The New York Times today published my response to an oped by Senators Lindsey Graham & Elizabeth Warren calling for a new “Digital Consumer Protection Commission” to micromanage the high-tech information economy. “Their new technocratic digital regulator would do nothing but hobble America as we prepare for the next great global technological revolution,” I argue. Here’s my full response:

Senators Lindsey Graham and Elizabeth Warren propose a new federal mega-regulator for the digital economy that threatens to undermine America’s global technology standing.

A new “licensing and policing” authority would stall the continued growth of advanced technologies like artificial intelligence in America, leaving China and others to claw back crucial geopolitical strategic ground.

America’s digital technology sector enjoyed remarkable success over the past quarter-century — and provided vast investment and job growth — because the U.S. rejected the heavy-handed regulatory model of the analog era, which stifled innovation and competition.

The tech companies that Senators Graham and Warren cite (along with countless others) came about over the past quarter-century because we opened markets and rejected the monopoly-preserving regulatory regimes that had been captured by old players.

The U.S. has plenty of federal bureaucracies, and many already oversee the issues that the senators want addressed. Their new technocratic digital regulator would do nothing but hobble America as we prepare for the next great global technological revolution.

There is a war going on in the conservative movement over free speech issues and FCC Commissioner Mike O’Reilly just became a causality of that skirmish. Neil Chilson and I just posted a new essay about this over on the Federalist Society blog. As we note there:

Plenty of people claim to favor freedom of expression, but increasingly the First Amendment has more fair-weather friends than die-hard defenders. Michael O’Rielly, a Commissioner at the Federal Communications Commission (FCC), found that out the hard way this week. Last week, O’Rielly delivered an important speech before the Media Institute highlighting a variety of problematic myths about the First Amendment, as well as “a particularly ominous development in this space.” In a previous political era, O’Rielly’s remarks would have been mainstream conservative fare. But his well-worded warnings are timely with many Democrats and Republicans – including some in the White House – looking to resurrect analog-era speech mandates and let Big Government reassert control over speech decisions in the United States.

Shortly after delivering his remarks, the White House yanked O’Rielly’s nomination to be reappointed to the agency. It was a shocking development that was likely motivated by growing animosities between Republicans on the question of how much control the federal government–and the FCC in particular–should exercise over speech platforms, including platforms that the FCC has no authority to regulate.

For the 30 years that I have been covering media and technology policy, I’ve heard conservatives rail against the Fairness Doctrine, Net Neutrality and arbitrary Big Government only to see many of them now reverse suit and become the biggest defenders of these things as it pertains to speech controls and FCC regulation. It will certainly be interesting to see what a potential future Biden Administration does with the various new regulations that some in the GOP are seeking to impose.

But all hope is not lost. There are still brave voices in Republican and conservative circles who continue to stand up the the First Amendment, freedom of speech, and limits on federal regulatory meddling with speech platforms and outcomes. Commissioner O’Reilly basically lost his job because he acted as the equivalent of an intellectual whistle-blower; he called out the ideological rot seen in recent statements and actions by the White House, Senator Josh Hawley, and many other Republicans.

There is nothing remotely “conservative” about calls for reinvigorating the Fairness Doctrine and FCC speech controls. That represents repressive regulation that betrays the First Amendment and which will ultimately backfire badly and come back to haunt conservatives down the road.

Read my new essay with Neil for more details. And down below I have listed all my recent writing on this topic.

Additional Reading:

• “FCC’s O’Rielly on First Amendment & Fairness Doctrine Dangers“
• “Sen. Hawley’s Radical, Paternalistic Plan to Remake the Internet“
• “How Conservatives Came to Favor the Fairness Doctrine & Net Neutrality“
• “Sen. Hawley’s Moral Panic Over Social Media“
• “The White House Social Media Summit and the Return of ‘Regulation by Raised Eyebrow’“
• “The Not-So-SMART Act“
• “The Surprising Ideological Origins of Trump’s Communications Collectivism“

Congress has become a less important player in the field of technology policy. Why did that happen, and what are the ramifications for technological governance efforts going forward?

I’ve spent almost 30 years covering technology policy. There was a time in my life when I spent almost all my time as a policy analyst preoccupied with developments in the federal legislative arena. I lived in the trenches of Capitol Hill and interacted with lawmakers and their staff morning, noon, and night.

In recent years, however, I have spent very little time focused on the Legislative Branch because it has effectively become a non-actor on technology policy. It is not that congressional lawmakers stopped caring about tech policy. Interest actually remains quite high—perhaps higher than ever before. Congress also continues to introduce lots of bills, host plenty of hearings, and issue mountains of press releases related to tech policy issues.

Nonetheless, all that interest and activity has not really translated into much important legislation. While it is hard to track tech-oriented legislative trends statistically because of the complication of defining “technology policy” over time, judged by substantive output, Congress has largely checked out of technological policymaking.

Think about digital privacy. How many years now have people been predicting a comprehensive “baseline” privacy bill would pass in each legislative session? It never happens. Perhaps it will this year, but if you would like to place a wager on it, I will take that bet.

Speaking of bets, for several years now, I have been wagering with friends that Congress will not pass federal legislation creating a national autonomous vehicles framework. Each session I win that bet. Keep in mind, a framework for driverless cars is far less controversial than privacy policy. Still, nothing substantive ever gets done in Congress.

Same goes for cybersecurity with lots of calls for big measures, but no final action. Folks are now also telling me to expect a big artificial intelligence bill one day soon. I sincerely doubt it. Again, I’ll bet on it if you’d like to lose some money!

Let me be clear, there may actually be some very good reasons why Congress should implement a national framework for privacy, driverless cars, and some AI policy issues. But all the wishful thinking in the world will not magically make it happen.

We need to entertain the possibility that Congress has largely checked out of the world of substantive tech policymaking and isn’t coming back. We may get a few big surprise measures here and there, as we did with clumsily-drafted FOSTA-SESTA. If anything, it is more likely that we instead see misguided legislative riders attached to non-germane measures during late night negotiations. But even haphazard efforts like those will be extremely rare. The days of Congress passing big bills like the Telecom Act of 1996 or the Cable Act of 1992 appear mostly over.

Why Congress Is No Longer the Major Player It Once Was

I think there are probably many obvious explanations for why Congress has checked out of tech policymaking, but let me try to boil it down to a couple of interrelated trends:

The “pacing problem” has intensified: The pacing problem refers to the inability of legal or regulatory regimes to keep adjust to the intensifying pace of technological change. There are just more emerging technologies than ever, and they are evolving faster than ever, too. “New technologies that used to have two-year cycle times now can become obsolete in six months, and the pace of change is not slowing,” says consulting firm Deloitte.

A growing multiplicity of technologies means more tech policy issues to cover. And those issues grow more complicated each year. As soon as lawmakers wrap their heads around one technology (if they do at all), another innovation pops up that complicates things further or crowds out their attention.

Technological convergence and blurring governance boundaries: Technology policymaking increasingly involves metaphysical questions about the underlying nature of things. For example, what is a “phone,” a “medical device,” or an “aerial vehicle”? These things used to be relatively easy to define and had well-understood meanings in federal statutes and regulations. But those concepts evolved rapidly in an age of widespread technological convergence and rapid-fire “combinatorial innovation,” with new technologies multiplying and building on top of one another in the symbiotic fashion. Basically, almost as soon as new tech laws or regulations are enacted, they are confronted with new marketplace realities and technological changes that call into question legal classifications or regulatory distinctions.

For example, today’s smartphones combine dozens of different functions that were previously quite distinct, including health tracking capabilities, mobile payment systems, and video distribution, all of which remain heavily regulated by an assortment of federal laws and agencies. But the convergence of all these capabilities in a single device that we can carry in our pockets creates massive governance challenges, not only for archaic legislative frameworks, but even for newer semantic distinctions that may seem current one moment only to be obliterated the next. These factors also make it harder to figure out who in Congress should be driving policy because technological convergence blurs previously distinct governance categories among legislative committees and the laws they have crafted.

Legislative dysfunctionalism: Policymaking processes move slowly by design. Constitutional constraints and other legal requirements demand it. But things move even slower today because of what Jonathan Rauch calls “demosclerosis,” or the “government’s progressive loss of the ability to adapt.” “[A]s layer is dropped upon layer,” he argued, “the accumulated mass becomes gradually less rational and less flexible.”

Inadequate resources are also part of the problem with Congress facing a complex, rapidly-evolving set of issues but devoting only limited resources to technical staff or studies to better understand these developments. This combined with the factors cited above has led to a never-ending “competency trap,” with lawmakers and their staffs seemingly always one step behind technological developments and societal demands or expectations.

Meanwhile, partisanship increases and the work load on many other fronts grows alongside it. There’s just a lot more on Congress’s plate than ever before. Plus, tech policy matters seemingly always take a back seat to tax, budget, entitlements, defense, and other issues.

Many people hope that boosting technology assessment efforts might help correct these problems. Perhaps better technical advice could help lawmakers ask less ignorant questions at tech-oriented congressional hearings, which have become showcases for the staggering lack of congressional understanding of modern technologies. But just adding new technology assessment capacity, such as in the form of a revived Office of Technology Assessment, won’t likely move the needle much in terms of actual legislative output. More serious structural reforms will be required.

Globalization: Many modern technologies “are truly global and call out for policy approaches that do not respect traditional national borders,” note former NITA officials Lawrence E. Strickling and Jonah Force Hill. Congress only has so much control over technologies that defy national boundaries, further complicating tech governance questions.

Yet, one would think that when America’s global competitive advantage was on the line, Congress would have greater reason to assert itself and craft frameworks to ensure US firms are not disadvantaged by a lack of policy clarity. That has not proven to be the case, however. Congressional lawmakers do plenty of huffing and puffing about the tech governance choices made by Europe, China, and other governments, but they then leave the field wide open to them (as well as lower levels of government) to craft policies that govern national markets throughout the United States.

Endless delegation: Speaking of passing the buck, Congress has been doing it for decades on tech policy by delegating massive and quite amorphous authority to technocratic administrative agencies. Over the past half century, scholars from various disciplines—economics, law, political science, history, and others—have explored the growth of what has been alternatively called the “interest group society,”  “receivership by regulation,”  “iron triangles,” and “client politics.” This literature identifies the way Congress has increasingly abdicated its constitutional role as lawmaker by shifting hard policy questions to regulatory agencies and then hoping that bureaucrats could figure out all the answers.

Delegation is even more common for the most technical policy matters, and that trend has only accelerated in recent years as the complexity increases and overwhelms lawmakers and their staff.

Ramifications for Tech Governance Going Forward

If Congress remains largely incapable of ever getting the ball over the goal line on important tech policy matters, what are some of the ramifications? There are many, but I will identify just a few of the most obvious ones:

• More tech-oriented legislative activity will shift to the states: In fact, it already has. For each of the tech policy issues I identified earlier (privacy, driverless cars, cybersecurity, and even some AI-related issues like facial recognition), states are—for better or worse—picking up the slack. We should expect that trend to accelerate. This will create an increasingly confusing patchwork of policies that will potentially raise serious barriers to entry and innovation. Nonetheless, I can’t see this trend reversing anytime soon. Perhaps Congress will finally act on privacy or driverless cars legislation if for no other reason than to preempt a crazy-quilt of contradictory policies. Of course, that’s what people have been predicting for years, and it never happens.
• “Soft law” becomes the dominate governance force for tech: Again, it already has. Soft law refers to informal, collaborative, and constantly evolving governance mechanisms that differ from hard law in that they lack the same degree of enforceability. Soft law can include things like multi-stakeholder processes, industry best practices and standards, agency workshops and guidance documents, and educational efforts. But that just scratches the surface of soft law mechanisms. For better or worse, soft law is becoming the dominant modus operandi for most modern technological governance. We can expect that trend to accelerate to fill the governance gap left by Congressional inaction. For example, we don’t have any formal “rules of the road” for driverless cars, but we do now have four iterations of Department of Transportation guidance on driverless cars. Version 4.0of the DoT guidance for automated vehicles was just released this month. Expect the “soft law-ization” of technological governance to expand considerably in coming years because it is really the only way for agencies to cope with the pacing problem and those metaphysical issues identified earlier. Because soft law is not boxed in by rigid preconceptions of what a particular technology or technological process is or entails, it is often better able to address new marketplace realities. Soft law can adapt as technologies do. With Congress out of the picture, it will have to.
• The congressional tech policy death spiral accelerates. Some may think (or at least hope) that the situation described here can’t get any worse. To the contrary, it can get radically worse. With our politics increasingly infected with bitter partisanship and rancor, what are the chances that lawmakers can work together to craft comprehensive tech policy measures? I’d say the odds are approaching zero. The Cable Act, the Telecom Act (and Sec. 230), and the Internet Tax Freedom Act all enjoyed broad, bipartisan support when they passed in the 1990s. People reached across the aisle to get things done. It didn’t always work, and sometimes it resulted in misguided policies (like the Communications Decency Act’s provisions trying to censor internet “indecency”). But bipartisan lawmaking scenarios like those seem almost unthinkable now. To the extent many lawmakers even show up at tech-oriented congressional hearings anymore, it is mostly to score points in front of the cameras for Team Red or Team Blue back home. Serious legislative oversight and policymaking is dead; it’s mostly just show-trials and media circuses at this point.

