[This is a draft of a section of a forthcoming study on “A Flexible Governance Framework for Artificial Intelligence,” which I hope to complete shortly. I welcome feedback. I have also cross-posted this essay at Medium.]

Debates about how to embed ethics and best practices into AI product design is where the question of public policy defaults becomes important. To the extent AI design becomes the subject of legal or regulatory decision-making, a choice must be made between two general approaches: the precautionary principle or the proactionary principle.[1] While there are many hybrid governance approaches in between these two poles, the crucial issue is whether the initial legal default for AI technologies will be set closer to the red light of the precautionary principle (i.e., permissioned innovation) or to the green light of the proactionary principle (i.e., (permissionless innovation). Each governance default will be discussed.

The Problem with the Precautionary Principle as the Policy Default for AI

The precautionary principle holds that innovations are to be curtailed or potentially even disallowed until the creators of those new technologies can prove that they will not cause any theoretical harms. The classic formulation of the precautionary principle can be found in the “Wingspan Statement,” which was formulated at an academic conference that took place at the Wingspread Conference Center in Wisconsin in 1998. It read: “Where an activity raises threats of harm to the environment or human health, precautionary measures should be taken even if some cause and effect relationships are not fully established scientifically.”[2] There have been many reformulations of the precautionary principle over time but, as legal scholar Cass Sunstein has noted, “in all of them, the animating idea is that regulators should take steps to protect against potential harms, even if causal chains are unclear and even if we do not know that those harms will come to fruition.”[3] Put simply, under almost all varieties of the precautionary principle, innovation is treated as “guilty until proven innocent.”^[4] We can also think of this as permissioned innovation.

The logic animating the precautionary principle reflects a well-intentioned desire to play it safe in the face of uncertainty. The problem lies in the way this instinct gets translated into law and regulation. Making the precautionary principle the public policy default for any given technology or sector has a strong bearing on how much innovation we can expect to flow from it. When trial-and-error experimentation is preemptively forbidden or discouraged by law, it can limit many of the positive outcomes that typically accompany efforts by people to be creative and entrepreneurial. This can, in turn, give rise to different risks for society in terms of forgone innovation, growth, and corresponding opportunities to improve human welfare in meaningful ways.

St. Thomas Aquinas once observed that if the sole goal of a captain were to preserve their ship, the captain would keep it in port forever. But that clearly is not the captain’s highest goal. Aquinas was making a simple but powerful point: There can be no reward without some effort and even some risk-taking. Ship captains brave the high seas because they are in search of a greater good, such as recognition, adventure, or income. Keeping ships in port forever would preserve their vessels, but at what cost?

Similarly, consider the wise words of Wilbur Wright, who pioneered human flight. Few people better understood the profound risks associated with entrepreneurial activities. After all, Wilbur and his brother were trying to figure out how to literally lift humans off the Earth. The dangers were real, but worth taking. “If you are looking for perfect safety,” Wright said, “you would do well to sit on a fence and watch the birds.” Humans would have never taken to the skies if the Wright brothers had not gotten off the fence and taken the risks they did. Risk-taking drives innovation and, over the long-haul, improves our well-being.^[5] Nothing ventured, nothing gained.

These lessons can be applied to public policy by considering what would happen if, in the name of safety, public officials told captains to never leave port or told aspiring pilots to never leave the ground. The opportunity cost of inaction can be hard to quantify, but it should be clear that if we organized our entire society around a rigid application of the precautionary principle, progress and prosperity would suffer.

Heavy-handed preemptive restraints on creative acts can have deleterious effects because they raise barriers to entry, increase compliance costs, and create more risk and uncertainty for entrepreneurs and investors. Thus, it is the unseen costs—primarily in the form of forgone innovation opportunities—that makes the precautionary principle so problematic as a policy default. This is why scientist Martin Rees speaks of “the hidden cost of saying no” that is associated with the precautionary principle.[6]

The precise way the precautionary principle leads to this result is that it derails the so-called learning curve by limiting opportunities to learn from trial-and-error experimentation with new and better ways of doing things.[7] The learning curve refers to the way that individuals, organizations, or industries are able to learn from their mistakes, improve their designs, enhance productivity, lower costs, and then offer superior products based on the resulting knowledge.[8] In his recent book, Where Is My Flying Car?, J. Storrs Hall documents how, over the last half century, “regulation clobbered the learning curve” for many important technologies in the U.S., especially nuclear, nanotech, and advanced aviation.[9] Hall shows how society was denied many important innovations due to endless foot-dragging or outright opposition to change from special interests, anti-innovation activists, and over-zealous bureaucrats.

In many cases, innovators don’t even know what they are up against because, as many scholars have noted, “the precautionary principle, in all of its forms, is fraught with vagueness and ambiguity.”[10] It creates confusion and fear about the wisdom of taking action in the face of uncertainty. Worst case thinking paralyzes regulators who aim to “play it safe” at all costs. The result is an endless snafu of red tape as layer upon layer of mandates build up and block progress. The result is what many scholars now decry as a culture of “vetocracy,” which describes the many veto points within modern political systems that hold back innovation, development and economic opportunity.[11] This endless accumulation of potential veto points in the policy process in the form of mandates and restrictions can greatly curtail innovation opportunities. “Like sediment in a harbor, law has steadily accumulated, mainly since the 1960s, until most productive activity requires slogging through a legal swamp,” says Philip K. Howard, chair of Common Good.[12] “Too much law,” he argues, “can have similar effects as too little law,” because:

People slow down, they become defensive, they don’t initiate projects because they are surrounded by legal risks and bureaucratic hurdles. They tiptoe through the day looking over their shoulders rather than driving forward on the power of their instincts. Instead of trial and error, they focus on avoiding error.[13]

This is exactly why it is important that policymakers not get too caught up in attempts to preemptively resolve every potential hypothetical worst case scenarios associated with AI technologies. The problem with that approach was succinctly summarized by the political scientist Aaron Wildavsky when he noted, “If you can do nothing without knowing first how it will turn out, you cannot do anything at all.”^[14] Or, as I have stated in a book on this topic, “living in constant fear of worst-case scenarios—and premising public policy on them—means that best-case scenarios will never come about.”[15]

This does not mean society should dismiss all concerns about the risks surrounding AI. Some technological risks do necessitate a degree of precautionary policy, but proportionality is crucial, notes Gabrielle Bauer, a Toronto-based medical writer. “Used too liberally,” she argues, “the precautionary principle can keep us stuck in a state of extreme risk-aversion, leading to cumbersome policies that weigh down our lives. To get to the good parts of life, we need to accept some risk.”[16] It is not enough to simply hypothesize that certain AI innovations might entail some risk. The critics need to prove it using risk analysis techniques that properly weigh both the potential costs and benefits.^[17] Moreover, when conducting such analyses, the full range of trade-offs associated with preemptive regulation must be evaluated. Again, where precautionary constraints might deny society life-enriching devices or services, those costs must be acknowledged.

Generally speaking, the most extreme precautionary controls should only be imposed when the potential harms in question are highly probable, tangible, immediate, irreversible, catastrophic, or directly threatening to life and limb in some fashion.^[18] In the context of AI and ML systems, it may be the case that such a test is satisfied already for law enforcement use of certain algorithmic profiling techniques. And that test is satisfied for so-called “killer robots,” or autonomous military technology.[19] These are often described as “existential risks.” The precautionary principle is the right default in these cases because it is abundantly clear how unrestricted use would have catastrophic consequences. For similar reasons, governments have long imposed comprehensive restrictions on certain types of weapons.[20] And although nuclear and chemical technologies have many important applications, their use must also be limited to some degree even outside of militaristic applications because they can pose grave danger if misused.

But the vast majority of AI-enabled technologies are not like this. Most innovations should not be treated the same a hand grenade or a ticking time bomb. In reality, most algorithmic failures will be more mundane and difficult to foresee in advance. By their very nature, algorithms are constantly evolving because programs and systems are being endlessly tweaked by designers to improve them. In his books on the evolution of engineering and systems design, Henry Petroski has noted that “the shortcomings of things are what drive their evolution.”[21] The normal state of things is “ubiquitous imperfection,” he notes, and it is precisely that reality that drives efforts to continuously innovate and iterate.[22]

Regulations rooted in the precautionary principle hope to preemptively find and address product imperfections before any harm comes from them. In reality, and as explained more below, it is only through ongoing experimentation that we find both the nature of failures and the knowledge to know how to correct them. As Petroski observes, “the history of engineering in general, may be told in its failures as well as in its triumphs. Success may be grand, but disappointment can often teach us more.”^[23] This is particularly true for complex algorithmic systems, where rapid-fire innovation and incessant iteration are the norm.

Importantly, the problem with precautionary regulation for AI is not just that it might be over-inclusive in seeking to regulate hypothetical problems that never develop. Precautionary regulation can also be under-inclusive by missing problematic behavior or harms that no one anticipated before the fact. Only experience and experimentation reveal certain problems.

In sum, we should not presume that there is a clear preemptive regulatory solution to every problem some people raise about AI, nor should we presume we can even accurately identify all such problems that might come about in the future. Moreover, some risks will never be eliminated entirely, meaning that risk mitigation is the wiser approach. This is why a more flexible bottom-up governance strategy focused on responsiveness and resiliency makes more sense than heavy-handed, top-down strategies that would only avoid risks by making future innovations extremely difficult if not impossible.

The “Proactionary Principle” is the Better Default for AI Policy

The previous section made it clear why the precautionary principle should generally not be used as our policy default if we hope to encourage the development of AI applications and services. What we need is a policy approach that:

• objectively evaluates the concerns raised about AI systems and applications;
• considers whether more flexible governance approaches might be available to address them; and,
• does so without resorting to the precautionary principle as a first-order response.

The proactionary principle is the better general policy default for AI because it satisfies these three objectives.[24] Philosopher Max More defines the proactionary principle as the idea that policymakers should, “[p]rotect the freedom to innovate and progress while thinking and planning intelligently for collateral effects.”^[25] There are different names for this same concept, including the innovation principle, which Daniel Castro and Michael McLaughlin of the Information Technology and Innovation Foundation say represents the belief that “the vast majority of new innovations are beneficial and pose little risk, so government should encourage them.”^[26] Permissionless innovation is another name for the same idea. Permissionless innovation refers to the idea that experimentation with new technologies and business models should generally be permitted by default.^[27]

What binds these concepts together is the belief that innovation should generally be treated as innocent until proven guilty. There will be risks and failures, of course, but the permissionless innovation mindset views them as important learning experiences. These experiences are chances for individuals, organizations, and all of society to make constant improvements through incessant experimentation with new and better ways of doing things.[28] As Virginia Postrel argued in her 1998 book, The Future and Its Enemies, progress demands “a decentralized, evolutionary process” and mindset in which mistakes are not viewed as permanent disasters but instead as “the correctable by-products of experimentation.”^[29] “No one wants to learn by mistakes,” Petroski once noted, “but we cannot learn enough from successes to go beyond the state of the art.”^[30] Instead we must realize, as other scholars have observed, that “[s]uccess is the culmination of many failures”^[31] and understand “failure as the natural consequence of risk and complexity.”^[32]

This is why the default for public policy for AI innovation should, whenever possible, be more green lights than red ones to allow for the maximum amount of trial-and-error experimentation, which encourages ongoing learning.[33] “Experimentation matters,” observes Stefan H. Thomke of the Harvard Business School, “because it fuels the discovery and creation of knowledge and thereby leads to the development and improvement of products, processes, systems, and organizations.”^[34]

Obviously, risks and mistakes are “the very things regulators inherently want to avoid,”^[35] but “if innovators fear they will be punished for every mistake,” Daniel Castro and Alan McQuinn argue, “then they will be much less assertive in trying to develop the next new thing.”^[36] And for all the reasons already stated, that would represent the end of progress because it would foreclose the learning process that allows society to discover new, better, and safer ways of doing things. Technology author Kevin Kelly puts it this way:

technologies must be evaluated in action, by action. We test them in labs, we try them out in prototypes, we use them in pilot programs, we adapt our expectations, we monitor their alterations, we redefine their aims as they are modified, we retest them given actual behavior, we re-direct them to new jobs when we are not happy with their outcomes.[37]

In other words, the proactionary principle appreciates the benefits that flow from learning by doing. The goal is to continuously assess and prioritize risks from natural and human-made systems alike, and then formulate and reformulate our toolkit of possible responses to those risks using the most practical and effective solutions available. This should make it clear that the proactionary approach is not synonymous with anarchy. Various laws, government bodies, and especially the courts play an important role in protecting rights, health, and order. But policies need to be formulated such that innovators and innovation are given the benefit of the doubt and risks are analyzed and addressed in a more flexible fashion.

Some of the most effective ways to address potential AI risks already exist in the form of “soft law” and decentralized governance solution. These will be discussed at greater length below. But existing legal remedies include various common law solutions (torts, class actions, contract law, etc), recall authority possessed by many regulatory agencies, and various consumer protection policies. Ex post remedies are generally superior to ex ante prior restraints if we hope to maximize innovation opportunities. Ex ante regulatory defaults are too often set closer to the red light of the precautionary principle and then enforced through volumes of convoluted red tape.

This is what the World Economic Forum has referred to as a “regulate-and-forget” system of governance,[38] or what others call a “build-and-freeze model” or regulation.[39] In such technological governance regimes, older rules are almost never revisited, even after new social, economic, and technical realities render them obsolete or ineffective.[40] A 2017 survey of U.S. Code of Regulations by Deloitte consultants revealed that 68 percent of federal regulations have never been updated and that 17 percent have only been updated once.^[41] Public policies for complex and fast-moving technologies like AI cannot be set in stone and forgotten like that if America hopes to remain on the cutting edge of this sector.

Advocates of the proactionary principle look to counter this problem not by eliminating all laws or agencies, but by bringing them in line with flexible governance principles rooted in more decentralized approaches to policy concerns.[42] As many regulatory advocates suggest, it is important to embed or “bake in” various ethical best practices into AI systems to ensure that they benefit humanity. But this, too, is a process of ongoing learning and there are many ways to accomplish such goals without derailing important technological advances. What is often referred to as “value alignment” or “ethically-aligned design” is challenged by the fact that humans regularly disagree profoundly about many moral issues.[43] “Before we can put our values into machines, we have to figure out how to make our values clear and consistent,” says Harvard University psychologist Joshua D. Greene.[44]

The “Three Laws of Robotics” famously formulated decades ago by Isaac Asimov in his science fiction stories continue to be widely discussed today as a guide to embedding ethics into machines.[45] They read:

1. A robot may not injure a human being or, through inaction, allow a human being to come to harm.
2. A robot must obey orders given it by human beings except where such orders would conflict with the First Law.
3. A robot must protect its own existence as long as such protection does not conflict with the First or Second Laws.

What is usually forgotten about these principles, as AI expert Melanie Mitchell reminds us, is the way Asimov, “often focused on the unintended consequences of programming ethical rules into robots,” and how he made it clear that, if applied too literally, “such a set of rules would inevitably fail.”[46]

This is why flexibility and humility are essential virtues when thinking about AI policy. The optimal governance regime for AI can be shaped by responsible innovation practices and embed important ethical principles by design without immediately defaulting to a rigid application of the precautionary principle.[47] In other words, an innovation policy regime rooted in the proactionary principle can also be infused with the same values that animate a precautionary principle-based system.[48] The difference is that the proactionary principle-based approach will look to achieve these goals in a more flexible fashion using a variety of experimental governance approaches and ex post legal enforcement options, while also encouraging still more innovation to solve problems past innovations may have caused.

