I don’t recall any French politician at minister level so plainly taking side with free software :

Free software is a crucial asset for our economy, in more than one way. First, it enables the struggle against technological dependance upon actors who own our everyday computing tools – it is therefore a true guarantee of digital sovereignty. Furthermore, as we see today and contrary to popular myth, free and open source create jobs. Original business models have been invented and they are important factors in productivity and competitiveness for both private and public sectors who can in this way better control their holdings and concentrate their efforts on their specific value additions. Finally, free software undermines rent-seeking behaviours adverse to innovation, and therefore aids in the emergence of new economic champions.

Will the bold ideas instantly translate into action ? No one expects magic – but with policy laid out so clearly, there is reason to believe that the French government is headed in the right direction.

Let’s take note of those good intentions, keep an eye on the actions that should follow, spread the word that free software is a crucial economic asset and vote for those who understand that !

I took the EFF and Tor stickers as corroborating material in support of Snowden’s appearances of good character, but not everyone saw them that way… Interviewed by Time’s Andrew Katz, former security clearance investigator Nicole Smith explains that sympathy for online rights activists is a sign that a candidate may not be fit for Top Secret clearance:

In a photograph posted online after Snowden revealed himself, his laptop displays a sticker touting the Electronic Frontier Foundation, a longstanding advocate for online rights and staunch opponent of government surveillance. That would have been enough of a warning sign to make it into his file, Smith says, but investigators wouldn’t have come across it because clearance interviews aren’t performed at their homes: “You’re not around that person’s personal belongings to make any other additional observations about that person’s characters”

Self doubt ? Ethical questioning ? Interest in social issues ? Affinities for dissenting viewpoints ? No – that is not useful nor even compatible with secret work… Better fill the ranks with yes-men who will follow superior orders to the bitter end – that worked so well in the past…

Anyway, thanks to Smith, the authorities now know what to watch for – open display of affinities with the EFF is enough of a warning sign to make it to file. Take this NSA agent for example, performing devious agitprop in official EFF attire :

Uh – hello General Alexander ! Doesn’t the Director of the National Security Agency look swell in that T-shirt ? Better in my opinion than in his stiff official portrait… But that warning sign shall certainly cost him an entry in his file – he’ll have some serious explaining to do when his clearances come up for review ! Maybe he should have just ordered an EFF sticker for his home laptop instead.

The existence of the database was first reported on in May 2008 :

According to a senior government official… ”There exists a database of Americans, who, often for the slightest and most trivial reason, are considered unfriendly, and who, in a time of panic, might be incarcerated. The database can identify and locate perceived ‘enemies of the state’ almost instantaneously” … One knowledgeable source claims that 8 million Americans are now listed in Main Core as potentially suspect.

Putting this level of paranoia in perspective, Stalin’s Great Purge hit 1% of the population. 8 million is 2.5% of the USA’s population – or about 3% if you exclude children under 15 year old. If you think that 3% of the adult population may be out to get you, then you should probably be very carefully considering the possibility that the problem is actually you.

Dating back to the 1980s and known to government insiders as “Main Core”, the database reportedly collects and stores — without warrants or court orders — the names and detailed data of Americans considered to be threats to national security.

One former intelligence official described Main Core as “an emergency internal security database system” designed for use by the military in the event of a national catastrophe, a suspension of the Constitution or the imposition of martial law.

Putting aside the question of what actions are appropriate in catastrophic circumstances, should anyone believe that such a database will never be misused ? Secrecy trebles the probability of abuse.

Since 2008, no news has surfaced about Main Core – there is no reason to believe that it is not still maintained, probably under a new code name.

“In the councils of government, we must guard against the acquisition of unwarranted influence, whether sought or unsought, by the military-industrial complex. The potential for the disastrous rise of misplaced power exists and will persist”

It is still valid today – and in current news in the guise of the  intelligence-contractors complex where the consequences of financial corruption also go much beyond mere massive waste of public funds.

