I argue in a forthcoming paper, Conundrum, that cybersecurity can only be understood as an information problem. Conundrum posits that, if we’re worried about ensuring access to critical information on-line, we should make the Net less efficient – building in redundancy. But for cybersecurity, information is like the porridge in Goldilocks: you can’t have too much or too little. For example, [...]]]> It may seem strange in a week where Megaupload’s owners were arrested and SOPA / PROTECT IP went under, but cybersecurity is the most important Internet issue out there. Examples? Chinese corporate espionage. Cyberweapons like Stuxnet. Anonymous DDOSing everyone from the Department of Justice to the RIAA. The Net is full of holes, and there are a lot of folks expert in slipping through them.

I argue in a forthcoming paper, Conundrum, that cybersecurity can only be understood as an information problem. Conundrum posits that, if we’re worried about ensuring access to critical information on-line, we should make the Net less efficient – building in redundancy. But for cybersecurity, information is like the porridge in Goldilocks: you can’t have too much or too little. For example, there was recent panic that a water pump burnout in Illinois was the work of cyberterrorists. It turned out that it was actually the work of a contractor for the utility who happened to be vacationing in Russia. (This is what you get for actually answering your pager.)

The “too little” problem can be described via two examples. First, prior to the attacks of September 11, 2001, the government had information about some of the hijackers, but was impeded by lack of information-sharing and by IT systems that made such sharing difficult. Second, denial of service attacks prevent Internet users from reaching sites they seek – a tactic perfected by Anonymous. The problem is the same: needed information is unavailable. I think the solution, as described in Conundrum, is:

increasing the inefficiency with which information is stored. The positive aspects of both access to and alteration of data emphasize the need to ensure that authorized users can reach, and modify, information. This is more likely to occur when users can reach data at multiple locations, both because it increases attackers’ difficulty in blocking their attempts, and because it provides fallback options if a given copy is not available. In short, data should reside in many places.

But there is also the “too much” problem. This is exemplified by the water pump fiasco: after 9/11, the federal government, including the Department of Homeland Security, began a massive information-sharing effort, such as through Fusion Centers. The difficulty is that the Fusion Centers, and other DHS projects, are simply firehosing information onto companies who constitute “critical infrastructure.” Much of this information is repetitive or simply wrong – as with the water pump report. Bad information can be worse than none at all: it distracts critical infrastructure operators, breeds mistrust, and consumes scarce security resources. The pendulum has swung too far the other way: from undersharing to oversharing. Finding the “just right” solution is impossible; this is a dynamic environment with constantly changing threats. But the government hasn’t yet made the effort to synthesize and analyze information before sounding the alarm. It must, or we will pay the price of either false alarms, or missed ones.

(A side note: I don’t put much stock in which federal agency takes the lead on cybersecurity – there are proposals for the Department of Defense, or the Department of Energy, among others – but why has the Obama administration delegated responsibility to DHS? Having the TSA set Internet policy hardly seems sensible. Beware of Web-based snow globes!)

Cross-posted at Info/Law.

Whatever else it accomplishes, Occupy Wall Street is revealing distortions in our current understanding of the First Amendment. In recent decisions, the Supreme Court has protected Wall Street’s constitutional right to pour millions into political campaigns. But as presently construed, the First Amendment isn’t an obstacle when it comes [...]]]> Slate writer Raymond Vasvari recently observed that, “for every uplifting paragraph” of precedent vindicating rights to protest, there are a “thousand cases bending an abstract right to the prosaic realities of protest.” We may never learn the extent to which Occupy Wall Street protesters were classified “enemies within,” and subject to coordinated intergovernmental suppression. But we can observe, with professors Ackerman and Benkler, that the “irony of free speech” is reaching a breaking point:

Whatever else it accomplishes, Occupy Wall Street is revealing distortions in our current understanding of the First Amendment. In recent decisions, the Supreme Court has protected Wall Street’s constitutional right to pour millions into political campaigns. But as presently construed, the First Amendment isn’t an obstacle when it comes to silencing the Occupiers. . . .

Instead of hiding behind obsolete court decisions, big city mayors must recognize that they are on the constitutional front-line. Michael Bloomberg is failing this test when he keeps Occupiers out of New York’s public parks and tolerates the arrests of dozens of protesters, providing an example for similar actions in Boston, Denver, and San Diego. In contrast, Antonio Villaraigoso is showing that leadership on behalf of the First Amendment is well within the realm of the politically possible. Los Angeles has not only avoided arrests, but seems to be expanding available public space as the protest swells. Similarly, the U.S. Parks police are on the right track in giving the demonstrators a four month extension on Freedom Plaza.

How to explain Mayor Bloomberg’s deviance from constitutional ideals? Maybe he’s one of the worried wealthy, realizing that he can only afford another 170 of his trademark $100 million dollar political campaigns with his fortune of $17 billion. Ensconced in an alternate reality of privilege, Bloomberg retails stories of struggling and put-upon banks. It is his very plutocratic disconnection from the daily life of his subjects that makes an extraordinary protest like OWS necessary.

