“The quickest way to find out who your enemies are is to try doing something new.” Thus begins Innovation and Its Enemies, an ambitious new book by Calestous Juma that will go down as one of the decade’s most important works on innovation policy.
Juma, who is affiliated with the Harvard Kennedy School’s Belfer Center for Science and International Affairs, has written a book that is rich in history and insights about the social and economic forces and factors that have, again and again, lead various groups and individuals to oppose technological change. Juma’s extensive research documents how “technological controversies often arise from tensions between the need to innovate and the pressure to maintain continuity, social order, and stability” (p. 5) and how this tension is “one of today’s biggest policy challenges.” (p. 8)
What Juma does better than any other technology policy scholar to date is that he identifies how these tensions develop out of deep-seated psychological biases that eventually come to affect attitudes about innovations among individuals, groups, corporations, and governments. “Public perceptions about the benefits and risks of new technologies cannot be fully understood without paying attention to intuitive aspects of human psychology,” he correctly observes. (p. 24) Continue reading →
On May 3rd, I’m excited to be participating in a discussion with Yale University bioethicist Wendell Wallach at the Microsoft Innovation & Policy Center in Washington, DC. (RSVP here.) Wallach and I will be discussing issues we write about in our new books, both of which focus on possible governance models for emerging technologies and the question of how much preemptive control society should exercise over new innovations.
Of all the books of technological criticism or skepticism that I’ve read in recent years—and I have read stacks of them!—
A Dangerous Master is by far the most thoughtful and interesting. I have grown accustomed to major works of technological criticism being caustic, angry affairs. Most of them are just dripping with dystopian dread and a sense of utter exasperation and outright disgust at the pace of modern technological change.
Although he is certainly concerned about a wide variety of modern technologies—drones, robotics, nanotech, and more—Wallach isn’t a purveyor of the politics of panic. There are some moments in the book when he resorts to some hyperbolic rhetoric, such as when he frets about an impending “techstorm” and the potential, as the book’s title suggests, for technology to become a “dangerous master” of humanity. For the most part, however, his approach is deeper and more dispassionate than what is found in the leading tracts of other modern techno-critics.
The Mercatus Center at George Mason University has just released my latest working paper, “The Internet of Things and Wearable Technology: Addressing Privacy and Security Concerns without Derailing Innovation.” The “Internet of Things” (IoT) generally refers to “smart” devices that are connected to both the Internet and other devices. Wearable technologies are IoT devices that are worn somewhere on the body and which gather data about us for various purposes. These technologies promise to usher in the next wave of Internet-enabled services and data-driven innovation. Basically, the Internet will be “baked in” to almost everything that consumers own and come into contact with.
Some critics are worried about the privacy and security implications of the Internet of Things and wearable technology, however, and are proposing regulation to address these concerns. In my new 93-page article, I explain why preemptive, top-down regulation would derail the many life-enriching innovations that could come from these new IoT technologies. Building on a recent book of mine, I argue that “permissionless innovation,” which allows new technology to flourish and develop in a relatively unabated fashion, is the superior approach to the Internet of Things.
As I note in the paper and my earlier book, if we spend all our time living in fear of the worst-case scenarios — and basing public policies on them — then best-case scenarios can never come about. As the old saying goes: nothing ventured, nothing gained. Precautionary principle-based regulation paralyzes progress and must be avoided. We instead need to find constructive, “bottom-up” solutions to the privacy and security risks accompanying these new IoT technologies instead of top-down controls that would limit the development of life-enriching IoT innovations. Continue reading →
On Thursday, it was my great pleasure to present a draft of my forthcoming paper, “The Internet of Things & Wearable Technology: Addressing Privacy & Security Concerns without Derailing Innovation,” at a conference that took place at the Federal Communications Commission on “Regulating the Evolving Broadband Ecosystem.” The 3-day event was co-sponsored by the American Enterprise Institute and the University of Nebraska College of Law.
The 65-page working paper I presented is still going through final peer review and copyediting, but I posted a very rough first draft on SSRN for conference participants. I expect the paper to be released as a Mercatus Center working paper in October and then I hope to find a home for it in a law review. I will post the final version once it is released. [UPDATE:The final version of this working paper was released on November 19, 2014.]
In the meantime, however, I thought I would post the 46 slides I presented at the conference, which offer an overview of the nature of the Internet of Things and wearable technology, the potential economic opportunities that exist in this space, and the various privacy and security challenges that could hold this technological revolution back. I also outlined some constructive solutions to those concerns. I plan to be very active on these issues in coming months.
This is the second of two complimentary law review articles I am releasing this year dealing with privacy policy. The first, “The Pursuit of Privacy in a World Where Information Control is Failing,” was published in Vol. 36 of the Harvard Journal of Law & Public Policy this Spring. (FYI: Both articles focus on privacy claims made against private actors — namely, efforts to limit private data collection — and not on privacy rights against governments.)
