Ladar Levison, founder of encrypted email service Lavabit, discusses recent government action that led him to shut down his firm. When it was suspected that NSA whistleblower Edward Snowden used Lavabit’s email service, the FBI issued a National Security Letter ordering Levison to hand over SSL keys, jeopardizing the privacy of Lavabit’s 410,000 users. Levison discusses his inspiration for founding Lavabit and why he chose to suspend the service; how Lavabit was different from email services like Gmail; developments in his case and how the Fourth Amendment has come into play; and his involvement with the recently-formed Dark Mail Technical Alliance.
Download
Related Links
Last week on his personal blog, Peter Fleischer, Global Privacy Counsel for Google, posted an interesting essay entitled “We Need a Better, Simpler Narrative of US Privacy Laws.” Fleischer says that Europe has done a better job marketing its privacy regime to the world than the United States and argues that “The US has to figure out how to explain its privacy laws on the global stage” since “Europe is convincing many countries around the world to implement privacy laws that follow the European model.” He notes that “in the last year alone, a dozen countries in Latin America and Asia have adopted euro-style privacy laws [while] not a single country, anywhere, has followed the US model.” Fleischer argues that this has ramifications for long-term trade policy and global Internet regulation more generally.
I found this essay very interesting because I deal with some of these issues in my latest law review article, “The Pursuit of Privacy in a World Where Information Control is Failing” (Harvard Journal of Law & Public Policy, vol. 36, no. 2, Spring 2013). In the article, I suggest that the U.S. does have a unique privacy regime and it is one that is very similar in character to the regime that governs online child safety issues. Whether we are talking about online safety or digital privacy, the defining characteristics of the U.S. regime are that it is bottom-up, evolutionary, education-based, empowerment-focused, and resiliency-centered. It focuses on responding to safety and privacy harms after exhausting other alternatives, including market responses and the evolution of societal norms.
The EU regime, by contrast, is more top-down in character and takes a more static, inflexible view of privacy rights. It tries to impose a one-size-fits-all model on a diverse citizenry and it attempts to do so through heavy-handed data directives and ongoing “agency threats.” It is a regime that makes more sweeping pronouncements about rights and harms and generally recommends a “precautionary principle” approach to technological change in which digital innovation is more “permissioned.”
Put simply, the U.S. regime is
reactive in character while the E.U. regime is more preemptive. The U.S. system focuses on responding to safety and privacy problems using a more diverse toolbox of solutions, some of which are governmental in character while others are based on evolving social and market norms and responses. To be clear, law does enter the picture here in the U.S., but it does so in a very different way than it does in the E.U. Continue reading →
I have always found it strange that the ACLU speaks with two voices when it comes to user empowerment as a response to government regulation of the Internet. That is, when responding to government efforts to regulate the Internet for online safety or speech purposes, the ACLU stresses personal responsibility and user empowerment as the first-order response. But as soon as the conversation switches to online advertising and data collection, the ACLU suggests that people are basically sheep who can’t possibly look out for themselves and, therefore, increased Internet regulation is essential. They’re not the only ones adopting this paradoxical position. In previous essays I’ve highlighted how both EFF and CDT do the same thing. But let me focus here on ACLU.
Writing today on the ACLU “Free Future” blog, ACLU senior policy analyst Jay Stanley cites a new paper that he says proves “the absurdity of the position that individuals who desire privacy must attempt to win a technological arms race with the multi-billion dollar internet-advertising industry.” The new study Stanley cites says that “advertisers are making it impossible to avoid online tracking” and that it isn’t paternalistic for government to intervene and regulate if the goal is to enhance user privacy choices. Stanley wholeheartedly agrees. In this and other posts, he and other ACLU analysts have endorsed greater government action to address this perceived threat on the grounds that, in essence, user empowerment cannot work when it comes to online privacy.
