ISDS is coming this way and it is disastrous

A disease going by the name of ISDS is threatening the citizens of Europe.

Its symptoms are a very strong pain in the wallet, a pain of the sort you’ve probably never felt before.

ISDS is a court of law in which companies (and only companies) can sue countries for large sums of money, even though the countries broke no law. We are talking billions here. Small countries can easily be bankrupted by ISDS. All that is required for a country to be found guilty is that some measure taken by the country is affecting the company’s bottom line.

The abbreviation ISDS stands for Investor-State Dispute Settlement. Feudal courts for robber barons, that is what ISDS really means. Courts that are an instrument for companies rather than an arbiter between two parties.

Imagine that you go to school and every day a much older bully beats you up and takes your lunch money. Sometimes you get lucky and the head master catches the bully. In this analogy, ISDS is when the head master hates you and the head master is actually the parent of the bully and only believes their story.

Here is a real life example. The sovereign and presumably democratic country of Australia recently committed to ISDS. In 2011 Australia proposed to implement its Tobacco Plain Packaging bill. This bill makes it obligatory to sell cigarettes in packages from which almost all brand information has been stripped. This is I guess because tobacco kills people and Australia wants to make smoking seem less attractive.

In April 2011 tobacco manufacturer Philip Morris started an ISDS procedure against Australia. The company argued that since it no longer could brand its cigarette packages clearly, the law would cost them money. They told the Australian government to kill or amend its law. Their extortion letter (if anyone has a better word, please let me know) claimed that they would lose billions of dollars if the law were to pass. (At the time of writing one Australian dollar is worth slightly less than an American one.)

That year Australia passed its Tobacco Plain Packaging which went into effect on January 2012. In November 2011 Philip Morris started the second phase of its procedure, telling Australia one last time to revoke its law or suffer the consequences. Again the ‘damage’ to Philip Morris was claimed to be ‘an amount to be qualified but of the order of billions of Australian dollars’.

In 2012, 2013 and 2014 the ISDS court has been setting up and outlining the way the proceedings would go. As is the case when you let multi-nationals write your laws for you, vast parts of the proceedings are off limits to the public. The document for instance in which Philip Morris tells the court how much money it wants (the so-called Statement of Claim) is a secret.

It probably doesn’t come as a surprise that Australia now wants to get rid of its ISDS agreements.

It’s clear why multi-nationals want ISDS. It’s not at all clear why politicians want ISDS, but they do ever so much. When politicians aren’t wringing their hands while whining about how little voters understand them, they’re walking around with rock hard erections (men and women alike) while thinking of ISDS.

ISDS is a fairly new phenomenon. In a 2013 overview published by UNCTAD (PDF) you can see how the world has gone from 0 cases in 1992 to dozens per year now. In 2012 alone there were nine wins for the multi-nationals who managed to steal over 2 billion dollars from the public. These are the damages awarded, the number excludes compound interest and I cannot be bothered to figure out who payed for the proceedings, although that doesn’t seem hard to guess.

Is there anything we can do about ISDS? It seems very unlikely. If the state wants complete sovereignty except where multi-nationals are concerned, something is very rotten with the way the state works. Puttering around the edges isn’t going to help much.

Meanwhile I’m not too bad. It is the people that always say politics don’t interest them that will get hit the worst. Cynical this may be, but I will allow myself a little wry smile when ISDS comes to these shores wrapped in secret trade agreements such as TTIP, CETA or TiSA.

Default browser cookie settings in 2014

(TL/DR? Skip to results.)

Yesterday I wrote that even though social networks currently combine targeted advertising and private user data collection, doing them both is not a requirement for running a profitable social network. The networks can just focus on the former, that is focus on the harvesting and selling of user data, and dispose of the advertising part altogether.

Having the social network and the ad network on the same domain (for example facebook.com) does make things slightly easier for the social network operator, because users may have switched off so-called third party cookies which are stored and read from a different domain (for example doubleclick.com).

The reason why the average user would block third-party cookies is because these cookies are almost exclusively abused for tracking users behind their backs.

