Cybersecurity is a conundrum. Despite a decade of sustained attention from scholars, legislators, military officials, popular media, and successive presidential administrations, little if any progress has been made in augmenting Internet security. Current scholarship on cybersecurity is bound to ill-fitting doctrinal models. [...]]]> Cybersecurity is in the news: a network intrusion allegedly interfered with railroad signals in the Northwest in December; the Obama administration refused to support the Stop Online Piracy Act due to worries about interfering with DNSSEC; and the GAO concluded that the Department of Homeland Security is making things worse by oversharing. So, I’m fortunate that the Minnesota Law Review has just published the final version of Conundrum (available on SSRN), in which I argue that we should take an information-based approach to cybersecurity:

Cybersecurity is a conundrum. Despite a decade of sustained attention from scholars, legislators, military officials, popular media, and successive presidential administrations, little if any progress has been made in augmenting Internet security. Current scholarship on cybersecurity is bound to ill-fitting doctrinal models. It addresses cybersecurity based upon identification of actors and intent, arguing that inherent defects in the Internet’s architecture must be remedied to enable attribution. These proposals, if adopted, would badly damage the Internet’s generative capacity for innovation. Drawing upon scholarship in economics, animal behavior, and mathematics, this Article takes a radical new path, offering a theoretical model oriented around information, in distinction to the near-obsession with technical infrastructure demonstrated by other models. It posits a regulatory focus on access and alteration of data, and on guaranteeing its integrity. Counterintuitively, it suggests that creating inefficient storage and connectivity best protects user capabilities to access and alter information, but this necessitates difficult tradeoffs with preventing unauthorized interaction with data. The Article outlines how to implement inefficient information storage and connectivity through legislation. Lastly, it describes the stakes in cybersecurity debates: adopting current scholarly approaches jeopardizes not only the Internet’s generative architecture, but also key normative commitments to free expression on-line.

Conundrum, 96 Minn. L. Rev. 584 (2011).

Cross-posted at Info/Law.

There was exciting news from the Supreme Court yesterday.  By a rare 9-0 vote, in United States v. Jones, No. 10-1259, the Court held that the Government should have obtained a warrant before placing a GPS surveillance device on the defendant’s car and monitoring his movements.  This result was not completely unexpected, especially considering the Justices’ interest at oral argument in the Government’s position that GPS surveillance technology could be used without a warrant to track the movements of any car — even the Justices’ own cars — for an unlimited period of time.  The Government argued —  unsuccessfully — that this result was compelled because citizens have no privacy interests in their [...]]]> By Priscilla Smith, Nabiha Syed & Albert Wong, Information Society Project at Yale Law School

There was exciting news from the Supreme Court yesterday.  By a rare 9-0 vote, in United States v. Jones, No. 10-1259, the Court held that the Government should have obtained a warrant before placing a GPS surveillance device on the defendant’s car and monitoring his movements.  This result was not completely unexpected, especially considering the Justices’ interest at oral argument in the Government’s position that GPS surveillance technology could be used without a warrant to track the movements of any car — even the Justices’ own cars — for an unlimited period of time.  The Government argued —  unsuccessfully — that this result was compelled because citizens have no privacy interests in their public movements.

Of particular note, the three opinions in the case and the unusual line-up make for a broader ruling than is apparent at the outset.  The most narrow rule comes from the Court’s opinion written by Justice Scalia and joined by Justices Roberts, Kennedy, Thomas, and — wait for it — Sotomayor, holding that that “the Government’s installation of a GPS device on a target’s vehicle,² and its use of that device to monitor the vehicle’s movements, constitutes a “search.”  Slip op. at 3.  Scalia notes that the Fourth Amendment protects the “right of the people to be secure in their . . . effects,” and it “is beyond dispute that a vehicle is an ‘effect’ as that term is used in the [Fourth] Amendment.”  Id. at 3.  Ergo, he holds the installation done with the intent to “use … th[e] device to monitor the vehicle’s movements” was a search.  Id. at 3.  He describes the action at issue, saying “[t]he Government physically occupied private property for the purpose of obtaining information.”  He holds that since this form of physical trespass and monitoring would have been a search within the meaning of the Fourth Amendment at the time it was adopted, it is a search now.  Hello, original application guy.

On first glance, it seems that Scalia might be returning to old interpretations of the Fourth Amendment that required a physical trespass to have occurred before an action could be considered a search.  But what Scalia is actually doing here is defining the Court’s task, which is “at a minimum, is to decide whether the action in question would have constituted a ‘search’ within the original meaning of the Fourth Amendment,” and because it would have, it is a search now.  Just because in 1967 Katz said that the Fourth Amendment protects more than physical trespass, doesn’t mean that the Fourth Amendment doesn’t protect physical trespass.  See slip op. at 6-7 (noting Katz did not erode the principle that a search occurs where the Government “does engage in physical intrusion of a constitutionally protected area in order to obtain information.”) (emphasis in original).  So Scalia establishes and emphasizes a threshold for determining when a search has occurred — a threshold that is not comprehensive, but sufficient to resolve the issue at hand.

And thus Scalia declines to go further and consider what would happen if, hypothetically, there was no physical trespass.  He does hold open the possibility that “achieving the same result through electronic means [as they achieved here with physical trespass], without an accompanying trespass, is an unconstitutional invasion of privacy.”  Id. at 11.  Simple enough.  Why decide the harder issue with all its accompanying “vexing problems” that would arise in a case involving electronic surveillance without an accompanying trespass?  Scalia argues that there is no reason to “rush forward” to resolve them now.  Slip op. at 12.  Put aside for a minute that he encouraged the Court in United States v. Kyllo, a case holding that the use of heat-seeking technology required a warrant, to adopt rules that “take account of more sophisticated systems that are already in use or in development,” Kyllo, 533 U.S. at 37.

But Scalia has a problem.  As he points out, in its opinion in United States v. Knotts, the Court upheld the use of beeper technology to track a target’s movements, holding there was no invasion of privacy.  He distinguishes Knotts from this case because Knotts did not involve physical trespass. The beeper there was placed inside a container with consent of the then-owner of the container, and only then was the container placed in the driver’s car.  Moreover, Knotts didn’t challenge the installation.  Right.  But the Court didn’t decide there was no search in Knotts based on an absence of a physical trespass; the Court decided the case holding there was no invasion of privacy.  So shouldn’t Scalia explain to us why he holds open the possibility that “achieving the same result through electronic means [as they achieved here with physical trespass], without an accompanying trespass, [like they did in Knotts] is an unconstitutional invasion of privacy?”  Id. at 11.  Saying that GPS is a different technology, as he does in a footnote, is not enough.  Doesn’t he owe us an explanation of why Knotts doesn’t preclude that possibility, as the Government so vehemently argued it did and the Ninth Circuit in a similar case agreed?  See Pineda-Moreno v. United States.

