Blog spam went out of control again; the only remedy I could find was a very big hammer: turn off the drupal comments module altogether and in doing so, unpublish all comments ever posted to this site. I suppose they're still in the database and could be published again, if we could separate them from the spam.

The drupal expertise in our group seems to have gone on to greener pastures. That prompted me to divest from my family business drupal installation and start a hosted wordpress site and makes me wonder how safe is stuff that I write here...

Any MIT students want to help this research group manage a community presence? Please get in touch.

The original appearance of this entry was in Danny Weitzner - Open Internet Policy

Anecdotal evidence suggests that there’s no such thing as bad publicity (at least for Facebook). In the wake of the recent flap about Facebook’s change in its terms of service, I seem to be experiencing a spike in new friend requests on Facebook. Of course, there may be no causal relationship whatsoever but I don’t think I’ve become any nicer or more popular. I have a feeling people just have Facebook on the brain.

The original appearance of this entry was in Danny Weitzner - Open Internet Policy

Steve Lohr has a nice piece in the New York Times (’Technology Gets a Piece of Stimulus,’ 26 Jan 2009, p. C1) this morning about the role that technology and innovation will play in the economic recovery (aka stimulus) bill supported by the Obama Administration.

In the past, health IT deployment has been approached as an engineering problem: what computers have to be part of which networks exchanging which types of data? This loses sight of the purpose of electronic medical records: helping doctors to provide better care to their patients and transforming the system at a macro scale so that it enables data-driven, evidence-based research on how to provide effective, cost-efficient care. Today, because most doctors are paid based on how many procedures they perform, as opposed to how good they are at keeping patients healthy, will actually lose money if new information systems help them to deliver care more efficiently and keep people healthier. So, the key challenge for electronic medical record deployment is to marry up overall changes in healthcare policy with the the right innovation environment to produce the health information infrastructure we need to support safer, more efficient health care.

A quick infusion of stimulus spending, combined with a long term commitment to spend much of this money in a way that rewards doctors for delivering better care and data needed to measure effectiveness and efficiency (as opposed to just subsidizing them to put expensive hardware and software on their desks), can help lay the groundwork for the systems needed for health care reform. As Lohr explains:

The time-tested way for governments to create jobs in a hurry is to pour money into old-fashioned public works projects like roads and bridges. President Obama’s economic recovery plan will do that, but it also has some ambitious 21st century twists.

The $825 billion stimulus plan presented this month by House Democrats called for $37 billion in spending in three high-tech areas: $20 billion to computerize medical records, $11 billion to create smarter electrical grids and $6 billion to expand high-speed Internet access in rural and underserved communities.
[..]
The technology industry is not typically viewed as a prolific job producer. Much of its manufacturing is highly automated. But bringing technology to services fields like health care, telecommunications and energy can be labor intensive and thus generate jobs.

The issues surrounding electronic health records illustrate the policy challenges of targeted programs. Mr. Obama has advocated spending $50 billion over five years to accelerate the use of such records and the sharing of health information across a national network.
[..]
The computerized records, when used properly, are an indispensable tool for measuring, tracking and improving patient care — yet only about 17 percent of the nation’s doctors are using them. They are commonplace at large medical groups, but 75 percent of doctors practice in small offices of 10 physicians or fewer.

Doctors often benefit from inefficiency, because the dominant fee-for-service payment system means they are paid for doing more — more doctor visits, tests, surgical procedures, pills.

“Paying to put computer hardware and software in physicians’ offices isn’t going to do anything unless you change the incentives in the system,” said Dr. David J. Brailer, former national health information technology coordinator in the Bush administration.
[..]
“You want to pay for achievement — better health quality and efficiency,” said Dr. David Blumenthal, director of the Institute for Health Policy at the Harvard Medical School, who advised the Obama campaign. “But in the transition period, before financial incentives are reformed, you need to provide incentives or grants to use electronic health records because this technology is sort of the opening wedge to reform.”

And summarizes the current contents of HealthIT stimulus proposals developed by the transition team and current being considered by Congress:

Those eligible for grants to buy technology, a member of the Obama transition team said, will include inner-city and rural hospitals and small doctor practices. But most money, he said, will go to incentive payments to improve quality and safety of care.

The big leverage that that the Federal Government has is the over $700 Billion dollars that it spends on Medicare and Medicaid each year. All together the Federal government pays for over 40% of all healthcare in the US so directing that spending in a way that encourages a more data-driven health care system is the key to success. The stimulus spending will be the first step toward creating a system in which that money can be used to encourage smart, data-driven health care.

The original appearance of this entry was in Danny Weitzner - Open Internet Policy

I’ve spent the last eleven weeks working on the Obama-Biden Transition Project with the Technology Innovation and Government Reform (a.k.a TIGR) policy group and have now finished. It’s been an great experience and tremendous honor to be able to work on a wide range of technology policy issues with such a talented, disciplined and dedicated group of people. Knowing that President Obama is now in the White House and getting to participate in the inaugural festivities was a great way to cap this all off.

