Want to book a train ticket? Then we need to know how many children you have…

…at least if you’re UK train operator East Coast.

I thought nothing of booking some train tickets online. I even got a decent deal. I doubt I could have done the journey cheaper in the car. They wanted me to register with the site, but then, most train companies do. They gave you an option to opt-out of email, which I took.

So, you can imagine my surprise when the next day, I got an email from East Coast, which started with “Now that you’re registered with us, we’ll be able to send you exclusive offers by email…

Erm. No, you shouldn’t be…

So, I thought I’d log into the East Coast website and check my communication preferences.

Not only did it show me as being opted in, but in order to untick the box and opt out, you have to complete some mandatory information in the “My account” page, before it will save the preferences and unsubscrive you from their mailshots.

What sort of information is it asking for?

  • My nearest rail station
  • My year of birth
  • How many children I have and how old they are
  • What the purpose of my journeys usually is
  • Who else I buy train tickets from

Now, having to fill this irrelevant information in just to change your preferences and unsubscribe from a mailing list, seems a bit excessive, don’t you think?

Note that you don’t have to give any of this information when ordering the train ticket itself (otherwise I’d have gone to an alternate online ticket seller, if I’d have known), just if you need to change anything in your account.

Yes, it’s very obvious that they are harvesting this information to build market intelligence, but this should not be collected on a mandatory basis.

I also tried the “Unsubscribe” link in the marketing email they sent, however that seems to have no effect on the preferences shown in the account on their website, which still show me as opted in.

Such an attitude to collection and retention of personal data seems a bit cavalier, doesn’t it?

I very sensibly used a + sign and token in the email address I used when signing up with East Coast, which makes the email address they use to reach me unique to them. So if they are seriously cavalier (i.e. stupid enough to sell it on to a third party) then I know whodunnit.

(Another irony is that the input sanity checking in their email contact form won’t accept a + sign token, of course, while their website will as  part of a username.)

It seems East Coast may find themselves foul of the Email Marketing Regulations and the Data Protection Act:

  • Sending marketing email which has not been asked for.
  • An unsubscribe mechanism which appears to be ineffective.
  • Mandatory collection and retention of irrelevant and excessive data.

I had a quick chat with a very helpful person from the ICO helpline yesterday, about how to approach the complaint, they agreed that it didn’t seem right that one had to provide such personal data in order to change one’s email marketing preferences, and told me to conduct all communication with East Coast in writing and keep copies of everything.

I’ve written (yes, snail mail!) directly to a suitably senior bod at East Coast explaining my concerns, and I’ll let you know what I hear.

SOPA/PIPA Roundup

I’ve sort of wanted to write things about the frankly worrying SOPA bill in the US Senate and PIPA bill going through the US House of Representatives at the moment, but the fact is, others are doing a perfectly good job writing about it elsewhere, and why the hell should I waste even more precious bits repeating the good stuff they have already said.

So, I’ll quickly roll-up what I think are interesting articles:

I’ll add more as I find/read them and think they are worth linking to. There are a lot of articles and opinions out there, as you can imagine, and I’m now just adding to the melee, I suppose.

But, the most worrying thing I find is that what is being proposed is effectively the same type of DNS doctoring and blackholing that other “less liberal” Governments (China, for instance) have been known to use to block access to things like Facebook, Twitter and YouTube.

“Oh, but we’ll only use it for blocking X”, they say. Question is, does the existance of the mechanism to do this constitute an invitation for it to be used for blocking other things in the fullness of time? Are we going to end up with domains being injected into the feed of “bad things” because it hosts something that arbitrarily earned some sort of “dislike” from those who have control?

Paging George Orwell, to a courtesy telephone, please.

Just let IPv4 run out. It’s over. Just get on with it.

So, I’m currently at the RIPE 63 meeting in Vienna. Obviously, one of the ongoing hot topics here is IPv4 depletion, at times consisting of discussion on either a) the transition away from IPv4 to IPv6 via various transition mechanisms, and b) how to make the pitiful amount of IPv4 addressing that’s left last as long as possible.

One of the things that is often said about (b) is that it shouldn’t be done to death, IPv4 should just be allowed to run out, we get over it, and deploy IPv6. However (b) behaviour is to be expected when dealing with exhaustion of a finite resource.

