Ronald J. Deibert is the director of The Citizen Lab at the University of Toronto’s Munk School of Global Affairs and the author of an important new book, Black Code: Inside the Battle for Cyberspace, an in-depth look at the growing insecurity of the Internet. Specifically, Deibert’s book is a meticulous examination of the “malicious threats that are growing from the inside out” and which “threaten to destroy the fragile ecosystem we have come to take for granted.” (p. 14) It is also a remarkably timely book in light of the recent revelations about NSA surveillance and how it is being facilitated with the assistance of various tech and telecom giants.

The clear and colloquial tone that Deibert employs in the text helps make arcane Internet security issues interesting and accessible. Indeed, some chapters of the book almost feel like they were pulled from the pages of techno-thriller, complete with villainous characters, unexpected plot twists, and shocking conclusions. “Cyber crime has become one of the world’s largest growth businesses,” Deibert notes (p. 144) and his chapters focus on many prominent recent examples, including cyber-crime syndicates like Koobface, government cyber-spying schemes like GhostNet, state-sanctioned sabotage like Stuxnet, and the vexing issue of zero-day exploit sales.

Deibert is uniquely qualified to narrate this tale not just because he is a gifted story-teller but also because he has had a front row seat in the unfolding play that we might refer to as “How Cyberspace Grew Less Secure.” Indeed, he and his colleagues at The Citizen Lab have occasionally been major players in this drama as they have researched and uncovered various online vulnerabilities affecting millions of people across the globe. (I have previously reviewed and showered praise on a couple important books that Deibert co-edited with scholars from The Citizen Lab and Harvard’s Berkman Center, including: Access Controlled: The Shaping of Power, Rights, and Rule in Cyberspace and Access Denied: The Practice and Policy of Global Internet Filtering. They are truly outstanding resources worthy of your attention.)

Black Code’s Many Meanings

So, what is “black code” and why should we be worried about it? Deibert uses the term as a metaphor for many closely related concerns. Most generally it includes “that which is hidden, obscured from the view of the average Internet user.” (p. 6) More concretely, it refers to “the criminal forces that are increasingly insinuating themselves into cyberspace, gradually subverting it from the inside out.” (p. 7) “Those who take advantage of the Internet’s vulnerabilities today are not just juvenile pranksters or frat house brats,” Deibert notes, “they are organized criminal groups, armed militants, and nation states.” (p. 7-8) Which leads to the final way Deibert uses the term “black code.” It also, he says, “refers to the growing influence of national security agencies, and the expanding network of contractors and companies with whom they work.” (p. 8)

Deibert is worried about the way these forces and factors are working together to undermine online stability and security, and even delegitimize liberal democracy itself. His thesis is probably most succinctly captured in this passage from Chapter 7:

We live in an era of unprecedented access to information, and many political parties campaign on platforms of transparency and openness. And yet, at the same time, we are gradually shifting the policing of cyberspace to a dark world largely free from public accountability and independent oversight. In entrusting more and more information to third parties, we are signing away legal protections that should be guaranteed by those who have our data. Perversely, in liberal democratic countries we are lowering the standards around basic rights to privacy just as the center of cyberspace gravity is shifting to less democratic parts of the world. (p. 130-1)

What Deibert is grappling with in this book is the same fundamental problem that has long plagued the Internet: How do you preserve the benefits associated with the most open and interconnected “network of networks” the world has ever known while also remedying the various vulnerabilities and pathologies created by that same openness and interconnectedness?  Deibert acknowledges this problem, noting:

Ever since the Internet emerged from the world of academia into the world of the rest of us, its growth trajectory has been shadowed by a grey economy that thrives on opportunities for enrichment made possible by an open, globally connected infrastructure. (p. 141)

The Paradox of the Net’s Open, Interconnected Nature

Again, paradoxically, this inherent instability and vulnerability is due precisely to the Net’s open and globally interconnected nature. And many governments are looking to exploit that fact. “These unfortunate by-products of an open, dynamic network are exacerbated by increasing assertions of state power,” Deibert notes. (p. 233)

More generally, this uncomfortable fact—that the Net’s open, interconnected nature leads to both enormous benefits as well as huge vulnerabilities—isn’t just true for criminal online activity or the cyber-espionage activities that various nation-states are pursuing today. It is equally true for everything online today. There is a sort of yin and the yang to the Net that is simply undeniable and completely unavoidable. For one issue after another we find that the Net’s greatest blessing—its open, interconnected nature—is also its greatest curse.

For example, as I noted here recently in my review of Abraham H. Foxman and Christopher Wolf ‘s new book, Viral Hate: Containing Its Spread on the Internet, the open and interconnected Internet gives us “the most widely accessible, unrestricted communications platform the world has ever known” but also  means we have to tolerate a great many imbeciles “who use it to spew insulting, vile, and hateful comments.” The same is true for other types of online speech and content: You have access to an abundance of informational riches, but there’s also no avoiding all the garbage out there now, too.

Similarly, as I noted in my essay, “Privacy as an Information Control Regime: The Challenges Ahead,” the open and interconnected Internet has given us historically unparalleled platforms for social interaction and commerce. But that same openness and interconnectedness has left us with a world of hyper-exposure and a variety of privacy and surveillance threats—not just from governments and large corporations, but also from each other.

And then there’s the never-ending story of digital copyright. On one hand, the open and globally interconnected network or networks has provided us with an amazing platform for sharing knowledge, art, and expression. On the other hand, as I noted in this essay on “The Twilight of Copyright,” creators of expressive works have less security than ever before in terms of how they can control and monetize their artistic and scientific inventions.

I could go on and on—as I did in my essays on “Copyright, Privacy, Property Rights & Information Control: Common Themes, Common Challenges” and “When It Comes to Information Control, Everybody Has a Pet Issue & Everyone Will Be Disappointed”—but the moral of the story is pretty clear: The Internet giveth and the Internet taketh away. Openness and interconnectedness offer us enormous benefits but also force us to confront major risks as the price of admission to this wonderful network.

Will the Whole System Collapse?

The uncomfortable question that Deibert’s book tees up for discussion is: When will this balance get completely out of whack in terms of online security? Or, has it already? In some portions of the text, he hints that may already be the case. Consider this passage in Chapter 11 in which Deibert discusses whether the Chicken Little-ism of digital security worry-warts like Eugene Kaspersky and Richard Clarke is warranted:

Eugene Kaspersky, Richard Clarke, and others may sound like broken records or self-serving fear mongers, but there is no denying the evolving cyberspace ecosystem around us: we are building a digital edifice for the entire planet, and it sits above us like a house of cards. We are wrapping ourselves in expanding layers of digital instructions, protocols, and authentication mechanisms, some them open scrutinized, and regulated, but many closed, amorphous, and poised for abuse, buried in the black arts of espionage, intelligence gathering, and cyber and military affairs. Is it only a matter of time before the whole system collapses? (p. 186)

That sounds horrific, but is it really the case that the entire system really about to collapse? And, if so, what are we going to do about it?

This raises a small problem with Deibert’s book. He does such a nice job itemizing and describing these security vulnerabilities that by the time the reader wades through 230 pages and nears the end of the book, they are left in a highly demoralized state, searching for some hope and a concrete set of practical solutions. Unfortunately, they won’t find an abundance of either in Deibert’s brief closing chapter, “Toward Distributed Security and Stewardship in Cyberspace.”

Don’t get me wrong; I agree with the general thrust of Deibert’s framework, which I describe below. The problem is that it is highly aspirational in nature and lacks specifics. Perhaps that is simply because there are no easy answers here. Digital security is damn hard and, as with most other online pathologies out there, no silver-bullet solutions exist.

Deibert notes that some government officials will seek to exploit those vulnerabilities—many of which they created themselves—to expand their authority over the Internet. “Faced with mounting problems and pressures to do something, too many policy-makers are tempted by extreme solutions,” he notes. (p. 234) He worries about “a movement towards clamp down” that would be “antithetical to the principles of liberal democratic government” by undermining checks and balances and accountability. (p. 235) In turn, this will undermine the “mixed common-pool resource” that is the current Internet.

Deibert’s alternative cyber security strategy to counter the push to “clamp down” is based on three interrelated notions or components:

1. Principles of restraint or “mutual restraint”: “Securing cyberspace requires a reinforcement, rather than a relaxation, of restraint on power, including checks and balances on governments, law enforcement, intelligence agencies, and on the private sector,” he argues. (p. 239)
2. “Distributed security”: “The Internet functions precisely because of the absence of centralized control, because of thousands of loosely coordinated monitoring mechanisms,” Deibert notes. “While these decentralized mechanisms are not perfect and can occasionally fail, they form the basis of a coherent distributed security strategy. Bottom-up, ‘grassroots’ solutions to the Internet’s security problems are consistent with principles of openness, avoid heavy-handedness, and provide checks and balances against the concentrations of power,” he observes. (p. 240)
3. “Stewardship” which Deibert defines as “an ethic of responsible behavior in regard to shared resources” and which, he argues, “would moderate the dangerously escalating exercise of state power in cyberspace by defining limits and setting thresholds of accountability and mutual restraint.” (p. 243)

Again, as an aspirational vision statement this all generally sounds fairly sensible, but the details are lacking. I think Deibert would have been wise to spend a bit more time developing this alternative “bottom-up” vision of how online security should work and bolstering it with case studies.

Digital Security without Top-Down Controls

Luckily, as my Mercatus Center colleague Eli Dourado noted in an important June 2012 white paper, distributed security and stewardship strategies are already working reasonably well today. Dourado’s paper, “Internet Security Without Law: How Service Providers Create Order Online,” documented the many informal institutions that enforce network security norms on the Internet and shows how cooperation among a remarkably varied set of actors improves online security without extensive regulation or punishing legal liability. “These informal institutions carry out the functions of a formal legal system—they establish and enforce rules for the prevention, punishment, and redress of cybersecurity-related harms,” Dourado noted.

For example, a diverse array of computer security incident response teams (CSIRTs) operates around the globe and share their research and coordinate their responses to viruses and other online attacks. Individual Internet service providers (ISPs), domain name registrars, and hosting companies, work with these CSIRTs and other individuals and organizations to address security vulnerabilities. A growing market for private security consultants and software providers also competes to offer increasingly sophisticated suites of security products for businesses, households, and governments.

A great deal of security knowledge is also “crowd-sourced” today via online discussion forums and security blogs that feature contributions from experts and average users alike. University-based computer science and cyberlaw centers (like Citizen Lab) and experts have also helped by creating projects like “Stop Badware,” which originated at Harvard University but then grew into a broader non-profit organization with diverse financial support.

Dourado continues on in his paper to show how these informal, bottom-up efforts to coordinate security responses offer several advantages over top-down government solutions, such as administrative regulation or punishing liability regimes.

Dourado’s description of the ideal approach to online security is entirely consistent with Deibert’s vision in Black Code. In fact, Deibert notes, “It is important to remind ourselves that in spite of the threats, cyberspace runs well and largely without persistent disruption. On a technical level, this efficiency is founded on open and distributed networks of local engineers who share information as peers,” he observes. (p. 240) That is exactly right, but I wish Deibert would have spent more time discussing how this system works in practice today and how it can be tweaked and improved to head off the heavy-handed and very costly top-down solutions that we both dread.

Toward Resiliency

But there’s one other thing I wish Deibert would have explored in the book: resiliency, or how we have adapted to various cyber-vulnerabilities over time.

For example, in another recent Mercatus Center study entitled “Beyond Cyber Doom: Cyber Attack Scenarios and the Evidence of History,” Sean Lawson, an assistant professor in the Department of Communication at the University of Utah, has stressed the importance of resiliency as it pertains to cybersecurity and concerns about “cyberwar.” “Research by historians of technology, military historians, and disaster sociologists has shown consistently that modern technological and social systems are more resilient than military and disaster planners often assume,” he writes. “Just as more resilient technological systems can better respond in the event of failure, so too are strong social systems better able to respond in the event of disaster of any type.”

More generally, as I noted in my recent law review article on “technopanics” and “threat inflation” in information technology policy debates:

while it is certainly true that “more could be done” to secure networks and critical systems, panic is unwarranted because much is already being done to harden systems and educate the public about risks. Various digital attacks will continue, but consumers, companies, and others organizations are learning to cope and become more resilient in the face of those threats.

What Professor Lawson and I are getting at in our respective articles is that the ability of organizations, institutions, and individuals to bounce back from adversity is a frequently unheralded feature of various systems and that it deserves more serious study. (See Andrew Zolli and Ann Marie Healy’s nice book, Resilience: Why Things Bounce Back, for more on this general topic). In the context of online security, what is most remarkable to me is not that the Internet suffers from vulnerabilities due to its open and interconnected nature; it’s that we don’t suffer far more damage as a result.

This gets us back to that very profound question that Deibert poses in Black Code: “Is it only a matter of time before the whole system collapses?” The better question, I think, is: why hasn’t the system already collapsed? Perhaps the answer is, because things haven’t gotten bad enough yet. But I believe that the more realistic answer is that: individuals and institutions often learn how to cope and become resilient in the face of adversity. This is partially the case online because of the stewardship and distributed, decentralized security we already see at work today that makes digital life tolerable.

But it has to be something more than that. After all, many of the security problems that Deibert describes in his book are quite serious and already affect millions of us today. How, then, are we getting by right now? Again, I think the answer has to be that adaptation and resiliency are at work on many different levels of online life.

Consider, for example, how we have learned to deal with spam, viruses, online porn, various online advertising and privacy concerns, and so on. Our adaptation to these threats and annoyances has not been perfectly smooth, of course. No doubt, some people would still like “something to be done” about these things. But isn’t it remarkable how we have, nonetheless, carried on with online commerce and interactive social life even as these problems have persisted?

Conclusion

Going forward, therefore, perhaps there are some reasons for hope. Perhaps the various generic strategies that Deibert outlines in his book, coupled with the remarkable ability of humans to roll with the punches and adapt, will help us come out of this just fine (or at least reasonably well).

Of course, it could also be the case that these security concerns just multiply and that the Internet then morphs into sometime quite different than the interconnected “network of networks” we know today. As I noted in my 2009 essay on “Internet Security Concerns, Online Anonymity, and Splinternets,” we might be moving toward a world with more separate dis­connected digital networks and online “gated communities.” This could take place spontaneously over time and be driven by corporations seeking to satisfy the demand of some consumers for safer and more secure online experiences. As I noted in my review of Jonathan Zittrain’s book, The Future of the Internet, I am actually fine with some of that. I think we can live in a hybrid world of “walled gardens” alongside of the “Wild West” open Internet, so long as this occurs in a spontaneous, organic, bottom-up fashion. [For a more extensive discussion, see my book chapter, “The Case for Internet Optimism, Part 2 – Saving the Net From Its Supporters.”]

If, however, this “splintering” of the Net is done from the top-down through intentional (or even incidental) government action, then it is far more problematic. We already see signs, for example, that Russia is pushing even more strongly in that direction in the wake of the NSA leaks. (See “N.S.A. Leaks Revive Push in Russia to Control Net,” New York Times, July 14.) The Russians have been using amorphous security concerns to push for greater Internet control for some time now. Of course, China has been there for years. So have many Middle Eastern countries. Of course, there’s no guarantee that their respective “splinternets” are, or would be, any more secure than today’s Internet, but it sure would make those networks far more susceptible to state control and surveillance. If that’s our future, then it certainly is a dismal one.

Anyway, read Ron Deibert’s Black Code for an interesting exploration of these and other issues. It’s an excellent contribution to field of Internet policy studies and a book that I’ll be recommending to others for many years to come.

Additional resources:

• the official website for Black Code
• the Citizen Lab website at the University of Toronto
• follow Ronald Deibert and The Citizen Lab on Twitter
• video of Washington, D.C. book launch for Black Code (held at the National Endowment for Democracy on 6/24/13)

Other books you should read alongside “Black Code” (links are for my reviews of each book):

• Access Controlled: The Shaping of Power, Rights, and Rule in Cyberspace edited by Ronald J. Deibert, John G. Palfrey, Rafal Rohozinski, and Jonathan Zittrain
• Consent of the Networked: The Worldwide Struggle for Internet Freedom , by Rebecca MacKinnon
• Cyber War: The Next Threat to National Security and What to Do About It, by Richard A. Clarke and Robert K. Knake
• Liars & Outliers: Enabling the Trust that Society Needs to Thrive, by Bruce Schneier
• Regulating Code: Good Governance and Better Regulation in the Information Age, by Ian Brown & Christopher T. Marsden
• Networks and States: The Global Politics of Internet Governance, by Milton Mueller
• Resilience: Why Things Bounce Back, by Andrew Zolli & Ann Marie Healy

Susan W. Brenner, associate dean and professor of law at the University of Dayton School of Law,  discusses her new paper published in the Minnesota Journal of Law, Science & Technology entitled “Cyber-threats and the Limits of Bureaucratic Control.”

Brenner argues that the approach the United States, like other countries, uses to control threats in real-space is ill-suited for controlling cyberthreats. She explains that because this approach evolved to deal with threat activity in a physical environment, it is predicated on a bureaucratic organizations. This is not an effective way of approaching cyber-threat control, she argues. 

Brenner also explains why congressional efforts at cybersecurity legislation are flawed and why U.S. authorities persist in pursuing antiquated strategies that cannot provide an effective cyberthreats defense system. She outlines an alternative approach to the task of protecting the country from cyberthreats, and approach that is predicated on older, more fluid threat control strategies.

Download

Related Links

• Cyber-Threats and the Limits of Bureaucratic Control, Brenner
• Cybercrime and the Law, Brenner
• Cyberwar: you lack imagination, Brenner
• Approaches to Cybercrime Jurisdiction, Brenner

The number of major cyberlaw and information tech policy books being published annually continues to grow at an astonishing pace, so much so that I have lost the ability to read and review all of them. In past years, I put together end-of-year lists of important info-tech policy books (here are the lists for 2008, 2009, 2010, and 2011) and I was fairly confident I had read just about everything of importance that was out there (at least that was available in the U.S.). But last year that became a real struggle for me and this year it became an impossibility. A decade ago, there was merely a trickle of Internet policy books coming out each year. Then the trickle turned into a steady stream. Now it has turned into a flood. Thus, I’ve had to become far more selective about what is on my reading list. (This is also because the volume of journal articles about info-tech policy matters has increased exponentially at the same time.)

So, here’s what I’m going to do. I’m going to discuss what I regard to be the five most important titles of 2012, briefly summarize a half dozen others that I’ve read, and then I’m just going to list the rest of the books out there. I’ve read most of them but I have placed an asterisk next to the ones I haven’t.  Please let me know what titles I have missed so that I can add them to the list. (Incidentally, here’s my compendium of all the major tech policy books from the 2000s and here’s the running list of all my book reviews.)

As I do each year, I need to repeat a few disclaimers.  First, what qualifies as an “important” info-tech policy book is highly subjective, but I would define it as a title that many people — especially scholars in the field — are currently discussing and that we will likely be referencing for many years to come.  But I “weight” books in the sense that narrowly-focused titles lose a few points. For example, books that deal mostly with privacy issues, copyright law, or antitrust policy are docked a few points relative to “big picture” info-tech policy books that offer a broader exploration of policy issues and which offer more wide-ranging recommendations.

Second, almost all of the books included have something profound to say about Internet policy (either directly or indirectly) and the more profound and clear the policy recommendations or implications, the higher the titles rank in terms of importance on my list.

Third, and most importantly: Just because a book appears on this list that does not necessarily mean I agree with everything in it.  In fact, as was the case in previous years, I found much with which to disagree in most of the books listed here. Simply put, the cyber-liberty I cherish is a real loser in both academic and public policy circles these days. It has very few defenders today. So, if this was simply a list of my personal favorite books, there would only be 2 or 3 titles on it. Instead, this is my effort to list important books in the field, regardless of whether I agree with the content and conclusions found in those titles.

OK, on to the list.

(1) Rebecca MacKinnon – Consent of the Network: The Worldwide Struggle for Internet Freedom

Rebecca MacKinnon’s book was the most important information technology policy book released in 2012 because it: (1) presented a splendid history of the ideas and forces shaping Internet policy debates globally; (2) offered policy insights that were extremely relevant to breaking developments in this field; and (3) set forth a call-to-arms to global Internet activists and gave them a new way of framing their issue advocacy.

MacKinnon is a former journalist and her outstanding reporting skills are on display throughout the text. Her coverage of China’s efforts to regulate the Net is outstanding. She also surveys some of the recent policy fights here and abroad over issues such as online privacy, Net neutrality regulation, free speech matters, and the copyright wars. The book demands attention for this historical work and analysis alone.

Even more importantly, however, MacKinnon makes a forceful argument for how to think about Internet freedom and democracy in new digital worlds. Her book is an attempt to take the Net freedom movement to the next level; to formalize it and to put in place a set of governance principles that will help us hold the “sovereigns of cyberspace” more accountable. Many of her proposals are quite sensible. But, as I noted in my much longer review of the book, I had a real problem with MacKinnon’s use of the term “digital sovereigns” or “sovereigns of cyberspace” and the loose definition of “sovereignty” that pervades her narrative. She too often blurs and equates private power and political power, and she sometimes leads us to believe that the problem of the dealing with the mythical nation-states of “Facebookistan” and “Googledom” is somehow on par with the problem of dealing with actual sovereign power — government power — over digital networks, online speech, and the world’s Netizenry.

Despite these nitpicks, MacKinnon has many other ideas about Net governance in the book that are less controversial and entirely sensible in my opinion. She wants to “expand the technical commons” by building and distributing more tools to help activists and make organizations more transparent and accountable. These would include circumvention and anonymization tools, software and programs that allow both greater data security and portability, and devices and network systems to expand the range of communication and participation, especially in more repressed countries. She would also like to see neitzens “devise more systematic and effective strategies for organizing, lobbying, and collective bargaining with the companies whose service we depend upon — to minimize the chances that terms of service, design choices, technical decisions, or market entry strategies could put people at risk or result in infringement of their rights.” This also makes sense as part of a broader push for improved corporate social responsibility.

