature technology is thought as basis for realizing this by linking pseudonymity and true identity with mathematical computation. But it can be traceable pseudonyms back to true identity when needed.
(then question arise for Who and What occasion is allowed for trace back and How.)

December 09, 2003

debates on anonymity and pseudonymity

I admit that I wrote a post in haste and I was also insecurely thinking the issues without checking the original context when I wrote this. Actually I'm pushing Japan's government to take pseudonymity systems in gov computer networks and data bases with similar basis of idea that Larry explaining. Yes he said 'nothing about "limiting anonymity."' and 'It only talks about extending pseudonymity.' However, maybe I wished for my self if he said 'something about anonymity' little more proactive look such as pointing out importance of anonymity issues on electronic voting.