But there is still some hope. Note that Bloomberg’s NYPD “sought to block any and all press from covering this eviction . . . reporters were stopped at the barricades and refused entrance.” Indeed, “numerous journalists reported that cops refused to let them in, even pushing reporters away; reporters even Tweeted about getting arrested.” The mayor and his forces did not want their action fully reported and revealed. That, at least, indicates some residual awareness of the wrongs involved in trying to shut OWS and its “space of appearance” down.

Aaron Bady recently observed, apropos a similar crackdown, that “the University of California is not, in fact, governed by ‘a philosophy,’ but by the reverse: an active refusal to require a philosophy in justifying its choices.” Mayor Bloomberg may be similarly intransigent, never deigning to learn about the real causes of the financial crisis, or the median income of bankers, or the financial shenanigans that put his terminals in high demand while siphoning money away from the rest of us. In that case, the citizens of New York will be governed by him and by an increasingly commodifiable and malleable force as Jersey City once suffered under Mayor Hague. The spirit of Hague v. CIO needs to move the courts of today.

Image Credit: David Shankbone.

(1)  Spies.  Immigration authorities seize a suspected spy in Manhattan on the grounds that he entered the country unlawfully.  Rather than process him through the immigration system, or transfer him to the criminal justice system, he is secretly flown more than a thousand miles away, interrogated without a lawyer, and kept virtually incommunicado for almost seven weeks in a government facility on the Texas-Mexican border.  When he doesn’t break, he is transferred back to New York to be tried [...]]]> It’s great to be back at Concurring Opinions (and thanks to Danielle for the generous (re)introduction last week).  This month, I plan to blog on a few ongoing projects and some upcoming news events.  Here are two topics soon to come, with two more after the break.

(1)  Spies.  Immigration authorities seize a suspected spy in Manhattan on the grounds that he entered the country unlawfully.  Rather than process him through the immigration system, or transfer him to the criminal justice system, he is secretly flown more than a thousand miles away, interrogated without a lawyer, and kept virtually incommunicado for almost seven weeks in a government facility on the Texas-Mexican border.  When he doesn’t break, he is transferred back to New York to be tried in federal court for a capital offense.  The evidence from his warrantless arrest and secret detention helps to convict him. 

When did this happen?

No surprise that the story resonates with our national security debates today.  But it all happened during the Eisenhower Administration.  Rudolf Abel was the top Soviet spy in North America before he was convicted of atomic espionage.  Thanks to his lawyer, his life was spared (and he was later exchanged for U-2 pilot Francis Gary Powers).  I think that there are lessons to be learned from this history today, but mine seems to be the minority view.

(2)  Lies.  Okay, not lies exactly, but pretext.  (You try rhyming pretext with anything.  You’ll wind up perplexed, if not vexed, with the text that comes next.)  Pretextual use of the law is all around us.  The most common example is the law governing arrests.  In Whren v. United States, the Supreme Court unanimously agreed that the police were free to do “under the guise of enforcing the traffic code what they would like to do for different reasons,” namely, stop and search Whren’s car for drugs.  Abel’s case (referenced in Whren) presented another classic instance of pretext: his detention for an immigration violation was used for the unintended purpose of counterespionage, neatly skirting in the process constitutional protections against warrantless searches and seizures, not to mention official disappearances.  When Abel’s able lawyer argued pretext, however, the Supreme Court sustained the conviction.

Sometimes the law abhors pretext.  For example, in Kelo v. City of New London, the Supreme Court categorically rejected the idea that the state may take property under the pretext of a public purpose.  How should citizens regard the pretextual use of the law by state officials?  Does such use tend to weaken the rule of law in ways that should matter to us as individuals or as a society?  When tempted to use a law for an unintended purpose, how should the “good” official distinguish an innovative pretextual use from a destructive one?  The Supreme Court dodged these questions just last term in Ashcroft v. Al-Kidd and I’d like to think hard about why.

(3)  Russia.  I wrote my doctoral dissertation at Oxford on rule of law issues in Russia.  That study became my first book (which I published with Oxford University Press while I was a law student) and that place still captures a fair amount of my research interests.  In Russia, they have a saying: “The law is like the shaft of a wagon; it goes wherever you turn it.”  Russia, home to Colonel Abel of the KGB, has a long and ignominious history of pretextual use of law.

Does the second conviction of Mikhail Khodorkovsky fit into that category?  Khodorkovsky was the richest man in Russia when, in 2003, he was arrested and charged with crimes connected to his Yukos Oil Company, Russia’s most profitable and well-known private corporation.  He and his business partner, Platon Lebedev, were convicted of fraud, causing property damage by deceit or breach of trust, and tax evasion.  They were sentenced to eight years in prison.  Yukos was seized and sold to state-controlled companies.  As their sentences drew to a close, Khodorkovsky and Lebedev were convicted just last December by another court of embezzlement and money-laundering, charges arising out of the same time period and concerning the same corporate activities that were the basis for the first conviction. 