Of course he does — or so says Justice Alito, with Justices Ginsburg, Breyer and Kagan joining.  See Alito’s concurrence, slip op. at 13.  In fact, not only did Alito think the Court should reach the Katz expectation of privacy test, he didn’t buy the physical trespass holding at all, and lists its many flaws.  Justice Alito then evaluates the GPS surveillance here, noting that “devices like the one used in the present case … make long-term monitoring relatively easy and cheap.”  “[T]he best we can do in this case,” reasons Alito, “is to apply existing Fourth Amendment doctrine” and “ask whether the use of GPS tracking in a particular case involved a degree of intrusion that a reasonable person would not have anticipated.”  Alito at 13.  Under this inquiry, “the use of longer term GPS monitoring in investigations of most offenses impinges on expectations of privacy,” because “society’s expectation has been that law enforcement agents and others would not — and indeed, in the main, simply could not — secretly monitor and catalogue every single movement of an individual’s car for a very long period.”  Id.  Now, Justice Alito recognizes the “degree of circularity” inherent in Katz’s expectation of privacy test — i.e., the problem that, if read literally, the test would permit a situation in which the government takes away your privacy so that one no longer has an“expectation” of it — and in so doing, one no longer has a constitutionally protected interest in it.  Hello, 1984.  Unfortunately, though, his concurrence does nothing to address, and instead relies exactly on, that circular part of it — the intrusion you would or would not have anticipated.  The concurrence is also remarkably skimpy in its explication of why exactly the surveillance is “intrusive” — you know, the point that is the actual crux of the case.

The only Justice who doesn’t avoid the issues is Justice Sotomayor.  Although she joins the narrow majority opinion because she buys Scalia’s argument that the physical trespass here suffices to decide the case, she writes separately to make clear that “physical intrusion is now unnecessary to many forms of surveillance,” her slip op. at 2, a statement that Scalia certainly does not deny.

Moreover, and making this a much broader ruling than it appears on first glance, unlike Scalia, Sotomayor explains the distinction between Jones and Knotts.  She agrees with the Alito Four that “’longer term GPS monitoring in investigation of most offenses impinges on expectations of privacy.’”  Sotomayor concurrence at 3, quoting Alito concurrence at 13.  Rather than relying on whether citizens “anticipate” invasions of their privacy, her opinion reflects the concerns of the D.C. Circuit, New York Court of Appeals, and C.J. Kozinski writing in dissent from denial of rehearing en banc in a similar case in the Ninth Circuit, that the information collected by GPS monitoring generates a “comprehensive record of a person’s public movements that reflects a wealth of detail about her familial, political, professional, religious, and sexual associations.”  Id. at 3.  (In fact, unless we missed something, she appears to be the only one who cites to Chief Judge Kozinski’s dissenting opinion in the Pineda-Moreno case; no one seems to cite the DC Circuit opinion, scared off perhaps by some folks’ misplaced railing against its “mosaic” language).  She further discusses the concerns raised in a brief filed by some of us at the ISP on behalf of a group of privacy scholars that GPS surveillance, as she says, “evades the ordinary checks that constrain abusive law enforcement practices” and is susceptible to abuse, and that awareness of government monitoring chills associational and expressive freedoms.  Id.  She summarizes:

I would also consider the appropriateness of entrusting to the Executive, in the absence of any over­sight from a coordinate branch, a tool so amenable to misuse, especially in light of the Fourth Amendment’s goal to curb arbitrary exercises of police power to and prevent “a too permeating police surveillance,” United States v. Di Re, 332 U. S. 581, 595 (1948).

Finally, Sotomayor suggests a more fundamental change in the jurisprudence to “reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties,” and notes that the rule is “ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks,” Sotomayor at 5, questioning the notion at the heart of the rule that “secrecy [is] a prerequisite to privacy.”

The long and the short of it is that by agreeing with the Alito Four that the use of GPS surveillance technology for a prolonged period violates a reasonable expectation of privacy, Sotomayor’s concurrence means that five justices agree to veer away from the inside/outside distinction relied upon by the Government.  It seems that we may have some privacy interests in our public movements after all.

It’s difficult to see how the group and its various permutations warrant the breathless admiration of journalists who dub them “hacktivists.”  A little step back to the [...]]]> I’d like to pick up on Olivier Sylvain’s post on the cyber mob Anonymous and take it in a slightly different direction.  Let’s step back to get a sense of the group dubbed Anonymous. The group originated on 4Chan’s /b/ forums and now has a serious presence on the wiki Encyclopedia Dramatica, YouTube, and Internet Relay Chat forums.  The group may now compromise several groups with different aims (see here for a discussion of splinter group more interested in so-called “pranks”, or in my view bigoted attacks, than strident “political activism” like DDos on PayPal, Visa, and the like).

It’s difficult to see how the group and its various permutations warrant the breathless admiration of journalists who dub them “hacktivists.”  A little step back to the original hackers of the early 1960s.  As Howard Rheingold explains (and Patricia Wallace concurs in her work), the term was coined to describe people who “create computer systems.”  The first people to call themselves hackers ascribed to an informal social contract called the “hacker ethic.”  This ethic included these principles:

“Access to computers should be unlimited and total.  Always yield to the Hands-On Imperative.  All information should be free.  Mistrust authority–promote decentralization.”

The original hackers were motivated by altruistic concerns.  Indeed, we owe a debt of gratitude to their broader community for helping design the Internet.  Our guest blogger and celebrity computer scientist Steve Bellovin was a key player in that community: in 1979, Bellovin, then at UNC for graduate school, and Jim Ellis and Tom Truscott, Duke grad students, created the first link between Duke and UNC, which later became Usenet, the oldest global virtual community.

Let’s compare the original hackers to the group(s) Anonymous, which exemplifies the destructive side of cyber anonymity.  From its beginnings, the group took its name because it believes its collective identity serves as a mask, letting them do and say things that would otherwise be out of bounds.  According to a YouTube posting from a group member, “We are Anonymous, a “people devoid of any type of soul or conscience” who form “a nameless, faceless, unforgiving mafia”—“we ruin the lives of other people simply because we can.”  Anonymous members describe themselves as “unencumbered by pointless ethics, foolish moralities, or arbitrary laws or restrictions.”  When Anonymous members engage in offline “raids,” they hide behind the Guy Fawkes mask design made famous by the film of Alan Moore’s graphic novel V for Vendetta.

The group (or part of it) has been rightly called an “Internet Hate Machine.”  Much of what it does is for the “lulz.”  It has attacked African Americans, women, LGBT individuals, Jews, and Muslims.  It urged members to “search and destroy” a popular female video blogger’s online identity.  The group hacked into her online accounts, posted doctored photographs of her being raped, and took down her videos.  On Encyclopedia Dramatica, group members listed feminist websites that should be shut down with distributed denial-of-service attacks and “image reaping”—flooding sites with traffic to use up their allocated bandwidth.  Members updated the wiki as they accomplished their goal.  Disabled sites appeared with black lines through them next to the phrase: “Down due to excessive bandwidth.  Great success!”  As sites reappeared, group members updated the wiki entry with the phrase “back from the dead” and called for others to “search and destroy” them.  When Cheryl Lindsey Seelhoff’s blog reappeared after successful image reaping campaign, group members were notified: “FUCK!  Pulled a Lazarus. Get in there.”  The group has closed over 100 feminist sites and blogs.  It attacked two popular hip-hop sites, defacing them with swastikas and racial slurs and hacking into its employees’ computers.  The disabled were targeted as well: group members posted JavaScript code and flashing computer animation to trigger heaches and seizures in epileptics.  Benjamin Mako Hill, a student at MIT’s media lab specializing in sociology and online communities, describes Anonymous as likely just “a lot” of “selfish teenage assholes.”

The attacks allegedly devoted to political activism — such as the DDos attacks on PayPal, Visa, and Mastercard — seems like just more lulz activities.  Consider its recent “cyber protest” after the BART shut down cell service to ward off protesters from gathering in response to a police shooting.  The group released personal information from BART customers:

Thus below we are releasing the User Info Database of MyBart.gov, to show that BART doesn’t give a shit about it’s customers and riders and to show that the people will not allow you to kill us and censor us. This is but the one of many actions to come. We apologize to any citizen that has his information published, but you should go to BART and ask them why your information wasn’t secure with them. Also do not worry, probably the only information that will be abused from this database is that of BART employees.

