Posts tagged as:

On Doctorow’s “Adversarial Interoperability”

by on August 29, 2020 · 3 comments

Interoperability is a topic that has long been of interest to me. How networks, platforms, and devices work with each other–or sometimes fail to–is an important engineering, business, and policy issue. Back in 2012, I spilled out over 5,000 words on the topic when reviewing John Palfrey and Urs Gasser’s excellent book, Interop: The Promise and Perils of Highly Interconnected Systems.

I’ve always struggled with the interoperability issues, however, and often avoided them became of the sheer complexity of it all. Some interesting recent essays by sci-fi author and digital activist Cory Doctorow remind me that I need to get back on top of the issue. His latest essay is a call-to-arms in favor of what he calls “adversarial interoperability.” “[T]hat’s when you create a new product or service that plugs into the existing ones without the permission of the companies that make them,” he says. “Think of third-party printer ink, alternative app stores, or independent repair shops that use compatible parts from rival manufacturers to fix your car or your phone or your tractor.”

Doctorow is a vociferous defender of expanded digital access rights of many flavors and his latest essays on interoperability expand upon his previous advocacy for open access and a general freedom to tinker. He does much of this work with the Electronic Frontier Foundation (EFF), which shares his commitment to expanded digital access and interoperability rights in various contexts.

I’m in league with Doctorow and EFF on some of these things, but also find myself thinking they go much too far in other ways. At root, their work and advocacy raise a profound question: should there be any general right to exclude on digital platforms? Although he doesn’t always come right out and say it, Doctorow’s work often seems like an outright rejection of any sort of property rights in networks or platforms. Generally speaking, he does not want the law to recognize any right for tech platforms to exclude using digital fences of any sort. Continue reading →

SHARE: 3 comments

The Growing Conflict of Visions over the Internet of Things & Privacy

by on January 14, 2014 · 2 comments

When Google announced it was acquiring digital thermostat company Nest yesterday, it set off another round of privacy and security-related technopanic talk on Twitter and elsewhere. Fear and loathing seemed to be the order of the day. It seems that each new product launch or business announcement in the “Internet of Things” space is destined to set off another round of Chicken Little hand-wringing. We are typically told that the digital sky will soon fall on our collective heads unless we act preemptively to somehow head-off some sort of pending privacy or security apocalypse.

Meanwhile, however, a whole heck of lot of people are demanding more and more of these technologies, and American entrepreneurs are already engaged in heated competition with European and Asian rivals to be at the forefront of the next round Internet innovation to satisfy those consumer demands. So, how is this going to play out?

This gets to what becoming the defining policy issue of our time, not just for the Internet but for technology policy more generally: To what extent should the creators of new technologies seek the blessing of public officials before they develop and deploy their innovations? We can think of this as “the permission question” and it is creating a massive rift between those who desire more preemptive, precautionary safeguards for a variety of reasons (safety, security, privacy, copyright, etc.) and those of us who continue to believe that permissionless innovation should be the guiding ethos of our age. The chasm between these two worldviews is only going to deepen in coming years as the pace of innovation around new technologies (the Internet of Things, wearable tech, driverless cars, 3D printing, commercial drones, etc) continues to accelerate.

Sarah Kessler of Fast Company was kind enough to call me last night and ask for some general comments about Google buying Nest and she also sought out the comments of Marc Rotenberg of EPIC about privacy in the Internet of Things era more generally. Our comments provide a useful example of the divide between these two worldviews and foreshadow debates to come: Continue reading →

SHARE: 2 comments

Petitioning WH.gov: TSA’s Strip-Search Machines

by on July 30, 2012 · 1 comment

[Update II: The petition has now expired, about 2,500 signatures shy of the 25,000 needed to require a White House response.]

[Update: The D.C. Circuit Court of Appeals has accepted CEI’s amicus brief and ordered the TSA to answer EPIC’s petition. It is common for courts to simply reject petitions of this kind, so this is important progress in the effort to get TSA to follow the law.]

Will the White House give us a substantive answer or not?

A few weeks ago, we ‘celebrated’ the one-year anniversary of a court order requiring the TSA to do a notice-and-comment rulemaking on its policy of using strip-search machines for primary screening at airports. It’s been a year and the TSA has shown no action.

The Electronic Privacy Information Center, which brought the original case, filed a petition asking the D.C. Circuit Court of Appeals to require action on the TSA’s part. The Competitive Enterprise Institute and many other friends of the court chimed in with an amicus brief highlighting issues in the case. I emceed a Cato Capitol Hill briefing on the topic.

But the real fun has been with a petition on Whitehouse.gov asking the president to make the TSA follow the law. When I put that up there, the issue took off. Stories and links went out on Ars Technica, Wired, and the Washington Times, just to name a few. People sent notices out to their email lists. And there was plenty of Tweeting, blogging, reTweeting, reblogging.