My new article on benefit-cost analysis in privacy debates makes a seemingly contradictory argument: benefit-cost analysis (“BCA”) is extremely challenging in online child safety and digital privacy debates, yet it remains essential that analysts and policymakers attempt to conduct such reviews. While we will never be able to perfectly determine either the benefits or costs of online safety or privacy controls, the very act of conducting a regulatory impact analysis (“RIA”) will help us to better understand the trade-offs associated with various regulatory proposals. Continue reading →
Ajit Pai, a Republican commissioner at the Federal Communications Commission (FCC), had an outstanding op-ed in the L.A. Times yesterday about state and local efforts to regulate private taxi or ride-sharing services such as Uber, Lyft, and Sidecar. “Ever since Uber came to California,” Pai notes, “regulators have seemed determined to send Uber and companies like it on a one-way ride out of the Golden State.” Regulators have thrown numerous impediments in their way in California as well as in other states and localities (including here in Washington, D.C.). Pai continues on to discuss how, sadly, “tech start-ups in other industries face similar burdens”:
For example, Square has created a credit card reader for mobile devices. Small businesses love Square because it reduces costs and is convenient for customers. But some states want a piece of the action. Illinois, for example, has ordered Square to stop doing business in the Land of Lincoln until it gets a money transmitter license, even though the money flows through existing payment networks when Square processes credit cards. If Square had to get licenses in the 47 states with such laws, it could cost nearly half a million dollars, an extraordinary expense for a fledgling company.
He also notes that “Obstacles to entrepreneurship aren’t limited to the tech world”:
Across the country, restaurant associations have tried to kick food trucks off the streets. Auto dealers have used franchise laws to prevent car company Tesla from cutting out the middleman and selling directly to customers. Professional boards, too, often fiercely defend the status quo, impeding telemedicine by requiring state-by-state licensing or in-person consultations and even restricting who can sell tooth-whitening services.
What’s going on here? It’s an old and lamentable tale of incumbent protectionism and outright cronyism, Pai notes: Continue reading →
I’m excited to announce the release of my latest law review article, “The Pursuit of Privacy in a World Where Information Control is Failing,” which appears in the next edition (vol. 36) of the Harvard Journal of Law & Public Policy. This is the first of two complimentary law review articles that I will be releasing this year dealing with privacy policy. The second, which will be published later this summer by the George Mason University Law Review, is entitled, “A Framework for Benefit-Cost Analysis in Digital Privacy Debates.” (FYI: Both articles focus on privacy claims made against private actors — namely, efforts to limit private data collection — and not on privacy rights against governments.)
The new
Harvard Journal article is divided into three major sections. Part I focuses on some of normative challenges we face when discussing privacy and argues that there may never be a widely accepted, coherent legal standard for privacy rights or harms here in the United States. It also explores the tensions between expanded privacy regulation and online free speech. Part II turns to the many enforcement challenges that are often ignored when privacy policies are being proposed or formulated and argues that legislative and regulatory efforts aimed at protecting privacy must now be seen as an increasingly intractable information control problem. Most of the problems policymakers and average individuals face when it comes to controlling the flow of private information online are similar to the challenges they face when trying to control the free flow of digitalized bits in other information policy contexts, such as online safety, cybersecurity, and digital copyright.
If the effectiveness of law and regulation is limited by the normative considerations discussed in Part I and the practical enforcement complications discussed in Part II, what alternatives remain to assist privacy-sensitive individuals? I address that question in Part III of the paper and argue that the approach America has adopted to deal with concerns about objectionable online speech and child safety offers a path forward on the privacy front as well. Continue reading →
Stephanie Clifford of the
New York Times posted a very interesting article this week summarizing a recent “on-the-record chat” the Times staff had with Federal Trade Commission (FTC) chairman Jon Leibowitz and FTC Bureau of Consumer Protection chief David Vladeck. The interview [discussed by Braden here] is profoundly important in that it reveals an alarming disconnect regarding the relationship between “privacy” regulation and the future of media, which were the subjects of their discussion with Times staff. Namely, Leibowitz and Vladeck apparently fail to appreciate how the delicate balance between commercial advertising and journalism is at risk precisely because of the sort of regulations they apparently are ready to adopt. Because the value of online advertising depends on data about its effectiveness and consumers’ likely interests, and because advertising is indispensable to funding media, what’s ultimately at stake here is nothing short of the future of press freedom.
