David Canton – for the London Free Press – January 17, 2007

Read this on Canoe

Software distributors continue to play hardball and crack down on copyright infringements and users of unlicensed software.

Symantec recently filed a lawsuit against eight companies, including ANYI, SILI and their affiliates who allegedly run a global counterfeit distribution operation focused primarily in the U.S. and Canada.

Symantec alleges the parties participated in trademark infringement, copyright infringement, fraud, unfair competition and false advertising, and is seeking damages in excess of $15 million in lost profits.

The company warns that “aside from the financial loss incurred by this activity, counterfeit software can also damage a user’s operating system due to faulty code or cause a user’s system to be wracked with security vulnerabilities.”

Payless Shoesource Inc. and discount clothing chain Burlington Coat Factory Warehouse Corp. have decided to pay about $425,000 in settlement of claims they had used unlicensed software.

The Business Software Alliance, an industry trade group that polices software licences, received reports on Payless and Burlington through their online reporting system where they offer rewards up to $200,000.

As part of the settlement, Payless and Burlington agreed to delete unlicensed software, purchase replacement software and improve their software management practices.

Both the Symantec lawsuit and the Payless and Burlington settlements show it can be more expensive to illegally copy and use software than to obtain and use it legally.

Yet a study by the Canadian Alliance Against Software Theft states Canada’s software piracy rate is 36 per cent. The United States rate is 21 per cent, the United Kingdom’s is 27 per cent and Sweden’s is 26 per cent.

One difficulty with lowering the software piracy rate was revealed in a recent study showing only 15 per cent of Canadians feel very confident they would be able to tell the difference between legal and illegal commercial software.

To recognize legitimate and illegitimate software:

* Check the price. Beware of “too good to be true” prices.

* Make sure you receive a licence. It is a standard in the software industry that legal pieces of software come with a licence.

* Look for documentation. The package should contain the original media, manuals, instructions and registration cards.

* Use caution when purchasing from unknown entities advertising on an online auction or classified ad.

In order to protect your computer, business and legal liabilities, ensure your business or organization uses legally purchased software in the right quantities.

Slashdot refers to an article that details a lawsuit between a Wisconsin State Trooper and his employer over the ownership of software the officer wrote. The software streamlines the writng of traffic tickets. Seems that the software works so well that it has commercial value. The officer says he developed it on his own time. His employer says he developed it while at work under the direction of his employer.

While the tests for who rightly owns such software are not that difficult in theory – in practice it comes down to the facts. But facts, as we all know, are subject to proof, interpretation and spin. And of course one’s perception of the facts and issues worth fighting over increase when something becomes valuable.

This kind of fight is common, but can be easily avoided if a written arrangement is entered into up front that clearly states who owns the product, what resources are to be used to develop it, and who gets to use it.

Read the Slashdot post

Read the Milwaukee Sentinal Journal article

I told myself that I was not going to comment again on the iPhone, as I risk falling into and expanding Apple’s “reality distortion field” – but Techdirt’s comment on the patent issue is worth looking at. (As is the video at the “demonstrated publicly” link showing some cool interactive display technology.)

Steve Jobs commented that they had filed 200 patent applications for the phone. Techdirt uses that to illustrate why perhaps the whole theory behind patents should be revisited.

One theory behind patents is that is encourages innovation as people will invest in R&D knowing that someone else can’t just knock off their products and sell them at a lower cost without incurring the R&D cost. There certainly is some truth to that.

On the other hand Techdirt points out that: The way to compete isn’t by catching up and “copying” someone else, but to continuously innovate. Then, even if someone else catches up, you’re still ahead — and, if anyone can keep on coming up with new innovations, it appears to be Apple. So, even without patent protection, Apple would make more than enough money to recoup their development costs.

There is no question that patents have gotten out of hand, and there needs to be a fundamental rethink of what protection is necessary and reasonable. Perhaps it should come down to some risk/reward test of the amount of time and money it takes to develop something and bring it to market, vs the ease of someone else producing a knock-off.

Take a look at the Techdirt post and the comments for more on the topic

It is common knowledge that Cisco has a US trade-mark in “iphone”, but recent comments lead to the assumption that Apple and Cisco had come to an agreement over Apple’s use of iPhone for its new product.

Turns out their discussions were not final, and Cisco has launched a trade-mark infringement suit against Apple.

Cisco’s trade-mark is for “computer hardware and software for providing integrated telephone communication with computerized global information networks”. So is that the same as a phone? Is the iPhone really a phone, or is it “computer hardware”?

This is a great negotiating tactic by Cisco, if nothing else. At this point, Apple has little choice but to settle with Cisco, or it risks having to change the name of the product.

