ArtsWatch: Hacking Under Fire

Department of Commerce report recommends new approach for private-sector cybersecurity
June 13, 2011 -- 7:15 am PDT
By Philip Merrill / GRAMMY.com

The Recording Academy actively represents the music community on such issues as intellectual property rights, music piracy, archiving and preservation, and censorship concerns. In pursuing its commitment to addressing these and other issues, The Recording Academy undertakes a variety of national initiatives. ArtsWatch is a key part of an agenda aimed at raising public awareness of and support for the rights of artists. To become more involved, visit Advocacy Action @ GRAMMY.com and sign up for Advocacy Action E-lerts.

On June 8 the Department of Commerce released "Cybersecurity, Innovation And The Internet Economy," a report developed by its Internet Policy Task Force. Its recommendations resulted from participation by many private sector stakeholders, and the report seeks further comments and suggestions on how it can appropriately promote a new public/private partnership to fight hacking. IPTF member Ari Schwartz said, "The report targets what it calls the Internet and Information Innovation Sector, or the I3S. These are businesses that range from mom-and-pop manufacturers or startups that sell most of their products and services online to social networking sites like Facebook and Twitter to cloud computing firms that provide anytime, anywhere access to applications and personal or public data." I3S computer networks are not covered by the new federal cybersecurity policies addressing critical national infrastructure, but their importance to the U.S. economy is huge and the threats against them are growing dramatically. Department of Commerce Secretary Gary Locke said, "Some estimates suggest that, in the first quarter of this year, security experts were seeing almost 67,000 new malware threats on the Internet every day. This means more than 45 new viruses, worms, spyware and other threats were being created every minute — more than double the number from January 2009. As these threats grow, security policy, technology and procedures need to evolve even faster to stay ahead of the threats." The Center for Democracy & Technology and Google praised both the report and its overall policy approach to promoting constructive, voluntary steps companies can choose to take as part of a collaborative national effort.

Sony has received a great deal of unwelcome publicity in the midst of an ongoing flurry of high-profile hacking attacks that have also included Citigroup, Google, the International Monetary Fund, Lockheed Martin, Nintendo, encryption experts RSA, and threats against NATO. Security expert Bruce Schneier told Cnet News, "I truly don't think there's a higher instance of hacking right now. I think there's been a wave of media coverage." Such sophistication cannot diminish the shocked reaction many are experiencing as they read ongoing reports. For example, Digital Music News said, "This hacking thing seems a little out of control.... All of which raises the question of whether any site is safe — and, on a personal level, whether any individual information or credit card data is truly secure. [It's] certainly a scary thought, because the answer is 'no.'" Expressing a different kind of amazement, technology journalist Woody Leonhard said, "If only basic security measures had been followed.... What amazes me is the number of different vulnerable databases that have been discovered lately, and the absolutely unconscionable concept that sensitive data stored in outward-facing databases isn't encrypted." It all adds up to a widespread spike in popular awareness of hacking that could have positive consequences. While there may be no such thing as perfect safety, the Department of Commerce cybersecurity report recommends doing what we can to be more safe. The time seems ripe for a wave of antihacking activism.

Networking device manufacturer Cisco released its latest Visual Networking Index forecasts on June 1, predicting that dramatic increases in Internet use and traffic will continue. The company said, "Global [Internet Protocol] traffic has increased eightfold over the past five years, and will increase fourfold over the next five years." Besides more people using the Internet at faster speeds, Cisco expects this continued surge to be driven by greater use of online video and Internet-connected mobile devices such as smart phones and tablets.

As reported on by NewsWatch, Apple announced several iCloud services on June 6. Speculation surrounds the upcoming iTunes Match service — due this fall at a price of $24.99 per year. The match feature scans tracks in a user's digital music collection and makes available iTunes' own high-quality versions of those tracks. Apple's deal will allocate 70 percent of these fees to the major record labels and publishers, so in a sense the labels will finally see real royalties from unauthorized downloads stored in users' personal collections. Questions still surround issues such as downloading versus streaming and whether iTunes Match will be compatible with non-Apple devices — not to mention the question of how the service will compete with Amazon and Google's cloud offerings, which lack licensing from the labels. It seems likely that iCloud's future features will evolve based on market competition and that Apple's label licenses will give it greater flexibility to introduce new features than its competitors.

On June 7–8 CISAC's third World Copyright Summit was held in Brussels, attracting 700 attendees from 57 countries for 36 sessions with more than 100 prominent speakers (see day 1 and day 2 wrap-ups). In her keynote speech, U.S. Intellectual Property Enforcement Coordinator Victoria Espinel suggested cloud services could help fight piracy. "The flexibility of the cloud may help spur the development of compelling legal alternatives," said Espinel. Expanding on this in a subsequent interview with The New York Times, Espinel said, "One of the things that will be interesting is that the flexibility of cloud-based services, the fact that they allow consumers to access music, movies, whatever content they want, is that it may have an interesting impact of what our concept [of] ownership is. It's my opinion that there [is] still a strong bias for consumers to own something, to own a piece of music or a movie. I don't think that desire for ownership is going to go away. But I do think that the way cloud-based services work may start to change our idea of what ownership means."

A one-day test of the next-generation Internet address system IPv6 was held on June 8, which was designated World IPv6 Day, with participants including Facebook, Google, Microsoft's Bing, and Yahoo. The experiment went smoothly, earning adjectives of praise such as "uneventful" and "anticlimatic." Internet governance body ICANN previously announced in February that the 4 billion shorter numerical Internet addresses used under the old system have all been allocated.

 

Email Newsletter