#1 and #2 run together. If spam is the problem, you don’t need to block access to the Web site. However, if you are concerned that students are going to read the petition, [...]]]> In the spirit of the excellent colloquy here about Marvin’s thinking on First Amendment architectures, I bring up this news item: Arizona State University blocked both Web access to, and e-mail from, the change.org Web site. ASU students had begun a petition demanding that the university reduce tuition. The university essentially made three claims as to why it did so (below, in order of increasing stupidity):

1. It was a technical mistake;
2. Change.org was spamming ASU; and
3. ASU needs to “protect the use of our limited and valuable network resources for legitimate academic, research and administrative uses.”

#1 and #2 run together. If spam is the problem, you don’t need to block access to the Web site. However, if you are concerned that students are going to read the petition, and sign it, you do need to block access to the Web site.

For #2, sorry, ASU, this isn’t spam. Spam is unsolicited bulk commercial e-mail. Change.org is, allegedly, sending unsolicited political e-mail. And that’s protected by the First Amendment – see, for example, the Virginia Supreme Court’s analysis of that state’s anti-spam law that covered political messages. Potential political spammers have a sharp disincentive to fill recipient’s inboxes – it’s a sure-fire way to annoy them into opposing your position.

For #3, ASU doesn’t get to determine what academic and research uses are “legitimate.” If they throttle P2P apps, that’s fine. If they limit file sizes for attachments, no problem. But deciding that the message from Change.org is not “legitimate” is classic, and unconstitutional, viewpoint discrimination.

This looks like censorship. I think it’s more likely to be stupidity: someone in ASU’s IT department decided to block these messages as spam, and to filter outbound Web requests to the site contained within those messages. But: with great power over the network comes great responsibility. Well-intentioned constitutional violations are still unlawful. It would also help if ASU’s spokesperson simply admitted the mistake rather than engaging in idiotic justification.

As I mention in Orwell’s Armchair, public actors are increasingly important sources of Internet access. But when ASU and other public universities take on the role of ISP, they need to remember that they are not AOL: their technical decisions are constrained not merely by tech resources, but by our commitment to free speech. Let’s hope the Sun Devils cool off on the filtering…

Cross-posted at Info/Law.

Listening to the insider discussions and industry reporting about online marketing provides a numbing sense of false comfort.  But every so often, we go outside the bubble and hear civilians talking about what we do.  I’m sure most of us have had someone at a party or family gathering share their ‘creeped out’ moment;  that instance where they finally saw clearly that somehow they were being ‘followed’ online.   Other times, they offer us largely unformed general concerns about online privacy: they don’t really have [...]]]> Over at the Business Insider, Doug Weaver has a terrific review of our guest blogger Joe Turow’s new book The Daily You, demonstrating its practical importance to people in the field like Weaver as well as to policymakers and scholars.Here’s the review:

Listening to the insider discussions and industry reporting about online marketing provides a numbing sense of false comfort.  But every so often, we go outside the bubble and hear civilians talking about what we do.  I’m sure most of us have had someone at a party or family gathering share their ‘creeped out’ moment;  that instance where they finally saw clearly that somehow they were being ‘followed’ online.   Other times, they offer us largely unformed general concerns about online privacy: they don’t really have a sense of what’s going on but they instinctively know they don’t like it.  And once in a great while you’ll hear from someone who’s really done their homework and brings crystal clarity to the issue from the consumer point of view.

That moment came for me when I stumbled on an NPR radio interview with Joseph Turow, author of “The Daily You: How the New Advertising Industry is Defining Your Identity and Your Worth.”  After using up my ten minute commute, I found myself sitting my car in the parking lot of my office for another 30 minutes just listening to this guy.  It was kind of like hearing someone talk about you in a bathroom when they don’t know you’re in one of the stalls.  Except they’re totally getting it right.  Turow, an associate dean at the Annenberg Communication school at Penn, has done a lot of homework.  The book is detailed and rigorous, but also extremely accessible to the curious consumer.  While it’s probably not going to sell millions of copies, I believe it’s going to be a hugely influential and important book for several reasons.