How much of a problem is it to advertisers that users block third-party cookies? Not much. Users are typically reluctant to tinker with browser settings, therefore it depends on the web browser makers and the sensible defaults they choose whether an aspiring social network can plant cookies that another domain may read.

I decided to look into the defaults of modern web browsers, but could not find much information.

Here are some data points:

That leaves some browsers unexplored. Since checking the browsers on my computer was probably going to be easier than Googling anyway, I decided to take that route.

Table: default cookie settings for some web browsers in 2014.
Browser + version Operating system Default cookie setting
Google Chrome 37 Microsoft Windows Allow (all?) cookies
Microsoft Internet Explorer 11 Microsoft Windows Allow some third-party cookies
Mozilla Firefox 32 Microsoft Windows Allow third-party cookies
Apple Safari Apple iOS 7 Allow local cookies?
Android browser Google Android 4.0 Allow (all?) cookies?

As you can see the answers are ambiguous at times and don’t square with the results I linked to, but it would appear that currently most web browser will let sites track you across domains using third-party cookies.

A note about methodology. This was a quick study to find out what the default cookie settings are. For that, I needed to restore browser defaults and that was not always possible. The mobile devices (iOS and Android) had no way to restore settings to a default so I had to assume that these were the default settings.

I do tinker with my desktop browsers but I rarely do so with my mobile devices, so it’s a reasonable guess that the aforementioned settings are the default ones, I just cannot be absolutely sure.

Another problem was that browser manufacturers use different settings, different terminology and sometimes translations which can make it hard to find out which is which.

Most browsers speak of ‘allowing’ cookies, iOS Safari speaks of blocking them.

The reason I report Chrome’s default as “allow (all?) cookies” rather than “allow all cookies” is because I don’t know if “indirecte cookies” is their Dutch translation of “third-party cookies”. If it is, you can remove the question mark and conclude that Chrome allows all cookies by default.

Internet Explorer has a return-to-default button just for privacy settings, which is much appreciated, and a number of sensible settings collections. Unfortunately the explanation of what these settings mean is rather opaque. For instance I don’t know what are “cookies that can be used to contact you”.

Firefox’ default is also a ‘sensible’ setting which tells you only in the most general terms what it does, namely that the browser “will remember your browsing, download, form and search history, and keep cookies from websites you visit”.

You can choose to use custom settings and if the defaults for these settings can be assumed to be the same as the ‘sensible’ settings, then their third-party policy is clear if perhaps not sensible: “Accept third-party cookies? Always.”

Safari lets you choose to block cookies: “Always”, “From third parties and advertisers” and “Never”. I assume “and advertisers” is not a separate category from “third parties” and was just inserted to make it clear that these are tracking cookies, but again, that’s just an assumption.

The Android Browser’s setting is the least complicated of all, you can choose Cookies or No cookies, and if you choose the latter I assume most of the useful services on the web become off limits to you. But are there really people who bank online using their smart phone and an operating system made by Google?

If browsers all blocked third-party cookies, you still wouldn’t be safe though. For one thing, what we generally understand as cookies, small bits of data that are written and read using two standard Javascript functions, only make up a small part of all the different types of tracking technologies there are.

Ello doesn’t need to sell ads and here’s why

The latest Facebook-killer in a long line of Facebook-killers has arrived and its name is Ello.

Ello is—like Facebook—a social network, and the reason why it probably won’t kill Facebook is that it’s got pretty much the same value proposition. If it poses a threat, all Facebook has to do is become a little more Ello-like.

Facebook will die in the end but only because that is how these things go. The current threat to Facebook, as people tell me, is Twitter. Unlike Facebook’s users, Twitter users don’t share a space with their parents. That’s a feature Facebook may be able to tweak on a technological level, but perhaps not on an emotional one.

Ello’s main attraction is that it allows users (for now) to use pseudonyms, allowing people with multiple personae to use the one that fits their role in society best. Facebook on the other hand forces you to use the name on your passport.

