
TPP could thwart computer security research and tinkering - walterbell
http://www.slate.com/blogs/future_tense/2015/10/15/trans_pacific_partnership_could_thwart_computer_security_research_and_tinkering.html
======
userbinator
This article brings to mind a noteworthy sentence from one of my favourite
short stories:

[http://www.gnu.org/philosophy/right-to-
read.en.html](http://www.gnu.org/philosophy/right-to-read.en.html)

 _In 2047, Frank was in prison, not for pirate reading, but for possessing a
debugger._

The more reality seems to inch toward the society of that story, the more I'm
convinced that we should choose the side of freedom, even if it means giving
up a little temporary security (to paraphase that famous quote.)

~~~
admax88q
It's not even giving up security. All we'd be giving up is some profits.

~~~
enriquec
The profits of few for the profits of many perhaps. Given that its thwarting
tech, net profit is definitely not the trade-off though - personal liberty is.

------
walterbell
The TPP vote may be delayed to reduce US election-time scrutiny. It would be
better for democracy if the TPP were placed under the spotlight of US primary
elections in early 2016, instead of a stealthy vote after the new president is
elected in November, [http://www.citizen.org/documents/tpp-vote-calendar-
october-2...](http://www.citizen.org/documents/tpp-vote-calendar-
october-2-2015.pdf) &
[http://thehill.com/homenews/administration/257065-white-
hous...](http://thehill.com/homenews/administration/257065-white-house-wants-
trade-vote-before-lame-duck)

 _“... aides in both parties believe the massive Trans-Pacific Partnership
(TPP) agreement will not be brought to the floor before the 2016 elections ...
Waiting until the lame-duck session could allow members to take a tough vote
on the free-trade deal without electoral consequences.”_

The text could be public soon, [http://www.politico.com/tipsheets/morning-
trade/2015/10/pro-...](http://www.politico.com/tipsheets/morning-
trade/2015/10/pro-morning-trade-behsudi-210744)

 _“TPP countries could release the final text of the agreement as soon as next
Tuesday — the day after elections in Canada — where the trade deal has proven
to be a politically charged issue ... The AFL-CIO, meanwhile, is demanding the
immediate release of the Trans-Pacific Partnership text ... "Creating a level
playing field for American workers includes equal access to information, and
the only way to ensure that is to ensure that all Americans have equal access
to the text — not in 30 days, after the public relations spin has been spun,
but right now."”_

~~~
mtgx
No way. Obama wants to pass it so it can be part of his "legacy". If anything
he wants it pass the day after the 60 days of scrutiny expire, to minimize the
debate about it and leave as little time as possible for protesters/opposition
to organize against it.

Also, if Bernie Sanders wins, he'll veto it. If Clinton wins, she'll "evolve"
once again on the issue, and pass it. If Trump wins, despite him saying he
doesn't like it he'll probably be convinced to pass it.

~~~
shmerl
Why would he want a legacy of pushing corrupted undemocratic agreements which
are clearly against society? It's like having a legacy of the biggest crook.

And in general, if he is leaving, why is he pushing it so much? Those who stay
in power might do it for corruption reasons (money and power they'll get from
those who lobbied for this garbage). But pushing for it when leaving is simply
weird.

~~~
MichaelMoser123
i guess Obama is mainly talking to businessmen, so its is the 'what is good
for business is good for america' mantra.

everything is moving to the net, so business wants to get money out of it, so
far they came up with two models to do business

\- surveillance as the business model of the internet

\- DRM lock in

and so it goes that we run into a big reversal: the internet, which is after
all a technology that promises freedom of information and transparency turns
into a tool that results in exactly the reverse.

~~~
shmerl
_> 'what is good for business is good for america' mantra._

Except what is good for one business can be quite bad for another. And DRM in
general is bad overall for business and economy (same as lock-in, growing
monopoly and etc.). So this mantra doesn't sound meaningful.

~~~
MichaelMoser123
but DRM is good for content owners and this is a very strong interest groups -
they don't mind that it kills opportunities for growth in the future; all they
care about is to turn their IP into something that results in a steady rent.

There is a major difference between a self publishing artist and a record
label; the artist is primarily interested in gaining a wider audience and DRM
is a hindrance here; the artist wants to increase his reach, he is less
bothered by piracy.

The record label however is very worried about piracy - i argue that your
position on the subject depends on your initial position in the hierarchy of
things.

