Last year, my PFF colleague Adam Thierer asked whether State AGs + NCMEC = The Net’s New Regulators? Adam noted that NCMEC, the National Center for Missing and Exploited Children, a private non-profit organization, was playing a law enforcement role in regulating child pornography—but without any clear mechanisms for ensuring its accountability and effectiveness. Adam’s point wasn’t just that transparency is a good thing, but that when it comes to a cause as important as protecting children from exploitation, it’s vital to ensuring that we’re that we’re actually doing a good job at it!

Yesterday, Emmanuel Lazaridis commented on that post:

Given the increasing regulatory and investigative powers of the NCMEC, it is no longer clear whether or not the [Freedom of Information Act] applies to NCMEC records. We are about to find out. I am right now bringing a case against the NCMEC in federal court for access to records under the FOIA and, failing that, for discovery under 28 U.S.C. § 1782(a).

Mr. Lazaridis’s complaint in the D.C. District Court claims that Lazaridis (a Greek national) has been unfairly deemed a fugitive from U.S. justice for having taken his daughter to Greece over the objections of the girl’s American mother, Lazaridis’s ex-wife. NCMEC got involved by placing the girl on their MissingKids.com registry of abducted children. Lazaridis wants the court to recognize his custody, deem him not to be a fugitive, and to order NCMEC to turn over all their records on the girl.

This is, of course, just one side of the story (and such cases are usually so complicated as to be indecipherable to outsiders). But even if Lazaridis’s case were wholly without merit, his basic argument would be a sound one: Why shouldn’t NCMEC, in exercising any of its essentially governmental functions, be subject to the same accountability requirements through FOIA as the FBI would be?

When the issue is the Lazaridis family’s trans-Atlantic custody battle, it may seem easy to ignore this question. But when NCMEC is essentially making policy regarding filtering Internet content, blacklisting websites, turning over user logs to law enforcement, or “cleaning up” Craigslist, the question of NCMEC’s accountability under FOIA cannot be avoided as a critical decision about the future of Internet governance.

On heels of Adam’s piece last year, controversialist Chris Soghoian suggested one answer: Given its status as a sacred cow, we cannot expect any politician pay heed to calls to overhaul NCMEC or subject it to oversight. However, what we can do, is call for the nationalization of the National Center for Missing and Exploited Children.

Think of it this way: We have a drug czar, a war czar, a copyright czar, and will likely have a cybersecurity czar and car czar under the next administration. Why not throw a child porn czar into the mix? Nationalize NCMEC, make all of its workers federal employees, with good health care and job security, and perhaps even expand its budget–after all, it does good work, right? NCMEC’s job is simply too important to be entrusted to a nonprofit group–such a task can only be performed by a fully trained and funded law enforcement agency (one, which conveniently enough, is subject to the Freedom of Information Act, congressional oversight, and constitutional requirements for due process.)

Despite my differences with Chris, he’s often right and may be here, too. He’s certainly right that Congress is unlikely to address the problem of NCMEC’s accountability given the sensitivity of the issue of child protection.

But, fortunately, we live in a republic, not a pure democracy: Our third branch of government, the courts, exists to enforce the rule of law; being somewhat insulated from political pressure, the courts provide a final check on the authority even of the almighty NCMEC. So while Chris’s nationalization proposal might well be the ideal solution, it hasn’t happened yet—nine months later to the day, and it’s probably not high on the Obama administration’s list of czarist reforms.

But simply by ordering NCMEC to comply with FOIA, the Lazaridis court could, with the stroke of a pen, bring accountability to NCMEC’s law enforcement functions. The legal question is simple: Does NCMEC qualify as an “agency,” which FOIA defines as an “authority of the Government of the United States?”

If so, NCMEC must not only respond to requests for certain of its “records,” but it must also follow a rule-making process akin to that required of federal agencies when they make policy decisions, offering the public appropriate notice and the opportunity to comment on proposed regulations—instead of, say, threatening Internet companies behind closed doors (sometimes the same companies that later make generous donations to NCMEC) or cutting deals with state attorneys general.

It turns out that this is not a new issue. Federal courts have had to decide whether a number of quasi-governmental entities qualify as “agencies” over the years, especially given the trend towards privatization over the last three decades. Some organizations, like the Smithsonian Institution, have decided to comply with FOIA even though courts have held that they’re not required to do so. NCMEC could have allayed all these concerns years ago by doing the same thing, but absent a change in management at the organization, it seems only a court order will force the organization to open its “black box” of decision-making to public inquiry.

In a number of other circumstances, courts have required nominally private organizations to comply with the federal FOIA or its state equivalents. A thorough (if dated) treatment of this issue can be found in the 1999 law review article, Privatization and the Freedom of Information Act: An Analysis of Public Access to Private Entities Under Federal Law by Craig Feiser, Florida’s deputy solicitor general and an adjunct at FSU Law. Feiser explains:

When Congress amended FOIA in 1974, it added section 552(f)(1) and broadened the definition of “agency” to include entities not explicitly mentioned under the APA, but which “perform governmental functions and control information of interest to the public.”

In deciding whether a private organization qualifies as an agency subject to FOIA, courts have considered two factors.

