February 2008

I agree with most of what Tom says here but I have to quibble with his final paragraph:

Oh, and one more thing: it’s probably worth noting that one of the greatest technical (and economic) triumphs in recent memory — TCP/IP and the suite of other protocols and standards that powers the internet — was designed by having a bunch of really smart engineers get together, execute an RFC process and then issue an ISO standard more or less by fiat. This is not to say that markets can’t help us arrive at good solutions — cable vs. DSL vs. FiOS is a good example of such a market working (or would be if the regulatory picture weren’t so complicated). But it ought to be acknowledged that markets are not always an optimal tool for making technical decisions. In fact there are now pseudo-centralized organizations that take responsibility for many of the technical standards that power our world, and nearly all engineers agree that we’re vastly better off for it.

The history of the Internet is something I’ve been researching lately, so this is a question I know something about. And I think Tom’s only telling part of the story.

Continue reading →

There’s a lot of hoopla surrounding Bain Capital’s buyout of beleaguered 3Com Corporation, due to the fact that one of the buyers is Huawei, a company from China. Or “communist China” (gasp!) according to today’s press release from Rep. McCotter:

News circulated today Bain Capital and communist China’s Huawei plan to resubmit an application seeking U.S. approval for a planned buyout of American 3Com Corporation within the next several weeks. Congressman Thaddeus McCotter (R-MI) made the following comments on the possible new merger:

“No business can sufficiently structure such deals to protect America from this stealth assault on America’s national security.  It is the solemn duty of the United States government to protect our liberty from all threats; and CFIUS must again do its job and reject this latest threat to our cyber-security.”

It’s nice that members of Congress are looking after our national security, but they don’t have to when it comes to foreign direct investment. We have CIFIUS. And in a paper I co-authored with my colleague Nora von Ingersleben, we assert that when CIFIUS gets politicized, American innovation will suffer.

Continue reading →

As to the spin that applying for a REAL ID extension amounts to planning for compliance, nothing takes the cake quite like an email that was forwarded to me today. Because I can’t find an online version, I’ve screen-capped the relevant part of an email sent out by Digimarc lobbyist Mark Rhoads:


For reference, here is the relevant language from the regulation. You can infer from this what everyone involved in the process knows – the extension to December 31, 2009 is a free pass. It requires no statement of compliance, and it has been given to states that will not comply:

Sec. 37.63 Extension of deadline.

(a) A State may request an initial extension by filing a request with the Secretary no later than March 31, 2008. In the absence of extraordinary circumstances, such an extension request will be deemed justified for a period lasting until, but not beyond, December 31, 2009. DHS shall notify a State of its acceptance of the State’s request for initial extension within 45 days of receipt.

(b) States granted an initial extension may file a request for an additional extension until no later than May 10, 2011, by submitting a Material Compliance Checklist demonstrating material compliance, per Sec. 37.51(b) with certain elements of subparts A through E as defined by DHS. Such additional extension request must be filed by October 11, 2009. DHS shall notify a State whether an additional extension has been granted within 45 days of receipt of the request and documents described above.

(c) Subsequent extensions, if any, will be at the discretion of the Secretary.

I have to at least partly agree with Tom about the HD-DVD vs. Blu-Ray battle, and about libertarians’ tendency to sometimes over-sell the outcome of market processes. Libertarians have been known to go overboard in insisting that the outcome of market processes is superior to other potential outcomes in every conceivable respects, even when it’s clearly not so. To take the obvious example, as a Mac user, I’m not prepared to concede that simply because Microsoft has a larger share of the operating system market than Apple, that Windows must be a better operating system than Mac OS.

In particular, network effects and path dependence are real phenomena. For example, the x86 architecture really is a kind of Frankenstein’s monster that has limped along for decades despite, not because of, its underlying technical design. Yet it has become the undisputed champion of desktop computing because of network effects—there is now vastly more desktop software written for it than any other architecture, and so that’s what the market demands. From the perspective of an electrical engineer, this is kind of a pity. Newer architectures like the Alpha have a variety of advantages, and if we could somehow wave a magic wand and cause everyone to suddenly have an installed base of Alpha software instead of x86 software, it would almost certainly be an improvement.

Continue reading →

There’s a good opinion piece on age verification and social networking websites by CDT’s Leslie Harris on the ABC news site.

Third, can we verify age or identity and still protect privacy? Would personal information about minors have to be submitted and maintained in large databases, or would Internet users have to have an authenticated identification card to go online?

Along with TLF’s very own Adam Thierer, CDT is on the Berkman Center task force setup by the MySpace & Attorneys General joint statement to study online authentication techniques. Intelligent study of the issue is much needed, as age verification is a hot topic in the states.

