Google wrestles with the generative trade-off. Security experts have found another set of malicious apps in the Android Market and discovered that Google Docs regularly hosts phishing sites.

Falun Gong sues Cisco for facilitating official Chinese repression. Members of Falun Gong have sued tech giant Cisco in a U.S. court, alleging that the company customized its technology to meet government tracking and censorship needs and helped design China’s Golden Shield, the country’s infamous online censorship and surveillance firewall. The group also claims that Cisco marketed its technology as a tool to target government dissidents.

Hargreaves Review published. The review evaluates the fitness of the UK’s intellectual property regime for an internet age. It finds that IP laws put in place several hundred years ago are now stifling modern innovation and goes on to make ten specific recommendations for IP law reform to correct the problem. These recommendations include approaches to clearing patent thickets; dealing with orphan works; and transitioning to evidence-based, rather than lobby-based, IP policy; as well as rejection of a US-like fair use limitation.

Facebook users benefit from a Web of Trust. Clicking a link on your Facebook page that the crowdsourced Web of Trust service has identified as spammy or malicious will now bring up a warning that you may want to avoid the suspect site (and also check out Wikipedia entries on malware and phishing).

iFlowReader closes. Independent iOS e-book retailer iFlowReader shut down at the end of May. According to the company, Apple’s new e-book seller rules made it impossible to turn a profit. (The rules require sellers to give Apple a 30% cut of sales while at the same time limiting the seller to only a 30% commission, so the seller gets the commission from the publisher but then owes it all to Apple.) Company execs expressed frustration that, in their view, Apple maintained complete control over its platform and felt free to change the rules on developers, even after they, relying on the old rules, had been induced to make significant investments.

TiVo and EchoStar settle. The case involving a judicial order to EchoStar to send a remote signal disabling its customers’ DVRs ended in a whimper last month when the parties settled after the Federal Circuit held that EchoStar had waived its arguments that the disablement provision was vague and overbroad. EchoStar had asserted that it legally should not have been forced to disable the DVR boxes because it implemented a design-around instead so that the boxes no longer infringed TiVo’s patents. But the court didn’t reach the merits of this argument, since it held that the time to raise such issues was before the district court found EchoStar in contempt. So while we know that the Federal Circuit doesn’t have a problem with trial courts issuing a disablement provision to remedy patent infringement, we still don’t know whether the infringing party could avoid disabling its users’ products by pushing an update that replaced the infringing technology with a non-infringing alternative.

—Jennifer Halbleib

There are certainly reasons why this feature is worrisome. Uniflow blocks transmission of documents that use specific words, in effect selectively censoring the content of existing documents. In addition to preventing dissemination, Uniflow notifies an administrator, forwards the document at issue, and exposes the infringing employee’s identity. These procedures give an employer all the evidence it needs to hold the employee responsible for illicit transmission. Finally, the power imbalance in an employer-employee relationship likely will make the employee overly cautious, in particular if her employer does not disclose the magic keywords that trigger Uniflow’s alarm. In order to make sure she avoids disseminating sensitive documents, she may hesitate even when sending files she believes can be shared, because the cost to her if she is mistaken is too high to warrant the risk.

Nevertheless, I can also see Uniflow as an extension of employer email monitoring. Most employers have explicit technology policies that give employees notice that their work email belongs to the employer, who may monitor its contents. Therefore, workers don’t have an expectation of privacy in their messages. If employers have a similar disclosure for company documents, Uniflow is simply the mechanism used for such monitoring. While keyword automation can lead to more extensive surveillance by decreasing the time and expense required to keep a close eye on employees, an employer often has good reason to control the dissemination of its sensitive documents. For example, employers should be able to regulate client information, legal advice, and intellectual property to protect against liability or loss of company assets. The documents do, after all, belong to the company. Can preventing circulation of its own speech really be labeled “censorship”? And Uniflow prevents only routine office transmission. A whistleblower, for example, can circumvent the security measure by taking pictures of relevant documents with his smartphone. So while Uniflow instinctively makes me uncomfortable, in general, I don’t think its use will lead to untenable outcomes, at least in the workplace. (Use by governments, on the other hand, presents another question — as does government email surveillance.)

