ITBusiness.ca has an interesting interview with Tim Berners-Lee, described as the inventor of the world wide web, and now director of the World Wide Web Consortium, in Cambridge, Massachusetts.

Just getting used to Web 2.0? Tim talks about the next step, described as the Semantic web. Essentially, it is about the integration of data accross different platforms and from different sources. Think of it as convergence of data.

He talks about the privacy implications of that. Also about the concept of provenance, meaning knowing where the data comes from and what it can be used for. That concept is important for reasons of accuracy, accountability, and intended use.

He also talks about his support for net neutrality, including a good example of its meaning.

It is a worthwhile read for anyone wanting to understand where things might be headed.

Read the Interview

The Federal Privacy commissioner just released the decision and press release on their investigation into the MacLean’s magazine article where the reporter obtained phone records of the Privacy Commissioner herself.

Any business that has personal info that might be released or discussed over the phone with customers should take note of the details of this decision, and the Privacy Commissioner’s Guidelines for Identification and Authentication.

The records were obtained by a US based data broker that used pretexting. In other words, they asked the telcos for the information by pretending they were the account owner.

The investigation focused on the telcos and how the broker got the info. The investigation did not deal with the US data broker because, as stated in the decision: Initially, the Assistant Commissioner also opened a complaint against Locatecell.com. However, preliminary results of our inquiries revealed that the Office lacked jurisdiction to continue the investigation.

The Commissioner found that the telcos violated PIPEDA when releasing the information, but as they had put new procedures in place to prevent it from happening again, concluded that the complaints were “well-founded and resolved.”

The decision, press release, and guidelines are all available online at the Privacy commissioner’s web site.

See David Fraser’s Canadian Privacy Law Blog for the text of the press release, and links.

The Association of Chiefs of Police have issued a report on organized crime.

The London Free Press has an article today that focuses on what the report says about Internet crime, which is 1 of may aspects of the report. My first thought when I saw the article was amazement that people continue to fall for these. For the most part these scams are obvious.

One of the things the report talks about is product counterfeiting. Howard Knopf has a slightly different twist on the IP infringement side of things in his Excess Copyright blog that’s worth a read.

Read the Free Press article

Read Howard’s thoughts

Take a look at the actual report

For the London Free Press – July 9, 2007

Read this on Canoe

The Internet continues to blur our geopolitical boundaries. Questions of legal jurisdiction become relevant for those involved in e-commerce.

For example, what happens when a California resident seeks redress against an e-commerce company based in Canada? Is the Canadian company subject to legal action by that resident in California or must the California resident seek redress in Canada under Canadian laws?

Justice Joan Lax of the Ontario Superior Court of Justice examined this issue in her decision in the case of Disney Enterprises Inc. and Ontario-based Click Enterprises Inc. Lax was asked to decide if a New York judgment against Click was enforceable in Canada.

A New York court had found Click liable for providing online customers with technology required to download Disney’s copyrighted films. Click knew legal proceedings were being brought against it but ignored them, claiming it lacked the financial resources to defend itself in New York.

Lax summarized previous case law and stated that jurisdictional issues depend upon two main principles:

- The need for “order and fairness”

- A “real and substantial connection” to either the defendant or the cause of the dispute.

Under the “order and fairness” principle, Lax decided it was reasonable that the action was tried in New York because Click had control over a website that was available there.

The Supreme Court of Canada has stated that a jurisdictional connection with Canada may be established where a Canadian person or company receives or transmits Internet content.

Under the “real and substantial connection” test, Lax summarized the key factors for determining the proper jurisdiction for bringing a legal action. These factors include whether there is a real and substantial connection between the jurisdiction where the action is being brought and the subject matter of the dispute or the wrong that has been done or the damages that have been suffered.

In the Disney case, Lax found a real and substantial connection to the New York jurisdiction since Click’s website was available in the United States and had specifically targeted U.S. customers. Click’s business was to help Americans illegally download American films. In the end, Lax saw no reason to deny Disney the judgment it obtained against Click in the U.S.

Lax addressed possible defences to having a foreign judgment enforced against a party in Canada. In effect, to have a foreign judgment enforced in Canada, there must be no procedural unfairness and the judgment cannot offend Canadian concepts of justice and morality. These criteria were met in the Disney case because Click was well aware of the legal proceedings and chose to do nothing to defend itself.

The bottom line is that a Canadian website that targets users in another country may be subject to that country’s laws and legal system. Ignoring legal actions launched in other countries is dangerous.