While the Russian courts have repeatedly found against Yukos, Khodorkovsky, and his associates, the European Court of Human Rights has consistently found (most recently this past September) that their detention and trials worked numerous violations of the European Convention on Human Rights.  Russia’s already tense relationship with the Council of Europe could well be at risk of further unraveling as Khodorkovsky’s cases continue to move from Moscow to Strasbourg.  The question is, what results when the judgments handed down in Strasbourg are received in Moscow?

(4)  Terrorist Watchlists.  One or two of my posts last year were about the right to travel.  In particular, I’m interested in terrorist watchlists like the No-Fly List maintained by the FBI.  When combined with computer systems like TSA’s “Secure Flight,” the result is that anyone who flies into, out of, or over the United States must obtain the express prior permission of the U.S. Government to board that plane.  Is that the relationship citizens should have with their government in a republic like ours?

My second book explores these questions.  It’s called Mrs. Shipley’s Ghost: The Right to Travel and Terrorist Watchlists and it will be published by the University of Michigan Press this coming spring.  Mrs. Shipley ran the State Department’s Passport Office from 1928 to 1955.  If she thought your travel was “not in the interest of the United States,” then you stayed home.  As with Colonel Abel, not everyone finds my historical analogy to her reign to be persuasive (particularly the government officials I’ve interviewed about the No-Fly List!). 

Today’s lists were originally justified as measures to protect civil aviation from hijackers and terrorists.  But, sometimes at least, that turned out to be a pretext: the lists can and have been used to investigate or frustrate the travel of individuals about whom there was no evidence that they presented a threat to civil aviation.  Ever hear of Cat Stevens?  And an American citizen, in particular, might be troubled by the creation of a system in which he or she must seek the state’s consent to travel by air.  That might sound like a system more appropriate to a country like Russia. 

But as Yogi Berra said, it’s déjà vu all over again.  And that’s why spies, lies, Russia, and terrorist watchlists will be on my mind this month.

1) food poisoning 2) systemic risk in the financial system 3) data breaches 4) violations of civil liberties 5) tax evasion 6) insider trading

In each case, we could do a lot more to stop the problem if we better tracked the actions that lead to it. An “audit trail” can enable that tracking. Decades ago, such tracking would be inordinately costly. Nowadays, it is increasingly embedded into any quality logistical system. The technologies of RFID chips, cheap imaging and data storage, and rapid search are ubiquitous. Corporations use them to track customers and products. Now public authorities need to use them to track corporations.

Consider, for instance, this recent story on food safety:

More than 75 percent of seafood and [...]]]> What do the following problems have in common?

1) food poisoning
2) systemic risk in the financial system
3) data breaches
4) violations of civil liberties
5) tax evasion
6) insider trading

In each case, we could do a lot more to stop the problem if we better tracked the actions that lead to it. An “audit trail” can enable that tracking. Decades ago, such tracking would be inordinately costly. Nowadays, it is increasingly embedded into any quality logistical system. The technologies of RFID chips, cheap imaging and data storage, and rapid search are ubiquitous. Corporations use them to track customers and products. Now public authorities need to use them to track corporations.

Consider, for instance, this recent story on food safety:

More than 75 percent of seafood and half of the fruit Americans consume is imported. The FDA has registered 254,088 foreign farms and processing facilities that feed into the U.S. food supply. Something as commonplace as a frozen pizza can have upwards of 50 ingredients from 10 or more countries. That includes spices sourced from around the world—most spices are imported—as well as an array of preservatives and additives. . . . “The consumer has absolutely no idea,” says William Kanitz, president of ScoringAg.com, which sells traceback software to food companies.

The Food Safety Modernization Act, which went into effect this year, gives regulators new powers to order food recalls, access company records, and close food plants. . . . Yet Congress put off perhaps the most useful tool for quickly heading off outbreaks: A rule requiring food companies to keep records about where their ingredients come from was left out of the final bill. . . . So far, the powerful food lobby has been successful at fighting the government’s efforts. The House version of the food bill required manufacturers to keep records that would enable the government to trace food all the way back to the grower within two business days. By the time it was ratified by the Senate, that requirement had been watered down to a pilot program.

So an unscrupulous middleman can engage in “food laundering,” just as banks or drug dealers might engage in complex accounting to hide the origins of certain funds. The article quotes the director of food programs at the Pew Health Group on the reasons why the system suits the shady: “It’s less likely you’ll be held liable if folks can’t prove that you’re the source of the contamination.” And so long as processors and distributors have no obligation to record all their sourcing, they, too, might opt for a “hear no evil, see no evil” policy of willful blindness. The FDA appears to be even more helpless in the wake of a “tidal wave” of adulterated supplements.

