Here’s a thought experiment. Let’s say you believe the Internet economy needs more regulation to guard against potential privacy violations or what you regard as excessive data aggregation. Further, you believe that no amount of self-regulation, social norms, market pressure, education, empowerment, or anything else could possibly substitute for regulation. I know there are a lot of people out there today who feel this way. Regardless of the merits of such claims, here’s my question for you: Do the ends (enhanced privacy protections) justify any means (regulation at any and every level of government)? For example, what would you think about having all 50 states creating their own Privacy Offices or Data Protection Bureaus that issued regulations or recommendations about Internet best practices?

What got me thinking about this was this new blog post by Parker Higgins of EFF, “California Attorney General Releases Mobile Privacy Recommendations.” In the essay, Higgins showers praise on California Attorney General Kamala D. Harris, who just released a document (“Privacy on the Go“) that lays out a long set of privacy “best practices” for mobile app developers. Higgins writes:

EFF applauds this important step forward, and congratulates the California Attorney General on a thorough and clearly written explanation of the importance of mobile privacy and how developers can deliver. It’s true that as technology changes, the specific needs and guidelines for companies will need to adapt. We could well see a time when these principles do not adequately protect the rights and needs of consumers. However, right now these principles represent a huge step forward — going beyond existing law in a way that improves transparency, accountability, and choice for users of mobile devices.

Regardless of the merits of the principles and recommendations contained in that report — and I agree that many of them are quite sensible best practices that industry should be following — I can’t help but wonder whether it is wise for EFF to be cheering on state-based Internet meddling so openly. OK, so I can hear the primary objection: It’s not regulation; it’s just a set of recommendations! Well, yes and no. What AG Harris is doing here is an exercise in soft power or regulatory nudging. It’s a variation of what Tim Wu calls the “agency threats” model of regulating without any formal regulation being promulgated. (Wu enthusiastically endorses such exercises in arbitrary soft power). Or it’s what Randy Picker refers to a “non-law law,” which we are seeing more and more of on this front through the use of “best practice” reports or other agency guidance. And this is happening against the backdrop of a gradual expansion of formal privacy law in the state, such as the the California Online Privacy Protection Act (OPPA). Moreover, the state also has its own Office of Privacy Protection and AG Harris recently announced the creation of a Privacy Enforcement and Protection Unit in the Calif. Department of Justice.  Last year, she also brokered a Joint Statement of Principles that was adopted by the leading operators of mobile application platforms “to help bring mobile apps in compliance with the California Online Privacy Protection Act.”

Thus, when the AG announces a new set of best practices and strongly suggests industry should be following them, there’s an implied “or else!” threat that hangs like a quasi-regulatory Sword of Damocles over the collective necks of everyone in this sector. Regardless of how you feel about such “administrative arm-twisting,” I would hope we could agree that there is some theoretical limit to efficient state-based regulation of a network that is national or global in scope, such as the Internet. And yet that’s the perilous path we’re heading down if more states begin to mimic AG Harris and the state of California.

I can’t help but think that if AG Harris was issuing best practices on almost any other Internet policy issue — online free speech, copyright, cybersecurity, online authentication, etc. — that EFF would be (rightly) screaming bloody murder or at least raising some tough questions about the potentially slippery slope of increased state-based Internet meddling. But because there’s a bit of selective morality at work here — EFF welcomes more privacy regulation but opposes most other forms of information control — they are willing to turn a blind eye to the danger of a parochial patchwork of Internet policies in the privacy context.

Perhaps such nudging ends in California and doesn’t spread more broadly across the U.S.  But that’s a pretty big risk. I hope EFF and others give more thought to what they are sanctioning here. 50 state Internet Bureaus isn’t likely to help the digital economy or serve the long-term interests of consumers.

Further Reading

• Copyright, Privacy, Property Rights & Information Control: Common Themes, Common Challenges
• When It Comes to Information Control, Everybody Has a Pet Issue & Everyone Will Be Disappointed
• The ACLU vs. Itself on User Empowerment for Online Safety & Privacy
• Privacy as an Information Control Regime: The Challenges Ahead
• Isn’t “Do Not Track” Just a “Broadcast Flag” Mandate for Privacy?

My latest Forbes column is entitled “With Freedom of Speech, The Technological Genie Is Out of the Bottle,” and it’s a look back at the amazing events that unfolded over the past week in the U.K. regarding privacy, free speech, and Twitter. I’m speaking, of course, about the “super-injunction” mess. I relate this episode to the ongoing research Jerry Brito and I are doing examining the increasing challenges of information control.

I begin by noting that:

When it comes to freedom of speech in the age of Twitter, for better or worse, the genie is out of the bottle. Controlling information flows on the Internet has always been challenging, but new communications technologies and media platforms make it increasingly difficult for governments to crack down on speech and data dissemination now that the masses are empowered. The most recent exhibit in the information control follies comes from the United Kingdom, where in the span of just one week the country’s enhanced libel law procedure was rendered a farce.

I go on to explain how Britain’s super-injunction regulatory regime unraveled so quickly and why it’s unlikely to be effectively enforceable in the future. Read the entire essay over at Forbes and then also check out Jerry’s Time TechLand editorial from last week, “Twitter’s Super-Duper U.K. Censorship Trouble.” I also just saw this piece by British defamation expect John Maher: “Law Playing Catch-up with New Media.” It’s worth a read.

When it comes to information control, everybody has a pet issue and everyone will be disappointed when law can’t resolve it. I was reminded of this truism while reading a provocative blog post yesterday by computer scientist Ben Adida entitled “(Your) Information Wants to be Free.” Adida’s essay touches upon an issue I have been writing about here a lot lately: the complexity of information control — especially in the context of individual privacy. [See my essays on “Privacy as an Information Control Regime: The Challenges Ahead,” “And so the IP & Porn Wars Give Way to the Privacy & Cybersecurity Wars,” and this recent FTC filing.]

In his essay, Adida observes that:

In 1984, Stewart Brand famously said that information wants to be free. John Perry Barlow reiterated it in the early 90s, and added “Information Replicates into the Cracks of Possibility.” When this idea was applied to online music sharing, it was cool in a “fight the man!” kind of way. Unfortunately, information replication doesn’t discriminate: your personal data, credit cards and medical problems alike, also want to be free. Keeping it secret is really, really hard.

Quite right. We’ve been debating the complexities of information control in the Internet policy arena for the last 20 years and I think we can all now safely conclude that information control is hugely challenging regardless of the sort of information in question. As I’ll note below, that doesn’t mean control is impossible, but the relative difficulty of slowing or stopping information flows of all varieties has increased exponentially in recent years.

But Adida’s more interesting point is the one about the selective morality at play in debates over information control. That is, people generally expect or favor information freedom in some arenas, but then get pretty upset when they can’t crack down on information flows elsewhere. Indeed, some people can get downright religious about the whole “information-wants-to-be-free” thing in some cases and then, without missing a beat, turn around and talk like information totalitarians in the next breath.

I discussed this in relation to the privacy debates in my essays referenced above. I’ve noted how some “cyber-progressives” (or whatever you prefer to call tech thinkers and advocates on the Left) have been practically giddy with delight at the sight of copyright owners scrambling to find methods to protect their content from widespread distribution over distributed digital networks. Just about every information control effort attempted in the copyright arena — whether we are talking about efforts like DRM  & paywalls or even suing end-users — has failed to provide the degree of protection desired. The “darknet” critique remains fairly cogent. It doesn’t mean I’m excusing copyright piracy as a normative matter; it’s just to say that the cyber-progressives were certainly on to something as an empirical matter when they detailed the deficiencies of various IP control efforts.