One factor asks whether the entity has substantial independent authority in performing a function of the government, making it the functional equivalent of the government. The other factor asks whether the government substantially controls the entity’s day-to-day operations or organizational framework. In using either factor, the court is essentially asking to what degree the entity is performing a government function. In one case, the government is pulling nearly all of the strings; in the other case, the entity is making decisions independently for the government.

Financially, NCMEC is largely a creature of government: 70% of NCMEC’s $42 million budget in 2007 came from the government. But as Feiser notes, funding does not always mean control. Government control over NCMEC’s internal decisions is unclear. Indeed, the very lack of government control over an organization essentially regulating the Internet and imposing criminal sanctions that could follow convicted “sex offenders” for life would by itself be an enormous problem.

But given what NCMEC actually does, it obviously qualifies as an “agency” subject to FOIA under the “functional equivalence factor,” which as Feiser explains,

basically represents the opposite situation from the control factor. Here, the entity is functioning independently, but making decisions for the government, as opposed to having its decisions made by the government. In effect, it is the functional equivalent of the federal government, and, therefore, it should be an “agency” under the FOIA.

I’ll be watching the Lazaridis case closely, hoping that the court sees NCMEC for what it is: a private organization tasked with implementing not just any government function, but the enforcement of laws against the most vulnerable victims in society. Absent such a recognition, NCMEC will continue to grow into an unaccountable regulator for the Internet.

Today, the only public oversight of NCMEC required by law is the requirement that NCMEC (like any non-profit with federal tax-exempt 501(c)(3) non-profit status) file a Form 990 each year disclosing basic information about its finances. That report does not list NCMEC’s donors, because donors have a First Amendment right to remain anonymous, but a more transparent organization would, like my own think tank, at least identify its major donors. The 2006 and 2007 Form 990s do reveal a few interesting things, though, about what NCMEC does with its budget (70% of which comes from the taxpayer):

• NCMEC’s CEO, Ernie Allen, was paid $359,191 plus $411,636 in benefits in 2006 (PDF p. 46) and $409,821 plus $426,540 in benefits in 2007 (PDF p. 19), for a total of $1.6 million in two years (roughly $800,000/year);
• Not counting Allen, NCMEC spent $778,564 on its top five highest-paid employees in 2006 ($155,713/employee), and $875,657 in 2007 ($175,131/employee) (PDF p. 10 in both);
• 31% of NCMEC’s 2006 revenues and 35% of its 2007 revenues went to salaries (PDF pp. 1 & 2 in both); and
• NCMEC had 104 employees paid over $50,000 in 2006 (PDF p. 10) and 116 in 2007 (PDF p. 10).

I’d be reluctant to suggest that anyone at NCMEC was more interested in money than in protecting children, but if given the choice, we’d all prefer to do well while doing good. So if Allen were smart, he’d realize that a court order subjecting NCMEC to FOIA might be the best of all possible worlds: Requiring real accountability would neutralize calls for nationalizing NCMEC, allowing the organization to continue operating as a non-profit that can pay quite a bit better than the Federal civil service. Even the Senior Executive Service, for agency heads, maxes out at a measly $177,000/year.

Of course, if NCMEC’s records and decisions to regulate the Internet were subject to FOIA, the organization might not be able to… “convince” the Internet companies it essentially regulates to write large checks to NCMEC. But even this tax-hating libertarian would be hard-pressed to argue against funding the enforcement of laws against child pornography, abduction and exploitation with taxpayer dollars.

As the grandson of an FBI agent, whose framed credentials hang in a place of pride in my office (stamped “RETIRED” after his 25 years of loyal service), I can’t help but wonder how many more agents the FBI could employ to combat child porn with an extra $1.6 million/year in funding (the salary of Allen and NCMEC’s top-five highest paid employees). It seems that FBI agents today make roughly $48,000-87,000/year. Let’s call it an average of $67,500 and throw in 20% for overhead. That works out to $81,000/year—or:

• 20 new agents for what NCMEC is paying its top six employees; or
• 368 new agents for the $29.82 million NCMEC received in government support in 2007.

I’m sure the solution is far more complicated than simply hiring more FBI agents, and that NCMEC does much good work in the service of a noble cause. But until NCMEC is either nationalized as a direct arm of law enforcement or made significantly more accountable as a private organization, we won’t really have any way of knowing whether the money being spent on NCMEC is being spent in the most effective manner possible to deal with the problems of child pornography, abduction and exploitation. We also won’t know whether draconian alternatives to direct enforcement ( e.g., hiring more FBI agents) like network-level filtering mandates are truly necessary, despite their unintended consequences for the free speech and privacy rights of law-abiding Internet users.

The Economist magazine has just released an important feature article entitled, “Sex Laws: Unjust and Ineffective.” In an indirect way, the article makes a point that I have been trying to get across in my work on this issue: If you want to keep your kids safe from real sex offenders, we need to scrap our current sex offender registries and completely rethink the way we define and punish sex offenses in this country.  That’s because, currently, a significant percentage of those people listed in sex offender registries pose almost no threat to children, making it difficult for us to know who really does pose a threat to our kids and what we should do about them.

