By Adam Thierer & Berin Szoka
Short but very important essay here from Santa Clara University Law School Prof. Eric Goldman about calls to alter Sec. 230 of the Communications Decency Act (CDA) to address concerns about online harassment. Generally speaking, Sec. 230 immunizes online intermediaries from punishing liability for the content that travels over their networks / services. Specifically, Sec. 230 stipulates that “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” In other words: Don’t shoot the messenger!
As we’ve noted here before, it is probably not an overstatement to think of Sec. 230 as the very cornerstone of Internet Freedom, since it makes possible an online “utopia for utopias,” to borrow a phrase from our favorite modern political philosopher, the late Robert Nozick. Without Sec. 230, intermediaries would likely be forced to shut down many avenues of communication and would have to become deputized conduct and morality police for every cyber-street corner.
Goldman, America’s leading expert on Sec. 230-related jurisprudence, correctly notes that, “Frequently, § 230’s critics do not attack the immunization generally, but instead advocate a new limited exception for their pet concern.” He’s got that right. Indeed, we are increasingly hearing calls from numerous quarters these days to “tweak 230” for one pet concern after another. We’ve illustrated some of those concerns in this exhibit.
Deputization of the Middleman http://d1.scribdassets.com/ScribdViewer.swf
Regulatory advocates can be found for each of these issues who like to see the protections afforded by Sec. 230 scaled back by Congress or he courts. But Goldman rightly warns:
Continue reading →
On July 27th, The Progress & Freedom Foundation hosted a Capitol Hill panel discussion entitled “Online Child Safety, Privacy, and Free Speech: An Overview of Challenges in Congress & the States.” The event featured remarks from:
- Parry Aftab, Executive Director, WiredSafety.org
- Todd Haiken, Senior Manager of Policy, Common Sense Media
- Jim Halpert, Partner, DLA Piper
- Berin Szoka, Senior Fellow, The Progress & Freedom Foundation
We’ve just released the transcript of the event, which I have also pasted down below the fold in a Scribd document reader. Also, the audio for this event can be heard by clicking below:
Download mp3
Here is the full event description: Continue reading →
What Unites Advocates of Speech Controls & Privacy Regulation? [pdf]
by Adam Thierer & Berin Szoka
The Progress & Freedom Foundation,
Progress on Point No. 16.19
Anyone who has spent time following debates about speech and privacy regulation comes to recognize the striking parallels between these two policy arenas. In this paper we will highlight the common rhetoric, proposals, and tactics that unite these regulatory movements. Moreover, we will argue that, at root, what often animates calls for regulation of both speech and privacy are two remarkably elitist beliefs:
- People are too ignorant (or simply too busy) to be trusted to make wise decisions for themselves (or their children); and/or,
- All or most people share essentially the same values or concerns and, therefore, “community standards” should trump household (or individual) standards.
While our use of the term “elitism” may unduly offend some understandably sensitive to populist demagoguery, our aim here is not to launch a broadside against elitism as
Time magazine culture critic William H. Henry once defined it: “The willingness to assert unyieldingly that one idea, contribution or attainment is better than another.”[1] Rather, our aim here is to critique that elitism which rises to the level of political condescension and legal sanction. We attack not so much the beliefs of some leaders, activists, or intellectuals that they have a better idea of what it in the public’s best interest than the public itself does, but rather the imposition of those beliefs through coercive, top-down mandates.
That sort of elitism—elitism enforced by law—is often the objective of speech and privacy regulatory advocates. Our goal is to identify the common themes that unite these regulatory movements, explain why such political elitism is unwarranted, and make it clear how it threatens individual liberty as well as the future of free and open Internet. As an alternative to this elitist vision, we advocate an empowerment agenda: fostering an environment in which users have the tools and information they need to make decisions for themselves and their families. Continue reading →
In an earlier post, I mentioned an important new online child safety task force report that has just been released from the “Point Smart. Click Safe.” Blue Ribbon Working Group. It’s a great report and I encourage you to read the whole thing. It was my great pleasure to serve on this task force, and as we started finalizing our conclusions and recommendations, I started thinking about how much of what we were finding and recommending was consistent with what past online safety task forces had also concluded.
