Patent Imperium

'The US, China and the G-77 in the Era of Responsive Patentability' (Queen Mary School of Law Legal Studies Research Paper No. 105/2012) by Peter Drahos notes that

China is building capacity to grant, use and enforce patents. Its interests in the patent system are different to many G77 countries. The paper considers three questions. Can China make the patent system work for it? If so, how will the US respond? What should the weaker members of the G77 do in light of the fact that the leaders of the G77 are no longer interested in dealing with the structural disadvantages that the patent system perpetuates?

Drahos is always worth reading, irrespective of whether you agree with him. He comments that -

As an institution the patent system has spread its wings and flown from the European countries of its origin to the four quarters of the globe. Contrary to what genuine neo- liberals such as von Hayek might have hoped, a highly regulatory and interventionist system has flourished, even through the decades of deregulatory zeal inspired by Reagan and Thatcher. In fact the 1980s was one of the best decades for the patent system since it was the decade in which the Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) was forged, an agreement made binding on all members of the World Trade Organization.

The patent system still has its critics, but they are largely confined to university corridors of the powerless. As this paper will show, the developing states such as Brazil and India that led the charge against the system have in practice converted to using the system. Today’s developing states still mount objections to the patent system, but these seem to operate more at the level of rhetorical negotiating strategies than at the level of regulatory praxis. The bold experimentalism of the nineteenth century with the patent system has gone, to be replaced by an acceptance of the system and narcoleptic discussions over matters such as the right level of inventive step, the merits of post-grant opposition and the scope of an experimental use defence. Whatever the fate of Pax Americana this century, the patent system appears to be a globally entrenched system of rules by which all those who would be kings in the global economy will have to play.

If the claim that the lead developing countries have largely abandoned any significant opposition to the patent system is right then it does raise other questions. How will developing country powers such as China and India make the patent system work for them? The patent system, it needs to be remembered, is the visible boot of monopoly in the competitive market. It is generally inadvisable for governments to sit back and let these patent boots march through their economies without some restrictions. The patent system like the tax system demands constant monitoring and adjustment. Another question is what might happen if China, in particular, is too successful in making the patent system work? What if China is able to obtain patent ownership of many more lucrative technologies than it currently has and is able to extract much more in the way of patent rents from the global economy?

A third issue faces developing countries that have very little prospect of being able to make gains from the system. The Group of 77 (G-77) countries, which was formed in 1964 and now has a membership of 131, has many of the poorest countries of the world as members. Fidel Castro in a speech at a G-77 Summit in Havana in 2000 claimed that developed countries “control 97% of the patents the world over and receive over 90% of the international licenses' rights”. He went on to observe that the “new medications, the best seeds and, in general, the best technologies have become commodities whose prices only the rich countries can afford.” Castro finished with a strong appeal for unity and cooperation amongst the G-77. A politician of his longevity and survival skills must have known that something like an inverse unity rule applies in political life - the stronger the appeal for unity by a politician the less actual unity is present. And so it is in the case of the G-77 and patents. Brazil and India have for all practical purposes abandoned their historical leadership of the G-77 in fighting the neo-regulatory expansion of monopoly privileges in the world trading order. Of course Brazil and India’s eloquent diplomats do not announce this in Geneva meetings. They keep up the rhetoric about the injustice of the system, the need for technology transfer, their exclusion from scientific knowledge etc., etc., etc. But these countries have, as the next section will show, joined the ranks of the patent faithful. What then should the weaker members of the G-77 do when it comes fighting the kinds of price and access problems mentioned by Castro? In a world of isolated bilateral trade dealing the answer is far from obvious.

Summing up, the paper argues that the leaders of the G-77 have abandoned their attempts at deep reform of the patent system to meet the development objectives of all G-77 countries. The next section briefly describes the rise and rise of responsive patentability and the high water mark of opposition to it by developing countries and their subsequent surrender. This in turn raises three questions to each of which the paper sketches an answer. Can China, which has probably has the best chance, make the system work for it? If China can do so, what is likely to be the response of the US? What should the weaker members of the G-77 do in light of the fact that the leaders of the G-77 are no longer interested in dealing with the structural disadvantages the system perpetuates?

