Posts tagged as:

IoT paperThe Mercatus Center at George Mason University has just released my latest working paper, “The Internet of Things and Wearable Technology: Addressing Privacy and Security Concerns without Derailing Innovation.” The “Internet of Things” (IoT) generally refers to “smart” devices that are connected to both the Internet and other devices. Wearable technologies are IoT devices that are worn somewhere on the body and which gather data about us for various purposes. These technologies promise to usher in the next wave of Internet-enabled services and data-driven innovation. Basically, the Internet will be “baked in” to almost everything that consumers own and come into contact with.

Some critics are worried about the privacy and security implications of the Internet of Things and wearable technology, however, and are proposing regulation to address these concerns. In my new 93-page article, I explain why preemptive, top-down regulation would derail the many life-enriching innovations that could come from these new IoT technologies. Building on a recent book of mine, I argue that “permissionless innovation,” which allows new technology to flourish and develop in a relatively unabated fashion, is the superior approach to the Internet of Things.

As I note in the paper and my earlier book, if we spend all our time living in fear of the worst-case scenarios — and basing public policies on them — then best-case scenarios can never come about. As the old saying goes: nothing ventured, nothing gained. Precautionary principle-based regulation paralyzes progress and must be avoided.  We instead need to find constructive, “bottom-up” solutions to the privacy and security risks accompanying these new IoT technologies instead of top-down controls that would limit the development of life-enriching IoT innovations. Continue reading →

On Thursday, it was my great pleasure to present a draft of my forthcoming paper, “The Internet of Things & Wearable Technology: Addressing Privacy & Security Concerns without Derailing Innovation,” at a conference that took place at the Federal Communications Commission on “Regulating the Evolving Broadband Ecosystem.” The 3-day event was co-sponsored by the American Enterprise Institute and the University of Nebraska College of Law.

The 65-page working paper I presented is still going through final peer review and copyediting, but I posted a very rough first draft on SSRN for conference participants. I expect the paper to be released as a Mercatus Center working paper in October and then I hope to find a home for it in a law review. I will post the final version once it is released. [UPDATE:The final version of this working paper was released on November 19, 2014.]

In the meantime, however, I thought I would post the 46 slides I presented at the conference, which offer an overview of the nature of the Internet of Things and wearable technology, the potential economic opportunities that exist in this space, and the various privacy and security challenges that could hold this technological revolution back. I also outlined some constructive solutions to those concerns. I plan to be very active on these issues in coming months.

Continue reading →

GMLR coverI’m pleased to announce the release of my latest law review article, “A Framework for Benefit-Cost Analysis in Digital Privacy Debates.” It appears in the new edition of the George Mason University Law Review. (Vol. 20, No. 4, Summer 2013)

This is the second of two complimentary law review articles I am releasing this year dealing with privacy policy. The first, “The Pursuit of Privacy in a World Where Information Control is Failing,” was published in Vol. 36 of the Harvard Journal of Law & Public Policy this Spring. (FYI: Both articles focus on privacy claims made against private actors — namely, efforts to limit private data collection — and not on privacy rights against governments.)

My new article on benefit-cost analysis in privacy debates makes a seemingly contradictory argument: benefit-cost analysis (“BCA”) is extremely challenging in online child safety and digital privacy debates, yet it remains essential that analysts and policymakers attempt to conduct such reviews. While we will never be able to perfectly determine either the benefits or costs of online safety or privacy controls, the very act of conducting a regulatory impact analysis (“RIA”) will help us to better understand the trade-offs associated with various regulatory proposals. Continue reading →

HJLPP coverI’m excited to announce the release of my latest law review article, “The Pursuit of Privacy in a World Where Information Control is Failing,” which appears in the next edition (vol. 36) of the Harvard Journal of Law & Public Policy. This is the first of two complimentary law review articles that I will be releasing this year dealing with privacy policy. The second, which will be published later this summer by the George Mason University Law Review, is entitled, “A Framework for Benefit-Cost Analysis in Digital Privacy Debates.” (FYI: Both articles focus on privacy claims made against private actors — namely, efforts to limit private data collection — and not on privacy rights against governments.)

The new Harvard Journal article is divided into three major sections. Part I focuses on some of normative challenges we face when discussing privacy and argues that there may never be a widely accepted, coherent legal standard for privacy rights or harms here in the United States. It also explores the tensions between expanded privacy regulation and online free speech. Part II turns to the many enforcement challenges that are often ignored when privacy policies are being proposed or formulated and argues that legislative and regulatory efforts aimed at protecting privacy must now be seen as an increasingly intractable information control problem. Most of the problems policymakers and average individuals face when it comes to controlling the flow of private information online are similar to the challenges they face when trying to control the free flow of digitalized bits in other information policy contexts, such as online safety, cybersecurity, and digital copyright.

If the effectiveness of law and regulation is limited by the normative considerations discussed in Part I and the practical enforcement complications discussed in Part II, what alternatives remain to assist privacy-sensitive individuals? I address that question in Part III of the paper and argue that the approach America has adopted to deal with concerns about objectionable online speech and child safety offers a path forward on the privacy front as well. Continue reading →

It’s well known now that a long-simmering contest for control of the Cato Institute has bubbled over. On the last day of February, Charles and David Koch filed a lawsuit against the widow of former Cato chairman Bill Niskanen, Cato president Ed Crane, and Cato itself seeking to have Niskanen’s shares returned to Cato or granted to the remaining shareholders under the terms of a shareholder agreement. This would give the Kochs (one of whom participated in the founding of Cato) majority ownership, allowing them to elect a majority of Cato’s board. It would also position them to extinguish Crane’s shares so as to gain 100% control.

