[This is a draft of a section of a forthcoming study on “A Flexible Governance Framework for Artificial Intelligence,” which I hope to complete shortly. I welcome feedback. I have also cross-posted this essay at Medium.]

Debates about how to embed ethics and best practices into AI product design is where the question of public policy defaults becomes important. To the extent AI design becomes the subject of legal or regulatory decision-making, a choice must be made between two general approaches: the precautionary principle or the proactionary principle.[1] While there are many hybrid governance approaches in between these two poles, the crucial issue is whether the initial legal default for AI technologies will be set closer to the red light of the precautionary principle (i.e., permissioned innovation) or to the green light of the proactionary principle (i.e., (permissionless innovation). Each governance default will be discussed.

The Problem with the Precautionary Principle as the Policy Default for AI

The precautionary principle holds that innovations are to be curtailed or potentially even disallowed until the creators of those new technologies can prove that they will not cause any theoretical harms. The classic formulation of the precautionary principle can be found in the “Wingspan Statement,” which was formulated at an academic conference that took place at the Wingspread Conference Center in Wisconsin in 1998. It read: “Where an activity raises threats of harm to the environment or human health, precautionary measures should be taken even if some cause and effect relationships are not fully established scientifically.”[2] There have been many reformulations of the precautionary principle over time but, as legal scholar Cass Sunstein has noted, “in all of them, the animating idea is that regulators should take steps to protect against potential harms, even if causal chains are unclear and even if we do not know that those harms will come to fruition.”[3] Put simply, under almost all varieties of the precautionary principle, innovation is treated as “guilty until proven innocent.”^[4] We can also think of this as permissioned innovation.

The logic animating the precautionary principle reflects a well-intentioned desire to play it safe in the face of uncertainty. The problem lies in the way this instinct gets translated into law and regulation. Making the precautionary principle the public policy default for any given technology or sector has a strong bearing on how much innovation we can expect to flow from it. When trial-and-error experimentation is preemptively forbidden or discouraged by law, it can limit many of the positive outcomes that typically accompany efforts by people to be creative and entrepreneurial. This can, in turn, give rise to different risks for society in terms of forgone innovation, growth, and corresponding opportunities to improve human welfare in meaningful ways.

St. Thomas Aquinas once observed that if the sole goal of a captain were to preserve their ship, the captain would keep it in port forever. But that clearly is not the captain’s highest goal. Aquinas was making a simple but powerful point: There can be no reward without some effort and even some risk-taking. Ship captains brave the high seas because they are in search of a greater good, such as recognition, adventure, or income. Keeping ships in port forever would preserve their vessels, but at what cost?

Similarly, consider the wise words of Wilbur Wright, who pioneered human flight. Few people better understood the profound risks associated with entrepreneurial activities. After all, Wilbur and his brother were trying to figure out how to literally lift humans off the Earth. The dangers were real, but worth taking. “If you are looking for perfect safety,” Wright said, “you would do well to sit on a fence and watch the birds.” Humans would have never taken to the skies if the Wright brothers had not gotten off the fence and taken the risks they did. Risk-taking drives innovation and, over the long-haul, improves our well-being.^[5] Nothing ventured, nothing gained.

These lessons can be applied to public policy by considering what would happen if, in the name of safety, public officials told captains to never leave port or told aspiring pilots to never leave the ground. The opportunity cost of inaction can be hard to quantify, but it should be clear that if we organized our entire society around a rigid application of the precautionary principle, progress and prosperity would suffer.

Heavy-handed preemptive restraints on creative acts can have deleterious effects because they raise barriers to entry, increase compliance costs, and create more risk and uncertainty for entrepreneurs and investors. Thus, it is the unseen costs—primarily in the form of forgone innovation opportunities—that makes the precautionary principle so problematic as a policy default. This is why scientist Martin Rees speaks of “the hidden cost of saying no” that is associated with the precautionary principle.[6]

The precise way the precautionary principle leads to this result is that it derails the so-called learning curve by limiting opportunities to learn from trial-and-error experimentation with new and better ways of doing things.[7] The learning curve refers to the way that individuals, organizations, or industries are able to learn from their mistakes, improve their designs, enhance productivity, lower costs, and then offer superior products based on the resulting knowledge.[8] In his recent book, Where Is My Flying Car?, J. Storrs Hall documents how, over the last half century, “regulation clobbered the learning curve” for many important technologies in the U.S., especially nuclear, nanotech, and advanced aviation.[9] Hall shows how society was denied many important innovations due to endless foot-dragging or outright opposition to change from special interests, anti-innovation activists, and over-zealous bureaucrats.

In many cases, innovators don’t even know what they are up against because, as many scholars have noted, “the precautionary principle, in all of its forms, is fraught with vagueness and ambiguity.”[10] It creates confusion and fear about the wisdom of taking action in the face of uncertainty. Worst case thinking paralyzes regulators who aim to “play it safe” at all costs. The result is an endless snafu of red tape as layer upon layer of mandates build up and block progress. The result is what many scholars now decry as a culture of “vetocracy,” which describes the many veto points within modern political systems that hold back innovation, development and economic opportunity.[11] This endless accumulation of potential veto points in the policy process in the form of mandates and restrictions can greatly curtail innovation opportunities. “Like sediment in a harbor, law has steadily accumulated, mainly since the 1960s, until most productive activity requires slogging through a legal swamp,” says Philip K. Howard, chair of Common Good.[12] “Too much law,” he argues, “can have similar effects as too little law,” because:

People slow down, they become defensive, they don’t initiate projects because they are surrounded by legal risks and bureaucratic hurdles. They tiptoe through the day looking over their shoulders rather than driving forward on the power of their instincts. Instead of trial and error, they focus on avoiding error.[13]

This is exactly why it is important that policymakers not get too caught up in attempts to preemptively resolve every potential hypothetical worst case scenarios associated with AI technologies. The problem with that approach was succinctly summarized by the political scientist Aaron Wildavsky when he noted, “If you can do nothing without knowing first how it will turn out, you cannot do anything at all.”^[14] Or, as I have stated in a book on this topic, “living in constant fear of worst-case scenarios—and premising public policy on them—means that best-case scenarios will never come about.”[15]

This does not mean society should dismiss all concerns about the risks surrounding AI. Some technological risks do necessitate a degree of precautionary policy, but proportionality is crucial, notes Gabrielle Bauer, a Toronto-based medical writer. “Used too liberally,” she argues, “the precautionary principle can keep us stuck in a state of extreme risk-aversion, leading to cumbersome policies that weigh down our lives. To get to the good parts of life, we need to accept some risk.”[16] It is not enough to simply hypothesize that certain AI innovations might entail some risk. The critics need to prove it using risk analysis techniques that properly weigh both the potential costs and benefits.^[17] Moreover, when conducting such analyses, the full range of trade-offs associated with preemptive regulation must be evaluated. Again, where precautionary constraints might deny society life-enriching devices or services, those costs must be acknowledged.

Generally speaking, the most extreme precautionary controls should only be imposed when the potential harms in question are highly probable, tangible, immediate, irreversible, catastrophic, or directly threatening to life and limb in some fashion.^[18] In the context of AI and ML systems, it may be the case that such a test is satisfied already for law enforcement use of certain algorithmic profiling techniques. And that test is satisfied for so-called “killer robots,” or autonomous military technology.[19] These are often described as “existential risks.” The precautionary principle is the right default in these cases because it is abundantly clear how unrestricted use would have catastrophic consequences. For similar reasons, governments have long imposed comprehensive restrictions on certain types of weapons.[20] And although nuclear and chemical technologies have many important applications, their use must also be limited to some degree even outside of militaristic applications because they can pose grave danger if misused.

But the vast majority of AI-enabled technologies are not like this. Most innovations should not be treated the same a hand grenade or a ticking time bomb. In reality, most algorithmic failures will be more mundane and difficult to foresee in advance. By their very nature, algorithms are constantly evolving because programs and systems are being endlessly tweaked by designers to improve them. In his books on the evolution of engineering and systems design, Henry Petroski has noted that “the shortcomings of things are what drive their evolution.”[21] The normal state of things is “ubiquitous imperfection,” he notes, and it is precisely that reality that drives efforts to continuously innovate and iterate.[22]

Regulations rooted in the precautionary principle hope to preemptively find and address product imperfections before any harm comes from them. In reality, and as explained more below, it is only through ongoing experimentation that we find both the nature of failures and the knowledge to know how to correct them. As Petroski observes, “the history of engineering in general, may be told in its failures as well as in its triumphs. Success may be grand, but disappointment can often teach us more.”^[23] This is particularly true for complex algorithmic systems, where rapid-fire innovation and incessant iteration are the norm.