After an incisive analysis of potential developments in Sino-US relationships he concludes that -

The structural role of the patent system in making knowledge a scarce resource so that the rich can get richer will from time to time come in for some angry denunciation and some economists will from time to time repeat the not-so-startling conclusion that global monopoly privileges are globally inefficient. However, the patent system, like the poor, will stay with us. Political elites everywhere have become convinced that this winner-take-all system best serves their techno-nationalist and wealth-maximizing ambitions. That is true of elites in China as much as it is elites in the US. China’s market socialism may yet evolve into a close variant of US knowledge monopoly capitalism. This ending to China’s development story would not surprise readers of Animal Farm.

In the face of this kind of consensus about the virtues of the patent system there is not much that poor countries can do. An individual country can perhaps pray that an alms- giving network coalesces around its problem rather than that of its neighbour.

The evidence suggests that China has well and truly embraced the patent system as part of its development journey. The same can be said of Brazil and India. These leaders of the G-77 can no longer be said to represent the interests of poorer members of the G-77 when it comes to dealing with the problem of global knowledge monopolies in the world trading order. Charity networks are evolving to ameliorate some of the effects of this trading order for some countries.

China is making the kind of investments in R&D funding and the development of scientific human capital that are needed to make the patent system perform its function of wealth maximization. China’s rapid build up of a patent bureaucracy appears to be part of a strategy to fast track the experience of its enterprises in working in patent intense business environments. Whether encouraging the saturation of its domestic market with patents will produce the desired selection effects is an open question. No other country has, to borrow Den Xiaoping’s metaphor, crossed the stream in this way. If it works we can expect that some time this century Pax Sinica will chug past Pax Americana on the back of global technology monopolies. The US will, in forging a response, draw heavily on antitrust principles and remedies, much as it did in the last century when international cartels threatened its economic interests.

1911

'The First Global Copyright Act' by Uma Suthersanen in A Shifting Empire: 100 Years of the Copyright Act 1911 (Edward Elgar, 2012) edited by Suthersanen & Yvonne Gendreau covers the Imperial Copyright Act 1911.

Suthersanen comments that

The process of consolidation and reform of copyright law in Britain dragged on interminably from the first efforts in the 1830s to 1911. This essay explores the reasons for this delay through a contextual analysis of the period that preceded the adoption of the Imperial Copyright Act 1911. Copyright reform in the nineteenth century, leading up to the Imperial Copyright Act 1911, was not driven by single issues or discrete lobbying groups. First, there was authorial and publishing pressure for domestic and international copyright reform to combat the growing, global piracy of English language works. Secondly, the delay was partly due to the need for the British government to come to terms with its role as international legislator for a global British polity. Much of the debates concerning the reform of copyright law revolved, surprisingly, on imperial governance, international comity, and the protection of the colonial market trade. This is seen when we turn to survey some examples on imperial and trade concerns, including the Anglo-Canadian copyright relations. The essay concludes by discussing the post-1911 copyright era in the UK, noting that in retrospect, the Imperial Copyright Act 1911 was the first global law written and administered by the United Kingdom. The statute was, conceptually, the first multilateral agreement, and if we push the analogy further, the forerunner of the TRIPS Agreement.

This essay is part of a multi-authored collection that specifically surveys the impact and evolution of the Imperial Copyright Act 1911 on countries that were part of the Empire.

Hackfatigue

Yet another breathless data breach advertorial, this time from Verizon, which claims "2011 Was the Year of the 'Hacktivist".

The 80 page Verizon 2012 Data Breach Investigations Report [PDF] - decorated with pretty graphs and impressive-looking statistics - emotes about "the dramatic rise of hacktivism - cyberhacking to advance political and social objectives" before reporting that the "majority of breaches are avoidable with sound security measures". Verizon offers security solutions along with connectivity.

The report indicates that

In 2011, 58% of data stolen was attributed to hacktivism, according to the annual report released today from Verizon. The new trend contrasts sharply with the data-breach pattern of past several years, during which the majority of attacks were carried out by cybercriminals, whose primary motivation was financial gain.

Seventy-nine percent of attacks represented in the report were opportunistic. Of all attacks, 96% were not highly difficult, meaning they did not require advanced skills or extensive resources. Additionally, 97% of the attacks were avoidable, without the need for organizations to resort to difficult or expensive countermeasures. The report also contains recommendations that large and small organizations can implement to protect themselves.

Now in its fifth year of publication, the report spans 855 data breaches across 174 million stolen records - the second-highest data loss that the Verizon RISK (Research Investigations Solutions Knowledge) team has seen since it began collecting data in 2004. Verizon was joined by five partners that contributed data to this year's report: the United States Secret Service, the Dutch National High Tech Crime Unit, the Australian Federal Police, the Irish Reporting & Information Security Service and the Police Central e-Crime Unit of the London Metropolitan Police.