Let me get this straight: releasing the sensitive personal information of BART customers to punish BART?  That sounds like a privacy-invasive joy ride by a bunch of trolls.  Hacktivists?  I think not.

According to Marshall, TPM filed a Freedom of Information Act request for the mugshots [...]]]> On Friday evening, within hours of posting U.S. Marshal Service mugshots of alleged members of Internet “hacktivist” group Anonymous, TalkingPointsMemo.com became the target of a relentless “distributed denial of service” or DDoS attack. According to a statement released by TPM founder and publisher Josh Marshall on TPM’s Facebook page, visitors could not access the site a little after 5 p.m. eastern time. While no one knows for sure, TPM has inferred that Anonymous or people affiliated with the group are probably responsible for the attack.  (That TPM turned to Facebook to publish a statement is ironic because Anonymous has vowed to shutdown the social networking site later this fall.) The TPM site remains down as of this posting.

According to Marshall, TPM filed a Freedom of Information Act request for the mugshots earlier this summer, and posted them as soon as they obtained them. For the past six years, according to Marshall, the news site has routinely “published mugshots of numerous people accused or convicted of various crimes” that are the subject of its reporting. I’ve clicked through the photos of hypocrites and hucksters in elective office as well as random mugshots of mobsters and celebrities to satiate an admittedly morbid curiosity. TPM, as with many other major news organizations, knows this. The questions for TPM are ethical and legal: what is it about these admittedly alluring photos of the smirks, glares, and shock typical of mugshots that adds to the story, and justifies the ostensible invasion of privacy?

This episode in vigilante bullyism comes only months after members of Anonymous were arrested for the DDoS attack on PayPal last December. The group launched this earlier attack to punish PayPal for rashly severing its commercial ties with Wikileaks, the whistle-blowing entity led by media darling Julian Assange, soon after Wikileaks released sensitive U.S. State Department cables.

The more you pay attention, the more this most recent affair sounds like a convoluted high-tech inside-baseball soap-opera. But, at bottom, this case stands as another ambiguous artifact in the persistent question about the efficacy of government-promulgated laws in relation to the Internet. In this case, sophisticated vengeful hackers were the victims of overzealous investigative journalism and, get this, entitled to government-promulgated privacy protections. Whether they want those protections invoked, however, is another question. For now, Anonymous and their allies are opting for tried-and-true hacktivist self-help.

This most recent conflict with the left-leaning TPM would not be so interesting if, for the past several years, TPM’s influence in the complex political economy and ecology of D.C.-based political news reporting had not grown as rapidly as it has. TPM’s popularity has perhaps ballooned as rapidly as the circulation and relevance of the traditional print news organizations have diminished.  It is evidently now part of the media establishment.

Just as importantly, this conflict raises interesting legal questions about the practice of publishing mugshots. In this case, TPM chose to publish mugshots of people who apparently have yet to be found guilty of the charges related to the attack on PayPal. Why post those pictures? Perhaps TPM sought to humanize a group whose members have hidden behind Internet communication technology and the iconic image of a masked vigilante hero.

In any event, as an ethical matter, TPM may have gone too far. Even the U.S. Marshal Service has a policy of not releasing mugshots, because, pursuant to FOIA Section 7(c)’s, releasing such photos would violate the privacy interests of criminal defendants. This would be a hard-and-fast restriction on such releases across the country but for a 1996 Sixth Circuit decision requiring the agency to honor federal FOIA requests for U.S. Marshal Service mugshots from anywhere around the country as long as the people submitting the request reside or work in the states within the Sixth Circuit. (The Sixth Circuit’s holding recently came up in the context of the creepy mugshot of Jared Loughner, the man who shot U.S. Representative Gabrielle Giffords and killed six people in Arizona earlier this year.) This is how TPM got the photos even though their offices are in New York and DC.

At a minimum, TPM’s decision, while understandable, raises serious questions about ethics in Internet journalism. These questions become all the more fascinating when, as here, the defendants’ alleged criminal conduct is so intertwined with their ambition, right or wrong, for anonymity.

That is best promoted when the identity of the reviewers is held strictly confidential, by editors and reviewers alike, with editors sharing only the substance of reviews to enable improving a manuscript. 

Contrary to this normative ideal, reviewers often seem to feel free to identify themselves, and even editors are sometimes sloppy in leaking identifiying data.   In just the past year, I have personally had several different unfortunate examples.  The upshot is the same: outside reviewers must stay anonymous.

In one case, I was asked to review a scholarly manuscript of an article on a subject within the field involving law and accounting.  I gave a [...]]]> Outside reviews of manuscripts are important to many publishing enterprises, from scholarly books and articles to general interest works of nonfiction.  Honest, objective and impersonal assessments are vital. 

That is best promoted when the identity of the reviewers is held strictly confidential, by editors and reviewers alike, with editors sharing only the substance of reviews to enable improving a manuscript. 

Contrary to this normative ideal, reviewers often seem to feel free to identify themselves, and even editors are sometimes sloppy in leaking identifiying data.   In just the past year, I have personally had several different unfortunate examples.  The upshot is the same: outside reviewers must stay anonymous.

In one case, I was asked to review a scholarly manuscript of an article on a subject within the field involving law and accounting.  I gave a generally favorable review, along with some quibbles and suggestions.  The editors tentatively declined the piece with an invitation to resubmit based on the quibbles and suggestions. The author somehow figured out that I was the reviewer and contacted me to say so.  It felt as if I were being accused of interfering with some one’s scholarly work.  Not pleasant.

In another case, I submitted a book proposal to a university press. The press expressed great enthusiasm and the editor told me it had to follow standard practice and have outside reviews.  It circulated the proposal, including sample chapters to several anonymous reviewers.  One of them, an old acquaintance of mine, told me he was a reviewer and that he really liked one of the chapters. 

Again, I wish he hadn’t told me this but, having told me, I followed up by asking his opinion and seeking his comments on the book.  Bizarrely, he refused to discuss any aspect of his review or the book.    Worse, the interest from the publisher went totally cold. 

The connection was hard to miss.  It seems clear the acquaintance both wanted to signal his power to interfere without providing the substantive assessment which, oddly, the press never did either.  All in all, it would have been better for this fellow to keep himself anonymous.

In a third case, a different university press, also very enthusiastic about my book proposal, supplied me with all the outside reviews it commissioned, and offered to publish the book.   In the meantime, one of the reviewers, while communicating on a different subject, mentioned that he served as such. I said I appreciated the review.  

What I didn’t say, but might have, was that I wish I had not known that he was the reviewer. The knowledge obviously did not produce the negative feelings I got when from the other two episodes. But I still would rather not know.  

The norm of anonymity for outside reviewers exists for good reasons.   It should be respected.

Traceable anonymity seems to me the baseline for Web 2.0, with the Internet only getting less anonymous as we progress to newer and even more exciting technologies. Social media, for example, already despises anonymity: Facebook has more than 500 million users; 1 [...]]]> An important part of my current (and, to me, really exciting) project is the concept of anonymity on the Internet, or lack thereof. Co-Op’s own, Daniel Solove, whose amazing work I have devoured poured over and over read and analyzed many times, has written about this at length, coining the term “traceable anonymity” to refer to this one element of privacy vis-a-vis our Internet selves — I could call myself “youwillneverknowitsme” on my Wikipedia account, but Jimmy Wales could know it’s me by following my IP address.