Ello is also ad free.

The site claims that it ‘will always remain an “ad-free network.”‘ (Business Insider)

And: “We set out to prove that a social network will survive and thrive that doesn’t have a business model of selling ads to its users,” says CEO and co-founder Paul Budnitz. (IPR)

I want to talk about the no-advertising model for a bit. The articles I’ve read so far seem to suggest that people are tired of being treated like a product and they understand that ads play some sort of key role in this process. The process is understood to work as follows. Facebook sells or gives user data to advertisers who customize their ads to fit Facebook users. The advertisers then sell those advertisements to Facebook to place on the users’ pages.

Since Ello doesn’t do ads, it is assumed that the users are spared from these practices and that users’ privacy is kept intact.

I don’t see how that follows.

In the model above Facebook is both the provider of user data and the manager of the ad network. That is to say, they both own the user data and the advertising space.

There is no reason however why these two should be connected. Ello could easily set itself up as a provider of user data.

How that works is how privacy-busting online advertising has always worked. The owner of the user space places user tracking technology (also called: a cookie) on the computer of the user. It then tells the owner of the advertising space (this could be any website) everything about the user and its cookie. The advertiser reads the cookie and asks Ello or Facebook: “what can you tell me about the person that has this cookie” and adapts its advertisement to the answer.

Whether that is going to happen with Ello remains to be seen. At the moment ello.co places four tracking cookies in my browser even though I am not logged in. That’s three more than say a fresh WordPress install. (WordPress places a cookie called wordpress_test_cookie on login screens in order to check whether it needs to work with Javascript or needs to fall back to another tracking technology. This in turn is so that when you log in, it doesn’t need to keep asking you for your password every time you go to another page. The European anti-cookie directive defines this as a permissible cookie necessary for the proper functioning of the website.)

Food for thought: Ello is currently not making money, that is I doubt it is. The site is probably haemorrhaging money and its backers will soon want to see something more than just losses.

Definition: copygreed

Tonight the stores close at 2200 hrs, it is now 2112 hrs, I am working through a stack of old books to determine their copyright status, and I still have a dozen or so to go.

Suddenly, I am stopped. Quick, I need a word to describe the phenomenon that certain parties want ever longer copyright terms and manage to convince bribeable* parliaments to extend terms before I can scan their works.

Copygreed

And I continue.

*) What other reason would they have to do what they do so badly?

Meet the new look, same as the old look

I’ve changed the look of this blog, but don’t be surprised if you don’t see any difference.

Most of the changes are ‘under the hood’ so to speak and only produce a different visual in certain browsing environments.

In the old theme (the part of the blog that determines the look) all dimensions were fixed. The new theme uses a so-called responsive design where the look of the site is determined by the width of the device you’re using to browse.

You will notice the changes the most on phones and in certain ancient web browsers, where the site will display as a single column. This has the advantage that on thin screens (phones) the browser won’t try to cram everything in, but will instead stack everything vertically.

Two other responsive features that you will see on mobile devices:

  1. Images will now take up the width of the screen regardless of the size in which I’ve uploaded them. (This only goes for recent images.)
  2. Some of the menus are rendered as big buttons so that you can tap them more easily with your finger.

Other changes:

  • The blog now uses HTML5 and CSS3.
  • The new theme is made from the ground up and no longer based on WordPress’ former default theme Kubrick.
  • Some of the background colours are gone.
  • I am using a new font for the headings, namely Permian by Ilya Ruderman (this used to be MS Trebuchet).
  • Kubrick used quote marks as bullets for list items, I’ve returned to a more classic disc.
  • I have cut a lot of code.

The latter combined with the fact that I’ve released this redesign before it was ready means you’re probably going to bump into things that aren’t quite right. Please let me know when that happens.

Read the rest of this entry »

What the top 3 content management systems call themselves

In 2004 I predicted that the free content-management systems of the day would be supplanted by the blogging systems and ‘nukes’ that were emerging back then.

