Permission is hereby granted to distribute modified or unmodified copies of this content far and wide. I, the author, do request though do not require that the link to the New York Times story is preserved in any redistribution, however.

(Copyright (c) 2010, Chris Travers)

The New York Times has reported today that the Obama Administration is seeking legislation to require backdoors into encryption software that could be used for wiretapping. I believe this is deeply problematic for both technical and social reasons, but the technical reasons are probably the worst. Because this area is not well covered in the existing articles, I figure it's worth giving a quick primer here.

  Types of Encryption

The simplest form of encryption is what's called symmetric encryption. It comes in various forms, some simpler than others, but the basic process is conceptually simple. Two parties share a secret. One party takes the message and encodes that message with the shared secret, and the other party decodes it using that same shared secret. This encryption is reversible and the key is the same on both sides.

A trivial example might include what we think of as ROT-13 (used for obfuscation) where every letter is rotated 13 places forward. So "this is a sample message" becomes "guvf vf n fnzcyr zrffntr." Of course such a cypher is easily broken, but there are very good quality symmetric cyphers available, such as AES.

The real problem with symmetric cyphers is that they require that both sides knows the same key before encrypted communication begins. If you are communicating with a lot of third parties, you would find you'd either have to publish the key (making sure everyone else could decrypt the same messages!) or find some way of getting the keys to the other parties in advance. This obviously renders this form of encryption useless for initiating secure communications with individuals one has never met.

To solve this problem, public key encryption was designed. Public key encryption uses two keys, called a public key and a private key. Knowledge of the public key is not sufficient to derive the private key through any sort of feasible process, and these keys are usually very long (AES may be 256 or even 512 bits long, but public/private key pairs are often 1024, 2048, or 4096 bits long per key), making brute force even harder (since the public key is expected to be publicly available).

The public key is then published and the private key is retained. A user can then look up a public key, encrypt a message with it, and only the holder of the private key can decrypt it. Similarly a private key holder can sign a cryptographic hash of a message and anyone with the public key can validate this "digital signature." (A cryptographic hash is another form of encryption with is one-way, and is used in document validation, tamper-proofing, and password checking.)

Public key encryption depends on the idea that ONLY the appropriate party has the private key. When you make a secure purchase on, say, Amazon.com, Amazon sends you their public key, and you and them use this to negotiate a symmetric cypher (probably using AES or RC4). In this way you know the key was properly exchanged and eavesdropping on this sale by criminals is not possible. When you enter your credit card data is not intercepted by criminals. Protection of the private key is very, very important to this process, but even knowing the private key does not enable you to eavesdrop on a conversation in process since that's done with a symmetric cypher.

SSL, PGP, IPSec Opportunistic Encryption, and related technologies all use asymmetric encryption, but the differences tend to be in how keys are published and who is vouching for them. SSL is designed so that you know who you are talking to because a third party (like Verisign) is vouching for the identity of the server.

Problems with Backdoors in Public Key Encryption

To effectively wiretap public-key-based communications, you have to have access to the private key, or you have to tap them post-decryption. Tapping post-decryption works fine in some contexts, such as what you are purchasing at Amazon.com. However, it does not properly work when trying to capture the content of encrypted emails, since these are usually encoded with the recipient's private key. Communications encrypted in this way are not generally vulnerable to interception in the middle. Moreover, communication itself could include encrypted files as attachments and such which could be handled entirely outside the flow of the program (I can encrypt a file and then attach it and my email program doesn't care if it is encrypted).

There isn't a real way to retrofit peer to peer communications programs to allow this sort of interception without compromising the core of how encryption works. A company may maintain their own certificate authority and use it to publish keys for internal company communications. A person taking a company laptop home may then use those certificates to encrypt emails. There is no way to intercept the content of these communications without requiring that the company keep copies of all private keys, thus compromising their own security. Similarly, if I email out an OpenPGP key or an OpenSSH key, these are not sufficient to wiretap the communications that would be encrypted using those keys. The only way out would be to require the makers of the software to include a facility sending the private key to some sort of escrow service which could then provide the key to law enforcement, but this compromises the basic integrity of the software, and any attempt on open source programs could be easily circumvented.

Consequently, this doesn't actually affect the sorts of technologies an organized crime ring is likely to use. Instead it makes each of us more vulnerable to government spying, and it makes key data, such as credit card data, far more accessible to criminals.

Such a law would thus benefit organized crime at the expense of the average consumer. It's an unbelievably bad idea no matter how you look at it.

I have had a great laugh doing some research online (various sites) to try to figure out why this year's whooping cough epidemic is happening in California. It is amazing the amount of misinformation I have found. Pro-vaccine people are blaming it on anti-vaccine people (false, see below), and Anti-vaccine people are blaming it on the vaccine (also wrong). Some people are even blaming it on illegal immigration. As best as I can tell this is because the whooping cough vaccine is different from the vaccines of, say, Polio or Measles, and people try desperately hard to fit it into their agenda even when it doesn't fit. In my reading I have learned a lot about a type of vaccines I never really paid attention to. I figure it's time to set everyone straight.

The NPR article above is particularly laughable (really, NPR does enough good reporting they should know better) because they say whooping cough was once "wiped out." Not so, says the CDC.

Most vaccines against serious illnesses are called "live attenuated virus" vaccines. These include MMR and Polio, and and basically the idea is you give the body a weak version of the virus so it develops an immune response against a stronger version. Usually with appropriate doses, these provide permanent immunity, but there are rare cases where the virus can revert, so it is possible to get full-blown measles from the MMR vaccine, though once again this is rare. These are the vaccines which produce herd immunity.

It turns out that whooping cough vaccine is a different kind of vaccine altogether and in fact individuals are not actually vaccinated against the bacteria that cause the disease at all. Instead, the vaccine is against a toxin that is excreted by the bacteria, and that toxin, called an exotoxin, is what causes respiratory damage. The theory is that this way if you get the illness, your body will have a head start at damage control (by attacking and neutralizing the exotoxin) and so you won't get very sick. So the vaccine is a dose of denatured bacterial exotoxins, called toxoids, that your body can develop antibodies to. Other toxoid vaccines include tetanus and diphtheria. While it is possible to be allergic to an acellular toxoid vaccine like this one, it is entirely impossible to get the disease from it because there are no live (or even dead) microbes in the vaccine itself. Whooping cough, or pertussis, vaccine is usually given with diphtheria and tetanus toxoid vaccines together either as a DTaP or a Tdap depending on age of the individual, but adult vaccinations are rare.

