Boy, the symposium on “Competition in Online Search” that Daniel Sokol threw together this week over at the Antitrust & Competition Policy Blog could not have been better timed! As most of you know, the European Commission stepped up its attack on Google this week and all signs are that a lot more antitrust activity is on the way on this front.

Anyway, all the entries in the symposium are in and a few rebuttals have followed, including one by me. In my response, I took on Frank Pasquale and Eric Clemons, who were the most aggressive in their calls for search regulation. I thought I would just re-post it here to complement my early entry in the symposium on Monday.

 _______________

I enjoyed the entries in this symposium and learned something from each of them. I have a few things to say in response to both Frank Pasquale and Eric Clemons and their sweeping indictments of not just Google but seemingly the entire modern information economy.

Everywhere they look, it seems, Pasquale and Clemons see villainy. Someone completely alien to the modern online ecosystem would read Pasquale’s description of it — “digital feudalism,” “absolute sovereignty,” “opaque technologies,” “leaving users in the dark,” etc., etc. — and likely conclude that a catastrophe had befallen modern man. Of course, Pasquale’s narrative is missing any reference to the unparalleled expansion in the stock of knowledge and human choices that has been made possible by Google and the others companies he castigates (Apple, Facebook, Twitter, and Amazon). Meanwhile, Clemons wants to group Google in with supposed Wall Street robber barons as well as characters from Sinclair’s “The Jungle.” It’s all a bit much.

Regardless, what about those high-tech feudal lords, especially Google? Can we keep their market power in check without extreme steps? It goes without saying that neither Pasquale nor Clemons places much faith in the sort of dynamic, disruptive competition and creative destruction (which I documented in my entry in the symposium) as being an effective check on market behavior. But their skepticism goes well beyond that and transcends tradition antitrust analysis. They seem to assert that we just can’t trust large digital intermediaries at all, primarily because they are profit-maximizers. Clemons suggests that paid search shouldn’t even be permitted, which is a bit like saying ad-supported, for-profit newspapers should have been forbidden or regulated long ago.

Their skepticism about concentrated power fades quickly, however, when it’s the concentrated power of government that will be calling the shots in the digital economy. Regulators, Pasquale says, will be able to devise forms of redress that “help[] us confront issues of discrimination, malfeasance, nonfeasance, and technological due process in a rapidly changing online environment.” He suggests transparency mandates, external regulatory oversight, and that something akin to a mandatory right of reply for search results are all needed. Meanwhile, Clemons wants full-blown structural separation of Google into three or four different firms.

Pasquale and Clemons don’t bother addressing the trade-offs associated with their proposals. They apparently want us to imagine that these proposed remedies are innocuous and costless. They also don’t seem to give much weight to the critiques set forth by Marvin Ammori, James Grimmelman, or Dan Crane regarding the incoherent and potentially counter-productive nature of “search neutrality” remedies. Clemons also doesn’t seem at all worried about the forgone benefits of vertical integration, even though those benefits can be substantial in the field of search. The rich content and specialized integrated services that Google has been able to freely offer consumers deserve greater consideration before imposing the nuclear option of structural separation.

That last point is essential. We can’t divorce this discussion from the real-world evidence of just how well consumers have been served by the search market today. That begins with the fact that consumers don’t pay a penny for the cornucopia of content or expanding universe of constantly innovating services that they enjoy currently. So, to repeat what I said in my initial entry, the traditional goals of public utility regulation — universal service, price competition, and quality service — are already being achieved quite nicely without intervention. That makes the case for search regulation even harder to sustain.

Finally, let’s just talk about the practicality of all the regulation they advocate. Pasquale asks: “Is it too much to ask for some entity outside Google to be able to ‘look under the hood’ and understand what is going on in plausibly contested scenarios?” Well, perhaps it is! The respected blog SearchEngineLand has estimated that approximately 34,000 searches are conducted per second (or 2 million per minute; 121 million per hour; 3 billion per day; 88 billion per month). That’s a lot of activity for regulators to keep tabs on. And Google’s search algorithm is constantly being tweaked– more than 500 changes each year — to offer websurfers improved results and enhanced security against spammers and other malicious activity. Having regulators constantly “looking under the hood” and trying to adjust those results via a political process would likely slow innovation to a crawl. It would also open up the process to a great deal of gaming by other parties — including spammers and scammers. Moreover, the dangers of political gaming of search should not be discounted. Once policymakers have the sort of authority over search that Pasquale and Clemons recommend, the danger of political influence and regulatory shenanigans both grow exponentially.

