California’s Flawed Surface Water Rights

California sprang into existence following the discovery of gold in 1848. Aside from domestic use, the first major use of water in California was in mining. The first mining consisted of placer mining of alluvial deposits in stream beds throughout the Sierra foothills. As those deposits were depleted, hydraulic mining arose, in which high-pressure jets of water were used to remove overlying earth from upland gold- bearing deposits. That type of mining, first employed in 1853, required substantial water diversions. When California entered the Union in 1850, the English common law was adopted as the “rule of decision” in courts, including the doctrine of riparian rights for surface water1 (it was also the governing doctrine in the rest of the Union). Riparian rights entitle the owner of land bordering a surface water body (“riparian” land) to use the water on his or her riparian land. This is a right to use water, not a right of ownership, and it inheres only in riparian lands. Riparian rights remain with the riparian land regardless of changes in ownership. Water under a riparian right cannot be used on nonriparian land.2 The right is shared equally among all riparians: they own access to the stream as “tenants in common.” They can divert water as long as this does not impair the rights of other riparians. No specific quantity attaches to a riparian right. If a riparian originally applied X, this does not preclude him from applying 5X later. Nonuse does not terminate the right. There is no recording of the volume diverted. No institution administers the ripar- ian right. Disputes are resolved through litigation among riparians. The riparian doctrine was logical where it originated, in a humid region with plentiful streamflow. Streamflow is treated as a common pool to be shared among all riparian landowners. But in an arid region like California, where rivers can run dry by the late summer and annual streamflow can vary by an order of magnitude, there needs to be a specific mechanism for allocating limited streamflow. The riparian right lacks this

CamFlow: Managed Data-sharing for Cloud Services

A model of cloud services is emerging whereby a few trusted providers manage the underlying hardware and communications whereas many companies build on this infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS applications. From the start, strong isolation between cloud tenants was seen to be of paramount importance, provided first by virtual machines (VM) and later by containers, which share the operating system (OS) kernel. Increasingly it is the case that applications also require facilities to effect isolation and protection of data managed by those applications. They also require flexible data sharing with other applications, often across the traditional cloud-isolation boundaries; for example, when government provides many related services for its citizens on a common platform. Similar considerations apply to the end-users of applications. But in particular, the incorporation of cloud services within `Internet of Things' architectures is driving the requirements for both protection and cross-application data sharing. These concerns relate to the management of data. Traditional access control is application and principal/role specific, applied at policy enforcement points, after which there is no subsequent control over where data flows; a crucial issue once data has left its owner's control by cloud-hosted applications and within cloud-services. Information Flow Control (IFC), in addition, offers system-wide, end-to-end, flow control based on the properties of the data. We discuss the potential of cloud-deployed IFC for enforcing owners' dataflow policy with regard to protection and sharing, as well as safeguarding against malicious or buggy software. In addition, the audit log associated with IFC provides transparency, giving configurable system-wide visibility over data flows. [...]Comment: 14 pages, 8 figure