One interesting feature about toxoid vaccines is that they don't actually provide direct immunity against the disease at all because the targets of antibody production aren't on the envelope of the microbe. Instead they work by reducing the severity (and length) of the illness. In short, they don't keep you from getting sick. They just keep you from getting extremely sick. Consequently most people reading this could still get diphtheria this winter, or whooping cough, and could even spread it, but you probably wouldn't know you were carrying a serious illness. In short these vaccines provide absolutely no herd immunity at all, though they may provide some epidemiological benefits in terms of reducing the number of individuals infected by a single person (the downside of course is that it makes diagnosis and monitoring much harder--- we simply don't have any idea, for example, how many minor cases of whooping cough or diphtheria actually occur every year. We just know they don't get sick enough to be diagnosed).

Yet the news media and many "experts" still talk about herd immunity from this vaccine. Indeed while the CDC recommends adults be vaccinated, they state clearly that herd immunity is not a direct factor and that it's not a simple choice.

And while it is not believed that whooping cough has an asymptomatic carrier state, diphtheria is shown to have one, particularly in vaccinated adults. (One possibility worth considering is that asymptomatic means just that, so even mild symptoms, such as those resembling the common cold could be a symptomatic carrier state.)

So the picture that emerges is that whooping cough vaccine prevents death and long, tiring illnesses in children, but doesn't stop the bug from circulating. So it's probably a good thing for kids to have. However, whooping cough is also very much out of control and not just this year, as the CDC admits.

Furthermore I have come to realize that a few times in the last decade I've gotten this cough which lasts a few weeks and then mostly goes away, except for periodic, very heavy coughing, and with no symptoms in between. In these cases, sometimes I have been diagnosed with asthma but the inhalers don't seem to help much (so I go back to using an herbal remedy which seems to work very well, but it is rather non-standard). This lasts a few more months, and then goes away. My current thinking is that my son probably picked up whooping cough at school and I picked it up from him. Since he was vaccinated, he only seemed to have the common cold, but I got something a bit worse.

This specific vaccine isn't about herd immunity, but rather reducing the severity of a serious childhood illness. It doesn't contain microbes, live or otherwise, and while it may reduce the spread of the illness there isn't sufficient data to know the extent of this. This particular vaccine is almost certainly worth giving to most kids. However, there is no benefit that non-vaccinated individuals get from those who are vaccinated in this case.

Whooping cough cycles come and go every few years. This is no different. While hospitalizations may be preventable with the vaccine, it's spread is probably not.

When people extol the values of a political philosophy, I like to look to history for empirical data. Obviously republican forms of government with general police powers to enforce the common will are much more common than successful libertarian states. We can look to Athens, the Roman Republic before Sulla or Caesar.

There is one prominent exception: Iceland between the period of Norse settlement (probably 8-9th Century) and Norwegian domination (12th century). Iceland was a remarkable place during these years but due to a number of problems eventually was subsumed into Norway. The country sported a national legislature and a national court system supported through a combination of private enterprise and taxes, but it had absolutely no executive power. People suggest it was the first democracy to rule a country. Well, it wasn't (it's hard not to consider Athens a country), but it was quite remarkable nonetheless.

Icelandic society had basically three social classes based on offices, obligations, and conditions of servitude. The top class was occupied by the "godhar" who possessed property rights to a "godhord" which was a public office which contained legislative, attorney, and priestly roles. The godhord could be sold, loaned out, inherited, etc. In other words it was treated just like real property. The godhar collected taxes on the maintenance of temples, received income from arbitration and attorney services, and had certain rights regarding international commerce, such as first pick of goods from an overseas merchant. While "godhi" is usually translated as "chieftain," they didn't "rule" areas, and only were responsible for people who entered into contracts with them.

The second class were the bondar or thingmen, who were freeman farmers who entered into a relationship with a godhi. The bondi was responsible to represent the godhi's interests when serving on a jury at the thing ("thing" being legal assembly), were expected to serve as guards or soldiers for the godhi if necessary, and so forth. Bondir were allowed under Icelandic law to change allegiances more or less at will, so this relationship had to be mutually beneficial if it was to last.

The third class were thralls, or slaves, who were usually either people captured in raids or prisoners of war. If a thrall was freed, the freed man or woman would have certain legal obligations to the former owner, and the former owner would have paternal duties to the freed individual, but the children of freed thralls would be fully free citizens with no such obligations. Thralldom provided a sort of POW status for those captured during warfare or raiding operations, and provided a limited set of legal rights to those so held. Thralls weren't "slaves" in the way we think of them from American history in terms of simple human chattel, but rather individuals who were captured at war and afforded some legal protections provided that they'd work. Thralls could own property and were afforded the right to purchase their own freedom if such wasn't given by their "owner."

Now, for the Icelanders, life was surprisingly good compared to Continental Europe. While life expectancy from birth in France was about 20 years during the 10th century, assuming the child wasn't exposed to death in Iceland (infanticide was legal), the child could expect to live 45 years. Moreover the rate of dental caries in France over that shorter lifespan was 10% (meaning 10% of teeth were lost on average, or were decayed). Despite the longer lifespan, the rate in Iceland was 2%. The typical theory is that this would indicate a general lack of carbohydrates in the Icelanders' diet (they ate mostly dairy products, meat, and dried fish smeared with butter).

The longer lifespan is all the more incredible due to the way the Icelandic justice system worked: if the sagas are any indication blood feuds were quite common and may have actually had a stabilizing impact on Icelandic society due to how they were structured. These were generally resolved in court via lawsuits where the side which lost most would be compensated by the side which lost less. Often these were arbitrated with the support of extended families, but sometimes they were actually full law suits.

This system worked remarkably well for a remarkably long time (about three to four centuries). However, eventually Iceland was essentially annexed into Norway. The major causes for the Icelandic decline were:

1) Environmental degradation and erosion (a surprisingly common problem in the pre-modern world, but one which was particularly problematic to people on an island with limited land)
2) Climate change (the little ice age) which cut off Iceland from the Greenland colonies and made the island politically and economically dependant on Norway, and
3) The conversion to Christianity and the political struggles over the church in Iceland eventually allowed Norway to annex the island without a fight (though more than 100 years after the conversion)

After losing independence, Iceland would not regain it until WWII. However the system worked surprisingly well for a surprisingly long time period, and was (relative to the time) not a very bad place to live by any measure.

However, of course, this worked fine for an insular area like Iceland. It would not have worked in a place more easily subject to invasion.