Traceable anonymity seems to me the baseline for Web 2.0, with the Internet only getting less anonymous as we progress to newer and even more exciting technologies. Social media, for example, already despises anonymity: Facebook has more than 500 million users; 1 in 5 relationships begin through online dating sites, none of which are anonymous; an increasing number of media websites are requiring their users to log in and provide a valid email address in order to comment on posted news stories; and even interactions that might start out anonymous can end in picture and email exchanges, both of which link your online self to your physical self.

The most basic debate is whether this is a good thing. That fascinating discussion is probably more about our individual values than anything else. But, there are at least two more interesting questions (at least to me):

First, is no anonymity the same as no expectation/right of privacy? I don’t think so, though this is a topic I have just started thinking about and reserve the right to change my mind when I learn more and smarter people teach me more. Sometimes privacy means anonymity — John and Jane Doe filings for domestic abuse victims, for example, a topic that Co-Op’s own, the fantastic Danielle Citron, has worked on. But, privacy is not always synonymous with anonymity, as such. We have privacy rights in our person, but the existence of those rights does not depend on us being cloaked from the law entirely.

Second, what are the costs of less (or no) anonymity? One of the frustrating things about online hate and harassment is that it is cheap — there are no transaction costs to hate and little personal and contingent costs after harassing. In other words, it is safer to harass online than in person. The less anonymity, then, the higher the costs of harassing, and that might be a good thing. I could also argue that less anonymity raises the costs of online speech, in general, by snuffing out robust online conversations about politics. But, what exactly would be snuffed out? Things you would never say in person? Again, maybe that’s a good thing.

Of course, I am playing a little bit of the devil’s advocate here, but the conversation is worth having.

Another tid bit I find worth discussing.

When I discuss this lack of anonymity on the Internet with others, I notice a pattern. Older interlocutors, say over 40 (though let me be clear: I do not consider 40 to be “old”) generally agree, but never really thought the Internet was anonymous to begin with. My peers, say 26-40, are the most agreeable. We remember when American Online had chat rooms that you could enter anonymously after creating a pseudonym (thanks to Co-Op reader and hopefully future prof AG for reminding me about that) and have seen the Internet change over the years. But, kids today, say under 25, do not have any conception of anonymity on the Internet. Even if they have a pseudonym here or there, they nonchalantly say something like this: “oh, yeah, ive given people my email or shown them my pictures, im sure they could find me if they wanted.” I am no English major, but that’s hardly what Walt Whitman thought of when he referred to “perfect nonchalance.” At a minimum, that cavalier behavior is something we as parents/aunts/uncles/grandparents have to deal with when our young charges start spending time online.

Research tells us that 90% of people seek advice from family and friends as part of the decision making process. This “Friend Effect” is apparent in most of our decisions and often outweighs other facts because people feel more confident, smarter and safer with the wisdom of their trusted circle.

Today, Bing is bringing the collective IQ of the Web together with the opinions of the people you trust most, to bring the “Friend Effect” to search. Starting today, you can receive personalized search results based on the opinions of your [...]]]> A small corner of the world of search took another step toward personalization today, as Bing moved to give users the option to personalize their results by drawing on data from their Facebook friends:

Research tells us that 90% of people seek advice from family and friends as part of the decision making process. This “Friend Effect” is apparent in most of our decisions and often outweighs other facts because people feel more confident, smarter and safer with the wisdom of their trusted circle.

Today, Bing is bringing the collective IQ of the Web together with the opinions of the people you trust most, to bring the “Friend Effect” to search. Starting today, you can receive personalized search results based on the opinions of your friends by simply signing into Facebook. New features make it easier to see what your Facebook friends “like” across the Web, incorporate the collective know-how of the Web into your search results, and begin adding a more conversational aspect to your searches.

The announcement almost perfectly coincides with the release of Eli Pariser’s book The Filter Bubble, which argues that “as web companies strive to tailor their services (including news and search results) to our personal tastes, there’s a dangerous unintended consequence: We get trapped in a “filter bubble” and don’t get exposed to information that could challenge or broaden our worldview.” I have earlier worried about both excessive personalization and integration of layers of the web (such as social and search, or carrier and device). I think Microsoft may be reaching for one of very few strategies available to challenge Google’s dominance in search. But I also fear that this is one more example of the “filter bubble” Pariser worries about.

Like Evgeny Morozov, Pariser persuasively demonstrates the downside of “community building” on the web; filter bubbles can be astonishingly insular. It’s an important message. Oren Bracha and I have shown the critical importance of search technology in affecting both users’ autonomy and possibilities for democracy. And as I noted last summer:

Heraclitus wrote that “for the waking there is one world, and it is common; but sleepers turn aside each one into a world of his own.” In our age of fragmented lifeworlds, narrowcasting, and personalization, internet searchers are increasingly like Heraclitus’s sleepers. They will increasingly consume customized media on the persons and events they take an interest in. Many will unwittingly enter a media environment shaped in ways they can’t understand. While some authors have lamented the effects of the “Daily Me” on politics, and others have noted the Kafkaesque implications of black box databases, few have considered the intersection of these trends. They threaten to make a scholarly understanding of media consumption difficult, as we have less and less objective sense of what’s really being presented as choices.

It’s a real tribute to Pariser’s persistence that he convinced Silicon Valley engineers to acknowledge and grapple with this reality. We’ll need many more thinkers like him to wake us from our technological somnambulism.

On the other hand, perhaps the integration of social networking into search can make search results a bit more understandable to users. Pariser suggests that even people inside Google can’t fully understand how its algorithms result in a given information environment for a user of its services:

Even if you’re not logged into Google, for example, an engineer told me there are 57 signals that the site uses to figure out who you are: whether you’re on a Mac or PC or iPad, where you’re located when you’re Googling, etc. And in the near future, it’ll be possible to “fingerprint” unique devices, so that sites can tell which individual computer you’re using. . . .

As Google engineer Jonathan McPhie explained to me, [personalization is] different for every person – and in fact, even Google doesn’t totally know how it plays out on an individual level. At an aggregate level, they can see that people are clicking more. But they can’t predict how each individual’s information environment is altered.

In general, the things that are most likely to get edited out are the things you’re least likely to click on. Sometimes, this can be a real service – if you never read articles about sports, why should a newspaper put a football story on your front page? But apply the same logic to, say, stories about foreign policy, and a problem starts to emerge. Some things, like homelessness or genocide, aren’t highly clickable but are highly important.

If people have to choose between algorithmic and friend-based personalization, the latter may be more transparent than the former. On the other hand, the Bing-Facebook combine isn’t rushing to make its own methods public, so maybe it’s a wash.

Naturally, with all of this socializing comes the far darker side of human relationships.  Social network sites sponsor threats, harassment, and hatred, leading to important, though always outmatched, voluntary efforts to address destructive behaviors.  Given the scale of these sites, the Chief Safety Officers of those social network sites need help identifying malicious activity that [...]]]> Facebook and other social network sites offer much to celebrate.  They have given new life to long-standing relationships and cemented new ones while providing innovative means to share ideas and engage with different communities.  Offline relationships are extended online.  Student groups meet in classrooms as well as on YouTube channels.  Employees talk in the office and online (sometimes even to critique their bosses with co-workers, see Kashmir Hill‘s always- thought-provoking commentary).