Should I Care about Congress Anymore?

If you believe this miserable thesis is correct but continue to focus on the Legislative Branch for a living, you may be asking yourself: Am I wasting all my time here? Not necessarily. Congress is still actively interested in tech policy matters. For those who hope to limit that damage Congress might do by hastily passing ham-handed, crisis-driven policy measures, your efforts in the trenches will continue to be important in curbing the worst instincts of some lawmakers. In many instances, preserving a perpetual stalemate may go down as a tremendous victory.

For example, as the debate over Section 230 intensifies—with politicians of all stripes looking to gut the most important of all Internet freedom policies—it is vital that smart people work with lawmakers and their staff to beat back misguided and destructive measures. Hopefully this becomes another instance of legislative gridlock winning out! And I think it will.

More realistically, your role will not be to stop Congress from doing insanely destructive things, it will be to just stop them from saying those things. In fact, that seems to be what a lot of people who work with Congress already do today. When I chat with various inside-the-Beltway policy advocates and industry reps today, they usually acknowledge that the prospects for actual legislation on any given issue are quite slim. They will, of course, continue to try to work with lawmakers, their committees, and their staff to either advance or stop legislative measures. Yet, they all seem to accept the utter futility of it all.

Why do they persist? Most obviously, they want to at least preserve the legislative stalemate and not cede the ground to their enemies who might succeed in getting lawmakers to do something if only one side was communicating with Congress.

But the other thing these policy advocates are hoping to achieve is better messaging. Regulatory advocates want lawmakers to use the power of the bully pulpit to put pressure on various people or groups to change behavior, even in the absence of any legislative action. By contrast, many in industry want to make sure that their technologies are understood and not endlessly demonized. Bad press isn’t good for business, even if all the congressional threats never result in final legislation. Also, those defending innovation more generally will want to make sure that even if lawmakers aren’t making any actual laws, they still better understand and appreciate the importance of new technological capabilities for improving human welfare.

Those are all good reasons not to give up your legislative advocacy. For some of us, however, the personal cost-benefit analysis just doesn’t add up. Our focus has shifted to where the real action is at: federal administrative agencies, statehouses and state administrative agencies, the courts, and the growing world of multi-stakeholder governance and other soft law efforts. Congress has checked out, but technological governance lives on in many other forms and venues.

Autonomous vehicles are quickly becoming a reality. Waymo just launched a driverless taxi service in Arizona. Part of GM’s cuts were based on a decision to refocus their efforts around autonomous vehicle technology. Tesla seems to repeatedly be promising more and more features that take us closer than ever to a self-driving future. Much of this progress has been supported by the light touch approach that has been taken by both state and federal regulators up to this point. This approach has allowed the technology to rapidly develop, and the potential impact of federal legislation that might detour this progress should be cautiously considered.

For over a year, the Senate has considered passing federal legislation for autonomous vehicle technology, the AV START Act, after similar legislation already passed the House of Representatives. This bill would clarify the appropriate roles for state and federal authorities and preempting some state actions when it comes to regulating autonomous vehicles and will hopefully end some of the patchwork problems that have emerged. While federal legislation regarding preemption may be necessary for autonomous vehicles to truly revolutionize transportation, other parts of the bill could create increased regulatory burdens that actually add speed bumps on the path of this life-saving innovation.

94% of auto accidents  are caused by human error and over 40,000 Americans died in car accidents last year alone.  Widespread adoption of autonomous vehicle technology can reduce traffic accidents by up to 90% and potentially save thousands of lives. With this in mind the Department of Transportation (DoT) and many states have encouraged the development of this life saving technology through the use of “soft law.” In the last two versions of its guidance on autonomous vehicles, DoT has taken a flexible approach rather than issuing top down restrictions that could hinder innovation. This approach is focused on the voluntary adoption of principles that can be quickly adapted to factor in developments in technological process far more easily than legislation or traditional rule-making that assume a certain path or favor a particular technology.

36 states and the District of Columbia have enacted legislation or issued executive orders regarding autonomous vehicles. Many states have taken the lead in using adaptive policy frameworks to promote an innovative approach in transportation to solve both the concerns of congestion and improve safety. In general, these laws have encouraged testing and innovation, but now given the variety in these policies, issues are starting to emerge that could limit future innovation. Innovators seeking to create vehicles that can travel across state lines must negotiate compliance with many different and conflicting policies. In fact, Audi refused to deploy its most technologically advanced driver assistance system because of the lack of clarity and uncertain legality associated with the current regulatory structure.

Federal legislation could answer the legal and regulatory questions that emerge when states have different policy approaches to this new technology. AV START Act establishes that the DoT remains the authority on federal safety standards including those for these new technologies and that it should continue to lead the way on a variety of policy questions related to autonomous vehicles. It also establishes that states retain traditional control over issues such as insurance and liability when it comes to autonomous vehicles. This clarification would help solve the patchwork issues that have started to emerge and such preemption may make for a smoother ride into an autonomous future.

Some of the requirements added by the bill could undermine the existing soft law approach that has allowed this area of innovation to flourish. For example, this bill requires rulemaking and regulation regarding testing and reporting for level 2 autonomy like is used in Tesla’s Autopilot and GM’s Super Cruise which are already available to consumers. Such a requirement would increase the burdens on innovators as well as possibly delaying the wider spread deployment of such technologies as companies seek to update their compliance and may need to make changes to insure they are meeting new reporting requirements. Similarly, the bill requires the DoT to engage in formal rulemaking on a variety of issues from consumer education about autonomous capabilities to child safety alerts for both autonomous and non-autonomous vehicles. Requiring formal rulemaking and mandating reports in the space particularly for existing, deployed technology could undermine the success previously brought about by the soft law approach could be a bump in the road on the way to a safer, driverless future.

At the same time, the current version of AV START encourages more soft law actions from the DoT. This includes a variety of delegations from Congress for working groups, studies, and advisory boards on issues such as accessibility, consumer education, and cybersecurity. Unlike the requirements for reporting and rulemaking, such approaches encourage regulators and entrepreneurs to develop solutions together and are not as likely to have a negative impact on innovation. So far, on both a state and federal level this regulatory approach has shown that it can remove the roadblocks to implementing this lifesaving technology while still providing a policy framework to address issues such as safety.

As discussed in my forthcoming paper with Ryan Hagemann and Adam Thierer, one of the reasons for the growth of soft law has been Congress’s failure to act when it comes to technology policy issues. While the AV START Act may show that this is not always the case, it also reveals why even when Congress does act, soft law’s flexible and adaptable approach may be preferable for rapidly evolving technologies. There are important roles for legislation in preventing regulatory or state actions from driving this technology off the road, but changing lanes from soft law to hard law could slow down rather speed up this important innovation.

Today, the U.S. Department of Transportation and the Federal Aviation Administration (FAA) announced that it will soon require Unmanned Aircraft Systems (UAS) or private drones, used for both personal and commercial purposes, to be registered in a national database. To facilitate this process, the agencies announced the creation of a new federal task force that will develop recommendations for a UAS registration process. Rules are to be published by November 20th (presumably to cover new devices sold before Christmas).

Here are some quick initial reactions on the proposed registration rules:

• The FAA is a creating a ‘show-us-your-papers’ regulatory regime for average Americans who own drones. Forcing all of us to register our devices with the authorities in a national drone owner’s database raises clear civil liberties concerns.
• Americans are generally opposed to the idea of registering their technologies and a ‘DMV for Drones,’ which isn’t likely to be run any more efficiently than existing government registration systems.
• Moreover, by demanding that all drones be registered, the FAA is opening the door to a potentially far greater regulatory threat since drones are, in essence, flying computers. We don’t have federal registration systems for computers or cameras, and we shouldn’t have such a regulatory regime for private drones.
• It’s not unclear how the agency plans to enforce against existing users, but in response to a question at the press conference announcing the new rules, the head of the DOT said that the task force would determine how to enforce registration retroactively for existing drone owners. So apparently they will be brought under the new rules.
• Mandatory registration of all drones also might raise some First Amendment-related issues for journalists, too, depending on how the FAA enforces its regulations. A government drone database could intimidate reporters (or potentially even private individuals and organizations) and make it harder for them to engage in whistle-blowing activities with the aid of drones.
• Because of these problems, I would not be surprised if the FAA’s new drone registration regime leads to a rise in acts of technological civil disobedience among average Americans, many of whom will actively oppose such heavy-handed tactics and the creation of yet-another federal database of their private information.
• Of course, it could be that the FAA handles objections by creating a long list of carve-outs and exemptions from the new database requirements. In fact, in the press release announcing the formation of the task force, the agency said that the task force “will advise the Department on which aircraft should be exempt from registration due to a low safety risk, including toys and certain other small UAS.” That could take some of the pressure off, but only by creating an even more convoluted regulatory regime.
• Finally, as an administrative matter, the way the FAA to pushing hard to ram this all through before Christmas has led them to believe that they can just skirt the law in the process. As Marc Scribner of the Competitive Enterprise Institute notes, the agency “will likely be in violation of two different federal laws: the FAA Modernization and Reform Act of 2012 and the Administrative Procedure Act.” Read Marc’s full post for the details, but in a nutshell, the FAA cannot simply throw out standard operating procedures in terms of federal rule-making guidelines simply because they wish to suggest that there is some sort of imminent threat to public safety here. The real danger comes not from unregistered drones, but lawmakers and regulators who believe they can suspend the rule of law and ignore administrative accountability when it suits their desires.

The Mercatus Center at George Mason University has published several reports and agency filings discussing the problems associated with the regulation of private and commercial drones. Most recently, Mercatus filed comments with the FAA as part of it proceeding on “Operation and Certification of Small Unmanned Aircraft Systems.”

Additional Reading:

• Jason Koebler, “8 Questions Raised by the FAA’s Decision to Register Every Drone in the US,” Motherboard, October 19, 2015.
• Alex Howard, “Get Ready To Stand In Line At The Department of Drone Vehicles” Huffington Post, October 19, 2015.
• John Goglia, “DOT/FAA Announce Mandatory Registration Of All Drones; Task Force Formed,” Forbes, October 19, 2015.
• Matt McFarland, “The frantic sprint begins to figure out drone registration,” Washington Post, October 20, 2015.
• Jonathan Rupprecht, “The Problems with Mandatory Drone Registration in Drone Law,” Drone Law Blog.
• Marc Scribner, “Is a Drone Registration Mandate Illegal?” CEI Blog, October 19, 2015.
• Kaveh Waddell, “Getting a Drone for Christmas? Better Register with the Government,” National Journal, October 19, 2015.
• Sally French, “All drones to require federal registration,” MarketWatch, October 18, 2015.

In a recent Senate Commerce Committee hearing on the Internet of Things, Senators Ed Markey (D-Mass.) and Richard Blumenthal (D-Conn.) “announced legislation that would direct the National highway Traffic Safety Administration (NHTSA) and the Federal Trade Commission (FTC) to establish federal standards to secure our cars and protect drivers’ privacy.” Spurred by a recent report from his office (Tracking and Hacking: Security and Privacy Gaps Put American Drivers at Risk) Markey argued that Americans “need the equivalent of seat belts and airbags to keep drivers and their information safe in the 21^st century.”

Among the many conclusions reached in the report, it says, “nearly 100% of cars on the market include wireless technologies that could pose vulnerabilities to hacking or privacy intrusions.” This comes across as a tad tautological given that everything from smartphones and computers to large-scale power grids are prone to being hacked, yet the Markey-Blumenthal proposal would enforce a separate set of government-approved, and regulated, standards for privacy and security, displayed on every vehicle in the form of a “Cyber Dashboard” decal.

Leaving aside the irony of legislators attempting to dictate privacy standards, especially in the post-Snowden world, it would behoove legislators like Markey and Blumenthal to take a closer look at just what it is they are proposing and ask whether such a law is indeed necessary to protect consumers. For security in particular, there may be concerns that require redress, but if one looks at the report, it becomes apparent that it lacks a very important feature:: no specific examples of real car hacking are mentioned. The only examples illustrated in the report are described in brief detail:

An application was developed by a third party and released for Android devices that could integrate with a vehicle through the Bluetooth connection. A security analysis did not indicate any ability to introduce malicious code or steal data, but the manufacturer had the app removed from the Google Play store as a precautionary measure.

Great! The company solved the problem. What about the other instance cited in the report?

Some individuals have attempted to reprogram the onboard computers of vehicles to increase engine horsepower or torque through the use of “performance chips”. Some of these devices plug into the mandated onboard diagnostic port or directly into the under-the-hood electronics system.

So the only two examples of “car hacking” described in the Markey report are essentially duds. The first is a non-issue, since the company (1) determined there was little security risk involved and (2) removed the item from the market anyways, just to be sure. The second is, in a sense, hacking, but it is individual car owners doing it to their own cars. Neither of these cases appears to be sufficient grounds for imposing a set of arbitrary and, in many cases, capriciously anti-innovation approaches to privacy and data security in cars.