To reiterate, not every AI risk is foreseeable, and many risks and harms are more amorphous or uncertain. In this sense, the wisest governance approach for AI was recently outlined by the National Institute of Standards and Technology (NIST) in its initial draft AI Risk Management Framework, which is a multistakeholder effort “to describe how the risks from AI-based systems differ from other domains and to encourage and equip many different stakeholders in AI to address those risks purposefully.”[49] NIST notes that the goal of the Framework is:

to be responsive to new risks as they emerge rather than enumerating all known risks in advance. This flexibility is particularly important where impacts are not easily foreseeable, and applications are evolving rapidly. While AI benefits and some AI risks are well-known, the AI community is only beginning to understand and classify incidents and scenarios that result in harm.[50]

This is a sensible framework for how to address AI risks because it makes it clear that it will be difficult to preemptively identify and address all potential AI risks. At the same time, there will be a continuing need to advance AI innovation while addressing AI-related harms. The key to striking that balance will be decentralized governance approaches and soft law techniques described below.

[Note: The subsequent sections of the study will detail how decentralized governance approaches and soft law techniques already are helping to address concerns about AI risks.]

Endnotes:

[1]     Adam Thierer, Permissionless Innovation: The Continuing Case for Comprehensive Technological Freedom, 2nd ed. (Arlington, VA: Mercatus Center at George Mason University, 2016): 1-6, 23-38; Adam Thierer, Evasive Entrepreneurs & the Future of Governance (Washington, DC: Cato Institute, 2020): 48-54.

[2]     “Wingspread Statement on the Precautionary Principle,” January 1998, https://www.gdrc.org/u-gov/precaution-3.html.

[3]     Cass R. Sunstein, Laws of Fear: Beyond the Precautionary Principle (Cambridge, UK: Cambridge University Press, 2005). (“The Precautionary Principle takes many forms. But in all of them, the animating idea is that regulators should take steps to protect against potential harms, even if causal chains are unclear and even if we do not know that those harms will come to fruition.”)

[4]     Henk van den Belt, “Debating the Precautionary Principle: ‘Guilty until Proven Innocent’ or ‘Innocent until Proven Guilty’?” Plant Physiology 132 (2003): 1124.

[5]     H.W. Lewis, Technological Risk (New York: WW. Norton & Co., 1990): x. (“The history of the human race would be dreary indeed if none of our forebears had ever been willing to accept risk in return for potential achievement.”)

[6]     Martin Rees, On the Future: Prospects for Humanity (Princeton, NJ: Princeton University Press, 2018): 136.

[7]     Adam Thierer, “Failing Better: What We Learn by Confronting Risk and Uncertainty,” in Sherzod Abdukadirov (ed.), Nudge Theory in Action: Behavioral Design in Policy and Markets (Palgrave Macmillan, 2016): 65-94.

[8]     Adam Thierer, “How to Get the Future We Were Promised,” Discourse, January 18, 2022, https://www.discoursemagazine.com/culture-and-society/2022/01/18/how-to-get-the-future-we-were-promised.

[9]     J. Storrs Hall, Where Is My Flying Car? (San Francisco: Stripe Press, 2021)

[10]    Derek Turner and Lauren Hartzell Nichols, “The Lack of Clarity in the Precautionary Principle,” Environmental Values, Vol 13, No. 4 (2004): 449.

[11]    William Rinehart, “Vetocracy, the Costs of Vetos and Inaction,” Center for Growth & Opportunity at Utah State University, March 24, 2022, https://www.thecgo.org/benchmark/vetocracy-the-costs-of-vetos-and-inaction; Adam Thierer, “Red Tape Reform is the Key to Building Again,” The Hill, April 28, 2022, https://thehill.com/opinion/finance/3470334-red-tape-reform-is-the-key-to-building-again.

[12]    Philip K. Howard, “Radically Simplify Law,” Cato Institute, Cato Online Forum, http://www.cato.org/publications/cato-online-forum/radically-simplify-law.

[13]    Ibid.

^[14]    Aaron Wildavsky, Searching for Safety (New Brunswick, NJ: Transaction Publishers, 1989): 38.

[15]    Thierer, Permissionless Innovation, at 2.

[16]    Gabrielle Bauer, “Danger: Caution Ahead,” The New Atlantis, February 4, 2022, https://www.thenewatlantis.com/publications/danger-caution-ahead.

[17]    Richard B. Belzer, “Risk Assessment, Safety Assessment, and the Estimation of Regulatory Benefits” (Mercatus Working Paper, Mercatus Center at George Mason University, Arlington, VA, 2012), 5, http://mercatus.org/publication/risk-assessment-safety-assessment-and-estimation-regulatory-benefits; John D. Graham and Jonathan Baert Wiener, eds. Risk vs. Risk: Tradeoffs in Protecting Health and the Environment, (Cambridge, MA: Harvard University Press, 1995).

[18]    Thierer, Permissionless Innovation, at 33-8.

[19]    Adam Satariano, Nick Cumming-Bruce and Rick Gladstone, “Killer Robots Aren’t Science Fiction. A Push to Ban Them Is Growing,” New York Times, December 17, 2021, https://www.nytimes.com/2021/12/17/world/robot-drone-ban.html.

[20]    Adam Thierer, “Soft Law: The Reconciliation of Permissionless & Responsible Innovation,” in Adam Thierer, Evasive Entrepreneurs & the Future of Governance (Washington, DC: Cato Institute, 2020): 183-240, https://www.mercatus.org/publications/technology-and-innovation/soft-law-reconciliation-permissionless-responsible-innovation.

[21]    Henry Petroski, The Evolution of Useful Things (New York: Vintage Books, 1994): 34.

[22]    Ibid., 27,

[23]    Henry Petroski, To Engineer is Human: The Role of Failure in Successful Design (New York: Vintage, 1992): 9.

[24]    James Lawson, These Are the Droids You’re Looking For: An Optimistic Vision for Artificial Intelligence, Automation and the Future of Work (London: Adam Smith Institute, 2020): 86, https://www.adamsmith.org/research/these-are-the-droids-youre-looking-for.

[25]    Max More, “The Proactionary Principle (March 2008),” Max More’s Strategic Philosophy, March 28, 2008, http://strategicphilosophy.blogspot.com/2008/03/proactionary-principle-march-2008.html.

[26]    Daniel Castro & Michael McLaughlin, “Ten Ways the Precautionary Principle Undermines Progress in Artificial Intelligence,” Information Technology and Innovation Foundation, February 4, 2019, https://itif.org/publications/2019/02/04/ten-ways-precautionary-principle-undermines-progress-artificial-intelligence.

[27]    Thierer, Permissionless Innovation.

[28]    Thierer, “Failing Better.”

[29]    Virginia Postrel, The Future and Its Enemies (New York: The Free Press, 1998): xiv.

[30]    Henry Petroski, To Engineer is Human: The Role of Failure in Successful Design (New York: Vintage, 1992): 62.

[31]    Kevin Ashton, How to Fly a Horse: The Secret History of Creation, Invention, and Discovery (New York: Doubleday, 2015): 67.

[32]    Megan McArdle, The Up Side of Down: Why Failing Well is the Key to Success (New York: Viking, 2014), 214.

[33]    F. A. Hayek, The Constitution of Liberty (London: Routledge, 1960, 1990): 81. (“Humiliating to human pride as it may be, we must recognize that the advance and even preservation of civilization are dependent upon a maximum of opportunity for accidents to happen.”)

[34]    Stefan H. Thomke, Experimentation Matters: Unlocking the Potential of New Technologies for Innovation (Harvard Business Review Press, 2003), 1.

[35]    Daniel Castro and Alan McQuinn, “How and When Regulators Should Intervene,” Information Technology and Innovation Foundation Reports, (February 2015): 2 http://www.itif.org/publications/how-and-when-regulators-should-intervene.

[36]    Ibid.

[37]    Kevin Kelly, “The Pro-Actionary Principle,” The Technium, November 11, 2008, https://kk.org/thetechnium/the-pro-actiona.

[38]    World Economic Forum, Agile Regulation for the Fourth Industrial Revolution (Geneva: Switzerland: 2020): 4, https://www.weforum.org/projects/agile-regulation-for-the-fourth-industrial-revolution.

[39]    Jordan Reimschisel and Adam Thierer, “’Build & Freeze’ Regulation Versus Iterative Innovation,” Plain Text, November 1, 2017, https://readplaintext.com/build-freeze-regulation-versus-iterative-innovation-8d5a8802e5da.

[40]    Adam Thierer, “Spring Cleaning for the Regulatory State,” AIER, May 23, 2019, https://www.aier.org/article/spring-cleaning-for-the-regulatory-state.

[41]    Daniel Byler, Beth Flores & Jason Lewris, “Using Advanced Analytics to Drive Regulatory Reform: Understanding Presidential Orders on Regulation Reform,” Deloitte, 2017, https://www2.deloitte.com/us/en/pages/public-sector/articles/advanced-analytics-federal-regulatory-reform.html.

[42]    Adam Thierer, Governing Emerging Technology in an Age of Policy Fragmentation and Disequilibrium, American Enterprise Institute (April 2022), https://platforms.aei.org/can-the-knowledge-gap-between-regulators-and-innovators-be-narrowed.

[43]    Brian Christian, The Alignment Problem: Machine Learning and Human Values (New York: W.W. Norton & Company, 2020).

[44]    Joshua D. Greene, “Our Driverless Dilemma,” Science (June 2016): 1515.

[45]    Susan Leigh Anderson, “Asimov’s ‘Three Laws of Robotics’ and Machine Metaethics,” AI and Society, Vol. 22, No. 4, (2008): 477-493.

[46]    Melanie Mitchell, Artificial Intelligence: A Guide for Thinking Humans (New York: Farrar, Straus and Giroux, 2019): 126 [Kindle edition.]

[47]    Thomas A. Hemphill, “The Innovation Governance Dilemma: Alternatives to the Precautionary Principle,” Technology in Society, Vol. 63 (2020): 6, https://ideas.repec.org/a/eee/teinso/v63y2020ics0160791x2030751x.html.

[48]    Adam Thierer, “Are ‘Permissionless Innovation’ and ‘Responsible Innovation’ Compatible?” Technology Liberation Front, July 12, 2017, https://techliberation.com/2017/07/12/are-permissionless-innovation-and-responsible-innovation-compatible.

[49]    The National Institute of Standards and Technology, “AI Risk Management Framework: Initial Draft,” (March 17, 2022): 1, https://www.nist.gov/itl/ai-risk-management-framework.

[50]    Ibid., at 5.

[first published at The Bridge on August 9, 2018]

What happens when technological innovation outpaces the ability of laws and regulations to keep up?

This phenomenon is known as “the pacing problem,” and it has profound ramifications for the governance of emerging technologies. Indeed, the pacing problem is becoming the great equalizer in debates over technological governance because it forces governments to rethink their approach to the regulation of many sectors and technologies.

The Innovation Cornucopia

Had Rip Van Winkle woken up his famous nap today, he’d be shocked by all the changes around him. At-home genetics tests, personal drones, driverless cars, lab-grown meats, and 3D-printed prosthetic limbs are just some of the amazing innovations that would boggle his mind. New devices and services are flying at us so rapidly that we sometimes forget that most did not even exist a short time ago. At this point, it feels like our smartphones have been in our lives forever, but even just a decade ago, very few of us had one. Likewise, plenty of people now regularly enjoy the benefits of the sharing economy, but ten years ago, Uber, Lyft, and Airbnb did not even exist. Most of the social networking platforms or online video and audio streaming services that we use today had not even been created 15 years ago. Back then, Netflix’s DVD mail subscription service seemed downright revolutionary.

With every innovation comes more questions about how the law should keep pace, or whether it even can. “There has always been a pacing problem,” observes Yale University bioethicist Wendell Wallach, author of  A Dangerous Master: How to Keep Technology from Slipping beyond Our Control. But what Wallach and many other scholars worry about today is that the pace of change has been kicked into overdrive, making it more difficult than ever for traditional legal schemes and regulatory mechanisms to stay relevant. Larry Downes refers to this as “The Law of Disruption.” In his 2009 book on this “law,” Downes showed how “technology changes exponentially, but social, economic, and legal systems change incrementally” and that this law was becoming “a simple but unavoidable principle of modern life.”

Moore’s Law Quickens the Pace

There are three primary reasons the pacing problem is such a force in our modern world. The root cause lies in the power of “combinatorial innovation,” which is driven by “Moore’s Law.”  The Information Revolution spawned a stunning array of new technological capabilities that build on top of one another in a symbiotic fashion. Think about the shared foundational elements of most modern inventions: microchips, sensors, digital code, big data, cloud computing, remote data storage, wireless networking and geolocation capabilities, machine-learning, cryptography, and more. Each of these underlying capabilities is becoming faster, cheaper, smaller, more powerful, and easier to find and use. Innovators are combining them as part of their ongoing search for new and better ways of doing things.

Moore’s Law powers these developments. Moore’s Law is the principle named after Intel co-founder Gordon E. Moore, who first observed in 1965 that “computing would dramatically increase in power, and decrease in relative cost, at an exponential pace” in coming years. Indeed, it has continued to do so for the past half century for many information technologies. A recent Technology Policy Institute white paper noted that “data transit prices fell from about $1200 per Mbps in 1998 to $0.02 per Mbps in 2017.”

These forces are now revolutionizing other sectors as “software eats the world” and innovators utilize these new technologies to address nearly every conceivable need and want. In the field of genetics, the biological equivalent of Moore’s Law is known as the “Carlson curve.” The past two decades have seen the cost of sequencing a human genome fall from over $100 million to under $1,000, a rate nearly three times faster than Moore’s Law.

What the Public Wants, the Public Gets

The second reason the pacing problem is accelerating is that the public wants it to! It is true that many people say they are uneasy with many emerging technologies. When new gadgets and services first gain attention, a “technopanic” attitude often ensues. That is unsurprising because, as others have noted, “fear has gone hand in hand with technological advancements throughout history.”

But societal attitudes toward technological change often shift rapidly. They do so even faster today as citizens quickly assimilate new tools into their daily lives and then expect that even more and better tools will be delivered tomorrow. As more people begin to realize how new technologies improve our lives in meaningful ways, it becomes extremely hard for policymakers to take those innovations away or even tell us not to expect better ones. This relationship between technological change and societal expectations acts as an extraordinarily powerful check on the ability of regulators to “roll back the clock” on innovative activities.

Broken Government Exacerbates the Problem

Finally, the pacing problem is becoming more acute because “demosclerosis” and “kludgeocracy” have taken hold within American government. Jonathan Rauch coined the term demosclerosis in his 1999 book Government’s End: Why Washington Stopped Working to describe “government’s progressive loss of the ability to adapt.” “[A]s layer is dropped upon layer,” he argued, “the accumulated mass becomes gradually less rational and less flexible.”

Instead of cleaning up old legalistic messes and adapting to the times, government solutions are more often clumsily cobbled together to patch past problems and create temporary solutions. Steven Teles refers to this as kludgeocracy. “The complexity and incoherence of our government often make it difficult for us to understand just what that government is doing,” Teles says. Kludgeocracy creates serious costs for individual citizens, governments themselves, and to our democratic systems more generally, he argues. Taken together, demosclerosis and kludgeocracy breed highly dysfunctional governments and make it even easier for the pacing problem to speed ahead.

Can Policymakers Adapt?

Regulators are not oblivious to the challenges posed by the pacing problem. “I have said more than once that innovation moves at the speed of imagination and that government has traditionally moved at, well, the speed of government,” remarked Michael Heurta, head of the Federal Aviation Administration, in a 2016 speech regarding drones. Shortly after Huerta made those comments, the Department of Transportation released a report on the regulation of driverless car technology which noted that “The speed with which [driverless cars] are advancing, combined with the complexity and novelty of these innovations, threatens to outpace the Agency’s conventional regulatory processes and capabilities.”