Further reading:
"Medieval Iceland" by Jesse Byock
"Viking-Age Iceland" by Jesse Byock
"The Vikings" by Else Roesdahl
"Everyday Life in the Viking Age" by Jacqueline Simpson

My single largest concern with the health care reform bill here is that the law, if upheld, would severely damage some of our most important Constitutional rights as American citizens. These rights are codified in the 5th Amendment and protect us all from unfair prosecution by the government in two ways: by requiring that due process not be denied, and by prohibiting the government from requiring self-incrimination.

It's important to realize how this mandate works as opposed to, say, the mandate to be insured when you drive in this regard. The state cannot force you or anyone else to admit to a traffic infraction or misdemeanor, so the only way this can be enforced is to require proof of insurance to drive, and to write tickets when this is not present during a traffic stop. Nonetheless, at least in my state, this can be challenged in court if you have insurance but the proof of it was not in the car during the traffic stop.

Obviously this sort of enforcement measure doesn't work when requiring people to purchase health insurance. I suppose Congress could make visiting an emergency room without insurance to be a misdemeanor or even a felony but that would just discourage the uninsured from seeking medical help when it was necessary. Consequently, Congress attempted to do something that's unprecedented: require disclosure of non-violation as part of the tax code and penalize people appropriately. This is where things become problematic.

To be sure there's no problem with Congress deciding to raise everyone's taxes by 2.5% and then giving everyone a tax credit equivalent to the current penalty, but that's not equivalent to the current system. Instead, if you make over about 28000 USD/year, you pay 2.5% as a penalty but if you make less, you pay $695 as a flat penalty. This penalty is equivalent to that which is assessed when one is convicted of various misdemeanors. While I think it might be argued that the objection of folks making more than 28k per year might be shadows instead of substance, for those making less, I don't think the law is Constitutional because it imposes a fixed penalty, requiring self-incrimination and denying due process. This is hence a "fine of not less than" structure pretending to be a tax, requiring self-incrimination, and adjudicated to a standard that would be impermissible if assessing a federal misdemeanor. I believe that such would be adjudicated to a preponderance of evidence, which is the standard for civil cases, not criminal cases. There are ways this could bleed over into criminal cases as well.

If this is upheld as Constitutional, then it is not an understatement to say that this is as much a threat to American liberty as any part of the so-called war on terror. The threat here is substantial and one that I don't think most Americans on either side of the isle appreciate: by eroding due process in the name of a social interest, we make it possible to use the tax code to make an end-run around the 5th Amendment, rendering our valued Constitutional protections of limited value. It seems to me that both parties seem intent on destroying due process guarantees in one way or another when it suits them, and I am very concerned about the future of my country. Our last hope at present is with the courts.

If this is upheld as Constitutional, there's no reason why a state couldn't list a bunch of crimes and require self incrimination on tax forms. At that point we move ever closer to a society characterized by "show me the man and I'll find you the crime." This is not what I want for my country. And while I have policy concerns over a single payer system in this country, they do not rise to this level. Let's hope that the courts protect our rights not to self-incriminate, and to ensure we have due process when accused of not having health insurance that the government deems acceptable.

I thought about not writing this since the OK City Bombing occurred on the anniversary of Waco. However, in doing additional research into this topic, things have come up that must be said, and I believe that it is the patriotic duty of every American to consider these problems and strive to get our elected representatives to fix them. And whatever McVeigh's motives in the Oklahoma City Bombing, even if he was outraged at the atrocities committed by our government (which I doubt), he has hurt the cause of reform more than anything since.

First let me make one thing very clear. I have no inherent sympathy for white racists like Randy Weaver, nor do I have a great deal of sympathy for David Koresh. Neither man would be eligible to be my friend though for different reasons. Each I would have the sense to stay away from. However, as long as we strive to live in a nation ruled by laws, we must strive against the sort of excesses that were perpetrated against them by the government of the USA. Rampant lawlessness on the part of the FBI and BATF, and a military approach to domestic law enforcement have done great damage to my country, and threaten to do more as the "war on terror" slowly blurs the lines between domestic and international police actions.

Rule of law means that everyone, no matter how troublesome of character, is not subject to arbitrary and capricious attempts to deprive them of life, liberty, or property. Every American should read everything he/she can on these incidents and lobby Congress to make appropriate reforms. Furthemore this is not and should not be a partisan issue. The same problems that occurred at Ruby Ridge when George H W Bush was president occurred later at Waco when Bill Clinton had assumed that post.

A second important point is that while I find white racism (of the Aryan Nations type) very much a problem, it is well established that Randy Weaver was a law abiding citizen who never so much as got a traffic ticket prior to attempts by a government informant (who was paid per conviction) to railroad him. David Kopel has argued in his book, "No more Wacos" that one of the fundamental problems here was that the government was frequently paying informants on a contingency basis, and that this was encouraging entrapment of the sort that the jury found to have happened during the trial (Randy Weaver was acquitted on all counts except one count of failing to appear to stand trial). Kopel details abuse after abuse of government power in the Ruby Ridge incident. In the freely available chapter, however, a number of important details are missing which makes the incident even more problematic. In particular he glosses over the shoot to kill orders which were apparently to some extent already in place before the FBI arrived at the scene (given that the dogs were shot at by marshals prior). He also glosses over the allegations prior to the stand off that the Weavers fired at news helicopters (which was denied by everyone other than law enforcement).

Overall the picture that Kopel draws is of a law abiding citizen, albeit a white supremacist, who was railroaded for crimes he didn't commit, and improperly advised by judges and law enforcement, so that the fatal confrontation became inevitable. Unfortunately, as Harvey Silverglate documents in his book, "Three Felonies a Day: How the Feds Target the Innocent," this approach to federal law enforcement is quite common regardless of the type of crime alleged. The feds want convictions and tend to apply enormous pressure to get them even when they are clearly wrong, or have to stretch laws to the breaking point to get them. Silverglate is a veteran civil libertarian having done prestigious work at the ACLU and EFF, as well as founding FIRE.

On to Waco. Waco still stands as the largest massacre of Americans by Americans since Wounded Knee. In this case, 82 individuals, including 25 children, lost their lives in a military assault on a civilian compound in Texas, in 1993. The problems were the same, however: trumped up charges (many of which were fabricated out of whole cloth), excessive force including substantial evidence that law enforcement officers fired from helicopters prior to the ground raid commencing, and the overall conviction that military tactics were the appropriate method for dealing with domestic law enforcement situations.

In an Akron Law Review article, Can Soldiers Be Peace Officers, Kopel again takes up the issue of Waco and discusses the use of military tactics, as well as the close and in some cases illegal connections between the military and law enforcement agencies in that raid. In particular, it's worth noting that both Bradley and Abrams tanks were used by the FBI in this raid. Kopel's clear-headed evaluation of the situation, concluding that Koresh was probably mentally ill, and evaluating the issues in terms of how both sides reacted.