Cato disputes the Kochs legal positions, and it believes that their success “would swiftly and irrevocably damage the Cato Institute’s credibility as a non-partisan, independent advocate for free markets, individual liberty, and peace.”

The quote just above is from Cato’s “Save Cato” web page, but the more interesting commentary has been scattered by Cato staff and leadership across various blogs and outlets (e.g., Jerry Taylor, Gene Healy, Jason Kuznicki, Julian Sanchez, Jonathan Blanks, Justin Logan, Trevor Burris, Michael Cannon). There has been lots of commentary from many quarters, of course, led by Jonathan Adler at the Volokh Conspiracy. Really, there’s too much commentary to list.

A Facebook page dedicated to “saving” Cato has zoomed past 5,000 supporters.

Now it’s my turn. Putting my thoughts here on TLF is a stretch because I won’t be talking about tech. Think of this as the “liberation” part of Tech Liberation Front. The reason many of my colleagues and I do what we do here is because of both Ed Crane and the Kochs, and the institutions they have built and nurtured. Now these giants in the modern liberty movement are fighting.

That’s a shame for a lot of reasons. There is the overall cause of freedom, of course, our part of which is side-tracked and sullied by the dispute. We Catoites love what we do, fighting for freedom backed by thousands of highly engaged supporters. But don’t go all analytical and forget the hundred-plus Cato staff whose livelihoods and careers are under a cloud. That’s concerning and frustrating, especially for the people with children. Once or twice, I’ve let my colleagues know when I found their arguments overwrought. That personal dimension might be why.

Yes, Cato people are people. And so are Koch people. This is important to surface as part of the theme I want to focus on: miscalculation. Continue reading →

I like this new document about guarding your online reputation that has just been jointly published by Reputation Defender and the Internet Keep Safe Coalition (iKeepSafe). They list these “3 Key Tips for Parents” for how to deal with concerns about their children’s online safety, privacy, and reputation:

1. Keep Current with Technology: Talk to teachers about what forms of Internet safety tools they implement in computer labs and technology classes, consider these safety tools for home use, and stay up-to-date on the capabilities of any mobile devices your child may have. 2. Keep Communicating with Your Kids: Find out who your child talks to online, educate your kids about the permanence of any “digital footprints” they leave behind, limit the use of social networks, and make it a habit to engage your kids in critical conversation—the more you talk to your kids about their online usage, the more they will learn to use digital products in a safe and healthy manner. 3. Keep Checking Your Kid’s Internet Activity: Keep computers in a central public location, check your child’s browsing histories, and limit your child’s computer time—there’s a whole world of outdoor and offline activities where they should be involved!

All good advice. I especially like their focus on getting parents to communicate early and often with their kids. It’s something I have beat the drum about quite a bit in my own work on the subject. Continue reading →

I’m reading a couple of interesting books right now [see my Shelfari list here] including Guarding Life’s Dark Secrets: Legal and Social Controls over Reputation, Propriety, and Privacy by Lawrence Friedman of the Stanford School of Law.  The book examines the legal and social norms governing privacy, reputation, sex, and morals over the past two centuries.  It’s worth putting on your reading list. [Here’s a detailed review by Neil Richards.]  I might pen a full review later but for now I thought I would just snip this passage from the concluding chapter:

In an important sense, privacy is a modern invention. Medieval people had no concept of privacy.  They also had no actual privacy. Nobody was ever alone. No ordinary person had private space.  Houses were tiny and crowded.  Everyone was embedded in a face-to-face community. Privacy, as idea and reality, is the creation of a modern bourgeois society.  Above all, it is a creation of the nineteenth century.  In the twentieth century it became even more of a reality. [p. 258]

In a time when amorphous “rights” to privacy seem to be multiplying like wildflowers, this is an important insight from Friedman.  In my opinion, many of the creative privacy theories being concocted today are often based on false nostalgia about some forgotten time in the past when we supposedly all had our own little quiet spaces that were completely free from privacy intrusions.  But as Friedman makes clear, this is largely a myth.  It’s not to say that there aren’t legitimate issues out there today.  But it’s important that we place modern privacy issues in a larger historical context and understand how many of today’s concerns pale in comparison to the problems of the past.

[Note: If you’re interested in this topic, you’ll also want to read Daniel Solove’s The Future of Reputation: Gossip, Rumor, and Privacy on the Internet.  Also, here’s Jim Harper’s review of it.]

Solove Understanding Privacy book coverWith the publication of Understanding Privacy (Harvard University Press 2008), George Washington University Law School professor Daniel J. Solove has firmly established himself as one of America’s leading intellectuals in the field of information policy and cyberlaw.  Solove had already made himself a force to be reckoned with in this field with the publication of important books like The Future of Reputation: Gossip, Rumor, and Privacy on the Internet (Yale University Press 2007), The Digital Person: Technology and Privacy in the Information Age (NYU Press 2004) and his treatise on Information Privacy Law with Paul M. Schwartz of the Berkeley School of Law (Aspen Publishing, 2d ed. 2006).  But with Understanding Privacy, Solove has now elevated himself to that rarefied air of “people worth watching” in the cyberlaw field; an intellectual — like Lawrence Lessig or Jonathan Zittrain — whose every publication becomes something of an event in the field to which all eyes turn upon release.

Like those other intellectuals, however, my respect for their stature should not be confused with agreement with their positions.  In fact, my disagreements with Lessig and Zittrain are frequently on display here and, we have been critical of Solove here in the past as well. [Here’s Jim Harper’s review of Solove’s last book, with which I am in wholehearted agreement.]  In a similar vein, although I greatly appreciate what Prof. Solove attempts to accomplish in Understanding Privacy — and I am sure it will change the way we conceptualize and debate privacy policy in the future — I found his approach and conclusions highly problematic.

Continue reading →