Internet Scofflaw

The European Union wants to improve your privacy, but there’s a little problem:

The commission said consumers should be informed “in a clear and transparent way” about how their data will be used. They should also have the right to fully delete digital information, like social networking profiles, and should be informed when their data has been used in unlawful ways, the commission added.

What is this “full delete” of which they speak?

I guess I hadn’t been paying attention. I’ve been hearing people talk about a proposed Internet kill switch, but I assumed that it was either hyperbole or a fringe proposal. Nope. This is an actual bill proposed by Joe Lieberman (D-CT), Tom Carper (D-DE), and Susan Collins (RINO-ME).

Its supporters defend it thus:

Proponents of the bill say it is narrowly crafted and does not intend to limit speech but to eliminate the vulnerability of critical systems such as banks, the power grid and telecommunications from attacks by terrorists or agents of hostile countries.

Indeed, the bill specifically does not grant the president power to act unless a cyberattack threatens to cause more than $25 billion in damages in a year, kill more than 2,500 people or force mass evacuations. The president would have the ability to pinpoint what to clamp down on without causing economic damage to U.S. interests, for anywhere from 30 to 120 days with the approval of Congress, according to the bill.

“This is not Big Brother,” says Tom Kellermann, vice president of security awareness at Core Security Technologies, and a former security expert for the World Bank. “It’s not about shutting off the Internet, but taking a scalpel to command control to key services to protect them.”

Call me unreassured. Who issues the finding that one of this parade of horribles is going to happen, thereby allowing the president to shut down the Internet? The president, of course. The bill specifically prohibits judicial review, and the Congress merely has to be notified. So the limitations are meaningless.

Remember that the Democrats have made it clear that they believe that Sarah Palin can singlehandedly instigate a mass shooting merely by posting a web page calling for the defeat of some Democrats. Against that backdrop, it’s very easy to imagine a Democratic president deciding that Republicans communicating on the Internet are going to cause mass casualties.

Worse still, the proposal is not really for a nationwide kill switch. Such an extreme power could be used only in a legitimate emergency. Instead, the proposal would give the president a “scalpel”, with the power “to pinpoint what to clamp down on.” The president can easily choose precisely who to silence without inconveniencing the general public.

But the president would never do such a thing, right? Wrong. The administration is already shutting down tens of thousands of domains, without any due process at all, for literally no reason other than its confusion about how the Internet works.

Neither is the limitation of the power to dealing with “cyberattack” likely to be any protection. We have seen many times before how racketeering and money-laundering laws have been creatively interpreted to prosecute political activity, and that was with the approval of the courts. Here, the power of creative interpretation would lie with the same person who would exercise the power (remember, no judicial review). That’s no protection at all.

This proposal needs to be soundly defeated.

A number of network neutrality advocates are coming out against the FCC chairman’s plan to impose network neutrality despite a court ruling forbidding it.

I don’t understand it (the article doesn’t provide much detail), but I’m glad to see it.

(Previous post.)

Fox News reports:

The Obama administration is developing plans that would require all Internet-based communication services — such as encrypted BlackBerry e-mail, Facebook, and Skype — to be capable of complying with federal wiretap orders, according to a report published Monday.

This may or may not be a good idea (I think not), but of one thing you may be sure: If this were President Bush’s proposal, the left (in which I include the mainstream media) would be going beserk. There would not be enough trees for all the editorials the New York Times would write.

Listen: crickets!

Popular Mechanics: Compact fluorescent bulbs just aren’t very good, and LED bulbs are $30-$50 each. Soon they will be mandatory, though. So when is the right time to start hoarding incandescent bulbs?

The Washington Post reports:

The Obama administration is seeking to make it easier for the FBI to compel companies to turn over records of an individual’s Internet activity without a court order if agents deem the information relevant to a terrorism or intelligence investigation. . .

The administration wants to add just four words — “electronic communication transactional records” — to a list of items that the law says the FBI may demand without a judge’s approval. Government lawyers say this category of information includes the addresses to which an Internet user sends e-mail; the times and dates e-mail was sent and received; and possibly a user’s browser history. It does not include, the lawyers hasten to point out, the “content” of e-mail or other Internet communication.

