The Internet Is Not .gov’s to Regulate
Imagine that Congress passed a law setting up a procedure that could require ordinary citizens like you to remove telephone numbers from your phone book or from the “contacts” list in your phone. What about a policy that cut off the phone lines to an entire building because some of its tenants used the phone to plot thefts or fraud? Would it be okay with you if the user of the numbers coming out of your phone records or the tenants of the cut-off building had been adjudged “rogue” users of the phone?
Cutting off phone lines is the closest familiar parallel to what Congress is considering in two bills nicknamed “SOPA” and “PIPA”—the “Stop Online Piracy Act” and the “PROTECT IP Act.”
Julian Sanchez has vigorously argued several points about these bills. Here, I’ll try to describe what they try to do to the Internet.
Simplifying, every computer and server has an IP (or “Internet Protocol”) address, which is a set of numbers that uniquely identify its location on the Internet. The IP address for the server hosting Cato’s Spanish language site, elcato.org, for example, is 67.192.234.234.
Now, these numbers are hard to remember, so there is a system that translates IP addresses into something more familiar. That’s the domain name system, or “DNS.” The domain name system takes the memorable name that you type into the address bar of your computer, such as elcato.org, and it looks up the IP address so you can be forwarded along to the IP address of your choice.
One of the major ideas behind SOPA and PIPA is to cut Internet sites that violate copyright out of the domain name system. No longer could typing “elcato.org” get you to the Web site you wanted to visit. Much of the debate has been about the legal process for determining whether to strike out a domain name.
But preventing a domain name lookup doesn’t take the site off the Internet. It just makes it slightly harder to access. You can prove it to yourself right now by copying “67.192.234.234″ (without the quotes) and plugging it into your address bar. (The Internet is complicated. Some of you might be directed to other Cato sites.) Then come back here and read on, por favor!
The government would require law-abiding citizens to “black out” phone numbers—or Internet service providers to do the same with domain names—for this little effect on wrongdoing? It doesn’t make sense. The practical burdens on the law-abiding Internet service provider would be large. “Blacking out” an entire building—just like a Web site—would cut off the lawful communications right along with the unlawful ones. It’s through-the-looking-glass information control, with enormous potential to obstruct entirely lawful communications and impinge on First Amendment rights.
Which is why many Web sites today are “blacking out” in protest. In various ways, sites like Craigslist.org, Wikipedia, and many others are signaling to their visitors that Congress is threatening the core functioning of the Internet with bills like SOPA and PIPA. And threatening all of our freedom to communicate.
The Internet is not the government’s to regulate. It is an agreement on a set of protocols—a language that computers use to talk to one another. That language is the envelope in which our communications—our First-Amendment-protected speech—travels in hundreds of different forms.
The Internet community is growing in power. (Let’s not be triumphal—government authorities will use every wile to maintain control.) Hopefully the people who get engaged to fight SOPA and PIPA will recognize the many ways that the government regulates and limits information flows through technical means. The federal government exercises tight control over electromagnetic spectrum, for example, and it claims authority to impose public-utility-style regulation of Internet service provision in the name of “net neutrality.”
Under the better view—the view of freedom behind opposition to SOPA and PIPA—these things are not the government’s to regulate.
The FCC Should Not Regulate the Internet
The FCC moves forward with a proposal to regulate Internet service today. It’s a bad idea.
The one thing that pleases me about the ongoing debate over Internet regulation is the durability of Tim Lee’s November, 2008 Cato Policy Analysis, “The Durable Internet: Preserving Network Neutrality without Regulation.” My introduction of it is a good synopsis.
The arguments against government regulation in the name of “net neutrality” have not changed: A good engineering principle is not made better if dogmatized and given to lawyers and bureaucrats to enforce as law. The FCC and its regulatory regime are almost sure to be captured by major ISPs and turned to their benefit, used to suppress competition and blunt innovation.
A premise of net neutrality regulation—and much other regulation—is that consumers can’t be relied on to defend their own interests. Taking that premise, which I don’t, it follows that regulators must step in. But that syllogism skips over an additional premise: that regulators can do a better job.
The Istituto Bruno Leoni (Italy) recently published a terrific paper by Slavisa Tasic (a former Cato intern) that applies the insights of behavioral economics to regulators. Academics have typically used behavioral economics to illustrate the fallibility of market actors, but Tasic turns the tables. The paper is called “Are Regulators Rational?”, and it examines the cognitive biases that are likely to produce flawed decision-making on the part of regulators.