Regarding the role of law, MacKinnon has a mixed view. She says: “There is a need for regulation and legislation based on solid data and research (as opposed to whatever gets handed to legislative staffers by lobbyists) as well as consultation with a genuinely broad cross-section of people and groups affected by the problem the legislation seeks to solve, along with those likely to be affected by the proposed solutions.” Of course, that’s a fairly ambiguous standard that could open the door to excessive political meddling with the Net if we’re not careful. Overall, though, she acknowledges how regulation so often lags far behind innovation. “A broader and more intractable problem with regulating technology companies is that legislation appears much too late in corporate innovation and business cycles,” she rightly notes.

MacKinnon’s book will be of great interest to Internet policy scholars and students, but it is also accessible to a broader audience interested in learning more about the debates and policies that will shape the future of the Internet and digital networks for many years to come. One other note: MacKinnon’s clearly-worded prose and cool-headed tone deserve praise and emulation. It serves as a model for how to write a thoughtful Internet policy book, even if you don’t agree with all her conclusions or recommendations.

My complete review of Consent of the Networked can be found here.

(2) Susan Crawford – Captive Audience: The Telecom Industry and Monopoly Power in the New Gilded Age

Susan Crawford’s book was probably my least favorite title of 2012, but that doesn’t mean I can discount its significance within this field. Crawford has made herself a widely-recognized and highly-charged figure in the world of Internet policy through her work as an activist, an academic, and even a government official. In Captive Audience, she doesn’t even try to hide her self-described “radicalized” views on communications policy anymore and in the process she solidifies her role as the ringleader of the growing movement to impose centralized, top-down government control on America’s broadband infrastructure.

What is most astonishing about Captive Audience is the way Crawford so audaciously waxes nostalgic for the days of regulated monopoly. Simply put, Crawford doesn’t believe that capitalism or competition have any role to play in the provision of broadband networks and services. “No competitive pressure will force these companies to act [in the public interest],” she argues on the last page of the manifesto. “Americans,” she claims, “have allowed a naive belief in the power and beneficence of the free market to cloud their vision.” She suggests we should just give up our false hope that markets can deliver such an important service and get on with the task of converting broadband into a full-blown regulated public utility.

Her proposed solutions read like the typical Big Government grab-bag of policy proposals: more government spending, more government ownership, and more government regulation (forced access regulation and rate controls) for any private carriers that are allowed to remain in operation as de facto handmaidens of the state. Crawford’s perfect world scenario would seem to be some sort of amalgam of the U.S. Postal Service and the federal highway program. While both programs have sought to provide an important service to the masses, it goes without saying that both are also an absolute basket case in terms of service management and economic viability. But, for the sake of argument, let’s say that Crawford is right and that public ownership and comprehensive government management is the way to go. Where will all this money come from for all the new government activity Crawford desires? Apparently it grows on trees because she isn’t ever willing to admit that we find ourselves in the midst of major fiscal crisis that likely constrains the ability of governments to make these investments themselves. Luckily, private wireline and wireless broadband providers have been investing tens of billions in infrastructural upgrades in recent years (don’t take my word for it, read what the Progressive Policy Institute has to say), a fact that Crawford conveniently ignores.

More importantly, Crawford never fully confronts the fact that the era of regulated monopoly she cherishes was an unmitigated croynist disaster for consumers. That era had nothing to do with the “public interest” and everything to do with protecting the private interests of regulated entities — namely, Ma Bell on the communications side and broadcasters on the media side. She also doesn’t address the lackluster state of innovation during the 70 or so years during which time communications and media markets were under the tight grip of federal and state regulators, who controlled rates, restricted new entry, and discouraged innovation at virtually every juncture. If one is going to recommend a return to the regulatory past, they had better grapple with that uncomfortable, anti-consumer, anti-innovation history. Crawford utterly fails to in Captive Audience.

While the book is nominally about broadband regulation, the bulk of it is actually dedicated to taking on one company — Comcast — and specifically picking apart its recent merger with NBC Universal. For Crawford, the Comcast-NBC deal represented something akin to the Mayan apocalypse of media policy. She wants us to believe that the deal has forever solidified Comcast’s grasp on both programming and broadband markets. Comcast chief Brian Roberts is presented as the nefarious villain of the narrative; Crawford paints him as a cross between Gordon Gecko and Mr. Burns from “The Simpsons.” Usually such neurotic narratives are reserved for Rupert Murdoch and how he is supposedly plotting mass media domination to brainwash the minds of the masses. But Crawford suggests that Roberts is the new Bond villain du jour and chapter after chapter are devoted to demonizing him, his father, and other execs at Comcast. She argues that “Comcast now owns the Internet in America” and that the company is “squeezing independent online video” providers out of the market.

Despite all this hand-wringing, the situation in the video marketplace has never looked brighter. Crawford fails to put things in historical perspective and examine consumer choices in this market today relative to the past — a point I made in this debate with her last year. Of course, she probably didn’t want to seriously examine that evidence because by every metric available — and I published an entire report called Media Metrics a few years ago proving this — Americans have more and better viewing options at their disposal than ever before in history. We have more channels and more content available over more platforms (cable, satellite, telco, online, DVD, mail, etc) and more devices than ever before. Consumers have an unprecedented ability to access, record, time-shift, interact with, and even manipulate and redistribute video content. Of course, all this choice and quality comes at a cost, as Crawford continuously complains throughout the text. Apparently, in her view, all these great new programming options and technologies should just fall to us like manna from heaven with no price tag attached.

If you want to see what the opposite of Internet freedom and digital capitalism looks like, look no further than this book. It is the definitive articulation of the cyber-planner’s ethos. Of course, that’s also what makes Captive Audience one of the most important books of 2012. But if you really must read such one-sided propaganda — since this book will, no doubt, be assigned in many cyberlaw and media studies classes across America — then I encourage you to also read Christopher Yoo’s Dynamic Internet and Randy May’s edited collection of essays on Communications Law and Policy in the Digital Age, both of which are mentioned below. Both of those books offer a refreshingly level-headed examination of the true state of this marketplace. I’d also recommend you check out these recent essays by Bret Swanson and Richard Bennett for a hard look at the shoddy numbers and assumptions underlying many of the broadband policy critiques you hear out there today from Crawford and others.

(3) John Palfrey & Urs Gasser – Interop: The Promise and Perils of Highly Interconnected Systems

What makes Palfrey & Gasser’s book so important is that the authors aim to develop “a normative theory identifying what we want out of all this interconnectivity” that the information age has brought us. They correctly note “there is no single, agreed-upon definition of interoperability” and that “there are even many views about what interop is and how it should be achieved.” Generally speaking, they argue increased interoperability — especially among information networks and systems — is a good thing because it “provides consumers greater choice and autonomy,” “is generally good for competition and innovation,” and “can lead to systemic efficiencies.”

But they wisely acknowledge that there are trade-offs, too, noting that “this growing level of interconnectedness comes at an increasingly high price.” Whether we are talking about privacy, security, consumer choice, the state of competition, or anything else, Palfrey and Gasser argue that “the problems of too much interconnectivity present enormous challenges both for organizations and for society at large.” Their chapter and privacy and security offers many examples, but one need only look around at their own digital existence to realize the truth of this paradox. The more interconnected our information systems become, and the more intertwined our social and economic lives become with those systems, the greater the possibility of spam, viruses, data breaches, and various types of privacy or reputational problems. Interoperability giveth and it taketh away.

Ultimately, however, the authors fail to develop a clear standard for when interoperability is good and when governments should take steps to facilitate or mandate it. They argue that “there is no single form or optimal amount of interoperability that will suit every circumstance” and that “most of the specifics of how to bring interop about [must] be determined on a case-by-case basis. Yet, Palfrey and Gasser also make it clear they want government(s) to play an active role in ensuring optimal interoperability. They say they favor “blended approaches that draw upon the comparative advantages of the private and public sector,” but they argue that government should feel free to tip or nudge interoperability determinations in superior directions to satisfy “the public interest.” “If deployed with skill,” they argue, “the law can play a central role in ensuring that we get as close as possible to optimal levels of interoperability in complex systems.”

The fundamental problem this “public interest” approach to interoperability regulation is that it is no better than the “I-know-it-when-I-see-it” standard we sometimes at work in the realm of speech regulation. It’s an empty vessel, and if it is the lodestar by which policymakers make determinations about the optimal level of interoperability, then it leaves markets, innovators, and consumers subject to the arbitrary whims of what a handful of politicians or regulators think constitutes “optimal interoperability,” “appropriate standards,” and “best available technology.”

In my absurdly long review of their book, I offered an alternative framework that suggests patience, humility, and openness to ongoing marketplace experimentation as the primary public policy virtues that lawmakers should instead embrace. Ongoing marketplace experimentation with technical standards, modes of information production and dissemination, and interoperable information systems, is almost always preferable to the artificial foreclosure of this dynamic process through state action. The former allows for better learning and coping mechanisms to develop while also incentivizing the spontaneous, natural evolution of the market and market responses. The latter (regulatory foreclosure of experimentation) limits that potential.

Defining “optimal interoperability,” is not just difficult as Palfrey and Gasser suggest, but I would argue that it is a pipe dream. Sometimes consumers demanded a certain amount interoperability and they usually get it. But it seems equally obvious that consumers don’t always demand perfect interoperability. Just look at your iPhone or Xbox for proof. Quite often, a lack of interoperability helps firms finance important new products and services while simultaneously ensuring users a tailored and potentially more secure and satisfying experience. Importantly, however, non-interoperability also spurs new forms of innovation from rivals looking to leap-frog the old front-runners. Progress flows from this never-ending cycle of technological change and industrial churn.

In sum, we cannot define or determine “optimal interoperability” in an a priori fashion; only ongoing experimentation can help us determine what truly lies in “the public interest.” Despite my different approach and conclusions, Palfrey and Gasser’s book perfectly frames what should be a very interesting ongoing debate over these issues and for that reason will be required reading on this subject for years to come.

Again, my longer review of Palfrey and Gasser’s book can be found here, and listen to John Palfrey’s podcast discussion with Jerry Brito here.]

(4) Christopher Yoo – The Dynamic Internet: How Technology, Users, and Businesses are Transforming the Network

Christopher Yoo’s book was my personal favorite of the year, but it won’t capture as much interest and recognition as some of the other titles on this list. The book offers a concise overview of how Internet architecture has evolved and a principled discussion of the public policies that should govern the Net going forward. Yoo makes two straight-forward arguments. First, the Internet is changing. In Part 1 of the book, Yoo offers a layman-friendly overview of the changing dynamics of Internet architecture and engineering. He documents the evolving nature of Internet standards, traffic management and congestion policies, spam and security control efforts, and peering and pricing policies. He also discusses the rise of peer-to-peer applications, the growth of mobile broadband, the emergence of the app store economy, and what the explosion of online video consumption means for ongoing bandwidth management efforts. Those are the supply-side issues. Yoo also outlines the implications of changes in the demand-side of the equation, such as changing user demographics and rapidly evolving demands from consumers. He notes that these new demand-side realities of Internet usage are resulting in changes to network management and engineering, further reinforcing changes already underway on the supply-side.

Yoo’s second point in the book flows logically from the first: as the Internet continues to evolve in such a highly dynamic fashion, public policy must as well. Yoo is particularly worried about calls to lock in standards, protocols, and policies from what he regards as a bygone era of Internet engineering, architecture, and policy. “The dramatic shift in Internet usage suggests that its founding architectural principles form the mid-1990s may no longer be appropriate today,” he argues. “[T]he optimal network architecture is unlikely to be static. Instead, it is likely to be dynamic over time, changing with the shifts in end-user demands,” he says. Thus, “the static, one-size-fits-all approach that dominates the current debate misses the mark.”

Yoo makes a particular powerful case for flexible network pricing policies. His outstanding chapter on “The Growing Complexity of Internet Pricing” offers an excellent overview of the changing dynamics of pricing in this arena and explains why experimentation with different pricing methods and business models must be allowed to continue. Getting pricing right is essential, Yoo notes, if we hope to ensure ongoing investment in new networks and services. He also notes how foolish it is to expect the government to come in and save the day thought massive infrastructure investment to cover the hundreds of billions of dollars needed to continue to build-out high-speed services.

Throughout the second half of his book, Yoo explains why it would be a disaster for consumers and high-tech innovation if policymakers limited pricing flexibility and experimentation with new business models and technological standards. He argues that public policy should generally seek to avoid ex ante forms of preemptive, prophylactic Internet regulation and instead rely on an ex post approach when and if things go wrong. Essentially, he wants policymakers to embrace “techno-agnosticism” toward ongoing debates over standards, protocols, business models, pricing methods, and so on. Lawmakers should not be preemptively tilting the balance in one direction or the other or, worse yet, restricting experimentation that can help us find superior solutions.

And even under that model of retrospective review, Yoo makes it clear throughout the book that there should be a very high bar established before any regulation is pursued. This is particularly true because of the First Amendment values at stake when the government attempts to regulate speech platforms. In Chapter 9 of the book, Yoo walks the reader through all the relevant case law on this front and makes it clear how “the Supreme Court has repeatedly recognized that the editorial discretion exercised by intermediaries serves important free speech values.” Yoo also makes the case that a certain degree of intermediation helps serve consumer needs by helping them more easily find the content and services they desire. Law should not seek to constrain that and, under current Supreme Court First Amendment jurisprudence, it probably cannot.

To me, Yoo’s approach strikes the right balance for Net governance and public policy in the information age. It all comes down to flexibility and freedom. If the Internet and all modern digital technologies are to thrive, we must reject the central planner’s mindset that dominated the analog era and forever bury all the static thinking it entailed.

My complete review of Yoo’s Dynamic Internet is here.

(5) Brett Frischmann – Infrastructure: The Social Value of Shared Resources

Frischmann’s book offers a nice contrast with Yoo’s in that it suggests a far more ambitious role for the state in shaping the future of digital networks and online platforms. Although not strictly a book about information technology infrastructure, Frischmann spends a great deal of time making the case for a greater government action in the realm of communications policy and for open access and Net neutrality regulation in particular. (There’s also a chapter on intellectual property issues that tech policy wonks will find of interest). The book is a veritable paean to open access regulation; Frischmann aims to persuade the reader that “society is better off sharing infrastructure openly” and devotes considerable energy to hammering that point home in one context after another.

In my review of the book, which was part of 2-day symposium on the book over at the Concurring Opinions blog, I took Frischmann’s book to task for its almost complete absence of public choice insights and his general disregard for thorny “supply-side” questions.  Frischmann is so single-mindedly focused on making the “demand-side” case for better appreciating how open infrastructures “generate spillovers that benefit society as a whole” and facilitate various “downstream productive activities,” that he short-changes the supply-side considerations regarding how infrastructure gets funded and managed to begin with.

The book also ignored the omnipresent threat of regulatory capture and the fact that any major infrastructure regulatory system big enough and important to be captured by special interests and affected parties often will be. Frischmann acknowledges the problem of capture in just a single footnote in the book and admits that “there are many ways in which government failures can be substantial,” but he asks the reader to quickly dispense with any worries about government failure since he believes “the claims rest on ideological and perhaps cultural beliefs rather than proven theory or empirical fact.”  I found that assertion outrageous and argued that, to the contrary, decades of scholarship has empirically documented the reality of government failure and its costs to society, as well as the plain old-fashioned inefficiency often associated with large-scale government programs. For infrastructure projects in particular, the combination of these public choice factors usually adds up to massive inefficiencies and cost overruns.

For those reasons, I argued in my review that society would be better off adopting a “3-P” approach to infrastructure management: privatize, property-tize, and price. But Frischmann is dead set against such thinking and makes it clear that everything must be subservient to the goal of “openness” and commons-based management. Unsurprisingly, therefore, this leads him to suggest that we need “a dramatic shift — perhaps a paradigm shift — away from the conventional position favoring market provisioning and markets ‘free’ from government intervention.” But the problem with that reasoning, as I pointed out in my review, is that most of the infrastructure that Frischmann cites as failing us today is already managed in the fashion he favors! Nonetheless, he wants to pile on still more commons-based government control / ownership solutions even though they are the primary cause of our infrastructure problems today. In this sense, Frischmann’s approach parallels Susan Crawford’s in her book Captive Audience, discussed above. They both seek to gloss over the ugly realities of traditional public infrastructure (mis-)management and they imply that we just need to build a better breed of bureaucrats who will somehow be immune to all the problems of the past. Needless to say, I don’t place much faith in such efforts.

Despite these serious deficiencies, students and scholars studying infrastructure theory will benefit from Frischmann’s excellent treatment of public goods and social goods; spillovers and externalities; proprietary versus commons systems management; common carriage policies and open access regulation; congestion pricing strategies; and the debate over price discrimination for infrastructural resources. He at least does a nice job outlining these concepts and controversies, even if he ultimately fails to make the case for radically expanding government control of infrastructural resources.

Again, you can read my entire review of Frischmann’s book here.

— Other Major Releases in 2012 —

Julie E. Cohen – Configuring the Networked Self: Law, Code, and the Play of Everyday Practice

Cohen’s book represents an effort to move “beyond the bounds of traditional liberal political theory” by transcending what she labels the traditional “information-as-freedom” versus “information-as-control” paradigms. Her aim is to promote “cultural environmentalism” and “the structural conditions of human flourishing.” She argues that “a commitment to human flourishing demands a more critical stance toward the market-driven evolution of network architectures.” In other words, don’t trust markets.

I didn’t find her case very convincing and it didn’t help that the book is filled with impenetrable prose that sometimes leaves the reader’s head a bit numb. (Two representative samples: “With respect to space, surveillance employs a twofold dynamic of containerization and affective modulation in order to pursue large-scale behavioral modification.” … and… “Here the performative impulse introduces static into the circuits of the surveillant assemblage; it seeks to reclaim bodies and reappropriate spaces.” Say what? Write in plain English, professor!)

The closing chapter also includes a strange reinterpretation of Ludditism. Cohen argues: “the tale of the Luddites poses an important challenge for scholars and policy makers in the emerging networked information society. If technologies do not have natural trajectories, it is our obligation to seek pathways of development that promote the well-being of situated, embodied users and communities. When our preferred policy prescriptions persistently produce information architectures and institutions that undermine human flourishing in critical ways, it is time to question them and to experiment with ways of doing better.”  Hmmm… I’m not sure I want to know what that would mean in practice!

Regardless, Cohen’s book has a lot to say about modern privacy and copyright battles and will be of great interest to scholars in those specific fields of study.  You can find all the chapters online here.

Cole Stryker – Hacking the Future: Privacy, Identity, and Anonymity on the Web

Stryker’s Hacking the Future provides a concise overview of the battles over online anonymity that have raged since the Net’s early days and he outlines the many new threats to it. “What we are seeing is an all-out war on anonymity, and thus free speech, waged by a variety of armies with widely diverse motivations, often for compelling reasons,” he says. The book will be a great use to those covering ongoing policy debates over cybersecurity, the “nymwars” and online authentication / identification debates, post-Arab Spring political activism & “hactivism,” encryption issues, social networking privacy, troll culture and cyberbullying, and much more. Stryker makes a strong case for the continuing importance of online anonymity but isn’t scared to ask hard questions about the trade-offs society faces when some can mask their online identities. But he also explores the question of whether anonymity can survive given recent technological and policy-related developments, both of which aim to make individuals more identifiable online. I particularly enjoyed Chapter 10’s breakdown of the “Faces of Anonymity,” in which Stryker crafts a detailed taxonomy of anonymous character types online.

He also offers a run-down of the tools and steps that people can take advantage of if they want to ensure their anonymity / privacy online, including: cookie blocking, private browsing tools, disabling HTML in email and limiting or disabling broswer extensions, clearing browser histories, and using encryption tools, proxy servers, and VPN tunneling. “The question we have to ask ourselves,” Stryker notes, is “Does the accessibility of these anonymizing technologies make the world a safer, more equitable place, better place?” He answers: “It’s difficult to measure, but their abolition certainly wouldn’t.” He also draws this interesting parallel with efforts to regulate firearms: “The logic here is not unlike that used by those who oppose gun control: if guns are made illegal, then only criminals will have guns, leaving well-meaning folks defenseless. The reasoning is compelling within the identity space,” he argues, “regardless of what you might think about the merits of gun control.”

Two other notes: First, Wide Open Privacy: Strategies For The Digital Life by J.R. Smith & Siobhan MacDermott makes a nice compliment to Hacking the Future. It also offers a breakdown of privacy-enhancing technologies and outlines other strategies to safeguard your online anonymity. Second, if you are interested in digging even deeper in the Luzsec side of this story, you should check out Parmy Olson’s W e are Anonymous: Inside the Hacker Wor ld of Lulzsec, Anonymous and the Global Cyber Insurgency. It’s a splendid history but doesn’t have as much to say about the various policy issues that Stryker tackles in Hacking the Future. Or just listen to Olson’s podcast discussion with Jerry Brito. Speaking of that Brito character…

Jerry Brito (ed.) – Copyright Unbalanced: From Incentive to Excess

My Mercatus Center colleague Jerry Brito put together this important collection of essays by various conservatives and libertarian authors to highlight growing concerns about copyright policy. Contributors include Tom W. Bell, David G. Post, Reihan Salam, Patrick Ruffini, Tim Lee, Christina Mulligan, and Eli Dourado (also of Mercatus). Their essays suggest that the tide may be turning against copyright among free market analysts. Their chapters explore the increasingly complexity of copyright law and the rising costs associated with its enforcement and make a powerful case for reform of, or at least restraints on, the current copyright system. The consensus seemed to revolve around a few key reforms: significantly shortened copyright terms, the reintroduction of formalities (i.e., registration), and limits on criminal prosecution and civil asset forfeiture. The authors also make a strong case that public choice problems pervade today’s copyright system and that we should be concerned that cronyism is increasing creeping into the politics of copyright law and its seemingly endless expansion.

