Category: Web 2.0


Recommended Reading: Harlan Yu and David Robinson on The New Ambiguity of “Open Government”

Last week, we had an engrossing discussion of Julie Cohen’s Configuring The Networked Self, which embraces three key principles for protecting the structural conditions of human flourishing, including transparency of networked architecture which routes, shapes, and determines the collection, use, and flow of information.  Harlan Yu of Princeton’s Center for Information Technology Policy and David Robinson of the Yale Information Society Project have done important work puzzling through the question of transparency, and the related concerns of privacy and civil engagement, in “open government” efforts.  Their conclusion:

Separating technological from political “openness”—separating the ideal of adaptable data from that of transparent politics—will yield benefits for all sides. New technologies, cut free from the heavy political burdens they have recently been made to carry, will be free to assume their widely varied natural roles, spreading throughout government in nimble and unpredictable ways, and helping governments at every level pursue all kinds of objectives. The Internet will still help, where it can, to make regimes more transparent.

At the same time, a clearer focus on transparency will give political reformers, who will no longer be shoehorned together with technologists, more freedom to focus on the political questions that motivate them in the first place. From their perspective, technology will do what it always does when working well: fade into the background and make room for human concerns.

When I spoke at Princeton about my work on Technological Due Process, Robinson and Yu helped me puzzle through my privacy concerns about Government 2.0, which I then developed in “Fulfilling Government 2.0’s Promise with Robust Privacy Protections,” 78 Geo. Wash. L. Rev. 822 (2010).  They are exciting thinkers, and their newest piece helps us appreciate and conceptualize calls for transparency and open government and the appropriate role technologists and technology can and should play.


Pakistan Scrubs the Net

Pakistan, which has long censored the Internet, has decided to upgrade its cybersieves. And, like all good bureaucracies, the government has put the initiative out for bid. According to the New York Times, Pakistan wants to spend $10 million on a system that can block up to 50 million URLs concurrently, with minimal effect on network speed. (That’s a lot of Web pages.) Internet censorship is on the march worldwide (and the U.S. is no exception). There are at least three interesting things about Pakistan’s move:

First, the country’s openness about its censorial goals is admirable. Pakistan is informing its citizens, along with the rest of us, that it wants to bowdlerize the Net. And, it is attempting to do so in a way that is more uniform than under its current system, where filtering varies by ISP. I don’t necessarily agree with Pakistan’s choice, but I do like that the country is straightforward with its citizens, who have begun to respond.

Second, the California-based filtering company Websense announced that it will not bid on the contract. That’s fascinating – a tech firm has decided that the public relations damage from helping Pakistan censor the Net is greater than the $10M in revenue it could gain. (Websense argues, of course, that its decision is a principled one. If you believe that, you are probably a member of the Ryan Braun Clean Competition fan club.)

Finally, the state is somewhat vague about what it will censor: it points to pornography, blasphemy, and material that affects national security. The last part is particularly worrisome: the national security trump card is a potent force after 9/11 and its concomitant fallout in Pakistan’s neighborhood, and censorship based on it tends to be secret. There is also real risk that national security interests = interests of the current government. America has an unpleasant history of censoring political dissent based on security worries, and Pakistan is no different.

I’ll be fascinated to see which companies take up Pakistan’s offer to propose…

Cross-posted at Info/Law.


Stanford Law Review Online: In Search of Cyber Peace

Stanford Law Review

The Stanford Law Review Online has just published an Essay by Scott J. Shackelford entitled In Search of Cyber Peace: A Response to the Cybersecurity Act of 2012. In the wake of recent events with the group Anonymous and other “hacktivists,” Shackelford discusses the pressing need for improved cybersecurity and explains why the proposed Cybersecurity Act is a step in the right direction–but doesn’t go far enough:

The Cybersecurity Act of 2012, which was recently introduced in the Senate Homeland Security and Governance Affairs Committee, is the latest legislative attempt to enhance the nation’s cybersecurity. If enacted, the bill would grant new powers to the Department of Homeland Security (DHS) to oversee U.S. government cybersecurity, set “cybersecurity performance requirements” for firms operating what DHS deems to be “critical infrastructure,” and create “exchanges” to promote information sharing. In its current form, the bill is a useful step in the right direction but falls short of what is required. Fundamentally the bill misconstrues the scale and complexity of the evolving cyber threat by defining critical infrastructure too narrowly and relying too much on voluntary incentives and risk mitigation strategies. The Act might improve on the status quo, but it will not foster genuine and lasting cybersecurity. Still, it is preferable to the softer alternative SECURE IT Act proposed by senior Republicans.