Food and Drug Administration (FDA) regulators have increasingly referenced the pacing problem when discussing the challenge of keeping up with new medical innovations.  The New York Times recently asked Dr. Peter Marks, director of the FDA’s Center for Biologics Evaluation and Research, how the agency planned to deal with hundreds of “rogue” stem cell treatment clinics. “There are hundreds and hundreds of these clinics,” he said. “We simply don’t have the bandwidth to go after all of them at once.”

The pacing problem has even crept into antitrust enforcement. The US Department of Justice (DOJ) sought to break up Microsoft in the late 1990s, but as the legal proceedings dragged on through the early 2000’s, the market moved and made the DOJ’s case moot. Google Chrome and Mozilla Firefox emerged as legitimate competitors to Microsoft’s Internet Explorer without regulatory remedy. In the end, Microsoft reached a settlement with the DOJ that fell far short of the government’s original ambitions to bust up the firm, all because the market moved at a pace much faster than the regulator’s pace. More recent antitrust action in the US and EU also suffer from the pacing problem. Multi-year antitrust investigations reach conclusions that don’t reflect market trends in the intervening years and offer remedies that may be “too little, too late,” especially in the information technology sector.

Is the Pacing Problem Really the Pacing Benefit?

What should policymakers do in light of these new challenges? The extremes will not work. Lawmakers or regulators cannot simply double-down on the lethargic and unwieldy technocratic regulatory schemes of the past. Command-and-control tactics are not going to be effective in an age when technology evolves in a quicksilver fashion. In a world where “innovation arbitrage” is easier than ever, repressive crackdowns on new tech will often backfire. Evasive entrepreneurs will often move to those jurisdictions where their innovative acts are treated more hospitably. That, too, exacerbates the pacing problem.

From the perspective of many innovation advocates, this will make it seem like the pacing problem is more like the pacing  benefit. Generally speaking, that intuition is sound. Innovation is the fundamental driver of human betterment. We need more “moonshots”—“radical but feasible solutions to important problems”—to ensure that current and future generations enjoy more choices, greater mobility, increased wealth, better health, and longer lifespans. We don’t want archaic regulatory schemes and regimes holding that back.

Constructive Solutions

But policymakers will not abandon oversight of emerging technologies altogether, nor should we want them to. The potential harms associated with some new technologies could be significant enough that a certain degree of regulatory oversight will be required. But the pacing problem means the old, inflexible, top-down approaches will need to be discarded and that the administrative state itself must become more entrepreneurial.

In a forthcoming law review article entitled, “Soft Law for Hard Problems: The Governance of Emerging Technologies in an Uncertain Future,” Jennifer Skees, Ryan Hagemann, and I discuss how “soft law” mechanisms—multi-stakeholder processes, industry best practices and standards, workshops, agency guidance, and more—can help fill the governance gap as the pacing problem accelerates. Many agencies are already tapping soft law tools to help guide the development of new technologies such as driverless cars, drones, the Internet of Things, mobile medical applications, artificial intelligence, and others. In fact, we argue that soft law has already become the dominant form of technological governance for emerging tech in the US.

Critics might decry soft law as either being too lax (and open to private abuse) or too informal (and open to government abuse), but the pacing problem makes both arguments increasingly irrelevant. We need a new governance vision for the technological age. Our new governance systems must be more flexible and adaptive than the heavy-handed regulatory regimes that preceded them.

___________________

Related Reading

• Adam Thierer, “Evasive Entrepreneurialism and Technological Civil Disobedience: Basic Definitions,” The Bridge, July 20, 2018.
• Adam Thierer, “Making the World Safe for More Moonshots,” The Bridge, February 5, 2018.
• Jennifer Skees, “Do You Need a License to Innovate?” The Bridge, June 29, 2018,
• Andrea O’Sullivan & Adam Thierer, “3D Printers, Evasive Entrepreneurs and the Future of Tech Regulation,” The Bridge, August 1, 2018.
• Adam Thierer, “Does “Permissionless Innovation” Even Mean Anything?” Technology Liberation Front, May 18, 2017.
• Adam Thierer, “Wendell Wallach on the Challenge of Engineering Better Technology Ethics,” Technology Liberation Front,  April 20, 2016,

On Thursday, it was my great pleasure to participate in a Washington Legal Foundation (WLF) event on “Online Privacy Regulation: The Challenge of Defining Harm.” The entire event video can be found on YouTube here, but down below I pasted the clip of just my remarks. Other speakers at the event included:  FTC Commissioner Maureen K. Ohlhausen, Commissioner; John B. Morris, Jr., the Associate Administrator and Director of Internet Policy athe U.S. Department of Commerce’s National Telecommunications and Information Administration; and Katherine Armstrong, Counsel at the law firm of Hogan Lovells. Glenn Lammi of the WLF moderated the session.

My remarks drew upon a few recent law review articles I have published relating digital privacy debates to previous debates over free speech and online child safety issues. (Here are those articles: 1, 2, 3).

If there are two general principles that unify my recent work on technology policy and innovation issues, they would be as follows. To the maximum extent possible:

1. We should avoid preemptive and precautionary-based regulatory regimes for new innovation. Instead, our policy default should be innovation allowed (or “permissionless innovation”) and innovators should be considered “innocent until proven guilty” (unless, that is, a thorough benefit-cost analysis has been conducted that documents the clear need for immediate preemptive restraints).
2. We should avoid rigid, “top-down” technology-specific or sector-specific regulatory regimes and/or regulatory agencies and instead opt for a broader array of more flexible, “bottom-up” solutions (education, empowerment, social norms, self-regulation, public pressure, etc.) as well as reliance on existing legal systems and standards (torts, product liability, contracts, property rights, etc.).

I was very interested, therefore, to come across two new essays that make opposing arguments and proposals. The first is this recent Slate oped by John Frank Weaver, “We Need to Pass Legislation on Artificial Intelligence Early and Often.” The second is Ryan Calo’s new Brookings Institution white paper, “The Case for a Federal Robotics Commission.”

Weaver argues that new robot technology “is going to develop fast, almost certainly faster than we can legislate it. That’s why we need to get ahead of it now.” In order to preemptively address concerns about new technologies such as driverless cars or commercial drones, “we need to legislate early and often,” Weaver says. Stated differently, Weaver is proposing “precautionary principle”-based regulation of these technologies. The precautionary principle generally refers to the belief that new innovations should be curtailed or disallowed until their developers can prove that they will not cause any harms to individuals, groups, specific entities, cultural norms, or various existing laws, norms, or traditions.

Calo argues that we need “the establishment of a new federal agency to deal with the novel experiences and harms robotics enables” since there exists “distinct but related challenges that would benefit from being examined and treated together.” These issues, he says, “require special expertise to understand and may require investment and coordination to thrive.

I’ll address both Weaver and Calo’s proposals in turn.

Problems with Precautionary Regulation

Let’s begin with Weaver proposed approach to regulating robotics and autonomous systems.

What Weaver seems to ignore—and which I discuss at greater length in my latest book—is that “precautionary” policy-making typically results in technological stasis and lost opportunities for economic and social progress. As I noted in my book, if we spend all our time living in constant fear of worst-case scenarios—and premising public policy upon such fears—it means that best-case scenarios will never come about. Wisdom and progress are born from experience, including experiences that involve risk and the possibility of occasional mistakes and failures. As the old adage goes, “nothing ventured, nothing gained.”

More concretely, the problem with “permissioning” innovation is that traditional regulatory policies and systems tend to be overly-rigid, bureaucratic, costly, and slow to adapt to new realities. Precautionary-based policies and regulatory systems focus on preemptive remedies that aim to predict the future, and future hypothetical problems that may not ever come about. As a result, preemptive bans or highly restrictive regulatory prescriptions can limit innovations that yield new and better ways of doing things.

Weaver doesn’t bother addressing these issues. He instead advocates regulating “early and often” without stopping to think through the potential costs of doing so. Yet, all regulation has trade-offs and opportunity costs. Before we rush to adopt rules based on knee-jerk negative reactions to new technology, we should conduct comprehensive benefit-cost analysis of the proposals and think carefully about what alternative approaches exist to address whatever problems we have identified.

Incidentally, Weaver also does not acknowledge the contradiction inherent in his thinking when he says robotic technology “is going to develop fast, almost certainly faster than we can legislate it. That’s why we need to get ahead of it now.” Well, if robotic technology is truly developing “faster than we can legislate it,” then “getting out ahead of it” would be seemingly impossible! Unless, that is, he envisions regulating robotic technologies so stringently as to effectively bring new innovation to a grinding halt (or banning altogether).

To be clear, my criticisms should not be read to suggest that zero regulation is the best option. There are plenty of thorny issues that deserve serious policy consideration and perhaps even some preemptive rules. But how potential harms are addressed matters deeply. We should exhaust all other potential nonregulatory remedies first — education, empowerment, transparency, etc. — before resorting to preemptive controls on new forms of innovation. In other words, ex post (or after the fact) solutions should generally trump ex ante (preemptive) controls.

I’ll say more on this point in the conclusion since my response addresses general failings in Ryan Calo’s Federal Robotics Commission proposal, to which we now turn.

Problems with a Federal Robotics Commission

Moving on to Calo, it is important to clarify what he is proposing because he is careful not to overstate his case in favor of a new agency for robotics. He elaborates as follows:

“The institution I have in mind would not “regulate” robotics in the sense of fashioning rules regarding their use, at least not in any initial incarnation. Rather, the agency would advise on issues at all levels—state and federal, domestic and foreign, civil and criminal—that touch upon the unique aspects of robotics and artificial intelligence and the novel human experiences these technologies generate. The alternative, I fear, is that we will continue to address robotics policy questions piecemeal, perhaps indefinitely, with increasingly poor outcomes and slow accrual of knowledge. Meanwhile, other nations that are investing more heavily in robotics and, specifically, in developing a legal and policy infrastructure for emerging technology, will leapfrog the U.S. in innovation for the first time since the creation of steam power.”

Here are some of my concerns with Calo’s proposed Federal Robotics Commission.

Will It Really Just Be an Advisory Body?

First, Calo claims he doesn’t want a formal regulatory agency, but something more akin to a super-advisory body. He does, however, sneak in that disclaimer that he doesn’t envision it to be regulatory “at least not in any initial incarnation.” Perhaps, then, he is suggesting that more formal regulatory controls would be in the cards down the road. It remains unclear.

Regardless, I think it is a bit disingenuous to propose the formation of a new governmental body like this and pretend that it will not someday very soon come to possess sweeping regulatory powers over these technologies. Now, you may well feel that that is a good thing. But I fear that Calo is playing a bit of game here by asking the reader to imagine his new creation would merely stick to an advisory role.

Regulatory creep is real. There just aren’t too many examples of agencies being created solely for their advisory expertise and then not also getting into the business of regulating the technology or topic that is included in that agency’s name. And in light of some of Calo’s past writing and advocacy, I can’t help but think he is actually hoping that the agency comes to take on a greater regulatory role over time. Regardless, I think we can bank on that happening and I that there are reasons to worry about it for reasons noted above and which I will elaborate on below.

Incidentally, if Calo is really more interested in furthering just this expert advisory capacity, there are plenty of other entities (including non-governmental bodies) that could play that role. How about the National Science Foundation, for example? Or how about a multi-stakeholder body consisting of many different experts and institutions? I could go on, but you get the point. A single point of action is also a single point of failure. I don’t want just one big robotics bureaucracy making policy or even advising. I’d prefer a more decentralized approach, and one that doesn’t carry a (potential) big regulatory club in its hand.

Public Choice / Regulatory Capture Problems

Second, Calo underestimates the public choice problems of creating a sector-specific or technology-specific agency just for robotics. To his credit, he does admit that, “agencies have their problems, of course. They can be inefficient and are subject to capture by those they regulate or other special interests.” He also notes he has criticized other agencies for various failings. But he does not say anything more on this point.

Let’s be clear. There exists a long and lamentable history of sector-specific regulators being “captured” by the entities they regulate. To read the ugly reality, see my compendium, “Regulatory Capture: What the Experts Have Found.” That piece documents what leading academics of all political stripes have had to say about this problem over the past century. No one ever summarized the nature and gravity of this problem better than the great Alfred Kahn in his masterpiece, The Economics of Regulation: Principles and Institutions (1971):

“When a commission is responsible for the performance of an industry, it is under never completely escapable pressure to protect the health of the companies it regulates, to assure a desirable performance by relying on those monopolistic chosen instruments and its own controls rather than on the unplanned and unplannable forces of competition. [. . . ] Responsible for the continued provision and improvement of service, [the regulatory commission] comes increasingly and understandably to identify the interest of the public with that of the existing companies on whom it must rely to deliver goods.” (pgs. 12, 46)

The history of the Federal Communications Commission (FCC) is highly instructive in this regard and was documented in a 66-page law review article I penned with Brent Skorup entitled, “A History of Cronyism and Capture in the Information Technology Sector,” (Journal of Technology Law & Policy, Vol. 18, 2013). Again, it doesn’t make for pleasant reading. Time and time again, instead of serving the “public interest,” the FCC served private interests. The entire history of video marketplace regulation is one of the most sickening examples to consider since there have almost eight decades worth of case studies of the broadcast industry using regulation as a club to beat back new entry, competition, and innovation. [Skorup and I have another paper discussing that specific history and how to go about reversing it.] This history is important because, in the early days of the Commission, many proponents thought the FCC would be exactly the sort of “expert” independent agency that Calo envisions his Federal Robotics Commission would be. Needless to say, things did not turn out so well.

But the FCC isn’t the only guilty offender in this regard. Go read the history about how airlines so effectively cartelized their industry following World War II with the help of the Civil Aeronautics Board. Thankfully, President Jimmy Carter appointed Alfred Kahn to clean things up in the 1970s. Kahn, a life-long Democrat, came to realize that the problem of capture was so insidious and inescapable that abolition of the agency was the only realistic solution to make sure consumer welfare would improve. As a result, he and various other Democrats in the Carter Administration and in Congress worked together to sunset the agency and its hideously protectionist, anti-consumer policies. (Also, please read this amazing 1973 law review article on “Economic Regulation vs. Competition,” by Mark Green and Ralph Nader if you need even more proof of why this is a such a problem.)

In other words, the problem of regulatory capture is not something one can casually dismiss. The problem is still very real and deserves more consideration before we casually propose creating new agencies, even “advisory” agencies. At a minimum, when proposing new agencies, you need to get serious about what sort of institutional constraints you might consider putting in place to make sure that history does not repeat itself. Because if you don’t, various large, well-heeled, and politically-connected robotics companies could come to capture any new “Federal Robotics Commission” in very short order.

Can We Clean Up Old Messes Before Building More Bureaucracies?

Third, speaking of agencies, if it is the case that the alphabet soup collection of regulatory agencies we already have in place are not capable of handling “robotics policy” right now, can we talk about reforming them (or perhaps even getting rid of a few of them) first? Why must we just pile yet another sector-specific or technology-specific regulator on top of the many that already exist? That’s just a recipe for more red tape and potential regulatory capture. Unless you believe there is value in creating bureaucracy for the sake of creating bureaucracy, there is no excuse for not phasing out agencies that failed in their original mission, or whose mission is now obsolete, for whatever reason. This is a fundamental “good government” issue that politicians and academics of all stripes should agree on.

Calo indirectly addresses this point by noting that “we have agencies devoted to technologies already and it would be odd and anomalous to think we are done creating them.” Curiously, however, he spends no time talking about those agencies or asking whether they have done a good job. Again, the heart of Calo’s argument comes down the assertion that another specialized, technology-specific “expert” agency is needed because there are “novel” issues associated with robotics. Well, if it is true, as Calo suggests, that we have been down this path before (and we have), and if you believe our economy or society has been made better off for it, then you need to prove it. Because the objection to creating another regulatory bureaucracy is not simply based on distaste for Big Government; it comes down to the simple questions: (1) Do these things work; and (2) Is there a better alternative?