"With the participation of our law enforcement partners around the globe, the '2012 Data Breach Investigations Report' offers what we believe is the most comprehensive look ever into the state of cybersecurity," said Wade Baker, Verizon's director of risk intelligence.

Modest to a fault, those Verizon people, who announce that "Our goal is to increase the awareness of global cybercrime in an effort to improve the security industry's ability to fight it while helping government agencies and private sector organizations develop their own tailored security plans".

Supposedly

Breaches originated from 36 countries around the globe, an increase from 22 countries the year prior. Nearly 70% of breaches originated in Eastern Europe, with less than 25% originating in North America.

External attacks remain largely responsible for data breaches, with 98% of them attributable to outsiders. This group includes organized crime, activist groups, former employees, lone hackers and even organizations sponsored by foreign governments. With a rise in external attacks, the proportion of insider incidents declined again in this year's report, to 4%. Business partners were responsible for less than 1 percent of data breaches.

In terms of attack methods, hacking and malware have continued to increase. In fact, hacking was a factor in 81% of data breaches and in 99% of data lost. Malware also played a large part in data breaches; it appeared in 69% of breaches and 95% of compromised records. Hacking and malware are favored by external attackers, as these attack methods allow them to attack multiple victims at the same time from remote locations. Many hacking and malware tools are designed to be easy and simple for criminals to use.

Additionally, the compromise-to-discovery timeline continues to be measured in months and even years, as opposed to hours and days. Finally, third parties continue to detect the majority of breaches (92%).

Data in the 2012 report is claimed to demonstrate that:

Industrial espionage revealed criminal interest in stealing trade secrets and gaining access to intellectual property. This trend, while less frequent, has serious implications for the security of corporate data, especially if it accelerates.

External attacks increased. Since hacktivism is a factor in more than half of the breaches, attacks are predominantly led by outsiders. Only 4% of attacks implicate internal employees.

Hacking and malware dominate. The use of hacking and malware increased in conjunction with the rise in external attacks in 2011. Hacking appeared in 81% of breaches (compared with 50% in 2010), and malware appeared in 69% (compared with 49% in 2010). Hacking and malware offer outsiders an easy way to exploit security flaws and gain access to confidential data.

Personally identifiable information (PII) has become a jackpot for criminals. PII, which can include a person's name, contact information and social security number, is increasingly becoming a choice target. In 2011, 95% of records lost included personal information, compared with only 1% in 2010.

Compliance does not equal security. While compliance programs, such as the Payment Card Industry Data Security Standard, provide sound steps to increasing security, being PCI compliant does not make an organization immune from attacks.

Only 1% in 2010 and 95% in 2011? Looking beyond the triteness of "being PCI compliant does not make an organization immune from attacks" - a first year undergrad conclusion - it's difficult to embrace a report with problematical figures that aren't sourced or readily verified.

Fraud

The Australian Institute of Criminology has released Fraud against the Commonwealth 2009-10, one of those unsatisfying documents that relies on problematical reporting by government agencies and discretion on the part of the AIC. Last year's report is noted here.

The report outlines fraud committed against the Commonwealth and includes information to assist agencies to improve fraud control measures. It indicates that -

• there was a 12% reduction in reported incidents of fraud and a 17 % reduction in the amount lost across the Commonwealth;
• agencies recovered almost $200 million in funds lost to external fraud incidents, and almost $600,000 from internal fraud incidents;
• the AFP accepted 94 fraud referrals, 24 of which resulted in legal action;
• the CDPP secured almost $60 million from fraud cases by way of reparation under the Crimes Act and orders under the Proceeds of Crime Act – an increase of over $14 million from the previous year; and
• $498 million was lost to the Commonwealth in fraud, misuse or theft.

The AIC comments that -

Fraud against the Commonwealth may be committed by individuals outside agencies (external fraud) who seek to claim benefits or obtain some other financial advantage dishonestly, or by those employed by agencies (internal fraud), including staff and contractors. The incidence and financial impact of internal fraud is generally lower than of external fraud, although both deplete government resources and have a negative impact on the administration of agencies.

