Keeping politicians' hands off the Net & everything else related to technology
You want privacy, do ya’?
http://www.theonion.com/content/themes/common/assets/onn_embed/embedded_player.swf?image=http%3A%2F%2Fwww.theonion.com%2Fcontent%2Ffiles%2Fimages%2FGOOGLE_VILLAGE_article.jpg&videoid=97279&title=Google%20Opt%20Out%20Feature%20Lets%20Users%20Protect%20Privacy%20By%20Moving%20To%20Remote%20Village
Google Opt Out Feature Lets Users Protect Privacy By Moving To Remote Village
What Unites Advocates of Speech Controls & Privacy Regulation? [pdf]
by Adam Thierer & Berin Szoka The Progress & Freedom Foundation, Progress on Point No. 16.19
Anyone who has spent time following debates about speech and privacy regulation comes to recognize the striking parallels between these two policy arenas. In this paper we will highlight the common rhetoric, proposals, and tactics that unite these regulatory movements. Moreover, we will argue that, at root, what often animates calls for regulation of both speech and privacy are two remarkably elitist beliefs:
While our use of the term “elitism” may unduly offend some understandably sensitive to populist demagoguery, our aim here is not to launch a broadside against elitism as Time magazine culture critic William H. Henry once defined it: “The willingness to assert unyieldingly that one idea, contribution or attainment is better than another.”[1] Rather, our aim here is to critique that elitism which rises to the level of political condescension and legal sanction. We attack not so much the beliefs of some leaders, activists, or intellectuals that they have a better idea of what it in the public’s best interest than the public itself does, but rather the imposition of those beliefs through coercive, top-down mandates.
That sort of elitism—elitism enforced by law—is often the objective of speech and privacy regulatory advocates. Our goal is to identify the common themes that unite these regulatory movements, explain why such political elitism is unwarranted, and make it clear how it threatens individual liberty as well as the future of free and open Internet. As an alternative to this elitist vision, we advocate an empowerment agenda: fostering an environment in which users have the tools and information they need to make decisions for themselves and their families. Continue reading →
By Eric Beach, Adam Marcus & Berin Szoka
In the first entry of the Privacy Solution Series, Berin Szoka and Adam Thierer noted that the goal of the series is “to detail the many ‘technologies of evasion’ (i.e., empowerment or user ‘self-help’ tools) that allow web surfers to better protect their privacy online.” Before outlining a few more such tools, we wanted to step back and provide a brief overview of the need for, goals of, and future scope of this series.
We started this series because, to paraphrase Smokey the Bear, “Only you can protect your privacy online!” While the law can play a vital role in giving full effect to the Fourth Amendment’s restraint on government surveillance, privacy is not something that cannot simply be created or enforced by regulation because, as Cato scholar Jim Harper explains, privacy is “the subjective condition that people experience when they have power to control information about themselves.” Thus, when the appropriate technological tools and methods exist and users “exercise that power consistent with their interests and values, government regulation in the name of privacy is based only on politicians’ and bureaucrats’ guesses about what ‘privacy’ should look like.” As Berin has put it:
Debates about online privacy often seem to assume relatively homogeneous privacy preferences among Internet users. But the reality is that users vary widely, with many people demonstrating that they just don’t care who sees what they do, post or say online. Attitudes vary from application to application, of course, but that’s precisely the point: While many reflexively talk about the ‘importance of privacy’ as if a monolith of users held a single opinion, no clear consensus exists for all users, all applications and all situations.
Moreover, privacy and security are both dynamic: The ongoing evolution of the Internet, shifting expectations about online interaction, and the constant revelations of new security vulnerabilities all make it impossible to simply freeze the Internet in place. Instead, users must be actively engaged in the ongoing process of protecting their privacy and security online according to their own preferences.
Our goal is to educate users about the tools that make this task easier. Together, user education and empowerment form a powerful alternative to regulation. That alternative is “less restrictive” because regulatory mandates come with unintended consequences and can never reflect the preferences of all users.