Yes, it’s tit-for-tat to the attack on markets implicit in behavioral economics, but it’s a sound and fair paper that opens new insights onto regulation. This is a good time to do that. Too many take it as an article of faith that the FCC will do better than consumers at protecting consumers’ interests.
This is also a good time to remember that the FCC is our national censor. The U.S. government’s censorious reaction to l’affaire WikiLeaks should serve as counsel to people who would subject Internet service providers to even greater federal regulation. Regulated ISPs will be more compliant with government speech controls.
It’s a point worth emphasizing: Regulated ISPs will be more compliant with government speech controls.
For these reasons, in addition to the ones that have come before, federal regulation of the Internet is a bad idea.
GAO: HHS Imposed an “Unusual” Prior Restraint on Speech during ObamaCare Debate
During the debate over ObamaCare, the Centers for Medicare & Medicaid Services took issue with some of the things that some of the insurers participating in the Medicare Advantage program were telling their enrollees about the legislation. The Government Accountability Office has just released a review of CMS’s conduct in that episode:
Although CMS’s actions generally conformed to its policies and procedures, the September 21, 2009, memorandum instructing all MA organizations to discontinue communications on pending legislation while CMS conducted its investigation was unusual. Officials from the MA organizations and CMS regional offices that we interviewed told us they were unaware of CMS ever directing all MA organizations to immediately stop an activity before CMS had determined whether that activity violated federal laws, regulations, or MA program guidance. When asked about this directive, officials from CMS’s central office stated that, given the degree of potential harm to beneficiaries, the action was appropriate for the circumstances….
HHS expressed concern that our description of the September 21, 2009, memorandum as “unusual” makes it appear as though their suspension of all MA organizations’ communications on pending health reform legislation was inappropriate. It noted that directing an MA organization to immediately stop an activity while the agency determined whether violations had occurred was infrequent but not unprecedented…. We believe that the example provided—wherein CMS put its data collection activities on hold until the agency resolved concerns with interpretation of its own regulations—is not comparable to CMS instructing all MA organizations to stop sending information about health reform proposals to beneficiaries while it investigated potential violations. Moreover, our characterization of CMS’s action as unusual is based on discussions with MA organizations and CMS staff. They told us that they could not recall a previous example where CMS told all plans to stop an activity after a potential violation was discovered and prior to the completion of an agency investigation.
For the record, CMS lacked (and still lacks) a Senate-confirmed administrator. It’s worth asking whether this prior restraint placed on speech critical of the administration came from Secretary of Health and Human Services Kathleen Sebelius, who is making quite a name for herself as an enemy of free speech.
Sebelius: Anonymous Political Speech ‘Dangerous’
In all of Washington, is there a greater enemy of free speech than Secretary of Health and Human Services Kathleen Sebelius?
- Her department is forcing millions of Americans to finance speech that they oppose, by using taxpayer dollars to broadcast (misleading) television ads that promote ObamaCare.
- She is using the powers granted her under ObamaCare to threaten insurers with bankruptcy if they publicly disagree with her about the law’s cost.
- Now, she is decrying the growth of anonymous political speech in congressional campaigns.
Would that coerced speech, or government suppression of speech, troubled her as much as anonymous speech.
More Censorship in Venezuela
More than 16,000 murders occurred in Venezuela in 2009. That compares with 4,550 homicides reported in 1998, the year Hugo Chavez was elected president. The fact that Venezuela now has one of the world’s highest violent crime rates underscores the Chavez revolution’s utter neglect of the basic and proper functions of government.
Yet the problem is downplayed by the government, which inexplicably blames capitalism and poverty even though official figures show a fall in poverty rates. As if to highlight the government’s insensitivity, the president of state-run TeleSUR TV station recently laughed off the problem in a widely-seen CNN interview.
Last week, El Nacional newspaper published this graphic front-page photo of crime victims in a morgue. The official response from a government-controlled court has been to ban media from publishing violent images for one month. Thus, today El Nacional ran the front-page photo below, which reads “Censored” in the space where photos should be. The way the Bolivarian Revolution is going, Venezuelans can expect the government to continue resolving social problems in the same way.
The Ecuadorian Government’s Campaign against the Free Press
The World Cup is over but not the Ecuadorian government’s propaganda campaign vilifying the free press.
For those Ecuadorians who don’t have Direct TV, but only have cable TV or the local network channels, the only place to have watched the much-awaited matches was on one of the state-owned TV stations and with constant state propaganda. (You can watch the videos depicting the private press as a snake or as shooting bullets coming out of the TV here, here, here and here.)
