I'm curious if it was related to the file name. I created a few 1-byte files with just "1" in them, with different names, including "output04.txt". No problems so far. Also uploaded variations with "\n" and "\r\n" after the "1". And enabled sharing to anyone with the link. No issues so far.
Google drive does support metadata like a description and comments. I wonder if someone posted some copyrighted text in a comment?
Update: Recreated it. Most of them are now flagged. Took about an hour for that to happen. So far, all that have just one byte, being a "1", and also the one that contains "1\n".
The one with "1\r\n" hasn't been flagged. The file names of the flagged files: "one.txt", "onev2.txt", "output04.txt" and "output05.txt".
Screenshots of the email and Google drive: https://imgur.com/a/RHnEJcj (note the little flags on the Google drive view, and the file sizes)
Just added some files with "0" and "0\n", we'll see if "0" is copyrighted :)
Just tested this myself. Got the same results as you while using different file names.
Difficult to believe that Google has become so internally dysfunctional that it hasn't fixed this technical embarrassment twenty hours after first being being seen, and then five hours after being reported on front page of Hacker News.
At the scale at which Google operates, even if they fixed it within a minute it probably takes some time to test and roll these things out.
Sometimes I wonder if people think that infrastructure for billions of people is some sort of magic where you push the fix button and magically everything's solved across the globe.
Google cannot have it both ways though. They have a habit of completely restricting all ways of appealing or contesting these issues ostensibly because they think their tech is so good that it isn't required (at least in the vast majority of cases), and yet we have people permanently locked out of their personal and work GMails for months on end (or indefinitely) and now being accused of copyright infringement for the digit "1", with a bold assertion at the end of the email saying "This restriction cannot be reviewed".
Google's become so big that collapse/disruption is inevitable.
>They have a habit of completely restricting all ways of appealing or contesting these issues ostensibly because they think their tech is so good that it isn't required
Are you sure it's not just because providing them would cost money?
They'll certainly cost money. Can they afford it? Yeah, they can.
I think the issue is that Google thinks that operational scale is what defines the correct solution- even when they are not at the scale that requires the solution they are using. They seem so enamored with operating at stupidly high scale that they don't realize they actually can afford to do this right, and if they did that while being mindful of scale, they would be much harder to displace than they currently are.
I'd have more sympathy if it weren't "A review cannot be requested for this restriction." It's designed to be as brutal and draconian as possible. They chose this. It is guilty until proven innocent, with no recourse.
Sometimes I wonder if people will excuse anything Google does that hurts people and assume it is some sort of magic to not choose to do that.
That's what Goolag does for quite a long time already.
Changed IP address? Goodbye mail. Know your password? Still no. Know your secret answer? They laugh at you. Out of options? Sucks to be you. We don't care if you're in a different country or having an emergency. Google is just plain evil.
I remember interviewing at Amazon (this was 2009) and being told that any engineer could deploy to the main site at any time. The thought terrified me.
A product manager with an MBA will argue this affects only a handful of customers, mostly non-paying, so fixing it should sit at the end of the backlog.
Is that wrong? How many outraged people here are going to stop using paid-for Google products because of this? (people who didn't stop using paid-for Google products for all the times this kind of thing happened before). It's approximately none, isn't it?
The problem is that it hurts the perception of Google, particularly for enterprise customers. If the perception is that Google is unresponsive and gives customers no recourse to address obviously incorrect behavior of its automated systems, it makes it harder for enterprise customers to trust Google with their workloads.
A one off bug like this isn't the end of the world, but it fits into the larger pattern of how Google operates.
Yep, I've been in a position to choose cloud providers before, and I wouldn't touch Google with a ten foot pole (it's basically AWS or Azure in my mind).
I'm already unhappy with the level of control they already have on my life (Gmail and Android).
It’s a broken window. Is a perfect example of the craziness of the current state and approach that even the Everyman can understand and be surprised/question/have negative sentiment about.
The MBA thinking ignoring intangibles is exactly the problem, trading short term win for long term loss. Will it actually matter in the end? Probably not and the cycle will continue..
But why didn't you do that all the previous times?
- 13 years ago: https://news.ycombinator.com/item?id=350968 "On friday I woke up to find my google account had been disabled. No gmail, no adsense,adwords,webmaster tools,blog etc etc. No reason given. I've filled out the forms, got an automated response which is totally irrelevant"
- 10 years ago: https://news.ycombinator.com/item?id=4013799 and it was happening often enough to be a meme then with people saying: "And this time I'd like the outcome of this thread not to be just "A Google insider wandered past and fixed this guys problem" but "Here's how we're going to make sure it doesn't happen again." and "This is a general problem with Google and their customer-no-service attitude. It's just deplorable. It really is. You have to wonder: What is it going to take for them to give a shit and actually do something about it?"
- 5 years ago: https://news.ycombinator.com/item?id=13874778 "We accediently created a personal google account using G Suite's main account, and without any warning Google just removed all of our access to a very sensitive data for our organization."
- 3 years ago: https://news.ycombinator.com/item?id=20203482 "SIM swap horror story: I've lost decades of data and Google won't help", comment: "Google really fails hard in the face of providing support when issues like this occur."
That's a quick search of "help google account" in the HN search down at the bottom of the page, just submissions not comments. Comments immediately comes up with "Xoogler here - actually we used to say "if you are not buying advertising from us, Google can't help you at all"." - joering2, two days ago.
Or this anecdote: https://news.ycombinator.com/item?id=30053549 steelframe is telling about Google "After they hung up on [a paying customer] 3 or 4 times, eventually a manager got on the phone and told him (between his screams), "Look, you're not getting any phone support because it doesn't exist. There's nowhere for us to transfer you. There's nobody who can call you back about this. Your only option is to search the forums for an answer to your problem. I am going to terminate this call now. Sir, I'm going to terminate this call. No, we can't help you. Nobody at Google can help you. I am terminating this call now. We asked you to stop calling this number. Do not call us again. <click>""
And don't forget https://killedbygoogle.com/ for products people liked which they shuttered because reasons, most commonly exemplified by Google (RSS) Reader 9 years ago which still comes up in comments present day.
Well, GOOG's share price has tripled in the last 5 years, so that's how much people are staying away from them as a result.
Happened to me a few times, lost all mail accounts (I didn't have too many) because I cannot login from old ISP IP (it probably doesn't even exist anymore).
People don't realize what dystopia they're signing into until it's too late (
Android forces people to create G-accounts without real need, that's why their user base is growing. (
I assume 99% of googlers are juggling production issues. Maybe the rest are supporting the ad platforms, as the public facing applications have been fairly static for years, aside from moving the comments on youtube to the top and bottom and back up to the top again.
I wish they would finish the thumbs down functionality in youtube music or look at WearOS once in a while (150000 one stars reviews LOL).
Some may say 'you get what you pay for', but after a few paid google gapps accounts getting locked out lately for no good reason, I'll be moving and not paying anymore after drawing a blank from support.
That is what I saw, I can still access the file. I do wonder, though, if there's some threshold of flagged files where they suddenly enact some other punishment.
I'm sure that right now, competitive YouTube scam artists are sending competing channel owners files with just "1" in them, in the hope they get their Google accounts machine-deleted and their youtube channels taken down with zero recourse...
Haha wow. In another testament to the times, the length of yesterday’s satire seems as long as todays “long form”, and much more developed than todays two line satire “articles”. /end soapbox
I mean, it's not A Modest Proposal, but Onion articles are still actually article length. I know most people just read and share the headline, but they're still taking the time to do full write-ups.
Careful there. My law firm in east Texas happens to own the patent rights to a system and method of concatenating a plurality of 1s and 0s for the purpose of generating an encoding of a creative work, and as such you are in peril of infringing on one of my claims with your concatenation of 1s and 0s!
FYI while Drive and YouTube's Content ID systems operate based on copyright, they are not entirely bound to it since they only actually have to comply with DMCA requests (barring any lawsuits that claim Google has the resources to create automated copyright detection systems[0]). Even when claiming copyright, they can remove and block access to content for any reason they want legally.
They theoretically are based on copyright, but in practice the way it works is a few trusted entities are allowed to submit content and claim it as their own. If you have access to a Content Owner dashboard, you can claim literally any content you want from there- you'll just be putting your access to that dashboard at risk if you claim content that isn't actually yours to claim and Google gets wind of it.
This is how movies and music are added to the system for copyright enforcement purposes- they are effectively uploaded to YouTube and never published (this is called an "asset" in Content Owner parlance)
People have posted recordings of typing on keyboards so they can file claims and steal ad revenue from anyone whose video has the sound of typing. People are exploiting the bugs in the system.
Youtube's Content ID system is an artificial substitute for actions based on copyright law like DMCA takedowns, because actions based on copyright law have forms and procedures and you need to pay a lawyer to review them. Youtube's system is designed to be so generous to established content owners that they prefer to use it over legal filings, and to have very little recourse for appeal when a video gets taken down.
Not sure if prior art is relevant, per se (usually quoted in the context of patent law but IANAL), but, certainly, any copyright has expired by this point.
Seeing as the default font used by google's file reader is Roboto and that typeface has only been around since 2014, so my expression of 0 using Roboto is copyrighted 2014.
I do not know how any of you _hackers_ stole my original work, and I certainly do not authorize it's use. Immediately send me your full name and address so that I can have my lawyers contact you.
Exactly my thoughts. I'd not want to risk angering the Google gods with this experiment, considering your account can be disabled by yet another automated system with no way to contact a human.
Better do it from a burner device on a burner internet connection, to prevent Google from detecting any link between your burner account and your real account.
I don't know about US lawy but in German law there is a requirement on some originality. ("Schöpfungshöhe") The barrier is low, but a 1 certainly doesn't receive the protection.
Yep. A HN comment a couple of sentences long, OTOH, is probably just on the threshold where whether it counts as a protected work depends on just how “unique” the comment is.
This is the sad way of things now. Only those with a large enough megaphone get support. I'm in a battle with Cash App support and the only way I got my issue escalated was to find the personal cellphone of a manager there and call him. This is not how things are supposed to work :(
This is relatively new then. As part of some testing last summer for how to handle a migration from one Drive to another, I generated a folder that had I think 10k files in it. They were all named 1.txt, 75.txt, 8492.txt and their contents matched the filename (i.e. 1, 75, 8492). They never got flagged for me. That was for a Google Workspace account, though, and they were deleted a few days later once I was done with the tests.
I did notice it flagged "1", "1\n", but not "1\r\n". Then, it didn't flag "0", but did flag "0\n". So line endings seem to matter as well, but not in some consistent way.
Another bunch of numbers got flagged (186, 451, 336, 173, 266). I deleted the experiment, just in case I got my account deleted for too many naughty numbers.