This is where Calo’s proposal falls short. There is no effort to prove that technocratic or “scientific” bureaucracies, on net, are worth their expense (to taxpayers) or cost (to society, innovation, etc.) when compared to alternatives. Of course, I suspect this is where Calo and I might part ways regarding what metrics we would use to gauge success. I’ll save that discussion for another day and shift to what I regard as the far more serious deficiency of Calo’s proposal.

Do We Become Global Innovation Leaders Through Bureaucratic Direction?

Fourth, and most importantly, Calo does not offer any evidence to prove his contention that we need a sector-specific or technology-specific agency for robotics in order to develop or maintain America’s competitive edge in this field. Moreover, he does not acknowledge how his proposal might have the exact opposite result. Let me spend some time on this point because this is what I find most problematic about his proposal.

In his latest Brookings essay and his earlier writing about robotics, Calo keeps suggesting that we need a specialized federal agency for robotics to avoid “poor outcomes” due to the lack of “a legal and policy infrastructure for emerging technology.” He even warns us that other countries who are looking into robotics policy and regulation more seriously “will leapfrog the U.S. in innovation for the first time since the creation of steam power.”

Well, on that point, I must ask: Did America need a Federal Steam Agency to become a leader in that field? Because unless I missed something in history class, steam power developed fairly rapidly in this country without any centralized bureaucratic direction. Or how about a more recent example: Did America need a Federal Computer Commission or Federal Internet Commission to obtain or maintain a global edge in computing, the Internet, or the Digital Economy?

To the contrary, we took the EXACT OPPOSITE approach. It’s not just that no new agencies were formed to guide the development of computing or the Internet in this country. It’s that our government made a clear policy choice to break with the past by rejecting top-down, command-and-control regulation by unelected bureaucrats in some shadowy Beltway agency.

Incidentally, it was Democrats who accomplished this. While many Republicans today love to crack wise-ass comments about Al Gore and the Internet while simultaneously imagining themselves to be the great defenders of Internet freedom, the reality is that we have the Clinton Administration and one its most liberal members—Ira Magaziner—to thank for the most blessedly “light-touch,” market-oriented innovation policy that the world has ever seen.

What did Magaziner and the Clinton Administration do? They crafted the amazing 1997 Framework for Global Electronic Commerce, a statement of the Administration’s principles and policy objectives toward the Internet and the emerging digital economy. It recommended reliance upon civil society, contractual negotiations, voluntary agreements, and ongoing marketplace experiments to solve information age problems. First, “the private sector should lead. The Internet should develop as a market driven arena not a regulated industry,” the Framework recommended. “Even where collective action is necessary, governments should encourage industry self-regulation and private sector leadership where possible.” Second, “governments should avoid undue restrictions on electronic commerce” and “parties should be able to enter into legitimate agreements to buy and sell products and services across the Internet with minimal government involvement or intervention.”

I’ve argued elsewhere that the Clinton Administration’s Framework, “remains the most succinct articulation of a pro-freedom, innovation-oriented vision for cyberspace ever penned.” Of course, this followed the Administration’s earlier move to allow the full commercialization of the Internet, which was even more important. The policy disposition they established with these decisions resulted in an unambiguous green light for a rising generation of creative minds who were eager to explore this new frontier for commerce and communications. And to reiterate,they did it without any new bureaucracy.

If You Regulate “Robotics,” You End Up Regulating Computing & Networking

Incidentally, I do not see how we could create a new Federal Robotics Commission without it also becoming a de facto Federal Computing Commission. Robotics and the many technologies and industries it already includes — driverless cars, commercial drones, Internet of Things, etc. — is becoming a hot policy topic, and proposals for regulation are already flying. These robotic technologies are developing on top of the building blocks of the Information Revolution: microprocessors, wireless networks, sensors, “big data,” etc.

Thus, I share Cory Doctorow’s skepticism about how one could logically separate “robotics” from these other technologies and sectors for regulatory purposes:

I am skeptical that “robot law” can be effectively separated from software law in general. … For the life of me, I can’t figure out a legal principle that would apply to the robot that wouldn’t be useful for the computer (and vice versa).

In his Brookings paper, Calo responded to Doctorow’s concern as follows:

the difference between a computer and a robot has largely to do with the latter’s embodiment. Robots do not just sense, process, and relay data. Robots are organized to act upon the world physically, or at least directly. This turns out to have strong repercussions at law, and to pose unique challenges to law and to legal institutions that computers and the Internet did not.

I find this fairly unconvincing. Just because robotic technologies have a physical embodiment does not mean their impact on society is all that more profound than computing, the Internet, and digital technologies. Consider all the hand-wringing going on today in cybersecurity circles about how hacking, malware, or various other types of digital attacks could take down entire systems or economies. I’m not saying I buy all that “technopanic” talk (and here are about three dozens of my essays arguing the contrary), but the theoretical ramifications are nonetheless on par with dystopian scenarios about robotics.

The Alternative Approach

Of course, it certainly may be the case that some worst-case scenarios are worth worrying about in both cases—for robotics and computing, that is. Still, is a Federal Robotics Commission or a Federal Computing Commission really the sensible way to address those issues?

To the contrary, this is why we have a Legislative Branch! So many of the problems of our modern era of dysfunctional government are rooted in an unwise delegation of authority to administrative agencies. Far too often, congressional lawmakers delegate broad, ambiguous authority to agencies instead of facing up to the hard issues themselves. This results in waste, bloat, inefficiencies, and an endless passing of the buck.

There may very well be some serious issues raised by robotics and AI that we cannot ignore, and which may even require a little preemptive, precautionary policy. And the same goes for general computing and the Internet. But that is not a good reason to just create new bureaucracies in the hope that some set of mythical technocratic philosopher kings will ride in to save the day with their supposed greater “expertise” about these matters. Either you believe in democracy or you don’t. Running around calling for agencies and unelected bureaucrats to make all the hard choices means that “the people” have even less of a say in these matters.

Moreover, there are many other methods of dealing with robotics and the potential problems robotics might create than through the creation of new bureaucracy. The common law already handles many of the problems that both Calo and Weaver are worried about. To the extent robotic systems are involved in accidents that harm individuals or their property, product liability law will kick in.

On this point, I strongly recommend another new Brookings publication. John Villasenor’s outstanding April white paper, “Products Liability and Driverless Cars: Issues and Guiding Principles for Legislation,” correctly argues that,

“when confronted with new, often complex, questions involving products liability, courts have generally gotten things right. … Products liability law has been highly adaptive to the many new technologies that have emerged in recent decades, and it will be quite capable of adapting to emerging autonomous vehicle technologies as the need arises.”

Thus, instead of trying to micro-manage the development of robotic technologies in an attempt to plan for every hypothetical risk scenario, policymakers should be patient while the common law evolves and liability norms adjust. Traditionally, the common law has dealt with products liability and accident compensation in an evolutionary way through a variety of mechanisms, including strict liability, negligence, design defects law, failure to warn, breach of warranty, and so on. There is no reason to think the common law will not adapt to new technological realities, including robotic technologies. (I address these and other “bottom-up” solutions in my new book.)

In the meantime, let’s exercise some humility and restraint here and avoid heavy-handed precautionary regulatory regimes or the creation of new technocratic bureaucracies. And let’s not forget that many solutions to the problems created by new robotic technologies will develop spontaneously and organically over time as individuals and institutions learn to cope and “muddle through,” as they have many times before.

Additional Reading

• Permissionless Innovation: The Continuing Case for Comprehensive Technological Freedom (2014)
• Muddling Through: How We Learn to Cope with Technological Change, June 30, 2014
• New Paper: “Removing Roadblocks to Intelligent Vehicles and Driverless Cars,” September 17, 2014
• Slide Presentation: Policy Issues Surrounding the Internet of Things & Wearable Technology, September 12, 2014
• [Video] Cap Hill Briefing on Emerging Tech Policy Issues (June 2014)
• The Growing Conflict of Visions over the Internet of Things & Privacy, January 14, 2012
• Can We Adapt to the Internet of Things? IAPP Privacy Perspectives, June 19, 2013
• My Filing to the FTC in its ‘Internet of Things’ Proceeding, May 31, 2013

My latest law review article is entitled, “Privacy Law’s Precautionary Principle Problem,” and it appears in Vol. 66, No. 2 of the Maine Law Review. You can download the article on my Mercatus Center page, on the Maine Law Review website, or via SSRN. Here’s the abstract for the article:

Privacy law today faces two interrelated problems. The first is an information control problem. Like so many other fields of modern cyberlaw—intellectual property, online safety, cybersecurity, etc.—privacy law is being challenged by intractable Information Age realities. Specifically, it is easier than ever before for information to circulate freely and harder than ever to bottle it up once it is released.

This has not slowed efforts to fashion new rules aimed at bottling up those information flows. If anything, the pace of privacy-related regulatory proposals has been steadily increasing in recent years even as these information control challenges multiply.

This has led to privacy law’s second major problem: the precautionary principle problem. The precautionary principle generally holds that new innovations should be curbed or even forbidden until they are proven safe. Fashioning privacy rules based on precautionary principle reasoning necessitates prophylactic regulation that makes new forms of digital innovation guilty until proven innocent.

This puts privacy law on a collision course with the general freedom to innovate that has thus far powered the Internet revolution, and privacy law threatens to limit innovations consumers have come to expect or even raise prices for services consumers currently receive free of charge. As a result, even if new regulations are pursued or imposed, there will likely be formidable push-back not just from affected industries but also from their consumers.

In light of both these information control and precautionary principle problems, new approaches to privacy protection are necessary. We need to invert the process of how we go about protecting privacy by focusing more on practical “bottom-up” solutions—education, empowerment, public and media pressure, social norms and etiquette, industry self-regulation and best practices, and an enhanced role for privacy professionals within organizations—instead of “top-down” legalistic solutions and regulatory techno-fixes. Resources expended on top-down regulatory pursuits should instead be put into bottom-up efforts to help citizens better prepare for an uncertain future.

In this regard, policymakers can draw important lessons from the debate over how best to protect children from objectionable online content. In a sense, there is nothing new under the sun; the current debate over privacy protection has many parallels with earlier debates about how best to protect online child safety. Most notably, just as top-down regulatory constraints came to be viewed as constitutionally-suspect and economically inefficient, and also highly unlikely to even be workable in the long-run for protecting online child safety, the same will likely be true for most privacy related regulatory enactments.

This article sketches out some general lessons from those online safety debates and discusses their implications for privacy policy going forward.

Read the full article here [PDF].

Related Material:

• Book: Permissionless Innovation: The Continuing Case for Comprehensive Technological Freedom
• Law review article: “The Pursuit of Privacy in a World Where Information Control Is Failing,” Harvard Journal of Law & Public Policy, 36 (2013): 409–55.
• Law review article: “A Framework for Benefit-Cost Analysis in Digital Privacy Debates,” George Mason University Law Review, 20, no. 4 (Summer 2013): 1055–105.
• Law review article: “Technopanics, Threat Inflation, and the Danger of an Information Technology Precautionary Principle,” Minnesota Journal of Law, Science & Technology, 14 (2013): 309–86.

Adam Thierer – Privacy Law’s Precautionary Problem (Maine Law Review, 2014) by Adam Thierer

Defining “privacy” is a legal and philosophical nightmare. Few concepts engender more definitional controversies and catfights. As someone who is passionate about his own personal privacy — but also highly skeptical of top-down governmental attempts to regulate and/or protect it — I continue to be captivated by the intellectual wrangling that has taken place over the definition of privacy. Here are some thoughts from a wide variety of scholars that make it clear just how frustrating this endeavor can be:

• “Perhaps the most striking thing about the right to privacy is that nobody seems to have any very clear idea what it is.” – Judith Jarvis Thomson, “The Right to Privacy,” in Philosophical Dimensions of Privacy: An Anthology, 272, 272 (Ferdinand David Schoeman ed., 1984).
• privacy is “exasperatingly vague and evanescent.” – Arthur Miller, The Assault on Privacy: Computers, Data Banks, and Dossiers, 25 (1971).
• “[T]he concept of privacy is infected with pernicious ambiguities.” – Hyman Gross,  The Concept of Privacy, 42 N.Y.U. L. REV. 34, 35 (1967).
• “Attempts to define the concept of ‘privacy’ have generally not met with any success.” – Colin Bennett, Regulating Privacy: Data Protection and Public Policy In Europe and the United States,  25 (1992).
• “When it comes to privacy, there are many inductive rules, but very few universally accepted axioms.” – David Brin, The Transparent Society: Will Technology Force Us To Choose Between Privacy and Freedom? 77 (1998).
• “Privacy is a value so complex, so entangled in competing and contradictory dimensions, so engorged with various and distinct meanings, that I sometimes despair whether it can be usefully addressed at all.” – Robert C. Post, Three Concepts of Privacy, 89 GEO. L.J. 2087, 2087 (2001).
• “[privacy] can mean almost anything to anybody.” – Fred H. Cate & Robert Litan, Constitutional Issues in Information Privacy, 9 Mich. Telecomm. & Tech. L. Rev. 35, 37 (2002).
• privacy has long been a “conceptual jungle” and a “concept in disarray.” “[T]he attempt to locate the ‘essential’ or ‘core’ characteristics of privacy has led to failure.” – Daniel J. Solove, Understanding Privacy 196, 8 (2008).
• “Privacy has really ceased to be helpful as a term to guide policy in the United States.” – Woodrow Hartzog, quoted in Cord Jefferson, Spies Like Us: We’re All Big Brother Now, Gizmodo, Sept. 27, 2012.
• “for most consumers and policymakers, privacy is not a rational topic. It’s a visceral subject, one on which logical arguments are largely wasted.” – Larry Downes,  A Rational Response to the Privacy “Crisis,” Cato Institute, Policy Analysis No. 716 (Jan. 7, 2013), at 6.

In my new Harvard Journal of Law & Public Policy article, “The Pursuit of Privacy in a World Where Information Control is Failing” I build on these insights to argue that:

1. precisely because privacy has always been a highly subjective philosophical concept;
2. and is also a constantly morphing notion that evolves as societal attitudes adjust to new cultural and technological realities;
3. America may never be able to achieve a coherent fixed definition of the term or determine when it constitutes a formal right outside of some narrow contexts.

That doesn’t mean the privacy isn’t profoundly important to many of us, but privacy is, first and foremost, an exercise of personal determination and personal responsibility. To some extent, we have to make our own privacy in this world. In this sense, we can liken it to our right to pursue happiness. Here’s how I put it in Part I of my Harvard JLPP article:

Even if agreement over the scope of privacy rights proves elusive, however, everyone would likely agree that citizens have the right to pursue privacy. In this sense, we might think about the pursuit of privacy the same way we think about the pursuit of happiness. Recall the memorable line from America’s Declaration of Independence: “We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness.” Consider the importance of that qualifying phrase—“and the pursuit of”—before the mention of the normative value of happiness. America’s Founders obviously felt happiness was an important value, but they did not elevate it to a formal positive right alongside life, liberty, physical property, or even freedom of speech.

This framework provides a useful way of thinking about privacy. Even if we cannot agree whether we have a right to privacy, or what the scope of any particular privacy right should be, the right to pursue it should be as uncontroversial as the right to pursue happiness. In fact, pursing privacy is probably an important element of achieving happiness for most citizens. Almost everyone needs some time and space to be free with their own thoughts or to control personal information or secrets that they value. But that does not make it any easier to define the nature of privacy as a formal legal right, or any easier to enforce it, even if a satisfactory conception of privacy could be crafted to suit every context.

