July 2008

So, the new iPhone OS was cracked in mere hours. According to the folks at Gizmodo:

The new iPhone OS 2.0 software has been unlocked and jailbroken. It was released just hours ago and it has already been cracked by the iPhone Dev Team. The first one took a couple of months, but this one was actually unlocked before Apple released it to the public. … Now that the official iPhone OS 2.0 is out, the iPhone Dev Team will release their Pwnage tool for everyone to unlock and jailbreak their iPhones soon.

Shocker, right? Well, anyway, I found this funny because back in March I gave Jonathan Zittrain a lot of grief for making the iPhone out to be some sort of enemy of the people because of its closed, proprietary nature. In his provocative new book “The End of the Internet,” he suggested that iPhone typified a dangerous new emerging business model that would destroy the “generative” nature of the Net by pushing people into closed systems.

My response was basically that Jonathan was making a mountain out of a molehill. Generative technologies weren’t going anywhere, and the Net certainly wasn’t “dying.” Not only is generativity thriving, but there’s just no way to stop people from hacking away at closed devices and networks, as today’s cracking of the iPhone in mere hours proves once again.

So, Jonathan, I hate to pick on you again buddy, but what exactly is the problem? Apple has put another great device on the market and people immediately took steps to open it up and see if they can make it even better. Sounds like progress to me.

The Zittrain thesis is just getting harder and harder for me to take seriously.

The Wall Street Journal today reported that U.S. online publishers are seeing increased traffic from overseas while seeing little revenue from these foreign visitors. This represents both an uncompensated cost—in the form of server space and bandwidth—and an untapped source of revenue. So untapped, in fact, that foreign visitors account for only 5% of revenues for most major sites while constituting as much as half of their traffic.

Many publishers are attempting to tackle the problem by using geographic information related to visitors’ IP addresses—the basic identifiers that allow computers to communicate over the Internet. (You can see what information can be gleened from your IP by visiting sites like Proxify, that display the information that is publicly available regarding your IP address.)

While this seems like a convenient way for advertisers to turn foreign traffic into a new source of income, lawmakers may interfere with this process, denying web publishers the revenues needed to continue the growth of their businesses. Efforts to limit what information web publishers and advertisers can use in order to serve up content and ads to readers are underway both in the U.S. and in the E.U. In fact, Europe is split over whether to consider IP addresses “personally identifiably information” and grant them legal protections as a result.

My colleague Wayne Crews recently testified before the Senate Committee on Commerce regarding this side of the pond’s approach to privacy regulation. In his testimony, Crews was quick to point out that regulation would not only cut off revenue streams, but also stem the development of future technologies which may use information in ways we’ve never considered. Those developments are surely to be in advertising, but will also undoubtedly be in other areas of communication—perhaps some will be as revolutionary as the web itself.

We also have to consider the “little guys” of the web. According to Google’s Q1 2008 conference call (transcript can be seen here) the search company passed along over $4 billion to its AdSense publishers network in 2007. So, restrictive privacy regulations won’t just harm big companies like Google, Microsoft, CBS, or NewsCorp; the small websites and blogs supported by larger ad networks will also be affected by laws or regulations that would prevent advertisers from getting the right ads to the right people.

The biggest issue at hand, however, is the notion of consumer choice.  Currently, search site users can choose from a huge variety of search engines and other services, each offering different privacy guarantees to visitors. Increasingly engines other than Google—like those run by Microsoft and Yahoo!—are differentiating themselves from the Mountain-View-based giant through their privacy policies, providing consumers with additional choices. And people ought to be able to choose if they want to offer up some of their personal data in return for more customized services, or tolerate a less accurate search in order to preserve their privacy.

Certainly this choice is better than the solution Congress is offering: no choice at all.

The Image Says it All

by on July 10, 2008

Time technopanic cover

Sean Garrett of the 463 Blog posted an excellent essay this week about the great moral panic of 1995, when Time magazine ran its famous cover “Cyberporn” story that included this unforgettable image. Unfortunately for Time, the article also included a great deal of erroneous information about online pornography that was pulled from a bogus study that found 83.5 percent of all online images were pornographic! The study was immediately debunked by scholars, but not before Congress rushed to judgment and passed the Communications Decency Act, which sought to ban all “indecent” online content. It was later struck down as unconstitutional, of course.

Anyway, Sean’s essay also brought to my attention this amazing new article by Alice Marwick, a PhD Candidate in the Department of Media, Culture, and Communication at New York University: “To Catch a Predator? The MySpace Moral Panic“. The topic of “moral panics” is something I have done quite a bit of work on, but Marwick’s paper is absolute must-reading on the topic, especially as it pertains to the recent moral panic of MySpace and social networking sites.
Continue reading →

I’m not sure what to say about yesterday’s FISA vote that I haven’t said a dozen times before. I’m disappointed, obviously, but I can’t say I was surprised. I was probably more surprised that the White House didn’t get its way in February than that it did get its way in July. The powers that Congress granted yesterday will almost certainly be abused in the coming years, but we probably won’t find out about them until long after it’s too late to do anything about them.

But Aaron Massey makes an excellent point that’s worth quoting:

Although there are many aspects of this bill that disappoint me, I would like to take a moment to talk about the one closest to my research: legal compliance in technology systems. This bill sets an incredibly bad precedent for anyone advocating legal compliance. Essentially, what the telecommunications companies did was blatantly against the law. However, this bill retroactively provides them immunity for their actions. When the consequences for violating the law are removed retroactively, companies have an incentive to violate the law in the future.