Importantly, the problem with precautionary regulation for AI is not just that it might be over-inclusive in seeking to regulate hypothetical problems that never develop. Precautionary regulation can also be under-inclusive by missing problematic behavior or harms that no one anticipated before the fact. Only experience and experimentation reveal certain problems.

In sum, we should not presume that there is a clear preemptive regulatory solution to every problem some people raise about AI, nor should we presume we can even accurately identify all such problems that might come about in the future. Moreover, some risks will never be eliminated entirely, meaning that risk mitigation is the wiser approach. This is why a more flexible bottom-up governance strategy focused on responsiveness and resiliency makes more sense than heavy-handed, top-down strategies that would only avoid risks by making future innovations extremely difficult if not impossible.

The “Proactionary Principle” is the Better Default for AI Policy

The previous section made it clear why the precautionary principle should generally not be used as our policy default if we hope to encourage the development of AI applications and services. What we need is a policy approach that:

• objectively evaluates the concerns raised about AI systems and applications;
• considers whether more flexible governance approaches might be available to address them; and,
• does so without resorting to the precautionary principle as a first-order response.

The proactionary principle is the better general policy default for AI because it satisfies these three objectives.[24] Philosopher Max More defines the proactionary principle as the idea that policymakers should, “[p]rotect the freedom to innovate and progress while thinking and planning intelligently for collateral effects.”^[25] There are different names for this same concept, including the innovation principle, which Daniel Castro and Michael McLaughlin of the Information Technology and Innovation Foundation say represents the belief that “the vast majority of new innovations are beneficial and pose little risk, so government should encourage them.”^[26] Permissionless innovation is another name for the same idea. Permissionless innovation refers to the idea that experimentation with new technologies and business models should generally be permitted by default.^[27]

What binds these concepts together is the belief that innovation should generally be treated as innocent until proven guilty. There will be risks and failures, of course, but the permissionless innovation mindset views them as important learning experiences. These experiences are chances for individuals, organizations, and all of society to make constant improvements through incessant experimentation with new and better ways of doing things.[28] As Virginia Postrel argued in her 1998 book, The Future and Its Enemies, progress demands “a decentralized, evolutionary process” and mindset in which mistakes are not viewed as permanent disasters but instead as “the correctable by-products of experimentation.”^[29] “No one wants to learn by mistakes,” Petroski once noted, “but we cannot learn enough from successes to go beyond the state of the art.”^[30] Instead we must realize, as other scholars have observed, that “[s]uccess is the culmination of many failures”^[31] and understand “failure as the natural consequence of risk and complexity.”^[32]

This is why the default for public policy for AI innovation should, whenever possible, be more green lights than red ones to allow for the maximum amount of trial-and-error experimentation, which encourages ongoing learning.[33] “Experimentation matters,” observes Stefan H. Thomke of the Harvard Business School, “because it fuels the discovery and creation of knowledge and thereby leads to the development and improvement of products, processes, systems, and organizations.”^[34]

Obviously, risks and mistakes are “the very things regulators inherently want to avoid,”^[35] but “if innovators fear they will be punished for every mistake,” Daniel Castro and Alan McQuinn argue, “then they will be much less assertive in trying to develop the next new thing.”^[36] And for all the reasons already stated, that would represent the end of progress because it would foreclose the learning process that allows society to discover new, better, and safer ways of doing things. Technology author Kevin Kelly puts it this way:

technologies must be evaluated in action, by action. We test them in labs, we try them out in prototypes, we use them in pilot programs, we adapt our expectations, we monitor their alterations, we redefine their aims as they are modified, we retest them given actual behavior, we re-direct them to new jobs when we are not happy with their outcomes.[37]

In other words, the proactionary principle appreciates the benefits that flow from learning by doing. The goal is to continuously assess and prioritize risks from natural and human-made systems alike, and then formulate and reformulate our toolkit of possible responses to those risks using the most practical and effective solutions available. This should make it clear that the proactionary approach is not synonymous with anarchy. Various laws, government bodies, and especially the courts play an important role in protecting rights, health, and order. But policies need to be formulated such that innovators and innovation are given the benefit of the doubt and risks are analyzed and addressed in a more flexible fashion.

Some of the most effective ways to address potential AI risks already exist in the form of “soft law” and decentralized governance solution. These will be discussed at greater length below. But existing legal remedies include various common law solutions (torts, class actions, contract law, etc), recall authority possessed by many regulatory agencies, and various consumer protection policies. Ex post remedies are generally superior to ex ante prior restraints if we hope to maximize innovation opportunities. Ex ante regulatory defaults are too often set closer to the red light of the precautionary principle and then enforced through volumes of convoluted red tape.

This is what the World Economic Forum has referred to as a “regulate-and-forget” system of governance,[38] or what others call a “build-and-freeze model” or regulation.[39] In such technological governance regimes, older rules are almost never revisited, even after new social, economic, and technical realities render them obsolete or ineffective.[40] A 2017 survey of U.S. Code of Regulations by Deloitte consultants revealed that 68 percent of federal regulations have never been updated and that 17 percent have only been updated once.^[41] Public policies for complex and fast-moving technologies like AI cannot be set in stone and forgotten like that if America hopes to remain on the cutting edge of this sector.

Advocates of the proactionary principle look to counter this problem not by eliminating all laws or agencies, but by bringing them in line with flexible governance principles rooted in more decentralized approaches to policy concerns.[42] As many regulatory advocates suggest, it is important to embed or “bake in” various ethical best practices into AI systems to ensure that they benefit humanity. But this, too, is a process of ongoing learning and there are many ways to accomplish such goals without derailing important technological advances. What is often referred to as “value alignment” or “ethically-aligned design” is challenged by the fact that humans regularly disagree profoundly about many moral issues.[43] “Before we can put our values into machines, we have to figure out how to make our values clear and consistent,” says Harvard University psychologist Joshua D. Greene.[44]

The “Three Laws of Robotics” famously formulated decades ago by Isaac Asimov in his science fiction stories continue to be widely discussed today as a guide to embedding ethics into machines.[45] They read:

1. A robot may not injure a human being or, through inaction, allow a human being to come to harm.
2. A robot must obey orders given it by human beings except where such orders would conflict with the First Law.
3. A robot must protect its own existence as long as such protection does not conflict with the First or Second Laws.

What is usually forgotten about these principles, as AI expert Melanie Mitchell reminds us, is the way Asimov, “often focused on the unintended consequences of programming ethical rules into robots,” and how he made it clear that, if applied too literally, “such a set of rules would inevitably fail.”[46]

This is why flexibility and humility are essential virtues when thinking about AI policy. The optimal governance regime for AI can be shaped by responsible innovation practices and embed important ethical principles by design without immediately defaulting to a rigid application of the precautionary principle.[47] In other words, an innovation policy regime rooted in the proactionary principle can also be infused with the same values that animate a precautionary principle-based system.[48] The difference is that the proactionary principle-based approach will look to achieve these goals in a more flexible fashion using a variety of experimental governance approaches and ex post legal enforcement options, while also encouraging still more innovation to solve problems past innovations may have caused.

To reiterate, not every AI risk is foreseeable, and many risks and harms are more amorphous or uncertain. In this sense, the wisest governance approach for AI was recently outlined by the National Institute of Standards and Technology (NIST) in its initial draft AI Risk Management Framework, which is a multistakeholder effort “to describe how the risks from AI-based systems differ from other domains and to encourage and equip many different stakeholders in AI to address those risks purposefully.”[49] NIST notes that the goal of the Framework is:

to be responsive to new risks as they emerge rather than enumerating all known risks in advance. This flexibility is particularly important where impacts are not easily foreseeable, and applications are evolving rapidly. While AI benefits and some AI risks are well-known, the AI community is only beginning to understand and classify incidents and scenarios that result in harm.[50]

This is a sensible framework for how to address AI risks because it makes it clear that it will be difficult to preemptively identify and address all potential AI risks. At the same time, there will be a continuing need to advance AI innovation while addressing AI-related harms. The key to striking that balance will be decentralized governance approaches and soft law techniques described below.

