Let’s first understand and analyze the situation in a global perspective. Donald Trump, US’s president and person who paid a ghostwriter to write “The Art Of The Deal” on his behalf, wants to be acknowledged as a peace-president and wishes to take over some territory. As written in Art Of The Deal, Trump knows that even if you do not have a legal case, applying pressure may yield results in some cases. Therefore, he threatens to hurt US citizens by raising the tariffs they pay for EU goods if Denmark does not hand over Greenland to his control.

The EU, being docile and acting slow, offers the same counter measures. They threaten with some of the cards they have: not buying US based goods by raising their prices with tariffs. However, this “eye-for-an-eye” approach would, in the end, mean that we all go blind.

There is, however, one great pressure point. A point where you can apply soft pressure and generate a lot of pain. A mean that could hurt the US more than anything, and that’s Data.

As a general rule, it’s hard to explain each approach to either side, but, the EU looks as data as a continuation of a person’s thoughts, wishes and likes, and protects it by encapsulating it, acknowledging that a person can refuse certain uses of the data even if he gave consent to other uses, and understanding that data is sensitive and may be used against a person to manipulate it. The US? for them data is just numbers. Once you find it, it’s your own property and you can use it. A great difference would be understanding credit ratings.

For a person living in the US the fact that when he takes a loan, makes a payment and buys things, a plethora of third parties receives this data seems obvious. The bank, the collection agency, the store, each is an “owner” of their own data and can do whatever they want with it. For a person living in the EU? this seems rather unprecedented. It is their data. It is no one’s business if they took out a loan, and if they repaid it on time it is again no one’s business. So, the bank cannot sell their data. This gap in understanding personal data causes tension between these federations.

Now, let’s go back a decade, back in 2015, the EU court of Justice ruled that the “Safe Harbor” Framework to transfer data between the EU and the US is invalid, because of how US laws treat data, and because the US, basically, has no real data protection laws. Then, the GDPR (General Data Protection Regulation) came into effect, and the same plaintiff from the 2015 case, Max Schrems, initiated another lawsuit, claiming that the new “Privacy Shield” framework to transfer data from the EU to the US is invalid. Following the ruling, the US had to impose stricter protections, and that’s why US companies can still work in the EU and collect user data.

However, if you want to harm the US, don’t go for its products. Products are only a small part of the economy. Go for digital services. If Google would have to transition its operations outside of the US to continue to collect data relating to EU subjects? It would be painful to the US more than if the price of an American car would increase threefold. How do I know that? look at how Elon Musk rants about it and calls for the disbandment of the EU:

So, if you want the biggest US multinational corporations, that donate to the sitting president, to do something? don’t tariff goods, add a tariff on their data.

(also in Hebrew)

The choice was clear: pay a small fee for an ad-free version, or provide us with the option to generate revenue based on your personal data. Reading reports, it seems strange. Facebook’s average revenue per user is similar to the sum charged in the subscription model, but in the EU the sum is a bit higher, around $15 per user. So charging EUR10 per user is relevant and understandable.

The problem, of course, is that the Ad-Free version is not “Tracking Free”.

What do I mean? Have a look at Meta’s statement: “In November, we will be offering people who use Facebook or Instagram and reside in these regions the choice to continue using these personalised services for free with ads, or subscribe to stop seeing ads. While people are subscribed, their information will not be used for ads“.

This does not mean that they do not collect information, and without a specific statement saying so (such as an updated Privacy Policy) we can assume that Meta would keep on collecting the data. This means that once people stop paying for the Ad-Free version, their data would be free to grab by advertisers.

It also means that the tracking functions inside Meta’s services, such as Facebook and Instagram, are still to be used for internal recommendations. Meaning, right: Facebook will not show Ads. But they will use your data for internal improvement of the services, for development and for increasing your engagement. You will not have a privacy-oriented social network, it’s just the same as if you paid Facebook to show yourself ads about you.

The tracking portion of Meta’s services is what we fear. It is what allowed the Russian interference in the 2016 US elections, and it is what allowed the massive data breach back in 2018.

As a reminder: Meta has its claws in every page that runs a Facebook pixel campaign, embedded an Instagram post or just allowed it to track. It also runs on your mobile phone collecting your location and other data. They know who are the people you engage with via WhatsApp and they know what businesses you buy from, as you interact with them over WhatsApp for business. This is a data-monster.