Simply stated, we’ve dumbed-down the notion of “sex crimes” in this country. As a nation, we have foolishly come to equate almost all sex offenses equally.  While sex offender registry laws vary from state to state, many basically say that that two teens caught engaging in consensual oral sex in high school belong on the same list alongside child rapists. That is insanity. And it leaves many in the public, especially parents, thinking that the whole world is full of predators lurking on every corner just waiting to snatch, rape, and kill their children. [ For the actual facts, see the appendix I have included down below: “Is America Suffering from a National Child Abduction Epidemic”?]  In reality, as The Economist feature story points out, the truth is quite different:

Every American state keeps a register of sex offenders. California has had one since 1947, but most states started theirs in the 1990s. Many people assume that anyone listed on a sex-offender registry must be a rapist or a child molester. But most states spread the net much more widely. A report by Sarah Tofte of Human Rights Watch, a pressure group, found that at least five states required men to register if they were caught visiting prostitutes. At least 13 required it for urinating in public (in two of which, only if a child was present). No fewer than 29 states required registration for teenagers who had consensual sex with another teenager. And 32 states registered flashers and streakers. Because so many offences require registration, the number of registered sex offenders in America has exploded. As of December last year, there were 674,000 of them, according to the National Centre for Missing and Exploited Children. If they were all crammed into a single state, it would be more populous than Wyoming, Vermont or North Dakota. As a share of its population, America registers more than four times as many people as Britain, which is unusually harsh on sex offenders. America’s registers keep swelling, not least because in 17 states, registration is for life.

Georgia has more than 17,000 registered sex offenders. Some are highly dangerous. But many are not. And it is fiendishly hard for anyone browsing the registry to tell the one from the other. The Georgia Sex Offender Registration Review Board, an official body, assessed a sample of offenders on the registry last year and concluded that 65% of them posed little threat. Another 30% were potentially threatening, and 5% were clearly dangerous. The board recommended that the first group be allowed to live and work wherever they liked. The second group could reasonably be barred from living or working in certain places, said the board, and the third group should be subject to tight restrictions and a lifetime of monitoring. A very small number “just over 100” are classified as “predators”, which means they have a compulsion to commit sex offences. When not in jail, predators must wear ankle bracelets that track where they are.

Let’s repeat a few key numbers here: 674,000 registered offenders, “more populous than Wyoming, Vermont or North Dakota.”  Those are the kind of numbers that send sensationalistic media outlets and average parents alike into a tizzy. Rarely does anyone stop to ask what those numbers mean or who these people are on the sex offender registries. But, as The Economist notes, when you dig below the surface and start taking a serious look at who these people are and what they have done to land on the list, a very different story emerges. We’re polluting these lists with petty offenders (flashers and streakers) and people who should have been dealt with in different ways (like teens who were caught in the act).

What about the real bad guys?  As the Georgia Review Board found, only 5% of those on their sex offender registry were “clearly dangerous” and “should be subject to tight restrictions and a lifetime of monitoring.”  These would be your true scum of the Earth; the sick fiends who really have preyed on children or raped repeatedly.  Here’s a question I want answered about these scum: Why do we need a sex offender registry for them at all? Why are they not behind bars for life?  Why don’t we cut off their privates!  I am deadly serious here.  If anyone raped one of my children, I would go after him and snip his manhood myself… slowly… with a dull, rusty blade.  Any yet we release these people to re-offend. And then we put them on a list. A list that had teens on it who made a stupid mistake in high school in the back of car and got caught. DOES THIS MAKE ANY DAMN SENSE???  (And yes, I am shouting when I use all caps!  Because I am sick and tired of this nonsense.)

Here is the sobering fact to consider: a 2003 Department of Justice study reported that the average sentence for child molesters was approximately seven years and, on average, they were released after serving just three of those seven years. That is an extremely troubling statistic. If you have young children in your home, it is even more upsetting. When our government is putting people who viciously hurt innocent children behind bars for just seven years and then letting them out after only three, then our government has failed us at a very fundamental level.

Worse yet, policymakers then point fingers at everyone else and scold Internet companies and ISPs for not doing enough to protect children from predators, all the while conveniently ignoring the government’s own failed policies that allow those predators to be on the streets and behind keyboards in the first place!  It is not “market failure” at work when child predators are lurking online; it is government failure in the extreme. We are never going to solve this problem until we hunt down the real bad guys and lock them up for a long, long time.

In the meantime, however, as Lenore Skenazy argues, parents might want to just “burn your sex offender maps” because they instill a sense of dread and panic in us about the world around us based simply on the large number of people on them — even though they tell you little about who is an actual threat to your child.  I have parents in my neighborhood who tell me they won’t let their kids ride their bike down the sidewalks in our very safe and fairly affluent neighborhood in McLean, Virgina because they have heard there are sex offenders in the area. I ask them if they have ever examined those “offenders” to see what they are on the list for.  They haven’t bothered.  I have.  Not one of the sex offenders in my area had anything to with sex crimes against children.  Strangely, most of the sex offenders in my area are listed as just  being convicted of “sodomy.”  I always wonder, was that consensual sodomy that occurred when it was still a crime in Virginia? (That is, before the Supreme Court struck down such laws in the 2003 case of Lawrence v. Texas). If so, that’s not a crime in my book and those people do not belong on any sex offender list.  Of course, if it was actual rape, that’s a very serious crime and it deserves conviction. Either way, these are not sex crimes against children even though that’s the impression many parents have when parents see or hear about these sex offender registries.  So, when only a small percentage of those on the lists are the ones we truly need to fear (the child molesters and rapists), isn’t there a better solution? Like: LOCK THEM UP AND THROW AWAY THE KEY!  Or, if we are not going to do that, at least create a separate registry for these more serious offenders. Call it the “Scum of the Earth List” and make these people were bright neon monitoring bracelets and anklets so we can see them.

