April 5, 2010
Volume XXX, Issue 4
File Sharing Comes to iGoogle & Orkut - Gmail's Next
Excerpted from CNET News Report by Josh Lowensohn
Google has finally addressed one of the biggest omissions in the web-based version of its Google Talk service: size-limit-free, peer-to-peer (P2P) file transfers.
The feature, which has been a part of the service's desktop software since mid-2006, went live on the Google Talk widgets inside iGoogle and Orkut on Monday.
The endgame here - which Google says is coming, is to bring file sharing into Gmail's integrated Google Talk.
Imagine, if you will, a situation where you want to share a big file, and Gmail's attachment limit is just not cutting it. Your options are simple: you could hop over to another Google property with storage (like Google Docs) and upload the file there. Or you could go with a myriad of external file-sharing services.
Once this feature comes to Gmail, though, you just bug the other person to hop on Google Talk, and then start your large transfer there.
That situation, as lovely as it sounds, could be a pipe dream, though.
In our testing, we couldn't send executable files, which, while safer because it could limit the sending of malware, means you can't send handy software-installing packages.
Here's hoping future versions will pack the same kind of virus-scanning prowess Gmail's attachment handler has had since 2005, but in real-time. That may, in fact, be what is holding it up from being a part of Gmail already.
Leading P2P Developer Debuts Foofind Torrent Search Engine
Excerpted from Digital Media Wire Report by Mark Hefflinger
Pablo Soto, the developer of file-sharing applications including Blubster, Piolet, and Manolito, this week launched Foofind, a search engine that indexes torrents and other links to media available online, TorrentFreak reported.
Soto, who is being sued by the major record labels over his file-sharing services, told TorrentFreak that Foofind is legal because all it offers is a search index, and does not host any media files itself.
Everything Has Come Together for Cloud Computing
Excerpted from EDL Consulting Report
In the past, companies adopted new technology for a business reason. They wanted to save money, reduce carbon emission, save on payroll, or some other motivation. All of these factors together, however, contributed to the massive adoption rates cloud computing has experienced in recent months.
Leading information technology (IT) professionals believe that the global economic downturn mixed with a worldwide initiative to reduce carbon emissions has made cloud computing a necessity for enterprise users rather than a luxury, according to Sys-Con Media.
Some organizations predicted this trend and started directing their resources toward it years ago. Salesforce.com, Google, and Amazon are among the leaders in the cloud computing industry.
While some competitors make think it's a matter of finances, it's clear these companies just understood the economy's direction and did not wait to make their move.
It's true that some people in IT are tired of hearing about the wonders of cloud computing. However, until organizations decide to abandon their in-house IT storage, leading IT experts won't stop talking about cloud computing's benefits.
The cloud computing industry itself, however, still doesn't know exactly what's expected of it. At the Cloud Connect Conference this week in Santa Clara, CA, leading industry experts argued heavily over security and performance standards in the cloud.
Report from CEO Marty Lafferty
 The DCIA proudly announces our agenda and principal speakers for the upcoming P2P & CLOUD MEDIA SUMMIT.
This first-ever conference focused totally on the intersection of P2P and cloud computing with the entertainment sector is scheduled for Thursday May 6th at Loews Santa Monica Beach Hotel and is the fifth annual DCIA conference being held in conjunction with Digital Hollywood Spring.
The P2P & CLOUD MEDIA SUMMIT will explore current policy, technology, and content issues as well as next-generation business opportunities related to P2P and cloud based commercial offerings. A special session during the conference luncheon will feature a candid discussion on how to do business with leading media firms.
Our KEYNOTES will include Akamai's Stuart Cleary, Director of Product Marketing, Media & CDN; BitTorrent's Claude Tolbert, Vice President of Business Development; Cisco Systems' Geng Lin, Chief Technology Officer (CTO) of the Cisco-IBM Alliance; Giraffic's Assaf Benjamin, Vice President of Marketing and Business Development; HD Cloud's Nicholas Butterworth, Chief Executive Officer (CEO); KPMG's Mark Lundin, Senior Manager; and MediaUnbound's Michael Papish, Founder and CEO.
Our CONFERENCE LUNCHEON session will frankly address the "do's and dont's" for approaching major entertainment companies with new technology solutions. What are the absolute musts for a successful meeting? What are the most serious pitfalls to avoid?
Participants will include Foresee Entertainment's John Penney, President (formerly HBO); Loeb & Loeb's Larry Kenswil, Of Counsel (formerly Universal Music Group); Pepperdine University School of Law's John Malcolm, Distinguished Practitioner in Residence (formerly MPAA); Priority Digital Media's Amy Friedlander-Hoffman, President (formerly AT&T); TAG Strategic's Ted Cohen, Managing Partner (formerly EMI Music); and Ubiquity Broadcasting's Steve Jacobs, President (formerly SONY).
The full-day Thursday May 6, 2010 event features keynotes and panels of industry leaders from the forefront of innovation. There will be a continental breakfast in addition to the conference luncheon.
