May 2011

With news today that the Department of Justice is [extending its probe](http://thehill.com/blogs/hillicon-valley/technology/158909-justice-department-extends-atat-probe) of the AT&T – T-Mobile merger, and that the FCC [has received](http://www.washingtonpost.com/blogs/post-tech/post/consumers_give_fcc_an_earful_on_atandt_bid_to_buy_t_mobile/2011/05/02/AFX0VScF_blog.html) thousands of comments on the issue, the FCC’s hopefully soon to be release Wireless Competition Report is taking on even greater importance.

Last year’s report was [the first in 15 years not to find the market “effectively competitive.”](http://techliberation.com/2010/05/21/the-underlying-desperation-at-the-fcc/) As a result, expectations are high for the new annual report. How it determines the state of competition in the wireless market could affect regulatory policy and how the Commission looks at mergers.

Join the Mercatus Center at George Mason University’s [Technology Policy Program](http://mercatus.org/technology-policy-program) for a discussion of these issues, including:

– What does a proper analysis of wireless competition look like?
– What should we expect from the FCC’s report this year?
– How should the FCC address competition in the future?

Our panel will feature [**Thomas W. Hazlett**](http://mason.gmu.edu/~thazlett/), Professor of Law & Economics, George Mason University School of Law; [**Joshua D. Wright**](http://mason.gmu.edu/~jwrightg/), Assistant Professor of Law, George Mason University School of Law; [**Robert M. Frieden**](http://comm.psu.edu/people/rmf5), Professor of Telecommunications & Law, Penn State University; and [**Harold Feld**](http://www.publicknowledge.org/user/1540), Legal Director, Public Knowledge

**When:** Wednesday, May 18, 2011, 4 – 5:30 p.m. (with a reception to follow)

**Where:** George Mason University’s Arlington Campus, just ten minutes from downtown Washington. (Founders Hall, Room 111, 3351 N. Fairfax Drive, Arlington, VA)

To RSVP for yourself and your guests, please contact Megan Gandee at 703-993-4967 or [mmahan@gmu.edu](mailto:mmahan@gmu.edu) no later than May 16, 2011. If you can’t make it to the Mercatus Center, you can watch this discussion live online at mercatus.org.

A federal judge in Illinois has refused to allow a plaintiff to match IP addresses to individual names in a piracy case, indicating that use of IP addresses without any other evidence is too unreliable in identifying actual perpetrators, and as such, violates the rights of those caught in what he termed a “fishing expedition.”

In his decision, Judge Harold Baker pointed to one of several recent cases where paramilitary-type police raids on the residences of persons suspected of downloading child pornography that turned up nothing. What had happened was that real culprit had used that household’s unsecured wireless Internet connection.

Continue reading →

On this week’s podcast, Jessica Litman, professor of law at the University of Michigan Law School and one of the country’s foremost experts on copyright, discusses her new essay, Reader’s Copyright. Litman talks about the origins of copyright protection and explains why the importance of readers’, viewers’, and listeners’ interests have diminished over time. She points out that copyright would be pointless without readers and claims that the system is not designed to serve creators or potential creators exclusively. Litman also discusses differences in public and private protections and talks about rights that should be made more explicit regarding copyright.

Related Links

To keep the conversation around this episode in one place, we’d like to ask you to comment at the web page for this episode on Surprisingly Free. Also, why not subscribe to the podcast on iTunes?

I’ve spent a great deal of time here defending “techno-optimism” or “Internet optimism” against various attacks through the years, so I was interested to see Cory Doctorow, a novelist and Net activist, take on the issue in a new essay at Locus Online.  I summarized my own views on this issue in two recent book chapters. Both chapters appear in The Next Digital Decade and are labeled “The Case for Internet Optimism.” Part 1 is sub-titled “Saving the Net From Its Detractors” and Part 2 is called “Saving the Net From Its Supporters.” More on my own thoughts in a moment. But let’s begin with Doctorow’s conception of the term.

Doctorow defines “techno-optimism” as follows:

In order to be an activist, you have to be… pessimistic enough to believe that things will get worse if left unchecked, optimistic enough to believe that if you take action, the worst can be prevented. […]

Techno-optimism is an ideology that embodies the pessimism and the optimism above: the concern that technology could be used to make the world worse, the hope that it can be steered to make the world better.

What this definition suggests is that Doctorow has a very clear vision of what constitutes “good” vs. “bad” technology or technological developments. He turns to that dichotomy next as he seeks to essentially marry “techno-optimism” to a devotion to the free/open software movement and a rejection of “proprietary technology”: Continue reading →

Here’s a doozy for the cyber-hype files. After it was announced that CIA Director Leon Panetta would take over at the Department of Defense, Rep. Jim Langevin, co-chair of the CSIS cybersecurity commission and author of comprehensive cybersecurity legislation, put out [a statement that read in part](http://thehill.com/blogs/hillicon-valley/technology/158383-house-dem-says-panetta-understands-cybersecurity):

>“I am particularly pleased to know that Director Panetta will have a full appreciation for the increasing sense of urgency with which we must approach cybersecurity issues. Earlier this year, Panetta warned that ‘the next Pearl Harbor could very well be a cyberattack.”

That’s from a [statement made](http://abcnews.go.com/News/cia-director-leon-panetta-warns-cyber-pearl-harbor/story?id=12888905) by Panetta to a house intelligence panel in February, and it’s an example of unfortunate rhetoric that Tate Watkins and I cite in [our new paper](http://mercatus.org/publication/loving-cyber-bomb-dangers-threat-inflation-cybersecurity-policy). Pearl Harbor left over two thousand persons dead and pushed the United States into a world war. There is no evidence that a cyber-attack of comparable effect is possible.