~~~
shmerl
_> but DRM is good for content owners_

Not really. DRM reduces sales and end user reach. It reduces quality of what
they offer. Unless you define as "good" those reasons they really use DRM for.
And for sure none of them are good in general.

 _> they don't mind that it kills opportunities for growth in the future_

Then it's even more pointless for anyone to think in this context that "what's
good for business is good for America".

~~~
MichaelMoser123
Correction: they really mean 'what is good for big business is good for
america'

~~~
shmerl
_> what is good for big business_

I'd rephrase it. To certain legacy business which can't compete and instead
wants to use various combination of corrupted laws and lock-in to preserve
their control over the market. There as well can be big business which is hurt
by TPP and the like.

~~~
MichaelMoser123
but if Obama man is friends with this kind of business he is probably not a
friend of the small guy, isn't he?

------
ljk
This reminds me of a comment another user posted

> _But we need to take this seriously. I don 't want to live in a world where
> Google, Facebook, IBM, HP, Twitter, Microsoft, EMC, Cisco, Snapchat, etc.,
> decide what content I can consume, what programs I can run, etc. And I doubt
> most of you do either. _

Full comment:
[https://news.ycombinator.com/item?id=10397034](https://news.ycombinator.com/item?id=10397034)

seems like the trend is to make the devices we use as closed and locked up as
possible...

~~~
spenvo
One hypocrisy is that while the TPP aspires to more-perfect law enforcement
around copyright infringement (to be a shared responsibility between member
nations[1]), imperfect copyright enforcement has played a role in the success
of some products of the (now incumbent) companies. Most recently, in
Facebook's rise to compete against YouTube, "freebooting", a practice whereby
random Pages steal YouTube content without attribution, has been a major issue
that is only being addressed after critical popularity has been achieved in
Facebook video numbers. [2]

[1] - [http://thenextweb.com/insider/2015/10/09/leaked-tpp-
agreemen...](http://thenextweb.com/insider/2015/10/09/leaked-tpp-agreement-
requires-member-countries-to-honor-copyright-takedowns/)

[2] - [http://www.theverge.com/2015/8/7/9114149/facebook-
freebootin...](http://www.theverge.com/2015/8/7/9114149/facebook-freebooting-
video-copyright-infringement)

~~~
walterbell
There's a long history of pulling up the ladder of social mobility, after you
have used it to climb up,
[http://www.nytimes.com/2012/10/14/opinion/sunday/the-self-
de...](http://www.nytimes.com/2012/10/14/opinion/sunday/the-self-destruction-
of-the-1-percent.html?_r=0)

 _" Venice’s elites were the chief beneficiaries. Like all open economies,
theirs was turbulent. Today, we think of social mobility as a good thing. But
if you are on top, mobility also means competition. In 1315, when the Venetian
city-state was at the height of its economic powers, the upper class acted to
lock in its privileges, putting a formal stop to social mobility with the
publication of the Libro d’Oro, or Book of Gold, an official register of the
nobility. If you weren’t on it, you couldn’t join the ruling oligarchy._"

Many corporations did not have the opportunity to add their wishlists to TPP
negotiations, e.g. to use a trade treaty to hijack law enforcement to slow
business model competition and innovation in digital trade. These excluded
corporations have many reasons to oppose the TPP's _proposed_ entrenchment of
their competitors.

------
tptacek
Reprising a comment from the story on the original article this editorial is
based on:

The TPP is not itself a law. It's a meta-law, which commits its signatories to
enact actual enforceable laws based on the framework established in the
treaty.

No device can be destroyed "under the TPP". The TPP instead demands that its
signatories enact laws so that they have a judicial process whose remedies can
potentially include the destruction of devices. The TPP hasn't even been
ratified yet, let alone enabled by law.

This seems like hair-splitting, but I don't think it is. I think the question
of what impact TPP will have on security research depends entirely on what the
enabling laws for the TPP look like in each country. In the US, our laws
already cordon off security and interoperability research from anti-
circumvention enforcement.

The TPP itself also acknowledges non-infringing use. First, note that the Vice
article selectively quotes the leaked TPP text, which does not demand
destruction of "anti-circumvention devices", but rather of devices engaged in
prohibited activity. The TPP does not demand a prohibition on security
research. Further, the TPP earlier (QQ.G.17) binds each party to balance IP
law with fair use for criticism, comment, and research.

I'm not arguing that the TPP IP law is going to be a good thing for security
research. It probably won't be (at least, not outside the US). But it's too
early to know what it's impact is going to be, and certainly to early to say
that it's going to result in the confiscation of security researcher laptops.