In the end, I believe the combination of public pressure, social norms and, most importantly, ongoing innovation and creative destruction, can do a better job of protecting consumer welfare than the sort of sweeping regulatory interventions that Pasquale and Clemons advocate. We should be patient and see how this marketplace develops instead of engaging in rash interventions.

by Berin Szoka & Adam Thierer, Progress Snapshot 5.11 (PDF)

Ten years ago, Nobel Prize-winning economist Milton Friedman lamented the “Business Community’s Suicidal Impulse:” the persistent propensity to persecute one’s competitors through regulation or the threat thereof. Friedman asked: “Is it really in the self-interest of Silicon Valley to set the government on Microsoft?” After yesterday’s FCC vote’s to open a formal “Net Neutrality” rule-making, we must ask whether the high-tech industry—or consumers—will benefit from inviting government regulation of the Internet under the mantra of “neutrality.”

The hatred directed at Microsoft in the 1990s has more recently been focused on the industry that has brought broadband to Americans’ homes (Internet Service Providers) and the company that has done more than any other to make the web useful (Google). Both have been attacked for exercising supposed “gatekeeper” control over the Internet in one fashion or another. They are now turning their guns on each other—the first strikes in what threatens to become an all-out, thermonuclear war in the tech industry over increasingly broad neutrality mandates. Unless we find a way to achieve “Digital Détente,” the consequences of this increasing regulatory brinkmanship will be “mutually assured destruction” (MAD) for industry and consumers.

New Fronts in the Neutrality Wars

The FCC’s proposed rules would apply to all broadband providers, including wireless, but not to Google or many other players operating in other layers of the Net who favor such broadband-specific rules. With this rulemaking looming, AT&T came after Google with letters to the FCC in late September and then another last week accusing the company of violating neutrality principles in their business practices and arguing that any neutrality rules that apply to ISPs should apply equally to Google’s panoply of popular services. In particular, AT&T accused Google of “search engine bias,” suggesting that only government-enforced neutrality mandates could protect consumers from Google’s supposed “monopolist” control.

The promise made yesterday by the FCC—to only apply neutrality principles to the infrastructure layer of the Net—is hollow and will ultimately prove unenforceable. The reality is that regulation always spreads. The march of regulation can sometimes be glacial, but it is, sadly, almost inevitable: Regulatory regimes grow but almost never contract. Indeed, in some ways, the prediction we made just three weeks ago is already coming true: The basic premise of neutrality regulation is already being proposed for other layers of the Internet—and not just by AT&T in retaliation. One need not agree with all of AT&T’s accusations to recognize that, whatever the FCC might say today, any large online intermediary with a popular platform potentially faces the threat of “network neutrality” mandates—because every platform is essentially a “network,” too. We’re not just talking about “search neutrality” (Google as well as Microsoft) but also about “device neutrality” (mobile handsets), “app neutrality” (Apple’s iTunes store, Facebook’s developers and Google’s Android mobile OS) and so on for social networking, email, instant messaging, online advertising, etc.

An open letter sent to FCC Chairman Julius Genachowski this week by 28 founders and CEOs of leading application providers—including Amazon, Google, Facebook, Netflix, Craigslist, Sony and Twitter—speaks generally about the need for the FCC to enforce a “guarantee of neutral, nondiscriminatory access by users.” While many of these signatories may have in mind ISPs as the network “gatekeepers” that need to be reined in by the FCC, the more successful among them are likely to find this letter used against them in the future—perhaps even by co-signatories—to advance a broad conception of what the government must do to ensure “openness” and “access” for platforms at all layers of the Internet.

Dumb Networks, Dumb Devices

The intellectual foundations for this regulatory creep have already been laid by groups like Free Press and Public Knowledge and law professors like Columbia’s Tim Wu, Harvard’s Jonathan Zittrain and Seton Hall’s Frank Pasquale. As originally conceived by Tim Wu in 2003, “network neutrality” is not unique to broadband networks: “the basic economic problem found in the network neutrality debate (a form of ‘platform exclusion’ or ‘vertical foreclosure’) can be found in many other markets.” Indeed, Wu’s popular Net Neutrality FAQ declares:

The promotion of network neutrality is no different than the challenge of promoting fair evolutionary competition in any privately owned environment, whether a telephone network, operating system, or even a retail store. Government regulation in such contexts invariably tries to help ensure that the short-term interests of the owner do not prevent the best products or applications becoming available to end-users.

Zittrain picked up where Wu left off in The Future of the Internet and How to Stop It—attacking, as the enemies of innovation, not ISPs but the supposedly “closed” platforms of Apple, TiVo and Microsoft’s Xbox. Zittrain warns that:

If there is a present worldwide threat to neutrality in the movement of bits, it comes not from restrictions on traditional Internet access that can be evaded using generative PCs, but from enhancements to traditional and emerging appliancized services that are not open to third-party tinkering.