Things are getting out of control. Reason has left the building.
Here for instance is a clunker I've had from Cash App support (I'm disputing a package I never received which was returned to the merchant and the merchant won't answer any communications):
"M.J. from Cash Support once more. To be clear, I am not misunderstanding the location of the package at this point, and understand that it has been returned to the sender now.
...
As I mentioned in my previous message, should FedEx update their delivery information to indicate a non-delivered status, we can then process a dispute on your behalf. You can reply back to me here directly should you file the missing package claim with FedEx, they conduct their investigation, and update the package status to reflect non-delivery. At that point we can then move forward on getting a dispute processed for you."
LOL. They know the package has been delivered back to the merchant but they still want me to file a missing package claim for it. The absurdity of the situation is lost on them. All these large companies hire now is soulless drones with no mind of their own.
"Follow the script on the screen, never deviate, even in the face of absurdity. Forever onwards, loyal drone."
It may take some time for it to index and check the file, youtube for example takes ages to process video, I would imagine google drive is lower priority. Check back in a week or two and see if it changes.
Na, it’s gotta be something dumb on the big G’s part. I bet their unit tests for their DCMA search have test cases with simple files like 1 and 0, and those cases are just put into the “copyright” database.
When the number of hash values (at least 2^128) exceeds the number of atoms in the observable universe (10^80), it's never going to happen.
... unless the hash function is broken, in which case it's not cryptographic anymore. Note that the birthday paradox doesn't apply when one of the inputs is trivial.
Just because there are a lot of possible values doesn't matter. There are also a lot of possible pieces of data that could be fed into the hash function. In fact, an infinite number. Which is larger than 2^128. Unimaginably larger. Collisions will happen. Sure, intentional collisions might be next to impossible, but collisions will happen.
Consider a piece of data that is 128 bits long. There are 2^128 possible values. A 128 bit hash function will either yield a unique value for each possible data value (which will exhaust the entire range of unique hash values), or you'll have a collision. Now, lets add in pieces of data that are 129 bits (or any other length) as well - you'll have a collision immediately.
h(1) == h(some_real_data) does not have to happen at some point. Collisions are unavoidable, but the point of a cryptographically secure hash algorithm is to ensure that for all h(x) == h(some_real_data), there are no values of x that can be found by brute force, or by cleverness either for that matter.
Of course, it’s always possible that the particular hash function used could be hilariously broken…
Perhaps I'm misunderstanding you, but doesn't the existence of collisions guarantee that h(1)== h(some_real_data) unless the hash function is hilariously broken?
Cryptographically secure hash functions state that it's unlikely to occur, but the fact that you can take data a greater size than the output will guarantee that you'll have collisions. If you have collisions and the hash function is generating output that is uniformly distributed across the possible output space, you will hit h(1)==h(some_real_data) at some point (edit: given that "some point" is a mathematical concept, not an actual point in time. Of course, there's no guarantee that we'll ever get collisions for hash functions with massive output spaces. But I'd argue that's a limit of computing, not of the math behind the functions themselves)
I really want to think there is few people left out there leaving their 0’s and 1’s unencrypted in the cloud, I hope this post gets enough hype to solve the problem
AFAIK the copyright scan only happens on files shared from certain types of Drive accounts, the assumption presumably being that while Google doesn't know or care if you have rights to possess data, they can be reasonably sure you wouldn't be using Drive links as the means of distributing many well-known files (video, music, software, mostly) if you had rights to do so.
How far Artificial Stupidity runs into the weeds from that basically sound beginning appears to be "still farther."
FYI Drive also does scans (configurable on business accounts) for data such as likely accidental PII disclosures on shared data, and anti-malware checks on at least Windows and Mac executables, installers, and dmgs.
What is the best in class cloud drive software which doesn't do this? I feel like Dropbox is a bit more selective, but without going into the Megas of the world, there doesn't seem to be a good file share with solid end-user desktop sync.
Honestly, when I read a few months ago that Google was scanning Drive for illegal files (probably only when shared but unconfirmed) I decided to back out of Drive, and I figured that all the other big/reputable players are doing it too so I've gone back to a portable hard drive.
Maybe B2? It's not something I have to looked into extensively. My needs for sharing data from GDrive are limited and if there is data I don't feel like google automation getting at I have it encrypted via rclone mounts.
Just tried that, and I get a "request a review" link. Interesting.
"Unable to share
This item may violate our Terms of Service - Request a review"
Clicking on it, though, gives no joy:
"451. Sorry, Google is unable to process your request.
This item was taken down for legal reasons and cannot be appealed. Please visit the Legal Removals Requests page for more information."
What if I comment on some file with some copyrighted content in the text, just implying something about that IP, with the copyrighted text in my comment? How can this be infringement?
All software has bugs; I'm not mad at all that this silly test case was flagged incorrectly. The truly infuriating part is "A review cannot be requested for this restriction."
Translation: "We have no idea if you actually own this content or not, but it would be _way too expensive_ for us to find out for sure! So you're out of luck, but don't worry — it's all worth it so we can make sure children can't stream Marvel movies from Google Drive! Thank you for your contributions to Disney+'s bottom line."
Disney robbed us, our children, their children, and possibly generations beyond that with their more-than-a-century copyright terms.
I thought about posting this comment the other day and decided not to, but your mention of Disney+ stirred the idea in me again.
We have so much modern media about Dracula, Sherlock, Cthulhu, etc, a thousand flowers bloom... new movies, new games, new art of all kinds.
Disney & friends stole that from us. We won't have a million new takes on (for example) The Hobbit for decades because of them.
We have copyright terms of up to 120 years... stuff like Pong was made before I was born and won't be public domain until long after I'm dead.
Disney kills culture by ensuring that by the time the copyright expires, no one cares anymore, because no-one was exposed to it in the many decades after it's initial-release profitability (think abandonware, not-in-print books, etc). I think this is true for 99.999% of all works, not the outliers that the corporation milked for a century or more.
It also manifests in other strange ways that I'd summarize as killing our culture. Think of nursery songs as an example. Recall Little Miss Muffet sitting on a tuffet eating her curds and whey. I mean what is a tuffet, who eats curds and whey? The reason we don't have nursery rhymes in present day is that any of those songs are wrapped up in copyright and can't legally be shared.
The only saving grace about your Pong example is that game mechanics aren't copyrightable, so we thankfully have countless clones of Pong to play. Interestingly the same doesn't apply to Tetris, for some reason EA seems to have been able to succeed in largely removing Tetris clones.
There was an was an incident with Games Workshop and fan animation. Games Workshop has set up their own animation studio and decided to go hard against the fan community that grew around the setting.
The whole incident made me mad, sure. But what it really made me feel was disenfranchised under the regime we live, as it is.
We... are not allowed to LIKE things, unless we do so under a capricious mega corps terms. And whatever release valves our society have are guarded behind financial, logistical, legal barriers, that are just inaccessibly to all but the largest fish with the most to lose. The fact that you like something is and can only be, as far as our culture is concerned, an asset to some corps bottom line. That's it. You're chattel and chattel only.
Sit there
Consume passively
Do not do anything.
Every time I see a thing that I like, this thought just stews in the back of my mind. Fandoms are cattle pens. Liking things is a mistake.
Kind of funny that you mentioned the Hobbit, given that half the fantasy genre is takes on LotR with the serial numbers filed off. So people have found some partial workarounds.
Except... Disney heavily relies on rehashing old ideas from the public domain. That same public domain that they fight against. If the Brothers Grimm were still under copyright, would Disney even have been started?
Huh, Snow White (1937) was released 74 years after the death of Jacob Grimm (1863). Didn't Disney lobby for the extension of copyright to 70 years after the author's death? I wonder if that's why they decided on that number.
That's not how culture works. Nothing is truly new and most creative works have been variations on those that precede them. The obsession with originality is remarkably recent and doesn't withstand much scrutiny.
It'd be nice if the law had a escrow appeal process. Alleged violator now posts a $100 escrow, now accuser has to do the same. Then Google reviews it, makes a decision, and loser has to pay for it.
It should be the other way around. The claimant must "bet" $100 that he owns the copyright. Then the defendant can call the bluff and say "I raise $100000 that you do not in fact own this output04.txt file with a 1 in it". If the the claimant still thinks he can win he can call the $100k and prove ownership. Otherwise the defendant just made $100. How cool would that be?
An observation made by shrewd businesspeople throughout history is that you can only trust money. No amount of words, documents, statements, etc... matter unless someone is willing to put up real cash. If there are no consequences, then by definition misdeeds aren't punished and will be effectively incentivised.
E.g.: You can trust a legally enforced warranty with full refunds guaranteed by the government, because it costs real money to the manufacturer. You can't trust a "Best Quality!" sticker. It basically costs nothing. It's just words.
Copyright protection laws are the same kind of thing. While the marginal cost of enforcement is zero, there is similarly zero incentive to do it correctly and respectfully of the law.
If there was enforced financial penalties for each screw up, then it is assured that any errors like this will be ironed out very quickly.
> Then Google reviews it, makes a decision, and loser has to pay for it.
I'm afraid they'll have incentives to automate that review, and then simply repeat that you can't appeal. Now you still can't access your file AND you're out of a $100 :-/
A legal requirement to provide an appeals process for automated decisions would be a good step.
Many places have restrictions like that for limited things like loan decisions, but it's about time to start forcing companies to provide a manual appeals process for other types of decisions that can significantly affect people.
Not just own, but you can't even license the use of copyrighted works because even if you were somehow licensed the automatons will take over and you'll get flagged off the internet anyway.
We've gone from copyright as a mechanism for sharing works and licensing others to a situation where there are the in-group, the big media corporations who are allowed to license and remix content, and a sub-class who essentially are not.
I experienced something similar building an internal tool on GSuite. I had a large file with sequences of 9 digit numbers specific to our use-case, all tied to names of people (employees). Whelp, at one point the tool I was working on stopped working, and it was flagged as apparently containing social security numbers (which I suppose matched the character length).
Whelp, on the admin panel, you can get a report of those files, and then mark it as a false positive. Which I did. But then nothing happened, and nothing changed. It was no use.
The hilarious bit: It did, of course, allow me to make a copy of the file in question, and then just point the resource I was building to the new file, which was exactly the same. Weeks later... so far, so good.
This isn't some default thing on G-Suite; its the DLP setting which enterprises can elect to toggle on, if they pay for the most expensive G-Suite plan. It also, afaik, only applies to shared files.
It does not work, in such a myriad of ways that I'd be blown away if it wasn't just some summer intern's project three years ago and it hasn't been touched since. But it does check boxes for audits. And enterprises don't care about actual security, they just want to check boxes for audits.