CNet has an interesting interview with Verizon’s chief technology officer about their approach of bringing fiber right to their customer’s homes, rather than use the traditional copper for the last mile.

They now have over 1,000,000 subscribers to the service. While it costs more for them to create the infrastructure, they feel it is paying off, and will contine to pay off even more in the future.

Frankly, I wish we had a similar approach here in Canada. Where I live, for example, anyone with an HDTV has to use satellite, because while the cable system in our area works well for high speed Internet, its not capable of delivering more than 3 or 4 hi-def channels. Now if only the cable company would go direct to Verizon type fiber…

Read the CNet interview

That’s the title of an article in the latest McLean Report, a regular newsletter of the Info-Tech Research Group.

The article starts off with: The impact of the recent security breach that compromised the personal data of tens of millions of customers of the TJX group of retailers (TJ Maxx, Winners, HomeGoods, AJ Wright, HomeSense, and TK Maxx stores) is the biggest wakeup call in history for retailers. The bad guys want the information that retailers have – customer credit cards and personal information – as much as they want access to the customer data of financial institutions.

And ends with this thought: The recent pilfering of over 45 million credit and debit card numbers and the personal information (including Social Security Numbers) of 451,000 TJX customers demands the attention of retailers. The lesson is to protect the personal information of customers, and in turn goodwill and the company brand. Pay now to secure customer data, or be prepared to pay much more later on.

The article has some practical tips on how to protect data, and is a worthwhile read.

The McLean Report is only available by paid subscription, but the article is reproduced here with their permission.

Read the article

Go to the Info-Tech web site

Regardless of the legalities surrounding activities ranging from outright movie bootlegging to the posting of small clips on YouTube, there is a debate over whether piracy helps or hurts sales.

I subscribe to the view that a certain amount of “leakage” helps boost move revenue, but the movie industry doesn’t always see it that way.

The reality is probably that its a matter of degree. In my view clips or mash-ups posted on YouTube is beneficial for sales. At the other end of the spectrum is the sale of complete, quality bootleg copies, which surely leads to lost sales (and few would argue should be allowed). Somewhere in the middle is a dividing line.

CNet has a good article entitled Hollywood hates pirates, but can it use them? that delves into this issue, using Michael Moore’s “Sicko” as an example.

For the London Free Press – July 2, 2007

Read this on Canoe

In her latest annual report, Ontario Privacy Commissioner Ann Cavoukian says there is a need for a culture of privacy in Canada.

She says “organizations that fall under Ontario’s three privacy acts must not only educate their staff about privacy legislation and the privacy information policies and practices implemented by their organizations, they must work towards ensuring that privacy become embedded into their institutional culture and that staff understand how serious a privacy breach can be.”

In her latest annual report, federal Privacy Commissioner Jennifer Stoddart reminds us that PIPEDA, the federal privacy act, requires her office to “develop and conduct information programs to foster public understanding of privacy.”

Having a “culture of privacy” does not mean that we need to be educated in the subtle nuances of privacy law.

It means we need to recognize privacy issues when doing our jobs and understand how to deal with them, or who to turn to for guidance. We also need to understand the privacy consequences of things we do every day, such as placing information on social networks such as Facebook.

Stoddart notes that national surveys consistently find Canadians appreciate the importance of privacy in their daily lives. She also notes many Canadian consumer groups, academics, businesses and citizens are keenly interested in ensuring that personal information in the private sector is protected properly.

It is not uncommon for people to recognize when their own privacy has been violated, but not when they are violating the privacy of others or putting their own privacy at risk.

Perhaps if we had a “culture of privacy,” the number of privacy violations would be reduced. Many improper releases of personal information seem to be caused by human error or by not thinking about privacy consequences. Actions like leaving

documents or storage media in our cars or putting addresses in the “to” line of sensitive e-mails come to mind.

Many people put information about themselves online that exposes them to potential fraud or abuse. It’s one thing to do that with a understanding of the risks — after all, privacy is about personal choices — it is another to do that without understanding the risks.

How do we create this culture of privacy? A significant part comes down to education.

Some are trained in confidentiality leading to ingrained daily practice. Examples include solicitor-client privilege and doctor-patient confidentiality.

Businesses and organizations need to continue to train employees in privacy issues that affect their jobs. Privacy commissioners and promoters need to continue to spread understanding about privacy issues. It won’t happen overnight.