Zittrain’s general solution is “API [Applications Programming Interface] neutrality:” If you create a platform (whether hardware or software) and begin allowing third-party contributions (“generativity”), you will lose all control over devices or applications that can run on that platform.

Those who offer open APIs on the Net in an attempt to harness the generative cycle ought to remain application-neutral after their efforts have succeeded, so all those who built on top of their interface can continue to do so on equal terms…. [N]etwork neutrality ought to be applied to the new platforms of Web services that, in turn, depend on Internet connectivity to function.

Clearly, if Zittrain and his allies have their way, the sort of neutrality mandates envisioned by the FCC or some Congressmen for ISPs will eventually cover companies such as Apple, Google, Facebook, Myspace, Twitter and Amazon—all singled out by Zittrain in a New York Times op-ed in July:

If the market settles into a handful of gated cloud communities whose proprietors control the availability of new code, the time may come to ensure that their platforms do not discriminate. Such a demand could take many forms, from an outright regulatory requirement to a more subtle set of incentives — tax breaks or liability relief — that nudge companies to maintain the kind of openness that earlier allowed them a level playing field on which they could lure users from competing, mighty incumbents.

Frank Pasquale agrees on the need to restrain all “the dominant players at all layers of online life,” but focuses on his demand for a Federal Search Commission to control supposedly “biased” search results. While the FCC wrings its hands over “managed services” offered by ISPs, search engines are increasingly offering their own value-added services by “blending” algorithmically-derived results with special features like maps, videos, books or music depending on what the search term suggests the user is interested in. “Artificially” ensuring that these features appear on the first page of search results is clearly non-neutral, and necessarily involves search engines making ”managed” decisions as to whose features to include. Yet such features also clearly benefit users—dramatically improving the usefulness of search engines and helping to sustain struggling business models like music retailing.

But one need not resort to the works of “ivory tower” academics to see the slippery slope we’re already tumbling down with the infinitely elastic principle of “neutrality.” The prospect of the FCC gradually transforming into a “Federal Information Commission” becomes more apparent when one reads the Wireless Innovation and Investment Notice of Inquiry recently released by the FCC:

As other approaches, such as cloud computing, evolve, will established standards or de facto standards become more important to the applications development process? For example, can a dominant cloud computing position raise the same competitive issues that are now being discussed in the context of network neutrality? Will it be necessary to modify the existing balance between regulatory and market forces to promote further innovation in the development and deployment of new applications and services?

One can imagine how some might use such language to accuse Google of being in “a dominant cloud computing position” such that “the context of network neutrality” will be applied to cloud service (like Google Voice) to “modify the existing balance between regulatory and market forces” through regulation. Indeed, that’s precisely what AT&T has suggested in recent letters (September 25 ^th and October 14 ^th) to the FCC.

AT&T’s partner Apple has already been the subject of such attacks for its decision to block the Google Voice app earlier this summer. The incident marked the beginning of open warfare between Google and AT&T/Apple. The FCC quickly jumped into the mix, first questioning how Apple manages its iTunes apps store for the iPhone, then questioning how Google runs its free Voice application. What legal authority the FCC has over either service is far from clear, but Apple seems to have gotten the message: It recently approved the Spotify music streaming app for the iPhone, which could be a serious competitive threat to the iTunes music store. This small incident highlights how easily regulators can impose their will through informal mechanisms like open-ended investigations even without clear authority to issue rules or bring enforcement actions. Yet none dare call it what it is: regulatory blackmail.

The Inevitability of Regulatory Capture

No doubt, other industry players will cheer on such regulatory harassment of the titans of tech—and maybe even demand more of it. Regulatory creep is driven by more than the self-interests of every bureaucracy to expand its own mission, budget and staff. As the Electronic Frontier Foundation has noted, “Experience shows that the FCC is particularly vulnerable to regulatory capture.” While lobbyists play an important role in defending business from government, all too many businesses naively look at government as a beast that can be tamed, trained, and turned to one’s own advantage, and often try to use the expanding regulatory apparatus to their own advantage or simply throw their competitors under the bus to save themselves. The result is a Hobbesian regulatory “war of all against all” within industry.

As Professor Alfred E. Kahn explained in his 2-volume opus, The Economics of Regulation, all regulation—however high-minded—is inevitably captured by special interests because:

When a commission is responsible for the performance of an industry, it is under never completely escapable pressure to protect the health of the companies it regulates, to assure a desirable performance by relying on those monopolistic chosen instruments and its own controls rather than on the unplanned and unplannable forces of competition. […] Responsible for the continued provision and improvement of service, [the regulatory commission] comes increasingly and understandably to identify the interest of the public with that of the existing companies on whom it must rely to deliver goods.