If you interested in a different take on IP issues to balance out Brito’s collection, I’d recommend picking up the forthcoming Laws of Creation: Property Rights in the World of Ideas by Ronald A. Cass and Keith N. Hylton. It’s a 2013 release but it is already in stock. I’m reading an advance copy from the publisher right now and will likely have more to say about it in a forthcoming post.

Randolph J. May (ed.) – Communications Law and Policy in the Digital Age: The Next Five Years

My former colleague Randy May put together this nice collection of essays by some of America’s leading communications and media policy scholars, including Bruce Owen, Christopher Yoo, James Speta, Daniel Lyons and others. The authors offer a generally skeptical take on the expansion of communications and broadband regulation and the growing power of the Federal Communications Commission over these markets. In particular, many of the contributors take the FCC to task for sketchy assertions of jurisdiction and the agency’s efforts to expand its imperial regulatory ambitions without always having the clear statutory authority to do so. The chapters by James Speta and Seth Cooper are particularly good in that regard. Admin law geeks will eat them up.

Those analysts following the ongoing Net neutrality wars will also find the book informative, even if they disagree with the generally skeptical take on the issue from contributors. Spectrum and universal service policy wonks will also appreciate the excellent chapters on those two issues from Michele P. Connolly and Daniel A. Lyons, respectively. And the closing chapter by Bruce Owen is, like everything Bruce does, a masterpiece. Owen is probably the most respected media economist on the planet and his decades of experience in this field shines through in his powerful essay on “Communications Policy Reform, Interest Groups, and Legislative Capture.” He crafts a political economy of the regulatory state and points out that the explosion of rent-seeking and legislative/regulatory capture in this sector is unlikely to dissipate. “Therefore,” Owen argues, “communications policy likely will continue to be subject to welfare-suppressing regulation because such regulation is consistent with the interests of legislators,” who are often beholden to special interests and their campaign dollars.

Joshua Gans – Information Wants to Be Shared

I really enjoyed this book. It’s an insightful exploration of modern media economics filled with interesting questions and scenarios about how information markets will evolve in the future. What will sustain movies, music, book, local reporting, and so on in the future? Gans does a terrific job making these issues easy to understand and doesn’t try to evangelize as much as the many others who have written on these issues. If you’ve read and enjoyed Carl Shapiro and Hal Varian’s classic text, Information Rules, then you will find Gans’ book to be the perfect compliment.

Gans doesn’t have a lot to say about public policy, however. This is really more of a business book suited for industry analysts and business school students. Nonetheless, some of its implications for policy are clear since many of these business model debates boil over into the policy arena.

P.S. I should mention that, even if you don’t pick up his new book, you should be following Gans’ “Digitopoly” blog. It is always worth reading.

Andrew Keen – Digital Vertigo: How Today’s Online Social Revolution Is Dividing, Diminishing, and Disorienting Us

If you’re into ‘the-whole-world-is-going-to-Hell-and-the-Internet-is-to-blame’ screeds, Andrew Keen will never disappoint. In Digital Vertigo as well as his earlier book, The Cult of the Amateur, Keen is grumpy about, well, just about everything under the sun. In the earlier book, it was the Web 2.0 world of blogging and “amateur” content creation — most notably Wikipedia and YouTube — that earned Keen’s wrath. In the new book, it is users themselves and the social sharing sites and technologies that they favor that Keen goes off on.

Specifically, Keen is worried that our increased reliance on new online and interactive technologies is spawning a “hypervisible age of great exhibitionism” that sacrifices privacy and individuality at the altar of sharing and social status-seeking. He also makes sweeping claims that we are now living in “a world in which many of us have forgotten what it means to be human,” or that “we are forgetting who we really are.” As I noted in my Forbes review of the book, it’s classic technopanic talk. Not only does Keen fail to substantiate such claims, but he also doesn’t bother to even offer the reader any sort of practical plan for how to achieve a more balanced digital life.

Bruce Schneier – Liars & Outliers: Enabling the Trust that Society Needs to Thrive

Security expert Bruce Schneier’s latest book was a terrific read and easily one of my favorites of the year. It wasn’t a book about technology policy per se, but it certainly has important ramifications for it. Schneier explains four “societal pressures” combine to help create and preserve trust within society. Those pressures include: (1) Moral pressures; (2) Reputational pressures; (3) Institutional pressures; and (4) Security systems. By “dialing in” these societal pressures in varying degrees, trust is generated over time within groups. Of course, these societal pressures also fail on occasion, Schneier notes. He explores a host of scenarios — in organizations, corporations, and governments — when trust breaks down because defectors seek to evade the norms and rules the society lives by. These defectors are the “liars and outliers” in Schneier’s narrative and his book is an attempt to explain the complex array of incentives and trade-offs that are at work and which lead some humans to “game” systems or evade the norms and rules others follow.

Indeed, Schneier’s book serves as an excellent primer on game theory as he walks readers through complex scenarios such as prisoner’s dilemma, the hawk-dove game, the free-rider problem, the bad apple effect, principle-agent problems, the game of chicken, race to the bottom, capture theory, and more. These problems are all quite familiar to economists, psychologists, and political scientists, who have spent their lives attempting to work through these scenarios. Schneier has provided a great service here by making game theory more accessible to the masses and given it practical application to a host of real-world issues.

The most essential lesson Schneier teaches us is that perfect security is an illusion, and this is where the implications for tech policy come in. We can rely on those four societal pressures in varying mixes to mitigate problems like theft, terrorism, fraud, online harassment, and so on, but it would be foolish and dangerous to believe we can eradicate such problems completely. “There can be too much security,” Schneier explains, because, at some point, constantly expanding security systems and policies will result in rapidly diminishing returns. Trying to eradicate every social pathology would bankrupt us and, worse yet, “too much security system pressure lands you in a police state,” he correctly notes.

Despite these challenges, Schneier reminds us that there is cause for optimism. Humans adapt better to social change than they sometimes realize, usually by tweaking the four societal pressures Schneier identifies until a new balance emerges. While liars and outliers will always exist, society will march on.

See my longer review of Schneier’s excellent book over at Forbes. I highly recommend you pick up Liars & Outliers no matter what your field of study. It is outstanding.

… and still more titles from 2012 (* asterisk means I didn’t find time to finish them)…

• E. Gabriella Coleman – Coding Freedom: The Ethics and Aesthetics of Hacking *
• Sean A. Pager & Adam Candeub (eds.) – Transnational Culture in the Internet Age *
• John Naughton – From Gutenberg to Zuckerberg: What You Really Need to Know about the Internet
• Erik Brynjolfsson & Andrew McAfee – Race Against the Machine: How the Digital Revolution is Accelerating Innovation, Driving Productivity, and Irreversibly Transforming Employment and the Economy [listen to McAfee’s podcast discussion with Jerry Brito]
• Chris Reed – Making Laws for Cyberspace *
• J.R. Smith & Siobhan MacDermott – Wide Open Privacy: Strategies For The Digital Life
• Virginia Eubanks – Digital Dead End: Fighting for Social Justice in the Information Age *
• Lori Andrews – I Know Who You Are and I Saw What You Did: Social Networks and the Death of Privacy
• Hassan Masum and Mark Tovey (eds.) – The Reputation Society: How Online Opinions Are Reshaping the Offline World *
• Reed Hundt & Blair Levin – The Politics of Abundance: How Technology Can Fix the Budget, Revive the American Dream, and Establish Obama’s Legacy *
• Kal Raustiala & Christopher Sprigman – The Knockoff Economy: How Imitation sparks Innovation* [listen to Sprigman’s podcast discussion with Jerry Brito]
• Jason Mazzone, Copyfraud and Other Abuses of Intellectual Property Law * [listen to Mazzone’s podcast discussion with Jerry Brito]
• Clay A. Johnson – The Information Diet: A Case for Conscious Consumption
• Julian Assange – Cypherpunks: Freedom and the Future of the Internet
• Andy Greenberg – This Machine Kills Secrets: How WikiLeakers, Cypherpunks, and Hacktivists Aim to Free the World’s Information

… and, again, here are the lists of important books from 2008, 2009, 2010, and 2011.

Rebecca MacKinnon’s new book, Consent of the Networked: The Worldwide Struggle for Internet Freedom, is well-researched exploration of the forces driving Internet developments and policy across the globe today. She serves up an outstanding history of recent global protest movements and social revolutions and explores the role that Internet technologies and digital networks played in those efforts. She also surveys some of the recent policy fights here and abroad over issues such as online privacy, Net neutrality regulation, free speech matters, and the copyright wars. The Consent of the Networked is certainly worth reading and will go down as one of the most important Internet policy books of 2012.

A Call to Action

Of course, it’s not just a history lesson. MacKinnon has also issued a call-to-arms here. As a well-known web activist, MacKinnon has emerged as a leading force in the broad-based, if loosely-defined, “Net freedom” movement. The term “Net freedom,” she notes, means very different things to different people. It’s “like a Rorschach inkblot test: different people look at the same ink splotch and see very different things.” (p. 188)  Nonetheless, on the global stage, the Internet freedom movement is fundamentally tied up with efforts to hold both governments and corporate actors more accountable for their actions toward the Netizens, digital networks, and online speech and expression.

MacKinnon has rightly won praise for her efforts to devise an institutional structure and accompanying set of social/moral pressures that can get private actors to understand “why it is good for their business in the long run to be both responsible and publicly accountable when it comes to protecting users’ and customers’ rights.” (p. 182)  She was instrumental in setting up the Global Network Initiative (GNI), an effort to devise a set of best practices and a sort of voluntary code of conduct for online operators doing business in repressive states. The GNI lays out a set of principles for online expression, privacy, corporate transparency, and multi-stakeholder interaction that members are expected to live up to. Thus far, however, the only major corporate signatories are Microsoft, Google, and Yahoo.

Consent of the Networked is MacKinnon’s effort to take the “Net freedom” movement to the next level; to formalize it and to put in place a set of governance principles that will help us hold the “sovereigns of cyberspace” more accountable.  Many of her proposals are quite sensible. But my primary problem with MacKinnon’s book lies in her use of the term “digital sovereigns” or “sovereigns  of cyberspace” and the loose definition of “sovereignty” that pervades the narrative. She too often blurs and equates private power and political power, and she sometimes leads us to believe that the problem of the dealing with the mythical nation-states of “Facebookistan” and “Googledom” is somehow on par with the problem of dealing with actual sovereign power—government power—over digital networks, online speech, and the world’s Netizenry.

Back to Political Philosophy 101: What a Sovereign Is, and Isn’t

MacKinnon suggests that we need to begin to think about our interactions with various private digital intermediaries in much the same way many political philosophers have traditionally thought about the relationship between citizens and the state. Building on social contract theory (a la Hobbes, Locke, Rousseau, etc.), she seeks to apply “consent of the governed” notions to the digital sphere such that we might achieve as sort of “consent of the networked.” “It is time for the new digital sovereigns to recognize that their own legitimacy — their social if not legal license to operate — depends on whether they too will sufficiently respect citizens’ rights,” she argues. (p. 165) “It is time to upgrade the social contract over the governance of our digital lives to a Lockean level, so that the management of our identities and our access to information can more genuinely and sincerely reflect the consent of the networked.” (p. 165)

It sounds great in theory. In practice, however, this notion is highly problematic.  Private companies are not “sovereigns,” nor should we move to formally classify them as such. Equally problematic is MacKinnon’s quip about their “legal license to operate,” which raises other concerns.

First, let’s drill down a bit on the sovereignty point.

Sovereignty is, at root, about power; supreme power over a group in a defined geographic territory. In a Hobbesian sense, sovereignty is the coercive power to rule absolutely over those people. For a more extensive discussion, see Bertrand Russell’s magisterial A History of Western Philosophy. (Touchstone, 1945, pp. 546-557.)  Or we might also reference Blackstone who noted that “For legislature, as was before observed, is the greatest act of superiority that can be exercised by one being over another. Wherefore it is requisite to the very essence of a law, that it be made by the supreme power. Sovereignty and legislature are indeed convertible terms; one cannot subsist without the other.”

Of course, the uniquely American contribution to this discussion — flowing from the radicalism of the American Revolution — is that sovereignty lies in the people themselves and that only when they delegate some of that power to the state does the state come to have any legitimacy. Through “the consent of the governed” and the requisite constitutions or other contracting elements, “we the people” transfer power to governments to handle a variety of things that we deem better not left to private actors or actions. More on those powers in a sec.

But first, let’s be clear about the essential transfer of power that takes place here and why we shouldn’t take it lightly. At the heart of sovereignty lies the collectivization of force and coercion. In her essay “On the Source of the Authority of the State,” the British philosopher G.E.M. Anscombe’s pinpointed the “institutional violent coercive power” of the State as the crucial element of its sovereign authority over any group. “No political theory can be worth a jot, that does not acknowledge the violence of the state, or face the problem of distinguishing between states and syndicates,” Anscombe argued. This is just as true for the sort of sovereignty derived from the “consent of the governed” via the Lockean-American model as it is in the British tradition or any other system.

But there’s another essential element to sovereignty, properly understood: the impossibility of escaping the reach of that authority. Commenting on Anscombe’s framework, Jenny Teichman and Katherine C. Evans, authors of Philosophy: A Beginner’s Guide, note that “there surely must be some difference between a state and a voluntary association… The chief difference between a voluntary association and a state is that you can resign from a voluntary association, but it is never possible to resign from the state.” (p. 105).

The American Revolution gave us a new way of thinking about this, too. Because true sovereignty lies with the people, even after we transfer some of it to the state as an agent of power over us, we can later change our minds and take that power back. Of course, that’s much easier said than done, especially if we are talking about a full-blown revolution being required to accomplish the return of that power to the people such that we might contract with a new sovereign entity.

But the important point here is that, while the state does exist and retains the power we have delegated to it, it (a) possess unique coercive powers over us and (b) the possibility of escaping their rule is often quite limited, sometimes by geographic or economic realities, other times by efforts by the sovereign to restrict flight.

The same facts do not hold for corporate entities. That is the essential insight missing from MacKinnon’s narrative. “Facebookistan” and “Googledom” are cute labels, but let us not pretend for one moment that there is any legitimacy whatsoever to their “rule” over us.  They do not possess such coercive powers over us and we are able to escape their “territories” any time we want, or not even join them in the first place if we don’t want to.

Not to put too fine a point on it, but here are the three essential things that sovereign governments can do that “Facebookistan,” “Googledom” or any other corporations cannot: (1) Imprison you. (2) Tax you. (3) Confiscate your property.  But that’s not the end of the list. There are many other powers that are exclusive to governments. For example, they can: coin money, regulate various forms of commerce, form standing armies, form treaties with foreign sovereigns, declare war on those foreign sovereigns with those aforementioned standing armies, etc, etc). But those big three powers are the ones that matter most.

While, in theory, “we the people” could contract with Facebook, Google, or another private entity to hold these powers and literally become “sovereigns of cyberspace” ruling over us, the reality is that that has never happened and isn’t about to any time soon. In fact, no corporation holds these powers unless governments deputize them — whether willingly or reluctantly — to become henchmen of the State. That’s a crucial point, and one often misunderstood in debates about Internet freedom, online privacy, digital copyright, and online freedom of speech. Luckily, that distinction is not lost on MacKinnon. In fact, she nails what it so insidious about it. More on that point in a moment.

The Self-fulfilling Prophecy Problem

But first, there’s another major problem with MacKinnon’s suggestion that we think of certain private digital entities as “sovereigns.”  We might think of it as “the self-fulfilling prophecy problem”: If you declare certain digital operators to be “sovereigns” or even “essential social facilities” to use public utility parlance, then you should not be at all surprised when the very act of affixing that label (and concurrent obligations) on a particular platform or company tends to lock it in as the preferred or only choice in its sector.

If, for example, we had a formal “constitutional convention” for Facebookistan and its users (God only knows how such a thing would work), it could very well tip the market in favor of Facebook being the primary or preferred choice for social networking going forward.  This has been a long-standing problem in the field of communications where public utility regulation often shelters a “utility” from competition once it is enshrined as such. Or, by forcing standardization or a common platform, regulation can help lock it in for the long-haul and erect de jure or de facto barriers to entry that restrict beneficial innovation and disruption of market leaders.

The last thing we want to do is lock-in Facebook or Google as market leaders by declaring that we need special rules governing MacKinnon’s mythical sovereigns of “Facebookistan” and “Googledom.” Those countries do not exist, nor should the law declare that they do. [Note: I have a paper coming out next month on “The Perils of Classifying Social Media Platforms as Public Utilities” that will address these issues in more detail.]

The Velocity of “Tech Titan” Meltdowns also Undercuts “Sovereignty” Claims

Importantly, MacKinnon also fails to consider the rapid rise and fall of these supposed digital sovereigns. In my work attacking the Lessig-Zittrain-Wu school of thinking about cyberlaw and digital economics, I’ve argued that there’s a serious short-sightedness and a needlessly pessimistic outlook among many Internet academics today. [See my book chapter from The Next Digital Decade: “The Case for Internet Optimism, Part 2 – Saving the Net from Its Supporters .”]

Creative destruction and disruptive technologies continue to upend tech markets and displace supposedly “dominant” digital giants with increasingly regularity. Change and churn are the only constants in an economy built largely on the foundations of binary code. Absolutely nothing that was sitting on our desktops in 1995 remains there today (can you name another sector like that?), and most of the first generation of “tech titans” have already faded from the picture. If MacKinnon had written her book just a decade ago, would she have referred to AOL as a “sovereign of cyberspace”? If she had penned it five years ago, would she have fretted about “MySpace-istan”?

By contrast, the reign of most actual “sovereigns” is usually measured in decades, even centuries. That is far longer than the brief time in the sun that most digital providers and platforms enjoy today. Markets discipline and sometimes severely punish those that don’t satisfy the desires of users and customers.

Power Begets Power: The Dangers of Middleman Deputization

But let’s get back to the dangers of middleman deputization. It should be obvious that any move to treat digital operators more like “sovereigns” will likely end up ensuring that actual sovereigns rope them into a host of regulatory regimes. This is why I was dismayed by MacKinnon’s “legal license to operate” line, even though she never fully develops what she means by that. It seems to imply that these entities only exist by the good graces of the State and that they could be used to accomplish a variety of government goals.

I was relieved, therefore, to see what a nice job MacKinnon does documenting and critiquing the many ways that governments already enlist digital intermediaries into a variety of regulatory efforts, including: copyright enforcement, online child safety, online harassment / defamation, and national security / law enforcement matters. In one of the best portions of the book, she takes on policymakers and academics who increasingly call for increased intermediary deputization, which often diminishes users’ liberties in one fashion or another. “Internet companies around the world face mounting pressure from governments not just to block websites but to delete a wide range of content from the Internet completely, as well as track what their users are doing so they can be prosecuted or cut off if they do anything illegal,” she correctly notes. (p. 93)

MacKinnon also takes on Cass Sunstein and some of the other contributors to the troubling recent book The Offensive Internet. Several of the academics who penned essays for that collection call for expanded intermediary policing of the Net as well as new laws aimed at limiting online anonymity. These deputization mandates would open the door to excessive government control of speech and also raise serious privacy and security issues. MacKinnon wonders: “Can Sunstein and his coauthors be so naïve as to think that power holders in the twenty-first century United States are different from power holders in any other place or time?” (p. 89)  Excellent question!

MacKinnon notes that South Korea adopted a law demanding websites with more than 100,000 visitors per day to obtain the real names, addresses, and national ID numbers of all users upon account creation. The law followed concerns similar to those raised by American critics who are worried about online harassment. “But this legal solution pursued by a democratically elected parliament ended up being used by economically and politically powerful people in South Korea to stifle speech they happened to find threatening,” MacKinnon notes. She recalls the case of South Korean blogger Park Dae-sung, who was arrested and jailed under the law for “spreading false information to harm the public interest.” (p. 90) In reality, Park had done little more than blog critically about the country’s economic policies and found himself loathed by many inside the government as a result.

Regrettably, this was not an isolated case. Other Koreans were charged under the law before it was finally overturned in mid-2011, but not before much of the personal information collected by the government was stolen by Chinese hackers. “Herein lies the dangerous slippery slope in legislation to curb anonymity,” argues MacKinnon. “[T]he people of South Korea,” she notes, “learned a painful lesson about why excessive data retention and ID requirements can make citizens less rather than more secure.” (p. 91)

Here in the United States, we are lucky that 47 U.S.C. § 230, commonly known as “Section 230,” shields online operators from liability for information posted or published on their systems by users, ensuring that they cannot be deputized by governments to more aggressively police — even self-censor — their sites for various types of online content that public officials wanted curbed. I’ve argued that Sec. 230 is “the greatest Internet law” because it grants online intermediaries generous leeway to determine what content and commerce travels over their systems without the fear that they will be overwhelmed by lawsuits if other parties object to some of that content. Many of the online social media and e-commerce sites that we know and love today — Yelp, Twitter, eBay, etc. — might not exist without Sec. 230’s protections. Moreover, many users would find their online liberties and privacy in greater peril without Sec. 230’s protections.

Still, as MacKinnon correctly notes, many digital intermediaries are pressured (and sometimes required) to serve as the handmaidens of government. This is particularly problematic when it comes to the forcible surrender of personal information or technological capabilities to government officials. When government officials come knocking on a company’s door asking for user records, files, search histories, or whatever else, that’s obviously a huge problem.