So even if the data would not be used to “show” ads, it doesn’t mean it won’t be used otherwise, nor does it mean that the data won’t be later hacked and dumped. Facebook had a terrible history of data protection, not just the Cambridge Analytica scandal, but a full list of dozens of scandals.

I would gladly pay for a service that does not track me. A private, encrypted, social network that does not use my data against me is a great service. However, as it seems right now, this service is just “pay us not to run ads, but we’ll keep tracking you”.

What are NDAs?

NDAs are “Non Disclosure Agreements”; you may see them in most businesses, and they are meant to protect the confidentiality of information exchanged between the parties. The requirement to execute an NDA may come due to the fact that one party has a secret that it wishes to protect (think of Coca Cola’s secret formula) or when financials are disclosed in the sale of a business, but it may also come when a researcher wants to share their ideas with another person and still be able to apply for a patent later on in life, as patents should be only for ideas which were not published up to date (see this, where a patent was invalidated due to a lack of an NDA).

So, NDAs are executed as common practice between parties; where in some cases there are people who categorically refuse to sign them. One example would be a venture capital investor. A VC Investor might say “I see a dozen startups per day, so if I’m bound by confidentiality some kid with an idea may come and say that I stole his idea and invested in another startup that formed to practice this idea”. 

What doesn’t fit in an NDA and people still try to sneak in?

Non-disclosure agreements are meant to protect confidentiality of information, that’s it. However, I’ve seen some other sections put in these documents that may or may not be reasonable to ask. Hiding them inside an NDA may not be fair, and if you see them in a document do ask your counterpart why it was there.

Some examples are “non-compete” sections, where the disclosing wishes that in consideration of receiving confidential information you are prohibited from entering into any business that competes with them. While it may be reasonable to ask for a non-compete in a commercial agreement that would be executed later on, and includes your services and consideration, in the negotiation section that includes only exchange of information, it may not be reasonable to request.

The same goes for IP assignment. If the other party requests that you assign all intellectual property rights, copyrights, patents and other similar rights in the NDA then it means that they obtain ownership without you being entitled to any consideration. I would avoid that.

Another section which is borderline is the “non-solicitation” or “non-circumvention”; this section requests that upon signing the NDA, you undertake not to poach the other party’s employees or not to go around them in a specific deal. This may be reasonable if they are an agent or reseller of some sort, but not if you’re just looking for a service provider.

What type of NDA is this?

After understanding what doesn’t fall into the NDA’s scope, you need to first understand what type of document is in front of you; is this a mutual NDA or a unilateral one? Meaning, does this agreement cover the confidential information of both parties (“mutual”) or whether it protects only one side. You can understand that by seeing whether the “disclosing party”, “discloser” or similar definition in the agreement applies only to one party, or to both. In some cases, the definition may be mutual, but the confidential information may be defined only as information belonging to one party. 

How is “Confidential Information” defined?

Next, we need to understand how confidential information is defined. 

There are some different ways to define it; the first is by asking that all information be marked. I, personally, am against this. The reason for that is that marking information may be almost impossible when dealing with a potential transaction, and that in such an event most of the time oral information may not be covered. 

The second is having a specific list, something like “all information relating to business, data, financials, etc”. This is better; but may be either too broad or too narrow.

Third, some people may also add something like “as well as any other information reasonably understood to be confidential due to its nature”. This is great as adding another layer of protection.

Please note, however, that if there is a requirement to mark the information then the second and third definitions become moot. Meaning, only if it is both marked and falls under those categories.

In some cases, the definition won’t be of “confidential information”, but of “proprietary information”; while legally there’s a difference between the two, for the purpose of this post I’ll ignore it.

What is excluded

Next usually comes the section that discusses what is excluded from being confidential. It is important to  review this section and look for things like “third party disclosure”; meaning that if there was a meeting between you, the counterparty and another guy, let’s call him Bob, and you said something confidential and Bob isn’t bound by confidentiality, then the information won’t be confidential. Please mind these.

The most important section is the “independent development” section. We’ll get back to it when discussing the residuals, but generally, people would say “yeah! I developed it myself, so it’s not based on your confidential information”. That’s why I prefer to have this section state that independent development means only information developed by people not exposed to confidential information.

What is the term of protection?