~~~
belorn
Meta-law is what law writers use to justify writing the local law. In Sweden
we saw this promoted heavily in regard to data retention, where the law makers
explicitly said that we "had to do this" because the meta-law bound Sweden to
implement a compatible local law. If one party blames the local law, and the
other party blames the meta-law, then all we have is people pushing blame
without anyone taking responsibility. A way for me then to avoid hair-
splitting in this case is to blame both sides for the full legal change, as
TPP will be a law in itself for all practical and political purposes if it get
signed.

QQ.G.17 has no hard obligations, and is only a suggestion that nations should
"endeavor to achieve an appropriate balance". That is like me suggesting that
government should "endeavor to achieve a fair balanced budget". It doesn't
actually say anything concrete, dictate policy, nor impact the political
environment in any way at all. It's there to provide a good-feel nod, while
the law makers can focus on the actual TPP obligations. EFF remarked this in
their article a week ago ([https://www.eff.org/deeplinks/2015/10/final-leaked-
tpp-text-...](https://www.eff.org/deeplinks/2015/10/final-leaked-tpp-text-all-
we-feared)).

~~~
tptacek
Of course it's true that there's no hard obligation to enable security
research under new copyright regimes, but neither is there a hard obligation
to crack down on it.

What there is in the TPP is:

* No suggestion anywhere that security research involving circumvention should be restricted or regulated in any form

* Affirmative requirements that new copyright laws make room in some form for fair use, research, and criticism.

You certainly wouldn't get that impression from breathless secondhand stories
like this one.

~~~
walterbell
_> Affirmative requirements that new copyright laws make room in some form for
fair use, research, and criticism._

The Cato Institute's perspective,
[http://www.cato.org/publications/commentary/strong-fair-
use-...](http://www.cato.org/publications/commentary/strong-fair-use-
provision-could-help-balance-tpps-copyright-rules)

 _"... critics rightly point out that U.S. trade agreements fail to capture
the balance of creator and user interests imbedded in U.S. IP law. Trade
agreements have been a one-way street that set a minimum level of protection.
Limitations on creators’ rights—like fair use—are an important part of U.S.
law but don’t get included in the agreements alongside things like longer
monopoly terms and stricter enforcement.

... For example, the U.S. Copyright Office has proposed reforms to deal with
the growing problem of “orphan works”—works that are protected by copyright
but can’t be published because no one knows who owns the copyright. The
proposed reforms would limit the damages these phantom copyright owners can
claim from infringement after such works are published. That proposal is
potentially barred by draft language in the TPP requiring the availability of
full damages in every case."_

EFF and others addressed the USTR on Orphan Works,
[https://www.eff.org/deeplinks/2015/08/users-ustr-dont-
sign-a...](https://www.eff.org/deeplinks/2015/08/users-ustr-dont-sign-away-
our-ability-fix-orphan-works-problem)

 _" EFF has joined as signatory to a letter that calls on the U.S. Trade
Representative not to agree to any provisions in the TPP that could prevent
Congress from enacting fixes to address the orphan works problem. Other
signatories to the letter are Authors Alliance, Creative Commons, Knowledge
Ecology International, and New Media Rights."_

The final TPP text? Orphan Works ignored,
[https://www.eff.org/deeplinks/2015/10/final-leaked-tpp-
text-...](https://www.eff.org/deeplinks/2015/10/final-leaked-tpp-text-all-we-
feared)

 _" On damages, the text (QQ.H.4) remains as bad as ever: rightsholders can
submit “any legitimate measure of value” to a judicial authority for
determination of damages, including the suggested retail price of infringing
goods. Additionally, judges must have the power to order pre-established
damages (at the rightsholder's election), or additional damages, each of which
may go beyond compensating the rightsholder for its actual loss, and thereby
create a disproportionate chilling effect for users and innovators.

No exception to these damages provisions is made in cases where the
rightsholder cannot be found after a diligent search, which puts the kibosh on
ideas for the introduction of an orphan works regime that would cap remedies
available against those who reproduce these otherwise-unavailable works."_

~~~
tptacek
No part of this addresses anything I just wrote. Please don't use me as a coat
rack for your politics. I'm happy to discuss the actual language in the
treaty, though!