Again, this represents a very different position from the one that ACLU has staked out and brilliantly defended over the past 15 years when it comes to user empowerment as the proper and practical response to government regulation of objectionable online speech and pornography. For those not familiar, beginning in the mid-1990s, lawmakers started pursuing a number of new forms of Internet regulation — direct censorship and mandatory age verification were the primary methods of control — aimed at curbing objectionable online speech. In case after case, the ACLU rose up to rightly defend our online liberties against such government encroachment. (I was proud to have worked closely with many former ACLU officials in these battles.) Most notably, the ACLU pushed back against the Communications Decency Act of 1996 (CDA) and the Child Online Protection Act of 1998 (COPA) and they won landmark decisions for us in the process. Continue reading →
The Parents Television Council (PTC) released a new report today entitled Women in Peril: A Look at TV’s Disturbing New Storyline Trend. The report argues that “by depicting violence against women with increasing frequency, or as a trivial, even humorous matter, the broadcast networks may ultimately be contributing to a desensitized atmosphere in which people view aggression and violence directed at women as normative, even acceptable,” said PTC President Tim Winter. As evidence the report cites… Nicole Kidman. OK, it cites more than Nicole Kidman, but the 7-page report and accompanying press release does seem to place a lot of stock in the fact that, while being questioning by a House Foreign Affairs subcommittee hearing about violence against women overseas, “Ms. Kidman conceded that Hollywood has probably contributed to violence against women by portraying them as weak sex objects, according to the Associated Press.” I’m not sure what Ms. Kidman was doing testifying before Congress on the matter of violence against women overseas — dare I suggest some congressmen were out for another photo-op with a Hollywood celeb? — but the better question is whether Ms. Kidman’s opinion has any bearing on the question of what relationship, if any, there is between televised violence and real-world violence against women. (Incidentally, if she really feels passionately about all this, is she prepared to go back and recut some of her old scenes in “Dead Calm,” “To Die For,” and “Eyes Wide Shut“?)
But let’s not nitpick about the credentials Ms. Kidman brings to the table or whether it makes any sense for PTC to elevate her opinions to proof of theory when it comes to a supposed connection between depictions of violence against women in film or television and real world acts of violence against women. PTC, however, suggests that’s exactly what is going on today. They allude to a few lab studies which are of the “monkey see, monkey do” variety — where the results of artificial lab experiments are used to claim that watching depictions of violence will turn us all into killing machines, rapists, robbers, or just plain ol’ desensitized thugs.
There’s just one problem with such studies, and the PTC report: Reality. Continue reading →
I’ll be heading to Oxford University this week to participate in an Oxford Internet Institute (OII) forum on the subject of “Child Protection, Free Speech and the Internet: Mapping the Territory and Limitations of Common Ground.” It’s being led by several experts from the OII as well as my good friends John Morris and Leslie Harris of the Center for Democracy & Technology (CDT). The aims of this forum are:
- To facilitate a dialogue between NGOs campaigning to protect respectively, child protection and children’s rights online, and freedom of speech and other civil liberties online.
- To promote a better understanding of each others’ positions, to share perspectives and information with a view to identifying areas of common ground and areas of disagreement.
- To identify any shared policy goals, and possible tools to support the achievement of those goals.
- To publicize the findings of the forum in international policy debates about Internet governance and regulation.
Conference participants were asked to submit a 2-3 pg summary of their views on a couple of questions that will be discussed at this event. I have listed those questions, and my answers, down below the fold. It’s my best attempt to date to succinctly outline my views about how to balance content concerns and free speech issues going forward. Continue reading →
Today I was invited to the Federal Communications Commission (FCC) to testify at one of the agency’s Broadband Working Group workshops. This particular workshop was on “Broadband Consumer Context,” which focused on “a range of challenges and opportunities as the internet becomes a focal point for commercial transactions, social networking, and a host of activities pertaining to information gathering and exchange.”
I was asked to address the issue of whether there is a relationship between online safety concerns and broadband uptake. In my testimony, I noted that, in my 15 years of research in this area, I have never unearthed any substantive empirical evidence suggesting a correlation between parental concerns about online activity and overall household broadband uptake. I have seen occasional anecdotal news stories discussing the concerns some parents have had about their kids online that led them to reject online connectivity, but these stories have been exceedingly rare (and I haven’t seen any in recent memory).
