My most recent Forbes column is entitled, “We All Hate Advertising, But We Can’t Live Without It.” It’s my attempt to briefly (a) defend the role advertising has traditionally played in sustaining news, entertainment, and online service, and (b) discuss some possible alternatives to advertising that could be tapped if advertising starts failing us a media cross-subsidy.

What got me thinking about this issue again was the controversy over satellite video operator DISH Network offering its customers a new “Auto Hop” capability for its Hopper whole-home HD DVR system. Auto Hop will give viewers the ability to automatically skip over commercials for most recorded prime time programs shown on ABC, CBS, FOX and NBC when viewed the day after airing. It makes the viewing experience feel like the ultimate free lunch. Alas, something still must pay the bills. As innovative as that technology is, we can be certain that it will not make content consumption cost-free. We’ll just pay the price in some other way. The same is true for online services since it’s never been easier to use technology to block ads.

So, what is going to pay the bills for content as ad-skipping becomes increasingly automated and effortless? Stated differently, what are the other possible methods of picking up the tab for content creation? Here’s a rough taxonomy:

I.     CHARGES

A.     Direct Fees (Periodic billing / Pay-per-view)

B.    Indirect Charges (Tiers / Bundles / Package pricing)

II.     ADVERTISING

A.    General / Mass market ads (Billboards / Banner ads / Pop-up online ads)

B.     Targeted ads (Directed pitch)

C.     Integrated (Product placement / Payola)

D.     Sponsorship / Underwriting

III.     PHILANTHROPIC

A.     Individual  (ex: Arts & opera funding)

B.     Foundational (ex: Knight Foundation)

C.     Governmental  (ex: CPB / BBC model)

IV.     INTERNAL CROSS-SUBSIDY  (Profitable division subsidizes unprofitable / “loss leader” strategies)

There are probably other ways of subsidizing content creation, but those are the primary methods. I have no idea what combination of strategies will sustain content going forward, but I think advertising is likely to play a diminished role in the mix as it becomes increasingly easy for us to filter it out of the mix. But the content creators will just shift costs elsewhere and raise the prices for programming through direct and indirect pricing techniques. Do you like HBO’s pricing model? Pay-per-view? Paywalls? Well, it doesn’t make a difference whether you do or not because you’ll likely be seeing a lot more of those models in your life in coming years if advertising fades as a subsidization method.

Alternatively, as I also note in my Forbes piece, “we could see a lot more Texaco Star Theaters in our future, with major companies essentially owning specific shows or networks.” Such program sponsorship and content underwriting has always been with it, but it could really explode as a cross-subsidy method if traditional advertising starts failing. “But it will be challenging for every show or website to find its own corporate benefactor, and it will also raise issues about undue influence and bias,” I note in my essay.

I hope no one seriously believes that philanthropic models can fill the gaps. Even if we saw a significant uptick in voluntary charitable giving or even taxpayer support for the arts and media, there’s no way in hell it will possibly begin to cover the the bill for what advertising support covers today.

In the end, I can’t help but think how great we’ve had it when it comes to advertising. As I also noted in my essay, advertising has been “the great subsidizer of the press, entertainment, and online services” historically and benefited us tremendously even if we haven’t appreciated that fact. “It’s possible that no single industry — not newspapers nor search engines nor anything else — has done as much to advance the storehouse of accessible human knowledge in the 20th century as advertisers,” argues Washington Post columnist Ezra Klein. Klein is exactly right, yet it doesn’t really make a difference how important advertising has been to us if we fail to appreciate that fact and increasingly take steps to exclude it from our lives.

As that becomes easier and easier to accomplish, we shouldn’t bitch and whine when the bills (literally) come due for the content we all desire. As always, there is no free lunch. We’ll pay the price one way or another.

Additional Reading:

• my recent Charleston Law Review article on “Advertising, Commercial Speech & First Amendment Parity”
• Ezra Klein on the Importance of Advertising to Media
• The Hidden Benefactor: How Advertising Informs, Educates & Benefits Consumers
• There is No Free Lunch! No Advertising, No Media
• PFF’s Mega-Filing in the FCC’s “Future of Media” Proceeding

Freelance journalist Laurence Cruz was kind enough to call me recently looking for comment on whether broadband should be considered a human right. Well, actually, he probably didn’t have many options. If you do a quick search on the topic, you’ll find an endless stream of essays in favor of the proposition.  Then, somewhere in the mix, you’ll find a few dissenting rants I’ve penned here in the past. So I’m getting used to playing the baddie in this drama.

Cruz’s essay is now up over at “The Network,” which is Cisco’s technology news site. Here’s what I had to say in opposition to the proposition:

Not everyone is so ready to jump aboard this particular broadband bandwagon. “I don’t think there is any such thing as a human right to free, unlimited broadband service,” says Adam Thierer, a senior research fellow at the Mercatus Center, a market-oriented academic research institution at George Mason University in Arlington, Va. “The entitlement or rights mentality in America today is completely out of control.”

Thierer says he’s a firm believer in such fundamental human rights as freedom of speech, expression, movement and association—so-called “negative rights” that don’t require any assertion of government authority or demand payment from anybody. But he says any proposed right to broadband access is a different animal altogether—one likely to come at taxpayers’ expense and to have all manner of unintended consequences, from squelching competition to providing a poor level of service.

Thierer says the universal telephone service provided in America in the early 20th century by the original AT&T should serve as a cautionary tale against governments stepping in to provide universal broadband. He says the government-sanctioned Bell System monopoly provided mediocre telephone service to 93 percent of the U.S. population at best—whereas TV and radio hit 98 percent and 99 percent respectively, even though neither was subsidized or regulated. And what of the Bell System’s cheap prices? “We have no idea if it could have been much cheaper because competition was not allowed to develop,” Thierer says.

To clarify that last point… I’m certainly aware that broadcast TV and radio were regulated in various ways. In fact, I’ve spent a lifetime writing about it. But policymakers did not regulate broadcasting as aggressively as telephony in an attempt to achieve universal service. Indeed, “universal service” was the driving force behind communications monopolization in this country, but it had horrific consequences for consumers as I noted in my 1994 history of how communications competition was destroyed in the U.S. (See:  “Unnatural Monopoly: Critical Moments in the Development of the Bell System Monopoly.”)

But here’s the critical point: We live in a world of trade-offs and there is no free lunch. One doesn’t just mandate broadband for all and then expect there won’t be any costs — both direct and indirect. The direct cost is the cost to taxpayers or ratepayers in form of higher taxes or bills. The indirect costs usually arrive in the form of diminished competition, limited innovation, lackluster options, and the various problems associated with the regulatory capture that will ensue.

We must never forget that the best universal service policy is market competition. When we get the basic framework right — low taxes, property rights, contractual enforcement, anti-fraud standards, etc. — competition takes care of the rest.

For example, last week we learned that the number of wireless phone subscribers in the U.S. is now greater than the nation’s population: 327.6 million wireless subscriptions compared to a total population of 315.5 million people. That’s a penetration rate of nearly 104%. Of course, some of this is due to multiple subscription households. Even so, this is a rather astonishing development, and no one doubts that more Americans of every demographic group today have available to them an unprecedented array of wireless phones and plans. Prepaid plans are currently the hottest growth segment, in fact.

This amazing “universal service” story didn’t happen because of regulation or subsidies. It was vigorous competition and incessant innovation that spurred the spread of better, faster, and cheaper phones and service. We should remember that lesson next time anyone starts calling broadband–or other technological services–an inalienable human right.

Yesterday, the Federal Trade Commission (FTC) released its long-awaited proposed revisions to the Children’s Online Privacy Protection rule (the “COPPA Rule”). Below I offer a few brief thoughts on the draft document. My remarks assume a basic level of knowledge about COPPA so that I don’t have to spend pages explaining the intricacies of this complex law and regulatory regime. If you need background on the COPPA law and rule, please check out this paper by Berin Szoka and me: “COPPA 2.0: The New Battle over Privacy, Age Verification, Online Safety & Free Speech.”

Dodging the COPA / Mandatory Age Verification Bullet

The most important takeaway from yesterday’s proposal involves something the FTC chose not to do: They agency very wisely decided to ignore some requests to extend the coverage of COPPA’s regulatory provisions from children under 13 all the way up to teens up to 18.  An effort to expand COPPA’s “verifiable parental consent” requirements to all teens would have raised thorny First Amendment issues as well as a host of practical enforcement concerns.  In essence, it would have required Internet-wide age verification of children and adults in order to ensure that everyone was exactly who they claimed to be online. We already had an epic decade-long legal battle over that issue when the constitutionality of the Children’s Online Protection Act (COPA), another 1998 law sometimes confused with COPPA, was tested many times over and always found to be in violation of the First Amendment.

Regardless, the FTC didn’t go there yesterday, so this concern is off the table for now. The agency deserves credit for avoiding this constitutional thicket.

Why Eliminate “Email Plus” Verification?

The FTC proposes the elimination of the current “e-mail plus” method of obtaining veritable parental consent. Under the COPPA rule’s so-called sliding scale approach, sites:

may obtain verifiable parental consent through an email from the parent, so long as the email is coupled with an additional step.  Such additional steps have included: obtaining a postal address or telephone number from the parent and confirming the parent’s consent by letter or telephone call, or sending a delayed confirmatory email to the parent after receiving consent.  The purpose of the additional step is to provide greater assurance that the person providing consent is, in fact, the parent.  This consent method is often called “email plus.”

The FTC says that “email plus has outlived its usefulness and should no longer be a recognized approach to parental consent.” That’s crazy. A great number of sites and service that live under COPPA use this method to stay in compliance with the law. This pulls the rug out from under them and creates major short-term marketplace uncertainty.

So, why has the agency done this? It’s not really because email plus has “has outlived its usefulness,” rather, it’s because the agency believes that “continued reliance on email plus has inhibited the development of more reliable methods of obtaining verifiable parental consent.  In fact, the Commission notes that few, if any, new methods for obtaining parental consent have emerged since the sliding scale was last extended in 2006.” [p. 68]

That’s a very interesting observation. But while I agree that few new parental consent methods have been introduced over the past five years, the FTC has not offered any conclusive evidence here that the existence of “email plus” is to blame. The fact of the matter is that online verification is hard, even the parental consent variety. In a different context, banks are still just having people pump in 4-digit PINs at ATMs after a few decades of debit cards being on the market. That doesn’t necessarily mean that the PIN# approach has stifled other forms of authentication, rather, it’s still just the most simple and efficient way of doing things. The same is true of “email plus” in the COPPA context. Yet, the FTC is upending the process in the name of kickstarting innovation in the authentication space. It’s an interesting gamble, but has the agency thought through the consequences of failure?

Importantly, sites and services that cater to children have also been focusing on putting other safety procedures and practices into place during this period. It’s not like parental notification is the end of the online safety story. As I have always noted in all my work on COPPA, it is not what happens before getting in the door that counts. It is what happens after kids get inside that really counts. The FTC ignores that distinction here and just keeps insisting that we can find better ways to perfect “verifiable parental consent” mechanisms.

All this begs the question: Just what is it that the FTC is looking for that would be superior to “email plus”? For the reasons noted above, they obviously cannot force full-blown online age verification on the Internet. But does the agency want a more rigid, second-best verification system perhaps with a possible government role in the formal authentication process? They might. Read on..

So, What’s This about Bringing Government IDs Into the Process?