Of particular importance here though is Kopel's discussion of the evidence that the BATF officers began the raid not by approaching the front door but by strafing the roof of the dwelling with machine pistol fire from helicopters. The evidence is well discussed in Kopel's piece is interesting because it comes from a number of different sources and suggests that a military outlook was at issue even from the start. Assuming this is the case, then after already being fired at with no initial option to surrender, the Branch Davidians could have reasonably feared for their lives and assumed that the BAFT agents were coming in with lethal force.

The picture Kopel paints here is once again the same FBI unit which caused the problems at Ruby Ridge making the same mistakes all over, but with much larger stakes and with much more force.

I agree with Kopel that we need to work on demilitarizing our law enforcement, returning them to a proper "officer of the peace" status. This is becoming more important as the "war on terror" progresses. If you want to do something about it, write your congressmen urging reform of the Posse Comitatus Act, asking for a clear barrier where no military personnel or equipment can be used for domestic law enforcement, whether borrowed or rented from the military, and urge that the act be expanded to prevent use of the Navy and Marines in domestic law enforcement as well.

Please note, this is not a criticism of the ideals of network neutrality but rather of specific proposals. In general, I think it is important to ensure that ISP's are not blocking content for arbitrary reasons. However, in some cases, they may want to block content (with the customer's permission or in the customer's interest) and/or shape the traffic to prevent some individuals from saturating upstream links. Indeed, I think there are a number of reasons why ISP's would legitimately depart from the ideals of network neutrality without sacrificing the core benefits those ideals provide. The main areas of obvious departure include:

• Blocking of network ports relative to security risks but with few legitimate uses, provided a customer can request non-blocked service
• Blocking of known malware based on deep packet inspection (my ISP does this).
• Utilizing traffic shaping and queuing in order to ensure that the main uses of an ISP continue to perform well.

These approaches are aimed at protecting users either from common mistakes that non-technically-minded users are likely to make or from compromised nodes of the network (viruses etc). A second main goal is to ensure reasonable customer satisfaction by ensuring that the most frequent applications of internet-based technologies perform adequately regardless of the behavior of other users. We do not need to treat a virus the same way as a web page request in order to get the primary benefits of network neutrality, and overly broad proposals would have the effect of limiting ISP choice in how to provide properly for customers. Therefore I would suggest that network neutrality should therefore be seen as excluding the following forms of broadband discrimination:

• Blocking of network traffic for reasons of security, providing that a customer can opt-out of blocking rules
• Blocking of known works and viruses, whether or not a customer can opt-out
• Traffic shaping aimed specifically at ensuring that a small group of customers does not monopolize upstream links provided that performance is not degraded beyond available bandwidth (after higher priority queues are cleared)

FWIW, I don't see a lot of net neutrality proponents rushing to ban these sorts of practices. If we can exclude these practices from net neutrality-oriented legislation, I would be quite happy.

Conventional wisdom, backed by court judgements, hold that allowing pornography to be visible in most workplaces constitutes sexual harrassment and is discriminatory against women. In this piece, I explore a counter-argument to this widely held belief. While I think workplaces are for working, and while it may be wise for a corporation even without threat of lawsuit to avoid allowing porn in the workplace, I think the courts have taken this too far and are further undermined by changing demographics in the consumption of pornography.

We have all heard that pornography is degrading to women, and courts have held that this is sufficient basis for a Title VII claim of sexual harassment. This premise, though, tends to be tied to the idea that pornography reduces women to sexual objects, and that allowing such depictions in most workplaces (obviously excluding pornography-related businesses) constitutes sexual discrimination (Title VII harassment claims are technically discrimination claims). This is a case where we start with the premise and assume the conclusion based on it. After all, it is incredibly difficult to determine what "degrading" means in an objective, legal sense and hence personal prejudices can be substituted for objective fact-finding. The EEOC, for example their definition of sexual harassment which includes any display of "materials that are in any way sexually revealing, sexually suggestive, sexually demeaning or pornographic." This definition of course, not only includes the playboy centerfold but also Leonardo Da Vinci's painting "Leda and the Swan" (which in the context of Greek myth is quite sexually suggestive as well as being sexually revealing even in the absence of such context).

Fortunately, the courts have been somewhat critical of these claims. In Robinson v. Jacksonville Shipyards, the pornography in the workplace was supporting evidence for the claim but other factors included the fact that individuals were placing such images in the plaintiff's toolbox and that there was other harassing conduct involved as well. In this case one might conclude that the mere presence of pornography was not sufficient to raise sexual harassment claims, but the overall environment was quite hostile (and even personally directed). Other cases I have been able to find have not been willing to find harassment on the mere basis that pornography was present in the workplace. However, what is troubling about the Robinson case is how the court's mandated sexual harassment policy banned all pornographic images in that workplace by court order.

Fortunately (at least from my point of view), personal prejudices of this sort are actually on their way out. One recent study concluded that around a third of all who purchased porn on websites were women. (While this site is probably not unbiased, the findings seem aggregated from proper studies.) When we do the math it turns out that nearly a third of women end up being porn consumers, and women are a rapidly growing demographic among porn consumers. Violet Blue, in her book, "The Smart Girl's Guide to Porn" argues that socially, we are moving towards gender parity in porn consumption.

What this means is that currently, a very large minority of women do not see pornography as sufficiently degrading to stop purchasing it. If pornography consumption is really approaching gender parity it seems silly to argue that displaying it is somehow discriminatory. However, courts tend to be methodologically conservative and may take some time to convince that such is not evidence of discrimination by itself.

UCLA Law Professor Eugene Volokh has written a very interesting article asking what speech is actually restricted in hostile work environment harassment law. One of the important points he brings to the table is the fact that most employers will err strongly on the side of caution to avoid being sued. This means that political and social debate. In particular he points out that:

Your answer would probably have to be "We won't know until it gets to court." With vague words like "severe," "pervasive," "hostile," and "abusive," that's generally all you can say. And because of this, the safe advice would be: "Shut the employees up." After all, the typical employer doesn't profit from its employees' political discussions; it can only lose because of them. The rational response is suppression, even if the lawyer personally believes that the speech probably doesn't reach the severe-or-pervasive threshold.[citations and footnotes omitted]

The result is that a definition of discrimination is fostered by our courts and government based on false premises which do not match the data on the ground. (The problem with the Court decisions is that it is difficult to know beforehand what will constitute harassment and hence employers have a strong desire to avoid anything possibly questionable.) This runs against basic first amendment protections and creates a substantial level of chilling speach. Worse, the same sorts of restrictions come into play in public accommodation harassment cases, where customers feel that the business is hostile towards them on account of protected categories. The result is a direct infringement on our ability to speak and advocate freely.

