The bill can be read here, and I'm not going to go through it (mainly because it makes my blood pressure rise to dangerous levels), but eminent cyber-lawyer Lilian Edwards has given a lot of very good coverage to the "process," all of it well-observed, and some of it very impassioned. Apart from the sheer embarrassment of the process itself, a largely anti-democratic shambles with just over 6% of MPs turning up for a crucial second-reading debate, we also had to endure a lot of poorly-informed rhetoric from those who did show. One commenter on Twitter referred to the debate as being like a group of nursery school children discussing quantum mechanics, though there were also some rare examples of well-informed and rational argument against excessive haste and unforeseen consequences.
Mike Butcher has posted a fairly scathing piece, and the Ars Technica coverage is also a good intro for readers outside the UK, where the issue seems to have attracted surprisingly little attention up to now. The TechCrunch piece raises an issue I have been writing about for a long time, namely the fact that a DPI-led arms race initiated by the content industry might have unintended consequences, which will further muddy the waters of legal due process. As one observer on the NANOG list noted succinctly in the wake of the announcement of the Comcast ruling (coming in the same week - can you hear the slapping of high-fives in content land?), "Looks like a good time to get into VPN services."
There is a lot to be disturbed about in this bill, but I am most unsettled about what is, to my mind, a fairly arbitrary and vague stance on what might constitute evidence to substantiate suspicion of involvement in copyright infringement. (If anyone has a clearer idea, please contact me and let me know what I am missing.) This can only be exacerbated by a widespread adoption of encryption, as I envisaged in my post linked above, and which Mike Butcher cites a real-world example of in Sweden. In such a scenario, will it be enough to observe volumes of encrypted traffic flows to infer potential infringement? From a technical standpoint, maybe, but from a legal standpoint this sounds a lot like the "if you have nothing to hide, there is nothing to fear" mantra so often employed by totalitarian regimes. My guess is that if we do see a spike in adoption of such services in the UK, it may be precisely because people have nothing to hide and thus resent being snooped on, something which has always gone on, but which they may now be more sensitized to as a result of this asinine legislation.
One huge problem in all of this, and one which the blinkered supporters of this bill seem to be blissfully ignorant of, is that many of the same tools which they associate with "piracy" (if, indeed their understanding even extends to the word "tools") are also in "legitimate" use by those in the creative industries, whom the proponents of this bill expressly claim to protect. Twitter prankster @record_industry perhaps nailed the real intent of the phrase "creative industries" with this tweet: "To clarify: when the bill says 'protect artists,' we mean REAL artists. Not you shitty amateur ones." I suspect there is more truth in this than politicians would like to admit. Nevertheless, I fear that there is a huge number of "creatives" who rely on the internet for their livelihood who might find themselves on the wrong end of the enforcement regime suggested by this bill.
Here's a personal case in point. My friend and sometimes band mate, Linda Heck, is working on a recording project in Memphis and Nashville. She very kindly asked me to contribute guitar and vocals to four tracks on the project. My friend and neighbor, Paul, has a studio in his home in South London, which he has previously used only to record his own band, and I decided to record my parts there. As it happens, I am going to the States in two weeks' time, so I will hand-deliver the discs containing my contributions. However, Paul and I could just as easily have ended up uploading the files to a secure FTP site, from which Linda and her producer could have then downloaded across the Atlantic.
Now, these files are WAV audio files, uncompressed, so a single guitar part for a single song can be 15 - 50MB, and there are a lot of them. Just for my contribution to four songs, the total payload came in at over 600MB, so roughly equivalent to 10 albums in mp3 format, or perhaps a feature-length film in standard or sub-standard resolution. Hypothetically, let's say that Paul becomes popular as a producer, and ends up getting involved in several other similar projects, wherein several times a week he is uploading and downloading several gigabytes of media files to a secure FTP site. Well, to those connected with the project, it's just an ordinary part of the production process, but to a telco acting under duress as secret policeman of "content kleptomaniacs," it will probably be flagged as suspicious activity. And to the paranoid, intellectually bereft elements of the content industry which endorse these Orwellian tactics as a diversion from their glaring lack of imagination, it will almost certainly be enough for poor Paul to end up on a blacklist of some sort. After all, what possible reason could someone have for uploading big content files to a secure FTP site besides infringement? It couldn't be independent music, it must be episodes of "Glee."
This is only one example, but one I fear may end up being a textbook case in future if this idiocy is allowed to continue. I also know a lot of other "Pauls" in video production, photography, software and other industries where shipping and receiving large amounts of sensitive, proprietary data, often in encrypted form, from a home broadband connection to secure online storage is a normal and essential part of business. Without highly invasive inspection of the actual files (think strip-search) to show that they are not infringing, the industry may simply assume that volume of this sort, either encrypted or to/from secure sites, or both, is suspicious at least, and deserving of escalation through the "process." (Not to mention users, including me, of services like Jungle Disk.)
Perhaps I'm wrong. Maybe the Crusaders Against Content Kleptomania (CACK) will develop a rational, scientific and defensible approach which won't throw up false positives on spurious evidence, and impose costs and economic damage on innocent individuals - "creatives" even. I hope so, but I don't find history to be encouraging, and I think it's embarrassingly clear that most of the politicians involved with this shit-show don't have a clue of what they might be unleashing. Anytime you wield a sledgehammer to crack a nut, you risk smashing someone's fingers in the process, possibly your own.