Fraud in the public sector deprives governments of income for providing services to their communities while fraud in the private sector can seriously harm, businesses and individuals alike. The 152 Australian Government agencies that responded to the present survey reported experiencing almost 706,000 incidents of fraud (internal and external), worth almost $498m during 2009–10. This was almost 17 percent less than the amount lost in 2008–09, and almost 12 percent fewer reported incidents than in 2008–09. Reported losses arising from internal fraud, however, increased by almost 10 percent between 2008–09 and 2009–10, with more than $2m lost in 2009–10.

These totals under-represent the true value of fraud losses, as only 43 percent of agencies that experienced fraud specified a loss in 2009–10 (26 out of the 61 agencies that experienced fraud). This was an improvement on the situation in 2008–09, when only 40 percent of agencies that experienced fraud specified a loss (23 out of 58 agencies that experienced fraud). The ability to quantify a loss depends on various factors, including the availability of evidence of what transpired, whether the investigation had been finalised and the nature of the dishonesty practised. Some instances where intangible losses are involved are difficult to quantify.

Responses vary when fraud is identified within agencies. Some responses are obligatory under official policies and laws, and others are optional depending on the scale and circumstances of the offence. Often, however, fraud is not reported officially and sometimes repeat victimisation occurs—occasionally by the same offender against the same agency. Both government and business have developed an extensive range of responses to this problem over the past decade, notably in response to changes in information and communications technology and the resulting increased vulnerability to computer-enabled crime.

It goes on to comment that -

Almost the same percentage of agencies reported fraud victimisation in 2009–10 as in 2008–09 (40% in 2009–10, 39% in 2008–09). Slightly more agencies reported external fraud (34%) than internal fraud (31%), while nearly one-quarter had experienced both types of fraud (24%). Seven percent of agencies reported incidents of collusion between individuals within agencies and those outside agencies in 2009–10, the same as in the preceding year. In total, 705,547 incidents of fraud (internal and external) were reported in 2009–10 by 61 agencies —a reduction of almost 12 percent of the number of incidents from the 800,698 reported in 2008–09.

There were considerably more reported incidents of fraud alleged against persons external to agencies (external fraud) than against employees and contractors (internal fraud). In 2009–10, 47 agencies reported 3,001 incidents of internal fraud. For the five specified categories of internal fraud, incidents relating to ‘financial benefits’ affected the largest proportion of agencies (20%, n=30). For the specific subcategories of internal fraud, ‘leave and related entitlements’ affected the highest number of agencies experiencing internal fraud (n=19, 40%), which differed from 2008–09, when misuse of government credit cards affected the largest number of agencies (38%).

Agencies reported 702,941 incidents of external fraud, some of which may have involved allegations of non-compliance with regulatory instruments rather than actual incidents of financial crime. Most incidents related to ‘entitlements’; however, this only affected a small number of the largest agencies. One agency reported 75,644 incidents related to entitlements, while another reported 613,996 incidents which were comparable in scale to those reported by these agencies in 2008–09. For external fraud, the type of incident affecting the greatest number of agencies involved ‘financial benefits’ (21%).The specific category of fraud that affected the greatest number of agencies was ‘theft of telecommunications or computer equipment (including mobile devices)’ (n=18, 35%). It was found that smaller agencies, with 500 or fewer employees, were less likely to report fraud incidents than those with more than 500 employees. However, while the smaller agencies reported fraud at lower rates, they were not completely immune. Eighteen percent of smaller agencies reported experiencing at least one fraud incident, while 83 small agencies reportedly did not experience any fraud.

The total loss reported by agencies was $497,573,820, although only 42 percent of agencies that experienced fraud specified a loss.

Fifty-three percent of agencies that reported experiencing an internal fraud incident reported a financial loss in 2009–10 totalling $2,039,162, compared with 60 percent in 2008–09 totalling $1,856,707—an increase of almost 10 percent.

Fraud related to ‘misuse of entitlements’ was the most costly internal fraud category, with agencies reporting more than $1.2m lost to this fraud type alone.

Fifty-one agencies experienced an incident of external fraud, worth $495,534,658 in 2009–10, although only 65 percent of agencies that experienced an incident of external fraud specified a loss. This was a 17 percent decrease in reported losses from external fraud from 2008–09. The largest external fraud losses arose from fraud relating to ‘entitlements’, with a total estimated loss of $487m in 2009–10 compared with $489m in 2008–09. For both internal and external fraud, there were several agencies that suffered losses they were unable to quantify.