IMO, the solution is to provide proper protections for Constitutionally protected speech (including Pornography) and require that this be further balanced against any functionally discriminatory elements before suits can go forward. Furthermore, I think the Constitutional protections should be far stronger when applied to public accommodation harassment law instead of workplace harassment.

Tomorrow: Why the obscenity exception has to go (or at least be narrowed).

This week the Third Circuit upheld the injunction against prosecution in the teen sexting case which has previously been mentioned on Slashdot. The third circuit didn't reach the question as to whether the photos at issue in the case were Constitutionally protected (this will probably be saved for trial). However, it seems to me that this is a good opportunity to discuss something a bit beyond the case: how vague child pornography laws are turning millions of normal teens into felons and sex offenders. I believe that the laws must be changed (either through legislative or judicial branches) to stop this trend. I think it should further be stopped without overly harming actual attempts to prosecute those who are engaged in the sexual abuse of minors by producing child pornography.

In 1982, the US Supreme Court ruled, in New York v. Ferber, that child pornography, whether technically obscene or not, was outside the protection of the first amendment. The Ferber case created this exception based on the compelling interest of the state in protecting children from sexual exploitation and abuse, and noted that the economic trade of child pornography was intrinsically connected to this sort of abuse. Given the negligible expressive value of such works in the context of Ferber, they were not protected by the First Amendment. I think this rationale was sound in 1982 and to some extent, as regards real child pornography, it is still sound today.

The rise of the internet and multi-media capable cellular phones has changed a great deal both in how real child pornography is distributed, tracked, and prosecuted, but it has also created a number of problems for the original Ferber rationale. The rise of sexting is one example, as is the rise of underage individuals taking photos of themselves engaged in sexual activity without the instigation of an adult. While Ferber is a helpful rule in tracking down those who aid and abet sexual predators, it also is criminalizing an increasing number of ordinary teens, in a direct affront to our basic rule of law and sense of justice. We are now facing the absurdity of throwing teenagers in prison and branding them for life as sex offenders in the name of protecting them from sexual predators. These sorts of prosecutions have a number of things in common: they are disconnected from the harm discussed in Ferber, they are typically non-economic in nature, and they may have, in their context, more than minimal expressive value.

First, Ferber was a response to a real problem regarding sexual exploitation and abuse of children. We can probably all agree that production of child pornography is a problem and that it may be legitimately outlawed. However, when a teenager takes sexually explicit pictures of him/herself and sends them to another teenager (typically a boyfiend or girlfriend), this is a very different situation. Here we do not have a sexual predator preying on a child. The rationale of the law and of Ferber is entirely inapplicable to the situation. It is further likely that only a small minority of such material is actually ever found, and that if current trends continue, the vast majority of sexually explicit images of real minors may be entirely divorced from the Ferber rationale. If this is the case, then Ferber would have to be revisited and either narrowed (which I support) or eliminated (which I do not).

Secondly, most of these are entirely non-economic in nature. I think Ferber could be held as applicable if an adult were paying a minor to take such pictures or to hand them over. However, where this is a private exchange of material from one teenager to another, then it doesn't seem that even the economic motivation portions of the rationale apply.

Finally, the Supreme Court has, in other cases, held that adults have an expressive right to be involved in non-obscene sexually explicit photographs. The child pornography cases to date have never reached a question of whether a minor has a right, absent adult intervention, to similar expression. If the First Amendment is truly seen by the courts as based on a natural right, then the bright line of saying "don't take sexy nude pictures of yourself before your 18th birthday" doesn't seem be tenable.

So what is to be done? I can think of a few options:

The first is that the Ferber rationale could be ruled to be inapplicable to prosecutions of minors. This would be the simplest approach and simply rule that minors cannot be prosecuted for charges relating to child pornography. There could be a number of Constitutional theories on which this could be based, including the idea that minors are not without expressive rights of this sort (and therefore strict scrutiny is not met as applied to minors), and that the rules are unconstititionally vague as applied to minors. This is the sort of thing which could be done as an "as-applied" Constitutional challenge or as a legislative change.

The second is that the Ferber rationale could be narrowed to require specific intent to possess child pornography AND a general intent to contribute to the exploitation, abuse, or privacy violations of a minor (i.e. intentionally possessing child pornograpohy, knowing that it was contributing to exploitation or abuse). This is more disruptive, and would make cracking down on child pornography harder but still possible. This is the sort of change that I am somewhat ambivalent towards, and I think only the legislature could really do it. Note that this would not categorically prevent minors from being prosecuted under these laws and would leave some sense of equal applicability.

Finally, Ferber could be overruled and obscenity laws only could be seen as applicable. I see this as very dangerous because I think obscenity laws should be declared Unconstitutional on both vagueness and first amendment grounds. Leaving this as the sole solution to the issue of child pornography would make that far harder. Only the courts could do this.

In the end, I favor simply excluding minors and those barely over the age of majority (say, those who are 18 years old) from such prosecutions, provided that there are no direct allegations of child abuse tied to the pictures (i.e. the Ferber rationale does not apply). If there are such allegations, they should have to be proven as a part of the trial process.

However, regardless of what we do, threatening to send adolescents to jail and brand them as sex offenders for life for doing what would be Constitutionally protected a few years later has to stop. Not only is it entirely unjust but it is an affront to the ideal that we live in a country ruled by laws in accordance to the ideals of Liberty and Justice.

So today while I was at work a pair of Jehovah's Witnesses came to the door as part of their missionary work. I answered the door and knew immediately what was going on (two women I had never met knocking on my door? That's the JW MO....

So, they said they were talking with people about how they were discussing with people the problems of the world and where to turn for answers.

"I study ancient mythology." I told them.

"We're sharing the Word of God" they told me.

"That's your mythology" I told them, approvingly.

They seemed somewhat unsure of how to proceed. So they read me a bible verse and left. I thanked them politely for coming, but I don't think they will be back soon.

BTW, here was my comment submitted to the USTR regarding the treaty.

RE: 2010 Special 301 Review
Docket Number USTR-2010-0003

Jennifer Choe Groves
Senior Director for Intellectual Property and
Innovation and Chair of the Special 301 Committee
Office of the United States Trade Representative
600 17th Street NW
Washington, DC 20508
Filed electronically via Regulations.gov

Dear Ms. Groves:

I am a software engineer and developer here in the US. I own copyrights to a number of software programs and published papers, some jointly with corporations or other natural persons. I have also authored two ebooks which are distributed online and one printed book which is available through major retailers. Software I produce is distributed world-wide.