Instead, increasingly pervasive distributed surveillance is of greater concern. An employee knows that Uniflow is watching and can either print only documents she knows are keyword-free or avoid scrutiny by not using Canon machines if she thinks she is printing documents with prohibited keywords. In addition, she knows how her employer will use any information that it collects about her copying habits. But individuals often have no control over or even awareness of the personal information distributed observers digitally collect and publicize online. And once it is in the public sphere, they have no control over its use or further dissemination across the Internet. In addition to spreading information online, technology also facilitates sweeping data capture at both endpoints: collecting data to put online and collecting data from online sources. At one end surveillance casts a broad net; on the other it pans for gold.

In the employment context, consider an employee who called in sick to go to a World Series game. MLB photographed the face of every fan at the game and posted the panoramic composite image online (wide net), supported by Facebook Connect. A new app that runs on Facebook allows users to find photos of themselves and their friends and tag them automatically, so our hapless fan may be outed if one of his friends runs the software and his employer monitors — directly or indirectly — social media sites (gold).

The EU is currently grappling with this issue. It is drafting legislation that would give its citizens a right to remove personal data from websites. But in addition to difficulties enforcing EU law across an international Internet, the DMCA tack hasn’t proven a particularly acclaimed copyright protection. While sites might be sympathetic to personal information takedown notices, identifying and contacting the totality of sites that have the data could be problematic. In the book, JZ proposes an alternative approach:  engaging the Internet to disseminate the cure along with the disease by attaching metadata to personal information. Tagging personal information with the individual’s request that his data not be posted publicly or copied or searchable (for example) attenuates its spread. In fact, Facebook implemented such an approach with its facial recognition tool. Automatic tagging includes not only the person’s name but also the photo preferences he has set up on his Facebook account. So truant employees can control the dissemination of their photos after all. Sometimes you don’t need mystery keywords or a centralized security system. All you have to do is ask.

—Jennifer Halbleib

Addressing the zombie invasion. U.S. officials are evaluating an Australian plan that targets the botnet epidemic. In particular, the American government is eying provisions that allow an ISP to notify customers with infected computers — since botnets typically run in the background of a user’s own applications, often the consumer is unaware that her PC has been taken over — and perhaps even quarantine maliciously co-opted machines by limiting online access. As the FOI book echoed in 2008, such a program increases security without resorting to perfect enforcement and may also encourage ISPs to provide consumers with tools to disinfect their computers, either as part of the service plan or for an additional fee.

iOS developer guidelines relaxed enough for torrent apps? Last week Apple approved its first BitTorrent app. But it turns out that Apple didn’t intend to allow torrent apps. Instead, the developer avoided the term “torrent client” in the app description, temporarily evading rejection. When Apple became aware of the app’s capabilities, it removed the app from the App Store.

Android apps share information. A Duke-Penn State-Intel study using the new TaintDroid tool revealed that half of thirty randomly selected popular Android apps send personal information such as location or phone number to ad networks, sometimes with surprising frequency. When an Android owner downloads an app, he or she has to give permission for the app to collect personal information. But from that sole initial disclosure it’s usually not clear when information will be accessed and how it will be used. Privacy policies are often unintelligible. Hopefully utilities like TaintDroid will soon be available in downloadable form to allow Android (and iPhone) owners to monitor in real time what information their apps are accessing.

Italy demands that Apple remove an offensive app from the App Store. Child pornography? No. Graphic violence? Not so much. Italy is upset that a travel app characterizes the country as the home of the Mafia (also of pizza and scooters). Since Italy knows Apple can remove the app, it may feel entitled to demand that the company do so whenever Italians’ dignity is the least bit bruised. In a walled garden, the country of Da Vinci need not cultivate perspective.

RIM jumps on the anti-fart app bandwagon. RIM takes the position that apps that keep users coming back and convince them to purchase upgrades or additional content are more valuable to RIM and developers than fart apps. But should the value of an app be determined ex ante by device-makers or set by user behavior? Good search and rating systems seem like a better way to run an efficient app store — one that allows both apps that provide “ongoing entertainment value” and inexpensive, one-off apps that may serve important, if temporary, functions. (Ever unexpectedly have to entertain a child for an afternoon?) Still, nice of CompuServeRIM to tell us what we want. Because listening to users and developers isn’t a plan that’s going to work.