Oh to be clear, this has nothing to do with the original submission; that's a false-positive copyright issue which is global and probably applies to personal accounts as well as G-Suite. That cannot be turned off.
DLP (data loss prevention) is a different feature for enterprises, which is specifically related to the social security number thing. It "protects" (poorly) against leaking lots of different classes of data from GDrive, but it doesn't do copyright, and it is optionally enabled by enterprise IT for an organization.
Should, yes, but in practice not really. I'm talking more about employee information.
You need it for tax forms, background checks, citizenship queries, sometimes bank information, etc.
So your options are:
1. Store them locally on a computer. Typically on some old windows 7 machine in the corner that hasn't been updated in some time.
2. Store documents physically. Which will either be scanned onto random computers belonging to whoever needs them to be sent through probably insecure mail servers.
Or worse, your boss taking a picture of your form and sending it to people that way, leaving the form on their phone.
3. Some other online storage like whatever M$ is offering
4. Use google and somehow store SS#'s somewhere less secure, or obfuscate them in a way no one but a few people will understand and hope they don't block any other files you upload.
Businesses have been deciding how to manage these things since the start that work best for them. Having google force you into procedures that might not work for your use case is annoying at best. And they obviously don't know best if they have issues like in OP's post.
It's like they take away your gun so you can't shoot yourself in the foot, then fires it at things it thinks are problems hoping not to hit your feet.
And what's a few toes to a company the size of google?
If using public storage is absolutely unavoidable, I train people to use password-protected archives like rar or 7z. This way the content won't be indexed and less likely to be used by attackers.
Why? You can figure out someone’s SSN if you know where they’re from and what their birthday is. They’re highly predictable - particularly given that you’ll often see the last four digits as the “obfuscated” version in lists etc, and the first three are state, and the next two are based on when they were born. Put the two together, and job done. They’re effectively public data. The fact that they’re used as a magic security number/identifier is frankly mind-boggling.
Which is a problem of its own, since they're effectively usernames.
Secure usernames that have no corresponding password is already an oxymoron; that's what credit card numbers used to be, hence the introduction of the CVV, 3DSecure and so on; but at least a credit card can be blocked with relative ease. But SSNs are secure unchangeable usernames, which makes even less sense.
Do any countries other than the US have such an abomination, where you can figure out the SSN of someone and ruin their life?
You can actually change your social security number in the circumstance of "victim of identity theft continues to be disadvantaged by using the original number":
Italy: https://ilmiocf.it lets you generate your equivalent of an ssn (fiscal code). And, yes...if you know someone's very basic details you have the number.
For US viewers, enter 'stati uniti' as 'comune di nascita'.
Whereas in Israel, a national ID number is treated as just that - an ID number. You put it on every single contract you sign, on most bureaucratic forms, &c, and it's used to match up individual identity rather than names. On many online services, your ID number is your username, and your password is chosen per-service.
Why is it always Italians shitting on the country without knowing what they're talking about? This is absolutely not comparable. You can't ruin someone's life if you have their codice fiscale (source: am Italian).
Most countries do have some kind of id number like that, but they always have a "password" too. In Italy authentication is done by the SPID providers[1] or with an electronic id card (or physically with an id card, driving license or passport).
You can't get a credit card and spend as much as you want in their name. You need at least a stolen or counterfeit physical document to open a bank account, or a stolen password and a SPID second factor to file a fraudulent tax return. In the US the SSN is often enough unless you opt into freezing credit.
[1] for non Italians, that's the acronym for public digital identity system; it's a SAML-based authentication mechanism used by most public websites including tax returns, pension/welfare, and healthcare
Read again "Italy: https://ilmiocf.it lets you generate your equivalent of an ssn (fiscal code). And, yes...if you know someone's very basic details you have the number."
I did not say you can "ruin someone's life" with it. I very clearly wrote "if you know someone's very basic details you have the number". No more, no less.
If I knew the details of Milano Bonzini, born in Milano on 10/10/2010 then this is (probably) their codice: BNZMLN10R10F205U.
I thought the site would be __fun__ for foreigners (US, but not only) on HN, maybe if they have Italian heritage, they can work out nonna's number.
The "stampa codice a barre", is equally fun and I know several visitors that have printed it out to go with their holiday memories.
You are not legally required to provide your SSN to businesses or other entities, however, their policies may impact whether they choose to work with you.
So unfortunately... they will decline to do business with you if you decline to provide your SSN.
The only logical solution: Government needs to mandate a no SSN requirement and make it illegal to refuse service even if no SSN is provided.
It's also your tax ID, unless you've filed for a separate one. While the original intent may have been that the SSN would only be used for Social Security, by now various places are required by law to collect your SSN even if they have nothing to do with the Social Security Administration. But that isn't even the real problem here. SSNs are an identifier (username). Merely knowing someone's SSN shouldn't grant you any extra privileges. It's not a secret—lots of people know it, and it isn't even hard to guess from age and birthplace—and yet people treat it as if it were something akin to a password, as if knowledge of a person's SSN were enough to establish identity. By this point in time we should very well know to use only zero-knowledge proofs for authentication and not even share the secret with the entity one is authenticating to, so they can't turn around and impersonate you to someone else.
The same goes for credit card and bank account numbers. As anyone you've ever paid with your card or by check has access to these they can't be considered particularly secret. The problem is that the system barely has any authentication built in. 4-digit PINs and hastily handwritten signatures only an expert can verify do not offer reasonable security. Chip cards are a bit better (non-clonable, require physical possession) but only work for in-person transactions.
> SSNs should be treated more securely than credit card numbers.
I disagree. Both SSNs and credit card numbers should be treated with equal consideration.
Establishing arbitrary classes of PII protection based upon perceived severity of compromise is a bad strategy. In the market we work in, you either get this 100% right or you don't get it right at all. There is no happy middle-ground when you are selling software to banks or other such organizations. No one is interested in "mostly" correct when it comes to PII they are responsible for protecting.
Not just that, but official US government websites publish plenty of data with SSNs of dead people in them. For my genealogy research I have plenty of SSNs sitting around for relatives to emigrated to the US because they've happened to show up in searches.
E.g. here[1] is one of Ancestry's many catalogs based on US government data dumps that even allows you to explicitly search by SSN.
So even if one were to argue that SSNs of living people shouldn't be in GSuite, and there may be many good arguments for that, there are vast quantities of SSNs out there that are explicitly and openly shared by the government. If Google starts blocking me from accessing any of my files with notes about family history, I'll be pissed off.
I guess it's time to move off Google Docs too (I've largely left Gmail)
This is why running filters on automated data is never a good idea, and should never be accepted (at least for enterprise applications, but really for anything) .
This is another case for only pushing encrypted files to storage hosts, unless it's against Google Drive's TOS or something. Has anyone tried it? Did Google complain?
If you don’t know about this feature of rclone, you’re in for a treat! Combined with unionfs or mergerfs, or the builtin union function, you can have cached local decrypted mounts of locally encrypted remote mounted directories on gdrive, mirrored to a local folder.
Edit: there is also the (sorta abandoned, or finished/complete depending on your pov) plexdrive project, which does a bit of Plex server specific opinionated stuff and mounts gdrive read only, but which may help with reducing API quota usage according to some reports. I’ve never had any issues with the quotas that I’m aware of, but I did have to tune my settings a fair bit to get it dialed in on a somewhat memory constrained vps.
I have an Enterprise Gsuite account with 50 TB of encrypted data for around 5 years (this was of course prior to the rebranding). I've had no complaints from Google so far.
Problem is it makes the apps / integrations useless. I use google drive primarily from my ipad and encrypted files would mean I can't just "save to files" and have it drop in to google drive.
"A review cannot be requested for this restriction"
ML enforcing rules is bad enough, but not allowing false positives to be corrected is ridiculous. This is why I would never consider g-suite for any business application.
Otoh, I think there is a legitimate business to be made helping small businesses and individuals secure themselves against arbitrary behavior from big tech. This kind of thing can have serious consequences (imagine if it was something of real substance that got restricted without recourse) and people need to consider hardening their activities against google et al
Reminds me of that 70s IBM presentation quote that surfaced recently, "A computer can never be held accountable, therefore a computer must never make a management decision".
It's one thing to have a computer flag issues, another to make it responsible for taking action and in this case, making a decision final. Google continues to set poor examples with irresponsible implementations of machine learning. With no accountability, no recourse, no humans to talk to.
It's possible to read the original quote was as a warning of exactly that. We should all be very wary of letting our code do the walking because the fault should realistically lie with us, but it's as if the software industry feels invincible, and it's not hard to see why.
Yeah, that's basically how I read into it. Or, more specifically, if the computer can't be held accountable, then those doing the holding get to decide who they think is responsible, and that might not end in your favor. In pithy terms, computers make poor scape-goats.
Given the context IBM operates in, that's probably what they are getting at.
Bill Gates tried this argument and lost.
Lawyer during deposition: "So who sent that email?"
The best of both worlds is when you have a human supervise a fully automated process. You can pay them peanuts and still use them as liability sponges.
AI-aided management decisions can't come soon enough. Decision Model and Notation made big headway on this, but I don't see it discussed. They're fancy decision trees but can handle complex factors and are designed to be intuitive to reason about.
Management is made of leaky abstractions. I think of course that humans should still be the accountable party, but AI can guide baser decisions so that more time can be spent on the hard problems.
Imagine how many thousands of hours managers have wasted at this point discussing WFH. They should have been figuring out their supply chain and labor strategy.
This argument would be more compelling if companies were in general better at driving management decisions using all of the many data analysis techniques already available. Making something lower effort but also harder to understand and more error prone doesn't seem like an obvious win....
I agree! I think management processes need more open experimentation, though. Documenting and creating decision trees makes those decisions more transparent overall. It also aids in transfer learning, something which, from first hand experience, is lacking on ground-scale. Meaning, there's a lot of management knowledge in people's head's that increases bus factor risk. That can be mitigated, whether through my proposed method or otherwise.
Abstractions get leaky when underlying assumptions fail to hold. As an example, comparing insurance rates and coverage from different companies via AI is of limited utility if you ignore counter party risks where the companies fail to keep their end of the contract. Of course you can add that or any specific thing I bring up to the model, but you can’t include everything because the model is always simpler than reality.
The desire for AI decisions to be explainable forces them to use even simpler which makes this worse.
How long until cloud providers are forced to scan block devices, so you can't even self-host a file erroneously flagged by the ML? (Actually, how long until this is integrated with the "security engine" in CPUs, so you can't even hide with encryption? Everyone is talking about on-device voice-recognition and CSAM recognition, but no doubt the copyright lobby is going to push hard for this as well.)
It hurts me to even think about this. We're headed towards such a bleak future. The only solution I can think of is to kill copyright in order to save computing freedom. Otherwise our computers will eventually no longer be ours.