The “Day of Reckoning” Is Upon Us
Leibowitz and Vladeck spend the first half of
The Times interview wringing their hands about “privacy policies,” the declarations made by websites and advertising networks about their data collection and use practices (for which the FTC can and must hold them accountable). But the two feel that privacy policies don’t adequately inform consumers. Chairman Leibowitz claims that online companies “haven’t given consumers effective notice, so they can make effective choices.” And Mr. Vladeck states that advise-and-consent models “depended on the fiction that people were meaningfully giving consent.” But he and the FTC seem ready to abandon the notice and choice model because the “literature is clear” that few people read privacy policies, Vladeck told the Times. He and Leibowitz continue:
“Philosophically, we wonder if we’re moving to a post-disclosure era and what that would look like,” Mr. Vladeck said. “What’s the substitute for it?” He said the commission was still looking into the issue, but it hoped to have an answer by June or July, when it plans to publish a report on the subject. Mr. Leibowitz gave a hint as to what might be included: “I have a sense, and it’s still amorphous, that we might head toward opt-in,” Mr. Leibowitz said.
This clearly foreshadows the regulatory endgame we have long suspected was coming. When the FTC released its “Self-Regulatory Principles for Online Behavioral Advertising” eleven months ago, we asked: “What’s the Harm & Where Are We Heading?” Their answers to both questions have become clearer with each new calculated comment—all apparently intended to slowly “turn up the heat” on the advertising industry so that the proverbial frog will stay in the pot until the water finally boils. Leibowitz’s FTC has simply dodged the “harm” question with a four-part strategy: Continue reading →
“Schools in Beijing are quietly removing the Green Dam filter, which was required for all school computers in July, due to complaints over problems with the software,” notes this Reuters report. Even though China backed down on their earlier requirement to have the Green Dam filter installed on all computers, according to Reuters “schools were still ordered by the Ministry of Industry and Information Technology to install the web filter, which Chinese officials said would block pornography and other unhealthy content.” The Reuters article mentions a notice carried on the home page of one Beijing high school that reads: “We will remove all Green Dam software from computers in the school as it has strong conflicts with teaching software we need for normal work.” The article also cites a school technology director, who confirmed that the software had been taken off most computers, as saying “It has seriously influenced our normal work.”
Ironically, many educators and librarians in the United States can sympathize since they currently live under similar requirements. Under the Children’s Internet Protection Act (CIPA) of 2000, publicly funded schools and libraries must implement a mandatory filtering scheme or run the risk of losing their funding. As the Federal Communications Commission summarizes:
[CIPA] imposes certain types of requirements on any school or library that receives funding for Internet access or internal connections from the E-rate program… Schools and libraries subject to CIPA may not receive the discounts offered by the E-rate program unless they certify that they have an Internet safety policy and technology protection measures in place. An Internet safety policy must include technology protection measures to block or filter Internet access to pictures that are: (a) are obscene, (b) child pornography, or (c) harmful to minors (for computers that are accessed by minors).
Of course, nobody wants kids viewing porn in schools, but CIPA has been know the block far more than that and has become a real pain for many educators, librarians, and school administrators who have to occasionally get around these filters to teach their students about legitimate subjects. Anyway, I just find it ironic that some American lawmakers have been making a beef about mandatory Internet filtering by the Chinese when we have our own mandatory filtering regime right here in the states. For example, Continue reading →
Last year, my PFF colleague Adam Thierer asked whether State AGs + NCMEC = The Net’s New Regulators? Adam noted that NCMEC, the National Center for Missing and Exploited Children, a private non-profit organization, was playing a law enforcement role in regulating child pornography—but without any clear mechanisms for ensuring its accountability and effectiveness. Adam’s point wasn’t just that transparency is a good thing, but that when it comes to a cause as important as protecting children from exploitation, it’s vital to ensuring that we’re that we’re actually doing a good job at it!
Yesterday, Emmanuel Lazaridis commented on that post:
Given the increasing regulatory and investigative powers of the NCMEC, it is no longer clear whether or not the [Freedom of Information Act] applies to NCMEC records. We are about to find out. I am right now bringing a case against the NCMEC in federal court for access to records under the FOIA and, failing that, for discovery under 28 U.S.C. § 1782(a).
Mr. Lazaridis’s complaint in the D.C. District Court claims that Lazaridis (a Greek national) has been unfairly deemed a fugitive from U.S. justice for having taken his daughter to Greece over the objections of the girl’s American mother, Lazaridis’s ex-wife. NCMEC got involved by placing the girl on their MissingKids.com registry of abducted children. Lazaridis wants the court to recognize his custody, deem him not to be a fugitive, and to order NCMEC to turn over all their records on the girl.
This is, of course, just one side of the story (and such cases are usually so complicated as to be indecipherable to outsiders). But even if Lazaridis’s case were wholly without merit, his basic argument would be a sound one: Why shouldn’t NCMEC, in exercising any of its essentially governmental functions, be subject to the same accountability requirements through FOIA as the FBI would be?
When the issue is the Lazaridis family’s trans-Atlantic custody battle, it may seem easy to ignore this question. But when NCMEC is essentially making policy regarding filtering Internet content, blacklistingwebsites, turning over user logs to law enforcement, or “cleaning up” Craigslist, the question of NCMEC’s accountability under FOIA cannot be avoided as a critical decision about the future of Internet governance. Continue reading →
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology. Learn more about TLF →
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.