The ethics in situations like this are already difficult for engineers to recognize. For a technologist like Mark Klein, setting up a room with a whole bunch of cables going into it is a normal daily aspect of their job. Most will not see the ethical implications. Most engineers at that level are not aware of the bigger picture. They may not be able to say for sure whether their action is a violation of the law. To speak out about such a thing already takes great personal courage.

The last thing engineers need to see is a case like this. They will recognize that even if they do risk their job to speak out about a possible legal problem, and even if that possible problem is recognized as such, it is now, with the passage of this bill, clearly possible that Congress will bend over backwards to let their employer off the hook.

To understand how difficult it was before this amendment was passed for someone like Mark Klein to do what he did, I urge you to read the introduction Cindy Cohn gave him at the EFF Pioneer Awards. Congress has just made it harder on the heroes. This is a disappointing day.

Oversight by Magic?

by on July 9, 2008 · 4 comments

Mike is completely right to point out that Sen. Hatch’s comment that “Congress should not condone oversight through litigation” is absurd. Judicial scrutiny of executive branch activities is precisely what the Founders had in mind when they set up three branches of government, and the courts were doing exactly what they were designed to do.

But I also want to point out another absurd thing about Hatch’s statement: even if we granted that oversight-through-litigation isn’t the way to go, shouldn’t he be putting forward some other oversight mechanism? Like a warrant requirement, for example? Or aggressive Congressional hearings? One can imagine taking this kind of argument seriously if the opponents of the lawsuits were putting forward some other mechanism for holding the government and the phone companies accountable for their actions. But as far as I can tell, the Republicans, along with a depressing number of Democrats, are utterly uninterested in any kind of oversight at all, whether it comes from the legislative or judicial branches. The goal isn’t to replace “oversight through litigation” with oversight through some other, more effective process. The goal is to avoid having to do any oversight at all.

Coming off last week’s July 4 recess, the Senate held a hearing on the privacy implications of online advertising. Online ads, behavioral tracking, targeted ads – whatever you might call it – has been an explosive policy issue, but today’s hearing was mostly just sparklers, with only a few bottle rockets here and there.

The big players were there–Google, Microsoft, Facebook and NebuAd–minus the ISPs, which Dorgan called out as being absent (which is why there will be another online ads hearing just for the ISPs, sure to be full of loud M-80s).

Key concepts mentioned over and over: Self Regulation; the need for Baseline Privacy Law; Pseudo-Anonymous; Opt-in vs. Opt-out; Choice.

Key Principle #1 – Self Regulation

All the witnesses espoused the need for self regulation. I’ve never liked this term, as it sounds like more of a system of conscious personal health management than a public policy strategy. Alas, it’s the lingua franca of pro-market forces in Washington.

Google, not surprisingly, is a supporter of self-regulation when it comes to online advertisements (but see baseline privacy law below). Most surprisingly, Google took very little heat from the Committee. There weren’t any questions about why it took so long to have a privacy link on its website – which Google added only a few days ago. Was the hearing, hmm, hmm, a catalyst toward this sort of “self regulation”?

The FTC is pushing for “self-regulation” principles, which I describe more in a previous post. Continue reading →

How does the old saying go? One person’s spam is another person’s blogging fodder? Such was the case today when a colleague forwarded a house GOP “Internet Freedom Alert” to me. According to the alert, Nancy Pelosi and her wicked ilk mean to ban members of Congress from using YouTube to communicate with their constituencies.

The alert, sent by the office of Rep. John Boehner, informs us that house democrats have dredged up an arcane rule and mean to enforce it—after all, this is “the most ethical Congress ever.” The rule, enforced by the Congressional Franking Commission, disallows links to campaign-related website, political parties, advocacy groups and “any site the primary purpose of which is the conduct of commerce.” This means YouTube, replete with its ring tone ads, links John McCain t-shirts, and ads for Barack Obama commemorative neck ties, is a big Congressional no-no.

Congress ought to live by its own rules, but perhaps this one is worth revisiting. Rep. Tom Price (R-GA) seems to think so as well. He sits on the panel that is reforming the rules governing constituent communication and has quite accurately observed that “Technology moves fast. Congress moves slow.”

While that sentence may not be the most grammatically accurate way of stating the case, the Price is right. The alternative for Congress is hosting its own videos or requesting that commecial sites like YouTube build what Washington Post staff writer Jonathan Weisman calls a “government ghetto.”

Continue reading →

Via Hit & Run, Sarah Lai Stirland reports on the plan to roll out a new political action committee called Accountability Now, which would punish members of Congress who voted to legalize warrantless wiretapping and immunize the participation of telecommunications companies in illegal spying.

On the Accountability Now site, you can pledge to donate money in a newsworthy August 8th money bomb that will raise money to defeat candidates selling out privacy and civil liberties. I rarely, rarely support politicians, even the ones I think are good. The opportunity to oppose some bad ones is quite delicious.

August 8th is the day Nixon resigned thirty-five years ago.

Me on FISA on KMOX

by on July 9, 2008 · 6 comments

I appeared on KMOX radio in St. Louis yesterday, appearing after my hometown Republican Senator, Kit Bond. Bond’s comments are here. My response is here. Bond has an op-ed on the issue here.