By way of background, over the past decade, five major online safety task forces or blue ribbon commissions have been convened to study online safety issues. Two of these task forces were convened in the United States and issued reports in 2000 (“COPA Commission”) and 2002 (“Thornburgh Commission“). Another was commissioned by the British government in 2007 and issued in a major report in March 2008 (“Byron Review“). Finally, two additional online safety task forces were formed in the U.S. in 2008 and concluded their work, respectively, in January (“Internet Safety Technical Task Force“) and July (“Point Smart. Click Safe.“) of 2009. [And yet another task force — the Online Safety Technology Working Group — was recently formed and has now gotten underway.]
In a new PFF white paper, ”
Five Online Safety Task Forces Agree: Education, Empowerment & Self-Regulation Are the Answer,” I walk through a chronological summary of each of these past task forces [click on covers of each report below to read them in their entirety] and highlight some of the similar themes and recommendations from them.
Continue reading →
Lori Drew was convicted late last year on charges related to her role in a cruel hoax that led to the tragic suicide of thirteen-year old Megan Meier in Missouri in 2006. But today, at her sentencing, the judge threw out her convictions. Millions around the world were horrified by Megan’s fate, and many will probably be upset that Drew might go unpunished. But we need to separate three questions in this case:
- Should the federal anti-hacking law under which she was convicted really be applied in such cases?
- What, precisely, was Drew’s involvement?
- The key question: What should be done about the general problems of cyberbullying and cyberharassment?
Misuse of the Anti-Hacking Statute
Judge Wu has yet to issue his written opinion but seems to have agreed with the various experts on Internet law who argued that, however tragic the Meier case was, the Computer Fraud & Abuse Act (CFAA) should not have been applied to Drew. Most notably, the Electronic Frontier Foundation filed an Amicus Brief in support of Drew’s motion to dismiss the charges against her—summarized by Groklaw and the Harvard Journal of Law & Technology. Orin Kerr, a leading Internet law professor, felt so strongly about the consequences of using the CFAA to criminalize violations of privately written terms of service that he joined Drew’s defense team. Kerr demonstrated the problems of essentially allowing private parties to create the grounds for criminal offenses (if violated by users) by suggesting obviously ridiculous new terms of service for the Volokh Conspiracy, the group blog he writes on.
Hard as it may be for those who want to “see justice done” in this case, the CFAA just isn’t the right law to apply—which raises the question of whether new laws are needed, discussed below.
Uncertainty About Drew’s Role
The judge may also have been influenced by uncertainty as to Drew’s actual role in the case. Initial coverage of the story suggested that Drew created the fake MySpace persona of a teen boy (“Josh Evans”), then used that profile to woo Meier, a classmate of Drew’s daughter, only to deliberately—and cruelly—break her heart. After Missouri prosecutors and the FBI declined to press charges against Drew, federal prosecutors in California decided to do so, but Drew consistently maintained that it was not her idea to create the account. Continue reading →
As I noted recently, Berin Szoka and I just released a big PFF white paper (PDF) entitled, “Cyberbullying Legislation: Why Education is Preferable to Regulation,” which examines two very different federal approaches to the issue. One approach is focused on the creation of a new federal crime to punish cyberbullying, which would include fines and jail time for violators. One approach, set forth by Rep. Linda Sánchez (D-CA) in H.R. 1966 (originally H.R. 6123), the “Megan Meier Cyberbullying Prevention Act,” would create a new federal felony: “Whoever transmits in interstate or foreign commerce any communication, with the intent to coerce, intimidate, harass, or cause substantial emotional distress to a person, using electronic means to support severe, repeated, and hostile behavior, shall be fined under this title or imprisoned not more than two years, or both.”
The other legislative approach is education-based and would create an Internet safety education grant program to address the issue in schools and communities. In mid-May, the “School and Family Education about the Internet (SAFE Internet) Act” (S. 1047) was introduced in the Senate by Sen. Robert Menendez (D-NJ) and in the House by Rep. Debbie Wasserman Schultz (D-FL). The measure proposes an Internet safety education grant program that will be administered by the Department of Justice, in concurrence with the Department of Education, and the Department of Health & Human Services.