In the wake of the report’s release, this past Tuesday, March 10, General Motors, Toyota, and Ford were all hit with a nationwide class action lawsuit, alleging that the companies concealed “dangers posed by a lack of electronic security in a vast swath of vehicles.” Specifically, the lawsuit is aimed at the presence of controller area network (CAN) buses, which act as data hubs between the various electronic systems in a car. These systems are, indeed, susceptible to hacking, but no more than any personal computer that is connected to the Internet.

The trouble with this lawsuit, brought by the Stanley Law Group, is that it has not cited any specific harms that have occurred as a result of this “defect” (as a side note, saying a computer being susceptible to hacking constitutes a defect in design is the equivalent of saying an airplane that is susceptible to lightning strikes is fundamentally defective). Rather, the plaintiffs argue that “[w]e shouldn’t need to wait for a hacker or terrorist to prove exactly how dangerous this is before requiring car makers to fix the defect.”

As Adam Thierer and I pointed out in our 2014 paper, Removing Roadblocks to Intelligent Vehicles and Driverless Cars:

Manufacturers have powerful reputational incentives at stake here, which will encourage them to continuously improve the security of their systems. Companies like Chrysler and Ford are already looking into improving their telematics systems to better compartmentalize the ability of hackers to gain access to a car’s controller-area-network bus. Engineers are also working to solve security vulnerabilities by utilizing two-way data-verification schemes (the same systems at work when purchasing items online with a credit card), routing software installs and updates through remote servers to check and double-check for malware, adopting of routine security protocols like encrypting files with digital signatures, and other experimental treatments. (pg. 40-41)

It’s always easy to see the potential for abuse and harm with any new emerging technology, but optimism and fortitude in the face of the uncertain is what helps society, and individuals, grow and progress. Car hacking, while certainly a viable concern, is not so ubiquitous that it necessitates a heavy-handed regulatory approach. Rather, we should permit various standards to emerge and attempt to deal with possible harms. In this way, we can experiment to properly determine what approaches work and what do not. Federal standards imposed from on high assume that firms and individuals are not capable of working through these murky issues. We should be a bit more optimistic about the human capacity for ingenuity and adaptability.

To end on something of a more optimistic note, Tom Vanderbilt of Wired magazine gives keen insight into the reality of regulating based on hypothetical scenarios:

Every scenario you can spin out of computer error – what if the car drives the wrong way – already exists in analog form, in abundance. Yes, computer-guidance systems and the rest will require advances in technology, not to mention redundancy and higher standards of performance, but at least these are all feasible, and capable of quantifiable improvement. On the other hand, we’ll always have lousy drivers.

Additional Reading 

• Law review article: “Removing Roadblocks to Intelligent Vehicles and Driverless Cars,” September 17, 2014.
• “Don’t Hit the (Techno-)Panic Button on Connected Car Hacking & IoT Security,” February 10, 2015.
• “Don’t Slam the Brakes on Smart Cars,” December 1, 2014.
• “Intelligent Vehicles Could Save Lives,” November 25, 2014.
• Permissionless Innovation: The Continuing Case for Comprehensive Technological Freedom (2014)

If you want a devastating portrait of how well-intentioned regulation sometimes has profoundly deleterious unintended consequences, look no further than the Federal Aviation Administration’s (FAA) current ban on commercial drones in domestic airspace. As Jack Nicas reports in a story in today’s Wall Street Journal (“Regulation Clips Wings of U.S. Drone Makers“), the FAA’s heavy-handed regulatory regime is stifling America’s ability to innovate in this space and remain competitive internationally. As Nicas notes:

as unmanned aircraft enter private industry—for purposes as varied as filming movies, inspecting wind farms and herding cattle—many U.S. drone entrepreneurs are finding it hard to get off the ground, even as rivals in Europe, Canada, Australia and China are taking off. The reason, according to interviews with two-dozen drone makers, sellers and users across the world: regulation. The FAA has banned all but a handful of private-sector drones in the U.S. while it completes rules for them, expected in the next several years. That policy has stifled the U.S. drone market and driven operators underground, where it is difficult to find funding, insurance and customers. Outside the U.S., relatively accommodating policies have fueled a commercial-drone boom. Foreign drone makers have fed those markets, while U.S. export rules have generally kept many American manufacturers from serving them.

Of course, the FAA simply responds that they are looking out for the safety of the skies and that we shouldn’t blame them. Again, there’s no doubt that the agency’s hyper-cautious approach to commercial drone integration is based on the best of intentions. But as we’ve noted here again and again, all the best of intentions don’t count for much–or at least shouldn’t count for much–when stacked against real-world evidence and results. And the results in this case are quite troubling.

An article last week from Alan McQuinn of the Information Technology and Innovation Foundation (“Commercial Drone Companies Fly Away from FAA Regulations, Go Abroad“) documented how problematic this situation has become:

With no certainty surrounding a timeline, limited access to exemptions, and a dithering pace for setting its rules, the FAA is slowing innovation. . . .  These overbearing rules have pushed U.S. companies to move their drone research and development projects to more permissive nations, such as Australia, where Google chose to test its drones. Australia’s Civil Aviation Safety Authority, the agency in charge of commercial drones, offers a great example of unrestrictive regulations. While it has not yet finalized its drone laws, it still allows companies and citizens to test and use these technologies under certain rules. Instead of forcing companies to reveal their technologies at government test sites, it allows them to test outdoors if they receive an operator’s certificate and submit their test area for approval. Australia’s more permissive nature shows how a country can allow innovation to thrive while simultaneously examining it for potential safety concerns.

The Wall Street Journal’s Nicas similarly observes that foreign innovators are already taking advantage of America’s regulatory mistakes to leapfrog us in drone innovation. He reports that Germany, Canada, Australia and China are starting to move ahead of us. Nicas quotes Steve Klindworth, head of a DJI drone retailer in Liberty Hill, Texas, who says that if the United States doesn’t move soon to adopt a more sensible policy position for drones that, “It’ll reach a point of no return where American companies won’t ever be able to catch up.”

In essence, the United States is adopting the exact opposite  approach we did a generation ago for the Internet and digital technology.  I’ve written recently about how “permissionless innovation” powered the Information Revolution and helped American companies become the envy of the globe. (See my essay, “Why Permissionless Innovation Matters,” for more details and data.) That happened because America got policy right, whereas other countries either tried to micromanage the Information Revolution into existence or they adopted policies that instead actively stifled it. (See my recent book on this subject for more discussion.)

In essence, we see this story playing out in reverse with commercial drones. The FAA is adopting a hyper-precautionary principle position that is holding back innovation based on worse-case scenarios. Certainly the safety of the national airspace is a vital matter. But to shut down all other aerial innovation in the meantime is completely unreasonable. As I wrote in a filing to the FAA with my Mercatus Center colleagues Eli Dourado and Jerry Brito last year:

Like the Internet, airspace is a platform for commercial and social innovation. We cannot accurately predict to what uses it will be put when restrictions on commercial use of UASs are lifted. Nevertheless, experience shows that it is vital that innovation and entrepreneurship be allowed to proceed without ex ante barriers imposed by regulators. We therefore urge the FAA not to impose  any  prospective restrictions on the use of commercial UASs without clear evidence of actual, not merely hypothesized, harm.

Countless life-enriching innovations are being sacrificed because of the FAA’s draconian policy. (Below I have embedded a video of me discussing those innovations with John Stossel, which was taped earlier this year.) New industry sectors and many jobs are also being forgone. It’s time for the FAA to get moving to open up the skies to drone innovation. Congress should be pushing the agency harder on this front since the agency seems determined to ignore the law, which requires the agency to integrate commercial drones into the nation’s airspace.

Additional  Reading

• Filing to FAA on Drones & “Model Aircraft”, Sept. 23, 2014
• Private Drones & the First Amendment, Sept. 19, 2014
• [TV interview] The Beneficial Uses of Private Drones, March 28, 2014
• Comments of the Mercatus Center to the FAA on integration of drones into the nation’s airspace, April 23, 2o13
• Eli Dourado, Deregulate the Skies: Why We Can’t Afford to Fear Drones, Wired, April 23, 2013
• Permissionless Innovation: The Continuing Case for Comprehensive Technological Freedom (2014)
• [Video] Cap Hill Briefing on Emerging Tech Policy Issues (June 2014)

Ladar Levison, founder of encrypted email service Lavabit, discusses recent government action that led him to shut down his firm. When it was suspected that NSA whistleblower Edward Snowden used Lavabit’s email service, the FBI issued a National Security Letter ordering Levison to hand over SSL keys, jeopardizing the privacy of Lavabit’s 410,000 users. Levison discusses his inspiration for founding Lavabit and why he chose to suspend the service; how Lavabit was different from email services like Gmail; developments in his case and how the Fourth Amendment has come into play; and his involvement with the recently-formed Dark Mail Technical Alliance.

Download

Related Links

• Lavabit, Levison
• Dark Mail, Zimmerman, Callas, Janke, Levison
• Lawyers raise civil liberty concerns in Lavabit case, Salon
• Lawyers for Lavabit founder: judges may dismiss civil liberties concerns, The Guardian

Jerry Ellig, senior research fellow at the Mercatus Center at George Mason University, discusses the the FCC’s lifeline assistance benefit funded through the Universal Service Fund (USF). The program, created in 1997, subsidizes phone services for low-income households. The USF is not funded through the federal budget, rather via a fee from monthly phone bills — reaching an all-time high of 17% of telecomm companies’ revenues last year. Ellig discusses the similarities between the USF fee and a tax, how the fee fluctuates, how subsidies to the telecomm industry have boomed in recent years, and how to curb the waste, fraud and abuse that comes as a result of the lifeline assistance benefit.

Download

Related Links

• Jerry Ellig’s Biography Mercatus Center
• Benefits, Costs and other Important Stuff-Demystifying Regulatory Analysis Ellig, Mercatus Center
• The Future of Regulation Ellig, Pepperdine University School of Public Policy

Adam Thierer, Senior Research Fellow at the Mercatus Center discusses his recent working paper with coauthor Brent Skorup, A History of Cronyism and Capture in the Information Technology Sector. Thierer takes a look at how cronyism has manifested itself in technology and media markets — whether it be in the form of regulatory favoritism or tax privileges. Which tech companies are the worst offenders? What are the consequences for consumers? And, how does cronyism affect entrepreneurship over the long term?

Download

Related Links

• A History of Cronyism and Capture in the Information Technology Sector, Thierer
• Video: A History of Cronysim and Capture in the Information Technology Sector, Thierer
• Adam Thierer Biography, Mercatus Center
• Adam Thierer on Anti-Tech Grump Evgeny Morozov, Thierer

[UPDATE 4/30/13: This article was subsequently published in Volume 65, Issues 2 of the Federal Communications Law Journal in April 2013. The links below now point to the final FCLJ version.]

The Mercatus Center at George Mason University has just released a new paper by Brent Skorup and me entitled, “Uncreative Destruction: The War on Vertical Integration in the Information Economy.”  Brent, who is the research director for the Information Economy Project at the George Mason University School of Law, and I have been working on this paper since the Spring and we are looking forward to getting it published in a law review shortly. The paper focuses on Tim Wu’s “separations principle” for the digital economy, something I’ve spent some time critiquing here in the past. Here’s the introduction from the 44-page paper that Brent and I just released:

Are information sectors sufficiently different from other sectors of the economy such that more stringent antitrust standards should be applied to them preemptively? Columbia Law School professor Tim Wu responds in the affirmative in his book The Master Switch: The Rise and Fall of Information Empires. Having successfully pushed net-neutrality regulation into the policy spotlight, Wu has turned his attention to what he regards as excessive market concentration and threats to free speech throughout the entire information economy.To support his call for increased antitrust intervention, Wu explains his view of competition in the information economy—a view that deviates substantially from current mainstream antitrust theory. First, Wu contends that “information monopolies” are pervasive in the information economy. Wu’s “monopolists” include Facebook, Apple, Google, and even Twitter. In The Master Switch and essays like “In the Grip of the New Monopolists,” Wu argues that these so-called monopolies are increasing their market power and require more aggressive oversight and regulation.Second, Wu argues that traditional antitrust analysis is not sufficient for information systems because they carry speech. He claims, “Information industries… can never be properly understood as ‘normal’ industries,”and traditional forms of regulation, including antitrust enforcement, “are clearly inadequate for the regulation of information industries.”Wu believes that because information industries “traffic in forms of individual expression” and are “fundamental to democracy,” they should be subject to greater regulatory treatment.Third, in contrast to current competition law’s focus on horizontal relationships, Wu desires a reinvigorated regulatory enforcement that addresses “the corrupting effects of vertically integrated power” in the information sectors.He is particularly concerned about private threats to free speech arising from such vertical integration.The solution, he says, is preventing vertical mergers in the information economy and the mandatory divestiture of vertically integrated companies. To implement this, Wu proposes a Separations Principle for the information economy, which would segregate information providers into three buckets, which we have labeled information creators, information distributors, and hardware makers.This article outlines Wu’s separations proposal, explains why his fears regarding vertical relationships should be rejected by regulatory and antitrust policymakers, and illustrates the legal and practical problems his Separations Principle poses. Wu justifies his Separations Principle by citing monopolies and market power in the information economy. He also advocates using U.S. antitrust authorities to enforce his Principle. We argue that the antitrust harms he fears are not present, and we highlight scholarship on the accepted benefits of vertically integrated firms. We show that Wu’s remedies are policy preferences wrapped in the language of competition law. In fact, the information economy is largely competitive and does not warrant interventionist regulatory enforcement. Since much of American economic vitality flows from the information economy and technology, policymakers should reject a radical antitrust remedy like Wu’s preemptive Separations Principle.

