Meanwhile, somewhere in French Cyberspace

(((I have very divided feelings about these very divided French initiatives.
On the one hand, I rather admire this bold attempt by a national government
to defend and extend its national interests on the Internet. I don't think
the French are gonna manage this feat, but if they did, at least we'd have another
working model for the organization of society. You could go to France,
and be Charlotte Gainsbourg or something, and people would actually
pay you to make French music. Would that be so bad? Whether one
likes HADOPI or not, at least it's an effort passed by a national parliament
of democratically elected officials (unlike, say, the Great Firewall of China).

(((On the other hand, check out the keen way that the French are also
cyber-arming themselves for the eruption of utter anarchy. Not
HADOPI, but the vastly more sinister LOPPSI. Yup, French
cops sneaking into your laptop. Of course they're in there to hunt
the Four Horsemen of the Infocalypse, mafia, kidporn, terrorists
and the narcotics mob, but, uncoincidentally, the French have
been notorious for decades for state-supported industrial espionage.
You think that when these gendarmes are fully-equipped with
covert French can-openers, they're never gonna look at what
(say) IBM is up to? )))

(((They'll get caught occasionally, Greenpeace Rainbow Warrior style,
but being French, they're not stupid. Whenever they start busting into
other people's computers covertly, they're first gonna disguise themselves
as the Chinese People's Army Ghostnet 1984-style Covert
Botnet From Hell. And why do I know this? Because I was in a fed-sponsored
West Virginia basement doing futurist wargames 15 years ago,
predicting exactly this sinister arc of development?
Well, yes and no. Not quite exactly. The reason I know this
right now is because it's freakin' obvious right now!)))

(((Even Damian McBride knows enough to pull a stunt like disguising
a state-sponsored operation as a nutty blogger scheme!
Political parties become network conspiracies, the cops
become network spooks, armies become spyplane guerrillas,
national industries become offshored production networks,
dissidents become Twittercasting street rebels,
journalists become bloggers, record labels become P2P networks,
and the Republican Party becomes a wholly-owned subsidiary
of Rush Limbaugh. Does this seem like some series of weird accidents
to you? It's the nature of contemporary society. It's the stormy dark
side of the Cloud.)))

(((via the always-valuable EDRI:)))

No sooner has the three strikes law been adopted that the French government
issued CCAPs (special administrative specifications) and CCTPs (special
technical specifications) which were sent by the Ministry of Culture to the
candidate enterprises to put into function the information system of HADOPI.

The call for tenders was sent since the beginning of the year even before
the Hadopi law was adopted, the notification date having been set for 5 June
2009 with a deadline on 1 July 2009 for a first prototype of the graduate
response system. A draft calendar foresees the application of the Hadopi law
in stages starting with 5 June 2009 until 31 March 2010.

In the beginning, Hadopi will send only written recommendations by e-mail at
a rate of about 100 infringing cases per day after which, when the treatment
is completely automatic probably in September 2009, the number of cases will
increase to 1000 per day reaching 10 000 when the prototype is finalised in
2010.

A calendar of actions is left however at the choice of the candidates, the
CCTP mentioning that "the offers will be assessed in terms of the closeness
of the proposed calendar as compared to the target calendar". The ministry
is not concerned with costs or means but only with speed. The candidates
will have a rather difficult task as the beta-test will last only two weeks
before the first warnings and the blocking bugs will have to be corrected in
one day, otherwise they will face sanctions. There is also the result
obligation, the operator taking the responsibility in case of problems and
having to compensate Hadopi in case of delays or malfunctions.

There is no provision for the moment that Hadopi makes sure, before issuing
a warning or a sanction, that illegal downloading has effectively taken
place from the IP address of a suspected Internet subscriber. It appears
that between the IP address collection phase and the warning or sanction
phase there will be a "notarisation and sampling" phase.

The notarisation phase means the "qualification of the data and the
recording of essential elements of the transaction from a trustworthy third
party" meaning the recording of all the elements proving the downloading or
rather making copyrighted material available. "The content, origin,
receiving date, the sender's identification key and the destination of the
file are essential elements" says the CCTP.

Sampling means Hadopi would retain only some of the complaints received in
order to deal mostly with those of higher interest. An algorithmic system
will allow targeting potential recidivists as a priority.

Hadopi does not take into account the presumption of innocence and only
needs to be certain of the reliability of the IP address lists on the basis
of which it would give warnings and sanctions. Hence the provision of
attaching a "chunk" of the file to every submission of a case in court which
would be a material proof of the infringing. However, such a provision
raises practical and economical problems.

The CCAP and CCTP do not precise either the criteria based on which Hadopi
will decide on recidivism in order to send another e-mail, registered letter
or give sanctions. It is only mentioned that a "study of the reiterations
is carried out so as to bring out the following elements for each
subscriber: infringement stage (1st, 2nd, 3rd.); type of actions taken or
sanctions given by the High Authority: time interval between each
infringement; and type of works concerned".

There are also very little details as to what are the means of appeal for
the sanctioned Internet users. It is provided that an appeal can be made by
means of an electronic form or by mail and that the appeal may lead to
informing the ISP of the obligation to re-establish a suspended
subscription. On the other hand, no observations can be brought by a
subscriber before the sanction stage.

