legislation – Technology Liberation Front

Can Any AI Legislation Pass Congress This Session?

Adam Thierer — Tue, 17 Oct 2023 17:49:49 +0000

My latest dispatch from the frontlines of the artificial intelligence policy wars in Washington looks at the major proposals to regulate AI. In my new essay, “Artificial Intelligence Legislative Outlook: Fall 2023 Update,” I argue that there are 3 major impediments to getting major AI legislation over the finish line in Congress: (1) Breadth and complexity of the issue; (2) Multiplicity of concerns & special interests; & (3) Extreme rhetoric / proposals are dominating the discussion.

If Congress wants to get something done in this session, they’ll need to do two things: (1) set aside the most radical regulatory proposals (like big new AI agencies or licensing schemes); and (2) break AI policy down into its smaller subcomponents and then prioritize among them where policy gaps might exist.

Prediction: Congress will not pass any AI-related legislation this session due to the factors identified in my essay. The temptation to “go big” with everything-and-the-kitchen-sink approaches to AI regulation will (especially with extreme ideas like new agencies & licenses) will doom AI legislation. It’s also worth noting that Washington’s swelling interest in AI policy is having a crowding-out effect on other important legislative proposals that might have advanced otherwise, such as the baseline privacy bill (ADPPA) and other things like driverless car legislation. Many want to advance those efforts first, but the AI focus makes that hard.

Read the entire essay here.

Thoughts on the America COMPETES Act: The Most Corporatist & Wasteful Industrial Policy Ever

Adam Thierer — Wed, 26 Jan 2022 19:37:24 +0000

On Tuesday, Nancy Pelosi, Speaker of the U.S. House of Representatives, posted the text of the “America Creating Opportunities for Manufacturing, Pre-Eminence in Technology and Economic Strength Act of 2022,” or “The America COMPETES Act.” As far as industrial policy measures go, the COMPETES Act is one of the most ambitious and expensive central planning efforts in American history. It represents the triumph of top-down, corporatist, techno-mercantilist thinking over a more sensible innovation policy rooted in bottom-up competition, entrepreneurialism, private investment, and free trade.

Unprecedented Planning & Spending

First, the ugly facts: The full text of the COMPETES Act weighs in at a staggering 2,912 pages. A section-by-section “summary” of the measure takes up 109 pages alone. Even the shorter “fact sheet” for the bill is 20 pages long. It is impossible to believe that anyone in Congress has read every provision of this bill. It will be another case of having “to pass the bill so you can find out what’s in it,” as Speaker Pelosi once famously said about another mega-measure.

Of course, a mega bill presents major opportunities for lawmakers to sneak in endless gobs of pork and unrelated policy measures they can’t find any other way to get through Congress. The Senate already passed a similar 2,600-page companion measure last summer, “The U.S. Innovation and Competition Act.” Lawmakers loaded up that measure with so much pork and favors for special interests that Sen. John N. Kennedy (R-La.) labelled the effort an “orgy of spending porn.” Like that effort, the new COMPETES Act includes $52 billion to boost domestic semiconductor production as well as $45 billion in grants and loans to address supply chain issues.

But there are billions allocated for other initiatives, as well as countless provisions addressing other technologies and sectors. The list is seemingly endless and includes: 5G mobile networks, biometrics, quantum information science, “the development of safe and trustworthy artificial intelligence and data science,” cybersecurity literacy, drone security, microelectronics, electronic waste, genomics, isotope development, and the Large Hadron Collider and high intensity lasers, among many other things. The measure also proposes a broad array of Green New Deal-esque efforts focused on things like: biometrology, climate and Earth modeling, deforestation and overfishing / “driftnet” fishing matters, marine mammal research, solar energy, bioenergy, the creation of a National Engineering Biology Research and Development Initiative and a Regional Clean Energy Innovation Program at the Department of Energy, clean water programs, a national clean energy incubator program, and helium conservation, again among many other things. There are even provisions addressing the trading of shark fins and almost 70 pages of provisions on coral reef conservation.

A Sweeping Macroeconomic Planning Exercise

There are more sweeping macroeconomic provisions and mandates in the bill. For example, the COMPETES Act would create a new “national supply chain database,” as well as a Supply Chain Resiliency and Crisis Response Office in the Department of Commerce, while also requiring the Director of White House Office of Science & Technology Policy to develop and submit to Congress a 4-year comprehensive national S&T strategy. The measure also includes trade adjustment assistance for workers, firms, and farmers and even provisions dealing with currency undervaluation. There are also many provisions addressing drug manufacturing and medical supply chain issues. There are even proposed expansions of federal antitrust power. (Apparently, once America’s grandiose industrial policies magically create global powerhouses in every sector, we’ll need expanding antitrust action to tear them all down and start all over again! Meanwhile, perhaps the greatest irony of the new industrial policy efforts is that, while lawmakers are falling all over themselves to shower corporate America with hundreds of billions of taxpayer dollars, policymakers are simultaneously on a regulatory and antitrust jihad against many successful tech companies with bills that would break them up or destroy their business models.)

Perhaps most radically, the measure includes a 25-page section proposing a sweeping new “National Critical Capabilities Review” process to oversee outbound investments. Covington lawyers noted that, if such a regulatory regime is enacted, “the United States would become the first major Western advanced economy to adopt a broad-gauged outbound investment screening process, raising the prospect of a new era in national security-based reviews and restrictions of international investment flows.”

Finally, the COMPETES Act includes a huge assortment of other national security and foreign policy-related provisions, most of which focus on countering China in some fashion. “There’s a lot of Cold War-style influence mongering happening here,” says Reason’s Elizabeth Nolan Brown, including programs that sound like they could have been concocted by the CIA, such as the bill’s “Countering China’s Educational and Cultural Diplomacy in Latin America” initiative. But there is also a lot of language here addressing other regions or countries, including: Oceania, Africa, the Arctic, the Middle East, Iran, Hong Kong, Taiwan, and others.

The relationship of most of these provisions to U.S. industrial competitiveness is tenuous to say the least. Nonetheless, those provisions take up a huge amount of space in this nearly 3,000-page industrial policy measure and may end up complicating its passage.

A Chicken in Every Pot

The inclusion of “Regional Technology and Innovation Hubs” in the bill deserves special attention. The Act proposes $7 billion over four years to fund 10 different innovation hubs and it includes many provisions about how and where money will be spent. It’s hard to see how spreading $7 billion across 10 hubs is actually going to result in much once every special interest gets their cut of the action, but proposals like these are all the rage these days. It’s the equivalent of policymakers promising a high-tech chicken in every pot, or a Silicon Valley in every state.

In a two-part series for Discourse, I documented the problems associated with the many previous government efforts to create innovation hubs, tech clusters, or science parks. The government’s track record in this regard is long and lamentable. Instead of following a time-tested approach getting the broad innovation policy environment right through a “generalized” approach to economic growth and development, most policymakers took unwise shortcuts and tried using “targeted” development schemes that were incredibly risky and ended up squandering a huge amount of taxpayer resources.

But all those failed past efforts probably won’t stop this high-tech pork barrel effort from rolling forward in some fashion. The proposed new regional hub effort comes on top of an announcement last July by the Commerce Department that the agency plans to allocate $1 billion in pandemic recovery funds to create or expand “regional industry clusters” as part of the administration’s new “Build Back Better Regional Challenge.” The agency’s list of possible winning funding ideas includes an “artificial intelligence corridor” and a “climate-friendly electric vehicle cluster.” And there are many other federal and state programs throwing money at the idea of hub or “cluster” formation, or even just highly cronyist efforts to attract a single big tech firm. (Anyone remember the Foxconn fiasco in Wisconsin?)

As Matt Mitchell and I have noted, this growing trend represents the collision of federal industrial policy and long-standing state-based economic development efforts. Regardless of how well-intentioned they may be, it is highly unlikely these new tech pork barrel efforts will produce better results than the long string of earlier federal and state failures.

Secondary Effects & Unforeseeable Costs

A bill this big presents many other big opportunities for corporations and other special interests. It’s no wonder that many companies, trade associations, and other special interests are lining up to support this effort. In a recent study co-authored with Connor Haaland (“Does the US Need a More Targeted Industrial Policy for AI & High-Tech”), we outlined “the way rent-seeking and cronyism often become chronic problems for highly targeted, big-budget industrial policy efforts.” Those problems will grow exponentially if the COMPETES Act passes. Everyone expects a cut of the action when Washington starts showering sectors with money.

But there’s a bigger problem associated with the everything-and-the-kitchen-sink approach to such a massive industrial policy bill. All the ambiguities associated with a monster measure like this means that agency bureaucrats will be left to fill in all the details for many years to come. It is folly of the highest order to believe that all these agencies will work together in a tightly coordinated and consistent way to advance industrial policy efforts or address “strategic objectives.” Anyone currently following the fight between the FAA and FCC over the rollout of 5G wireless networks will know what I am talking about. Moreover, delegating broad authority and big money to all these agencies just further reinforces the rent-seeking instincts of special interests, who will rush to their respective regulatory masters with hat in hand. This presents agencies with an added policy lever to blackmail companies into doing what they want without any new regulations even being issued.

And then there is the final consideration: where will all the money come from for this grand exercise in technocratic central planning? The Senate bill costs an estimated $250 billion. To be clear, that’s A QUARTER TRILLION DOLLARS. We’re talking big money, and chances are that the final price tag for the House’s COMPETES Act will be even higher. Does the money to fund all this profligate spending just fall like manna from industrial policy heaven? No, it will come out the pockets of the American taxpayer and American companies (who will just pass the bill along to consumers). This will have dynamic effects on growth and innovation that are almost never discussed in industrial policy debates. Here’s how Connor Haaland and I put it in our big study:

“First, a dollar spent pursuing one objective is a dollar that could have been invested differently, and potential better. Second, the very act of imposing taxes to cover these state gambits results in costs and distortions that must be accounted for. Some of these costs are deadweight losses associated with taxes and tax collection more generally. But this points to a third lesson: The true potential costs associated with industrial policy programs also need to account for the negative secondary effects of rent-seeking, bureaucracy, and the many other downsides of the political system, included cost overruns and corruption.”

As the old saying goes: There is no free lunch.

Conclusion: There Is a Better Way

Some advocates of the COMPETES Act label it a “competitiveness bill” or an “innovation initiative.” It takes a great deal of hubris to pretend that that the economy is just a giant machine to be manipulated and that policymakers can easily “dial in” the desired innovation results through massive bills and expanded bureaucracy.

Lawmakers and bureaucrats are not going to allocate capital more efficiently than private innovators and investors. Nor are they going to be able to “shore up supply chains” or create tech hubs in every city just by sprinkling a little magical industrial policy pixie dust thinly across the entire nation.