Naturally, with all of this socializing comes the far darker side of human relationships.  Social network sites sponsor threats, harassment, and hatred, leading to important, though always outmatched, voluntary efforts to address destructive behaviors.  Given the scale of these sites, the Chief Safety Officers of those social network sites need help identifying malicious activity that their Terms of Service prohibit.  This summer, Facebook and the police learned about another disturbing case: a Chester County man tried to use Facebook to hire a hit man to kill a woman who accused him of rape.  In July, the woman called the police after seeing a posting on the man’s Facebook page that offered $500 for “a girls head.”  The man later updated the posting, saying that he “needed the girl knocked off right now.”  As the Huffington Post recently reported, the man pleaded guilty to rape, criminal solicitation of murder, and other counts.

According to The New York Times, most contributors are male.  More specifically, “less than 15 percent of its hundreds of thousands of contributors are female.”  This, in turn, has skewed the gender [...]]]> Time magazine recently did a true-to-form story on Wikipedia, where guest editors (and our very own featured author) Jonathan Zittrain (see here too), Robert McHenry, Benjamin Mako Hill, and Mike Schroepfer assisted in writing/editing/re-writing a feature entitled Wikipedia’s “Ten Years of Inaccuracy and Remarkable Detail.” As the piece explained, Wikipedia just celebrated its 10th birthday.  The site has 17 million entries in more than 250 languages, quite a feat given that Encyclopedia Brittanica only has 120,000 and only in English.  The Time wiki-like piece notes that Wikipedia has a “diverse, international body of contributors.”

According to The New York Times, most contributors are male.  More specifically, “less than 15 percent of its hundreds of thousands of contributors are female.”  This, in turn, has skewed the gender disparity of topics and emphasis.  Wikimedia’s executive director Sue Gardner explains that topics favored by girls such as friendship bracelets can seem short when compared with lengthy articles on something boys typically like such as toy soldiers or baseball cards.  The New York Times notes that a category with five Mexican feminist writers might not seem so impressive when compared with 45 articles on characters in “The Simpsons.”

Why is this so?  Joseph Reagle, a fellow at the Berkman Center for Internet and Society at Harvard and author of “Good Faith Collaboration: The Culture of Wikipedia,” explains that Wikipedia’s early contributors shared “many characteristics with the hard-driving hacker crowd,” including an ideology that “resists any efforts to impose rules or even goals like diversity, as well as a culture that may discourage women.”  He notes that adopting an ideology of openess means being “open to very difficult, high-conflict people, even misogynists.”  The demographics of Wikipedia’s editors may also stem, in part, from the tendency of women to be “less willing to assert their opinions in public.”

How Wikipedia is now, and has been, responding is worth noting.  Sue Gardner told the Times that she hopes to raise the share of women contributors through subtle persuasion and outreach to welcome newcomers to Wikipedia.  Dave Hoffman and Salil Mehra’s terrific piece Wikitruth Through Wikiorder demonstrates that the site has already fostered efforts to create a more inclusive environment.  As Hoffman and Mehra explain, Wikipedia has an Arbitration Committee whose volunteer members rule on disputes and set forth concrete rules on how users should behave.  The Arbitration Committee has sanctioned users who make homophobic, ethnic, racial or gendered attacks or who stalk and harass others.  According to Hoffman and Mehra’s empirical study, in cases when either impersonation or anti-social conduct like hateful attacks occur, the Administrative Committee will ban the user in 21% of cases.  Wikipedia’s more than 1,500 administrators, in turn, enforce those rules.  Wikipedia also permits users to report impolite, uncivil, or other difficult communications with editors in its Wikiquette alerts notice board.

Many of our nation’s landmark free speech decisions are not about heroes–several are about flag-burners, racists, Klansmen, and those with political views outside the mainstream. And yet we measure our commitment to freedom of speech, in part, by our willingness to protect even their rights despite disagreement with what they say, and why they say it.

The story of Wikileaks publishing U.S. diplomatic cables has become the story of Julian Assange: is he a hero or villain, a high-tech terrorist or enemy combatant? Should [...]]]> At Balkanization, Professor Marvin Ammori has a thoughtful post on the Wikileaks story.  Professor Ammori, who will be guest blogging with us soon, gave me the thumbs up on reproducing his post.  Hopefully, it will spark some interesting discussion on CoOp.  Here is Ammori’s post:

Many of our nation’s landmark free speech decisions are not about heroes–several are about flag-burners, racists, Klansmen, and those with political views outside the mainstream. And yet we measure our commitment to freedom of speech, in part, by our willingness to protect even their rights despite disagreement with what they say, and why they say it.

The story of Wikileaks publishing U.S. diplomatic cables has become the story of Julian Assange: is he a hero or villain, a high-tech terrorist or enemy combatant? Should the U.S., which may have already empanelled a grand jury in Virginia, prosecute him as a criminal under the Espionage Act of 1917 or under the computer fraud and abuse act?

Though I have spent years advocating for Internet freedom, I don’t think Assange is a hero for leaking these diplomatic cables.  According to plausible reports, the leaks have harmed U.S. interests, made the work of U.S. diplomats more difficult, likely endangered lives of allies, and may have set back democracy in Zimbabwe and perhaps elsewhere.  Even some of Assange’s friends at Wikileaks are doubting Assange’s heroism: a few left him to launch a rival site and to write a tell-all book.  Whatever the harms of secrecy and over-classification, Assange’s actions have caused tremendous damage.  No wonder polls show nearly 60% of Americans believe the U.S. should arrest Assange and charge him with a crime.

My initial reaction was similar.  I thought that if a case could be made against Assange, one should be made.

But, as time passed, the political and legal downsides of prosecution came into clearer focus, and I am rethinking that initial reaction.  Despite still believing Assange’s actions have been harmful, I have now come to the opposite conclusion—not for the benefit of Assange, but for the benefit of Americans and of the United States.

Prosecuting Assange could do more harm than good for our freedom of the press and would inflict further harm on diplomatic effectiveness.  Despite the appeal of prosecuting Assange, it is not worth the cost.  We will not get the cables back.  We will not deter aspiring Wikileakers, as both our allies and our enemies know.  We will, as Dean Geoffrey Stone has best articulated, likely sacrifice established principles of freedom of the press in doing so.

Here are some thoughts on why we should think twice about prosecuting Assange, categorized by harms to the U.S.’s freedom of the press and then harms to America’s diplomatic effectiveness. And, in advance, I thank the many scholars, policy experts, and friends who took the time to give me thoughts on earlier drafts of this post.

Harms to American Freedom of the Press

1. The balance between information security and freedom of the press generally permits both government secrecy and publication.

Geoffrey Stone, a leading speech scholar at the University of Chicago, recently explained to Congress how the Supreme Court has struck that balance between transparency and press freedom.

Transparency is not an unqualified good. While some information is overclassified, too much transparency has its own problems, as professors Larry Lessigand Tim Wu, among others, have pointed out.  Keeping some information private is sometimes essential for government and diplomacy.  Releasing information can be harmful; for example, releasing the names and addresses of all our covert spies or the world’s critical infrastructures harms US interests.

As Stone explains, the Supreme Court has recognized that government may overstate the harms of publication and underestimate the harms of secrecy.  The judiciary is not well equipped to second-guess this bias on a case-by-case basis.  So the Court struck this balance: government is allowed constitutionally to over-protect information and to secure it, while the press is perhaps over-protected to publish leaked information.  This is an obviously imperfect mechanism, but we live in an imperfect world, and other options are even more imperfect.