In 2009–10, some 40 percent of total reported losses were recovered by agencies, with $196,735,497 recovered. This was a considerable increase in the proportion of losses recovered in 2008–09, when $139,312,337 was recovered. The vast majority of funds recovered related to external fraud. ...

In 2009–10, 5,010 defendants were referred to the CDPP for prosecution involving allegations of fraud. Of these, 4,913 were prosecuted, resulting in 4,180 convictions and 29 acquittals. It should be noted that prosecutions undertaken by the CDPP in 2009–10 may relate to cases that had been referred to the CDPP in previous years. Accordingly, some cases that agencies referred to the CDPP in 2009–10 may have been prosecuted in later years. Charges against those prosecuted for fraud in 2009–10 involved alleged financial losses of almost $100m. The CDPP secured more than $59m by way of reparation under the Crimes Act 1914 (Cth) and pecuniary orders under the Proceeds of Crime Act 1987 (Cth). These recoveries related only to monies recovered during 2009–10.

Data Protection or Protection Theatre?

'Global Data Privacy Laws: 89 Countries, and Accelerating' PDF] by Graham Greenleaf in 115 PrivacyLaws & Business International Report (Special Supplement, February 2012) comments that

It is almost forty years since Sweden’s Data Act 1973 was the first comprehensive national data privacy law, and was the first to implement what we can now recognize as a basic set of data protection principles. How many countries now have data protection laws? This article surveys the forty years since then of global development of data privacy laws to the start of 2012. It expands and updates ‘Global data privacy laws: Accelerating after 40 years’ ((2011) Privacy Laws & Business International Report, Issue 112, 11‐17) which showed that at least 76 countries had enacted data privacy laws by mid‐2011. Six months later, further investigation shows that there are at least 89 countries with such laws. The picture that emerges is that data privacy laws are spreading globally, and their number and geographical diversity accelerating since 2000.

In a useful tabulation Greenleaf argues that -

There are some surprising inclusions, and some illuminating trends in the expansion of these laws. The total number of new data privacy laws globally, viewed by decade, shows that their growth is accelerating, not merely expanding linearly: 8 (1970s), 13 (1980s), 21 (1990s), 35 (2000s) and 12 (2 years of the 2010s), giving the total of 89. In the first two years of this decade 11 new laws have been enacted (Faroe Islands, Malaysia, Mexico, India, Peru, Ukraine, Angola, Trinidad & Tobago, Vietnam, Costa Rica, Gabon and St Lucia) and the Russian law came into force, making this the most intensive period of data protection developments in the last 40 years.

Geographically, more than half (56%) of data privacy laws are still in European states (50/89), EU member states making up only slightly more than one third (27/89), even with the expansion of the EU into eastern Europe. The geographical distribution of the 89 laws by region is therefore: EU (27); Other European (23); Asia (9); Latin America (8); Africa (8); North Africa/Middle East (5); Caribbean (4); North America (2); Australasia (2); Central Asia (1); Pacific Islands (0). So there are 39 data privacy laws outside Europe, 44% of the total. Because there is little room for expansion within Europe, the majority of the world’s data privacy laws will soon be from outside Europe, probably by the middle of this decade.

The article also shows that we can expect the pace of legislation to continue accelerating. There are Bills currently before legislatures in at least five countries although some have been withdrawn for redrafting. There are official draft Bills known in another five during the past year.

Now that we have this more accurate picture of the global development of data privacy laws, further research becomes possible. It has already made possible an assessment of the influence of European privacy standards on legislative developments outside Europe. Further research is required on such questions as the implications of the increasingly interlocking data export restrictions in this legislation; on the effectiveness of the enforcement regimes in various countries; on the extent of judicial interpretation of these laws, and on other comparative aspects of data privacy laws. All of this requires an accurate account of the world’s data privacy laws.

We might, of course, question whether enactment of statutes in Gabon, Angola and similar jurisdictions is particularly meaningful. Does that law reflect external pressures? Is it enforced? Is it understood? Is it a signifier of modernity, easily acquired and even more easily disregarded?

Credibility

'Tweeting is Believing? Understanding Microblog Credibility Perceptions' [PDF] by Meredith Morris, Scott Counts, Asta Roseway, Aaron Hoff and Julia Schwarz reports on survey results regarding user perceptions of tweet credibility, concluding that there is a disparity between features users consider relevant to credibility assessment and those currently revealed by search engines.