The FTC makes another interesting proposal on the bottom of pg. 63 when it is discussing other mechanisms for obtaining verifiable parental consent. After rejecting SMS text messages and electronic “sign and send” methods for various reasons, the agency continues on to propose the following:

The Commission also proposes allowing operators to collect a form of government issued identification – such as a driver’s license, or a segment of the parent’s social security number – from the parent, and to verify the parent’s identity by checking this identification against databases of such information, provided that the parent’s identification is deleted by the operator from its records promptly after such verification is complete.

In one sense, this isn’t at all surprising. Our government already engages in some official credentialing activities, so why not use the ones that we’ve already required to get to help out with COPPA enforcement?  How one answers that question depends on your disposition toward large government databases and the purposes to which they might be put. If you are inherently distrustful of government aggregating and cross-referencing massive amounts of data about the citizenry, the idea of using driver’s licenses and Social Security numbers for yet another thing in this world will make you a bit nervous. It certainly makes me a bit paranoid, but mostly because of what I think might come next. If the FTC gets people accustomed to the idea of using “official” forms of identification to authorize online activities, that could be a slippery slope to something far more troubling. It may just start with just driver’s licenses and the last four digits of your Social Security numbers, but that might not be where it ends. Why not throw some biometric identifiers in the mix? Let’s have kids get retinal scans as the schoolhouse door at the beginning of each school year and then make mom and dad get one too so that we can match the whole gang up next time junior wants to visit Club Penguin! [By the way, who in government collects all this info and gets to use it?]

Moreover, if the FTC is now getting rid of the “email plus” verification process and dismissing text messages and electronic “sign and send” methods as alternative, then one could argue that–at least indirectly, if not intentionally–the FTC is starting to tip the market in favor of government solutions to online credentialing.

Perhaps I’m being a bit paranoid here. But when I was serving on the Harvard Berkman Center online child safety task force a few years ago, I saw all sorts of online verification schemes pitched to us, some of which would have government requiring biometric identifiers or other types of digital tokens be utilized in an effort satisfy some amorphous online authentication requirements. I’m not saying that’s where this particular FTC is taking us, but they’re at least opening the door to more “official” government credentialing efforts in the future with this proposal.

Video Conferencing as a Verification Method? Really?

Just as an aside, I must say that I find one of the few new verification methods the FTC endorses–“having a parent connect to trained personnel via video-conference”–to be a bit surprising. (Seriously, did the lobbyists at Skype sneak this proposal in there?!)  The agency states:

The Commission agrees that now commonly-available technologies such as electronic scans and video conferencing are functionally equivalent to the written and oral methods of parental consent originally recognized by the Commission in 1999.  Therefore, the Commission proposes to recognize these two methods in the proposed Rule.

A couple of people on Twitter yesterday pointed out how unlikely it is that video conferencing could be a scalable, workable solution to obtaining verifiable parental consent. Of course, to be fair, this is not the only consent mechanism the agency is suggesting, so I suppose FTC officials would say it’s just an additional verification method from which sites can choose.

But what I have a hard time imagining is that any parent would want to sit down in front of a webcam, fire up Skype (or whatever other video conferencing service they prefer), and start a video chat with some random bloke who works for an online site or service. A lot of parents will find that annoying; potentially even a bit creepy!

More practically, smaller sites probably just don’t have the manpower or resources to make this solution work. Making people available at all hours to get on a video chat with a parent so that their kid can get on the site is just not going to be a workable verification solution for anyone except the largest online sites and services.

Do Data Deletion Requirements Foreshadow a Push for “Eraser Button” / “Right to be Forgotten”?

On pg. 78, the FTC proposes adding a new data retention and deletion provision to the COPPA regulatory regime:

The proposed provision states that operators shall retain children’s personal information for only as long as is reasonably necessary to fulfill the purpose for which the information was collected.  In addition, it states that an operator must delete such information by taking reasonable measures to protect against unauthorized access to, or use of, the information in connection with its deletion.

In one sense this is commendable. It really would be wise for more online sites and services–especially those who handle kids info–to consider purging unneeded data more frequently. It helps minimize the potential for data security breaches and other problems.

That being said, I have to wonder how this proposal plays into the emerging debate over mandatory online “eraser buttons” and what the Europeans call “the right to be forgotten.” I recently released a Mercatus Center working paper (“Kids, Privacy, Free Speech & the Internet: Finding The Right Balance”), which examined these notions in greater detail. Simply put, an Internet “eraser button” is challenged by practical realities and principled concerns. It’s unclear how to even enforce such a notion. Moreover, if it could be enforced, it would raise profound free speech issues since it is tantamount to digital censorship and specifically threatens press freedoms. And the economic costs of such a mandate — especially on smaller operators — could be quite significant. See my recent Forbes essay for a discussion of those problems.

Again, the FTC is not proposing a formal “eraser button” in its latest COPPA revision. But by pushing for additional steps to be taken on the data deletion front, the agency might encourage more congressional interest in this topic. Reps. Edward Markey (D-Mass.) and Joe Barton (R-Texas) have already included an eraser button proposal in their “Do Not Track Kids Act of 2011.” It will be interesting to see what happens next on this front.  Free speech and privacy rights are on a major collision course here if steps to encourage data deletion become formalized as law or regulatory proposals.

Conclusion

There’s much, much more in the FTC draft to consider that I’m going to hold judgment on for now. For example, plenty has already been said by others regarding the FTC’s proposal to update the definition of “personal information” to include geolocation information and certain types of persistent identifiers used for functions other than the website’s internal operations, such as tracking cookies used for behavioral advertising.  That’s going to lead to all sorts of heartburn for a wide variety of online sites and service providers. It’s also going to complicate the wireless world as geolocation services expand and become a more ubiquitous part of our mobile digital experiences. But, again, I’m going to hold off on saying more on that for now.

In closing, the broader, more important questions that need to be asked are:

• Will these new proposed amendments and expanded regulatory requirements really do anything to make kids safer or their information more secure?
• Has the FTC even attempted to conduct a rough cost-benefit analysis of these new regulations?
• Have the specific burdens these new rules might impose on smaller operators even been considered?
• Correspondingly, will expanded COPPA regulations discourage new innovations that could offer kids and parents more rewarding online experiences?
• And, finally, will the new rules have an impact on the online cost equation by forcing various sites and services to charge higher prices–or charge prices for services that were previously free?

The Commission gives some lip service to these concerns toward the end of the document when it notes on page 94:

While the Rule’s compliance obligations apply equally to all entities subject to the Rule, it is unclear whether the economic burden on small entities will be the same as or greater than the burden on other entities.  That determination would depend upon a particular entity’s compliance costs, some of which may be largely fixed for all entities (e.g., website programming) and others variable (e.g., Safe Harbor participation), and the entity’s income or profit from operation of the website itself (e.g., membership fees) or related sources (e.g., revenue from marketing to children through the site).  As explained in the Paperwork Reduction Act section, in order to comply with the rule’s requirements, website operators will require the professional skills of legal (lawyers or similar professionals) and technical (e.g., computer programmers) personnel.  As explained earlier, the Commission staff estimates that there are approximately 2,000 website or online services that would qualify as operators under the proposed Rule, and that approximately 80% of such operators would qualify as small entities under the SBA’s Small Business Size standards.  The Commission invites comment and information on these issues.

It’ll be interesting to see what sort of feedback the FTC gets on that point. What I hope the agency and others understand is that questions like these are not just about the future of online business interests. Rather, these questions cut to the core of whether the public– including children–will be served with more and better digital innovations in the future. As we’ve noted countless times before here, there is no free lunch. Regulation–even well-intentioned regulation like COPPA–is not a costless exercise. There are profound trade-offs for online content and culture that must always be considered.

Additional Resources / Reading:

• FTC press release announcing new COPPA revisions
• the new proposed amendments [122 pages]
• summary of revisions by IT Law Group
• summary of revisions by Information Law Group
• Fulbright & Jaworski- “Think the FTC’s Proposed Changes to the Children’s Online Privacy Rule Don’t Affect Your Company? Think Again!”
• analysis from Emma Llanso of CDT
• comments on proposed changes from COPPA expert Izzy Neis
• “COPPA: What happens when a generation ignores a law?” – by Robert Niles
• “How will the FTC’s new digital privacy rules impact developers?” by Jason Ankeny
• “Proposed COPPA Rules: A Mobile Perspective” – by Cooley LLP
• my recent paper on potential dangers of COPPA expansion & mandatory “eraser button”
• my paper with Berin Szoka, “COPPA 2.0: The New Battle over Privacy, Age Verification, Online Safety & Free Speech“

We’ve said it here before too may times to count: When it comes to the future of content and services — especially online or digitally-delivered content and services — there is no free lunch. Something has to pay for all that stuff and increasingly that something is advertising.  But not just any type of advertising — targeted advertising is the future. We see that again today with Skype’s announcement that it is rolling out an advertising scheme as well as in this Wall Street Journal story (“TV’s Next Wave: Tuning In to You“) about how cable and satellite TV providers are ramping up their targeted advertising efforts.

No doubt, we’ll soon hear the same old complaints and fears trotted out about these developments.  We’ll hear about how “annoying” such ads are or how “creepy” they are.  Yet, few will bother detailing what the actual harm is in being delivered more tailored or targeted commercial messages.  After all, there’s actually a benefit to receiving ads that may be of more interest to us. Much traditional advertising was quite “spammy” in that it was sent to the mass market without a care in the world about who might see or hear it. But in a diverse society, it would be optimal if the ads you saw better reflected your actual interests / tastes. And that’s a primary motivation for why so many content and service providers are turning to ad targeting techniques. As Skype noted in its announcement today: “We may use non-personally identifiable demographic data (e.g. location, gender and age) to target ads, which helps ensure that you see relevant ads. For example, if you’re in the US, we don’t want to show you ads for a product that is only available in the UK.”  Similarly, the Journal article highlights a variety of approaches that television providers are using to better tailor ads to their viewers.

Some will still claim it’s too “creepy.” But, as I noted in my recent filing to the Federal Trade Commission on its new privacy green paper:

If harm is reduced to “creepiness” or even “annoyance” and “unwanted solicitations” as some advocate, it raises the question whether the commercial Internet as we know it can continue to exist.  Such an amorphous standard leaves much to the imagination and opens the door to creative theories of harm that are sure to be exploited.  In such a regime, harm becomes highly conjectural instead of concrete. This makes credible cost-benefit analysis virtually impossible since the debate becomes purely about emotion instead of anything empirical. … Importantly, nothing in the Commission’s proceeding has thus far demonstrated that online data collection and “tracking” represent a clear harm to consumers per se, or that any “market failure” exists here. Such a showing would be difficult since using data to deliver more tailored advertising to consumers can provide important benefits to the public..

I’ve already noted one possible benefit to consumers: ads that are more relevant to them and, therefore, potentially less “annoying.” But the far more important benefits would be (1) keeping costs for content and services reasonable, and/or (2) just keeping that content flowing or those services in business. I go into more detail about both of these potential benefits in my FTC filing, but the reasoning here is pretty straightforward.  Again, advertising is the great subsidizer of the press, media, content, and online services. The reason we already have access to some much great content and so many great (and often free) online services is because of advertising.