So far this year we’ve seen age verification bills introduced in Georgia, Illinois, Iowa, and Mississippi (last year also saw Connecticut and North Carolina). These bills would force the sites to age verify its users and obtain parental consent before kids under 18 could register.  I’m happy to say that Mississippi’s bill failed to make crossover and is dead, and Georgia’s bill is effectively dead.

Age verification is looked upon as a way to keep our kids safer online, but it’s really an access control device that by itself does nothing to limit opportunities for sexual predators. Politicians should avoid age verification mandates, particularly as we have a panel of experts to study the issue over the next year!

These are 3 of the best articles I have read in recent memory in terms of putting online safety risks in some perspective. Must reading:

David Pogue, NYT.com: “How Dangerous Is the Internet for Children?”

Larry Magid, CBS News.com: “Cyberbullying Vs. Free Speech

Slashdot: “Spreading “1 in 5” Number Does More Harm Than Good

No state will comply with the REAL ID Act’s requirement to begin issuing a national ID by the forthcoming statutory deadline, May 11th.

Because of this, the Department of Homeland Security is giving states deadline extensions just for the asking. Interestingly, it’s turning around and spinning the acceptance of those extensions as commitments to comply. Many of the states shown in green on this map have passed statutes outright refusing to implement the law. (For readers new to planet earth, the color green typically means “go.” Green is at least a strange choice of color for states which have legally barred themselves from issuing the DHS’ national ID.)

With her state – the first in the nation to pass anti-REAL ID legislation – considering refusing even the deadline extension, Senator Susan Collins (R-ME) is once again working with DHS in support of the national ID law.

She has written a letter to the governor of her state, asking him to go ahead and take the waiver, playing into the DHS strategy. Followers of REAL ID know that delaying implementation helps a national ID go forward by giving the companies and organizations that sustain themselves on these kinds of projects time to shake the federal money tree and get this $11 billion surveillance mandate funded.

The cumulative profit margin of the airline industry is less than 1%. Should even a single state refuse to accept this national ID mandate, the airline industry, airport operators (faced with reconfiguring their operations), and travelers groups would be on the Hill in an instant. The Congress would have to revisit the issue.

Evidently, Senator Collins doesn’t want to risk the chance of an up-or-down vote on whether the U.S. should have a national ID. Her work behind the scenes in favor of REAL ID reveals where she stands.

Wow, look at the lineup for this Google and Stanford Law School event that I am speaking at next week as part of a “Legal Futures Summit,” which is billed as “a conversation between some of the world’s leading thinkers about the future of privacy, intellectual property, competition, innovation, globalization, and other areas of the law undergoing rapid change due to technological advancement.”

I have no idea what I’ll be saying at this event, but I’m really looking forward to just interacting with this impressive group of intellectual powerhouses. [Apparently the second day of the event–next Saturday–is open to the public. So Silicon Valley locals might want to come and hear the fun.] Anyway, here’s the lineup…

Continue reading →

This may not be of interest to anyone but me, but on the theory that it’s better to post them all and let Google sort them out, here are the books I read for my forthcoming paper on network neutrality.

Continue reading →

The Australian Communications and Media Authority (ACMA), Australia’s content and communications regulatory agency, has just released a comprehensive new report on “Developments in Internet Filtering Technologies and Other Measures for Promoting Online Safety.” It’s 120 pages long and contains a survey of all the various tool and methods that Australians can use to deal objectionable online content or communications.

What I like best about the report is that the ACMA ultimately came to the exact same conclusion that I did after conducting a thorough review of these issues in my “Parental Controls and Online Child Protection” report. Namely, (1) there is no single “silver-bullet” technical solution (rather, some combination of many tools and methods must be used), and (2) education is essential. Here’s how they put it on page 91 of the report:

“there is no single mitigation measure that is effective against all online risks. Neither is there a single mitigation measure that is effective in addressing even one category of online risks, that is, content risks, e-security risks and communications risks”…

“Education campaigns appear to be effective in addressing a broad range of online risks. Of the range of alternative risk mitigation measures, education is to the most effective measure in addressing risks associated with illegal online contact. Education is a viable alternative or supplement to filtering in targeting risks associated with inappropriate content, particularly for older children who may endeavor to circumvent filtering that they perceive to be restrictive. There is evidence from programs deployed in other countries that eduction can be deployed to address bullying.”

Absolutely correct. As I argued in my report, “there isn’t any one, silver bullet tool or method that will get the job done on its own. … [W]e will need to adopt a ‘layered’ approach to parental controls and online child protection to do the job right” that involves a combination of “rules, tools, schools, and talk” with education at the heart of all those strategies.

I suspect many of these issues will be considered by the new Internet Safety Technical Task Force that I will be serving on and which I discussed here this week. The Australian report will serve as a good resource for us as we begin our review.