I'm Jörg F. Wittenberger, founder of softeyes.net and a free software developer since 1993. My business often involved document workflow, version/configuration control and communication of such information between my clients and their subcontractors and customers. As such I've been constantely concerned with the social, legal and moral impact of permission regulations.
At a point I had the idea to use set theory to proof permission handling systems safe. (Which means to proof that no user can ever become impersonated by any other including administrative personnel.) I'm now actively marketing a product based on that idea. But such a protection scheme only reaches as far as no malicious person can take physical action to modify sensitive data, let alone find a way to abuse administrative power.
To make my system safe, I had to assure the processes continue in the face of hardware failure or malicious attack from inside. To do so I reorganized the computation in such a way, that only the majority of all nodes of a network can define how the systems reacts over all. Then even the owner of a machine can not forge the global state of affairs. Equipped with my permission handling scheme, the system is now an intrusion resistant operating system, which serves undeniable processes -- "computation like power from the wall plug", which no limits on network size.
In the context of that network, called "Askemos", several logical providers offer the execution of arbitrary operations as a service - following the model of power companies. All operations are completely defined by contract. Loyalty with respect to the contract is constantly checked during operation by comparison of cryptographic check sums. Furthermore in the abstract framework there is no concept of physical location or interaction - these are always done via the network.
I understand, that all objects and operations within Askemos are consequences of a business process and a priori without technical reference. Future theories may refine the definition of that criterion and proof other objects and operations non-technical.
If program claims where allowed in patent law, how would that translate into the Askemos system? What would have to be done to model the legal situation?
Since the providers have a Carrier status with respect to the operation, they can't be liable for the combination of operations. It appears to be inpossible to distinguish between legal vs. illegal operations. This could be used as a patent law work around, which is obviously needed for the US but hopefully avoidable in Europe.
Program claims would furthermore conflict with freedom of speech and publication and freedom of contract:
Askemos has a commercial counter part, where a business contract with different licensing conditions replaces the GPL. The system itself can work under any contract, as long as the contract provides "inalienable rights" and a Turing complete machine. Guaranties of some further properties are just direct consequences. Related here is just one:
All devices used legally binding context must - simillar to governmental authorities - guarantee that they will not accidentally give up on rights of their users (respectivly citizens). Since it is easy to find that "security by obscurity" doesn't work, as all serious security experts will eventually confirm, devices must produce a proof that they follow a certain procedure. At that point we need to provide two things to our users a) the freedom to follow any code of their choosing and b) the chance to read the code beforehand.
If now article 3a of the parliamentarian decision were droped and "data processing" (which is to me the need of a "turing machine", no matter in which context) became a field of technology - and thus due to TRIPS treaty subject to patent law - then anything in need of a computation became patentable and thus under legal control of an individual.
In our implementation of the Askemos concept, there is a configuration
variable insecure-mode,
to control whether application of procedures is eventually under control of
individuals (as they were, if they were patented). If critical parts come
under such control, the whole system becomes so flexible, that any event is
also deniable. This in turn renderes the system completely useless in any
legally binding context. Otherwise - in contrast - no event is ever deniable,
once the majority of required nodes is informed and none-deniability is what
our users need.
To us insisting on article 3a (now 3) is a teaching from the
implementation of the due procedure, which eventually boils down to the proof
whether the system can be corrupted or not. If that article was droped, the
legal system became instable in much the same way and we will have to rename
said configuration variable to "law-compliant-mode". But I'm not
keen to explain to my customers, that they better switch that mode off! Law
should not be in favor for the illegal!
Program claims are ill-logical since the support of a device instead of the brain to perform some mental operation doesn't make the operation itself a technical one. But the "media shift" to use ccomputers for business matter makes contracts, trade and other business methods become subject to data processing. Our product just facilitates that trend. We need to have non-patentability of turing machines for granted, otherwise the new electronic media would be rendered useless in any legally binding context.
Remembering historical more or less successful attempts to exhaust spheres of patentable subject matter from patent claims, like "public patents pools" and "defensive publication" (also called "patent profylax"), we hope our proposal will open a new way to use the patent system as to make the patent system achieve it's goals: to stimulate the shaping of standards in design and knowledge representation and stimulate cooperation between researchers and companies. Maybe this "workaround" will not be necessary in Europe, but the US need is obvious.