But, as I noted in this debate with Lawrence Lessig a few years ago, this is a problem we should handle by putting more constraints on our government(s), not by imposing more regulations on code or coders. While, as a general principle, it is wise for companies to minimize the amount of data they collect about consumers or websurfers, we need not force that by law. And we should certainly hold companies to high standards when it comes to data security and breach. But, again, the best way to deal with many of the surveillance and data collection threats that MacKinnon worries about in her book is to tightly limit the powers of government to access private information through intermediaries in the first place. Most obviously, we could start by tightening up the Electronic Communications Privacy Act and other laws that limit government data access. And continuing to defend Section 230 against attacks is essential. If we’re going to be legislating about the Internet, we need more laws like that to create a high and tight firewall between government and our online communities.

MacKinnon’s Net Governance Ideas

I apologize for dwelling so long on the point about sovereignty, but I believe it’s essential we not start thinking of private operators as “sovereigns” for the reasons I’ve outlined.  Anyway, MacKinnon has many other ideas about Net governance in the book that are less controversial. In fact, I find myself largely in agreement with many of her recommendations.

For example, she wants to “expand the technical commons” by building and distributing more tools to help activists and make organizations more transparent and accountable. These would include circumvention and anonymization tools, software and programs that allow both greater data security and portability, and devices and network systems to expand the range of communication and participation, especially in more repressed countries.  All terrific ideas.

MacKinnon would also like to see neitzens “devise more systematic and effective strategies for organizing, lobbying, and collective bargaining with the companies whose service we depend upon — to minimize the chances that terms of service, design choices, technical decisions, or market entry strategies could put people at risk or result in infringement of their rights.” (p. 247)  This also makes sense as part of a broader push for improved corporate social responsibility. When people band together — as consumers, users, citizens, etc. — they can provide a powerful check on corporate behavior and encourage the evolution of new social and market norms. There are so many Internet advocacy organizations out there doing this now that I sometimes wonder if some of them would be better off merging to increase their collective bargaining power. But that’s a discussion for another day.

What Role for Law?

In terms of law, it’s not always clear what MacKinnon is after, even if it is obvious she’s open to more regulation, so long as it’s for what she regards as the right purpose. “There is a need for regulation and legislation based on solid data and research (as opposed to whatever gets handed to legislative staffers by lobbyists) as well as consultation with a genuinely broad cross-section of people and groups affected by the problem the legislation seeks to solve, along with those likely to be affected by the proposed solutions,” she says. (p. 172) While this implies an openness to political solutions to “net freedom” and privacy problems, MacKinnon never really makes it clear how we strike the right balance. Adding to the confusion is the very next line: “In many other situations, government regulation—especially when large numbers or people have good reason not to trust the motives of the regulators or legislators in question—can create as many problems as it solves.”

In other words, the standard for green-lighting government action seems to be this: When we can trust the motives of the regulators and legislators in question, then it’s fine to bring politics into the equation. Sorry, but that’s still a fairy subjective test.

It’s worth noting that, on balance, MacKinnon expresses serious reservations about the wisdom of many government solutions. And, as noted above with regards to deputization solutions, she certainly appreciates the many unintended consequences of regulation. She notes how regulation so often lags far behind innovation. “A broader and more intractable problem with regulating technology companies is that legislation appears much too late in corporate innovation and business cycles,” MacKinnon argues. (p. 174)  She notes that proposals like the Global Online Freedom Act (GOFA), which aimed to devise legal solutions and penalties for companies doing business in repressive regimes, ultimately won’t work.  Not only were the issues evolving too quickly for GOFA to be a solution, but its “one-size-fits-all legislative approach” didn’t make sense for the multiplicity of businesses, countries, cultures, and laws that are out there.

Despite these reservations, she seems entirely at ease with expanded government privacy mandates and Net neutrality regulation, among others. Yet, she grows more concerned when referencing efforts to legislate on copyright, child safety, defamation, and national security matters. And so we arrive back at a problem I have previously labeled the “selective morality problem” within modern cyberlaw debates: People hate Internet regulation… until they love it!  I’ve expanded on this notion at greater length in my essays, “When It Comes to Information Control, Everybody Has a Pet Issue & Everyone Will Be Disappointed,” And so the IP & Porn Wars Give Way to the Privacy & Cybersecurity Wars,” and more recently, “SOPA & Selective Memory about a Technologically Incompetent Congress.”

Like most other Internet policy scholars today, I don’t suspect MacKinnon will ever come around to embracing a more consistent, across-the-board approach to keeping government’s paws off the Net, but I would appreciate it if smart folks like her would at least acknowledge the inconsistency in their views as well as the danger of opening the door to government meddling for their pet concerns, since that will undoubtedly open it up wider and wider to all the other issues that people want handled politically. Eventually, this is how governments across the globe will wrap their tentacles tightly around every facet of online life and commerce. No one today mounts a consistent defense of cyber-liberty.

The problem is that MacKinnon, like so many other well-intentioned academics and activists today, seems to imagine that she’ll be able to dictate when the law gets used to do “the right thing” and then later we can just shut down the regulatory process and stop misguided legislative adventures. But you can’t have your cake and eat it too, even though that seems to be the operational assumption here. Again, we see that when she warns of the danger of regulatory capture and argues law should not be based on “whatever gets handed to legislative staffers by lobbyists.” Well, I hate to be such a cynic, but good luck with that!  If you want to know why I am such a cynic, take a look at my growing compendium, “Regulatory Capture: What the Experts Have Found.” It does not make for fun reading but the lesson is unambiguous: Increasing the scope of political meddling for some issues — even those you think worthwhile — will inevitably increases the grim reality of more Net regulation and more industry capture. It continues to be the #1 reason I prefer civil society-based and market-based solutions over governmental solutions, even when I sympathize with the concerns regulatory advocates raise.

Closing Thoughts

Despite the nitpicks I’ve raised here, there’s much to like in Rebecca MacKinnon’s Consent of the Networked. It offers a rich history of modern Net governance debates that is not to be missed. In particular, her coverage of China and the Net is second to none. More generally, she’s just a terrific all-around researcher and writer; her old journalism skills really paid off here. Other scholars in the field would do well to use her book as a model for how to communicate complex ideas in a clear and convincing fashion.

Cyberlaw and Internet policy scholars and students would be wise to read MacKinnon’s Consent of the Networked alongside Milton Mueller’s Networks and States: The Global Politics of Internet Governance [reviewed here], Evgeny Morozov’s The Net Delusion [reviewed here], and Access Contested: Security, Identity, and Resistance in Asian Cyberspace by Deibert, Palfrey, Rohozinski and Zittrain. Of course, the work of David G. Post and David R. Johnson is also mandatory reading on this topic. They were writing about Net governance before Net governance was cool. Post’s recent book, In Search of Jefferson’s Moose: Notes on the State of Cyberspace, [review here] is very much worth reading, as well as his much older 1998 essay, “The ‘Unsettled Paradox’: The Internet, the State, and the Consent of the Governed.” Also, David Johnson’s recent chapter in The Next Digital Decade closely tracks MacKinnon’s thinking on Net governance and is worth checking out. It’s entitled, “Democracy in Cyberspace: Self-Governing Netizens & a New, Global Form of Civic Virtue, Online.” There are many other important essays in that volume, too. I should also mention the massive collection of essays that Wayne Crews and I edited and bound together for Cato back in 2003. The volume was entitled Who Rules the Net? Internet Governance and Jurisdiction. There were some terrific essays in there on topics related to MacKinnon’s book.  Finally, for an international perspective on some of these issues, students should check out Chris Marsden’s recent book, Internet Co-Regulation: European Law, Regulatory Governance and Legitimacy in Cyberspace.

Down below you will find some additional links to explore Consent of the Networked and Rebecca MacKinnon’s other research and advocacy. Again, I recommend you add the book to your collection.

[Reminder: All my tech policy book reviews can be found here.]

Additional Reading:

• Official site for Consent of the Networked
• MacKinnon’s blog, “RConversation”
• MacKinnon’s recent Washington Post oped, “Why doesn’t Washington understand the Internet?”
• Global Network Initiative (GNI)
• MacKinnon interviewed on “Democracy Now” with Amy Goodman
• MacKinnon’s TED talk, “Let’s Take Back the Net”

It seems peculiar to me that some of the same individuals and groups who so vociferously opposed a “broadcast flag” technological mandate in past years are now in a mad rush to have federal policymakers mandate a “Do Not Track” regulatory regime for privacy purposes. The broadcast flag debate, you will recall, centered around the wisdom of mandating a technological fix to the copyright arms race before digitized high-definition broadcast signals were effectively “Napster-ized.” At least that was the fear six or seven years ago. TV broadcasters and some content companies wanted the Federal Communications Commission (FCC) to recognize and enforce a string of code that would have been embedded in digital broadcast program signals such that mass redistribution of video programming could have been prevented.

Flash forward to the present debate about mandating a “Do Not Track” scheme to help protect privacy online. As I noted in my filing last week to the Federal Trade Commission, at root, Do Not Track is just another “information control regime.” Much like the broadcast flag proposal, it’s an attempt to use a technological quick-fix to solve a complex problem. When it comes to such information control efforts, however, there aren’t many good examples of simple fixes or silver-bullet solutions that have worked, at least not for very long. The debates over Wikileaks, online porn, Internet hate speech, and Spam all demonstrate how challenging it can be to put information back into the bottle once it is released into the digital wild.

To be clear, I am not opposed to technological solutions like broadcast flag or Do Not Track, but I am opposed to forcing them upon the Internet and digital markets in a top-down, centrally-planned fashion. While I am skeptical that either scheme would work well in practice (whether voluntary or mandated), my concern in these debates is that forcing such solutions by law will have many unintended consequences, not the least of which will be the gradual growth of invasive cyberspace controls in these or other contexts. After all, if we can have “broadcast flags” and “Do Not Track” schemes, why not “flag” mandates for objectionable speech or “Do Not Porn” browser mandates?

From 2002-2005, when the broadcast flag wars were really raging, groups like the Electronic Frontier Foundation and Center for Democracy & Technology made several legitimate legal and practical arguments against a mandatory broadcast flag regime. But their principled case against broadcast flag mandates came down to an underlying fear about government encroachment on the Internet and the specter of more far-reaching regulation of cyberspace. For example, in a December 2003 report, CDT noted that even if other details could be worked out, “the [broadcast] flag approach will still pose unresolved concerns regarding technical regulation of computers and the Internet by the government [and] the impact of regulations on innovation and future consumer uses” was also problematic.

Importantly, EFF and CDT hammered broadcast flag proponents on the question of jurisdictional authority. They rightly asked where the FCC  got the authority to impose such rules at all and worried about the spillover effects of such arbitrary mandates in other Internet contexts. (The broadcast flag scheme was eventually tossed out by the D.C. Court of Appeals because of the FCC’s lack of authority.)

So, why wouldn’t these same concerns and arguments apply to Do Not Track regulation? CDT and EFF seem to care little that the Federal Trade Commission is aggressively pushing this new information control regime on the Internet.  Indeed, CDT and EFF are two of the biggest cheerleaders for FTC action in this regard.  Sorry, but I just don’t get it.  If it was misguided for regulators to push a broadcast flag regime upon cyberspace, isn’t it just as misguided for them to be pushing Do Not Track? I suspect this inconsistency has something to do with CDT and EFF being inherently skeptical of the benefits of most online copyright protection schemes while being more sympathetic to legal efforts aimed at protecting personal privacy online. Simply stated, they think there’s something to the notion of privacy “rights” and will bend over backward to engineer an information control regime to protect against the “unauthorized” flow of personal information online. When it comes to the “unauthorized” flow of copyrighted bits of information online, however, they aren’t nearly as interested in inviting the code cops in.

But even if one sympathizes with that distinction — absolute privacy “rights”  vs. minimal copy-“rights” — all the same concerns and criticisms that CDT and EFF raised earlier about the broadcast flag regulatory scheme would seemingly apply to the Do Not Track regime. Both regimes face formidable enforcement challenges and raise the specter of broader government control of cyberspace. There’s just no getting around that reality, and Do Not Track defenders who deny it are basically hiding from the ugly truth that they are greasing the skids for future information control efforts and regimes — both here and abroad.

I suppose that they might also argue that regulation is justified where it ensures more “choice” for consumers.  But forcing “choice” upon online markets isn’t exactly the same thing as allowing it evolve in a natural, non-destructive fashion. As I noted in my filing, many others besides me are concerned about what mandatory Do Not Track would mean for the online ecosystem of mostly “free” content and services. Lauren Weinstein, co-founder of People For Internet Responsibility (PFIR), worries that the “ability [of Do Not Track concepts] to cause major collateral damage to the Internet ecosystem of free Web services is being unwisely ignored or minimized by many Do Not Track proponents.” And in a brilliant Huffington Post column this week about the rise of a privacy techno-panic, Jeff Jarvis said, “I also worry that efforts to bring in a ‘Do Not Track’ list and other demonization of ad targeting could cripple the revenue of the media and news industries even as they struggle to find sustainability; it could kill news outlets and reduce journalism.”

Weinstein and Jarvis are right. There is no free lunch. While groups like EFF and CDT who support Do Not Track regulation are well-intentioned in their aims, the reality is that government regulation that attempts to create a cost-free opt-out for data collection and targeted online advertising will likely have damaging consequences for the future provision of online content and services. In terms of direct costs to consumers, Do Not Track could result in higher prices for service as paywalls go up or, at a minimum, advertising will become less relevant to consumers and, therefore, more “intrusive” in other ways.

Which leads to my final point. What is perhaps most perplexing about this is how many of the advocates of Do Not Track argue that such a regulatory scheme will slow the “arms race” in the privacy arena. For example, EFF has said “The header-based Do Not Track system appeals because it calls for an armistice in the arms race of online tracking.” And my favorite frenemy Chris Soghoian argues that “opt out mechanisms… [could] finally free us from this cycle of arms races, in which advertising networks innovate around the latest browser privacy control.”  At best, this is highly wishful thinking. At worst, it’s outright deceit aimed at sugar-coating the hard truth: If anything, a Do Not Track mandate will speed up the technological arms race and have many other unintended consequences. Online advertising will almost certainly become more “annoying” and even invasive as a result of such regulation.  And “tracking” techniques aren’t going to be stopped or even slowed as a result of Do Not Track. (Hello DPI!) Again, check out my filing to the FTC for more details.

The important point here is that one intervention will simply beget another and another in an attempt to address the “arms race” and to refine and rework Do Not Track to cover more and more online information flows. One wonders how expansive this new regulatory regime will need to be to deal with the growing scale and volume of online information flows. Really, does anyone think there will be less personal information online in coming years?  Unless we stop the unprecedented voluntary information-sharing and self-revelation of personal data that takes place on social networking sites and via user-generated content sites, there is simply no way in hell this problem is going to be curtailed. When 600 million people use Facebook as an open diary to the world (among many other examples I could cite), it’s hard to imagine we’ll ever be able to stop the mercurial flow of personal information across the Internet. Do Not Track certainly won’t stop it, but the cost of putting such a regulatory regime in place in an attempt to put the genie back in the bottle could be profound for the future of the Internet and online content and culture.

Again, this is essentially the same argument previously set forth against a broadcast flag mandate. As EFF once noted, “the technology mandate proposed… is unnecessary, ineffective, and unwise.”  I agree, and I invite Do Not Track defenders at CDT and EFF (or anyone else) to explain why, conceptually speaking, Do Not Track isn’t just broadcast flag in drag.

This is the second of two essays making “The Case for Internet Optimism.” This essay was included in the book, The Next Digital Decade: Essays on the Future of the Internet (2011), which was edited by Berin Szoka and Adam Marcus of TechFreedom. In my previous essay, which I discussed here yesterday, I examined the first variant of Internet pessimism: “Net Skeptics,” who are pessimistic about the Internet improving the lot of mankind. In this second essay, I take on a very different breed of Net pessimists:  “Net Lovers” who, though they embrace the Net and digital technologies, argue that they are “dying” due to a lack of sufficient care or collective oversight.  In particular, they fear that the “open” Internet and “generative” digital systems are giving way to closed, proprietary systems, typically run by villainous corporations out to erect walled gardens and quash our digital liberties.  Thus, they are pessimistic about the long-term survival of the Internet that we currently know and love.

Leading exponents of this theory include noted cyberlaw scholars Lawrence Lessig, Jonathan Zittrain, and Tim Wu.  I argue that these scholars tend to significantly overstate the severity of this problem (the supposed decline of openness or generativity, that is) and seem to have very little faith in the ability of such systems to win out in a free market. Moreover, there’s nothing wrong with a hybrid world in which some “closed” devices and platforms remain (or even thrive) alongside “open” ones. Importantly, “openness” is a highly subjective term, and a constantly evolving one.  And many “open” systems or devices are as perfectly open as these advocates suggest.

Finally, I argue that it’s likely that the “openness” advocated by these advocates will devolve into expanded government control of cyberspace and digital systems than that unregulated systems will become subject to “perfect control” by the private sector, as they fear.  Indeed, the implicit message in the work of all these hyper-pessimistic critics is that markets must be steered in a more sensible direction by those technocratic philosopher kings (although the details of their blueprint for digital salvation are often scarce).   Thus, I conclude that the dour, depressing “the-Net-is-about-to-die” fear that seems to fuel this worldview is almost completely unfounded and should be rejected before serious damage is done to the evolutionary Internet through misguided government action.

I’ve embedded the entire essay down below in Scribd reader, but it can also be found on TechFreedom’s Next Digital Decade book website and SSRN.

The Case for Internet Optimism Part 2 – Saving the Net From Its Supporters (Adam Thierer) http://d1.scribdassets.com/ScribdViewer.swf

Tim Wu’s new book, The Master Switch: The Rise and Fall of Information Empires, will be released next week and it promises to make quite a splash in cyberlaw circles.  It will almost certainly go down as one of the most important info-tech policy books of 2010 and will probably win the top slot in my next end-of-year list.

Of course, that doesn’t mean I agree with everything in it.  In fact, I disagree vehemently with Wu’s general worldview and recommendations, and even much of his retelling of the history of information sectors and policy.  Nonetheless, for reasons I will discuss in this first of many critiques, the book’s impact will be significant because Wu is a rock star in this academic arena as well as a committed activist in his role as chair of the radical regulatory activist group, Free Press. Through his work at Free Press as well as the New America Foundation, Professor Wu is attempting to craft a plan of action to reshape the Internet and cyberspace.

I stand in opposition to almost everything that Wu and those groups stand for, thus, I will be spending quite a bit of time addressing his perspectives and proposals here in coming months, just as I did when Jonathan Zittrain’s hugely important The Future of the Internet & How to Stop It was released two years ago (my first review is here and my latest critique is here).  In today’s essay, I’ll provide a general overview and foreshadow my critiques to come.  (Note: Tim was kind enough to have his publisher send me an advance uncorrected proof of the book a few months ago, so I’ll be using that version to construct these critiques. Please consult the final version for cited material and page numbers.)

The Master Switch & the Cyber-Collectivist Trilogy of Terror

As I noted in my essay on “Two Schools of Internet Pessimism,” what I find most lamentable about the state of cyberlaw and high-tech policy debates today is the foreboding sense of gloom and doom that haunts so many narratives.  To crack open most Net policy books these days is to step into a world of corporate conspiracies, nefarious industry schemers, closed systems, “kill switches,” squashed consumer rights, and so on.  Let’s face it, Chicken Little doesn’t need an agent; pessimism sells. The world loves a good tale of villainy and misery, and that’s exactly what Columbia Law School professor Tim Wu delivers in his new book, The Master Switch: The Rise and Fall of Information Empires.

Wu’s book is important if for no other reason than he is considered one of the intellectual godfathers of modern cyberlaw and The Master Switch is best understood as the final installment in an important trilogy that began with the publication of Lawrence Lessig’s seminal 1999 book, Code and Other Laws of Cyberspace and then was continued on in Jonathan Zittrain’s much-discussed 2008 book, The Future of the Internet & How to Stop It.

To better understand where Wu wants to take us in The Master Switch, we must first return to the central tenant of Lessig’s Code:  “Left to itself,” Lessig predicted, “cyberspace will become a perfect tool of control.” (pg 5-6)  Code quickly became a sort of cyber-collectivist Bible and today Lessig’s many disciples in academia and a wide variety of public policy regulatory advocacy organizations continue to preach this gloomy gospel of impending digital doom and “perfect control.”  Zittrain and Wu are Lessig’s most notable intellectual descendants; the Peter and Paul of the Church of Cyber-Doom that he founded.  And despite their insistence that they really aren’t all that pessimistic—or, more humorously, that they are actually libertarians in disguise—this crew persists with frightful tales and lugubrious warnings that unless someone or something—quite often, the State—intervenes to set us on a better course or protect those things that they regard as sacred.

Zittrain’s Future of the Internet, for example, brought Lessig’s Code up date by giving us a fresh set of villains.  Gone was Lessig’s old foil AOL and its worrisome walled gardens. Instead, the new face of evil became Apple, Facebook, and TiVo.  Zittrain worries about “sterile and tethered” digital “appliances” that foreclose digital generativity and the rise of “a handful of gated cloud communities whose proprietors control the availability of new code.”