At a minimum, we need follow the advice Human Rights Watch has set forth, as The Economist summarizes:

Human Rights Watch urges America to scale back its sex-offender registries. Those convicted of minor, non-violent offences should not be required to register, says Ms Tofte. Nor should juveniles. Sex offenders should be individually assessed, and only those judged likely to rape someone or abuse a child should be registered. Such decisions should be regularly reviewed and offenders who are rehabilitated (or who grow too old to reoffend) should be removed from the registry. The information on sex-offender registries should be held by the police, not published online, says Ms Tofte, and released “on a need-to-know basis”. Blanket bans on all sex offenders living and working in certain areas should be abolished. Instead, it makes sense for the most dangerous offenders sometimes to face tailored restrictions as a condition of parole.

To clarify my own views: I think lists of serious sex offenders (again, if we aren’t locking them up for longer periods) should be made public, but the lesser offenses (like cases of consensual teen sex in high school) should be kept private so it doesn’t stigmatize those people for life and drive the average public batty in the meantime.

We need to bring some sanity back to America’s sex laws.  And we need to do if for the children. Our kids are not going to be safer (or saner) by artificially inflating sex offender rolls with people who don’t belong on the list in the first place.  That just leads to fear, confusion, and a misplaced sense of justice. We need to punish the true scum more aggressively, and then find more sensible approaches to deal with others.  And let’s get out of the business of putting teenagers on these lists altogether.  That’s just nuts.

A final reason I care deeply about setting things right on this front is because concerns about online child safety — and overblown fears about child predators in particular — are leading to many calls for increased Internet regulation. Down below, I have pasted in an excerpt from my “Parental Controls & Online Child Protection” report in which I explain why this “technopanic” mentality about kids and the Internet is unwarranted.

Appendix: Is America Suffering from a National Child Abduction Epidemic? [ excerpt from “Parental Controls & Online Child Protection,” by Adam Thierer, PFF, ver. 4.0, 2009.]

Debates about online child safety are often driven by fear — fear of bad guys lurking online and waiting to snatch up our children. Indeed, there have been a handful of highly publicized cases of minors being contacted and later abducted or abused by child predators on social networking sites.[1] Such cases do not mean that a national epidemic of Internet-related child abductions is occurring, however. The reality is quite different. As Internet safety expert Larry Magid has noted:

Contrary to what some people might imply, most kids who become victims of online sex predators are not abducted. They are lured after being groomed by their predators. And, though any case is tragic, the fact is that such crimes are relatively rare considering the millions of children and teens that go online every day. Despite thousands of arrests of would-be predators caught up in sting operations, tragic cases like this don’t appear to occur very often.[2]

Indeed, generally speaking, abductions by strangers “represent an extremely small portion of all missing children [cases].”  That conclusion was a central finding of the 2002 National Incidence Studies of Missing, Abducted, Runaway, and Thrownaway Children (NISMART), a study conducted by the Department of Justice’s Office of Juvenile Justice and Delinquency Prevention.[3] Although the survey is several years old and suffers from some data and methodological deficiencies, it remains the most comprehensive survey of missing and abducted children in the United States.

The NISMART survey broke down juvenile abductions into two categories—family versus non-family. It found that the vast majority of kidnapping victims were abducted by family, friends of the family, or people who had a close relationships with (or the trust of) the minors. Only 115 of the estimated 260,000 abductions—or less than a tenth of a percent—fit the stereotypical abduction scenario that parents most fear: complete strangers snatching children and transporting them miles away.[4] And Lenore Skenazy, author of Free-Range Kids: Giving Our Children the Freedom We Had Without Going Nuts with Worry, notes that, “the chances of any one American child being kidnapped and killed by a stranger are almost infinitesimally small: .00007 percent.”[5]

Despite those findings, public policy debates and media reports remain preoccupied with the horror stories about abductions by random strangers, leaving the impression that the problem is much larger than the more serious issues of family or acquaintance abductions.[6]

Research has shown that this conclusion is also true of child abuse and sex offenders in general, not just abductions. As psychologist Anna C. Salter, author of Predators: Pedophiles, Rapists, and Other Sex Offenders, points out, “[Sex offenders] are part of our communities, part of our network of friends, worse yet, sometimes part of our families.”[7] And former FBI special agent Kenneth V. Lanning, author of Child Molesters: A Behavior Analysis, notes the following:

The often forgotten piece in the puzzle of the sexual victimization of children is acquaintance molestation. This seems to be the most difficult manifestation of the problem for society and the law to face. People seem more willing to accept a sinister stranger from a different location or father/stepfather from a different socioeconomic background as a child molester than a clergy member, next-door neighbor, law-enforcement officer, pediatrician, teacher, or volunteer with direct access to children. The acquaintance molester, by definition, is one of us. He is not just an external threat. We cannot easily distinguish him from us or identify him by physical traits. These kinds of molesters have always existed, but society and the criminal-justice system have been reluctant to accept the reality of these cases.[8]

Clearly, the problem of family and acquaintance abductions and sex abuse predated the rise of the Internet, and it will unlikely be diminished by age verification of minors on social networking websites or other websites. But the argument could be made that abductions by strangers — while exceedingly rare — could be reduced even further by age-verifying minors or adults before they enter certain sites.