Maine has just enacted a law severely restricting marketing to kids: the Act To Prevent Predatory Marketing Practices against Minors, summarized by Covington & Burling. Adam and I released a major paper in June about such laws: COPPA 2.0: The New Battle over Privacy, Age Verification, Online Safety & Free Speech. Maine is following the lead of several other states that have tried to expand the Children’s Online Privacy Protection Act (COPPA) of 1998 to cover nost just kids under 13 but adolescents as well and potentially all social networking sites. We discussed at length the problems such laws create, particularly the possibility that large numbers of adults would, for the first time, be subject to age verification mandates before accessing (or participating in) the growing range of sites with social networking capabilities. This, in turn, would significantly “chill” free speech online by undermining anonymity.
Like COPPA 2.0 proposals in New Jersey (simply extending COPPA to cover adolescents) and Illinois (applying COPPA to most social networking sites), the Maine law tries to build on COPPA’s “verifiable parental consent” requirement for the 13-17 audience as well as those under 13.
On the one hand, the Maine law goes much further than these other COPPA 2.0 proposals. While the original bill was limited to the Internet and wireless communications, the final bill’s scope applies to all communications. The bill also covers “health-related” information (HRI) as well as “personal information” (PI). On the other hand, the Maine law is thus somewhat narrower than other COPPA 2.0 proposals and COPPA itself in that it applies only to “marketing or advertising products, goods or services.” While COPPA is commonly misunderstood to cover only marketing, it actually covers essentially any “collection” (broadly defined) of personal information from kids for any purpose—including merely giving kids access to communications functionality that might let them share personal information with other users (even if the site itself is not “collecting” that information in the commonly understood sense).
Well, here we go again. Harvard’s Jonathan Zittrain has penned another gloomy essay about how “freedom is at risk in the cloud” and the future of the Internet is in peril because nefarious digital schemers like Apple, Facebook, and Google are supposedly out to lock you into their services and take away your digital rights. And so, as I have done here many times before (see 1, 2, 3, 4, 5 + video!), I will offer a response arguing that Jonathan’s cyber-Chicken Little-ism is largely unwarranted.
Zittrain’s latest piece is entitled “Lost in the Cloud” and it appears in today’s New York Times. It closely tracks the arguments he has set forth in his book The Future of the Internet–And How to Stop It, which I named the most important technology policy book of 2008, but not because I agreed with its central thesis. Zittrain’s book and his new NYT essay are the ultimate exposition of Lessigite technological pessimism. I don’t know what they put in the water up at the Berkman Center to make these guys so remarkably cranky and despondent about the future of of the Internet, but starting with Lawrence Lessig’s Code in 1999 and running through to Zittrain’s Future of the Internet we have been forced to endure endless Tales of the Coming Techno-Apocalypse from these guys. Back in the late 90s, Prof. Lessig warned us that AOL and some other companies would soon take over the new digital frontier since “Left to itself, cyberspace will become a perfect tool of control.” Ah yes, how was it that we threw off the chains of our techno-oppressors and freed ourselves from that wicked walled garden hell? Oh yeah, we clicked our mouses and left! And that was pretty much the end of AOL’s “perfect control” fantasies. [See my recent debate with Prof. Lessig over at Cato Unbound for more about this “illusion of perfect control,” as I have labeled it.]