Black Box Finance

So what does this problem have to do with systemic risk in the financial system? Having turned the continent of Europe into a subprime CDO, bankers are now worried that they may be the odd men out in a high stakes game of musical chairs. As John Lanchester explains,

‘Credit events’ . . . are chaotic and unpredictable, and all the more so because the fundamentals of the economic order, as constituted in 2008, are still intact. Who owns [] Greek debt? [M]ainly French and German banks. Yes, but banks insure their debt via the use of complex financial instruments. Insure it with whom? Don’t know: some of it is insured with British banks as counter-parties to the risk, but that risk will be insured in its turn, so that the identity of the person holding the parcel when its last layer of wrapping comes off is a mystery. That mysteriousness was the thing that made Lehman’s collapse turn instantly into a systemic crisis. [link added]

Global banking is a house of cards, not by necessity, but by design. Both Lehman and the EuroCrisis recapitulate a pattern of willful opacity by banks enabled by the willful blindness of regulators. The Financial Crisis Inquiry Commission reported that a former OTS director had “no clue—no idea—what [AIG’s] CDS liability was” as of September, 2008—when the insurer’s sudden near-collapse threatened to trigger a financial meltdown. Opacity is at the core of capital market dysfunctionality. As John Gapper has argued:

The behaviour revealed in the JPMorgan and Goldman cases is a product of the conflicts of interest embedded in how integrated Wall Street banks work. As they say in Silicon Valley, it’s not a bug – it’s a feature. That feature is inherent in most of what banks do, but the opacity and complexity of credit derivatives – especially mortgage-related securities such as collateralised debt obligations – let deception, overpricing and ultimately fraud flourish. From this black box came the bulk of revenues and bonuses. [emphasis/link added]

Moreover, the same types of tactics pioneered by tax evaders can be domesticated into not-quite-legal or perfectly legal forms of obscuring an entity’s earnings or tax obligations. And as anyone who’s followed the “cloak and dagger” of the SEC’s notable insider trading cases knows, “white collar wiretaps” have been a game changer, uncovering a “sprawling network” of favors and corruption.

From Food to Finance to Privacy, and Beyond

Hidden harms are also a hallmark of the privacy field, where Kafkaesque databases can mark individuals out for bad treatment in ways they never discover. As I noted earlier, “fourth bureau” entities that blackball consumers actually brag about how impenetrable their data and processes of evaluation are. The three credit bureaus are also frequently opaque, discrediting individuals in ways that are difficult to challenge or understand. The intelligence agencies and contractors that constitute “Top Secret America” are even more secretive, and their work can have dramatic consequences for targeted individuals and groups.

In all of these areas, we face a twofold challenge: a) improving recordation systems in order to better understand what is going on, and b) recording the activities of those who access the systems, to deter abuses of the power such knowledge gives.

Many privacy advocates have tried to limit troubling monitoring. This is often thought of as the whole of a reformist position on government surveillance. But data law needs a larger vision, and an intensification of new kinds of surveillance, including sousveillance.

As corporations gain the same free speech rights as individuals, they also need to be subject to the same level of scrutiny. Purposeful avoidance of tracking may well indicate a corporate plan to destroy evidence of wrongdoing. Justices Kennedy and Scalia have called corporations “the voices that best represent the most significant segments of the economy,” but they also manage to do a great deal of damage. Reallocating surveillance toward corporate actions can repurpose a leviathan state that seems obsessed with spectacular attacks or frightening stereotypes, but perplexed by corporate practices we desperately need to understand. Both the SEC and HHS realize the power of audit trails, and I hope to see them adopted as a tool by more agencies in the future.

Image Credit: Bill Bouton.

1) Campaign Finance Disclosures: Regardless of ideology, almost everyone used to agree that campaign funding sources and amounts should be disclosed. 92% of Americans had that position in 2010. Justice Scalia has eloquently insisted that such disclosure laws violate no one’s rights. But thought leaders in the Republican party are now vigorously resisting disclosure, as Norm Ornstein observes:

The 2010 mid-term elections showed clearly how legal loopholes involving non-profit groups called 501(c)4s, [...]]]> Three remarkable recent lobbying campaigns go beyond the normal bounds of partisan sniping over “markets vs. regulation.” They threaten our capacity to understand how society is ordered: whom it serves, for what purposes, and at what costs. Consider these attacks on basic disclosure norms in politics and business:

1) Campaign Finance Disclosures: Regardless of ideology, almost everyone used to agree that campaign funding sources and amounts should be disclosed. 92% of Americans had that position in 2010. Justice Scalia has eloquently insisted that such disclosure laws violate no one’s rights. But thought leaders in the Republican party are now vigorously resisting disclosure, as Norm Ornstein observes:

The 2010 mid-term elections showed clearly how legal loopholes involving non-profit groups called 501(c)4s, and the failure to adopt clear regulations surrounding campaigns, can result in hundreds of millions of dollars of spending to influence campaigns that masked the identity of huge donors. In response to these realities, the Federal Communications Commission is considering requiring robust disclosure by TV stations of the major donors of political ads; the Securities and Exchange Commission is considering requiring public corporations to disclose to stockholders their spending on politics, and the White House has drafted an executive order to require companies applying for federal contracts to disclose their spending on political campaigns. . . .