If Internet regulation follows the same course as other industries, the FCC and/or lawmakers will eventually indulge calls by all sides to bring more providers and technologies “into the regulatory fold.” Clearly, this process has already begun. Even before rules are on the books, the companies that have made America the leader in the Digital Revolution are turning on each other in a dangerous game of brinksmanship, escalating demands for regulation and playing right into the hands of those who want to bring the entire high-tech sector under the thumb of government—under an Orwellian conception of “Internet Freedom” that makes corporations the real Big Brother, and government, our savior.

Toward a Less MAD World: Digital Détente

Sincere defenders of real Internet Freedom—that is, freedom from government techno-meddling—recognize that there will always be disputes over how companies deal with each other online across all layers of the Internet. The question is not whether we need a technical coordinating mechanism for handling such disputes. Someone should mediate conflicts over alleged deviations from abstract neutrality principles. But should that arbitrator be an inherently political body like FCC? Or should we instead look to truly independent, apolitical arbitrators like the Internet Engineering Task Force or collaborative efforts like the Network Neutrality Squad? Such alternative dispute resolution mechanisms and fora need not have the power of law to be effective: The weight of their expert opinion, based on careful investigation of the facts, would likely resolve most disputes, because companies have strong reputational incentives to comply with reasoned rulings by truly neutral experts. And the white hot spotlight of public attention has a way of disciplining marketplace behavior as well.

Government would still have a role to play, of course, in enforcing antitrust laws where anticompetitive harm to consumers can be proven, and in enforcing the promises companies make to consumers. Ultimately, however, certain business models and technologies require non-neutral treatment, and the best remedy for concerns about non-neutrality is competition itself: In the high-tech sector more than any other, disruptive innovation makes it difficult for even the most successful companies to stay on top forever. Competitive entry—or even the threat of new entry—provides a powerful check on the power of so-called “gatekeepers,” but even more important is the prospect that today’s leaders will be tomorrow’s laggards: There’s little reason to think Google (search and advertising), Apple (smart phones and music) and Facebook (social networking) won’t someday find themselves playing catch-up, just as IBM (computers), Microsoft (desktop software and search), Friendster and MySpace (social networking), and Yahoo! and AOL (web portals) have had to do.

“Digital Détente” would require that all parties concede something and work constructively toward a more “peaceful” ( i.e., less regulatory) resolution. And yet, no Internet company wants to disarm unilaterally, foreswearing politics as a continuation of competition by other means. Only through multilateral disarmament could they break out of the current cycle of regulatory one-upmanship: If the companies in the Internet ecosystem could form a united front against increased government regulation and in favor of removing existing regulatory obstacles to competition, they could all return to their core competencies of creativity and innovation.

The alternative is a regulatory “nuclear winter”: high-tech titans turning their political fire on each other, catching innocent third parties in the cross-fire and bringing a dark cloud of government regulation over the entire Internet. Such increased regulation would stifle investment and innovation throughout the Internet ecosystem. Thus, it is consumers who will ultimately suffer most from the tech industry’s suicidal impulse, as their choices and digital lives are impoverished. For their sake, we hope all industry players will step back from the brink to avoid such high-tech mutually assured destruction.

Adam Thierer and I have warned that neutrality regulation, once imposed on broadband providers, will extend to other Internet services wherever “gatekeepers” are alleged to control access to a platform used by others. In short, the slippery slope of creeping common carriage is real and we’re already heading down it, with cyber-collectivist “luminaries” like Jonathan Zittrain and Frank Pasquale demanding neutrality regulation for devices, application platforms like iTunes and Facebook, and search!

TLF Reader Jim Reardon made a particularly astute observation on my post asking whether Americans really want net neutrality regulation:

Regulation of any service, product or industry is preceded by definition. Once defined, it is subject to taxation. [Net Neutrality regulation] is a prelude to taxation of Internet products and services. It will likely start with telephony services and proceed accordingly to financial services, and continue from there. As such, the activity is essentially neutral insofar as technology innovation is concerned — so long as applicable taxes are paid the government will ensure that the service is not disfavored by the network operators.

Absolutely right! One of the greatest barriers to government regulation and taxation of the Internet today is the lack of clear definitions: The FCC rules will tell you precisely what “cable television” or “commercial radio” mean, but the concepts of “social networking,” “Internet video,” “blogging,” and even “search” are indeterminate and constantly evolving.

Ronald Reagan once quipped:

Government’s view of the economy could be summed up in a few short phrases: If it moves, tax it.  If it keeps moving, regulate it.  And if it stops moving, subsidize it.

Fortunately, government’s ability to implement this view depends—to paraphrase President Clinton—”on what the meaning of the word ‘is’ ‘it’ is”: Allowing “it” to remain beautifully amorphous may be the best way to keep government at bay.