The most stable and widely accepted privacy rights in the United States have long been those that are tethered to unambiguous tangible or physical rights, such as rights in body and property, especially the sanctity of the home. Moreover, these rights have been focused on limiting the power of state actors, not private parties. By contrast, privacy claims premised on intangible or psychological harms have found far less support, and those claims have been particularly limited for private actors relative to the government. All this will likely remain the case for online privacy. Importantly, if privacy is enshrined as a positive right even in narrowly drawn contexts, it imposes obligations on the government to secure that right. These obligations create corresponding commitments and costs that must be taken into account since government regulation always entails tradeoffs.

Therefore, even as America struggles to reach political consensus over the scope of privacy rights in the information age, it makes sense to find methods and mechanisms—most of which will lie outside of the law—that can help citizens cope with social and technological changes that affect their privacy. Part III will outline some of the ways citizens can pursue and achieve greater personal privacy.

I fully realize that this way of thinking about privacy leaves many challenging questions at the margin and I also understand how it will be unsatisfactory to those who view privacy as a “dignity right” that trumps all other values and considerations. But, to reiterate, what I am suggesting here is that we will likely never be able to achieve a coherent fixed definition of the term or determine when it constitutes a formal right outside of some narrow contexts (such as for sensitive health or financial information, where the potential harms of collection, sharing, and use are more tangible).  The primary reason for this is that privacy primary comes down to assertions about “harms” that are primarily psychological in character. But precisely because such asserted harms (1) lack a tangible/physical/monetary nature and (2) also can come into conflict with other liberty rights (especially the right to freely gather information and speak about it; i.e., First Amendment rights), it makes it more difficult to classify psychological “harms” as harms at all.

I feel the same way about concepts like “safety” and “security.” Who among us doubts these values and goals are important? As the father of two young digital natives, I am living a constant struggle to mentor my kids and ensure they have safe and healthy online interactions. But that doesn’t mean I think anyone in this world — including my own children — has an amorphous “right to safety.” What they do have a right to is not to be harmed by others in their online interactions. Where things become sticky, however, is when some child safety advocates adopt an extremely expansive view of what constitutes “harm” in this context and suggest that hearing a single dirty word or seeing a fleeting dirty image somehow irrevocably “harms” their mental well-being and development, or perhaps just their personal morality. (I have written about this here in dozens of essays through the years such as this one on “The Problem of Proportionality in Debates about Online Privacy and Child Safety” as well in longer papers, such as my recent law review article about, “Technopanics, Threat Inflation, and the Danger of an Information Technology Precautionary Principle.”)

While I appreciate the diverse beliefs and values that drives sensitivities about potentially objectionable online content, it is an entirely different matter when one claims “rights” and actionable “harms” in this context. It means that politics will essentially answer what are fundamentally deeply personal “eye of the beholder” questions. It is better, I believe to educate and empower citizens about safe and sensible online interactions and then let them determine what works best for them. Again, whether we are talking about safety or privacy, this model relies upon a certain amount of personal (and parental) responsibility.

To be sure, real harms exist and, at times, law will need to be brought in to right certain wrongs. For example, in the online safety context I favor strong penalties for anyone attempting predatory behavior or extreme forms of incessant harassment. In the privacy context, we’ll still need laws to deal with identity/data theft and certain uses of highly sensitive health and financial information. Outside of those narrow contexts, however, it is better to let people define their own online experiences free of top-down, one-size-fits-all regulatory enactments that attempt to make those determinations for all of us. To reiterate, we all have the right to pursue the objectives we care about–safety, privacy, or just happiness more generally–according to our own value systems. But we should be careful about elevating such amorphous concepts to the level of “rights” and then expecting the State to enforce one set of values and choices on a diverse citizenry.

The Pursuit of Privacy in a World Where Information Control is Failing

Jim Adler, Chief Privacy Officer and General Manager of Data Systems at Intelius, always has interesting and thoughtful things to say about online privacy debates. I recommend following him on Twitter (@jim_adler). Today, he posted an interesting essay on his blog entitled “Creepy Is As Creepy Does, which begins by noting that “with increasing volume, ‘creepy’ has snuck its way in to the privacy lexicon and become a mainstay in conversations around online sharing and social networking. How is it possible that we use the same word to describe Frankenstein and Facebook?” Good question. Better question: Why is “creepiness” the standard by which we are judging privacy matters? I posted a comment to his blog post elaborating on that point that I thought I would also post here:

I think we’d be better served by moving privacy deliberations — at least the legal ones — away from “creepiness” and toward a serious discussion about what constitutes actual harm in these contexts.  While there will be plenty of subjective squabbles over the definition of “harm” as it relates to online privacy / reputation, I believe we can be more concrete about it than continuing these silly debates about “creepiness,” which could not possibly be any more open-ended and subjective.

Indeed, when harm is reduced to “creepiness” or even “annoyance,” credible cost-benefit analysis is virtually impossible since the debate becomes entirely about emotional appeals instead of anything empirical / verifiable.  Thus, we are stuck with “gut-level” debates that are not grounded in any substantive theory of rights or economic analysis. Such an amorphous standard for policy analysis or legal / regulatory action leaves much to the imagination and opens the door to creative theories of harm that (a) may not actually represent true harm at all, and (b) could be exploited by those who ignore the complex trade-offs at work when we attempt to regulation of information flows online.  When we get more serious about defining harms, we also think about the possibility that benefits may exist that must be considered alongside possible costs. Viewed in this light, we don’t need to use the term “creepy” with reference to the actions of News of the World; that was flat-out illegal activity with clear harm coming to certain individuals. And there certainly weren’t any benefits associated with NotW’s actions. By contrast, subsequent analysis of the Carrier IQ situation has revealed no clear harm and actually plenty of benefits associated with the service that company provides. Yes, I agree more transparency about this and other data collection schemes can help alleviate whatever “creepiness” concerns are out there in the minds of some. But when actual harm to individuals is the standard of review, it doesn’t seem like there is anything actionable here or even all that much to worry about.

In sum, “creepiness” is crappy standard by which to judge privacy matters when we are discussing policy perspectives / regulatory solutions. Here’s another way to think about it: There are plenty of people we come in contact with in this world that we might describe as “creepy.” But would we also describe all of them as harmful? Unlikely. We’d draw a distinction between creepiness and the potentially harmful nature of various individuals and likely reserve judgment on the latter question until we had more evidence. That’s the same standard we should use for privacy matters when they are elevated to policy concerns.

According to a report today from SAI Business Insider, “The Federal Trade Commission is actively investigating Twitter and the way it deals with the companies building applications and services for its platform.”  Apparently the agency has reached out to some competing application / platform providers to ask questions about Twitter’s recent efforts to exert more control over the uses of its API by third parties. [The Wall Street Journal confirms the FTC’s interest in Twitter.]

It remains to be seen whether this leads to any serious regulatory action against Twitter by the FTC, but such a move wouldn’t necessarily be surprising considering the more activist tilt of the agency recently. It’s even less surprising considering that Columbia University law professor and prolific cyberlaw scholar Tim Wu was appointed as a senior advisor to the FTC earlier this year. When the announcement of Wu’s appointment was made, the Wall Street Journal kicked off an article with the warning, “Silicon Valley has a new fear factor.”  It seems the Journal may have been on to something!

It’s impossible to know how much of an influence Tim Wu is having on the agency, but as I have noted here before, Prof. Wu is man with a healthy appetite for regulatory activism. [See all my essays about Wu’s work here.] Moreover, he’s a man who has already determined that Twitter is a “monopolist” in his November 13, 2010 Wall Street Journal op-ed, “In the Grip of the New Monopolists.”

That essay prompted a fiery response from me [“Tim Wu Redefines Monopoly“] as well as a far more reasoned essay by antitrust gurus Geoff Manne and Josh Wright [“What’s An Internet Monopolist? A Reply to Professor Wu.”] Prof. Wu was kind enough to swing by the TLF and respond to my criticisms in an essay “On the Definition of Monopoly,” which he said served as a “corrective” to my earlier essay [even though I continue to believe that what I said fairly reflected the last four decades of economic wisdom on competition policy and that it is Wu who is well off the reservation with his expansionist views of antitrust enforcement].

Regardless of what one thinks about that exchange, if the FTC is moving forward with a case against Twitter, three practical questions need to be considered: (1) What’s the relevant market? (2) Where’s the harm? and (3) What’s the remedy?

I’ll briefly discuss each question below but should also mention that I already explored many of these issues in my essay,  “A Vision of (Regulatory) Things to Come for Twitter,” so I apologize in advance for the repetition.  I will then discuss all this in the context of Tim Wu’s latest law review article on “Agency Threats” and what he approvingly refers to as regulatory “threat regimes.”

On Market Definition

As I noted in my previous essays, it’s very much unclear how to define the contours of the market Twitter serves. After all, Twitter is only a few years old and it competes with many other forms of communication and information dissemination. For me, Twitter is a partial substitute for blogging, IMs, email, phone calls, RSS feeds, and even radio and television news. Yet, like most others, I continue to use all those other technologies and those technologies continue to pressure Twitter to innovate.

Whatever market it serves, however, Tim Wu is apparently willing to write off that market as already “in the grip” of Twitter. But does Wu really believe that nothing better will come along to compete against Twitter or even replace it entirely?  It reminds me of all the hand-wringing we heard about AOL a decade ago when people predicted its “walled gardens” would someday rule the Internet and IM.  And we all know how that turned out.

If you ask me, this episode again reflects the short-term, static snapshot thinking we all too often see at work in debates over media and technology policy. That is, many cyber-worrywarts are prone to taking snapshots of market activity and suggesting that temporary patterns are permanent disasters requiring immediate correction. Of course, a more dynamic view of progress and competition holds that “market failures” and “code failures” are ultimately better addressed by voluntary, spontaneous, bottom-up responses than by coercive, top-down approaches. [More on that conflict of visions in my book chapter on “The Case for Internet Optimism, Part 2 – Saving the Net From Its Supporters.”]

Regardless, I just don’t see how Wu or the FTC can claim Twitter has monopolized a market that is still so young that we can’t even define it.

On Harm

Even if one accepted Wu’s premise that Twitter was a monopolist, where is the harm? At least in theory, antitrust law is supposed to be about protecting consumer welfare, not competitors. If this whole thing is about UberMedia losing out in some bidding wars for alternative Twitter platforms, well, that’s just pathetic. UberMedia is free to develop or bid on alternative Twitter applications or work with others to develop entirely new services. It’s not like there’s a shortage of them out there.

If the theory is that consumers are being harmed by Twitter exerting more control over its API, I would just remind everyone that (a) we don’t pay a cent for the service that Twitter provides and (b) Twitter is still scrambling to find a way to monetize its service for the long-haul. There are also some legitimate security issues in play here that cut against the claim that what Twitter is doing is anti-consumer.

In sum, it is hard to understand where the harm lies in Twitter taking greater control of its API, and there’s certainly nothing stopping rival innovators from tying to offer a competing service.  140-character text messages aren’t exactly the stuff of traditional “information empires,” as Wu would call them.

On Remedies

Finally, we come to the thorny issue of remedies. I suppose the easiest remedy would be a prohibition on Twitter acquiring any third-party applications provider that currently relies on Twitter’s API. In other words, downstream vertical integration would be forbidden. But there’s about 40 years of antitrust literature explaining why such integration is generally pro-innovation and pro-consumer and shouldn’t be made illegal by antitrust law. Tim Wu may not buy that–and if you’ve read his recent book The Master Switch, you know he absolutely rejects it–but it is standard thinking in the field of industrial organization and antitrust economics today. Most of the economists at the FTC and DOJ could tell him as much.

Another alternative remedy might be Jonathan Zittrain’s “API neutrality” idea, proposed in his 2008 book, The Future of the Internet and How to Stop It. Zittrain suggested that API neutrality–essentially a variant of Net neutrality but for application protocols–might be needed to ensure fair access to certain services or platforms to guarantee that digital “generativity” was not imperiled. On pg. 181 of the book, Zittrain argued that:

“If there is a present worldwide threat to neutrality in the movement of bits, it comes not from restrictions on traditional Internet access that can be evaded using generative PCs, but from enhancements to traditional and emerging appliancized services that are not open to third-party tinkering.”

After engaging in some hand-wringing about “walled gardens” and “mediated experiences,” Zittrain went on to ask: “So when should we consider network neutrality-style mandates for appliancized systems?” He responds to his own question as follows:

“The answer lies in that subset of appliancized systems that seeks to gain the benefits of third-party contributions while reserving the right to exclude it later. … Those who offer open APIs on the Net in an attempt to harness the generative cycle ought to remain application-neutral after their efforts have succeeded, so all those who built on top of their interface can continue to do so on equal terms.” (p. 184)

This might be a fine generic principle, but Zittrain implies that this should be a legal standard to which online providers are held. At one point, he even alludes to the possibility of applying the common law principle of adverse possession more broadly in these contexts. He notes that adverse possession “dictates that people who openly occupy another’s private property without the owner’s explicit objection (or, for that matter, permission) can, after a lengthy period of time, come to legitimately acquire it.” But he doesn’t make it clear when it would be triggered as it pertains to digital platforms or APIs.

Nonetheless, one could imagine it would be one remedy antitrust officials might look to when considering what to do about Twitter exerting greater control over its API. Essentially, Twitter would become the equivalent of a public utility that all would have access to on regulated terms.

As I noted in the first of my many reviews of Zittrain’s book, there are many problems with the logic of API neutrality or the application of adverse possession in these contexts. Here’s my critique of the “API neutrality” notion (again, this is from 2008 so it now sounds a bit dated):

First, most developers who offer open APIs aren’t likely to close them later precisely because they don’t want to incur the wrath of “those who built on top of their interface.” But, second, for the sake of argument, let’s say they did want to abandoned previously open APIs and move to some sort of walled garden. So what? Isn’t that called marketplace experimentation? Are we really going to make that illegal? Finally, if they were so foolish as to engage in such games, it might be the best thing that ever happened to the market and consumers since it could encourage more entry and innovation as people seek out more open, pro-generative alternatives. Consider this example: Now that Apple has opened to door to third-party iPhone development a bit with the SDK, does that mean that under Jonathan’s proposed paradigm we should treat the iPhone as the equivalent of commoditized common carriage device? That seems incredibly misguided to me. If Steve Jobs opens the development door just a little bit only to slam it shut a short time later, he will pay dearly for that mistake in the marketplace. For God’s sake, just spend a few minutes over on the Howard Forums or the PPC Geeks forum if you want to get a taste for the insane amount of tinkering going on out there in the mobile world right now on other systems. If Apple tries to roll back the clock, Microsoft and others will be all too happy to take their business by offering a wealth of devices that allow you to tinker to your heart’s content. We should let such experiments continue and let the future of the Internet be determined by market choices, not regulatory choices such as forced API neutrality.

I think the same critique would apply to efforts to impose API neutrality on Twitter.  Regardless, would such a remedy be imposed through targeted regulatory action, an antitrust consent decree, or perhaps through what Tim Wu calls “agency threats”?

Wu’s “Threat Regime” Model of Internet Governance

Prof. Wu recently published a law review article on “Agency Threats” and what he approvingly refers to as “threat regimes.” The paper is a “defense of regulatory threats in particular contexts.”  Here’s a portion of the abstract:

The use of threats instead of law can be a useful choice — not simply a procedural end run. My argument is that the merits of any regulative modality cannot be determined without reference to the state of the industry being regulated. Threat regimes, I suggest, are important and are best justified when the industry is undergoing rapid change — under conditions of “high uncertainty.” Highly informal regimes are most useful, that is, when the agency faces a problem in an environment in which facts are highly unclear and evolving. Examples include periods surrounding a newly invented technology or business model, or a practice about which little is known.