Cybersecurity is a conundrum. Despite a decade of sustained attention from scholars, legislators, military officials, popular media, and successive presidential administrations, little if any progress has been made in augmenting Internet security. Current scholarship on cybersecurity is bound to ill-fitting doctrinal models. [...]]]> Cybersecurity is in the news: a network intrusion allegedly interfered with railroad signals in the Northwest in December; the Obama administration refused to support the Stop Online Piracy Act due to worries about interfering with DNSSEC; and the GAO concluded that the Department of Homeland Security is making things worse by oversharing. So, I’m fortunate that the Minnesota Law Review has just published the final version of Conundrum (available on SSRN), in which I argue that we should take an information-based approach to cybersecurity:

Cybersecurity is a conundrum. Despite a decade of sustained attention from scholars, legislators, military officials, popular media, and successive presidential administrations, little if any progress has been made in augmenting Internet security. Current scholarship on cybersecurity is bound to ill-fitting doctrinal models. It addresses cybersecurity based upon identification of actors and intent, arguing that inherent defects in the Internet’s architecture must be remedied to enable attribution. These proposals, if adopted, would badly damage the Internet’s generative capacity for innovation. Drawing upon scholarship in economics, animal behavior, and mathematics, this Article takes a radical new path, offering a theoretical model oriented around information, in distinction to the near-obsession with technical infrastructure demonstrated by other models. It posits a regulatory focus on access and alteration of data, and on guaranteeing its integrity. Counterintuitively, it suggests that creating inefficient storage and connectivity best protects user capabilities to access and alter information, but this necessitates difficult tradeoffs with preventing unauthorized interaction with data. The Article outlines how to implement inefficient information storage and connectivity through legislation. Lastly, it describes the stakes in cybersecurity debates: adopting current scholarly approaches jeopardizes not only the Internet’s generative architecture, but also key normative commitments to free expression on-line.

Conundrum, 96 Minn. L. Rev. 584 (2011).

Cross-posted at Info/Law.

I argue in a forthcoming paper, Conundrum, that cybersecurity can only be understood as an information problem. Conundrum posits that, if we’re worried about ensuring access to critical information on-line, we should make the Net less efficient – building in redundancy. But for cybersecurity, information is like the porridge in Goldilocks: you can’t have too much or too little. For example, [...]]]> It may seem strange in a week where Megaupload’s owners were arrested and SOPA / PROTECT IP went under, but cybersecurity is the most important Internet issue out there. Examples? Chinese corporate espionage. Cyberweapons like Stuxnet. Anonymous DDOSing everyone from the Department of Justice to the RIAA. The Net is full of holes, and there are a lot of folks expert in slipping through them.

I argue in a forthcoming paper, Conundrum, that cybersecurity can only be understood as an information problem. Conundrum posits that, if we’re worried about ensuring access to critical information on-line, we should make the Net less efficient – building in redundancy. But for cybersecurity, information is like the porridge in Goldilocks: you can’t have too much or too little. For example, there was recent panic that a water pump burnout in Illinois was the work of cyberterrorists. It turned out that it was actually the work of a contractor for the utility who happened to be vacationing in Russia. (This is what you get for actually answering your pager.)

The “too little” problem can be described via two examples. First, prior to the attacks of September 11, 2001, the government had information about some of the hijackers, but was impeded by lack of information-sharing and by IT systems that made such sharing difficult. Second, denial of service attacks prevent Internet users from reaching sites they seek – a tactic perfected by Anonymous. The problem is the same: needed information is unavailable. I think the solution, as described in Conundrum, is:

increasing the inefficiency with which information is stored. The positive aspects of both access to and alteration of data emphasize the need to ensure that authorized users can reach, and modify, information. This is more likely to occur when users can reach data at multiple locations, both because it increases attackers’ difficulty in blocking their attempts, and because it provides fallback options if a given copy is not available. In short, data should reside in many places.

But there is also the “too much” problem. This is exemplified by the water pump fiasco: after 9/11, the federal government, including the Department of Homeland Security, began a massive information-sharing effort, such as through Fusion Centers. The difficulty is that the Fusion Centers, and other DHS projects, are simply firehosing information onto companies who constitute “critical infrastructure.” Much of this information is repetitive or simply wrong – as with the water pump report. Bad information can be worse than none at all: it distracts critical infrastructure operators, breeds mistrust, and consumes scarce security resources. The pendulum has swung too far the other way: from undersharing to oversharing. Finding the “just right” solution is impossible; this is a dynamic environment with constantly changing threats. But the government hasn’t yet made the effort to synthesize and analyze information before sounding the alarm. It must, or we will pay the price of either false alarms, or missed ones.

(A side note: I don’t put much stock in which federal agency takes the lead on cybersecurity – there are proposals for the Department of Defense, or the Department of Energy, among others – but why has the Obama administration delegated responsibility to DHS? Having the TSA set Internet policy hardly seems sensible. Beware of Web-based snow globes!)

Cross-posted at Info/Law.

Speaking of exciting developments, it appears that the Stop Online Piracy Act (SOPA) is dead, at least for now. House Majority Leader Eric Cantor has said that the bill will not move forward until there is a consensus position on it, which is to say, never. Media sources credit the Obama administration’s opposition to some of the more noxious parts of SOPA, such as its DNSSEC-killing filtering provisions, and also the tech community’s efforts to raise awareness. (Techdirt’s Mike Masnick has been working overtime in reporting on SOPA; Wikipedia and Reddit are adopting a blackout to draw attention; even the New York City techies are holding a demonstration in front of the offices of Senators [...]]]> Thanks to Danielle and the CoOp crew for having me! I’m excited.