Can a wireless provider block texts it doesn’t like? New York federal court was presented with that question in a case where T-Mobile blocked all texts from a texting service because one of the service’s clients provided information via text on legal marijuana dispensaries in California. Under the recently proposed Google-Verizon net neutrality principles (analyzed here), a wireless company would have latitude to discriminate based on the sender, recipient, or content of the message as long as its practice is transparent. But it’s hard to see how the discrimination in this case is required because of the “unique technical and operational characteristics of wireless networks.” We’ll have to wait to see how courts address the issue as the parties have settled the case. Although the full terms of the agreement weren’t disclosed, it “requires T-Mobile to stop blocking the New York-based EZ Texting service’s thousands of clients, if they meet T-Mobile’s approval. The medical-marijuana info service, which used texts to tell its users where the nearest medical-marijuana store was, remains blocked.” (emphasis added).

The future of HR. Social Intelligence will help potential employers determine whether you are a good hire and monitor you (with real-time updates) when you’re on the payroll by trolling your public social network profiles. “[C]ompany spokespeople emphasize liability. What happens if one of your employees freaks out, comes to work and starts threatening coworkers with a samurai sword? You’ll be held responsible because all of the signs of such behavior were clear for all to see on public Facebook pages. That’s why you should scan every prospective hire and run continued scans on every existing employee.”

iPhone expression that’s more than skin deep. Children and adults with disabilities affecting speech are converting their iPhones to alternative communication devices. Smartphone apps that are mobile, easy to use, and even cool give a voice to autistic kids and stroke victims alike.

—Jennifer Halbleib

Communicating with the e-book mothership. If the latest must-read on Kindle is dotted with typos or has a few pages missing, there’s a good chance Amazon offers a patch to correct the error. It’s a handy Internet-enabled functionality, although one can imagine at the extreme authors continuing to update their work ad infinitum, making it impossible for a reader to say he or she has read an e-book since content is always subject to change. Information flows in the other direction on the Kindle superhighway too, as Amazon apparently keeps track of what readers are highlighting. There’s some creep factor in Amazon knowing what ideas Kindle readers think are important, even if the most highlighted passages are in works as deep as The Lost Symbol. But the information is also so interesting.

The remote control. In April, Sony quietly revised the End User License Agreement that came with the latest PS3 firmware update to allow the company to change how an owner’s console operates in whatever way it wants, no notice or permission required. Now the FCC, at the request of the MPAA, has given cable and satellite providers the right to remotely disable output connections on consumers’ set-top boxes, leading consumers to ask “What did I buy?”

Curated Computing is the new name in town for the experience provided by the tablet non-PC. This particular term is meant to accentuate the “less choice, more relevance” aspects of that experience. It rolls off the tongue more smoothly than “contingently generative” and sounds less regressive than an “appliance,” but it connotes somewhat life aboard the Axiom. However, its proponents suggest that curated computing devices are meant to exist alongside and supplement traditional PCs. Let’s call that a worthy goal and the best of both worlds.

iPhone pillow talk with Steve Jobs. A ValleyWag reporter last week exchanged late-night emails with a defiant Steve Jobs on the iPhone’s ability to give people “freedom from” data theft, battery hogs, and porn. The emails speak for themselves, giving a little insight into Jobs’ perspective on the benefits and aims of the iPhone. He gets a little snarky at the end, but then again it’s 2am when he’s responding, and he never has a chance to clarify his comments, unlike the Gawker reporter.

Android outsells iPhone. During the first quarter of 2010, phones with the Android OS grabbed 28% of the U.S. market share, surpassing iPhone’s 21% (RIM’s Blackberry is still at the top with 36%).  Although Android benefited from Verizon’s buy-one-phone-get-one-free promotion and iPhone continues to lead worldwide, it appears Google is getting closer in Apple’s rearview mirror.

McAfee prevents computers from booting up in new virus-protection strategy. Centralizing security software in a few big providers concentrates expertise to solve problems, while also meaning that there are only a few–albeit strong–security systems the bad guys need to breach in order to wreak widespread havoc.  But in a previously under-appreciated risk, a flawed update of widely-used antivirus software can cut out the middleman and accomplish the same havoc directly.  A McAfee software update mistakenly identified a critical file as a virus and quarantined it, causing computers around the world, many of which automatically install updates, to repeatedly attempt to boot up.  One source estimated that 800,000 PCs were affected.