When you read an NDA, you may say to yourself that all is well, and then fail to understand that there wasn’t a survival clause. Some lawyers or templates just forget it and some leave it out on purpose. What does that mean? When the NDA terminates, it terminates. There are no more obligations, the agreement came to an end. 

However, if there’s a survival clause, then the obligations will apply after termination. This is important when you want to understand for how long your information would be protected. The optimal duration, of course, is in perpetuity. However, perpetual NDAs may be illegal or unenforceable in some jurisdictions.

Some NDAs try to force you to protect information only for a short time, like one or two years. This means that if someone is exposed to the information discloses it after that term, they won’t be in default and your information would be out.

What are the requirements at the end of the term?

Some NDAs require that at the end of the term you would delete the other party’s confidential information. This is great, except that no one really deletes stuff; right? You have archives and backups of your data, you have the cloud that remembers everything; so how can you be certain that the information was actually deleted.

Another issue is that in some cases, you need to keep the confidential information and not delete it. Let’s say you provided an hourly service to the other party. This means that time sheets that may include what you developed, are confidential. But if the other party didn’t pay you, how can you sue them if you have to delete the timesheets?

Is there a “residuals” clause?

A residuals clause says something like “while we want to protect your information, our staff can’t unlearn what they saw, so if they did something similar to what you showed us, it isn’t a breach of this agreement”. This is bad. I would try to avoid this section if possib;le.

Where are the applicable laws?

This is important when the two parties are from different countries. You need to make sure that you can enforce your rights. If you live in Israel and the other party is in Mexico, and the applicable laws are those of Mexico, then you have to address the Mexican courts to prevent a disclosure. This is not just expensive, but requires that the Mexican laws provide similar protection to your laws. 

Anything Else?

This list, of course, is not exhaustive, it is meant to help you understand the nature of the NDA you just received from someone else. If you have any document, get a professional to review it. 

Any technology that is developed, from its conception, as censorship resistant, would require longer incubation and growth time, but would definitely prevail over its centralized developers.

We can see it with bitcoin. Bitcoin was developed back in 2008 and launched early 2009. It was developed as a decentralized, distributed, network. It learned the lessons of Bittorrent and uses similar features: peer to peer networks are censorship resistant because they have no one point of failure. Open-source software are censorship resistant because there is no one developer. On the other hand, there is no money in investing in the development of these, as they are provided for free to the public. Therefore, it takes time to grow and requires a good community.

Parler, the nazi-enabling social network, learned this the hard way today. For those of you who do not know, Parler is a social app that declared that it is less strict in enforcing speech regulation than the competition. It will enable people almost limitless speech in respect to hate. Today, we learned that both Apple and Google kicked Parler from their application stores and Amazon had stopped hosting the service.

This effectively kills Parler. Why? because relying on a central point of failure, meaning their hosting provider, meant that if the hosting provider took down the website, the entire service is down.

Now, I’m not going into whether this is justified or not. I can’t blame Parler for enabling this sort of speech, because it may have evolved otherwise, or may have set up new features. I do think that this is a good time to discuss why only decentralized solutions could be disruptive.

Why? because only when you are censorship resistant, you know that no one point of failure would block you. Israeli authorities can block your website as much as they want, but if you’re using TOR or a VPN, then this blocking is moot. US courts can claim bittorrent is illegal as much as they want, but as long as there is not “bitcoin” company to close and servers to confiscate, then there is nothing do be done to stop it.

Parler’s winding down is a great time to discuss real, decentralized, social networks. Places where the community itself has control over the community standards, places where no one group has too much power to effect elections or democratic processes, and places where the truth could prevail over lies.

Swift’s mechanical rights, meaning the rights in the master recording (and not the lyrics and music) were owned by the record producer. This is one of the terrible outcomes of copyright laws. Therefore, the investment firm expects to make a hefty profit from these rights, when these recordings are used in various media.

My solution, of course, is that Swift joins the open source movement, and in order to entice away future deals that take away mechanical rights from artists, she releases a new copy of all her recordings, in an open, royalty-free, version.

This post will take you on a short journey. I’ll explain what are mechanical rights, why would you invest in such a right, what is debasing, and how to solve the problem here.

And Taylor, if you’re reading this; please act accordingly.

What are royalties? mechanical rights?