Speaking of exciting developments, it appears that the Stop Online Piracy Act (SOPA) is dead, at least for now. House Majority Leader Eric Cantor has said that the bill will not move forward until there is a consensus position on it, which is to say, never. Media sources credit the Obama administration’s opposition to some of the more noxious parts of SOPA, such as its DNSSEC-killing filtering provisions, and also the tech community’s efforts to raise awareness. (Techdirt’s Mike Masnick has been working overtime in reporting on SOPA; Wikipedia and Reddit are adopting a blackout to draw attention; even the New York City techies are holding a demonstration in front of the offices of Senators Kirstin Gillibrand and Charles Schumer. Schumer has been bailing water on the SOPA front after one of his staffers told a local entrepreneur that the senator supports Internet censorship. Props for candor.) I think the Obama administration’s lack of enthusiasm for the bill is important, but I suspect that a crowded legislative calendar is also playing a significant role.

Of course, the PROTECT IP Act is still floating around the Senate. It’s less worse than SOPA, in the same way that Transformers 2 is less worse than Transformers 3. (You still might want to see what else Netflix has available.) And sponsor Senator Patrick Leahy has suggested that the DNS filtering provisions of the bill be studied – after the legislation is passed. It’s much more efficient, legislatively, to regulate first and then see if it will be effective. A more cynical view is that Senator Leahy’s move is a public relations tactic designed to undercut the opposition, but no one wants to say so to his face.

I am not opposed to Internet censorship in all situations, which means I am often lonely at tech-related events. But these bills have significant flaws. They threaten to badly weaken cybersecurity, an area that is purportedly a national priority (and has been for 15 years). They claim to address a major threat to IP rightsholders despite the complete lack of data that the threat is anything other than chimerical. They provide scant procedural protections for accused infringers, and confer extraordinary power on private rightsholders – power that will, inevitably, be abused. And they reflect a significant public choice imbalance in how IP and Internet policy is made in the United States.

Surprisingly, the Obama administration has it about right: we shouldn’t reject Internet censorship as a regulatory mechanism out of hand, but we should be wary of it. This isn’t the last stage of this debate – like Wesley in The Princess Bride, SOPA-like legislation is only mostly dead. (And, if you don’t like the Obama administration’s position today, just wait a day or two.)

Cross-posted at Info/Law.

Next came the conversation.  We talked about how increasingly social media activity is part of one’s life’s biography.  Anything said and done in social network spaces becomes part of who you are in our [...]]]> The question that I had been dreading came at last: “Mom, can I have a Facebook page?”  My daughter provided a strong defense: she’s 13, so she meets Facebook’s Terms of Service age requirement; she’s nearly an adult in her religion’s eyes (her bat mitzvah is in a week); past practices proves she’s responsible; and well, she feels ready.  (And I just discovered, she’s done her homework: see this Yahoo Answers! “My mom won’t let me get a Facebook page, how do I convince her?” thread that I found on my computer).

Next came the conversation.  We talked about how increasingly social media activity is part of one’s life’s biography.  Anything said and done in social network spaces becomes part of who you are in our Information Age.  Colleges may ask for your Facebook password.  Over 70% of employers look at social media data for interviewing and hiring (and sad to say, the outcomes are grim for applicants who over 60% of the time don’t get the interview or job due to social network profiles).  It’s not just what you post that speaks volumes — your social network (friends and their friends) tells some of your story for you.  There goes any control that you thought you had.  FB users often wrestle with whether they should de-friend those whose online personas don’t match their sensibilities (or the way in which they want others to perceive them).  This means that users need to keep a careful eye on their friends’ profiles (as well as ever-changing privacy settings).

That’s a lot of responsibility.  Or, as Bill Keller of the New York Times put it when he allowed his 13-year old daughter to join Facebook, he felt “a little as if I had passed my child a pipe of crystal meth.“  Beyond the potential privacy and reputational concerns that accompany social media use, an online life has other potential perils, like overuse (and thus inattention to studies, face-to-face family time, etc.) that cyber-pessimists underscore (see Nicholas Carr’s The Shallows).  And bullying, serious harassment, bigotry increasingly appear in mainstream social media in ways that kids can’t necessarily avoid (my work explores those problems, see here, here, and here, as well as terrific work by guest bloggers Ari Waldman and Mary Anne Franks).  Of course, there’s also lots of positive stuff emerging from these networked spaces.  Social media outlets like Facebook allow us to enact our personalities.  They let us express ourselves in ever-changing and expanding ways.  FB and other outlets host civic engagement as Helen Norton and I have emphasized.