But the market for content and services is becoming more cut-throat competitive every day. There’s simply so much stuff to choose from that both the content/service providers and the advertisers are being forced to evolve and change their business models. Locking them into to yesterday’s (or even today’s) advertising and marketing methods limits their ability to respond to competitive pressures and concoct more innovate models going forward.  Targeting will clearly be part of the mix, and if it can help companies continue to provide their content and services to the public — or, better yet, provide them at a more competitive price — then policymakers must take those potential benefits into account when considering privacy regulations, even if some feel such ads are “creepy.”  Again, it’s unclear how “creepiness” is a harm and, even if it is, it has to be stacked against the many potential benefits or more targeted forms of advertising.  There’s no guarantee those methods will succeed, of course, but they should at least be given a chance.

Again, read my FTC comments for more detail.  And let’s say it once more, with feeling: There is no free lunch!

___

Addendum: I just noticed this follow-up Wall Street Journal blog post by Jessica E. Vascellaro on “Calculating the Benefit of a Targeted TV Ads,” which concludes by noting that: “A test of targeted TV ads by Comcast in 2009 found that homes receiving targeted advertising tuned away from the commercials 32% less of the time than homes that received non-targeted ads.” Stated differently, those consumers seeing targeted ads found them 32% less “annoying”! And, again, more effective advertising means more dollars for content and services.

That also reminded me of this eMarketer article I saw last month on how “Targeting Boosts Low Facebook Click Rates.” It noted that:

Just as not all advertisers are created equal, neither are all ads. Facebook’s self-serve ad targeting platform provides marketers with a wide variety of options for narrowing down the audience for their campaigns and targeting them appropriately. And according to data from BLiNQ Media, targeting can provide a dramatic increase in ad effectiveness. Clickthrough rates for campaigns run through the company’s platform were 7.5 times higher for ads targeted with demographic characteristics or interest information gleaned from profiles than for ads that were not targeted.

Indeed, not all advertising is created equal, and more targeted forms of advertising could create more value for content creators, services providers, and consumers. If it’s given a chance, that is.

Today I filed roughly 30 pages worth of comments with the Federal Trade Commission (FTC) in its proceeding on “Protecting Consumer Privacy in an Era of Rapid Change: a Proposed Framework for Businesses and Policy Makers.” [Other comments filed in the proceeding can be found here.] Down below, I’ve attached the Table of Contents from my filing so you can see the major themes I’ve addressed, and I’ve also attached the entire document in a Scribd reader. In coming days and weeks, I’ll be expanding upon some of these themes in follow-up essays.

In my filing, I argue that while it remains impossible to predict with precision the impact a new privacy regulatory regime will have the Internet economy and digital consumers, regulation will have consequences; of that much we can be certain.  As the FTC  and other policy makers move forward with proposals to expand regulation in this regard, it is vital that the surreal “something-for-nothing” quality of current privacy debate cease. Those who criticize data collection or online advertising and call for expanded regulation should be required to provide a strict cost-benefit analysis of the restrictions they would impose upon America’s vibrant digital marketplace.

In particular, it should be clear that the debate over Do Not Track and online advertising regulation is fundamentally tied up with the future of online content, culture, and services. Thus, regulatory advocates must explain how the content and services supported currently by advertising and marketing will be sustained if current online data collection and ad targeting techniques are restricted.

The possibility of regulation also retarding vigorous marketplace competition—especially new innovations and entry—is also very real. Consequently, the Commission bears the heavy burden of explaining how such results would be consistent with its long-standing mission to protect consumer welfare and promote competition. Importantly, the “harm” that critics claim online advertising or data collection efforts gives rise to must be shown to be concrete, not merely conjectural. Too much is at stake to allow otherwise.

Finally, as it pertains to solutions for those who remain sensitive about their privacy online, education and empowerment should trump regulation. Regulation would potentially destroy innovation in this space by substituting a government-approved, “one-size-fits-all” standard for the “let-a-thousand-flowers-bloom” approach, which offers diverse tools for a diverse citizenry. Consumers can and will adapt to changing privacy norms and expectations, but the Commission should not seek to plan that evolutionary process from above.

Download my comments here or just scroll down and read them below.

Contents

I.       Introduction

II.      No Showing of Harm or Market Failure Has Been Made

1. How Do We Conduct Cost-Benefit Analysis When “Creepiness” Is the Alleged Harm?
2. Privacy Regulation & the Precautionary Principle.
3. On “Informed Consent” & Information as Currency
4. On “Commonly Accepted Practices”
5. The Mythical Harm of Consumer “Walk Aways”

III.    Privacy Regulation Is an Information Control Regime That Faces Formidable Enforcement Challenges

1. Media & Technological Convergence
2. Decentralized, Distributed Networking
3. Unprecedented Scale of Networked Communications
4. Explosion of the Overall Volume of Information
5. Unprecedented Individual Information Sharing Through User-Generation of Content and Self-Revelation of Data

IV.    The Commission’s Proposed “Do Not Track” Regime Creates Potential Risks to Consumers, Culture, Competition, and Global Competitiveness

1. Potential Direct Cost to Consumers
2. Potential Indirect Costs / Impact on Content & Culture
3. Competition & Market Structure
4. International Competitiveness
5. “Silver-Bullet” Solutions Rarely Adapt or Scale Well
6. Implications of This New Regime in Other Contexts

V.     Privacy Regulation Raises Serious Free Speech & Press Freedom Issues

VI.    Better, Less-Restrictive Solutions Exist to Privacy-Related Concerns

1. Education, Empowerment & Self-Regulation
2. Simplified” Privacy Policies, Enhanced Notice & “Privacy by Design”
3. Increased Sec. 5 Enforcement, Targeted Statutes & the Common Law

VII.  Conclusion

Comment in FTC Do Not Track Proceeding (Adam Thierer – Mercatus Center) http://d1.scribdassets.com/ScribdViewer.swf

Today the Mercatus Center has released a short new paper I have authored on “Unappreciated Benefits of Advertising and Commercial Speech.”  I begin the piece by noting that:

Federal policy makers, state legislators, and state attorneys general have recently shown interest in regulating commercial advertising and marketing. Several new regulatory initiatives are being proposed, or are already underway, that could severely curtail or restrict advertising or marketing on a variety of platforms. The consequences of these stepped-up regulatory efforts will be profound and will hurt consumer welfare both directly and indirectly.

I go on to note that “advertising can be an easy target for politicians or regulatory activist groups who make a variety of (typically unsubstantiated) claims about its negative impact on society,” but then continue on to explain how “the role of commercial speech in a free-market economy is often misunderstood or taken for granted.” I outline how, despite regulators’ concerns, consumers actually derive three important types of benefits from advertising and marketing: (1) Informational / Educational Benefits; (2) Market Choice / Pro-Competitive Benefits; and (3) Media Promotion / Cross-Subsidization.  After discussing each benefit, I conclude that:

For these reasons, a stepped-up regulatory crusade against advertising and marketing will hurt consumer welfare since it will raise prices, restrict choice, and diminish marketplace competition and innovation—both in ad-supported content and service markets, and throughout the economy at large.  Simply stated, there is no free lunch.

Read the entire 1,800-word essay here.  I have also embedded the document down below in a Scribd reader.

Unappreciated Benefits of Advertising and Commercial Speech (Adam Thierer – Mercatus Center) http://d1.scribdassets.com/ScribdViewer.swf

This morning, the Federal Trade Commission (FTC) released its eagerly-awaited Preliminary FTC Staff Report on Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers. As expected, the agency has generally endorsed an expanded regulatory regime to govern online data collection and advertising efforts in the name of protecting consumer privacy.  More specifically, the agency endorsed a so-called “Do Not Track” mechanism that would supposedly help consumers block unwanted data collection or advertising.  Here’s how the agency describes it:

Such a universal mechanism could be accomplished by legislation or potentially through robust, enforceable self-regulation.  The most practical method of providing uniform choice for online behavioral advertising would likely involve placing a setting similar to a persistent cookie on a consumer’s browser and conveying that setting to sites that the browser visits, to signal whether or not the consumer wants to be tracked or receive targeted advertisements.  To be effective, there must be an enforceable requirement that sites honor those choices. (p. 66)

I’m sure we’ll have plenty more to say here about the issue in coming weeks and months (comments on the FTC report are due by Jan. 31), but we’ve already commented on this proposal here before. See 1, 2, 3.  To briefly summarize a few of those concerns:

• Ironically, depending on how it’s implemented, a “Do Not Track” mechanism could potentially require individuals to surrender more personal information about themselves to companies or the government for purposes of authentication and enforcement of the rule.
• It would also require a re-architecting of the Internet and the potential regulation of every web browser to ensure compliance.  This will give the FTC and other lawmakers far greater control over the Internet’s architecture.
• For that reason, one can easily imagine would-be Net censors using the “Do Not Track” mechanism being used as a blueprint to regulate other types of online speech.
• One also wonders if mandatory browser controls opens up a potential new back-door for government surveillance snoops to exploit.
• Most importantly, if “Do Not Track” really did work as billed, it could fundamentally upend the unwritten quid pro quo that governs online content and services:  Consumers get lots of “free” sites, services, and content, but only if we generally agree to trade some data about ourselves and have ads served up.  After all, as we’ve noted many times before here, there is no free lunch. The cornucopia of seemingly free services and content at our fingertips didn’t just fall to Earth like manna from heaven.  Data collection and advertising made that all happen.  If we undercut this goose that lays the Internet’s golden eggs, consumers could see charges on many services that they currently pay little to nothing for.  Do you want to pay $20 a month for your favorite social networking site?  A dime per search on your preferred search engine?  Well, that’s the future that could await us if we continue down this regulatory road.

Again, more analysis to come.

Beyond the fact that the Federal Communications Commission (FCC) decided to release the executive summary of its long awaited National Broadband Plan via a PDF of a scanned printed copy, there are other reasons to be concerned about the agency’s ability to centrally plan one of the most important, fast-moving sectors of our economy.  In this video clip, I discussed some of my general reservations with the idea of a gargantuan government industrial policy for the broadband sector, and in this essay I noted how, from what we’ve see of the plan thus far [Executive Summary], the FCC appears to be engaged in some creative accounting techniques to fund the scheme.

Not everything in The Plan troubles me, however, and I hope to touch on some of the more sensible elements in a future post. But, as I was reading through it, I flagged 5 regulatory hot potatoes in the plan that threaten to derail the entire thing.  In this regard, the parallels between the National Broadband Plan and the debate over health care “reform” are really quite striking. Indeed, it appears the Administration has once again settled upon a “go for broke” (potentially quite literally!) strategy. In both cases, they appear hell-bent and trying to do it all in the form of One Big Plan. Now, I won’t lie to you; such everything-plus-the-kitchen-sink public policy gambits make me nervous based simply on the sheer scale of the undertaking. When Washington tries to regulate massive chunks of the economy using bloated bills and bureaucracies inside the Beltway, it troubles me greatly. But even if the sound of Big Government on Steroids doesn’t raise your blood pressure, one would hope that the prospect of political gridlock and litigation hell would force advocates to scale back their ambitions a tad bit. After all, what good is a plan that can never pass or be implemented?