The paper can be downloaded from the Mercatus website, SSRN, or Scribd.

Filings are due to the Federal Trade Commission (FTC) today as part of its review of the Children’s Online Privacy Protection Act (COPPA) and the COPPA rule that the FTC devised and enforces. I didn’t have time to pen as much as I wanted, but I did submit a short filing to the agency in the matter based on some of my previous work both with Berin Szoka and on my own.  Here’s the executive summary for my filing:

It goes without saying that the Children’s Online Privacy Protection Act (COPPA) is complicated law and rule. When considering the rule and proposals to amend it, it is easy to get lost in the weeds and ignore the bigger picture. That would be a mistake. There are broader, more important questions that need to be asked as part of the Federal Trade Commission’s effort to expand this regulatory regime. These questions involve not only the costs of increased regulation for online business interests, but the impact of expanded regulation on market structure, competition, and innovation. More importantly, these questions cut to the core of whether the public (including children) will be served with more and better digital innovations in the future. There is no free lunch. Regulation—even well-intentioned regulation like COPPA—is not a costless exercise. There are profound trade-offs for online content and culture that must always be considered.

Whatever one thinks about the effectiveness or sensibility of the COPPA regulatory model for the Web 1.0 world, it is clear that the regime is being strained by the unforeseen realities of the Web 2.0 world of hyper-ubiquitous connectivity and user-generated content creation and sharing. The digital genie cannot be put back in the bottle.  While COPPA may continue to have a marginal role to play in this rapidly evolving world, that role will likely be increasingly limited by the inherent realities of the information age.

Entire filing can be found on the Mercatus website, on SSRN, or via Scribd [Also embedded below in a Scribd reader.] [FILING] Comments of Adam Thierer – Mercatus Center – FTC COPPA 2011 Ammendments

by Berin Szoka & Adam Thierer, Progress Snapshot 5.11 (PDF)

Ten years ago, Nobel Prize-winning economist Milton Friedman lamented the “Business Community’s Suicidal Impulse:” the persistent propensity to persecute one’s competitors through regulation or the threat thereof. Friedman asked: “Is it really in the self-interest of Silicon Valley to set the government on Microsoft?” After yesterday’s FCC vote’s to open a formal “Net Neutrality” rule-making, we must ask whether the high-tech industry—or consumers—will benefit from inviting government regulation of the Internet under the mantra of “neutrality.”

The hatred directed at Microsoft in the 1990s has more recently been focused on the industry that has brought broadband to Americans’ homes (Internet Service Providers) and the company that has done more than any other to make the web useful (Google). Both have been attacked for exercising supposed “gatekeeper” control over the Internet in one fashion or another. They are now turning their guns on each other—the first strikes in what threatens to become an all-out, thermonuclear war in the tech industry over increasingly broad neutrality mandates. Unless we find a way to achieve “Digital Détente,” the consequences of this increasing regulatory brinkmanship will be “mutually assured destruction” (MAD) for industry and consumers.

New Fronts in the Neutrality Wars

The FCC’s proposed rules would apply to all broadband providers, including wireless, but not to Google or many other players operating in other layers of the Net who favor such broadband-specific rules. With this rulemaking looming, AT&T came after Google with letters to the FCC in late September and then another last week accusing the company of violating neutrality principles in their business practices and arguing that any neutrality rules that apply to ISPs should apply equally to Google’s panoply of popular services. In particular, AT&T accused Google of “search engine bias,” suggesting that only government-enforced neutrality mandates could protect consumers from Google’s supposed “monopolist” control.

The promise made yesterday by the FCC—to only apply neutrality principles to the infrastructure layer of the Net—is hollow and will ultimately prove unenforceable. The reality is that regulation always spreads. The march of regulation can sometimes be glacial, but it is, sadly, almost inevitable: Regulatory regimes grow but almost never contract. Indeed, in some ways, the prediction we made just three weeks ago is already coming true: The basic premise of neutrality regulation is already being proposed for other layers of the Internet—and not just by AT&T in retaliation. One need not agree with all of AT&T’s accusations to recognize that, whatever the FCC might say today, any large online intermediary with a popular platform potentially faces the threat of “network neutrality” mandates—because every platform is essentially a “network,” too. We’re not just talking about “search neutrality” (Google as well as Microsoft) but also about “device neutrality” (mobile handsets), “app neutrality” (Apple’s iTunes store, Facebook’s developers and Google’s Android mobile OS) and so on for social networking, email, instant messaging, online advertising, etc.

An open letter sent to FCC Chairman Julius Genachowski this week by 28 founders and CEOs of leading application providers—including Amazon, Google, Facebook, Netflix, Craigslist, Sony and Twitter—speaks generally about the need for the FCC to enforce a “guarantee of neutral, nondiscriminatory access by users.” While many of these signatories may have in mind ISPs as the network “gatekeepers” that need to be reined in by the FCC, the more successful among them are likely to find this letter used against them in the future—perhaps even by co-signatories—to advance a broad conception of what the government must do to ensure “openness” and “access” for platforms at all layers of the Internet.

Dumb Networks, Dumb Devices

The intellectual foundations for this regulatory creep have already been laid by groups like Free Press and Public Knowledge and law professors like Columbia’s Tim Wu, Harvard’s Jonathan Zittrain and Seton Hall’s Frank Pasquale. As originally conceived by Tim Wu in 2003, “network neutrality” is not unique to broadband networks: “the basic economic problem found in the network neutrality debate (a form of ‘platform exclusion’ or ‘vertical foreclosure’) can be found in many other markets.” Indeed, Wu’s popular Net Neutrality FAQ declares:

The promotion of network neutrality is no different than the challenge of promoting fair evolutionary competition in any privately owned environment, whether a telephone network, operating system, or even a retail store. Government regulation in such contexts invariably tries to help ensure that the short-term interests of the owner do not prevent the best products or applications becoming available to end-users.

Zittrain picked up where Wu left off in The Future of the Internet and How to Stop It—attacking, as the enemies of innovation, not ISPs but the supposedly “closed” platforms of Apple, TiVo and Microsoft’s Xbox. Zittrain warns that:

If there is a present worldwide threat to neutrality in the movement of bits, it comes not from restrictions on traditional Internet access that can be evaded using generative PCs, but from enhancements to traditional and emerging appliancized services that are not open to third-party tinkering.

Zittrain’s general solution is “API [Applications Programming Interface] neutrality:” If you create a platform (whether hardware or software) and begin allowing third-party contributions (“generativity”), you will lose all control over devices or applications that can run on that platform.

Those who offer open APIs on the Net in an attempt to harness the generative cycle ought to remain application-neutral after their efforts have succeeded, so all those who built on top of their interface can continue to do so on equal terms…. [N]etwork neutrality ought to be applied to the new platforms of Web services that, in turn, depend on Internet connectivity to function.

Clearly, if Zittrain and his allies have their way, the sort of neutrality mandates envisioned by the FCC or some Congressmen for ISPs will eventually cover companies such as Apple, Google, Facebook, Myspace, Twitter and Amazon—all singled out by Zittrain in a New York Times op-ed in July:

If the market settles into a handful of gated cloud communities whose proprietors control the availability of new code, the time may come to ensure that their platforms do not discriminate. Such a demand could take many forms, from an outright regulatory requirement to a more subtle set of incentives — tax breaks or liability relief — that nudge companies to maintain the kind of openness that earlier allowed them a level playing field on which they could lure users from competing, mighty incumbents.

Frank Pasquale agrees on the need to restrain all “the dominant players at all layers of online life,” but focuses on his demand for a Federal Search Commission to control supposedly “biased” search results. While the FCC wrings its hands over “managed services” offered by ISPs, search engines are increasingly offering their own value-added services by “blending” algorithmically-derived results with special features like maps, videos, books or music depending on what the search term suggests the user is interested in. “Artificially” ensuring that these features appear on the first page of search results is clearly non-neutral, and necessarily involves search engines making ”managed” decisions as to whose features to include. Yet such features also clearly benefit users—dramatically improving the usefulness of search engines and helping to sustain struggling business models like music retailing.

But one need not resort to the works of “ivory tower” academics to see the slippery slope we’re already tumbling down with the infinitely elastic principle of “neutrality.” The prospect of the FCC gradually transforming into a “Federal Information Commission” becomes more apparent when one reads the Wireless Innovation and Investment Notice of Inquiry recently released by the FCC:

As other approaches, such as cloud computing, evolve, will established standards or de facto standards become more important to the applications development process? For example, can a dominant cloud computing position raise the same competitive issues that are now being discussed in the context of network neutrality? Will it be necessary to modify the existing balance between regulatory and market forces to promote further innovation in the development and deployment of new applications and services?

One can imagine how some might use such language to accuse Google of being in “a dominant cloud computing position” such that “the context of network neutrality” will be applied to cloud service (like Google Voice) to “modify the existing balance between regulatory and market forces” through regulation. Indeed, that’s precisely what AT&T has suggested in recent letters (September 25 ^th and October 14 ^th) to the FCC.

AT&T’s partner Apple has already been the subject of such attacks for its decision to block the Google Voice app earlier this summer. The incident marked the beginning of open warfare between Google and AT&T/Apple. The FCC quickly jumped into the mix, first questioning how Apple manages its iTunes apps store for the iPhone, then questioning how Google runs its free Voice application. What legal authority the FCC has over either service is far from clear, but Apple seems to have gotten the message: It recently approved the Spotify music streaming app for the iPhone, which could be a serious competitive threat to the iTunes music store. This small incident highlights how easily regulators can impose their will through informal mechanisms like open-ended investigations even without clear authority to issue rules or bring enforcement actions. Yet none dare call it what it is: regulatory blackmail.

The Inevitability of Regulatory Capture

No doubt, other industry players will cheer on such regulatory harassment of the titans of tech—and maybe even demand more of it. Regulatory creep is driven by more than the self-interests of every bureaucracy to expand its own mission, budget and staff. As the Electronic Frontier Foundation has noted, “Experience shows that the FCC is particularly vulnerable to regulatory capture.” While lobbyists play an important role in defending business from government, all too many businesses naively look at government as a beast that can be tamed, trained, and turned to one’s own advantage, and often try to use the expanding regulatory apparatus to their own advantage or simply throw their competitors under the bus to save themselves. The result is a Hobbesian regulatory “war of all against all” within industry.

As Professor Alfred E. Kahn explained in his 2-volume opus, The Economics of Regulation, all regulation—however high-minded—is inevitably captured by special interests because:

When a commission is responsible for the performance of an industry, it is under never completely escapable pressure to protect the health of the companies it regulates, to assure a desirable performance by relying on those monopolistic chosen instruments and its own controls rather than on the unplanned and unplannable forces of competition. […] Responsible for the continued provision and improvement of service, [the regulatory commission] comes increasingly and understandably to identify the interest of the public with that of the existing companies on whom it must rely to deliver goods.

If Internet regulation follows the same course as other industries, the FCC and/or lawmakers will eventually indulge calls by all sides to bring more providers and technologies “into the regulatory fold.” Clearly, this process has already begun. Even before rules are on the books, the companies that have made America the leader in the Digital Revolution are turning on each other in a dangerous game of brinksmanship, escalating demands for regulation and playing right into the hands of those who want to bring the entire high-tech sector under the thumb of government—under an Orwellian conception of “Internet Freedom” that makes corporations the real Big Brother, and government, our savior.

Toward a Less MAD World: Digital Détente

Sincere defenders of real Internet Freedom—that is, freedom from government techno-meddling—recognize that there will always be disputes over how companies deal with each other online across all layers of the Internet. The question is not whether we need a technical coordinating mechanism for handling such disputes. Someone should mediate conflicts over alleged deviations from abstract neutrality principles. But should that arbitrator be an inherently political body like FCC? Or should we instead look to truly independent, apolitical arbitrators like the Internet Engineering Task Force or collaborative efforts like the Network Neutrality Squad? Such alternative dispute resolution mechanisms and fora need not have the power of law to be effective: The weight of their expert opinion, based on careful investigation of the facts, would likely resolve most disputes, because companies have strong reputational incentives to comply with reasoned rulings by truly neutral experts. And the white hot spotlight of public attention has a way of disciplining marketplace behavior as well.

Government would still have a role to play, of course, in enforcing antitrust laws where anticompetitive harm to consumers can be proven, and in enforcing the promises companies make to consumers. Ultimately, however, certain business models and technologies require non-neutral treatment, and the best remedy for concerns about non-neutrality is competition itself: In the high-tech sector more than any other, disruptive innovation makes it difficult for even the most successful companies to stay on top forever. Competitive entry—or even the threat of new entry—provides a powerful check on the power of so-called “gatekeepers,” but even more important is the prospect that today’s leaders will be tomorrow’s laggards: There’s little reason to think Google (search and advertising), Apple (smart phones and music) and Facebook (social networking) won’t someday find themselves playing catch-up, just as IBM (computers), Microsoft (desktop software and search), Friendster and MySpace (social networking), and Yahoo! and AOL (web portals) have had to do.