The challenge that faces us is not an arms race in communications privacy – hardening helps but it is a tactical countermeasure that does not address the problem systemically.

The way forward is political : democratic control must be reasserted over those entrusted with exceptional means. It is easier said than done, considering the entrenched interests that will obstruct the path ahead – but ignoring the political nature of the challenge will only ensure the continuation of a state of information warfare between the people and the state that used to represent them. A better way exists !

Maureen Dowd, New York Times, 8th June 2008

Via John Naughton’s Memex 1.1

“This Administration also puts forward a false choice between the liberties we cherish and the security we demand. I will provide our intelligence and law enforcement agencies with the tools they need to track and take out the terrorists without undermining our Constitution and our freedom.

That means no more illegal wire-tapping of American citizens. No more national security letters to spy on citizens who are not suspected of a crime. No more tracking citizens who do nothing more than protest a misguided war. No more ignoring the law when it is inconvenient. That is not who we are. And it is not what is necessary to defeat the terrorists”.

Hint – it was in August 2007. Yes, he may have changed his mind since then…

Yes we (probably) can ! (your mileage may vary; this message does not reflect the thoughts or opinions of either myself, my company, my friends, or alter ego; terms are subject to change without notice; this message has not been safety tested for children under the age of 3; any resemblance to actual persons, living or dead, is unintentional and purely coincidental; do not remove this disclaimer under penalty of law; for a limited time only; this message is void where prohibited, taxed, or otherwise restricted; message is provided “as is” without any warranties; reader assumes full responsibility; if any defects are discovered, do not attempt to read them yourself, but return to an authorized service center; read at your own risk; text may contain explicit materials some readers may find objectionable, parental guidance is advised; keep away from pets and small children; some assembly required; not liable for damages arising from use or misuse; may cause random outbursts of extreme violence, or epileptic seizures; actual message may differ from illustration on box; other rules may apply; past performance does not predict future results; see store for details).

Meanwhile, the Director of National Intelligence issued a fact sheet stating that PRISM was conducted “under court supervision, as authorized by Section 702 of the Foreign Intelligence Surveillance Act (FISA) (50 U.S.C. § 1881a)”. Among other things, that fact sheet states that :

Under Section 702 of FISA, the United States Government does not unilaterally obtain information from the servers of U.S. electronic communication service providers. All such information is obtained with FISA Court approval and with the knowledge of the provider based upon a written directive from the Attorney General and the Director of National Intelligence.

Above emphasis is mine – “not unilaterally” and “with knowledge of the provider”. Hello, Larry ? Zuck ? Feeling lonely there ? Have you just been hung out to dry by your friend the DNI ?

US Senators don’t seem to have realized the extent of public outrage – witness comments such as “This is nothing particularly new… Every member of the United States Senate has been advised of this”… Mass surveillance ? Yes we can ! All that would not have happened if Obama had been elected.

Anyway, a couple of months ago, Frank La Rue, the United Nations Special Rapporteur on Freedom of Expression and Opinion, has reported  to the UN Human Rights Council, making a connection between surveillance and free expression. It establishes the principle that countries that engage in bulk, warrantless Internet surveillance are violating their human rights obligations to ensure freedom of expression. Was that report prescient ? Is it part of a new trend at the UN ? Here are a few choice morsels from the conclusions of this extensive piece of research:

79. States cannot ensure that individuals are able to freely seek and receive information or express themselves without respecting, protecting and promoting their right to privacy. Privacy and freedom of expression are interlinked and mutually dependent; an infringement upon one can be both the cause and consequence of an infringement upon the other.

80. In order to meet their human rights obligations, States must ensure that the rights to freedom of expression and privacy are at the heart of their communications surveillance frameworks.

81. Communications surveillance should be regarded as a highly intrusive act that potentially interferes with the rights to freedom of expression and privacy and threatens the foundations of a democratic society.