The <a href=""petition”>https://petitions.whitehouse.gov/petition/require-transportation-security-administration-follow-law/tffCTwDd”>petition is nearing 16,000 signatures (of 25,000 needed to require a response from the White House). That would be great to have, though not essential. The PR value has already been gained.

PR value is real value in Washington, D.C., and to illustrate that value, inveterate friend of liberty Will Hayworth whipped up a little code to grab the locations of the people that named their location when they signed the petition, and he put them on a Google map. It’s a nice illustration of the nationwide distaste for the TSA’s policy—and its refusal to implement the policy consistent with the law.

Take a look and see how many people from your state or town have signed on. Do your friends need a reminder? Send them the link to the petition page!

Locations of Signers to “TSA—Follow the Law” Petition

Petitioning isn’t going to upend government, but it is an organizing idea with a constitutional pedigree—the First Amendment. So if you think TSA should follow the law, well, maybe you should <a href=""join”>https://petitions.whitehouse.gov/petition/require-transportation-security-administration-follow-law/tffCTwDd”>join in the fun!

If we get 25,000 signatures by August 9th, the White House will have to respond.

SHARE: 1 comment

This Would Be a Good Time to Not be Evil

by on July 20, 2011 · 5 comments

Daily news service TechLawJournal (subscription) reports that the U.S. District Court (DC) has granted summary judgment to the National Security Agency in EPIC v. NSA, a federal Freedom of Information Act (FOIA) case regarding the Electronic Privacy Information Center’s request for records regarding Google’s relationship with the NSA.

EPIC requested a wide array of records regarding interactions between Google and the NSA dealing with information security. Reports TLJ:

The NSA responded that it refused to confirm or deny whether it had a relationship with Google, citing Exemption 3 of FOIA (regarding records “specifically exempted from disclosure by statute”) and Section 6 of the National Security Agency Act of 1959 (which prohibits disclose of information about the NSA).

The FOIA merits of EPIC’s suit are one thing. It’s another for Google to have an intimate relationship with a government agency this secretive.

This would be a good time to not be evil. Google should either sever ties with the NSA or be as transparent (or more) than federal law would require the NSA to be in the absence of any special protection against disclosure.

SHARE: 5 comments

The Google Buzz Privacy Settlement as a Possible Public Choice Study

by on April 4, 2011 · 3 comments

PaidContent.org has posted a chart showing “Who’s Getting Buzz Settlement Money.” This refers to the $9.5 million payout following the Federal Trade Commission settlement with Google a class action suit over its “Buzz” social networking service. Last week, the Federal Trade Commission entered into a consent decree with Google over its botched rollout of Buzz saying the search giant violated its own privacy policy. Google will also pay out to various advocacy groups according to the distribution seen in the chart as part of a separate class action. Payouts to advocates like this are not uncommon, although they are more often the result of a class action settlement than a regulatory agency consent decree. [Update/Correction 5:13 pm: I should have made it clear that this payout was the result of a class action lawsuit against Google and not the direct result of the FTC settlement. Apologies for that mistake, but still interested in the questions raised below.]

But that got me wondering whether this might make for good fodder for a case study by a public choice economist or political scientist. There are some really interesting questions raised by settlements like this that would be worth studying.

Continue reading →

SHARE: 3 comments

Facebook, Privacy, and Politicians’ Hypocrisy

by on May 25, 2010 · 5 comments

Facebook has had a tough month. The site’s latest round of privacy changes, implemented last month, spurred stiff backlash — not just from so-called privacy advocates, but also from several U.S. Senators. Facebook CEO Mark Zuckerberg shot back with an op-ed in The Washington Post, as Braden discussed here yesterday.

I’ve had much to say about Facebook’s past privacy controversies (1, 2, 3, 4, 5), but what really sticks out about the latest anti-Facebook backlash is who’s leading the charge: U.S. Senator Chuck Schumer.

Seriously, of all people, Chuck Schumer should be the last to criticize Facebook’s privacy practices. That’s because Schumer is leading the push in Congress to establish a biometric national identification regime. If Schumer had his way, all Americans, including U.S. citizens, wishing to legally work in this country would be required by law to obtain a national ID card! Compared to this highly invasive potential exercise of the state’s coercive power, concerns about Facebook’s privacy practices seem downright trivial.

Continue reading →

SHARE: 5 comments

EPIC: Suspend Airport Body Scanners

by on April 26, 2010 · 4 comments

Last week, the Electronic Privacy Information Center released a petition from a group it spearheaded, asking the Department of Homeland Security to suspend deployment of whole-body imaging (aka “strip-search machines”) at airports.

The petition is a thorough attack on the utility of the machines, the process (or lack of process) by which DHS has moved forward on deployment, and the suitability of the privacy protections the agency has claimed for the machines and computers that display denuded images of air travelers.

The petition sets up a variety of legal challenges to the use of the machines and the process DHS has used in deploying them.