“Digital Détente” would require that all parties concede something and work constructively toward a more “peaceful” ( i.e., less regulatory) resolution. And yet, no Internet company wants to disarm unilaterally, foreswearing politics as a continuation of competition by other means. Only through multilateral disarmament could they break out of the current cycle of regulatory one-upmanship: If the companies in the Internet ecosystem could form a united front against increased government regulation and in favor of removing existing regulatory obstacles to competition, they could all return to their core competencies of creativity and innovation.

The alternative is a regulatory “nuclear winter”: high-tech titans turning their political fire on each other, catching innocent third parties in the cross-fire and bringing a dark cloud of government regulation over the entire Internet. Such increased regulation would stifle investment and innovation throughout the Internet ecosystem. Thus, it is consumers who will ultimately suffer most from the tech industry’s suicidal impulse, as their choices and digital lives are impoverished. For their sake, we hope all industry players will step back from the brink to avoid such high-tech mutually assured destruction.

Cyberbullying constitutes one of the largest growth categories of recent cyberlaw legislative proposals, and many state legislatures have already enacted measures aimed at combating this problem using a variety of approaches.  Those attempting to monitor ongoing developments in this field might find it useful to examine this National Conference of State Legislatures (NCSL) compendium of recent state cyberbullying bills.

In June, Berin Szoka and I published a PFF white paper, “Cyberbullying Legislation: Why Education is Preferable to Regulation.”  That paper mostly address federal legislation and, in particular, we contrasted the approaches set forth in Rep. Linda Sánchez’s (D-CA) “Megan Meier Cyberbullying Prevention Act,” versus the “School and Family Education about the Internet (SAFE Internet) Act,” which was introduced in the Senate by Sen. Robert Menendez (D-NJ) and in the House by Rep. Debbie Wasserman Schultz (D-FL).  Whereas the Sánchez bill would create a new federal felony to address these problems, the SAFE Internet Act proposes an education-based approach to the issue.

Generally speaking, Berin and I favor the latter approach, to the extent federal legislators feel the need to act. But we argued that state experimentation on this front may be the better way to go at this time.  As the NCSL survey suggests, states are pursing a variety of strategies and will continue to do so.  In light of that, I’m not sure why any federal legislation is needed at this time.  If the feds are really eager to push something at the national level, perhaps a generic public awareness / PSA campaign would make the most sense while more tailored state-based experimentation continues.  This is rare example of where state-based experimentation with a cyberlaw issue actually makes a lot of sense.

What Unites Advocates of Speech Controls & Privacy Regulation? [pdf]

by Adam Thierer & Berin Szoka The Progress & Freedom Foundation, Progress on Point No. 16.19

Anyone who has spent time following debates about speech and privacy regulation comes to recognize the striking parallels between these two policy arenas. In this paper we will highlight the common rhetoric, proposals, and tactics that unite these regulatory movements. Moreover, we will argue that, at root, what often animates calls for regulation of both speech and privacy are two remarkably elitist beliefs:

1. People are too ignorant (or simply too busy) to be trusted to make wise decisions for themselves (or their children); and/or,
2. All or most people share essentially the same values or concerns and, therefore, “community standards” should trump household (or individual) standards.

While our use of the term “elitism” may unduly offend some understandably sensitive to populist demagoguery, our aim here is not to launch a broadside against elitism as Time magazine culture critic William H. Henry once defined it: “The willingness to assert unyieldingly that one idea, contribution or attainment is better than another.”^[1] Rather, our aim here is to critique that elitism which rises to the level of political condescension and legal sanction. We attack not so much the beliefs of some leaders, activists, or intellectuals that they have a better idea of what it in the public’s best interest than the public itself does, but rather the imposition of those beliefs through coercive, top-down mandates.

That sort of elitism—elitism enforced by law—is often the objective of speech and privacy regulatory advocates. Our goal is to identify the common themes that unite these regulatory movements, explain why such political elitism is unwarranted, and make it clear how it threatens individual liberty as well as the future of free and open Internet. As an alternative to this elitist vision, we advocate an empowerment agenda: fostering an environment in which users have the tools and information they need to make decisions for themselves and their families.

I. The Elitism of Speech Regulation

First, consider how those two elitist beliefs identified above are on display when lawmakers or regulatory advocates make efforts to control speech or content.^[2] Calls to regulate free speech are often premised on the belief that something must be done to “protect The Children.”^[3] Personal and parental responsibility ^[4] are regarded as inadequate safeguards ^[5] since some parents will inevitably fall down on the job by not adequately shielding their children’s eyes and ears from potentially objectionable (or supposedly harmful) speech. Therefore, government must regulate content that is indecent, profane, excessively violent, and so on. The definition of those things is then left to unelected bureaucrats and judges to make on our behalf.

But it’s not just about “The Children.” Some regulatory advocates believe that even the choices made by consenting adults must be disregarded because some people fail to understand the supposedly destructive nature of the speech they are consuming. Government must act to protect people from making what some regulatory advocates regard as destructive or even immoral choices that could bring harm to them or their loved ones.

In sum, regulatory advocates are essentially saying that people cannot be trusted or left to their own devices and, therefore, government must intervene and establish a baseline “community standard” on behalf of the entire citizenry to tell them what‘s best for them.^[6] Even if those citizens have tools and information at their disposal to make sensible decisions about objectionable content, that’s not good enough because they might not do the job properly. Government must do it for them!

II. The Elitism of Privacy Regulation

This same mentality motivates calls for privacy regulations. Those who call for government interventions to “protect privacy” often claim that people too willingly surrender personal information about themselves and that they don’t understand the adverse consequences of those actions.^[7] Alternatively, regulatory advocates claim that advertising and marketing efforts are inherently “manipulative” and that people do not realize they are being duped into surrendering personal information or into buying products or services they supposedly don’t need.^[8] Of course, those regulatory advocates rarely pause to explain to us how it is that they were not also duped and manipulated by the same things—again revealing their deeply-rooted elitism! (As discussed below, this makes it clear how the psychological phenomenon of “third-person effect hypothesis” is driving much of this debate.)

“Protecting The Children” is also used as a rhetorical cover for regulation here, but not as often in debates over speech controls.^[9] Instead, regulatory advocates mostly focus on adults who are presumed not to know what is in their own best interest—necessitating paternalistic government intervention on their behalf.

III. Intellectual Schizophrenia on Both the Left & Right

What is particularly interesting about all this is the way these two issues expose a sort of intellectual schizophrenia at work on both the Left and Right of the political spectrum. Left-leaning policymakers and intellectuals typically decry censorship efforts (except where “commercial speech,” “hate speech” and “bias” are at issue), but are quick to rally around proposals to layer privacy regulations on the Internet. The opposite is often true of many on the Right of the political spectrum: They typically declare privacy regulations to be paternalistic and antithetical to free enterprise (or perhaps just erosive of efforts to legislate morality),^[10] but in the next breath advocate controls on content they find objectionable.

Few on either side stop to consider the relationship between speech and privacy. In fact, they are but two sides of the same coin. After all, what is your “right to privacy” but a right to stop me from observing you and speaking about you?^[11] “Protecting privacy,” therefore, typically means restricting speech rights in the process. Advocates of privacy regulation often insist that the use, processing and collection of information are “conduct” unprotected by the First Amendment, but in fact, the First Amendment broadly protects the gathering and distribution of information as part of the process of communication (“speech”).^[12] Similarly, attempts to “clean up” speech or “protect The Children,” often require regulations that would betray the privacy of adults by expanding the role of government, and impose serious burdens on businesses and markets—such as age verification mandates ^[13] or extensive data retention requirements.^[14]

IV. Common Tactics & Regulatory Mechanisms

The two movements also share common political tactics and regulatory approaches. Privacy advocates generally favor “opt-in” mandates as the federal “baseline standard” for any website collecting information about users, especially their browsing habits (regardless of whether the information is “personally identifiable”). In other words, the law would create a property right in such “personal information” (ironically, many advocates of this approach criticize or reject intellectual property.) In a similar vein, many advocates of speech controls push for mandatory parental control tools or restrictive default settings.^[15] That is, if government won’t censor speech outright, regulatory advocates want lawmakers to at least (1) require that media, computing and communications devices be shipped to market with parental controls embedded or included (as proposed in Australia and with China’s “Green Dam” filter),^[16] and possibly, (2) that such controls be defaulted to their most restrictive position—forcing users to opt-out of the controls later if they want to consume media rated above a certain threshold.

More sophisticated advocates of speech controls and privacy regulation will likely argue that their paternalism is less elitist or intrusive because they merely want to “nudge” the public into making “better” decisions. Economist Richard Thaler and legal scholar Cass Sunstein (director of President Obama’s Office of Information and Regulatory Affairs, responsible for analyzing most new federal regulations) popularized this approach with their 2008 book Nudge: Improving Decisions about Health, Wealth, and Happiness. Based on behavioral economics studies, they argue that both government and private actors must inevitably make decisions about “choice architecture” and that, by setting defaults, incentives and rules smartly, “choice architects” can and should improve decision-making without blocking, fencing-off or significantly burdening choices.^[17]

In this regard, Sunstein and Thaler’s approach parallels the work of Lawrence Lessig, one of the most influential Internet policy thinkers. Lessig has argued that the “architecture” of “code” (how software is written) “regulates” all online activities and requires government oversight and intervention to keep in check. Otherwise, he warned ominously a decade ago, “Left to itself, cyberspace will become a perfect tool of control.”^[18] Lessig’s hyper-pessimistic predictions have proven unwarranted, however. Far from fostering a world of “perfect control,” code and cyberspace have proven remarkably difficult to regulate, but nonetheless has generally benefited consumers and citizens without centralized direction.^[19] Still, Lessig, Sunstein, and others of this ilk persist in their advocacy of “nudges” of many varieties to impose their will on cyberspace through mandates from above.

But while it might be possible to define “better decisions” and argue that poor choice architecture leads people to choose things they clearly don’t want in contexts like investment decisions and mortgages, how can elites know what other people really want in highly subjective contexts like privacy and speech? Should they rely on opinion polls—the highly subjective results of which depend heavily on “choice architecture” of question-crafting—to guess what the right default should be?^[20] Was the Chinese proposal to mandate deployment of “Green Dam” just a harmless “nudge” because users weren’t barred from uninstalling the filtering software that must accompany their computers (i.e., “opting-out”)? The problem becomes even more difficult where trade-offs among competing values are inevitable. For example, data collection about Internet users raises privacy concerns for some but benefits all, creating more funding for “free” content (i.e., speech) and services users prefer by making more valuable the advertising that supports online publishers. In short, regulations of speech and privacy are likely to be pure paternalism, even when billed as “libertarian paternalism as Thaler and Sunstein label their approach.^[21]

What might be called “regulatory blackmail” is also a time-honored tradition among both advocates of speech controls and privacy regulation. When censorship advocates have previously been impeded by the First Amendment, they have worked behind the scenes with lawmakers or regulatory agencies to use indirect pressure and strong-arming tactics to extract “voluntary concessions” from companies or others.^[22] For example, in 2004, the FCC strong-armed radio giant Clear Channel into agreeing to a “voluntary” consent decree that involved taking Howard Stern off the air.^[23] Similarly, in 2008, XM and Sirius Satellite Radio finally agreed to set aside 4% of their system capacity for use by politically favored racial minorities (a kind of speech control) as a “voluntary condition” of their merger—after the FCC had sat on their application for nearly 16 months.^[24] This race-based preference would have been unconstitutional if the FCC had imposed it directly.^[25] While the FTC has been far less prone to such abuse and actually plays a key role in holding companies to their promises, its current Chairman, Jon Leibowitz, has hung the “regulatory sword of Damocles” over the heads of the online advertising industry, threatening them with a “day of reckoning” if he doesn’t get what he wants from industry self-regulatory efforts.”^[26] The sword could actually fall if the FTC turns self-regulation into the European model of “co-regulation,” where the government steers and industry simply rows.^[27]

V. The Crisis Mentality that Drives Regulation

Speech and privacy regulatory advocates share another trait in common: an affinity for the use of a crisis mentality as a method of spurring political action. In his 1995 book The Vision of the Anointed: Self-Congratulation as a Basis for Social Policy, political philosopher and economist Thomas Sowell formulated a model that he argued drives ideological crusades to expand government power over our lives and economy. “The great ideological crusades of the twentieth-century intellectuals have ranged across the most disparate fields,” noted Sowell. But what they all had in common, he argued, was “their moral exaltation of the anointed above others, who are to have their different views nullified and superseded by the views of the anointed, imposed via the power of government.”^[28] These government-expanding crusades shared several key elements, which Sowell identified as follows:

1. Assertion of a great danger to the whole society, a danger to which the masses of people are oblivious.
2. An urgent need for government action to avert impending catastrophe.
3. A need for government to drastically curtail the dangerous behavior of the many, in response to the prescient conclusions of the few.
4. A disdainful dismissal of arguments to the contrary as either uninformed, irresponsible, or motivated by unworthy purposes.

