In anticipation of a hearing in the House Judiciary Committee Wednesday afternoon, Sandra Aistars, executive director of the Copyright Alliance, writes in The Hill about the principles that should guide copyright reform, calling for debate “based in reality rather than rhetoric.”

Chief among these principles is that protecting authors is in the public interest. Ensuring that all creators retain the freedom of choice in determining how their creative work is used, disseminated and monetized is vital to protecting freedom of expression.

Arguing for authors in terms of freedom of choice and expression is good rhetoric, but it’s quite unlike what I expect you’ll hear during Cato’s noon Wednesday forum on copyright and the book Laws of Creation: Property Rights in the World of Ideas.

Authors Ron Cass and Keith Hylton methodically go through each intellectual property doctrine and explore its economic function, giving few words to authors’ “choice” or their “freedom of expression.” They certainly don’t denigrate authors or their role, but Cass and Hylton don’t vaunt them the way Aistars does either.

Recent events in the copyright area are providing much grist for the discussion. You can still register for the book forum, treating it as a warm-up for Wednesday afternoon’s hearing, if your freedom of choice and expression so dictate.

Susan W. Brenner, associate dean and professor of law at the University of Dayton School of Law,  discusses her new paper published in the Minnesota Journal of Law, Science & Technology entitled “Cyber-threats and the Limits of Bureaucratic Control.”

Brenner argues that the approach the United States, like other countries, uses to control threats in real-space is ill-suited for controlling cyberthreats. She explains that because this approach evolved to deal with threat activity in a physical environment, it is predicated on a bureaucratic organizations. This is not an effective way of approaching cyber-threat control, she argues. 

Brenner also explains why congressional efforts at cybersecurity legislation are flawed and why U.S. authorities persist in pursuing antiquated strategies that cannot provide an effective cyberthreats defense system. She outlines an alternative approach to the task of protecting the country from cyberthreats, and approach that is predicated on older, more fluid threat control strategies.

Download

Related Links

Benjamin Lennett and Danielle Kehl have an article in the Chronicle of Higher Education that is representative of a genre: worrying about the adverse consequences of mobile data “caps.” In this installment, Lennett and Kehl argue that pricing structures imposed by wireless carriers will limit the future of online education. “As a nation, we should embrace the potential benefits of online education. But we must not ignore the disparities that may keep many from taking advantage of those innovations,” they warn.

But are mobile data caps really what is holding back online education? Let’s take a look.
Continue reading →

HJLPP coverI’m excited to announce the release of my latest law review article, “The Pursuit of Privacy in a World Where Information Control is Failing,” which appears in the next edition (vol. 36) of the Harvard Journal of Law & Public Policy. This is the first of two complimentary law review articles that I will be releasing this year dealing with privacy policy. The second, which will be published later this summer by the George Mason University Law Review, is entitled, “A Framework for Benefit-Cost Analysis in Digital Privacy Debates.” (FYI: Both articles focus on privacy claims made against private actors — namely, efforts to limit private data collection — and not on privacy rights against governments.)

The new Harvard Journal article is divided into three major sections. Part I focuses on some of normative challenges we face when discussing privacy and argues that there may never be a widely accepted, coherent legal standard for privacy rights or harms here in the United States. It also explores the tensions between expanded privacy regulation and online free speech. Part II turns to the many enforcement challenges that are often ignored when privacy policies are being proposed or formulated and argues that legislative and regulatory efforts aimed at protecting privacy must now be seen as an increasingly intractable information control problem. Most of the problems policymakers and average individuals face when it comes to controlling the flow of private information online are similar to the challenges they face when trying to control the free flow of digitalized bits in other information policy contexts, such as online safety, cybersecurity, and digital copyright.

If the effectiveness of law and regulation is limited by the normative considerations discussed in Part I and the practical enforcement complications discussed in Part II, what alternatives remain to assist privacy-sensitive individuals? I address that question in Part III of the paper and argue that the approach America has adopted to deal with concerns about objectionable online speech and child safety offers a path forward on the privacy front as well. Continue reading →

Register here now for next Wednesday’s Cato book forum on Laws of Creation: Property Rights in the World of Ideas.

In the book, Ronald A. Cass and Keith Hylton reject the idea that changing technology undermines the case for intellectual property rights. They argue that making the work of inventors and creators free would be a costly mistake.

That cuts against the bulk of academic opinion today, which is critical of the broad scope and length of intellectual property protections today. The book has qualities that many libertarians will enjoy because it starts with first principles: the theoretical underpinnings and practical benefits of property rights.

