Two kinds of rules

I’m trying to make sense of this piece by Ed Felten, on what he calls a “weapon of mass virtual destruction” in an online game. (You will probably have to read it first to understand the rest of this.)
The problem isn’t that I think he’s wrong – I’m pretty sure he’s right. The problem is I’m not sure why he’s right.
He says:

Should the FBI get involved in this mess?
It seems to me that they should. A WMVD of this sort is just a fancy denial of service attack, and a deliberate denial of service attack against a large network service looks to me like a crime. It’s possible that the first attack wasn’t meant to crash Second Life — though even if not deliberate it was certainly reckless — but subsequent attacks could only have been intended to cause a crash.

That sounds very promising to start with. A crashing server is a “real world” event, not a “virtual world” event, and since a real human has deliberately caused a real-world harm, we are in the domain of real-world law enforcement.

On reflection, though, the issues start to blur. The jargon term “crash” can be used to describe a large range of computer behaviours. The assumption in this case is that the game server software stopped working, and either terminated itself or had to be terminated by an operator. There are other possibilities, though. For instance, it might have continued to function “correctly”, but, since the majority of the “virtual objects” being maintained were by now copies of the “gray goo”, the actual progress of everything else might have been slowed down, possibly by 1000 or 10000 times. It’s not actually particularly likely, but it’s quite plausible, and it would actually be difficult to tell whether this was the case or not. Even the most casual computer user has been faced with the question “is it working, is it going slow, or is it dead?”

So what? If it doesn’t make any difference to any actual user, then it’s no different, right? But it’s less clear in this case that we’re talking about a “real world” event. A server rebooting is a real world event, but a program processing objects of type A not objects of type B? Not really.

And that, I think, negates Felten’s argument. He calls it a “denial of service” but it is more of a matter of opinion – if the server is servicing the allegedly malicious user rather than other users, that could be seen as a legitimate “aim” of the game. After all, if you kill the character of another player in a game (which in many games is more or less the main point), you are “denying service” to that player, but you are no more guilty of “denial of service” than you are of murder So the fact that you’re deliberately impairing the experience of other players does not make you actions illegal, any more than if you killed them with a sword in one of the more combat-oriented games.

The obvious difference is in the intention of the game, or its organisers. You’re supposed to decapitate people in Everquest, you’re not supposed to destroy the world in Second Life. But that’s weak too – the attraction of Second Life, from what I can see, is it’s open-endedness, the fact that you can do things in it that nobody else thought of doing.

In conclusion, I think that it is reasonable that this “WMVD” could be considered to be against real-world law, but it’s a matter of judgement, and of degree. Effectively, an arbitrary line would have to be drawn – how much are you imparing the service of other users, how far from the intention of the owner of the service are your actions. Many other things are like that, of course.

Two related issues, for comparison:

In sport, there are rules that you can break with purely in-game consequences, and rules that you can’t. For instance in soccer, if you are behind the last defender when the ball is played to you, you are offside, and if the match officials judge it correctly, the other side gets the ball. There is nothing immoral in being offside, even deliberately (in the hope of getting away with it). On the other hand, if you deliberately trip up another player, that also results in the ball being given to the other side, but in addition it is considered to be misbehaviour. If the foul is considered to be deliberate or reckless, you can receive extra in-game penalties, and also penalties that are within the game-system but external to the actual game being played – for example, being disqualified for another game, or being fined by the game’s governing body or your club. In extreme cases, you can be subject to out-of-game penalties, such as being charged with assault or sued. This has happened a few times. The same three levels can apply in online computer games. You can be pursued by some kind of in-game policeman – this is part of the game, like a free kick for offside. You can be excluded or restricted by the game’s organisers – this is like being suspended. Or you can be pursued through the law. The distinctions aren’t always clear. (Was a criminal fraud committed on 22 June 1986?)

Second, similar questions of proper and improper uses exist with other network services. An SMTP server can receive email messages. Some servers are configured to receive only from certain users, but to forward mail to anywhere. Some servers are configured to receive from anywhere, but deliver only to certain addresses. Servers can be, but rarely are, configured to accept mail from anyone and forward it to anywhere. Some servers are not correctly configured to enforce the restrictions intended by their owners. What uses of these servers are proper? Is it a crime to take advantage of a misconfiguration? of a software bug? Over the past 5 years or so, some arbitrary lines have been drawn.