We should not try to compete with China by becoming China. Nor do we need to. Markets and supply chains recover from setbacks faster than governments can. This week, the White House reiterated its support for industrial policy efforts to strengthen supply chains and extend subsidies to the semiconductors industry. But, assuming the COMPETES Act passes, it’ll take years to get all the planning and spending going. When government spins those proverbial dials, it does so very slowly and extremely inefficiently. Meanwhile, the same day the White House was making these announcements, it was also touting that $80 billion in private investment has been announced by the US semiconductor industry recently. Just last week, Intel announced it plans to invest at least $20 billion in two new chip-making facilities in Ohio. Scott Lincicome and Ilana Blumsack have documented the many other private initiatives underway by the semiconductor industry to expand domestic manufacturing capacity, as well as efforts by foreign firms like Samsung to invest here to take advantage of our skilled workforce and vibrant capital market. This is all happening despite the fact that Congress is still debating an industrial policy measure that may end up being too bloated to even achieve successful passage this session.

Does government have any role to play? It certainly does. Most current industrial policy proposals fail to understand that the most important thing that policymakers can do is to clean up decades of earlier failed industrial policy efforts. Industrial policies in fields like energy, aviation, space, communications and other sectors skewed markets in unnatural and inefficient ways by favoring specific technologies and companies over others. This is because industrial policy all too often devolves into the business of picking winners and losers. This is not always done in a formal way or even with clear intent. Rather, when government is throwing around billions and engaging in casino economics by placing big bets, a lucky few will win at the expense of others.

Of course, not all government support is as wasteful or corporatist in character. “Basic” R&D efforts are certainly more defensible than most “applied” or “targeted” efforts. “When government is supporting basic R&D,” Connor Haaland and I have noted, “the chances of wasting scarce resources on risky investments can be minimized to some degree, at least as compared with highly targeted applied R&D investments in unproven technologies and firms.”

And then there are all of the education and training efforts governments can undertake. If lawmakers were smart, they would have just limited their efforts to the sort of things found in Titles III, V, and VI of the COMPETES Act, which relates to boosting STEM education, high-tech workforce training, improving National Science Foundation research efforts, and funding various other federal science agencies and labs, that conduct more basic research. And more flexible immigration policies are also essential.

Meanwhile, government defense spending isn’t going to dry up anytime soon and it continues to represent an indirect form of industrial policy given the trillions of dollars that are spread around through the so-called “military-industrial complex.” That certainly doesn’t mean America should be greatly expanding its already bloated defense budgets in the name of expanding industrial policy. Yet, for better or worse, government is always going to be spending a lot of money on defense priorities and it gives it a chance to address whatever “strategic” needs it has.

But the current industrial policy behemoth advancing in Congress represents a misguided effort at domestic retrenchment and a collapse into a lamentable sort of techno-mercantilism thinking that happens every quarter century or so. In my paper with Haaland as well as a separate essay, I have documented just how misguided the “Japan panic” of the 1980s and 90s was. One policymaker and pundit after another lined up to breathlessly proclaim the end of America if we failed to adopt a grandiose industrial policy to counter Japan. Of course, that industrial policy approach ended up being such a disaster that even the Japanese government itself declared in a 2000 report that “the Japanese model was not the source of Japanese competitiveness but the cause of our failure.”

Moreover, it is worth noting what happened with the Internet and digital technology in the U.S. versus the rest of the world in the 1990s and beyond. America essentially put a policy firewall between the emerging digital technology sector and the old industrial policy regime we had for analog sectors and technologies, like broadcasting and wireline telephony. And thank God we did! America’s digital technology sector thrived, and U.S.-headquartered tech companies became household names across the globe. Meanwhile, the Europeans have spent 20 years crafting one misguided industrial policy scheme after another to equal America’s accomplishments. Despite highly targeted and expensive efforts to foster a domestic digital tech base, the EU has instead generated a string of industrial policy failures that Haaland and I documented in detail here.

Corporatism, cronyism, and profligate pork-barrel spending were not the sources of America’s competitive advantage in digital technology, and top-down planning did not make our digital technology companies global powerhouses. Instead, we got our innovation culture right for digital technology. First and foremost, our the default regulatory policy for the digital economy was permissionless innovation. No one had to ask anyone for the right to develop all those new digital technologies and online platforms. The Clinton Administration’s 1997 “Framework for Global Electronic Commerce” announced that “governments should encourage industry self-regulation and private sector leadership where possible” and “avoid undue restrictions on electronic commerce.” Second, investors saw that positive policy ecosystem developing and moved quickly to shower entrepreneurs in this sector with unprecedented private venture capital investment. Third, education and career opportunities in these sectors expanded accordingly. Real-time “learning by doing” took place as millions of people learned new digital skillsets on the fly. Kids learned how to code before anyone could even teach them how to type. Most importantly, talented immigrants and foreign investors then came here to take advantage of all this, allowing America to steal away the best and brightest from the rest of the world.

This constitutes one of the greatest capitalist success stories in human history, and it all happened without targeted, technocratic, top-down industrial policy planning. This is the more principled and less costly vision for innovation policy America needs today to counter China and the rest of the world. There is absolutely no reason that we can’t apply this same vision to aviation, space, semiconductors, energy, nanotech, AI, and many other sectors of importance.

Additional Reading from Adam Thierer on Industrial Policy:

Adam Thierer & Connor Haaland, “Does the US Need a More Targeted Industrial Policy for AI & High-Tech?” Mercatus Center Research Paper, November 17, 2021.
Adam Thierer, “The Coming Industrial Policy Hangover,” The Hill, February 16, 2022.
Podcast: “What’s Wrong with Industrial Policy,” Hold These Truths with Rep. Dan Crenshaw, February 16, 2022.
Adam Thierer, “Government Planning and Spending Won’t Replicate Silicon Valley,” Discourse, August 18, 2021.
Adam Thierer, “To Promote Tech Hubs Across the Country, Governments Should Focus on Improving the General Business Environment,” Discourse, September 9, 2021.
Adam Thierer, “Industrial Policy as ‘Casino Economics‘,” The Hill, July 12, 2021.
Adam Thierer, “‘Japan Inc.’ and Other Tales of Industrial Policy Apocalypse,” Discourse, June 28, 2021.
Adam Thierer & Connor Haaland, “Should the U.S. Copy China’s Industrial Policy?” Discourse, March 11, 2021.
Connor Haaland & Adam Thierer, “Can European-Style Industrial Policies Create Tech Supremacy?” Discourse, February 11, 2021.
Matthew D. Mitchell and Adam Thierer, “Industrial Policy is a Very Old, New Idea,” Discourse, April 6, 2021.
Adam Thierer, “Industrial Policy Advocates Should Learn from Don Lavoie,” Discourse, November 5, 2021.
Adam Thierer, “On Defining ‘Industrial Policy,'” Technology Liberation Front, September 3, 2020.
Adam Thierer, “Skeptical Takes on Expansive Industrial Policy Efforts,” Technology Liberation Front, March 15, 2021.

Other critical essays on industrial policy:

Mike Watson, “Industrial Policy in the Real World,” National Affairs, Summer 2021.
Scott Lincicome and Huan Zhu, “Questioning Industrial Policy: Why Government Manufacturing Plans Are Ineffective and Unnecessary,” Cato Institute Working Paper, June 16, 2021.
Samuel Gregg, “Industrial Policy Mythology Confronts Economic Reality,” Law & Liberty, September 3, 2021.
Chang-Tai Hsieh, “Countering Chinese Industrial Policy Is Counterproductive,” Project Syndicate, September 15, 2021.
Anne O. Krueger, “America’s Muddled Industrial Policy,” CGTN, June 25, 2021.
Tracy C. Miller, “The Case for Limiting Government Semiconductor Subsidies,” The Hill, June 26, 2021.
Scott Lincicome, “The ‘Endless Frontier’ and American Industrial Policy,” Cato Institute Blog, May 26, 2021.
Daniel W. Drezner, “Is the United States capable of industrial policy in 2021?” Washington Post, June 14, 2021.
Douglas Holtz-Eakin, “The Nicest Thing I Can Write About Supply Chain Policy,” The Daily Dish, June 10, 2021.
Lipton Matthews, “Industrial Policy—a.k.a. Central Planning—Won’t Make America Great,” Mises Wire, November 5, 2021.
Richard Beason, “Japanese Industrial Policy: An Economic Assessment,” National Foundation for American Policy, November 2021.
Douglas Irwin, “Memo to the Biden administration on how to rethink industrial policy,” Peterson Institute for International Economics, October 2020.
Jim Pethokoukis, “Will Biden’s embrace of industrial policy pay off?” AEI Blog, January 15, 2021.
Phil Levy & Christine McDaniel, “Does the U.S. Need a Vigorous Industrial Policy?” Discourse, February 16, 2021.
Veronique de Rugy, “Support for Industrial Policy is Growing,” AIER, January 18, 2020.
Ben Reinhardt on concerns about The Endless Frontier Act
Ryan Bourne, “Do Oren Cass’s Justifications for Industrial Policy Stack Up?” Cato Commentary, August 15, 2019.
Scott Lincicome, “Manufactured Crisis: ‘Deindustrialization, Free Markets, and National Security,” Cato Policy Analysis No. 907, January 27, 2021.
Judge Glock, “Semiconductors Don’t Need Subsidies,” City Journal, April 20, 2021.
Judge Glock, “Industrial Policy Hurts Industry,” Washington Examiner, April 20, 2021.

Skeptical Takes on Expansive Industrial Policy Efforts

Adam Thierer — Mon, 15 Mar 2021 17:09:11 +0000

[Last updated 3/25/22]

Industrial Policy is a red-hot topic once again with many policymakers and pundits of different ideological leanings lining up to support ambitious new state planning for various sectors — especially 5G, artificial intelligence, and semiconductors. A remarkably bipartisan array of people and organizations are advocating for government to flex its muscle and begin directing more spending and decision-making in various technological areas. They all suggest some sort of big plan is needed, and it is not uncommon for these industrial policy advocates to suggest that hundreds of billions will need to be spent in pursuit of those plans.

Others disagree, however, and I’ll be using this post to catalog some of their concerns on an ongoing basis. Some of the criticisms listed here are portions of longer essays, many of which highlight other types of steps that governments can take to spur innovative activities. Industrial policy is an amorphous term with many definitions of a broad spectrum of possible proposals. Almost everyone believes in some form of industrial policy if you define the term broadly enough. But, as I argued in a September 2020 essay “On Defining ‘Industrial Policy‘,” I believe it is important to narrow the focus of the term such that we can continue to use the term in a rational way. Toward that end, I believe a proper understanding of industrial policy refers to targeted and directed efforts to plan for specific future industrial outputs and outcomes.

The collection of essays below is merely an attempt to highlight some of the general concerns about the most ambitious calls for expansive industrial policy, many of which harken back to debates I was covering in the late 1980s and early 1990s, when I first started a career in policy analysis. During that time, Japan and South Korea were the primary countries of concern cited by industrial policy advocates. Today, it is China’s growing economic standing that is fueling calls for ambitious state-led targeted investments in “strategic” sectors and technologies. To a lesser extent, grandiose European industrial policy proposals are also prompting new US counter-proposals.

All this activity is what has given rise to many of the critiques listed below. If you have suggestions for other essays I might add to this list, please feel free to pass them along. FYI: There’s no particular order here.

Scott Lincicome and Huan Zhu, “Questioning Industrial Policy: Why Government Manufacturing Plans Are Ineffective and Unnecessary,” Cato Institute Working Paper, June 16, 2021.