That’s why I was rather surprised to see these 5 regulatory initiatives teed up in the National Broadband Plan:

(1) Return of the Forced Access Regulatory Nightmare? The Plan says the FCC will, “Undertake a comprehensive review of wholesale competition rules to help ensure competition in fixed and mobile broadband services.” As my friend Randy May of the Free State Foundation notes:

In plainer English, this means considering requiring that some Internet service providers unbundle and share their networks with other would-be competitors. The FCC tried that approach of “managed competition” in the late ’90s in implementing the Telecom Act of 1996. The result was not pretty. Investment was stifled. The court ultimately overturned the FCC’s mandatory sharing rules – but not before a lot of damage was done. The FCC shouldn’t even start down this road again.

Indeed, as the southern gentleman that he is, Randy is once again being far too kind in his assessment of things. Forced access regulation was a public policy fiasco of the first order. As I documented in my essay,”Will the FCC’s Nat’l Broadband Plan Be ‘Full Employment for Lawyers’?”, in the years following passage of the Telecom Act, entire forests fell because of the thousands of pages of regulatory and judicial interpretations that were handed down trying to figure out how to interpret what just one word (“cost”) meant. And the economic devastation of infrastructure socialism was substantial since it greatly retarded investment and innovation by incumbents and new “entrants” alike. But those new entrants weren’t really entering the market at all. They were just “networks built on paper,” to use Peter Huber’s wonderful phrase. Our regulators labored under the illusion that they could create the fiction of competition based upon infrastructure sharing. The problem, however, is that sharing is not competing. The only thing that you can accomplish with a forced access regime is that you can milk the regulated monopoly you create until it runs dry; you can force that network provider to share its entire network with “competitors” at regulatory wholesale rates until you basically eat all the seed stock in terms of future investment and innovation on that network. If, on the other hand, you want competitive and highly innovative facilities-based networks, then you must allow carriers to earn a fair return on their investment and be free of arbitrary network-sharing mandates like the FCC is now apparently considering once again.

Even if you disagree with everything I’ve just said about forced access regulation, you cannot deny this: If the FCC walks down this path once again, it will lead to another round of epic legal battles and will tie up The Plan in Congress, the FCC, and the courts for years to come.  That doesn’t seem like a very sensible thing to include the National Broadband Plan if you hope to incentivze new network creation and investment in the short-term.

(2) Set-top Box Regulation: The Plan says the FCC will:

Change rules to ensure a competitive and innovative video set-top box market, to be consistent with Section 629 of the Telecommunications Act. The Act says that the FCC should ensure that its rules achieve a competitive market in video “navigation devices,” or set-top boxes-the devices consumers use to access much of the video they watch today.

What this means is that the agency wants to muck around with the TV market even more in an attempt to engineer next generation set-top boxes and transmission standards. This battle has been going on for many years, actually. In particular, cable operators and some consumer electronics companies have long been engaged in heated technical disputes over set-top boxes, “digital cable ready” equipment, and “plug-and-play” interactive applications. Basically, it’s a fight about how various features or services available on video distribution networks should work. In the old days the battle was over features like electronic programming guides (EPGs), video-on-demand (VOD), pay-per-view (PPV) services, and other interactive television (ITV) capabilities. And now it’s over the Internet and access to online video services.

But here’s the question that I asked in an old paper on the topic (“Unplugging Plug-and-Play Regulation“) that I found myself asking again after I saw this mentioned in the FCC’s Broadband Plan: Why is this issue — and technical disputes about next generation hardware standards — even before the FCC? Why are regulators being asked to make technical determinations that could skew marketplace developments and innovation for years to come? Again, you won’t be surprised to hear I am skeptical of the agency’s ability to somehow micromanage next generation video standards better than marketplace experimentation would. Moreover, what the heck is the problem here? Who the hell cares about set-top boxes in a world of abundant video choices across a broad range of media devices? And, again, how is all of this going to stimulate more investment and innovation in broadband? You got me.

Again, even if you disagree with everything I’ve just said about this issue as well, ask yourself if it’s really worth putting everything else in The Plan at risk for a regulatory initiative like this.

(3) Privacy Regulation: The Plan says the FCC will:

Clarify the relationship between users and their online profiles to enable continued innovation and competition in applications and ensure consumer privacy, including the obligations of firms collecting personal information to allow consumers to know what information is being collected, consent to such collection, correct it if necessary, and control disclosure of such personal information to third parties.

Wow, who knew the FCC was suddenly a privacy regulator!  Talk about mission creep. This agency has zero experience dealing with something as complicated as online privacy policy and yet here they are embarking on a bold new regulatory project to investigate privacy regulation as part of a plan to promote broadband diffusion.

Although the description of what the FCC plans to do is pretty vague, the phrase “obligations of firms collecting personal information to… consent to such collection” sounds an awful lot like a regulatory mandate by which opt-in would be required as a restrictive default. If you want to better understand why that will be so controversial, read this testimony by Berin Szoka and this testimony by Braden Cox (both to the FCC on this issue), as well as Berin’s excellent testimony to the FTC late last year on the broader issues at stake here.

Again, why muck up The Plan with something this controversial? Makes no sense.

(4) Broadcast spectrum confiscation? The Plan says the FCC will:

Enable incentives and mechanisms to repurpose spectrum to more flexible uses. Mechanisms include incentive auctions, which allow auction proceeds to be shared in an equitable manner with current licensees as market demands change. These would benefit both spectrum holders and the American public. The public could benefit from additional spectrum for high-demand uses and from new auction revenues. Incumbents, meanwhile, could recognize a portion of the value of enabling new uses of spectrum. For example, this would allow the FCC to share auction proceeds with broadcasters who voluntarily agree to use technology to continue traditional broadcast services with less spectrum.

In my essay from earlier today, (“Will the FCC’s National Broadband Plan Really Be Costless?”), I already noted why this idea is so controversial. As I noted:

Most of the spectrum they want to grab is currently occupied by someone else. In fact, a huge chunk of that 500 megahertz would come from licensed television broadcasters, who aren’t exactly excited about getting and an eviction notice from the government. Even if one agrees with the FCC that the broadcast band is currently under-utilized, that doesn’t mean that the broadcasters should be forced to vacate it. Moreover, any attempt to force them off would result in an epic legal battle that would take years to resolve and ultimately would not likely be resolved in the government’s favor.

It’s going to take huge sums of money to get the broadcasters to vacate voluntarily. That’s just a reality. People can whine all they want about “the people owning the airwaves,” but it’s bunk that isn’t going to stand up in court. Even if you like your odds of winning a massive spectrum confiscation case, do you have any idea how long it will take to fight the legal battles to resolve that thorny question?

(5) Another M2Z Fiasco? The Plan says the FCC will:

Consider licensing a block of spectrum with a condition to offer free or low-cost service that would create affordable alternatives for consumers, reducing the burden on USF.

Oh my, didn’t the FCC learn anything from the M2Z fiasco? You will recall that former FCC Chairman Kevin Martin had his heart set on engineering a similar plan into existence, but he wanted the free wireless service to be squeaky-clean and filtered to weed out all the naughty bits. M2Z Networks had a plan to offer such a service that was slow as molasses but met the core condition of being free to the public (at least the basic, plain vanilla offering) and highly-filtered. Of course, the rather big catch was that before M2Z would give us The Net for Puritans, they wanted a big slice of juicy spectrum from the government at a greatly reduced lease rate. And Rep. Anna Eshoo (D-CA) floated a similar proposal as part of her ” Wireless Internet Nationwide for Families Act of 2008,” (H.R. 5846).

Bottom line: Rigging auctions will inevitably be hugely controversial, even if it doesn’t include a censorship component.  But, in all likelihood, any plan by the FCC to subsidize a free or low-cost service along the lines of what M2Z already proposed will generate that sort of debate about what standards should govern content on that network. After all, many taxpayers will understandably protest that they shouldn’t have to subsidize content they find objectionable. Of course, the same might be said for other broadband subsidies proposed under The Plan, but when we’re talking about a free service required to be provided as a condition of a sweetheart spectrum deal (rather than simply lowering the cost of paid services), the political pressure for censorship will be difficult to surmount. (For more details, see this old paper by Berin Szoka and me, “What’s Worse Than Rigged Auctions & Internet Censorship? How About Both in One Package!” and this new article by Matt Lasar of Ars Technica, “Free Wireless Broadband Plan is déjà vu All Over Again.”)

Conclusion

No doubt, the FCC and its janissary will claim that each of these regulatory proposals has merit and deserves consideration. But if these provisions remain in the National Broadband Plan, I think the agency is setting itself and its supporters up for a long fight and, ultimately, a very disappointing outcome.  Some might claim that fortune favors the bold and that now is not the time for incrementalism. But this broadband plan would already be quite bold even without these controversial provisions included. For me, it’s just a bit too bold since I don’t believe the government has a very good track record when it comes to building high-tech networks or gauging demand for next generation services.  But regulatory shenanigans like the 5 discussed here could sink the plan and make the whole debate moot.

After working my way through the Executive Summary of the Federal Communications Commission’s (FCC) National Broadband Plan, there are a number of things I find troubling that I will get to in a subsequent post. But here’s the thing about “The Plan” that I found most surprising — even audacious — in its arrogance: The FCC wants us to believe the whole scheme is costless. The agency bases this astonishing claim on the following assumptions:

Given the plan’s goal of freeing 500 megahertz of spectrum, future wireless auctions mean the overall plan will be revenue neutral, if not revenue positive.  The vast majority of recommendations do not require new government funding; rather, they seek to drive improvements in the government efficiency, streamline processes and encourage private activity to promote consumer welfare and national priorities. The funding requests relate to public safety, deployment to unserved areas and adoption efforts. If the spectrum auction recommendations are implemented, the plan is likely to offset the potential costs.

Let me translate: ” Pay no attention to all the bills we are racking up, because spectrum revenues shall set us free!”

Perhaps that logic works in the reality-free zone we call the Beltway, but back in the real world this simply doesn’t add up. Regardless of how well-intentioned any of these goals and proposals may be, it should be equally clear that there is no free lunch, even with spectrum auction proceeds fueling the high-tech gravy train. The proposals and programs the FCC sets forth will impose serious economic costs that shouldn’t be so casually dismissed, especially using the weak reasoning that “improvements in the government efficiency” will magically manifest themselves thanks to massive new government intervention in the field. (If you think you’ve heard this one before, you have. See: The current health care debate.)

Moreover, if everything really does hang on the promise of spectrum auction revenues covering the broadband spending binge, well, bad news: The agency is never going to bring in enough to cover what they’ve proposed here. The reason is simple: Most of the spectrum they want to grab is currently occupied by someone else! In fact, a huge chunk of that 500 megahertz would come from licensed television broadcasters, who aren’t exactly excited about getting and an eviction notice from the government. Even if one agrees with the FCC that the broadcast band is currently under-utilized, that doesn’t mean that the broadcasters should be forced to vacate it. Moreover, any attempt to force them off would result in an epic legal battle that would take years to resolve and ultimately would not likely be resolved in the government’s favor.

Of course, the folks at the FCC aren’t completely oblivious to these political realities. They know that they need to get the broadcasters to come to the bargaining table voluntarily to hammer out a deal.  But, as Barbara Esbin and I noted in our paper on this issue, there is one thing that will incentivze broadcasters to come to that table and talk turkey: Cold hard cash—and lots of it.  The FCC even admits as much when they note in the plan, “Mechanisms [for encouraging spectrum reallocation] include incentive auctions, which allow auction proceeds to be shared in an equitable manner with current licensees.”