There are similarities and parallels to be drawn between IPv4 runout and IPv6 adoption, fossil fuel depletion and movement to alternative energy techologies. The early adopters and the laggards. The hoarders and speculators. The evangelists and the naysayers.

So, for a minute don’t think about oil and gas resources being depleted, that’s way in the future. We’re facing one of the first examples of exhaustion of a finite resource on which businesses and economies depend.

If the IPv4 depletion and IPv6 (slow) adoption situation is a dry run of what might actually happen when something like oil runs out, then we should be worried, because we can’t just rely on carrier grade NAT to save us.

Down at Peckham Market… “Get your addresses here. Laaavley v4 addresses!”

One of the first big deals in the IPv4 address secondary market appears to be happening – Microsoft paying $7.5m for pre-RIR (aka “early registration”) IPv4 address space currently held by Nortel.

There have been deals happening on the secondary market already. But this one is significant for two reasons:

  • The size of the deal – over 600k IPv4 addresses
  • That Nortel’s administrators recognise these unused IPv4 addresses, that Nortel paid either nothing, or only a nominal fee, to recieve, are a real asset which they can realise capital against.

Interesting times… Now, where’s my dodgy yellow van?

Internet Access as a right and the Egyptian Internet Shutdown

I’m not going to do any in depth analysis (I’ll leave that to my good friends at Renesys)- it’s everywhere – but unless you’ve been comatose for the last few days, you can’t have helped notice the situation in Egypt.

Being an internet geek, I’m still going to focus on the country’s decision to take itself offline – killing it’s Internet connectivity to the rest of the world.

Firstly, while it may have slowed down the ability for folks in Egypt to communicate rapidly with the rest of the world, and potentially organise demonstrations, it also seems to have managed to drive folk who might have otherwise stayed in front of their screens out onto the streets, where they can either generally protest at the Mubarak regime, or specifically protest about being isolated from something they now take for granted.

It certainly gives the Police something to do…

The “kill-switch” mechanism appears to have been pretty simplistic, and non-technical in implementation. It is highlighted from the Renesys, RIPE Labs, and other analysis that the main Egyptian ISPs seem to have been called on in turn by folks from the Mukhabarat (the Egyptian equivalent of the secret service) and instructed to shut down external connectivity – by taking down interfaces or BGP peers.

The lack of centralised technical measures required shows that it’s not necessarily difficult for any administration to do this – either using existing instruments in law, or just having enough agents and judges to churn out the court orders and pay folks a visit.

However, the other thing to consider is that some countries are now starting to treat the Internet as an essential service and almost fundamental right, like access to water and power.

I’ve just on the way from a visit to New Zealand (where I participated in the NZNOG ’11 conference). The NZ Government is currently embarking on a process of using Government subsidy – with the premise that this will get paid back over time – to bootstrap open access FTTH implementations in major urban areas in NZ, to the extent they should bring 75% of the country’s 4.5M inhabitants within easy reach of high-speed broadband.

The motivation behind such a move is that reliable high-speed internet access will be a cornerstone of economic growth, but that comes with the corollary that it becomes an expectation of the consumer, just like they expect the power or water supply not to go off unless it’s a genuine emergency (such as the flooding in Queensland, Australia).

However, it seems like the Government involvement could become a double edged sword, as they investment threatens to come with various regulatory strings attached – the change in funding, from a private, entrepreneurially-built infrastructure, means that the Government feels like it has a right to have a say. Remains to be seen how much of one yet, but there’s already dangerous talk of “mandatory peering”, and that sort of ilk.

As far as I can tell, there’s no talk of a massive comic-strip style busbar “kill switch” being built in NZ, and the NZ Government seem to appear like moderate and reasonable folk, but will the investment in UFB be brought to bear when the NZGovt want Internet providers to accede to their desires in blocking content or controlling access?

Back to the “Internet access as a right” for the closing few words: Flipping the question on it’s head, how would you feel if the Government shut the power off to your neighbourhood because they felt like it served their needs?

Finally, a touch of irony. I composed this blogpost from 37000ft over the Texas, thanks to the reliable and affordable in-flight internet access they provide on board Virgin America.