[I]ndustrial policy – properly defined – has an extensive and underwhelming history in the United States, featuring high costs (seen and unseen), failed objectives, and political manipulation. Surely, not every U.S. industrial policy effort has ended in disaster, but facts here and abroad argue strongly against new government efforts to boost “critical” industries and workers and thereby fix alleged market failures. Such efforts warrant intense skepticism – skepticism that today is unfortunately in short supply.

Adam Thierer, “Industrial Policy as Casino Economics,” The Hill, July 12, 2021.

While some government investments will always be necessary, policymakers engaging in casino economics means bad industrial policy bets and taxpayer money squandered on risky ventures best made by private actors. We need to keep Uncle Sam’s gambling habits in check.

Adam Thierer, “Thoughts on the America COMPETES Act: The Most Corporatist & Wasteful Industrial Policy Ever,” Technology Liberation Front, January 26, 2022.

As far as industrial policy measures go, the COMPETES Act is one of the most ambitious and expensive central planning efforts in American history. It represents the triumph of top-down, corporatist, techno-mercantilist thinking over a more sensible innovation policy rooted in bottom-up competition, entrepreneurialism, private investment, and free trade.

Adam Thierer & Connor Haaland, “Does the US Need a More Targeted Industrial Policy for AI & High-Tech?” Mercatus Center at George Mason University, Special Study, November 2021.

This paper considers how both the recent history of high-tech industrial policy efforts at the national and international level—as well as some state and local economic development efforts in the United States—might better inform the wisdom of proposed efforts for AI or other high-tech sectors. That history is spotted with some limited successes alongside a long string of costly failures. We explore the reasons for those failures and recommend that the US refocus on the policy prerequisites that helped give rise to the computing and internet revolutions: a more generalized approach to economic development rooted in light-touch regulation and taxation of emerging technology.

Samuel Gregg, “Can America Build A Broad-Based Economy?” Law & Liberty, March 1, 2022

Of course, if a government decides to put enough money and resources behind a given industrial policy, it will likely produce some results. Yet the same is true of the gambler. If she stays in the casino long enough and spends enough money, she will win a few hands of cards. But the odds are that she will also lose a great deal of money, especially if she is as inept a gambler as the government is maladroit at identifying industry trends or entrepreneurial opportunities. Moreover, just as a compulsive gambler’s behavior will have numerous negative effects on her family’s well-being, so too does industrial policy risk inflicting wider damage upon a nation’s economy and political system. The harms range from gross misallocations of resources to the rampant cronyism and rent-seeking that seems inseparable from industrial policy (which, I again note, its advocates studiously avoid discussing), to name just a few.

Phil Gramm & Mike Solon, “Peace Through Strength Requires Economic Freedom,” Wall Street Journal, March 1, 2022.

The America Competes Act is the House’s effort to outdo the Chinese Communist Party’s latest five-year plan. The 2,900-page bill would make an old Soviet commissar blush. [. . . ] America’s success in the world economy has never depended on industrial policy or government subsidies. It has come from the relative absence of government planning and subsidies. This is hardly news. The U.S. government provided support for the efforts of Samuel Langley, the greatest aviation expert of the 1890s, in his effort to make America first in powered flight. His manned Aerodrome flopped into the Potomac River. It was the Wright brothers, two unsubsidized but determined bicycle makers from Dayton, Ohio, who flew at Kitty Hawk, N.C., and changed the world.

Scott Lincicome, “Moving Fast and Breaking Things,” Capitolism, February 2, 2022.

Adam Thierer, “The Coming Industrial Policy Hangover,” The Hill, February 16, 2022.

In the rush to pass legislation, we’ve barely heard a peep about the $250-$350 billion price tag. This follows a massive splurge of recent government borrowing, which led to the U.S. national debt hitting another lamentable new record: $30 trillion. China already owns over $1 trillion of that debt, making one wonder if we’re really countering China by adopting a massive, new and unfunded industrial policy that they will end up financing indirectly.

Podcast: “What’s Wrong with Industrial Policy,” Hold These Truths with Rep. Dan Crenshaw, February 16, 2022.

Tad DeHaven and Adam Thierer, “ The Military-Industrial Complex Offers a Cautionary Tale for Industrial Policy Planning,” Discourse, March 25, 2022.

Wayne Crews, “What To Do Instead Of The America COMPETES Act,” Forbes, February 2, 2022.

All this spending and expansion of the federal government, atop which our leaders would lay the America COMPETES Act and doubtless its own accompanying guidebook, has massive, ignored regulatory effects. Trillions in government spending (”investment”) have altered and will alter the entire trajectory and competitive environment of industries engaged in large-scale enterprises and transactions. This removes vast swaths of business activity from free competitive enterprise altogether, and creates displacements and distortions such that the restoration of free enterprise becomes a near-impossible disentanglement. The result is, after 100 years of big government and seduction of and fusion with big business, the greatest endeavors—from infrastructure to artificial intelligence, from smart cities to space—now consist of “partnerships” with governments rather than free enterprise, at scales and at costs so gigantic they can only be ignored.

Adam Thierer, “‘Japan Inc.’ and Other Tales of Industrial Policy Apocalypse,” Discourse, June 28, 2021.

Perhaps the most ironic indictment of industrial policy punditry lies in the way all the earlier books and essays about Japanese planning not only failed to forecast the many flops associated with it, but also did not foresee China as a potential future economic juggernaut. [. . .] What might that tell us about the ability of experts to predict the future course of countries and economies?

Adam Thierer, “Can Government Reproduce Silicon Valley Everywhere?” Technology Liberation Front, September 12, 2021.

government efforts to artificially try to create regional innovation hubs in a top-down, technocratic fashion will almost certainly persist. As they do, some will argue that this time will be different! Perhaps, but it is more likely that the past is prologue; these new hubs will likely cause federal politicians to jockey for position to have their regions named one of the winners and get a big cut of all the new high-tech pork being served up by Washington.

Weifeng Zhong, “Beijing Can’t Make Sense of Biden’s China Strategy. Can Biden?” Washington Examiner, July 01, 2021.

America is not China, and it would be a fatal mistake to equate competing with China with imitating what China does. Doing so would risk the advantageous U.S. position as the world’s chief innovator, whose ideas are turned into products by vibrant private sectors both domestically and internationally.

Mike Watson, “Industrial Policy in the Real World,” National Affairs, Summer 2021.

Given the nature of industrial policymaking in the United States, there’s little reason to believe future attempts at industrial planning will result in a more coherent, rational, or strategic allocation of resources than they have in the past. [. . .] In short, industrial policy in the United States cannot be steered by a small group of enlightened individuals, because a small group of enlightened individuals will never be at the helm. Indeed, in some sense, there is no single “helm” to speak of.

Samuel Gregg, “Industrial Policy Mythology Confronts Economic Reality,” Law & Liberty, September 3, 2021.

If prizes in policy debates were given out for persistence, those advocating for more widespread use of industrial policy in America would be first in line. No matter how many times it is pointed out that they don’t understand the nature and workings of comparative advantage; or avoid acknowledging how industrial policy fosters rampant cronyism and corruption; or highlight what they consider examples of countries in which industrial policy has been employed successfully (only to have it demonstrated that it didn’t quite work out the way they suggested), they don’t give up.

Elizabeth Nolan Brown, “If This Is How America COMPETES, We’re Going to Lose,” Reason, January 26, 2022.

the bill can’t simply address one main issue or a few critical needs. Instead, it tries to insert the government into every aspect of all sorts of industries and markets and pretend that bureaucrats can solve complex social and cultural issues.

Chang-Tai Hsieh, “Countering Chinese Industrial Policy Is Counterproductive,” Project Syndicate, September 15, 2021.

US political leaders have long tried to counter Chinese industrial policy. And now they seem to have decided that the best way to do that is to emulate it. But their agenda betrays a profound lack of understanding of the unique challenge posed by China’s coupling of an authoritarian political regime with a dynamic market economy.

Adam Thierer, “Industrial Policy Advocates Should Learn from Don Lavoie,” Discourse, November 5, 2021.

“In light of the inherent deficiencies of central planning,” Lavoie said, “it might be argued that the U.S. should instead try to reduce current government interference with the competitive process to the absolute minimum consistent with other political goals.” It remains wise advice for today’s policymakers.

Anne O. Krueger, “America’s Muddled Industrial Policy,” CGTN, June 25, 2021.

Governments have a poor track record of identifying “winners” – be it a company or a category of technology – whereas private companies have proved better at transforming new discoveries into new products or cost savings. That is why the U.S. state traditionally has stuck to funding basic research.

Eric Boehm, “Massive Subsidies Won’t Solve the Semiconductor Supply Chain Crisis,” Reason, January 28, 2022.

Tracy C. Miller, “The Case for Limiting Government Semiconductor Subsidies,” The Hill, June 26, 2021.

Without the subsidies, firms would be more cautious about building or expanding foundries. If long-term production capacity is truly insufficient, high prices and anticipated profits give firms the right incentives to build or expand and satisfy demand at cost-covering prices.

Scott Lincicome, “The ‘Endless Frontier’ and American Industrial Policy,” Cato Institute Blog, May 26, 2021.

U.S. industrial policy has a long history of struggling to overcome political pressures, just as public choice predicts, and the EFA is no different. None of this means that all legislating is bad, or that politicians don’t at least occasionally vote in the national interest. Instead, the public choice framework simply adds another hurdle—along with things like the “knowledge problem,” seen and unseen costs, and misaligned incentives—to designing and implementing commercial policies specifically intended to beat the admittedly messy and imperfect situation that the market generates. It’s imperative that we understand these risks before supporting policies that, while they might look good on paper, could easily morph into a counterproductive boondoggle—one we’ve seen countless times with respect to U.S. industrial policy.

Daniel W. Drezner, “Is the United States capable of industrial policy in 2021?” Washington Post, June 14, 2021.

To believe that the United States can pursue a high-caliber industrial policy, however, requires assuming a more competent state than I have seen in the past decade.

Douglas Holtz-Eakin, “The Nicest Thing I Can Write About Supply Chain Policy,” The Daily Dish, June 10, 2021.

Nevertheless, the Senate just passed a provision for $50 billion to subsidize chip fabrication – something the president had requested – and the House will doubtlessly concur. That might seem like an industry victory, but wait until it realizes that the administration will assume it gives it the right to insist on union jobs, micromanage the design of chips, and dictate the pricing and distribution of the products. Good luck with that. As the definitive volume on policy analysis (Benjamin Franklin’s Poor Richard’s Almanack) put it, “He that lieth down with dogs shall rise up with fleas.”

Lipton Matthews, “Industrial Policy—a.k.a. Central Planning—Won’t Make America Great,” Mises Wire, November 5, 2021.

Although industrial policy is in vogue, the evidence suggests that it is not necessary for long-term development. Moreover, despite the popularity of industrial policy in China, America remains the world’s economic power, and by following China, it may lose this vaunted position.

Richard Beason, “Japanese Industrial Policy: An Economic Assessment,” National Foundation for American Policy, November 2021.