Wu simply extends this narrative in The Master Switch when he ominously warns that there are “forces threatening the Internet as we know it” (p. 7) and then goes on to craft an enemies list that reads like a “Who’s Who” of high-tech corporate America. No one, it seems, can be trusted—at least not if that someone has a “.com” behind their name.  Wu hopes to convince us that history proves that concentrations of private power in information industries are inevitably follow a period of openness and competition.  He refers to this as “The Cycle.” Thus, he trots out the old collectivist saw that freedom is really slavery — slavery to The Man:

If the stories in this book tell us anything… it is that the free market can also lead to situations of reduced freedom. Markets are born free, yet no sooner are they born than some would-be emperor is forging chains.  Paradoxically, it sometimes happens that the only way to preserve freedom is through judicious controls on the exercise of private power.  If we believe in liberty, it must be freedom from both private and public coercion. (p. 310)

This is the heart of Wu’s critique in The Master Switch: The real threat is not Big Brother but Big Corporate Brother. It’s certainly not a new critique. Wu is simply steering the Lessig-ite, cyber-collectivism school of cyberlaw in line with traditional “progressive” perspectives and recommendations.  Indeed, although he and other so-called progressives don’t always come right out and say it, they often suggest that private power – however defined – is so insidious and threatening that greatly amplified State power to counter it becomes essential, even a good.

The cyber-collectivist movement that Lessig began with Code and Zittrain and Wu continue in their books, is fueled by that dour, depressing “the-Net-is-about-to-die” fear. Again and again their message comes down to this: “Enjoy the good old days of the open Internet while you can, because any minute now it will be crushed and closed-off by corporate marauders!”  This crowd want us to believe that the corporate big boys are — someday very soon — going to toss the proverbial “master switch,” suffocating Internet innovation and digital freedom, and making us all cyber-slaves within their commercialized walled gardens.

We might think of this fear as “The Great Closing,” or the notion that, unless radical interventions are pursued — usually of a regulatory nature – a veritable Digital Dark Age of Closed Systems will soon unfold, complete with myriad AOL-like walled gardens, “sterile and tethered devices,” corporate censorship, and consumer gouging. Again, it’s really just a restatement of the old Lessig vision of an unfettered cyberspace leading to “perfect (corporate) control.”  In other words, most information systems, networks and devices will be bottled up by corporate “gatekeepers” if markets aren’t steered in a better direction by wise philosopher-regulators.  And these “Openness Evangelicals,” as I will call them, believe they are the sagacious chosen few who will serve as the self-appointed janissary of the supposed dying order of openness.

My critique of this cyber-collectivist thinking and “Great Closing” thesis was more fully developed in these two essays [1, 2] and will be more robustly developed in a chapter for an upcoming book that will be published shortly.  Much of what I’ll have to say in response to Wu’s new book will be drawn from those essays as well as my two-part exchange [1, 2] with Lessig upon the 10^th anniversary of the publication of Code. Basically, I do not buy – not for one minute – the notion that “the Internet is dying” or that “openness” is evaporating.  The Internet has never been more vibrant or open.  Again, please read those previous essays for my completely response.  I’ll be teasing out some of those themes in future essays here.

More specifically, my response to Wu’s new book comes down to this:

1. Rarely is there any discussion of the nature of the respective forms of “power” or the coercive nature of State power, in particular.  The fact that the State has a monopoly on force in society and, thus, can penalize or even imprison, is either ignored or treated as irrelevant compared to the supposed “power” of private actors.
2. Rarely in their analysis — and never in Wu’s book — is there a serious cost-benefit analysis of the trade-off associated with an aggrandizement of State power in the name of countering the supposed evils of private power.  The solutions offered – to the extent they rise above amorphous calls to “do something” – are presented as cost-free options.
3. There isn’t enough focus on the dangers of “regulatory capture” or the massive inefficiencies associated with the sort of regulatory regimes that progressives and modern cyber-collectivists like Wu would substitute for market mechanisms.

In my next installment, I’ll take on Wu’s critique of the fictional “purely economic laissez-faire approach” he derides – an approach that has never existed in American communications or media markets.  In a forthcoming installment, I’ll also be challenging Tim to a Simon-Ehrlich wager on this front and ask him to put his money where his mouth is to see just how serious he is about his dour worldview and extreme technological pessimism!  So, stay tuned.

[Jump to Part 2 in the series.]

The Washington, D.C., fight over “net neutrality” in some ways only scratches the surface of what’s really at stake in the question of government regulation of Internet service providers’ treatment of online content. The downside of permitting FCC and Congressional authority over cyberspace “neutrality” is hard to overstate.

A former colleague and friend, now at New Media Strategies, sent me a January 2010 article—“The Splinternet means the end of the Web’s golden age”—about the proliferation of non-compatible devices used online, and the shielding of much new content behind logins and passwords, like the way News Corp. “hides” Wall Street Journal content behind a paywall, and other perceived insults. The author doesn’t see the trend as reversible, but the tone implies what an ominous development this somehow is, as if all this abundance and customization is negative, and that caution is in order.

But the realities of pay models and splintering—like the fact that some journalists have families to feed and can’t write for free, that Google doesn’t see much of what’s on Facebook, and that I can’t stream your iTunes—have no metaphysical, free speech, or public policy implications. Emergent splintering online represents the beginnings of a groundbreaking expansion of the Web’s basic capabilities, not a curtailment. (Besides, many with pro-neutrality views have been upset with Google lately anyway.)

This hand-wringing and use of the term “splinternet” reminded me of a related speculation I’d made in Forbes nearly 10 years ago about the tailoring of networks and pipes. Disturbed by then-burgeoning calls for regulation of the Internet emerging from various quarters over issues like privacy, spam, porn and cyber-trespass, I called for a “splinternet” mindset then and put it as follows:

The Internet needs borders beyond which users can escape damaging political resolutions of [policy] battles, which are rooted in the Internet’s non-owned, common-property status. Conflicting legislative visions in a cyberspace populated by exhibitionists at one extreme and would-be inhabitants of gated communities on the other, reveal the basic truth that not everybody wants or needs to be connected to everybody else.

Infrastructure and communications wealth—even the innovations with names like “iPad”—will make this ability to choose more feasible than ever—without sacrificing access to content and ideas. My colleague Adam Thierer and I also described such undercurrents—which could become tsunamis—in the introduction to the book Who Rules the Net?

The situation on the ground now is that FCC planners fancy themselves guardians of the idea that all content shall be treated the same. They presume to decide for everyone else, here in 2010, that network properties henceforth cannot be proprietary, and that no content can experience—brace for this—“discrimination.” But why? And how would they carry out such goals? With the technological shakeups taking place in content, infrastructure, and devices, it’s vitally important to appreciate what possibilities regulations can shut off, what carnage it can inflict to wealth creation—including content creation; it’s urgent that we explore and permit ways of making the net more profitable, and internalizing the net’s “externalities” that otherwise inspire planners to think they can control it better (or “neutralize” it).

FCC regulation is no substitute for the proper alternative, which is precisely the confusing and sometimes infuriating emerging content, network and device proliferation we now see. The frenzy is a good thing. Indeed, today’s cyberspace, if it isn’t careful, might be merely one of many that our descendants surf that feature varying levels of openness and neutrality. As communications wealth expands, the content of networks, no matter how big they are or whether they are closed or neutral, can increasingly be “cut and pasted” among one another in complex commercial arrangements. Figuring out how to do that is itself a future business model. That is, businesses of tomorrow may profit from having presences across several such dedicated “cyberspaces” and “splinternets” the way they do now across magazines, TV, radio and the net in the advertising niche. And if Washington were to do its proper job and deregulate network industries like water, power, sewer, rail, gas (instead of trying to re-regulate telecom), infrastructure too could expand well beyond our imagining. Now that would be stimulus, in case such a thing were anyone’s goal.

In other words, the Golden Age isn’t even here yet as far as the Information Revolution is concerned. As societies get wealthier, and old burgermeister meisterburgers die off (still another hint to FCC and it’s agenda), and decades and centuries pass, the “capital-I” Internet, the one spoken of today with a reverent tremble, could become far more antiquated and incapable of optimally supporting the smart devices yet to be invented (3-D Internet? Hologram displays? DNA computing?). Public policy always forgets we are not immortal; that’s the only way today’s FCC-style planners can imagine themselves smart and visionary enough to assert that net neutrality is the right thing to do; or rather, to force others to do. They have the answers; you are just the people they do things to.

We no longer use the barbed-wire telephone network of the past; we no longer use 28K modems. The future could be one of content spewing across a bouquet of networks, bits and wires alike duplicated and redundant in ways not conceivable today; businesses not even in existence yet will profit and help you profit by maintaining various presences across these “cyberspaces.” At least as far as public policy is concerned, it’s Internet technology, not the physical net and its particular ownership structure and hardware and infrastructure assortment of 2010, that will matter decades and generations hence—whether or not such networks actually come into being. Put still another way, from the other end of the telescope, tomorrow’s world in which all the content of today’s Internet might, for all we know, easily fit locally on a handheld device will be a very different world from that of today.

To that world, neutrality has nothing to offer except destruction, especially if it keeps today’s inventory of hardware artificially dumb, as warned here to FCC in 2008.

If net neutrality wins, it would entrench for us an inferior and rather unresponsive husk, the C&O Canal of Cyberspace. Thanks FCC.

Comments I just filed to FCC on its proposed “net neutrality” commandments defend in depth the notion of customized networks, pointing out how achingly “dumb” it can be to interfere in any way with smart communications pipes, especially when “dumb” ones, the “background hum” of the net you might say, can easily proliferate alongside. The neutrality issue seems even more perverse given policymaker’s simultaneous demands today for smart grids for electric power. So guys: go home. Internets, splinternets and cyberspaces will be far better off without you. I’m just glad you didn’t lock things in at 28 kilobits per second.

Lots of good things in The Washington Post today following up on U.S. Secretary of State Hillary Clinton’s historic address last week about the importance of global Internet freedom. First, The Post has published a powerful supporting statement from Sweden’s Minister of Foreign Affairs, Carl Bildt, entitled, “Tear Down These Virtual Walls.” Bildt notes that:

Two decades ago a wall made of concrete, built to divide the free and unfree, was torn down. Today it is the freedom of cyberspace that is under threat from regimes as keen as dictatorships past to control and limit the possibilities of their citizens. They are trying to build firewalls against freedom.  At the end of the day, I am convinced they are fighting a losing battle — that cyber walls are as certain to fall as the walls of concrete once did.

He then goes on to argue that, following Secretary Clinton’s address last week, “We should now forge a new transatlantic partnership for protecting and promoting the freedoms of cyberspace. Together, we should call for all these walls to be torn down.” He continues:

Much like the way the rule of the law is critical to protecting the freedoms we enjoy as citizens in our societies, and international law protects the peace between our nations, we must seek to shape the rules that will protect the rights and the freedom of cyberspace.

Importantly, The Washington Post itself also editorialized today about “The Internet War.” The Post rightly noted that Sec. Clinton’s speech was hugely important because she made it abundantly clear, as I noted here in my essay last week, that the U.S. will now make these issues part of future diplomatic negotiating efforts. As the Post argued:

Ms. Clinton made it admirably clear that abusers such as China will no longer get a free pass in U.S. public diplomacy or in international forums. …  Far better that the United States raise issues of Internet freedom, discrimination against U.S. companies and cyberwar stemming from China directly and openly with the Communist leadership than allow Beijing to poison and abuse the Internet without paying a price.

Finally, Post tech policy columnist Cecilia Kang has an interesting article on the Post Tech blog about how “Technologists Agree with Clinton, Say Internet Freedom Wins in Long Run.”  (I sure hope so!) She cites the always-interesting Clay Shirky, who argues that countries that have a censorship strategy “are suffering from a technological auto-immune disease… They are only delaying the spread of media and attacking their own infrastructure.”  Too true.  Anyway, kudos to The Washington Post for rightly giving these important issues the coverage they deserve.

The Internet is massive. That’s the ‘no-duh’ statement of the year, right?  But seriously, the sheer volume of transactions (both economic and non-economic) is simply staggering.  Consider a few factoids to give you a flavor of just how much is going on out there:

• In 2006, Internet users in the United States viewed an average of 120.5 Web pages each day.
• There are over 1.4 million new blog posts every day.
• Social networking giant Facebook reports that each month, its over 300 million users upload more than 2 billion photos, 14 million videos, and create over 3 million events. More than 2 billion pieces of content (web links, news stories, blog posts, notes, photos, etc.) are shared each week. There are also roughly 45 million active user groups on the site.
• YouTube reports that 20 hours of video are uploaded to the site every minute.
• Amazon reported that on December 15, 2008, 6.3 million items were ordered worldwide, a rate of 72.9 items per second.
• Every six weeks, there are 10 million edits made to Wikipedia.

Now, let’s think about how some of our lawmakers and media personalities talk about the Internet.  If we were to judge the Internet based upon the daily headlines in various media outlets or from the titles of various Congressional or regulatory agency hearings, then we’d be led to believe that the Internet is a scary, dangerous place. That ‘s especially the case when it comes to concerns about online privacy and child safety. Everywhere you turn there’s a bogeyman story about the supposed dangers of cyberspace.

But let’s go back to the numbers. While I certainly understand the concerns many folks have about their personal privacy or their child’s safety online, the fact is the vast majority of online transactions that take place online each and every second of the day are of an entirely harmless, even socially beneficial nature.  I refer to this disconnect as the “problem of proportionality” in debates about online safety and privacy. People are not just making mountains out of molehills, in many cases they are just making the molehills up or blowing them massively out of proportion.

Go back to those Facebook numbers, for example. 300 million users uploading 2 billion pieces of content each week, plus 45 million user groups.  Now, how many “incidents” do you hear about in the course of an entire year involving privacy and child safety on Facebook? A couple? A dozen?  I doubt it’s that many, but for the sake of argument, let’s be preposterous and say the number of incidents is 10,000.  Doing some quick math: 10,000 “incidents” divided by 2 billion pieces of content shared each week = 0.001%   In other words, there would need to be hundreds of thousands of privacy or child safety “incidents” taking place on Facebook each week before one could legitimately claim the trend was statistically significant in proportion to the total volume of transactions.

Of course, there’s no way to be scientific about this since I can’t crunch the numbers to get an exact calculation for Facebook or the entire Internet since it’s hard to even define or collect info about online “incidents.” And this is not to say there are never any incidents online where some harm might come to an individual or a child.  Defining “harm” can be contentious, however, especially when it comes to what I regard as the conjectural theories about advertising or provocative media content “harming” us or our kids.

Of course, others could claim that the sheer volume of information that we put online about ourselves is problematic for a variety of other reasons. The best argument about potential harm coming of all this information being online is that the sheer volume of data sharing and collection opens up the door to identify theft, or that some government agencies could get their hands on it and use it to do nasty stuff to us.  That first problem can be a legitimate one, and deserves more attention and greater consumer education. But that latter problem should be addressed by putting more constraints on our government(s), not by imposing more regulations on the Internet. Government powers should be tightly limited when it comes to monitoring the habits of websurfers or collecting information about them.

Nonetheless, it is my contention that an infinitesimal percentage of all daily online transactions and interactions involve serious privacy violations or harm to children.  Until they can prove otherwise, we need to demand that our policymakers and folks in the press put these issues into some perspective before they jump to conclusion about online life.  Enough of the fear-mongering and techno-panics!

Seems like everywhere I turn someone is gushing about their new Droid phone, including my TLF colleagues Berin Szoka, Braden Cox, and Ryan Radia, who all had great fun rubbing their new toys in my nose over the past couple of days. And why not, it’s a very cool little device.  It makes my HTC Touch seems positively archaic in some ways, and it’s only a year old.  Apparently, 100,000 people already picked up a Droid in just its first weekend on the market.

But here’s the first thing that pops in my mind every time I see someone showing off their new Droid: How can a device like this even exist when America’s leading cyberlaw experts have been telling us that the whole digital world is increasingly going to hell because of “closed” devices, proprietary code, and managed networks?  I’m speaking, of course, about the lamentations of Harvard professors Lawrence Lessig, Jonathan Zittrain, and their many disciples.  As faithful readers will recall, I have relentlessly hammered this crew for their unwarranted cyber-Chicken Little-ism and hyper techno-pessimism. (See my many battles with Zittrain [1, 2, 3, 4, 5, 6 + video] and my 2-part debate with Lessig earlier this year).

“Left to itself,” Lessig warned in Code, “cyberspace will become a perfect tool of control.”  He went on to forecast a dystopian future in which nefarious corporate schemers would quash our digital liberties unless benevolent public philosopher kings stepped in to save our poor souls. Code was the Old Testament of cyber-collectivism. The New Testament arrived last year with Zittrain’s The Future of the Internet and How to Stop It. In it, we hear the grim prediction that “sterile and tethered” digital technologies and networks will triumph over the more “open and generative” devices and systems of the past.  The iPhone and TiVo are cast as villains in Zittrain’s drama since they apparently represent the latest manifestations of Lessig’s “perfect control” paranoia.

Apple’s “Angel of Death”

How completely out-of-control has this thinking gotten?  Well, here’s David Weinberger — another Harvard Berkman Center worrywart — talking about that supposed satanic font of all evil, the Apple AppStore:

The AppStore is the seductive angel of death for computing. It enables Apple to keep quality up and, more important, to keep support costs down. But a computer that can’t be programmed except by its manufacturer (or with the permission of its manufacturer) isn’t a real computer. The success of the AppStore is a gloomy, scary harbinger. From controlling the apps that can go on its mobile phone, it’s a short step for Apple to decide to control the apps that can go on its rumored slate/netbook device. And since so much of the future of computing will occur on mobiles and netbooks, this portends a serious de-generation of computing, as predicted by Jonathan Zittrain in The Future of the Internet and How to Stop It.

The “angel of death”? A “gloomy, scary harbinger”? Wow, who knew!  In Weinberger’s world, Apple is guilty of the heinous crime of “keep[ing] quality up and, more important, [keeping] support costs down.”  OH MY GOD, how dare they.  Somebody make them stop!  No, seriously, how silly is all this? It’s like those Republicans who, in their zeal to do anything to defeat health care nationalization, decide it’s OK to make up spooky stories about “death panels” hidden deep inside congressional bills.

I find Weinberger’s claim that “a serious de-generation of computing” is looming because of the iPhone to be especially ridiculous. It’s the same sort of rubbish Lessig was spewing in Code when he predicted that AOL’s walled garden model was going to take over the entire cyber-world and ensure “perfect control,” just one of the many things Lessig got wrong in the book.  And it’s the same silliness we see at work in Zittrain’s work when he claims that we’re doomed to live in a world of closed “sterile and tethered” digital technologies and networks. Similarly, last year, Public Knowledge analyst Alex Curtis managed to reach the zenith of this rhetorical insanity when he likened the Apple App Store to an Orwellian Big Brother that was bringing us a “1984 kind of total control.”  You know, because Apple is forcing us all to own iPhones and locking us into re-education camps.  Right.

I Fart, Therefore I Am (Generative)

Which brings me back to the Droid.  If all these dour predictions about the death of digital generativity and the rise of closed networks and walled gardens were true, how in the world does a phone with an open source operating system and a completely open applications process for developers even exist? (Android devices like the Droid don’t require users to rely exclusively on the Android Marketplace for apps; you can run other apps if you like).

Moreover, it’s not just that a remarkably innovative and generative device like the Droid gets widespread release and praise, it’s the fact that there are countless other mobile devices and applications on the market today much like it. On the Zittrainian “generative-vs.-sterile appliance” spectrum, the range of mobile devices just continues to grow and grow in both directions. You can decide exactly what type of device you want.  But here’s the more important point: How much of a difference does it even make how “open” these phones and app stores are?  You’ve got more “closed” systems like Apple’s iPhone and Palm’s Pre on one end of the spectrum and then more “open” systems like the Droid and even many Windows Mobile devices on the other end, but do these competing models really result in many difference in terms of functionality and innovation?  The reality is this: tons of innovation is occurring across all of these devices and platforms regardless of how “open” or “closed” they may be.

For example, when I go to Handango, a terrific mobile application marketplace, and search for “all apps” available for my HTC Touch (which runs a Windows Mobile OS), my senses are assaulted with 6,677 choices.  It’s all a bit overwhelming.  Luckily, a quick search can get me right to the important applications I really need — like the “Pocket Fart” app.  Folks, let me tell you, no “generative” device is worth its salt without a good farting application.  I don’t care how bad of a mood my kids are in, when I fire up a fart app, it puts an instant smile on their faces!

But hey, guess what… that “angel of death,” the iPhone Store, offers fart apps, too!  Dozens and dozens of fart apps, in fact.  In terms of Zittrainian generativity, the iPhone is positively fart-tastic. Just check out that video below. And in addition to those dozens of flatulence apps, the Apple AppStore has another 100,000 apps available for downloading, making it the largest applications store in the world. And back in September, Apple announced that more than two billion apps had been downloaded from the App Store in its short existence. That’s Billion with a “B”.  Does this sound like it “portends a serious de-generation of computing” as Weinberger suggests?  Incidentally, if he’s so frightened that Steve Jobs is the Grim Reaper incarnate he can always go find another phone. Seriously, Steve Jobs doesn’t force anybody to buy one of these expensive toys.

If the iPhone is Good Enough for Zittrain, Why Isn’t It Fine for the Rest of Us?

Incidentally, despite all the fear and loathing about Steve Jobs and the iPhone that one finds in Future of the Internet, I was very entertained to discover that Jonathan Zittrain is an iPhone user himself!  I used some shameless McCarthyite tactics during our debate at New America Foundation last year — “Are you now, or have you ever been, an iPhone user!” — to publicly out him. [Go to the 55:00 minute mark of the video to see.]  But my point to him that day was a serious one: If you so fear the death of generativity because of that little demonic device, than why carry one in your coat pocket?  Why not use a device that lets you break all the rules because it essentially has no rules?  There are multiple open source mobile operating systems and a thriving community of “homebrew” developers. Go spend a few minutes at PCC Geeks or Howard’s Forums and see what I mean.