Last month, Mitch McConnell [said] he views disclosure as “a cynical effort to muzzle critics of this administration and its allies in Congress.” . . . The Wall Street Journal’s full-throated support for transparency has disappeared as well; it blasted the FCC recently for considering requiring TV stations to put donors of campaign spots on the Internet . . .

John Yoo has also joined the debate, arguing that presidential power stops just short of the prerogative to require federal contractors to disclose their political donations.

2) Conflict Mineral and Extractive Industry Disclosures: One of the surprising victories for decency in the Dodd-Frank Act last year was a provision requiring certain disclosures from mining and resource extraction companies, and companies using “conflict minerals” from in or around the Congo. If you’re a consumer with preferences for certain industrial processes (say, those that don’t create incentives for rape, murder, and starvation), you want to be able to see which companies are fueling conflict and corruption and which are not. But intense corporate pressure is now delaying the rulemaking process needed to implement the disclosure provisions. According to Gerry Fay, “it is estimated that going ‘conflict free’ would cost companies just one penny per product.” But apparently that is too high a price to end corporate complicity in one of Africa’s bloodiest wars.

3) CEO Pay Ratio: The Dodd-Frank Act also promises to shed some sunlight on ever-rising CEO pay levels. As Sam Pizzigatti explains, “corporations must now also report their overall wage ‘median’ and the ratio between this median and their top pay.” Seizing on some laughable comments on how “unduly burdensome” the law is, “the House Financial Services Committee’s Capital Markets Subcommittee [recently] approved, by a vote of 20 to 12 . . . legislation (H.R. 1062) to repeal the Dodd-Frank pay ratio mandate.” As one commenter put it on the Facebook page of the legislation’s sponsor, Nan Hayworth, “What is wrong with forcing [companies] to tell us how the executives are being compensated? It’s hardly a ‘burden.’”

It would be easy to give many more examples of recent efforts to gut funding for research and disclosure. This most minimal tool of regulation—a speck of hope at the bottom of a Pandora’s Box of laissez-faire—is under assault. What’s the rationale?

Benkler on the Distinction between Privacy and Nondisclosure

Perpetrators of injustice always want to hide it. Videophones may “offer[] a modicum of equity and justice to the ordinary man who can now hold his phone aloft to capture police brutality and send it to Youtube.” But structural violence is often done more secretly, and can be hidden for surprisingly long periods of time. For example, a large employer might forbid employees from even talking to each other about their salaries, so women can’t find out if they’ve been discriminated against. It can also delay public criticism of meager wages if it can avoid publishing its median compensation levels.

Manufactured doubt delays political action. Whole industries specialize in the cultural production of ignorance. Endless disputes about the nature of our social order tend to aid those in power. I have previously critiqued Wikileaks, but I found this item of social theory from Julian Assange clarifying:

There [is] not enough information available in our common intellectual record to explain how the world really works. . . . There are three types of history. Type one is knowledge. Its creation is subsidized, and its maintenance is subsidized by an industry or lobby: things like how to build a pump that pumps water, how to create steel and build other forms of alloys, how to cook, how to remove poisons from food, etc. But because this knowledge is part of everyday industrial processes, there is an economy that keeps such information around and makes use of it. So the work of preserving it is already done. . .

[A] second type of information no longer has an economy behind it. It has already found its way into the historical record through a state of affairs which no longer exists. So it’s just sitting there. It can be slowly rotting away, slowly vanishing. Books go out of print, and the number of copies available decreases. But it is a slow process, because no one is actively trying to destroy this type of information.

And then there is the type-three information that is the focus of my attention now. This is the information that people are actively working to prevent from entering into the record. Type-three information is suppressed before publication or after publication. If type-three information is spread around, there are active attempts to take it out of circulation. Because the[] first two pillars of our intellectual record either have an economy behind them, or there are no active attempts to destroy them, they do not call to me as loudly. But, this third pillar of information has been denied to all of us throughout the history of the world. So, if you understand that civilized life is built around understanding the world, understanding each other, understanding human institutions and so forth, then our understanding has a great hole in it, which is type-three history.

Of course, anyone who’s worked as an attorney knows that it’s important to respect rights to privacy, and so does Assange: Wikileaks itself operates according to a strict NDA. A growing movement urging a “right to be forgotten” is to be commended for expanding those rights in some contexts. These developments may confound those who insist on absolutely open or closed systems as hallmarks of consistency. But Assange’s sophisticated defenders, like Yochai Benkler, are working toward a balance of interests in the information environment:

[P]rivacy is at risk when there are powerful observers and vulnerable subjects. Transparency, by contrast, involves disclosure of information about powerful parties that weaker parties can use to check that power or its abuse. When we say that an act of information disclosure “threatens privacy” or “promises transparency,” we are making a judgment about who has power and who is susceptible to it and how that power ought to be limited. The demise of privacy is already built into the structure of the commercially owned and operated Net. We have already made that “choice,” at least in the sense of being socially and politically passive at crucial moments in the 1990s and early 2000s when key decisions were made. The technologies and practices epitomized by WikiLeaks serve as a compensating overlay on that privacy-denying platform.