Referrer logs

It’s funny when you get your news from your blog’s referrer logs. I saw a cluster of hits from search engine results for “explosion in Luton”. Looks like there’s something I need to know about…
It seems that a fuel depot in Hemel has blown up – apparently by accident. (Power surge, perhaps?) The BBC have quotes from people here who were woken by the blast, but I slept through it.
Interestingly, the first hit I got from a search engine link was at 0611. The first explosion was at 0603. Someone must have heard the blast and immediately started web searches to find out about it – that shows a distinct lack of understanding of how search engines work.
Update: As you might gather, I have no information on this other than what’s been on television. The depot is 10 miles due south from here, but the smoke is not blowing this way. I was not woken, but many of my neighbours were (and possibly my 3-year-old, but he knows better than to disturb us on Sunday morning). The main effects look like beihttp://www.blogger.com/img/gl.link.gifng a big insurance claim (100-200 million, I would guess), and disrupted travel for a day or two.

Crime: Why rape is different

In the previous post on rape, I reasoned on a basis that rape is like other crimes. “in general, the biggest cost of crime is the cost of avoiding it.” There are reasons, however, why rape is often different from other crimes, even other very serious crimes.
First, many cases of rape are actually very difficult to prove. Other types of serious crime against the person are much easier to prove – at least much easier to prove that a crime has taken place. If one person kicks another’s teeth in, there is a very strong presumption that a crime of assault has taken place. If one person has another’s wallet, again, it is not very likely that it was given voluntarily. If two people have sex, however, there is no automatic assumption that rape has occurred. One can – at the cost of considerable further indignity to the victim – prove that sex occurred, but not that it was non-consensual.
This is reflected in the part of the Amnesty survey that I didn’t previously discuss – the perceived incidence of rape. Many victims do not report the crime to the police because they know it cannot be proved, or do not want to go through what would be necessary to prove it. Among those that do report the crime, only a few percent actually result in convictions. Again, many victims choose not to endure the trial process.
The second distinctive feature of the common sort of rape (which is what I am discussing) is that it is invariably a crime committed by men against women, so its treatement is affected by – and affects – the status of men and women in society.
Quick aside: The Disillusioned Kid in a comment below draws distinction between “stranger rape” and “aquaintance rape”. I would deal with three categories: Abusive domestic situations, aquaintance rape, and stranger rape. The stranger kind, which as the Kid points out is relatively rare, is more like other crimes of violence – consent is less likely to be an issue, and detection is mainly a matter of identifying the perpetrator. The Amnesty survey, seems to me mainly to apply to aquaintance rape – the friend or acquaintance who “goes too far” with a woman who has been “asking for it” by comporting herself provocatively.
This is where the two features come together. When women had distinctly inferior status in society, the kinds of behaviour discussed in the survey – essentially those of a woman enjoying her freedom and expressing her sexuality while not under the direct “protection” of a man – were considered inappropriate and reprehensible in their own right. This was a piece of the general subjection of women, but had the side effect of protecting them from that kind of rape. (Before getting nostalgic, it is worth reflecting that it gave no protection against domestic abuse, which was perhaps even more prevalent than it is now).
This is what makes the issue politically sensitive: advice about avoiding dangerous “aquaintance rape” situations sounds exactly like asking women to resume their traditional, socially inferior, position. The motives of the “advisor” can be ambiguous. An understandable response to such advice is that the “solution” to violence against women ought not to be one that itself represses women – if anyone’s behaviour is to be restricted, it should be men’s.
Not that the present situation is all good for men, either. In the traditional, patriarchal social order, while “respectable” women had no sexual freedom, respectable men (meaning those with a reputation to protect) did not associate freely with women either. This protected men from false accusations of rape. Because just as rape is difficult to prove, it is also difficult to disprove. A man who meets a woman in private is risking his reputation – he can be accused of rape for reasons of spite or blackmail. Quoting this home office paper:
“Nine percent of cases [of reported rape] were designated false, with a high proportion of those involving 16 to 25 year olds. However, closer analysis of this category applying Home Office counting rules reduces this to three percent. Even the higher figure is considerably lower than the extent of false reporting estimated by police officers interviewed in this study”.
The whole old-fashioned customs of slow courtship can be seen as a mechanism from protecting women from unprovable rapes, and men from un-disprovable false accusations. It can also, of course, be seen as the rituals of a society not at ease with sex, and again as the result of seeing women at least in part as being the property of men. Return to the past is not an option. But wishing away problems that are eternal does not help either. The idea that we should only have intimate contact with a person if we have already publicly demonstrated a close association with them seems to me neither repressed nor sexist – it is a costly restriction on our freedom that protects us from some dangers, in the same way as not leaving the house unlocked for the electrician is.