The POLICY TRACK will take a global perspective on changing rules for P2P and cloud computing and answer questions such as what are the key laws and regulations that P2P and cloud computing software developers and distributors need to observe in various jurisdictions? What changes are taking place in the regulatory environment affecting P2P and cloud-computing technologies? What will be the impact of recent lawmaking actions and court rulings? What else has to happen from a legal and policy standpoint to foster investment and commercial development of P2P and cloud computing?
Panelists will include Consulting, Legal, Mediation & Strategy Services' Matt Neco, Principal; Digital Media Analyst Jason Roks; Dow Lohnes' Jim Burger, Member; Hughes Hubbard & Reed's Dan Schnapp, Partner; MasurLaw's Steve Masur, Managing Director; Morrison & Foerster's Melody Torbati, Of Counsel; and St. Edwards University's Gregg Perry, Assistant Professor.
The TECHNOLOGY TRACK will zero in on how P2P and cloud computing are affecting the evolving distribution chain and answer questions such as what is the current landscape for P2P and cloud-based content distribution? What trends are emerging among participants in the distribution chain and in consumer usage? What impact do advances in digital rights management (DRM), compression, caching, content acceleration, swarming, streaming, and other distributed computing technologies have?
Panelists will include Asankya's Norman Henderson, VP of Business Development; Joyent's Steve Tuck, Director of Enterprise Sales; PacketExchange's Chuck Stormon, VP, Strategic Accounts & Alliances; Sivoo's Rich Moreno, Principal; Verimatrix's Neerav Shah, VP of Business Development; and Yummy Interactive's Christopher Hennebery, VP of Software Distribution.
The CONTENT TRACK will focus on how to balance monetization and anti-piracy efforts to maximize profitability and will answer questions such as what business models show the greatest promise for P2P and cloud-based content delivery? What changes are needed to more effectively harness file-sharing and related technologies? What content-security solutions are now in development that will optimize P2P, cloud computing, and hybrid peer-assisted deployments for the benefit of all participants in the distribution chain?
Panelists will include BayTSP's Lawrence Low, VP of Product Management & Strategy; BUZZMedia's Mike Lewis, EVP, Product; Cavalier Digital Media Services and Game-Boyz's Murray Galbraith, President; Copyright Clearance Center's Chris Kenneally, Director of Author Relations; Free Speech Coalition's Diane Duke, Executive Director; Game-Based Marketing's Gabe Zichermann, Author; and Independent Producer Melike Amjarv.
The NEXT GENERATION P2P & CLOUD PANEL will discuss the prospects for "content in the cloud," including music, TV, and film. Many distributed computing solutions are on the way, from live streaming to HD content downloading, with associated business models ranging from ad-supported, to subscription, to paid download. This session will go into the practical applications of P2P and cloud computing in the marketplace
Panelists will include Aleric's Vincent Hsieh, CEO; Ascent Media's Mick Bass, VP of Alliance Management; Grab Networks' Marcien Jenckes, President of Media and Content; Panvidea's Doug Heise, VP of Marketing; RedThorne Media's Ian Donahue, President; and TVU Networks' Jim O'Brien, Senior Advisor.
P2P & CLOUD MEDIA SUMMIT early registration rates, which offer substantial savings, end April 30th. For more information, please visit www.dcia.info/activities.
Registration can be done online here or by calling 410-476-7964. For sponsor packages and speaker information, please contact Karen Kaplowitz, DCIA Member Services, at 888-890-4240. Share wisely, and take care.
Comcast Introduces New Broadband Usage Tool for its Customers
Excerpted from TFTS Report by Kelly Hodgkins
In a move that should be heralded with a resounding chorus of "Finally," Comcast's much anticipated broadband usage meter will be available to customers across the nation starting Thursday.
Comcast announced its new bandwidth meter when it decided to enforce a 250GB usage cap in late 2008. The tool went through testing and refinements conducted internally by Comcast employees during the first eleven months of 2009. In December 2009, the bandwidth meter launched in Portland, OR; and Comcast has been deploying the tool to customers in other states across the US.
With the newly available tool, Comcast customers will be able to track their broadband usage to ensure they do not exceed Comcast's 250GB bandwidth cap. The meter is designed to measure all data usage that travels through the cable modem including data from WiFi-connected mobile devices, computers, gaming consoles, and streaming media devices.
Basically, any device that is using the Internet and is connected to your network via an Ethernet cable or wirelessly via WiFi will contribute to your total usage.
The meter will track usage on a monthly cycle which may or may not coincide with a customer's billing cycle. If you are among the 1% who may push that 250GB limit, keep a close eye on those dates, not just the usage numbers.
Reported usage is kept up to date and accurate as the tool will refresh every three hours and will round usage amount in the favor of the consumer by rounding down to the nearest GB, instead of rounding up.