But Zittrain is the equivalent of the St. Peter upon which the Church of Lessigism has been built and, like any good disciple, he’s still vociferously preaching to the unconverted and using fire and brimstone sermons to warn of our impending digital damnation. In fact, he’s taken it to all new extremes. In Future of the Internet, Jonathan argues that we run the risk of seeing the glorious days of the generative, open Net and digital devices give way to more “sterile, tethered devices” and closed networks. The future that he hopes to “stop” is one in which Apple, TiVo, Facebook, and Google — the central villains in his drama — are supposedly ceded too much authority over our daily lives because of a combination of (a) their wicked ways and (b) our ignorant ones.
by Eric Beach & Adam Thierer
In our ongoing “Privacy Solutions Series” we have been outlining various user-empowerment or user “self-help” tools that allow Internet users to better protect their privacy online. These tools and methods form an important part of a layered approach that we believe offers a more effective alternative to government-mandated regulation of online privacy. [See entries 1, 2, 3, 4] In this installment, we will be exploring CCleaner, a free Windows-based tool created by UK-based software developer Piriform that scrubs you computer’s hard drive and cleans its registry. We’ll describe how CCleaner helps you destroy data and protect your private information.
Whenever you move files to the recycling bin and subsequently purge the recycling bin, the affected files remain on your computer. In other words, deleting files from the recycling bin does not remove them from the computer. The reason for this is important and, in many ways, beneficial. In some respects, many computer file systems work like an old library catalog system. A file is like a catalog card and contains the reference to the actual place on the hard drive where the information contained in the file is stored. When a user deletes a file, the computer does not actually clean all the affected hard drive space. Instead, to extend the analogy, the computer simply removes the card catalog entry that points to the hard drive space where the file is contained and frees up this space for new files. The reason this is usually beneficial is that cleaning the hard drive space occupied by a file can take a while. If you want evidence of this, look no further than the length of time required to reformat a hard drive (reformatting a hard drive actually clears the disk’s contents). The practical implication of the way hard drives work is that when you delete an important memo from your computer, it is not actually gone. Similarly, when you clear your browsing history, it is not gone. The bottom line is that an individual who can access your hard drive (a thief, the government, etc.) could view many or all of the files you deleted.
The solution to this problem is to ensure that when a file is deleted, the space on the hard drive occupied by that file is not simply flagged as available space but is entirely rewritten with unintelligible data. One of the best programs for accomplishing this is CCleaner (which formerly stood for “Crap Cleaner”!)
Just a heads up for those of you in the DC-area… On Monday, July 27th, PFF will be hosting a Hill event on “Online Child Safety, Privacy, and Free Speech: An Overview of Challenges in Congress & the States.” I will be moderating the discussion and we will be joined by Parry Aftab, Executive Director of WiredSafety.org, Jim Halpert a Partner with the law firm of DLA Piper, Todd Haiken, Senior Manager of Policy for Common Sense Media, and my colleague Berin Szoka also of PFF.
The event will focus on the intersection of online child safety, privacy, and free speech issues at both the federal and state level. Bills introduced in Congress to address cyberbullying concerns propose either educational initiatives or a criminalization approach. Access to objectionable content also remains a concern and a new, government-mandated task force is looking into those issues. Meanwhile, state officials, including many state attorneys general, continue to explore age verification mandates for social networking sites and some have considered building on the federal Children’s Online Privacy Protection Act (COPPA) to expand “parental notification” mandates. The Federal Trade Commission (FTC) has recently announced an expedited review of COPPA to see if it is keeping up with new developments. The FTC is also exploring child safety in virtual worlds. New concerns about “sexting,” or the sending of sexual explicit images over mobile devices, has also raised new concerns led some lawmakers to ponder penalties.
How serious are these concerns? Is legislation or regulation needed to address them? What free speech issues are at stake? Should Congress take the lead or leave it to the States to experiment with different models? These and other issues will be discussed by the panelists at our July 27th event.
The logistical details are below and you RSVP here.