On June 12, the Family Online Safety Institute (FOSI) hosted a discussion about these bill on Cap Hill, which was moderated by FOSI CEO Stephen Balkam. Representatives from both Rep. Sanchez’s and Sen. Menendez’s offices were on hand to discuss their bills, and I provided some feedback based upon what Berin and I concluded in our paper. It was a good discussion and I encourage you to watch the whole thing because there were some good questions from the audience later in the show.
http://www.youtube.com/v/FsCpOgwTqQM&hl=en&fs=1&
By Berin Szoka & Adam Thierer
We’ve just released a new PFF white paper (PDF) entitled, “Cyberbullying Legislation: Why Education is Preferable to Regulation.” In this 24-page study we note that, compared to previous fears about online predation, which have been greatly overblown, concerns about cyberbullying are more well-founded. Evidence suggests the cyberbullying is on the rise and that it can have profoundly damaging consequences for children.
Unsurprisingly, in the wake of a handful of high-profile cyberbullying incidents that resulted in teen/tween suicides, some state lawmakers began floating legislation to address the issue. More recently, two very different federal approaches have been proposed. One approach is focused on the creation of a new federal crime to punish cyberbullying, which would include fines and jail time for violators. In April 2008, Rep. Linda Sánchez (D-CA) introduced H.R. 1966 (originally H.R. 6123), the “Megan Meier Cyberbullying Prevention Act,” a bill that would create a new federal felony:
“Whoever transmits in interstate or foreign commerce any communication, with the intent to coerce, intimidate, harass, or cause substantial emotional distress to a person, using electronic means to support severe, repeated, and hostile behavior, shall be fined under this title or imprisoned not more than two years, or both.”
The other legislative approach is education-based and would create an Internet safety education grant program to address the issue in schools and communities. In mid-May, the “School and Family Education about the Internet (SAFE Internet) Act” (S. 1047) was introduced in the Senate by Sen. Robert Menendez (D-NJ) and in the House by Rep. Debbie Wasserman Schultz (D-FL). The measure proposes an Internet safety education grant program that will be administered by the Department of Justice, in concurrence with the Department of Education, and the Department of Health & Human Services. These agencies will also work in consultation with education, Internet safety, and other relevant experts to administer a five-year grant program, under which each grant will be awarded for a two-year period.
Continue reading →
Adam Thierer & I have just released a detailed examination (PDF) of brewing efforts to expand the Children’s Online Privacy Protection Act of 1998 to cover adolescents and potentially all social networking sites—an approach we call “COPPA 2.0.”
As Adam explained on Larry Magid’s CNET podcast, COPPA mandates certain online privacy protections for children under 13, most importantly that websites obtain the “verifiable consent” of a child’s parent before collecting personal information about that child or giving that child access to interactive functionality that might allow the child to share their personal information with others. The law was intended primarily to “enhance parental involvement in a child’s online activities” as a means of protecting the online privacy and safety of children.
Yet advocates of expanding COPPA—or “COPPA 2.0″—see COPPA’s verifiable parental consent framework as a means for imposing broad regulatory mandates in the name of online child safety and concerns about social networking, cyber-harassment,
etc. Two COPPA 2.0 bills are currently pending in New Jersey and Illinois. The accelerated review of COPPA to be conducted by the FTC next year (five years ahead of schedule) is likely to bring to Washington serious talk of expanding COPPA—even though Congress clearly rejected covering adolescents age 13-16 when COPPA was first proposed back in 1998.
We’ll discuss some of the key points of our paper in a series of blog posts, but here are the top nine reasons for rejecting COPPA 2.0, in that such an approach would:
- Burden the free speech rights of adults by imposing age verification mandates on many sites used by adults, thus restricting anonymous speech and essentially converging—in terms of practical consequences—with the unconstitutional Children’s Online Protection Act (COPA), another 1998 law sometimes confused with COPPA;
- Burden the free speech rights of adolescents to speak freely on—or gather information from—legal and socially beneficial websites;
- Hamper routine and socially beneficial communication between adolescents and adults;
- Reduce, rather than enhance, the privacy of adolescents, parents and other adults because of the massive volume of personal information that would have to be collected about users for authentication purposes (likely including credit card data);
Continue reading →
This week, I have been up at Harvard University participating in another meeting of the Internet Safety Technical Task Force (ISTTF), of which I am a member. The ISTTF was organized earlier this year pursuant to an agreement between 49 state attorneys general (AGs) and social networking giant MySpace.com. A group of experts from academia, non-profit organizations, and industry were appointed to the Task Force, which is charged with evaluating the market for online child safety tools and methods and issuing a report on the matter to the AGs at the end of this year. ISTTF members have been meeting privately and publicly in both Cambridge, MA and Washington, D.C. The Task Force has been very ably chaired by John Palfrey, co-director of Harvard’s Berkman Center for Internet & Society.