[Note: The subsequent sections of the study will detail how decentralized governance approaches and soft law techniques already are helping to address concerns about AI risks.]

Endnotes:

[1]     Adam Thierer, Permissionless Innovation: The Continuing Case for Comprehensive Technological Freedom, 2nd ed. (Arlington, VA: Mercatus Center at George Mason University, 2016): 1-6, 23-38; Adam Thierer, Evasive Entrepreneurs & the Future of Governance (Washington, DC: Cato Institute, 2020): 48-54.

[2]     “Wingspread Statement on the Precautionary Principle,” January 1998, https://www.gdrc.org/u-gov/precaution-3.html.

[3]     Cass R. Sunstein, Laws of Fear: Beyond the Precautionary Principle (Cambridge, UK: Cambridge University Press, 2005). (“The Precautionary Principle takes many forms. But in all of them, the animating idea is that regulators should take steps to protect against potential harms, even if causal chains are unclear and even if we do not know that those harms will come to fruition.”)

[4]     Henk van den Belt, “Debating the Precautionary Principle: ‘Guilty until Proven Innocent’ or ‘Innocent until Proven Guilty’?” Plant Physiology 132 (2003): 1124.

[5]     H.W. Lewis, Technological Risk (New York: WW. Norton & Co., 1990): x. (“The history of the human race would be dreary indeed if none of our forebears had ever been willing to accept risk in return for potential achievement.”)

[6]     Martin Rees, On the Future: Prospects for Humanity (Princeton, NJ: Princeton University Press, 2018): 136.

[7]     Adam Thierer, “Failing Better: What We Learn by Confronting Risk and Uncertainty,” in Sherzod Abdukadirov (ed.), Nudge Theory in Action: Behavioral Design in Policy and Markets (Palgrave Macmillan, 2016): 65-94.

[8]     Adam Thierer, “How to Get the Future We Were Promised,” Discourse, January 18, 2022, https://www.discoursemagazine.com/culture-and-society/2022/01/18/how-to-get-the-future-we-were-promised.

[9]     J. Storrs Hall, Where Is My Flying Car? (San Francisco: Stripe Press, 2021)

[10]    Derek Turner and Lauren Hartzell Nichols, “The Lack of Clarity in the Precautionary Principle,” Environmental Values, Vol 13, No. 4 (2004): 449.

[11]    William Rinehart, “Vetocracy, the Costs of Vetos and Inaction,” Center for Growth & Opportunity at Utah State University, March 24, 2022, https://www.thecgo.org/benchmark/vetocracy-the-costs-of-vetos-and-inaction; Adam Thierer, “Red Tape Reform is the Key to Building Again,” The Hill, April 28, 2022, https://thehill.com/opinion/finance/3470334-red-tape-reform-is-the-key-to-building-again.

[12]    Philip K. Howard, “Radically Simplify Law,” Cato Institute, Cato Online Forum, http://www.cato.org/publications/cato-online-forum/radically-simplify-law.

[13]    Ibid.

^[14]    Aaron Wildavsky, Searching for Safety (New Brunswick, NJ: Transaction Publishers, 1989): 38.

[15]    Thierer, Permissionless Innovation, at 2.

[16]    Gabrielle Bauer, “Danger: Caution Ahead,” The New Atlantis, February 4, 2022, https://www.thenewatlantis.com/publications/danger-caution-ahead.

[17]    Richard B. Belzer, “Risk Assessment, Safety Assessment, and the Estimation of Regulatory Benefits” (Mercatus Working Paper, Mercatus Center at George Mason University, Arlington, VA, 2012), 5, http://mercatus.org/publication/risk-assessment-safety-assessment-and-estimation-regulatory-benefits; John D. Graham and Jonathan Baert Wiener, eds. Risk vs. Risk: Tradeoffs in Protecting Health and the Environment, (Cambridge, MA: Harvard University Press, 1995).

[18]    Thierer, Permissionless Innovation, at 33-8.

[19]    Adam Satariano, Nick Cumming-Bruce and Rick Gladstone, “Killer Robots Aren’t Science Fiction. A Push to Ban Them Is Growing,” New York Times, December 17, 2021, https://www.nytimes.com/2021/12/17/world/robot-drone-ban.html.

[20]    Adam Thierer, “Soft Law: The Reconciliation of Permissionless & Responsible Innovation,” in Adam Thierer, Evasive Entrepreneurs & the Future of Governance (Washington, DC: Cato Institute, 2020): 183-240, https://www.mercatus.org/publications/technology-and-innovation/soft-law-reconciliation-permissionless-responsible-innovation.

[21]    Henry Petroski, The Evolution of Useful Things (New York: Vintage Books, 1994): 34.

[22]    Ibid., 27,

[23]    Henry Petroski, To Engineer is Human: The Role of Failure in Successful Design (New York: Vintage, 1992): 9.

[24]    James Lawson, These Are the Droids You’re Looking For: An Optimistic Vision for Artificial Intelligence, Automation and the Future of Work (London: Adam Smith Institute, 2020): 86, https://www.adamsmith.org/research/these-are-the-droids-youre-looking-for.

[25]    Max More, “The Proactionary Principle (March 2008),” Max More’s Strategic Philosophy, March 28, 2008, http://strategicphilosophy.blogspot.com/2008/03/proactionary-principle-march-2008.html.

[26]    Daniel Castro & Michael McLaughlin, “Ten Ways the Precautionary Principle Undermines Progress in Artificial Intelligence,” Information Technology and Innovation Foundation, February 4, 2019, https://itif.org/publications/2019/02/04/ten-ways-precautionary-principle-undermines-progress-artificial-intelligence.

[27]    Thierer, Permissionless Innovation.

[28]    Thierer, “Failing Better.”

[29]    Virginia Postrel, The Future and Its Enemies (New York: The Free Press, 1998): xiv.

[30]    Henry Petroski, To Engineer is Human: The Role of Failure in Successful Design (New York: Vintage, 1992): 62.

[31]    Kevin Ashton, How to Fly a Horse: The Secret History of Creation, Invention, and Discovery (New York: Doubleday, 2015): 67.

[32]    Megan McArdle, The Up Side of Down: Why Failing Well is the Key to Success (New York: Viking, 2014), 214.

[33]    F. A. Hayek, The Constitution of Liberty (London: Routledge, 1960, 1990): 81. (“Humiliating to human pride as it may be, we must recognize that the advance and even preservation of civilization are dependent upon a maximum of opportunity for accidents to happen.”)

[34]    Stefan H. Thomke, Experimentation Matters: Unlocking the Potential of New Technologies for Innovation (Harvard Business Review Press, 2003), 1.

[35]    Daniel Castro and Alan McQuinn, “How and When Regulators Should Intervene,” Information Technology and Innovation Foundation Reports, (February 2015): 2 http://www.itif.org/publications/how-and-when-regulators-should-intervene.

[36]    Ibid.

[37]    Kevin Kelly, “The Pro-Actionary Principle,” The Technium, November 11, 2008, https://kk.org/thetechnium/the-pro-actiona.

[38]    World Economic Forum, Agile Regulation for the Fourth Industrial Revolution (Geneva: Switzerland: 2020): 4, https://www.weforum.org/projects/agile-regulation-for-the-fourth-industrial-revolution.

[39]    Jordan Reimschisel and Adam Thierer, “’Build & Freeze’ Regulation Versus Iterative Innovation,” Plain Text, November 1, 2017, https://readplaintext.com/build-freeze-regulation-versus-iterative-innovation-8d5a8802e5da.

[40]    Adam Thierer, “Spring Cleaning for the Regulatory State,” AIER, May 23, 2019, https://www.aier.org/article/spring-cleaning-for-the-regulatory-state.

[41]    Daniel Byler, Beth Flores & Jason Lewris, “Using Advanced Analytics to Drive Regulatory Reform: Understanding Presidential Orders on Regulation Reform,” Deloitte, 2017, https://www2.deloitte.com/us/en/pages/public-sector/articles/advanced-analytics-federal-regulatory-reform.html.

[42]    Adam Thierer, Governing Emerging Technology in an Age of Policy Fragmentation and Disequilibrium, American Enterprise Institute (April 2022), https://platforms.aei.org/can-the-knowledge-gap-between-regulators-and-innovators-be-narrowed.

[43]    Brian Christian, The Alignment Problem: Machine Learning and Human Values (New York: W.W. Norton & Company, 2020).