Of course, the government can already demand to know who you are talking to on the phone. That’s troubling, to be sure, but at least there is a limit to what they can learn from that, because there is a sharp distinction between the phone number and the content of the call. For electronic communications, such a distinction is very hard to maintain. For many communications (e.g., web browsing, or friend requests), the recipient of the message is the entire substance of the message.

Will those on the left who condemned the Bush administration’s policy on phone records step up to condemn this far-worse overreach? We will see who was honest, and who was just scoring political points.

(Via Hot Air.)

The California state controller (a Democrat) says that California’s computer system is incapable of complying with the governor’s order to cut most state workers’ pay to minimum wage. He also says it would take 27 months to develop the technology to do it.

I’m pretty sure that mankind has already developed the technology to alter wages.

In my last post, I argued that the network-neutrality proposal being pushed by the FCC is deliberately vague, and would give the FCC the power to do whatever it feels like. Consequently, to avoid costly litigation, ISPs would find it necessary to treat all packets identically, despite claims that the proposal would not do so.

I framed my post as a response to an open letter to the FCC written by Vint Cerf (often called the “father of the internet”) and others. Yesterday, Cerf (or someone identifying himself as him) wrote me to say:

Your blog offers nothing constructive. Have you a proposition?

Thanks for asking! Yes. I have two proposals. The first one will be no surprise to regular readers of this space, but I suspect that Cerf is not, so I’ll go through that one first.

My first proposal is: let people do what they want. The broadband providers own the wire/fiber; let them use it as they see fit. If they do something stupid, like block access to certain sites, allow the market to punish them accordingly. This proposal is very easy to implement, as it means preserving the status quo.

As I’ve written before, the threat of broadband providers shaking down content providers and blocking their sites if they don’t pay is entirely hypothetical. (The threat of government overreach, on other hand, is not.) No broadband provider is doing this now, and I see the likelihood of anyone doing it in the future as very slim. One reason providers are unlikely to try such a thing is the history of the Comcast incident. Some people suggest that the incident proves that the broadband companies are a danger to the free flow of information. Actually, the incident proves just the opposite. (First of all, Comcast was trying to improve user performance, and was simply doing it in a stupid way, but that’s not the point. The market does not require that participants be angels, which they most certainly are not.) Customers got angry when they found out that Comcast was throttling BitTorrent, and Comcast was forced to back down. The market process worked exactly as it is supposed to.

I don’t personally see the need for more than this, but many people do. Some simply want to extend government control over the internet, but others are in earnest.

For people in the latter category, I have a second suggestion: Use the power of the market to force broadband providers to commit to neutrality. The best way to do this would have been to trademark the term “internet” and not permit a broadband provider to use the term unless they abide by standards from some established body like the IETF. That way, network neutrality could be enacted by that standards body. Its decisions would be unlikely to stifle innovation because (1) it’s an open body, (2) it’s not run by the government, and (3) any future standards for Quality of Service would probably go through that body anyway.

Importantly, any broadband provider would be free to ignore the standard, but then they would be unable to market their product as internet service. In order to make a profit, they would need to convince customers that they were offering something better. If they were blocking sites that refused a shakedown, they would have a hard time making that case. On the other hand, if they were providing a new innovation forbidden by an ossified standards body, they probably could make the case.

It’s much too late to trademark the term “internet” now, but we can still do something similar: Have a standards body offer a network-neutrality seal-of-approval to providers that abide by neutrality. Customers would have to be taught to look for the seal, but I don’t think that would be a problem. If Google and others were to take the money that they are spending to lobby the government and instead spend it to advertise a neutrality seal, I think they would have a very easy time making the sale. (And if they couldn’t, that might just mean that the public doesn’t care about network neutrality.)

The broadband providers would be delighted to cooperate because (1) currently they would all receive the seal, and (2) it would lift the threat of government action.

This model has succeeded in the past. For example, Underwriters Laboratories is a private organization that has been certifying products (mostly electrical) for safety for over a century. No one is required to abide by their standards, but those denied the seal have a hard time selling their products.

So that’s my proposal: let free people do what free people will do, and leave the government out of it.

(Previous post.)