Comcast is currently sending out e-mails to its customers informing them of this new broadband meter. Comcast customers curious about their usage can log into their Comcast.net user account to access the broadband meter, which is now available coast-to-coast in twenty five states including Oregon, Washington, Maine, Minnesota, Wisconsin, Nevada, New Hampshire, New York, Connecticut, Vermont, Arkansas, Kansas, Missouri , Colorado, Utah, Alabama, Florida, Georgia, Tennessee, South Carolina, Delaware, Maryland, Pennsylvania, West Virginia, Virginia, and Washington, DC.
Inch-by-Inch: Spotify Now Buying Server Space in United States
Excerpted from Wired News by Eliot Van Buskirk
The legend of Spotify grows stronger with news that the P2P streaming music service is buying server space in the United States with the aim of launching here in the third quarter of this year. As Spotify CEO Daniel Ek told me at SXSW last week, one likely form Spotify will take when it reaches these shores is as an add-on to your mobile phone or Internet service.
Spotify already has seven million users in Europe. US fans without press accounts will soon find out what all the fuss is all about, according to Spotify Senior Vice President Paul Brown.
"We're buying server space in random parts of the states and there are licensing discussions, too," he told Bloomberg.
Ek said Spotify's P2P streaming architecture could be made to work on a set-top box (STB) and even a cell-phone, and a downstream-only version already runs on iPhone and Android devices, with mobile apps for Blackberry and Palm in the works. One catch: you have to subscribe (10 euros per month) in order to use it on a mobile device, where up to 3,333 songs can be cached in playlists for playback when your phone lacks a good data connection.
One reason Spotify is so popular in Europe, in addition to its immense catalog, slick operation and easy playlist sharing and collaboration, is that the desktop version is free so long as you don't mind putting up with the occasional image-plus-audio advertisement. According to Ek, the labels should be fine with that model, because after all, iTunes too is a freemium service - the only difference is the labels, musicians, and publishers aren't paid when people listen to songs they acquired for free.
Without the unlimited free version, Spotify could end up like Rhapsody's good-looking Swedish cousin. Its main point of innovation is to capture revenue from free music listening, the way iTunes doesn't, but the cost of licensing an on-demand music service like Spotify, which feels like an eight-million-song version of iTunes that loads faster and runs better, is steep. It has traditionally cost about one-penny-per-listener-per-play to play on-demand music in the biggest music market in the world, the United States, and that's a tough habit to support on ads alone.
Spotify has had a note on its website for perhaps a year now inviting cellular and Internet providers and connected television manufacturers to explore a potential partnership to bundle the service with devices and data connections, which makes a lot of sense. If Spotify can't be free in America (which it still might be), it might as well feel free, and the best way to do that is to tack a bill onto an existing - and much larger - cell-phone, Internet, or television bill.
Out of Spotify's seven million European users, 325,000 of them pay the monthly fee that eliminates ads, lets you use the service on a phone, and increases the bit rate of its Ogg Vorbis audio stream. That's a 5% conversion rate. When you consider that only 3% of the average iTunes music collection was paid for, by Steve Jobs' own estimation three years ago, Spotify's conversion rate from free to paid looks pretty good, and besides, it pays copyright holders when people listen for free.
First, we heard that Spotify was going to launch here by the end of last year, then we heard this spring, and from what Brown told Bloomberg, the new prospective launch date is the third quarter of this year. The big questions - will there be a free unlimited version, and which mobile phone companies, ISPs or television providers will offer a discounted version of the paid service - remain, but these server space purchases are a solid indication that the company's plans to launch here are real.
PlayFirst Looks to Adopt New Strategy for 2010
According to a recent interview with Gamasutra and as reported by Gamezebo, PlayFirst is adopting a new strategy this year as it relates to the casual gaming market.
The mega-developer is behind such titles as the massively successful "Diner Dash," so the company knows a thing or two about developing casual games that even the hardcore elite can love. However, that isn't to say that the current market, which is expanding with more free-to-play games hasn't made PlayFirst reevaluate things a bit.
"We believe the historic definition of casual games is somewhat either irrelevant or expanded - however you want to look at it - in the new world," says Baker. "As the price points continue to drop, it starts to become very difficult to maintain your standards of excellence as the revenues that you're getting really fall quite precipitously. That's where we're trying to realign in the organization."
As such, PlayFirst is looking to new areas like home consoles, mobile platforms and, yes, even social networks, as possible outlets for future growth, all while maintaining the casual presence that earned them their success in the first place.
BBC's Anthony Rose Joins Project Canvas
Excerpted from Digital Spy Report by Andrew Laughlin
The BBC's Anthony Rose, who masterminded a revamp of the iPlayer platform, has joined video on-demand (VoD) venture Project Canvas as its new Chief Technology Officer (CTO).
After joining the BBC in 2007 from music sharing site Kazaa, Rose helped the corporation revamp iPlayer into a hugely successful streaming service. He will start the new role with Canvas on May 1st.