What was extraordinary about the Technology and Innovation policy group was that it existed at all. This presidential transition, as others in the past, had to do a thorough review of issues and challenges in all of the Federal agencies, select senior personnel to fill Cabinet and White House positions, and prepare strategies for meeting key policy challenges and campaign commitments: health care reform, economic recovery, national security, foreign policy, etc. While Internet technology and innovation issues have been on the radar screen for nearly 20 years, this was that first Presidential campaign and the first Presidential Transition Team to give tech policy issues high profile attention.

Now I’m going to take a few days off, try to catch up on old email, and look forward to returning to my research and teaching at MIT at the beginning of February.

I have a home movie that I just want to show to just a few friends around the Web. With OpenID, I should be able to just give my web server a list of my friends' pages, right?

I eventually found a README for mpopenid with just what I wanted:

PythonOption authorized-users "http://alice.com/ http://bob.com/"

But that wasn't on the top page of hits on a search for "apache OpenID". (Like most sites, mine runs on apache.) The top hit is mod_auth_openid, but its FAQ that says my use case isn't directly supported:

Is it possible to limit login to some users, like htaccess/htpasswd does?

No. ... If you want to restrict to specific users that span multiple identity providers, then OpenID probably isn't the authentication method you want. Note that you can always do whatever vetting you want using the REMOTE_USER CGI environment variable after a user authenticates.

So I installed the prerequisites for mpopenid: libapache2-mod-python and python-elementtree were straightforward, but I struggled to find a version of python-openid that matched. I almost gave up at that point, but heartened by somebody else who got mpopenid working, I went back to searching and found a launchpad development version of mpopenid. That seems to work with python-openid-1.1.0.

In /etc/apache2/sites-available/mysite, I have this bit that glues mpopenid's login page into my site:

<Location "/openid-test-aux">
  SetHandler mod_python
  PythonOption action-path "/openid-test-aux"
  PythonHandler mpopenid::openid
</Location>

And in mysite/movies/.htaccess, this bit says only I get to see http://mysite.example/sekret:

<Files "sekret">
  PythonAccessHandler mpopenid::protect
  PythonOption authorized-users "http://www.w3.org/People/Connolly/"
</Files>
  

The mpopenid README also shows an option to put the list of pages in a separate file:

PythonOption authorized-users-list-url file:///my/directory/allowed-users.txt
  

But I haven't tried that yet. So far I'm happy to put the list right in the .htaccess file.

The original appearance of this entry was in Danny Weitzner - Open Internet Policy

From Remarks of President-Elect Barack Obama
As Prepared for Delivery
American Recovery and Reinvestment
Thursday, January 8, 2009

[..]
“To improve the quality of our health care while lowering its cost, we will make the immediate investments necessary to ensure that within five years, all of America’s medical records are computerized. This will cut waste, eliminate red tape, and reduce the need to repeat expensive medical tests. But it just won’t save billions of dollars and thousands of jobs – it will save lives by reducing the deadly but preventable medical errors that pervade our health care system.”
[..]

The original appearance of this entry was in Danny Weitzner - Open Internet Policy

A wonderfully perceptive and funny characterization from outgoing US Democratic National Committee Chair Howard Dean (Health care contenders - Chris Frates - Politico.com):

Dean said: “I’m not going to say anything about anything to do with transition. Generally, those who talk don’t know, and those who know don’t talk. And I don’t know what he’s [President-elect] going to do, but I ain’t talking.”

The original appearance of this entry was in Danny Weitzner - Open Internet Policy

Last week Thomson Reuters (the owner of EndNote Software, a widely used proprietary tool for collecting and managing scholarly bibliographic information) filed a lawsuit against Zotero, the most popular open source, Semantic Web-enabled bibliographic tool. Zotero, packaged as a Firefox extension, is a handy tool for collecting bibliographic metadata to assist scholars in managing information necessary for their research (news story, complaint). Zotero can import and export a variety of different bibliographic formats and does so in a web-friendly, RDF-enabled way. Exchanging and linking bibliographic information (ie., the title, author, publication venue) of scholarly communication is an important means to discover new links amongst individual pieces of research that are published around the world. This has been a high priority, for example, in the life sciences where new knowledge can be uncovered by linking individual pieces of research together.

The latest beta release of Zotero will read and write EndNote’s proprietary metadata format and import and export the citation formats that EndNote provides for a wide variety of academic journals. In response to this, Thomson sued the Zotero developers (an open source community hosted at George Mason University), charging that Zotero (and GMU) reverse engineered the EndNote citation file format in violation of EndNote’s end user license agreement (EULA).

The key effect of Thomson’s suit, if it succeeds, would be to create a legal doctrine that enables software developers to restrict the Semantic Web’s potential to promote data interoperability and data integration. The legal issue at bar has to do with reverse engineering and the enforceability of EULAs, both of which are important questions. And, there’s a lot of say about whether or not the compliant will stand up to legal scrutiny. That said, the Web community, as well as the scholarly community, ought to pay careful attention to this case because its outcome could have real bearing on how free we will all be in the future to exchange information and realize the knowledge-enhancing benefits of the Web through collaborative research.