The authors comment [citations and figure references deleted] that

Our survey showed that users are concerned about the credibility of content when that content does not come from people the user follows. In contexts like search, users are thus forced to make credibility judgments based on available information, typically features of the immediate user interface. Our survey results indicated features currently underutilized, such as the author bio and number of mentions received, that could help users judge tweet credibility.

It is sensible that traditional microblog interfaces hide some of these interface features because they aren’t necessary when only consuming content from known authors. Without these established relationships, errors in determining credibility may be commonplace. Participants were poor at determining whether a tweet was true or false, regardless of experience with Twitter. In fact, those higher in previous Twitter usage rated both content and authors as more credible. This mirrors findings with internet use generally, and may be due to a difficulty in switching from the heavily practiced task of reading content from authors a person follows to the relatively novel task of reading content from unknown authors. Even topical expertise may not support reliable content validity assessments. We did find that for politics, those higher in self-reported expertise (by a median split) gave higher credibility ratings to the true political tweets and their authors, yet these effects disappear for the science topic and for entertainment where those low in expertise actually gave slightly (though non-significantly) higher ratings to the true content.

In the absence of the ability to distinguish truthfulness from the content alone, people must use other cues. Given that Twitter users only spend 3 seconds reading any given tweet, users may be more likely to make systematic errors in judgment due to minimal “processing” time. Indeed, participants rated tweets about science significantly more credible than tweets on politics or entertainment, presumably because science is a more serious topic area than entertainment. Other types of systematic errors, such as gender stereotyping based on user image, did not appear to play a role. Although our survey respondents reported finding non-photographic user images less credible, our experiment found that in practice image choice (other than the detrimental default image) had little effect on credibility judgments. It is possible that image types we did not study (such as culturally diverse photographs) might create a larger effect.

The user name of the author showed a large effect, biasing judgment of both content and authors. Cha et al. discuss the role of topically consistent content production in the accumulation of followers. We see a similar phenomenon reflected here in users incorporating the degree of topical similarity in an author’s user name and tweets as another heuristic for determining credibility.

What are the implications of these difficulties in judging credibility and how can they be mitigated? Our experimental findings suggest that for individual users, in order to increase credibility in the eyes of readers, they should start by avoiding use of the default twitter icon. For user names, those who plan to tweet exclusively on a specific topic (an advisable strategy for building a large follower base), should adopt a topically-aligned user name as those generated high levels of credibility. If the user does not want a topical username, she should choose a traditional user name rather than one that employs “internet” styled spelling.

Other advice for individual tweet authors stems from our survey findings. For instance, use of non-standard grammar damaged credibility more than any other factor in our survey. Thus, if credibility is a goal, users are encouraged to use standard grammar and spelling despite the space challenges of the short microblog format, though we note that in some user communities non-standard grammar may increase credibility. Maintaining a topical focus also increases credibility, as does geographic closeness between the author and tweet topic, so users tweeting on geographically-specific events should enable location-stamping on their mobile devices and/or update their bio to accurately identify location, which is often not done.

Tweet consumers should keep in mind that many of these metrics can be faked to varying extents. Selecting a topical username is trivial for a spam account. Manufacturing a high follower to following ratio or a high number of retweets is more difficult but not impossible. User interface changes that highlight harder to fake factors, such as showing any available relationship between a user’s network and the content in question, should help. The Twitter website, for instance, highlights those in a user’s network that have retweeted a selected item. Search interfaces could do something similar if the user were willing to provide her Twitter credentials. Generally speaking, consumers may also maintain awareness of subtle biases that affect judgment, such as science-oriented content being perceived as more credible.

In terms of interface design, we highlight the issue that users are dependent on what is prominent in the user interface when making credibility judgments. To promote easier credibility assessment, we recommend that search engines for microblog updates make several UI changes. Firstly, author credentials should be accessible at a glance, since these add value and users rarely take the time to click through to them. Ideally this will include metrics that convey consistency (number of tweets on topic) and legitimization by other users (number of mentions or retweets), as well as details from the author’s Twitter page (bio, location, follower/following counts). Second, for content assessment, metrics on number of retweets or number of times a link has been shared, along with who is retweeting and sharing, will provide consumers with context for assessing credibility. In our pilot and survey, seeing clusters of tweets that conveyed similar messages was reassuring to users; displaying such similar clusters runs counter to the current tendency for search engines to strive for high recall by showing a diverse array of retrieved items rather than many similar ones – exploring how to resolve this tension is an interesting area for future work.