But here’s the interesting question: Why shouldn’t we believe that the exact same critique applies to privacy and personal information flows? Again, it’s not to say that, as a normative matter, privacy isn’t important. And data security certainly is. It’s just to say that, as an empirical matter, information control in this context is going to be every bit as difficult as information control in the copyright context. Yet, the same crowd of cyber-progressives who were all for information freedom in the copyright context are now hoping to crack down on personal information flows in the name of protecting privacy.

And it is not going to work.

Nor will it work well for those who are looking to crack down on the flow of bits that contain porn or violent content.

Nor will it work well for those “cyber-conservatives” who are looking to crack down on the flow of bits that contain state secrets or online gambling.

Nor will it work well for those who want to curb what they regard as “harassing” speech, “hate speech,” or defamatory comments.

And so on. And so on.

I will be accused of being too much of a technological determinist, but I think there’s a lot of evidence suggesting that at least “soft determinism” is the order of the day. In a brilliant and highly provocative new paper, ” Hasta La Vista Privacy, or How Technology Terminated Privacy,”  Konstantinos K. Stylianou of the University of Pennsylvania Law School discusses varieties of technological determinism as it pertains to information control and notes:

In-between the two extremes (technology as the defining factor of change and technology as a mere tangent of change) and in a multitude of combinations falls the so called soft determinism; that is, variations of the combined effect of technology on one hand and human choices and actions on the other. (p. 46)

Unfortunately, Stylianou notes, “The scope of soft determinism is unfortunately so broad that is loses all normative value. Encapsulated in the axiom ‘human beings do make their world, but they are also made by it,’ soft determinism is reduced to the self-evident.”  Nonetheless, he argues, “a compromise can be reached by mixing soft and hard determinism in a blend that reserves for technology the predominant role only in limited cases,” since he believes “there are indeed technologies so disruptive by their very nature they cause a certain change regardless of other factors.” (p. 46) He concludes his essay by noting:

it seems reasonable to infer that the thrust behind technological progress is so powerful that it is almost impossible for traditional legislation to catch up. While designing flexible rules may be of help, it also appears that technology has already advanced to the degree that is is able to bypass or manipulate legislation. As a result, the cat-and-mouse chase game between the law and technology will probably always tip in favor of technology. It may thus be a wise choice for the law to stop underestimating the dynamics of technology, and instead adapt to embrace it. (p. 54)

That pretty much sums up where I’m at on most information control issues and explains why I sound so fatalistic at times, even if I do believe that law can have an impact at the margins. Such “soft determinism” will be hard for some to swallow. Many will simply refuse to accept it, especially when they hear statements like those Stylianou makes in the context of privacy, such as: “the advancement of digital technology is ineluctably bound to have a destructive impact on privacy” (p. 47), or “technology has made it indeed so easy to collect personal data that in many cases they have lost their individual value, and instead function merely as statistical or ancillary data” (p. 51), or “What technological determinism teaches us so far is that people will always react negatively to more intrusive technology, but in the end they will probably succumb.” (p. 54)

One might cynically view this simply as a more eloquent restatement of Scott McNealy’s famous quip: “privacy is dead, get over it.”  While that’s an a bit of overstatement, it’s nonetheless true that privacy is under enormous strain because of modern digital developments (summarized in Exhibit 3 below). But, again, everything is under enormous strain. Perhaps, therefore, we need a reformulation of McNealy’s quip: “Information control is dead, get over it.”

Anyway, going forward, we need a framework to think about information control efforts. I’ve been working with my Mercatus Center colleague Jerry Brito to develop just that in a forthcoming paper (current running title: “The Trouble with Information Control.”)  To begin, we simplify matters by dividing information control efforts into four big buckets, as shown in Exhibit 1 below. ( Note: With Jerry Brito’s help, I have reworked these categories since first outlining them here):

Exhibit 1: RATIONALES FOR INFORMATION CONTROL

(1) Censorship / Speech Control

• politically unpopular speech
• porn
• violent content
• hate speech
• cyberbullying

(2) Privacy

• defamation
• reputation

(3) Copyright & Trademark Protection

(4) Security

• state secrets
• national security
• law enforcement
• cybersecurity
• online gambling

Next, we can consider various legal responses to these objects of information control, as detailed in Exhibit 2:

Exhibit 2: LEGAL & REGULATORY RESPONSES / APPROACHES TO INFORMATION CONTROL

• Intermediary deputization / secondary liability
• Individual prosecutions / fines
• Controls on speech / expression
• Controls on monetary flows
• Other Regulation
• Taxation / fines
• Agency enforcement / adjudication

Finally, we need to consider how efforts to control information today are greatly complicated by problems or phenomena that are unique to the Internet or the Information Age, as outlined in Exhibit 3:

Exhibit 3: INFORMATION CONTROL CONSIDERATIONS / COMPLICATIONS

• Media & Technological Convergence
• Decentralized, Distributed Networking
• Unprecedented Scale of Networked Communications
• Explosion of the Overall Volume of Information
• Unprecedented Individual Information Sharing Through User-Generation of Content and Self-Revelation of Data

In this upcoming paper, Jerry and I will provide case studies based on many of the issues outlined in Exhibit 1 and show how the information control methods shown in Exhibit 2 typically fail to slow or restrict information flows because of the factors outlined in Exhibit 3. Assuming we can prove our thesis — that soft determinism is the order of the day and information control efforts of all varieties are increasingly difficult (and often completely futile) — I fully expect that we will make just about everybody unhappy with us!

However, I want to conclude by noting that just because I am somewhat fatalistic or deterministic about the likely failure of most information control proposals or mechanisms, it doesn’t mean I am willing to just throw my hands in the air and say there’s absolutely nothing that can be done to address some of the concerns listed in Exhibit 1.  In my work on how to address online child safety issues, I tried to develop what I call a “3-E Solution” to address these concerns.  In my paper with Jerry, I’m hoping to use this as a framework for how to deal with all information control concerns going forward:

1. Education: Get more information out about the issue / concern.
2. Empowerment: Give consumers more and better tools to act on that information.
3. (Selective) Enforcement: Have law step in at the margins when it’s appropriate and cost-efficient, and only after education and empowerment fail.

Of course, how much stress we place on each component of this toolbox will depend on the issue. I’ve already suggested that the last “E” of enforcement will be largely ineffective, especially when outright prohibition of particular information flows is the objective. But enforcement could be more effective in other contexts, such as holding companies accountable for the promises they make to consumers, by policing industry self-regulatory schemes, or by demanding more transparency / disclosure. Those enforcement practices have helped in the child safety and privacy contexts. In other contexts, the severity of the harm in question may be so severe — ex: child pornography — that we would bypass the education and empowerment steps altogether and go to much greater lengths to make the enforcement option work. Even then, we should keep our expectations in check and avoid a rush to extreme solutions.

There’s much more to be explored here. Stay tuned.

On this week’s John Stossel show on Fox Business Network, I debated Internet privacy, advertising, and data collection issues with Michael Fertik of Reputation.com. In the few minutes we had for the segment, I tried to reiterate a couple of keep points that we’ve hammered repeatedly here in the past:

• There’s no free lunch. All the free sites and service we enjoy online today are powered by advertising and data collection. [see this op-ed]
• There is no clear harm in most cases, or what some argue is harm also can have many benefits that are rarely discussed. [see this paper.]
• There’s little acknowledgement of the trade-offs involved in having government create an information control regime for the Internet. [see this filing and these three essays: 1, 2, 3.]
• The ultimate code of “fair information practices” is the First Amendment, which favors free speech, openness, and transparency over secrecy and information control. [see this piece.]
• “Hands Off the Net” is a policy that has served us well. There are dangerous ramifications for our economy and long-term Internet freedoms if we continue down the road of “European-izing” privacy law here in the States. [see this essay and this filing.]
• At some point, personal responsibility needs to come into the equation. With so many privacy enhancing empowerment tools already on the market, it begs the question: If consumers don’t take steps to use those tools, why should government intervene and take action for them?