A musical work may seem to us laymen as one work, but copyright laws think differently. A song is comprised of three different rights (some claim just two). The first is the actual copyright. The work itself. Copyright laws protect original works of authorship. They must be original, and creative. This right in the work, however, is split to two different rights: the right in the lyrics and the right in the music.

If you go back and look at the Beatles, John Lennon and Paul McCartney had joint credit for both lyrics and music, but in other cases, lyrics could be attributed to one person and the music to the other. Beyonce’s song “Single Ladies” has ten different credits.

This means that if I take a song’s lyrics and put a new melody on them, I only need to pay royalties for the lyrics, and not the music, and vice versa.

Another right is the Mechanical Right. This right sets the actual right in the music recording, production, arrangement. It means that if I play a record recorded in the studio, the producer is (usually) the owner of these records. And when a band plays the song live, it does not reproduce the original mechanical right. This is why most ads use cover versions: to save on mechanical rights.

So, usually, the rights are split in the following way: the artist (or the person who wrote the song) holds the copyrights, and the label, which paid for the recording, usually holds the mechanical rights (like in Swift’s case).

Why would you buy a master recording for $300M?

Why would a private equity firm invest a couple of hundred million dollars in mechanical rights? well, because every time a person streams a Swift song on Spotify, a sum of between $0.006 and $0.0084 is split between the copyright holder and the mechanical right holder. So If you hold the rights for the record of one of the most streamed artist in the world, you get a nice return on investment.

Another reason is incorporating the song into movies and TV shows. This is one of the reasons that in the Netflix re-runs of Dawson’s Creek, the legendary “I don’t want to wait” is not played. So, Swift knows that her songs are a part of culture, they are a voice of a generation. Therefore, they are heard quite a lot, and this isn’t expected to decline. Think of all the songs from the 1980s which are still incorporated into TV-shows.

Desbaser!

To every problem there is a solution. Do you know why gold and diamonds are so expensive? because they are rare! The same goes for these Taylor Swift records. Only because you have to pay the mechanical rights holder to play them are they valuable.

And you know what takes the value down? Debasing!

Debasing comes from Roman times, where the base for coinage was that it was worth its weight in precious metals because it was made from precious metals. Governments who needed more money mixed the base of these coins with cheaper metal, therefore debasing the coinage. Swift can do the same.

What will happen if Swift record these songs again, and offer broadcast organization a better deal: take these songs on the cheap. Swift is entitled to re-record her songs, she owns the copyrights. In that case, the Mechanical Rights are worthless. There is another recording.

Taylor’s Revenge. How-To.

But just debasing is not enough. Recording the songs again would cut the investment profits by some percentage points, but not in total. On another hand, if she decides to set these songs free, and offer them royalty free, then two things might happen: the first is that the investment value of the original master will go down to zero. It’s the same if the US started printing dollar bills like crazy. This would signal to the next label that if they ignore their artists, their repertoire is worthless.

This will also start a race to the bottom to free our culture. Music is a part of our culture. It is not owned by one person; it is owned by all of us.

In general, what happens usually is that one email account is hacked by the attacker, usually in the finance department. After such hack, the attacker sends an email to the other party, usually one of the attacked party’s clients, stating that either they have a problem with accounting or have changed their bank account, and requests that all new payments shall be routed there.

This might be done by email spoofing, meaning registering a similar domain (such as BUSlNESS.com instead of BUSINESS.com, or using unicode characters) and sending a real email from there, or by hacking a domain and using it to gain access, later deleting the incriminating emails.

These attacks may cost millions to victims and are quite impossible to trace. However, there is one thing you can do to protect yourself, and that’s adding a simple section to your future agreements with suppliers and clients.

The “Change of Contact and Banking” section is my suggestion to you. In this section, the banking details appear in the agreement between the parties, and any change of such details shall require either physical presence by both parties, or videoconferencing where two parties can hear and see each other, where they have prior acquaintance. Meaning, that this adds another layer of security that ensures that no change of bank details will be made via these hacks.

My suggested wording is : “The parties’ payment and banking details are as stipulated hereinabove. any change in such details shall be made either via (i) physical meeting between the CEOs of both parties, which shall be coordinated and videotaped; or (ii) videoconferencing by both CEOs, after their identity was verified by both parties, where the exchange of details shall be documented as well. Any change of details shall require the notification to both parties’ legal departments and shall require a notice of at least 7 days. Such notice shall suspend all pending payments until such confirmation is made“.