But the Berkman boys don’t seem content with all that.  And I wouldn’t usually give a damn about the lunacy of these hyper-pessimistic prognostications from the Harvard crew if it was all just harmless cyber-sourpuss ramblings from the ivory tower geeks with too much time on their hands.  But the problem is that these people want regulators to take steps to correct these supposed “code failures,” as Lessig calls them.  Zittrain calls for “API neutrality” in his book, which would force net neutrality-like mandates on digital devices. And in a New York Times editorial this summer entitled “Lost in the Cloud,” he made it clear that cloud neutrality regulation was next on the list. [Others are joining that call.] I’ve got a serious problem with that, as I detailed extensively in earlier essays (here and here), and Berin Szoka and I have discussed how these escalating neutrality wars are bound to lead to the digital equivalent of “mutually assured destruction” within the tech community before it’s all over.

Finally, when the Berkman gang, which is the most respected cyberlaw shop in the land, go around casting these debates with terms like “evil” applications and “angels of death,” then I have a serious problem because the game you are playing becomes hazardous to the health of the digital economy.  This poisons the public policy debate by using absurd moralistic rhetoric about something as fundamentally agnostic as digital platforms and protocols.  These things are neither good nor evil; they are just choices.  They represent different ways of promoting innovation.  And we should be happy that our current digital marketplace is offering us a rich mosaic of business models and options that can fill almost any need and fit almost any picky user’s desires.  If that ain’t progress, I don’t what is.

What Unites Advocates of Speech Controls & Privacy Regulation? [pdf]

by Adam Thierer & Berin Szoka The Progress & Freedom Foundation, Progress on Point No. 16.19

Anyone who has spent time following debates about speech and privacy regulation comes to recognize the striking parallels between these two policy arenas. In this paper we will highlight the common rhetoric, proposals, and tactics that unite these regulatory movements. Moreover, we will argue that, at root, what often animates calls for regulation of both speech and privacy are two remarkably elitist beliefs:

1. People are too ignorant (or simply too busy) to be trusted to make wise decisions for themselves (or their children); and/or,
2. All or most people share essentially the same values or concerns and, therefore, “community standards” should trump household (or individual) standards.

While our use of the term “elitism” may unduly offend some understandably sensitive to populist demagoguery, our aim here is not to launch a broadside against elitism as Time magazine culture critic William H. Henry once defined it: “The willingness to assert unyieldingly that one idea, contribution or attainment is better than another.”^[1] Rather, our aim here is to critique that elitism which rises to the level of political condescension and legal sanction. We attack not so much the beliefs of some leaders, activists, or intellectuals that they have a better idea of what it in the public’s best interest than the public itself does, but rather the imposition of those beliefs through coercive, top-down mandates.

That sort of elitism—elitism enforced by law—is often the objective of speech and privacy regulatory advocates. Our goal is to identify the common themes that unite these regulatory movements, explain why such political elitism is unwarranted, and make it clear how it threatens individual liberty as well as the future of free and open Internet. As an alternative to this elitist vision, we advocate an empowerment agenda: fostering an environment in which users have the tools and information they need to make decisions for themselves and their families.

I. The Elitism of Speech Regulation

First, consider how those two elitist beliefs identified above are on display when lawmakers or regulatory advocates make efforts to control speech or content.^[2] Calls to regulate free speech are often premised on the belief that something must be done to “protect The Children.”^[3] Personal and parental responsibility ^[4] are regarded as inadequate safeguards ^[5] since some parents will inevitably fall down on the job by not adequately shielding their children’s eyes and ears from potentially objectionable (or supposedly harmful) speech. Therefore, government must regulate content that is indecent, profane, excessively violent, and so on. The definition of those things is then left to unelected bureaucrats and judges to make on our behalf.

But it’s not just about “The Children.” Some regulatory advocates believe that even the choices made by consenting adults must be disregarded because some people fail to understand the supposedly destructive nature of the speech they are consuming. Government must act to protect people from making what some regulatory advocates regard as destructive or even immoral choices that could bring harm to them or their loved ones.

In sum, regulatory advocates are essentially saying that people cannot be trusted or left to their own devices and, therefore, government must intervene and establish a baseline “community standard” on behalf of the entire citizenry to tell them what‘s best for them.^[6] Even if those citizens have tools and information at their disposal to make sensible decisions about objectionable content, that’s not good enough because they might not do the job properly. Government must do it for them!

II. The Elitism of Privacy Regulation

This same mentality motivates calls for privacy regulations. Those who call for government interventions to “protect privacy” often claim that people too willingly surrender personal information about themselves and that they don’t understand the adverse consequences of those actions.^[7] Alternatively, regulatory advocates claim that advertising and marketing efforts are inherently “manipulative” and that people do not realize they are being duped into surrendering personal information or into buying products or services they supposedly don’t need.^[8] Of course, those regulatory advocates rarely pause to explain to us how it is that they were not also duped and manipulated by the same things—again revealing their deeply-rooted elitism! (As discussed below, this makes it clear how the psychological phenomenon of “third-person effect hypothesis” is driving much of this debate.)

“Protecting The Children” is also used as a rhetorical cover for regulation here, but not as often in debates over speech controls.^[9] Instead, regulatory advocates mostly focus on adults who are presumed not to know what is in their own best interest—necessitating paternalistic government intervention on their behalf.

III. Intellectual Schizophrenia on Both the Left & Right

What is particularly interesting about all this is the way these two issues expose a sort of intellectual schizophrenia at work on both the Left and Right of the political spectrum. Left-leaning policymakers and intellectuals typically decry censorship efforts (except where “commercial speech,” “hate speech” and “bias” are at issue), but are quick to rally around proposals to layer privacy regulations on the Internet. The opposite is often true of many on the Right of the political spectrum: They typically declare privacy regulations to be paternalistic and antithetical to free enterprise (or perhaps just erosive of efforts to legislate morality),^[10] but in the next breath advocate controls on content they find objectionable.

Few on either side stop to consider the relationship between speech and privacy. In fact, they are but two sides of the same coin. After all, what is your “right to privacy” but a right to stop me from observing you and speaking about you?^[11] “Protecting privacy,” therefore, typically means restricting speech rights in the process. Advocates of privacy regulation often insist that the use, processing and collection of information are “conduct” unprotected by the First Amendment, but in fact, the First Amendment broadly protects the gathering and distribution of information as part of the process of communication (“speech”).^[12] Similarly, attempts to “clean up” speech or “protect The Children,” often require regulations that would betray the privacy of adults by expanding the role of government, and impose serious burdens on businesses and markets—such as age verification mandates ^[13] or extensive data retention requirements.^[14]

IV. Common Tactics & Regulatory Mechanisms

The two movements also share common political tactics and regulatory approaches. Privacy advocates generally favor “opt-in” mandates as the federal “baseline standard” for any website collecting information about users, especially their browsing habits (regardless of whether the information is “personally identifiable”). In other words, the law would create a property right in such “personal information” (ironically, many advocates of this approach criticize or reject intellectual property.) In a similar vein, many advocates of speech controls push for mandatory parental control tools or restrictive default settings.^[15] That is, if government won’t censor speech outright, regulatory advocates want lawmakers to at least (1) require that media, computing and communications devices be shipped to market with parental controls embedded or included (as proposed in Australia and with China’s “Green Dam” filter),^[16] and possibly, (2) that such controls be defaulted to their most restrictive position—forcing users to opt-out of the controls later if they want to consume media rated above a certain threshold.

More sophisticated advocates of speech controls and privacy regulation will likely argue that their paternalism is less elitist or intrusive because they merely want to “nudge” the public into making “better” decisions. Economist Richard Thaler and legal scholar Cass Sunstein (director of President Obama’s Office of Information and Regulatory Affairs, responsible for analyzing most new federal regulations) popularized this approach with their 2008 book Nudge: Improving Decisions about Health, Wealth, and Happiness. Based on behavioral economics studies, they argue that both government and private actors must inevitably make decisions about “choice architecture” and that, by setting defaults, incentives and rules smartly, “choice architects” can and should improve decision-making without blocking, fencing-off or significantly burdening choices.^[17]

In this regard, Sunstein and Thaler’s approach parallels the work of Lawrence Lessig, one of the most influential Internet policy thinkers. Lessig has argued that the “architecture” of “code” (how software is written) “regulates” all online activities and requires government oversight and intervention to keep in check. Otherwise, he warned ominously a decade ago, “Left to itself, cyberspace will become a perfect tool of control.”^[18] Lessig’s hyper-pessimistic predictions have proven unwarranted, however. Far from fostering a world of “perfect control,” code and cyberspace have proven remarkably difficult to regulate, but nonetheless has generally benefited consumers and citizens without centralized direction.^[19] Still, Lessig, Sunstein, and others of this ilk persist in their advocacy of “nudges” of many varieties to impose their will on cyberspace through mandates from above.

But while it might be possible to define “better decisions” and argue that poor choice architecture leads people to choose things they clearly don’t want in contexts like investment decisions and mortgages, how can elites know what other people really want in highly subjective contexts like privacy and speech? Should they rely on opinion polls—the highly subjective results of which depend heavily on “choice architecture” of question-crafting—to guess what the right default should be?^[20] Was the Chinese proposal to mandate deployment of “Green Dam” just a harmless “nudge” because users weren’t barred from uninstalling the filtering software that must accompany their computers (i.e., “opting-out”)? The problem becomes even more difficult where trade-offs among competing values are inevitable. For example, data collection about Internet users raises privacy concerns for some but benefits all, creating more funding for “free” content (i.e., speech) and services users prefer by making more valuable the advertising that supports online publishers. In short, regulations of speech and privacy are likely to be pure paternalism, even when billed as “libertarian paternalism as Thaler and Sunstein label their approach.^[21]

What might be called “regulatory blackmail” is also a time-honored tradition among both advocates of speech controls and privacy regulation. When censorship advocates have previously been impeded by the First Amendment, they have worked behind the scenes with lawmakers or regulatory agencies to use indirect pressure and strong-arming tactics to extract “voluntary concessions” from companies or others.^[22] For example, in 2004, the FCC strong-armed radio giant Clear Channel into agreeing to a “voluntary” consent decree that involved taking Howard Stern off the air.^[23] Similarly, in 2008, XM and Sirius Satellite Radio finally agreed to set aside 4% of their system capacity for use by politically favored racial minorities (a kind of speech control) as a “voluntary condition” of their merger—after the FCC had sat on their application for nearly 16 months.^[24] This race-based preference would have been unconstitutional if the FCC had imposed it directly.^[25] While the FTC has been far less prone to such abuse and actually plays a key role in holding companies to their promises, its current Chairman, Jon Leibowitz, has hung the “regulatory sword of Damocles” over the heads of the online advertising industry, threatening them with a “day of reckoning” if he doesn’t get what he wants from industry self-regulatory efforts.”^[26] The sword could actually fall if the FTC turns self-regulation into the European model of “co-regulation,” where the government steers and industry simply rows.^[27]

V. The Crisis Mentality that Drives Regulation

Speech and privacy regulatory advocates share another trait in common: an affinity for the use of a crisis mentality as a method of spurring political action. In his 1995 book The Vision of the Anointed: Self-Congratulation as a Basis for Social Policy, political philosopher and economist Thomas Sowell formulated a model that he argued drives ideological crusades to expand government power over our lives and economy. “The great ideological crusades of the twentieth-century intellectuals have ranged across the most disparate fields,” noted Sowell. But what they all had in common, he argued, was “their moral exaltation of the anointed above others, who are to have their different views nullified and superseded by the views of the anointed, imposed via the power of government.”^[28] These government-expanding crusades shared several key elements, which Sowell identified as follows:

1. Assertion of a great danger to the whole society, a danger to which the masses of people are oblivious.
2. An urgent need for government action to avert impending catastrophe.
3. A need for government to drastically curtail the dangerous behavior of the many, in response to the prescient conclusions of the few.
4. A disdainful dismissal of arguments to the contrary as either uninformed, irresponsible, or motivated by unworthy purposes.

We see this model at work on a daily basis today with our government’s various efforts to reshape our economy, but the model is equally applicable to debates over speech controls and privacy regulation. In particular, the various “technopanics”^[29] we have witnessed in recent years fit this model. For example, consider how this model plays out in the debate over online social networking:

1. Assertion of a great danger to the whole society [online sexual predators], a danger to which the masses of people are oblivious.
2. An urgent need for government action [such as mandatory online age verification ^[30] or the Deleting Online Predators Act ^[31]] to avert impending catastrophe.
3. A need for government to drastically curtail the dangerous behavior of the many [must stop kids and adults from being online together on same sites], in response to the prescient conclusions of the few [some state Attorneys General].^[32]
4. A disdainful dismissal of arguments to the contrary as either uninformed, irresponsible, or motivated by unworthy purposes [child safety researchers and others are told that their research is meaningless or offbase].^[33]

We also see this model in play in other debates, such as efforts to regulate “excessively violent” video games and television programming.^[34] And consider how this model plays out on the privacy front:

1. Assertion of a great danger to the whole society [amorphous privacy violations], a danger to which the masses of people are oblivious.
2. An urgent need for government action [“baseline federal privacy regulation”] to avert impending catastrophe.
3. A need for government to drastically curtail the dangerous behavior of the many [anyone who shares information online], in response to the prescient conclusions of the few [a handful of privacy advocacy groups].
4. A disdainful dismissal of arguments to the contrary as either uninformed, irresponsible, or motivated by unworthy purposes [any suggestion that privacy concerns are being overblown and that most information-sharing is socially beneficial is dismissed out-of-hand].

Worse yet, regulatory intervention in these cases simply begets more and more intervention to correct the inevitable failures of, or dissatisfaction with, previous interventions.^[35] Thus, the “crisis” cycle never ends.

VI. Third-Person Effect Hypothesis as an Explanation

Something more profound than simple political elitism seems to be at work here, however. A phenomenon psychologists refer to as the “third-person effect hypothesis” can explain many calls for government intervention, especially in the media world.^[36] Simply stated, speech and privacy critics sometimes seem to only see and hear in media or communications what they want to see and hear—or what they don’t want to see or hear. When they encounter perspectives or preferences that are at odds with their own, they are more likely to be concerned about the impact of those things on others throughout society and come to believe that government must “do something” to correct those perspectives. Many people desire regulation because they think it will be good for others, not necessarily for themselves. The regulation they desire has a very specific purpose in mind: “re-tilting” speech or market behavior in their desired direction.

The third-person effect hypothesis was first formulated by W. Phillips Davison in a seminal 1983 article:

In its broadest formulation, this hypothesis predicts that people will tend to overestimate the influence that mass communications have on the attitudes and behavior of others. More specifically, individuals who are members of an audience that is exposed to a persuasive communication (whether or not this communication is intended to be persuasive) will expect the communication to have a greater effect on others than on themselves.^[37]

Davison used this hypothesis to explain how media critics on both the Left and Right seemed to simultaneously find “bias” in the same content or reports when they couldn’t possibly both be correct. In reality, their own personal preferences were biasing their ability to fairly evaluate that content. Davison’s article prompted further research by many other psychologists, social scientists, and public opinion experts to test just how powerful this phenomenon was in explaining calls for censorship and other social phenomena.^[38] In these studies, third-person effect has been shown to be the primary explanation for why many people fear—or even want to ban—various types of speech or expression, including news,^[39] misogynistic rap lyrics,^[40] television violence,^[41] video games,^[42] and pornography.^[43] In each case, the subjects surveyed expressed strong misgivings about allowing others to see or hear too much of the speech or expression in question, but greatly discounted the impact of that speech on themselves. Such studies thus reveal the strong paternalistic instinct behind proposals to regulate speech. As Davison notes:

Insofar as faith and morals are concerned… it is difficult to find a censor who will admit to having been adversely affected by the information whose dissemination is to be prohibited. Even the censor’s friends are usually safe from the pollution. It is the general public that must be protected. Or else, it is youthful members of the general public, or those with impressionable minds.^[44]

It’s easy to see how this same phenomenon is at work in debates about privacy. Regulatory advocates imagine their preferences are “correct” (right for everyone) and that the masses are being duped by external forces beyond their control or comprehension, even though the advocates themselves are somehow immune from the brain-washing and privy to some higher truth that the hoi polloi simply cannot fathom. Again, this is Sowell’s “Vision of the Anointed” at work.

Consider the flare-up in 2004 over the introduction of Gmail, Google’s free email service. At a time when Yahoo! mail (then as now the leading webmail provider) offered customers less than 10 megabytes of email storage, Gmail offered an astounding gigabyte of storage that would grow over time (now over 7 GB). Rather than charging some users for more storage or special features, Google paid for the service by showing advertisements next to each email “contextually” targeted to keywords in that email—a far more profitable form of advertising than “dumb banner” ads previously used by other webmail providers.^[45] Self-appointed (or, to extend Sowell’s framework, “self-anointed”) privacy advocates howled that Google was going to “read users’ email,” and led a crusade to ban such algorithmic contextual targeting.^[46] Thierer responded to these critics by pointing out that the service was purely voluntary and noted:

you don’t speak for me and a lot of other people in this world who will be more than happy to cut this deal with Google. So do us a favor and don’t ask the government to shut down a service just because you don’t like it. Privacy is a subjective condition and your value preferences are not representative of everyone else’s values in our diverse nation. Stop trying to coercively force your values and choices on others. We can decide these things on our own, thank you very much.^[47]

Interestingly, however, the frenzy of hysterical indignation about Gmail was followed by a collective cyber-yawn: Users increasingly understood that algorithms, not humans, were doing the “reading” and that, if they didn’t like it, they didn’t have to use it. Today, nearly 150 million of people around the world use Gmail, and it has a steadily growing share of the webmail market. Even though cyber-consumers have embraced the service, some privacy advocates persist in their effort to shut down Gmail. They appear determined to stop at nothing to impose their will on others—the essence of political elitism—even if that means cutting off free email service for 150 million people!^[48]

A similar debate has played out more recently regarding targeted online advertising in general. Advertising on search engines is, much like Gmail, targeted “contextually” based on search terms entered by users and most advertising on other websites is based on the nature of content on a site or page. But certain data is collected about users as they browse to make that advertising more effective—by measuring its performance, reducing fraud, preventing over-exposure, etc. Some privacy advocates have insisted that industry self-regulation of such practices (even if enforced by the FTC) is inadequate and have called for preemptive regulation. They are even more offended by “behavioral advertising” which allows publishers whose content would have little value as the basis for contextually targeting advertising on their own sites to compete for more highly valued advertising by showing ads to users based on other sites they’ve visited. In both cases, data collection can increase the funding available to publishers to produce more of the content and services preferred by users, thus conferring an enormous indirect benefit on users, but also directly benefits users by increasing the relevance of the advertising they see.^[49] For some of the more extreme advocates of privacy regulation, however, there are no trade-offs, only absolutist “solutions:” To them, privacy is so obviously desirable that they feel at ease in deciding what’s best for everyone else. Such absolutists often respond with righteous indignation and conspiratorial fulmination when challenged to identify the harm against which they’re protecting consumers, while disdainfully dismissing all talk of the benefits of online advertising as self-serving industry propaganda.^[50]

VII. The Principled Alternative: Trust People & Empower Them

There is an alternative to this elitist mentality: freedom and personal responsibility. Individuals should be permitted to live a life of their own, even if they sometimes make mistakes or choices that are at odds with what elites think is best for them. ^[51]

Of course, the world isn’t perfect. In an ideal world, adults would be fully empowered to tailor speech and privacy decisions to their own values and preferences. Specifically, in an ideal world, adults (and parents) would have (1) the information necessary to make informed decisions and (2) the tools and methods necessary to act upon that information. Importantly, those tools and methods would give them the ability to not only block the things they don’t like—objectionable content, annoying ads or the collection of data about them—while also finding the things they want.

Achieving that ideal is likely impossible, but the good news is that we are moving closer to it with each passing day. Citizens have more tools and methods at their disposal than ever before which enable them to make decisions for themselves and their families. And this is true for both parental controls ^[52] and privacy controls.^[53]

Of course, some speech and privacy elitists will argue that we can’t trust empowerment tools ( e.g., filters, rating systems, or other controls) that are created by companies or other affected parties. But rather than trying to enhance those tools and educate users about how to use them, these elitists skip right past user empowerment and channel their energies into regulations that would impose a top-down, one-size-fits all standard on all adults and families—or even into trying to craft the perfect “nudge” that will help users make what elites believe to be the “right” decisions. Of course, these tools can, and should, be improved. Those groups worried about speech/content and privacy issues should focus on how we might drive such protections from the bottom-up by empowering individuals instead of government bureaucrats. The goal in both cases should be a “let-a-thousand-flowers-bloom” approach, which offers diverse tools and strategies for our diverse citizenry.^[54] We need not accept “one-size-fits” all approaches, whether they be regulatory mandates or “nudges,” based on the presumption that elites know best.

Finally, it is vital not to lose sight of what’s ultimately at stake here. If regulatory approaches trump the empowerment agenda we have described, the future of a free and open Internet—indeed, as technology converges, the future of all media—is at risk.^[55] By imposing technological solutions from the top-down that can never keep pace with technological change, regulation necessarily forecloses freedom and innovation.^[56] By contrast, individual empowerment allows innovation to flourish. The better approach across the board is education, not regulation.^[57] Empowerment, not elitism, is the path forward. The digital elite should be leading this effort by developing and promoting technologies of empowerment, not crafting regulatory mandates to force their will upon us.^[58]

#

Adam Thierer is a Senior Fellow with The Progress & Freedom Foundation and the director of its Center for Digital Media Freedom. Berin Szoka  is a Senior Fellow with PFF and the Director of PFF’s Center for Internet Freedom.

[1] . William A. Henry, In Defense of Elitism (1995) at 2-3.