[44]    Joshua D. Greene, “Our Driverless Dilemma,” Science (June 2016): 1515.

[45]    Susan Leigh Anderson, “Asimov’s ‘Three Laws of Robotics’ and Machine Metaethics,” AI and Society, Vol. 22, No. 4, (2008): 477-493.

[46]    Melanie Mitchell, Artificial Intelligence: A Guide for Thinking Humans (New York: Farrar, Straus and Giroux, 2019): 126 [Kindle edition.]

[47]    Thomas A. Hemphill, “The Innovation Governance Dilemma: Alternatives to the Precautionary Principle,” Technology in Society, Vol. 63 (2020): 6, https://ideas.repec.org/a/eee/teinso/v63y2020ics0160791x2030751x.html.

[48]    Adam Thierer, “Are ‘Permissionless Innovation’ and ‘Responsible Innovation’ Compatible?” Technology Liberation Front, July 12, 2017, https://techliberation.com/2017/07/12/are-permissionless-innovation-and-responsible-innovation-compatible.

[49]    The National Institute of Standards and Technology, “AI Risk Management Framework: Initial Draft,” (March 17, 2022): 1, https://www.nist.gov/itl/ai-risk-management-framework.

[50]    Ibid., at 5.

I’ve been working on a new book that explores the rise of evasive entrepreneurialism and technological civil disobedience in our modern world. Following the publication of my last book, Permissionless Innovation: The Continuing Case for Comprehensive Technological Freedom, people started bringing examples of evasive entrepreneurialism and technological civil disobedience to my attention and asked how they were related to the concept of permissionless innovation. As I started exploring and cataloging these cases studies, I realized I could probably write an entire book about these developments and their consequences.

Hopefully that book will be wrapped up shortly. In the meantime, I am going to start rolling out some short essays based on content from the book. To begin, I will state the general purpose of the book and define the key concepts discussed therein. In coming weeks and months, I’ll build on these themes, explain why they are on the rise, explore the effect they are having on society and technological governance efforts, and more fully develop some relevant case studies.

Key Concepts Defined

• Evasive entrepreneurs – Innovators who don’t always conform to social or legal norms.
• Regulatory entrepreneurs – Innovators who “are in the business of trying to change or shape the law” and are “strategically operating in a zone of questionable legality or breaking the law until they can (hopefully) change it.” (Pollman & Barry)
• Technologies of freedom – Devices and platforms that let citizens openly defy (or perhaps just ignore) public policies that limit their liberty or freedom to innovate.
• The “pacing problem” – The gap between the ever-expanding frontier of technological possibilities and the ability of governments to keep up with the pace of those changes.
• Technological civil disobedience – The technologically-enabled refusal of individuals, groups, or businesses to obey certain laws or regulations because they find them offensive, confusing, time-consuming, expensive, or perhaps just annoying and irrelevant.
• Innovation arbitrage – The movement of ideas, innovations, or operations to those jurisdictions that provide a legal and regulatory environment more hospitable to entrepreneurial activity. It can also be thought of as a form of “jurisdictional shopping” and can be facilitated by “competitive federalism.”
• Permissionless innovation – As a general concept, it refers to Rear Admiral Grace Hopper’s notion that quite often, “It’s easier to ask forgiveness than it is to get permission.” As a policy vision, it refers to the idea that experimentation with new technologies and business models should generally be permitted by default. Permissionless innovation comes down to a general acceptance of change and risk-taking.

Themes of the Book

The book documents how evasive entrepreneurs are using new technological capabilities to circumvent traditional regulatory systems, or at least put pressure on public policymakers to reform or selectively enforce laws and regulation that are outmoded, inefficient, or illogical. Evasive entrepreneurs pursue a strategy of “permissionless innovation” in both the business world and the political arena.  In essence, they live out the adage that, “it is easier to ask forgiveness than it is to get permission” by creating new products and services without necessarily receiving the blessing of public officials before doing so.

Evasive entrepreneurs are taking advantage of the growth of various technologies of freedom and the corresponding “pacing problem” to create new goods and services or just decide how to live a life of their own choosing. We can think of this phenomenon as “technological civil disobedience.” The technologies of freedom that facilitate this sort of civil disobedience include common tools like smartphones, ubiquitous computing, and various new media platforms, as well as more specialized technologies like cryptocurrencies and blockchain-based services, private drones, immersive tech (like virtual reality), 3D printers, the “Internet of Things,” and sharing economy platforms and services. But that list just scratches the surface.

When innovators and consumers use new tools and technological capabilities to pursue a living, enjoy new experiences, or enhance their lives and the lives of others, they often disrupt legal or social norms in the process. While that can raise serious legal and ethical concerns, evasive entrepreneurialism and technological civil disobedience can have positive upsides for society by:

• expanding the range of life-enriching—and even life-saving—innovations available to society;
• helping citizens pursue a life of their own choosing—both as creators looking for the freedom to earn a living, and as consumers looking to discover and enjoy important new goods and services; and,
• providing a meaningful, ongoing check on government policies and programs that all too often have outlived their usefulness or simply defy common sense.

For those reasons, my book will argue that we should accept—and often even embrace—a certain amount of evasive entrepreneurialism and technological civil disobedience. I am particularly excited by the last point. In an age when many of the constitutional limitations on government power are being ignored or unenforced, innovation itself can act as a powerful check on the power of the state and help serve as a protector of important human liberties. Over the past century, both legislative and judicial “checks and balances” in the United States have been eroded to the point where they now exist mostly in name only. While we should never abandon efforts to use democratic and constitutional means of limiting state power—especially in the courts, where meaningful reforms are still possible—the ongoing evolution of technology can provide another way of keeping governments in line by forcing public officials to constrain their worse tendencies and undo past mistakes. If they fail to, they risk losing the allegiance of their more technologically-empowered citizenry.

But evasive entrepreneurialism and technological civil disobedience can have serious downsides, too. We should explore how to address the challenges associated with this more turbulent and sometimes dangerous world. In doing so, however, technological critics and public policymakers should also appreciate how once any particular innovation genie is out of its bottle, it will be increasingly difficult to stuff it back in. Worse yet, attempts to do so can often result in a “compliance paradox,” in which tighter rules lead to increased legal evasion and intractable enforcement challenges. Thus, more flexible and adaptive technological governance mechanisms will be needed.

In coming essays, I will discuss some prominent examples of these trends that are developed at length in my book, I will also do a deeper dive into some of the interesting ways governments are responding to these developments using what Phil Weiser refers to as “entrepreneurial administration,” or what others call “soft law” mechanisms. As Weiser notes, “[t]he traditional model of regulation is coming under strain in the face of increasing globalization and technological change,” and, therefore, governments must think and act differently than they did in the past. And they are already doing so. Even in an age of expanding evasive entrepreneurialism and technological civil disobedience, governments can shape the evolution of technology. But that cannot be done using the previous era’s technocratic, overly-bureaucratic, and top-down regulatory playbook. New policies and procedures will be needed for a new era.

The recently enacted Stop Enabling Sex Trafficking Act (SESTA) has many problems including that it doesn’t achieve its stated purpose of stopping sex trafficking . It contains a retroactivity clause that appears facially unconstitutional , but this provision would likely be severable by courts if used as the sole basis of a legal challenge. Perhaps more concerning are the potential First Amendment violations of the law.

These concerns go far beyond the rights of websites as speakers, but to the individual users’ content generation. Promoting sex trafficking is already a crime and a lawful restraint on speech. Websites, however, have acted broadly and quickly due to concerns of their new liability under the law and as a result lawful speech has also been stifled.

Given the controversial nature of the law it seems likely that a legal challenge is forthcoming. Here are three ideas about what a First Amendment challenge to the law might look like.

SESTA and Users’ Free Speech Rights

SESTA impacts individual users’ speech rights. As Elizabeth Nolan Brown writes, the law will create a chilling effect that could result in harming the very victims it claims to protect and could lead to further marginalizing minority viewpoints.

Despite their increasing presence and role in our everyday lives, Internet intermediaries, such as social media, are not public forums, but rather private actors. The recent Praeger case in California against YouTube has reinforced this point. As a result, they may choose to limit speech or actions in accord with terms of service or other policies.  Some would argue that moderation decision made in consideration of liability by these private actors do not constitute a violation of speech rights, but rather merely a modification of existing terms of service. However, this ignores both the chilling effects of such regulations and the fact that speech that would not be a violation of terms is likely to be removed as a result of broad interpretations of SESTA.