Cory Doctorow has called for a Wikipedia-style effort to build an open source, non-profit search engine. From his column in The Guardian:

What’s more, the way that search engines determine the ranking and relevance of any given website has become more critical than the editorial berth at the New York Times combined with the chief spots at the major TV networks. Good search engine placement is make-or-break advertising. It’s ideological mindshare. It’s relevance… It’s a terrible idea to vest this much power with one company, even one as fun, user-centered and technologically excellent as Google. It’s too much power for a handful of companies to wield. The question of what we can and can’t see when we go hunting for answers demands a transparent, participatory solution. There’s no dictator benevolent enough to entrust with the power to determine our political, commercial, social and ideological agenda. This is one for The People. Put that way, it’s obvious: if search engines set the public agenda, they should be public.

He goes on to claim that “Google’s algorithms are editorial decisions.”   For Doctorow, this is an outrage: “so much editorial power is better vested in big, transparent, public entities than a few giant private concerns.”

I wish Doctorow well in his effort to crowdsource a Google-killer, but I’m more than a little skeptical that anyone would actually want to use his search engine of The People.  My guess is that, like most things produced in the name of “The People” (Soviet toilet paper comes to mind), it will probably won’t be much fun to use, and will likely chafe noticeably. (For the record, I love and regularly use Wikipedia; I just don’t think that model is unlikely to produce a particularly useful search engine.  As Doctorow himself has noted of Google, “they make incredibly awesome search tools.”)

But I’m glad to see that Doctorow has conceded an important point of constitutional law: The First Amendment protects the editorial discretion of search engines, like all private companies, to decide what to content to communicate.  For a newspaper, that means deciding which articles or editorials to run.  For a library or bookstore, it means which books to carry.  For search engines, it means how to write their search algorithims.

Doctorow’s “We’ll build our own darn rocket ship in the backyard!” response  to his deep concerns about Google’s dominance of search does not, of course, impinge on Google’s editorial discretion—and for that, I commend him.  But others, most notably Frank Pasquale, have indeed proposed government action to address such concerns in ways that most surely would impinge on the First Amendment rights of all search engines.

Pasquale’s comlpaint about Google is essentially the same as Doctorow’s, but rather than proposing an innovative (if unrealistic) alternative (like Doctorow), he  has called (PDF) for the “creation of a Federal Search Commission to parallel the Federal Communications Commission” and declared that ” In order to reduce opportunities for clickfraud and unfair treatment of indexed entities, qualified transparency will be needed in order to open up the ‘black box’ of search engine operations to at least some third parties.”   He focuses on search algorithms because:

The heart of a search engine and the key to its success is its search algorithm. Effective algorithms are protected by a veil of secrecy and by various intellectual property rights. As a result, new entrants cannot easily appropriate existing algorithms. Moreover, many algorithms are trade secrets. Unlike patents, which the patent holder must disclose and which eventually expire, these trade secrets may never enter the public domain. Search algorithms may be analogous to the high-cost infrastructure required for entry into the utility or railroad markets.

He diagnoses the problem as follows:

given the emphasis on secrecy in the search engine business model, no one can verify that such rankings have not been manipulated or that subtler biases in favor of search engines’ partners are not being worked into the search algorithm… If search engines are to be accountable at all, if their interest is to be balanced against those of the various other claimants involved in search-related disputes, and if social values are to be given any weight, some governmental agent should be able to peer into the black box of search and determine whether or not illegitimate manipulation has occurred.

But what about editorial discretion?  Why should Google be forced to change its PageRank algorithms any more than The New York Times should be forced to change how it decides which stories to run?  Moreover, why should Google be forced to disclose how this process works?  Assigning a government monitor to sit in on meetings of the Times‘ editorial board “to detect bias” would clearly impinge on their editorial discretion.  Similarly, I don’t see why forcing a Yahoo!, Microsoft or any other search engine to disclose their equivalent processes for ranking search results should pass constitutional muster.

Editorial discretion means getting to make your own decisions, even if they might seem biased to those wise elites who “know better” because, well, it’s your decision and not the government’s!  Saying that speakers can make whatever decisions they want as long as they’re not biased means speakers don’t really have editorial discretion after all.

So, if recognizing that search algorithms are a form of editorial discretion is a problem (as Doctorow implies), it’s only insofar as this might frustrate the desires of those who would regulate search.

Anyone interested in the long-running debate over how to balance online privacy with anonymity and free speech, whether Section 230‘s broad immunity for Internet intermediaries should be revised, and whether we need new privacy legislation must read the important and enthralling NYT Magazine piece  “The Trolls Among Us” by Mattathias Schwartz about the very real problem of Internet “trolls“–a term dating to the 1980s and defined as “someone who intentionally disrupts online communities.”