In more sensitive cases, I suggest that a better mechanism of double verification shall be made, which includes both an exchange of cryptographic keys and on-premises identity management solutins.

In brief, what are tokens? During the last year or so, the rise of bitcoin and blockchain technology led companies to raise funds by issuing cryptographic assets (meaning, digitally signed) which represent a future right for utilizing a service. For example, if I have a file hosting service, one token may be equivalent for a future right to host 1TB for 1 Year (see here). A similar method could be used to purchase digital goods, such as collectible cards (see here) or for future leasing of offices (see here). Lastly, it could be used as a payment method in a future mobile platform and cellphone.

This method of raising funds, known as an “Initial Coin Offering” (similar to the IPO, ICO) or “Speculative Currency Allotment Method”, was an easy way for companies to raise funds without loosing equity in their Company. Last year, Bancor, an Israeli Startup, raised over 150 million US$ in just a few hours by people purchasing tokens which represent a future right to use their services.

Many people pondered whether these ICOs are regulated as securities, which may require material protections. The US Securities and Exchange Commission issued a few statements describing when an ICO is actually an investment agreement, and should be regulated in the same form that publicly traded companies are regulated, or on celebrity endorsement of ICOs, and the potential of investor fraud.

However, the Israeli Tax Authority thinks otherwise, under the current draft, which is yet to be finalized, Utility Tokens, meaning tokens which represent a future right to receive goods or services from their issuer, shall be taxed in the same way gift cards are taxed: as income tax by the issuer. This means, on one hand, that in your 500M$ ICO the Israeli Government is entitled to put its claws on your hefty pile of gold, but it also means that you receive regulatory certainty that such tokens will not be deemed as securities if they fall under this definition.

Up to here there’s nothing new. However, the last statement in the draft guideline is what actually matters. The Israeli Tax Authority also states that the gains from the token generating event may be deemed as revenue under the Capital Investment Incentive Act, which means that blockchain companies who raise material funds may be entitled for tax benefits or governmental grants, and that their investors may also enjoy benefits (benefits may differ depending on the situation).

This, of course, only applies to utility tokens which are provided and deemed by their issuer, and not for decentralized coins, tokens or other methods.

Matt Said:

“I started playing around with the editor, and felt… déjà vu. It was familiar. Like I had used it before.

Turns out I had. Because itâ€s WordPress.

If I were being charitable, Iâ€d say, “The appâ€s editor is based on the WordPress mobile appâ€s editor.” If I were being honest, Iâ€d say that Wix copied WordPress without attribution, credit, or following the license. The custom icons, the class names, even the bugs. You can see the forked repositories on GitHub complete with original commits from Alex and Maxime, two developers on Automatticâ€s mobile team. Wix has always borrowed liberally from WordPress — including their company name, which used to be Wixpress Ltd. — but this blatant rip-off and code theft is beyond anything Iâ€ve seen before from a competitor.”

A quick recap of the GPL, for those who did not study law, or have studied law and did not take a course in open-source licensing. The GPL is a license where developers of a software give permission to end-users to use the application freely (but not free of charge, in some cases) but require that all distribution of the software later on to further recipients shall be under the same license, and shall include the software’s source code. This paragraph is not easy to understand, as this is one long structured sentence, so I’ll explain it in layman’s terms.

If Alice develops software A and sells it to Bob under the GPL, then Bob can freely use it; Bob can also sell it (or give it for free) to other people, like Charlie. However, Bob doesn’t have to give, or sell, the software to Charlie, nor does he have to tell Alice what changes he made in his code. But, when Bob does sell, give, license, or just conveys (that’s the definition a later version of the GPL uses) the software to Charlie, either with or without modifications, then he has to provide Charlie with the source code.

Now, before we get into the real problems here, let’s continue by explaining Wix’s side of the story. Avishay Avrahami, Wix’s founder posted a response to Matt. While I do have a problem with Avishay’s attitude, I think that his response is a bit off. Avishay explains that their developer, Tal Kol (who posted his side of the story as well) took a GPL’d text editor and integrated it into the Wix mobile app, he explains that they released the text editor’s source code and provide the source code later on to every person. Kol Explains it like this:

“I love open source and I love contributing back to the React Native ecosystem. We have a rule in our team that everything difficult we develop for the app that can be reusable, we open source from first commit. We deliberately try to design these as general purpose libraries such as react-native-navigation (this for example is our app skeleton in reusable form).