Update: Nature Magazine editorializes about the threats to interoperability of the lawsuit.

The original appearance of this entry was in Danny Weitzner - Open Internet Policy

For a couple of years, colleagues of mine and I have been writing about the need to protect privacy through rules and laws restricting how information is used, not just who can access the personal information. So, I was very happy to discover that a famous early exposition of privacy rights in United States law (Olmstead v. United States (1928)), by the most famous judicial advocate of privacy rights, Justice Louis Brandeis, expressed a clear sentiment in favor of protecting privacy based on how information is used, not just whether one is entitled to have access to it or not. In the course of explaining why earlier Supreme Court legal precedents should be understood to make wiretapping illegal, Brandeis wrote

Unjustified search and seizure violates the Fourth Amendment, whatever the character of the paper; [n4] whether the paper when taken by the federal officers was in the home, [n5] in an office, [n6] or elsewhere; [n7] whether the taking was effected by force, [n8] by [p478] fraud, [n9] or in the orderly process of a court’s procedure. [n10] From these decisions, it follows necessarily that the Amendment is violated by the officer’s reading the paper without a physical seizure, without his even touching it, and that use, in any criminal proceeding, of the contents of the paper so examined — as where they are testified to by a federal officer who thus saw the document, or where, through knowledge so obtained, a copy has been procured elsewhere [n11] — any such use constitutes a violation of the Fifth Amendment.

That is to say, even if the officer was in rightful possession of the private information, it still should be understood as a violation of privacy it the police use the information against the individual. This is privacy as a set of usage rules.

Brandeis was trying to argue that wiretapping should be considered illegal under the Courts existing precedents but the majority of the Court opposed him and asserted that wiretapping was constitutional because it did not involve any physical trespass into the private property of the telephone user. So, Brandeis lost the argument in this early case and wiretapping remained constitutional (though not always legal) in the US for another 40 years. Eventually, though, the Court came around to Brandeis’ view that how the government got access to the telephone call matters less than the fact that people have, and are entitled to have, an expectation that their calls are private; that government would become too powerful it allowed to use the contents of our private communications without a warrant.

The original appearance of this entry was in Danny Weitzner - Open Internet Policy

Today a senior McCain advisor, Doug Holtz-Eakin, proudly held up Blackberry and declared:

“You’re looking at the miracle that John McCain helped create.”
AP, 16 September 2008

Bloggers on all sides of the partisan divide are having a field day with this, suggest that the McCain campaign is out of touch, desperate, or trying to top the trouble VP Al Gore got into when he was falsely accused of claiming to have invented the Internet. At best, it suggests that Eakin-Holtz was just careless. At worst, it suggests that the campaign and the candidate has deeply irrational ideas about how to promote innovation. It’s also been pointed out that there’s some irony in McCain claiming credit for the success of a Canadian company.

The real question is: what would a McCain presidency do to help enable the NEXT innovative device, service or revolutionary use of the Web? (**Full disclosure here: I’m an active supporter of Senator Obama, though this post is entirely my own and not in any way made on behalf of the Obama campaign.**)

McCain’s record in promoting innovation on the Internet and in the large information and communications marketplace is terrible. Mostly, he can claim credit for supporting incumbents over innovators and for failing, in his time as Chair of the Senate Commerce Committee to do anything at all to support the innovative and socially beneficial aspects of the Internet. While he was in the leadership of the Senate Commerce Committee (1997 - 2001, and 2003 - 2005) his contributions included:

• being entirely AWOL in defending the openness-protecting provisions of of the Telecommunications Act of 1996 — the parts of the Act that were supposed to help assure market access to innovative new services, such as the Blackberry, were weakened, ignored or attacked by the FCC and the courts. As Chair of the Committee responsible for the law, McCain did nothing. That’s why we have an anemic choice of broadband providers in most parts of the country. This is good news for incumbent cable and telecom companies but will make it harder for the next Blackberry to get to market.
• opposing eRate legislation that extended Internet access to schools and libraries. Not only were his policies as committee chair bad for innovators, he sought to make it harder for the non-profit sector to pay for Internet access.

What did McCain do has chair of the most powerful congressional body in the communication and information market? He mostly stood up for the interests of incumbents. He wrote letters to the FCC supporting higher cable television rates, encouraged consolidation in the telecommunications market reducing the number of local phone companies from 7 down to an eventual 3.

And today, even though he’s no longer in a leadership role on Internet and telecommunications policy, he’s still speaking up against innovation and for incumbents through opposition to even modest Net Neutrality provisions.

In the end, the campaign season slide of some advisor is nothing compared to the anti-innovation record of Senator McCain himself. We’re lucky (well, maybe ) to have Blackberry’s an other innovations today. They won’t likely go away. But the question is which presidential candidate is more likely to support policies that enable the NEXT Blackberry. History shows is certainly isn’t John McCain.