For the time being, Hadopi continues to be criticised and contested. On 15
June, a concert evening against the graduate response will take place with
several groups of artists supported by Numerama, co-organised by Réseau des
Pirates and Owni.fr, in partnership with Vendredi Hebdo and International
and supported also by Slate, Agoravox, LePost, Ivox, 22mars, Social Média
Club, j'affiche and ZikNation.

The evening will include the projection on films dealing with Hadopi, the
new models to remunerate artists, the protection of numerical freedoms, a
debate on the topics as well as music moments.

"The problem with HADOPI is triple: it does not bring more money to artists,
it touches the fundamental rights and finally it opens a breach into net
neutrality allowing private interests to get hold of a judge in order to
oblige an access provider to censure part of the net. This law stigmatises
the Net which is however an incredible chance for the music to get renewed.
(...) A new model must be invented and the technological evolution must be
accompanied rather than rowing against it. This is what the public politics
serve for, not to protect an industry where 5 multinationals make a trust of
the entire market and refuse in a single voice to accept the challenge," was
the statement of Flowers From The Man Who Shot Your Cousin / Waterhouse
Records that will participate in the event.

Exclusive: Hadopi will target as a priority the potential recidivists!
(only in French, 20.05.2009)
http://www.numerama.com/magazine/12960-Exclusif-l-Hadopi-ciblera-en-priorite-les-recidivistes-potentiels.html

Exclusive: Hadopi will not collect material evidence... for the moment
(only in French, 27.05.2009)
http://www.numerama.com/magazine/13006-Exclusif-l-Hadopi-ne-collectera-pas-de-preuve-materielle-pour-l-instant.html

Concert-Evening "Hadopi has killed me" Monday 15 June in Paris (only in
French, 26.05.2009)
http://www.numerama.com/magazine/12998-Soiree-Concert-Hadopi-m-a-Tuer-le-lundi-15-juin-a-Paris.html

On 27 May 2009, the law on orientation and programming for the performance
of the domestic security (Loppsi) was presented by Michèle Alliot-Marie to
the French Council of Ministers.

The law will give the French police the possibility to physically or
remotely install spying software to listen to electronic communications and
introduces the Internet filtering by administrative decision.

According to the text, the Criminal Investigation Police will be allowed to
place on a suspect's computer a sort of internal or external USB key which
will send data to the computers of the authorities. The police may also
remotely install Trojans which will give access to all the data in a
computer in real time.

The police will be allowed to make use of these tools only in "the most
severe cases" which however include "support given to the illegal entry and
residence of a foreigner". Under the control of an examining magistrate
(juge d'instruction), the investigating authority will have to justify the
use of the technique by declaring the infringement investigated, the place
where the investigation will take place and its duration. The spyware can be
installed for a four-month period that can be renewed once.

The examining magistrate's control would be a positive thing as the
examining magistrates are independent from the Ministry of Justice and are
free to take decisions, in terms of the gravity of the investigation.
However, if the justice reform project of the French Government comes into
being, the examining magistrates will disappear which means that the
responsibility to authorize spyware will come to the prosecutor of the
Republic.

The law also obliges ISPs to block access, "without delay", to sites
included on a list drafted under the authority of the Ministry of Internal
Affairs. The list will not be made public and therefore it will be
impossible to contest and this will create the risk of abuses.

In order to prevent contestations, for the beginning, the law will target
the paedophilic contents with the declared purpose to "protect the Internet
users from child pornography images". The operators will have to introduce
in their network software that will stop any connection to sites having a
pedophile character that will be listed by the police. The French Government
will always be able to extend the target by a simple decree.

The text also stipulates severe sanctions for the ISPs that do not observe
the law providing a fine up to 75 000 euro and a year of imprisonment.

Loppsi : the sneaks under the authority of an endangered judge (only in
French, 25.05.2009)
http://www.numerama.com/magazine/12976-Loppsi-les-mouchards-sous-l-autorite-d-un-juge-en-voie-de-disparition.html

Loppsi wants to "protect the Internet users" by filtering (only in
French, 27.05.2009)
http://www.numerama.com/magazine/13010-La-Loppsi-veut-proteger-les-internautes-avec-le-filtrage.html

The police will be able to pirate the computers of the yobs (only in French,
25.05.2009)
http://www.lefigaro.fr/actualite-france/2009/05/24/01016-20090524ARTFIG00098-la-police-va-pouvoir-pirater-les-ordinateurs-des-voyous-.php

Loppsi: ISPs will have to "block access without delay" (MAJ) (only in
French, 27.05.2009)
http://www.numerama.com/magazine/13004-Loppsi-les-FAI-devront-empecher-l-acces-sans-delai-MAJ.html

Loppsi presented this Wednesday in the Council of Ministers (MAJ) (only in
French, 27.05.2009)
http://www.numerama.com/magazine/13002-La-Loppsi-presentee-ce-mercredi-en-conseil-des-ministres.html

Draft law on the orientation and programming for the performance of the
domestic security
http://static.pcinpact.com/pdf/Loppsi_projet_loi.pdf

Decrypting: Sarkozy and his work of controlling the Internet (only in
French, 20.05.2009)
http://www.numerama.com/magazine/12948-Decryptage-Sarkozy-et-son-oeuvre-de-controle-du-net.html