We are in the middle of the hostilities, and we can always appreciate if more young idealists, as well as practical and hands-on militias want to join the revolution:
I think there needs to be more work on open source hardware (and the associated fab capabilities to make what people want) in order to preserve computing freedom. I have no idea how to actually do this, but it feels like it should be prioritized
For sure, but companies didn't win by building a better product. They won because of copyright laws that helped them to enforce their goal of profits.
If we want computing freedom, or in other words: consumer rights, then we need to enact laws that are pro-consumer to ensure an open future. Things like being able to repair our devices were taken away (Apple) and brought semi-back with right-to-repair laws (albeit only proposed atm), ownership of software and your data taken away by online services (Adobe, etc), and lots others.
Having open source hardware won't stop companies trying to take control away. We already see Microsoft and their SecureBoot problems with Linux. Or maybe they just won't support those open source machines by refusing to deploy their OS or whatever. Then what audience are you gonna have to make that product successful to become the new standard?
Laws are the only way to force everyone to play nice. We can have the nicest open source stack, but that's nothing if companies can just seize them with their own laws.
> Having open source hardware won't stop companies trying to take control away. We already see Microsoft and their SecureBoot problems with Linux. Or maybe they just won't support those open source machines by refusing to deploy their OS or whatever. Then what audience are you gonna have to make that product successful to become the new standard?
We need to get rid of those products and replace them with free software instead. It doesn't even matter if it's better or worse, as long as it's ours. This is the most sensible long term investment since it's the only thing that will truly benefit humanity forever.
I agree. The only reason these "stakeholders" have any leverage at all with which to push this is the fact semiconductor fabrication currently costs billions of dollars. So while it is possible for us to make our own freedom-respecting software, freedom-respecting hardware is out of our reach. Hardware manufacturing is concentrated in the hands of few corporations and those are friendly towards the copyright industry and good targets for government regulation and intervention.
Some kind of innovation that lets people fabricate at home is necessary. Just like the free software compiler changed the software world, the free as in freedom fab must do the same for computer hardware. Access to fabrication must somehow be democratized or we'll never be free.
Making fabrication accessible would definitely be nice.
In the meanwhile, I'd be interested in finding a community that puts "relatively open" hardware to good use. That includes old computers that won't grow antifeatures on their own, but also e.g. microcontrollers. I believe the dual-core 125MHz $1 Raspberry RP2040 is more powerful than my first PC was (although it might have less RAM and unfortunately can't be transparently expanded as far as I know). It's not exactly open hardware but it's well documented, and even the boot rom is open source (that is rare). You don't exactly have lots of integrated peripherals (e.g. ethernet) so it'd be very difficult for them to have some kind of remote backdoor. It's also quite simple to program; a hacker scale operating system is entirely feasible.
And that is of course just one of many choices out there. There are far more powerful microcontrollers out there. And by their nature, it's not going to be very easy for the copyright mafia to get their slimy tentacles between you and the core.
You'd give up a lot of power but on the other hand, I could buy 500 of them for the price of my laptop. I don't know, maybe we don't need to run everything on a single high performance CPU and could instead have a small cluster; perhaps each chip running its own application?
It's definitely not a "ready world" but I see lots of possibilities and am excited for the future of microcontrollers. But I'm also seeing the line between microcontrollers and processors getting blurred.
True, but it's harder to compromise a fully programmable device. In essence, you'd have to somehow prevent certain kinds of programming while still permitting all the rest. How is the device to know that flipping pin 121 and 122 in a specific pattern is actually clocking bits from a storage device?
I think the web is broken (user-hostile) for the same reason. It's been made to support arbitrary programming, and now you have to play this weird cat and mouse game of trying to prevent a particular kind of programming -- that can be used against you -- without breaking all the rest of the web. Google can block your browser because they can run code in your browser. https://news.ycombinator.com/item?id=30051512
Furthermore I would add that the silicon die of an FPGA has a particular look which is very homogeneous compared to the die of a CPU or microcontroller, so if the vendor is including a small malicious CPU as a physical part of the FPGA, you should be able to detect that just by carefully scrutinizing the die with a microscope.
It does seem to some extend the higher the level of abstraction, the more potential for inappropriate controls or restrictions. More restrictions exist in apps vs OS vs cpu, or in cloud services like gdrive vs an EBS volume on AWS. So FPGAs are at least a step closer to free (or harder to secure). Even if they are under control of the manufacturer, there is a lot more flexibility and less potential for "oversight" at the gate level.
There is still the question of all the peripherals, I'd be worried about internet and video and other i/o adapters only being compatible with proprietary hardware, and impossible to use with a home programmed fpga
Depending on what your performance target is, you might do without adapters. Low speed USB can be bitbanged even with 8-bit attiny. RP2040 with PIO can run DVI, 720p@30Hz (though you do need to overclock the chip heavily). I don't know how to implement Ethernet with digital logic (it uses pulse amplitude modulation) but bandwidth-wise it's not too challenging. Gigabit signals to PHY are 125MHz using RGMII. I think 100Mbit Ethernet would use 25MHz but I'm not actually sure. All doable using commodity microcontrollers without an FPGA.
I could see a long road to a dystopia where these legacy protocols are deprecated and they push out devices that only speak new protocols that won't let unapproved devices talk.. but I'm not that pessimistic. I can't see the copyright mafia chasing things down so far, and they'd rail up against all the industrial users.
There are people trying to make hardware more open source and user friendly for the average user right now. The Framework laptop, for example, is not a perfect product with DIY silicon but it's well on it's way to open, repairable hardware, open bare iron code, and other user-friendly attributes.
It's also quite expensive because by definition such things will always be more expensive. Vote with your wallet and not just your HN post and you'll push the world just the tiniest bit in the direction you want.
Do we need to kill copyright? Couldn't we just kill vigilante enforcement of it? Maybe we should make it the law that if you see a copyright violation, your only legal options are (1) nicely ask the infringer to stop voluntarily, or (2) sue.
Copyright is fundamentally a monopoly on data. The very name implies that you can restrict who can copy data, how many copies can be made. Copying data is among the most basic, fundamental computer operations. Therefore all computers are inherently capable of violating copyright, they merely need to be instructed to do so. It's the 21st century and copyright is absolute nonsense. Computers make it seem absurd by trivializing copying to the point artificial scarcity is exposed for the illusion it always was.
So in order for copyright to exist in the 21st century, it must be impossible for us to instruct computers to do anything. They must own our computers. They must ensure computers obey them so that they can make it refuse to copy data without approval. We cannot be allowed any control because we can easily subvert their business model.
So in this matter it really is us or them. Either the copyright industry loses, or we lose computing freedom and everything hackers stand for will be history. There's also the looming threat of government encryption regulation which faces the exact same problem. I say computers and the internet are jewels of humanity and too important to be compromised by these governments and stakeholders, and I'd sacrifice a thousand copyright industries to keep them alive and free.
> So in order for copyright to exist in the 21st century, it must be impossible for us to instruct computers to do anything.
This is not true. It could be enforced by courts and not by computers.
Courts are slower and more expensive, so they'll only be used for the most egregious violations. But that's fine. Those are the high value ones. You wrote some code or made a movie, Netflix wants to use it, Netflix has to pay you for it. Because Netflix is big and you can sue them.
> We cannot be allowed any control because we can easily subvert their business model.
The assumption here is that everybody wants to subvert their business model. For the RIAA that might be true, but we don't need the RIAA. They can lose. Specifically because they're crooks and nobody respects them.
But already right now I can find basically the entire Netflix catalog on BitTorrent sites, and still I pay them.
And look at Substack. You have people making content, the readers respect the writers, so they pay. In many cases even when the articles are available without paying or after only a short delay. Because the readers know they won't be created if the creator has to go dig ditches instead for money.
We should get rid of DMCA 1201 (prohibiting circumvention of DRM). We don't need to get rid of the law that prevents Google News from hosting the full articles on their own servers while stripping out the subscription links.
> This is not true. It could be enforced by courts and not by computers.
No, this doesn't get you through the century with copyright intact. Bandwidth and storage only get cheaper, and copyright-able files are not getting proportionally larger.
Eventually--and the 21st century does seem like a reasonable timeframe--something like Google Glass is going to become the norm, for all people, all of the time. Somehow or other we will patch the imperfections of memory and information exchange; think of it like recording everything you see and hear and being able to instantly share those recordings with those around you. We can already do this with a sentence or two of text or the gist of a melody! In the future it'll be a full book, or a song. It's no different from inventing vehicles that allow us to travel at hundreds of miles per hour.
What does copyright look like as the ease of recording and repeating an experience increases at the rate of the past few decades? If technology is in reach that would blur the line between "recording" and "remembering", and "recounting" and "copying", are we going to just say "no" to it? Allow our memories and communication skills to remain in their ancestral, imperfect state just because it is imperative that those who "own" certain bitstreams be paid whenever they reach a new consciousness?
Human courts can't enforce copyright when faced 2050's technology. Not when we can "memorize" and "repeat" everything we hear with the same ease that we memorize or repeat a haiku today.
> Bandwidth and storage only get cheaper, and copyright-able files are not getting proportionally larger.
We're already at the point where these costs are negligibly low. It takes more effort to think about the cost of transferring the text of a book over the internet than the actual cost of doing so. That's not what it's about.
> think of it like recording everything you see and hear and being able to instantly share those recordings with those around you.
If you're the one recording it, you are (in general) the copyright holder. If you're the copyright holder, you can choose to share it without charging anyone money or placing any restrictions on anything.
> We can already do this with a sentence or two of text or the gist of a melody! In the future it'll be a full book, or a song.
Let's say you're right. So now instead of taking a few days to read a book, it takes a few minutes or seconds. Great, now you can read more books. Which means each book gets read more times. Which means each reader doesn't have to pay as much in order for the author to make the same amount of money.
But if you set the price all the way to zero, how does the author make rent? And then where do the books come from?
> We're already at the point where these costs are negligibly low. It takes more effort to think about the cost of transferring the text of a book over the internet than the actual cost of doing so. That's not what it's about.
No, we're really not there yet. You're overestimating the similarity of future technology to today's. Remember, we've got 80 years left in the century.
Here's what negligible transfer costs actually look like: The time it takes to transfer not just "a book", but the entirety of Sci-Hub, Spotify, Netflix, and every other content library that exists today, is limited only by the speed of light. The cost of storing all of that information is totally negligible. And technology is so totally integrated into our everyday interactions, that the act of "copying" it isn't even a conscious decision! When you reference a song or movie, you seamlessly link your statement to its entire contents, which are transferred like a parenthetical along with the statement itself. You might not even notice yourself doing it; it's just how you communicate in 2070.