In 2010 my prediction had come true. Part of the supplantation process, as I noted back then, was that these systems would rebrand themselves as CMSes. Branding is a process that is never finished. Let’s take a look at what the three most popular free and open source (FOSS) CMSes of 2010 called themselves back then and now in 2014:

Name Started as a 2010 2014
WordPress Blog Semantic personal publishing platform Web software you can use to create a beautiful website or blog
Drupal Blog Open source content management system Open source content management platform
Joomla Nuke Dynamic portal engine and content management system Content management system

Note that to this day, the three systems shown here are still the most popular FOSS CMSes. According to W3Techs today, WordPress has a market share of 60%, Drupal 8%, Joomla 5% and the market share of the most popular commercial off-the-shelf CMS, Bitrix, is so small it might as well be a statistical error.

See also:

Who owns this photo?

slaters-stolen-monkey-photo

Every time Englishman David Slater threatens to sue people over this photo, the press jump on it like rats on a granary.

I will tell the story therefore in just a few words, because you’ve probably already heard it. Slater goes on a photography trip to Indonesia, a macaque starts to play with one of his hugely expensive cameras and starts taking selfies. Zoom forward a couple of years and Slater seems to have changed his career from taking pictures to threatening people with lawsuits over using this photo.

(I expect he didn’t actually do the latter, but the only times I ever hear about him is when his legal team are ready to pounce.)

A couple of observations following the current brouhaha involving Wikimedia. Note that I am mostly responding to what internet commenters say underneath the articles—pretending anything an internet commenter (not you, of course!) has to say has intellectual merit, is a risky affair.

1) It pains me to see the way people take for granted how anything that is created, is owned by someone. The public domain, that area of human culture that is owned by all of us, used to thrive, and used to be a natural thing that existed as a peer alongside the area of things that were owned by individuals. These days the public domain seems to be a memory distant enough that people no longer realize the possibility of there being things that are owned by all of us.

That makes this a great era for copyright lawyers and no-one else.

2) Among all the arguments on whether this photo belongs to the world, to Slater, or even, as some would have it (cheekily?), the macaque, the thing that has been missing is a mention of the legal doctrine of sweat of the brow. People seem to argue that the picture should belong to Slater because he did all the hard work. Regardless of how questionable the assertion is that Slater did any work at all, for an argument like that to hold up in court (and Slater is indeed threatening to take this to court), it needs to have legal underpinnings.

The sweat of the brow doctrine states that if you put in a lot of work, you get a copyright. It partly adds to and partly opposes the much more common doctrine that holds that work needs to have some sort originality embedded into it in order to generate a copyright.

The Wikipedia article tries to list the jurisdictions in which the sweat of the brow doctrine applies but doesn’t get far. In the Netherlands and the USA for instance, the doctrine has been soundly rejected in the jurisprudence. In the Netherlands it is said (figuratively) a work requires “the stamp of the maker”, in other words it needs to be clear that the work is the result of choices its author made. (Generally these choices need to transcend the merely technical; setting an aperture on your camera or cropping a photo on your computer generally is not enough to cause a copyright to come into being.)

The one jurisdiction that seems to be the exception is … the UK, Slater’s home land. This is where things start to get interesting, because if Slater is going to sue anywhere, it’s likely to be the UK. Some commenters seem to think that since the Wikimedia Foundation is an American entity, it can only be sued in the USA. I’ll leave it is as an exercise for the reader why that is utter nonsense.

P.S. The rotten thing about writing these things is that you read so many sources that eventually you stumble upon the one that makes your points for you. Here that source is TechDirt, the site that knows about this case because it is the site that initially got attacked by Slater’s representatives—or maybe they’re just smart people.

(If you follow one link, follow that last one.)

The photo detective

Wat jij niet ziet

In this book former photographer Hans Aarsman tries to deduce the story behind a photograph from the photograph itself.

Hans Aarsman used to be a photographer until he realised that the essence of his job was to mimic old-fashioned paintings. He sold his cameras, gave away his photos to a museum and became somebody who writes about photography instead.