Also joining the Canvas team is Freeview's marketing boss Tim Hunt, who will act as the venture's new Director of Marketing.
In addition to working at Freeview, Hunt was previously marketing director at IPTV joint venture Project Kangaroo, which was blocked by the Competition Commission last year.
According to recently released figures, Hunt will oversee a budget of $73.6 million over the first four years after the Canvas platform launches.
"It's great to welcome two such experienced individuals to the project," said Canvas Director Richard Halton.
"They both bring key skills and expertise in their fields that allow us to begin the next phase of Project Canvas as we await the outcome of the regulatory process."
Celebrating his appointment, Rose said, "This new role is a brilliant opportunity to help shape the future of television and I'm excited to be leading the collaborative work by the partners on developing innovative technology to make sure the Canvas proposition provides a great experience for its users."
Hunt added, "Canvas is a proposition that has huge potential appeal to viewers, both as a great place to watch TV and as a brilliant piece of new technology."
Last week, the Canvas partners - the BBC, ITV, Channel 4, Five, TalkTalk, BT, and Arqiva - made a submission to the Office Of Fair Trading in an effort to offset competition concerns about the project.
Cloud Computing: The Cloud Revolution
Excerpted from ARNnet Report by Nadia Cameron
Cloud computing is a transformative phenomenon affecting all manner of channel and end-user organizations. ARN brought together several industry representatives to discuss where cloud computing adoption is today, and ways information technology (IT) providers can monetize this broad-reaching opportunity.
ARN: What does cloud computing encompass today?
Jason Serda, BlueFire (JS): I think cloud computing to some degree is packaging various services delivered out of a data center. At the end of the day, clients and corporations are looking for ways to securely outsource specific functions and get more for less, and be able to have confidence in outsourcing that service as an end result.
The concept we have always worked on is that we can build something with bigger scale, with better equipment that's highly available without those single points of failure, and then leverage that infrastructure, the same way as VMware does a server, across the whole infrastructure stack.
And it's about being able to take that entire infrastructure and sell it as a service, or selecting individual services to cover specific problems. It's simply about better scale, the expertise required to go in and perfect those services, and doing those effectively and repetitiously.
Part of it comes down to the patience of the market, too. What I mean by that is clients don't have three months to wait for a service to be provisioned, which becomes a challenge for the service provider as well around enablement.
ARN: What is the number one driving point from a CIO/CXO perspective to get involved in cloud?
JS: I think cost is a big scenario, and delivery of an end result - having confidence that you're buying an end outcome, rather than technology underlying it.
ARN: Is it lowering operating costs that drives this?
JS: I think so. We'd all be silly to ignore that. You are using leveraged infrastructure.
Dylan Morison, Cisco (DM): Cost reduction and agility are top-of-mind right now - how quickly can I bring a new service or product to market as we start to have an uptake in the economy. In the past, it took 3-9 months for new services to come on and users to get the application, infrastructure, and so on.
That is now unacceptable to a business as we ramp up and look for that competitive edge. They're getting a lot quicker turning on the service to the business itself, and spending more dollars saved from those cost reductions on IT to innovate the business and drive more revenue effectively.
JS: We have Red Balloon Days as a client, and they run a large online website for experiences. One of their challenges is over Valentines Day or Christmas, they will double or triple capacity. So how do they manage that? They manage that by logging in over the web into a control panel where they can opt to bring additional servers online in a timely fashion that are from the farm, and without having to pick up the phone and call us.
At the same time, they can maintain high availability over multiple data centers. It's not an easy thing to do, and I'm simplifying here, but for them they don't look at it as getting an x number of servers or upping bandwidth.
Greg Cullen, Novell (GC): Obviously, for a seasonal breadwinner, they'll have the peaks and troughs in their business. They're the quintessential organizations that will adopt cloud. What applications and services flow from that specifically?
JS: There is growing demand among CIOs in enterprise and new markets where they're open about moving into the cloud. There has been enough discussion to make them comfortable about making those decisions. That comfort factor wasn't there six months ago.
DM: I think they're analyzing their business processes much closer too. Payroll is a good example - it's a monthly thing in a lot of cases and they're looking at how to leverage resources on that basis. They're looking at their business and how all these things tie into the processes, where they have peaks in the business and tiering applications accordingly.
GC: Is it CIOs making those decisions?
JS: It depends on the size of business - in mid-market, it might be more a CEO's decision, but in enterprise, it's CIOs. The benefit of a mid-market play is that it's not about the technology: People just want the end guarantee and what reliability/SLA they buy.
Safi Obeidullah, Gen-I (SO): Depending on what you're doing and the size of the organization, you might work with C-level, or you might just work with the systems manager. In a smaller organization, there's more opportunity to touch senior management. The decision on software-as-a-service or cloud is not typically made by the IT manager, it's made by the business or business unit.
Please click here for the full report.