> If you're the one recording it, you are (in general) the copyright holder. If you're the copyright holder, you can choose to share it without charging anyone money or placing any restrictions on anything.
Songs you hear, movies you see, pictures, speeches, etc. Hear a song once, remember it perfectly. Just an imperfection of the flesh to be resolved by technology. Doesn't matter if it was over the radio, on YouTube, or at a friend's house. Doesn't matter if it was given to you in an "ad-supported" way; you can cut those ads right out of your memory. You saw/heard it, it's yours to replay forever because you have perfect memory. It's not a "secret" you're obliged to keep either. Communicating memories to others is just what we do, we're just kind of bad at it right now so copyright can still sort of survive. We won't be bad at it in the future. We shouldn't be bad at it, we should be great at it.
> So now instead of taking a few days to read a book, it takes a few minutes or seconds.
I think you might be implying a whole other thing, which is the ability to "absorb" information orders of magnitude faster than we can today. I don't see that on the horizon in the same way that I see what I'm talking about, which is the perfection of "memory" and "communication of memories". You might not be able to read any faster, but you will be able to pass the whole Written Works of Man around in an instant, without even realizing that you're doing it.
> But if you set the price all the way to zero, how does the author make rent? And then where do the books come from?
The business model that we fabricated out of thin air with laws is insane. The idea that by writing a book you have some sort of infinite claim over all people that ever experience that book, regardless of whether they ever made a deal with you or your associates, is absurd. Imagine we made contact with a Second Earth, and some pirate sent them all our books, which they then read. Did today's authors really take trillions of dollars in damages from that act? Because we didn't even know about Second Earth until YESTERDAY. What if it was a secret? How can you have half your "property" wiped out in an instant by copyright violations and not ever know about it?
There's massive demand for media. Hell, there's even demand to be the person who creates media, just for the fame. Stop enforcing copyright and there will be a blip in creative works that will resolve itself within a decade. Authors and songwriters will get paid just like scientists, software engineers, and most online visual artists today: By commission. This is just one of the cool things markets are capable of: Somebody wants something to exist which does not, so they pay somebody who is capable of bringing that thing into existence to do so. If that thing is very expensive to produce (say, it requires the top artist of the day to work for a year), then maybe they have to pool their money with many others. Like local companies funding the construction of a large office building.
So business models are shaken up, different people do probably get paid different amounts (sorry to copyright lawyers and enforcement firms, especially), and in the end art continues to be made like it always has been. People love "consuming" it, and a subset of those people are more than capable of paying for it. The same transactions we've been making simply switch spots in the timeline. I don't pay $10 for the album that was just released, I pay $10 so that the next album gets released. And once it's out there, it's everybody's forever, like all songs and stories and ideas used to be, and should be.
And to preempt the contention that "if that worked it would already work that way", I'd say, we took a wrong turn a really long time ago. When that happens, interests get extremely entrenched. Beliefs get entrenched as well. The concepts of copyright and "intellectual property" are deeply ingrained in our expectations (though not, I would point out, anywhere near as deeply as our expectations of "actual property" law, which is telling). Making this shift is very hard. Probably a long transition period and obscene amounts of money given to existing copyright holders would be required. But it absolutely has to happen. We can't just look superhuman powers in the face and decline them because they would make some recently-invented business models untenable. Everybody should have bit-perfect, infinite memory and bit-perfect communication of arbitrary segments of that memory, because that's a thing that Gods have and you don't decline Godhood.
Cameras made it easy to copy things, so did printing presses, photocopiers and now computers. None of them have killed copyright, which is still functioning just fine. Musicians still sell music, directors still make films, the apocalypse simply isn’t happening.
Yes there are occasional abuses, unfair YouTube takedowns and crap like this from Google. They must be fought, no argument there. Life will go on.
You seem to be arguing that modern digital technology must by necessity drive a fundamental shift in the intellectual property economy that eliminates things like copyright forever. That simply isn't happening. It didn't happen to music, not to film and television, not even books. I'm a gamer and regularly buy games and supplements in PDF form, the hobby role-playing game market for indie games in PDF has never been stronger.
You can argue until you're blue in the face that what's happening right now is impossible, but it is happening. Look at the massive investment Amazon, Netflix, Disney, HBO and Apple are putting into streaming video. They are very successful businesses fighting over massive revenue streams. We're 20 years into the post-napster digital online revolution, and this is the way things have worked out.
The arrival of mechanical movable type printing in Europe in the Renaissance introduced the era of mass communication, which permanently altered the structure of society. - Wiki
> photocopiers
A primary obstacle associated with the pre-xerographic copying technologies was the high cost of supplies: a Verifax print required supplies costing US$0.15 in 1969, while a Xerox print could be made for $0.03 including paper and labor. - Wiki
> Not at massive global scales. Not at negligible costs. Not with complete impunity. Not in a way that was accessible to everyone.
You're trying to split hairs to justify a belief here. It doesn't seem like you're making a compelling case by stringing together conditions that you think are unique to the modern day.
The printing press changed the world but it was huge expensive hardware and if you had one it meant you were a major industry player and therefore an easy target for copyright enforcement.
Copiers were also expensive machines owned by businesses and they also worked with physical paper. There were inherent limits to the scale of any copying operation.
None of this is comparable to what we have today. Now everyone has a computer that fits in their pockets and is more than capable of instantly creating an unbounded number of copies of any data at nearly zero cost as well as transmitting those copies to anyone else connected to the global network. People infringe copyright every day, most of the time without even realizing it.
> The printing press changed the world but it was huge expensive hardware and if you had one it meant you were a major industry player and therefore an easy target for copyright enforcement.
I do suspect you are thinking about the industrial revolution, which came centuries later. Like 1760+
The Gutenberg press was something that relatively poor could produce, over time, in pieces with basic carpentry and blacksmithing (if you had the money), in the mid 1400s.
You could make it even cheaper with purely wooden components (no double sided, sorry), which would require routine repair and was generally inefficient. Paper had been around since before the Egyptians but started becoming commonly understood and circulated in Germany around this time. It was difficult to obtain and make. Interestingly enough, you could use cloth/leather or another material instead. Gutenberg was relatively well funded once he started kicking out Bibles so he didn't think about these things, as he really just wanted nice Bibles produced. Innovative stop-gaps were part of how it's notoriety spread so rapidly. That left the traditional oil-based ink which could reasonably be made of anything (oil, sap, soot, filth, etc) with effort and a suitable substrate.
Printing was manual before, which was slow and expensive. Within a century of "the press", the ability to read was nearly ubiquitous. This jump-started the Enlightenment period.
> Printing was manual before, which was slow and expensive. Within a century of "the press", the ability to read was nearly ubiquitous. This jump-started the Enlightenment period.
Copying and distribution was slow and expensive before. Not even a century after computers, the ability to copy was nearly ubiquitous. This jump-started the age of information.
> It's the 21st century and copyright is absolute nonsense.
This is an awful, terrible take. We know that intellectual property is much more artificial than pretty much every other type of property right, but we still want governments to enforce copyright and other IP law because it's a good way to make sure that people have a financial incentive to be creative or do R&D.
Copyright needs reform (and many types of DRM need to be banned), but just because you'd gladly sacrifice thousands of industries (how many jobs is that? millions?) to have some ideological purity, it doesn't mean that such a decision would be broadly supported or even in the best interest of society as a whole.
Source: work in copyright, have seen firsthand how shitty IP protections can destroy businesses that produce excellent content.
> we still want governments to enforce copyright and other IP law because it's a good way to make sure that people have a financial incentive to be creative or do R&D.
I have to believe that there must be alternatives. We need better post-copyright business models. This artificial scarcity thing is simply not going to work anymore. At least not without sacrificing everything about computers that make them special.
Maybe crowdfunding where creation is treated as an investment. Maybe patronage where it's treated as a subscription. I really don't know for sure. I just know it can't go on like this.
Without copyright you cannot write contracts about creative works, because there is no value to exchange. Creative works without legal protection are free and therefore cannot be investments or subscriptions. Just like I can’t get people to invest in or subscribe to the air in front of my house.
I think you are headed down the wrong path here. You don’t need to eliminate intellectual property to preserve general purpose computing. You just have to change the guardrails on how IP enforcement works.
They’ve changed many times and they can change again. And it’s way more achievable than ripping copyright out of society entirely.
> Without copyright you cannot write contracts about creative works, because there is no value to exchange.
There is no value even with copyright. Its value is made up, created via artificial scarcity whose days became numbered the minute computers were invented. There's no point in perpetuating this system.
The true value is the labor of creators. Data is abundant. Creators are rare. They need to somehow get paid for the labor of creating rather than copies of the finished product.
> Creative works without legal protection are free and therefore cannot be investments or subscriptions.
We can invest in the creator. Paying them up front like investments, or continuously every month like patronage.
> You don’t need to eliminate intellectual property to preserve general purpose computing. You just have to change the guardrails on how IP enforcement works.
I'm not convinced the copyright industry will ever stop. The situation gets worse every year. How is this supposed to change with copyright holders still around? Their lobbying power is immense.
> They’ve changed many times and they can change again.
They've changed for the worse. How many times has copyright duration been extended? How many of our rights eroded? Fair use rights? Public domain rights? They mean nothing anymore. When was the last time some work entered the public domain?
Winnie the Pooh entered the public domain 24 days ago. And value has a legal meaning in the context of contracts, regardless of how you personally feel about copyright.
You’re convinced that copyright industry has tremendous power; but apparently you are also convinced that the only way forward is to 100% defeat them. I’m just saying there may be more options than the extremes of total fail / total win.
Also, your ideas about investing in creators are orthogonal to copyright; you can do all of that today and copyright will neither help nor hinder. Commissioning creative works is great and in fact predates copyright.
> There is no value even with copyright. Its value is made up,
And I'm sure that's why Disney makes billions of dollars selling movie tickets every year, right? The moviegoers who drag themselves out of the house just can't be trusted to determine value?
Yeah, the value is determined by scarcity. That's the point of IP law. Otherwise the value would be zero, and these movies would not be made because they'd instantly get copied ad infinitum and anyone proposing to spend more than fun money on one would be shunned.
> The true value is the labor of creators.
No, and this sounds an awful lot like the Labor Theory of Value. The value of IP is what people are willing to pay for it, same as any other market good. Comic book franchises were basically worthless until Disney and WB blew them up, for example. It's rare for any media to succeed without marketing. Value requires far more than just creators and it's absurd to pretend otherwise.
> We can invest in the creator. Paying them up front like investments, or continuously every month like patronage.
There are far, far more creators than there could ever be works of great cultural significance, and the creators building valuable IP are compensated for it far more than they would under any other practical scheme.
