Comments 
Posted in: Privacy, Security & Government Surveillance, Things that Go 'Bump' in the 'Net, What We're Reading
The headline strikes fear: “House Takes Steps to Boost Cybersecurity,” says the Washington Post.
What boondoggle are they embarking on now?
Cybersecurity is hundreds of different problems that should be handled by thousands of different actors. The federal government is in no position to “fix” cybersecurity, as I testified in the House Science Committee earlier this year.
But this is a good news story. Realizing that its own cybersecurity practices are not up to snuff, the House of Representatives will be ramping up training for its staff.
Better awareness of the ins and outs of securing computers, data, and networks will disincline Congress to undertake a rash, sweeping “overhaul” of the systems and incentives that produce and advance cybersecurity.
Comments Posted in: Privacy, Security & Government Surveillance, Things that Go 'Bump' in the 'Net
I wrote here a couple of months ago about the shady practice among a few Internet retailers of handing off customers who accept a “special offer” to a company that charges people a monthly fee for some kind of credit monitoring service. And I argued hopefully that maybe technologists and the Internet community could generate a response to this problem:
Being a smart, informed, and aggressive consumer is each person’s responsibility if a free market is to operate well. The alternative is a negative feedback loop in which government authorities protect us, we rely on that protection and stop policing retailers. Thereby we abandon the field of consumer protection to government authorities, who—try as they might—can never do as good a job for us as we can for ourselves.
The Senate Commerce Committee is having a hearing today on “Aggressive Sales Tactics on the Internet and Their Impact on American Consumers.”
Comments Posted in: Advertising & Marketing, E-Commerce Taxation & Regulation, Things that Go 'Bump' in the 'Net
PFF summer fellow Eric Beach and I have been working on what we hope is a comprehensive taxonomy of all the threats to online security and privacy. In our continuing Privacy Solutions Series, we have discussed and will continue to discuss specific threats in more detail and offer tools and methods you can use to protect yourself.
The taxonomy is located here.
The taxonomy of 21 different threats is organized as a table that indicates the “threat vector” and goal(s) of attackers using each threat. Following the table is a glossary defining each threat and providing links to more information.Threats can come from websites, intermediaries such as an ISP, or from users themselves (e.g. using an easy-to-guess password). The goals range from simply monitoring which (or what type of) websites you access to executing malicious code on your computer.
Please share any comments, criticisms, or suggestions as to other threats or self-help privacy/security management tools that should be added by posting a comment below.
Comments Posted in: Privacy Solutions, Privacy, Security & Government Surveillance, Things that Go 'Bump' in the 'Net
Adam Thierer has been named the new president of the Progress & Freedom Foundation.
TLF readers don’t need to be told that he’s a tireless advocate for technology policies that preserve freedom and innovation. He was the driving force behind creation of this blog, for example, and he is a prodigious writer and commentator.
Adam will do even more to advance those goals and protect the Internet from stifling regulation from his new perch. Congratulations, Adam!
Comments Posted in: Philosophy & Cyber-Libertarianism, Things that Go 'Bump' in the 'Net
Last night, thanks to Craig’s List and a Web-enabled cell phone, I unloaded two extra tickets to tonight’s World Cup qualifying game between the U.S. and Costa Rica in under an hour. (8:00, ESPN2 “USA! USA! USA!”)
Wanting to avoid the hassle of selling the tickets at RFK, I placed an ad on Craig’s List offering them at cost, figuring I might find a taker and arrange to hand them off downtown today or at the stadium tonight. Checking email as I walked to the gym, I found an inquiry about the tickets and phoned the guy, who happened to live 100 feet from where I was walking. A few minutes later, he had the tickets and I had the cash.
This quaint story is a single data point in a trend line—the high-tech version of It’s Getting Better All the Time. Everyone living a connected life enjoys hundreds, or even thousands, of conveniences every day because of information technology. Through billions of transactions across the society, technology improves our lives in ways unimaginable two decades ago.
Before 1995, nobody ever traded spare soccer tickets in under an hour, on a Tuesday night, without even changing his evening routine. If soccer tickets are too trivial (you must not understand the game), the same dynamics deliver incremental, but massive improvements in material wealth, awareness, education, and social and political empowerment to everyone—even those who don’t live “online.”
Sometimes debates about technology regulation are cast in doom and gloom terms like the Malthusian arguments about material wealth. But the benefits we already enjoy thanks to technology are not going away, and they will continue to accrue. We are arguing about the pace of progress, not its existence.
This is no reason to let up in our quest to give technologists and investors the freedom to produce more innovations that enhance everyone’s well-being even more. But it does counsel us to be optimistic and to teach this optimism to our ideological opponents, many of whom seem to look ahead and see only calamity.
Comments Posted in: Things that Go 'Bump' in the 'Net
The cloud won’t grow quite the way Berin notes, at least not if I can help it.
As the ongoing T-Mobile Sidekick failure shows, if you release your data to “the cloud,” you give up control. In this case, giving up control means giving up your data. (Speculation about what happened is here.)
When you combine that with the privacy consequences of delivering your data to god-knows-where, and to service providers that have heaven-knows-what data-sharing agreements with governments and corporations, the cloud looks a lot more gray.