CCIA Sets US IP Czar Straight on Intellectual Property
Excerpted from TechDirt Report by Mike Masnick
A few days ago, I posted the letter I submitted to the White House Intellectual Property (IP) Czar, Victoria Espinel, concerning her request for comments (RFC) on the strategic plan for IP enforcement.
It was a bit troubling that the questions asked in the RFC focused solely on increased enforcement and the amount of harm done by infringement - as if it never even occurred to folks that increased enforcement might not be best for culture or the economy, and that there may also be mitigating benefits to infringement.
I tried to make that clear in my filing, and it was great to see folks like Public Knowledge submit comments as well - but the really wonderful filing came from the NetCoalition and CCIA, which we discuss below.
First, though, it's worth noting that the entertainment industry also made its demands. The RIAA, MPAA, and Screen Actors Guild teamed up to submit their own filing, and as the LA Times noted, "It's a doozy." Consider it a wish-list of protectionist, anti-consumer, anti-innovation policies, basically demanding that the White House prop up their own businesses, because of their unwillingness to adapt.
You can read the entire entertainment industry filing here, but be ready to laugh at the highly questionable claims.
However, if you want to read something enjoyable you should check out the incredibly long, but ridiculously thorough and brilliant filing from the NetCoalition and CCIA. It's over 100 pages long, but every last page is worth reading.
It says everything I wish I could have said in my letter, but does so in excruciating detail, with tremendous sources to back up each point. It kicks off by going through a detailed list of "fallacies" found in the request for comment itself, as well as in the typical complaints from the entertainment industry, including the following.
The objectivity fallacy: highlighting how the studies from the entertainment industry that pretend to be objective are anything but - and tend to greatly, if not ridiculously exaggerate the problem.
The lost sale fallacy: of course, demolishing the industry's desire to pretend that each act of infringement represents a "lost" sale.
The causation fallacy: showing how the entertainment industry always places the blame for its problems on infringement, even if there's little evidence to support that any troubles in the industry were due to infringement. Instead, the filing points out that there are many, many reasons why some companies in the industry have run into trouble that have nothing to do with infringement.
The innovation fallacy: dismantling the industry's claim that infringement destroys jobs and discourages innovation, noting that it is historically evident that competition breeds greater innovation than government-backed monopolies, which can be shown to create economic rents and dead-weight loss.
The industry size fallacy: a favorite of the entertainment industry, which bundles in all sorts of unrelated industries that just barely are touched by IP (furniture!) to make the industry seem huge, in an effort to imply the importance of extra protectionism.
But the filing points out how flawed the methodology is, pointing to the CCIA's own (awesome) use of the same methodology to show that exceptions to copyright contribute more to the economy than the "copyright industries."
This part also points out that if the industry really is so big, then it should be well positioned to withstand any challenges.
The equivalence fallacy: picking apart how the entertainment industry likes to lump all forms of infringement into one "evil" bucket, without ever acknowledging that there are very, very different types of infringement, and understanding the differences is key in determining actual harm and any "enforcement" strategies.
The theft fallacy: once again reinforcing that infringement is a different beast than theft, and even the Supreme Court recognizes this... though the entertainment industry seems unwilling to admit it.
The silo fallacy: elegantly highlighting how the industry loves to talk-up losses in CD sales, while totally ignoring how other parts of the business, such as live performances, continue to grow. It also highlights how, despite CD and DVD sales dropping, the number of albums and movies being made has vastly increased.
The relevance fallacy: laying out the argument that, even if you accept the industry's claims of losses, they're often submitting aggregate data that includes a variety of different factors and information that may be distorting the direct impact on specific areas, and setting policy based on such aggregate data could be quite damaging.
Seriously, the entire document is wonderful. It feels like it should be published as a book, and should become required reading for anyone ever writing about, litigating, or setting IP policy. You can read the whole thing here.
Of course, after going through the fallacies, the filing gets to specific policy recommendations, wisely going back to the ProIP bill's language, highlighting how the purpose of the IP Czar is really supposed to be about true criminal infringement and counterfeiting, and arguing that any enforcement should be focused on those issues, rather than stepping in on civil disputes in what is, effectively, a business model problem.
The filing also points out that diplomats enforcing US IP policy around the world are often uneducated in the balance of interests that IP law is supposed to hold, and frequently just push for greater laws and restrictions, without understanding the harm it causes. Along those lines, the CCIA takes the time to express its grave concerns over ACTA - noting its broad scope and potential harm both in the US and abroad. The conclusion of the document sums up everything nicely.
"The spread of the global Internet has facilitated the unauthorized and at times infringing distribution of certain forms of IP, especially copyright-protected content. The ease and minimal cost of copying makes meaningful enforcement costly and difficult. This widely recognized problem has stirred passionate debate about how the problem should be handled by copyright owners, the government, and third parties.
This problem is amplified and complicated by the importance of both the content and Internet industries in the US export market, as well as and demands for the US to assert leadership at the international level. This creates a danger of rigid, oversimplified policies toward infringement that (a) make little sense in other IP domains, and (b) undermine the perceived legitimacy of the global IP system.