As a result, the burden of securing information falls on the government, not the press.  Jack Goldsmith reaches the same conclusion:

It is also important to remember, to paraphrase Justice Stewart in the Pentagon Papers, that the responsibility for these disclosures lies firmly with the institution empowered to keep them secret: the Executive branch.

This is not to blame the Executive branch; it is just to emphasize that securing information is the usual remedy to balance transparency, necessary secrecy, and a free press.  Prosecuting publishers and perceived journalists generally is not.

2. If the government can prosecute Assange for publishing illegally obtained information, then it can prosecute most journalists.

According to standard First Amendment doctrine, the press generally can publish truthful information leaked to the press, even if someone else acted illegally to obtain the information.  The Supreme Court said as much in Bartnicki v. Vopper and the Pentagon Papers case.

Administration officials and congressional staffs often leak information to the press for their own purposes—though they often leak to “friendly” reporters they hope to influence.  If the government could punish journalists for publishing classified information, Bob Woodward would be sitting in solitary confinement for the top-secret leaks in his last book alone.  Perhaps because of these realities, in 2000, President Clinton wisely vetoed a bill that would have criminalized all unauthorized disclosures.

Despite Woodward’s inside track to potentially over-classified information, Assange may be no less a journalist than someone like Woodward.

3. Assange looks more like a 21^st Century journalist than a terrorist.

The First Amendment protects a lot of potentially harmful speech, but does not and should not protect all speech. Some speech that encourages criminal behavior—like detailed “how-to” instructions on how to murder people or manuals for mixing homemade explosives—rightfully receive little First Amendment protection. Are Assange’s publications really not journalism, but more like this unprotected speech?

In thinking about this question, I have found Eugene Volokh’s analysis of “crime-facilitating speech” immensely helpful. I will not summarize his 100-page argument, which examines many speech areas. I will simply note that he ends up proposing a standard that, while speech-protective, strikes a balance that captures truly dangerous speech unworthy of protection. For him, this category includes speech, if published, with almost no non-criminal value or leading to plague or atomic explosions. Nobody has made the case that Assange’s speech falls in those categories.

Wikileaks looks less like a hit man manual and more like the journalism of tomorrow (or yesterday). Dozens of traditional and new publications (and TV channels) have experimented with user-generated news content, including uploaded video and stories. Assange has recently been clothing his actions as journalism. Rather than engaging in a document dump, Assange has released less than 1% of the 250,000 cables, and is working with several newspapers (The Guardian, Der Speigel, El Pais, Le Monde, the New York Times) to vet and redact every cable before publishing it.  His practices and those of journalists are converging. As online news models evolve and change, prosecuting Assange may set a precedent for limiting some beneficial experimentation with these new models.

4. If the government can prosecute Assange for “conspiring” with his source, all journalists are conspirators.

According to Justice Department leaks to the New York Times, the Justice Department is considering bringing a case based on Assange conspiring with his source.  As law professor Jack Balkin observes, if Assange conspired, many journalists “conspire” with their sources, sometimes over drinks at the Mayflower Hotel, sometimes by email. Even if the standard for conspiracy is higher than “doing drinks” at a hotel, it would sweep up at least some journalists, who no doubt worked with their sources as closely as Assange did with his source. Such conspiracy claims could burden freedom of association, including anonymous association, which receives constitutional protection.

5. If the First Amendment doesn’t protect Wikileaks, it doesn’t protect The Economist or Roberto Benigni.

Some argue that Assange has no First Amendment right because he is an Australian non-resident. But, whatever Assange’s rights as speaker, Americans have rights as readers. The Supreme Court has held (in Lamont v. Postmaster General) that Americans, like Wikileaks defender Ron Paul, have free speech rights, including the right to access unprotected international speech.

Taking it one step further, to extradition and arrest, I doubt the U.S. government could arrest executives at publications like The Economist, The Guardian, BBC, and Le Monde, or movie makers like Roberto Benigni, without burdening the speech rights of American citizens.  As a practical reality, if not as a matter of formal doctrine, prosecuting popular foreign speakers burdens American speakers.  Plus, prosecuting Economist.com for something NYTimes.com can publish would arguably violate some of our trade commitments.  And do we want to encourage China to use the same logic of extradition and prosecution against American and European publications, websites, and executives that allegedly violate Chinese law?

6. If the government can pressure private companies to silence Wikileaks, it can silence anyone.
Senator Lieberman’s staff seemed to apply some governmental pressure to Amazon, which found a violation of its broadly worded “terms of service” to remove Wikileaks from Amazon servers. (The administration has not applied similar pressure, to my knowledge.)  Paypal and Mastercard refused to process donations, applying a standard far lower than the standards applying to government.

I agree with those who view these moves as an Internet “tax on dissent.” To put this in perspective, what if Amazon interpreted its terms of service to kick controversial politicians off its servers?  What if Paypal stopped processing payments to controversial newspapers, political blogs, or … Klansmen and flag burners?  What if Mastercard, after receiving calls from a Senator, refused to process donations to the Palin or Romney campaigns, while processing donations for the Obama reelection?  The affected speakers would be harmed and would have no legal means to defend themselves by challenging the government’s attempt to silence them.

The New York Times has raised concerns about these actions: “A handful of big banks could potentially bar any organization they disliked from the payments system, essentially cutting them off from the world economy.”

U.S. administration officials should not help set a dangerous precedent of enlisting private parties to kick the legs out from political opponents.  Again, what would we think if the Chinese government engaged in similar activity with their financial intermediaries and their disfavored sites?

Harms to American Diplomacy

1. We will possibly fail to convict Assange, while handing autocrats an argument to justify politically motivated prosecutions.

It doesn’t really matter if the (dedicated, brilliant) lawyers at the Department of Justice come up with a compelling case that has eluded law professors like Jack Balkin, Jack Goldsmith, Geoffrey Stone, and Steve Vladeck.

As these professors and others have noted, the legal case faces several potential hurdles: First Amendment issues, Espionage Act issues, conspiracy law issues, and extradition law issues for “political” crimes.

If the lawyers at Justice build a credible case, what follows will be a highly controversial and politically charged extradition proceeding that will draw out negative consequences for our foreign policy and international credibility—regardless of the ultimate outcome.

And then, at the end of this controversial process, after months or years, Assange comes to trial in a U.S. court.  Then, even in a best-case scenario, the case might fail for any of a dozen reasons.  Even if a conviction is achieved, at what cost?  And to what end?  Will a single piece of data be recovered?  Will the martyrdom of Assange deter others from following in his footsteps? The long-term impact of this effort will likely come out badly for our nation, no matter what the outcome of the legal proceeding.

2. We will look weak and hypocritical, affecting our moral standing abroad and at home. Could we really tell autocrats in other countries that they shouldn’t prosecute journalists or political critics? Perceptions will be a key factor.  Prosecuting Assange would validate an international perception, whether accurate, among allies and foes alike that America operates on a double standard—a perception the Obama administration has taken great pains to reverse.  The decline in credibility triggered by apparently validating that perception will ripple across our international relations. As Clay Shirky notes, autocrats will certainly use our actions to justify political prosecutions.

Conclusion
I could be wrong; this controversy does not have easy answers.

I end up, with Assange, where I do with racists and Klansmen. Despite the damage he has caused, the costs to our nation of prosecuting his speech outweigh the benefits. I hope our nation’s lawyers consider the merits of this position in determining how best to respond to Assange and Cablegate.