Anyway, here’s the 7-min video of the debate between Fertik and me:

Like Milton, I’m very worried about the political vulnerabilities that might arise if the wireless sector grows more concentrated. Still, I think it’s a big mistake to legitimize one repressive incarnation of coercive state power (antitrust intervention) to reduce the likelihood that another incarnation (information control) will intensify. This approach is not only defeatist, as Hance argues, but it also requires a tactical assessment that rests on several dubious assumptions.

First, Milton overestimates the marginal risk that the AT&T – T-Mobile deal will pave the way for an information control regime. The wireless market isn’t static; the disappearance of T-Mobile as an independent entity (which may well occur regardless of whether this deal goes through) hardly means we’re forever “doomed” to live with 3 nationwide wireless players. With major spectrum auctions likely on the horizon, and the possibility of existing spectrum holdings being combined in creative ways, the eventual emergence of one or more nationwide wireless competitors is quite possible — especially if, as skeptics of the AT&T – T-Mobile deal often argue, the wireless market underperforms in the years following the acquisition.

More importantly, network operators, like almost all Internet gatekeepers, face mounting pressure from their users not to facilitate censorship, surveillance, and repression. Case in point: AT&T is a leading member of the Digital Due Process coalition (to which I also belong) that’s urging Congress to substantially strengthen the 1986 federal statute that governs law enforcement access to private electronic communications. Consider that AT&T’s position on this major issue is officially at odds with the official position of the same Justice Department that’s currently reviewing the AT&T – T-Mobile deal. Would a docile, subservient network operator challenge its state overseers so publicly?

Or take Google. Arguably, it’s an enormously important gatekeeper — in many respects, it’s an even greater “chokepoint” than any single network operator — but the firm has held strong against substantial pressures from the U.S. government to facilitate censorship and surveillance. (See, e.g.: Google’s successful 2006 challenge to a Justice Department request seeking search query logs; Google’s recent refusal to remove DUI apps from its Android market; Google’s widely noted hesitance toward censoring search results absent a lawfully issued takedown request; Google’s 2010 joint amicus brief urging a federal district court to reject a Justice Department subpoena seeking to compel Yahoo! to disclose the contents of a user’s opened emails).

I could go on. The point is that large network operators are often willing to vigorously resist — both in private and in public — governmental demands that they facilitate information control. Working in cahoots with unpopular governmental actors is terrible PR; some major players seem to think it’s bad for business, too.

It’s often overlooked that antitrust intervention deprives us of beneficial competitive reactions to business deals — even deals that, viewed in isolation, appear to be “harmful.” The consequence of the AT&T – T-Mobile deal won’t simply be the two companies operating as a single entity; the deal will also force rivals to respond in unforeseeable ways that will tend to benefit consumers and fuel innovation. As Hance reminds us, this virtuous cycle of Schumpeterian creative destruction is fundamental to the long-term evolution of markets. When government blocks proposed business arrangements, it contributes to stasis — and static markets tend to be much easier to regulate and control than relatively dynamic markets.

To be sure, if the combination of AT&T and T-Mobile exacerbates political pressures for imposing a network information control regime, we cyber-libertarians should fight back vigorously. Turning to antitrust intervention to keep markets relatively unconcentrated — and, hence, more difficult to regulate — is a mistake.

If you welcome the growing pressures for regulating business arrangements in the high-tech sector, an emboldened antitrust regime is just what the doctor ordered.

A headline in the USA Today earlier this week screamed, “Hello, Big Brother: Digital Sensors Are Watching Us.”  It opens with an all too typical techno-panic tone, replete with tales of impending doom:

Odds are you will be monitored today — many times over. Surveillance cameras at airports, subways, banks and other public venues are not the only devices tracking you. Inexpensive, ever-watchful digital sensors are now ubiquitous.

They are in laptop webcams, video-game motion sensors, smartphone cameras, utility meters, passports and employee ID cards. Step out your front door and you could be captured in a high-resolution photograph taken from the air or street by Google or Microsoft, as they update their respective mapping services. Drive down a city thoroughfare, cross a toll bridge, or park at certain shopping malls and your license plate will be recorded and time-stamped. Several developments have converged to push the monitoring of human activity far beyond what George Orwell imagined. Low-cost digital cameras, motion sensors and biometric readers are proliferating just as the cost of storing digital data is decreasing. The result: the explosion of sensor data collection and storage.

Oh my God! Dust off you copies of the Unabomber Manifesto and run for your shack in the hills!

No, wait, don’t. Let’s instead step back, take a deep breath and think about this. As the article goes on to note, there will certainly be many benefits to our increasing “sensor society.”  Advertising and retail activity will become more personalized and offer consumers more customized good and services.  I wrote about that here at greater length in my essay on “Smart-Sign Technology: Retail Marketing Gets Sophisticated, But Will Regulation Kill It First?”  More importantly, ubiquitous digital sensors and data collection/storage will also increase our knowledge of the world around us exponentially and do wonders for scientific, environmental, and medical research.

But that won’t soothe the fears of those who fear the loss of their privacy and the rise of a surveillance society in which our every move is watched or tracked. So, let’s talk about what those of you who feel that way want to do about it.

The Challenge of Information Control

The USA Today quotes some people I know fairly well and have great respect for (Lee Tien, Chris Wolf, & Ryan Calo) raising various concerns but not really offering any specific recommendations. I suspect that it’s only a matter of time before we hear calls for regulation — even bans — of digital sensor / surveillance technologies.  On the other hand, things might unfold the way they did when RFID chips/tags came on the scene.  There was a lot of hysteria then, but things died down and — unless I missed something — no major restrictions on their use were instituted and RFID is in widespread use today.

But the “creepiness” or intrusiveness factor gets ratcheted up a bit with next-gen digital sensor technology, especially because they have become highly decentralized and dirt cheap. Practically every teenager is walking around with a powerful digital “sensor” or surveillance technology in the pocket today.  It’s called their phone.  Except they rarely use it to make calls.  They do, however, use it to record audio and video of themselves and the world around them and instantaneously share it will the planet. They also use geolocation technologies to pinpoint the movement of themselves and others in real time.

Meanwhile, new translation tools and biometric technologies are becoming widely available to average folk. Those of you who have played with Google Goggles on your smartphone know what I am talking about. Incredibly cool stuff, but you can see where it is heading. In a couple of years, we’ll have biometric buttons on our shirts feeding live streams of our daily movements and interactions into social networking sites and databases. We’ll use them to record our days and play them back later, or perhaps to just instantly scan and recognize faces and places in case we can’t remember them using our noggins. As a result, mountains of intimate data we be created, collected, collated, and cataloged on a daily basis. 

And there isn’t much we can do to stop this. As I noted in my essays on “Privacy as an Information Control Regime: The Challenges Ahead, and “The IP & Porn Wars Give Way to the Privacy & Cybersecurity Wars,” today’s information control efforts are greatly complicated by problems associated with (1) convergence, (2) scale, (3) volume, and (4) unprecedented individual empowerment / user-generation of content.  Thus, for better or worse, the information genies — porn, hate speech, spam, state secrets, pirated content, personal information, etc. — are out of their bottles and getting them back in will be an enormous challenge.