While all trolls “do it for the lulz” (“for kicks” in Web-speak) they range from the merely puckish to the truly “malwebolent.”  For some, trolling is essentially senseless web-harassment or “violence” (e.g., griefers), while for others it is intended to make a narrow point or even as part of a broader movement.  These purposeful trolls might be thought of as the Yippies of the Internet, whose generally harmless anti-war counter-cutural antics in the late 1960s were the subject of the star-crossed Vice President Spiro T. Agnew‘s witticism:

And if the hippies and the yippies and the disrupters of the systems that Washington and Lincoln as presidents brought forth in this country will shut up and work within our free system of government, I will lower my voice.

But the more extreme of these “disrupters of systems” might also be compared to the plainly terroristic Weathermen or even the more familiar Al-Qaeda.  While Schwartz himself does not explicitly draw such comparisons, the scenario he paints of human cruelty is truly nightmarish:  After reading his article before heading to bed last night, I myself had Kafka-esque dreams about complete strangers invading my own privacy for no intelligible reason.  So I can certainly appreciate how terrifying Schwartz’s story will be to many readers, especially those less familiar with the Internet or simply less comfortable with the increasing readiness of so many younger Internet users to broadcast their lives online.

But Schwartz leaves unanswered two important questions.  The first question he does not ask:  Just how widespread is trolling? However real and tragic for its victims, without having some sense of the scale of the problem, it is difficult to answer the second question Schwartz raises but, wisely, does not presume to answer:  What should be done about it? The policy implications of Schwartz’s article might be summed up as follows:  Do we need new laws or should we focus on some combination of enforcing existing laws, user education and technological solutions?  While Schwartz focuses on trolling, the same questions can be asked about other forms of malwebolence–best exemplified by the high-profile online defamation Autoadmit.com case, which demonstrates the effectiveness of existing legal tools to deal with such problems.

Schwartz begins by noting that:

Many trolling practices … violate existing laws against harassment and threats. The difficulty is tracking down the perpetrators. In order to prosecute, investigators must subpoena sites and Internet service providers to learn the original author’s IP address, and from there, his legal identity. Local police departments generally don’t have the means to follow this digital trail, and federal investigators have their hands full with spam, terrorism, fraud and child pornography.

He then asks, quite fairly, what the consequences of more aggressive enforcement might be:

But even if we had the resources to aggressively prosecute trolls, would we want to? Are we ready for an Internet where law enforcement keeps watch over every vituperative blog and backbiting comments section, ready to spring at the first hint of violence? Probably not. All vigorous debates shade into trolling at the perimeter; it is next to impossible to excise the trolling without snuffing out the debate.

Certainly, proposals to ban online anonymity would seriously threaten legitimate anonymous speech, as my TLF colleagues Ryan Radia and Adam Thierer have pointed out.  Schwartz is probably correct that part of the answer to the problem of trolling and other serious malwebolences lies in equipping law enforcement at all levels with, and training them to use, the basic tools already available to “pierce the veil” of online anonymity and prosecute truly bad actors under existing laws.  But Schwartz is also right to highlight the danger of relying on government to enforce even existing laws, and to take on responsibility for monitoring online activity.

But like most commentators, Schwartz seems to assume that the enforcement of existing laws is solely the province of the “law enforcement” community (police, prosecutors and government investigators).  To be sure, there are a variety of state and federal laws criminalizing certain acts of “malwebolence.”  But those who find themselves victimized online generally have recourse to bring a lawsuit on their own (a “private right of enforcement”) under well-established causes of action under tort law–a crucial part of the “free system of government” lauded by Agnew.

Specifically, such a plaintiff may bring a defamation claim (“libel” if written, “slander” if oral) or one of the four categories of privacy claims that have emerged since 1890, defined by the magisterial Second Restatement of Torts as follows:

(a)  unreasonable intrusion upon the seclusion of another;
(b)  appropriation of the other’s name or likeness;
(c)  unreasonable publicity given to the other’s private life; or
(d)  publicity that unreasonably places the other in a false light before the public.

If the defendant is known, pursuing such claims is common-place.  The obstacle facing plaintiffs who do not know the legal identity of those who may have defamed them or intruded upon their privacy is the same facing law enforcement:  to “subpoena sites and Internet service providers [and other intermediaries] to learn the original author’s IP address, and from there, his legal identity.”  Such “third party subpoenas” are a vital part of the solution to the problem of malwebolence:  By enabling lawsuits under established causes of action against even anonymous defendants, they provide a real remedy to true victims.  The use of such subpoenas does not require finding new appropriations for “law enforcement,” new privacy laws or re-thinking Section 230’s grant of broad immunity to online intermediaries–a policy prescription that has gathered momentum in recent years.

For example, Daniel Solove has argued in his book The Future of Reputation that Section 230 should be re-interpreted:

to grant immunity only before the operator of a website is alerted that something posted there by another violates somebody’s privacy or defames her.  If the operator of a website becomes aware of the problematic material on the site, yet doesn’t remove it, then the operator could be liable.