I was surprised to learn of a letter that Vint Cerf and others wrote to the FCC in support of network neutrality last October. Cerf wrote:

One persistent myth is that “network neutrality” somehow requires that all packets be treated identically, that no prioritization or quality of service is permitted under such a framework, and that network neutrality would forbid charging users higher fees for faster speed circuits. To the contrary, we believe such features are permitted within a “network neutral” framework, so long they are not applied in an anti-competitive fashion.

I was surprised by this, because my understanding is that’s exactly what network neutrality is. But rather than argue semantics, let’s go to the FCC’s proposed rules and see what they say. How do you write a rule that dictates that all traffic must be treated equally, while still allowing you to treat some traffic differently than other traffic where appropriate?

You can’t. So here’s what they say instead:

Subject to reasonable network management, a provider of broadband Internet access service must treat lawful content, applications, and services in a nondiscriminatory manner.

There are two keys phrases here, “reasonable network management” and “nondiscriminatory”. The latter is not defined at all. The former purports to be defined, but the definition is circular and in any case it leaves open the definition of “reasonable”:

Reasonable network management consists of:
(a) reasonable practices employed by a provider of broadband Internet access service to:
(i) reduce or mitigate the effects of congestion on its network or to address quality-of-service concerns;
(ii) address traffic that is unwanted by users or harmful;
(iii) prevent the transfer of unlawful content; or
(iv) prevent the unlawful transfer of content; and
(b) other reasonable network management practices.

So we can see that the FCC’s rule is no rule at all, because it never defines “nondiscriminatory” or “reasonable”. So how is the FCC going to enforce a policy that is ill-defined? The rule doesn’t say, but the FCC’s chairman Julius Genachowski explained at a speech at the Brookings Institution in September 2009 (page 13):

I will propose that the FCC evaluate alleged violations of the non-discrimination principal [sic] as they arise on a case by case basis, recognizing that the internet is an extraordinarily complex and dynamic system. This approach within the framework I am proposing today will allow the Commission to make reasoned, fact based determinations based on the internet before it, not based on the internet of years passed or guesses about how the internet will evolve.

Here’s the rub. Genachowski recognizes that there is no way to make a rule that ensures the good intended consequences of network neutrality while averting the bad unintended consequences. It’s good that he recognizes that, since legislators and regulators typically don’t, but what he proposes is even worse. He proposes, essentially, that there be no well-defined rule at all. Instead, the FCC will decide what’s okay on a case-by-case basis, using nothing but vague principles as a guide.

Returning to Cerf’s letter, he writes:

Many now-successful companies have deployed their services on the Internet without the need to negotiate special arrangements with Internet Service Providers, and it’s crucial that future innovators have the same opportunity. We are advocates for “permissionless innovation” that does not impede entrepreneurial enterprise.

I wholeheartedly agree with the principle of “permissionless innovation”, but that’s exactly not what the FCC’s policy would ensure. It does require that future innovators negotiate their innovations; it just makes the other party to the negotiation the FCC rather than ISPs.

Moreover, while the prospect of an ISP standing in the way of innovation is purely hypothetical, the prospect of a government regulator standing in the way of innovation is nigh inevitable. Those with political connections will have their way and any innovation that threatens them will be stamped out. Today’s innovator is tomorrow’s entrenched interest.

A few brave innovators may try to run the FCC gauntlet, but, for the most part, technology companies will avoid costly battles with government regulators. Rather than innovating, they will simply adopt a policy that they know will pass muster. And that means treating every packet the same.

That’s why Cerf is wrong. His internet expertise is unquestioned, but his faith in government regulators is naive. Empowering a government agency to pass judgement on future internet innovation is a terrible idea.

(Previous post.)

UPDATE: Cerf responds.

Google has been collecting data on internet traffic passing over personal wi-fi networks:

Google Inc. said an internal investigation has discovered that the roving vans the company uses to create its online mapping services were mistakenly collecting data about websites people were visiting over wireless networks.

The Internet giant said it would stop collecting Wi-Fi data from its StreetView vans, which workers drive to capture street images and to locate Wi-Fi networks. The company said it would dispose of the data it had accidentally collected.

Alan Eustace, senior vice president of engineering and research for Google, wrote in a blog post that the company uncovered the mistake while responding to a German data-protection agency’s request for it to audit the Wi-Fi data, amid mounting concerns that Google’s practices violated users’ privacy.