This potential reduction may be true, but it is important to remember that predators can’t magically reach through a computer screen and grab our kids. Predators must meet them somewhere in the physical world (i.e., a mall, park, playground, etc.). The danger of the Internet is that it allows predators to groom minors over a protracted period, while doing so from a distance. However, the fact that they are doing so from a distance—and over electronic communications networks, no less—means we have actually gained some important advantages in our effort to combat child predation. Many of the predators leave digital tracks for us to follow. Thus, to the extent that disturbing things are happening online or being facilitated by the Internet in any fashion, at least there is a digital record of those activities or crimes. The electronic tracks have made it easier to recover children or to track perpetrators on many occasions.[9]

Of course, digital records have also made it easier to catch minors engaging in foolish behavior after they post information or photos about their actions online.[10] In past generations, parents often warned their kids to behave themselves in public or else “it will go down on your permanent record.” It was largely just a scare tactic, because there really was no permanent record of the mundane activities of youth. Today, however—for better or for worse—the Internet is becoming “your permanent record.” No doubt, this raises some serious, long-term privacy concerns, but the one positive aspect is that the existence of electronic records makes it easier for parents, website operators, or law enforcement officials to deal with online troublemakers of all varieties.[11] That is why education is essential to make sure both kids and their parents understand that serious consequences are associated with what they post online.

[2] Larry Magid, Abductions by Online Predators Rare, San Jose Mercury News, Oct. 22, 2007,  www.connectsafely.org/articles–advice/commentaries—staff/abduction-by-online-predators-rare.html

[3] Andrea J. Sedlak, David Finkelhor, Heather Hammer, and Dana J. Schultz, National Estimate of Missing Children: An Overview, National Incidence Studies of Missing, Abducted, Runaway, and Thrownaway Children (NISMART), Oct. 2002, at 7,    www.missingkids.com/en_US/documents/nismart2_overview.pdf

[4] A recent study of cases about missing children in Ohio revealed a similar trend. Of the 11,074 documented missing child cases in 2005, only five involved abduction by strangers compared with 146 abductions by family members. Ohio Missing Children Clearinghouse, 2005 Annual Report, at 4; www.ag.state.oh.us/victim/pubs/2005ann_rept_mcc.pdf

[5] Lenore Skenazy, Free-Range Kids: Giving Our Children the Freedom We Had Without Going Nuts with Worry (San Francisco, CA: Jossey-Bass, 2009), at 16.

[6] Indeed, one recent study suggests that perception has replaced reality in the minds of many in the press and general public, who have increasingly come to believe that stranger abductions account for most missing child incidents. A 2006 analysis of New York Times articles about kidnappings, by Glenn W. Muschert, Melissa Young-Spillers, & Dawn Carr in the Justice Policy Journal, argued that “the Times disproportionately focuses on stereotypical kidnapping incidents, while social science data suggest that familial abductions are far more prevalent.” And abduction estimates made by some activists were also “highly exaggerated,” they found. Unsurprisingly, for those reasons, the authors note that various public opinion polls have revealed that most people believed that abductions by strangers accounted for most missing child cases even though the exact opposite was true. Glenn W. Muschert, Melissa Young-Spillers, & Dawn Carr, 3 Justice Policy Journal, No. 2, Fall 2006, at 4-6.

[7] “Sex offenders only very rarely sneak into a house in the middle of the night. More often they come through the front door in the day, as friends and neighbors, as Boy Scout leaders, priests, principals, teachers, doctors, and coaches. They are invited into our homes time after time, and we give them permission to take our children on the overnight camping trip, the basketball game, or down to the Salvation Army post for youth activities.” Anna C. Salter, Predators: Pedophiles, Rapists, and Other Sex Offenders (New York: Basic Books, 2003), at 5, 76.

[8] Kenneth V. Lanning, National Center for Missing & Exploited Children, Child Molesters: A Behavior Analysis, 2001, www.missingkids.com/missingkids/servlet/ResourceServlet?LanguageCountry=en_US&Pageid=469

[9] See Mark Sherman, Chat Rooms Help FBI Hunt for Pedophiles, USA Today, May 15, 2006, www.usatoday.com/tech/news/2006-05-15-fbi-chat-rooms_x.htm

[10] Wendy Davis, Teens’ Online Postings Are New Tool for Police, Boston Globe, May 15, 2006, www.boston.com/news/nation/articles/2006/05/15/teens_online_postings_are_new_tool_for_police; Andrew L. Wang, “Teen Blog Watch is On,” Chicago Tribune, May 23, 2006.