The DRM problem again:

Just a break from my current theme, to point to this piece “DRM, Incompatibility and Market Power: A Visit to the Sausage Factory” by Ed Felten. It is a superb account of the motives and incentives that produce the DRM that we are seeing today. It needs to be listed along with Cory Doctorow’s 1994 talk at Microsoft as the essential reading to understand the subject. This is why I insist that the mechanisms (technical and legal) of enforcement of copyright are more significant than the questions of what is copyrightable and what isn’t

“Running through this whole convoluted tale are two consistent threads. DRM is used as a weapon not against infringers but against market rivals. And when companies use DRM to undermine compatibility, law-abiding customers lose.”

Crime: Rape

The recent controversy relating to rape was triggered by the Amnesty International poll, which found that 34% of respondents in the UK said that “a woman is partially or totally responsible for being raped if she has behaved in a flirtatious manner.”

The obvious problem with the poll is that we don’t, as a society, have a widely-shared coherent view of what “responsibility” in this sense actually means. The question could be interpreted in very different ways, just on that one point.

I suspect what many of the 34% meant is “behaving in a flirtatious manner increased her risk of being raped”, which is probably true, but is not very interesting or important.

Alternatively, some may have meant “behaving in a flirtatious manner is something which should be generally discouraged, because of the increased risk of rape”. That is a more significant claim, and a more controversial one. It still doesn’t lead very far in terms of policy, however.

Slightly stronger would be to mean “behaving in a flirtatious manner is something women should be punished for, because of the increased risk of rape”. (Someone believing that may or may not feel that actually being raped is sufficient punishment.) That is quite an extreme claim, very much at odds with the publicly acknowledged values of our society. I would be very surprised if many people in this country, outside of some third-world immigrant communities, believed that.

A more interesting interpretation would be, “A rapist should be punished less severely if his victim was behaving in a flirtatious manner, because she shares some of the responsibility”. I could believe that there is a genuine, substantial difference of opinion in the country over this question.

Indeed, there are two reasons why a man might be considered less responsible for rape as a result of the woman’s behaviour. The first is provocation: effectively that in certain circumstances a “reasonable man” might be expected to commit the offence and therefore should not be held responsible. The second is consent: might certain behaviour of the woman be reasonably interpreted as consent, even if not intended that way.

On the question of provocation, as I said, I belive a substantial minority might feel that “behaving in a firtatious manner” or “wearing sexy or revealing clothing” might at least partly reduce the responsibility of the rapist. I would have to disagree with them myself, however. I think that a “reasonable man”, as the legal formulation has it, is quite able to restrain himself from raping even flirtatious or attractively-dressed women. (This is a question of fact, and open to dispute with evidence, but my conclusion is based on the behaviour of reasonable men as I have observed it). On that basis, I feel that a man who chooses not to restrain himself should be held entirely responsible. (That is a question of morality). If an unreasonable man is genuninely unable to restrain himself from raping flirtatious women, then he is dangerously insane and needs to be treated as such. (establishing such inability is a difficult technical question which I will not deal with).

On the separate question of consent, I think it can be generally agreed that none of the behaviours asked about in the survey (including “having many sexual partners” or “being drunk”) actually constitute consent to sex. The question as to whether the man could reasonably believe a woman consented, when in fact she didn’t, gets murky, however.

I think I can see a way through it, however. From the point of view of a potential trial, there are two unknown facts. One is whether the alleged victim actually consented to sex. The other is whether the alleged rapist believed she consented to sex.