I know some developers are scared of using GPL, apparently for a pretty good reason. The WordPress GPL Rich Text component in question, is actually a wrapper around another Rich Text component named ZSSRichTextEditor which is licensed MIT. In retrospect it would have been easier to use it directly.”

So, no harm done? the code was released and that’s it? not really. Let’s go back to the definitions in the GPL. The GPL applies to “software” and does not explain where it ceases to apply. This means that if my software is a blogging platform, then the platform’s text editor is an integral part of it, and that if the text editor is licensed under the GPL, then the entirety of the platform should be GPL. This is one extreme interpretation of the GPL which is usually applied by GPL purists, Matt is one of them. There is quite a lot of literature about whether a piece of software linking to another is construed as a separate work of not (this question arose very early in the day),

The Software Freedom Law Center’s opinion here is that:

“When two software components are joined together to make one work (whether a main and some library subroutines, two objects with their respective methods, or a program and a “plugin”) the combination infringes the copyright on the components if the combination required copyright permission from the component copyright holders, and such permission was either not available or was available on terms that were not observed. Where a combination is made with GPLâ€d or AGPLâ€d components, the only available permission is copyleft, and its terms must be observed on the combination as a whole if the GPLâ€d component is to be used at all”.

But let’s analyze the license‘s text:

“These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it”.

So what’s the claim here? If the text editor is distributed inside Wix’s mobile app, and it is a part of the mobile app, which is not distinguishable, or “reasonably considered independent and separate works in themselves” then the GPL shall apply and Wix shall be required to disclose and provide their source code for the mobile app. This might be burdensome on Wix and may cause other problems, but let’s try to understand what is independent and separate?

The question is whether the text editor is independent on the Wix mobile app. In order to analyze this and answer, one will require actual access to Wix’s source code and understand whether the text editor has dependencies relating to the mobile app, whether it makes specific function calls to the mobile app and uses its system variables. This is “independent” in the literary sense. The other question is whether it is separate. Separate means, again, literally, that both applications can act without the other; that the text editor has actual life without the mobile app, and that the mobile app has actual life (meaning F5 works) without the text editor. I do not know whether this is the case here, but I do not see how the Wix mobile app will compile without a major part.

Usually, when we discuss “independent and separate” we require at least separate installations for the separate applications. Take MySQL (or MariaDB): if you use the MariaDB client inside your application as an interface with a MariaDB Database, then, at least according to their FAQ, you will be required to publish your application under the GPL. However, if you merely integrate the MariaDB server, and use another library, and the two installations are separate, then you do not need to publish your code under the MySQL.

Now, how will this apply to this story? I do not think that WordPress will litigate here, mostly because of Tal Kol’s statement relating to the MIT License which the text editor was based on (and I don’t think we have the time to explain it), but I do think it’s a great time to make developers aware about the problems and implications of using open source software inside their works, at least if they do not plan to release them under an open source license.

The difference between the “standard” MIT/BSD Licenses, that say “do whatever you want, just give us credit and waive any liability” and Microsoft MS-PL that has a statement that says that you cannot use the original software’s trademarks and that if you take a piece of code from the software, and stick it to your own code, then it has to be also under the MS-PL (section 3(d)), were quite problematic, and it’s no surprise that no one outside the Microsoft ecosystem used these licenses.

So, last week’s resolution came as a surprise, and quite an interesting one. Will Microsoft’s adoption of the MIT License mean that we might see an open-sourced Windows version? I’d be surprised if we do. But what’s not that surprising is that Microsoft decided to add its own flavor again to the MIT License.

While the .NET framework is released under the permissive MIT license (again: do whatever, just make sure we’re not responsible), Microsoft decided that it has to specifically add a “Patent License”, meaning that it makes sure that its nonexistent property called “Software Patents” (that at least in Israel are deemed highly questionable). Microsoft promises not to sue you over its patents if you use the .NET framework in your product. This means, that even if you don’t acknowledge Microsoft’s enforceability of these patents, or claim that they don’t apply, you do acknowledge them when you get a license.