But therein lies the folly of the FCC’s “broadband free lunch” scheme. They’re never going to be able to make both their masters happy. Both Congress and the broadcasters will want the spectrum auction revenue split to be something like 70-30 or 80-20, but both will demand the bigger slice of the pie. Thus, to get the broadcasters to the bargaining table, the FCC must make them a deal they can’t refuse. And that means that the spectrum auction revenues the agency predicts will cover all the costs of the National Broadband Plan will get eaten up by buyout checks for broadcasters. Finally, whatever proceeds are left after buying out the broadcasters will likely get thrown at a million other unfunded spending initiatives that Congress prefers over broadband.

So, something’s gotta give. There really is no free lunch.  Just like health care “reform,”  this FCC broadband plan will be anything but costless.

Details are starting to trickle out about the Federal Communications Commission’s (FCC) National Broadband Plan, which is due out tomorrow. Someone just posted the Executive Summary here. I haven’t had a chance to go through it all yet, but I’m looking forward to learning more about what the agency’s plans are on this front.

On Friday (again, before seeing any details), I offered some fairly mushy comments about the idea of national “plan” to the gang over at the excellent new site, FiveQsOnTech.com.  The site has a great format: Five questions on technology and policy asked and answered (usually on tape) by technology policy wonks. I’m honored to be among the first couple of experts featured on the site, along with Markham Erickson of the Open Internet Coalition and Rob Atkinson of ITIF.

In the first 3 minutes of this second of the two videos I appear in, I offered some thoughts about “The Plan”:

As we’ve noted here before in our ongoing series on “Problems in Public Utility Paradise,” municipal wi-fi experiments and local government fiber investments don’t have a very impressive track record. The Philadelphia experiment, which I have discussed here before many times, has been particularly instructive.  As Dan P. Lee documented in this spectacular Philadelphia magazine article last year, the city’s subsidized wi-fi system, Wireless Philadelphia, was a political and technical fiasco of the highest order right from the start. It unraveled fairly quickly after its 2005 launch and now, according to The Philadelphia Business Journal:

The city of Philadelphia said Wednesday it intends to purchase, for $2 million, the wireless network constructed by EarthLink Inc. to turn the entire city into a Wifi hotspot. The city said it intends to exercise an option in an agreement signed in August to buy the network from Network Acquisition Co. LLC, which took the network over from Atlanta-based EarthLink in June 2008. The city said the purchase will be the first in a series of steps to create a wireless network it will use to enhance public safety, improve government efficiency and provide Internet access in targeted public places. The city said creating that network will require it to spend nearly $17 million over its 2011 through 2015 fiscal years. The money would go to building out both the core fiber network it already owns and the wireless mesh network it intends to purchase from Network Acquisition Co…

In other words, taxpayers are stuck picking up the tab for this failed experiment and now have to hope that the city can somehow manage it into profitability. Well, good luck with that.  Even Karl Bode of Broadband Reports, someone who usually has nothing but nice things to say about Big Government high-tech projects and regulation, is forced to admit that the script for muni wi-fi paradise didn’t quite play out as expected:

Network Acquisition Corporation purchased the network from Earthlink back in 2008, when Earthlink bailed (and we really mean bailed) on their muni-fi ambitions. The buyers briefly tinkered with free access and claimed they’d expand the network, but ultimately wound up being only a stepping stone between Earthlink and Philadelphia control. Philadelphia’s use of Wi-Fi as a municipal efficiency and communications tool is a growing trend among cities, many of which found that broad, free Wi-Fi for all simply wasn’t sustainable.

Do you mean to say that there is no such thing as a free lunch?  I am shocked, shocked!  Well, actually, I’m not. Because back in 2005, I wrote a white paper entitled “Risky Business: Philadelphia’s Plan for Providing Wi-Fi Service,” and it began with the following question: “Should taxpayers finance government entry into an increasingly competitive, but technologically volatile, business market?”  In the report, I highlighted the significant risks involved here in light of how rapidly broadband technology and the marketplace was evolving. Moreover, I pointed to the dismal track record of previous municipal experiments in this field, which almost without exception ended in failure. I went on to argue:

Keeping these facts in mind, it hardly makes sense for municipal governments to assume the significant risks involved in becoming a player in the broadband marketplace. Even an investment in wi-fi along the lines of what Philadelphia is proposing, is a risky roll of the dice. [… ]  the nagging “problem” of technological change is especially acute for municipal entities operating in a dynamic marketplace like broadband. Their unwillingness or inability to adapt to technological change could leave their communities with rapidly outmoded networks, and leave taxpayers footing the bill.

I got a stunning amount of hate mail and cranky calls from people after I released this paper.  Everyone accused me of being a sock puppet for incumbent broadband providers or just not understanding the importance of the endeavor.  But as I told everyone at the time, I wasn’t out to block Philadelphia from conducting this experiment, I just didn’t think it had any chance of being successful.  And, again, I tried to point out what a shame it would be if taxpayers were somehow stuck picking up the tab.

And now that is what has happened.  Folks, I am not above saying it… I told you so!   Anybody want to place bets on how much this will cost Philly taxpayers before all is said and done?

At the rate they are going, it would be cheaper for the city to just give everyone a voucher to go buy service from a private broadband provider. It would make a lot more sense, and spur more real competition and investment.

I’ve spent a lot of time here deconstructing and criticizing the proposals set forth by the Free Press, the radical media “reformista” group founded by the prolific Marxist media theorist Robert McChesney.  I have been trying to shine more light on their proposals and activities because I believe they are antithetical to freedom of speech and a free society.  That’s because, as media scholar Ben Compaine has noted, “What the hard core reformistas really want, it seems, is not diversity or an open debate but a media that promotes their own vision of society and the world.”  That’s exactly right and, more specifically, as I argued in my 2005 Media Myths book, the media reformistas want to impose this control by taking the fantasy that “the public owns the [broadcast] airwaves” and extending it to ALL media platforms and outlets.  In other words, McChesney and the Free Press want an UnFree Press.  To cast things in neo-Marxist terms that they could appreciate, they want to take control of the information means of production.  And it begins, McChesney argues, by all of us having to give up this “sort of religious attachment to the idea of a ‘free-press'” from which we all suffer.

Some people accuse me of “red-baiting” or “McCarthyite” tactics when I use the “M-word” (Marxism) or the “S-Word” (socialism) to describe McChesney, the Free Press, and the movement they have spawned.  But these are labels with real meaning and ones that McChesney himself embraces in his work. In his 1999 book Rich Media, Poor Media, he says that “Media reform cannot win without widespread support and such support needs to be organized as part of a broad anti-corporate, pro-democracy movement.” He casts everything in “social justice” terms and speaks of the need “to rip the veil off [corporate] power, and to work so that social decision making and power may be made as enlightened and as egalitarian as possible.”  What exactly would all that mean in practice for media? In his 2002 book Our Media, Not Theirs: The Democratic Struggle against Corporate Media with John Nichols of The Nation, McChesney argues that media reform efforts must begin with “the need to promote an understanding of the urgency to assert public control over the media.” They go on to state that, “Our claim is simply that the media system produces vastly less of quality than it would if corporate and commercial pressures were lessened.”

If you want additional proof of his intentions, then I encourage you to read this lengthy interview with McChesney that appears in the new edition of The Bullet, an online newsletter produced by the Canada-based “Socialist Project.”  (If you ask me, there’s something strangely appropriate about a socialist newsletter named “The Bullet” in light of the millions of people who died while living under socialist tyranny!)  Anyway, let’s ignore that and focus on what neo-Marxist media reform entails according to McChesney.  Because never before has he laid his cards on the table as clearly as he does in this interview.

The “Struggle” for “Media Democracy”

In the interview, as in all his work, McChesney speaks repeatedly about the Marxist concept of “struggles,” which  usually refers to class struggles and worker struggles. But McChesney’s work focuses on “media democracy struggles” as part of an overall struggle for “social justice.”  He says:

Instead of waiting for the revolution to happen, we learned that unless you make significant changes in the media, it will be vastly more difficult to have a revolution. While the media is not the single most important issue in the world, it is one of the core issues that any successful Left project needs to integrate into its strategic program.

In other words, media reform is part of The Big Struggle. The Big Struggle is the effort to overthrow free-market capitalism. And the struggle for “media democracy” is crucial to that, you see, because we are all just pawns whose minds are being manipulated by some far-off corporate puppet-masters in New York and L.A., who are, of course, just feeding us nothing but pro-capitalist propaganda 24/7.  Thus, we have to burn the village to save it, McChesney says:

Many say that corporate journalism, based on profit maximization, best serves a free and democratic society. The position is incorrect. The connection of capitalism to journalism, which has always been fraught with problems, has always been unstable. The relationship between capitalism, journalism, and democracy has never been a sure thing. In the U.S, the notion that capitalism is the natural steward of journalism and should be left alone to provide for a free and self-governing society refers to a period that began during the 19th century. This period ended when owners realized they could make a lot of money by turning journalism into big business. Corporations are not in a position to generate and pay for quality journalism. The news is not a commercial product. It is a public good, necessary for a self-governing society.

In other words, down with private media!  McChesney basically declares that the entire history of private media in America to be one gigantic case of market failure and must be abandoned.

Subsidies to “Save Journalism”

But what’s going to replace private media once McChesney and his media reformistas have moved the regulatory wrecking ball in?  In a nutshell, he wants massive state subsidization of the media:

Once we accept this [the supposed “public goods” nature of all media], we can talk about the kind of media policies and subsidies we want. What are the best ones? How should they be implemented? We are now trying to answer those questions and organize around them.

Herein lies one of the great ironies of McChesney’s work: He spends a great deal of time arguing that the entire history of American media has basically been one big government-created construct (monopolies, entry barriers, subsidies, etc), only to turn around and advocate massive state intervention and subsidies as a solution!  McChesney plays revisionist historian and even tries to paint Jefferson and Madison as media socialists because postal rates from the founding period on down have been reduced for print media mailings. Somehow, McChesney reads this to mean that “the U.S. state has always played a direct and indirect role in facilitating and legitimizing the corporate media system.”  Which is rubbish. The idea that postal subsidies have created “the corporate media system” is preposterous. McChesney is on stronger ground in arguing the state has occasionally helped foster and then protect monopolies, but that is a function of the very “public utility” regulatory regime that McChesney favors! [More on this point down below.]

Meanwhile, in true Rahm Emanual-ian “you-never-want-a-crisis-to-go-to-waste” fashion, the Free Press has started a new project to “Save the News” and move America “Toward a National Journalism Strategy” by endorsing a lot of the same regulations, subsidies, and tax credits that McChesney and John Nichols recently advocated in their Nation magazine essay, “The Death and Life of Great American Newspapers.” As I noted in my City Journal response to that essay back in March, you can file this all under “socializing media in order to save it,” complete with Soviet-style 5-year plans dictated by some faceless elite inside a Beltway bureaucracy. Oh, and there’s the little matter of $60 billion price tag that taxpayers will be left footing.  (But hey, what’s another $60 billion these days?)  Even Free Press favorite Dan Rather is on board with his plan to have President Obama give us “The News America Needs” by “form[ing] a commission to address the perilous state of America’s news media.”  Perhaps once the car commission folks get done driving the U.S. auto industry into the ground they can shift gears, so to speak, and see what they can do to steer journalism onto a supposedly better path.