By no means does the book answer all the questions, and we’ll have TLF’s own Jerry Brito, the editor of Copyright Unbalanced, on hand to provide commentary.

That’s Wednesday (3/20) at noon in the Cato Institute’s F.A. Hayek auditorium. There’s no such thing as a free lunch, but the sandwiches provided afterwards come at the low cost of learning more dimensions of the intellectual property debate. Register now!

In the past couple weeks, three bills addressing the legality of cell phone unlocking have been introduced in the Senate:

  • Sens. Leahy, Grassley, Franken, and Hatch’s “Unlocking Consumer Choice and Wireless Competition Act” (S.517)
  • Sen. Ron Wyden’s “Wireless Device Independence Act” (S.467)
  • Sen. Amy Klobuchar’s “Wireless Consumer Choice Act” (S.481)

This essay will explain how these bills would affect users’ ability to lawfully unlock their cell phones.

Background

If you buy a new cell phone from a U.S. wireless carrier and sign a multi-year service contract, chances are your phone is “locked” to your carrier. This means if you want to switch carriers, you’ll first need to unlock your phone. Your original carrier may well be happy to lend you a helping hand—but, if not, unlocking your phone may violate federal law.4s-unlock

The last few months have seen an explosion of public outcry over this issue, with a recent White House “We the People” petition calling for the legalization of cell phone unlocking garnering over 114,000 signatures—and a favorable response from the Obama administration. The controversy was sparked in October 2012, when a governmental ruling (PDF) announced that unlocking cell phones purchased after January 26, 2013 would violate a 1998 federal law known as the Digital Millennium Copyright Act (the “DMCA”).

Under this law’s “anti-circumvention” provisions (17 U.S.C. §§ 1201-05), it is generally illegal to “circumvent a technological measure” that protects a copyrighted work. Violators are subject to civil penalties and, in serious cases, criminal prosecution.

However, the law includes an escape valve: it empowers the Librarian of Congress, in consultation with the Register of Copyrights, to periodically determine if any users’ “ability to make noninfringing uses . . . of a particular class of copyrighted works” is adversely affected by the DMCA’s prohibition of tools that circumvent access controls. Based on these determinations, the Librarian may promulgate rules exempting categories of circumvention tools from the DMCA’s ban.

One such exemption, originally granted in 2006 and renewed in 2010, permits users to unlock their cell phones without their carrier’s permission. (You may be wondering why phone unlocking is considered an access control circumvention—it’s because unlocking requires the circumvention of limits on user access to a mobile phone’s bootloader or operating system, both of which are usually copyrighted.)

But late last year (2012), when the phone unlocking exemption came up for its triennial review, the landscape had evolved regarding a crucial legal question: do cell phone owners own a copy of the operating system software installed on their phone, or are they merely licensees of the software?

Continue reading →

A market has developed in which specialized firms discover new vulnerabilities in software and sell that knowledge for tens or hundreds of thousands of dollars. These vulnerabilities are known as “zero day exploits” because there is no advance knowledge of them before they are used. In this blog post, we recognize that this market may require some kind of action, but reject simplistic calls for “regulation” of suppliers. We recommend focusing on the demand side of the market.

Although there is surprisingly little hard evidence of its scope and scale, the market for vulnerabilities is considered troublesome or dangerous by many. While the bounties paid may stimulate additional research into security, it is the exclusive and secret possession of this knowledge by a single buyer that raises concerns. It is clear that when a someone other than the software vendor pays $100,000 for a zero-day they are probably not paying for defense, but rather for an opportunity to take advantage of someone else’s vulnerability. Thus, the vulnerabilities remain unpatched. (Secrecy also makes the market rather inefficient; it may be possible to sell the same “secret” to several buyers.)

The supply side of the market consists of small firms and individuals with specialized knowledge. They compete to be the first to identify new vulnerabilities in software or information systems and then bring them to buyers. Many buyers are reputed to be government intelligence, law enforcement or military agencies using tax dollars to finance purchases. But we know less about the demand side than we should. The point, however, is that buyers are empowered to initiate an attack, a power that even legitimate organizations could easily abuse.

Insofar as the market for exploits shifts incentives away from publicizing and fixing vulnerabilities toward competitive efforts to gain private, exclusive knowledge of them so they can be held in reserve for possible use, the market has important implications for global security. It puts a premium on dangerous vulnerabilities, and thus may put the social and economic benefits of the Internet at risk. While the US might think it has an advantage in this competition, as a leader in the Internet economy and one of the most cyber-dependent countries, it also has the most to lose.