Enormously powerful computing systems now aid corporations and law enforcement agencies in their quests for prediction and control. They could also accomplish the disclosure functions mentioned above. The question now is whether we, as a society, are as committed to the transparency project (“disclosure of information about powerful parties that weaker parties can use to check that power or its abuse”) as “we” have been to the privacy-destroying aspects of internet intermediaries that endlessly track and profile their users. It’s not surprising that resource extraction companies, big campaign donors, and CEOs are vigorously fighting disclosure. Occasionally inequality and abuse become so grotesque that they can’t be defended; they can only be hidden.

Photo Credit: Ninja M.

The Administration has not backed away from its predecessor’s aggressive use of the state secrets privilege.  According to Steven Aftergood, “there is a great deal of [...]]]> The media often assesses governmental transparency issue by issue.  The Obama Administration gets an annual rating for its performance on FOIA compliance.  It receives press for its invocation on the state secrets privilege.  And so on.  But it may be worth taking stock of the total picture.  From the state secrets privilege to the proposed SHIELD Act and FOIA, the Obama Administration seems in pursuit of black box government much like its predecessor.  On reflection, the Administration’s call for a more transparent government in January 2009 seems a mismatch with its actions.  In this way, theory and practice don’t coincide.

The Administration has not backed away from its predecessor’s aggressive use of the state secrets privilege.  According to Steven Aftergood, “there is a great deal of continuity between the Bush and Obama administrations . . . . there is no case where the Obama administration has rescinded a claim of state secrets privilege that was advanced by the Bush [administration].”  The U.S. government has recently invoked the state secrets privilege in instances that appear designed to hide government screw ups rather than to protect national security.  For instance, the government hopes to block evidence in a case against a contractor who duped the government into spending millions on allegedly fake counterterrorism technology.  It has invoked the privilege to block a personal injury lawsuit by a CIA employee who alleged that environmental contamination in his home made his family sick. In a case inherited from the Bush administration, Obama’s Justice Department has continued to argue that classified records of eavesdropping on an Islamic charity were state secrets.  Two wiretapped lawyers were awarded $20,400 each, a ruling that last week the Obama administration indicated it would appeal.  ACLU Executive Director Anthony Romero laments that although the President promised to reform abuses of the state secrets privilege as a candidate, he has reneged on that promise as the President.

The Obama Administration has devoted significant energy to punishing whistle blowers.  As Politico reporter Josh Gerstein explains, the Administration is “pursuing an unexpectedly aggressive legal offensive against federal workers who leak secret information to expose wrongdoing, highlight national security threats or pursue a personal agenda.”  Since President Barack Obama took office, prosecutors have filed criminal charges in five cases involving unauthorized distribution of classified national security information to the media and is now considering prosecuting WikiLeaks founder Julian Assange.  The U.S. government, by contrast, only brought three such cases in the preceding 40 years.  Moreover, in response to the Wikileaks disclosures, the Administration has gotten behind the proposed SHIELD Act, which would amend Section 798 of the Espionage Act of 1917.  The amendment would expand the kinds of information covered by the Espionage Act and enables the U.S. government to prosecute private citizens who have not worked for the government or signed a security agreement.

In a recent post, I underscored that FOIA compliance continues to disappoint.  The National Security Archive recently issued its report “Glass Half Full: 2011 Knight Open Government Survey Finds Freedom of Information Change But Many Agencies Lag in Following Obama’s Openness Order.”Although the group found some progress (49 agencies took concrete action in light of the March 2010 White House memorandum instructing agencies to update all FOIA material and assess whether their FOIA resources were adequate), its results were decidedly mixed.  Only 24 agencies actually updated their FOIA training materials, only 13 agencies followed its mandate, and 41 of the agencies remained inert. Of those 41 agencies, 17 could not provide concrete records showing that they had followed the memo’s instructions; two agencies withheld documents by incorrectly citing FOIA exemptions; 17 agencies were still working on the request after more than 100 business days (in violation of FOIA); and four agencies never acknowledged the team’s requests despite numerous calls and faxes. Ancient requests, as old as 18 years, “still languish in the system.” As the team reports, twelve agencies have outstanding FOIA requests older than six years.” Eric Newton, an advisor to the Knight Foundation, remarked that “at this rate, the President’s first term in office may be over by the time federal agencies do what he asked them to do on his first day in office.”  At a hearing before the House Committee on Oversight and Government Reform, FOIA expert Daniel Metcalfe expressed his disappointment by the “surprising slowness and incompleteness of the Obama Administration’s new FOIA policy implementation.” Metcalfe lamented the administration’s “do as I say, not as I do mentality,” as evinced by the performance of its lead agency, the Department of Justice, whose FOIA backlog is worse than it was a year ago.