Darknet & the Decline of Practical Obscurity

In the context of personal privacy, the net result of all of this — to quote Jim Harper’s excellent 2006 book Identity Crisis — is the “decline of practical obscurity.”  “As practical obscurity declines,” Harper notes, “it becomes more likely that large quantities of data center on identified individuals  will be collected and more likely that it will be shared and used. With large collections if data highly correlated to precise identities, he consequences of being identified are changing.” (p. 163)  Harper rightly notes that may not be all bad. Again, there will be many benefits associated with this. But many others — especially those who are privacy fundamentalists and would have privacy trump most other values — won’t want to hear about possible benefits or trade-offs. It’s pretty much all bad from their perspective.

So, let’s get back to what we want to do about all this. Is “creepiness” enough of a harm to call in the code cops to undo progress?  If so, can we roll back the clock or put this particular technology back in the bottle?  I suppose that, with enough effort, we could.  But I can’t help but think about all the “darknet“-related critiques I’ve heard over the past decade about the futility of efforts to protect intellectual property or use DRM to secure IP against widespread dissemination. As I noted in my essay on “Two Paradoxes of Privacy Regulation,” many of these arguments have been set forth by the same people who now tell us they want to try to bottle up information in this context by “property-tizing” personal information.

But if the darknet critique holds for flows of copyrighted information, why would it not also hold for personal information?  Perhaps there is less incentive to push out personal information across the planet as aggressively as intellectual property, but that doesn’t mean there is no incentive to do so.  Many people will do it voluntarily each and every day when they put the most intimate details (and pictures / videos) of their lives online.  And, as they darknet critique informs us, once the information is out, it’s pretty much game over.

This is one reason why I’ve been mildly entertained by what some privacy regulatory advocates have said recently about “Do Not Track” regulation being able to stop or slow the technological arms race in the privacy arena.  “The header-based Do Not Track system appeals because it calls for an armistice in the arms race of online tracking,” says Rainey Reitman of EFF.  And the always provocative regulatory agitator Chris Soghoian argues that “opt out mechanisms… [could] finally free us from this cycle of arms races, in which advertising networks innovate around the latest browser privacy control.”  These guys should know better. There is no way in hell that Do Not Track would slow the technological “arms race” in this arena. If anything, a Do Not Track mandate will speed up that arms race and potentially just shift attention toward the development of Deep Packet Inspection (DPI) technologies or other, more invasive, forms of tracking.

I suppose they would argue that we’ll turn our attention to those technological developments as they happen, but that would make my point. There will be technological and marketplace responses to efforts to freeze current market structures, norms, and technologies in place. Again, for better or worse, progress happens.  It’s just that privacy advocates aren’t particularly fond of the consequences of technological progress in this regard and want to put a stop to it.  But they will fail.

Hyper-Transparency

At this point, some savvy readers might suspect I have fallen under the spell of David Brin and the vision he set forth in his 1997 book, The Transparent Society. There’s some truth to that, at least as it pertains to the empirical side of his argument. For those who forget his provocative thesis, Brin argued that:

While new surveillance and data technologies pose vexing challenges, we may be wise to pause and recall what worked for us so far. Reciprocal accountability — a widely shared power to shine light, even on the mighty — is the unsung marvel of our age, empowering even eccentrics and minorities to enforce their own freedom. Shall we scrap civilization’s best tool — light — in favor of a fad of secrecy?

Across the political spectrum, a “Strong Privacy” movement claims that liberty and personal privacy are best defended by anonymity and encryption, or else by ornate laws restricting what groups or individuals may be allowed to know. This approach may seem appealing, but there are no historical examples of it ever having worked.  Strong Privacy bears a severe burden of proof when they claim that a world of secrets will protect freedom… even privacy… better than what has worked for us so far — general openness.

Indeed, it’s a burden of proof that can sometimes be met! Certainly there are circumstances when/where secrecy is the only recourse… in concealing the location of shelters for battered wives, for instance, or in fiercely defending psychiatric records. These examples stand at one end of a sliding scale whose principal measure is the amount of harm that a piece of information might plausibly do, if released in an unfair manner. At the other end of the scale, new technologies seem to require changes in our definition of privacy. What salad dressing you use may be as widely known as what color sweater you wear on the street… and just as harmlessly boring.

The important thing to remember is that anyone who claims a right to keep something secret is also claiming a right to deny knowledge to others. There is an inherent conflict! Some kind of criterion must be used to adjudicate this tradeoff and most sensible people seem to agree that this criterion should be real or plausible harm… not simply whether or not somebody likes to keep personal data secret.

As a normative matter, I’m not entirely in league with Brin, but I do think he makes a very powerful case for transparency and openness trumping privacy and secrecy. (And isn’t it a delicious irony of information policy debates that the same crowd that is typically hammering on policymakers about the need for greater “openness” and transparency in all other matters suddenly wants to the opposite when our personal information is brought into the discussion?!)

But where I am entirely in agreement with Brin is with his empirical or practical case for understanding and, to some extent, accepting the world around us.  I wouldn’t necessarily label it the snarky “privacy is dead, just get over it,” but I would think it fair to call this philosophy “privacy is changing, and we need to learn how to live with it.”

Thinking about Concrete Harms & Targeted Solutions to Them

To be clear, I’m not against all forms of “privacy” law or regulation.  When it comes to government surveillance, I think we need more limitations on the State and the ability of public officials to access certain types of information, or act upon it. The key point here is that the solution to State surveillance concerns should not be bans on the technology. We instead need to shackle State actors and tightly delimit their power over our lives—such as by tightening up the Electronic Communications Privacy Act, as the Digital Due Process Coalition proposes, and by creating new protections for locational data, as Sen. Wyden has recently proposed.  And we should do so because the State possesses uniquely coercive powers over our lives and our property.

For privately aggregated data, it’s more complicated. I continue to think we can live with most forms of private data collection and aggregation since there are great benefits for society.  Most of the time, companies are just trying to sell us a more relevant product.  It’s hard for me to see the harm in that.  But there will be certain categories of personal information that will eventually need to be carved out of the mix.  I think health and financial information are the two primary categories in this case. It doesn’t mean we should take extreme steps to limit all data flows associated with them, but we will likely need to take some steps.  And most countries, including the U.S., already have targeted laws dealing with those two categories of personal information.  In this sense, I look at privacy regulation in much the same way I look at censorship.  The general default should be that openness and information sharing are permissible. But in some extreme cases — think child pornography — most of us can agree that the harm is quite tangible and significant enough to warrant repression of that information / content.

These are challenging issues and this is fertile ground for further academic investigation.  I think that we are only beginning to explore and understand the mechanics of information control regimes. As we continue that exploration, especially as we look to significantly broaden regulation of personal information flows, here are some questions for scholars to consider and debate:

• In the context of privacy and personal information, how far should law go to roll back digital progress or try to put the genie back in the bottle?
• Does the “darknet” theory have ramifications for the privacy debate?
• Can or should we have similar information control regimes for privacy, content control, defamation, intellectual property, cybersecurity, etc, or should each problem be treated/regulated differently?
• If, however, we adopt differing regulatory regimes for different classes of information, won’t the most restrictive regime become a model for the others?
• Finally, instead of attempting to stifle all information flows or block new technologies that facilitate information sharing, are we better off — as Brin suggests — channeling our energy in to increasing transparency across the board so that those who hold information about us are forced to reveal what they have or know?  Of course, that will lead some to suggest — as many privacy advocates do today — that we should be given more control over the uses of that information once it is in the wild.  Again, what I am assuming here is that that is increasingly an exercise in futility.