Goldsmith, who takes cybersecurity very seriously, nevertheless finds himself “agreeing with those who think Assange is being unduly vilified.” He believes that “it is not obvious what law he has violated,” and Geoff Stone today said that many Lieberman-inspired efforts to expand the Espionage Act to include Assange’s conduct would be unconstitutional. Goldsmith asks:

What if there were no wikileaks and Manning had simply given the Lady Gaga CD to the Times? Presumably the Times would eventually have published most of the same information, with [...]]]> Don’t worry, it’s not another prolix post from me, just commentary on Jack Goldsmith’s Seven Thoughts on Wikileaks and Lovink & Riemens’s Twelve theses on WikiLeaks. (And here’s an FAQ for those confused by the whole controversy.)

Goldsmith, who takes cybersecurity very seriously, nevertheless finds himself “agreeing with those who think Assange is being unduly vilified.” He believes that “it is not obvious what law he has violated,” and Geoff Stone today said that many Lieberman-inspired efforts to expand the Espionage Act to include Assange’s conduct would be unconstitutional. Goldsmith asks:

What if there were no wikileaks and Manning had simply given the Lady Gaga CD to the Times? Presumably the Times would eventually have published most of the same information, with a few redactions, for all the world to see. Would our reaction to that have been more subdued than our reaction now to Assange? If so, why?

Lovink & Riemens provide something of an answer:

Traditional investigative journalism used to consist of three phases: unearthing facts, crosschecking these and backgrounding them into an understandable discourse. WikiLeaks does the first, claims to do the second, but omits the third completely. . . . What WikiLeaks anticipates, but so far has been unable to organize, is the “crowd sourcing” of the interpretation of its leaked documents. That work, oddly, is left to the few remaining staff journalists of selected “quality” news media.

Later, academics pick up the scraps and spin the stories behind the closed gates of publishing stables. But where is networked critical commentariat? Certainly, we are all busy with our minor critiques; but it remains the case that WikiLeaks generates its capacity to inspire irritation at the big end of town precisely because of the transversal and symbiotic relation it holds with establishment media institutions. . . .Therein lies the conflictual terrain of the political.

Perhaps the difference between the treatment of Assange and the NYT is a widespread sense that the “paper of record” simply must publish important news once it’s been revealed. But the Wikileaks situation confounds any model of objective journalists “finding facts” in the world. As the FAQ explains, “Wikileaks is only releasing cables in coordination with the actions of . . . five selected news organizations.” Like search engines, it challenges the traditional distinctions between conduit and content-provider that have governed our thinking about communications. As L & R put it,

One of the main difficulties with explaining WikiLeaks arises from the fact that it is unclear (also to the WikiLeaks people themselves) whether it sees itself and operates as a content provider or as a simple conduit for leaked data (the impression is that it sees itself as either/or, depending on context and circumstances). This, by the way, has been a common problem ever since media went online en masse and publishing and communications became a service rather than a product. . . . This might be why Assange and his collaborators refuse to be labelled in terms of “old categories” (journalists, hackers, etc.) and claim to represent a new Gestalt on the world information stage.

I have to admit, my initial read of this story was over-influenced by media reports that described Wikileaks as “dumping” documents. In fact, they have been selective; as Glenn Greenwald explains, “They have not released “thousands” of cables; they’ve released 1,193 — less than 1/2 of 1% of the total they possess.”

But I do think I was right about one thing: the Wikileaks story reveals a dangerously overstretched “superpower.” When Russia recommends a Nobel Prize for Assange, you know that they are pretty confident in their ability to decouple from the US’s overindebted, hollowed out economy. Just as trillions of dollars in war spending have emptied our coffers, military prerogatives also led to the DOD’s “data deluge blowback.” As Lovink puts it:

In the ongoing saga called “The Decline of the US Empire”, WikiLeaks enters the stage as the slayer of a soft target. It would be difficult to imagine it being able to inflict quite same damage to the Russian or Chinese governments, or even to the Singaporean – not to mention their “corporate” affiliates. In Russia or China, huge cultural and linguistic barriers are at work, not to speak of purely power-related ones, which would need to be surmounted. Vastly different constituencies are also factors there, even if we are speaking about the narrower (and allegedly more global) cultures and agendas of hackers, info-activists and investigative journalists. In that sense, WikiLeaks in its present manifestation remains a typically “western” product and cannot claim to be a truly universal or global undertaking.

The irony, of course, is that in its quest for openness, Wikileaks is likely to provoke extraordinary responses from government that make our security apparatus more like that of Russia or China. Lovink notes some uncomfortable parallels between Wikileaks and those it opposes:

WikiLeaks displays a stunning lack of transparency in its internal organization. Its excuse that “WikiLeaks needs to be completely opaque in order to force others to be totally transparent” amounts, in our opinion, to little more than Mad magazine’s famous Spy vs. Spy cartoons. You beat the opposition but in a way that makes you indistinguishable from it.

WikiLeaks is also an organization deeply shaped by 1980s hacker culture, combined with the political values of techno-libertarianism that emerged in the 1990s. . . . Lack of commonality with congenial, “another world is possible” movements drives WikiLeaks to seek public attention by way of increasingly spectacular and risky disclosures, thereby gathering a constituency of often wildly enthusiastic, but generally passive supporters.

Assange reminds me a bit of the obsessed protagonist of Samuel Delany’s sci-fi novel Nova, with sensitive information playing the role in the Wikileaks drama that Illyrion plays in Delany’s work: a resource that can utterly shift the balance of power if it comes into the right hands. Assange sees an utterly corrupt status quo, and wishes to upset it. Projects like Wikileaks may well succeed in doing so. But, if the status quo could speak, it might warn, “Après moi, le déluge.” (And Zhou Enlai is probably still correct to say that it’s “too soon to tell” what the impact of that power shift was.)

For instance, digital expressions of hatred helped inspire the 1999 shooting of African-Americans, Asian-Americans, and Jews in suburban Chicago [...]]]> Although intermediaries’ services can facilitate and reinforce a citizenry’s activities, they pose dangers that work to undermine them.  Consider the anonymous and pseudonymous nature of online discourse.  Intermediaries permit individuals to create online identities unconnected to their legal identities.  Freed from a sense of accountability for their online activities, citizens might engage in productive discourse in ways that they might not if directly correlated with their offline identities.  Yet the sense of anonymity breeds destructive behavior as well.  Social science research suggests that people behave aggressively when they believe that they cannot be observed and caught.  Destructive online behavior spills offline, working a fundamental impairment of citizenship.

For instance, digital expressions of hatred helped inspire the 1999 shooting of African-Americans, Asian-Americans, and Jews in suburban Chicago by Benjamin Smith, a member of the white supremacist group World Church of the Creator (WCOTC) that promotes racial holy war.  Just months before the shootings, Smith told documentary filmmaker Beverly Peterson that: “It wasn’t really ‘til I got on the Internet, read some literature of these groups that . . . it really all came together.”  More recently, the Facebook group Kick a Ginger Day urged members to get their “steel toes ready” for a day of attacking individuals with red hair. The site achieved its stated goal: students punched and kicked children with red hair and dozens of Facebook members claimed credit for attacks.

Cyber hate can produce so much psychological damage as to undermine individuals’ ability to engage in public discourse.  For instance, posters on a white supremacist website targeted Bonnie Jouhari, a civil rights advocate and mother of a biracial girl.  They revealed Ms. Jouhari’s home address and her child’s picture.  The site showed a picture of Ms. Jouhari’s workplace exploding in flames next to the threat that “race traitors” are “hung from the neck from the nearest tree or lamp post.”  Posters included bomb-making instructions and a picture of a hooded Klansman holding a noose.  Aside from moving four times, Ms. Jouhari and her daughter have withdrawn completely from public life; neither has a driver’s license, a voter registration card or a bank account because they don’t want to create a public record of their whereabouts.