(While on board, I saw the announcement that Mubarak has appointed his Intelligence chief as Vice President. Says a lot, right?)

That’s how richly woven through our often already complex lives ready internet access has become. Think back a few years. People’s expectations are already changing.

Update – 31st Jan 2011

Vikram Kumar, Chief Exec of InternetNZ (the association that engages in technical and public policy issues on behalf of the NZ Internet community) has just blogged an article about the possibilities for a take-down of NZ’s external connectivity to the Rest of the World. Summary: probably unlikely.

Update – 2nd Feb 2011

Internet access in Egypt was restored in the last 12 hours, and there’s coverage of this on the Renesys Blog

Comcast-NBCU Deal Approved

Yesterday, the FCC approved Comcast‘s proposed purchase of the controlling stake in NBC Universal, but with some conditions – such as giving up the Board position (and control) in online video service Hulu, despite still owning a good share of it, along with other regulatory controls – limits on exclusivity of NBCU produced content and how it should operate according to the FCC’s Open Internet Principles – to try and keep a rein on what the merged entity can and cannot do, to try and retain a reasonably level playing field in the market (to the relief of other cable operators, online video distributors).

It looks like quite the regulatory straitjacket, which has no doubt also cost public money to develop, and will cost more to enforce.

Despite this, all I can hear in the back of my mind is the “thud, thud, thud” of the Stay Puft Marshmallow man‘s footsteps, coming to crush anything in it’s way under it’s squishy feet.

Auntie Beeb on Net Neutrality

Earlier this week Andy D suggested that I might be listening to too much Radio 4.

I don’t necessarily think that’s been a bad thing, as that means I caught a couple of items on Net Neutrality. Indeed, the Beeb seems to be showing increasing interest in this area, and wouldn’t you, if there was something which threatened your editorial freedom?

Imagine for a minute that Sky Broadband subscribers got ultra fast access to Sky News (and other News Corp) content, while poor old Auntie (among other content providers) got packet-shaped, throttled and capped to a crawl? Now you’ll see what the fuss is about.

Anyway, Radio 4 has recently discussed Net Neutrality on two occasions in the past few weeks.

Firstly during the long-running consumer affairs programme “You and Yours“, on the 7th October, there was a brief discussion (will open a link to BBC iPlayer) which included comments from ISOC’s Leslie Daigle.

This week, on Monday 17th October, there was a further segment on the subject (iPlayer link) in the “Click On” programme – fast forward to around the 17 minute mark – which contains the fantastic quote of “Put three geeks together in a room and you’ll get four definitions of Net Neutrality”.

I’m not sure if that says more about the issue, or more about the geeks. 🙂

There’s also a rather nice BBC blog article from Erik Huggers (Director, BBC FM&T) which incorporates and sums up nicely elements from both the above articles, including that despite the appearance of freedom of choice and competition in the UK consumer broadband market, it isn’t all it’s cracked up to be, due to triple-play lock-ins or the sheer aggro factor.

The closing paragraph talks about “thin-end-of-the-wedge” concerns about this gradually creeping in through the backdoor if the regulators don’t use tools in their power to manage this contentious issue.

While the BBC, as a major content player, do have a vested interest in preserving their editorial freedom and equal opportunity to distribute their content, there’s a lot of sense behind it too.

Beginning of the end for hotspots?

The Dutch Telecoms Regulator has announced it will require Dutch hotels to register as ISPs (Slashdot article).

Despite the fact that the hotel usually doesn’t own the wifi infrastructure in the hotel, and certainly isn’t an ISP in the normal sense, the Dutch regulator’s rationale is that the hotel is reselling the ISP service – i.e. is a VISP.

I don’t see this is always the case, as the hotels in the .nl, from my experience, don’t rebrand the ISP services as their own. However, they often collect the money and charge it to your room folio.

I suspect the meta question here is what does this mean for hotspots generally, especially the ones which are currently free?

Does this drive up their costs significantly enough to either a) cause free hotspots to charge or b) shut the hotspot down, because the costs of the bureaucracy aren’t recovered?

What happens if I let someone else use a MiFi that I own? Am I an ISP too?

Seems more thought is needed!