Every once and awhile it’s worth taking a step back and looking at the long view of how Internet policy developments have unfolded and consider where they might be heading next.  We’ve reached such a moment as it pertains to efforts to police the Internet for copyright piracy, objectionable online content, privacy violations, and cybersecurity.  We’re at an interesting crossroads in this regard since the prospects for successful cracking down on copyright piracy and pornography appear grim.  Seemingly every effort that has been tried has failed.  The Net is awash in online porn and pirated content.  I am not expressing a normative position on this, rather, I’m just stating what now seems to be commonly accepted fact.

In the meantime, the United States is in the process of creating new information control regimes and this time its access to personal information and cybersecurity that are the focus of regulatory efforts.  The goal of the privacy-related regulatory efforts is to help Netizens better protect their privacy in online environments and stop the “arms race” of escalating technological capabilities.  The goal of cybersecurity efforts is to make digital networks and systems more secure or, more profoundly as we see in the Wikileaks case, it is to bottle up state secrets.

These efforts are also likely to fail.  Simply stated, it’s a nightmare to bottle-up information once it’s out there.  It doesn’t make a difference if that information we are seeking to control is copyrighted content, hate speech, dirty pictures, defamatory speech, secret diplomatic cables, or personal information.  Information is the blood that runs through the veins of the Internet and once it’s out it is pretty much Game Over. Commenting on the recent Wikileaks debacle over the release of diplomatic cables, Wall Street Journal columnist Daniel Henninger noted that “There is one certain fix for the WikiLeaks problem: Blow up the Internet. Short of that, there is no obvious answer.”  The same thing is increasingly true for these other types of information flows.

Now That’s A Lot of Information

As I pointed out in my recent essay, “Privacy as an Information Control Regime,” efforts to control information today are greatly complicated by problems associated with (1) convergence, (2) scale, (3) volume, and (4) unprecedented individual empowerment / user-generation of content.  It’s the volume problem that I want to spend a bit of time on here today.

As I noted in that previous essay, the sheer volume of media and communications activity taking place today greatly complicates regulatory efforts. In simple terms, there is just too much stuff for policymakers to police today relative to the past.

Let’s put some hard numbers on this problem.  IDC’s 2009 report, “The Digital Universe Ahead — Are You Ready?” provides the following snapshot of the data deluge:

• Last year, despite the global recession, the Digital Universe set a record.  It grew by 62% to nearly 800,000 petabytes.  A petabyte is a million gigabytes.  Picture a stack of DVDs reaching from the earth to the moon and back.
• This year, the Digital Universe will grow almost as fast to 1.2 million petabytes, or 1.2 zettabytes.
• This explosive growth means that by 2020, our Digital Universe will be 44 TIMES AS BIG as it was in 2009.  Our stack of DVDs would now reach halfway to Mars.

And here’s a little something from the Global Information Industry Center’s report on “How Much Information?”:

In 2008, Americans consumed information for about 1.3 trillion hours, an average of almost 12 hours per day. Consumption totaled 3.6 zettabytes and 10,845 trillion words, corresponding to 100,500 words and 34 gigabytes for an average person on an average day. A zettabyte is 10 to the 21st power bytes, a million million gigabytes. These estimates are from an analysis of more than 20 different sources of information, from very old (newspapers and books) to very new (portable computer games, satellite radio, and Internet video). Information at work is not included.

(How about that caveat: information at work is not included!!)

To put all these petabytes and zettabytes in some context, here’s a chart that appeared in an Economist essay back in February entitled, “All Too Much: Monstrous Amounts of Data“:

These are mind-boggling numbers.  As the Economist chart suggests, it’s hard to even fathom what “yottabytes” entails, but that’s what’s next.

Anyway, let’s return to the privacy wars and think about the volume problem in that context. Today we’re hearing proposals to regulate online services (advertising networks) or software (web browsers) to clamp down on the flow of information.  The so-called “Do Not Track” mechanism is one potential solution that has been floated in the regard.

This reminds me of the illusive search for a “simple fix” or silver-bullet solution to online pornography.  The PICS /ICRA experience is instructive in this regard. That would be the W3C’s Platform for Internet Content Selection and Internet Content Rating Association.  For a time, there was hope that voluntary metadata tagging and content labeling could be used to screen objectionable content on the Internet.  But the sheer volume of material to be dealt with made that task almost impossible.  The effort has been abandoned now.  Of course, it’s true that effort didn’t have a government mandate behind it to encourage more widespread adoption, but even if it would have, does anyone really think all porn or other objectionable content would have been labeled and screened?

Similar problems await information control efforts in the privacy realm, even if a mandated Do Not Track mechanism required the re-engineering of web browser architecture.  Those who think Do Not Track would slow the “arms race” in this arena are kidding themselves.  If anything, a Do Not Track mandate will speed up that arms race.  Take a look at how well The CAN SPAM Act worked in practice if you want another example.

Selective Morality

Now, let’s pretend for a moment that I am wrong about all this in the privacy space and that the FTC and Congress somehow find a workable mechanism to control flows of personal information and can clamp down accordingly.   Again, I don’t believe it will happen, but if it did, doesn’t that mean it’s equally likely that the same mechanism would be used to crack down on speech, expression, copyrighted content, state information flows, or whatever else?

Perhaps that’s not a bad thing from your perspective, but what I find entertaining about this debate is how the folks who support an aggressive information control regime for privacy purposes generally also oppose  information control efforts as it pertains to speech, expression, copyright, or state secrets.  There’s a bit of selective morality at play here.  When it comes to personal information, the attitude seems to be that we must ‘pay any price, bear any burden,’ even going so far as to property-tize personal information flows.  In every other case, however, the attitude seems to be: Let information flow.

Regardless of one’s disposition on these matters, my point here is more simple: the information will flow.  Indeed, I think it is safe to say that there is a strong and growing negative correlation between the aggregate volume of data flowing across digital networks and the ability of policymakers to control those information flows. The recent Wikileaks release has made that new fact of life more evident to the world, but the ongoing IP wars might also hold some lessons for us in this regard.

Consider the thoughts of Sydney-based consultant Mark Pesce, who compares the two experiences.  He writes:

We’ve been here before.  This is 1999, the company is Napster, and the angry party is the recording industry.  It took them a while to strangle the beast, but they did finally manage to choke all the life out of it – for all the good it did them.  Within days after the death of Napster, Gnutella came around, and righted all the wrongs of Napster: decentralized where Napster was centralized; pervasive and increasingly invisible.  Gnutella created the ‘darknet’ for filesharing which has permanently crippled the recording and film industries.  The failure of Napster was the blueprint for Gnutella. In exactly the same way – note for note – the failures of Wikileaks provide the blueprint for the systems which will follow it, and which will permanently leave the state and its actors neutered.

And it is likely a blueprint for what will happen in the privacy arena as well.

Conclusion

Again, I want to be clear that the point of this essay has not been to endorse or celebrate copyright piracy, widespread porn, privacy violations, release of state secrets, etc.  We’ll all have differences of opinions on these matters.  But there’s simply no getting around the fact that all these problems are all likely here to stay and, barring extreme crackdowns, it’s very hard for me to imagine how government might reverse that tide.

In the extreme, I suppose we could follow the Chinese mode and firewall off digital networks, effectively nationalize ISPs, and then pay citizens to inform on each other about various transgressions.  Or, we could impose punishing forms of liability on digital intermediaries — effectively deputizing online middlemen and making them servants of the State.  But such extreme solutions would have nightmarish ramifications for the future of the Internet and digital communications networks.  We have to ask ourselves how far we want to go to control information flows.

I’m going to close out my series of essays about Tim Wu’s new book, The Master Switch: The Rise and Fall of Information Empires, by discussing his proposed solutions.  In the first five essays in the series, [1, 2, 3, 4, 5] I’ve critiqued Wu’s look at information history as well as his use of terms like “market failure,” “laissez-faire” and “open” vs. “closed.”  I argued there’s a great deal of over-simplification, even outright distortion, in his use of those terms throughout the book.