While this patent license applies only when your software is a “part of either a .NET Runtime or as part of any application designed to run on a .NET Runtime”; it means that actually you blindly acknowledge on the other hand that these patents exist and that they are enforceable. This also means that if you interfere or “infringe” these patents in any other software you distribute, Microsoft could go ahead and say “oh, well, he acknowledged our patents here, here  and here, so he can’t say that they are unenforceable”.

So you see my problem here, right?

[originally published at Code4WD]

0.
Take a look at this video about Woosh Water‘s project. Woosh provide an amazing service, where the ordinary municipal water fountains were replaced by hi-tech fountains, providing clean water for residents, with user experience and less of the dirt and homelessness affiliated with water fountains. Their project seems, at first glance, as amazing. However, when you inspect the service in depth, some things change.

1.
In order to provide their service, Woosh require that you register and receive a wireless token. When you use Woosh’s services, your location data is stored, as well as your usage. Then, you understand that in order to drink purified tap water you have to sign a ten-page agreement. This constitutes quite a problem. Moreover, reading Woosh’s agreement with the municipality of Tel-Aviv once can deduce that Woosh’s privacy policy was inadherent to the agreement; as it requires Woosh to share your location data with the municipality.

2.
But it’s not just water, you know. When people interact, either online or offline, they create crumbles of information. For example, the Israeli Transit Card, “Rav Kav”, allows you to purchase bus passes. However, in order to do so, it shares quite a lot of information with the transit operators; some of which are not really required. For example, it is not sure that data is erased after use, and there’s really no need for the bus operators to retain your photos or travel history. The same goes for your location data from the cellular operators. While the cellular operator needs your current location to serve your calls, it does not need to retain a history of your data. However, once it retains this information, then others may use it. For example, the Israeli startup “Trendit” receives information from cellular providers to estimate the number of people in a specific venue.

We call this information “Residual Data”.

3.
Now, when you develop an application, you’re eager to store as much information as possible. Who knows what you may need it for in the future. This is based on two wrong assumptions: the first is that people will not misuse the information; we don’t really have to look for the obvious numerous examples of police misuse of information. The second wrong assumption is that statistical and anonymous information, if gathered, is harmless. The act of redientifying anonymous information becomes easier with growing power of computing.

4.
For me, the problem begins when you retain information: you want people to access the information you retain (if you’re a social network, for example), and you can’t really protect information you store which should always be available. A good example is Yoav Even’s review of the Israeli medical history general availability. Mr. Even called in order to receive the medical information of one of his friends. In order to have the information faxed to his offices, all he had to do is give the friend’s ID number (which is generally available after the Israeli census leak). However, you usually only start to think about privacy when the personal information leaks.

5.
My claim is that privacy is not a nuisance that you can nag off with a privacy policy or by encrypting information or adding an additional firewall. Privacy is a major concern you have to add to your application when you design it. Here goes “Privacy By Design”: this means think first, act later.

6.
Here is how I (usually) work when I help clients design their project: First, we ask do we really need this information. This goes for every aspect; not just names and email addresses, but also information that is considered anonymous but may later be reidentified. Things like browsing history, IP address or browser identification. Ask yourself why do you need it, and can you replace it (either with hash or other information). For example, keeping your users’ email to contact them is great; but keeping their IP address for more than 14 days has no actual use.

7.
Next, ask yourself if the end-user can store the information at the client’s end, and not on your server. A lot of times, using distributed storage may save costs for application developers, but may also limit the data breach. Quite a lot of information, where it is not needed for processing, may be saved at the client.

8.
Then, once we decided that this information is used, ask ourselves what are the benefits from retaining this information? For example, if we save a person’s purchase history in order to profile him and tailor advertisements, we might consider just storing the profile information or the categories of the purchased products.

9.
Then, let’s ask ourselves what is the cost of retaining the information. The cost is divided into two groups: (a) the actual cost of saving the information; and (b) the cost of repairing a data breach. Meaning, that we need to ask whether the benefit of storing a large amount of data is lower than the cost of repairing the breach where the personal information of X users is online (and see eBay’s latest scandal as an example).

10.
So, what can you do? My recommendation is to plan privacy ahead. Think of your product as something that should not be “keep everything, analyze later” but more like “let’s only keep what we must, and dump the rest”. This will make the cost of a data breach lower, and will actually help you in the long run as being more privacy oriented.