Down with Advertising

If McChesney and Free Press don’t succeed in destroying private media with their regulatory plans, there’s always Plan B… bleed free market media operators and Internet companies dry by taking away their mother’s milk, advertising.  McChesney argues that “the Internet is increasingly hyper-commercialized” and it is “open[ing] our entire lives to 24/7 injections of advertising messages.”  Thus, wouldn’t you know it, yet another “struggle” is in order!

We need to organize against hyper-commercialism. This is an easy-sell for the Left. We understand that advertising is not something done by all people equally, but rather, done by a very small group of people working on behalf of multinational corporations. Advertising is commercial propaganda…  Advertising is the voice of capital. We need to do whatever we can to limit capitalist propaganda, regulate it, minimize it, and perhaps even eliminate it. The fight against hyper-commercialism becomes especially pronounced in the era of digital communications.  […] There is a fundamental crisis when you are in a world that is entirely commercial, in terms of the integrity of speech and thought. We are at the tipping point and we need to struggle directly against it.

Struggle, struggle, struggle!

Of course, McChesney will have plenty of allies in this particular struggle as Washington continues to wage a war against advertising of all sorts. Of course, there really is no free lunch in this world and something will have to pay for serious news-gathering (and entertainment, for that matter). Of course, McChesney and his Free Press allies will, no doubt, respond that still more subsidies are in order!  There is, apparently, always someone else in their world to whom the buck can be passed.  [But I wonder: Who would be left to pay all the taxes needed to support public media if McChesney’s “struggle” to overthrow The Man succeeds??]

Net neutrality & Infrastructure Nationalization

And don’t for one minute think that McChesney and Free Press are only out for the old media operators.  They’re out for private broadband and Internet players as well.

When speaking about the centrality of Net neutrality regulation to this “struggle” and coming “revolution,” McChesney does a nice job reminding some of us why we have been so concerned about politicizing a debate over network engineering when he says: “What we want to have in the U.S. and in every society is an Internet that is not private property, but a public utility.”  Ah yes, because public utilities have been soooo efficient and innovative in other contexts!  Please.

In advocating increased regulation or state-ownership of communications networks or broadband companies and connections, McChesney seems utterly oblivious to the fact that the very state power he advocates on one hand is the same state power that private parties can corrupt on the other.  He says, for example, that “Our struggle to make the Internet into a public utility conflicts with the interests of telephone and cable firms,” because “Their power rests upon their ability to successfully buy off politicians.”  How does he not see the contradiction?  He’s certainly right to fear that public officials can be co-opted by private interests. (Read up on your public choice theory, buddy!)  But I suppose McChesney believes that his perfect socialist state will be immune to these pressures because it will be run by enlightened, public-minded philosopher kings… you know… like himself.  But that’s nonsense.  See my old essay on the fantasy of “Building a Better Bureaucrat” or Tim Lee’s old essay on “Real Regulators” for more details on why it never works out that way in practice. Or, better yet, since I know he would never read anything I penned on the subject, I encourage McChesney to take a hard look at the definitive 2-volume Economics of Regulation by a far more experienced progressive Democrat, Professor Alfred E. Kahn. In Kahn’s masterwork, you will find the following words of wisdom (and caution) from someone who spent a lifetime studying these issues:

When a commission is responsible for the performance of an industry, it is under never completely escapable pressure to protect the health of the companies it regulates, to assure a desirable performance by relying on those monopolistic chosen instruments and its own controls rather than on the unplanned and unplannable forces of competition. […] Responsible for the continued provision and improvement of service, [the regulatory commission] comes increasingly and understandably to identify the interest of the public with that of the existing companies on whom it must rely to deliver goods.

McChesney makes one final point about Net neutrality that is worth highlighting. When asked whether he had any reservations about making short-term alliances with new media companies or Internet operators such as Google, eBay, Amazon, and Microsoft in the push for Net neutrality regulations, McChesney says: “Absolutely.. But I’ve learned, by participating in over a decade of specific media struggles, that when you are in the short-term and you are fighting to win, sometimes you make tactical alliances.” Nonetheless, he notes, ” the ultimate goal is to get rid of the media capitalists in the phone and cable companies and to divest them from control.” And, so, the ends justify the means in terms of striking short-term alliances with those evil, blood-sucking capitalists.  I hope the folks at Google, eBay, Amazon, and Microsoft are reading McChesney’s radical thinking on communications policy and realize that he and his Free Press reformistas will eventually turn their sights on them just as soon as they are finished socializing the infrastructure layer of the Internet.

Conclusion: Against Media Tyranny

In a very strange sense, I admire Robert McChesney.  He is a man of principle.  And he isn’t ashamed to advocate his principles publicly (whereas some of his Free Press disciples do a very nice job disguising their true intentions).

That being said, McChesney’s principles are dangerous ones. Very dangerous.  They are antithetical to a free society, freedom of speech, and technological progress.  At its core, as I noted in my old essay, “Your Soapbox is My Soapbox,” the repugnant morality behind this “media access” movement is that nothing is truly yours.  “Media democracy” means everything is up for grabs.  Here’s how I put it in that old “soapbox” essay:

Imagine you built a platform in your backyard for the purpose of informing or entertaining your friends of neighbors. Now further imagine that you are actually fairly good at what you do and manage to attract and retain a large audience. Then one day, a few hecklers come to hear you speak on your platform. They shout about how it’s unfair that you have attracted so many people to hear you speak on your soapbox and they demand access to your platform for a certain amount of time each day. They rationalize this by arguing that it is THEIR rights as listeners that are really important, not YOUR rights as a speaker or the owner of the soapbox. That sort of scenario could never happen in America, right? Sadly, it’s been the way media law has operated for several decades in this country. This twisted “media access” philosophy has been employed by federal lawmakers and numerous special interest groups to justify extensive and massively unjust regime of media regulation and speech redistributionism. And it’s still at work today.

Indeed, McChesney has taken this old “media access” movement that Jerome Barron, Owen Fiss, Cass Sunstein and others pioneered long ago, and advanced it to a whole new level, and to its logical conclusion.  The aim is not just to co-opt someone else’s soapbox; it is to smash their soapbox into pieces. It is to tear the very fabric of the First Amendment into shreds and rebuild “media democracy” around the principles not of true freedom, but of state servitude.  You only have as much freedom to engage in speech, reporting, or entertaining as your media overlords will allow.  And God help you if any of it proves popular because then they will really want to crush you like an ant!

I’ll close this rant the same way I concluded my earlier “soapbox” rant:

This arrogant, elitist, anti-property, anti-freedom ethic is what drives the media access movement and makes it so morally repugnant. Freedom doesn’t begin by fettering the press with more chains, it begins by removing those that already exist and then erecting a firm wall between State and Press. The media access crowd has succeeded in breaching that wall with seven decades of misguided and unjust regulation of the press. The movement back toward a truly free press begins by understanding the error in their thinking, rejecting that reasoning, and then embracing, once again, the original vision of the First Amendment as a bulwark against government control of speech and the press.

The advocates of regulation pay lip service to the importance of advertising in funding online content and services but don’t seem to understand that this quid pro quo is a fragile one:  Tipping the balance, even slightly, could have major consequences for continued online creativity and innovation.

Who is this handsome young man and why does he have “Mr. Yogato Stamped Me!!!” on his forehead? More importantly, why does he look so darn happy?

Flashback: Earlier this week, my partner Michael (pictured) and I visited Mr. Yogato, a frozen yogurt shop in Washington’s Dupont Circle neighborhood which describes itself as “the FUNNEST yogurt experience you’ll ever have.”

Apart from serving exceptionally tasty frozen yogurt and letting customers play a vintage Nintendo, Mr. Yogato is famous for the eight “Rules of Yogato,” which offer discounts if users achieve certain feats, including:

• Answering devilishly difficult trivia (10% off—or extra if you fail)
• Reciting the Stirling battlefield speech from Braveheart in a great Scottish accent (20% off)

But the best discount, which Michael does every time (unless I’m there to help identify, say, countries that end in ‘L’), is offered for wearing the Yogato stamp on your forehead. Being stamped is, of course, almost as much fun as singing along to “Mr. Roboto” if you’re lucky enough to hear that played while you’re in the shop (10% off).  But the real fun is in engaging passersby on the street about the icy-sweet joys of Yogato. It’s also, of course, probably the most effective advertising Mr. Yogato could ever want.

So, the next time you hear Adam Thierer and I talk about the benefits of advertising, especially online, just remember that while there is no free lunch (nor free frozen yogurt), there is discounted frozen yogurt.  It’s a simple, obvious quid pro quo:  10% off in exchange for spreading the Gospel of Yogato.

The most obvious example of a  quid pro quos is the use of discount cards in grocery stores: Users receive discounts in exchange for having their purchases tracked, which allows advertisers to target advertising to them and the grocery store to better manage its inventory. Online, Microsoft’s Live search engine (now Bing) pioneered the use of rewarding users with “cashback” for purchases made through the search engine.

But the more significant quid pro quo online is indirect: users receive “free” content and services in exchange for seeing advertising and sharing data about their browsing habits, which makes advertising significantly better targeted, more effective for advertisers and therefore more profitable for online content publishers and service providers. As Adam and I noted in response to the FTC’s recently-released self-regulatory guidelines for “behavioral advertising” (now likely to be superseded by pre-emptive “privacy” legislation):

The advocates of regulation pay lip service to the importance of advertising in funding online content and services but don’t seem to understand that this quid pro quo is a fragile one: Tipping the balance, even slightly, could have major consequences for continued online creativity and innovation. [FTC] Commission Harbour talks about companies competing on privacy as a “non-price dimension”-and that is clearly a positive thing. In traditional economics, there are three primary variables that are considered when discussing industry competition and efforts to regulate market structures: price, quantity, and quality. But in the context of the Internet, where digital economics have relentlessly driven prices down to zero, and where advertising support has become the only viable business model for most providers of content and services, the price variable has largely been removed from the picture. This means-unless industry could somehow find a way to make pay-per-use, pay-per-view, or subscription-based models work in the future-that regulation of online advertising would have its most dramatic impact on the quantity and quality of content and services provided. Depending on how regulation is structured, therefore, it is possible that new privacy mandates would severely curtail the overall quantity of content and services offered-and greatly limit the ability of new providers to enter the market with innovative offerings. Alternatively, or perhaps additionally, companies would change the character of their offerings and water-down sophisticated services that cater to consumer demand; in other words, the quality of service would deteriorate. Bottom line: Something must give because there is no free lunch. Regulation is a giant game of economic whack-a-mole: Attempting to control one of the primary variables of price, quantity, or quality inevitably results in non-optimal adjustments in the other two variables. The absence of price as a variable in this context means there is one less variable for the government to control in the first place. Simply stated, stifling the evolution of the online advertising marketplace will likely result in fewer free online services and less content, less high-quality online services and content, or some combination of both…. Apart from a hardcore fringe who embrace the Marxist dogma that advertising is inherently deceptive and wasteful, most participants in this debate at least pay lip service to the economic importance of online advertising. One might therefore be lulled into a false sense of complacency that “sensible” regulation (or government-led co-regulation) would surely avoid crippling this dynamo. This widespread assumption calls to mind the famous quip of Chris Patten, last British Governor of Hong Kong, who paraphrased those who dismissed his concerns about the potentially negative effects of a Chinese take-over of the British colony in 1997, as follows: “It is unimaginable that the Chinese would kill such a goose.” To this, Patten responded, “Yet we wouldn’t need the metaphor of golden eggs and geese if history weren’t full of dead geese.” The dangers of regulation to the health of the Internet are real, but the ease with which government could disrupt the economic motor of the Internet (advertising) is not widely understood-and therein lies the true danger in this debate.