Anyway, let’s run through the basics of the book once more before getting to Wu’s proposed solutions.  By my reading of The Master Switch, Wu’s argument essentially goes something like this:

• Information industries go through cycles. After a period of “openness” and competition, they tend to drift toward “closed,” corporate-controlled, anti-consumer models and outcomes.
• The resulting “monopolists” then block much innovation, competition, and free speech.
• Consequently, “the purely economic laissez-faire approach… is no longer feasible.”
• Moreover, information industries are more important than all others (“information industries… can never be properly understood as ‘normal’ industries”) and even traditional forms of regulation, including antitrust, “are clearly inadequate for the regulation of information industries.” (p. 303).
• Thus, special rules should apply to information-related sectors of our economy.

Again, I’ve challenged some of these assertions in my previous essays, specifically, Wu’s incomplete history of cycles and the fact that he greatly underplays the role of governments in “locking-in” sub-optimal market structures or, worse yet, creating those structures through misguided public policies or regulatory capture.  Wu discusses some of those factors in his book, but he tends to regard them as secondary to the inquiry, whereas I believe they are crucial to understanding how most “closed” or anti-competitive scenarios develop or endure. Instead, Wu simplistically suggests that “the purely economic laissez-faire approach… is no longer feasible,” even though no such state of affairs has ever existed within communications or media industries. They have been subjected to varying levels of indirect influence or direct control almost since their inception.

Regardless, what does Tim Wu want done about the problems he has (mis-)diagnosed?

What Wu Wants: A “Constitutional” Approach to Private Regulation

Broadly speaking, Wu wants to counter what he regards as “the danger of private power,” “the Lockean sanctification of private property,” and the fact that “American economic life [has] been built mostly on freewheeling capitalism.” (p. 300)  More specifically, he wants to end the “cycle” he describes of markets moving from supposedly open to closed.

To do so, he proposes what he calls a “constitutional” approach to private marketplace regulation.  In reality, it would be a massive, unprecedented, and highly destructive information sector industrial policy that would substitute the Rule of Man for the Rule of Law.  But let’s hear how Wu describes it:

What I propose is not a regulatory approach but rather a constitutional approach to the information economy. By that I mean a regime whose goal is to constrain and divide all power that derives from the control of information. Specifically, what we need is something I would call a Separations Principle for the information economy. A Separations Principle would mean the creation of a salutary distance between each of the major functions or layers in the information economy. It would mean that those who develop information, those who control the network infrastructure on which it travels, and those who control the tools or venues of access must be kept apart from one another. At the same time, Separations Principle stipulates one other necessity: that the government also keep its distance and not intervene in the market to favor any technology, network monopoly, or integration of the major functions of an information industry.”  (p. 302, emphasis in original)

Wu calls this a “constitutional approach” because he models it on the separations of power found in the U.S. Constitution, such as the separation of church and State, as well as the separation of powers between branches of government.  Wu makes a few additional assertions:

• “[T]he Separations Principle accepts in advance that some of the benefits of concentration and unified action will be sacrificed, even in ways that may seem painful or costly.” (p. 305)
• But Wu believes that pain or cost is worth it because of the “corrupting effect of vertically integrated power.” (p. 305)
• “You cannot serve two masters, and the objectives of creating information are often at odds with those of disseminating it,” he says. (p. 305)
• Specifically, he claims the Separations Principle would better protect free speech and entrepreneurial freedom. On the former: “It is a recognition that the disposition of firms and industries is, if anything, more critical than the actions of the state in controlling who gets heard.” On the latter: “The Separations Principle protects entrepreneurial freedom by preventing stagnation and repression of business innovation, especially with the help of the state.” (p. 306)

There’s a lot to unpack here including Wu’s stunning claim that his Separations Principle doesn’t represent a regulatory regime, as well as his rather incredible belief that government meddling and machinations could be kept in check under this regime.

First, however, Wu deserves credit for coming clean about just how radical his proposal is.

Constitutional Limits on Governments vs. Private Actors

Wu admits that “It would be quite radical today even to contemplate imposing on the economy the kind of safeguards that the Constitution places on the political system.” (p. 301)  A few pages later he notes that “The Separations Principle… requires a certain breadth and ambition in its application.” (p. 308)

I’m glad Wu was willing to at least acknowledge the radicalness of his proposal.  But, as he is prone to do throughout the book, he raises an important potential objection only to quickly walk away from it.  In this case, however, it’s completely understandable why Wu wouldn’t want to continue this inquiry: His proposal really is “quite radical” since it is completely at odds with America’s constitutional heritage of individual liberty and limited government.

Let’s go back to Civics 101.  We require that governments live under certain constraints and the Rule of Law because we recognize that governments possess the unique ability to fine, punish, and imprison citizens.  Moreover, escape from government’s tentacles is difficult, if not impossible. A constitutional system is required, therefore, to limit government’s role over our lives and the economy.

By contrast, we do not impose similar constraints on individuals — or on individuals when they work collaboratively in organizations or corporations — primarily because we believe there should be a presumption of liberty in most human affairs.  Freedom is the default position.  We value freedom because it allows humans to exercise their free will and live a life of their own choosing — and that includes the freedom to pursue happiness by making money in a business venture.  Our nation’s founders saw the wisdom in this even before we had a grand historical clash between communism and capitalist systems.  From that experience, however, we now have undisputed proof that social and economic freedoms are closely linked, and that when humans are free, they prosper.  The other reason we default to freedom for private individuals and organizations is because the possibility of “escape” exists from undesirable social or economic situations.

Wu doesn’t bother slowing down to appreciate these distinctions. He gives occasional lip service to the dangers of excessive government power:

Again and again in the histories I have recounted, the state has shown itself an inferior arbiter of what is good for the information industries. The federal government’s role in radio and television from the 1920s through the 1960s, for instance, was nothing short of a disgrace…. Government’s tendency to protect large market players amounts to an illegitimate complicity … [particularly its] sense of obligation to protect big industries irrespective of their having become uncompetitive. (p. 308)

Quite right. Yet, as I pointed out in this earlier essay, there’s seemingly never any serious lesson to be drawn from that conclusion.  Wu just marches right along in his narrative and ignores that “disgrace” and its relationship to “the cycle.”

The crucial point here is that Wu doesn’t fully appreciate the qualitative difference between State power and corporate power.  Instead — consistent with many “media access” theorists who came before him — he largely equates those forms of power or even makes private power out to be the more significant threat to personal liberties and freedom of speech.  Again, we hear statements like “the disposition of firms and industries is, if anything, more critical than the actions of the state in controlling who gets heard.”

The problem with this is that (a) history shows it’s simply not true and (b) the corrective remedies such a theory counsels would require a massive enhancement of State power to counter the supposed threats of private power, which (c) would create an even bigger threat to human liberty since only the State can fine, imprison, and truly foreclose speech.

So, I’ll stick with traditional “constitutionalism,” thank you very much!  Tim Wu’s “constitutionalism,” by contrast, is the Rule of Man, not the Rule of Law.  Specifically, it would be the rule of a handful of unelected men (and women) down at the Federal Communications Commission, the Federal Trade Commission, or whatever other regulatory bureaucracies Wu would empower under this approach.   And, as we’ll see next, that approach is truly audacious in its scope.

Practical Considerations: An Unprecedented Information Control Regime

OK, let’s forget about all that philosophical and legalistic mumbo-jumbo.  After all, most people these days don’t really give a hoot about constitutional limitations or the first principles associated with our nation’s founding. Let us instead explore the Bold New World of information regulation that Wu wants imposed on the high-tech economy and consider its complexity and costs.  Wu is a bit short on details about how policymakers should go about constructing a “Separations” regime, or how it will work in practice, but he does suggest that Net neutrality regulation and expanded antitrust oversight are at least two of the core elements. But he says that will not be enough.

