A long time ago, testing software was part of my job. To help with that I had an initial checklist of questions to pose to any new program: situations where I should check that it behaved as expected. Once it passed those basic checks I could get on to the more detailed testing specific to that particular program.
With the Government apparently about to “fast-track” another piece of internet law, it seemed worth trying to draw up a similar checklist for legislation. Here’s a second draft:
- Are definitions (both in the Bill and imported) precise, and do they match common meanings?
- What (if anything) does this require of:
- Fixed access provides?
- Mobile access providers?
- Wifi providers?
- Venues offering wifi (cafes, conferences, etc.)?
- Backbone providers?
- Information Society Services (webmail, search, hosting, etc.)?
- Home users?
- Internet-connected businesses?
- Universities, colleges, libraries?
- What does that mean for their other obligations (e.g. under Data Protection, Freedom of Information, court orders…)?
- Does it create [proportionate, effective, balanced incentives and disincentives]?
- What are the technical implications?
- Do those affect the design of networks and services (e.g. by requiring choke-points/Single Points of Failure)?
- What does it mean for devices/subscriptions covering multiple users (e.g. home broadband)?
- Does it fail gracefully (if its assumptions turn out to be incorrect)?
These are mostly inspired by tests that have shown up ‘bugs’ in previous Bills and Acts. Suggestions welcome if you think I’ve missed any major ones.