I am deeply concerned about the rush towards greater liability for neutral service providers where copyright infringement is alleged. Holders of copyrights (including myself) should not be able to make end-runs around our traditional system of legal protections by threatening third parties into shutting off services which may be vital for conducting lawful business. This is especially dangerous where very fact-centric elements of copyright and trademark infringement accusations may need to be adjudicated by courts. These cases can occur where questions of fair use or derivation occur.

Thus I am concerned that the rush towards greater protection and greater third party liability will become a sword of Damocles hanging not only over the head of the average citizen but most especially over the head of the copyright holder. After all, if a set of mere accusations is enough to insist that material be taken down or internet access denied, then those who produce copyright-worthy materials will be the most exposed.

Instead, balance is needed, and consumer protections must be a major part of the equation. These consumer protections don't just protect consumers against rights-holders. They protect rights holders against unfair competition, and they protect innovators against entrenched market interests.

Instead of dictating how foreign countries should make laws ensuring elements well outside the traditional boundaries of copyright law (circumvention device control, etc), we should instead be interested in looking at ways to make claims more easily adjudicated when they come up. The emphasis on third-party liability is a major step backwards.

Please reconsider.

Sincerely,
Chris Travers

I have spent a lot of time thinking about the oral arguments posed in the rehearing of Citizens United vs. FEC. This is a case whether a corporation which exists primarily for political advocacy could have their movie denouncing Hillary Clinton played legally over cable in the last two months before the primary. The district and appellate courts said "no" based on campaign finance laws. They then argued before the Supreme Court over whether campaign finance laws could be applied to them in this context.

If only it were that simple. Instead of issuing a ruling, the court asked the parties to come back and argue whether or not two important precedents in this area (Austin v. Michigan Chamber of Commerce and McConnell v. FEC) should be overruled on first amendment grounds.

The ACLU, ever the champion of unpopular causes, has filed an amicus brief asking the court to rule the law in question facially overbroad and unconstitutional on first amendment grounds. The NRA also filed an amicus brief asking for more limited decisions on Constitutional grounds, striking down a single amendment and instead punting the issue back to Congress to fix the resulting issues.

The case is difficult for many people because of deep-seated prejudices about the virtues and perils of corporations in America. Some see corporations as good and wonderful engines of the economy which should be left alone from government interference and others see them as evil, greedy money-powered engines of social destruction which must be kept on a short leash. These prejudices get in the way of addressing serious concerns on both sides.

More troubling from my viewpoint though is the government's retreat from what is probably the most plausible defence of these cases: That very wealthy corporations (many of which have more wealth than any natural person in this country) can distort election dialog with their mere presence in that dialog. Instead Elena Kagan sought to emphasize corruption dangers and shareholder protection which seemed to be less well accepted by the court. In essence she asked them to keep the lines the same but change the underlying reasoning behind the line.

In the end though nobody seems to doubt that Citizens United should win, but the question is on what Constitutional basis. This leads in turn to the role of corporate first amendment rights and whether these even exist. Here the questions to seem to become far more murky.

Jamie Raskin, in his opinion piece "Corporations Aren't People" on NPR, said:

I agree with John Marshall in his analysis but I don't think it necessarily follows that corporations don't have first amendment political campaign rights. Similarly even if we accept that corporations have first amendment political campaign rights we don't have to conclude that no regulation is possible. The fundamental question becomes whether Constitutional rights are applicable to an organization incidental to its very existence or not. Obviously some rights are not. Corporations can't vote, and IBM can't be nominated to fill a Supreme Court vacancy. Other rights, such as the rights to due process and equal protection of law are incidental to existing in the American legal system.

So which category includes freedom of speech? Or could this be settled instead by merely holding it to be a part of freedom of the press (which News Corp, NYT Corp etc. clearly have)?

Existing in the United States means participating in the marketplace of ideas. Both freedom of speech and of the press protect that marketplace from undue government control, and require that government rule are narrow as possible to meet legitimate and important government interests. The protection is not one which is limited to natural persons-- corporations routinely advertise their products and have some first amendment protections on those advertisements. Similarly, corporations have the right to petition government for a redress of grievances. I don't think it is outlandish at all to suggest that corporations, just like resident aliens, have a right to participate in our political system even if they can neither vote nor hold office. I don't think there is therefore any question that corporations have a right to disseminate company positions on election issues and candidates to the electorate in advance of an election.

Furthermore, it becomes difficult to distinguish a corporation like Citizens United, which exists for political advocacy, a corporation like News Corp or the NYT which IS allowed to air endorsements for candidates via freedom of the press, and a company like Microsoft or Oracle.

However, just because corporations, like natural persons, might have a right to participate in this dialog does not necessarily mean that no laws can be passed to protect the marketplace of ideas from being monopolized by corporate voices in these important areas-- there is no interest that I can think of more compelling for the government than the interest in free and fair access to election points of view. However, such laws would need to be narrowly tailored to meet this very compelling interest. Blanket bans on electioneering communications are facially overbroad, however, and should be struck down.

This shouldn't be a question of whether campaign finance reform itself as a concept is Constitutional but rather whether this specific section of this specific act is. I believe that the court should and probably will strike this down, but I hope that it does so without unduly undermining the rationale of Austin v. Michigan Chamber of Commerce.

One important news topic for the last month has been health care reform. I have decided to oppose the bills presented because even though I could probably live with the Senate bill, the House bill is rather terrifying.

Unlike most opponents of Obama's health care reform package, I am not opposing the ideas of public plans, etc. Rather my problems are with details, such as the dismantling of state regulatory action regarding insurance, and so forth. The Obama approach means ripping out an autochthonous system and replacing it with an engineered beaurocracy which is expected to function right the first time, even though it was crafted and (if it passes) pushed through with an attitude that "you're either with us or against us."

The fact though is that we are better off approaching the health care problems in this country the same way we would an unmaintainable codebase for an amazingly complex software application. They suffer from most of the same problems, and both are amazingly complex systems. Expecting a new system to work from day one is out of the question.

A better approach would be to approch this through an incremental approach. The first year we set up bipartisan task forces to study the problem and come up with sets of recommendations. The next year one problem is addressed in one bill, is fully discussed and eventually passed in a bipartisan effort. The following year another issue is dealt with etc. Dividing a complex problem up into multiple babysteps is a widely used tactic in successful software projects, and it should be more commonly used in legislation as well.

Such an approach would mean slower change than Obama supporters hope for, but it would mean a better system would emerge. It is unfortunate that the current approach seems to be to create bills that will eventually fail in order to capitalize on the issue in future elections. We need some reforms. The question of which ones and how they are to work in exact detail needs a lot more discussion, however.