There is no evidence to support the claim that Japanese industrial policy during the 1955-1990 period enhanced growth rates by sector, industries with economies of scale (greater efficiency when produced in increased amounts), productivity growth or “competitiveness.” The reality of the political process and government spending priorities makes it very difficult for such policies to be effective. Furthermore, even if political pressures had not intervened, it seems questionable to suggest that government policymakers would be better than actual market participants in determining the most efficient allocation of resources to produce the best economic outcomes.

Douglas Irwin, “ Memo to the Biden administration on how to rethink industrial policy,” Peterson Institute for International Economics, October 2020.

The challenge for policymakers is to identify such industries without succumbing to the notion that every industry is vital to some public objective. For example, the goal of “economic security” is so broadly defined and open-ended that virtually every domestic producer could claim the need for government support on that basis. The risk is that ill-conceived government programs will encourage corrupt behavior in which industries benefit themselves without contributing to national welfare.

Jim Pethokoukis, “Will Biden’s embrace of industrial policy pay off?” AEI Blog, January 15, 2021.

The history of such efforts in advanced capitalist economies gives ample reason for skepticism about the effectiveness of such top-down government planning, from Japanese economic stagnation to the now-mothballed Concorde supersonic jet to France’s failed attempt to create a thriving tech sector. The Internet might seem like the exception that negates the rule, but what turned out to be a successful partnership of government and entrepreneurs didn’t arise out of some master plan from Washington. And what do even the smartest plans look like when filtered through the dodgy quality of American governance? Maybe as an excuse for cronyism and protectionism.

Adam Thierer & Connor Haaland, “Should the U.S. Copy China’s Industrial Policy?” Discourse, March 11, 2021.

America needs to embrace its already vibrant venture capital market, the benefits of basic science and prize competitions, and a light-touch regulatory approach instead of gambling taxpayer dollars on grandiose industrial policy schemes that would likely become boondoggles.

Connor Haaland & Adam Thierer, “Can European-Style Industrial Policies Create Tech Supremacy?” Discourse, February 11, 2021.

Thus far, however, the Europeans don’t have much to show for their attempts to produce home-grown tech champions. Despite highly targeted and expensive efforts to foster a domestic tech base, the EU has instead generated a string of industrial policy failures that should serve as a cautionary tale for U.S. pundits and policymakers, who seem increasingly open to more government-steered innovation efforts.

Phil Levy & Christine McDaniel, “ Does the U.S. Need a Vigorous Industrial Policy?” Discourse, February 16, 2021.

we are certainly hearing new enthusiasm these days about industrial policy. It seems to have proponents or converts on both sides of the aisle. This either means that a new consensus has emerged, or it means that the term is being used so loosely that it has lost its original meaning. I’ll go with the latter; it now means different things to different people.

Wall Street Journal columnist Greg Ip discussing why “ The traditional skepticism toward industrial policy is well deserved.”

The traditional skepticism toward industrial policy is well deserved. Once Washington starts writing checks for semiconductors, other industries may get in line with the outcome determined more by political clout than economic merit. As in shipbuilding, the targeted companies may end up in perpetual need of federal protection and unable to compete internationally

David Ignatius, “The U.S. is quietly mobilizing its economy against China,” Washington Post, March 4, 2021.

The industrial policy the AI commission recommends could unlock talent and innovation. But if officials aren’t careful, government intervention could also afflict our best companies with the dead weight and dysfunction of our broken political system. We need government to spawn brainpower, not bureaucracy.

Veronique de Rugy, “Support for Industrial Policy is Growing,” AIER, January 18, 2020.

Looking at the federal government today tells me that the problems surrounding R&D programs in the past continue today, and will continue tomorrow, because they are simply a consequence of the normal functioning of government. It is hard to wish these problems away, even in the face of the private sector’s “imperfections.” Those arguing for more funding in R&D should proceed with caution.

Ben Reinhardt on concerns about The Endless Frontier Act

This bill is proposing to give money with risk-averse restrictions to a risk-averse organization (the NSF) to be dispersed among other risk-averse organizations (Universities) into a system with increasingly risk-averse incentives. Note that I’m not saying “it’s all fubar’d lets burn it to the ground!” but I am suggesting that instead of slamming on the accelerator, we should be asking “what would a tune-up and an oil change look like instead?”

Ryan Bourne, “Do Oren Cass’s Justifications for Industrial Policy Stack Up?” Cato Commentary, August 15, 2019.

Oren Cass asserts that markets cannot generally allocate resources efficiently by industry. Yet he provides no meaningful metrics to show this is the case, nor shows why his policies would deliver better outcomes. His two main claims about the benefits of a manufacturing sector — “stable employment” and “strong productivity growth” — are directly contradictory. A plethora of evidence suggests as countries’ get richer due to automation and technological improvements, they demand relatively more services, and so the industrial sector declines in employment terms.

Scott Lincicome, “ Manufactured Crisis: ‘Deindustrialization, Free Markets, and National Security,” Cato Policy Analysis No. 907, January 27, 2021.

This skepticism—mostly absent from Washington—is indeed warranted: analyses of the U.S. manufacturing sector and the relationship between trade and national security, as well as the United States’ long and checkered history of security‐related protectionism, undermine the theoretical justifications for imposing protectionism and industrial policy in the name of national defense. Instead, open trade, freer markets, and global interdependence will in almost all cases produce better outcomes in terms of national security and, most importantly, preventing wars and other forms of armed conflict.

Matthew Lau, “Trudeau government’s ‘industrial policy’ creates all the wrong incentives,” Toronto Sun, March 16, 2021.

Sen. Hawley’s Radical, Paternalistic Plan to Remake the Internet

Adam Thierer — Thu, 01 Aug 2019 18:00:17 +0000

Sen. Josh Hawley (R-MO) recently delivered remarks at the National Conservatism Conference and a Young America’s Foundation conference in which he railed against political and academic elites, arguing that, “the old era is ending and the old ways will not do.” “It’s time that we stood up to big government, to the people in government who think they know better,” Hawley noted at the YAF event. “[W]e are for free competition… we are for the free market.”

That’s all nice-sounding rhetoric but it sure doesn’t seem to match up with Hawley’s recent essays and policy proposals, which are straight out of the old era’s elitist and highly paternalistic Washington-Knows-Best playbook. Specifically, Hawley has called for a top-down, technocratic regulatory regime for the Internet and the digital economy more generally. Hawley has repeatedly made claims that digital technology companies have gotten a sweetheart deal from government and they they have censored conservative voices. That’s utter nonsense, but those arguments have driven his increasingly fanatic rhetoric and command-and-control policy proposals. If he succeeds in his plan to empower unelected bureaucrats inside the Beltway to reshape the Internet, it will destroy one of the greatest American success stories in recent memory. It’s hard to understand how that could be labelled “conservative” in any sense of the word.

I’ve been tracking Sen. Hawley’s increasingly radical plans for the digital economy in a series of essays, including:

In these articles, I have documented how Sen. Hawley has been whipping up a panic about digital technology companies and social media platforms to soften to ground for massive intervention by DC elites. Consider his hotly-worded USA Today op-ed from May in which he argued that, “social media wastes our time and resources,” and is “a field of little productive value” that have only “given us an addiction economy.” Sen. Hawley refers to sites like Facebook, Instagram, and Twitter as “parasites” and blames them for a litany of social problems (including an unproven link to increased suicide). He has even suggested that, “we’d be better off if Facebook disappeared” and seems to hope the same for other sites.

More insultingly, he has argued that the entire digital economy was basically one giant mistake. He says that America’s recent focus on growing the Internet and information technology sectors has “encouraged a generation of our brightest engineers to enter a field of little productive value,” which he regards as “an opportunity missed for the nation.” “What marvels might these bright minds have produced,” Hawley asks, “had they been oriented toward the common good?”

Again, this isn’t the sort of rhetoric that conservatives are usually known for. This is elitist, paternalistic tripe that we usually hear from market-hating neo-Marxists. It takes a lot of hubris for Sen. Hawley to suggest that he knows best which professions or sectors are in “the common good.” As I responded in one of my essays:

Had some benevolent philosopher kings in Washington stopped the digital economy from developing over the past quarter century, would all those tech workers really have chosen more noble-minded and worthwhile professions? Could he or others in Congress really have had the foresight to steer us in a better direction?

Why would Sen. Hawley think DC elites could do a better job centrally planning the economy? He doesn’t really tell us, instead preferring to fall back on conspiratorial rhetoric about evil “Big Tech” companies “censoring” conservatives voices. That’s the same card he played when he joined President Trump at the White House for the surreal, rambling “Social Media Summit” that took place last month. Trump used the same approach that Sen. Hawley and Sen. Ted Cruz (R-TX) have been using during recently Senate Judiciary Committee hearings: brow-beat witnesses and make wild claims about the whole digital world being out to muzzle conservative voices. As Andrea O’Sullivan and I noted in our essay about the Social Media Summit:

The President and other conservatives are tapping another approach: indirect censorship through both subtle and direct threats. This is an old playbook that goes by many different names: “jawboning,” “administrative arm-twisting,” “agency threats,” and “regulation by raised eyebrow.” These were the names given to broadcast-era efforts to pressure old radio and TV outlets to bring their programming choices in line with the desires of politicians and bureaucrats.

This is an old DC playbook that elites have used for decades to “work the refs” and try to extract promises from various parties under threat of more far-reaching regulation if they fail to comply with the demands of politicians. Again, there’s nothing remotely “conservative” about it.

Brushing aside such concerns, Sen. Hawley has started sketching out what a comprehensive regulatory regime for the Internet and social media might look like. He does so in two new bills, the “Ending Support for Internet Censorship Act” (co-sponsored by Sen. Cruz) and the “Social Media Addiction Reduction Technology (SMART) Act.” These two measures, if implemented, would radically remake the digital economy and lead to a remarkably intrusive regulatory regime for online speech and commerce.

The ridiculously named “Ending Support for Internet Censorship Act” would actually encourage the exact opposite result than its title suggests. The proposal would mandate that regulators at the Federal Trade Commission evaluate whether platforms have engaged in “politically biased moderation,” which is defined as moderation practices that are supposedly, “designed to negatively affect” or those that “disproportionately [restrict] or promote access to … a political party, political candidate, or political viewpoint.” Social media providers would need to petition the FTC for “immunity certifications” to then get regular audits to ensure they are moderating content in a government-approved manner. If they didn’t, they would lose their platform liability protections, which could effectively run them out of business.

This is permission slip-based regulation and it makes the old Federal Communications Commission licensing regime for broadcast radio and television look like child’s play by comparison. Hawley’s “Mother, May I?” licensing scheme for the Net would have unelected FTC bureaucrats make speech decisions for the entire Internet. It’s a massive First Amendment violation, and it would almost certainly face constitutional challenge if implemented.

What makes this all the more shocking, as I noted in response, this measure combines core elements of the old Fairness Doctrine as well as “net neutrality” mandates that conservatives have traditionally decried. The bill would also empower insider-the-Beltway lawyers, lobbyists, and consultants, who would be needed to navigate the maze of red tape this measure would give rise to. Worst of all, the measure is a massive gift to the trial lawyers Republicans love to hate because Hawley’s new regulatory regime would empower them to file an endless string of frivolous suits aimed at simply shaking down companies through early settlements. Again, how is this “conservative”?

