[Plura-list] Sterilizer company vs Right to Repair; Intro to cybersecurity; This is the EU's interoperability moment

Cory Doctorow doctorow at craphound.com
Thu Jun 18 10:55:47 EDT 2020


Today's links

* Sterilizer company vs Right to Repair: Steris wants Ifixit to stop
distributing repair manuals.

* Intro to cybersecurity: The Open University's MOOC.

* This is the EU's interoperability moment: The Digital Services Act
could challenge Big Tech -- but will it?

* This day in history: 2010, 2015, 2019

* Colophon: Recent publications, upcoming appearances, current writing
projects, current reading

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

🧙🏿‍♂️ Sterilizer company vs Right to Repair

When a once-in-a-century public health emergency strikes, some people
leap to help. Others leap to sue.

Ifixit published maintenance manuals for medical equipment. Steris
Corporation threatened to sue them for it.

https://www.vice.com/en_us/article/akze8j/a-medical-device-maker-threatens-ifixit-over-ventilator-repair-project

The Right to Repair movement has been around for a long time, but it
only went mainstream when farmers joined, insisting on the right to fix
the agricultural machines they depend on.

It's only natural that farmers would demand the right to fix their
equipment: they are isolated, far from authorized technicians and parts
warehouses, and they have urgent, time-bound needs.

When the hailstorm is coming and the crops need to be harvested, you
can't wait for John Deere to send out a technician to type an unlock
code that blesses your tractor repair - you have to bring in the crop NOW.

Hospitals have always lived a version of this - higher stakes, but lower
urgency, at least for hospitals that are in major cities, close to
authorized technicians and parts suppliers. Nevertheless, hospitals have
ALSO always done their own repairs, quietly, as needed.

Hospital technicians have gathered unauthorized scans of repair manuals
and traded them through backchannels, or relying on a brave Tasmanian
repair-tech whose personal site hosted many of these manuals.

At the start of the pandemic, Ifixit decided fix this.

They put out the call for medtechs to share their hoarded manuals, and
created a searchable, indexed repository for them, something you could
navigate quickly and efficiently during a crisis when lives were on the
line.

https://pluralistic.net/2020/05/20/oil-in-the-cloud/#ifixit

State treasurers started to demand that medtech companies hand over
their manuals so that hospitals could maintain vital equipment with as
few impediments as possible:

https://pluralistic.net/2020/04/15/invigilation/#loz-im-gain

It was all going so well. A fucking Smurfs Family Christmas miracle.

And then Steris threatened its lawsuit.

And EFF fired back:

https://www.eff.org/deeplinks/2020/06/medical-device-repair-again-threatened-copyright-claims

"As we explained in our letter back to Steris, iFixit is protected by
the safe harbor of the Digital Millennium Copyright Act when it hosts
user-provided content, and the Medical Device Repair Database is making
fair use of the repair materials hosted there."

The Constitution establishes a purpose for copyright: "To promote the
useful arts and sciences." Is there anyone who, with a straight face,
can claim that denying hospitals the ability to fix their sterlizers
during a pandemic accomplishes either of those goals?

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

🧙🏿‍♂️ Intro to cybersecurity

The Open University's "Introduction to Cybersecurity" is a free,
massively open online course that covers a wide range of infosec
subjects in a way that's both accessible and rigorous.

https://www.futurelearn.com/courses/introduction-to-cyber-security

I'm a Visiting Professor in OU's computer science department, and I was
honoured to serve as the introducer and host for the course.

It's free to take, or $79 if you want the exams that entitle you to
accreditation from a wide variety of institutions, including IISP.

"The course does not assume any prior knowledge of computer security and
can be enjoyed by anyone interested in improving the security of their
digital information."

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

🧙🏿‍♂️ This is the EU's interoperability moment

20 years ago, the EU adopted the E-Commerce Directive, laying the
groundwork for the regulation of tech in Europe. Today, the body is
codifying its Digital Services Act, the biggest update to those policies
in a generation.

Writing in EFF's Deeplinks blog, my colleagues Christoph Schmon and Svea
Windwehr describe how the EU could seize this opportunity to promote
#Interoperability, where new services can plug into the existing,
dominant platforms.

https://www.eff.org/deeplinks/2020/06/our-eu-policy-principles-interoperability

This allows users to gracefully transition from dominant companies to
new entrants - for example, by leaving Facebook for a more
privacy-respecting alternative, but still being able to see the messages
your friends are posting to your FB groups and reply to them.

It's critical that the EU get this right! Recent EU initiatives have
gone the other way, from the Copyright Directive to the Terror
Regulation to Germany's NetzDG and France's Avia Bill.

These all strengthened Big Tech's position and gave them an excuse to
block interop: "How can we prevent terrorism (or copyright infringement,
or whatever) if our rivals can simply plug into our services?"

In a major new paper, EFF sets out six principles for interoperability
that should be included in any update to EU internet regulation.

https://www.eff.org/deeplinks/2020/06/our-eu-policy-principles-interoperability

"Principle 1: General Interoperability Obligations"

Fix the "data portability" rules to cut out the "where technically
feasible" loophole; and expand portability to true interop, to mandate
continuous, ongoing communications between services.