There will always be a place for remote storage and services—indeed, they will remain an important part of the mix—but I think that everyone should ultimately have their own storage and servers. (Hey, we did it with PCs! Why not?) Our thoroughly distributed computing, storage, and processing infrastructure should be backed up to—well, not the cloud—to specific, identifiable, legally liable and responsible service providers.
Comments Posted in: Technology, Business & Cool Toys, Things that Go 'Bump' in the 'Net
Our job here at TLF is generally to talk about policy as opinion leaders, but I tend to be a little campaign-y sometimes. When I see something I don’t like, I’ll use this platform to sound off about it.
It appears that ProFlowers.com engages in a shady practice: handing customers who accept a “special offer” from them to a company that charges people a monthly fee for what appears to be some kind of credit monitoring service. There are write-ups of varying depth and quality here, here, here, and here.
Question: Does the Internet provide enough feedback to suppress this practice? How could the e-commerce ecosystem be changed to alert people about this kind of thing ahead of time?
Being a smart, informed, and aggressive consumer is each person’s responsibility if a free market is to operate well. The alternative is a negative feedback loop in which government authorities protect us, we rely on that protection and stop policing retailers. Thereby we abandon the field of consumer protection to government authorities, who—try as they might—can never do as good a job for us as we can for ourselves.
Should we each run a “scam” search on new online businesses before we deal with them? Maybe so. But that’s a little clunky. With the popularity of Firefox plug-ins for problem solving around here, maybe one of the consumer review/complaint sites could develop a plug-in to provide people reviews of a retailer as they visit the site.
I hope that prompting a conversation around the apparent ProFlowers.com credit card ripoff scam will alert savvy shoppers to a risk of doing business with them. (For the sake of searchability, feel free to blog a little bit yourself about the apparent ProFlowers credit card ripoff scam.) Perhaps this discussion will also generate a systemic fix that preempts shady dealings of the type alleged here.
Comments Posted in: E-Commerce Taxation & Regulation, Technology, Business & Cool Toys, Things that Go 'Bump' in the 'Net
One of my favorite recurring themes here on TLF is the definitional dispute/clarification. We point out where a term has been used in many different ways and explain the positives and negatives of the various behaviors described by that term. I just did this with privacy.
Of course, it is somewhat pointless to argue about the “true” meaning of a term, but that’s not exactly what’s involved here. Yes, we libertarians can lament when terms that used to describe things we believe in, like “liberal,” “freedom,” “rights,” “choice,” etc., get appropriated by others and terms that used to describe things we don’t believe in, like “coercion,” get ascribed to us. There may be some battles we can win, some terms we can hold onto, but these disputes often end up with two ships passing in the night.
But I’m talking about something a little different. Lots of terms that have, or get, normative connotations – that sound like they describe something good (think “democracy”) or bad (think “terrorism”) – get way overbroadened. Speakers use such terms to describe nearly anything (as long as it’s vaguely related to the original meaning) to which the speaker wants to ascribe the good/bad connotation. We here on TLF catalog those various ways such terms have been used – break the term down – and describe which ways are really good and really bad. As I said, I just did this with privacy. If this were a more lawy, as opposed to techy, blog I’d do it with “activism,” one of my pet peeve words. (Maybe I’ll do it anyway; after all, I posted on the best and worst Supreme Court decisions even though they weren’t especially tech-focused.)
But today, it’s “regulatory capture.” We have discussed it a bit recently, including just tonight. Tim Lee did some great posts on it back in the day. It’s definitely a recurring theme here. We seem to have something fairly specific in mind when we use the term. As Tim put it, it is when “established businesses argue in favor of regulations that they perceive as hurting their competitors (often smaller competitors) more than themselves.” Indeed, I argued with a commenter on one of Wayne’s posts that this definition that makes the most sense given the meanings of the words:
Regulatory capture is when businesses capture regulatory actions and use them as tools, backed by the force of government, for imposing burdens on their competitors. Businesses banding together to oppose government intrusion is not “capture.” Fighting an enemy is not the same as capturing him and using him to do your bidding…
Call Tim’s and my definition the “appropriation” definition. Continue reading →
Comments Posted in: Antitrust & Competition Policy, Inside the Beltway (Politics), Things that Go 'Bump' in the 'Net
It’s fascinating to continue watching developments in Iran via Twitter and other social media.
The fact that Twitter delayed a scheduled outage to late-night Tehran time was laudable, but contrary to a growing belief it wasn’t done at the behest of the State Department. It was done at the behest of Twitter users.
Twitter makes that fairly (though imperfectly) clear on its blog, saying, “the State Department does not have access to our decision making process.”
As my Cato Institute colleague Justin Logan notes, events in Iran are not about the United States or U.S. policy. They should not be, or appear to be, directed or aided from Washington, D.C. Any shifts in power in Iran should be produced in Iran for Iranians, with support from the people of the world – not from any outside government.
People are free to speculate that the State Department asked Twitter to deny its involvement precisely to create the necessary appearances, but without good evidence of it, assuming that just reflects a pre-commitment that governments – not people and the businesses that serve them – are the primary forces for good in the world.
Comments Posted in: E-Government & Transparency, Inside the Beltway (Politics), Philosophy & Cyber-Libertarianism, Things that Go 'Bump' in the 'Net, Uncategorized
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.