I’m extremely troubled by this reasoning and can think of a couple of alternative labels for such behavior by government agencies: unaccountable, above-the-law, unconstitutional, anti-democratic, thuggery, regulatory blackmail, and so on.

But what’s even more troubling about Wu’s thinking about “threat regimes” is that he assumes this arbitrary mode of governing-by-intimidation makes even more sense in fast-moving high-tech industries. That seems counter-intuitive. If a given sector finds itself in a state of “high uncertainty” as Wu calls it, doesn’t that mean, by definition, it is dynamic and subject to forces that might bring about beneficial change? And shouldn’t we assume that those are the last sectors we would want regulators monkeying with since bureaucrats lack the requisite knowledge of how to best guide the evolution of complex information technologies?

Wu seems to believe that regulators possess a crystal ball and a set of magical dials that can guide the evolution of technology markets to a better equilibrium through the use of constant Sunstein-ian “nudges” (or perhaps shoves).  I think that’s poppycock.

Regardless, once we realize that this is the way Tim Wu thinks, an FTC investigation into Twitter’s current business practices starts to make a lot more sense. It’s about creating a “threat regime” that intimidates Twitter into to playing by the arbitrary rules of Washington bureaucrats instead of responding to marketplace demands and developments in a natural, evolutionary way. In fact, in his “threats” essay, Wu explicitly rejects that model:

The second option—“wait and see”—may sound attractive because it allows the industry to develop in what might be called a natural way. This approach, however, makes a great sacrifice: the public’s interest may be entirely unrepresented during the industry’s formative period. The risk is that the industry’s norms and business models will, effectively, be set without any public input. Waiting for the industry to settle down may result in undesirable practices that prove extremely hard to reverse or influence with rules issued later. To state the matter more colloquially, the industry may be “baked” by the time there is any real oversight or public input.

In essence, Wu desires a “mixed economy” model for high-tech sectors in which decision are guided at every juncture by the supposed wisdom of techno-cratic philosopher kings like himself. We must trust that he and his fellow regulators will guide us and our economy down an more enlightened path. And we must accept that some “threats” may be necessary to get the job done.

I find this mode of thinking disturbing in the extreme because of the rank hubris at the center of it. Regardless, Twitter appears to be well on its way to becoming a test case for Wu’s “threat” model of Internet governance.

On this week’s John Stossel show on Fox Business Network, I debated Internet privacy, advertising, and data collection issues with Michael Fertik of Reputation.com. In the few minutes we had for the segment, I tried to reiterate a couple of keep points that we’ve hammered repeatedly here in the past:

• There’s no free lunch. All the free sites and service we enjoy online today are powered by advertising and data collection. [see this op-ed]
• There is no clear harm in most cases, or what some argue is harm also can have many benefits that are rarely discussed. [see this paper.]
• There’s little acknowledgement of the trade-offs involved in having government create an information control regime for the Internet. [see this filing and these three essays: 1, 2, 3.]
• The ultimate code of “fair information practices” is the First Amendment, which favors free speech, openness, and transparency over secrecy and information control. [see this piece.]
• “Hands Off the Net” is a policy that has served us well. There are dangerous ramifications for our economy and long-term Internet freedoms if we continue down the road of “European-izing” privacy law here in the States. [see this essay and this filing.]
• At some point, personal responsibility needs to come into the equation. With so many privacy enhancing empowerment tools already on the market, it begs the question: If consumers don’t take steps to use those tools, why should government intervene and take action for them?

Anyway, here’s the 7-min video of the debate between Fertik and me:

by Adam Thierer & Berin Szoka, Progress Snaphot 6.1

Stephanie Clifford of the  New York Times posted a very interesting article this week summarizing a recent “on-the-record chat” the Times staff had with Federal Trade Commission (FTC) chairman Jon Leibowitz and FTC Bureau of Consumer Protection chief David Vladeck.  The interview [discussed by Braden here] is profoundly important in that it reveals an alarming disconnect regarding the relationship between “privacy” regulation and the future of media, which were the subjects of their discussion with Times staff.  Namely, Leibowitz and Vladeck apparently fail to appreciate how the delicate balance between commercial advertising and journalism is at risk precisely because of the sort of regulations they apparently are ready to adopt.  Because the value of online advertising depends on data about its effectiveness and consumers’ likely interests, and because advertising is indispensable to funding media, what’s ultimately at stake here is nothing short of the future of press freedom.

The “Day of Reckoning” Is Upon Us

Leibowitz and Vladeck spend the first half of The Times interview wringing their hands about “privacy policies,” the declarations made by websites and advertising networks about their data collection and use practices (for which the FTC can and must hold them accountable).  But the two feel that privacy policies don’t adequately inform consumers.  Chairman Leibowitz claims that online companies “haven’t given consumers effective notice, so they can make effective choices.”  And Mr. Vladeck states that advise-and-consent models “depended on the fiction that people were meaningfully giving consent.” But he and the FTC seem ready to abandon the notice and choice model because the “literature is clear” that few people read privacy policies, Vladeck told the Times.  He and Leibowitz continue:

“Philosophically, we wonder if we’re moving to a post-disclosure era and what that would look like,” Mr. Vladeck said. “What’s the substitute for it?” He said the commission was still looking into the issue, but it hoped to have an answer by June or July, when it plans to publish a report on the subject. Mr. Leibowitz gave a hint as to what might be included: “I have a sense, and it’s still amorphous, that we might head toward opt-in,” Mr. Leibowitz said.

This clearly foreshadows the regulatory endgame we have long suspected was coming.  When the FTC released its “Self-Regulatory Principles for Online Behavioral Advertising” eleven months ago, we asked: “What’s the Harm & Where Are We Heading?”  Their answers to both questions have become clearer with each new calculated comment—all apparently intended to slowly “turn up the heat” on the advertising industry so that the proverbial frog will stay in the pot until the water finally boils.  Leibowitz’s FTC has simply dodged the “harm” question with a four-part strategy:

1. Cobble together a “record” full of sympathy-evoking anecdotes submitted by advocates of regulation in comments and the FTC’s ongoing “Exploring Privacy” Roundtables;
2. Let the most extreme Chicken Littles fulminate about the grand conspiracy of “neuromarketing manipulation” and the like (and sometimes even shout down FTC staff in panel discussions) in order to redefine the “reasonable center” of the debate;
3. Define-down “harm” as purely a matter of “consumer expectations” or consumers’ “dignity interests” (whatever that vague and infinitely elastic term means); and
4. Attack the effectiveness of “consent” itself by suggesting that consumers cannot be trusted to understand privacy policies or be expected to make any effort to protect their own privacy.

Conveniently, this strategy leads right back to the “day of reckoning” Chairman Leibowitz threatened was coming last February: We are heading precisely where he told us we would be—to full-on, opt-in regulation.  The writing on the wall becomes more apparent every day: Leibowitz set out to bring online advertising to heel even before becoming Chairman, and his Commission is reprising almost precisely the same approach that led to the passage of the Children’s Online Privacy Protection Act (COPPA) of 1998: building a case for new authority, dismissing industry self-regulation as ineffective, and finally presenting a report to Congress intended to produce a rapid legislative response.  After the FTC presented its report on the need for regulation in congressional testimony in June 1998, it took Congress just four months to pass COPPA—and much of that time was consumed by the summer recess.  In short, Leibowitz is mounting a carefully choreographed campaign for increased regulation.

The only real question is whether Leibowitz will somehow try to use the FTC’s existing authority over “unfair or deceptive” trade practices or wait for expanded authority from Congress.  While most observers typically assume that such expanded authority would come in the form of a privacy-specific bill—be it a broad “baseline” privacy bill or one specifically focused on online data collection for advertising purposes—the authority Leibowitz yearns for could just as easily come in the form of increased rulemaking authority as part of a broader bill that allows the FTC to preemptively regulate practices that are not deceptive but merely deemed “unfair.”

This would take the agency “ Back to the Future”—to the late 1970s, when the agency reached the height of its efforts to regulate purely on “unfairness” grounds by trying to ban advertising to children.  The agency’s behavior earned it the moniker “National Nanny” from the Washington Post, hardly a bastion of regulatory skepticism.[1] That outpouring of popular resentment caused a heavily Democratic Congress to cut-off the Democratic-led agency’s regular funding and prohibit it from regulating advertising merely on the grounds of “unfairness.”  In essence, they told the agency to “go back to its knitting” and focus on protecting consumers from demonstrated harms.^[2] Duly chastened (and actually shut down for several days), the FTC formulated a meaningful legal standard for “unfairness,” which Congress codified in 1994: for a practice to be unfair, the injury it causes must be (1) substantial, (2) without offsetting benefits, and (3) one that consumers cannot reasonably avoid.

Under this statutory standard, as FTC Commissioner Thomas Rosch has argued, the commission must carefully consider:

[the] legitimate pro-consumer and pro-competitive benefits that result from [targeted advertising]. Absent hard data weighing these benefits against the limited “invasion of privacy interests” involved, it would seem difficult to conclude that treating that practice as an actionable violation of the “unfairness” prong of Section 5 will pass muster.[3]

So Leibowitz and Vladeck either need to get serious about weighing the costs and benefits of targeted advertising—or, in the absence of such actually measuring these trade-offs, get Congress to give them the authority to regulate.  But one thing is clear from their past statements: they are in a hurry to do  something. As Vladeck told The Times last August, “There is a sense of urgency around here… Consumers, I don’t think are sufficiently protected under the current regime.”  Apparently, the case is closed in their minds.

“Left Hand, Meet Right Hand”

The second half of the  Times interview concerns the future of news. Chairman Leibowitz is not optimistic:

“There are some areas where you clearly see positive creative destruction,” Mr. Leibowitz said, giving the example of travel agents who were replaced by Orbitz and other online-booking systems. The news, he said, was not one of those. “When you’re dealing with something as critical as news is to a democracy, you need to ensure, certainly, that it’s independent, but also that it’s vibrant going forward,” he said. Areas like investigative reporting, foreign and domestic bureaus, and state-house reporting, he said, would likely falter under blog operations because of “economies of scale.”

He said he wasn’t sure what the solution was, but threw out a few ideas discussed at the conference: maybe special tax treatment for newspapers, a Corporation for Public Broadcasting-like fund, or for the newspaper industry to charge fees for the re-use of its content, similar to the model that the American Society of Composers, Authors and Publishers uses. [emphasis added]

Mr. Chairman, with all due respect, haven’t you forgotten about the solution that has powered private media for a few centuries in this country?  You know— advertising!  Indeed, what’s stunning about these comments is the complete disconnect with what Leibowitz and Vladeck said earlier in the interview.  It certainly may be the case that they said more on the subject than what The Times has reported, but given their escalating rhetoric, it seems likely that significantly increased FTC regulation is on the horizon.  And, yet, as Chairman Leibowitz marches us into this brave new world of regulating Internet media through their key funding source, he and Mr. Vladeck seem to have little appreciation of the vital role played by advertising in sustaining a truly free and vibrant press.

An Attack on Advertising Is an Attack on Media Itself

Let’s step back and revisit Media Economics 101.  Almost every serious scholar in the field acknowledges this truism: Advertising cross-subsidizes media platforms and the creation of valuable information—especially news.  “Advertising is the mother’s milk of all the mass media,”  Wall Street Journal technology columnist Walt Mossberg has noted.  Similarly, Harold L. Vogel, author of Entertainment Industry Economics, the leading text in the field, has noted, “Advertising is the key common ingredient in the tactics and strategies of all entertainment and media company business models.  Indeed, it might further be said that advertising has substantively subsidized the production and delivery of news and entertainment throughout the last century.”[4] Mossberg agrees and notes, “Without ads, most editorial products and other programming would be either unavailable or prohibitively expensive.”

The reason for the indispensability of advertising is simple: Information (including news and other forms of “content”) has “public good” characteristics that make it is very difficult (and occasionally impossible) for information-publishers to recoup their investments.  Simply put, they quite literally lack pricing power: Whatever they charge, someone else will charge less for a close substitute, inevitably leading to “free” distribution of the content, even though the content is anything but free to produce.  Advertising is the one business model that has traditionally saved the day by rewarding publishers for attracting the attention of an audience.

Which raises another under-appreciated point: Private advertising promotes press independence.  “Newspapers, magazines, radio, television, and many websites all receive their primary income from advertising,” notes William F. Arens, author of  Contemporary Advertising, another leading textbook in the field. “This facilitates freedom of the press and promotes more complete information” he concludes.[5] Why?  Because, contrary to what some critics claim, advertising and marketing help keep private media providers independent of the need for taxpayer subsidies or private patrons.  This begs an even more profound question: If not advertising, then what else?

A “Public Option” for the Press?

What’s most troubling about Chairman Leibowitz’s comments to the Times is that he has apparently found his alternative to advertising: a “public option” for the press! He mentions special tax treatment for newspapers or a new CPB-like fund (don’t we already have one?) as two possibilities.  That certainly will be music to the ears of radical, pro-regulatory activist groups like the ironically-named “Free Press,” which wants to see a massive “public works” program for the media sector.

Free Press recently filed comments with the FTC in the agency’s recent workshop, “Can Journalism Survive the Internet Age?” and proposed a far-reaching industrial policy for “saving the news.”  They call for over $50 billion in subsidies for the Corporation for Public Broadcasting and other bureaucracies, a “journalism jobs program” for that would be part of AmeriCorps, a variety of new tax incentives for struggling media operations or individuals who support favored institutions, and an assortment of government incentives to encourage local ownership and media divestiture (by handing over control to smaller operators or minority-owned groups).  Ironically, “Free Press” has also floated the concept of “a small tax on advertising” as one way to pay for a press bailout.

The organization’s founder Robert W. McChesney, the prolific neo-Marxist media scholar, penned an essay with John Nichols of The Nation last year, claiming that saving journalism essentially requires that media become an appendage of the State.  Although advertising has supported journalism as a “public good” for centuries, the only way they can conceive to provide a public good is to socialize its means of production.  Thus, journalism, like education and national defense, requires constant government oversight and support: “A moment has arrived at which we must recognize the need to invest tax dollars to create and maintain news gathering, reporting and writing with the purpose of informing all our citizens.”  They ask us to consider the $60 billion in government spending they propose as a “free press ‘infrastructure project,’” which would “keep the press system alive.”

Some in Congress seem willing to listen.  The Senate has already held hearings about the future of journalism.  And Senator Benjamin L. Cardin (D-MD) recently introduced what he has called the “Newspaper Revitalization Act,” which would allow newspapers to become nonprofit organizations in an effort to help them stay afloat.  Importantly, however, the bill would also disallow political endorsements on newspaper editorial pages—which, like campaign finance restrictions, would be a boon for incumbent politicians.  That bill should serve as fair warning to journalists about the sort of strings lawmakers will attach to press-welfare efforts going forward.  What other “golden shackles” might come with media subsidies?

To be clear, Chairman Leibowitz hasn’t called for a complete press takeover along the lines of the Free Press plan.  Yet, he hasn’t answered a key question in this debate: Who pays for news?  He appears ready to endorse a bold new regulatory scheme for the Internet and online media that, in the name of “protecting privacy” would put at risk the one traditionally successful method of supporting private media operations—advertising.  As the Pew Research Center’s Project for Excellence in Journalism noted in its latest State of the News Media report, “The problem facing American journalism is not fundamentally an audience problem or a credibility problem.  It is a revenue problem—the decoupling… of advertising from news.”  There’s probably no way policymakers can stop this process, nor should they try.  But they shouldn’t be creating new obstacles to the survival of traditional media creators, either.