The solutions to the real and perceived problems the disruptive technology of the Internet has caused for certain entertainment and luxury goods companies cannot be solved by greater government intervention or by shifting more costs to Internet companies. Rather, the solution lies in the evolution of business models to adapt to the new realities of the marketplace."
Seriously. This is an absolute must read, start to finish.
Regulated Industries Have No Control over Social Networking Applications
The intensity of Enterprise 2.0 application usage is on the rise globally - especially in the most highly regulated industries, according to the latest study conducted by Palo Alto Networks, the network security company.
While social media is pervasive in organizations worldwide, usage has far outpaced controls. The degree of associated risk varies dramatically across industries and geographies, depending upon factors such as regulations and cybercrime.
Information technology (IT) professionals must consider the heterogeneity of risk in their application usage policies, compliance needs and security profiles. Barriers to accessing applications are at an all-time low, accelerating the adoption of applications regardless of geography or vertical industry.
While financial services and healthcare workers increasingly rely on social media for business collaboration, they often ignore the associated risks such as non-compliance, data loss, and threat propagation.
These risks can jeopardize the company's network as well as the integrity of the entire business operation. For example, the report showed that 94% of the healthcare and financial services organizations included in the study use an average of 28 social networking applications, including Facebook, Twitter, and LinkedIn. Both industries have regulations (such as HIPAA and FINRA) that require organizations to control and monitor information flow across social networking applications in order to protect the confidential data they manage.
However, because social networking apps use port 80 or port 443, all traffic appears to be browser-based traffic. This lack of visibility into social networking traffic could be a violation, or lead to violations, of compliance with industry rules and regulations. As a result, many IT managers are faced with the daunting task of banning social media applications altogether.
But is this really feasible? "IT managers cannot simply block Enterprise 2.0 applications since they deliver clear business value. Nor can they simply allow these apps to run amok on their networks. IT needs to safely enable Enterprise 2.0," said Rene Bonvanie, Vice President of Worldwide Marketing at Palo Alto Networks. "By defining and enforcing policies that safely enable these apps, IT can enhance business productivity while mitigating security risks and compliance violations."
Other findings from the report include the following.
Of the 41 different e-mail applications found, 26 browser-based variants were detected in both healthcare and financial services industries, consuming 220 GB and 152 GB respectively.
Widespread use of webmail portends a variety of business and security risks, from compliance violations and data leakage to malware propagation.
Two-thirds of the 750 applications tracked, including client server and P2P applications, can pass as web traffic by hopping ports, using port 80, or hiding within SSL. This debunks the myth that ports 80 and 443 are reserved for browser-based traffic only.
If file-sharing applications look like web traffic, then they are difficult to detect and control. This dramatically increases the risk of inadvertent data leakage. Use of browser-based file-sharing applications consumes 399 GB of bandwidth in financial services organizations, and 143 GB in healthcare firms.
The one-to-one delivery nature of these applications minimizes the risk of inadvertent data loss or leakage, but does not prevent the purposeful movement of confidential data unless strict policy controls are in place. The bandwidth consumed by social networking applications doubled in the last 18 months to 9GB per organization.
Cloud Computing Legal Issues
Excerpted from SearchSecurity Report by Julie Tower-Pierce
Lawyers are abuzz over cloud computing. Though offsite data storage and services are hardly new concepts (think Skype or Yahoo! Mail), the eyes of the law, which traditionally trail well beyond technology, are nervously fixating on "cloud computing," or generically speaking, distributed online services such as SaaS (Software as a Service), IaaS (Infrastructure as a Service) and PaaS (Platform as a Service).
As companies look to cut costs and gain flexible, convenient access to services and massive storage/data back-up options, burgeoning interest in cloud computing solutions is understandable. But "computing in the cloud" is rifled with legal mystery - ahem, fear of unknown and uncertain legal risk.
Understanding the mechanics and practicalities of how cloud computing works and how moving to the cloud legally impacts clients and corporations are just the tip of legal concerns over cloud computing - after all, what you don't know might kill you or at the very least, pose serious corporate risks.
This lack of technical understanding, combined with a hotbed of fears over privacy, viability of the Fourth Amendment (constitutional safeguard against unreasonable searches and seizures) in the cloud, unbeknownst government meddling, third-party access, international sovereignty, security, forensic collection and e-discovery, disaster recovery, and the absence of established legal precedent (i.e., case law), can derail even the best laid information security and technology plans for implementing cloud solutions, such as enterprise adoption of Google Apps.
Concern and caution hovering over cloud computing, ironically, may be both misguided and reasonably justified. Demystifying web-based applications and services, and the risk/security of cloud computing is key to removing barriers to the cloud.
For starters, lawyers may need help understanding "the cloud;" namely how it works, where data resides and the complexities of data storage, access, retrieval, and security to better assess legal risk. As if understanding technology - such as local data storage and security issues, and application of existing law weren't challenging enough - cloud computing adds yet another layer of complexity and challenge for lawyers looking to insulate corporations and businesses from litigation risk.