Then there’s Hawley’s new “SMART Act,” which as Andrea O’Sullivan and I argue in our latest essay is really quite stupid. The highly technocratic measure lists a variety of business practices that would be automatically verboten. As Andrea and I summarize:

On the chopping block are infinite scrolling, video autoplay, and “gamification” features like offering badges or streaks for accomplishing certain feats. The bill would also require that social media companies build default time limits and pop-up notifications telling users how long they’ve been on a platform within six months of the bill passing. Weirdly, the bill specifies a time limit of 30 minutes on all social media platforms on all devices per day, after which point they will be locked out. The user would be able to raise that limit through platform settings, but it would reset to 30 minutes at the beginning of each month.

Who would have ever thought we now be living in a world where conservatives are calling for paternalistic, Washington-knows-best nannyism that lets agency bureaucrats forcibly shut down your social media access each day after just 30 minutes of use? Hell, why stop there? Perhaps Sen. Hawley could next impose daily limits how many Netflix shows we stream, how many podcasts we listen to, or how much time we spend playing video games. After all, he clearly thinks he knows what is in our own best interest.

No matter how much Sen. Hawley rails against elites and big government, what he has been saying and proposing represent elitism and regulatory paternalism of the very highest order. He may say that “the old era is ending and the old ways will not do” in his speeches, but through his actions he has whole-hardheartedly embraced the old order. And while he can mouth lines about how “it’s time that we stood up to big government, to the people in government who think they know better,” and while he might claim that he is “for free competition [and] the free market,” in reality, Sen. Hawley has become the most aggressive Republican booster of Big Government and managed markets that I have seen in my 30 years covering technology policy.

Hopefully, the real conservatives left out there will make a stand against Sen. Hawley’s abominable corruption of their movement and ideals.

Liberty and Security in the Proposed Internet of Things Cybersecurity Improvement Act of 2017

Jennifer Huddleston — Wed, 23 Aug 2017 18:22:04 +0000

On August 1, Sens. Mark Warner and Cory Gardner introduced the “Internet of Things Cybersecurity Improvement Act of 2017.” The goal of the legislation according to its sponsors is to establish “minimum security requirements for federal procurements of connected devices.” Pointing to the growing number of connected devices and their use in prior cyber-attacks, the sponsors aims to provide flexible requirements that limit the vulnerabilities of such networks. Most specifically the bill requires all new Internet of Things (IoT) devices to be patchable, free of known vulnerabilities, and rely on standard protocols. Overall the legislation attempts to increase and standardize baseline security of connected devices, while still allowing innovation in the field to remain relatively permissionless. As Ryan Hagemann[1] at the Niskanen Center states, the bill is generally perceived as a step in the right direction in promoting security while limiting the potential harms of regulation to the overall innovation in the Internet of Things.

The proposed legislation only creates such security requirements for the Internet of Things products purchased by the government. As a result, it does not directly affect the perceived market failure in securing the Internet of Things for either state and local governments or consumers. As a result, it is possible that either further state or federal legislation could develop different security norms in these areas or allow the market to sort out what level of security is needed in such products. Similarly, innovators might create different versions of products for consumers as opposed to the government if they found the security requirements of the federal procurement laws unnecessary. At the same time, consumers and other levels of government might reject such products if they feel they are less secure. For example, states and federal governments have independently developed their protocols and requirements for security in IT and Telecommunications services, and while all require some level of security, the exact requirements may vary. While most consumers still expect or opt in to some level of security for their personal computers, there are different expectations in security protocols for government and medical computer networks. A similar phenomena could emerge in the Internet of Things where the devices procured by the government are more secure than those available to the average consumer.

Defining and quantifying the Internet of Things can be difficult as new connected devices from toasters to teddy bears continue to arrive seemingly daily. As Ariel Rabkin discusses the bill defines the scope of devices covered in a broad ambiguous term of “Internet-connected device” which could cover not only new connected devices but much more mundane and common general purpose items such as laptops and smart phones. This ambiguity presents a serious concern regarding the proposed legislation. Given the security guidelines are being issued by the Office of Management and Budget in conjunction with each executive agency, we could see issues in agency’s use of soft law in an attempt to get Internet of Things entrepreneurs to adopt such standards beyond the items which the government procures. Because the items covered by the proposed legislation is ambiguous, it also raises concerns of what happens to emerging technologies such as connected cars where current security standards are already being discussed by agencies and devices such as laptops and cell phones where there are existing government and agency standards. If not clarified such a broad definition has potential to create uncertainty if the agency-based security standards for procurement. While initial standards are aimed at federal procurement, the delegation to agencies of these standards could lead to broader could lead to agency threats more generally in the Internet of Things and the use of government procurement standards as a type of soft law to influence the pace and course of innovation.

The proposed legislation provides a basic start on limiting the liability for Internet of Things researchers and systems security architects especially when coupled with existing intermediary protections. Unlike the FTC’s strict liability data security rules, the proposed legislation carves out safe harbors for both good faith security research and testing and updating the Digital Millennium Copyright Act (DMCA) and Computer Fraud and Abuse Act (CFAA) to have safe harbors provided the device was in compliance with the issued guidelines under the new legislation. This, however, creates questions of liability for non-federal government purchasers. First, if the devices fail to comply with the proposed standards in the consumer market could the presence of a more secure government alternative be used to support a design defect argument as the availability of a reasonable alternative design? And if not for an individual consumer, then what about a state or local government. Under the proposed legislation, merely not complying with standards in a consumer grade product does not seem likely to give rise to a case against an Internet of Things producer. The proposed legislation also does not appear to adequately address a safe harbor for insufficient fix or a latent defect. While these situations should not immediately find a company negligent, there are concerns that an inefficient patch might exacerbate rather than solve a problem. It also does not address a possible situation where a third party fails to update the security measures or the government in some way modifies existing protocols on the device inadvertently changing existing security features.

In general, the Internet of Things Cybersecurity Act of 2017 provides a base level of security that could lead to greater adoption by government entities without disrupting the innovation in the consumer market. At the same time its broad definition of the Internet of Things risks potential soft law abuse and its specificity to government procurement limits its potential broader impact on IoT security. If passed, the Internet of Things Cybersecurity Act might lead to promotion of security across devices and broader innovation in such protocols without requiring such technology into captivity.

[1] Ryan provided feedback on an earlier draft of this post.

Autonomous Vehicles Under Attack: Cyber Dashboard Standards and Class Action Lawsuits

Ryan Hagemann — Sat, 14 Mar 2015 13:06:08 +0000

In a recent Senate Commerce Committee hearing on the Internet of Things, Senators Ed Markey (D-Mass.) and Richard Blumenthal (D-Conn.) “announced legislation that would direct the National highway Traffic Safety Administration (NHTSA) and the Federal Trade Commission (FTC) to establish federal standards to secure our cars and protect drivers’ privacy.” Spurred by a recent report from his office (Tracking and Hacking: Security and Privacy Gaps Put American Drivers at Risk) Markey argued that Americans “need the equivalent of seat belts and airbags to keep drivers and their information safe in the 21^st century.”

Among the many conclusions reached in the report, it says, “nearly 100% of cars on the market include wireless technologies that could pose vulnerabilities to hacking or privacy intrusions.” This comes across as a tad tautological given that everything from smartphones and computers to large-scale power grids are prone to being hacked, yet the Markey-Blumenthal proposal would enforce a separate set of government-approved, and regulated, standards for privacy and security, displayed on every vehicle in the form of a “Cyber Dashboard” decal.

Leaving aside the irony of legislators attempting to dictate privacy standards, especially in the post-Snowden world, it would behoove legislators like Markey and Blumenthal to take a closer look at just what it is they are proposing and ask whether such a law is indeed necessary to protect consumers. For security in particular, there may be concerns that require redress, but if one looks at the report, it becomes apparent that it lacks a very important feature:: no specific examples of real car hacking are mentioned. The only examples illustrated in the report are described in brief detail:

An application was developed by a third party and released for Android devices that could integrate with a vehicle through the Bluetooth connection. A security analysis did not indicate any ability to introduce malicious code or steal data, but the manufacturer had the app removed from the Google Play store as a precautionary measure.

Great! The company solved the problem. What about the other instance cited in the report?

Some individuals have attempted to reprogram the onboard computers of vehicles to increase engine horsepower or torque through the use of “performance chips”. Some of these devices plug into the mandated onboard diagnostic port or directly into the under-the-hood electronics system.

So the only two examples of “car hacking” described in the Markey report are essentially duds. The first is a non-issue, since the company (1) determined there was little security risk involved and (2) removed the item from the market anyways, just to be sure. The second is, in a sense, hacking, but it is individual car owners doing it to their own cars. Neither of these cases appears to be sufficient grounds for imposing a set of arbitrary and, in many cases, capriciously anti-innovation approaches to privacy and data security in cars.

In the wake of the report’s release, this past Tuesday, March 10, General Motors, Toyota, and Ford were all hit with a nationwide class action lawsuit, alleging that the companies concealed “dangers posed by a lack of electronic security in a vast swath of vehicles.” Specifically, the lawsuit is aimed at the presence of controller area network (CAN) buses, which act as data hubs between the various electronic systems in a car. These systems are, indeed, susceptible to hacking, but no more than any personal computer that is connected to the Internet.

The trouble with this lawsuit, brought by the Stanley Law Group, is that it has not cited any specific harms that have occurred as a result of this “defect” (as a side note, saying a computer being susceptible to hacking constitutes a defect in design is the equivalent of saying an airplane that is susceptible to lightning strikes is fundamentally defective). Rather, the plaintiffs argue that “[w]e shouldn’t need to wait for a hacker or terrorist to prove exactly how dangerous this is before requiring car makers to fix the defect.”

As Adam Thierer and I pointed out in our 2014 paper, Removing Roadblocks to Intelligent Vehicles and Driverless Cars:

Manufacturers have powerful reputational incentives at stake here, which will encourage them to continuously improve the security of their systems. Companies like Chrysler and Ford are already looking into improving their telematics systems to better compartmentalize the ability of hackers to gain access to a car’s controller-area-network bus. Engineers are also working to solve security vulnerabilities by utilizing two-way data-verification schemes (the same systems at work when purchasing items online with a credit card), routing software installs and updates through remote servers to check and double-check for malware, adopting of routine security protocols like encrypting files with digital signatures, and other experimental treatments. (pg. 40-41)

It’s always easy to see the potential for abuse and harm with any new emerging technology, but optimism and fortitude in the face of the uncertain is what helps society, and individuals, grow and progress. Car hacking, while certainly a viable concern, is not so ubiquitous that it necessitates a heavy-handed regulatory approach. Rather, we should permit various standards to emerge and attempt to deal with possible harms. In this way, we can experiment to properly determine what approaches work and what do not. Federal standards imposed from on high assume that firms and individuals are not capable of working through these murky issues. We should be a bit more optimistic about the human capacity for ingenuity and adaptability.