He concludes:

If we want to change the status quo, accountability and responsibility must be increased throughout the system. Government regulations are a necessary part of that process. But given political realities and the magnitude of the problem, reform must also include relying on the competitive market whenever possible to proactively foster best practices, providing market-based incentives and cyber risk mitigation techniques to firms operating [critical national infrastructure (CNI)], negotiating new international norms, and educating users to avoid becoming victims of social-engineering attacks like phishing. Cybersecurity cannot truly be enhanced without addressing the myriad governance gaps, which include incomplete regulation of CNI; technical vulnerabilities in the physical, logical, and content layers of the Internet; and legal ambiguities ranging from liability for data breaches to the applicability of international law to cyber attacks. One Act cannot accomplish all that—not even close. But being honest about the magnitude of the problems we face would help to begin a national conversation about what needs to happen next.

In 3001: The Final Odyssey, Arthur C. Clarke envisions a future in which humanity had the foresight to rid the world of its worst weapons of mass destruction by placing them in a vault on the moon. A special place in this vault was reserved for the malignant computer viruses that, in Clarke’s speculative fiction, had caused untold damage to humanity over the centuries. Before new cyber attacks do untold damage to our information society, it is in our interest to educate and regulate our way to a steady state of cybersecurity. Part of this process involves broadening the definition of CNI in the Cybersecurity Act and deepening public-private partnerships through more robust information sharing. Science fiction teaches us that our future world can be either a wonderful or a dystopian place. Whether or not the future includes the security and prosperity of cyber peace is up to us—including, for better or worse, the U.S. Congress.

Read the full article, In Search of Cyber Peace: A Response to the Cybersecurity Act of 2012 by Scott J. Shackelford, at the Stanford Law Review Online.


Santorum: Please Don’t Google

If you Google “Santorum,” you’ll find that two of the top three search results take an unusual angle on the Republican candidate, thanks to sex columnist Dan Savage. (I very nearly used “Santorum” as a Google example in class last semester, and only just thought better of it.) Santorum’s supporters want Google to push the, er, less conventional site further down the rankings, and allege that Google’s failure to do so is political biased. That claim is obviously a load of Santorum, but the situation has drawn more thoughtful responses. Danny Sullivan argues that Google should implement a disclaimer, because kids may search on “Santorum” and be disturbed by what they find, or because they may think Google has a political agenda. (The site has one for “jew,” for example. For a long time, the first result for that search term was to the odious and anti-Semitic JewWatch site.)

This suggestion is well-intentioned but flatly wrong. I’m not an absolutist: I like how Google handled the problem of having a bunch of skinheads show up as a top result for “jew.” But I don’t want Google as the Web police, though many disagree. Should the site implement a disclaimer if you search for “Tommy Lee Pamela Anderson”? (Warning: sex tape.) If you search for “flat earth theory,” should Google tell you that you are potentially a moron? I don’t think so. Disclaimers should be the nuclear option for Google – partly so they continue to attract attention, and partly because they move Google from a primarily passive role as filter to a more active one as commentator. I generally like my Web results without knowing what Google thinks about them.

Evgeny Morozov has made a similar suggestion, though along different lines: he wants Google to put up a banner or signal when someone searches for links between vaccines and autism, or proof that the Pentagon / Israelis / Santa Claus was behind the 9/11 attacks. I’m more sympathetic to Evgeny’s idea, but I would limit banners or disclaimers to situations that meet two criteria. First, the facts of the issue must be clear-cut: pi is not equal to three (and no one really thinks so), and the planet is indisputably getting warmer. And second, the issue must be one that is both currently relevant and with significant consequences. The flat earthers don’t count; the anti-vaccine nuts do. (People who fail to immunize their children not only put them at risk; they put their classmates and friends at risk, too.) Lastly, I think there’s importance to having both a sense of humor and a respect for discordant, even false speech. The Santorum thing is darn funny. And, in the political realm, we have a laudable history of tolerating false or inflammatory speech, because we know the perils of censorship. So, keeping spreading Santorum!

Danielle, Frank, and the other CoOp folks have kindly let me hang around their blog like a slovenly houseguest, and I’d like to thank them for it. See you soon!

Cross-posted at Info/Law.


Ubiquitous Infringement

Lifehacker‘s Adam Dachis has a great article on how users can deal with a world in which they infringe copyright constantly, both deliberately and inadvertently. (Disclaimer alert: I talked with Adam about the piece.) It’s a practical guide to a strict liability regime – no intent / knowledge requirement for direct infringement – that operates not as a coherent body of law, but as a series of reified bargains among stakeholders. And props to Adam for the Downfall reference! I couldn’t get by without the mockery of the iPhone or SOPA that it makes possible…

Cross-posted to Info/Law.