> I'm not convinced the copyright industry will ever stop. The situation gets worse every year. How is this supposed to change with copyright holders still around? Their lobbying power is immense.
By passing laws. It's literally that simple. You can replace "copyright holders" with "oil barons" or "AT&T" and see how silly that sounds. Copyright, unfortunately, is at the very bottom of everyone's list of priorities, and for obvious reasons.
You ask "how is this supposed to change?" as if the situation is unbearable, but it's really not. A big reason for why nobody cares is that your average consumer now can consume pretty much everything more cheaply than ever before - fully legally. And so what if Google makes an obvious and stupid mistake with Google Drive every now and then? They'll generally fix it pretty quickly, and there are a million similarly-priced competitors that don't do this if you're not satisfied with the quality of the (free) service.
> When was the last time some work entered the public domain?
Given that copyright is automatic and requires no registration, there's a steady flow of works entering the public domain. OG Mickey Mouse lost copyright a few years ago, IIRC.
tl;dr there's a gigantic jump from "copyright protections are frequently onerous and stupid" to "we should abolish IP law." You are giving evidence for the first and acting like it justifies the second.
Copyright is spelled out in the US Constitution as distinct from property, for clear and well-justified reasons.
Every move to make copyright more like property makes copyright less useful for its designated purposes, and more a drain on the public interest. But copyright holders are continually pressing courts and legislators to try make copyright law subservient to property law, and succeeding, incrementally, so case law on copyright has become hard to distinguish from property law. Nowadays copyright lawyers even call themselves "Intellectual Property" lawyers, deliberately trying to obscure the difference.
The consequence is that Copyright, which was once a benefit for the public interest, is now a benefit only for entrenched media companies. Eliminating it would once have been taking away from the public. Now, eliminating it would benefit the public. But, since copyright is now a matter of international treaty, we no longer have, even in principle, the power to eliminate it: treaties override the Constitution.
Since you work in copyright, you've probably also seen firsthand how overzealous copyright enforcement can destroy businesses that produce excellent content.
Frankly, your bias shows and you might have a case of EverythingLooksLikeANailitis. The copyright industry may be "protecting" jobs in some ways, but it's also destroying jobs in others. It's halting progress in so many cases.
You also need to look at who, in practice, is protected by copyright. The grand majority of the money being protected is that of big, rich industries. Even when the Little Guys are protected, it's usually by a bigger company that gets the way bigger cut from it (eg. stock photo and music artists).
A world without copyright is a different one. IP lawyers and copyright enforcers might be out of a job, but it doesn't mean it'd be one without music or art. We'd find a different way to make it work, hopefully a way that doesn't drive the next Aaron Swartz to suicide.
> Frankly, your bias shows and you might have a case of EverythingLooksLikeANailitis. The copyright industry may be "protecting" jobs in some ways, but it's also destroying jobs in others. It's halting progress in so many cases.
No, I have a case of "I'veSeenWhatHappensWhenCopyrightIsIgnoreditis." A blind man could see that copyright needs serious reforms, but it's absurd to pretend like other systems produce the diversity and scale of works that the current one does.
> You also need to look at who, in practice, is protected by copyright.
Believe it or not, I do every day.
It's crazy that your solution to "small creators get ripped off" is "make ripping them off legal." The actual solution is to reduce the cost of enforcing copyright - right now it takes a court case, which obviously is a nonstarter for anyone who isn't making bank off of their copyright.
> A world without copyright is a different one. IP lawyers and copyright enforcers might be out of a job, but it doesn't mean it'd be one without music or art.
As long as there are humans, there'll be art and music. What there won't be are people who make a living off of it, and we'll rewind to like 300 years ago when the only people who could afford to create art were born rich or willing to find a rich person who'd individually sponsor them. When people have more time to spend on art, they produce better art. I really hope that isn't controversial.
> We'd find a different way to make it work, hopefully a way that doesn't drive the next Aaron Swartz to suicide.
I'd really rather we didn't use a deeply individual instance of suicide as a political talking point. It's kind of tasteless and you can find plenty of examples of suicide for virtually any problem.
> The actual solution is to reduce the cost of enforcing copyright - right now it takes a court case, which obviously is a nonstarter for anyone who isn't making bank off of their copyright.
Making it easier will result in even worse systems than YouTube's insane extralegal "copystrike" process which enables such abuses as police playing copyrighted songs to prevent people from sharing videos of them.
The opposite should happen. It should be much harder to enforce, it should most definitely not be automatic, it should cost copyright holders huge amounts of money, it should require them to go to actual court, there should be severe penalties for fraudulent claims.
> we'll rewind to like 300 years ago when the only people who could afford to create art were born rich or willing to find a rich person who'd individually sponsor them
If we keep going like this we'll rewind about 100 years to the status quo before the invention of computers. We'll have them but they'll be restricted to the point they're equivalent to old mass media. Their potential squandered in the name of keeping old industries alive. Everything the internet was meant to be, destroyed due to the surveillance and control necessary to enforce copyright.
> Making it easier will result in even worse systems than YouTube's insane extralegal "copystrike" process which enables such abuses as police playing copyrighted songs to prevent people from sharing videos of them.
No, it'll make it easier for watchdogs to fight bullshit like this. A poorly rendered version of "Shake it Off" that just so happens to be played in the background of some police brutality is fair use - but guess where you have to go to claim fair use as a defense?
> If we keep going like this we'll rewind about 100 years to the status quo before the invention of computers. We'll have them but they'll be restricted to the point they're equivalent to old mass media. Their potential squandered in the name of keeping old industries alive. Everything the internet was meant to be, destroyed due to the surveillance and control necessary to enforce copyright.
People have been saying this for twenty years, and computers now have only become more capable. It was an exaggeration then and it's an exaggeration now.
Well, the problem is that all this "vigilante[0] enforcement" was there to enable online services to work at all; and it has been further extended by private business agreements to give copyright owners powers above what the law requires.
Any tort in law also has secondary liability attached to it, and it's generally accepted caselaw that online service providers get secondary liability if someone uses them to infringe. Congress decided that said providers should be able to disclaim that liability if they participate in a notice-and-takedown process; and the EU has gone further and replaced that with a very context-sensitive "best practices" approach that almost certainly will be interpreted as "video sites must have an equivalent to YouTube Content ID".
From an old media perspective, this is crazy. If CBS licenses a TV show that infringes upon a third-party copyright, they cannot disclaim liability by saying it's the licensee's problem. If they could, then you could construct a bunch of LLCs to separate the infringement from the liability. And this is effectively what online services have done: YouTube, for example, gets to automatically[1] recommend you infringing content, and those who have been infringed only have the legal recourse of sending takedown notices.
Getting rid of the takedown system would mean that copyright owners would have to go back to suing individual users, which is both expensive and, IMO, wrong. YouTube gets to own online video and infringe copyright with impunity, because they passed the buck onto individuals that largely cannot afford to pay damages on infringement. If you're a legitimate[2] user of copyright, you can't economically get the infringement to stop or go underground. Furthermore, if you are a copyright troll, this does nothing to stop you; you will still be able to sue individuals and coerce them into settling baseless claims.
The underlying problem is that online platforms want to half-ass copyright. You can decide whether this is because they understand the draw that infringing content provides to them, or if proper enforcement interferes with the FAANG business model of "own the platform and take 30%". Either way, it's a compliance cost. We don't want people just suing individuals, and we don't want people suing online services to the point where any amount of third-party content is too legally perilous to touch. The answer was supposed to be notice-and-takedown, which is designed basically as a way for online service providers to push papers around between copyright owners and users without having to resort to an expensive lawsuit.
However, nobody likes this. Online service providers that try to do things "by the book" wind up with all sorts of legal pitfalls for both themselves and their users. So even the current notice-and-takedown regime in the US has been subverted by private agreement. For example, DMCA 512 requires copyright owners to actively monitor infringements of your work; but YouTube Content ID instead provides a turn-key solution to find infringing work on that platform. It also lets you just monetize the infringements instead of taking them down, which is also a sort of backdoor license for Google. I suspect some sort of similar arrangement is involved with Google Drive, where you can't share files that trip whatever content ID system is involved here.
So even "killing vigilante enforcement" would not be good enough, because Google has already found it lucrative to privilege copyright owners over regular users. You need to specifically regulate these takedown alternatives rather than just getting rid of takedowns.
[0] Technically speaking, a DMCA takedown notice from someone who does not own the copyright to the work in question is legally deficient and can be safely ignored by Google. However, most online service providers do not do a good job of checking.
[1] As per Mavrix v. LiveJournal, the process has to be automatic. Human curation takes you out of your DMCA 512 safe harbor. This is effectively a "willful blindness" requirement, IMO, which is also bad.
[2] As in, you're interested in preventing sharing of newly-published works for a reasonable time frame, rather than keeping an ironclad grip on Steamboat Willie or Super Mario Bros forever.
May I ask if you are a lawyer? I've read many of your posts before and they're always extremely informative. You've taught me a lot of things about copyright. I'm not sure if you'd agree with what I say but I still wanted to say thank you.
I am, however, an American tech enthusiast born in the 90s, which means I got exposed to a lot of anticopyright, Creative Commons, Free Software, and Open Source propaganda at a very young age. Of course, my actual positions nowadays are a lot more nuanced than the ones I had decades ago.
Furthermore, I'm involved with software reimplementation[0]. And one constant of that whole field is that it's often unofficial, if not outright adversarial to the original hardware or software. If you aren't being very careful about copyright at every stage of the process, you are liable to get sued with the full force of the law. There's zero leniency with copyright these days, so you either have to be legally untouchable or go deep underground. I chose the former path, which means that I have to know a lot of this shit, even though I'm not a lawyer.
[0] Specifically I am one of the contributors to Ruffle, a Flash Player reimplementation that works in modern web browsers.
I don't think we need to kill copyright, but we sure as hell need to control how it's used. To start with, we need to spay and neuter the out of control copyright enforcers, and especially every form of copyfraud.
I don't entirely disagree with you. I think copyright is insane but it could certainly be made tolerable enough. Most importantly, it needs to have reasonable duration. 5 years is more than enough time for these creators to make their money several times over. I don't think these copyright holders would ever accept anything that reduced their monopoly power though.
I think 5 years is too short. It assumes the creation[tm] will work out of the box and get immediate momentum. Whereas for music and literature it may well take a decade before the thing bubbles up to someone's consciousness.
I'd say 20-25 years from first publication would be a good time window. If your creation has not become worth anything in that time, it wasn't timely or of real interest. On the other hand, if a creation[tm] does become part of cultural background, 25 years is more than enough to reap the benefits. And at the end of the term, if something is part of the cultural scenery, it needs to be in public domain no matter what.