Frank Pasquale has argued that we ought to require Internet search engines to provide a “right of reply”–allowing someone to post a “reply” that would appear on a search engine next to content concerning them that they consider inaccurate or defamatory (essentially the “fairness doctrine” applied online).   Others (one example) have argued for replacing Section 230 with something akin to the notice-and-takedown regime of copyright so that publishers’ immunity would be contingent on compliance with takedown notices.  But Mark Lemley, an internet law guru who is representing the plaintiffs in the Autoadmit case, has argued that Section 230 should instead be “rationalized” along with other Internet safe harbors under a unified safe harbor drawn from current trademark law:  “innocent infringers” would have immunity and would not be required to take down allegedly defamatory content, but plaintiffs could get courts to issue injunctions requiring intermediaries to take down content.  What unites advocates of all these proposals is that, like Schwartz, they downplay or ignore the effectiveness of existing tort remedies and third-party subpoenas.

Indeed, if the public is aware of third party subpoenas at all, it is probably only because of their use by copyright-holders in attempting to identify those caught using peer-to-peer software to share copyright materials.  Whatever one’s opinions on copyright and of the recording industry’s enforcement strategy, it is safe to say that the overall impression created by such lawsuits against users has been less than favorable.  Regardless, these lawsuits have established an effective legal process for identifying anonymous defendants.  While we can expect that this process–and the safeguards that accompany it–will continue to evolve, it is critical to appreciate the basics of how the third party subpoena process works if one is to evaluate the policy arguments raised by articles like Schwartz’s.

The infamous Autoadmit.com case provides a clear illustration of how this proces works and the evolving safeguards for anonymous speech.  As summarizes the case–and its most recent development:

“Women named Jill and Hillary should be raped.” Those are the words of “AK-47” — a poster to the college-admissions web forum AutoAdmit.com. AK-47 was one of a handful of students heaping misogynist scorn on women attending the nations’ top law schools in 2007, in posts so vile they spurred a national debate on the limits of online anonymity, and an unprecedented federal lawsuit aimed at unmasking and punishing the posters. Now lawyers for two female Yale Law School students have ascertained AK-47’s real identity, along with the identities of other AutoAdmit posters, who all now face the likely publication of their names in court records — potentially marking a death sentence for the comment trolls’ budding legal careers even before the case has gone to trial.

The plaintiff law students in this case originally sued Autoadmit.com and its operator in a Connecticut Federal District Court, but eventually removed them as plaintiffs in recognition of the fact that Section 230 immunizes them from liability.  But Section 230 did not stop them from suing those who had defamed them anonymously on Autoadmit.com.  And third party subpoenas have since made it possible for the plaintiffs to uncover the identity of most of those defendants.

The Process.  The procedure, made possible by Federal Rule of Civil Procedure 45, is relatively straight-forward:  A plaintiff brings a lawsuit against a John or Jane Doe(s), a pseuodymous defendant whose identify is as yet unknown.  The lawsuit must clearly state the facts, cause(s) of action and remedy sought–just as with any lawsuit (see the Autoadmit complaint, for example).

Having filed such a lawsuit, the plaintiffs may then have a court issue subpoenas (subject to certain limitations) under FRCP 45 to parties who may have identifying information about the identity of the defendants.  For example, if the plaintiff has the IP address associated with a defamatory blog comment, one can subpoena the ISP for further identifying information about that user.  There may be several steps to the process:  for example, Autoadmit might disclose under subpoena an email address, leading to a subpoena to a webmail provider and ultimately a subpoena to an ISP.  Once the John/Jane Doe has been identified, the lawsuit can proceed.

The Safeguards.  In the Autoadmit case, one of the John Does did indeed file under FRCP 45 a “motion to quash” a subpoena to AT&T by which the plaintiffs sought the disclosure of identifying information about the John Doe.  Plaintiffs, of course, opposed the motion, and the Court ultimately denied the motion.  The Court’s discussion (pp 6-13) is instructive for those wondering just how the First Amendment would protect anonymity when a plaintiff seeks to force an Internet intermediary to disclose identifying information about an anonymous speaker.

At least since the Supreme Court’s 1958 decision in NAACP v. Alabama ex rel. Patterson, the First Amendment has limited the ability of courts to order the disclosure of identifying information (in that case, the NAACP’s membership list).  Since then, U.S. courts have developed a two-part balancing test that” ensures that:

the First Amendment rights of anonymous Internet speakers are not lost unnecessarily, and that plaintiffs do not use discovery to “harass, intimidate or silence critics in the public forum opportunities presented by the Internet.”