I also argued that I did not think it at all surprising that such anecdotes are harder to find, or that empirical evidence on this front seems non-existent. I argued that there were four logical explanations for why parental concerns about online safety haven’t “moved the broadband needle” much in the negative direction:
- Not every home has children present
- Parents use a variety of household media rules to control media & Internet usage
- A vibrant marketplace of parental control technologies exists
- Likely that most parents believe that the benefits of broadband outweigh the potential downsides
For all the details on each of those, read my entire testimony or check out the presentation embedded below that I made to the FCC today. Continue reading →
As anyone who has spent time searching for comments on the FCC’s website can tell you, the agency doesn’t exactly have the most user-friendly website. In the interest of making it easier for others to read the comments that came in last week in the agency’s “Child Safe Viewing Act” Notice of Inquiry, I have compiled all the major comments (those over 3 or 4 pages) and provided links to them below the fold.
Again, this proceeding was required under the “Child Safe Viewing Act of 2007,” which Congress passed last year and President Bush signed last December. The goal of the bill and the FCC’s proceeding (MB 09-26) is to study “advanced blocking technologies” that “may be appropriate across a wide variety of distribution platforms, including wired, wireless, and Internet platforms.” I filed 150+ pages worth of comments in this matter last week, and here’s my analysis of why this bill and the FCC’s proceeding are worth monitoring closely.
Continue reading →
Today I filed comments with the Federal Communications Commission (FCC) in its proceeding examining the marketplace for “advanced blocking technologies.” This proceeding was required under the “Child Safe Viewing Act of 2007,” which Congress passed last year and President Bush signed last December. The goal of the bill and the FCC’s proceeding (MB 09-26) is to study “advanced blocking technologies” that “may be appropriate across a wide variety of distribution platforms, including wired, wireless, and Internet platforms.” My colleagues will no doubt laugh about the fact that I have dropped an absurd 150 pages worth of comments on the FCC in this matter, but I had a lot to say on this topic! Parental controls, child safety, and free speech issues have been the focus of much of my research agenda over the past 10 years.
In my filing, I argue that the FCC should tread carefully in this matter since the agency has no authority over most of the media platforms and technologies described in the Commission’s recent Notice of Inquiry. Moreover, any related mandates or regulatory actions in in this area could diminish future innovation in this field and would violate the First Amendment rights of media creators and consumers alike. The other major conclusions of my filing are as follows:
- There exists an unprecedented abundance of parental control tools to help parents decide what constitutes acceptable media content in their homes and in the lives of their children.
- There is a trade-off between complexity and convenience for both tools and ratings, and no parental control tool is completely foolproof.
- Most homes have no need for parental control technologies because parents rely on other methods or there are no children in the home.
- The role of household media rules and methods is underappreciated and those rules have an important bearing on this debate.
- Parental control technologies work best in combination with educational efforts and parental involvement.
- The search for technological silver-bullets and “universal” solutions represent a quixotic, Holy Grail-like quest and it will destroy innovation in this marketplace.
- Enforcement of “household standards” made possible through use of parental controls and other methods negates the need for “community standards”-based content regulation.
My entire filing can be found here and down below in a Scribd reader. All comments in the matter are due tomorrow and then reply comments are due on May 18th.
Continue reading →
Google’s latest major launch is “Latitude,” a geo-location service that lets users find friends on a digital map and then network with them. These services are often referred to as “LBS,” which stands for “location-based services.” I wrote about LBS here before in my essay on “The Next Great Technopanic: Wireless Geo-Location / Social Mapping.” As I pointed out in that piece, LBS raise privacy concerns with some people because, by their nature, these technologies involve the tracking of users.
But I’ve argued that those concerns are generally over-blown, especially because you have to download and opt-in to these services. In other words, you know what you’re getting into. Moreover, companies who offer these services, like Loopt and now Google, go out of their way to offer privacy safeguards. Indeed, even some privacy activists agree.
For example, Michael Zimmer of the School of Information Studies at the University of Wisconsin-Milwaukee, is someone who pays close attention to privacy issues and is often critical of Google and other companies for supposedly not paying enough attention to privacy concerns. In the case of Latitude, however, he argues that “Google Actually Got it (Mostly) Right.” Here’s his snapshot of “what Google’s done to help give users control of their information flows in Latitude”:
Continue reading →
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.