In the national newspaper of record De Volkskrant he got a weekly spread in which he got to play a photo detective. He would study the photos that came off the news wire and select one or a small series to study.

Wat Jij Niet Ziet (With My Little Eye, literally What You Don’t See) is a collection of 50 of these columns and the second book in the series. Each column consists of a spread containing the photo followed by a page that has a crop of an interesting detail, followed by a page describing Aarsman’s findings.

wat-jij-niet-ziet-1

Shown here is a sample of Aarsman’s detective work. On 20 November 2012 Palestinian photo journalist Adel Hana took this picture of an egg salesman just outside Gaza City. AP put it on the wire and accompanied the photo by a description that said something along the lines of ‘man selling eggs by the side of the road’.

wat-jij-niet-ziet-2

Aarsman had his doubts. The low, open bed of the vehicle forms an ideal platform both for displaying eggs and for selling them from, so why would a salesperson put most of his wares in the street like that? He pulled out his magnifying glass and noticed a tire standing against the truck. So that’s why the man had to unload the truck! He wanted to reach the spare. This salesman isn’t vending, he’s waiting. Why is he waiting when he’s got a spare tire? Well, a couple of crushed egg cartons suggest he had been kneeling on top of them—presumably he tried to remove the tire but had to give up in the end.

Not all the photos required closer inspection. Sometimes it is immediately clear what is going on, but Aarsman still ekes out a few details that lead to a greater understanding. He also included photos that are interesting without requiring detective work, such as the photo taken by politician Reynaldo Dagsa a fraction of a second after a deadly bullet entered his body. Dagsa had been focusing on his wife and daughter who were posing for him in the street, and failed to see or respond to the gunman appearing next to them.

Being a bit of an aspiring amateur photographer I find this approach very refreshing. It helps me understand what makes a scene, how subject and background work together to tell a story.

Rating by brankl: 3.5 stars
***1/2

Procrastination is my posse

Seventeen years ago I flunked university by working up a good speed for six years and then sliding out right at the other end. My funds had dried up and I decided it was time to go and do something else.

As it turned out my invisible diploma had a negative value on the job market. Even though there were plenty of jobs around, employers either thought I was over-qualified for having been to university or under-qualified for not having the piece of paper to prove it.

But I was lucky, because my experience working for the local student magazine was good enough to get me a job as a magazine editor and when I had had enough of that (for reasons that had little to do with this story and everything with the company I worked for) I slid out again, straight into a freelance career as a web developer.

And I discovered I was good at it.

Which was odd because I had never studied web development. To the contrary, putzing around on the web was something I did in my student years as a form of procrastination.

This brings me around to a great insight I gained after well over forty years, which is that I don’t learn well through rote learning, but the better through osmosis. Not that great an insight perhaps, but useful.

Another insight is that if it takes you forty years to realize you learn better through osmosis than through rote learning, maybe osmosis isn’t all that it’s cracked up to be.

When Windows refuses to let you rename folders

The past few months I’ve had it happen more and more that Microsoft Windows refused to eject a thumb drive or refused to let me rename folders.

Windows will helpfully tell you that this is likely because another program is still working with the file/folder/drive, but doesn’t tell you the name of the offending program.

Since this sort of thing generally happens two minutes before I pack up and leave for home, I’ve thus far simply ignored the problem. Today, however, Windows once again refused to let me rename a folder and I had the time to play the detective.

Today I found out that the program that has been hijacking my OS was a program called TGitCache.exe, which is a helper tool for Tortoise Git, which in turn is a version control package. A lot of my customers have started using version control recently and it makes sense therefore that I’ve only started to experience this in the last six months or so.

The Tortoise folks have said in response to a bug report about this issue that they’ve released a new version of the program in which they changed so much, they’re now closing the bug report.

Note that in your case it’s probably a different program. It’s probably a program you can see in your task bar. I singled out TGitCache.exe in this post because it runs in the background. This post is mostly useful for people who have noticed similar behaviour since they started working with Tortoise Git.