Perhaps we should have a contest for alternate names. jobsPhone? minimacPhone? podPhone? topthisMicrosoftPhone?

ZDNet posts the actual claim, and has some good comments on the issue.

Read a Techdirt comment

Since every tech and business publication is talking about Apple’s new iPhone that Steve Jobs introduced yesterday, I might as well add my 2 cents worth (or should that be 8 gig’s worth?) as well.

I’ve always felt that Apple does a lot of things (but not everything) right, but I’ve not been an Apple fanatic.

After hearing about the iPhone though, I want it! The big question is – when is it coming to Canada, and which carrier will have it?

I have a smartphone, but am in the market to upgrade it soon to one running Windows Mobile 5. This may have changed my mind. The iPhone’s capabilities, screen size, and interface seem to eclipse anything else out there. Its what the Zune should have been.

Of course, in the end, the decision whether to get this or a Windows Mobile 5 phone comes down to a feature comparison absent the hype (some commenters already say the iPhone won’t deal with email attachments) and price.

To put this in perspective, take a look at ZDNet’s article entitled The iPhone fallout: Winners and Losers

The Consumer Electronic Show is now on in Las Vegas, and MacWorld starts today.

The CES has its usual array of new and improved electronics, and Apple is expected to announce new products today as only Apple can.

One common theme is getting digital content from our PC’s to our living room. Whether one is a fan of Apple or Microsoft, or thinks that those from the PC world should just stay out of the living room, the competition is good for consumers.

One thing Apple does best is to get product on the shelves immediately after its announcement. Most manufacturers announce products that are not available for months.

Both CES and Macworld are getting lots of press.

For details take a look at sites like Gizmodo and Engadget

David Canton – for the London Free Press – Jan 8, 2007

Read this on Canoe

The United States has not fared well in recent international privacy rankings.

In a survey done by the UK-based watchdog Privacy International, the United States ranks the lowest amongst democratic countries surveyed in terms of statutory protections and privacy enforcement.

There has been serious discussion about improving data privacy protections within the US.

The issue has been given wider attention after a few high-profile lapses in security. In May 2006, the U.S. Department of Veterans’ Affairs was responsible for the theft of 26.5 million social security numbers. An analyst had taken home sensitive data only to have his laptop stolen. The data included names, dates of birth, and social security numbers.

Increasingly, talk has turned to the implementation of a comprehensive federal data protection bill that would standardize privacy rules and supersede any state legislation.

This campaign has been spearheaded by a lobby group, the consumer privacy legislation forum of corporations such as EBay, Goggle, Microsoft and Hewlett-Packard.

Before the U.S. subcommittee on commerce, trade, and consumer protection last June, the forum outlined reasons for the immediate implementation of federal privacy legislation.

First, it would promote consumer trust. Second, a comprehensive federal strategy would address the inadequate patchwork of state and federal protections. Third, the legislation would fill the gaps by forcing privacy protection on organizations that have not developed effective policies.

Finally, the legislation would provide an understandable U.S. standard for all companies.

Although it is widely accepted universal privacy standards are important, there has been criticism of this push for new federal legislation.

As noted by the forum, the new legislation would take the place of state regulation. Some of these state laws, particularly those in place in California, are quite stringent. It is argued new federal legislation may offer less protection to consumers.

The argument can also be made that adoption of forum initiatives would essentially allow businesses to regulate themselves.

One need not look any farther than this country to see the potential problems with this approach. In Canada, the Personal Information Protection and Electronic Documents Act is based on a privacy code developed by the Canadian Standards Association. The code was drafted somewhat vaguely in order to be flexible for businesses. Adopting it as legislation has not been the best approach.

Observers have even argued state regulation of cyber-businesses is not the answer.

The theory is that a watered-down federal regulatory system will offer nothing but a rubber-stamp for those companies that take the minimal security precautions required. Rather, it is argued that change should come through market forces.

Companies will make significant changes to their data security structures only if there is an economic incentive. One such incentive would be a well-developed liability insurance regime.

Whatever steps are taken by American lawmakers, any legislation created must be clear and practical, provide real protection, and must take into account the perspectives of businesses and individuals alike.

The Electronic Privacy Information Center of Washington, D.C.- a privacy advocacy group – has released its list of the Top Ten Privacy Stories of 2006 and Ten Privacy Issues to
Watch in 2007.

Its worth a read to see privacy issues from a US perspective.

2006 stories include NSA domestic spying, the Hewlett Packard scandal, and passenger profiling.

2007 issues to watch include how the Democrat majority will deal with privacy issues, US – EU privacy differences, contactless credit cards, cell phone tracking, and increased surveillance.

Read the EPIC article

I disconnected from the blogosphere over Christmas, so missed the kerfuffle over Microsoft’s delivery of 90 computers loaded with Vista to selected blogers.