Clear enough for y’all ? The report was in no way aiming at the US of A but today’s revelations makes it difficult to read it without thinking about them…

Mass surveillance is like searching every single home in the whole country because some of them might hide something illegal. With such massive indiscriminate intrusion in private lives,  secrecy isn’t kept to avoid “tipping off the target” – it is about avoiding legitimate public outrage at misguided actions outside of any effective control, that undermine the very foundations of what we strive for.

«  Je pense que la grande révolution que l’on vit en ce moment, c’est celle des “data”. [..]  Prenons le cas de l’assurance : le décryptage de l’ADN pour 100 euros fait que, dans quinze ans, vous serez peut- être assurés en fonction de vos risques génétiques. »

Let’s translate that in English :

«  I think that “data” is the great revolution we are currently living. [..] Take the case of insurance : ADN decoding for € 100 means that, in fifteen years, your insurance will be tailored to your genetic risks. »

If this makes your stomach churn, you are not alone – upon reading it I was aghast : not only because an opinion leader entertains such unethical thoughts, but also because someone in charge of recommending a national industrial policy shows ignorance of how illegal genetic discrimination already is.

For an overview of how legislation protects the European citizens against genetic discrimination, you may take a look at “Genetic Testing – Patients’ rights, insurance and employment A survey of regulations in the European Union” - research published by the European Commission. Here is the “Genetics and Insurance” section of the chapter describing the situation in France :

In 1994, the Law n. 94-653 on respect for the human body introduced new provisions on genetic testing and DNA identification into the French Civil Code. According to article 16-10, the genetic study of the characteristics of a person may be undertaken only for medical purposes or for scientific research.

The Code of Public Health affirms this principle but adds that genetic tests can only be realized “in the patient’s interest”(Art L. 145-15-1). This necessarily excludes every genetic test contrary to the patient’s interest. Consequently genetic testing for the purpose of the conclusion of an insurance contract is prohibited.

Article 25 of Chapter III on the identification of persons and their genetic characteristics by genetic examination reads as follows: it is not allowed to carry out genetic examinations on the characteristics of persons other than for reasons of medical or scientific research or in cases provided by law. The consent of the person involved is needed before examinations are carried out, except in case of medical necessity.

The use of information about an individual which has been obtained by studying his genetic characteristics other than for medical purposes for scientific research is punishable with one year’s imprisonment and a fine of 15.000 Euro (article 226-26 Penal Code).

French bioethics legislation specifically prohibits access by any third party, notably employers and insurance companies, to information held in databanks and makes it illegal for them to ask individuals to provide such information.

While this seems to prohibit insurers from using genetic tests for underwriting purposes, it does not prevent insurers from obtaining genetic-test information from medical files. Under public pressure, however, in 1994 the French Federation of Insurers imposed a moratorium on its members. This moratorium implies that insurers may not take the results of genetic characteristics (unfavourable or favourable test results) of a candidate insured into account even if the candidate insured offered the information by himself. Initially the moratorium was adopted for five years, which coincides with the 5-year period upon expiry of which the law n. 94-653 of July 29, 1994 was to revised. In 1999 the insurers have extended the moratorium for another five years, i.e. until the year 2004. The underlying idea of the moratorium is that the experimental character of the genetic information prohibits to use it for purposes such as insurance contracts. This implies that insurers may not ask questions related to genetic tests and their results in risk questionnaires. Moreover, insurers may not ask the candidate insured to undergo genetic tests or to give them the results of previous tests.

The Universal Sickness Cover Act (CMU) ( Loi n°99-641 du 27 Juillet 1999 portant création d’une couverture maladie universelle. Lois et Décrets 99, 28 Juillet 1999.) in particular Section 5 entitled “Social and health modernization” states that any use of genetic testing by complementary insurance and health insurance bodies is prohibited. According to article 62 of the Act, such bodies “may not take account of the results of a genetic study of the characteristics of a person requesting the benefit of supplementary health cover, even if those results are provided by himself or herself. Moreover they may not ask any question relating to genetic tests and the results thereof, nor ask for anyone to undergo genetic testing prior to arranging a contract providing supplementary health cover and for the entire duration thereof”.