What a window like that would ensure is that creators can earn royalties over time, but it would prevent the inter-generational rent seeking dynasties. Copyright is supposed to encourage creation, by handing over a strictly temporary monopoly, but also guaranteeing that the monopoly remains short enough to enable culture to evolve.
The surface is larger than just copyright and includes anything the government can enforce in the name of protecting or preventing ... [children, terrorists, money laundering].
Lobbyists wondering why not slip this into appropriations bill and make MS put this in desktop.
It's also larger than that; I believe one of the biggest threats to freedom today is complexity. That's why people are so bitter at Mozilla for example, and perhaps to a lesser degree systemd. But it applies to a lot of stuff, for example everyone who complains about GPU drivers on Linux (or "Linux is not there yet" in general) complains because they feel powerless to fix the issues. I'm glad AMD is doing their part but I'd be happier if we didn't need them to.
If things weren't so complex, a small group of hackers would "shut up and hack" and fix their grievances and give the community something new to play with. Instead, we've gotten to the point where most people realize that they are too small in face of all the complexity. Then what choices do you have left? Give up, or get bitter and angry because those who have the resources to maintain a browser or Linux distro aren't doing what you want (and eventually you give up anyway because shouting into the void doesn't fix anything). One can go against the grain but they will be left in the dust; I saw lots of bitter Palemoon users who were ignored as the web moved on and sites started breaking on their increasingly outdated Firefox fork. I can't blame those users.
Open standards mean nothing if only one company on earth has the resources to implement them (and they deliberately push out others). Open standards mean nothing if they require you to implement user-hostile, freedom-disrespecting features that enable behavior like above.
Google blocking browsers is understandable, they're trying to stop apps from implementing Sign In with Google in a webview because that's a security issue. (Apps could steal passwords or non-oauth session information) Some actual browsers (mostly built around those same webview tools) got caught up in the blocks too. If they were blocking everything except Chrome, that'd be a different story, but they're not.
My take on this is that you always have plausible deniability when you deny freedoms "for security." I don't like it.
Blocking everything except Chrome would immediately raise way too many eyebrows, but allowing the few big (non-) competitors while making life hard for any potential rising stars has value if you want to maintain the status quo (near monopoly on browser market).
In any case, I don't really even care about Google's motivations here. I have a problem with the fact that they can do this at all. Open technology should not enable overriding user control and arbitrarily blocking clients based on prejudice.
I agree. Attempts to regulate cryptography, to force computers to police and snitch on their own users... It's all deeply concerning and all of it depends on their covert ownership of our computers.
The first and last Apple hardware I bought must have been over 15 years ago, a really thick 80 GB iPod with an actual hard drive inside it. I got rid of the Apple software and installed a custom OS on it. If I remember correctly, it was called rockbox. Now it's unthinkable that an Apple device would let me have this sort of control.
What happened to Apple is what will eventually happen to all other manufacturers. They want to own us.
Gab.com is how to run a service that gets kicked off all cloud providers. They had to build their own bare metal infrastructure. That's right! They use zero cloud infrastructure. No AWS, etc. They even have release announcements about how they've upgraded or bought more servers so things should go faster and they can enable more features and so forth.
I have an email from myself to myself sent in 2007 in GMail. I can't open the attachment because "it is malicious." It doesn't, just a schematic, but there's no way to tell GMail to let me download it anyway.
If Amazon didn't offer EBS block device encryption (with a key that's ostensibly only accessible to the customer), then customers would just use full disk encryption instead.
Companies can say that they won't have an actual human look into your issues, but there's a person that handles letters that might turn into lawsuits and other legal issues, and you can always ensure that they get contacted instead. Certified mail is pretty quick to write and costs like $3 to send, and you can look up the company's agent for service of process.
It might not do anything - writing a letter that sufficiently implies that you are actually collecting documentation and preparing for a lawsuit is an actual skill, and your demands may be unreasonable for them to handle - but you will get an actual factual human being to at least start reading what you've written. And as a bonus, their KPI is in terms of "number of incidents per year" rather than "number of resolved tickets per day".
I've not had much luck with that option, you need a large megaphone for it in most circumstances.
I've had better luck lately just using contact services to find the personal cellphone and email address of high-ranking employees and contacting them to get escalation.
Most likely the people actually implementing this system did raise potential issues to their supervisors. It's not the implementer that needs more education, it is the people who drive the implementer that needs better education in how to design systems.
But since it probably doesn't affect the bottom-line, it's unlikely to actually happen.
2) What are the users going to do any case? Sue us? Migrate to Microsoft Office 365? The minuscule amount of issues caused on 0.1% users is not going to hit our bottom line and the users cannot damage us.
3) We offer key account manager services for organizations large enough that could cause stir (Spotify size)
If the full DMCA process was implemented, takedowns could be immediately reverted and then the trolls would have to use the court system as intended. Abusive behavior from bad actors could then be addressed.
This is actually a fair point. Thus, this should limit Google’s escape intoany safe harbour. Though still leaves the problem who is going to go after Google for them locking users out from their own files.
A wonderful comedy. I presumed it was American literature, so I had avoided reading it because that isn’t a category that interests me by default, but decided to read it and I had a good laugh. Easy to pick up cheaply second hand.
I don’t really think the book is relevant to this discussion though.
I agree with you and in general the move from owning software to accessing a service has been detrimental for the end user (more costs, more problems, less control).
But the restriction here is most likely just the inability to share (I would guess publicly). I don't believe it prevents you from accessing your file.
> ML enforcing rules is bad enough, not allowing false positives to be corrected is ridiculous.
And potentially illegal. According to Article 22 of the GDPR:
"The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her."
I think that being accused of copyright infringement (and having your free speech rights curtailed) should count as "similarly significant" to a legal effect on someone.
Automated tools that overwhelm these triggers should be deployed. Get everything flagged and force them to put a human in the loop and fix the system. Make it technically impossible to appease the entertainment mafia and batshit regulations.
I think the most likely outcome is much like the services they offer to help with settling airplane ticket compensation. I presume most of them are actually in service of the airplane operators.
Imagine a device that indeed offers to help small time companies in resolving the issues with big tech. The business case will eventually come up to just buy them up and slowly drain their effectivity, while upping the rate tremendously and being able to - if any - strike up the compensation dishes out by big tech. Pardon my cynism but I sometimes look at the airflight industry as the equilibrium of a race to the bottom. With big tech we’re not there yet
I've noticed the same behavior with the recommendation engine from Reddit and Instagram as well. While they don't totally block providing feedback on recommended posts that I'm actually not interested in, the UI flow to submit the feedback is difficult/confusing enough that I've just stopped doing it altogether.
Could this be because retraining whatever model that they've built is difficult/expensive with new feedback?
A benign explaination would be that the feedback feature is really designed as a relief valve for the most frustrated users to feel better. Moderately frustrated users will find it takes too many clicks to provide feedback and just scroll to the next item.
Ironically, it may end up being one of these "tiny" scenarios which finally does Google in.
When trying to illustrate a problem or bug, one of the typically time consuming challenges is reducing the scenario to the minimal case which illustrates the problem. So thank you, @emilyldolson!
Aside from an empty file, you cannot reduce this any further. It brings to light in simple terms that non-techies can understand how absurd the "ML to solve everything" promise is -- and even moreso how wilfully negligent companies are by providing NO human intervention or support when the machines break down.
The fact that Google is scanning your files for "copyright infringement" is bad enough. They have no way of knowing that you don't legitimately own something. Then pair that with this example and if that isn't enough of a deal breaker for using Google drive I don't know what is.
Maybe not "dread", but distrust with a tinge of sadness. It is surprising to see how much their executives are willing to destroy Google's reputation, in search of.. I don't know.. their next bonus and promotion? Seven to eight years ago, I was using probably 30-40 Google products and services. I used to recommend Google products to my friends and family without reservation. But over time, I have whittled down my dependency to Google to maybe 7-9 products/services. With the killing of Legacy GSuite, I'll be migrating to FastMail or something similar, and I'll be down to only a handful of Google products in a few months. I never thought that I would stop using Google Search and Chrome, but DDG and Firefox have been perfectly fine for me for several years now.
That's what happens when a product gets big and you have to start worrying about how terrorists, pedophiles, and mass copyright crime is being committed on the platform. Hosts like Google have been held legally responsible for the content they host and have acted accordingly.
I think dread is a bit over dramatic. I still find utility in Google Maps and GMail. Some products in the Google domain are heading that way but I don't dread Google I treat them as a business with respect to my coupling to them on a case by case basis.
I used to be a Google first, now I am one to look at all options and decide if its worth coupling something else in my life to Google. In many cases its not worth it or even required.
Give it time... There are a lot of people feeling that dread about “gmail” now. Have you seen the recent threads about GSuite Legacy? Small businesses and families suddenly need to cough up hundreds of dollars per year or figure out how to migrate away from a product that originally marketed itself as free forever.
Sure, maybe they will and maybe they won't. Personally, I'll be happy to pay for it and have considered over the last few months a migration plan away to a paid subscription. It's just not on top of my todo list. If Google started asking me to pay, I'd pay because they have provided this service and its pretty darn good if you ask me. How much I'd pay is an open question.
Google Maps may not have progressed to “dread” yet, but it’s solidly at frustration/wariness as a result of its incessant attempts to manipulate me. It used to be just a tool, but it’s become an adversary.
Thanks for sharing but I wasn't really trying to debate whether I do or do not find utility in these. I do and I'm fine using them. I'm also aware of the alternatives, I use Apple maps from time to time, I use DDG on occasion. Neither is of consequence to the premise in my original post.
Not that I agree with it, but here's the FBI view:
"Not only can the violation of intellectual property rights damage the economy, it also poses serious health and safety risks to consumers, and often times, it fuels global organized crime."
Since they went wide with "intellectual property rights" there, the references to health and safety are probably more in the realm of trademark and maybe patent... think counterfeit drugs.
You can probably gin up a copyright example from, I dunno, the DRM system on some medical device or something, though that's obviously not the real focus of their copyright enforcement work.
But drug safety is not an issue of copyright, but of physical control of medications. You don't need to break the copyright of a drug to create and distribute fake medication.
But you might be able to trick more people to buy your fake medication if you put another company's logo on it. I'd hate to think that a country's procedures for stopping copyright infringement are so efficient that they are the optimal route for preventing the distribution of fake medication (even making trademark law pointless), but I must admit that comparing two images is simpler than comparing the composition of two medications. Corporate needs you to find the difference between these two approaches.
Because the FBI might ask your government to enforce US copyright law and your overly enthusiastic leader sends helicopters filled with heavily armed Police officers to raid your house at dawn, perhaps?
That phrase is so disturbingly dystopian that I wonder if anyone at Google ever had that thought upon seeing it. Clearly not its author, but then again, I wonder if the people working there care about anything other than their own luxurious working conditions and the $$$...