What’s especially unfortunate about that kind of alarmist rhetoric, apart from the fact that unduly scares citizens, is that it is often made in support of comprehensive cybersecurity legislation, like that introduced by Rep. Langevin. That bill [gives DHS the authority](http://www.govtrack.us/congress/billtext.xpd?bill=h112-1136&version=ih&nid=t0%3Aih%3A386) to issue standards for, and audit for compliance, private owners of critical infrastructure.

What qualifies as critical infrastructure? The bill has an expansive definition, so let’s hope that the “computer experts” cited in [this National Journal story](http://www.nextgov.com/nextgov/ng_20110429_3808.php) on the Sony PlayStation breach are not the ones doing the interpreting:

>While gaming and music networks may not be considered “critical infrastructure,” the data that perpetrators accessed could be used to infiltrate other systems that are critical to people’s financial security, according to some computer experts. Stolen passwords or profile information, especially codes that customers have used to register on other websites, can provide hackers with the tools needed to crack into corporate servers or open bank accounts.

It’s not hard to imagine a logic that leads everything to be considered “critical infrastructure” because, you know, everything’s connected on the network. We need to be very careful about legislating great power stemming from vague definitions and doing so on little evidence and lots of fear.

I’ve already Tweeted about it, but if you are following Internet privacy debates and have not yet had the chance to read Lauren Weinstein‘s new paper, “Do-Not-Track, Doctor Who, and a Constellation of Confusion,” it is definitely worth a look.  Weinstein, founder of the Privacy Forum, zeroes in on two related issue that I have made the focus of much of my work on this issue: (1) the fact that Do Not Track is seemingly viewed by some as a silver-bullet quick fix to online privacy concerns but will really be far more complicated in practice to enforce, and (2) that Do Not Track regulation will likely have many unintended consequences, most of which are going unexplored by proponents.

For example, Weinstein says:

Do-not-track in actuality encompasses an immensely heterogeneous mosaic of issues and considerations, not appropriately subject to simplistic approaches or “quick fix” solutions.   Approaching this area without a realistic appreciation of such facts is fraught with risks and the potential for major undesirable collateral damages to businesses, organizations, and individuals. Attempts to portray these controversies as “black or white” topics subject to rapid or in some cases even unilaterally imposed resolutions may be politically expedient, but are ultimately both childish and dangerous. […]

Above all, we should endeavor to remember that tracking issues both on and off the Internet are in reality part of a complicated whole, a multifaceted  set of problems — and very importantly — potentials as well. The decisions that we make now regarding these issues will likely have far-ranging implications and effects on the Internet for many years to come, perhaps for decades.

Continue reading →

Wired reports that a recent federal court decision would make it possible for a private-sector employee to be found in violation of the the Computer Fraud and Abuse Act for simply violating their employer’s data policies, without any real “hacking” having occurred. This not only applies to data access, like grabbing data via a non-password-protected computer, but also to unauthorized use, such as emailing or copying data the employee might otherwise have permission to access.

On face, this doesn’t seem entirely unreasonable. Breaking and entering is a crime, but so is casually walking into a business or home and taking things that aren’t yours, so it seems like data theft, even without any “hacking,” should be a crime. For the law to be otherwise would create a “but he didn’t log out” defense for would-be data thieves.

But what about unauthorized use? Is there a physical property equivalent of this? Could I be criminally liable for using the corporate car to drag race my against my neighbor, or would I only be fired and potentially sued in civil court? Does this new interpretation CFAA simply expand the scope of this law into realms already covered, perhaps more appropriately, by statutes that specifically address trade secrets or other sensitive information in a broader way that doesn’t involve computing technology?

Judge Tena Campbell noted in the dissent that under the ruling, “any person who obtains information from any computer connected to the internet, in violation of her employer’s computer-use restrictions, is guilty of a federal crime.” So, perhaps this is a case of the court overreaching in an incredibly dramatic fashion.

I hope my lawyerly co-bloggers can weigh-in on this issue.

HT: Ryan Lynch

I was pleased to see columnists George Will of The Washington Post and Jeff Jacoby of The Boston Globe take on the Internet sales tax issue in two smart recent essays. Will’s Post column (“Working Up a Tax Storm in Illinois) and Jacoby’s piece,”There’s No Fairness in Taxing E-Sales,” are both worth a read. They are very much in line with my recent Forbes column on the issue (“The Internet Tax Man Cometh,”) as well as this recent oped by CEI’s Jessica Melugin, which Ryan Radia discussed here in his recent essay “A Smarter Way to Tax Internet Sales.”

I was particularly pleased to see both Will and Jacoby take on bogus federalism arguments in favor of allowing States to form a multistate tax cartel to collect out-of-state sales taxes.  Senators Dick Durbin (D-IL) and Mike Enzi (R-WY) will soon introduce the “Main Street Fairness Act,” which would force all retailers to collect sales tax for states who join a formal compact. It’s a novel—and regrettable—ploy to get around constitutional hurdles to taxing out-of-state vendors. Sadly, it is gaining support in some circles based on twisted theories of what federalism is all about. Real federalism is about a tension between various levels of government and competition among the States, not a cozy tax cartel.

Will rightly notes that “Federalism — which serves the ability of businesses to move to greener pastures — puts state and local politicians under pressure, but that is where they should be, lest they treat businesses as hostages that can be abused.” And Jacoby argues that an “origin-based” sales tax sourcing rule is the more sensible solution to leveling the tax playing field: Continue reading →