~~~
walterbell
You don't consider Orphan Works to be subject to Fair Use?

~~~
tptacek
This comment is _doubly_ a non-sequitur, since nothing I've said anywhere
would give you evidence about what I believe about fair use, and orphan works
have nothing to do with this thread --- the term appears nowhere in the Slate
story, and, speaking as a security researcher, has very little to do with
security research.

Moreover, the part of your comment concerning orphan works was added to your
comment, without remarking about the update, _after I wrote the comment you
just replied to_.

Please stop doing this.

(I fleshed this comment out after writing it and then noticing that you'd
asked me to respond to an edit you wrote after I wrote my comment.)

~~~
walterbell
Sorry, I did not see your response until I had finished writing/editing my
incomplete comment. I'm on a mobile device and editing is slow and requires
partial saves, in case the browser flushes the tab from RAM. There are three
quotes on Orphan Works, the first one was there from the beginning, the other
two were added as fast as I could.

------
twsted
I liked this concise definition of TPP n the article:

"it is little more than a daisy chain of corporate favors in the guise of
removing trade barriers"

------
tetrep
> even if it means giving up a little temporary security

While I appreciate your attempt to tie in the quote, in this context it's
actually greatly improving security. In the short term, yes, attackers will be
able to exploit things, but in the long run, you actually have people
discovering and reporting security issues so they won't be exploited. I think
software security as a whole as benefited greatly from the openness of the
community (this is most easily seen with respect to cryptography) and it would
be a shame if laws pushed parts of it underground.

------
kartan
This is another step towards "the citizens are evil companies and governments
are good" philosophy. There is no moral nor economic reasons to go that way
(btw is the other way around). Only greed and stupidity can explain the
current political trend.

~~~
gjm11
Just in case anyone else mis-parses that the same way as I initially did: I
take it the words in quotation marks are intended to be interpreted as "the
citizens are evil; companies and governments are good" rather than "the
citizens are evil companies, and governments are good" (which is more
defensible syntactically but doesn't make much sense).

~~~
gjm11
If whoever downvoted that would care to explain why, I'd be interested. I
_thought_ I was providing a potentially-helpful clarification of something
easy to misunderstand. If in fact (e.g.) I completely misunderstood what
_kartan_ meant, or was rude in some way I still can't see, it would be good to
know. Thanks!

------
zobzu
Always the same though. This one might be too big to pass right now but
they'll keep trying until something passes. Then something more, then more,
then more.

It always works, until people start killing each other - literally - then it
resets, and the loop of history starts again.

------
PythonicAlpha
The main reason: With all these treaties, the world is going to be gradually
reshaped into a world optimized for corporation profits. In such a world,
humanity and personal rights (of the less than billionaires) are of no value
(your value to society is calculated by your bank account and potential to
"invest"). Instead of human rights, the "right for profit" for the
corporations is established (nothing else are those courts of arbitration,
that shall be established for example with TTIP).

When you want to see the end-result: Just watch the classic "Blade Runner"
(and open your eyes between the action sequences).

------
tacotuesday
The POTUS already took sides and handed Apple a "get out of jail free" card in
Apple vs Samsung.

[http://www.bloomberg.com/bw/articles/2013-10-08/did-obama-
ju...](http://www.bloomberg.com/bw/articles/2013-10-08/did-obama-just-pick-
sides-in-the-apple-samsung-patent-war)

Does this agreement do anything to address the double standard? Is a local
dictator still allowed to overrule whatever findings a court makes?

I really don't see how this chapter will be enforceable. If it isn't
enforceable, it's hardly free trade. We just enter an era where tariffs are
now decided by a court and approved or denied by local government. Much more
uncertain and potentially much more expensive that way. "Oh, you sold a bunch
of phones? Well, now you owe us a billion dollars. Didn't plan for that?
Sorry, take it up with a judge."

------
igorgue
Seriously TPP is everything this year even a video game:
[https://en.wikipedia.org/wiki/TPP](https://en.wikipedia.org/wiki/TPP)

------
wiz21c
Ineterstingly all of the people who used Apple, Microsoft, Google, etc.
products actually gave those companies enough power to build up such a deal...
We're collectively responsible :-(

~~~
wooter
None of them can enforce any of this. Its government. The institution we all
have to give money to. Also, the impression the EFF articles gave was that big
tech was against much of the same clauses the tech community is.

------
nitin_flanker
So, in short,we can't modify anything if this deal gets through.

------
z3t4
So who would buy electronics that would destroy itself if you analyzed certain
software?