To end on something of a more optimistic note, Tom Vanderbilt of Wired magazine gives keen insight into the reality of regulating based on hypothetical scenarios:

Every scenario you can spin out of computer error – what if the car drives the wrong way – already exists in analog form, in abundance. Yes, computer-guidance systems and the rest will require advances in technology, not to mention redundancy and higher standards of performance, but at least these are all feasible, and capable of quantifiable improvement. On the other hand, we’ll always have lousy drivers.

Additional Reading

Law review article: “Removing Roadblocks to Intelligent Vehicles and Driverless Cars,” September 17, 2014.
“Don’t Hit the (Techno-)Panic Button on Connected Car Hacking & IoT Security,” February 10, 2015.
“Don’t Slam the Brakes on Smart Cars,” December 1, 2014.
“Intelligent Vehicles Could Save Lives,” November 25, 2014.
Permissionless Innovation: The Continuing Case for Comprehensive Technological Freedom (2014)

What Privacy Invasion Looks Like

Jim Harper — Sat, 02 Oct 2010 15:01:02 +0000

The details of Tyler Clementi’s case are slowly revealing themselves. He was the Rutgers University freshman whose sex life was exposed on the Internet when fellow students Dharun Ravi and Molly Wei placed a webcam in his dorm room, transmitting the images that it captured in real time on the Internet. Shortly thereafter, Clementi committed suicide.

Whether Ravi and Wei acted out of anti-gay animus, titillation about Clementi’s sexual orientation, or simply titillation about sex, their actions were utterly outrageous, offensive, and outside of the bounds of decency. Moreover, according to Middlesex County, New Jersey prosecutors, they were illegal. Ravi and Wei have been charged with invasion of privacy.

This is what invasion of privacy looks like. It’s the outrageous, offensive, truly galling revelation of private facts like what happened in this case. Over the last 120 years, common law tort doctrine has evolved to find that people have a right not to suffer such invasions. New Jersey has apparently enshrined that right in a criminal statute.

The story illustrates how quaint are some of the privacy “invasions” we often discuss, such as the tracking of people’s web surfing by advertising networks. That information is not generally revealed in any meaningful way. It is simply being used to serve tailored ads.

This event also illustrates how privacy law is functioning in our society. It’s functioning fairly well. Law, of course, is supposed to reflect deeply held norms. Privacy norms—like the norm against exposing someone’s sexual activity without consent—are widely shared, so that the laws backing up those norms are rarely violated.

It is probably a common error to believe that law is “working” when it is exercised fairly often, fines and penalties being doled it with some routine. Holders of this view see law—more accurately, legislation—as a tool for shaping society, of course. Many of them would like to end the societal debate about online privacy, establishing a “uniform national privacy standard.” But nobody knows what that standard should be. The more often legal actions are brought against online service providers, the stronger is the signal that online privacy norms are unsettled. That privacy debate continues, and it should.

It is not debatable that what Ravi and Wei did to Tyler Clementi was profoundly wrong. That was a privacy invasion.

Magid on How to Address Cyberbullying

Adam Thierer — Thu, 16 Jul 2009 01:40:29 +0000

My friend Larry Magid, the co-director of ConnectSafely.org (with Anne Collier) and founder of SafeKids.com, has a sharp new piece up at CBS News.com entitled, “Stop Cyberbullying with Education,” in which he rightly points out how “we need to be careful with legislation that would outlaw cyberbullying.” He points out that although cyberbullying is “not an epidemic and it’s not killing our children”:

Bullying has always been a problem among adolescents and, sadly, so has suicide. In the few known cases of suicide after cyberbullying, there are other contributing factors. That’s not to diminish the tragedy or suggest that the cyberbullying didn’t play a role but–as with all online youth risk, we need to look at what else was going on in the child’s life. Even when a suicide or other tragic event doesn’t occur, cyberbullying is often accompanied by a pattern of offline bullying and sometimes there are other issues including long-term depression, problems at home, and self-esteem issues.

He goes on to provide some solid advice:

identifying the reasons kids are acting as bullies can go a long way toward preventing it as can educational programs that stress ethics and cyber citizenship (“netiquette”). It also helps kids to know what to do if they are victims of bullying. At ConnectSafely.org (a site I help operate) we came up with a number of tips including: don’t respond, don’t retaliate; talk to a trusted adult; and save the evidence. We also advise young people to be civil toward others and not to be bullies themselves. Finally, “be a friend, not a bystander.” Don’t forward mean messages and let bullies know that their actions are not cool. If your child is a victim of cyberbullying, don’t start by taking away his or her Internet privileges. That’s one reason kids often don’t talk about Net-related problems with parents. Instead, try to get your child to calmly explain what has happened. If possible, talk with the parents of the other kids involved and, if necessary, involve school authorities. If the impact of the bullying spills over to school (as it usually does), the school has a right to intervene.

And Larry cautions against rushing into legislative solutions that would criminalize the problem and throw the book at kids instead of adopting a more sensible education and counseling approach to the problem. This is very much in line with the approach Berin Szoka and I set forth in our recent PFF white paper, “Cyberbullying Legislation: Why Education is Preferable to Regulation.” While some truly troubled teens who instigate truly awful cyber-bullying attacks might deserve some time in the juvenile justice system, that shouldn’t be our first option for all kids involved in incidents. Anyway, read Larry’s essay.

Full disclosure: Larry and I are currently serving together on the new, congressionally-mandated Online Safety Technology Working Group. (OSTWG)

Lori Drew Acquitted in Megan Meier Case: What to Do About Cyberbullying?

Berin Szoka — Thu, 02 Jul 2009 20:22:06 +0000

Lori Drew was convicted late last year on charges related to her role in a cruel hoax that led to the tragic suicide of thirteen-year old Megan Meier in Missouri in 2006. But today, at her sentencing, the judge threw out her convictions. Millions around the world were horrified by Megan’s fate, and many will probably be upset that Drew might go unpunished. But we need to separate three questions in this case:

Should the federal anti-hacking law under which she was convicted really be applied in such cases?
What, precisely, was Drew’s involvement?
The key question: What should be done about the general problems of cyberbullying and cyberharassment?

Misuse of the Anti-Hacking Statute

Judge Wu has yet to issue his written opinion but seems to have agreed with the various experts on Internet law who argued that, however tragic the Meier case was, the Computer Fraud & Abuse Act (CFAA) should not have been applied to Drew. Most notably, the Electronic Frontier Foundation filed an Amicus Brief in support of Drew’s motion to dismiss the charges against her—summarized by Groklaw and the Harvard Journal of Law & Technology. Orin Kerr, a leading Internet law professor, felt so strongly about the consequences of using the CFAA to criminalize violations of privately written terms of service that he joined Drew’s defense team. Kerr demonstrated the problems of essentially allowing private parties to create the grounds for criminal offenses (if violated by users) by suggesting obviously ridiculous new terms of service for the Volokh Conspiracy, the group blog he writes on.

Hard as it may be for those who want to “see justice done” in this case, the CFAA just isn’t the right law to apply—which raises the question of whether new laws are needed, discussed below.

Uncertainty About Drew’s Role

The judge may also have been influenced by uncertainty as to Drew’s actual role in the case. Initial coverage of the story suggested that Drew created the fake MySpace persona of a teen boy (“Josh Evans”), then used that profile to woo Meier, a classmate of Drew’s daughter, only to deliberately—and cruelly—break her heart. After Missouri prosecutors and the FBI declined to press charges against Drew, federal prosecutors in California decided to do so, but Drew consistently maintained that it was not her idea to create the account.

When she finally went to trial, Ashley Grills, an 18-year-old friend of the Drew family, changed her story: Grills had initially claimed that creating the account was Ms. Drew’s idea, but admitted at trial that she (not Drew) created the fake “Josh Evans” account and that most of the conversations between Meier were with Grills, not Lori Drew. In particular, the final blow that seems to have driven the emotionally fragile Meier to suicide apparently came from Grils, not Drew:”You are a bad person and everybody hates you. Have a shitty rest of your life. The world would be a better place without you.”

We’ll probably never know exactly what actually happened, but it does appear that Drew was not the prime instigator behind the hoax, as she first appeared to be, but played more the role of a facilitator. Unconscionable as its for any adult, especially a parent to encourage, promote or even allow such behavior, it may not create legal liability.

Cyberbullying: What’s Next?

The real question here is how we should deal such cases more generally. Adam Thierer and I released a major study of these issues a few weeks ago: Cyberbullying Legislation: Why Education is Preferable to Regulation—which Adam recently dicussed at a Capitol Hill briefing. We distinguish among three problems that have been conflated in coverage of this issue:

Cyberbullying: kid-on-kid abuse online
Cyberharassment generally: people of all ages using the Internet to harass each other
Adult-on-kid cyberharassment: the Megan Meier case

Confusion of these three issues has resulted in some very inappropriate responses to the problem. Most notably, Rep. Linda Sánchez has proposed the “Megan Meier Cyberbullying Prevention Act,” which would make it a federal felony with a sentence of up to two years to transmit “any communication… with the intent to coerce, intimidate, harass, or cause substantial emotional distress to a person, using electronic means to support severe, repeated, and hostile behavior.” While Sánchez claims uses the word “cyberbullying” (Problem #1), her rhetoric (and the title of the bill) is really focused on adult-on kid cyberharassment (Problem #3). Punishing that special kind of abuse by adults of children, who are particularly vulnerable, might well be something federal law should address. But Sánchez’s bill doesn’t do that; instead, it seeks to punish all cyberharassment (Problem #2). Sánchez’s fails in several other respects to clearly define its terms and scope, thus raising serious constitutional concerns about the bill’s effect on chilling constitutionally protected free speech, as well as about the due process rights of those who might be prosecuted under the bill.

In our paper, we highlight a number of substantial changes that would need to be made to create a narrowly-tailored bill appropriate to the problem of adult-on-kid cyberharassment. But we also explain why it’s probably not possible to craft a law consistent with the Constitution to address the general issue of cyberharassment: While state laws generally apply to cyberstalking (where a threat of physical harm is made or felt), it’s profoundly difficult to distinguish between “harassment” and simple online conversations.