Unfortunately, that’s exactly what Chairman Leibowitz’s new regulatory scheme would do.  The revenue “delta” between “smart” advertising (tailored to consumers’ likely interests and measured for effectiveness in producing clicks, purchases, etc.) and “dumb advertising” (based purely on surrounding keywords or demographics of users presumed to visit the site) is difficult to measure but potentially enormous—even 10 times as great for some sites.[6] The difference between opt-in and opt-out could be nearly as dramatic, because it’s difficult to get consumers to opt-in for anything, especially for small players—which means that opt-in regulation could, perversely, force consolidation in the online advertising and content markets.  If the FTC cares about its statutory responsibility to safeguard competition, they should take this dynamic seriously and be hyper-cautious about heavy-handed mandates that could derail smarter advertising.

Finally, to be fair, in his interview, the Chairman also suggests the newspaper industry might want to find new way “to charge fees for the re-use of its content.”  We’re certainly not opposed to the notion and think that, if it could somehow be made to work (especially by removing antitrust obstacles), it could part of a diverse revenue mix for digital journalism.  But, there’s the rub.  Micropayments inevitably face the problem of “mental transaction costs”  that likely swamp the perceived value of most content and, like pay-walls, have generally worked only in media environments characterized by a scarcity of providers and a uniqueness of a sufficiently valuable product.  These cold, hard economic realities are why advertising remains indispensable.

The Principled Alternative to Regulation

Convinced that privacy policies simply don’t work, Leibowitz and Vladeck are asking what a “post-disclosure era” would look like.  We appreciate the continued sensitivities expressed by certain groups and individuals about online privacy and data use more generally.  But there is another way forward.  We have proposed the following “5-E” layered approach to concerns about online privacy, focusing on restraining government access to data as a clear harm, rather than crippling the private sector uses of data that directly benefit consumers:

1. Erect a higher “Wall of Separation between Web and State” by increasing Americans’ protection from government access to their personal data—thus bringing the Fourth Amendment into the Digital Age.
2. Educate users about privacy risks and data management in general as well as specific practices and policies for safer computing.
3. Empower users to implement their privacy preferences in specific contexts as easily as possible.
4. Enhance self-regulation by industry sectors and companies to integrate with user education and empowerment.
5. Enforce existing laws against unfair and deceptive trade practices as well as state privacy tort laws.

Such a layered approach would not only be a “less restrictive” alternative to top-down, one-size-fits-all government regulation, but also potentially more effective in key respects than government data use/collection mandates.  In an ideal world, adults would be fully empowered to tailor privacy decisions, like speech decisions, to their own values and preferences (“household standards”).  Consumers would have (1) the information necessary to make informed decisions and (2) the tools and methods necessary to act upon that information. Importantly, those tools and methods would give them the ability to block the things they don’t like—annoying ads or the collection of data about them, as well as objectionable content—while also helping them find the information and content they desire.

But of course, the devil’s in the details.  Leibowitz and Vladeck would set the bar so high as to what constitutes “effective” consumer choice that current privacy policies necessarily fail their test—if only because most users don’t care enough to make the “right” privacy choices.  Privacy policies, even if read by relatively few consumers, nonetheless allow privacy advocates, journalists and watchdog-bloggers to scrutinize what companies say they’re doing—promises to which the FTC should hold companies stringently.  That’s clearly not good enough for Leibowitz and Vladeck, who want to give up on “notice and choice” and move on to “opt-in” mandates.  But why not first try to make “notice” more effective?  The advertising industry is currently developing standardized interfaces that could communicate key information about privacy practices in a single icon, label or other easily-digested “consumer touch point.”

More radically, why focus on tinkering with consumer interfaces, when standardized data disclosure formats like the Protocol for Privacy Preferences (P3P) could distill legalistic privacy policies into “machine-readable” code?  Such disclosures could provide a powerful form of “notice” that the ordinary consumer could “use”: simply setting their own privacy preferences in a browser tool that automatically implements those preferences by blocking tracking that users object to.  Such a privacy disclosure format could also allow the FTC to automate enforcement of its existing authority to punish unfair or deceptive trade practices.

Conclusion

And so we return to the question the FTC asked in its recent workshop, “Can Journalism Survive the Internet Age?”  Answer: Not if the FTC kills the golden goose that lays the golden eggs through onerous advertising regulations and data controls in the name of “privacy.”  Chairman Leibowitz and Bureau Chief Vladeck shouldn’t foreclose the possibility that advertising can play a central role in the future of a free press in the Digital Age—just as it has done historically in the United States.  Indeed, they would be wise to remember that advertising has always been with us.  As the Supreme Court noted in its 1996 decision, 44 Liquormart, Inc. v. Rhode Island.

Advertising has been a part of our culture throughout our history. Even in colonial days, the public relied on “commercial speech” for vital information about the market. Early newspapers displayed advertisements for goods and services on their front pages, and town criers called out prices in public squares. Indeed, commercial messages played such a central role in public life prior to the founding that Benjamin Franklin authored his early defense of a free press in support of his decision to print, of all things, an advertisement for voyages to Barbados.[7]

Of course, for advertising to continue to play the role as sustainer of the press, it must be allowed to evolve.  Media operators—large and small alike—must be allowed to craft new strategies, some of which may require data collection and marketing practices that will make some privacy-sensitive users uncomfortable, but will also ensure that the goose keeps on laying golden eggs for them and everyone else.

While Chairman Leibowitz may decry the creative destruction at work in the news sector and information industries today, that shakeup will continue and, no doubt, be painful for incumbent players.  Advertising alone may not “save the day” for media as it has in the past, but it will likely remain essential to sustaining private media platforms and providers going forward— if federal policymakers allow it.  The alternative—massive government intervention into the news and media sectors—is too horrifying to think about.

[1] Washington Post, March 1, 1978.

[2] Congress terminated the FTC’s efforts to prohibit advertising to children, and barred the agency from issuing any advertising regulation predicated solely on unfairness for three years.  FTC Improvements Act, Pub. L. No. 96-252, § 11 (May 1980).  See generally J. Howard Beales, Director of the Bureau of Consumer Protection, Federal Trade Commission, The FTC’s Use of Unfairness Authority: Its Rise, Fall, and Resurrection, www.ftc.gov/speeches/beales/unfair0603.shtm.

[3] Thomas Rosch, Some Reflections on the Future of the Internet: Net Neutrality, Online Behavioral Advertising, and Health Information Technology, Remarks at U.S. Chamber of Commerce Telecommunications & E-Commerce Committee Fall Meeting, October 26, 2009, 13, www.ftc.gov/speeches/rosch/091026chamber.pdf.

[4] Harold L. Vogel, Entertainment Industry Economics (Cambridge, MA: Cambridge University Press, 7th Edition, 2007), at 46.

[5] William F. Arens, Contemporary Advertising (McGraw-Hill Irwin, 10^th Ed., 2006) at 50.

[6] See Berin Szoka & Mark Adams, The Benefits of Online Advertising & Costs of Privacy Regulation, PFF Working Paper, Nov. 8, 2009, www.scribd.com/doc/22445754/Benefits-of-Online-Advertising-Paper.

[7] 517 U.S. 484, 495 (1996), http://www.law.cornell.edu/supct/html/94-1140.ZO.html

______________________________

Related PFF Publications

• Privacy Trade-Offs: How Further Regulation Could Diminish Consumer Choice, Raise Prices, Quash Digital Innovation & Curtail Free Speech, Berin Szoka, Comments to the Federal Trade Commission “Exploring Privacy” Roundtable, November 10, 2009.
• Online Advertising & User Privacy: Principles to Guide the Debate, Berin Szoka & Adam Thierer, Progress Snapshot 4.19, Sept. 2008.
• Targeted Online Advertising: What’s the Harm & Where Are We Heading?, Berin Szoka & Adam Thierer, Progress on Point 16.2, April 2009.
• Privacy Polls v. Real-World Trade-Offs, Berin Szoka, Progress Snapshot 5.10, Oct. 2009.
• The Benefits of Online Advertising & Costs of Privacy Regulation, Berin Szoka & Mark Adams, PFF Working Paper, Nov. 8, 2009.
• Benefits of Online Advertising, Berin Szoka, Mark Adams, Howard Beales, Thomas Lenard & Jules Polonetsky, PFF Capitol Briefing, July 2009.
• Public Option for Press Should Get the Red Pen, Adam Thierer, The Daily Caller, Jan. 12, 2010.

I really appreciate the venture capitalists (VCs) in Silicon Valley subsidizing my soapbox at Twitter.  Seriously, it is an absolutely awesome platform for getting a message out to the masses.  But at some point I worry that the gravy train will come to an end and that users will have to start picking up part of the tab.  After all, will those VCs continue to subsidize Twitter if it never turns a profit?  According to the Wikipedia entry about Twitter:

In total, Twitter has raised over US$57 million from venture capitalists. The exact amounts of funding have not been publicly released. Twitter’s first round of funding was for an undisclosed amount that is rumored to have been between $1 million and $5 million. Its B round of funding in 2008 was for $22 million and its C round of funding in 2009 was for $35 million from Institutional Venture Partners and Benchmark Capital along with an undisclosed amount from other investors including Union Square Ventures and Spark Capital^. Twitter is backed by Union Square Ventures, Digital Garage, Spark Capital, and Bezos Expeditions.

Again, thank you VCs!  But, like them, I do wonder when and how Twitter will bring in some cash.  Is there a “freemium” model that could work?  Perhaps.  “Pro” or corporate accounts have been rumored to be in the works.  Getting someone else to pick up the tab that way might bring in enough cash for Twitter to allow the free ride to continue for the rest of us.  But what about advertising?  It’s been the “mother’s milk” of most online media and platforms for some time now, and Twitter seems perfectly suited to insert a few banner ads or contextual ads here and there.  It could be happening sooner than you think. Austin Modine of The Register notes in a new piece, “Twitter ‘Leaves Door Open’ for Targeted Ads,” that:

Twitter has always been reluctant to commit to serving advertisements as a revenue model – the way most web start-ups today stay afloat. In the past, the website has expressed more interest in developing add-on tools and services for companies and professionals. Yet [Twitter cofounder Biz Stone] … has never ruled out the possibility.

Modine reports that Twitter recently changed its Terms of Service in such a way that makes this more likely.  Here is what the new Terms of Service say:

The Services may include advertisements, which may be targeted to the Content or information on the Services, queries made through the Services, or other information. The types and extent of advertising by Twitter on the Services are subject to change. In consideration for Twitter granting you access to and use of the Services, you agree that Twitter and its third party providers and partners may place such advertising on the Services or in connection with the display of Content or information from the Services whether submitted by you or others.

As Tony Bradley of PC World argues:

Why not? Advertising is the grease that keeps the Internet revenue engine running smoothly. Its tried and true. Internet entities like Google have grown from the embryo stage to technology behemoth primarily by feasting on a steady diet of ad revenue.

Absolutely correct.  Of course, that probably won’t stop some people — especially the privacy zealots — from whining about commercial exploitation, mind manipulation, and so on — especially if Twitter really does make their ads highly targeted.  But that’s the natural evolution of things for Twitter and similar sites, and it’s very pro-consumer because it supports the continued provision of service at no charge to the vast majority of users. That’s especially important for a communications platform like Twitter, which carries a massive amount of non-commercial speech, as Berin Szoka and I pointed out in our papers, “Online Advertising & User Privacy: Principles to Guide the Debate,” and “Targeted Online Advertising: What’s the Harm & Where Are We Heading?  It’s essential that policymakers not interfere with the evolution of business models that could support speech-enhancing platforms like Twitter going forward.  This is why we always point out the relationship between economic regulation and speech regulation. Burdensome regulation could stifle the “technologies of freedom” like Twitter and diminish our speech opportunities in the process.

by Berin Szoka & Adam Thierer

This morning, the House Energy & Commerce Committee will hold a hearing on “Behavioral Advertising: Industry Practices And Consumers’ Expectations.” If nothing else, it promises to be quite entertaining:  With full-time Google bashers Jeff Chester and Scott Cleland on the agenda, the likelihood that top Google officials will be burned in effigy appears high!

Chester, self-appointed spokesman for what one might call the People for the Ethical Treatment of Data (PETD) movement, is sure to rant and rave about the impending techno-apocalypse that will, like all his other Chicken-Little scenarios, befall us all if online advertisers were permitted to better tailor ads to consumers’ liking. After all, can you imagine the nightmare of less annoying ads that might actually convey more useful information to consumers? Isn’t serving up “untargeted” dumb banner ads for Viagra to young women and Victoria’s Secret ads to Catholic school kids the pinnacle of modern online advertising?  Gods forbid we actually make advertising more relevant and interest-based!  (Those Catholic school boys may appreciate the lingerie ads, but few will likely buy bras.)

Anyway, according to National Journal’s Tech Daily Dose, the hearing lineup also includes:

• Charles Curran, Executive Director, Network Advertising Initiative
• Christopher Kelly, Chief Privacy Officer, Facebook
• Edward Felten, Director, Center for IT Policy, Princeton University
• Anne Toth, Chief Privacy Officer & Vice President, Policy, Yahoo!
• Nicole Wong, Deputy General Counsel, Google

That’s an interesting group and we’re sure that they will say interesting things about the issue. Nonetheless, because four of them have a corporate affiliation that fact will inevitably be used by some critics to dismiss what they have to say about the sensibility of more targeted or interest-based forms of online advertising. So, we’d like to offer a few thoughts and pose a few questions to make sure that Committee members understand why, regardless of what it means for any particular online operator, targeting online advertising is very pro-consumer and essential to the future of online content, culture, and competition.  As Wall Street Journal technology columnist Walt Mossberg has noted, “Advertising is the mother’s milk of all the mass media.”  Much of the “free speech” we all cherish isn’t really free, but ad-supported!

Our Approach

We have previously set forth a framework for analyzing advertising policy issues in two PFF reports: “Online Advertising & User Privacy: Principles to Guide the Debate” and “Targeted Online Advertising: What’s the Harm & Where Are We Heading?” At root, our model depends heavily on two common-sense, and inter-related, principles:

1. We live in a world of trade-offs; and
2. There is no free lunch.

Their Approach

We are deeply concerned that too few people are talking about—or even understand the relevance of—those two principles in the debate over targeted online advertising. It seems that too many who wish to retard the further evolution of the advertising marketplace are living a lie based upon the antithesis of our model. Many privacy advocates seem to imagine that regulatory actions don’t have consequences and that Congress can simply mandate new privacy standards for the Internet without having any impact on the free flow of ideas supported by, and direct facilitated through, advertising.

Simply put, the privacy critics often imagine that their values are indicative of everyone’s values. Our blogging colleague Jim Harper of the Cato Institute has referred to this as “preference imposition” but we’ll use a simpler term: Elitism. In essence, privacy advocates seem to believe that:

1. People are too ignorant, busy or just plain stupid, and cannot be trusted to make wise decisions for themselves (or their children); and/or
2. Everyone shares the same values or concerns when it comes to privacy such that a national “baseline” regulatory standard (namely, mandatory “opt-in” regulations for data collection and use) should govern the entire online marketplace.

Let’s be clear: Such a mandate, and the thinking behind it, would greatly impoverish the future Internet economy. Too many people think of the Internet as a magic box that just keeps cranking out free goodies. But something powers that box of goodies: advertising.  More than anything else, it’s advertising that keeps the Internet “Free, Innovative & Open,” to borrow the slogan of our friends at CDT, which seems to flirt with joining the PETD movement, despite their well-earned reputation for pragmatic skepticism of government interference with the Internet.