Search engines also ensure the persistence and production of cyber hate that undermines citizens’ capability to engage in offline and online civic engagement.  Because search engines reproduce information cached online, people cannot depend upon time’s passage to alleviate the damage that online postings cause.  Unlike leaflets or signs affixed to trees that would decay or disappear not long after their publication, now search engines index all of the content hosted by social media intermediaries, producing it instantaneously.

Jeremy Waldron contends that cyber hate produces a “permanent disfigurement” of group members.  Online hate mars our social environment by visibly and publicly conveying the message that a “group in the community is not worthy of equal citizenship.”  It denigrates group members’ basic standing in society and deprives them of their “civic dignity.”  Search engines ensure that cyber hate endures, instantly accessible far into the future.

Another distinct feature of the Internet is that it can facilitate “echo chambers” of extreme views.  As Cass Sunstein explored in Republic.com 2.0, people may tailor their online news, only seeking out those who reinforce their views and filtering out contrary information.  This leads to the hardening of positions into more extreme ones.  Sunstein explained that hate groups on the internet are so extreme because they often expose themselves to only to online groups with similar views and link exclusively to hateful content.

Intermediaries should recognize these particular challenges that cyber hate in networked spaces poses to individuals’ capability to participate meaningfully offline and online.  In our upcoming article Intermediaries and Hate Speech: Fostering Digital Citizenship for the Information Age (forthcoming Boston University Law Review 2011), Helen Norton and I invoke a concept of digital citizenship to ensure that intermediaries acknowledge and address these challenges.   In so doing, we do not mean to suggest that individuals are somehow citizens of a virtual space that is unconnected from our territorial polity.  Quite the contrary, we speak of digital citizenship as it relates to individuals rooted firmly in our territorial polity.  Digital citizenship acknowledges that our networked environment can be a blow to territorial polity in ways that intermediaries need to recognize and redress.

Facebook’s Terms of Service [...]]]> In a move that recalls the postings on the now-defunct Juicy Campus, Facebook groups devote themselves to vulgar descriptions of female high school students.  As Donna St. George of the Washington Post reported on November 11, a Facebook page targeted 30 female students from the T.C. Williams High School in Alexandria, Virginia.  It featured photographs of the students accompanied by “offensive or sexual comments.”  Another similar page included a picture of the school’s female principal.  The Daily Beast recently reported that Choate Rosemary Hall boarding school banned access to Facebook through campus computers after discovering a 200-plus-page-long threat penned by female students that disparaged fellow female students.  The Facebook page described Choate students as “hos” and “gross and faked and spray tanned.”

Facebook’s Terms of Service requires users to agree to refrain from bullying, intimidating, or harassing other users.”  Pursuant to that policy (or so we can guess), Facebook took down the page of the 30 girls with the sexually demeaning comments five days after T.C. Williams High School’s principal filed a complaint with Facebook.  Despite Facebook’s real-name culture, the author of the Facebook page has not been identified, an unsurprising result given the advantages provided ill-meaning individuals who want to evade responsibility for online activity.  In the boarding school matter, it seems that a student copied the thread, publishing it for the consumption of students (and everyone else) who were not privy to the Facebook page.  According to the Daily Beast, school administrators “hired a computer forensics expert to track how it had been made public.”  Two of the girls who wrote the post were expelled and four were suspended.

In the T.C. Williams High School matter, the principal went on the school’s PA system for two days in a row to let students know that she thought the page was “totally offensive.”  The Washington Post reports that the principal also asked students to avoid accessing it: “We’re better than this,” she told the students.  If that is all the principal did, it seems a weak showing of moral leadership and civic education.  Hopefully, the incident began a longer-term conversation about many things, including bullying, gender harassment, the risks of online activities, and the responsibilities of students while online.  Now, the school officials’ response in the Choate matter is worth discussing.  Norm Pattis, a Connecticut trial lawyer, contends that the school’s response is too harsh given the dire consequences of a school expulsion on a student’s chances of getting into college.  Prohibiting Facebook on campus may also be an empty gesture.  On the one hand, Choate students have continued to tweet and tumbl on their school accounts.  They also can access social media including Facebook on their mobile devices, raising the same concerns of online civility.  On the other, as Pattis suggests, the school missed a crucial teaching opportunity (beyond a 90-minute discussion with students) on how to be leaders, rather than the quick fix of banning Facebook on the campus network.  That sounds right to me, too.

“When a human being becomes a set of data on a website like Facebook, he or she is reduced.  Everything shrinks.  Individual character.  Friendships.  Language. Sensibility.  In a way, it’s a transcendent [...]]]> Reviewing the movie The Social Network and Jaron Lanier’s book You Are Not a Gadget: A Manifesto in this month’s New York Review of Books, Zadie Smith warns readers of the perils of social network sites like Facebook where “life is turned into a database.”  According to Smith, Facebook “locks us” into a system designed by a college nerd to resemble “a Noosphere, an Internet with one mind, a uniform environment in which it genuinely doesn’t matter who you are, as long as you make ‘choices’ (which means, finally, purchases).”  Smith writes:

“When a human being becomes a set of data on a website like Facebook, he or she is reduced.  Everything shrinks.  Individual character.  Friendships.  Language. Sensibility.  In a way, it’s a transcendent experience: we lose our bodies, our messy feelings, our desires, our fears.  It reminds me that those of us who turn in disgust from what we consider an overinflated liberal-bourgeois sense of self should be careful what we wish for: our denuded networked selves don’t look more free, they just look more owned.”

Smith worries about her students and other “2.0 kids.”  She contrasts “1.0 people” who use social media tools to connect with others in an outward-facing way with “2.0 kids” who employ them to turn inward and towards the trivial.  2.0 people, Smith fears, are embedded in the software, avatars who don’t realize that “what makes something fully real is that it is impossible to represent it to completion.”  She wonders: “what if 2.0 people feel their socially networked selves genuinely represent them to completion?”  In Smith’s view, Mark Zuckerberg tamed “the wild west of the Internet” to “fit the suburban fantasies of a suburban soul,” risking the extinction of the “private person who is a mystery to the world and–which is more important — to herself.”

Smith’s review recalls Neil Postman’s critique of television culture and Benjamin Barber’s warnings about contemporary consumerism.  While television helped us amuse ourselves to death and pervasive pop culture produces shoppers, not thinkers, social network sites turn youth culture into over-sharing, unthinking, eager-to-please avatars who “watch the reality-TV show Bride Wars because their friends are.”  Yet this can’t be the whole story.  Whether 41 or 21, social network participants live in the real world, integrating their online activities seamlessly into their daily lives.  Far more goes on in social network sites like Facebook than sharing information to “make others like you” as Smith suggests.  On Facebook and other popular social media sites, people join groups of every stripe.  They work, as Miriam Cherry’s terrific new article Virtual Work addresses.  They build  reputations in ways that can enhance offline careers.  They join study groups.  In many respects, social media sites provide platforms for genuine participation far more than just Government 2.0 engagement.  Far from deadening the everyday citizen, social media platforms can resemble Alexis de Toqueville’s town meeting, John Dewey’s schools, and Cynthia Estlund’s workplace.  Of course, citizenship participation online is different–it is not the face-to-face interaction envisioned by Toqueville, Dewey, and Estlund.  But even with the challenges brought by internet-mediated interactions, 2.0 kids are more than denuded avatars.