Google had previously said it was collecting the location of Wi-Fi hot spots from its StreetView vehicles, but not the information being transmitted over those networks by users.

“It’s now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) Wi-Fi networks, even though we never used that data in any Google products,” wrote Mr. Eustace. “We are profoundly sorry for this error and are determined to learn all the lessons we can from our mistake.”

They say it was accidental, and maybe it was (although we have no way to know). But that doesn’t let them off the hook. Even in the most benign reading, this is a company that collects so much data that it can accidentally spy on you.

I also think they need to explain in greater detail how they are going to dispose of the data.

I guess I should have expected this. If you’re determined to nationalize the internet, why let defeat in Congress and in court stop you?

The U.S. could regain its authority to pursue both network neutrality and widespread access to broadband by formally reclassifying Internet access as “telecommunications services,” a former adviser to President Obama said in a published report on Sunday.

Susan Crawford, who was a special assistant to the President for science, technology and innovation policy, wrote in the New York Times that, before it can reclassify Internet access, the U.S. Federal Communications Commission has to prove “good reason”. . .

Crawford said if Internet access is reclassified as “telecommunications services” rather than as “information services,” it would make it easier to tell providers of high-speed Internet access what to do.

(Previous post.)

The Economist reports:

Barack Obama was asked when he was in Copenhagen whether a provision by which countries could peek into each others’ assessment processes was strong enough to be sure there was no cheating. He answered reassuringly that “we can actually monitor a lot of what takes place through satellite imagery”. That statement conjured up thoughts of the sort of cold-war satellite system that America used to identify and count Russian missiles. But the president was being a bit previous; at the moment, no such system exists, because America’s Orbiting Carbon Observatory (OCO), a satellite that would have fulfilled the role, was lost on launch this time last year.

(Emphasis mine.)

It’s good to know that the president is making decisions based on the best scientific advice.

Wired reports:

A data breach at the National Archives and Records Administration is more serious than previously believed. It involved sensitive personal information of 250,000 Clinton administration staff members, job applicants and White House visitors, as well as the Social Security number of at least one daughter of former Vice President Al Gore.

The data, which included more than 100,000 Social Security numbers, was stored on a computer hard drive that the NARA discovered missing last April from a data processing room in Maryland. It’s unknown if the drive was lost or stolen. . .

The NARA was harshly criticized for another potential data breach it may have suffered involving the records of 70 million U.S. military veteran. The records were on a defective hard drive that the agency sent to the drive vendor for repair. The agency failed to delete data on the drive before sending it to the vendor. When the vendor determined the drive couldn’t be repaired, it passed the drive to another company for recycling.

But don’t worry, they’ll be much more careful with our medical records.

(Via Instapundit.)

LED traffic lights save electricity, but they generate less heat. That is a problem in colder climates: the cold bulbs allow snow and ice to accumulate and obscure the light. This is being blamed for a fatal accident in Oswego, Illinois. The solution being adopted is to send out road crews to clean the lights, which eliminates some or all of the cost savings. But at least they’re creating “green jobs”!

THERMODYNAMIC POSTSCRIPT: Above I said “but they generate less heat”, but I could just as well have said “because they generate less heat”. All the energy a bulb uses has to go somewhere. LED’s use less electricity precisely because they don’t generate as much waste heat. (LEDs also don’t waste energy on light invisible to the human eye, but I don’t think that’s much of a factor.)

LEDs and fluorescent bulbs are cold by design. Traffic light failures are a dramatic consequence, but there is a more commonplace one. In a home that uses electric heat, LEDs and fluorescent bulbs will save no energy during the heating months. Any heat that is not generated by lighting will be made up joule-for-joule by electric heaters, coming out precisely even. As a result, estimates of the energy saved by such lighting are substantially overstated (again, in homes with electric heat).

(Via Volokh.)

I’ve written on this blog before (here and here) that I am against network neutrality, because it is a technically flawed and almost universally misunderstood solution to an as-yet nonexistent problem.

Now people are beginning to call for “search neutrality”. Technically there is no relation at all between network and search neutrality, but the two are likely to become politically entangled. The idea to search neutrality is that search providers (i.e., Google) ought not use their power deliberately to direct customers to some services in which they have a financial interest (particularly theirs) over others.