When I say constant, I might be understating the frequency: according to Infomedia — a media monitoring company— during the weekend of June 18-20 these ads were broadcasted 414 times for a total of 7,988 seconds or 133 minutes.
To make matters worse, the ads continue to be aired at the same time the not-so-independent National Assembly is debating a new communications law that would create a Communications Council — controlled by the executive branch — with the power to impose severe sanctions on radio and TV stations and newspapers.
For starters, the proposed law contains this contradictory statement in its preamble:
Every person . . . has the right to . . . search, receive, exchange and distribute information that is truthful, appropriate, contextualized, plural and without previous censorship. . .
Of course, it will be up to the council to decide what is truthful (and appropriate, contextualized and plural, whatever that means).
Remember, the FCC Is Our National Censor
Amid charge and countercharge about who is shilling for whom in the debate over Internet regulation, Peter Suderman has the right focus in a short piece on Reason‘s Hit & Run blog. The Federal Communications Commission’s Chairman is claiming that he only wants to regulate the Internet’s infrastructure, but one of his colleagues, Commissioner Michael Copps, is non-denying that he wants to censor the Internet.
There may be exceptions, but it’s usually pretty safe to assume that anytime a politician or bureaucrat dodges a question while calling for “a national discussion about” the proposal at hand, what he or she really means is, “I want to indicate that I support this idea without actually going on record as supporting it.”
The FCC does censorship. It’s unfortunate to see willful disregard of this by the folks wanting to install the FCC as the Internet’s regulator.
What Censorship Looks Like
The Chinese government has issued instructions to media outlets telling them how they may report on the decision of Google to discontinue providing censored search results in China.
Socialists Shouldn’t Have to Admit Libertarians Into Their Club
Hastings College of the Law, a public law school in California, has a policy prohibiting discrimination on the basis of “race, color, religion, national origin, ancestry, disabilities, age, sex or sexual orientation.” In 2004, the Christian Legal Society, a religious student organization at the school, applied to become a “recognized student organization” — a designation that would have allowed CLS to receive a variety of benefits afforded to about 60 other Hastings groups. While all are welcome to attend CLS meetings, CLS’s charter requires that its officers and voting members abide by key tenets of the Christian faith and comport themselves in ways consistent with its fundamental mission, which includes a prohibition on “unrepentant” sexual conduct outside of marriage between one man and one woman.
Hastings denied CLS registration on the asserted ground that this charter conflicts with the school’s nondiscrimination policy. CLS sued Hastings, asking for no different treatment than is given to any registered student group. The district court granted Hastings summary judgment and the Ninth Circuit affirmed. The Supreme Court granted certiorari to determine whether Hastings’s refusal to grant CLS access to student organization benefits amounted to viewpoint discrimination, which is impermissible under the First Amendment.
Yesterday Cato filed an amicus brief supporting CLS — authored by preeminent legal scholar Richard Epstein – in which we argue that CLS’s right to intimate and expressive association trump any purported state interest in enforcing a school nondiscrimination policy. While Hastings may impose reasonable restrictions on access to limited public forums, it should not be allowed to admit speakers with one point of view while excluding speakers who hold different views. Our brief also discredits Hastings’s assertion that its ability to exclude the public at large from school premises renders their content-based speech restrictions constitutional.
We urge the Court to safeguard public university students’ right to form groups – which by definition exclude people – free from government interference or censorship. (Of course, our first choice would be for the government to get out of the university business and our second choice would be to stop forcing taxpayers to pay for student clubs, but given those two realities — as in the case at hand – freedom of association is the way to go.)
Surveillance, Security, and the Google Breach
Yesterday’s bombshell announcement that Google is prepared to pull out of China rather than continuing to cooperate with government Web censorship was precipitated by a series of attacks on Google servers seeking information about the accounts of Chinese dissidents. One thing that leaped out at me from the announcement was the claim that the breach “was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.” That piqued my interest because it’s precisely the kind of information that law enforcement is able to obtain via court order, and I was hard-pressed to think of other reasons they’d have segregated access to user account and header information. And as Macworld reports, that’s precisely where the attackers got in:
That’s because they apparently were able to access a system used to help Google comply with search warrants by providing data on Google users, said a source familiar with the situation, who spoke on condition of anonymity because he was not authorized to speak with the press.
This is hardly the first time telecom surveillance architecture designed for law enforcement use has been exploited by hackers. In 2005, it was discovered that Greece’s largest cellular network had been compromised by an outside adversary. Software intended to facilitate legal wiretaps had been switched on and hijacked by an unknown attacker, who used it to spy on the conversations of over 100 Greek VIPs, including the prime minister.
