12 Trends to Watch in 2010
by tim of the EFF
It’s the dawn of a new year. From our perch on the frontier of electronic civil liberties, EFF has collected a list of a dozen important trends in law, technology and business that we think will play a significant role in shaping online rights in 2010.
In December, we’ll revisit this post and see how it all worked out.
1. Attacks on Cryptography: New Avenues for Intercepting Communications
In 2010, several problems with cryptography implementations should come to the fore, showing that even encrypted communications aren’t as safe as users expect. Two of the most significant problems we expect concern cellphone security and web browser security.
GSM, the technology that underpins most cellphone communications around the world, uses a deeply flawed security technology. In 2010, devices which intercept phone calls will get cheaper and cheaper. Expect to see public demonstrations of the ability to break GSM’s encryption and intercept mobile phone calls. We hope that this will prompt the mobile phone industry to replace its obsolete systems with modern and easy-to-use cryptography.
SSL (in its newer versions known as TLS), the basic security technology of the world wide web, is exhibiting similarly severe flaws. Several powerful practical attacks against real-world SSL implementations were published in 2009; more problems and concerns will emerge throughout 2010. SSL security must be improved.
Despite flaws in how SSL is used, it’s still the best system for web security around, and so it also needs to become more widely deployed. Google set a fantastic example this week when it set GMail to use SSL by default — in 2010 we hope to see other online service providers follow its example.
2. Books and Newspapers: .TXT is the new .MP3
Since 2000, the music industry has most spectacularly flailed (and failed) to combat the Net’s effect on its business model. Their plans to sue, lock-up and lobby their way out of their problem did nothing to turn the clock back, but did cause serious damage to free speech, innovation and fair use.
These days, the book and newspaper industries are similarly mourning the Internet’s effect on their bottom line. In 2009, Rupert Murdoch changed the tone of the debate when he called those who made fair use of his papers’ content “thieves”. We think 2010 and beyond will see others in the print world attempt to force that view, and break the fair use doctrine by lobbying to change accepted copyright law, challenging it in the courts, or by placing other pressures on intermediaries.
A cluster of similar battles around user control are also gathering around e-reader products like Kindle and Google Book Search, many of which rewrite the rules for book ownership and privacy wholesale.
So, in 2010, will the printed word step smartly into the digital future, or will it continue to stay stuck in the denial and bargaining phase that dominated digital music’s lost decade?
3. Global Internet Censorship: The Battle for Legitimacy
For years, the obvious benefits of an uncensored Internet have kept advocates of Net blocking on the defensive. But new filtering initiatives in Australia and Europe combined with growing rhetoric around child protection, cybersecurity and IP enforcement means that blocking websites isn’t just for authoritarian regimes any more.
That’s not to say tyrants aren’t paying close attention to the West’s new censors. When democratic governments complain about Iran and China’s net policing in 2010, expect defenses of “we’re only doing what everyone else does”.
2010 will see the publication of Access Controlled, a new book from the OpenNet Initiative chronicling the globalization of Internet censorship; we’re excited to see it but concerned about the ways restrictions in different countries reinforce each other.
4. Hardware Hacking: Opening Closed Platforms and Devices
An increasingly active hobbyist community is figuring out how to make a range of devices more useful and open. They are learning how to install new software or make third-party parts, devices, and services work with proprietary high-tech products like video game consoles, printers, portable audio players, home entertainment devices, e-book readers, mobile phones, digital cameras, and even programmable calculators. And, oh yes, contending with restrictions on both cars and garage doors.
Frequently, indignant manufacturers are threatening these tinkerers with legal troubles. Often, these threats are legally baseless — but this hasn’t stopped manufacturers from bullying hobbyists into keeping quiet about their innovations.
It confirms the prediction that EFF board member Ed Felten made in 2006: that the rationale offered for “Digital Rights Management” was shifting away from hard-to-defend claims that DRM could stop copyright infringement, and toward uses of DRM to control the functionality of objects in general (often in ways only tenuously connected to copying anything).
In 2009, EFF asked the Copyright Office to protect hobbyists who unlock and jailbreak their smartphones, and we stood up for developers who figured out how to load new operating systems onto TI programmable calculators. EFF’s panel of judges also chose to honor Limor Fried of Adafruit Industries with a Pioneer Award in part to encourage the hardware hacking community to continue their good work.
In 2010, phone jailbreaking will become even more mainstream, and the concept will be routinely applied to other sorts of devices. EFF’s Coders Rights Project will have no shortage of work to do defending users and developers who want to make their hardware do more than it was designed for.
5. Location Privacy: Tracking Beacons in Your Pocket
It’s easier and cheaper than ever for computers to keep track of where you are: there are so many more potential sources of information about your whereabouts, and so many reasons it might be useful or interesting to you, your friends, your boss, or the government.
EFF has fought for location privacy rights, including checks on the government’s ability to use your cell phone to find you and to access the information that social networks, mobile operators, and transportation systems collect about where you are and where you travel.
In 2010, awareness of location privacy as an issue will enter the mainstream in the U.S. as a critical mass of end users voluntarily adopt technologies that use or share their physical location — and start to wonder who has access to this information. Many more courts will grapple with these questions this year, building upon the important 2009 decisions in the Connolly case in Massachusetts and the Weaver case in New York. EFF is awaiting the decision in U.S. v. Jones in the Court of Appeals for the District of Columbia, where we asked a court to limit law enforcement use of these devices.