[11] Eric Tucker, Police Departments Turning to YouTube to Catch Suspects, Boston Globe, Feb. 24, 2007, www.boston.com/news/local/rhode_island/articles/2007/02/24/police_departments_turning_to_youtube_to_catch_suspects

The latest edition (Version 4.0) of my PFF special report on “Parental Controls and Online Child Protection: A Survey of Tools & Methods” is now up.  For those not familiar with the report, it explores the market for parental control tools, rating schemes, education and media literacy efforts, and various other tools, methods, and initiatives aimed at promoting online child safety.  After evaluating that state of this market, I conclude: “There has never been a time in our nation’s history when parents have had more tools and methods at their disposal to help them decide what constitutes acceptable media content in their homes and in the lives of their children.”  Moreover, I believe that the parental controls and content management tools cataloged in the report represent a better, less restrictive alternative to government regulation.

Version 4.0 of the report is now over 250 pages long (up from 200 pages in Version 3.0) and it contains almost 70 exhibits (up from 50), 725 references (up from roughly 500), and numerous updates in all five sections of the book. Major updates have been made to the Internet, social networking, and mobile media sections, reflecting the growing importance of those sectors and issues. Other new sections or appendices have also been added to the report, including:

• a new section examining how many households really need parental control tools;
• a new appendix on the downsides of mandatory parental controls and restrictive default settings;
• a new section on the dangers of “deputizing the online middleman” solution as an approach to solving child safety concerns;
• a new appendix reviewing the findings of 5 past online safety task forces;
• … and much more.

I issue major updates once a year and 1 or 2 minor tweaks during the course of the year to reflect the evolution of the parental control and online child safety marketplace and debate. The report is available free-of-charge on the PFF website, and the previous editions of the report are housed there too in case you want to see how it has evolved over the past couple of years. For those interested in taking a quick look at the report, I have embedded it down below the fold as a Scribd file. Finally, as is always the case, I encourage readers to send me updates and suggestions for how to improve the report and I will incorporate them into future versions.

Today, the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA) announced the members of the new Online Safety and Technology Working Group (OSTWG).  I am honored to be among those chosen to participate in this new task force and I look forward to continuing the work started last year with the Harvard Berkman Center’s Internet Safety Technical Task Force (ISTTF), which I also served on.   I was very proud of the work done by the ISTTF and the impressive final report that Prof. John Palfrey crafted to reflect our findings.  I am eager to investigate these issues further and take a look at the latest research and technologies that can help us better understand how to protect our kids online while also protecting the free speech and privacy rights of Netizens.

The new NTIA working group, which was established under the “Protecting Children in the 21st Century Act,” will report to the Assistant Secretary of Commerce for Communications and Information on industry-implemented online child safety tools and efforts. Within a year of convening its first meeting, the group will submit a report of its findings and make recommendations on how to increase online safety measures.

Below the fold I have listed the complete roster of OSTWG task force members.  I very much looking forward to working with this outstanding group.  And I’m happy to report that my TLF blogging colleague Braden Cox will be joining me on this task force!

Ms. Parry Aftab, WiredSafety Ms. Elizabeth Banker, Yahoo! Inc. Mr. Christopher Bubb, AOL Ms. Anne Collier, Net Family News, Inc./ConnectSafely.org Mr. Braden Cox, NetChoice Coalition Ms. Caroline Curtin, Microsoft Mr. Brian Cute, Afilias U.S.A. Mr. Jeremy Geigle, Arizona Family Council Ms. Marsali Hancock, Internet Keep Safe Coalition Mr. Michael Kaiser, National Cyber Security Alliance Mr. Christopher Kelly, Facebook Mr. Brian Knapp, Loopt, Inc. Mr. Timothy Lordan, Internet Education Foundation Mr. Larry Magid, SafeKids.com/ConnectSafely.org Mr. Brian Markwalter, Consumer Electronics Association Mr. Michael McKeehan, Verizon Communications, Inc. Dr. Samuel McQuade, III, Rochester Institute of Technology Ms. Orit Michiel, Motion Picture Association of America, Inc. Mr. John Morris, Center for Democracy & Technology Mr. Jonathon Nevett, Network Solutions, LLC Mr. Hemanshu Nigam, MySpace/Fox Interactive Media Ms. Jill Nissen, Ning, Inc. Mr. Jay Opperman, Comcast Corporation Mr. Kevin Rupy, United States Telecom Association Mr. John Shehan, National Center for Missing & Exploited Children Mr. K. Dane Snowden, CTIA – the Wireless Association Mr. Adam Thierer, Progress & Freedom Foundation Ms. Patricia Vance, Entertainment Software Rating Board Mr. Ralph Yarro, The CP80 Foundation

• denotes co-chairs of the task force

Caroline Kennedy has abruptly dropped her bid for Hillary Clinton’s Senate seat.  Her father, of course, probably ties with Andrew Mellon and Ronald Reagan as one of the greatest supply-side tax-cutters of all time.  The economic boom JFK unleashed probably makes up for whatever damage—personal or national—done by the Kennedy clan over the years.  

But whatever one thinks of Caroline in particular or the Kennedys in general, her departure from the “race” to succeed Clinton may go down in history as a catastrophe for Internet freedom, since it likely means that NY Attorney General Andrew Cuomo will take the seat.  

Cuomo has cast himself as a hero fighting to protect children by strong-arming ISPs into shutting down Usenets, as Ryan has explained.  Jim correctly points out the “shake down” nature of Cuomo’s operation.  And Adam has explained that this is all part of a broader assault on online free speech.  While few are willing to discuss this taboo subject, it’s fair to ask whether the “solutions” Cuomo are really the most effective way to deal with the scourge of child pornography. 