"Principle 2: Delegability"

Oblige big platforms to allow "competing third parties to act on users’
behalf" - "if you don’t like Facebook's moderation you should be able to
delegate that to another organization, like a non-profit specializing in
community based moderation."

"Principle 3: Limit Commercial Use of Data"

"Any data made available through interoperability should not be
available for general commercial use....It  should only be used for
maintaining interoperability,  safeguarding users’ privacy, or ensuring
data security."

"Principle 4: Privacy"

Require privacy by design, data minimization and privacy by default,
with "easy-to-use interfaces through which users can give their explicit
consent regarding any use of their data (as well as revoke that consent
at any time)."

"Principle 5: Security"

Interop should always center user security. "If intermediaries have to
suspend interop to fix security issues, they should not exploit such
situations to break interop but rather communicate transparently,
resolve the problem, and reinstate interop."

"Principle 6: Documentation and Non-Discrimination"

"Interfaces shouldn't discriminate between different competitors and
shouldn't come with strenuous obligations or content restrictions.
Interfaces, such as APIs, must be easy to find, well-documented, and
transparent."

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

🧙🏿‍♂️ This day in history

#10yrsago HTTPS Everywhere: Firefox plugin that switches on crypto
whenever it's available
https://www.eff.org/deeplinks/2010/06/encrypt-web-https-everywhere-firefox-extension

#5yrsago FCC fines AT&T; $100M for throttling "unlimited" customers
https://www.washingtonpost.com/news/the-switch/wp/2015/06/17/att-just-got-hit-with-a-100-million-fine-after-slowing-down-its-unlimited-data/

#5yrsago Privacy activists mass-quit U.S. government committee on facial
recognition privacy
https://theintercept.com/2015/06/16/privacy-advocates-resign-protest-u-s-facial-recognition-code-conduct-2/

#5yrsago Europe, China, India & US comfortably fit into Africa's
landmass
https://www.scientificamerican.com/article/africa-dwarfs-china-europe-and-the-u-s/

#1yrago Karl Schroeder's "Stealing Worlds": visionary science fiction of
a way through the climate and inequality crises
https://boingboing.net/2019/06/18/computing-the-climate.html

#1yrago CEO of London's Serpentine Gallery resigns after Guardian report
https://www.nytimes.com/2019/06/18/arts/design/serpentine-galleries-ceo-resigns.html

#1yrago Berlin Senate approves five-year, citywide rent freeze
https://www.bbc.com/news/world-europe-48677393

#1yrago Vast majority of truck-driving jobs are not under threat from
automation https://journals.sagepub.com/doi/10.1177/0019793919858079

#1yrago Catherynne Valente schools her racist neighbors about the asylum
seekers in their midst
https://boingboing.net/2019/06/18/nextdoor-is-terrible.html

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

🧙🏿‍♂️ Colophon

Today's top sources:

Currently writing:

* My next novel, "The Lost Cause," a post-GND novel about truth and
reconciliation. Yesterday's progress: 515 words (28650 total).

* A short story, "Making Hay," for MIT Tech Review. Yesterday's
progress: 303 words (1599 total)

Currently reading: Adventures of a Dwergish Girl, Daniel Pinkwater

Latest podcast: Part 6 of "Someone Comes to Town, Someone Leaves Town"
https://craphound.com/podcast/2020/06/14/someone-comes-to-town-someone-leaves-town-part-06/

Upcoming appearances:

* In Conversation with Hank Green, Jul 10,
https://www.magersandquinn.com/product_info?isbn_id=26578312&products;_id=163359157

Upcoming books: "Poesy the Monster Slayer" (Jul 2020), a picture book
about monsters, bedtime, gender, and kicking ass. Pre-order here:
https://us.macmillan.com/books/9781626723627. Get a personalized, signed
copy here:
https://www.darkdel.com/store/p1562/_Poesy_the_Monster_Slayer.html.

"Attack Surface": The third Little Brother book, Oct 20, 2020.
https://us.macmillan.com/books/9781250757531

"Little Brother/Homeland": A reissue omnibus edition with a new
introduction by Edward Snowden:
https://us.macmillan.com/books/9781250774583; personalized/signed copies
here:
https://www.darkdel.com/store/p1750/July%3A__Little_Brother_%26_Homeland.html

This work licensed under a Creative Commons Attribution 4.0 license.
That means you can use it any way you like, including commerically,
provided that you attribute it to me, Cory Doctorow, and include a link
to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are
included either under a limitation or exception to copyright, or on the
basis of a separate license. Please exercise caution.

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

🧙🏿‍♂️ How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/web/accounts/303320

Twitter (mass-scale, unrestricted, third-party surveillance and
advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

*When life gives you SARS, you make sarsaparilla* -Joey "Accordion Guy"
DeVilla

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://mail.flarn.com/pipermail/plura-list/attachments/20200618/3adf950c/attachment.sig>


More information about the Plura-list mailing list