6. Net Neutrality: The Rubber Hits The Road
Anyone who watched John Hodgman’s famous Daily Show rant knows what Net Neutrality means as an abstract idea. But what will it mean when it makes the transformation from idealistic principle into real-world regulations? 2010 will be the year we start to find out, as the FCC attempts to implement the plan it adopts after its 107-pagerequest for input about how to ensure a neutral Net.
But how far can the FCC be trusted? Historically, the FCC has sometimes shown more concern for the demands of corporate lobbyists and “public decency” advocates than it has for individual civil liberties. Consider the FCC’s efforts to protect Americans from “dirty words” in FCC v. Pacifica Foundation, or its much-criticized deregulationof the media industry, or its narrowly-thwarted attempt to cripple video innovation with the Broadcast Flag.
With the FCC already promising exceptions from net neutrality for copyright-enforcement, we fear that 2010 could be the year when the FCC’s idea of an “Open Internet” proves quite different from what many have been hoping for.
7. Online Video: Who Controls Your TV?
Like the print business, the television business is being radically disrupted by the Internet. The disparate and powerful industries affected — telco, cable, satellite, ISP, software, and production — are engaged in a battle for dominance. But as big business dukes it out, consumer rights risk being left behind.
Two especially bad initiatives to keep an eye on this year: TV Everywhere is a new DRM-laden attempt by the mainstream television industry to trip up innovative upstarts like Boxee. Another scheme, Selectable Output Control, is Hollywood’s latest effort to start driving analog interfaces into extinction in favor of DRM-restricted digital interfaces — meaning that Hollywood would decide what you can record on your DVR, rather than you.
In 2010, expect industry to advance those initiatives, as well as to introduce new and similarly problematic schemes along the same lines. EFF, as usual, will be there to try to stop them.
8. Congress: Postponed Bad Legislation Returns
In retrospect, 2009 wasn’t disastrous for online civil liberties in federal technology law. With Washington entirely distracted by health care reform, a lot of the most problematic proposed federal technology legislation was delayed, postponed or temporarily forgotten.
In 2010, we may not be so lucky. Key provisions of the Patriot Act, having recently been granted a three-month extension, are up for re-authorization before April 1. The Snowe-Rockefeller Cybersecurity Act, which would grant the President the power to disconnect the Internet, is likely to return sometime in 2010. And, with immigration reform considered a top priority for Congress this year, we can expect to see the national identification card scheme REAL ID (or its twin, PASS ID) again soon.
9. Social Networking Privacy: Something’s Got To Give
For some, social networking sites are the Internet. Facebook now has over 350 million accounts — roughly the same as the total number of Internet users worldwide a decade ago. That means that the bad guys who were exploiting security weaknesses in the wider Net in the last decade will now turn in force on the bigger networking sites. And by bad guys, we mean everyone from criminals, to unethical data-mining companies, to ISPs who can’t resist snooping on that remunerative personal data passing down their pipes, to governments seeking new ways to track their citizens.
Will a major privacy scandal or two fix the social networking sites’ casual attitude to their customers’ personal data? Will new laws? Or will technologists and increasingly sensitive Net users find a their own way to protect their privacy?
10. Three Strikes: Truth and Consequences
In countries across the globe, the entertainment industry has been pushing for laws requiring ISPs to terminate their users’ connection at the whim of the entertainment industry. In 2009, they got their wish — in France andSouth Korea, at least. This year will see the spin battle over what is actually happening in those countries.
Expect media industry reports describing amazing local declines in filesharing, aimed at policymakers in other nations considering the same. And look out for local press reports from these three strikes ground zeroes, documenting the calamitous consequences of disconnections, the lack of financial return to working artists, and the political blowback for the politicians who championed these unjust laws.
11. Fair Use of Trademarks: Mockery At Risk
Parody and mockery have long been favorite tools for online political expression and activism. But the powerful entities being mocked sometimes lack a sense of humor about the situation. Increasingly, they’re turning to trademark law to badger would-be jokers into silence.
Of course, abuse of copyright law, which governs ownership of content, is nothing new. But until recently, we haven’t seen as much abuse of trademark law, which governs ownership of names and logos. Fair Use principles, which allow creative re-use of intellectual property, apply to trademarks just as they apply tocopyrights. In either case, IP bullies are just as happy to ignore those principles and make bogus legal threats.
Recently, trademark threats have been levied against activists like The Yes Men, who mocked the U.S. Chamber of Commerce. They’ve targeted NYTimes.se, which mocked The New York Times and corporations like DeBeers. They’ve targeted The South Butt, a clothing line which mocks The North Face. And, only a few days ago, they targeted environmental activist Brian DeSmet for mocking Peabody Energy.
In 2010, expect to see plenty of similar bogus threats. Some of them will lead to litigation, and those battles could in turn lead to important new legal precedents with serious implications for free expression online.
12. Web Browser Privacy: It’s Not Just About Cookies Anymore
And that’s how it remained for some time. Or so most web users thought.
As it turns out, corporations seeking to track individuals’ use of the web were hard at work developing new and unexpected methods of profiling. For a long time, many of these methods either remained unexamined or were simply performed covertly and hidden from the public. But as we enter 2010, awareness and scrutiny of them is on the rise.
Try browsing the web while using a tool like the Firefox add-on RequestPolicy, and you’ll see that many major sites share your web activity with dozens of advertisers and advertising networks. With few technical or legal restrictions on the ability to track you around the web, companies you may never have heard of may have profiles of you which include things about your web use that you don’t even remember.
This year the Federal Trade Commission is taking a fresh look at privacy and the use of profiles to target ads based on individuals’ behavior on the web. We’ll be participating in the process by providing testimony to the FTC, as well as launching our own study of just how easy individual browsers are to track, and how they can be made more privacy-protective.