I wonder, too, if my kid has a meaningful choice.  Can digital natives really stay away from social media if all of their friends socialize there?  And will employers and colleges expect that applicants partake in these activities because everyone else does?  Someday, will resisting having a Facebook profile express something negative about you?  Will it signal that you’re not socially adjusted or successful?  As Scott Peppet underscores in his work, we may be forced to give up our privacy to show that we are indeed healthy, social, smart, and the like.  That’s a lot to process, right?  I’m going to chew on this a while.  Your thoughts are most welcome!

Technological Due [...]]]> In Technological Due Process, 85 Wash. U. L. Rev. 1249 (2008), I explored the promise and perils of the increasing automation of administrative decision-making.  The automated administrative state took root after the convergence of a number of trends — the budget shortfalls of the 1990s, the falling costs and increased performance of information systems, and the emergence of the Internet.  Government officials saw computerized automation as an efficient way to reduce operating costs: Automated systems meant less paperwork and fewer staff.  Today, all states now automate a significant portion of the administration of their public benefit programs.  More than fifty federal agencies execute policy with data-matching and data-mining programs.  As a result, agencies increasingly use information systems to make decisions about important individual rights.

Technological Due Process identified three central problems with administrative automated systems.  First, when programmers translate policy into code, they inevitably distort it, thus embedding incorrect policy into systems.  Second, data matching programs misidentify individuals because they use crude algorithms that cannot distinguish between similar names.  Last, automated systems often have problems providing notice to individuals, often because they lack audit trails that capture why government agencies take particular action.

Colorado’s automated public benefits system, known as CBMS, served as an important case study for my work.  Responses to open-sunshine requests revealed that from September 2004 to April 2007, programmers embedded over 900 incorrect rules regarding Medicaid, food stamps, and other public benefits into CBMS.  As a result, CBMS terminated Medicaid benefits of patients with breast cancer based on income and asset limits unauthorized by federal or state law.  It denied food stamps to individuals with prior drug convictions in violation of Colorado law.  And it demanded that eligibility workers ask applicants if they were “beggars,” even though neither federal law nor state law required an answer to that question for the provision of public benefits.  Moreover, because CBMS lacked audit trails, individuals often received wholly deficient notice when the system cut or terminated their benefits.  At times, individuals received no notice.

The past four years has seen little progress.  Although state officials in 2009 thought that entering into a $48.6 million, four-year contract with Deloitte Consulting would help fix these problems, matters have arguably gotten worse.  CBMS, for instance, has delayed processing applications for benefits in 70% of cases (in violation of federal law).  It continues to terminate individuals’ public benefits without notice.  (One case led to the death of a nine-year old boy after a pharmacy would not fill his asthma prescription despite proof that his family qualified for Medicaid help).  Business school professor Don McCubbrey, who I interviewed for Tech Due Process, recently explained to the Denver Post that the recent failures cannot be due to the thousands of new Medicaid and other benefit applications from the recession.  In his view, a “system that large should be able to scale.”  According to Ed Kahn of the Colorado Center on Law and Policy, the system hasn’t just failed to fulfill its federal and state requirements but has “regressed.” Notice, too, continues to be a problem, undermining individuals’ ability to complain, let alone have a meaningful hearing in the face of termination.

The hallmarks of CBMS administration are incompetence and, seemingly, interest group capture.  As the Denver Post reports, it is not clear whether private contractors employed by the state face any contract sanctions as a result of the ongoing performance problems.  Ed Kahn explains that “neither the old contract with EDS nor the new one with Deloitte allow for sanctions.”  Although the state’s Office of Information Technology insisted that there are performance measures in the contract with Deloitte, Colorado has not tried to assess any penalties on Deloitte.  This week, I will be talking about these sorts of problems at Berkeley Law’s Technology and Regulation symposium (spearheaded by Professor Kenneth Bamberger and Professor Deidre Mulligan, who bring a wealth of scholarship and insight to the issue).  Hopefully, I can learn about other more effective uses of technology in government administration.

According to The New York Times, most contributors are male.  More specifically, “less than 15 percent of its hundreds of thousands of contributors are female.”  This, in turn, has skewed the gender [...]]]> Time magazine recently did a true-to-form story on Wikipedia, where guest editors (and our very own featured author) Jonathan Zittrain (see here too), Robert McHenry, Benjamin Mako Hill, and Mike Schroepfer assisted in writing/editing/re-writing a feature entitled Wikipedia’s “Ten Years of Inaccuracy and Remarkable Detail.” As the piece explained, Wikipedia just celebrated its 10th birthday.  The site has 17 million entries in more than 250 languages, quite a feat given that Encyclopedia Brittanica only has 120,000 and only in English.  The Time wiki-like piece notes that Wikipedia has a “diverse, international body of contributors.”