Stealing the Throne

Ever-brilliant Web comic The Oatmeal has a great piece about piracy and its alternatives. (The language at the end is a bit much, but it is the character’s evil Jiminy Cricket talking.) It mirrors my opinion about Major League Baseball’s unwillingness to offer any Internet access to the postseason, which is hard on those of us who don’t own TVs (or subscribe to cable). Even if you don’t agree with my moral claims, it’s obvious that as the price of lawful access diverges from the price of unlawful access (which is either zero, or the expected present value of a copyright suit, which is darn near zero), infringement goes up.

So, if you want to see Game of Thrones (and I do), your options are: subscribe to cable plus HBO, or pirate. I think the series rocks, but I’m not paying $100 a month for it. If HBO expects me to do so, it weakens their moral claim against piracy.

Unconvinced? Imagine instead that HBO offers to let you watch Game of Thrones for free – but the only place on Earth you can view the series is in the Kodak Theater in Hollywood. You’re located in rural Iowa? Well, you’ve no cause for complaint! Fly to LA! I suspect that translating costs into physical costs makes the argument clearer: HBO charges not only for the content, but bundles it with one particular delivery medium. If that medium is unavailable to you, or unaffordable, you’re out of luck.

Unless, of course, you have broadband, and can BitTorrent.

As a minimum, I plan not to support any SOPA-like legislation until the content industries begin to offer viable Internet-based delivery mechanisms that at least begin to compete with piracy…

Cross-posted at Info/Law.


Cyberbullying and the Cheese-Eating Surrender Monkeys

(This post is based on a talk I gave at the Seton Hall Legislative Journal’s symposium on Bullying and the Social Media Generation. Many thanks to Frank Pasquale, Marisa Hourdajian, and Michelle Newton for the invitation, and to Jane Yakowitz and Will Creeley for a great discussion!)


New Jersey enacted the Anti-Bullying Bill of Rights (ABBR) in 2011, in part as a response to the tragic suicide of Tyler Clementi at Rutgers University. It is routinely lauded as the country’s broadest, most inclusive, and strongest anti-bullying law. That is not entirely a compliment. In this post, I make two core claims. First, the Anti-Bullying Bill of Rights has several aspects that are problematic from a First Amendment perspective – in particular, the overbreadth of its definition of prohibited conduct, the enforcement discretion afforded school personnel, and the risk of impingement upon religious and political freedoms. I argue that the legislation departs from established precedent on disruptions of the educational environment by regulating horizontal relations between students rather than vertical relations between students and the school as an institution / environment. Second, I believe we should be cautious about statutory regimes that enable government actors to sanction speech based on content. I suggest that it is difficult to distinguish, on a principled basis, between bullying (which is bad) and social sanctions that enforce norms (which are good). Moreover, anti-bullying laws risk displacing effective informal measures that emerge from peer production. Read More


The Memory Hole

On RocketLawyer’s Legally Easy podcast, I talk with Charley Moore and Eva Arevuo about the EU’s proposed “right to be forgotten” and privacy as censorship. I was inspired by Jeff Rosen and Jane Yakowitz‘s critiques of the approach, which actually appears to be a “right to lie effectively.” If you can disappear unflattering – and truthful – information, it lets you deceive others – in other words, you benefit and they are harmed. The EU’s approach is a blunderbuss where a scalpel is needed.

Cross-posted at Info/Law.


Cary Sherman and the Lost Generation

The RIAA’s Cary Sherman had a screed about the Stop Online Piracy and PROTECT IP Acts in the New York Times recently. Techdirt’s Mike Masnick brilliantly gutted it, and I’m not going to pile on – a tour de force requires no augmentation. What I want to suggest is that the recording industry – or, at least, its trade group – is dangerously out of touch.

Contrast this with at least part of the movie industry, as represented by Paramount Pictures. I received a letter from Al Perry, Paramount’s Vice President Worldwide Content Protection & Outreach. He proposed coming here to Brooklyn Law School to

exchange ideas about content theft, its challenges and possible ways to address it. We think about these issues on a daily basis. But, as these last few weeks [the SOPA and PROTECT IP debates] made painfully clear, we still have much to learn. We would love to come to campus and do exactly that.

Jason Mazzone, Jonathan Askin, and I are eagerly working to have Perry come to campus, both to present Paramount’s perspective and to discuss it with him. We’ll have input from students, faculty, and staff, and I expect there to be some pointed debate. We’re not naive – the goal here is to try to win support for Paramount’s position on dealing with IP infringement – but I’m impressed that Perry is willing to listen, and to enter the lion’s den (of a sort).