Ever since I was in grade school, I have had an unnatural love of paper airplanes, and ever since I was in 7th grade, I have designed my own models.

More recently, though, I have turned my attention to the most complex and challenging area: aerodynamically correct paper airplanes, which fly on lift generated by the Bernouli's Prnciple. While this is quite difficult, the planes fly in ways which are unusual in terms of paper airplanes, and can be extremely rewarding. This is a post to help show some elements of this discipline for others. If there is interest, I will add some photographs of some of my airplanes.

The first point I would make is that lifting bodies are the easiest aerodynamically correct paper airplanes to make when trying to build monocoque airplanes. This is because the simplest lifting bodies can be made out of differentially folded cones, are reasonably simple to make out of a single piece of paper, and don't require the more complex solutions to things like attaching wings.

The simplest lifting bodies however, pose a different challenge. While the center of gravity is reasonably far forward, the center of pressure is fairly far back, making the planes quite spin prone. I have found two solutions to this problem: either enhance wingtip vortices to create drag on the swept wingtips or fold the tips into non-lifting stabilizers. Non-lifting stabilizers have the advantage of causing less drag, but both types work (and fly remarkably differently). Both have the effect of robbing the wingtip of lifting action and thus move the center of pressure forward.

If trying to build fixed-wing aircraft out of paper, this gets to be a lot more complicated. My first few models flew reasonably well, but not great. Stiffness of paper, monoquoque construction, etc. are rather problematic when building larger airplanes with paper and there are other challenges as well.

The biggest challenge is how to attach the wings. Here is where I will let you figure it out :-)

First, a disclaimer: I don't work in aerospace fields at all though I do design aerodynamically correct lifting body airplanes.... A lot of the conclusions here are my research as a layman. Rather I am writing here to put theories down on paper, as well as weigh relative weights of the theories. Also, my heart goes out to those who have lost loved ones in this tragedy, and if any are reading this, I hope it helps put some of the media speculation in more context.

Now.... What is known: At 0200Z (GMT), the pilot of AF447 sent a manual transmission that they were flying through a storm system. This corolates well with Tim Vasquez's projections and analysis but is way off from the BBC's maps. The plane would have entered the backward edge of the mesoscale convective system (MCS) and would have exited the forward edge, where the storm cells would have been strongest.

At 0210Z, the plane sent a series of ACARS messages denoting a large number of failures from 0210Z through 0214Z. These messages are designed to speed aircraft maintenance rather than determine the cause of an accident so they lack certain details which are important in this case. At the moment, however, they are one of the more important sets of information which is publically known.

After 0214Z, no further details are known. The vertical stabilizer was eventually recovered, but it isn't clear where or when it broke off yet. Most likely the vertical stabilizer was broken off by sideways forces but at the moment it isn't clear whether this happened in flight or during impact.

Finally, we have the Air Comet pilot report where the pilot at 7N49W reported seeing a bright light in the distance following a vertical downward trajectory for six second. Due to the curvature of the earth, the Air Comet pilot was not in a line of sight to the AF flight. The AC pilot could have seen a meteor.

Theories and weighting (note the weightings could change rapidly with new information):

1) Initial messages caused by lightening strike. Probability low to moderate. A lightening strike to the Radome could damage Pitot tube systems, weather radar, inertial reference systems, etc. The lightening strike would have to enter or exit on the radome to cause this sort of damage. Such would seem generally unlikely due to the tolerances involved. The main reason to suspect radome destruction is that pitot tube icing itself can't explain the TCAS fault reported. However, the inertial reference units are near the pitot tubes so it seems to me that severe turbulance-related damage would be more likely. Recovery of nose section, radome cover, etc should be sufficient to eliminate or confirm this possibility.

2) Meteor strike causing destruction of radome. Probability: extremely low. This would have a similar damage profile to the lightening strike scenario if the meteor was small enough to avoid further damage but large enough to destroy the radome. Also unlike a lightening strike, these are not events which frequently happen. Recovery of radome cover should be abe to rule this out or confirm it.

3) Pitot tube icing resulting in unsafe speed of aircraft. Probability: Moderate to high. Pitot tubes are known to ice up in conditions where no liquid water exists. For example a 1999 meteorological flight reported ice and graupel from 18k feet upwards through 41k ft and the DC8 involved in the 39-41k ft. range reported pitot tube icing. This would suggest that pitot icing can occur from processes different from structural icing. That case is worth reading in comparison to the present tragedy because it is reasonable to see the storms in both cases as comparable (both were equatorial meso-scale convective systems). The problem though is that the TCAS (Terrain Collision Avoidance System) faults might not be explained by simple cases of pitot icing because that system relies on groundspeed and GPS measurements rather than airspeed indicators. However, if severe turbulance was encountered (perhaps exacerbated by the autopilot increasing thrust to compensate for low airspeed readings), this might be sufficient to cause damage to aircraft systems including the TCAS and the IR systems (more on that below-- note though that the IR Disagree errors occur the next minute suggesting that they probably occur after the TCAS fault). While this seems like the most likely explanation, barring additional evidence to the contrary, it isn't possible yet to suggest that this is entirely certain. All of the 0210Z messages, however, except the TCAS error could be explained by the computer recognizing bad input from the Pitot tubes.

After the initial incident, the ACARS messages paint a picture of rapid deterioration of the situation. At least one internal reference unit failed, and shortly thereafter both primary and secondary air control systems would have failed. It is unclear at that point whether the aircraft was in direct law, or on manual backup (which gives LIMITED use of the rudder and elevator trim). The manual backup systems of an airbus are not designed for turbulance or even landing (they are only designed to provide some troubleshooting time while a plane is in-flight).

The next question is whether the aircraft broke up on impact or whether it broke up in the air. At the moment, there does not seem to be sufficient information to say. The last message, indicating a fault with the pressurization system due to external pressure increases COULD indicate decompression at that point, but it could also be due to cascades of bad information from the Air Data unit or an actual increase of outside pressure due to a rapid descent (for example, after a mach tuck allowed to progress too far due to lack of inertial reference). While it is likely that more detailed analysis of the vertical stabilizer will help answer this question, it is too soon to say whether it disintegrated in the air or when hitting the water (or a mixture of both). (The vertical stabilizer appears to have been broken off bit sideways force but whether this was the result of a sideways crash or problems in the air is currently uncertain.)

All in all, this is my rating of hypotheses surrounding the crash.

