Month: May 2017

Our values as a society in tech

I know it’s been a long time since I wrote anything even remotely technology related here. This is almost tangential.

About 10 days ago, quite a lot of the world was hit by a piece of malware which has come to be known as WannaCry. It was a piece of ransomware which took over your machine if you were so unlucky, encrypted your files and demanded money to hand them back. I call that amoral, but it appears to be a viable business option for some people as occasionally the ransoms get paid.

The impact of WannaCry was tempered by a piece of work done by a young malware researcher whose name I don’t know but you can find him on Twitter as MalwareTech here. He discovered by accident that if you registered a particular domain name and pointed it at something, the malware stopped replicating from one computer to another. WannaCry reached a lot of computers but it was stopped reaching a lot more by this. In the grand scheme of things this guy is a hero, should be able to name his price for security consultancy and after that, if he wants the glory and the stardom, well that’s his choice. If he does not, however, that’s another kettle of fish.

Today I learned that in general terms, he wasn’t up for celebrity status, but this did not stop the UK press going after him. He got doxxed – lovely word that – by a major UK newspaper and journalists from a couple of others went after his girlfriend and other friends. You can read the twitter thread here. He is apparently moving house because of this.

To be honest, I think trying to pay people to spill the beans on their friends is a fairly amoral thing to do. What sort of a human being do you have to be to do it? Sure, we all think UK media is a cesspit of despair, particularly certain of its newspapers, but still… wouldn’t it be nice if instead of going after people who never meant to be famous, who did something quite special as part of their day job, and who would like to go back to doing that day job in peace, they went after people who seek the limelight, and control? How much time have UK newspapers devoted to actually holding Jeremy Hunt to account before now? Where were they when he and his team decided to nix the NHS’s support contract for their XP machines? Is’t it just too easy to go after members of the public who aren’t actually limelight hunting? I don’t know this guy but I don’t think he’s being hypocritical by wanting to stay out of the limelight. He’s not preaching one thing and doing another. I’m not sure there’s a single journalist with the nous to be able to figure out if he is, like, doing all his work on an unpatched Windows Vista machine…

The problem is this: we need guys like MalwareTech. We need them a lot. Security defence is a thankless job, it is largely not sexy and it seems to only gain importance when something goes wrong. Before that, it’s release early and often and if it opens up a risk…well we’ll fix it in the next release. Great stuff and we’re all making money until we are not.

Seriously, how good is it if your fridge can be held hostage? We are massively and increasingly dependent on computerised systems, and connected devices (although I defy anyone to explain to me why a toaster might ever need to be connected to anything other than a power socket). The least we can do is ensure they  do not create risk vectors for our lives. To protect us from skullduggery of a digital nature, the world needs young tech people turning their mind to security and malware investigation in order to mitigate our risks here.

It would help if we didn’t also allow our media to exploit them and doxx them just for the sake of a few page turns and clicks. It is not bringing anything to the world and it is not in anyone’s interest to be invading the privacy of someone in whose life the sole interest is prurience.

Treaty of Accession 1972, status of Irish, status of English

I went to the open day at the European Court of Justice and during a question and answer session I am near certain I heard the President of the Court state that in fact, Ireland had named both Irish and English as official languages for the purposes of the European Union. Malta, too, had nominated both Maltese and English.

Why does this matter? Well, the country most associated with English, when we skip the US, is the United Kingdom and they clearly nominated English. However, they decided last year they were taking the path less travelled, as it were. This led to a lot of discussion – to put it mildly – hysteria might be a better description – about how English would no longer be an official language in the European Union after Brexit.

The problem is, this idea of nominating languages by country is not something I have really found in the official documentation. Clearly I am not a European lawyer, and I don’t work at the European Court of Justice. But.

If you read Alexander Drechsel’s piece on the subject, he will tell you that language and linguistic arrangements are covered by Resolution number 1 in 1958 Article 1 of which states that the

The official languages and the working languages of the institutions of the Community shall be Dutch, French, German and Italian.

Slight lack of English there but bear with me.

Ireland, the UK, Norway and Denmark negotiated membership of the European Economic Communities in 1972. The Treaty agreed between the four countries seeking membership and the EEC as it was at the time was subject to ratification (which Norway did not complete, hence it is not a member) was drafted in the then 4 official languages of the EEC, as listed above. It has some provisions relating to linguistic arrangements. The Treaty itself was drawn up in 8 languages.

This Treaty, drawn up in a single original in the
Danish, Dutch, English, French, German, Irish, Italian
and Norwegian languages, all eight texts being
equally authentic, will be deposited in the archives of
the Government of the Italian Republic, which will
transmit a certified copy to each of the Governments
of the other signatory States.

(Article 3)

The corresponding Council Decision was also drawn up in the same languages. The point to note here is that Irish is listed.

The texts of the acts of the institutions of the Communities
adopted before accession and drawn up by
the Council or the Commission in the Danish, English
and Norwegian languages shall, from the date of
accession, be authentic under the same conditions as
the texts drawn up in the four original ‘languages.
They shall be published in the Official Journal of the
European Communities if the texts in the original
languages were so published.

(Article 155)

The key point to note here is that Irish is not listed.

The texts of the Treaty establishing the European
Economic Community and the Treaty establishing the European Atomic Energy Community, and the
Treaties amending or supplementing them, drawn up
in the Danish, English, Irish and Norwegian languages,
shall be annexed to this Act. These texts shall
be authentic und6r the same conditions as the original
texts of the Treaties referred to above.

(Article 160)

Without wanting to be too predictable but the key point to note here is that Irish is listed.

XIV. MISCELLANEOUS

1 . Council Regulation No 1 of 15 April 1958
OJ No 17/385, 6 October 1958

Article 1 is replaced by the following:

” The official languages and the working
languages of the institutions of the Community
shall be Danish, German, English, French, Italian,
Dutch and Norwegian.”

This is a modification to the Council Regulation I mentioned at the start. Note that Irish is not included here.

(Annex 1)

The texts of the Treaty establishing the European Economic Community and of the Treaty establishing the European Atomic Energy Community, together with the Treaties amending or supplementing them, in the Danish, English, Irish and Norwegian
languages.

(FINAL ACT  Documents included – D)

However, the Final Act of the treaty which lists the documents which should be in annex, specifies that the texts of the Treaties, and any treaties amending or supplementing them, should be in Irish (plus the other three languages assuming Norway had chosen to ratify in the end).

Irish is missing from two places – the modification to Article 1, Regulation 1/58. It is also missing from Article 155 which relates to acts drawn up by the institutions. In 1972, at least, it seems clear that English was acceptable to Ireland as an official and working language. The status of Irish is commonly described as “Treaty language”. The primary legislation needed to be translated into Irish but it was not a working or official language otherwise. I made a cursory look at the Irish National Archive’s website to see if perhaps there was any way of finding any internal Irish Government discussions on the matter but a quick review brought nothing and of course there is the added issue that documents from 1972 may not have been digitised either. Obviously the status of the Irish language changed in 2007 when it became a full official and working language with the derogations allowing gradual implementation.

What does this mean for English? Well strictly speaking, as I understand it, any changes to Article 1 of Regulation 1/58 needs to be agreed by the Council unanimously. I am not sure Malta and Ireland would agree with removing English. For now, at least, there were 24 official and working languages, and de facto, the institutions still have 3 procedural languages (English, French and German).  In the meantime, the legal underpinning of this concept of notifying official languages to the EU still eludes me.

References:

Regulation 1/58 EN

Treaty of Accession EN