Whole-body imaging was in retreat in the latter part of last year when an amendment to severely limit their use passed the House of Representatives. The December 25 terror attempt, in which a quantity of explosives was smuggled aboard a U.S.-bound airplane in a passenger’s underpants, gave the upper hand to the strip-search machines. But the DHS has moved forward precipitously with detection technology before, wasting millions of dollars. It may be doing so again.

My current assessment remains that strip-search machines provide a small margin of security at a very high risk to privacy. TSA efforts to control privacy risks have been welcome, though they may not be enough. The public may rationally judge that the security gained is not worth the privacy lost.

Wouldn’t it be nice if decisions about security were handled in a voluntary rather than a coercive environment? With airlines providing choice to consumers about security and privacy trade-offs? As it is, with government-run airline security, all will have to abide by the choices of the group that “wins” the debate.

SHARE: 4 comments

Google Buzz is No “Privacy Nightmare” (Unless You’re a Privacy Paternalist)

by on February 11, 2010 · 88 comments

I’m a big fan of CNET’s “Buzz Out Loud” podcast and often enjoy co-host Molly Wood’s occasional “Molly Rant” but I’m disappointed to see her jumping on the Google-bashing bandwagon with her latest rant: “Google Buzz: Privacy nightmare.” Instead of appreciating the “privacy by design” features of Buzz, she seems to be rushing to privacy paternalism—just as I feared many would when I blogged about the Buzz launch.

Molly’s primary complaint, repeated several times, is that “you automatically follow everyone in your Gmail contact list, and that information is publicly available in your profile, by default, to everyone who visits your profile.” Actually, while Buzz does automatically follow some users your contact list, it does so only for the ones you chat with most using Gmail (which I believe means only other Gmail users). After that, Buzz simply tells you when other users follow you, and makes it easy to follow them.

So what’s the big deal? Molly’s concern, shared by a number of other bloggers, is that, before a user can start Buzzing, they have to set up Google Profile (another Google product launched last August, which typically appears on the bottom of the first page of Google search results for that name) and the default setting for Google profiles is to “Display the list of people I’m following and people following me.” In this respect, your Google Profile is a lot like your Facebook profile, except that users can decide to hide their followers/followees on their Google profile. (On Facebook, that information is part of the limited bucket of “publicly available information” and can’t be hidden by the user from their profile, but users can opt-out of having their profile accessible at all through search engines or Facebook search.)

There are essentially three ways of dealing with this concern about inadvertent sharing of sensitive contacts: Continue reading →

SHARE: 88 comments

Video Game Photorealism within 10-15 Years

by on May 31, 2009 · 3 comments

Says Epic Games founder and CEO Tim Sweeney. I wonder what the FTC will think about this prospect in the report Congress asked them to send this year about video games.  I think it’s safe to assume that the thought of life-like sex and violence will create a true technopanic.

SHARE: 3 comments

DoJ Fails to Report Electronic Surveillance Activities

by on April 30, 2009 · 7 comments

Unlike with wiretaps, law enforcement agents are not required by federal statutes to obtain search warrants before employing pen registers or trap and trace devices. These devices record non-content information regarding telephone calls and Internet communications. (Of course, “non-content information” has quite a bit of content – who is talking to whom, how often, and for how long.)

The Electronic Privacy Information Center points out in a letter to Senate Judiciary Committee Chairman Patrick Leahy (D-VT) that the Department of Justice has consistently failed to report on the use of pen registers and trap and trace devices as required by law:

The Electronic Communications Privacy Act requires the Attorney General to “annually report to Congress on the number of pen register orders and orders for trap and trace devices applied for by law enforcement agencies of the Department of Justice.” However, between 1999 and 2003, the Department of Justice failed to comply with this requirement. Instead, 1999-2003 data was provided to Congress in a single “document dump,” which submitted five years of reports in November 2004. In addition, when the 1999-2003 reports were finally provided to Congress, the documents failed to include all of the information that the Pen Register Act requires to be shared with lawmakers. The documents do not detail the offenses for which the pen register and trap and trace orders were obtained, as required by 18 U.S.C. § 3126(2). Furthermore, the documents do not identify the district or branch office of the agencies that submitted the pen register requests, information required by 18 U.S.C. § 3126(8).

EPIC has found no evidence that the Department of Justice provided annual pen register reports to Congress for 2004, 2005, 2006, 2007, or 2008. “This failure would demonstrate ongoing, repeated breaches of the DOJ’s statutory obligations to inform the public and the Congress about the use of electronic surveillance authority,” they say.

It’s a good bet, when government powers are used without oversight, that they will be abused. Kudos to EPIC for pressing this issue. Senator Leahy’s Judiciary Committee should ensure that DoJ completes reporting on past years and that it reports regularly, in full, from here forward.

SHARE: 7 comments

← Previous Entries