They may want assurances about the integrity and privacy of data, especially when it's stored across the country or globe, while they await concoction of new regulatory cloud computing schemes or amendments to existing laws, such as to the Electronic Communications Privacy Act (ECPA) or the Computer Fraud and Abuse Act (CFAA).
Of course, lawyers may also be on the lookout for clarity when it comes to understanding how security or privacy can actually be better in the cloud, especially in light of recent newsworthy hacks.
Information technology (IT) and security professionals who interface with lawyers and non-technical management are positioned to squelch many cloud concerns. By using straightforward, practical explanations and real-world analogies/examples, minus excessive technicalities when possible, you can impart a firm understanding of the mechanics of cloud computing and help lawyers gain perspective.
With your technical prowess, you can help legal and non-technical management make sense of thorny issues like data privacy and unauthorized third party access. For example, if your company is considering a migration to Google Apps, but is encountering pushback due to concerns about third-party access, unreasonable government intrusion or seizure, or disaster recovery, you can play a pivotal role in helping lawyers or management understand how data is stored or handled (e.g., encryption), the practicality of access by third parties, and technical processes in place to handle unforeseen risks.
You'll need to make sure a cloud service provider gives you answers to these questions. The end result, of course, being that you can more easily accomplish your technical and security objectives.
You can also head-off or anticipate management "what-ifs" related to computing in the cloud. For example, if legal is concerned that a government warrant or subpoena served on a cloud computing data center could disrupt your company's access to services, make it known what precautions are set in place to prevent disruption.
Again, you'll need to make sure the service provider provides these details. If cloud concerns center on disaster recovery, discuss the processes in place that mitigate risk, perhaps talk about how cloud vendors like Google and Amazon can offer assurances that their services are designed with disaster recovery in mind.
You can also talk lawyers and management through risk anxiety of cloud technology and help shape policy by addressing issues such as the need t to conduct a forensic analysis of data stored in the cloud, or what if the integrity of the data is compromised by the storage medium such that it loses value in court.
Sure, maybe you didn't go to law school, but you have the real-world technical savvy that can prove instrumental to helping lawyers litigate and shape the development of sound and workable cloud computing law, as well as corporate policy.
In many ways, you are a powerful player in driving away fears, substantiated or not, that would otherwise impact acceptance and comfort of new technologies. So, go ahead, let your voice of technical reason resonate in the law.
Industry Coalition Urges Congress to Update 24-Year-Old Electronic Privacy Act
Excerpted from Online Examiner Report by Wendy Davis
A coalition of web companies including Google and Microsoft, along with digital rights groups like the Electronic Frontier Foundation (EFF), are calling on Congress to enact new online privacy protections.
The organizations have formed the group, Digital Due Process, which is urging lawmakers to protect information that is not generally accessible by the public, including e-mails, some photos and videos, cell-phone location data, and even search queries. Specifically, the coalition argues that such information should remain private unless courts issue search warrants for it.
The Electronic Privacy Communications Act (EPCA) already says that Internet service providers (ISPs) can't disclose some data without search warrants, including many e-mails that are less than 180 days old. But the 1986 statute does not appear to cover much of the data that users currently store online.
In some circumstances, the government can obtain access to material uploaded by users simply by issuing subpoenas - which are easier to obtain than search warrants. In general, courts require that officials have probable cause of criminal activity to obtain a search warrant, but will issue subpoenas as long as the information requested is considered "relevant" to an investigation.
Google's Richard Salgado, Senior Counsel for Law Enforcement and Information Security, says that updating the law will provide some needed clarity in the space. "It will be much easier to keep our users informed about how their data is protected from disclosure to the government," he says.
Although the EPCA is somewhat dated, its provisions banning ISPs from disclosing some data have been used by consumers in lawsuits alleging privacy violations by online companies. Currently, social networking sites Classmates.com and Facebook are facing lawsuits alleging violations of the ECPA.
In addition, when consumers filed a potential class-action privacy lawsuit against behavioral targeting company NebuAd and its ISP partners, the consumers alleged that the companies had violated the law by using data about users' web-surfing activity to serve them ads.
French & Swedish File Sharing Rates Now on the Rise Again
Excerpted from Zeropaid Report by Jared Moya
The other day I mentioned how online copyright infringement in France has increased since the passage of a controversial "three-strikes" law late last year, with 2/3 of file sharers simply switching to alternatives like unlicensed streaming sites and HTTP-based download services (e.g., Rapidshare).
Now it seems the same is happening in Sweden after similar attempts to tackle unauthorized file sharing. Almost one year after passage of IPRED, a law that allows copyright holders to seek a court order requiring Internet service providers (ISPs) to divulge the names of accused file sharers, only 3 people have been targeted and not the 800 or more they were expecting.