I think Mr. Yogato would understand this. Let’s hope Chairman Boucher and the folks on the Hill who seem to be so adamant about regulation do, too.

Adam Thierer and I have been trying to drive home a simple message in the ongoing debate about targeted online advertising and privacy:  “There is no Free Lunch!”  We don’t have a lot of friends in this debate, since nearly everyone else seems to assume that online content and services will just continue to fall like manna from heaven if politicians strangle advertising online.  So I was particularly heartened to read the following from Shelly Palmer:

This is the most serious question facing content producers today. Content costs money to produce. Third-party advertising/sponsor support is one model, promoting your own products is another, subscription is a third. At the end of the day, there are only three ways it works: I pay, you pay or someone else pays. Unfortunately, there is no business model called “no one pays.” In the case of MediaBytes, the model is “I pay.” It works for me as stated above. But, apparently, a fairly large number of people in my audience are uninterested in seeing even relevant product offerings. Is advertising over? If so, what’s next?

Amen! Shelly hosts a daily Internet talk show on technology and media called MediaBytes.  He  recently tried inserting a short ad at the beginning of the show to cover the significant costs of production:

The show is produced every business day and requires a research staff, a writer (me), an editor, an encoding/distribution manager and an affiliate relations staff. The reason for the production overview is that, this particular two-minutes may look like a talking head combined with some graphics and clips, but the work flow for any given show takes approximately 6 hour and all of the people involved in the production are on salary here at Advanced Media Ventures Group. And, for the record, MediaBytes, and the associated production materials, takes up approximately 25% of my day.

Unfortunately, Shelly’s audience seemed to feel entitled to receive the fruit of his hard work for free—without suffering the  agony of watching… horror of horrors: advertising!.

To my absolute astonishment, I have received dozens of emails, several txt messages and a couple of direct tweets telling me that the :11 seconds of commercial messaging “cheapens” MediaBytes. Several of my core viewers told me that putting a commercial for my own stuff in MediaBytes takes away from my credibility and makes me a huckster, etc. All of the writings were thoughtful and all were vicious in their certitude that MediaBytes should contain no advertising. Now every bit of data I have ever seen on the subject says that a short, well-scripted pre-roll is the best form of message management for online content. My core audience obviously disagrees. So, I’ll put it to you. I want to sell my training courses to my audience as a way to offset/subsidize the cost of creating MediaBytes. I don’t want to charge a subscription fee, I don’t want to expose my audience to third party advertising that may be extremely irrelevant to them. I want to sell the online training, DVD’s, books, etc. that I create and produce. You know how many different deliverables we create each day, the advertising has to work as video and audio, so it must be written like “radio with pictures.” What would you do? How would you offer these products? And,  if you really don’t want to see any advertising in the body of MediaBytes, how do you suggest paying for the creation, production and distribution of the content?

Well, what say ye, o wise and noble “consumer advocates” who yearn to save us from the indignity of having “Free!” ad-supported content and services foisted on us?  Why should Shelly have to choose between slaving away for free, and just deciding to “take his ball and go home?”  Why should Shelly’s viewers get something for nothing?

Internet policy Shame Artist extraordinaire Chris Soghoian has struck again! Chris recently shamed the online advertising industry into improving their privacy practices with his Targeted Advertising Cookie Opt-Out (TACO) plug-in for Firefox. Now Chris has set his sight on the security practices of cloud service providers.

A letter released this morning, signed by 37 leading online security experts (and organized by Chris), calls on Google to offer persistent SSL (HTTPS) encryption by default for all Google services—or at the very least, to make more visible the option currently given to users to opt-in to use SSL for all communications. Google, in its response, indicated that it was already “looking into whether it would make sense to turn on HTTPS as the default for all Gmail users.”

While Google’s response identifies some clear problems with implementing persistent SSL for all users (esp. connection speed), few would deny that it makes sense for webmail providers to encrypt all traffic using SSL, rather than sending email data “in the clear,” which risks interception by hackers. We at PFF hold no brief for Google, in fact we have found ourselves disagreeing with them on many other occasions on a range of issues (most notably net neutrality mandates). Nonetheless, on this front, Google has long been a leader, having offered SSL since Gmail launched and having begun providing the persistent HTTPS option last summer while most of their competitors still use SSL only for the initial authentication that occurs when a user first signs in. While the letter focuses on Google and webmail in particular, this issue has far broader implications for all online cloud service providers.

No Free Lunch: The Costs of Encryption Gmail, Yahoo! Mail, Hotmail, etc. are, of course, “free” ( i.e., ad-supported). Google in particular has lead the way in increasing the functionality offered in Gmail, not just constantly increasing the total storage space provided to every user (now over 7GB), but regularly adding innovative new features—at no charge to users.

Offering persistent SSL is resource-intensive, because encryption requires computing power on the server side. Google currently spends billions on the servers that run all Google’s services, including Gmail — $2.4 billion back in 2007, when the company was much smaller. Google’s pricing for their App Engine offers some insight into cost, putting a cost of $0.10/CPU computing cycle. But without knowing what their actual cost is or how many CPU computing cycles the average Gmail user might consume per year using persistent SSL, it’s difficult to translate this price into an actual estimate of the cost of providing persistent SSL. Thus, while there are no hard numbers on how much Gmail costs Google to provide or how much more it would cost to provide persistent SSL for every user by default, both costs are clearly substantial. Chris himself provides a shot-in-the-dark guess that SSL-encrypted communications might require as much as six times the server resources as unencrypted communications. I’d love to know where Chris came up with that guess, whether the upper-bound might be even higher, and how he thinks smaller operators would pay for that cost.

Indeed, Chris’s letter does not discuss the cost of providing SSL at all, mentioning the word “cost” just once, and in a completely different sense: “Other Google applications demonstrate that security need not come at the cost of performance.” This is perfectly consistent with Chris’s general response to the costs of regulation: “Your broken business model is not my problem” (which sounds more charming in Chris’s elegant British English).

But just as Chris is correct that “Defaults matter,” it is even more true that “Costs matter.” Google appears to take the question of how much it costs to provide SSL off the table: “in this case, the additional cost of offering HTTPS isn’t holding us back.” But this is by no means a dismissal of the importance of costs. Rather, Google is simply saying that it has already decided that the advantage of providing persistent SSL are worth the costs. Every advantage to users in terms of greater security is, of course, also an advantage to Google as it competes for customers. While Gmail may have the highest profile among webmail companies, it still lags far behind Yahoo! Mail and Microsoft’s Hotmail in market share: As of February, Yahoo!’s market share was 56%, Microsoft’s 19% and Google’s 11%. Offering increased security, as Google already does with the full-SSL opt-in, is simply a way for Google to gain a competitive advantage over its rivals. One can only imagine the barrier to entry such an expensive default, if mandated or simply expected, will create for new, smaller competitors to Google, Microsoft, Yahoo! and other web titans across a wide range of cloud services.

Google’s apparent agreement with Chris and his band of cybersecurity experts conceals a more fundamental difference of perspectives. While I consider Chris a good friend, what separates us him, and what separates him from Google, is the question of trade-offs. Chris exemplifies what the economist and philosopher Thomas Sowell called the “Vision of the Anointed.” As the best and brightest in society (“the talented few”), the Anointed are often right, as Chris certainly is here on some level: Persistent SSL is a great thing and most Gmail users would probably be better off with it once Gmail irons out all the kinks in implementing it. (Indeed, I had already opted-in to using persistent SSL reading before Chris’s letter.)

No, the problem with the Anointed is not that they are necessarily wrong, but that they focus on “Solutions” to problems, while those with the “Tragic Vision” focus on the “Trade-offs” inherent in the constraints of reality. For the Anointed, seeking to impose their preferences on others, Sowell notes:

it is simply a question of choosing the best solution, while to those with the tragic vision the more fundamental question is: Who is to choose? And by what process, and by what consequences for being wrong? … it is so easy to be wrong—and to persist in being wrong—when the costs of being wrong are paid by others. (pp. 135-36).

Google’s response focuses on one important trade-off: that made by users deciding between added security and a slower Gmail connection. Individual preferences on this choice might vary, even among fully-informed users: For example, some Gmail power users may prefer speed over security, knowing that the risks addressed by are lessened because they do not take their desktop PCs to unsecure Wi-Fi hotspots at, say, the local coffee shop.

But there is a more fundamental trade-off at stake: While Google already offers persistent SSL for free to all users and says that they intend to make this the default setting in the near future, using SSL for everyone will be expensive and that cost will ultimately be borne by consumers as well as by Google (and other webmail operators that follow suit). The cost of providing SSL might mean, for example, that Google will provide less storage space or other innovative Gmail features than it would otherwise have done, because while the politicians in Washington can simply print more money to put a “chicken in every pot” (and a mortgage in every subprime borrower’s hands), Google’s resources are necessarily limited. In short, even in the world of “Free!” content and services, there is no free lunch! In a world of scarce resources (a/k/a reality, even the reality of the digital economy), we must make trade-offs.

Again, Chris may well be correct that the security benefits of SSL are worth this particular trade-off but it’s important to distinguish between two different kinds of decisions. Again, Sowell makes the point brilliantly:

trade-offs must be incremental rather than categorical, if limited resources are to produce optimal results in any social system as a whole. Despite the importance of incremental trade-offs, the language of politics is filled with categorical rhetoric about ‘setting priorities,” “providing basic necessities.” or “assuring safety” in foods, medicines, or nuclear power. But incremental decisions differ as much from categorical decisions as trade-offs differ from solutions. If faced with a categorical choice between food and music, every sane person would choose food, since one can live without music but not without food. But if faced with an incremental choice, the decision could easily be just the opposite. If food were categorically more important than music, then we would never reach a point where we were prepared to sacrifice resources that could be used to produce food, in order to produce music. Given this premise, Beethoven, Brahms, and Bach should all have been put to work growing potatoes, instead of writing music, if food were categorically more important.

Online “security” (like online “privacy”) is, like food or physical safety, undeniably a good thing. But we must still make trade-offs between security and the other things with which is necessarily competes. Google currently runs vast server farms, but still has only a certain number of CPU cycles to use for a variety of competing purposes. Spending that scarce resource (and the money that ultimately pays for it) on persistent SSL necessarily means being able to offer less of other things across the wide range of services Google offers. It is in recognition of such unintended consequences that Sowell concludes that:

many a sound and beneficial principle becomes a dangerous absurdity when it becomes a fetish. That is why any categorical principle must be assess not only in terms of its soundness as a principle, but also in terms of what happens when that principle is applied categorically.

So, what would happen if this insistence on persistent SSL were “applied categorically?”

Impact on the Competitive Landscape While Google may be able to “eat” the cost of persistent SSL for all its Gmail users, mandating the use of persistent SSL may create a significant barrier to entry that could keep smaller providers out of the market. Even shaming a leading webmail provider like Google into voluntarily increasing their security offering may accomplish the same result by raising consumer expectations. Indeed, this is what competition is all about!