At this point, the evidence is not sufficient to conclude much beyond this IMO. Unfortunately a lot of this has been the subject of wild speculation from the media. Such speculation probably does not help anyone who is in search of truth whether due to curiosity or loss. I hope my post helps clarify at least one layman's view of the evidence for any such folk.

I have decided that I think that it is necessary at this point to put my thoughts together regarding the GPL, and when licence violations can gain the force of copyright violation. I am not a lawyer, but this has come out of watching a number of cases, discussing the issue with a number of lawyers, and trying to understand all sides.

When a GPL violation case comes up, folks generally are quick to argue that it is definitely copyright infringement. Stallman has even argued that nVidia's drivers infringe on Linus's copyrights. While I think that a subset of GPL violations do rise to the level of copyright infringement, I think these cases are somewhat overstated.

The GPL, despite what Stallman says, is a contract in which both parties agree to abide by certain behaviors in joint interest. The contract is an adherence contract similar in force to a web-site's terms of service (where use of the good or service requires adhering to the contract) and the consideration found is in the requirement of equal access to pulically distributed code. The GPL is much more like a contract than are more permissive licenses, like the BSD license, because the consideration factor is quite a bit greater. For example, while the BSD license might be argued not to include consideration since the only requirements are those required minimally by copyright law (not stripping copyright headers) and (when distributed in source form), not making false claims about warranties, the GPL actually requires the licensee to share something further with the idea that it will be available to the original developer. "I will share if you will share" is consideration while "I will share, but don't say I am giving a warranty when I am not" might be argued not to be. Similarly, the 4-clause BSD license (with the advertising clause) isclearly a contract, while the two-clause BSD license might not be.

At the same time, it seems reasonable to argue that a contract violation regarding copyright terms could become a copyright violation if the behavior is sufficiently outside the scope of the license. For example, if I grant someone a license to publish five copies of my book for a flat fee of $20, and they publish 5000 copies of the book, that would seem to be copyright violation, not a mere contractual issue. At the same time, I don't think it is copyright infringement if there is a reasonable argument to be made that the contract allows the use, or if the difference is small enough as to represent an issue resolvable through contract dispute (you print 6 copies instead of five by accident, that should be a contract matter). And certainly a mere reasonable disagreement as to the terms of a contract should not subject the loser in the case to copyright infringement sanctions.

Lawyers in contentious cases tend to find as many areas to allege misbehavior and as many grounds for relief as possible. Consequently, one can expect that any case of stepping outside of the perceived boundaries of a license will be labelled as copyright infringement because of the chance that the court will find for the plaintiff on this matter. It is thus understandable that lawyers will raise this issue in minor contractual disputes for leverage.

One of the most interesting cases which provides a parallel currently is United States v. Lori Drew. In this case, the US Attorney involved is seeking criminal sanctions over terms of service violations on MySpace's web site. Lori has been convicted of three misdemeanor counts of computer hacking for violating MySpace's terms of service (and creating a fake profile). Currently the court is considering throwing out those convictions in a directed verdict motion. If not, the next step is the 9th Circuit Court of Appeals. The judge is obviously having a hard time with the ruling since sentencing has been delayed for a total of seven months while he considers the motion to acquit. The key element here from many who support dismissing is that web site terms of service violations should simply not be prosecutable as crimes. Many of us feel that turning any term of service violation into a crime is dangerous to our system of law, and the same occurs with any other adherence contract. To hold the GPL to a different standard than MySpace's terms of service just because we like the license is hypocritical and similarly dangerous.

What I would propose in these cases is the concept of a penumbra around contracts, where violations are merely contractual issues. The penumbra would be defined both in terms of severity of the violation and vagueness in the contract. Any reasonable argument that the behavior was allowed in the contract would be sufficient to place the behavior under the penumbra where contractual violations could not lead to further legal or statutory challenges, as would the argument that the violation was not particularly egregious.

Back to my book analogy... Suppose in addition to limiting the number, I also require the book to be distributed on media suitable for being input directly into a computer or an offer valid for three years to provie such. Suppose the publisher does this by typesetting the book in the OCR-B font, and arguing that this is suitable for optical scanning and therefore they have met their terms under the contract. I take them to court. I don't think the court should entertain the notion that there are copyright violations in this case because there is a reasonable argument to be made that printing the book in a medium designed for both humans and computers is allowed by the contract. If I ultimately prevail, it should be on intent of the contract, and it should be a contractual matter.

So the next issue becomes the question of whether the GPL can regulate bridges (via linking) between a GPL application and a closed source application. Stallman says such bridges (such as the LGPL components of the nVidia drivers) are not in line with the license. He raises arguments which seem to be similar in nature to the arguments raised by The SCO Group in their suit against IBM. The major questions are:

1) Does linking NECESSARILY imply derivation?
2) Is derivation contageous? I.e. if A is derivative of B, and B is derived of C, can we say that A is derivative of C without further evidence?

Regarding the nVidia Driver issue, the typical understanding is that nVidia has ported the core logic of their windows drivers into a module which is independant of the Linux API itself. nVidia then provides a Linux driver, under the LGPL, which links the Linux kernel and the closed source module together and handles how the Linux kernel interacts with the closed-source module. Assuming this is the case, it would seem that nVidia has actually fulfilled their rights under the GPL v2. The reasons are elucidated by a reading of various rulings in SCO v. IBM.

In SCO, the court ruled that derivation was not contageous, and that one must show a continuity of the expressive elements in order to find derivation. In short, if A is derivative of B, and B is derivative of C, in order to say that A is derivative of C, one must show actual structures in A that are derivative of structures in C. It seems unlikely, given the standard understanding of this case, that the nVidia drivers in fact are derivative of the Linux kernel in this way, so they are not bound by the GPL. Similarly, under the GPL v3, it seems to my mind that one could easily create such a bridge without running amok because one can add additional permissions to specific modules (or even license modules under more permissive licenses like the BSD license).

The second issue, however, is the question of whether linking is decisive in the derivation discussion is an interesting one and has been dealt with substantially in other papers (see previous journal entries for citations). The general attitude seems to be that linking does not by itself imply derivation though it could lend some weight to the idea, particularly where object-oriented techniques like inheritance are used. However, a lack of linking does not mean that a work is not derivative either, particularly in more expressive content such as game displays (altering a game display, however done, might well be seen as creating a derivative work).

However, even if such a view were to be frowned on by the courts, I would hope they would see reasonable arguments to the contrary as requiring damages based solely on contractual violations rather than copyright infringement. Either way, I think Stallman is wrong and is advancing some dangerous arguments which we are rightly wary of in different cases. The key issues for me are: 1) do most lawyers I know accept those arguments, and 2) would we feel differently if those arguments were being advanced against Free/Open Source Software?