As an eminent group of security experts argued in 2008, the trend toward building surveillance capability into telecommunications architecture amounts to a breach-by-design, and a serious security risk. As the volume of requests from law enforcement at all levels grows, the compliance burdens on telcoms grow also—making it increasingly tempting to create automated portals to permit access to user information with minimal human intervention.
The problem of volume is front and center in a leaked recording released last month, in which Sprint’s head of legal compliance revealed that their automated system had processed 8 million requests for GPS location data in the span of a year, noting that it would have been impossible to manually serve that level of law enforcement traffic. Less remarked on, though, was Taylor’s speculation that someone who downloaded a phony warrant form and submitted it to a random telecom would have a good chance of getting a response—and one assumes he’d know if anyone would.
The irony here is that, while we’re accustomed to talking about the tension between privacy and security—to the point where it sometimes seems like people think greater invasion of privacy ipso facto yields greater security—one of the most serious and least discussed problems with built-in surveillance is the security risk it creates.
Mistaken Moral Equivalency
Former Google executive turned Obama administration deputy chief technology officer Andrew McLaughlin made some unfortunate comments at a law school technology conference last week equating private network management to government censorship as it is practiced in China.
By many accounts, President Obama’s visit to China was unimpressive. It apparently included a press conference at which no questions were allowed and government censorship of the president’s anti-censorship comments. On its heels, McLaughlin equated Chinese government censorship with network management by U.S. Internet service providers.
“If it bothers you that the China government does it, it should bother you when your cable company does it,” McLaughlin said. That line is wrong on at least two counts.
First, your cable company doesn’t do it. There have been two cases in which ISPs interfered with traffic in ways that are generally regarded as wrongful. Comcast slowed down BitTorrent file sharing traffic in some places for a period of time, did a poor job of disclosing it, and relented when the practice came to light. (People who don’t know the facts will argue that the FCC stepped in, but market pressures had solved the problem before the FCC did anything.) The second was a 2005 case in which a North Carolina phone company/ISP called Madison River Communications allegedly blocked Vonage VoIP traffic.
In neither of these anecdotes did the ISP degrade Internet traffic because of its content—because of the information any person was trying to communicate to another. Comcast was trying to make sure that its customers could get access to the Internet despite some bandwidth hogs on its network. Madison River was apparently trying to keep people using its telephone lines rather than making Internet phone calls. That’s a market no-no, but not censorship.
Second, if the latter were happening, Chinese government censorship and corporate censorship would have no moral equivalency. In a free country, the manager of a private network can say to customers, “You may not transmit certain messages over our network.” People who don’t like that contract term can go to other networks, and they surely would. (Tim Lee’s paper, The Durable Internet: Preserving Network Neutrality Without Regulation, shows that ownership of networks and platforms does not equate to control of their content.)
When the government of China forces networks and platforms to remove content that it doesn’t like, that demand comes ultimately from the end of a gun. Governments like China’s imprison and kill their people for expressing disfavored views and for organizing to live freer lives. This has no relationship to cable companies’ network management practices, even when these ISPs deviate from consumer demand.
McLaughlin is a professional colleague who has my esteem. I defended Google’s involvement in the Chinese market during his tenure there. But if he lacks grounding in the fundamentals of freedom—thinking that private U.S. ISPs and the Chinese government are part of some undifferentiated mass of authority—I relish the chance to differ with him.
Some Thoughts on the New Surveillance
Last night I spoke at “The Little Idea,” a mini-lecture series launched in New York by Ari Melber of The Nation and now starting up here in D.C., on the incredibly civilized premise that, instead of some interminable panel that culminates in a series of audience monologues-disguised-as-questions, it’s much more appealing to have a speaker give a ten-minute spiel, sort of as a prompt for discussion, and then chat with the crowd over drinks.
I’d sketched out a rather longer version of my remarks in advance just to make sure I had my main ideas clear, and so I’ll post them here, as a sort of preview of a rather longer and more formal paper on 21st century surveillance and privacy that I’m working on. Since ten-minute talks don’t accommodate footnotes very well, I should note that I’m drawing for a lot of these ideas on the excellent work of legal scholars Lawrence Lessig and Daniel Solove (relevant papers at the links). Anyway, the expanded version of my talk after the jump:
Cato on Facebook
Cato on Twitter
Cato on Google+
Cato on YouTube