According to The New York Times, most contributors are male.  More specifically, “less than 15 percent of its hundreds of thousands of contributors are female.”  This, in turn, has skewed the gender disparity of topics and emphasis.  Wikimedia’s executive director Sue Gardner explains that topics favored by girls such as friendship bracelets can seem short when compared with lengthy articles on something boys typically like such as toy soldiers or baseball cards.  The New York Times notes that a category with five Mexican feminist writers might not seem so impressive when compared with 45 articles on characters in “The Simpsons.”

Why is this so?  Joseph Reagle, a fellow at the Berkman Center for Internet and Society at Harvard and author of “Good Faith Collaboration: The Culture of Wikipedia,” explains that Wikipedia’s early contributors shared “many characteristics with the hard-driving hacker crowd,” including an ideology that “resists any efforts to impose rules or even goals like diversity, as well as a culture that may discourage women.”  He notes that adopting an ideology of openess means being “open to very difficult, high-conflict people, even misogynists.”  The demographics of Wikipedia’s editors may also stem, in part, from the tendency of women to be “less willing to assert their opinions in public.”

How Wikipedia is now, and has been, responding is worth noting.  Sue Gardner told the Times that she hopes to raise the share of women contributors through subtle persuasion and outreach to welcome newcomers to Wikipedia.  Dave Hoffman and Salil Mehra’s terrific piece Wikitruth Through Wikiorder demonstrates that the site has already fostered efforts to create a more inclusive environment.  As Hoffman and Mehra explain, Wikipedia has an Arbitration Committee whose volunteer members rule on disputes and set forth concrete rules on how users should behave.  The Arbitration Committee has sanctioned users who make homophobic, ethnic, racial or gendered attacks or who stalk and harass others.  According to Hoffman and Mehra’s empirical study, in cases when either impersonation or anti-social conduct like hateful attacks occur, the Administrative Committee will ban the user in 21% of cases.  Wikipedia’s more than 1,500 administrators, in turn, enforce those rules.  Wikipedia also permits users to report impolite, uncivil, or other difficult communications with editors in its Wikiquette alerts notice board.

I like how the various articles (contributed by entrepreneurs, theorists, designers, and others) hang together. The terrific design work is a refreshing change from the barren pages of business blogs, law reviews, and academic books (though it looks like some legal scholars are renewing interest [...]]]> The New Museum of Contemporary Art has hosted an exhibit called “The Last Newspaper” the past few months. Part of the exhibit centers around newspaper-based art. Another focus has been a “hybrid of journalism and performance art,” as groups of editors and writers developed “last newspaper sections” in areas ranging from real estate to sports to leisure. I co-edited the business section, which is available here in a low-res copy. I’m posting our editorial statement below.

I like how the various articles (contributed by entrepreneurs, theorists, designers, and others) hang together. The terrific design work is a refreshing change from the barren pages of business blogs, law reviews, and academic books (though it looks like some legal scholars are renewing interest in visual aspects of justice).

Virtual Values
(Editorial Statement for the Business Section of the New City Reader, Dec., 2010)

Ours has been called a “weightless economy.” Once gold served as money; then paper became our currency; now the Federal Reserve can create $600 billion with a few keystrokes at a Washington, D.C. computer terminal. We increasingly value “intellectual property” over the materials it shapes. Leading companies seek to hold only brands, patents and trade secrets, contracting out nonessential activities. Even the state has been encouraged to become “virtual,” hosting only the “highest value” activities and outsourcing mundane tasks like security.

Yet even digitized flows of electrons must zip along real cables, appear on real computer screens and be interpreted by real people. When disputes arise, litigants appeal to the slow machinery of justice. Even in the foreclosure mills of America’s foremost Ponzi State, Florida, “robo-signed” documents must be presented to real judges in person at actual desks.

In the business section of the New City Reader, we explore the intersections of the virtual economy with the material world. We examine how electronic flows of wealth and debt shape—-if not actually comprise-—the global economy. Near-instantaneous “flash trading” dominates some stock exchanges. Originally justified as a way of achieving price discovery more quickly, the technology now appears to be driving, rather than serving, trading strategies. Traders are building parallel network connections and reshaping the urban environment by creating “data districts” to gain a competitive edge; Kazys Varnelis examines how these developments are reshaping Manhattan and the entire tri-state region.

