What Needs to be Protected? - Embedded.com

What Needs to be Protected?

Jack Ganssle may bemoan our loss of privacy, but how much privacy have we ever really had? The “paper trail” Jack mentions is already visible for public consumption, and has been for years. Legal proceedings are, by law, public record, as are certain types of financial records like what you paid for your house and how you've financed your car.

This openness is important, makes sense, and is Constitutionally guaranteed. Instead of simply trusting that a person hasn't stiffed someone on a previous loan, you can go look up their credit history yourself before lending them more money.

Want to know if someone drives recklessly before you hire them to drive trucks for you? Check their legal history to see if they've been convicted of a DUI or had their license suspended. Prevent child abusers from working in day care centers and deadbeat dads from becoming prospective spouses. All the information is there, and more. And this is a good thing, really.

I don't think mounting video cameras at popular intersections and elsewhere is an invasion of privacy. Where you are at any given moment is clearly a matter of public record, if only recorded by the people you pass on the way there.

Ditto for DoubleClick-type databases that can track your browsing habits by monitoring the banner ads you've seen and/or clicked on. Double-click serves up most of the banner ads you see on the Internet. By putting cookies into their ads, they have created databases of browsing habits — “user with IP address has seen advertisements A, B, and C (even though the ads appeared on different sites), so they must like X, Y, and Z.”

Such behavior is clearly annoying, but hardly illegal (IANAL, of course).

What needs to be protected, and what has been pretty well protected to date, is what you can do with the new kinds of information that embedded systems, databases collected by online e-commerce sites, and so forth can collect. The law says that if you dispute an entry in a credit report, the onus is on the reporting agency to prove that the entry is valid, and the offending entry must be removed until they do so. Only carefully and verifiably designed camera systems can be used as evidence of traffic violations (for the moment, GPS doesn't seem to cut it). Otherwise, it's a question of allowing the accused to face their accuser and illegal search and seizure, both of which our Constitution has strong language about.

Modern VCRs have a “record” button because the Supreme Court states that making home videos is a legitimate use that does not infringe on anyone's copyrights. So just because a VCR (or PVR) can be used to violate copyright, the recording industry can't assume that it will be and inflict overly strict controls on its use. They have first prove that a user is violating copyright before they can do anything about it — and whatever action taken must affect the violator and not the non-infringing user population as a whole.

These are the battles that we are losing more and more often. Current and future generations of electronic media devices like PVRs, DVDs and gaming consoles have onerous “media rights management” protections built in, all of which circumvent legitimate non-infringing uses in order to prevent the infringing ones. Region codes don't “enhance user experience” by making sure the game will play on the user's hardware, they enhance the producer's ability to play markets off of each other. Time-shifting of television programs, because it requires local storage of the video content, creates the risk that that content could be copied. Is it? I don't know, but now the industry doesn't have to prove it— the hardware prevents it altogether.

This is clearly circumvention of a Supreme Court ruling via a technical solution, plain and simple. In any other situation, if a judicially convicted violator were to fail to abide by the spirit (or at least the letter) of a legal ruling, the accuser could have them brought back before the court for a hand-slapping. But I don't see anything of the sort going on here, even though I think we're clearly moving away from the spirit of the Supreme Court's intentions for these kinds of devices. Few users realize they have such rights, far fewer exercise them, so the media industry takes what it isn't entitled to. And we're helping them.

As a group, embedded developers are crawling into the media industry's back pockets, adding — at the request of groups like the RIAA and MPAA — functionality that prevents non-infringing uses in order to eliminate the risk of infringing uses.

Our work products are removing the “face your accuser” and “illegal search and seizure” parts from our Constitution, by eliminating the need for the media giants to prove that someone is breaking the law before they are prosecuted. Consumers have been tried and found guilty before the product even hits the shelves, the sentence being reduced functionality, increased cost, and lack of innovation.

Just because we can, doesn't mean we should.

Bill Gatliff
Bill Gatliff is an independent contractor, a contributing editor for Embedded Systems Programming , and a speaker at Embedded Systems Conferences on the subject of open source tools.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.