For a large webmail provider like Yahoo!-already struggling to find its way in a rapidly evolving competitive landscape for web content, services and advertising despite its 56% webmail market share-the cost of providing persistent SSL for their enormous installed base of users will necessarily reduce their resources available to compete with Google in webmail and on other fronts. For Microsoft, every dollar spent on upgrading Hotmail security could have been spent on improving Bing, Microsoft’s new search engine, which seems capable of posing a significant challenge to Google in the search market.

In general, increasing the cost of providing a service will necessarily tend to make that service less competitive. If there are fewer companies competing to offer webmail (and other related products like calendar services), there will be less pressure on each of them to compete in non-price terms such as…. security and privacy protection. Thus, in the real world, fetishizing security can actually lead to less security.

The Cost/Benefit Approach to Security Improvements Indeed, while the full use of SSL is an obvious way to improve the security of webmail, it is not obvious that it is the most cost-efficient way to do so. If the precise costs of using persistent SSL for all users are substantial but unclear, it is impossible to evaluate whether user security might be improved more by prioritizing scarce resources to deal with other threats.

The threat posed by unauthorized account access via cookie stealing and packet sniffing appears to be far smaller than other less obvious security threats, such as permitting the use of weak passwords, duplicating passwords across accounts, reliance on poor secret questions, the accessing of accounts at unsecured public terminals, and the failure of users to log out. Likewise, threats to end-user security and privacy such as cross-site scripting attacks or cross-site forgery requests account for a far greater portion of internet-related security incidents. There may be no technological “silver bullet” for these problems, but they may represent the “low hanging fruit” for improving security at a much lower cost.

Again, the question is not just whether the Anointed are right, but who is to decide among various options such as persistent SSL, user education and changes in user interface design.

HTTPS Über Alles: Where is This Going? Google indicated that they’re exploring turning on persistent SSL (HTTPS) for all Gmail users, but says nothing about other Google services. Chris’s letter, however, asks Google to adopt HTTPS for Google Docs and Calendar, and goes on to mention Facebook and MySpace as companies that leave their users “vulnerable to data theft and account hijacking” because they do not use HTTPS.

So just how far should the adoption of HTTPS go? Chris’s draft “Caught in the Cloud” paper repeatedly argues that all cloud services should adopt persistent SSL. Yet even he recognizes that e-mail may be uniquely sensitive:

While most users’ word processing documents or photo collections may not be that valuable to a fraudster, an email account can have considerable value – due to the fact that inboxes routinely contain passwords and account information for other websites. For example, many Web sites will resend a password to a user’s email address in the event that the user forgets her password. Thus, a poorly secured email account can be leveraged to gain access to a victim’s bank account, brokerage account or online health records. (p. 15)

Here, Chris seems to recognize the need to make real trade-offs. But his coalition letter draws no such distinction, and even if it did, the more important point is that the Anointed think they know better how to draw these distinctions than anyone else —especially the companies who actually offer cloud services.

So what about Facebook messaging, Twitter tweets, and other social networking communication tools? How should “we” decide which of these services really merits persistent SSL? More important, who is this “we,” anyway?
Who’s actually going to make these decisions? Rather than trusting in the “systemic process” of competition among cloud computing companies, for whom security can be an element of non-price competition, the Anointed presume to make these decisions for everyone else.

Paying for SSL In a world of trade-offs, it’s important to look not just at the opportunity cost of providing features like persistent SSL, but also at the additional sources of revenue that could cover the costs of cloud computing features like SSL. If we can “grow the pie,” the trades-offs made to support persistent SSL will not be so painful. Two potential revenue streams seem obvious.

First, Google and other cloud service providers could simply charge for persistent SSL. For instance, Google currently charges $50/year/user for customized, ad-free Google Apps email accounts.

Second, if the advertising that supports webmail and other cloud services were more profitable, Google could afford more “guns and butter”: persistent SSL for everyone and continued expansion of storage space and roll-out of new Gmail features. This is precisely why Google, Yahoo! and other online advertising companies want to offer “Interest-Based Advertising” that is tailored to a user’s interests based on data about their web surfing. Unfortunately, the Anointed have so fetishized “User Privacy” that they are blind to these trade-offs, and fail to recognize that limiting targeted advertising in the name of “Privacy” may compromise “Security,” just as mandating “Security” protections may actually reduce competitive pressures to increase “Privacy” protections.

Thus, as Sowell emphasizes, we must understand that trade-offs cannot be made in isolation because “What can be afforded seriatim vastly exceeds what can be afforded simultaneously.” That is, we must make “trade-offs within an overall system constrained by inherent limitations of resources, knowledge, etc.” It is precisely because that task is so challenging that we must proceed cautiously and resist the insistence of the Anointed that there is an “urgent need for action to avert impending catastrophe.”

Other Options: User Empowerment & Education Chris’s letter calls for persistent SSL by default in the belief that users do not know enough to protect themselves. In the alternative, the letter suggests four steps Google could take to help users make more fully informed choices. These suggestions seem generally reasonable, and it might well make sense to adopt them, but there are other means to address the ignorance of the “Benighted” than by presuming to decide which trade-offs Google should make in how it designs the user interface of Gmail for all users.

First, Google could present more information and a cleaner choice about persistent SSL during the initial account set-up process. In other words, when a user creates a new Google account, they would be told the pros and cons of persistent SSL and could then make a more informed decision about whether to use persistent SSL or SSL only for authentication. Since Gmail currently has only an 11% share of the webmail market, the vast majority of potential users would have to make these decisions at the point of initial sign-up, while the user interface for existing users would not be further complicated. This example illustrates just one way in which Google might be able to able to make better decisions about the trade-offs at issue than the Anointed, however well-deserved their credentials in the field of web security.

Second, Google could add more discussion of SSL to its existing online educational resources about user privacy and security. Google could expand its Privacy Center on YouTube to include detailed discussions about the potential risks of not using persistent SSL and easy-to-follow video tutorials about the pros and cons of HTTPS.

The Politics of Shame A final word about tactics: I call Chris a “Shame Artist” in the best sense of the term. Shaming corporations is a key part of the reputational marketplace —something my colleague Adam Thierer has emphasized in his work [PDF p. 30] on online parental controls and child protection. People like Chris play a critical role in helping to raise public awareness of genuine problems, and to encourage companies to improve their practices. This dynamic has never worked as well, or as quickly, as it does in the online marketplace. But there are two important caveats to the beneficial role played by shame artists.

First, there is a fine line between (i) shining the spotlight of public attention on a problem and bringing reputational pressure to bear on the company responsible, and (ii) threatening such a company with regulation if you don’t get what you want. Here, as is often the case, Chris is playing dangerously close to that line. Chris’s “Lost in the Cloud” paper calls first for companies to change their practices voluntarily, then for mandating disclosure of SSL choices and risks, and then for mandates:

the government [could] regulate providers of cloud computing services, as it has already done in the banking and health industries. Banks are simply not permitted to let customers to make encryption a “choice,” just as car manufacturers are no longer permitted to make seat belts optional. We would prefer that regulators first forced cloud computing providers to display clear educational warnings before regulators go down the path of mandating specific technologies. However, if educational warnings failed to provoke a sufficient market response, stronger regulation might be appropriate.

At the very least, Chris is hanging the regulatory “Sword of Damocles” over the necks of cloud computing providers: The sword hasn’t fallen yet, but it threatens to drop at any moment if industry doesn’t cooperate.

Second, pressuring providers of free (ad-supported) services to offer more features risks increasing the deeply-rooted assumption that users of these services are somehow entitled to them, including whatever specific functionality the Anointed think ought to be included in the service. In fairness to Chris and his coalition, their letter does not specify how persistent SSL should be provided and he seems to be content with the idea that Google might charge for the service—a recognition of a trade-off that separates him from the more extreme among the Anointed. But once Congress, AGs and other government officials start rushing in to do Chris’s bidding, subtly or not-so-subtly coercing cloud service providers, I hope he isn’t surprised when they come back knocking on those same doors asking for more favors in the name of “Internet security.” With one hand they giveth (what Chris wants); with the other they might eventually take away (something Chris and his comrades find important).

But anytime a company is pressured to give away even more of what it’s already giving away for free, the expectation of a getting a “Free Lunch” grows. (“Free dessert, too?
Don’t mind if I do!“) Worse, if companies appear to cave in to this pressure without acknowledging the trade-offs involved, they both add to that expectation and encourage future attacks by shame artists, since they are signaling a willingness to cave-in. This is essentially the same moral hazard problem as created by negotiating with terrorists. I certainly don’t mean to compare either Chris’s goals or his methods to those of violent extremists or to trivialize his arguments. But the dynamic created by weak responses to shaming in this context is nonetheless analogous: Every time a company says “Why not? Cost is no issue!,” they make it that much more difficult for themselves and others to say, in the future, that cost sometimes will require more obvious trade-offs like charging users for the feature demanded by the Anointed. At some point, such “upsells” may become so politically untenable that the practical choices are (i) not offering the feature at all and (ii) offering it to everyone for free (the costs of which will be borne somewhere else). I fear we may already have reached that point.

Over at TechDirt, Tom Lee has a sharp critique of Muayyad Al-Chalabi’s much-circulated paper (via GigaOm) opposing bandwidth caps. Make sure to read Tom’s entire essay, but here’s the key take-away:

this whitepaper merely amounts to a complaint that a free lunch is ending. Bandwidth is clearly an increasingly limited resource. And in capitalist societies, money is how we allocate limited resources. The alternate solutions that Al-Chalabi proposes to the carriers on pages 6 and 8 — like P2P mirrors, improved service and “leveraging… existing relationships with content providers” — either assume that network improvements are free, would gut network neutrality, or are simply nonsense.

Indeed. But Tom generally agrees that “Comcast’s bandwidth cap is a drag” and that “Instead of disconnection, there should be reasonable fees imposed for overages. They should come up with a schedule defining how the cap will increase in the future. And the paper’s suggestion of loosened limits during off-peak times is a good one.”

Well, those are three different things but I generally agree with all of them. Let me just repeat, however, my strong endorsement of the first option — metering at the margin — and again highlight the optimal way to do it from an economic perspective. As I noted in one of my many previous articles about metering for bandwidth hogs:

my preferred model [is] what economists call a “Ramsey two-part tariff.” A two-part tariff (or price) would involve a flat fee for service up to a certain level and then a per-unit / metered fee over a certain level. I don’t know where the demarcation should be in terms of where the flat rate ends and the metering begins; that’s for market experimentation to sort out. But the clear advantage of this solution is that it preserves flat-rate, all-you-can-eat pricing for casual to moderate bandwidth users and only resorts to less popular metering pricing strategies when the usage is “excessive,” however that is defined.

My former PFF colleague Scott Wallsten penned an outstanding paper on the issue last year entitled, “Managing the Network? Rethink Prices, not Net Neutrality,” in which he also endorsed the idea:

Broadband use could similarly be metered. One could imagine simple metered pricing, in which users pay by the bit. Alternatively, providers could develop hybrid plans in which metered pricing begins only after some very high level of usage. In that case, heavy users would pay for the costs they impose on the network rather than being subject to what might otherwise appear to be arbitrary delays in their Internet traffic or threatening letters in their mailboxes. ISPs know how much bandwidth their users use, even if they do not know what content is flowing over the pipes. Implementing new pricing schemes presumably would not be a technical challenge.

I still think this approach deserves a fair hearing, but given the hysteria we have seen over bandwidth cap proposals I suppose that people will just keep looking for a free lunch instead.