Although the ISTTF is looking at a wide variety of tools and methods associated with online child protection (ex: filters, monitoring tools, educational campaigns, etc.), many of the AGs who crafted the agreement with MySpace that led to the Task Force’s formation have made it clear that they are
most interested in having the ISTTF evaluate age verification / online verification technologies. In fact, at the start of this week’s session at Harvard Law School, AGs Martha Coakely of Massachusetts and Richard Blumenthal of Connecticut both spoke and made it abundantly clear they expect the Task Force to develop age and identify-verification tools for social networking sites (SNS). AG Blumenthal said we need to deal with “the dangers of anonymity” and repeated his standard line about online age verification: “If we can put a man on the moon, we can make the Internet safe.” [Of course, putting a man on the moon took hundreds of billions of dollars and a decade to accomplish, but never mind that fact! Moreover, one could also argue that if we can put a man on the moon we can cure hunger, AIDS, and the common cold, but some things are obviously easier said than done. Finally, putting a man on the moon didn’t require all Americans or their kids to give up their anonymity or privacy rights in order to accomplish the feat!]
On many occasions here before, I have outlined various questions and reservations about proposals to mandate online age verification. Last year, I also published a lengthy white paper on the issue and hosted a lively debate on Capitol Hill [transcript here] about this. I also have discussed age verification in my book on parental controls and online child safety. [Braden Cox also talked about his experiences up at Harvard this week here, and CNet’s Chris Soghoian had a brutal assessment of this week’s proposals on his “Surveillance State” blog.]
In this essay, I will discuss the new fault lines in the debate over online age verification and outline where I think we are heading next on this front. I will argue:
- There is now widespread understanding that it is extraordinarily difficult to verify the ages and identities of minors online using the methods we typically use to verify adults. Because of this, age verification proponents are increasingly proposing two alternative models of verifying kids before they go online or visit SNS…
- First, for those who continue to believe that we must do whatever we can to verify kids themselves, schools and school records are increasingly being viewed as the primary mechanism to facilitate that. This raises two serious questions: Do we want schools to serve as DMVs for our children? And, do we want more school records or information about our kids being accessed or put online?
- Second, for those who are uncomfortable with the idea of verifying kids or using schools, or school records, to accomplish that task, parental permission-based forms of authentication are becoming the preferred regulatory approach. Under this scheme, which might build upon the regulatory model found in the Children’s Online Privacy Protection Act of 1998 (COPPA), parents or guardians would be verified somehow and then would vouch for their children before they were allowed on a SNS, however defined. But how do we establish a clear link between parents and kids? And will parents be willing to surrender a great deal more information (about themselves and their kids) before their kids can go online? And, is it sensible to use a law that was meant to protect the privacy and personal information of children to potentially gather a great deal more information about them, and their parents?
- It remains very unclear how either of those two verification methods would make children safer online. Indeed, that could actually make kids less safe by compromising their personal information and creating a false sense of security online for them and their parents.
- It is highly unlikely the Internet Safety Technical Task Force will be able to reach consensus on this complicated, controversial issue. A small camp will likely flock to the sort of proposals mentioned above. Another, larger camp (including me) will flock to education-based approaches to child safety as well increased reliance on other parental empowerment tools and strategies, industry self-regulatory efforts, social norms, and better intervention strategies for troubled youth. But the age verification debate will go on and, as was the case over the past two years, the legal battleground will be state capitals across America, with AGs likely pushing for age verification mandates regardless of what the Task Force concludes.
Continue reading if you are interested in the details.
Continue reading →
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.