Unfortunately, so far the only policy response proposed has been vague calls for “regulation.” Chris Soghoian in particular has made “regulation” the basis of his response, calling suppliers “modern-day merchants of death” and claiming that “Security researchers should not be selling zero-days to middle man firms…These firms are cowboys and if we do nothing to stop them, they will drag the entire security industry into a world of pain.”

Such responses, however, are too long on moral outrage and too short on hard-headed analysis and practical proposals. The idea that “regulation” can solve the problem overlooks major constraints:

Continue reading →

While there is evidence that patents encourage investment in industries like pharmaceuticals and materials science, their effect on many other industries is markedly negative. In the computing, software, and Internet space, patents represent a serious barrier to innovation, as companies who need to assemble a huge number of licenses are subject to the holdout problem, and as incumbent or has-been firms use patents as weapons against more innovative upstarts. In some cases, these firms deliberately transfer patents to entities known as “trolls,” who exist solely for the purpose of suing the competition.

In theory, it is possible for firms to contract around these problems on a bilateral basis—as a basic reading of Coase suggests, because patents are inefficient in the tech industry, there exists in principle a bargain in which any two firms could agree to ignore patent law. The problem, of course, is the transaction costs. Transaction costs don’t merely add up in the tech industry; they multiply, because of holdout considerations and all the strategic maneuvering associated with firms competing on multiple margins.

I was thrilled, therefore, to see that Google is taking steps to solve this problem. They are proposing to set up a pool which would cross-license their patents to any other firms willing to reciprocate. All members of the pool would receive licenses to all of the patents in the pool. Unlike other existing patent pools, they seem to be interested in achieving the broadest possible participation, and it is being created purely for defensive purposes, not to receive a competitive advantage over firms excluded from the pool.

The proposal is still in a relatively early stage—they are still seeking feedback about which of four licenses the pool should use, which have different features such as permanence of licenses (“sticky” vs. “non-sticky”) and whether firms would be required to license their entire portfolio. For what it’s worth, I hope they choose the Sticky DPL, which seems like the most aggressive of the licenses in terms of taking weapons off the table.

An excellent feature of the pool, particularly if the participants decide to go with the Sticky DPL, is that it would feature very strong network effects. If several firms license their entire patent portfolios to the pool, then that strongly increases the incentive of other firms to join the pool. There is an intriguing tension here between the stated aim of the pool and the incentives pool members have to force other firms to join—by suing non-pool members who infringe on the pool’s patents, they can increase the membership of the pool. I do not strongly oppose this, but I imagine that there will be some philosophical discussion about whether such actions would be right.

Another wrinkle is that firms might transfer several crucial patents to trolls right before they join the pool (keeping a license for themselves, of course). More generally, they may look for legal ways to reap the benefits of the pool while continuing to use trolls to skirmish with their competitors.

But nevertheless, this is an encouraging development that I hope succeeds. If, as I strongly suspect, we are on the wrong side of the Tabarrok curve, the creation of a large cross-licensing pool could increase further the dynamism of our most dynamic industry.

I hope that you’ve all been watching the terrific videos on “Economics of the Media” that Tyler Cowen and Alex Tabarrok have put together as part of their Marginal Revolution University online courses.  They divide their media economics lessons into four groupings: (1) Basic economics of media; (2) Media bias; (3) Media and government; and (4) Media and economic development.  Tyler and Alex asked Jerry Brito and me to contribute two videos on Net neutrality for the project. Jerry’s course offers an overview of Net neutrality as a general engineering principle. My video explores Net neutrality as a regulatory proposal and couches it in a broader discussion of network economics. Each video lasts approximately 6-7 minutes. Here they are:


crossroadsTuesday was a big day for the FCC.  The Senate Commerce, Science and Transportation Committee held an oversight hearing with all five Commissioners, the same day that reply comments were due on the design of eventual “incentive auctions” for over-the-air broadcast spectrum.  And the proposed merger of T-Mobile USA and MetroPCS was approved.

All this activity reflects the stark reality that the Commission stands at a crossroads.  As once-separate wired and wireless communications networks for voice, video, and data converge on the single IP standard, and as mobile users continue to demonstrate insatiable demand for bandwidth for new apps, the FCC can serve as midwife in the transition to next-generation networks.  Or, the agency can put on the blinkers and mechanically apply rules and regulations designed for a by-gone era. Continue reading →