We do think something can and should be done about the very real problem of kid-on-kid cyberbullying (Problem #1). But rather than treat kids as felons (the Sánchez approach), lawmakers could get serious about supporting online safety education, awareness-building efforts, prevention, and intervention. Such an approach would avoid thorny constitutional problems and has recently been floated in both chambers of Congress. In mid-May, the “School and Family Education about the Internet (SAFE Internet) Act” (S. 1047) was introduced in the Senate by Sen. Robert Menendez (D-NJ) and in the House by Rep. Debbie Wasserman Schultz (D-FL). The measure proposes an Internet safety education grant program that will be administered by the Department of Justice, in concurrence with the Department of Education, and the Department of Health & Human Services. These agencies will also work in consultation with education, Internet safety, and other relevant experts to administer a five-year grant program, under which each grant will be awarded for a two-year period. Eligible non-profits may use the grants to:

(1) identify, develop, and implement Internet safety education programs, including educational technology, multimedia and interactive applications, online resources, and lesson plans; (2) provide professional training to elementary and secondary teachers, administrators, and other staff on Internet safety and new media literacy; (3) develop online-risk prevention programs for children; (4) train and support peer-driven Internet safety education initiatives; (5) coordinate and fund research initiatives that investigate online risks to children and Internet safety education; (6) develop and implement public education campaigns to promote awareness of online risks to children and Internet safety education; (7) educate parents about teaching their children how to use the Internet and new media safely, responsibly, and ethically and help parents identify and protect their children from risks relating to use of the Internet and new media

This is exactly the right approach. This bill truly deserves the name “Cyberbullying Prevention Act,” while the Sánchez bill might more accurately be called the “Cyberharassment (of all kinds) Punishment Act.” Rather than pursuing regulation through criminal sanctions that would chill protected speech, education is the better approach—something the federal government can help to support. As Adam and I conclude in our paper:

Again, real online safety and proper netiquette begin at home. We need to teach our kids to be good cyber-citizens. We shouldn’t expect the government (or even schools) to do it all for us. But to the extent government can do something constructive about this problem, it is education and awareness-building that will have the most profound, lasting results. Although more substantive penalties cannot be ruled out entirely, creating new classes of crimes to deal with this problem is unlikely to solve the scourge of cyberbullying. Clearly, based on the emerging research, the young people who are involved in cyberbullying incidents—both as perpetrators and targets—have many problems. Addressing these painfully real issues will require applying effective risk prevention and intervention strategies. Instead of promoting such education, prevention, and intervention solutions, the Sánchez bill would simply create a new federal felony to address this problem. But criminalizing kid-on-kid behavior in whatever form will likely not solve the age-old problem of kids mistreating each other. Indeed, this problem has traditionally been dealt through counseling and rehabilitation at the local level. By contrast, the federal justice system generally works through criminal penalties. If federal criminal law has a role to play, it is in punishing clear cases of harassment of minors by adults in ways that do not chill free speech protected by the First Amendment and that are consistent with the Fourteenth Amendment’s due process guarantees. Unlike the Sánchez bill, the Menendez bill is grounded in the need to implement such counseling and rehabilitation approaches in schools and communities. If members of Congress want to enact legislation that has a chance of effectively reducing truly harmful behavior—and which avoids constitutional pitfalls and subsequent court challenges—the Menendez bill provides the best avenue to accomplish that important goal at this time.

Mike Palage: ICANN 3.0 Should “Refocus” on Original Purpose

Berin Szoka — Sat, 20 Jun 2009 22:22:38 +0000

PFF Adjunct Fellow Mike Palage, who served on the ICANN board from 2003 to 2006, filed these comments (PDF) on the NTIA’s recent Notice of Inquiry regarding ICANN’s future. Mike’s four key points were as follows:

ICANN’s Periodic Review of its internal operations and supporting organizations has failed, and has become nothing more than a “perpetual motion machine of public comments and documentation producing no meaningful results.” Only a second Evolution and Reform Process can solve ICANN’s current deficiencies;
ICANN must hardcode into its policies and its contracts the principle that its policies cannot supersede national laws;
ICANN must cease any operational role in technical infrastructure as required by its bylaws and focus instead on its mission as a technical coordinator; and
Congress must avoid “kicking the JPA can down the road” and instead provide much-needed leadership by creating a solid foundation for ICANN 3.0 in legislation after proper consultation with the Government Accountability Office.

http://d.scribd.com/ScribdViewer.swf?document_id=16259082&access_key=key-4ogiv8r7bb9dag4hor5&page=1&version=1&viewMode=list

Cyberbullying Legislation: Why Education is Preferable to Regulation

Adam Thierer — Fri, 19 Jun 2009 14:58:09 +0000

By Berin Szoka & Adam Thierer

We’ve just released a new PFF white paper (PDF) entitled, “Cyberbullying Legislation: Why Education is Preferable to Regulation.” In this 24-page study we note that, compared to previous fears about online predation, which have been greatly overblown, concerns about cyberbullying are more well-founded. Evidence suggests the cyberbullying is on the rise and that it can have profoundly damaging consequences for children.

Unsurprisingly, in the wake of a handful of high-profile cyberbullying incidents that resulted in teen/tween suicides, some state lawmakers began floating legislation to address the issue. More recently, two very different federal approaches have been proposed. One approach is focused on the creation of a new federal crime to punish cyberbullying, which would include fines and jail time for violators. In April 2008, Rep. Linda Sánchez (D-CA) introduced H.R. 1966 (originally H.R. 6123), the “Megan Meier Cyberbullying Prevention Act,” a bill that would create a new federal felony:

“Whoever transmits in interstate or foreign commerce any communication, with the intent to coerce, intimidate, harass, or cause substantial emotional distress to a person, using electronic means to support severe, repeated, and hostile behavior, shall be fined under this title or imprisoned not more than two years, or both.”

The other legislative approach is education-based and would create an Internet safety education grant program to address the issue in schools and communities. In mid-May, the “School and Family Education about the Internet (SAFE Internet) Act” (S. 1047) was introduced in the Senate by Sen. Robert Menendez (D-NJ) and in the House by Rep. Debbie Wasserman Schultz (D-FL). The measure proposes an Internet safety education grant program that will be administered by the Department of Justice, in concurrence with the Department of Education, and the Department of Health & Human Services. These agencies will also work in consultation with education, Internet safety, and other relevant experts to administer a five-year grant program, under which each grant will be awarded for a two-year period.

In our paper, we argue that criminalizing what is mostly kid-on-kid behavior—and especially creating a new federal felony, as the Sánchez bill proposes—will not likely solve the age-old problem of kids mistreating each other. Moreover, this approach could raise thorny free speech and due process issues related to how the law defines harassing or intimidating speech. To the extent criminal sanctions are pursued as a solution, it may be preferable to allow state experimentation with varying models.

By contrast, education and awareness-based approaches have a chance of effectively reducing truly harmful behavior, especially over the long-haul. Such approaches would have the added benefit of avoiding constitutional pitfalls and subsequent court challenges. Thus, if lawmakers feel the need to address cyberbullying concerns at this time, it is clear that regulation is, at best, premature and that education is the better approach.

Our paper can be found on the PFF website or SSRN, and the Scribd version of the document is embedded down below. We welcome your comments on our conclusions.

[In a follow-up post, we will address why the criminalization approach to addressing cyberbullying raises free speech concerns and other constitutional issues.]

http://d1.scribdassets.com/ScribdViewer.swf?document_id=16558612&access_key=key-29i7qx077nfhk97cuqc0&page=1&version=1&viewMode=list

Thomas Sowell on the Model that Drives Elitist Ideological Crusades

Adam Thierer — Mon, 01 Jun 2009 18:09:18 +0000

Berin recently encouraged me to re-read Thomas Sowell’s The Vision of the Anointed: Self-Congratulation as a Basis for Social Policy, which I hadn’t looked at since I first read it back in 1995 or 96. I’m glad I did since Sowell’s work has always been profoundly influential on my thinking (especially his masterpiece, A Conflict of Visions) and I had forgotten how useful The Vision of the Anointed was in helping me understand the reoccurring model that drives ideological crusades to expand government power over our lives and economy.

“The great ideological crusades of the twentieth-century intellectuals have ranged across the most disparate fields,” Sowell noted in the book. But what they all had in common, he argued, was “their moral exaltation of the anointed above others, who are to have their different views nullified and superseded by the views of the anointed, imposed via the power of government.” (p. 5) These elitist, government-expanding crusades shared several key elements, which Sowell identified as follows:

Assertion of a great danger to the whole society, a danger to which the masses of people are oblivious.
An urgent need for government action to avert impending catastrophe.
A need for government to drastically curtail the dangerous behavior of the many, in response to the prescient conclusions of the few.
A disdainful dismissal of arguments to the contrary as either uninformed, irresponsible, or motivated by unworthy purposes.

You can see this model at work on a daily basis today with our government’s various efforts to reshape our economy, but I think this model is equally applicable to debates over social policy and speech control. In particular, the various “technopanics” I have been writing about recently fit this model. (See 1, 2, 3, 4, 5). For example, consider how this plays out in the debate over online social networking:

Assertion of a great danger to the whole society [online sexual predators], a danger to which the masses of people are oblivious.
An urgent need for government action [online age verification or the Deleting Online Predators Act] to avert impending catastrophe.
A need for government to drastically curtail the dangerous behavior of the many [must stop kids and adults from being online together on same sites], in response to the prescient conclusions of the few [state Attorneys General].
A disdainful dismissal of arguments to the contrary as either uninformed, irresponsible, or motivated by unworthy purposes [basically, child safety researchers and others are told that their research is meaningless and that they should just buzz off].

And I think you can see how the model has played out in other debates, such as efforts to regulate “excessively violent” video games and television.

Or consider how this model plays out on the privacy front:

Assertion of a great danger to the whole society [amorphous privacy violations], a danger to which the masses of people are oblivious.
An urgent need for government action [“baseline federal privacy regulation”] to avert impending catastrophe.
A need for government to drastically curtail the dangerous behavior of the many [stupid people who share information online!], in response to the prescient conclusions of the few [handful of over-zealous privacy advocacy groups].
A disdainful dismissal of arguments to the contrary as either uninformed, irresponsible, or motivated by unworthy purposes [basically, any suggestion that the issues are being overblown and that most information-sharing is socially beneficial is dismissed out-of-hand].

Again, it’s all blatant elitism when you get right down to it. And facts are usually the first casualty of the war.

Use Competition to Bridge the Gap in Human Spaceflight

Berin Szoka — Fri, 31 Oct 2008 16:04:28 +0000

As TLF readers may know, I took over in July as Chairman of the Board of the Space Frontier Foundation. As I explained in my recent interview on The Space Show, SFF has been the leading citizens’ advocacy group for space commercialization since 1988. Dedicated to promoting Princeton physicist Gerard O’Neill‘s vision of space settlement, as described in his 1976 masterpiece The High Frontier, the Foundation has always argued that “space is a place, not a program.”

We sent out the following press release on October 28, calling for a major transformation of the U.S. government’s space program by which the U.S. government would buy commercial transportation to the International Space Station. We’ll have more to say about this in the coming weeks.

Space Frontier Foundation Finds Funding Source for COTS-D

The Space Frontier Foundation today called upon Presidential candidates Barack Obama and John McCain to invest the $2 billion in new funds they have promised to NASA for reducing the “Gap” in U.S. human spaceflight (after the Space Shuttle is retired in 2010) to spur innovation and competition in America.

Foundation Chairman Berin Szoka said “It’s time that our national leaders give American entrepreneurs a shot at closing this gap. Let’s take the two billion dollars in the candidates’ plans and fund up to five winners of COTS-D.”

The NASA Authorization Act of 2008, recently signed into law by the President, directs NASA to “issue a notice of intent [by mid-April 2009] … to enter into a funded, competitively awarded Space Act Agreement with two or more commercial entities’ for transporting humans to the ISS”-the “Capability D” of NASA’s Commercial Orbital Transportation Services program (or COTS-D for short). But that directive is not yet funded.

Szoka continued, “Let’s have an American competition in space – to create good jobs, fuel innovation, and close the gap more quickly. With private funds matching government’s investment, we can dramatically leverage the $2 billion to produce breakthroughs in a new American industry – commercial orbital human spaceflight.”