As we examine the physical basis of this high-frequency trading, we ask a few related questions: why should the evanescent flickers of numbers on a computer screen determine the price of cooking oil in Borneo or a mortgage in Brooklyn? If it’s good for traders to reduce inter-regional price differences in an hour, is it better to do so in 30 minutes? One minute? One millisecond? Are there diminishing returns for the strategy? And might the effort to encourage rapid arbitrage ultimately encourage the very distortions it was meant to reduce—just as tranched mortgage-backed securities, advertised as a new risk management technology, ended up exacerbating and spreading the very risks they were supposed to ameliorate and contain?

The mainstream media has rarely asked these questions. When they are addressed, pat answers abound about “liquidity” and the inexorable march of technology in markets. Satirizing this uncritical, near-automated journalism—still all too evident ten years after publication of Doug Henwood’s “After the New Economy” and Thomas Frank’s collection “Boob Jubilee”—Ray Cha fancifully assembles a decade of press clippings of business journal darlings gone bust into coverage for the new new thing online: a fake—but perhaps frighteningly plausible—Web 2.0 conglomerate called Lorem Ipsum. Twisting the knife a bit more, Cha also offers the end-point of the atomization of journalism and information: a roster of business best-sellers distilled into 140 characters.

It’s easy to just try to ignore all these trends, retreating into the narcotic comforts of the latest gadgets. In a rare turn as social critic, Heraclitus diagnosed that, “For the waking there is one world, and it is common; but sleepers turn aside each one into a world of his own.” John Cantwell slips into the world of local business and investigates how the new locative services we carry with us on our personal iDevices instead may have a totalizing effect on Main Street.

Stock markets on autopilot; consumption trapped in closed circuits of favors and baubles; a navel-gazing press unmoored from reality and a phantom public in turn unmoored from it: you’d be excused for finding our business section a bleak mirror of Great Recession. But the remnant of hope at the bottom of our Pandoran black box of perpetual financial crisis is fresh new thought about the foundations of economic life.

Check out Daniel Payne’s reflections on trust, the ultimate foundation of economy and society. If people lose trust in the value of products and services, deflation can set in; if they lose faith in the value of money, a flight to cash in on its current value can lead to inflation. In Brazil, a virtual currency called the Unit of Real Value helped save the country from runaway inflation when citizens came to trust a government plan to reset prices in “reals.” Local currencies may now offer a small scale exit from the ever less stable value of our skills and assets—yet as Karli Scott recounts in a firsthand account of Ithaca, New York’s HOURS currency, they too are entirely beholden to continuing confidence in their use.

Perhaps an American reset is in order. As John Maynard Keynes once put it, in times similar to our own, “The outstanding faults of the economic society in which we live are its failure to provide for full employment and its arbitrary and inequitable distribution of wealth and incomes.” Perhaps we fear this section resembles a terminal status update because so few of our contemporaries keep that insight in mind.

“When a human being becomes a set of data on a website like Facebook, he or she is reduced.  Everything shrinks.  Individual character.  Friendships.  Language. Sensibility.  In a way, it’s a transcendent [...]]]> Reviewing the movie The Social Network and Jaron Lanier’s book You Are Not a Gadget: A Manifesto in this month’s New York Review of Books, Zadie Smith warns readers of the perils of social network sites like Facebook where “life is turned into a database.”  According to Smith, Facebook “locks us” into a system designed by a college nerd to resemble “a Noosphere, an Internet with one mind, a uniform environment in which it genuinely doesn’t matter who you are, as long as you make ‘choices’ (which means, finally, purchases).”  Smith writes:

“When a human being becomes a set of data on a website like Facebook, he or she is reduced.  Everything shrinks.  Individual character.  Friendships.  Language. Sensibility.  In a way, it’s a transcendent experience: we lose our bodies, our messy feelings, our desires, our fears.  It reminds me that those of us who turn in disgust from what we consider an overinflated liberal-bourgeois sense of self should be careful what we wish for: our denuded networked selves don’t look more free, they just look more owned.”

Smith worries about her students and other “2.0 kids.”  She contrasts “1.0 people” who use social media tools to connect with others in an outward-facing way with “2.0 kids” who employ them to turn inward and towards the trivial.  2.0 people, Smith fears, are embedded in the software, avatars who don’t realize that “what makes something fully real is that it is impossible to represent it to completion.”  She wonders: “what if 2.0 people feel their socially networked selves genuinely represent them to completion?”  In Smith’s view, Mark Zuckerberg tamed “the wild west of the Internet” to “fit the suburban fantasies of a suburban soul,” risking the extinction of the “private person who is a mystery to the world and–which is more important — to herself.”