[2] . See Adam Thierer, The Progress & Freedom Foundation, Congress, Content Regulation, and Child Protection: The Expanding Legislative Agenda, Progress Snapshot 4.4, Feb. 2008, www.pff.org/issues-pubs/ps/2008/ps4.4childprotection.html. Like American courts, we use the term “speech” as a broad catch-all for communications, including both actual speaking as well as other forms of transmitting, as well as receiving, information (“content”).

[3] . See generally Adam Thierer, Don’t Scapegoat Media, USA Today, Dec. 4, 2008, www.pff.org/issues-pubs/ps/2008/ps4.24scapegoatmedia.html; Marjorie Heins, Not in Front of the Children, “Indecency,” Censorship, and the Innocence of Youth (2001); Karen Sternheimer, It’s Not the Media: The Truth about Pop Culture’s Influence on Children (2003); Karen Sternheimer, Kids These Days: Facts and Fictions about Today’s Youth (2006).

[4] . See Adam Thierer, The Progress & Freedom Foundation, FCC Violence Report Concludes that Parenting Doesn’t Work, PFF Blog, Apr. 26, 2007, http://blog.pff.org/archives/2007/04/fcc_violence_re.html.

[5] . See Adam Thierer, The Progress & Freedom Foundation, Sen. Rockefeller Gives Up on Parenting at Senate Violence Hearing, PFF Blog, June 26, 2007, blog.pff.org/archives/2007/06/sen_rockefeller_1.html.

[6] . Adam Thierer, Conservatives, Porn, and “Community Standards,” The Technology Liberation Front, March 2, 2009, http://techliberation.com/2009/03/02/conservatives-porn-and-community-standards.

[7] . Berin Szoka & Adam Thierer, The Progress & Freedom Foundation, Online Advertising & User Privacy: Principles to Guide the Debate, Progress Snapshot 4.19, Sept. 2008, www.pff.org/issues-pubs/ps/2008/ps4.19onlinetargeting.html.

[8] . Jeff Chester, for decades the great gadfly of American advertising, has decried “the system … developed to track each and every one of us and our behavior for one-on-one marketing efforts” as “manipulative, intrusive and un-democratic.” Wendy Melillo, Q&A: Chester Writes the Book on Privacy, Dec. 11, 2007, www.gfem.org/node/227. For instance, Chester and other leading “privacy advocates” ridicule the idea of smart phones as a “liberating technology” and insist that,

Despite the glowing words about customization and personalized service, what marketers and advertisers are increasingly offering consumers is merely the illusion of free choice. Mobile operators offer their various options and services, not on an individual basis, but preconfigured according to segmented demographic profiles.

Center for Digital Democracy and U.S. Public Interest Research Group, Complaint and Request for Inquiry and Injunctive Relief Concerning Unfair and Deceptive Mobile Marketing Practices, Jan. 13, 2009 (emphasis original), www.democraticmedia.org/files/FTCmobile_complaint0109.pdf. See generally Berin Szoka & Adam Thierer, The Progress & Freedom Foundation, Targeted Online Advertising: What’s the Harm & Where Are We Heading?, Progress on Point 16.2, Feb. 2009, www.pff.org/issues-pubs/pops/2009/pop16.2targetonlinead.pdf.

[9] . Berin Szoka & Adam Thierer, The Progress & Freedom Foundation, COPPA 2.0: The New Battle over Privacy, Age Verification, Online Safety & Free Speech, Progress on Point 16.11, May 2009, www.pff.org/issues-pubs/pops/2009/pop16.11-COPPA-and-age-verification.pdf.

[10] . The Supreme Court has used a “right to privacy” to strike down laws against the use of contraception by married couples, Griswold v Connecticut, 381 U.S. 479 (1965), and abortion, Roe v. Wade, 410 U.S. 113 (1973).

[11] . Eugene Volokh, Freedom of Speech and Information Privacy: The Troubling Implications of a Right to Stop People From Speaking About You, 52 Stanford L. Rev. 1049 (2000), available at www.pff.org/issues-pubs/pops/pop7.15freedomofspeech.pdf.

[12] . See , Amicus Brief for Association Of National Advertisers, Cato Institute, Coalition For Healthcare Communication, Pacific Legal Foundation And The Progress & Freedom Foundation In Support Of Appellants, IMS Health v. Sorrell, No. 09-1913-cv(L), 09-2056-cv(CON) (2nd Cir. 2009), available at www.pff.org/issues-pubs/filings/2009/071309-Brief-Amici-Curiae-ANA-et-al-Second-Circuit-(09-1913-cv).pdf.

[13] . See Adam Thierer, The Progress & Freedom Foundation, Social Networking and Age Verification: Many Hard Questions; No Easy Solutions, Progress on Point No. 14.5, March 2007, www.pff.org/issues-pubs/ pops/pop14.8ageverificationtranscript.pdf; www.pff.org/issues-pubs/pops/pop14.5ageverification.pdfAdam Thierer, The Progress & Freedom Foundation, Statement Regarding the Internet Safety Technical Task Force’s Final Report to the Attorneys General, Jan. 14, 2008, www.pff.org/issues-pubs/other/090114ISTTFthiererclosingstatement.pdf; Nancy Willard, Why Age and Identity Verification Will Not Work—And is a Really Bad Idea, Jan. 26, 2009, www.csriu.org/PDFs/digitalidnot.pdf; Jeff Schmidt, Online Child Safety: A Security Professional’s Take, The Guardian, Spring 2007, www.jschmidt.org/AgeVerification/Gardian_JSchmidt.pdf.

[14] . Adam Thierer, The Progress & Freedom Foundation, Mandatory Data Retention: How Much is Appropriate, PFF Blog, June 26, 2006, http://blog.pff.org/archives/2006/06/mandatory_data.html

[15] . Adam Thierer, The Progress & Freedom Foundation, The Perils of Mandatory Parental Controls and Restrictive Defaults, Progress on Point 14.4, Apr. 11, 2008, www.pff.org/issues-pubs/pops/2008/pop15.4defaultdanger.pdf.

[16] . Adam Thierer, China’s Green Dam Filter and the Threat of Rising Global Censorship, PFF Blog, June 17, 2009, http://blog.pff.org/archives/2009/06/chinas_green_dam_filter_and_threat_of_rising_globa.html

[17] . They define choice architecture as follows: “A structure designed by a choice architect(s) to improve the quality of decisions made by homo sapiens. Often invisible, choice architecture is the specific user-friendly shape of an organization’s policy or physical building when homo sapiens come into contact with it. Examples of choice architecture include a voter ballot, a procedure for handling well-meaning people who forget a deadline, or a skyscraper.” Nudge Glossary of Terms, www.nudges.org/glossary.cfm.

[18] . Lawrence Lessig, Code and Other Laws of Cyberspace (1999) at 6.

[19] . See Adam Thierer, Code, Pessimism, and the Illusion of “Perfect Control,” Cato Unbound, May 2009, www.cato-unbound.org/2009/05/08/adam-thierer/code-pessimism-and-the-illusion-of-perfect-control

[20] . See Solveig Singleton & Jim Harper, With A Grain of Salt: What Consumer Privacy Surveys Don’t Tell Us, 2001, http://papers.ssrn.com/sol3/papers.cfm?abstract_id=299930.

[21] . As Cato Institute scholar Will Wilkinson has argued, the book’s “agreeably banal doctrine of choice-preserving helpfulness” blurs the lines between paternalism and libertarianism, and thus “the thrust of the conceptual renovation behind the term libertarian paternalism is to empower, not limit, political elites.” Why Opting Out Is No “Third Way,” Reason, October 2008, www.reason.com/news/show/128916.html. See also Adam Thierer, The Progress & Freedom Foundation, Sunstein’s “Libertarian Paternalism” is Really Just Paternalism, PFF Blog, April 7, 2008, http://blog.pff.org/archives/2008/04/sunsteins_liber.html.

[22] . See Robert Corn-Revere, “’Voluntary’ Self-Regulation and the Triumph of Euphemism,” in Rationales & Rationalizations: Regulating the Electronic Media (Robert Corn-Revere, ed., 1997), at 183-208.

[23] . Telecom Policy Report, Commission Settles Indecency Charges, But At What Cost?, June 30, 2004, http://findarticles.com/p/articles/mi_m0PJR/is_25_2/ai_n6091525.

[24] . See Adam Thierer, XM-Sirius, Regulatory Blackmail, and Diversity, June 17, 2008, http://blog.pff.org/archives/2008/06/xmsirius_regula.html.

[25] . See Comments of W. Kenneth Ferree on Implementation of Sirius-XM Merger Condition, The Progress & Freedom Foundation, MB Docket No. 07-57, March 30, 2009, www.pff.org/issues-pubs/filings/2009/033009siriusXMconditionfiling.pdf.

[26] . See Szoka & Adam Thierer, supra note 8 at 3.

[27] . See id. at 2.

[28] . Thomas Sowell, The Vision of the Anointed: Self-Congratulation as a Basis for Social Policy (1995) at 5.

[29] . Alice Marwick, To Catch a Predator? The MySpace Moral Panic, First Monday, Vol. 13, No. 6-2, June 2008, www.uic.edu/htbin/cgiwrap/bin/ojs/index.php/fm/article/view/2152/1966; Wade Roush, The Moral Panic over Social Networking Sites, Technology Review, Aug. 7, 2006, www.technologyreview.com/communications/17266; Anne Collier, Why Techopanics are Bad, Net Family News, April 23, 2009, www.netfamilynews.org/2009/04/why-technopanics-are-bad.html; Adam Thierer, Parents, Kids & Policymakers in the Digital Age: Safeguarding Against ‘Techno-Panics,’ Inside ALEC, July 2009, at 16-17, www.alec.org/am/pdf/Inside_July09.pdf; Adam Thierer, Progress & Freedom Foundation, Technopanics and the Great Social Networking Scare, PFF Blog, June 10, 2008, http://techliberation.com/2008/07/10/technopanics-and-the-great-social-networking-scare.

[30] . Supra note 13.

[31] . In the 109th Congress, former Rep. Michael Fitzpatrick (R-PA) introduced the Deleting Online Predators Act (DOPA), which proposed a ban on social networking sites in public schools and libraries. DOPA passed the House of Representatives shortly thereafter by a lopsided 410-15 vote, but failed to pass the Senate. The measure was reintroduced just a few weeks into the 110th Congress by Senator Ted Stevens (R-AK), the ranking minority member and former chairman of the Senate Commerce Committee. It was section 2 of a bill that Sen. Stevens sponsored titled the “Protecting Children in the 21st Century Act” (S. 49), but was later removed from the bill. See Declan McCullagh, Chat Rooms Could Face Expulsion, CNet News.com, July 28, 2006, http://news.com.com/2100-1028_3-6099414.html?part=rss&tag=6099414&subj=news.

[32] . See Emily Steel & Julia Angwin, MySpace Receives More Pressure to Limit Children’s Access to Site, Wall Street Journal, June 23, 2006, online.wsj.com/public/article/SB115102268445288250-YRxkt0rTsyyf1QiQf2EPBYSf7iU_20070624.html; Susan Haigh, Conn. Bill Would Force MySpace Age Check, Yahoo News.com, March 7, 2007, www.msnbc.msn.com/id/17502005.

[33] . See, e.g., Letter of Henry McMaster, Attorney General, South Carolina to Attorney General Richard Blumenthal and Attorney General Roy Cooper Regarding Internet Safety Task Force (“ISTTF”) Report, January 14, 2009, www.scag.gov/newsroom/pdf/2009/internetsafetyreport.pdf

[34] . See Adam Thierer, The Progress & Freedom Foundation, Video Games and “Moral Panic,” PFF Blog, Jan. 23, 2009, http://blog.pff.org/archives/2009/01/video_games_and_moral_panic.html ; Adam Thierer, The Progress & Freedom Foundation, Fact and Fiction in the Debate over Video Game Regulation, Progress Snapshot 13.7, March 2006, www.pff.org/issues-pubs/pops/pop13.7videogames.pdf.

[35] . “All varieties of interference with the market phenomena not only fail to achieve the ends aimed at by their authors and supporters, but bring about a state of affairs which—from the point of view of their authors’ and advocates’ valuations—is less desirable than the previous state affairs which they were designed to alter. If one wants to correct their manifest unsuitableness and preposterousness by supplementing the first acts of intervention with more and more of such acts, one must go farther and farther until the market economy has been entirely destroyed and socialism has been substituted for it.” Ludwig von Mises, Human Action, at 858 (3rd ed. 1963) (1949).

[36] . See generally Adam Thierer, The Progress & Freedom Foundation, Media Myths: Making Sense of the Debate over Media Ownership (2005) at 119-123, www.pff.org/issues-pubs/books/050610mediamyths.pdf (Explaining how the third-person effect serves as a powerful explanation for the heated backlash that followed an FCC effort to moderately liberalize media ownership rules in 2003-04).

[37] . W. Phillips Davison, The Third-Person Effect in Communication, 47 Public Opinion Quarterly 1, Spring 1983, at 3.

[38] . For the best overview of third-person effect research, see Douglas M. McLeod, Benjamin H. Detenber, and William P. Eveland., Jr., Behind the Third-Person Effect: Differentiating Perceptual Processes for Self and Other, 51 Journal of Communication, Vol. 51, No. 4, 2001, at 678-695.

[39] . Vincent Price, David H. Tewksbury & Li-Ning Huang, Third-person Effects of News Coverage: Orientations Toward Media, Journalism & Mass Communications Quarterly, Vol. 74, at 525-540.

[40] . Douglas M. McLeod, William P. Eveland & Amy I. Nathanson, Support for Censorship of Violent and Misogynic Rap Lyrics: And Analysis of the Third-Person Effect, Communications Research, Vol. 24, 1997, at 153-174.

[41] . Hernando Rojas, Dhavan V. Shah, and Ronald J. Faber, For the Good of Others: Censorship and the Third-Person Effect, International Journal of Public Opinion Research, Vol. 8, 1996, at 163-186.

[42] . James D. Ivory, Addictive, But Not For Me: The Third-Person Effect and Electronic Game Players’ Views Toward the Medium’s Potential for Dependency and Addiction, University of North Carolina at Chapel Hill, School of Journalism and Mass Communication, Aug. 2002.

[43] . Albert C. Gunther, Overrating the X-rating: The Third-person Perception and Support for Censorship of Pornography, Journal of Communication, Vol. 45, No. 1, 1995, at 27-38

[44] . Supra note 37 at 14. Along these lines, a December 2004 Washington Post article documented the process by which the Parents Television Council, a vociferous censorship advocacy group, screens various television programming. One of the PTC screeners interviewed for the story talked about the societal dangers of various broadcast and cable programs she rates, but then also noted how much she personally enjoys HBO’s “The Sopranos” and “Sex and the City,” as well as ABC’s “Desperate Housewives.” Apparently, in her opinion, what’s good for the goose is not good for the gander! See Bob Thompson, Fighting Indecency, One Bleep at a Time, The Washington Post, Dec. 9, 2004, at C1, www.washingtonpost.com/wp-dyn/articles/A49907-2004Dec8.html.

[45] . See Chris Anderson, Free: The Future of a Radical Price at 112-118 (2009).

[46] . See Letter from Chris Jay Hoofnagle, Electronic Privacy Information Center, Beth Givens, Privacy Rights Clearinghouse, Pam Dixon, World Privacy Forum, to California Attorney General Lockyer, May 3, 2004, http://epic.org/privacy/gmail/agltr5.3.04.html.

[47] . See email from Adam Thierer to Declan McCullaugh on Politech Email discussion group, April 30, 2004, http://lists.jammed.com/politech/2004/04/0083.html (emphasis added).

[48] . See Complaint and Request for Injunction of the Electronic Privacy Information Center against Google, Inc., March 17, 2009, http://epic.org/privacy/cloudcomputing/google/ftc031709.pdf; see also Ryan Radia, Should the FTC Shut Down Gmail and Google Docs Because of an Already-Fixed Bug?, Technology Liberation Front Blog, March 18, 2009, http://techliberation.com/2009/03/18/should-the-ftc-shut-down-gmail-and-google-docs-because-of-an-already-fixed-bug/.

[49] . See Berin Szoka & Mark Adams, The Progress & Freedom Foundation, The Benefits of Online Advertising & the Costs of Regulation, PFF Working Paper, forthcoming.

[50] . Anti-advertising crusader Jeff Chester often resorts to questioning the motives of those who question whether his regulatory prescriptions would actually benefit consumers, see, e.g., http://techliberation.com/2009/06/17/behavioral-advertising-industry-practices-hearing-some-issues-that-need-to-be-discussed/#comment-11698840. See generally Jeff Chester, Digital Destiny: New Media and the Future of Democracy (2007).

[51] . “The only freedom which deserves the name is that of pursuing our own good in our own way, so long as we do not attempt to deprive others of theirs or impede their efforts to obtain it. Each is the proper guardian of his own health, whether bodily or mental and spiritual.” John Stuart Mill, On Liberty (Penguin Classics, 1859, 1986) at 72.

[52] . Adam Thierer, The Progress & Freedom Foundation, Parental Controls & Online Child Protection, Special Report, Version 4.0, Summer 2009, www.pff.org/parentalcontrols.

[53] . Adam Thierer, Berin Szoka & Adam Marcus, The Progress & Freedom Foundation, Privacy Solutions, PFF Blog, Ongoing Series, http://blog.pff.org/archives/ongoing_series/privacy_solutions.

[54] . Comments of Adam Thierer, The Progress & Freedom Foundation, In the Matter of Implementation of the Child Save Viewing Act; Examination of Parental Control Technologies for Video or Audio Programming; MB Docket No. 09-26, April 16, 2009, www.pff.org/issues-pubs/filings/2009/041509-%5bFCC-FILING%5d-Adam-Thierer-PFF-re-FCC-Child-Safe-Viewing-Act-NOI-(MB-09-26).pdf.

[55] . See Adam Thierer, FCC v. Fox and the Future of the First Amendment in the Information Age, Engage, Feb. 20, 2009, www.fed-soc.org/doclib/20090216_ThiererEngage101.pdf

[56] . “To act on the belief that we possess the knowledge and the power which enable us to shape the processes of society entirely to our liking, knowledge which in fact we do not possess, is likely to make us do much harm.” Friedrich von Hayek, “The Pretence of Knowledge,” in The Essence of Hayek, (Hoover Inst., 1984), at 276.

[57] . Adam Thierer, The Progress & Freedom Foundation, Two Sensible, Education-Based Legislative Approaches to Online Child safety, Progress Snapshot 3.10, Sept. 2007, www.pff.org/issues-pubs/ps/2007/ps3.10safetyeducationbills.pdf.

[58] . See, e.g., Berin Szoka, Google, CDT, Online Advertising & Preserving Persistent User Choice Across Ad Networks Through Plug-ins, Technology Liberation Front Blog, March 13, 2009, http://techliberation.com/2009/ 03/13/google-cdt-online-advertising-preserving-persistent-user-choice-across-ad-networks-through-plug-ins/.

I’ve posted another response in the Cato Unbound online debate over the impact of Lawrence Lessig’s Code and Other Laws of Cyberspace upon the book’s 10th anniversary.  You will recall that I went fairly hard on Prof. Lessig in my essay, “Code, Pessimism, and the Illusion of ‘Perfect Control,’” and Lessig responded with a counter-punch that went after me for it.  I respond in a new essay about “Our Conflict of Cyber-Visions.” In the piece, I address Lessig’s assertion that I just didn’t understand the central teachings of Code, as well as his reluctance to accept the “cyber-collectivism” label that I affixed to his book and life’s work.  Again, please hop over to Cato Unbound for my complete response.

But one thing from the essay that I thought worth reproducing here is my effort to better define the key principles that separate the cyber-libertarian and cyber-collectivist schools of thinking.  I argue that it comes down to this:

The cyber-libertarian believes that “code failures” are ultimately better addressed by voluntary, spontaneous, bottom-up, marketplace responses than by coerced, top-down, governmental solutions. Moreover, the decisive advantage of the market-driven approach to correcting code failure comes down to the rapidity and nimbleness of those response(s).

Of course, another key difference relates to how quickly one jumps to the conclusion that “code failures” are actually occurring at all. I argue:

What concerns me about the way Prof. Lessig approaches these issues in Code and in his subsequent work is that he is far too quick to declare the debate over by labeling short-term code hiccups as sky-is-falling market failures. The end result of such myopic techno-pessimism is the inevitable call for governments to intervene and “do something” to correct supposed code failures.  The cyber-libertarian instead counsels patience. Let’s give those other forces — alternative platforms, new innovators, social norms, public pressure, etc. — a chance to work some magic. Evolution happens, if you let it. Moreover, if you are always running around crying “market failure!” and calling in the code cops, it creates perverse marketplace incentives by discouraging efforts to innovate or “route around” bad code or code failure. We don’t want the whole world sitting around waiting for government to regulate the mousetrap to improve it or even give everyone better access to it; we should want the world to be innovating to create better mousetraps! To reiterate a key point I already stressed in my original essay: One need not believe that the markets in code are “perfectly competitive” to accept that they are “competitive enough” — or at least, better than regulatory alternatives.

Anyway, please head over to the Cato site to read the whole thing and let me know what you think.  If nothing else, I’m sure that Seth Finkelstein will have something incredibly nasty to say about me!  And I will wear his scorn as a badge of honor.

The week-long Cato Unbound online debate about the 10th anniversary of Lawrence Lessig’s Code and Other Laws of Cyberspace continues today with Prof. Lessig’s response to Declan McCullagh’s opening essay, “What Larry Didn’t Get,” Jonathan Zittrain’s follow-up essay, and my essay on, “Code, Pessimism, and the Illusion of ‘Perfect Control.’”  Needless to say, Prof. Lessig isn’t too happy with my response. You should jump over to the Cato site to read the entire thing, but here are a couple of excerpts and my response.