I’ll bet good money that if Cuomo makes it into the Senate, he’ll continue this fight on a broader scale—perhaps by pushing for legislation to mandate network-level filtering a la Cleanfeed.

Update: Gov. Paterson has decided to appoint Rep. Kirsten Gillibrand to this seat rather than Cuomo. That’s the good news.  The bad news is that this bully is still Attorney General of the Empire State.  I have no doubt he’ll continue his war on free speech in his current position.

Over the past year, I have been monitoring a very interesting trend with important ramifications for the future of Internet policy. State Attorneys General (AGs) — often in league with the National Center for Missing and Exploited Children (NCMEC) — have been striking a variety of “voluntary” agreements with various Internet companies that deal with child safety concerns or other online issues. These agreements require the companies involved to take various steps to alter site architecture and functionality, commit to stop certain practices, or take steps to block certain users (ex: predators; escort services) or types of content (ex: child porn; online “discrimination”) altogether.

To begin, let me be very clear about one thing: Some of these activities or types of content warrant a law enforcement response. That is certainly the case with child pornography or predation, for example. However, as I will note down below, there is a legitimate question about whether state officials and a non-profit private organization should be crafting legal or regulatory policies to address such concerns for a global medium like the Internet. Regardless, these agreements are creating a new layer of Internet regulation (almost extra-legal in character) that is worthy of exploration.

First, let me itemize some of these recent “voluntary” agreements between Internet companies and the AGs and/or NCMEC:

• MySpace, Facebook & 49 state AGs: On January 14th, 2008, social networking website operator MySpace.com announced an agreement with 49 state Attorneys General (AGs) aimed at better protecting children online. As part their “Joint Statement on Key Principles of Social Networking Safety,” MySpace promised the AGs it would expand online safety tools, improve education efforts, and expand its cooperation with law enforcement. Facebook entered into a similar agreement with the AGs in May. These agreements came after AGs had relentlessly pushed these social networking sites for over a year to adopt age verification techniques to screen site users. Although mandatory age verification was not part of the final agreements, an Internet Safety Technical Task Force (ISTTF) was formed to study online safety tools, including a review of online identity authentication technology. It was clear when the announcements were made that the AGs were very interested in seeing online age verification pursued.
• Various ISPs and New York AG + NCMEC: In June 2008, New York Attorney General Andrew Cuomo pushed several major ISPs to enter into a Memorandum of Understanding (MOU) with NCMEC to address the dissemination of child pornography online.  Under the MOU, the ISPs must use a NCMEC-provided list of URLs supposedly containing child pornographic images to blacklist and block all access to those sites for their users. The agreement also closed off access to Usenet discussion boards on those ISP’s networks.
• Craigslist & California AG + NCMEC: In early November, Craigslist struck an agreement with 40 state AGs as well as NCMEC in which the online classifies operator agreed to take steps to root out certain sexually-themed or “erotic services” listings. See this Ars Technica article for additional details.
• eHarmony & New Jersey AG: Just this past week, the online dating service company eHarmony announced it had struck an agreement with the Attorney General of New Jersey to settle a complaint that a New Jersey resident filed with the state in 2005 alleging that eHarmony violated his rights by not offering a same-sex matching service. The agreement creates some interesting questions, as George Mason University law professor David Bernstein told the Wall Street Journal. The discrimination claim “seems like quite a stretch,” he said, and he said that he is worried it might encourage similar claims. “If you start a dating service for African Americans, do you need one for whites and Latinos? If you have one for Jews, do you need one for Christians and Muslims?” According to the Journal, eHarmony faces a similar discrimination claim in a California court, so we might get answers soon enough.

There are a number of interesting legal and practical questions raised by these agreements:

• “Voluntary” Agreements & the Law: Although typically billed as “voluntary” in nature, it seems highly unlikely that any of the companies involved would have made these concessions without  pressure from the state AGs (and sometimes NCMEC) to do so. How binding are these agreements in light of that? Of course, it is unlikely any of the companies involved would (or could) later challenge the validity or scope of these agreements after they had already signed onto them. But what if a free speech or civil liberties group challenged these agreements in court because of their impact on the Internet, online speech, or a certain group of citizens? Would they have a case? Would they even have standing? Where do they have it?
• Precedent & Applicability: Do such agreements constitute precedents that could be applied in other cases or contexts? Could parties not involved in the original agreements — either because they refused or did not yet exist — eventually be covered by them in some fashion? Do these agreements cover services available in the American but hosted entirely overseas?
• Commerce Clause Issues: Do state Attorneys General have the right to impose such quasi-regulatory regimes on an interstate medium like the Internet? Can 50 state AGs impose uniform laws on the Net without any congressional oversight, as was the case in the MySpace and Craigslist agreements? Conversely, what will the impact be of individual state AGs going their own way, as was the case with the eHarmony agreement? If Congress remains silent on the agreements but a group (ex: a civil liberties group) brings a dormant Commerce Clause case, what are their chances of prevailing in court?
• Accountability & Effectiveness: Will anyone in Congress or a federal agency oversee these agreements? How transparent are these agreements when they are brokered behind closed doors or with NCMEC? Does the Freedom of Information Act (FOIA) apply such that records and information can be made public?  What is the benchmark of success when different states adopt different legal regimes for the Net?