In the landmark case Reno v. ACLU , the Supreme Court recognized the problem of censoring online speech. In striking down the parts of the Communications Decency Act (CDA) other than Section 230’s liability protection, the Court stated, “[T]he CDA effectively suppresses a large amount of speech that adults have a constitutional right to receive and to address to one another. That burden on adult speech is unacceptable if less restrictive alternatives would be at least as effective in achieving the legitimate purpose that the statute was enacted to serve.” The results of SESTA have been a swift suppression of certain speech online and not just sex trafficking.

For example, Craigslist removed its entire personal section in response to the passage of SESTA. Ads that in no way could be considered a violation of either the terms of service or sex trafficking under federal laws were removed along with any potentially violative ads. Similarly, sex workers have expressed concerns sharing client information as a way to keep one another safe would be impossible under the statute as passed. Removing all this information also makes it more difficult for individuals trying  to help identify trafficking victims and facilitate their escape to find and assist victims and investigators. All of this information is lawful speech that will be either considered illegal or effectively eliminated by unnecessary burdens intermediaries must take to protect themselves from both criminal and civil liability.

The courts have generally favored allowing to disallowing speech. While minimal limits regarding time, manner, and place have been upheld in some cases and courts have found the state may regulate obscenity, speech restrictions are generally subject to strict scrutiny and must be narrowly tailored. SESTA uses broad definitions to classify what is considered sex trafficking and is likely to include both voluntary and involuntary interactions. Similarly the fact that the “participation in a venture” standard appears to set a low bar for an intermediary encourages an act first, question second behavior similar to that which has failed for the DMCA . To prevent liability under the statute, intermediaries must either increase moderation or cease moderating altogether. It is almost certain that lawful speech will regularly be caught up in such extreme moderation.

Finally, there are the concerns that chipping away at Section 230 liability opens the doors to broader Internet censorship . The Internet has been a stronghold of Free Speech where any idea can be expressed while well-intentioned laws like SESTA risk encouraging the idea that controversial or disliked speech can be censored.

Defining Intermediaries’ Editorial Control

Prior to Section 230 in Cubby v. Compuserve , the federal district court for the Southern District of New York found that Internet intermediaries act more like a distributor such as a bookstore or library than a traditional publisher. As a result, they have less control over the content created and distributed by their services than an editor or publisher would. Therefore, at common law, the intermediaries were found to have less liability for defamation or obscenity than a traditional publisher. This liability increases or decreases depending on the intermediary’s involvement with user generated content. Intermediaries who create or modify content are not acting as intermediaries and may be held liable if such content is illegal, such as sex-trafficking related content, even prior to SESTA.

The First Amendment Rights of Intermediaries

Intermediaries have free speech rights too. They may choose content to restrict or not restrict. Curation of content has been found to be protected as a form of speech for intermediaries such as search engines by several U.S. courts. In the pre-Internet Smith v. California case, the Supreme Court struck down the application of strict liability for obscene materials of a bookstore.  The court found that the lack of a knowledge requirement for criminal liability to attach was unconstitutional. SESTA requires knowledge but is vague regarding what knowledge an intermediary must have to be considered a participant in such a venture. Additionally, it gives broad power to state attorneys general to conduct investigation or take action with mere reasonable suspicion of a violation. One potential challenge would be whether the lack of a Good Samaritan clause and the vagueness regarding what constitutes knowledge in the statute violates the standards set in Smith .  Combined with the apparent protections of speech rights for intermediaries in the decisions to curate content, it may be possible for the intermediaries themselves to mount a First Amendment challenge.

Conclusion

SESTA has now become law, but it is almost certain it will face a constitutional challenge from users whose content was blocked or the intermediaries themselves on First Amendment grounds. In the past the courts have recognized the importance of maintaining free expression and a wide range of discourse online even when such content may be objectionable to many, one can only hope they would continue that line of thought if SESTA faces a First Amendment challenge.

By Adam Thierer and Jennifer Huddleston Skees

There was horrible news from Tempe, Arizona this week as a pedestrian was struck and killed by a driverless car owned by Uber. This is the first fatality of its type and is drawing widespread media attention as a result. According to both police statements and Uber itself, the investigation into the accident is ongoing and Uber is assisting in the investigation. While this certainly is a tragic event, we cannot let it cost us the life-saving potential of autonomous vehicles.

While any fatal traffic accident involving a driverless car is certainly sad, we can’t ignore the fact that each and every day in the United States letting human beings drive on public roads is proving far more dangerous. This single event has led some critics to wonder why we were allowing driverless cars to be tested on public roads at all before they have been proven to be 100% safe. Driverless cars can help reverse a public health disaster decades in the making, but only if policymakers allow real-world experimentation to continue.

Let’s be more concrete about this: Each day, Americans take 1.1 billion trips driving 11 billion miles in vehicles that weigh on average between 1.5 and 2 tons. Sadly, about 100 people die  and over 6,000 are injured each day in car accidents. 94% of these accidents have been shown to be attributable to human error and this deadly trend has been increasing as we become more distracted while driving. Moreover, according to the Center for Disease Control and Prevention, almost 6000 pedestrians were killed in traffic accidents in 2016, which means there was roughly one crash-related pedestrian death every 1.6 hours. In Arizona, the issue is even more pronounced with the state ranked 6^th worst for pedestrians and the Phoenix area ranked the 16^th worst metro for such accidents nationally.

No matter how concerned the public is about the idea of autonomous vehicles on our roadways, one thing should be abundantly clear: Automated technologies can be part of the solution to the harms of our almost 100 year experiment with human drivers behind the wheel of a car. The algorithms behind self-driving cars don’t get drunk, drowsy, or distracted. Unfortunately, humans do those things with great regularity and the only way for autonomous vehicles to truly understand how to deal with idiosyncrasies and irrationalities of human drivers is to interact with them in the “real world.” Every time a human driver gets behind a wheel for a drive, therefore, an “experiment” of sorts is underway and we’ve seen the results of our human driven “experiments” on public roads far too often have catastrophic results.

Because these human-caused accidents are so common, they don’t make headlines. While as high as 83% of people admit they are concerned about safety when driving, the aggregate death toll is so large that the numbers aren’t as easy to “humanize” when crashes occur unless they involve people or places we know. As a result, we don’t heed the warnings and continue to engage in risky behavior by choosing to drive every day.  But precisely because this week’s driverless car-related death in Arizona is so unique and rare, it is making major news. If we turn a blind eye to all the lives lost due to human error while focusing on the rare occurrence of this one driverless car fatality, we risk many more lives in the long run.

But what should be done when accidents or deaths occur and autonomous cars are involved?

First, we can dispense with the notion that driverless cars are completely unregulated. Anytime these vehicles are operating on public roadways, they still must comply with traffic and safety laws. Driverless cars are programmed to operate in compliance with those laws and will be far more likely to do so than human operators. In fact, the concern is not that the cars won’t follow the traffic laws, but how they will interact with humans’ lawlessness and our misguided reactions to them.

Second, when accidents, like the one in Arizona this week do occur, courts are equipped to handle legal claims. This is how we have handled human-created accidents for decades, and there is no reason to believe that the common law and courts can’t evolve to handle new technology-created problems, too. The courts have an existing toolkit for handling both defective products and individual liability or bad actors. Some manufacturers have even publicly stated they will accept liability if it is shown that the technology behind the autonomous vehicle caused the accident. Courts have been able to apportion fault and deal with the specifics of particular without the need to completely overhaul the common law for a variety of new technologies throughout history. It would be misguided to assume the courts could not determine the true cause of an accident when it involved an autonomous vehicle when the courts have been dealing with increasingly sophisticated products in a variety of fields for years.

Third, driverless car innovators are currently working together, and with government officials, to address the safety and security of these technologies. In both the Obama and current Trump Administrations, an open, collaborative effort has been underway to sketch out sensible safety and security policies while also making sure to keep the innovation moving forward in this field. These conversations have resulted in guidance from the Department of Transportation that is flexible enough to adapt to the emerging technology while still promoting safe development and deployment.  This flexible approach is the smart path forward insuring that we don’t let overly precautionary concerns prevent technology that could save many, many more lives.

The most effective way to achieve significant auto safety gains is to make sure experimentation with new and better automotive technologies continues. That cannot all happen in a closed lab setting that is stifled by heavy-handed regulation at every juncture. We need driverless cars on the roadways now more than ever precisely because those machines will need to learn to anticipate and correct for the many real-world scenarios that human drivers struggle with every day.