And that’s the key difference: Perry, and Paramount, recognize that Hollywood has lost a generation. For the last decade or so, students have grown up in a world where content is readily available via the Internet, through both licit and illicit means; where the content industries are the people who sue your friends and force you to watch anti-piracy warnings at the start of the movies you paid for; and where one aspires to be Larry Lessig, not Harvey Weinstein. Those of us who teach IP or Internet law have seen it up close. In another ten years, these young lawyers are going to be key Congressional staffers, think tank analysts, entrepreneurs, and law firm partners. And they think Hollywood is the enemy. I don’t share that view – I think the content industries are amoral profit maximizers, just like any other corporation – but I understand it.

And that’s where Sherman is wrong and Perry is right. The old moves no longer work. Buying Congresspeople to pass legislation drafted behind closed doors doesn’t really work (although maybe we’ll find out when we debate the Copyright Term Extension Act of 2018). Calling it “theft” when someone downloads a song they’d never otherwise pay for doesn’t work (even Perry is still on about this one).

One more thing about Sherman: his op-ed reminded me of Detective John Munch in Homicide, who breaks down and shouts at a suspect, “Don’t you ever lie to me like I’m Montel Williams. I am not Montel Williams.” Sherman lies to our faces and expects us not to notice. He writes, “the Protect Intellectual Property Act (or PIPA) was carefully devised, with nearly unanimous bipartisan support in the Senate, and its House counterpart, the Stop Online Piracy Act (or SOPA), was based on existing statutes and Supreme Court precedents.” Yes, it was carefully devised – by content industries. SOPA was introduced at the end of October, and the single hearing that was held on it was stacked with proponents of the bill. “Carefully devised?” Key proponents didn’t even know how its DNS filtering provisions worked. He argues, “Since when is it censorship to shut down an operation that an American court, upon a thorough review of evidence, has determined to be illegal?” Because censorship is when the government blocks you from accessing speech before a trial. “A thorough review of evidence” is a flat lie: SOPA enabled an injunction filtering a site based on an ex parte application by the government, in contravention of a hundred years of First Amendment precedent. And finally, he notes the massive opposition to SOPA and PROTECT IP, but then asks, “many of those e-mails were from the same people who attacked the Web sites of the Department of Justice, the Motion Picture Association of America, my organization and others as retribution for the seizure of Megaupload, an international digital piracy operation?” This is a McCarthyite tactic: associating the remarkable democratic opposition to the bills – in stark contrast to the smoke-filled rooms in which Sherman worked to push this legislation – with Anonymous and other miscreants.

But the risk for Sherman – and Paramount, and Sony, and other content industries – is not that we’ll be angry, or they’ll be opposed. It’s that they’ll be irrelevant. And if Hollywood takes the Sherman approach, rather than the Perry one, deservedly so.

Cross-posted at Info/Law.


Tempest in Tempe: First Amendment in the Desert

In the spirit of the excellent colloquy here about Marvin’s thinking on First Amendment architectures, I bring up this news item: Arizona State University blocked both Web access to, and e-mail from, the Web site. ASU students had begun a petition demanding that the university reduce tuition. The university essentially made three claims as to why it did so (below, in order of increasing stupidity):

  1. It was a technical mistake;
  2. was spamming ASU; and
  3. ASU needs to “protect the use of our limited and valuable network resources for legitimate academic, research and administrative uses.”

#1 and #2 run together. If spam is the problem, you don’t need to block access to the Web site. However, if you are concerned that students are going to read the petition, and sign it, you do need to block access to the Web site.

For #2, sorry, ASU, this isn’t spam. Spam is unsolicited bulk commercial e-mail. is, allegedly, sending unsolicited political e-mail. And that’s protected by the First Amendment – see, for example, the Virginia Supreme Court’s analysis of that state’s anti-spam law that covered political messages. Potential political spammers have a sharp disincentive to fill recipient’s inboxes – it’s a sure-fire way to annoy them into opposing your position.

For #3, ASU doesn’t get to determine what academic and research uses are “legitimate.” If they throttle P2P apps, that’s fine. If they limit file sizes for attachments, no problem. But deciding that the message from is not “legitimate” is classic, and unconstitutional, viewpoint discrimination.

This looks like censorship. I think it’s more likely to be stupidity: someone in ASU’s IT department decided to block these messages as spam, and to filter outbound Web requests to the site contained within those messages. But: with great power over the network comes great responsibility. Well-intentioned constitutional violations are still unlawful. It would also help if ASU’s spokesperson simply admitted the mistake rather than engaging in idiotic justification.

As I mention in Orwell’s Armchair, public actors are increasingly important sources of Internet access. But when ASU and other public universities take on the role of ISP, they need to remember that they are not AOL: their technical decisions are constrained not merely by tech resources, but by our commitment to free speech. Let’s hope the Sun Devils cool off on the filtering…

Cross-posted at Info/Law.