We see this model at work on a daily basis today with our government’s various efforts to reshape our economy, but the model is equally applicable to debates over speech controls and privacy regulation. In particular, the various “technopanics”^[29] we have witnessed in recent years fit this model. For example, consider how this model plays out in the debate over online social networking:

1. Assertion of a great danger to the whole society [online sexual predators], a danger to which the masses of people are oblivious.
2. An urgent need for government action [such as mandatory online age verification ^[30] or the Deleting Online Predators Act ^[31]] to avert impending catastrophe.
3. A need for government to drastically curtail the dangerous behavior of the many [must stop kids and adults from being online together on same sites], in response to the prescient conclusions of the few [some state Attorneys General].^[32]
4. A disdainful dismissal of arguments to the contrary as either uninformed, irresponsible, or motivated by unworthy purposes [child safety researchers and others are told that their research is meaningless or offbase].^[33]

We also see this model in play in other debates, such as efforts to regulate “excessively violent” video games and television programming.^[34] And consider how this model plays out on the privacy front:

1. Assertion of a great danger to the whole society [amorphous privacy violations], a danger to which the masses of people are oblivious.
2. An urgent need for government action [“baseline federal privacy regulation”] to avert impending catastrophe.
3. A need for government to drastically curtail the dangerous behavior of the many [anyone who shares information online], in response to the prescient conclusions of the few [a handful of privacy advocacy groups].
4. A disdainful dismissal of arguments to the contrary as either uninformed, irresponsible, or motivated by unworthy purposes [any suggestion that privacy concerns are being overblown and that most information-sharing is socially beneficial is dismissed out-of-hand].

Worse yet, regulatory intervention in these cases simply begets more and more intervention to correct the inevitable failures of, or dissatisfaction with, previous interventions.^[35] Thus, the “crisis” cycle never ends.

VI. Third-Person Effect Hypothesis as an Explanation

Something more profound than simple political elitism seems to be at work here, however. A phenomenon psychologists refer to as the “third-person effect hypothesis” can explain many calls for government intervention, especially in the media world.^[36] Simply stated, speech and privacy critics sometimes seem to only see and hear in media or communications what they want to see and hear—or what they don’t want to see or hear. When they encounter perspectives or preferences that are at odds with their own, they are more likely to be concerned about the impact of those things on others throughout society and come to believe that government must “do something” to correct those perspectives. Many people desire regulation because they think it will be good for others, not necessarily for themselves. The regulation they desire has a very specific purpose in mind: “re-tilting” speech or market behavior in their desired direction.

The third-person effect hypothesis was first formulated by W. Phillips Davison in a seminal 1983 article:

In its broadest formulation, this hypothesis predicts that people will tend to overestimate the influence that mass communications have on the attitudes and behavior of others. More specifically, individuals who are members of an audience that is exposed to a persuasive communication (whether or not this communication is intended to be persuasive) will expect the communication to have a greater effect on others than on themselves.^[37]

Davison used this hypothesis to explain how media critics on both the Left and Right seemed to simultaneously find “bias” in the same content or reports when they couldn’t possibly both be correct. In reality, their own personal preferences were biasing their ability to fairly evaluate that content. Davison’s article prompted further research by many other psychologists, social scientists, and public opinion experts to test just how powerful this phenomenon was in explaining calls for censorship and other social phenomena.^[38] In these studies, third-person effect has been shown to be the primary explanation for why many people fear—or even want to ban—various types of speech or expression, including news,^[39] misogynistic rap lyrics,^[40] television violence,^[41] video games,^[42] and pornography.^[43] In each case, the subjects surveyed expressed strong misgivings about allowing others to see or hear too much of the speech or expression in question, but greatly discounted the impact of that speech on themselves. Such studies thus reveal the strong paternalistic instinct behind proposals to regulate speech. As Davison notes:

Insofar as faith and morals are concerned… it is difficult to find a censor who will admit to having been adversely affected by the information whose dissemination is to be prohibited. Even the censor’s friends are usually safe from the pollution. It is the general public that must be protected. Or else, it is youthful members of the general public, or those with impressionable minds.^[44]

It’s easy to see how this same phenomenon is at work in debates about privacy. Regulatory advocates imagine their preferences are “correct” (right for everyone) and that the masses are being duped by external forces beyond their control or comprehension, even though the advocates themselves are somehow immune from the brain-washing and privy to some higher truth that the hoi polloi simply cannot fathom. Again, this is Sowell’s “Vision of the Anointed” at work.

Consider the flare-up in 2004 over the introduction of Gmail, Google’s free email service. At a time when Yahoo! mail (then as now the leading webmail provider) offered customers less than 10 megabytes of email storage, Gmail offered an astounding gigabyte of storage that would grow over time (now over 7 GB). Rather than charging some users for more storage or special features, Google paid for the service by showing advertisements next to each email “contextually” targeted to keywords in that email—a far more profitable form of advertising than “dumb banner” ads previously used by other webmail providers.^[45] Self-appointed (or, to extend Sowell’s framework, “self-anointed”) privacy advocates howled that Google was going to “read users’ email,” and led a crusade to ban such algorithmic contextual targeting.^[46] Thierer responded to these critics by pointing out that the service was purely voluntary and noted:

you don’t speak for me and a lot of other people in this world who will be more than happy to cut this deal with Google. So do us a favor and don’t ask the government to shut down a service just because you don’t like it. Privacy is a subjective condition and your value preferences are not representative of everyone else’s values in our diverse nation. Stop trying to coercively force your values and choices on others. We can decide these things on our own, thank you very much.^[47]

Interestingly, however, the frenzy of hysterical indignation about Gmail was followed by a collective cyber-yawn: Users increasingly understood that algorithms, not humans, were doing the “reading” and that, if they didn’t like it, they didn’t have to use it. Today, nearly 150 million of people around the world use Gmail, and it has a steadily growing share of the webmail market. Even though cyber-consumers have embraced the service, some privacy advocates persist in their effort to shut down Gmail. They appear determined to stop at nothing to impose their will on others—the essence of political elitism—even if that means cutting off free email service for 150 million people!^[48]

A similar debate has played out more recently regarding targeted online advertising in general. Advertising on search engines is, much like Gmail, targeted “contextually” based on search terms entered by users and most advertising on other websites is based on the nature of content on a site or page. But certain data is collected about users as they browse to make that advertising more effective—by measuring its performance, reducing fraud, preventing over-exposure, etc. Some privacy advocates have insisted that industry self-regulation of such practices (even if enforced by the FTC) is inadequate and have called for preemptive regulation. They are even more offended by “behavioral advertising” which allows publishers whose content would have little value as the basis for contextually targeting advertising on their own sites to compete for more highly valued advertising by showing ads to users based on other sites they’ve visited. In both cases, data collection can increase the funding available to publishers to produce more of the content and services preferred by users, thus conferring an enormous indirect benefit on users, but also directly benefits users by increasing the relevance of the advertising they see.^[49] For some of the more extreme advocates of privacy regulation, however, there are no trade-offs, only absolutist “solutions:” To them, privacy is so obviously desirable that they feel at ease in deciding what’s best for everyone else. Such absolutists often respond with righteous indignation and conspiratorial fulmination when challenged to identify the harm against which they’re protecting consumers, while disdainfully dismissing all talk of the benefits of online advertising as self-serving industry propaganda.^[50]

VII. The Principled Alternative: Trust People & Empower Them

There is an alternative to this elitist mentality: freedom and personal responsibility. Individuals should be permitted to live a life of their own, even if they sometimes make mistakes or choices that are at odds with what elites think is best for them. ^[51]

Of course, the world isn’t perfect. In an ideal world, adults would be fully empowered to tailor speech and privacy decisions to their own values and preferences. Specifically, in an ideal world, adults (and parents) would have (1) the information necessary to make informed decisions and (2) the tools and methods necessary to act upon that information. Importantly, those tools and methods would give them the ability to not only block the things they don’t like—objectionable content, annoying ads or the collection of data about them—while also finding the things they want.

Achieving that ideal is likely impossible, but the good news is that we are moving closer to it with each passing day. Citizens have more tools and methods at their disposal than ever before which enable them to make decisions for themselves and their families. And this is true for both parental controls ^[52] and privacy controls.^[53]

Of course, some speech and privacy elitists will argue that we can’t trust empowerment tools ( e.g., filters, rating systems, or other controls) that are created by companies or other affected parties. But rather than trying to enhance those tools and educate users about how to use them, these elitists skip right past user empowerment and channel their energies into regulations that would impose a top-down, one-size-fits all standard on all adults and families—or even into trying to craft the perfect “nudge” that will help users make what elites believe to be the “right” decisions. Of course, these tools can, and should, be improved. Those groups worried about speech/content and privacy issues should focus on how we might drive such protections from the bottom-up by empowering individuals instead of government bureaucrats. The goal in both cases should be a “let-a-thousand-flowers-bloom” approach, which offers diverse tools and strategies for our diverse citizenry.^[54] We need not accept “one-size-fits” all approaches, whether they be regulatory mandates or “nudges,” based on the presumption that elites know best.

Finally, it is vital not to lose sight of what’s ultimately at stake here. If regulatory approaches trump the empowerment agenda we have described, the future of a free and open Internet—indeed, as technology converges, the future of all media—is at risk.^[55] By imposing technological solutions from the top-down that can never keep pace with technological change, regulation necessarily forecloses freedom and innovation.^[56] By contrast, individual empowerment allows innovation to flourish. The better approach across the board is education, not regulation.^[57] Empowerment, not elitism, is the path forward. The digital elite should be leading this effort by developing and promoting technologies of empowerment, not crafting regulatory mandates to force their will upon us.^[58]

#

Adam Thierer is a Senior Fellow with The Progress & Freedom Foundation and the director of its Center for Digital Media Freedom. Berin Szoka  is a Senior Fellow with PFF and the Director of PFF’s Center for Internet Freedom.

[1] . William A. Henry, In Defense of Elitism (1995) at 2-3.

[2] . See Adam Thierer, The Progress & Freedom Foundation, Congress, Content Regulation, and Child Protection: The Expanding Legislative Agenda, Progress Snapshot 4.4, Feb. 2008, www.pff.org/issues-pubs/ps/2008/ps4.4childprotection.html. Like American courts, we use the term “speech” as a broad catch-all for communications, including both actual speaking as well as other forms of transmitting, as well as receiving, information (“content”).

[3] . See generally Adam Thierer, Don’t Scapegoat Media, USA Today, Dec. 4, 2008, www.pff.org/issues-pubs/ps/2008/ps4.24scapegoatmedia.html; Marjorie Heins, Not in Front of the Children, “Indecency,” Censorship, and the Innocence of Youth (2001); Karen Sternheimer, It’s Not the Media: The Truth about Pop Culture’s Influence on Children (2003); Karen Sternheimer, Kids These Days: Facts and Fictions about Today’s Youth (2006).

[4] . See Adam Thierer, The Progress & Freedom Foundation, FCC Violence Report Concludes that Parenting Doesn’t Work, PFF Blog, Apr. 26, 2007, http://blog.pff.org/archives/2007/04/fcc_violence_re.html.

[5] . See Adam Thierer, The Progress & Freedom Foundation, Sen. Rockefeller Gives Up on Parenting at Senate Violence Hearing, PFF Blog, June 26, 2007, blog.pff.org/archives/2007/06/sen_rockefeller_1.html.

[6] . Adam Thierer, Conservatives, Porn, and “Community Standards,” The Technology Liberation Front, March 2, 2009, http://techliberation.com/2009/03/02/conservatives-porn-and-community-standards.

[7] . Berin Szoka & Adam Thierer, The Progress & Freedom Foundation, Online Advertising & User Privacy: Principles to Guide the Debate, Progress Snapshot 4.19, Sept. 2008, www.pff.org/issues-pubs/ps/2008/ps4.19onlinetargeting.html.

[8] . Jeff Chester, for decades the great gadfly of American advertising, has decried “the system … developed to track each and every one of us and our behavior for one-on-one marketing efforts” as “manipulative, intrusive and un-democratic.” Wendy Melillo, Q&A: Chester Writes the Book on Privacy, Dec. 11, 2007, www.gfem.org/node/227. For instance, Chester and other leading “privacy advocates” ridicule the idea of smart phones as a “liberating technology” and insist that,

Despite the glowing words about customization and personalized service, what marketers and advertisers are increasingly offering consumers is merely the illusion of free choice. Mobile operators offer their various options and services, not on an individual basis, but preconfigured according to segmented demographic profiles.

Center for Digital Democracy and U.S. Public Interest Research Group, Complaint and Request for Inquiry and Injunctive Relief Concerning Unfair and Deceptive Mobile Marketing Practices, Jan. 13, 2009 (emphasis original), www.democraticmedia.org/files/FTCmobile_complaint0109.pdf. See generally Berin Szoka & Adam Thierer, The Progress & Freedom Foundation, Targeted Online Advertising: What’s the Harm & Where Are We Heading?, Progress on Point 16.2, Feb. 2009, www.pff.org/issues-pubs/pops/2009/pop16.2targetonlinead.pdf.