Viewed together with my co-blogger Frank Pasquale’s insights on fusion centers (see our forthcoming article) and his important forthcoming book on The Black Box Society, the Obama Administration, issue for issue, seems to support black box government, not a transparent one.

“If you’ve got nothing to hide,” many people say, “you shouldn’t worry about government surveillance.” Others argue that we must sacrifice privacy for security. But as Daniel J. Solove argues in this important book, these arguments and many others are flawed. They are based on mistaken views about what it means to protect privacy and the costs and benefits of doing so. The debate between privacy and security has been framed incorrectly as a zero-sum game in which we are forced to choose between one value and [...]]]> I’m pleased to announce the publication of my new book, NOTHING TO HIDE: THE FALSE TRADEOFF BETWEEN PRIVACY AND SECURITY (Yale University Press, May 2011).  Here’s the book jacket description:

“If you’ve got nothing to hide,” many people say, “you shouldn’t worry about government surveillance.” Others argue that we must sacrifice privacy for security. But as Daniel J. Solove argues in this important book, these arguments and many others are flawed. They are based on mistaken views about what it means to protect privacy and the costs and benefits of doing so. The debate between privacy and security has been framed incorrectly as a zero-sum game in which we are forced to choose between one value and the other. Why can’t we have both?

In this concise and accessible book, Solove exposes the fallacies of many pro-security arguments that have skewed law and policy to favor security at the expense of privacy. Protecting privacy isn’t fatal to security measures; it merely involves adequate oversight and regulation. Solove traces the history of the privacy-security debate from the Revolution to the present day. He explains how the law protects privacy and examines concerns with new technologies. He then points out the failings of our current system and offers specific remedies. Nothing to Hide makes a powerful and compelling case for reaching a better balance between privacy and security and reveals why doing so is essential to protect our freedom and democracy.

This book grows out of an essay I wrote a few years ago about the Nothing-to-Hide Argument.   The essay’s popularity surprised me and made me realize that there is a hunger out there for discussions about the arguments made in the debate between privacy and security.

The primary focus of NOTHING TO HIDE is on critiquing common pro-security arguments.  I’ve given them nifty names such as the “Luddite Argument,”the “War-Powers Argument,” the “All-or-Nothing Argument,” the “Suspicionless-Searches Argument,” the “Deference Argument,” and the “Pendulum Argument,” among others.  I also discuss concrete issues of law and technology, such as the Fourth Amendment Third Party Doctrine, the First Amendment, electronic surveillance statutes, the USA-Patriot Act, the NSA surveillance program, and government data mining.

The Yale Law Journal Online has just published the final piece of a symposium devoted to William N. Eskridge, Jr. and John Ferejohn’s remarkable new book, A Republic of Statutes: The New American Constitution. The book chronicles the development of constitutional principles derived not directly from the text of the Constitution itself but from the implementation of entrenched “superstatutes” by administrative and executive officials. The symposium essays examine both the broad contours of the theory advanced by Eskridge and Ferejohn as well as its application to particular fields of law, such as immigration, national security, and health care. Visit YLJ Online to read the full collection:

Goldsmith, who takes cybersecurity very seriously, nevertheless finds himself “agreeing with those who think Assange is being unduly vilified.” He believes that “it is not obvious what law he has violated,” and Geoff Stone today said that many Lieberman-inspired efforts to expand the Espionage Act to include Assange’s conduct would be unconstitutional. Goldsmith asks:

What if there were no wikileaks and Manning had simply given the Lady Gaga CD to the Times? Presumably the Times would eventually have published most of the same information, with [...]]]> Don’t worry, it’s not another prolix post from me, just commentary on Jack Goldsmith’s Seven Thoughts on Wikileaks and Lovink & Riemens’s Twelve theses on WikiLeaks. (And here’s an FAQ for those confused by the whole controversy.)

Goldsmith, who takes cybersecurity very seriously, nevertheless finds himself “agreeing with those who think Assange is being unduly vilified.” He believes that “it is not obvious what law he has violated,” and Geoff Stone today said that many Lieberman-inspired efforts to expand the Espionage Act to include Assange’s conduct would be unconstitutional. Goldsmith asks:

What if there were no wikileaks and Manning had simply given the Lady Gaga CD to the Times? Presumably the Times would eventually have published most of the same information, with a few redactions, for all the world to see. Would our reaction to that have been more subdued than our reaction now to Assange? If so, why?

Lovink & Riemens provide something of an answer:

Traditional investigative journalism used to consist of three phases: unearthing facts, crosschecking these and backgrounding them into an understandable discourse. WikiLeaks does the first, claims to do the second, but omits the third completely. . . . What WikiLeaks anticipates, but so far has been unable to organize, is the “crowd sourcing” of the interpretation of its leaked documents. That work, oddly, is left to the few remaining staff journalists of selected “quality” news media.