The regulatory advocates complain that giving consumers the right to opt-out of data collection and use isn’t meaningful because very few consumers will exercise the opt-out.  Again, they presume that this must be because users just don’t know what’s good for them because of course if they really understood what was being done with “their data,” they would never choose to just “give it away” for a few scraps from the advertisers’ table.  It never occurs to them that (i) many, perhaps most, users just don’t care and that (ii) that their “ignorance” about the all specific details of “how the sausage is made” (online data collection and use practices for targeting advertising) may be completely rational.

But just as importantly, would-be privacy regulatory don’t seem to understand—or perhaps simply don’t care—that what’s true of opt-out is also true of opt-in:  in practice, few people will bother doing either.  In a world of perfect information and infinite time, of course, there would be no difference in outcomes with the two different rules.  But in the real world with real constraints on time, knowledge and everything else, mandating opt-in would make all the difference in the world by severely limiting the ability of advertisers to target advertising.

The Ignored Trade-offs

We’ve been assembling evidence on the real-world costs of restricting targeted advertising. Here are just a few data points we’ve seen to give you a sense of what’s at stake:

• Relevance to Users: The best evidence that users prefer seeing more relevant ads is their increased likeliness to actually click on an ad—instead of just ignoring it or trying to block it. The most recent study of this issue concluded that Click-Through Rates (CTR) can be improved by as much as 670% by using basic behavioral targeting as compared to simple contextual targeting—0r even more than 1000% using more sophisticated targeting. Conversion rates (the percentage of clicks that actually result in a sale) also strongly indicate that consumers find ads more interesting, and in one 2005 study, were estimated to increase up to 3000% with behavioral targeting.
• Macro: More Revenue to Fund All Services & Content: eMarketer (in June 2008) estimated that U.S. spending on behavioral targeting would grow from $.775 billion in 2008 to $4.4 billion in 2012—representing fully a quarter of display ad spending.  The total amount of money at stake is huge:  U.S. online ad revenues totaled $23.5 billion in 2008.
• Micro: More Revenue for Individual Publishers: Estimates on the increased profitability of behavioral targeting range as high as 1200% (eMarketer).

While these examples illustrate the broad outlines of the trade-offs ignored by privacy regulatory advocates, the key dilemma to understand is this: If, under an opt-in regime, publishers would be able to target advertising for webpages based on the keywords contained within those pages, and not on other content the user has looked at, the value of most Internet content will depend not on how many eyeballs it attracts but primarily on the economic value of the keywords that are directly associated with it. Pages with keywords related to products and services will fetch a fine price because advertisers will be able to make money off ads on those pages ( e.g., a site for digital camera reviews). But content with little commercial value will generate little revenue. Indeed, this is perhaps the single greatest problem faced by journalism sites. Who wants to advertise on a story about North Korea? How many users are going to be interested in taking a honeymoon in the DMZ?

But if such websites could target advertising to users’ user’s likely interests based on an anonymous profile of their interests created by collecting data about their browsing “behavior,” web content becomes valuable because of the audience it attracts, not just because the content itself serves as a rough proxy for a user’s interests. This democratization of Internet advertising revenue is essential for sustaining the future of journalism in particular, but also for “free” culture more generally.

As we noted in our response to the FTC’s proposed self-regulatory guidelines on data collection for advertising:

Depending on how regulation is structured, therefore, it is possible that new privacy mandates would severely curtail the overall quantity of content and services offered—and greatly limit the ability of new providers to enter the market with innovative offerings. Alternatively, or perhaps additionally, companies would change the character of their offerings and water-down sophisticated services that cater to consumer demand; in other words, the quality of service would deteriorate. Bottom line: Something must give because there is no free lunch. Regulation is a giant game of economic whack-a-mole: Attempting to control one of the primary variables of price, quantity, or quality inevitably results in non-optimal adjustments in the other two variables. The absence of price as a variable in this context means there is one less variable for the government to control in the first place. Simply stated, stifling the evolution of the online advertising marketplace will likely result in fewer free online services and less content, less high-quality online services and content, or some combination of both… We stand at an important crossroads in the debate over the online marketplace and the future of a “free and open” Internet. Many of those who celebrate that goal focus on concepts like “net neutrality” at the distribution layer, but what really keeps the Internet so “free and open” is the economic engine of online advertising at the applications and content layers. If misguided government regulation chokes off the Internet’s growth or evolution, we would be killing the goose that laid the golden eggs…. These observations are even more relevant to the online marketplace, where advertising has been shown to be the only business model with any real staying power. Walled gardens, pay-per-view, micropayments, and subscription-based business models are all languishing. Consequently, the overall health of the Internet economy and the aggregate amount of information and speech that can be supported online are fundamentally tied up with the question of whether we allow the online advertising marketplace to evolve in an efficient, dynamic fashion. Heavy-handed privacy regulation (or co-regulation) could, therefore, become the equivalent of a disastrous industrial policy for the Internet that chokes off the resources needed to fuel e-commerce and online free speech going forward.

Our Challenge to the Advocates of Privacy Regulation

For these reasons, we have repeatedly issued the following three-part challenge in our previous work to those who advocate the regulation of online advertising:

1. Identify the harm or market failure that requires government intervention.
2. Prove that there is no less restrictive alternative to regulation.
3. Explain how the benefits of regulation outweigh its costs.

We’re still waiting…

We’ve also made it clear that there is an alternative to the pre-emptive, one-size-fits-all regulation demanded by the regulatory advocates:  We’ve proposed a “layered approach” based on user education, user empowerment, self-regulation and FTC enforcement of privacy policies.  Our goal is as follows:

The ideal state of affairs would be to create a system of tools and data disclosure practices that would empower each user to implement their personal privacy preferences while also recognizing the freedom of those who rely on advertising revenues to “condition the use of their products and services on disclosure of information”—not to mention the viewing of ads! Self-regulatory efforts can be refined, especially through technological innovation to better satisfy the concerns of policymakers, privacy advocates, and average consumers. For example, if websites and ad networks participating in a self-regulatory framework supplemented their current “natural language” privacy policies with equivalent “machine-readable” code [ e.g., P3p], that data could be “read” by browser tools that would implement pre-specified user preferences by blocking the collection of information depending on whether the privacy policies of certain websites or ad networks met the user’s preferences about data-use. Such robust and granular disclosure, if implemented for behavioral advertising, would exceed the wildest dreams of those who argue that users currently do not read privacy policies—without disrupting the browsing experience or cluttering websites. But this system would only work if users had to make real choices about “pay*ing+ for ‘free’ content and services by disclosing their personal information.”

A Final Word About Advertising

On some level, this debate isn’t about user privacy at all, but about the alleged evils of advertising as inherently manipulative.  Jeff Chester straddles both camps.  His rantings about the use of “neuromarketing” boil down to the same simple idea that the Neo-Marxists have been pushing for decades:  Since people are stupid, ignorant and/or lazy (see above), they’re easy to control and trick with shiny objects, pretty faces, memorable slogans, and catchy jingles. No better response to this argument has ever been made than was offered in this 1959 magazine ad by the ad firm Young & Rubicam (emphasis added for Chester’s benefit):

There is no chestnut more overworked than the critical whinny: “Advertising sells people things they don’t need.” We, as one agency, plead guilty. Advertising does sell people things they don’t need. Things like television sets, automobiles, catsup, mattresses, cosmetics, ranges, refrigerators, and so on and on. People don’t really need these things. People don’t really need art, music, literature, newspapers, historians. wheels, calendars, philosophy, or, for that matter, critics of advertising, either. All people really need is a cave, a piece of meat and, possibly, a fire. The complex thing we call civilization is made up of luxuries. An eminent philosopher of our time has written that great art is superior to lesser art in the degree that it is “life-enhancing.” Perhaps something of the same thing can be claimed for the products that are sold through advertising. They enhance life, to whatever degree they can.

With the publication of Understanding Privacy (Harvard University Press 2008), George Washington University Law School professor Daniel J. Solove has firmly established himself as one of America’s leading intellectuals in the field of information policy and cyberlaw.  Solove had already made himself a force to be reckoned with in this field with the publication of important books like The Future of Reputation: Gossip, Rumor, and Privacy on the Internet (Yale University Press 2007), The Digital Person: Technology and Privacy in the Information Age (NYU Press 2004) and his treatise on Information Privacy Law with Paul M. Schwartz of the Berkeley School of Law (Aspen Publishing, 2d ed. 2006).  But with Understanding Privacy, Solove has now elevated himself to that rarefied air of “people worth watching” in the cyberlaw field; an intellectual — like Lawrence Lessig or Jonathan Zittrain — whose every publication becomes something of an event in the field to which all eyes turn upon release.

Like those other intellectuals, however, my respect for their stature should not be confused with agreement with their positions.  In fact, my disagreements with Lessig and Zittrain are frequently on display here and, we have been critical of Solove here in the past as well. [Here’s Jim Harper’s review of Solove’s last book, with which I am in wholehearted agreement.]  In a similar vein, although I greatly appreciate what Prof. Solove attempts to accomplish in Understanding Privacy — and I am sure it will change the way we conceptualize and debate privacy policy in the future — I found his approach and conclusions highly problematic.

Let me begin by summarizing Solove’s bold objective in Understanding Privacy. In the book, he attempts “to set forth a theory of privacy that will guide our understanding of privacy issues and the crafting of effective laws and policies to address them.” (p. 2) Solove’s “pragmatic” proposal to rethink privacy requires us to abandon the ways we have traditional thought about it. He begins by rightly noting that privacy has long been a “conceptual jungle” (p. 196) and a “concept in disarray.” (p. 1) “[T]he attempt to locate the ‘essential’ or ‘core’ characteristics of privacy has led to failure,” he says. (pg. 8 )

Consequently — and this is what make’s his approach so unique and important — Solove’s proposal to rethink privacy begins with a call to abandon the entire philosophical exercise of trying to tie privacy rights to some “common denominator” (pg. 8 ) since “Nobody can articulate what it means.” (p. 1) Actually, what he really means to say is that plenty of theorists can articulate what it means, it’s just that there is rarely any strong consensus about what justifies a particular theory of privacy. Indeed, in Chapter 2, he walks the reader through a half-dozen “conceptions of privacy” and illustrates how each has intellectual weaknesses and suffers from over- and under-breadth problems in terms of what it types of privacy it protects.

More importantly, according to Solove, not only has the effort “to locate the ‘essence’ of privacy” failed, but there is never any hope of it succeeding. Instead of continuing the futile search for such a grand, unified theory of privacy, Solove says we should tackle privacy issues from the “bottom up” by looking to “solve certain problems” (p. 75) The key to making it all work, he says, is “balancing”:

Because privacy conflicts with other fundamental values, such as free speech, security, curiosity, and transparency, we should engage in a candid and direct analysis of why privacy interests are important and how they ought to be reconciled with other interests. We cannot ascribe a value to privacy in the abstract. The value of privacy is not uniform across all contexts. We determine the value of privacy when we seek to reconcile privacy with opposing interests in the particular situations. (p. 87)

It is tempting to applaud Solove’s attempt to unhinge privacy from any “common denominator” and instead get more concrete about how to work through the details of practical privacy problems. After all, it is easy to get frustrated with some modern theories of privacy that have been tied up with amorphous, warm-and-fuzzy terms like “personhood” and “intimacy.” The inherent subjectivity of some of those terms makes it challenging to derive bright-line principles and tests to help craft law or resolve privacy disputes when they come before the courts.

But I believe there are serious problems with any attempt to completely divorce privacy policy from a theory of rights or justice. In my opinion, you can’t just dynamite all conceptual frameworks to the ground; value judgments will persist and references to rights theory will always be required. Even Solove’s pragmatic, bottom-up approach is value-laden; he just doesn’t acknowledge it. The majority of privacy controversies he attempts to work through in Chapter 5’s ambitious 16-part “Taxonomy of Privacy” mostly end up coming down in favor of taking stronger steps (i.e., rules, regulations, lawsuits, etc) to enhance privacy rights. He clearly has a bias in favor of enhancing and extending privacy rights relative to many other rights, but he doesn’t bother grounding it in any substantive theory of rights or justice.

Simply stated, even though Solove claims he can construct a new paradigm based strictly on a “pragmatic,” utilitarian, “problem-solving” approach, there is just no getting around the fact that, at some point, you are going to have to provide a more robust theory of rights or justice to explain why one right trumps another.

For example, let’s consider the frequent clash between privacy and free speech rights. As any casual reader of this blog knows, I feel quite passionately about the First Amendment and free speech rights. And, in all but the most extreme cases or circumstances, I will argue that speech rights should trump privacy rights. When would speech rights not trump privacy rights? For me, that would only occur when a clear, quantifiable harm resulted from the speech. But what is “clear, quantifiable harm”?  Reputation, for example, is not something one can easily quantify the loss of. When a company or a government agency loses or sells your personal health records without permission, however, that privacy violation gets a little more quantifiable. And in the case of someone stealing your personal information to engage in identity theft, the harm becomes still more quantifiable. But those cases often involve monetary damages, whereas something like defamation is much more difficult to quantify. However, when considering privacy-vs.-free speech trade-offs, I would first look to identify and quantify to concrete harm to an individual before allowing the state to curtain freedom of speech.

Solove acknowledges these privacy-speech trade-offs and cites the work of scholars like Eugene Volokh, Fred Cate, Virginia Postrel, and Solveig Singleton, who have all discussed these problems in their work. Volokh, for example, wrote an incredibly important 2000 law review article entitled, “Freedom of Speech, Information Privacy, and the Troubling Implications of a Right to Stop People from Speaking About You.” As he pointed out in that piece:

The difficulty is that the right to information privacy — the right to control other people’s communication of personally identifiable information about you — is a right to have the government stop people from speaking about you. And the First Amendment (which is already our basic code of “fair information practices”) generally bars the government from “control[ling the communication] of information,” either by direct regulation or through the authorization of private lawsuits.

Without reference to some higher set of first principles or theory of rights / justice, I believe it is very difficult to sort through thorny problems like these. We need to know how and when one right trumps another. A theory of rights that focuses on avoiding direct, tangible harm to others — but largely leaves individuals otherwise free to do what they wish — would generally place speech rights above many privacy “rights” (some of which perhaps should not quality be rights at all). Of course, this more libertarian construction of rights remains quite controversial in our modern society, and there are other theories of rights and justice that would minimize the importance of speech rights relative to privacy.

Importantly, there also needs to be some recognition of the qualitative difference between government threats to privacy versus private threats. The harm that can come from government violations of privacy are generally far more troubling (surveillance, taxation, fines, imprisonment, etc) than potential private harms. I don’t think Solove’s framework appreciates that distinction.

Regardless of which approach one adopts — reasoning from first principles, or working from the “bottom up” (a la Solove) — there will always be fair degree of “balancing” undertaken by legislatures and the courts when crafting privacy policies. Indeed, in many ways, I see Solove’s more “pragmatic” approach often getting us to the same point we would find ourselves in if we took a more philosophical, first principles-based approach. It’s just that under his approach, he would often give the nod to privacy concerns over other rights whereas others (like me) would first look to enhance other values, especially free speech.

In sum, I believe that if one attempts to divorce the exercise of “understanding privacy” from any theory of rights, inevitably, you end right back in the same “conceptual jungle” you were in before. In that sense, I regret to say that Solove’s approach in Understanding Privacy ultimately fails. There’s just no escaping a fight over first principles.

But make no doubt about it, Daniel Solove’s book — and his approach to classifying and dealing with privacy problems — will have a profound impact on all future privacy debates. In that sense, it is a vital text; a must read for all who follow, or engage in, privacy debates.

P.S. Prof. Solove contributed an article to this month’s big Scientific American special issue on “The Future of Privacy.” Many articles in that issue worth reading.