[9] . Berin Szoka & Adam Thierer, The Progress & Freedom Foundation, COPPA 2.0: The New Battle over Privacy, Age Verification, Online Safety & Free Speech, Progress on Point 16.11, May 2009, www.pff.org/issues-pubs/pops/2009/pop16.11-COPPA-and-age-verification.pdf.

[10] . The Supreme Court has used a “right to privacy” to strike down laws against the use of contraception by married couples, Griswold v Connecticut, 381 U.S. 479 (1965), and abortion, Roe v. Wade, 410 U.S. 113 (1973).

[11] . Eugene Volokh, Freedom of Speech and Information Privacy: The Troubling Implications of a Right to Stop People From Speaking About You, 52 Stanford L. Rev. 1049 (2000), available at www.pff.org/issues-pubs/pops/pop7.15freedomofspeech.pdf.

[12] . See , Amicus Brief for Association Of National Advertisers, Cato Institute, Coalition For Healthcare Communication, Pacific Legal Foundation And The Progress & Freedom Foundation In Support Of Appellants, IMS Health v. Sorrell, No. 09-1913-cv(L), 09-2056-cv(CON) (2nd Cir. 2009), available at www.pff.org/issues-pubs/filings/2009/071309-Brief-Amici-Curiae-ANA-et-al-Second-Circuit-(09-1913-cv).pdf.

[13] . See Adam Thierer, The Progress & Freedom Foundation, Social Networking and Age Verification: Many Hard Questions; No Easy Solutions, Progress on Point No. 14.5, March 2007, www.pff.org/issues-pubs/ pops/pop14.8ageverificationtranscript.pdf; www.pff.org/issues-pubs/pops/pop14.5ageverification.pdfAdam Thierer, The Progress & Freedom Foundation, Statement Regarding the Internet Safety Technical Task Force’s Final Report to the Attorneys General, Jan. 14, 2008, www.pff.org/issues-pubs/other/090114ISTTFthiererclosingstatement.pdf; Nancy Willard, Why Age and Identity Verification Will Not Work—And is a Really Bad Idea, Jan. 26, 2009, www.csriu.org/PDFs/digitalidnot.pdf; Jeff Schmidt, Online Child Safety: A Security Professional’s Take, The Guardian, Spring 2007, www.jschmidt.org/AgeVerification/Gardian_JSchmidt.pdf.

[14] . Adam Thierer, The Progress & Freedom Foundation, Mandatory Data Retention: How Much is Appropriate, PFF Blog, June 26, 2006, http://blog.pff.org/archives/2006/06/mandatory_data.html

[15] . Adam Thierer, The Progress & Freedom Foundation, The Perils of Mandatory Parental Controls and Restrictive Defaults, Progress on Point 14.4, Apr. 11, 2008, www.pff.org/issues-pubs/pops/2008/pop15.4defaultdanger.pdf.

[16] . Adam Thierer, China’s Green Dam Filter and the Threat of Rising Global Censorship, PFF Blog, June 17, 2009, http://blog.pff.org/archives/2009/06/chinas_green_dam_filter_and_threat_of_rising_globa.html

[17] . They define choice architecture as follows: “A structure designed by a choice architect(s) to improve the quality of decisions made by homo sapiens. Often invisible, choice architecture is the specific user-friendly shape of an organization’s policy or physical building when homo sapiens come into contact with it. Examples of choice architecture include a voter ballot, a procedure for handling well-meaning people who forget a deadline, or a skyscraper.” Nudge Glossary of Terms, www.nudges.org/glossary.cfm.

[18] . Lawrence Lessig, Code and Other Laws of Cyberspace (1999) at 6.

[19] . See Adam Thierer, Code, Pessimism, and the Illusion of “Perfect Control,” Cato Unbound, May 2009, www.cato-unbound.org/2009/05/08/adam-thierer/code-pessimism-and-the-illusion-of-perfect-control

[20] . See Solveig Singleton & Jim Harper, With A Grain of Salt: What Consumer Privacy Surveys Don’t Tell Us, 2001, http://papers.ssrn.com/sol3/papers.cfm?abstract_id=299930.

[21] . As Cato Institute scholar Will Wilkinson has argued, the book’s “agreeably banal doctrine of choice-preserving helpfulness” blurs the lines between paternalism and libertarianism, and thus “the thrust of the conceptual renovation behind the term libertarian paternalism is to empower, not limit, political elites.” Why Opting Out Is No “Third Way,” Reason, October 2008, www.reason.com/news/show/128916.html. See also Adam Thierer, The Progress & Freedom Foundation, Sunstein’s “Libertarian Paternalism” is Really Just Paternalism, PFF Blog, April 7, 2008, http://blog.pff.org/archives/2008/04/sunsteins_liber.html.

[22] . See Robert Corn-Revere, “’Voluntary’ Self-Regulation and the Triumph of Euphemism,” in Rationales & Rationalizations: Regulating the Electronic Media (Robert Corn-Revere, ed., 1997), at 183-208.

[23] . Telecom Policy Report, Commission Settles Indecency Charges, But At What Cost?, June 30, 2004, http://findarticles.com/p/articles/mi_m0PJR/is_25_2/ai_n6091525.

[24] . See Adam Thierer, XM-Sirius, Regulatory Blackmail, and Diversity, June 17, 2008, http://blog.pff.org/archives/2008/06/xmsirius_regula.html.

[25] . See Comments of W. Kenneth Ferree on Implementation of Sirius-XM Merger Condition, The Progress & Freedom Foundation, MB Docket No. 07-57, March 30, 2009, www.pff.org/issues-pubs/filings/2009/033009siriusXMconditionfiling.pdf.

[26] . See Szoka & Adam Thierer, supra note 8 at 3.

[27] . See id. at 2.

[28] . Thomas Sowell, The Vision of the Anointed: Self-Congratulation as a Basis for Social Policy (1995) at 5.

[29] . Alice Marwick, To Catch a Predator? The MySpace Moral Panic, First Monday, Vol. 13, No. 6-2, June 2008, www.uic.edu/htbin/cgiwrap/bin/ojs/index.php/fm/article/view/2152/1966; Wade Roush, The Moral Panic over Social Networking Sites, Technology Review, Aug. 7, 2006, www.technologyreview.com/communications/17266; Anne Collier, Why Techopanics are Bad, Net Family News, April 23, 2009, www.netfamilynews.org/2009/04/why-technopanics-are-bad.html; Adam Thierer, Parents, Kids & Policymakers in the Digital Age: Safeguarding Against ‘Techno-Panics,’ Inside ALEC, July 2009, at 16-17, www.alec.org/am/pdf/Inside_July09.pdf; Adam Thierer, Progress & Freedom Foundation, Technopanics and the Great Social Networking Scare, PFF Blog, June 10, 2008, http://techliberation.com/2008/07/10/technopanics-and-the-great-social-networking-scare.

[30] . Supra note 13.

[31] . In the 109th Congress, former Rep. Michael Fitzpatrick (R-PA) introduced the Deleting Online Predators Act (DOPA), which proposed a ban on social networking sites in public schools and libraries. DOPA passed the House of Representatives shortly thereafter by a lopsided 410-15 vote, but failed to pass the Senate. The measure was reintroduced just a few weeks into the 110th Congress by Senator Ted Stevens (R-AK), the ranking minority member and former chairman of the Senate Commerce Committee. It was section 2 of a bill that Sen. Stevens sponsored titled the “Protecting Children in the 21st Century Act” (S. 49), but was later removed from the bill. See Declan McCullagh, Chat Rooms Could Face Expulsion, CNet News.com, July 28, 2006, http://news.com.com/2100-1028_3-6099414.html?part=rss&tag=6099414&subj=news.

[32] . See Emily Steel & Julia Angwin, MySpace Receives More Pressure to Limit Children’s Access to Site, Wall Street Journal, June 23, 2006, online.wsj.com/public/article/SB115102268445288250-YRxkt0rTsyyf1QiQf2EPBYSf7iU_20070624.html; Susan Haigh, Conn. Bill Would Force MySpace Age Check, Yahoo News.com, March 7, 2007, www.msnbc.msn.com/id/17502005.

[33] . See, e.g., Letter of Henry McMaster, Attorney General, South Carolina to Attorney General Richard Blumenthal and Attorney General Roy Cooper Regarding Internet Safety Task Force (“ISTTF”) Report, January 14, 2009, www.scag.gov/newsroom/pdf/2009/internetsafetyreport.pdf

[34] . See Adam Thierer, The Progress & Freedom Foundation, Video Games and “Moral Panic,” PFF Blog, Jan. 23, 2009, http://blog.pff.org/archives/2009/01/video_games_and_moral_panic.html ; Adam Thierer, The Progress & Freedom Foundation, Fact and Fiction in the Debate over Video Game Regulation, Progress Snapshot 13.7, March 2006, www.pff.org/issues-pubs/pops/pop13.7videogames.pdf.

[35] . “All varieties of interference with the market phenomena not only fail to achieve the ends aimed at by their authors and supporters, but bring about a state of affairs which—from the point of view of their authors’ and advocates’ valuations—is less desirable than the previous state affairs which they were designed to alter. If one wants to correct their manifest unsuitableness and preposterousness by supplementing the first acts of intervention with more and more of such acts, one must go farther and farther until the market economy has been entirely destroyed and socialism has been substituted for it.” Ludwig von Mises, Human Action, at 858 (3rd ed. 1963) (1949).

[36] . See generally Adam Thierer, The Progress & Freedom Foundation, Media Myths: Making Sense of the Debate over Media Ownership (2005) at 119-123, www.pff.org/issues-pubs/books/050610mediamyths.pdf (Explaining how the third-person effect serves as a powerful explanation for the heated backlash that followed an FCC effort to moderately liberalize media ownership rules in 2003-04).

[37] . W. Phillips Davison, The Third-Person Effect in Communication, 47 Public Opinion Quarterly 1, Spring 1983, at 3.

[38] . For the best overview of third-person effect research, see Douglas M. McLeod, Benjamin H. Detenber, and William P. Eveland., Jr., Behind the Third-Person Effect: Differentiating Perceptual Processes for Self and Other, 51 Journal of Communication, Vol. 51, No. 4, 2001, at 678-695.

[39] . Vincent Price, David H. Tewksbury & Li-Ning Huang, Third-person Effects of News Coverage: Orientations Toward Media, Journalism & Mass Communications Quarterly, Vol. 74, at 525-540.

[40] . Douglas M. McLeod, William P. Eveland & Amy I. Nathanson, Support for Censorship of Violent and Misogynic Rap Lyrics: And Analysis of the Third-Person Effect, Communications Research, Vol. 24, 1997, at 153-174.

[41] . Hernando Rojas, Dhavan V. Shah, and Ronald J. Faber, For the Good of Others: Censorship and the Third-Person Effect, International Journal of Public Opinion Research, Vol. 8, 1996, at 163-186.

[42] . James D. Ivory, Addictive, But Not For Me: The Third-Person Effect and Electronic Game Players’ Views Toward the Medium’s Potential for Dependency and Addiction, University of North Carolina at Chapel Hill, School of Journalism and Mass Communication, Aug. 2002.

[43] . Albert C. Gunther, Overrating the X-rating: The Third-person Perception and Support for Censorship of Pornography, Journal of Communication, Vol. 45, No. 1, 1995, at 27-38

[44] . Supra note 37 at 14. Along these lines, a December 2004 Washington Post article documented the process by which the Parents Television Council, a vociferous censorship advocacy group, screens various television programming. One of the PTC screeners interviewed for the story talked about the societal dangers of various broadcast and cable programs she rates, but then also noted how much she personally enjoys HBO’s “The Sopranos” and “Sex and the City,” as well as ABC’s “Desperate Housewives.” Apparently, in her opinion, what’s good for the goose is not good for the gander! See Bob Thompson, Fighting Indecency, One Bleep at a Time, The Washington Post, Dec. 9, 2004, at C1, www.washingtonpost.com/wp-dyn/articles/A49907-2004Dec8.html.

[45] . See Chris Anderson, Free: The Future of a Radical Price at 112-118 (2009).

[46] . See Letter from Chris Jay Hoofnagle, Electronic Privacy Information Center, Beth Givens, Privacy Rights Clearinghouse, Pam Dixon, World Privacy Forum, to California Attorney General Lockyer, May 3, 2004, http://epic.org/privacy/gmail/agltr5.3.04.html.

[47] . See email from Adam Thierer to Declan McCullaugh on Politech Email discussion group, April 30, 2004, http://lists.jammed.com/politech/2004/04/0083.html (emphasis added).

[48] . See Complaint and Request for Injunction of the Electronic Privacy Information Center against Google, Inc., March 17, 2009, http://epic.org/privacy/cloudcomputing/google/ftc031709.pdf; see also Ryan Radia, Should the FTC Shut Down Gmail and Google Docs Because of an Already-Fixed Bug?, Technology Liberation Front Blog, March 18, 2009, http://techliberation.com/2009/03/18/should-the-ftc-shut-down-gmail-and-google-docs-because-of-an-already-fixed-bug/.

[49] . See Berin Szoka & Mark Adams, The Progress & Freedom Foundation, The Benefits of Online Advertising & the Costs of Regulation, PFF Working Paper, forthcoming.