Any loss of human life is a tragedy. But we cannot let a rare incident cost us the long-term potential life-saving technology of autonomous vehicles. We also must not rush to conclusions that technology was at fault before knowing all the facts of any particular situation. While Uber has temporarily halted its technology trials, this tragic accident should be looked at as a rarity we can learn from rather than a reason to stop moving forward.

The success of the Internet and the modern digital economy was due to its open, generative nature, driven by the ethos of “permissionless innovation.” A “light-touch” policy regime helped make this possible. Of particular legal importance was the immunization of online intermediaries from punishing forms of liability associated with the actions of third parties.

As “software eats the world” and the digital revolution extends its reach to the physical world, policymakers should extend similar legal protections to other “generative” tools and platforms, such as robotics, 3D printing, and virtual reality.

In other words, we need a Section 230 for the “maker” movement.

The Internet’s Most Important Law

Today’s vibrant Internet ecosystem likely would not exist without “Section 230” (47 U.S.C. § 230) of the Telecommunications Act of 1996. That law, which recently celebrated its 20^th anniversary, immunized online intermediaries from onerous civil liability for the content and communications that travelled over their electronic networks.

The immunities granted by Section 230 let online speech and commerce flow freely, without the constant threat of legal action or onerous liability looming overhead for digital platforms. Without the law, many of today’s most popular online sites and services might have been hit with huge lawsuits for the content and commerce that some didn’t approve of on their platforms. It is unlikely that as many of them would have survived if not for Section 230’s protections.

For example, sites such as eBay, Facebook, Wikipedia, Angie’s List, Yelp, and YouTube all depend on Section 230 immunities to shield them from potentially punishing liability for the content that average Americans post to those sites. But Section 230 protects countless small sites and services just as much as those larger platforms and it has been an extraordinary boon to online commerce and speech.

Extending Immunities to Other General-Purpose Technologies: 3 Models

To foster generativity and permissionless innovation for the next wave of tech entrepreneurs, it may be necessary to immunize some intermediaries (i.e., platform providers or device manufacturers) from punishing forms of liability, or at least to limit liability in some fashion to avoid the chilling effect that excessive litigation can have on life-enriching innovation. Specifically, they should be immunized from liability associated with the ways third-parties use their platforms or devices to speak, experiment, or innovate.

“The past ten years have been about discovering new ways to create, invent, and work together on the Web,” noted Chris Anderson in his book Makers: The New Industrial Revolution. “The next ten years will be about applying those lessons to the real world.” But that can only happen if we get public policy right.

Thus, the creators of newer general-purpose technologies may need to receive certain limited immunizations from liability for the ways third-parties use their devices. If troublemakers use general-purpose technologies to do harm—i.e., cybersecurity violations, privacy invasions, copyright infringement, etc.—it is almost always more sensible to hold those problematic users directly accountable for their actions.

The other approach—holding those intermediaries accountable for the actions of third parties—will discourage innovators from creating vibrant, open platforms and devices that could facilitate new types of speech and commerce. Therefore, an embrace of permissionless innovation requires a rejection of such middleman deputization schemes.

There are three different existing immunity models we might consider applying to emerging general-purpose technologies.

Model #1: Section 230 & online services

The first model, of course, is Section 230 itself.  Section 230 stipulated that it is the policy of the United States “to promote the continued development of the Internet and other interactive computer services and other interactive media,” and “to preserve the vibrant and competitive free market that presently exists for the Internet and other interactive computer services, unfettered by Federal or State regulation.” To accomplish that, the law made it clear that, “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.”

Since implementation of Section 230 two decades ago, courts have generally read this immunity fairly broadly, so much so that some critics have argued that 230’s scope has been enlarged well beyond congressional intent. Even if that is true, I believe that has been a net positive (excuse the pun) and that it is not only wise to preserve that sweeping immunity but extend it to other technologies and sectors.

Model #2: Firearm manufacturing

Another immunization model can be found in the Protection of Lawful Commerce in Arms Act of 2005 (Pub. L. No. 109-92, 119 Stat. 2095). Although “lawsuits alleging negligent distribution plagued the firearm industry until 2005,” the Protection of Lawful Commerce in Arms Act “effectively ended the ‘gun tort’ era,” notes Peter Jensen-Haxel. The law did so by granting gun manufacturers immunities for such legal actions. (It would seem that, by extension, those who use 3D printers to create firearms will also be immunized from civil actions.)

Importantly, unlike Section 230, which provided broad immunity by default to all online platforms, the Protection of Lawful Commerce in Arms Act applied to manufactures/sellers that fit into the certain qualifications (i.e., they get immunity if they comply with certain licensing rules, record keeping requirements, etc.). This tension between broad versus targeted immunity will become the subject of debate for emerging general-purpose technologies as scholars and policymakers contemplate optimal default liability rules.

Model #3: Vaccines

A final legal immunization model comes, ironically, from the world of medical immunizations. As part of the National Childhood Vaccine Injury Act of 1986 (42 U.S.C. §§ 300aa-1 to 300aa-34), Congress created The National Vaccine Injury Compensation Program, “after lawsuits against vaccine companies and health care providers threatened to cause vaccine shortages and reduce U.S. vaccination rates, which could have caused a resurgence of vaccine preventable diseases.”

As described by the U.S. Department of Health and Human Services, the program, “is a no-fault alternative to the traditional legal system for resolving vaccine injury petitions.” Thus, those suffering injuries from vaccines are able to seek compensation from this program instead of having to sue vaccine companies.

As Avery Johnson of the Wall Street Journal noted in 2009 article about the program, “A spate of lawsuits against vaccine makers in the 1970s and 1980s had caused dozens of companies to get out of the low-profit business, creating a public-health scare. The strategy worked and the public health implications have been sizable. Vaccines have driven huge reductions — and in the case of smallpox, for instance, complete eradications — of major childhood diseases.”

This model is obviously very different than Section 230 and the Protection of Lawful Commerce in Arms Act in that it includes a government-created compensation fund provided as an alternative to civil lawsuit remedies. In all likelihood, such a compensation fund would not be necessary for new general-purpose “maker” technologies or sectors.

Nonetheless, this model could, perhaps, have some relevance for certain narrow classes of those technologies. For example, 3D-printed medical devices might be one area where it would make sense to exempt from liability the creators of 3D printers and the platforms over which 3D printer blueprints are distributed. But if there is significant resulting harm from some of those devices or plans, it remains unclear how compensation would work and who would be picking up the tab for it. The National Vaccine Injury Compensation Program offers one potential answer, although it may not be wise to craft such a consumer-funded or taxpayer-supported program for other reasons. Even if creating a government-run compensation fund was eventually seen as a good idea, we cannot determine how big the fund should be until some actual harms occur.

Three Sectors to Cover

Next, we should consider which sectors or technologies should be eligible for such immunities.

I wish it was possible to craft some sort of “General-Purpose Technology Immunization Act” that would shield such platforms and technologies from onerous liability associated with third-party uses. Realistically, however, it is not likely such a broad-based regime could achieve political traction. There would just be too many opposing forces. Moreover, there may be some unique distinctions between technologies and sectors which necessitate specialized legal regimes.

In any event, I believe a good case can be made for adopting some sort of legal immunity regime for three specific technologies: Robotics, 3D printing, and immersive technology (i.e., virtual reality and augmented reality).

Robotics

Ryan Calo, professor of law at the University of Washington School of Law, has done important work on the law of robotics and he has suggested that such legal immunities may need to be extended to this field. In his 2011 Maryland Law Review article on “Open Robotics,” Calo made his case as follows:

To preempt a clampdown on robot functionality, Congress should consider immunizing manufacturers of open robotic platforms from lawsuits for the repercussions of leaving robots open.  Specifically, consumers and other injured parties should not be able to sue roboticists, much less recover damages, where the injury resulted from one of the following: (1) the use to which the consumer decided to put the robot, no matter how tame or mundane; (2) the nonproprietary software the consumer decided to run on the robot; or (3) the consumer’s decision to alter the robot physically by adding or changing hardware. This immunity would include lawful and unlawful uses of the robot. (p. 134) . . . The immunity I propose is selective: Manufacturers of open robots would not escape liability altogether. For instance, if the consumer runs the manufacturer’s software and the hardware remains unmodified, or if it can be shown that the damage at issue was caused entirely by negligent platform design, then recovery should be possible. The immunity I propose only applies in those instances where it is clear that the robot was under the control of the consumer, a third party software, or otherwise the result of end-user modification. Because this issue will not always be easy to prove, we should expect litigation at the margins. I am thus arguing for a compromise position: A presumption against suit unless the plaintiff can show the problem was clearly related to the platform’s design. (p. 136)

I find this entirely convincing and I also believe Calo is wise to begin with robotics as the first target for such legal immunization because such technologies are already being widely manufactured and deployed today.