The first is quite difficult to establish, but it is essential to do so to get a conviction (and rightly so – if she consented, she wasn’t raped. If you can’t prove she didn’t consent, you can’t prove she was raped. If you can’t prove the crime, the accused cannot be convicted).

Assume the court has established that the victim did not consent. If the court, sitting presumably weeks or months later, can establish beyond reasonable doubt that there was no consent, it seems to me entirely reasonable to assume that the accused, actually present and participating, must have been at least equally able to do so. Bear in mind that “reasonable doubt” is not sufficient reason for him to get on with it – if unsure or indifferent to consent, it is still rape. One could imagine some fairly far-fetched situations where a man might be genuinely mistaken, but as a general rule, if the evidence in front of him does not indicate lack of consent, it’s hard to see how a court could be convinced otherwise.

In summary, I don’t draw any conclusions from the survey results, because the questions were too vague for the answers to be useful. There is possibly a serious disagreement on some substantive points, between a section of the population and Amnesty International, and if so I am in agreement with Amnesty.

The survey produced a lot of fuss, but one of the more interesting responses I saw was a circular that has gone round several blogs, including the disillusioned kid. It first makes the point, correct if a little obvious, that there wouldn’t be any rape, however women behaved, if men didn’t commit rape. It then goes on to say: “Don’t tell your women friends how to be safe and avoid rape.” That’s a remarkable statement. Recall my post before last: in general, the biggest cost of crime is the cost of avoiding it. “Our whole way of life is conditioned by the need to make crime difficult, in ways that are so ingrained that they’re difficult to notice.”

There are a few reasons the original author of the circular might have made that request. One is if he or she doesn’t believe that a woman’s behaviour has any effect on the risk of her becoming a victim of rape. While it’s true that no behaviour is completely safe, I think that’s a severely inaccurate view. Possibly, the author considers it a question of priority: that effort spent encouraging women “to be safe” would be more effectively employed encouraging men not to commit rape. That’s a coherent argument, but as I said, we take considerable precautions to protect ourselves from all crimes, because we generally believe that it is effective. No-one has said that we shouldn’t audit companies’ books, because the effort would be better spent encouraging people not to commit fraud.

Priorities aside, it might be that effects to encourage women “to be safe” have an adverse effect on the behaviour of men. I think this is probably what the author meant. It might be that a mass of voices saying (correctly) that women are more at risk of rape if they behave in certain ways might be interpreted by some men as meaning they are not doing something so bad if they rape a woman who is “defying” this advice. If so, then it may well be a bad thing that this advice is so prevalent.

This is rooted in the very first thing I talked about, the confusion over the meaning of responsibility. There is a notion that responsibility can be “shared”, which I think is fundamentally misleading. We each make our decisions in an environment that has been made mainly by other people, but to judge any decision, legally or morally, we have to take that environment as given. Many people might have responsibility for any bad outcome, but they have it separately, they do not share it. We might put ourselves at risk of all sorts of dangers, from other people or from other elements of our environment, and if we are wise we will consider our own responsibility as we do so, but if we are the victim of a criminal, his responsibility is not lessened by our risky behaviour. If people are
unclear on this point, then that is where we need the “education” that Amnesty and others call for, not telling potential victims untruths about what their risks are.

In this cause, the Amnesty survey itself is “part of the problem” – by talking casually about “responsibility” without discussing what it means, it is actually encouraging the sloppy way of thinking “flirting is dangerous, so it means it’s not so bad if I rape her” that it aims to put a stop to.

Crime: self-defence

Earlier this week the subject of self-defence came up, triggered by Anne McIntosh MP’s private member’s bill intended to give more rights to householders confronted by burglars.
There was some discussion on Samizdata, which was frankly not of very high quality, unless you compare it with that to be found, for example, here.
Pulling together the points made opposing the bill, we find:

  • The law already allows citizens to take very strong measures in self-defence, without fear of prosecution.
  • Allowing citizens to take very strong measures in self-defence would be a disaster, and the end of civilisation as we know it.