In fact, several funds that were established to support people charged under the IPRED law have been put on hold.
"IPRED-law has not had the impact that some had in mind, no matter which side you are on," said Marcin de Kaminski, a founder of the Bureau of Piracy, to the Svenska Dagbladet daily. "It'll probably take another year or two before we can see more visible results."
At first the law resulted in a huge drop off in Internet usage, but since then it's surged to surpass pre-IPRED law levels. So where have all the infringers gone? According to one survey, 60% of men aged 15-24 admitted to using unauthorized streaming sites, and 40% of those aged 15-74.
"This is the same level as before IPRED," says Media Vision's Jens Heron.
The country's Anti-Piracy Office is apparently well aware of the problem and promises to address it if their popularity increases. "It is clear that there is a problem," says Sara Lindback, an attorney for the group. "We focus on those who are streaming out material, and we see that these services become more popular, we will also act legally against them."
As for good old-fashioned file sharing, the numbers are up for that as well. Though down from 26% this time last year before IPRED, the current level, 16%, is up from 11% last September.
"It may be that unauthorized file sharing dipped in the first half and now is on the rise again, but it's hard to say," says Karin Zingmark, press manager at Viasat.
What is clear from it all is that the law hasn't had the intended "dampening effect" that copyright holders had hoped for. Laws will never be able to change the fact that many young people don't think file sharing is wrong, though Swedish youth have yet to make online infringement a "national sport" as has their French brethren.
In fact, as researcher Kristoffer Schollin argued late last year, "File sharing in Sweden is healthier than ever."
Warner Bros. Offers $26K/Year for Anti-Piracy Intern
Excerpted from Paste Magazine Report by Kristen Callihan
Warner Bros. Entertainment UK is taking a new approach in its fight to stop unauthorized file sharing. The motion picture industry giant is reportedly looking to hire a student intern whose year-long stint will entail trolling the interwebs to catch copyright infringers in the act.
The company posted a listing for the "Anti-Piracy Intern" position in the University of Manchester's career site. They're looking for a student with experience in - what else - computers and the web. And though the goal of the intern is to seek out and even entrap people engaging in file sharing, the job requirements don't mention anything about applicants' own history with BitTorrent sites or acts of file sharing.
In addition to monitoring Torrent sites, the intern will be "maintaining and developing bots for Internet link scanning system (training provided); preparing distribution of infringement notices and logging feedback; performing trap purchases of infringing product and logging results," according to the job posting. Oh, and it's a paid intern spot: $26,000 for a year's worth of work.
The backlash against the Anti-Piracy Intern has begun even before Warner Bros. has found the lucky person to fill the spot.
TorrentFreak posted this in response to the internship opening, proving infringers still know how to play dirty: "We encourage all eligible TorrentFreak readers to apply for this exciting internship and provide us with regular updates on Warner Bros.' anti-piracy efforts."
Coming Events of Interest
Cloud Expo - April 19th-21st in New York, NY. Co-located with the 8th international Virtualization Conference & Expo at the Jacob Javits Convention Center in New York City with more than 5,000 delegates and over 100 sponsors and exhibitors participating in the conference.
LA Games Conference - April 29th in Los Angeles, CA. Over 300 of the most influential decision-makers in the games industry gather for the LA Games Conference to network, do deals, and share ideas about the future of console, PC, online and mobile games. LA Games Conference - now in its 4th year - features a lively and fun debate on timely cutting-edge business topics
Digital Hollywood Spring - May 3rd-6th in Santa Monica, CA. Digital Hollywood Spring (DHS) is the premier entertainment and technology conference in the country covering the convergence of entertainment, the web, television, and technology.
P2P & CLOUD MEDIA SUMMIT - May 6th in Santa Monica, CA. The DCIA presents its fifth annual seminal industry event as a conference within DHS, with the subject matter now expanded for the first time to include cloud computing, the most advanced and rapidly growing distributed computing technology.
Cloud Computing for Government Conference - June 7th-9th in Washington, DC. Learn how to cut costs and create a more efficient, scalable and secure IT infrastructure. In addition, learn how to develop a cloud computing strategy, along with helpful tools, tips, and techniques to get started. Hear practical advice, firsthand, from leading experts including the NASA Ames Research Center, US Department of Energy, Silicon Valley Education Foundation, and many more. Mention "DCIA" to receive a $200 registration discount.
Broadband Policy Summit VI - June 10th-11th in Washington, DC. The most comprehensive, in-depth update about the implementation of the FCC's National Broadband Plan. No other forum provides the detailed coverage, expert insight and networking opportunities you'll receive at Broadband Policy Summit VI. The expanded program includes top-notch faculty who will address the most pressing broadband issues in six panel discussions, two debates and four keynote addresses.
Digital Media Conference East - June 25th in McLean, VA. The Washington Post calls this Digital Media Wire flagship event "a confab of powerful communicators and content providers in the region." This conference explores the current state of digital media and the directions in which the industry is heading.
|