Taking [re-]generativity seriously. A Connecticut mayor donated her kidney to a Facebook friend last month after seeing his desperate status update.  The patient’s doctor had suggested that he try publicizing his need through social media, using an online connection to a forge a real-world bond.

Mike Petrucci’s AppMakr Saga. Mike Petrucci decided to use AppMakr to put together an app aggregating his Twitter, blog, etc, feeds…only to have Apple reject it because it wasn’t of general interest. That’s a big difference between iPhone apps and, say, web apps (blogger has definitely never rejected someone for being of limited interest). It’ll be interesting to see what line Apple decides to take on this, and how AppMakr and similar companies push them.

Apple orders Android mention scrubbed from App Store. Speaking of Apple…they order a developer to take “Finalist in Google Android’s Developer’s Challenge!” out of the description of its app. Just silly.

In Europe, Challenges for Google. Much attention has been paid to Google’s business in China, but Europe (particularly Italy) poses difficulties, too—different copyright laws, different privacies laws, and different free speech traditions.

Google Buzz Privacy Issues Have Real Life Implications. However, Google has more pressing privacy concerns to worry about this week, with the rollout and reaction to Google Buzz. Google generally does just fine releasing a half-baked product and cleaning up the details later, but that’s a terrible idea when the rollout includes auto-sharing previously private information. It’s disturbing that this concern made it past however many rounds of internal testing Google did.

—Elisabeth Oppenheimer

Amazon Cracks Open the Kindle. Amazon is opening the Kindle to outside developers who can market their products in what sounds exactly like an App Store, down to the 70-30 revenue split and and light policing of apps. (One difference is that developers have to pay for wireless delivery.) It’s seeming like this is *the* model for the next few years. Speaking of which…

Computers Should Be More Like Toasters. The sale of the Apple Tablet could mark an important moment for generativity. Computers have been shrinking and phones have been growing—but the critical difference has been that anyone could still code for a computer, until now. The Tablet looks more like a computer than a phone, but will Apple will prescreen apps they way it does for the iPhone? Farhad Manjoo thinks that would be a good thing, but there are clear generativity costs.

The Splinternet means the end of the Web’s golden age. Josh Bernoff points out that, as we switch to appliancized computers and smart devices instead of PCs, the web becomes a “splinternet.” Websites show up and operate differently on each device. He thinks about how to handle this from a business and marketing perspective, advising: “Here’s what not to do: panic and try to unify things again. The shattering cannot be undone.”

Technology Changes “Outstrip” Netbooks. Meanwhile, the BBC considers the convergence among netbooks, smartphones, and tablet notebooks, and who the short- and long-term winners are likely to be.

Apple censors Dalai Lama iPhone Apps in China. An interesting look at how censorship works on iPhones in China. (The story was written pre-Google announcement, so some portions are out of date.) Apple, complying with local law, appears to be removing apps related to the Dalai Lama in the Chinese App Store, and a search for Falun Gong apps freezes the search page. On the other hand, it’s possible to access YouTube through an iPhone app, which isn’t always possible on a PC.

And in the crystal ball dep’t — from JZ’s book:

Imagine entering a café in Paris with one’s personal digital assistant or mobile phone, and being able to query: “Is there anyone on my buddy list within 100 yards? Are any of the ten closest friends of my ten closest friends within 100 yards?” Although this may sound fanciful, it could quickly become mainstream. With reputation systems already advising us on what to buy, why not have them also help us make the first cut on whom to meet, to date, to befriend? These are not difficult services to offer, and there are precursors today.

As usual, there’s an app for that… the “datecheck” app allows you to enter a name, phone number, or email address, and get information on your date. The categories are “sleaze detector” (check of criminal convictions & sex offenses), “$$$” (home ownership, etc), “interests” (gleaned from social networks), “living situation” (who they live with), and “compatibility”—although unfortunately, the “compatibility” check is still just a check of astrological signs. Now all they need is friends’ feedback rankings.

—By Elisabeth Oppenheimer

That’s it.  Its presence on a poster advertising the OpenNet Initiative’s academic book Access Controlled was enough to deem it prohibited by UN security forces at the Internet Governance Forum, who are shown in these videos removing the poster from the room over the objections of OpenNet colleagues Ron Deibert and Rafal Rohozinski.  Computerworld has a writeup here.

As Ron says: “If we cannot discuss topics about Internet censorship and surveillance policy at a forum about Internet governance then what is the point of something like the IGF?”