These liability questions are already being widely debated, for example, in the field of autonomous systems and driverless cars in particular. I’d like to believe that the common law would sort out these things fairly quickly and that an efficient liability regime would emerge from autonomous technologies in short order.

Alas, because America lacks a “loser pays” rule, a perverse incentive exists for overly-zealous trial lawyers to file an avalanche of lawsuits at the first sign of any problem. This could significantly hamper the development of autonomous technologies, which have the potential to immediately decrease the staggering death toll associated with human error behind the wheel. Therefore, it may be necessary for Congress to craft some sort of limited immunity regime for autonomous technology makers to ensure that the development of these potential life-saving technologies is not discouraged by the looming threat of perpetual litigation.

3D Printing

3D printing would be my second choice for a general-purpose technology that should be covered by some sort of intermediary immunity model.

In a forthcoming law review article for the Minnesota Journal of Law, Science & Technology, Adam Marcus and I argue that “the manufacturers of 3D printing devices and the website operators hosting blueprints for 3D-printed objects may need to be protected from liability to avoid chilling innovation. In this sense, a ‘Section 230 for 3D printing’ might be needed.”

We discuss three specific ways that 3D printers could be used by third-parties in such a way that existing laws or regulations are implicated and someone might seek to bring action against the manufacturers of 3D printers or 3D printing marketplaces, like Shapeways or Thingiverse. These cases involve things like 3D-printed prosthetics, which could raise policy concerns at the Food and Drug Administration, and 3D-printed toys or sculptures, which could present intellectual property issues.

But perhaps the most interesting case study for liability purposes will be 3D-printed firearms, which are already raising a great deal of controversy. Marcus and I argue, once again, that “the proper focus of regulation should remain on the user and uses of firearms, regardless of how they are manufactured.” And because, as already noted, the Protection of Lawful Commerce in Arms Act immunizes gun manufacturers from legal liability for third-party actions, it would seem logical that the law’s protections would extend to 3D-printed firearms. Moreover, Section 230 itself (and perhaps also the First Amendment) might also apply to 3D printing design schematics that appear on various websites or 3D printing marketplaces.

Generally speaking, Marcus and I argue, “imposing liability on third parties—sites hosting schematics, search engines, and manufacturers of devices—seems neither workable nor wise. There exists a broad spectrum of general-purpose technologies that can be used to facilitate criminal activity,” we note, such as cars, computers, or paper printers. But we don’t blame those intermediaries when those technologies are used by third parties in criminal acts. The same principle should apply to 3D printers.

Things get more complicated when intellectual property issues are brought into the debate. In an important 2014 article, “Patents, Meet Napster: 3D Printing and the Digitization of Things,” Deven R. Desai and Gerard N. Magliocca sketched out the potential case for some sort of limited immunity as it pertains to patent infringement and 3D printing. “An obstacle to the growth of 3D printing that Congress should consider addressing is that individuals who engage in that activity are strictly liable if they infringe a patent,” they note, but they continue on to add that:

Exempting personal 3D printing from patent infringement without undermining other aspects of the regulatory scheme will not be easy. It would not be a good idea for Congress to create a fair use exception for all patents or make infringement an intentional tort, as those changes would sweep too far. Targeting 3D printing itself is a possibility, but in that case the legislation would have to distinguish between personal and commercial activity, as there is no rationale for saying that all 3D printing leading to patent infringement, including what Fortune 500 firms do, should be permitted. Drawing that kind of line with a substantive legal standard, though, will generate years of litigation and may not effectively separate the good from the bad. One alternative, should Congress opt to give personal 3D printing some immunity, would be to set a relatively high minimum amount-in-controversy for federal jurisdiction over any [patent] infringement claims involving this technology. (p. 1717)

Getting this balance right will be tricky, yet essential. “Patent law and industries that rely on patents will have to adapt to this new environment or face potential obsolescence,” Desai and Magliocca correctly conclude.

Immersive Technology

A final sector we might eventually want to apply some sort of intermediary immunity model to is immersive technology. “Immersive technology” refers to services that currently utilize wearable devices (such as a head-mounted display or headset) to let users explore virtual worlds, virtual objects, or hologram-like projections. Immersive technology can be separated into two different, but related groups: virtual reality (VR) and augmented reality (AR).

These technologies are still in the cradle, but many companies are already developing VR and AR technologies for both entertainment and professional uses. As they gain more widespread usage, immersive technologies could raise some policy issues, including concerns about privacy, intellectual property (ex: who owns certain “experiences”), and potentially even worries about distraction and addiction.

It would not be surprising, therefore, if some critics begin advocating greater regulation of, or liability for, VR and AR intermediaries. If that happens, policymakers will need to consider immunizing them from the threat of lawsuits or else innovation will die in these sectors.

Conclusion

Following the general logic of permissionless innovation, and understanding the importance of keeping intermediaries free of punishing liability for what others might do with their general-purpose technologies and platforms, the proper focus of regulation should remain on the user and uses of those technologies.

Accordingly, policymakers should craft a “Section 230 for the maker movement” by adopting legal protections for robotics, 3D printing, and immersive technology. At the same time, we should seek out better solutions—legal and otherwise—to the old problems that might persist or new ones that might come about due to the use of these new devices and platforms. But we should not let hypothetical worst-case scenarios and concerns about future technologies lead us down a path where intermediaries are “deputized” or hit with punishing liability for downstream actions by third parties.

Note#1 : This is a preliminary sketch of a law review article I would eventually like to write entitled, “A Section 230 for the “Makers” Movement: Extending Section 230 Immunities to Robotics, 3D Printing & Virtual Reality.” Toward that end, I welcome suggestions for (a) which general-purpose technologies deserve some sort of immunization, and also (b) what other legal immunity regimes exist that we could learn from. Please forward any ideas you might have along to me.

Note #2: My thanks to Adam Marcus and Christopher Koopman for their helpful suggestions on this essay.

As I noted here a few days ago, the Federal Communications Commission held a workshop on Tuesday about “Speech, Democratic Engagement, and the Open Internet.”  It was a shockingly one-sided affair with the deck being stacked almost entirely in favor of advocates of Net neutrality regulation. Worse yet, those advocates shamelessly made up spooky stories about a future of “private censorship” that could only be remedied by using the First Amendment as a club to beat private players into submission. The token opposition at this Chicken Little circus was Robert Corn-Revere, a Partner at the law firm of Davis Wright Tremaine LLP in Washington, D.C.   Bob set the record straight–both in terms of baseless accusations that were flying that day as well as the revisionist histories of the First Amendment that were being put forward. I’m happy to report that Bob allowed PFF to reprint his remarks as a new white paper entitled, “The First Amendment, the Internet & Net Neutrality: Be Careful What You Wish For.”

In his essay, Corn-Revere discusses the relationship between the First Amendment and regulatory policy, particularly the treatment of new communications technologies, and he warns that government regulation of broadband networks could “provide the vehicle for advancing new First Amendment theories for media regulation” and online speech and expression more generally.  “It should not be forgotten,” he argues, “that the federal government’s initial impulse was to censor the Internet and to subject it to a far lower level of First Amendment protection. It pursued this agenda for more than a decade but was blocked by a series of First Amendment rulings.”  The Communications Decency Act and the Child Online Protection Act are just two notable examples. Luckily, the courts determined that “the open Internet would be at great risk if the government is allowed to exercise such power,” he notes, and they struck down such laws.

But we must be vigilant in defending our free speech rights, Corn-Revere warns. He notes that, “the constitutional ramifications of the network neutrality debate extend far beyond the question of whether the FCC should or should not adopt a given set of rules. On a doctrinal level the question is whether technological convergence should also lead to regulatory convergence, where the least common denominator of First Amendment protection becomes the governing rule.”