~~~
ptaipale
Lots of people. Lots of people also buy electronics that have such poor-
quality electrolytic capacitors that they will self-destroy in five years,
even if rest of the device lasts much longer.

~~~
z3t4
That's a good example. That people will buy them unknowingly. But we can avoid
that by informing.

I don't think any brand willingly put bad capacitors in just so that their
products can self-destroy though?

~~~
ptaipale
I think this actually is at least semi-conscious/willing. Better capacitors
cost a few cents more, but not that much more. But if the equipment is
discarded after a few years, perhaps the manufacturer can sell a new one.

Just recently observed this in a ten-year-old Viewsonic LCD monitor: the power
supply capacitors needed to be changed, then it was OK again. It's a
relatively simple repair operation if you know how to solder.

------
faragon
In my opinion moves to global unification are unavoidable. Free trade also
makes the world richer _and_ better. Against the TPP there are justified
complaints, that must be addressed (e.g. individual freedom), and others that
are plain anti-capitalist propaganda.

One world, with freedom and abundance for all.

~~~
beedogs
The "abundance" in your world is limited mostly to Western nations and comes
at the expense of everyone else.

~~~
pjc50
Not just "Western nations", but western companies. And by western companies, I
mean the Cayman-registered holding companies that record all the profit for
multinationals.

And perhaps a few billionaires as well.

~~~
ionised
This is the kicker.

It's not even the average working person in the West that will benefit, it's
big business.

------
thomasrossi
The proposed approach is allarming in a way, but if you see it in a unit test
way, it is ok as long as there are sanctions on the provider when a client
realize (using input and output) that the software is not running as
advertised

------
loaaa
maybe the best solutions for computer security or network security is to make
everything public

nothing to hide, nothing to lose

------
AC__
Festering piles of globalist shit, such as this, don't just disappear.
Everyone deluding themselves into believing TPP isn't going to withstand the
"scrutiny"(I think we can all agree I'm using this term VERY loosely) of
partner nation's respective legislative bodies needs to take an HONEST look at
geopolitical history. They didn't negotiate this deal for 5 years, cloaked in
secrecy, to let a little thing like feigned democracy stop it. The era of
(somewhat)open access to information and free speech that we've enjoyed in
North America seems to be drawing to a close.

I realise this is a very cynical comment, but I honestly don't believe even a
sufficiently motivated populace would have any recourse at this point.

~~~
walterbell
Narratives of doom can lead to paralysis. Better to remember that the past is
reversible by action, as described in this review of Public Citizen's yeoman
effort to raise TPP awareness and decipher the implications of draft texts,
[http://www.hightowerlowdown.org/stopTPP#.VhmJ-
sT3arV](http://www.hightowerlowdown.org/stopTPP#.VhmJ-sT3arV)

 _" Enlisting a core band of labor, environmental, and community allies, the
dozen trade-watching stalwarts at Public Citizen divided into five teams and
went after the Brobdingnagians of global corporate power ... it's important to
spread the story of the progressive coalition's successful confrontation with
the Global Goliath. Its methods and achievements give us a new template for
organizing (and winning) future populist challenges to the corporate order.
And the breadth, depth, and intensity of this effort show what it will take to
forge a real populist movement--multifaceted and with the long-term capacity
to pursue our country's deep democratic principles. We can get there if we
build on what we learn--and keep pushing."_

Do you remember Jon Oliver's video on tobacco lobbyists suing Australia for
plain-paper packaging,
[https://youtube.com/watch?v=6UsHHOCH4q8](https://youtube.com/watch?v=6UsHHOCH4q8)?
That ISDS video got so much attention that the TPP _excludes the entire
tobacco industry_ from suing government with lawsuits like
[http://isdscorporateattacks.org](http://isdscorporateattacks.org).

To slow/stop the TPP, public interest stakeholders need to lobby corporations
to take a stand and declare their position on freedom of speech, freedom to
tinker, freedom to compete against all business models. Wikipedia can go dark
for one day a week, to raise awareness of the TPP. If the TPP passes, it will
be easier to censor future online protest and raising of awareness on any
issue. If the Web as we know it is about to change, now is exactly the time to
use the Web in its own self-defence.