[50] . Anti-advertising crusader Jeff Chester often resorts to questioning the motives of those who question whether his regulatory prescriptions would actually benefit consumers, see, e.g., http://techliberation.com/2009/06/17/behavioral-advertising-industry-practices-hearing-some-issues-that-need-to-be-discussed/#comment-11698840. See generally Jeff Chester, Digital Destiny: New Media and the Future of Democracy (2007).

[51] . “The only freedom which deserves the name is that of pursuing our own good in our own way, so long as we do not attempt to deprive others of theirs or impede their efforts to obtain it. Each is the proper guardian of his own health, whether bodily or mental and spiritual.” John Stuart Mill, On Liberty (Penguin Classics, 1859, 1986) at 72.

[52] . Adam Thierer, The Progress & Freedom Foundation, Parental Controls & Online Child Protection, Special Report, Version 4.0, Summer 2009, www.pff.org/parentalcontrols.

[53] . Adam Thierer, Berin Szoka & Adam Marcus, The Progress & Freedom Foundation, Privacy Solutions, PFF Blog, Ongoing Series, http://blog.pff.org/archives/ongoing_series/privacy_solutions.

[54] . Comments of Adam Thierer, The Progress & Freedom Foundation, In the Matter of Implementation of the Child Save Viewing Act; Examination of Parental Control Technologies for Video or Audio Programming; MB Docket No. 09-26, April 16, 2009, www.pff.org/issues-pubs/filings/2009/041509-%5bFCC-FILING%5d-Adam-Thierer-PFF-re-FCC-Child-Safe-Viewing-Act-NOI-(MB-09-26).pdf.

[55] . See Adam Thierer, FCC v. Fox and the Future of the First Amendment in the Information Age, Engage, Feb. 20, 2009, www.fed-soc.org/doclib/20090216_ThiererEngage101.pdf

[56] . “To act on the belief that we possess the knowledge and the power which enable us to shape the processes of society entirely to our liking, knowledge which in fact we do not possess, is likely to make us do much harm.” Friedrich von Hayek, “The Pretence of Knowledge,” in The Essence of Hayek, (Hoover Inst., 1984), at 276.

[57] . Adam Thierer, The Progress & Freedom Foundation, Two Sensible, Education-Based Legislative Approaches to Online Child safety, Progress Snapshot 3.10, Sept. 2007, www.pff.org/issues-pubs/ps/2007/ps3.10safetyeducationbills.pdf.

[58] . See, e.g., Berin Szoka, Google, CDT, Online Advertising & Preserving Persistent User Choice Across Ad Networks Through Plug-ins, Technology Liberation Front Blog, March 13, 2009, http://techliberation.com/2009/ 03/13/google-cdt-online-advertising-preserving-persistent-user-choice-across-ad-networks-through-plug-ins/.

Lori Drew was convicted late last year on charges related to her role in a cruel hoax that led to the tragic suicide of thirteen-year old Megan Meier in Missouri in 2006. But today, at her sentencing, the judge threw out her convictions. Millions around the world were horrified by Megan’s fate, and many will probably be upset that Drew might go unpunished. But we need to separate three questions in this case:

1. Should the federal anti-hacking law under which she was convicted really be applied in such cases?
2. What, precisely, was Drew’s involvement?
3. The key question: What should be done about the general problems of cyberbullying and cyberharassment?

Misuse of the Anti-Hacking Statute

Judge Wu has yet to issue his written opinion but seems to have agreed with the various experts on Internet law who argued that, however tragic the Meier case was, the Computer Fraud & Abuse Act (CFAA) should not have been applied to Drew. Most notably, the Electronic Frontier Foundation filed an Amicus Brief in support of Drew’s motion to dismiss the charges against her—summarized by Groklaw and the Harvard Journal of Law & Technology. Orin Kerr, a leading Internet law professor, felt so strongly about the consequences of using the CFAA to criminalize violations of privately written terms of service that he joined Drew’s defense team. Kerr demonstrated the problems of essentially allowing private parties to create the grounds for criminal offenses (if violated by users) by suggesting obviously ridiculous new terms of service for the Volokh Conspiracy, the group blog he writes on.

Hard as it may be for those who want to “see justice done” in this case, the CFAA just isn’t the right law to apply—which raises the question of whether new laws are needed, discussed below.

Uncertainty About Drew’s Role

The judge may also have been influenced by uncertainty as to Drew’s actual role in the case. Initial coverage of the story suggested that Drew created the fake MySpace persona of a teen boy (“Josh Evans”), then used that profile to woo Meier, a classmate of Drew’s daughter, only to deliberately—and cruelly—break her heart. After Missouri prosecutors and the FBI declined to press charges against Drew, federal prosecutors in California decided to do so, but Drew consistently maintained that it was not her idea to create the account.

When she finally went to trial, Ashley Grills, an 18-year-old friend of the Drew family, changed her story: Grills had initially claimed that creating the account was Ms. Drew’s idea, but admitted at trial that she (not Drew) created the fake “Josh Evans” account and that most of the conversations between Meier were with Grills, not Lori Drew. In particular, the final blow that seems to have driven the emotionally fragile Meier to suicide apparently came from Grils, not Drew:”You are a bad person and everybody hates you. Have a shitty rest of your life. The world would be a better place without you.”

We’ll probably never know exactly what actually happened, but it does appear that Drew was not the prime instigator behind the hoax, as she first appeared to be, but played more the role of a facilitator. Unconscionable as its for any adult, especially a parent to encourage, promote or even allow such behavior, it may not create legal liability.

Cyberbullying: What’s Next?

The real question here is how we should deal such cases more generally. Adam Thierer and I released a major study of these issues a few weeks ago: Cyberbullying Legislation: Why Education is Preferable to Regulation—which Adam recently dicussed at a Capitol Hill briefing. We distinguish among three problems that have been conflated in coverage of this issue:

1. Cyberbullying: kid-on-kid abuse online
2. Cyberharassment generally: people of all ages using the Internet to harass each other
3. Adult-on-kid cyberharassment: the Megan Meier case

Confusion of these three issues has resulted in some very inappropriate responses to the problem. Most notably, Rep. Linda Sánchez has proposed the “Megan Meier Cyberbullying Prevention Act,” which would make it a federal felony with a sentence of up to two years to transmit “any communication… with the intent to coerce, intimidate, harass, or cause substantial emotional distress to a person, using electronic means to support severe, repeated, and hostile behavior.” While Sánchez claims uses the word “cyberbullying” (Problem #1), her rhetoric (and the title of the bill) is really focused on adult-on kid cyberharassment (Problem #3). Punishing that special kind of abuse by adults of children, who are particularly vulnerable, might well be something federal law should address. But Sánchez’s bill doesn’t do that; instead, it seeks to punish all cyberharassment (Problem #2). Sánchez’s fails in several other respects to clearly define its terms and scope, thus raising serious constitutional concerns about the bill’s effect on chilling constitutionally protected free speech, as well as about the due process rights of those who might be prosecuted under the bill.

In our paper, we highlight a number of substantial changes that would need to be made to create a narrowly-tailored bill appropriate to the problem of adult-on-kid cyberharassment. But we also explain why it’s probably not possible to craft a law consistent with the Constitution to address the general issue of cyberharassment: While state laws generally apply to cyberstalking (where a threat of physical harm is made or felt), it’s profoundly difficult to distinguish between “harassment” and simple online conversations.

We do think something can and should be done about the very real problem of kid-on-kid cyberbullying (Problem #1). But rather than treat kids as felons (the Sánchez approach), lawmakers could get serious about supporting online safety education, awareness-building efforts, prevention, and intervention. Such an approach would avoid thorny constitutional problems and has recently been floated in both chambers of Congress. In mid-May, the “School and Family Education about the Internet (SAFE Internet) Act” (S. 1047) was introduced in the Senate by Sen. Robert Menendez (D-NJ) and in the House by Rep. Debbie Wasserman Schultz (D-FL). The measure proposes an Internet safety education grant program that will be administered by the Department of Justice, in concurrence with the Department of Education, and the Department of Health & Human Services. These agencies will also work in consultation with education, Internet safety, and other relevant experts to administer a five-year grant program, under which each grant will be awarded for a two-year period. Eligible non-profits may use the grants to:

(1) identify, develop, and implement Internet safety education programs, including educational technology, multimedia and interactive applications, online resources, and lesson plans; (2) provide professional training to elementary and secondary teachers, administrators, and other staff on Internet safety and new media literacy; (3) develop online-risk prevention programs for children; (4) train and support peer-driven Internet safety education initiatives; (5) coordinate and fund research initiatives that investigate online risks to children and Internet safety education; (6) develop and implement public education campaigns to promote awareness of online risks to children and Internet safety education; (7) educate parents about teaching their children how to use the Internet and new media safely, responsibly, and ethically and help parents identify and protect their children from risks relating to use of the Internet and new media

This is exactly the right approach. This bill truly deserves the name “Cyberbullying Prevention Act,” while the Sánchez bill might more accurately be called the “Cyberharassment (of all kinds) Punishment Act.” Rather than pursuing regulation through criminal sanctions that would chill protected speech, education is the better approach—something the federal government can help to support. As Adam and I conclude in our paper:

Again, real online safety and proper netiquette begin at home. We need to teach our kids to be good cyber-citizens. We shouldn’t expect the government (or even schools) to do it all for us. But to the extent government can do something constructive about this problem, it is education and awareness-building that will have the most profound, lasting results. Although more substantive penalties cannot be ruled out entirely, creating new classes of crimes to deal with this problem is unlikely to solve the scourge of cyberbullying. Clearly, based on the emerging research, the young people who are involved in cyberbullying incidents—both as perpetrators and targets—have many problems. Addressing these painfully real issues will require applying effective risk prevention and intervention strategies. Instead of promoting such education, prevention, and intervention solutions, the Sánchez bill would simply create a new federal felony to address this problem. But criminalizing kid-on-kid behavior in whatever form will likely not solve the age-old problem of kids mistreating each other. Indeed, this problem has traditionally been dealt through counseling and rehabilitation at the local level. By contrast, the federal justice system generally works through criminal penalties. If federal criminal law has a role to play, it is in punishing clear cases of harassment of minors by adults in ways that do not chill free speech protected by the First Amendment and that are consistent with the Fourteenth Amendment’s due process guarantees. Unlike the Sánchez bill, the Menendez bill is grounded in the need to implement such counseling and rehabilitation approaches in schools and communities. If members of Congress want to enact legislation that has a chance of effectively reducing truly harmful behavior—and which avoids constitutional pitfalls and subsequent court challenges—the Menendez bill provides the best avenue to accomplish that important goal at this time.

By Berin Szoka & Adam Thierer

We’ve just released a new PFF white paper (PDF) entitled, “Cyberbullying Legislation: Why Education is Preferable to Regulation.” In this 24-page study we note that, compared to previous fears about online predation, which have been greatly overblown, concerns about cyberbullying are more well-founded. Evidence suggests the cyberbullying is on the rise and that it can have profoundly damaging consequences for children.

Unsurprisingly, in the wake of a handful of high-profile cyberbullying incidents that resulted in teen/tween suicides, some state lawmakers began floating legislation to address the issue. More recently, two very different federal approaches have been proposed. One approach is focused on the creation of a new federal crime to punish cyberbullying, which would include fines and jail time for violators. In April 2008, Rep. Linda Sánchez (D-CA) introduced H.R. 1966 (originally H.R. 6123), the “Megan Meier Cyberbullying Prevention Act,” a bill that would create a new federal felony:

“Whoever transmits in interstate or foreign commerce any communication, with the intent to coerce, intimidate, harass, or cause substantial emotional distress to a person, using electronic means to support severe, repeated, and hostile behavior, shall be fined under this title or imprisoned not more than two years, or both.”

The other legislative approach is education-based and would create an Internet safety education grant program to address the issue in schools and communities. In mid-May, the “School and Family Education about the Internet (SAFE Internet) Act” (S. 1047) was introduced in the Senate by Sen. Robert Menendez (D-NJ) and in the House by Rep. Debbie Wasserman Schultz (D-FL). The measure proposes an Internet safety education grant program that will be administered by the Department of Justice, in concurrence with the Department of Education, and the Department of Health & Human Services. These agencies will also work in consultation with education, Internet safety, and other relevant experts to administer a five-year grant program, under which each grant will be awarded for a two-year period.

In our paper, we argue that criminalizing what is mostly kid-on-kid behavior—and especially creating a new federal felony, as the Sánchez bill proposes—will not likely solve the age-old problem of kids mistreating each other.  Moreover, this approach could raise thorny free speech and due process issues related to how the law defines harassing or intimidating speech. To the extent criminal sanctions are pursued as a solution, it may be preferable to allow state experimentation with varying models.

By contrast, education and awareness-based approaches have a chance of effectively reducing truly harmful behavior, especially over the long-haul. Such approaches would have the added benefit of avoiding constitutional pitfalls and subsequent court challenges. Thus, if lawmakers feel the need to address cyberbullying concerns at this time, it is clear that regulation is, at best, premature and that education is the better approach.

Our paper can be found on the PFF website or SSRN, and the Scribd version of the document is embedded down below. We welcome your comments on our conclusions.

[In a follow-up post, we will address why the criminalization approach to addressing cyberbullying raises free speech concerns and other constitutional issues.]