“The First Amendment, the Internet & Net Neutrality: Be Careful What You Wish For” is available on the PFF website and can also be viewed down below in a Scribd document reader. I want to also recommend that everyone take a look at the brief remarks that FCC Commissioner Robert McDowell delivered at the opening of that FCC event that Corn-Revere spoke at. “Efforts to advance ‘First Amendment values’ through additional government regulation risks turning over two hundred years of First Amendment jurisprudence on its head,” McDowell rightly argued. And that’s also consistent with the outstanding address delivered last week by Kyle McSlarrow, President & CEO of the National Cable & Telecommunications Association, on the same issue, in which he correctly noted that, “the First Amendment is framed as a shield for citizens, not a sword for government.” “By its plain terms and history, the First Amendment is a limitation on government power, not an empowerment of government,” McSlarrow said.

Thank God a few people in this town are still taking a stand for the real First Amendment.

Robert Corn-Revere Remarks at FCC Workshop on Speech and Democracy http://d1.scribdassets.com/ScribdViewer.swf?document_id=24208240&access_key=key-2h2o9rho7g9qr414utqi&page=1&version=1&viewMode=list

In an earlier post, I mentioned an important new online child safety task force report that has just been released from the “Point Smart. Click Safe.” Blue Ribbon Working Group. It’s a great report and I encourage you to read the whole thing. It was my great pleasure to serve on this task force, and as we started finalizing our conclusions and recommendations, I started thinking about how much of what we were finding and recommending was consistent with what past online safety task forces had also concluded.

By way of background, over the past decade, five major online safety task forces or blue ribbon commissions have been convened to study online safety issues. Two of these task forces were convened in the United States and issued reports in 2000 (“COPA Commission”) and 2002 (“Thornburgh Commission“). Another was commissioned by the British government in 2007 and issued in a major report in March 2008 (“Byron Review“). Finally, two additional online safety task forces were formed in the U.S. in 2008 and concluded their work, respectively, in January (“Internet Safety Technical Task Force“) and July (“Point Smart. Click Safe.“) of 2009. [And yet another task force — the Online Safety Technology Working Group — was recently formed and has now gotten underway.]

In a new PFF white paper, ” Five Online Safety Task Forces Agree: Education, Empowerment & Self-Regulation Are the Answer,” I walk through a chronological summary of each of these past task forces [click on covers of each report below to read them in their entirety] and highlight some of the similar themes and recommendations from them.

Altogether, these five task forces heard from hundreds of experts and produced thousands of pages of testimony and reports on a wide variety of issues related to online child safety. While each of these task forces had different origins and unique membership, what is striking about them is the general unanimity of their conclusions. Among the common themes or recommendations of these five task forces:

• Education is the primary solution to most online child safety concerns. These task forces consistently stressed the importance of media literacy, awareness-building efforts, public service announcements, targeted intervention techniques, and better mentoring and parenting strategies.
• There is no single “silver-bullet” solution or technological “quick-fix” to child safety concerns. That is especially the case in light of the rapid pace of change in the digital world.
• Empowering parents and guardians with a diverse array of tools, however, can help families, caretakers, and schools to exercise more control over online content and communications.
• Technological tools and parental controls are most effective as part of a “layered” approach to child safety that views them as one of many strategies or solutions.
• The best technical control measures are those that work in tandem with educational strategies and approaches to better guide and mentor children to make wise choices. Thus, technical solutions can supplement, but can never supplant, the educational and mentoring role.
• Industry should formulate best practices and self-regulatory systems to empower users with more information and tools so they can make appropriate decisions for themselves and their families. And those best practices, which often take the form of an industry code of conduct or default control settings, should constantly be refined to take into account new social concerns, cultural norms, and technological developments.
• Government should avoid inflexible, top-down technological mandates. Instead, policymakers should focus on encouraging collaborative, multifaceted, multi-stakeholder initiatives and approaches to enhance online safety. Additional resources for education and awareness-building efforts are also crucial. Finally, governments should ensure appropriate penalties are in place to punish serious crimes against children and also make sure law enforcement agencies have adequate resources to police crimes and punish wrong-doers.

The consistency of these findings from those five previous task forces is important and it should guide future discussions among policymakers, the press, and the general public regarding online child safety.  As I note in the paper, the findings are particularly relevant today since Congress and the Obama Administration — including 3 federal agencies (NTIA, FCC, & FTC) are actively studying these issues. So, in light of all that, I hope this short paper can shed some light on the collective wisdom of the past task forces. While more study of online child safety issues is always welcome — including additional task forces or working groups if policymakers deem them necessary — thanks to the work of these five task forces, we now have better vision of what is needed to address online safety concerns.

Five Online Safety Task Forces Agree [PFF – Adam Thierer] http://d.scribd.com/ScribdViewer.swf?document_id=17181137&access_key=key-z6cxfgrjkqaqtxbix&page=1&version=1&viewMode=

Conversations about how the Internet can be used to increase the openness and accountability of government usually focuses on the Executive and Legislative branches of the Federal government.  But on this week’s episode of Technology Policy Weekly, I hosted a discussion of the equally vital issue of public access to court records, joined by:

• The TLF’s own Tim Lee,  who’s written about the problems with PACER , the arcane and expensive system by which court documents are currently made publicly available—with a separate system for each of the 100+ Federal courts!
• James Grimmelmann of New York Law School, who wrote Copyright, Technology, and Access to the Law: An Opinionated Primer.
• Steve Schultze, of Harvard’s Berkman Center, who’s  been writing about these issues on his own blog, especially about Sen. Lieberman’s recent laudable efforts.  Also check out a talk he gave recently on “Selling the Law: The Business of Public Access to Court Records.”

We discussed a wide range of issues, including:

• Why lay people should care—this is ultimately about reducing the legal profession’s monopoly over access to the courts!
• The philosophical reasons why better access to court records is important – little things like democracy, fairness, consistency, equality, the rule of law, etc.
• The copyrightability of legal records
• The history of the problem & what can be done about it

There are several ways to listen to the TLF Podcast. You can press play on the player below to listen right now, or download the MP3 file. You can also subscribe to the podcast by clicking on the button for your preferred service. And do us a favor, Digg this podcast!

[display_podcast]

Microsoft’s share of the browser market across all versions of Internet Explorer has dropped, by one estimate, dropped from 78.58%  in December 2007 to 68.15% in December 2008 (or by just under 8% in another estimate).

[IE’s] share dropped from 69.77% in November to 68.15% in December. [During the same period,] Firefox gained more than half a point and ended up at 21.34%, Safari approaches the [10%] hurdle with 7.93% and Chrome came in at 1.04%, the first time Google was able to cross the 1% mark.

This is particularly interesting: 

Since IE6 is used primarily within corporations, its market share is much higher during the week than it is on weekends. As a result, all other browsers gain on weekends and especially during a holiday. Because of that circumstance, Net Applications noted that the December numbers should be taken with a grain of salt. However, it is worth the note that IE6 achieved … market share numbers of about 28% during the week and about 21% on weekends in early 2008. In December, these numbers were down to about 20% during the week and 15% on weekends.    

So, Microsoft still has an established base among corporate users, where IT administrators  generally prevent employees from installing new applications (including browsers) and the sysadmins often don’t roll out alternative browsers across a corporate network for any one of several possible reasons, including:

• They just don’t want to bother having to install, regularly upgrade and support another piece of software;
• They may overestimate the security vulnerability of such alternative browsers compared to Internet Explorer;
• The crustier sysadmins may not realize that today’s browsers are not only free for individual users, but also for corporate users–unlike the old Netscape Navigator; and
• Corporate intranets may be designed for IE, in which case rolling out an alternative browser might cause confusion among less tech-savvy employees.

Microsoft may still have an advantage that could be considered “unfair,” but so what?  IE’s share of home browser usage may have fallen faster among home users than corporate users, but the overall trend line is clear:  increasing numbers of Americans are taking advantage of the rich browser options available to them, both at home and at work.  As Microsoft’s  share of the browser market falls further with each passing year–at an apparently accelerating rate–the concerns about Microsoft’s “dominance” of the browser market that drove the Justice Department’s antitrust jihad against the company a decade ago seem increasingly obsolete. 

If nothing else, the increasing competitiveness of the browser market should be a persistent reminder to those who advocate top-down regulatory “fixes” to perceived iniquities of online markets that competition and innovation may move faster than government regulators or the courts.  

My prediction for 2009:  IE’s overall share will fall even further than it did in 2008, with particularly strong growth in Google Chrome’s market share.