Despite the fact that Wu admits the FCC “has on occasion let itself become the enemy of the good, effectively a tool of repression,” Wu seems to suggest the agency will continue to have “day-to-day authority over the information industries.” (p. 309) Of course, the FCC’s role is currently limited mostly to older sectors of the information economy, but Wu seems to suggest that role should be expanded considerably.  Yet, FCC oversight isn’t enough either, Wu says.  He argues that “what is needed is not only an FCC institutionally committed to a Separations Principle but also a structural arrangement to guard against such deviations, including congressional oversight as well as attention and corrections from other branches of government.”

Here the “breadth and ambition in its application” associated with Wu’s Separations Principal becomes more apparent. We are talking about layers upon layers of regulation. More importantly, the key attribute of Wu’s Separations Principle is that it is preemptive and prophylactic in character.  He explicitly rejects the idea that marketplace experimentation should be allowed and that ex post administrative proceedings or antitrust enforcement will be good enough. “[T]here is the problem of taking an after-the-fact approach to a commodity so vital to our basic liberties,” he argues. (p. 204) Thus, Wu’s approach represent a return to the sort of anticipatory, “Mother, May I” regulatory regime America was supposed to be turning away from following the passage of the Telecommunications Act of 1996.

What’s most bizarre about Wu’s call for such a preemptive “Separations” approach is his insistence that it is not a regulatory approach.  It’s hard to know whether this is an astonishing bit of hubris or just plain naiveté.  I hate to suggest it, but I think Wu is perfectly aware of just how regulatory his system would be in practice; he just doesn’t want to admit it.  After all, for there to be “separations” of various segments of the information sector, someone would need to determine who and what belongs in which bucket.  Wu suggests we’ll need at least three buckets. To repeat, he says his Separations Principle “would mean that those who develop information, those who control the network infrastructure on which it travels, and those who control the tools or venues of access must be kept apart from one another.”  Let’s put some labels on these buckets:

• Bucket #1: Information Creators
• Bucket #2: Information Distributors
• Bucket #3: Information Hardware Makers

These would essentially become three of the new “titles” (or regulatory sections) of a forthcoming “Information Economy Separations Act.” (I’m assuming Wu understands it would take an act of Congress to implement this sweeping regime, although he never makes that clear.  Or perhaps he would just prefer the FCC “reclassify” the entire information economy by regulatory fiat? Who knows.  Again, he never really sweats the details on this important point.)

Regardless, the problem with these conceptually neat classifications is that don’t conform to our fast-paced, highly dynamic Information Age economy.  There is a fluidity of innovation and market activity that Wu utterly fails to appreciate.  I suppose it’d be easy to throw a couple of players into these buckets and tell them to stay put.  We could tell T-Mobile, for example, that they could be a wireless information distributor and absolutely nothing else; we could tell Discovery Networks, they could be a content creator and absolutely nothing else; and we could tell Intel, you can be a chip maker and absolutely nothing else.

But not every existing information sector actor or technology is so neatly compartmentalized. Moreover, Wu’s framework also begs the question: Would firms that currently have integrated operations and investments in multiple fields be forced to divest control of various operations to come in line with Wu’s Separations Principle?   Here are a few scenarios to consider (and with each example, ask yourself the question: What’s the harm here to would justify the sort of “separations” regime Wu proposes?):

• Cox Enterprises has a wide variety of content and distribution properties including: broadband services, cable TV channels and distribution systems, newspapers, radio stations, advertising and direct mail divisions, and AutoTrader.com.  How many pieces does the firm need to be split into to comply with Wu’s new “Separations” regime?
• Should an ISP be allowed to develop or offer (or directly integrate into their service) free anti-virus software and parental control technologies since that’s not part of the underlying distribution service? Nearly every major ISP does so already today.
• Even though the experiment was ultimately a failure, should Google have been allowed to break out of the search market and give the handheld device business a shot with the Nexus One?  Likewise, should Google be allowed to continue its experiment with local fiber or wi-fi networks even though it is so clearly outside their traditional line of business?  Finally, should the FCC have disallowed Google’s bid in the 700 MHz spectrum auction back in 2008 since it would have meant the firm was formally entering the information distribution business?
• Which bucket is Microsoft in as a traditional OS and software provider?  Regardless, was it a mistake to allow them to jump into the video game console marketplace with the Xbox many years ago?   Should MS have been forbidden from creating the Zune since it too was a digital device outside of Microsoft’s core field?  Should MS be allowed to have a content division that develops games or other content for its operating systems even though they might be considered two separate information markets?
• Sony produces movie and video game content but also develops hardware (video game consoles, televisions, music players, phones, etc.) on which that content can be played. Should that be illegal? Would they have to divest some of these divisions once Wu’s system went into effect?
• Apple is the ultimate example of an information hardware manufacturer that has not only diversified its hardware offerings from PCs to iPods, iPhones and iPads, but also become a (if not the) leading information distributor for digital music, movies, television shows, podcasts, books and audiobooks through iTunes.  The company’s Apps store also makes it a key distributor of software.  What bucket is it in?
• Should Amazon be allowed to be both the biggest online marketplace as well as the manufacturer of a device (the Kindle) that offers access to that store?

I could go on and on, but here’s the crucial point: Creating firewalls between the buckets Wu proposes would be a nightmare and would entail incessant regulatory interventions to make sure the walls weren’t breached.  As suggested above, the very act of regulatory line-drawing would be mind-bogglingly complex.  More importantly, each new information sector innovation would suddenly be subjected to a regulatory classification proceeding.

Wu is essentially saying there are few integrative efficiencies or other economic benefits associated with cross-sector deals or cross-platform technological developments.  Again, he dismisses the notion with one line: “[T]he Separations Principle accepts in advance that some of the benefits of concentration and unified action will be sacrificed, even in ways that may seem painful or costly.” (p. 305)  Well, that’s nice… except that this regulatory system would upend the U.S. information economy as we know it!  His Separations Principle is an unprecedented regulatory wrecking ball that would do untold destruction to the American economy in the name of creating a system of information apartheid. Wu also completely ignores the litigation nightmare that would ensue once the government started forcing the divestiture of various lines of business.  After all, many companies would likely have valid “takings” claims here under the Fifth Amendment.

But even if we could get beyond all that, we’d have to consider how this regime would work going forward.  Let’s consider a hypothetical example.  Virtual reality is an emerging field of our information economy that promises to experience rapid growth in coming years.  A number of companies are currently developing content and devices that will help bring a veritable Star Trek holodeck experience to our living rooms sometime very soon.  The market is still in a great deal of flux and it remains unclear which technologies will prevail or which developers and device makers will prosper.  One thing we know for certain, however: it’s a hugely complex and expensive undertaking.  VR technologies aren’t like creating a YouTube video of your cat playing a piano. There are significant costs associated with developing VR content and devices. Distributing VR bits over networks will, no doubt, be quite complicated as well.  Now, imagine two scenarios (which, for all I know, may already be playing out in the marketplace today):

• Scenario 1: A partnership is announced between some cutting-edge VR companies that have different core competencies in this field.  One of the companies is developing holographic imaging devices to project immersive environments directly into your living room or workspace.  Another of the partners is developing games that would take advantage of those new holographic imaging innovations.  And a third partner in the deal is developing software that will help manage the real-time, high-bandwidth flow of VR bits across broadband lines.  Under Wu’s Separations Principle, would this deal be illegal?
• Scenario 2: All of the activities discussed above are being handled by a single, integrated firm.  Is that illegal under Wu’s Separations Principle?