They can’t both be right.
In fact, I believe that the first objection, made by Martin Keegan on Samizdata and Janet Anderson in the other debate I referred to – that the law already allows sufficiently for self-defence – is correct as far as it goes. The Crown Prosecution Service explained their position back in January:

Indeed we routinely refuse to prosecute those reacting in the heat of the moment to finding intruders within their homes. So householders who have killed burglars in this situation have not been prosecuted. Householders who have shot burglars have not been prosecuted. Householders who have stabbed burglars have not been prosecuted. Householders who have struck burglars on the head, fracturing their skulls, have not been not prosecuted.

The cases where people are prosecuted for “unreasonable” violence in self-defence are very rare, and exceptional either in the events themselves (the CPS press release refers to a case where the householder “lay in wait for a burglar on commercial premises, caught him, tied him up, beat him, threw him into a pit and set fire to him”), or in the stupidity of the officials involved. There are limits to how well the law can protect us from official stupidity.
While defending the current law as it pertains to self-defence, I do feel that the wider situation is nevertheless highly unsatisfactory. The problems are as follows.

Weapons. We aren’t allowed any. In a crisis, we are allowed to use whatever weapons we can lay hands on, but we aren’t allowed to prepare to defend ourselves by carrying weapons or making the available. You cannot carry even a makeshift such as a small pot of chilli powder without committing a criminal offence, if you intend it as a weapon.
The problems caused by the offensive weapons law are quite subtle. The case I remember was unfortunately just a few years too early to be in any linkable news source – around 1992, I think. But from memory, this is what happened.
A local troblemaker, whose name was Elliot, was walking down the street, apparently under the influence of some drug, scratching cars with a Swiss army knife. A householder, whose name I can’t remember but who was a music teacher with hair like Brian May, walked out to remonstrate with him, picking up a hammer on the way out. They argued, and Elliot killed the householder with the Swiss army knife. Elliot was aquitted of murder on the grounds of self-defence.
Note the strength of the law of self-defence. However, this was not altogether a satifactory resolution. The problem was that, while realistically Elliot was the aggressor, and Brian-May-hair was, in the view of many, properly defending property, by illegally arming himself he had given up the position of being law-abiding. The law effectively saw two criminals fighting. The law of offensive weapons gives us the choice of being effective or being law-abiding.

The second problem is attitude – the attitude of the other set of opponents of the McIntosh bill. In spite of the law of self-defence, and of the traditional principle that it is not only a right, but also a duty of the citizen to prevent crime if possible when it occurs, and indeed to apprehend criminals, the idea has been propogated that the most responsible and respectable thing to do is to leave it all to the police. This has originated, I believe, with the police themselves, who like any professional group don’t like competition, and with the kind of state-worshipper who believes that anything that can be done by the state must be done only by the state. It is this attitude that has led to accusations of vigilantism against anyone who is in favour of resisting crime.
I believe that in a free society the police should have no special powers. The role of the police is to supplement the citizens’ actions against crime with a trained, full-time force. The police power of arrest should be identical to the citizen’s power of arrest. The citizens should be allowed to carry the same weapons as the police routinely carry. If weapons such as firearms are to be restricted, and carried only in certain circumstances, citizens should be entitled to apply for permission in the same way as police.
The point at which the state’s monopoly comes in is in the courts – to any but an anarchist it is the state’s sole duty to convict and punish offenders. It is significant though that even with Britain’s feeble separation of powers, the courts have not been under strong control of the government, and have direct citizen involvement which tends to keep their actions distinct from government policy.

The third problem is that in some areas of this country, crime is apparently out of control. It may be that it is in fact less bad than at any other period – I don’t really know – but a feature of modern life is that the whole population now expects the things that used to be the privilege of the old middle class, including the right to be relatively secure from casual violence. We don’t expect the working man to live in a pre-war slum any more, and we don’t expect him to have to endure endemic violent crime, either. And it is right that we should not.
I cannot say of my own (sheltered) experience whether it is the norm or the exception, but there are places where the law-abiding citizen is permanently threatened with crime. It is in such conditions that there is a temptation to go beyond self-defence and prevention of crime as it happens, and to attempt to drive out or deter suspected criminals pre-emptively. This is not a desirable state of affairs, and as I believe it is the right of the state to have a monopoly of punishment, it is its duty to use it to control such areas. I don’t want to go further than that, as I really am outside my area of familiarity.