Smith’s review recalls Neil Postman’s critique of television culture and Benjamin Barber’s warnings about contemporary consumerism.  While television helped us amuse ourselves to death and pervasive pop culture produces shoppers, not thinkers, social network sites turn youth culture into over-sharing, unthinking, eager-to-please avatars who “watch the reality-TV show Bride Wars because their friends are.”  Yet this can’t be the whole story.  Whether 41 or 21, social network participants live in the real world, integrating their online activities seamlessly into their daily lives.  Far more goes on in social network sites like Facebook than sharing information to “make others like you” as Smith suggests.  On Facebook and other popular social media sites, people join groups of every stripe.  They work, as Miriam Cherry’s terrific new article Virtual Work addresses.  They build  reputations in ways that can enhance offline careers.  They join study groups.  In many respects, social media sites provide platforms for genuine participation far more than just Government 2.0 engagement.  Far from deadening the everyday citizen, social media platforms can resemble Alexis de Toqueville’s town meeting, John Dewey’s schools, and Cynthia Estlund’s workplace.  Of course, citizenship participation online is different–it is not the face-to-face interaction envisioned by Toqueville, Dewey, and Estlund.  But even with the challenges brought by internet-mediated interactions, 2.0 kids are more than denuded avatars.

In the book’s section on “The Generativity Principle and the Limits of End-to-End Neutrality,” Zittrain calls for a new “generativity principle” to address the Internet’s security problem and prevent the widespread lockdown of PCs in the aftermath of a catastrophic security attack: “Strict loyalty to end-to-end neutrality should give way to a new generativity principle, a rule that asks that any modifications to the Internet’s design or to the behavior of ISPs be made where they will do the least harm to generative possibilities.” [...]]]> [This is the second of two posts on Jonathan Zittrain’s book The Future of the Internet and how to stop it. The first post (on the relative importance of generative end hosts and generative network infrastructure for the Internet's overall ability to foster innovation) is here.]

In the book’s section on “The Generativity Principle and the Limits of End-to-End Neutrality,” Zittrain calls for a new “generativity principle” to address the Internet’s security problem and prevent the widespread lockdown of PCs in the aftermath of a catastrophic security attack: “Strict loyalty to end-to-end neutrality should give way to a new generativity principle, a rule that asks that any modifications to the Internet’s design or to the behavior of ISPs be made where they will do the least harm to generative possibilities.” (p. 165)

Zittrain argues that by assigning responsibility for security to the end hosts, “end-to-end theory” creates challenges for users who have little knowledge of how to best secure their computers. The existence of a large number of unsecured end hosts, in turn, may facilitate a catastrophic security attack that will have widespread and severe consequences for affected individual end users and businesses. In the aftermath of such an attack, Zittrain predicts, users may be willing to completely lock down their computers so that they can run only applications approved by a trusted third party.[1]

Given that general-purpose end hosts controlled by users rather than by third-party gatekeepers are an important component of the mechanism that fosters application innovation in the Internet, Zittrain argues, a strict application of “end-to-end theory” may threaten the Internet’s ability to support new applications more than implementing some security functions in the network – hence the new principle.

This argument relies heavily on the assumption that “end-to-end theory” categorically prohibits the implementation of security-related functions in the core of the network. It is not entirely clear to me what Zittrain means by “end-to-end theory.” As I explain in chapter 9 of my book, Internet Architecture and Innovation (pp. 366-368), the broad version of the end-to-end arguments [2] (i.e., the design principle that was used to create the Internet’s original architecture) does not establish such a rule. The broad version of the end-to-end arguments provides guidelines for the allocation of individual functions between the lower layers (the core of the network) and the higher layers at the end hosts, not for security-related functions as a group.

For example, if it is true that distributed denial-of-service attacks can be identified and stopped only in the network, the broad version clearly allows the implementation of the associated functions in the network. After all, the broad version allows implementing functions in the network if they cannot be completely and correctly implemented at the end hosts only.

In contrast, according to the broad version, a function (such as encryption) that can only be completely and correctly implemented end-to-end between the original source and ultimate destination of data should not be implemented in the network. This is because “a function or service should be carried out within a network layer only if it is needed by all clients of that layer, and it can be completely implemented in that layer.” (Reed, Saltzer and Clark, 1998, Commentaries on ‘Active Networking and End-to-End Arguments’, p. 69)

Finally, even if the broad version requires a function to be implemented at the end hosts, it is possible to deviate from the default rule established by the broad version based on considerations such as those advanced by Zittrain within the overall framework provided by the end-to-end arguments (see Internet Architecture and Innovation, p. 367-368). This does not mean that any implementation of security-related function in the network should automatically be justified. Given the Internet community’s experience with firewalls described in my last post, the long-term consequences of any such implementation for the evovability of the network need to be carefully considered first.