I have a pet theory that all of these recent Google bloopers could be explained easily if you start from the assumption that Google internal incentives promote efforts to cut costs such as storage.
"Garbage" docs, inactive email accounts, less search results etc can all be reasonably explained by a desire to not spend money on storage for "low value" data (i.e. data that is unlikely to be accessed in a way that translates to profit for Google). Users, having been trained to rely on free services and the magic of search to summon stuff, have zero incentives to clean up their digital "pollution", and at some point, something's gotta give.
I don't think there's anything specific to Google. I think the chain of events was basically:
1. Storage is expensive, so software designers and users build tools and habits that are parsimonious with it. Programs would store files in carefully designed binary formats to save space because space was expensive. Users would periodically go through directories on our computers and manually delete old stuff. Apps required users to explicitly choose what to save.
2. Storage gets much cheaper.
3. Seeing that, companies like Google and others offer "unlimited storage" by projecting the observed user behavior from (1) onto the storage costs of (2).
4. But now users and app developers change their behavior since the incentive environment is now (3). Camera apps automatically save every photo you take. Phones record higher and higher resolution video. Users stop deleting anything and rely on search to wade through their sea of bits.
5. Companies how have to adapt to the reality of (4).
I don't think there was anything particularly nefarious or shitty on the part of any participant. It's just the nature of big complex iterated systems with emergent properties.
> I don't think there was anything particularly nefarious or shitty on the part of any participant. It's just the nature of big complex iterated systems with emergent properties.
I find it interesting that one can draw some parallels to physical consumerism and its impact of ecology. We don't generally consider buying day-to-day stuff as nefarious either, until we pay attention to the aggregate impact of the entire supply chain machine, and then it's "80% less polinators" this, and "donated clothes landfills" that. The big difference is that Google as an organization can make the call to - and follow through on - telling users directly to back off if users' consumption patterns themselves become a significant enough liability on the sheets.
They don't delete flagged content. I have had stuff be flagged and locked and then a while later it gets unblocked. There are much easier ways to prune inactive accounts than to pretend to copyright flag them.
> explained by a desire to not spend money on storage for "low value" data
I think this "just happens" when you reach a certain scale. For example, I was looking at our reporting at my job the other day and realized for 10k people a day, something wasn't working with our emails. We decided it was a "low priority" because it's "only" 10k people when we send over 30 million emails a day. I'm sure those 10,000 people (a small city's worth!) don't feel that way.
There must be some internet law that states something like "no flippant comment about the absurdities of copyright law is so crazy that a patent troll won't be inspired by it"
Just call google support... oh... wait... right...
I wonder how many ads we need to watch before google implements something even remotely similar to user support? How many billions are enough before we get support?
I know I'm overreacting but I'm getting tired of these articles. We all know that google is messed up (to put it lightly). Some people here don't think that's the case and that's fine. Other people, including me, don't find it surprising at all.
Post something about google killing cute kittens.
I wouldn't be surprised but I would be interested in that story.
A quick note to anyone working to reproduce this: the automated stupidity that caused this is of the same variety that will CANCEL YOUR GOOGLE ACCOUNT without recourse if your stats lean a certain way. Tread carefully.
I remember when it was announced that this was going to be possible and people here on HN were defending Google's decision with comments along the lines of "this is fine, they're not reading your private files, they're just going to stop people that use Google Docs for distributing pirated content"
Pretty weird that Google would be scanning files for copyright infringement in the first place, it's supposed to be a Drive not the enforcement arm of the copyright mafia.
It's not clear from this tweet but usually google drive only cares about shared files. Lots of people have copyrighted content in their private drives but until you make it public, it doesn't get flagged.
To clarify: Google isn't deleting these files. They're just "restricted", which as far as I can tell means they can't be shared publicly. It's triggering the mechanism to prevent people from using Google Drive as a file sharing service for copyrighted works. I think owners can still access their own files just fine.
That said, I agree 100% that you shouldn't rely on a single point of failure for any backup. Data must be in at least two places.
In this case, that is correct. From my (and the project TOS;DR's [0]) interpretation the TOS is still in general worded in such a way that Google can ultimately say, "we feel this shouldn't be here" and remove it.
For the record, that is fine, legally speaking. It just is something that I think we don't keep in mind, until our Gmail login gets locked[1] and our last backup was 6+ months ago.
> If any of your content (1) breaches these terms, service-specific additional terms or policies, (2) violates applicable law, or (3) could harm our users, third parties, or Google, then we reserve the right to take down some or all of that content in accordance with applicable law.
Finally, buried 3 links deep in the Terms[0], we can find a list of some of what Google considers valid under this clause. A lot of it makes sense (clearly illegal things) some of it is subjective ("misleading content"). If you feel comfortable all of your data could never be interpreted by anyone as falling under any of these categories, be my guest, use GDrive.
> If any of your content (1) breaches these terms, service-specific additional terms or policies, (2) violates applicable law, or (3) could harm our users, third parties, or Google
These are definitely reasons, are they not?
For the record, would you please retract your claim that Google reserves the right to delete all data with no reason?
Alright, you are correct that I shouldn't have used the word "explicitly" in the GP comment. That said...
They have clearly shown and given themselves the freedom to remove data for any reason, including no reason, and we have seen it happen[0][1][2][3][4][5]. The point is all cloud providers have left the door open to opaque, subjective policy to do this.
You want explicit black-and-white statements. That isn't going to happen by design. Would you feel more comfortable if a person with the ability to shoot you didn't say, "I reserve the right to shoot you", but rather, "I may, if I find it reasonable under these categories -- where I am the judge, and jury, by the way, and no, you don't get to appeal -- then I will reserve the right to shoot you"?
For the record, I think Google can do whatever the heck they want with the data users choose to upload. I think that Google, if they wanted to, could require users to send a photo of themselves dressed as Snidely Whiplash as a condition of using their service. (And yes, I do think Google is a terrible evil company.)
But... It makes sense that they would reserve this right for themselves, because they of course don't want the legal quagmire they might invite otherwise.
But how clear they are about it doesn't change their actions, and really it ISN'T. THE. POINT.
The point is that data you upload has no guarantee of being there at any given point in the future. And yes, this is true of all providers, even to some degree enterprise ones.
Which is why it is a very, very good idea to set up backup systems that aren't dependent on the decisions of a third-party regarding your data.
We should recognize the salient reality of cloud providers, and operate with the playing field from there. Encrypt your data, make it redundant.
P.S. Let's not forget that this isn't just Google. This is an industry standard. Regardless of your opinion on the legality/morality, it is what is in place: https://edit.tosdr.org/cases/201
Google claimed a copyright violation and did a takedown. That's what DMCA counter-notices are for. They phrased it in other terms, but ask a lawyer if that matters.
It matters for counter notice that they didn't issue a DMCA notice, you can always sue them of course, but since the first action is not under framework of DMCA, you cannot issue a counter notice to what is not a DMCA notice.
The lawsuit is not strong either because their ToS says they can delete your all your data for any and no reason at all.
What Google calls the action is a non-issue. "Wrongful assertion of a copyright violation" is illegal and actionable. It's hard to win on that, but it's been done.[1]
It is hard to say who will win in any case, but yes as you say and is known it would hard to win on those(or other) grounds which is why the case is weak.
Also to note Google/Youtube did not get sued in the case you cited. It was only the company which claimed infringement that got sued and lost.
I am a small business owners. I pay for google one so that all my files are backed up and sync across devices. I also pay for backblaze to backup all my files (Just in the case google screws me).
Is there an alternative for encrypted backup & sync between different computers?
I use Dropbox for almost 10 years and I have been using it well so far!
Dropbox offers great file history and restoration support. One day I deleted files permanently then the team kindly supported my case to restore the files within a day.
I guess the moral of the story is, never do business with a company that doesn't provide a mailing address to which you can mail a turd (at book rate.)
Maybe for those times when copyright infringers try to split an infringing file into separate files containing only one bit, represented as text, to avoid detection. No, I am not serious.
Try testing a file that contains more than a single 1 or 0, such as 01111000.
I wonder if it's a part of some sort of cyberattack. Someone knows that deleting a file, containing a "1" or "0" from target's gdrive will break something they want, so they filed a false DMCA claim.
"Hi Dr. Emily Dolson, thank you for letting us know about this issue! The Drive team is very much aware of this now thanks to all of you we're working on it!"
This seems like a really great case for property based testing and/or fuzzers. Randomly generated output should virtually never flag copyright (and would be rare enough that you could manually assess if it was accurate or not, likely). The core utility of system like this, which puts an enormous amount of leverage in the hands of automated decision making must be robust against things like this.
This is your annual reminder that you don't own your files if they're stored in someone else's computer (also known as "the cloud"). Keep offline backups, legislation has made it very easy to export literally everything from google.
Another example of why it is time to dump google. With google you are the product, not the customer. There are decent alternatives for everything that google offers. It feels really good to do.
Serious I'm upset that google drive can block files that you own, I feel my trust betrayed. We're really moving to an dystopian age where companies can control your personal data.
I wonder: is this a technical issue, or just a practical joke by someone who has managed to convince Google Drive that they have the copyright to files containing only "1"?
Play stupid games, win stupid prizes. Putting your data in a megacorp basket means it'll be treated primarily with consideration towards their legal liability first, other megacorps second, and you third or fourth.
It's true to some extent, but in the file storage space it's not really applicable. There are hundreds of competitors, and I'm not even sure if any file storage providers got bought up by "megacorps".
Not really. I'm using all parts of Google suite together as they are well integrated with every device I have and eachother. I am using Adobe cloud for photos instead of Google photos for example, and even there I quite often feel the difference in integration with the Android operating system.
Adobe software is especially annoying. There are probably five or six adobe launch daemons running in the shadows on my Mac as we speak and it's unclear if when I want to uninstall that their uninstaller will actually purge them all (in my experience, no), or I'm going to have to write a script to collect anything with adobe in the name and rm -rf. Microsoft is bad with this too on Mac at least. I tried killing a microsoft autoupdate daemon and I ended up getting a system notification like three times a day about it until I relented and reinstalled it.
Google drive does support metadata like a description and comments. I wonder if someone posted some copyrighted text in a comment?
Update: Recreated it. Most of them are now flagged. Took about an hour for that to happen. So far, all that have just one byte, being a "1", and also the one that contains "1\n".
The one with "1\r\n" hasn't been flagged. The file names of the flagged files: "one.txt", "onev2.txt", "output04.txt" and "output05.txt".
Screenshots of the email and Google drive: https://imgur.com/a/RHnEJcj (note the little flags on the Google drive view, and the file sizes)
Just added some files with "0" and "0\n", we'll see if "0" is copyrighted :)