By investing in several different approaches, the government will win no matter who wins this new race, and also benefit from the resulting price competition.

Many American companies, including Boeing, PlanetSpace, SpaceDev, SpaceX, and t/Space have each previously submitted credible COTS-D proposals to NASA. Each of these firms has reached the semi-finals of one of the previous NASA COTS competitions. Increasing funding for COTS by $2 billion would allow NASA to fund all five of these promising companies’ proposals with COTS agreements, and in so doing, build redundancy into the human spaceflight capability available to NASA and other customers.

“It’s popular in Washington to use ‘The Gap’ to cynically justify continued funding of an expensive jobs program,” concluded the Foundation’s co-founder, Bob Werb. “We’re using ‘The Gap’ to advocate a policy that will bridge a gap that matters much more: the chasm between a dying government Human spaceflight monopoly and an emerging, free and competitive marketplace that can open the space frontier to everyone.”

Goodbye to Most Business Method & Software Patents?

Berin Szoka — Fri, 31 Oct 2008 03:25:15 +0000

The Federal Circuit significantly limited the patentability of software and business methods today. Mike Masnick at TechDirt summarizes the holding of the case as follows:

the court has said that there’s a two-pronged test to determine whether a software of business method process patent is valid: (1) it is tied to a particular machine or apparatus, or (2) it transforms a particular article into a different state or thing. In other words, pure software or business method patents that are neither tied to a specific machine nor change something into a different state are not patentable.

I’m sure several of my TLF colleagues will have a great deal to say about this. Tim Lee has already written about this on Ars Technica:

The Bilski decision, then, is a clear signal that the pendulum has begun to swing back toward tighter limits on software and business patents. However, it remains to be seen how far the court will go in this direction. Bilski was a relatively easy case. The applicant made little effort to hide the fact that he was seeking to patent a mental process, something the Supreme Court has clearly said is not allowed. Therefore, the Federal Circuit’s rejection of this patent doesn’t tell us how it will rule when confronted with software or business method patents that are tied more directly to a physical machine or a transformation of matter. And indeed, the Federal Circuit reiterated that some software and business method patents are valid, so we are unlikely to return to the near-prohibition on such patents that prevailed until the early 1980s.

Thoughts?

A Wide Diversity of Consumer Attitudes about Online Privacy

Berin Szoka — Fri, 31 Oct 2008 00:03:30 +0000

Debates about online privacy often seem to assume relatively homogeneous privacy preferences among Internet users. But the reality is that users vary widely, with many people demonstrating that they just don’t care who sees what they do, post or say online. Attitudes vary from application to application, of course, but that’s precisely the point: While many reflexively talk about the “importance of privacy” as if a monolith of users held a single opinion, no clear consensus exists for all users, all applications and all situations.

If a picture is worth a thousand words, this picture makes the point brilliantly—showing:

locations where [Flickr] users are more likely to post their photos as “public,” which is the default setting, in green. Places where Flickr users are more likely to put privacy controls on their photos show up in red.

Of course, geography is just one dimension across which users may vary in their attitudes about privacy, but the map makes the basic point about variation very well. Seeing what users actually do in real life says a lot more about their preferences than merely polling them about what they think they care about in the abstract—as my colleagues Solveig Singleton and Jim Harper argued brilliantly in their 2001 paper With A Grain of Salt: What Consumer Privacy Surveys Don’t Tell Us (SSRN).

Google Policy Fellow Program

Berin Szoka — Sat, 25 Oct 2008 18:32:55 +0000

Google has just announced that it is now accepting applications from undergraduate, graduate and professional students for its summer 2009 Google Policy Fellowship. Three think tanks employing TLFers are among the host organizations participating in the program: The Progress & Freedom Foundation, the Cato Institute and the Competitive Enterprise Institute.

Applications are due by December 12, 2008. The program will run for ten weeks during the summer of 2009 (June-August). Apply today!

PFF Launches Center for Internet Freedom

Berin Szoka — Fri, 24 Oct 2008 15:46:02 +0000

The Progress & Freedom Foundation has just launched the new Center for Internet Freedom. CIF offers an alternative to the proliferation of advocacy groups calling for government intervention online by offering timely analyses and critiques of proposals that diminish the vital role of free markets, free speech and property rights. We aim to drive the Internet policy debate in new directions by emphasizing a layered approach of technological innovation, user education, user self-help, industry self-regulation, and the enforcement of existing laws consistent with the First Amendment. Such an approach is a less restrictive—and generally more effective—alternative to increased regulation.

Here are some of the issues I’ll be working on as CIF’s Director in conjunction with my esteemed colleagues Adam Thierer, Adam Marcus, and adjunct fellows:

Defending online advertising as the lifeblood of online content & services, especially in the “Long Tail”;
Emphasizing market solutions to problems of privacy protection, especially regarding the use of cookies and packet inspection data;
Protecting online speech and expression both in the U.S. and abroad;
Defending Section 230 immunity for Internet intermediaries;
Opposing online taxation and legal barriers to e-commerce and digital payments, especially at the state and local levels; and
Ensuring that Internet governance remains transparent and accountable without hampering the evolution of the Internet.

A Major Victory for Space Commercialization

Berin Szoka — Wed, 22 Oct 2008 20:57:07 +0000

Congress has very wisely cancelled the National Reconnaissance Office’s proposed Broad Area Space-Based Imagery Collection (BASIC) satellite system. The proposal to build two new imaging satellites at a cost to taxpayers of $1.7 billion would have represented a major break from what is possibly the U.S. government’s most successful effort to promote space commercialization to date: buying the imagery it needs from commercial providers, who can also sell imagery to other buyers.

Five years ago, the idea that Internet users could pull up a satellite image of just about any location on the planet at a whim would have seemed ludicrous. Yet that’s precisely what websites like Google Maps and Microsoft’s Live Search offer today—for free! Desktop applications like Microsoft’s Virtual Earth and Google Earth offer even more advanced geospatial tools—again, for free. But of course this library of incredibly rich imagery didn’t just “fall out of the sky,” as they say. It was collected by a handful of expensive commercial remote sensing satellites whose construction was made possible by the National Geospatial-Intelligence Agency‘s (Wikipedia) extraordinarily successful “Nextview” program implemented under the Commercial Remote Sensing Policy of 2003. Rather than having the Federal government build its own satellites—and pay for the entire cost of the satatellites—the NGA very wisely chose to buy imagery from commercial providers in two ~$500 million, 4-year contracts with U.S. satellite imagery companies: DigitalGlobe in 2003 and OrbImage (now GeoEye) in 2004.

These long-term purchase agreements essentially made the U.S. Government the “anchor tenant” in a new class of remote sensing satellites, providing the initial funding for both companies to build and operate their satellites. But because the companies sell roughly half of imagery to foreign governments and commercial buyers like Google and Microsoft, these deals have saved U.S taxpayers money for the purchase of imagery for a wide variety of needs, ranging from agricultural monitoring to military intelligence. At the same time, the Nextview contracts have given birth to a vibrant geospatial industry whose immediate benefits should be obvious to anyone who’s ever pulled up a satellite map online and whose macroeconomic impact is potentially enormous.

So why mess with success? If the U.S. Government thinks it needs more satellite imagery, why not simply award another long-term purchase agreement to a commercial provider? Besides reducing the burden on the taxpayers, continuing the NextView approach would support the construction of a new generation of commercial satellites like GeoEye-1, which was launched just last month, and DigitalGlobe’s WorldView-1, launched last year. Rather than rolling back NextView in favor of building its own systems, the U.S. Government should be looking for other space services it can buy on a commercial basis as a way of building industries rather than programs, ranging from sending crew & cargo to the International Space Station to communications and navigation services for NASA’s planned Return to the Moon.

Rather than giving up on the NextView approach in the area where it has already produced spectacular results, the U.S. government should be looking for other areas in which to apply the NextView model by buying space services from commercial providers.

Full disclosure: I was proud to handle FCC matters for GeoEye while practicing law at Latham & Watkins LLP. I currently have no greater personal interest in their success than should any American who wants to see the private sector succeed where the government has failed in opening up the space frontier to all mankind.

Still Cloudy on Cloud Computing: A Matrix to Guide the Coming Policy Debates

Adam Marcus — Fri, 12 Sep 2008 22:41:42 +0000

The introduction below was originally written by Berin Szoka, but now that I (Adam Marcus) am a full-fledged TLF member, I have taken authorship.

Adam Marcus, our exceptionally tech-savvy new research assistant at PFF, has published his first piece at the PFF blog, which I reprint here for your edification.

Today Google’s DC office hosted an interesting panel on cloud computing. What was missing was a good definition of what “cloud computing” actually is.

While Wikipedia has its own broad definition of cloud computing, many think of cloud computing more narrowly as strictly web-based for which clients need nothing but a web browser. But that definition doesn’t cover things like Skype and SETI@home. And just because PFF has implemented Outlook Web Access so we can access the Exchange server via the Web, doesn’t necessarily mean we’ve implemented what most people might think of as “cloud computing.” Yet these are all variations on a common theme, which leads me to propose my own basic definition: any client/server system that operates over the Internet.

To understand the potential policy and legal issues raised by cloud computing so-defined, one must break down the discussion into a 4-part grid. One axis is divided into private data ( e.g., email) and public data (e.g., photo sharing). The other axis is divided into data hosted on a single server or centralized server farm and data hosted on multiple computers in a dynamic peer-to-peer network (e.g., BitTorrent file sharing).

Examples	User Data is Public	User Data is Private
Centralized Server(s)	Blogs Discussion boards Flickr	Web-based email servers Windows Terminal Services
Peer-to-Peer	BitTorrent FreeNet (article)	Skype Wuala

There are also a great number of peer-to-peer cloud computing projects that don’t require the sharing of user data. SETI@home may be the most well-known example: When the Search for Extra-Terrestrial Intelligence (SETI) project lost its funding and could no longer afford the massive servers it used to process the data from its radiotelescopes, it realized that it could distribute the work to Internet users in the form of a screensaver (thus the SETI work would only be done when a user’s computer was idle).

It is encouraging to see that Congress is no longer considering simply outlawing cloud computing (which used to be called distributed computing), but if there is to be an intelligible debate about policy responses to cloud computing, we must define our terms and realize that policies beneficial to some forms of cloud computing may complicate-sometimes fatally, in business terms-other forms. For example, regulations imposed on companies storing users’ personal data may stymie peer-to-peer backup applications like Wuala, which distributes each user’s backup data to other users, but uses encryption to prevent users from accessing the data they’re storing for others. Wuala might be forced to close down if regulations requiring companies to keep records for a set period of time or follow separate procedures for minors were interpreted to apply to each Wuala user.

As Georgetown CCT professor Mike Nelson explained at the Google workshop, technology generally follows a clear evolution in the following steps: from hardware to software to people to organizations to policy. It’s taken a long time to educate lawmakers about the Internet. Today’s panelists all seemed to agree that cloud computing could be “the next big thing.” That necessarily means that the education process for lawmakers needs to start all over again, explaining the ways in which cloud computing is similar to prior technologies, the ways it’s different, and the salient differences among the four broad categories of cloud computing described above. Until that’s done, any talk of legislation in this area is simply premature.