Understanding the way in which the Autoadmit.com court applied that test is critical to understanding how courts might balance privacy with free speech in the future:

First, the Court should consider whether the plaintiff has undertaken efforts to notify the anonymous posters that they are the subject of a subpoena and withheld action to afford the fictitiously named defendants a reasonable opportunity to file and serve opposition to the In this case, the plaintiffs have satisfied this factor by posting notice regarding the subpoenas on AutoAdmit … which allowed the posters ample time to respond, as evidenced by Doe 21’s [motion to quash]. Second, the Court should consider whether the plaintiff has identified and set forth the exact statements purportedly made by each anonymous poster that the plaintiff alleges constitutes actionable speech.  Doe II has identified the allegedly actionable statements by AK47/Doe 21: the first such statement is “Alex Atkind, Stephen Reynolds, [Doe II], and me: GAY LOVERS;” and the second such statement is ““Women named Jill and Doe II should be raped….” The Court should also consider the specificity of the discovery request and whether there is an alternative means of obtaining the information called for in the subpoena.  Here, the subpoena sought, and AT&T provided, only the name, address, telephone number, and email address of the person believed to have posted defamatory or otherwise tortious content about Doe II on AutoAdmit, and is thus sufficiently specific. Furthermore, there are no other adequate means of obtaining the information because AT&T’s subscriber data is the plaintiffs’ only source regarding the identity of AK47. Similarly, the Court should consider whether there is a central need for the subpoenaed information to advance the plaintiffs’ claims.   Here, clearly the defendant’s identity is central to Doe II’s pursuit of her claims against him. Next, the Court should consider the subpoenaed party’s expectation of privacy at the time the online material was posted.  Doe 21’s expectation of privacy here was minimal because AT&T’s Internet Services Privacy Policy states, in pertinent part: “We may, where permitted or required by law, provide personal identifying information to third parties. . . without your consent. . . To comply  with court orders, subpoenas, or other legal or regulatory requirements.” Thus, Doe 21 has little expectation of privacy in using AT&T’s service to engage in tortious conduct that would subject him to discovery under the federal rules. Finally, and most importantly, the Court must consider whether the plaintiffs have made an adequate showing as to their claims against the anonymous defendant.

The court noted that there is a range of competing standards for this last prong, but dismissed those standards most deferential to the plaintiff–requiring only that the plaintiff show a “good faith basis” to contend it may have an actionable cause or that there is “probable cause” for a claim–as “set[ting] the threshold for disclosure too low to adequately protect the First Amendment rights of anonymous defendants.”  The court also dismissed other standards very favorable to the defendant, such as requiring plaintiffs to show their claims could withstand a motion for summary judgment, noting the obvious point that “it would be impossible to meet this standard for any cause of action which required evidence within the control of the defendant.”  Ultimately, the court settled on the standard requiring the plaintiffs to “make a concrete showing as to each element of a prima facie case against the defendant” as striking, “the most appropriate balance between the First Amendment rights of the defendant and the interest in the plaintiffs of pursuing their claims, ensuring that the plaintiff is not merely seeking to harass or embarrass the speaker or stifle legitimate criticism.”

While Solove, Pasquale and others would make it far easier for a victim to require an online intermediary to take down content that truly defames them or invades their privacy–or to rein in a troll posting such content–relying on existing tort law of course requires that a victim actually file a website and third-party subpoenas.  Those who demand changes to Section 230 will likely argue that this is too burdensome and costly to be an effective remedy for a widespread problem.  But, again, one must ask how widespread that problem really is before leaping to conclusions about what kind of remedies are required.  As UCLA law professor and Internet law guru Eugene Volokh noted in the Yale Daily News’ coverage of this story, even a small number of lawsuits like Autoadmit “might remind some potential would-be defamers that their anonymity may not be secure.”  One wonders whether the trolls described by Schwartz would really be so brazen if more of their coven were unmasked and sued.

One obvious advantage of relying on the combination of tort law and third party subpoenas is that requiring the actual filing of a lawsuit minimizes the problem of Internet users attempting to squelch legitimate speech–for example, by sending frivolous take-down notices to intermediaries, a serious problem in the copyright context.  Those truly concerned with protecting anonymous speech should take a far greater interest in the balancing test chosen by courts following in Autoadmit‘s footsteps.  Marc Randazza, former counsel for Autoadmit administrator Anthony Ciolli, summarized the the balance struck by the court as follows:  “If you’re doing right, the First Amendment will protect you,” Randazza said. “If you’re doing wrong, it won’t.”

Much more could be said about third-party subpoenas, but it cannot be said that the law does not already provide every American with a remedy against the trolls identified by Schwartz, the villains of the Autoadmit case or other “disrupters of the systems.”  Any inquiry into whether we need new laws or regulations should begin by looking at the processes described above.