To my suggestion that there is a qualitative difference between law and code, Prof. Lessig says:

I’ve argued that things aren’t quite a simple as some libertarians would suggest. That there’s not just bad law. There’s bad code. That we don’t need to worry just about Mussolini. We also need to worry about DRM or the code AT&T deploys to help the government spy upon users. That public threats to liberty can be complemented by private threats to liberty. And that the libertarian must be focused on both.  […] Of course, law is law. Who could be oblivious to that? And who would need a book to explain it?  But the fact that “law is law” does not imply that it has a “much greater impact in shaping markets and human behavior.” Sometimes it does — especially when that “law” is delivered by a B1 bomber. But ask the RIAA whether it is law or code that is having a “greater impact in shaping markets” for music. Or ask the makers of Second Life whether the citizens of that space find themselves more constrained by the commercial code of their geo-jurisdiction or by the fact that the software code of Second Life doesn’t permit you simply to walk away (so to speak) with another person’s scepter. Whether and when law is more effective than code is an empirical matter — something to be studied, and considered, not dismissed by banalities spruced up with italics.

Well, I beg the professor’s pardon for excessive use of italics.  [I won’t ask for an apology for misspelling my last name in his piece!] Regardless, it’s obvious that we’ll just never see eye-to-eye on the crucial distinction between law and code. Again, as I stated in my essay: “With code, escape is possible. Law, by contrast, tends to lock in and limit; spontaneous evolution is supplanted by the stagnation of top-down, one-size-fits-all regulatory schemes.”

Lessig largely dismisses much of this with that last line above, suggesting that we just need to keep studying the matter to determine the right mix of what works best.  To be clear, while I’m all for studying the impact of law vs. code as “an empirical matter,” that in turn begs the question of how we define effectiveness or success. I suspect that the professor and I would have a “values clash” over some rather important first principles in that regard.  This is, of course, a conflict of visions that we see throughout the history of philosophy; a conflict between those who put the individual and the individual’s rights at the core of any ethical political system versus those who would place the rights of “the community,” “the public” or some other amorphous grouping(s) at the center of everything.  It’s a classic libertarian vs. communitarian / collectivist debate.

Lessig, however, makes it clear in his response that he doesn’t take kindly to being called a cyber-collectivist, even accusing me of “red-baiting” by using the term.  But the collectivism of which I speak is a more generic type; not the hard-edged Marxist brand of collectivism of modern times.   What separates Lessig’s brand of cyber-collectivism from the cyber-libertarianism that I espouse is a general preference for who calls the shots most of the time.  Quite obviously, I place an enormous amount of faith in largely unfettered markets in code to generally advance the values of individual liberty, freedom of speech, and economic innovation more often than rule by politics and public officials will.  Prof. Lessig is obviously far more enamored with the potential of the state and politics to play a beneficial role in shaping things.

Thus, even though Prof. Lessig rejects the association, Declan McCullagh was right to point to the distant influence of Plato on Code and much of Lessig’s other work.  (And there’s a bit of Rousseauian influence there, too.)  In any event, if Prof. Lessig takes offense at this label and wants to call his approach something other than cyber-collectivism, than by all means be my guest; invent a new term and I’ll use it.  But to me, as a student of political philosophy, I see his philosophy as just another variant of collectivism and just don’t know what else to call it.  This isn’t “red-baiting;” it’s simply an exercise in philosophical classification.

To some extent, Prof.  Lessig undercuts my arguments here in concluding his essay by asking that we “focus on a large number of difficult questions that remain… about how to preserve the liberty of society and the Net against the ever-expanding harm caused by the captured corruption that we call democratic government.”  Hey, now that sounds like something a true libertarian might say! (Except that we would have likely used the phrase “preserve the liberty of the individual” instead of “society”!) Regardless, Lessig is at least willing to admit that there may be some problems in paradise for Platonist thinking or Rousseauian romanticism.

Alas, for reasons articulated quite nicely here by Tim Lee in the past, “Lessig clearly understands what it takes to catch the interest of conservative- and libertarian-minded readers, and he’s not above spinning his arguments to maximize their appeal to the people he’s addressing.” For the libertarian, there is only one fool-proof solution to the problem of government corruption: You shrink the Leviathan. From what I’ve seen of Lessig’s proposals so far to address corruption, however, he’s not really willing to have that conversation. It’s all about the old “getting money out of politics” and “kill all the lobbyists” approach. Unfortunately, as Tim notes:

The problem isn’t that there’s a discrete list of corrupt practices that we can identify and prohibit. The problem is that if politicians are willing to be corrupted, and special interests are willing to spend resources to corrupt them, they’ll find ways to get it done. You can certainly reduce the effect on the margin — by banning overt bribery, for example — but once you’ve banned the really obvious categories of back-scratching, it becomes more and more difficult to make any further progress. What’s going on in Washington is disgusting, to be sure, but it’s not new or unique to the United States. And I think fixing it is going to be a lot more challenging than Lessig imagines.

I couldn’t agree more.  Nonetheless, I eagerly await more details from Prof. Lessig regarding his new effort to address corruption in our political system, however he defines it.  He may set forth some reform proposals that we libertarians find quite sensible and ultimately endorse.  But if “reform” instead comes in the form of layers of additional campaign finance regulations, well then, I think we’ll find ourselves disagreeing once again. Because many of those so-called reforms are simply free-speech violating restrictions on the rights of both individuals to petition their government.

But to conclude this exchange on a good note, let me just say that — at least in theory — I wholeheartedly endorse Lawrence Lessig’s call to protect “the Net against the ever-expanding harm caused by the captured corruption that we call democratic government.”   And I hope someday he will be more open to the notion that limits on the power of the state are the ultimate key to accomplishing that goal.

The Cato Unbound online debate about the 10th anniversary of Lawrence Lessig’s Code and Other Laws of Cyberspace continues today with my response to Declan McCullagh’s opening essay, “What Larry Didn’t Get,” as well as Jonathan Zittrain’s follow-up.

In my response, “Code, Pessimism, and the Illusion of ‘Perfect Control,'” I begin by arguing that:

The problem with peddling tales of a pending techno-apocalypse is that, at some point, you may have to account for your prophecies — or false prophecies as the case may be. Hence, the problem for Lawrence Lessig ten years after the publication of his seminal book, Code and Other Laws of Cyberspace.

I go on to argue that:

Lessig’s lugubrious predictions proved largely unwarranted. Code has not become the great regulator of markets or enslaver of man; it has been a liberator of both. Indeed, the story of the past digital decade has been the exact opposite of the one Lessig envisioned in Code.

After providing several examples of just how wrong Lessig’s predictions were, I then ask:

[W]hy have Lessig’s predictions proven so off the mark? Lessig failed to appreciate that markets are evolutionary and dynamic, and when those markets are built upon code, the pace and nature of change becomes unrelenting and utterly unpredictable. With the exception of some of the problems identified above, a largely unfettered cyberspace has left digital denizens better off in terms of the information they can access as well as the goods and services from which they can choose. Oh, and did I mention it’s all pretty much free-of-charge? Say what you want about our cyber-existence, but you can’t argue with the price!

I am forced to admit, however, that Lessig’s book has had enormous impact of the field of cyberlaw and digital technology policy:

This brings me to what I believe is the most important impact of Code: the philosophical movement it has spawned. As Declan noted in his opening essay, Code “offered a burgeoning protest movement [a] unifying theme and philosophy” in that it was both a polemic against cyber-libertarianism and a sort of call-to-arms for cyber-collectivism. It gave this movement its central operating principle: Code and cyberspace can be bent to the will of the collective, and it often must be if we are to avoid any number of impending disasters brought on by those nefarious (or just plain incompetent) folks in corporate America. Led by a gifted, prolific set of disciples such as Jonathan Zittrain and Tim Wu, as well as increasingly influential activist groups such as Public Knowledge and Free Press, Lessig’s cyber-collectivists continue to preach skepticism regarding markets and property rights, and a general openness to — and frequent embrace of — government solutions to digital-era dilemmas. […]  Prof. Lessig and his movement are winning the battle of ideas on the cyber-front today. We have Code to thank — or blame — for that.

Please head over to the Cato Unbound website to read the entire thing.  Prof. Lessig’s response is scheduled to be posted on Monday.

As I mentioned on Monday,  the folks over at Cato Unbound have put together an online debate about the impact of Lawrence Lessig’s Code and Other Laws of Cyberspace as it turns 10 this year.

The opening essay from Declan McCullagh, “What Larry Didn’t Get,” took Lessig to task for favoring rule by “technocratic philosopher kings” over the spontaneous invisible hand of code.   In Round 2 of the debate, Harvard’s Jonathan Zittrain comes to Lessig’s defense and suggests that the gap between Lessig and libertarians is not as wide as Declan suggests:

The debate between Larry and the libertarians is more subtle. Larry says: I’m with you on the aim — I want to maintain a free Internet, defined roughly as one in which bits can move between people without much scrutiny by the authorities or gatekeeping by private entities. Code’s argument was and is that this state of freedom isn’t self-perpetuating. Sooner or later government will wake up to the possibilities of regulation through code, and where it makes sense to regulate that way, we might give way — especially if it forestalls broader interventions.

Run over to Cato Unbound to read the rest.  My response will be going up next (on Friday) and then Prof. Lessig’s will be up next Monday.

I used to have a (semi-crazy) uncle who typically began conversations with lame jokes or bad riddles. This sounds like one he might have used had he lived long enough: What do Thomas Jefferson, a moose, and cyberspace have in common?

The answer to that question can be found in a new book, In Search of Jefferson’s Moose: Notes on the State of Cyberspace, by David G. Post, a Professor of Law at Temple University. Post, who teaches IP and cyberspace law at Temple, is widely regarded as one of the intellectual fathers of the “Internet exceptionalist” school of thinking about cyberlaw.  Basically, Post sees this place we call “cyberspace” as something truly new, unique, and potentially worthy of some special consideration, or even somewhat different ground rules than we apply in meatspace. More on that in a bit.

[ Full disclosure: Post’s work was quite influential on my own thinking during the late 1990s, so much so that when I joined the Cato Institute in 2000, one of the first things I did was invite David to become an adjunct scholar with Cato. He graciously accepted and remains a Cato adjunct scholar today. Incidentally, Cato is hosting a book forum for him on February 4th that I encourage you to attend or watch online. Anyway, it’s always difficult to be perfectly objective when you know and admire someone, but I will try to do so here.]

Post’s book is essentially an extended love letter — to both cyberspace and Jefferson. Problem is, as Post even admits at the end, it’s tough to know which subject this book is suppose to teach us more about. The book loses focus at times — especially in the first 100 pages — as Post meanders between historical tidbits of Jefferson’s life and thinking and what it all means for cyberspace. But the early focus is on TJ.  Thus, those who pick up the book expecting to be immediately immersed in cyber-policy discussions may be a bit disappointed at first.  As a fellow Jefferson fanatic, however, I found all this history terrifically entertaining, whether it was the story of Jefferson’s Plow and his other agricultural inventions and insights, TJ’s unique interest in science (including cryptography), or that big moose of his.

OK, so what’s the deal with the moose? When TJ was serving as a minister to France in in the late 1780s, at considerable expense to himself, he had the complete skeleton, skin and horns of a massive American moose shipped to the lobby of his Paris hotel. Basically, Jefferson wanted to make a bold statement to his French hosts about this New World he came from and wake them up to the fact that some very exciting things were happening over there that they should be paying attention to. That’s one hell of way to make a statement!

Questions about Frontiers, Both Old and New

Now you see the connection to Post’s investigation into the state of cyberspace. Like Jefferson, Post is very excited about a new frontier and he wants to alert people to it. Importantly, however, Post isn’t at all ashamed to admit when he doesn’t understand why some things are the way they are in this new world.  And so Post begins asking questions — lots and lots of questions — to guide our investigation.

Thus, in much the same way that Jefferson penned Notes on the State of Virginia as guidebook for newcomers to the strange new world of his time, David Post has penned this slender volume as a guidebook to our modern cyber-frontier. If you’re looking for a book with concrete positions on all of cyberspace’s pressing policy problems, this book is not it. Instead, it is meant to help us frame the issues and questions properly and consider how this new frontier is unfolding in the early years of its existence. As Post puts it:

We are at the very beginning of what will become a centuries-long conversation about these questions, and my goal here was not to put anything to rest but to put everything in play, not to conclude any part of that conversation but to help you get started. We need, more than answers to today’s questions about law and policy on the network, new ways of thinking about the questions themselves, new vocabularies, new visions of the possible, new ways of identifying and organizing what we know and what we don’t know about the new place. (p. 209)

Post does a very nice job of giving us “new ways of thinking about questions” in his book. These questions generally fall into two categories.  First, Post wants to know why cyberspace works the way it does, or more profoundly, why it works at all. How did this little experiment with networking protocols turn into the most revolutionary global communications and information distribution system of modern times?  Second, Post wants to know “Who makes the rules ‘there’… and what should they be? What does the law look like there? How does it get made, and by whom? Who governs? By what means, and by what right?” (p. 4)

What Jefferson (and Hamilton) Can Teach Us

Post brings Jefferson into the story in the hope that TJ’s profound thinking on the issues of his time might help us getter a better handle on the cyber-controversies of our own time. After all, Jefferson was a man who spent much of his life thinking about uncharted subjects and frontiers. And law, of course!

Using this approach to help us explore cyberspace and cyberlaw works quite well in many cases. It works particularly well when Post brings TJ’s leading intellectual nemesis into the drama — Alexander Hamilton.  “Their feud the longest-running in American political history,” Post correctly notes, “for they stood on opposite shores of the great intellectual divide, a divide that encapsulates something fundamental in the way we think about society and government.” (p. 107). Jefferson desired liberty above all else; Hamilton stressed order and authority. Whereas Jefferson trusted decentralization and wanted diffuse communities making political decisions, Hamilton looked to a strong central authority to guide the nation.

Many modern cyberspace disputes, Post suggests, can be viewed through this same Jeffersonian vs. Hamiltonian philosophical dichotomy. Post continues:

Cyberspace is not the American West of 1787, of course. But like the American West of 1787, cyberspace is (or at least it has been) a Jeffersonian kind of place. Jeffersonians always predominate in new places, because new places attract people who find new places attractive and retell people who do not. […] Hamiltonians, though, inevitably make their way to Jeffersonian places (certainly once gold is discovered there!), claims of order and authority and power assert themselves, and struggles over the shape of the place begin in earnest. And like the West of 1787, cyberspace poses some hard questions, and could use some new ideas, about governance, and law, and order, and scale. The engineers have bequeathed to us a remarkable instrument, one that has managed to solve prodigious technical problems associated with communication on a global scale. The problem is the one that Jefferson and his contemporaries faced: How do you build “republican” institutions — institutions that respect the equal worth of all individuals and their right to participate in the formation of the rules under which they live — that scale? (p. 116-117)

Will Jeffersonian or Hamiltonian thinking prevail as this process unfolds? That remains to be seen, and although Post clearly falls in the Jeffersonian camp on these issues, he doesn’t really place odds on the outcome. Moreover, I would have liked to see Post offer a more full-throated defense of cyber-Jeffersonianism and Interent exceptionalism, or at least better explain to the reader how the debate between exceptionalism and unexceptionalism — or Jeffersonianism vs. Hamiltonianism — has progressed since the mid-1990s.

I think it’s clear that the cyber-Hamiltonians (i.e., the Internet unexceptionalists) are in the midst of a major “Empire Strikes Back” moment today as cyberspace is coming under increasing political pressure from many corners, and calls for more centralized authority abound — whether we are talking about domain name regulation, net neutrality mandates, speech controls, or whatever else. I just wish Post would have spent more time developing a “Return of the Jedi” defense of cyber-Jeffersonianism in this book.

Central Planning vs. Self-Governing Communities

Incidentally, Post has put forward such a defense elsewhere. Along with my former Cato colleague Wayne Crews, I co-edited a beefy book on Net governance issues back in 2003 entitled Who Rules the Net? Internet Governance and Jurisdiction. It contained some truly wonderful essays and they are all still quite relevant today. Jonathan Zittrain’s essay on “Reconciling a Global Internet and Local Law” remains one of the best primers on the subject you can find. But the exchange about Internet governance between David Post and Jack Goldsmith in that book is really a classic Jeffersonian-Hamiltonian debate about cyberlaw. [You can read their chapters at the link above.]

In Jefferson’s Moose, Post comes closest to developing a fuller theory of Internet exceptionalism in his excellent chapter “Governing Cyberspace III: Law.” In that chapter, he takes the unexceptionalists to task for their troubling logic, which “leads inexorably to the conclusion that (just about) everything you do on the Web may be subject to (just about) everybody’s law.” (p. 167). Indeed, the unexceptionalist vision is quite a miserable one when you get right down to it; one that treats this new frontier as a plaything in an endless power struggle between competing political bodies. Meanwhile, as Post points out, the rule of law loses its meaning and becomes less about the consent of the governed and more like a game of “Jurisdictional Whack-a-Mole,” with countless “sovereigns” asserting authority and trying to beat cyberspace and digital denizens into submission in one way or another.

Because Post believes that the unexceptionalists are wrong in their assertion that the Internet is merely the “functional equivalent of mail, or telephone, or smoke signals,” he offers — but does not fully develop — an alternative framework based on Jefferson’s vision for how to settle the Western frontier: Give settlers maximum flexibility to create free, independent, self-governing communities. In Jefferson’s words, “an empire of liberty.. built not on conquest, but on principles of compact and equality.” And this empire of liberty would be, in Post’s words, “held together by consensual bonds and adherence to republican principles, not coercive power, an ever-expanding union of self-governing commonwealths joined together as peers.”

Now that is a beautiful vision for cyberspace!  And, in many ways, it partially explains why cyberspace has been such a special place — at least so far in its early history. But as more and more Hamiltonians assert the need for greater “order,” all that could change. Again, I wish Post would have put some more meat on the bones of his beautiful cyber-Jeffersonian framework to counter the increasing calls we hear for more cyber-Hamiltonianism.  Specifically, Post needs to better address the accusation made by the Digital Age Hamiltonians that Internet exceptionalism is little more than cyber-anarchism. In reality, Internet exceptionalism is essentially something akin to decentralized federalism for the Internet; a federalism that the Founders — or at least Jefferson — would have likely strongly supported.  As I wrote here recently, I like to think of Internet exceptionalism as a variation on Robert Nozick’s “utopia of utopias” vision of an ideal society: “a place where people are at liberty to join together voluntarily to pursue and attempt to realize their own vision of the good life in the ideal community but where no one can impose his own utopian vision upon others.” (Nozick, 1974)

Post begins a sketch of that Nozickian vision for cyberspace in Jefferson’s Moose, but he doesn’t really finish painting his masterpiece. To be fair, however, Post did make it clear right from the start of the book that it was going to be about asking the right questions, not necessarily providing all the answers.

Two Big Issues, Both Then and Now

Incidentally, using Jefferson as a guide to understanding modern cyberlaw controversies also works well when it comes to “the two issues [that] have been featured in virtually all of the Internet’s Big Cases” — free speech and intellectual property. As Post reminds us, Jefferson had a bit to say about those issues during his own lifetime.

“Jefferson was America’s first, and probably its greatest, First Amendment absolutist”  Post says, (p. 188), because Jefferson viewed free speech as part of a greater “interconnected whole”:

republican self-government, freedom of speech, freedom of conscience, and freedom of speech. You couldn’t have any without the others; they were inextricably bound together into a single system, and they would stand, or fall, together. (p. 189-190)

Consequently:

To a Jeffersonian, then, free speech questions are always simultaneously (a) of supreme importance and (b) pretty easy. The answer to free speech questions is always (or almost always) simple:  The more protection for, and the fewer the restrictions on, speech, the better. (p. 194)

And Jefferson held true to that principle throughout his life, most notably with his strenuous opposition to the horrendous Sedition Act of 1798.

But intellectual property is a far thornier issue — for both Jefferson and modern cyberlaw. Jefferson was a great inventor himself and keenly interested in the topic. But he also saw IP rights in a different light than speech rights.  Post explains Jefferson’s position:

Unlike free speech rights, intellectual property… cannot, in nature, be a subject of property; they do derive from the “social law,” from the laws of England, or Virginia, or whatever; they’re not antecedent to the law, but entirely dependent on it. That doesn’t mean we shouldn’t have intellectual property rights. It only means that we get to decide (and we have to decide) whether to have them or not, and how much of them to have. (p. 198) […] Intellectual property law in a Jeffersonian world, then, is always a matter of degree, of finding that balance, of drawing the line… Protection for intellectual property shouldn’t be too weak (or it won’t give creators enough of an incentive to create) or too strong (or it will choke off future creativity), but just right. We’ll never get it exactly right, but it is what we are always aiming for — in a Jeffersonian world, at least. (p. 201)

Of course, finding that “balance” is easier said than done and efforts to strike it engender even more controversy today in the digital world than they did during Jefferson’s time.

Conclusion

David Post has given us an enlightening map to help us navigate the new frontier of cyberspace and cyberlaw. I’m confident Jefferson’s Moose will be on my next end-of-year list of important tech policy books. And I hope my handful of small nitpicks here about the lack of details or answers regarding Post’s beautiful Jeffersonian vision for cyberspace will inspire him to pen yet another book on the subject! We need more friends of true cyber-freedom like David Post.

P.S. David Post is also the co-author of an outstanding treatise on cyberlaw with Patricia L. Bellia and Paul Schiff Berman: Cyberlaw: Problems of Policy and Jurisprudence in the Information Age. The text sits on top of my desk at all times, never far from reach when I need to a quick refresher on some arcane aspect of early Internet jurisprudence. A highly recommended resource.