There are two immediate differences we can observe between search neutrality and network neutrality. First, there are no technical problems with search neutrality. Unlike network neutrality, search neutrality would not hurt network performance or stifle innovation. Second, search neutrality is targeted at a problem that actually exists. Google does use its search influence to direct customers to its own services.

Is search neutrality therefore a good idea? That’s not so clear.

Generally I’m against government intervention in the marketplace, but I make an exception in the case of monopolistic (and oligopolistic) behavior. It is appropriate for the government to take action to protect individuals in non-competitive markets. Of course, in most cases, monopolies exists because of the action of the government. In such cases, the government should simply remove the barriers to entry that it has erected itself. There also exists a few instances of natural monopolies, typically utilities. The science of regulating public utilities to ensure efficient resource allocation is fairly well-understood.

Then there’s the rarest of all cases, in which a company establishes a dominant position through superior business practices or technical insight that, for some reason, other companies are unable to duplicate. It’s impossible to make any universal rule in such a case, but I would make two related observations: First, the government always seems to overreact in such circumstances. (Witness the government’s persecution of IBM and the ham-handed AT&T breakup.) Second, such circumstances are invariably far more temporary than people seem to suppose.

On general libertarian principles, I’m against forcing Google to order its search results in any fashion other than how they choose. With a 65% market share, Google isn’t a monopolistic player yet, so there’s no need yet to contemplate an exception on such grounds. Furthermore, it would be very hard to fashion a rule that would prevent search rigging while permitting legitimate innovation.

On the other hand, Google should be pressured to reveal their methodology. Their official blog contains a weak explanation of why their purported dedication to openness does not apply to their search algorithm. Basically they say that their page-ranking algorithm is not robust (my words, not theirs) and publishing it would make it easy for people to manipulate it. That might be so. But there is no reason why they shouldn’t publish the exceptions they make to their page-ranking algorithm. The only reason I see for keeping the exceptions secret is their publication might make Google look bad.

(Via Big Government.)

POSTSCRIPT: When I say that Google isn’t a monopolistic player yet, I’m referring of course to web search. They are a monopolistic player in the business of stealing books. Astonishingly, a federal court has not only given Google approval to steal copyrighted books, it has also made Google the only one that can do so. (Again, most monopolies exist due to government action.) There’s also other good reason to dislike Google, such as its growing record of censorship. So if Google did face some government persecution, my sympathy for them would be limited.

(Previous post.)

The internet chapter of the Anti-Counterfeiting Trade Agreement has leaked, and it’s as bad as many have suspected. BoingBoing summarizes:

• ISPs have to proactively police copyright on user-contributed material. This means that it will be impossible to run a service like Flickr or YouTube or Blogger, since hiring enough lawyers to ensure that the mountain of material uploaded every second isn’t infringing will exceed any hope of profitability.
• ISPs have to cut off the Internet access of accused copyright infringers or face liability. This means that your entire family could be denied to the internet — and hence to civic participation, health information, education, communications, and their means of earning a living — if one member is accused of copyright infringement, without access to a trial or counsel.
• The whole world must adopt US-style “notice-and-takedown” rules that require ISPs to remove any material that is accused — again, without evidence or trial — of infringing copyright. This has proved a disaster in the US and other countries, where it provides an easy means of censoring material, just by accusing it of infringing copyright.
• Mandatory prohibitions on breaking DRM, even if doing so for a lawful purpose (e.g., to make a work available to disabled people; for archival preservation; because you own the copyrighted work that is locked up with DRM).

(Via Instapundit.) The EFF has more.

This treaty is being negotiated in secret by the Obama administration, citing national security, if you can believe that:

Last September, the Bush administration defended the unusual secrecy over an anti-counterfeiting treaty being negotiated by the U.S. government, which some liberal groups worry could criminalize some peer-to-peer file sharing that infringes copyrights.

Now President Obama’s White House has tightened the cloak of government secrecy still further, saying in a letter this week that a discussion draft of the Anti-Counterfeiting Trade Agreement and related materials are “classified in the interest of national security pursuant to Executive Order 12958.”

Got that? An international treaty is classified due to national security. If that weren’t already a load of crap, the negotiations aren’t so sensitive that they couldn’t invite comment from 42 outside lawyers.