Any discussion of such matters inevitably gets bogged down in the details of the Tony Martin case. The case is a poor advertisement for self-defence – there is no self-defence in shooting a fleeing burglar. The sympathy that exists for Martin is due to the third problem above: the justification he claimed was that the state was chronically failing to protect him, and the burglar that he chased off on one occasion would be back on another. I can believe that is a real problem, but if the only way to protect people like Martin is for burglars to be shot (which, as a general proposition, I doubt), then they should be shot by the state on proper conviction, not by nutters in farmhouses on dark nights.

Crime Week

I’ve got a few ideas to post on the general subject of crime. Rather than collecting them into a big rambling essay on Anomaly UK – The Director’s Cut, I’m going to try chucking them out here one at a time as the week goes by.

The first point is that crime which is actually committed is just the tip of the iceberg as far as impact on society is concerned. You can count it up, put a value on it, and say that is the cost of crime. But it doesn’t include everything we spend on successfully preventing crime. Pretty much everything we spend on fences, locks, guards, audits, stocktaking, and, for that matter, police and prisons, is a cost not of the crime that happens but of the crime that doesn’t happen. I would hazard that that cost adds up to the same kind of amount as the cost of the crime that does happen.

But even that isn’t the full story. The biggest cost of crime is the forgone opportunity – all the things we could do, but don’t because we would run too much risk of crime. If you have to take a day off work to let the gas man in, that’s a cost of crime, because without crime you could say “walk in and fix it – call me if there’s a problem”. One of the biggest costs of small business (and some large business) is establishing a reputation for trustworthiness. Our whole way of life is conditioned by the need to make crime difficult, in ways that are so ingrained that they’re difficult to notice.

ippr Paper on Intellectual Property

The ippr think-tank has published a paper “Markets in the online public sphere” on Intellectual Property issues. (Author William Davies).

The paper is an attempt to identify the questions involved, rather than answer them, and as such is worthwhile but not particularly exciting. The main new idea is to classify information transfers in the digital realm according to temporality, classifying information as:
Deliberation (synchronous, interactive transfers) Service (synchronous, passive) Content (asynchronous, temporal) Heritage (asynchronous, timeless) These categories leak into each other, but are probably a useful tool in thinking about the issues.

The leakiness is what the author appears to see as the root of the problems – how one can protect commerce in Content without unacceptable impact on Deliberation or Heritage, or conversely how can one protect the freedom to Deliberate without destroying the business of Content.

While those questions are real, to me they are not the sticking point. I believe that compromise can be reached on what forms of information transfer should be restricted and what shouldn’t. Not a perfect compromise, to be sure, but some kind of widely acceptable outcome.

What I see as the most vital issue is not what should be subject to restriction by law, but who should bear the cost of enforcement. That might sound like a minor detail, but it is in fact the fundamental problem, with far-reaching consequences.

(The rest of this piece is on Anomaly UK – The Director’s Cut)

Useless Terrorists

It’s really hard to be scared of an enemy that is this stupid.

http://osm.org/site/story/20051201suicidebomber/view

Mireille was a 38-year old woman born into a white, Christian family in the
Southern Belgian town of Charleroi; she married to a Moroccan, converted to a
radical form of Islam, and went to Iraq where she blew herself up in a suicide
attack targeted against a US military convoy; she killed only herself. Her
passport was in her remains, and its finding prompted yesterday the arrest by
Belgium and France security forces of 15 suspected Islamic militants believed to
be linked to her. Mireille has the more than dubious honor of being the first
white Western woman to carry out a suicide bombing, according to London’s The
Times

(via instapundit)

A white, female suicide bomber in Western Europe – a uniquely valuable weapon – and she goes to Iraq, where her uniqueness is not merely no longer an advantage, but is now a disadvantage.

This lends considerable strength to the idea, expressed before, that suicide bombing is often more a personal statement than a serious attempt to cause any kind of political change:

http://www.anomalyblog.co.uk/2005/07/12/suicide-bombs/

Why suicide bombing? … Maybe they feel that, other things being equal, it is better to die in the attack than survive it. I don’t 100% believe the “Blood Feud” theory of Islamist terrorism — I do think there is some strategy to it — but it is valid to say that the bombers are very much concerned with themselves and their supporters, not just with their effects on us.