The paper I got this information from is ten years old – but no fundamental legislative change has occurred since then. Unless something really terrible happens in French politics, genetic discrimination in insurance will still be illegal in fifteen years – and if I have any say, it will be even more illegal.

Remember “Liberté – Egalité – Fraternité” – the “Fraternité” bit implies a degree of solidarity that won’t allow genetic discrimination. We will remain watchful.

Somebody please tell Anne Lauvergeon !

So in France, Cryptome can’t publish this very common and very public US military field manual, a textfiles.com mirror in France is illegal because it contains this, description of a chemical reaction on the MIT’s site would be repressed  and Wikipedia’s legal team better excise this section of the Nitroglycerin article from any HTTP response bound to France.

And someone once again forgot that censoring information locally does not work.

But wait – there is more stupidity… The punishment is tripled (three years in prison and a 45000€ fine) if the information has been published “to an undefined audience on a public electronic communication network“. Why isn’t there a specific punishment for posting on a billboard too ? Once again, in yet another country, the use of electronic tools is an aggravating circumstance. As electronics pervade our whole lives, isn’t that entirely anachronistic ?

Well – as long as Tor, I2P & al. keep working…

By the way, that law makes an exception for professional use – so if you are acting as an agent of a duly accredited terrorist enterprise, rest assured it does not apply to you !

This isn’t even trademark bullying – trademark bullying looks sane in comparison to such blatant appropriation of the English language. I find myself wondering why Openstreetmap is yielding to it. Is a cease & desist letter all it takes ?

Choosing one’s battles carefully is a good reason for restraint – even squashing frivolous lawsuits costs money (thus making justice inegalitarian – but I digress) and even with money it requires technical knowledge, patience and zeal, as this USPTO report to congress shows. But I find such trolling so disgusting that I’m inclined to impulsively forgo short-term financial rationality for holy sword wielding, against the advice of calmer minds.

Precautionary appeasement measures may be best to protect one’s material interests in the strictest sense and in the short term. But while the wisdom of precaution before rash reaction may be acknowledged, does one really want to project the image of a mark that can be easily pushed around ? Is that in one’s best interests ? And in Openstreetmap’s case, are those the actions that best foster the spirit embodied by a project whose members have a strong interest in protecting the commons ?

Rousing up a crusade might actually be the rational choice against intellectual property trolls – costly in the short term but rational in the long term. Only in an organized fashion though – the targets of such bullying behaviour stand no chance if they revolt alone – unless they are, like Newegg, financially powerful enough to fight back or if they are members of some intellectual property mutually assured destruction cartel (I’m conflating patents and trademarks, which are very different domains – but they have trolling plagues in common). Even a fairly large project such as Openstreetmap is a soft target that can’t sustainably fight alone.

So sheep banding together to stand their ground and defend the public domain against predators is the only realistic option. The only downside is that we are going to make lawyers rich… We’ll have to live with that and mitigate the bad feelings by favoring intellectual-property lawyers with values favourable to the protection of the public interest. Now, how do the targets of intellectual property trolls connect each other to pool their resources ?

Meanwhile, the verb ‘to geocode’ remains generic English language word and I’ll stand by that even if a US court decides otherwise. Silly fight ? Yes – I have absolutely no skill whatsoever in choosing my battles, but unending masses of people like me is what it will take to wear down intellectual property trolls.

You will certainly be relieved to learn that US government agencies do not spy clandestinely on the data you entrust to Google, Facebook & co.

So stop wondering about dark conspiracies : there are none.

The bad news is that they do it legally instead. Yes – US government agencies can legally access any data stored by non-American citizens at USA-based hosting companies. No warrant required – they can basically help themselves with your data anytime they please and that is entirely legal.

Brazen, isn’t it ? It is called FISAA – for more details, take a look at this European Parliament report. And by the way, I believe that some strong reaction from the European Union has been long overdue.

The silver lining is that European hosts are making good business with everyone who won’t host their data in the USA anymore !