Now, it would be easy to dismiss this scenario with a casual wave of the hand and a ‘we’ll-figure-it-out-later’ attitude.  But consider the fact that deals and developments like this are happening every single minute of the day our modern information economy.  One wonders how regulators would even be expected to keep track of it all.  And they would have to keep track of it all because, again, Wu’s Separations Principle is preemptive and prophylactic in character.  His regulatory regime is going to have to come to grips with that fact that innovation happens. Markets evolve. People want to experiment and do bold new things. They tinker. They develop. They pitch. They deal. And so on.  As that dynamic process unfolds every day across the high-tech economy, Wu’s Separations Principle will be put to the test and necessitate a regulatory proceeding of some sort to determine what is permitted and what is verboten.  Meanwhile, the very uncertainty associated with Wu’s regime would delay and discourage investment in the field and formation of the partnership/venture necessary to successfully bring VR to market

Astonishingly, however, Wu argues that “a Separations regime would take much of the guesswork and impressionism, and indeed the influence trafficking, out of the oversight of information industries.” (p. 307) That’s a doozy of a claim.  To the extent his Separations Principle eliminates “guesswork” and creates more regulatory certainty, it would only do so by creating rigid artificial barriers to market entry and innovation across the information economy.  That’s “certainty” that we can live without.

Conclusion

Over on Amazon.com, I was interested to see Tim Wu post a glowing review of Kevin Kelly’s important new book, What Technology Wants (which I will be reviewing here next).  Kelly’s book argues that we should think of technology, or what he calls “the Technium,” as a “force” or even a living “organism” that has a “vital spirit” and which “has its own wants” and “a noticeable measure of autonomy.”  I think Kelly goes a bit far, but to the extent one buys into the notion that technology is like an organism, Tim Wu’s Information Industrial Policy would kill that organism.  Or, it would at least severely stunt its continued growth and evolution.

Because his information industry policy is every bit as “radical” as he suggests and would require, as he also admits, “a certain breadth and ambition in its application,” it is essential we reject this innovation-killing regulatory regime.  The health of the high-tech economy, the global competitiveness of the U.S. technology sector, and the long-term welfare of consumers depends upon it.

[This represents a bit of a departure from the traditional format of my ongoing “Media Deconsolidiation Series,” but you will see how it ties in…]

So, some guy from the (Un)Free Press — the activist group that wants to regulate every facet of the media and broadband universe — has created a scary looking chart about “Information Control” [seen below]. It’s based loosely on the Periodic Table of Elements, you know, to give it the aura of science and fact. In reality, it’s just another silly scare tactic that tells us very little about the true nature of our modern media marketplace.

The chart is accompanied by the typical Free Press gloom-and-doom rhetoric about the unfolding media apocalypse. “Nearly everything you see, hear and read that isn’t from a friend — whether on TV, the radio, or even on the Web — comes from a for-profit gatekeeper.”  And then comes the obligatory A.J. Liebling quote about how “Freedom of the press belongs to those who own one,” followed quickly by the typical punch line about how just a handful of companies (in this case 55 of ’em) are puppeteering all our thoughts in America today:

Combined, these 55 powerful media and telecommunications companies raked in total revenues in excess of $700 billion in 2007. Together they own over 540 TV stations, 2000 radio stations, 430 newspapers, 230 magazines, and 80 major cable channels in the United States. They provide paid TV service to approximately 52 million subscribers and broadband Internet service to over 57 million subscribers. They’re the bottlenecks through which our news, our entertainment, and our political discourse must travel. What they want to promote becomes prominent; what they suppress stays out of the mainstream. As such, these companies are the elements of information control.

Oh my God! We are all just brainwashed sheep!

Except we’re not. It amazes me how these “information control” and “media monopoly” myths keep getting widespread circulation. But the first thing to note is how the media reformistas can’t get even their story straight when it comes to how many “monopolists” are supposedly out there today. As I noted in my 2005 book, Media Myths: Making Sense of the Debate over Media Ownership, the critics seem to just pull their numbers out of a hat. Some say as few as 3 companies control everything. Others says 5 or 6. Still others say it might be a few dozen. And now this guy says its 55. Hey, that’s progress that even the Free Press should love!

Regardless of the number, does this really represent the totality of our modern media universe? Do those 55 companies really “own most of the 21st-century presses in America” as the “Info Control” website states? Answer: NOT. EVEN. CLOSE.  Here are the facts. [I happened to have compiled them for a PFF special report entitled Media Metrics: The True State of the Modern Media Marketplace to debunk myths just like this.]

In the table above, I have taken the number of media outlets owned by the 55 companies and then divided it by the total number of media outlets. This gives us the actual percentage of media outlets owned by the 55 media providers listed in the “Information Control” chart.  Needless to say, it’s hard to see how anyone can claim “bottleneck” control or “media monopoly” when an average of just 18% of all those outlets are owned by the 55 companies! And what that number doesn’t tell you is that — as my “Media Deconsolidation” series has been illustrating over the past two years — America’s media marketplace has been growing less concentrated with each passing month. Media companies are selling off and shedding assets and divisions faster than ever. There’s a 24-hour death watch going on over at Twitter these days on the “Media is Dying” thread if you care to follow the carnage in less than 140 characters at a time.

Oh, here’s another problem with the “Information Control” chart: Where exactly does the Internet fit into the picture? Answer: It doesn’t. They’ve conveniently left out the Net, online media, blogging, social networking, podcasting, and other bottom-up, user-generated content and forms of communication.

But let’s ignore the Internet and all those new Digital Age options for a moment. Let’s say this guy had it right and that only 55 companies really did control “Nearly everything you see, hear and read.”  The fact is, that really wouldn’t be the end of the world. 55 competitors would be considered a luxury in just about any other major economic sector.  Care to draw up a “Periodic Chart” for autos, airlines, supermarkets, or semiconductors? If one did, there would be far fewer squares on it. The fact is, even if we accepted the artificial limitations of this chart, we’d still have a lot of choices at our disposal.

But we need not accept those limitations. We live in a different world; a better world. With far more choices and diversity than this silly chart indicates. Indeed, by every conceivable measure we have more media options and diversity than we did 30 years ago. Magnitudes more. I bet the guy who put this chart together isn’t even old enough to remember when three old white guys in bad suits delivered us a half-hour of news each night at 6:30, and if we weren’t lucky enough to be sitting in front of our TVs at that exact moment, then we were screwed. Compare that pre-1980 reality to today and the unprecedented information cornucopia at our disposal. In my lifetime (I’m 40) we have seen the death of mass media and the end of “appointment-based” media consumption.  Media providers no longer call the shots; we the viewing and listening public do.

But shhhhh… we’re not suppose to talk about these meddlesome things called facts. You see, the entire media policy drama in this country is based on a glorious set of mega-myths. There’s a handful of nefarious schemers aiming to program our little minds with corporate propaganda, or so the story goes. They must be stopped. At all costs. Luckily, the enlightened few at the Free Press and other media reformista outfits have managed to avoid the corporate brainwashing — My God, how did they ever do it! — and so they are ready to lead us to the media promised land. But to get there, we must first burn the village to save it. We must destroy free media (as in free-market, for-profit media) to rebuild free media (as in media controlled by government masters). Only then will we enter Information Nirvana and liberate our minds from our evil corporate overlords!

Or so the story goes.

(P.S. Brian Anderson and I recently penned a book to counter these fantasies and the efforts by the media reformistas to remake the media marketplace in their preferred image. See: A Manifesto for Media Freedom, Encounter Books, 2008).