I’m not saying I have any good answers here; I’m just trying to get the questions on the table and get a discussion going. I would appreciate any input on the matter, especially of the legal variety. It strikes me that we are in somewhat uncharted waters here, at least for the Internet. On the other hand, I’m sure there have been state AG-related “voluntary” agreements struck in other industries and contexts in the past that might provide some insight into what, if anything, happens next.

What I find most interesting about these developments is that the state AGs appear to be gradually accomplishing what Congress has not been able to do over the past dozen years: To impose a comprehensive regulatory structure on the Internet. But that emerging regulatory structure is highly fractured and piecemeal in nature, and that troubles me. I am particularly concerned about the long-term impact of a 50-state patchwork approach to online regulation — both for speech and commerce. It’s not like we’re talking about the regulation of a corner newsstand here, after all. This is the Internet, and localized regulation of this national — actually global — platform makes me more than a bit nervous.

In closing, I want to again reiterate that I do not necessarily oppose intervention in any of these cases. However, to the extent such regulations do need to be imposed and enforced, it may make more sense for the process to be federalized and NCMEC’s role nationalized and administered by the Federal Bureau of Investigation or some branch of the Department of Justice. There needs to be greater transparency and accountability when matters of child pornography or predation are at issue, and NCMEC’s lack of FOIA-ability in this regard is problematic. I think NCMEC is a fine organization that does very important work to help protect children, but it is work that involves criminal activities and the collection of evidence that could be used in criminal court proceedings. In light of that — and in light of the expanded law enforcement powers being granted to NCMEC — I believe the time has come to have a serious conversation about whether those powers should continue to be housed in a private, non-profit organization, or if they should be transfered to a federal law enforcement agency. Of course, there could be serious downsides associated with the nationalization of those powers, which also should be considered.

Just FYI, the latest update of my booklet on “Parental Controls and Online Child Protection: A Survey of Tools & Methods” is now live. The new version, Version 3.1, provides minor updates to all sections of the book and a new appendix of relevant research in the field. I issue major updates early each year and 1 or 2 tweaks during the course of the year to reflect the evolution of the parental control and online child safety market and debate.

For those not familiar with the report, it explores the market for parental control tools, rating schemes, education efforts, and initiatives aimed at promoting online child safety. I believe that the parental controls and content management tools cataloged in the report represent a better, less restrictive alternative to government regulation. As I conclude after evaluating that state of the market: “There has never been a time in our nation’s history when parents have had more tools and methods at their disposal to help them decide what constitutes acceptable media content in their homes and in the lives of their children.”

The report is available free-of-charge on the PFF website, and the previous editions of the report are housed there too in case you want to see how it has evolved over the past two years. For those interested in taking a quick look at the report, I have embedded it down below the fold as a Scribd file. Finally, as is always the case, I encourage readers to send me updates and suggestions for how to improve the report and I will incorporate them into future versions.

PFF has just releasing an updated edition of my booklet on “Parental Controls and Online Child Protection: A Survey of Tools & Methods.” The new version, Version 3.0, includes two new appendixes and updates to each section to reflect new parental control tools and programs developed in the last nine months.

The updated report is timely as it comes on the heels of the recently-announced Internet Safety Technical Task Force, which is being chaired by the Berkman Center for Internet & Society at Harvard Law School. I am privileged to serve as a member of the Task Force, which is evaluating various online safety technologies and strategies and then reporting back to state attorneys general with our findings.

Those issues and much more are covered in the latest edition of my report. The report explores the market for parental control tools, rating schemes, education efforts, and initiatives aimed at promoting online child safety. I believe that the parental controls and content management tools cataloged in the report represent a better, less restrictive alternative to government regulation. As I conclude after evaluating that state of the market: “There has never been a time in our nation’s history when parents have had more tools and methods at their disposal to help them decide what constitutes acceptable media content in their homes and in the lives of their children.”

Version 3.0 of the special report, now over 200 pages, contains over fifty exhibits and numerous updates in all five sections of the book. Major updates have been made to the Internet, social networking, and mobile media sections, reflecting the growing importance of those sectors and issues. A greatly expanded section on video empowerment technologies has also been included. Finally, two appendices have also been added: a comprehensive legislative index cataloging over thirty bills introduced in Congress on these issues (complied with John Morris of Center for Democracy & Technology), and a glossary of 35 relevant terms and cases.

The report is available free-of-charge on the PFF website, as are the previous editions. And I am happy to provide hard copies to those who are interested.

PFF has just released my latest paper entitled “Parental Control Perfection? The Impact of the DVR and VOD Boom on the Debate over TV Content Regulation.” In the report, I focus on the extent to which new video technologies, such as digital video recorders (DVRs) and video on demand (VOD) services, are changing the way households consume media and are helping parents better tailor viewing experiences to their tastes and values. I provide evidence showing the rapid spread of these technologies and discuss how parents are using these tools in their homes. Finally, I argue that these developments will have profound implications for debates over the regulation of video programming. As parents are given the ability to more effectively manage their family’s viewing habits and experiences, it will lessen—if not completely undercut—the need for government intervention on their behalf.

This 16-page report can be found at: http://www.pff.org/issues-pubs/pops/pop14.20DVRboomcontentreg.pdf