Thus, ultimately Zittrain and I agree that it may sometimes be possible and necessary to implement certain security-related functions in the network even if the broad version of the end-to-end arguments would, by default, require implementing the functions at the end hosts. Does this insight require a new generativity principle given that we can get there within the framework of the broad version of the end-to-end arguments? I’m not sure. (I’m not sure, either, whether Zittrain intends his principle to replace or complement the broad version of the end-to-end arguments, which may matter in answering the question.)

If Zittrain and I ultimately agree about the possibility of implementing certain security-related functions in the network (of course, we may disagree about specific cases), why does it matter how we get there? Whether the end-to-end arguments, as Zittrain seems to suggest, categorically rule out the implementation of security-related functions in the network is relevant to the broader debate about the future of the end-to-end arguments as technical design principles.

Most network engineers agree that a number of developments put pressure on the Internet’s technical foundations. These include the Internet’s growing size, its transition from a research network operated by public entities to a commercial network operated by commercial providers who need to make profits, and its transition from a network connecting a small community of users who trust one another to a global network with users who do not know one another and may even intend to harm one another.

When network engineers think about how to address these challenges (whether it’s in the context of incremental modifications to the existing Internet infrastructure or in the context of clean-slate approaches that aim to design a new Internet architecture from scratch), they need to decide whether using the end-to-end arguments as a technical design principle still makes sense. In these discussions, one class of counterarguments comes up again and again: that the end-to-end arguments constrain the development of the Internet’s architecture too much and prevent the network’s core from evolving as it should. For example, researchers advancing this argument assert that the end-to-end arguments prohibit the provision of quality of service [3] in the network, require the network to be simple, or make it impossible to make the network more secure. As I show in my book (pp. 106-107, 366-368), these claims are not correct. The end-to-end arguments allow some, but not all forms of quality of service; they do not require the network to be simple, or “stupid;” and they do not make it impossible to make the network more secure.

Of course, these insights alone do not imply that the end-to-end arguments should continue to guide the Internet’s evolution in the future (a question I take up in my book). It does mean, though, that the end-to-end arguments are not automatically out of the running on the grounds that they restrict the evolution of the network too much.

[Disclaimer: Some of this post is taken from my book, Internet Architecture and Innovation.]

Footnote 1:
Some have wondered whether the chain of events described by Zittrain is realistic. Nobody knows whether there will be a catastrophic security attack. I’m convinced, though, that in the aftermath of a catastrophic attack neither users’ nor legislators’ desire for a quick solution to the security problem will leave much room for consideration of the consequences of any countermeasures for the Internet’s generativity – just as in the aftermath of 9/11, the desire to prevent another terrorist attack didn’t leave much room for consideration of the impact of the countermeasures on civil liberties. The resulting lockdown may affect the generativity of the end hosts or the generativity of the network, but the Internet’s overall generativity will certainly be affected.

Footnote 2:
The original architecture of the Internet that governed the Internet from its inception to the early 1990s was based on a design principle called the end-to-end arguments. There are two versions of the end-to-end arguments that both shaped the original architecture of the Internet: what I call “the narrow version”, which was first identified, named and described in a seminal paper by Saltzer, Clark and Reed in 1984 (Saltzer, Reed and Clark, 1984, End-to-End Arguments in System Design, ACM Transactions on Computer Systems, 2(4), 277–288) and what I call “the broad version”, which was the focus of later papers by the same authors (e.g., Reed, Saltzer and Clark, 1998, Commentaries on ‘Active Networking and End-to-End Arguments’, IEEE Network, 12(3), 69–71). To see that there are two versions, consider the following two statements of “the end-to-end principle”: “A function should only be implemented in a lower layer, if it can be completely and correctly implemented at that layer. Sometimes an incomplete implementation of the function at the lower layer may be useful as a performance enhancement” (first version) and “A function or service should be carried out within a network layer only if it is needed by all clients of that layer, and it can be completely implemented in that layer” (second version). The first version paraphrases the end-to-end principle as presented in the 1984 paper. The second version is directly taken from the paper on active networking and end-to-end arguments. Clearly, the second version establishes much more restrictive requirements for the placement of a function in a lower layer.

While the authors never explicitly drew attention to the change in definition, there are real differences between the two versions in terms of scope, content and validity that make it preferable to distinguish between the two. At the same time, the silent coexistence of two different design principles under the same name explains some of the confusion surrounding the end-to-end arguments. While both versions shaped the original architecture of the Internet, the broad version is the one that has important policy implications, such as the Internet’s impact on innovation. For a detailed description of the end-to-end arguments and their relationship to the Internet’s original Architecture, see Internet Architecture and Innovation, chapters 2 and 3.

Footnote 3:
A network that provides “Quality of Service” (QoS) offers different types of service to different data packets. For example, it may guarantee a minimum bandwidth or maximum delay, or it may give some traffic priority over others without giving absolute guarantees.