“Online Child Safety, Privacy, and Free Speech: An Overview of Challenges in Congress & the States” July 27, 2009 12:00 p.m. to 1:30 p.m. Room SVC-208 Capitol Visitor Center 1st Street and East Capitol Street, NE (entrance across from Supreme Court)
Adam Thierer and I have been trying to drive home a simple message in the ongoing debate about targeted online advertising and privacy: “There is no Free Lunch!” We don’t have a lot of friends in this debate, since nearly everyone else seems to assume that online content and services will just continue to fall like manna from heaven if politicians strangle advertising online. So I was particularly heartened to read the following from Shelly Palmer:
This is the most serious question facing content producers today. Content costs money to produce. Third-party advertising/sponsor support is one model, promoting your own products is another, subscription is a third. At the end of the day, there are only three ways it works: I pay, you pay or someone else pays. Unfortunately, there is no business model called “no one pays.” In the case of MediaBytes, the model is “I pay.” It works for me as stated above. But, apparently, a fairly large number of people in my audience are uninterested in seeing even relevant product offerings. Is advertising over? If so, what’s next?
Amen! Shelly hosts a daily Internet talk show on technology and media called MediaBytes. He recently tried inserting a short ad at the beginning of the show to cover the significant costs of production:
The show is produced every business day and requires a research staff, a writer (me), an editor, an encoding/distribution manager and an affiliate relations staff. The reason for the production overview is that, this particular two-minutes may look like a talking head combined with some graphics and clips, but the work flow for any given show takes approximately 6 hour and all of the people involved in the production are on salary here at Advanced Media Ventures Group. And, for the record, MediaBytes, and the associated production materials, takes up approximately 25% of my day.
Unfortunately, Shelly’s audience seemed to feel entitled to receive the fruit of his hard work for free—without suffering the agony of watching… horror of horrors: advertising!. Continue reading →
In episode #44 of “Tech Policy Weekly,” Berin Szoka and Adam Thierer engage in a debate with Internet security expert Chris Soghoian, who is a student fellow at the Berkman Center for Internet & Society at Harvard University. He is also a Ph.D. candidate at Indiana University’s School of Informatics.
Chris is an up-and-coming star in the field of cyberlaw and technology policy as he has quickly made a name for himself in debates over privacy policy, data security, and government surveillance. He straddles the line between academic and activist, and the role he often plays in many tech policy debates is somewhat akin to what Ralph Nader has done in many other fields through the years. Except, in this case, instead of “Unsafe at Any Speed” it’s more like “Unsafe at Any Setting,” since Chris is often raising a stink about what he regards as unjust or unreasonable privacy or security settings that various online websites or service providers use.
On the show, Chris talks about two of his recent crusades to get certain online providers to change their default settings to improve user security or privacy: (1) His effort this week to get major email providers—and Google in particular—to change their default security settings on their email offerings; and (2) his earlier crusade to create permanent opt-out cookies to stop behavioral advertising by advertising networks.
There are several ways to listen to today’s TLF Podcast. You can press play on the player below to listen right now, or download the MP3 file. You can also subscribe to the podcast by clicking on the button for your preferred service. (And do us a favor, Digg this podcast!)
Come one, come all. ACT will be hosting a lunch event next Tuesday (June 23) at noon on privacy, free software, and government procurement.
We’ll discuss “free” software (ie. no license fees, free as in beer). It’s a nuanced take on some of what Chris Anderson will surely be talking about in his upcoming book on Free—where does the $ come from in software that we all use for free on the web, or that we download to our computer?
To answer this question, we’ll attempt to update traditional Total Cost of Ownership analysis for ad-based software and services. There’s a lot of discussion about privacy, security and sustainability considerations of cloud based solutions. In addition, the event will deal with skeptics who think that “free” means no business model at all. We’ll describe how free software and services are usually just one aspect of a larger enterprise geared toward expanding market penetration and increasing revenues. Mike Masnick described this in a recent Techdirt post.
I’m going to moderate, and our speakers will be Rob Atkinson at ITIF, Tom Schatz at CAGW, and Peter Corbett of iStrategyLabs.
We’ll be releasing a paper on all this, so come join us for lunch and a lively discussion–and best of all, it’s FREE!!
Further details are here.
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.