Useful hints for verification experts and identity criminals alike.

Cybercodes

Drowning in Code: An analysis of codes of conduct applying to online activity in Australia [PDF] by Chris Connolly & David Vaile of the Cyberspace Law & Policy Centre UNSW examines 16 codes of conduct relevant to Australian consumers online.

The 49 page report comments that -

Australians face a complex, confusing and often inconsistent environment when it comes to regulating how businesses and consumers should conduct themselves online.This Report examines 16 codes of conduct that are relevant to Australian consumers when they engage in online activity (13 active codes and 3 draft codes). It is the first report to analyse the numerous codes of conduct that have been developed in Australia to address online conduct.

These codes, individually and together, offer online users the prospect of assistance dealing with unsatisfactory conduct by businesses and others, but whether they meet expectations has been unclear.

The Report compares each code against best practice guidance on the development and implementation of codes of conduct issued by Australian regulators. The report also examines the coverage of codes, through an analysis of the code coverage amongst the top 50 websites visited by Australian consumers, and the top 19 ISPs by Australian market share.

The report identifies 13 codes that are currently in force and three significant draft codes. Those codes are -

In effect

1. Telecommunications Consumer Protection Code
2. ePayments Code
3. [Internet] Content Services Code
4. Interactive Gambling Industry Code
5. Internet Industry Spam Code of Practice
6. e-Marketing Code of Practice
7. Australian Best Practice Guidelines for Online Behavioural Advertising
8. IIA Family Friendly ISP Seal
9. Australian Association of National Advertisers Code of Ethics
10. iCode (E-Security Code for ISPs)
11. IIA Codes for Industry Co-Regulation in Areas of Internet and Mobile Content
including Content Code 1 (Hosting Content in Australia), Content Code 2 (Providing
Access to Content Hosted Within Australia) and Content Code 3 (Providing Access to
Content Hosted Outside Australia
12. IIA Responsible Internet Business Program - 10 Point User Protection Code of Ethics
13. Australian Group Buying Code of Conduct

Draft

1. IIA Privacy Code
2. IIA Industry Copyright Code
3. Best Practices for Dating Websites

The authors identified several consumer issues -

• the very number of codes which could potentially be applicable to a given online transaction or issue;
• the complexity of their overlapping coverage;
• wide variations in language, procedure, remedies and robustness;
• uncertainty about coverage and ‘jurisdiction’ broadly considered, including an often limited or non-existent capacity to involve dominant online service providers operating offshore;
• patchy or very low sign-up by industry participants, and in some cases difficulty in ascertaining who is a ‘member’ of the code and what this means;
• inconsistent approaches to effective complaint handling;
• inconsistent or undeveloped approaches to cross-referral to other codes or code bodies where an inquiry may be outside scope of the first code considered (to prevent ‘falling through the cracks’); and
• a tendency to focus on industry rather than consumer convenience in regulatory scheme design

They comment that -

the majority of codes require companies to subscribe to the code before coverage can be assured, and for most codes sign-up rates are very low.

In addition, many of the top 50 websites visited by Australian consumers are hosted outside Australia by organisations that appear unlikely to sign up to Australian codes of conduct. However, there are some very limited examples of global companies signing key Australian codes.

Overall the coverage of the 13 codes appears to be very poor. Simply having a large number of codes does not ensure consumer protection if most codes only have a few signatories.

Organisations are also faced with a difficult decision in deciding which codes to sign. ... The benefits of signing additional codes diminish rapidly once an organisation is already covered by one code.

There are significant overlaps in code content amongst the 13 codes in force and the three draft codes.

The main overlaps are in the areas of:

• privacy protection;
• truth in advertising;
• refunds and returns; and
• the prohibition against sending spam.

Some of these requirements appear in more than ten of the codes in the study. These overlaps have a range of impacts for potential signatories, including:

• uncertainty about which and how many to join, or whether they are eligible, or required, to join;
• whether their obligations would vary between the codes;
• the necessity to understand the details of overlap; and
• implications for compliance with overlapping and potentially inconsistent frameworks.

The overlaps may also cause concerns for consumers, including:

• uncertainty about which and how many codes might cover a particular situation or concern;
• whether codes covering similar concerns are consistent on specific points;
• the implications of any inconsistency;
• whether there is effective referral between codes where one has more direct relevance than another; and
• whether there are implications for successful resolution of concerns arising from deciding to start with one rather than another possibly relevant code.