The reason, of course, was to get some publicity about Vista.

Many have commented about the ethics of this. I tend to side with the view that this is more about disclosure than anything. If one comments on something they received for free, or is being paid to adopt a position on something, be up front about it.

Vendor product giveaways for reviews and publicity is hardly a novel concept.

Microsoft is one of those successful corporations that some will bash regardless of what they do. Its important to look at issues like this based on the facts – not one’s inherent bias. (And yes, that’s often easier said than done.)

Take a look at Dave Taylor’s piece on this which has links to various comments, via Techmeme

The Canadian Privacy Commissioner has issued a news release with her top 10 recommended resolutions for consumers for protecting their privacy in 2007. Its a practical list that’s worth reading.

It reads in part as follows (with a couple of my comments thrown in.)

1. Guard your information

Ask questions when a cashier ringing in your purchases wants your name, address or telephone number. Why is the information being requested? How will it be used? If you are concerned about unwanted junk mail or telemarketing calls, decline to provide the information. It’s as simple as saying, “Sorry, I don’t want to share that personal information.” Privacy laws give you a choice. You don’t always have to say “Yes.”

[And shield the keyboard when typing your PIN number at the cashier]

2. Check your receipts

Some retailers still use older equipment that prints receipts with a complete credit card number – creating a risk the number will fall into the wrong hands and be fraudulently used. If the number is complete, use a pen to scratch out the middle four numbers on your copy.

[Some don't print the whole number on your copy - but do on the merchant copy. That's worse in my view. The transaction has been approved by then and the merchant does not need to keep the full number (unless they use the old fashioned impression method). Remove those digits from the merchant copy as well. A pen may not be enough if it can be read through it.]

3. Become a junk mail buster

If you don’t want to be added to marketing lists, check the “no thanks” or opt-out box, or initial a note stating your preference, whenever you give personal information to magazine publishers, retail stores, charities and other organizations.

4. Take three steps to create more quiet nights at home

- Take advantage of the Do Not Contact Service (do-not-call, do-not-mail, and do-not-fax) offered at no cost by the Canadian Marketing Association (CMA). You can make the request online at www.the-cma.org.
- Ask your telephone company to remove you from the lists it sells to external organizations.
- When telemarketers call, insist they remove your name from their calling lists. They are now required by law to maintain do-not-call lists.

5. Develop a shredding habit

Make sure your blue box is not a goldmine for identity thieves. Buy a shredder (many are surprisingly inexpensive). Destroy all documents that include sensitive personal information, such as bank statements, credit card statements, credit card receipts, and pre-approved credit card applications.

[To make it easier - just shred everything that has your name or any info at all on it. Get into the habit of shredding everything but the newspaper. When you buy a new shredder - get a cross-cut version rather than a strip cut one.]

6. Check loyalty program fine-print

Re-evaluate your membership in “rewards” or “points” programs. Often stores see your participation as consent to share your information without directly asking for permission. This can mean more junk mail and telemarketing calls. Read the program’s privacy policy. If you have concerns, don’t join or ask the store not to share your personal information.

7. Become more privacy-aware on-line

Educate yourself about protecting your privacy on-line. Install the latest anti-spyware, anti-virus and firewall software on your computer. Shop only on secure sites – check for a lock symbol on the bottom right of the window. There’s plenty of advice on the Internet.

8. Stop Spam

Invest in a good spam filter and learn how to use it. Spam affects privacy rights because it involves the inappropriate use of personal information – your e-mail address. Protect your regular e-mail address by using it only with trusted friends and business associates. Get another address for other online uses. If you receive an e-mail from a sender you don’t recognize, or with a subject line that doesn’t make sense, just delete it. Opening spam may send a confirmation that an e-mail address is valid – and lead to more spam. The OPC homepage, www.privcom.gc.ca, includes a link to more information about spam.

9. Caution on the phone

Apply a healthy dose of skepticism when an e-mail or phone caller warns that your bank account or credit card has been compromised. Never reply to such e-mails, which may have been sent by ID thieves. Call your bank instead. Fraudsters are also using the telephone to get personal information. The best way to determine whether a call about account problems is legitimate is to say, “I’ll call you right back,” and then call either the number on your credit card or account statement.

10. Protect your SIN

Ask questions when an organization asks for your Social Insurance Number. An ID thief could use your SIN to apply for a credit card or bank account in your name. Companies can’t insist that you provide a SIN unless it is required for a specific and legitimate purpose, such as tax reporting. Ask why the organization needs your SIN and whether you are required by law to provide it. If you are refused a product or service unless you give your SIN, complain to the Office of the Privacy Commissioner of Canada.

Read the full news release