Later, academics pick up the scraps and spin the stories behind the closed gates of publishing stables. But where is networked critical commentariat? Certainly, we are all busy with our minor critiques; but it remains the case that WikiLeaks generates its capacity to inspire irritation at the big end of town precisely because of the transversal and symbiotic relation it holds with establishment media institutions. . . .Therein lies the conflictual terrain of the political.

Perhaps the difference between the treatment of Assange and the NYT is a widespread sense that the “paper of record” simply must publish important news once it’s been revealed. But the Wikileaks situation confounds any model of objective journalists “finding facts” in the world. As the FAQ explains, “Wikileaks is only releasing cables in coordination with the actions of . . . five selected news organizations.” Like search engines, it challenges the traditional distinctions between conduit and content-provider that have governed our thinking about communications. As L & R put it,

One of the main difficulties with explaining WikiLeaks arises from the fact that it is unclear (also to the WikiLeaks people themselves) whether it sees itself and operates as a content provider or as a simple conduit for leaked data (the impression is that it sees itself as either/or, depending on context and circumstances). This, by the way, has been a common problem ever since media went online en masse and publishing and communications became a service rather than a product. . . . This might be why Assange and his collaborators refuse to be labelled in terms of “old categories” (journalists, hackers, etc.) and claim to represent a new Gestalt on the world information stage.

I have to admit, my initial read of this story was over-influenced by media reports that described Wikileaks as “dumping” documents. In fact, they have been selective; as Glenn Greenwald explains, “They have not released “thousands” of cables; they’ve released 1,193 — less than 1/2 of 1% of the total they possess.”

But I do think I was right about one thing: the Wikileaks story reveals a dangerously overstretched “superpower.” When Russia recommends a Nobel Prize for Assange, you know that they are pretty confident in their ability to decouple from the US’s overindebted, hollowed out economy. Just as trillions of dollars in war spending have emptied our coffers, military prerogatives also led to the DOD’s “data deluge blowback.” As Lovink puts it:

In the ongoing saga called “The Decline of the US Empire”, WikiLeaks enters the stage as the slayer of a soft target. It would be difficult to imagine it being able to inflict quite same damage to the Russian or Chinese governments, or even to the Singaporean – not to mention their “corporate” affiliates. In Russia or China, huge cultural and linguistic barriers are at work, not to speak of purely power-related ones, which would need to be surmounted. Vastly different constituencies are also factors there, even if we are speaking about the narrower (and allegedly more global) cultures and agendas of hackers, info-activists and investigative journalists. In that sense, WikiLeaks in its present manifestation remains a typically “western” product and cannot claim to be a truly universal or global undertaking.

The irony, of course, is that in its quest for openness, Wikileaks is likely to provoke extraordinary responses from government that make our security apparatus more like that of Russia or China. Lovink notes some uncomfortable parallels between Wikileaks and those it opposes:

WikiLeaks displays a stunning lack of transparency in its internal organization. Its excuse that “WikiLeaks needs to be completely opaque in order to force others to be totally transparent” amounts, in our opinion, to little more than Mad magazine’s famous Spy vs. Spy cartoons. You beat the opposition but in a way that makes you indistinguishable from it.

WikiLeaks is also an organization deeply shaped by 1980s hacker culture, combined with the political values of techno-libertarianism that emerged in the 1990s. . . . Lack of commonality with congenial, “another world is possible” movements drives WikiLeaks to seek public attention by way of increasingly spectacular and risky disclosures, thereby gathering a constituency of often wildly enthusiastic, but generally passive supporters.

Assange reminds me a bit of the obsessed protagonist of Samuel Delany’s sci-fi novel Nova, with sensitive information playing the role in the Wikileaks drama that Illyrion plays in Delany’s work: a resource that can utterly shift the balance of power if it comes into the right hands. Assange sees an utterly corrupt status quo, and wishes to upset it. Projects like Wikileaks may well succeed in doing so. But, if the status quo could speak, it might warn, “Après moi, le déluge.” (And Zhou Enlai is probably still correct to say that it’s “too soon to tell” what the impact of that power shift was.)

A new domestic intelligence network has made vast amounts of data available to federal and state agencies and law enforcement officials. The network is anchored by “fusion centers,” novel sites of intergovernmental collaboration that generate and share intelligence and information. Several fusion centers have generated controversy for engaging in extraordinary measures that place citizens on watch lists, invade citizens’ privacy, and chill free expression. In addition to eroding civil liberties, fusion center overreach has resulted in wasted resources without concomitant gains in security.

We began our work by holding (along with Priscilla Regan of GMU) a [...]]]> My co-blogger Danielle Keats Citron and I have recently posted our draft article on “fusion centers” (forthcoming in the Hastings Law Journal). As we state in the abstract:

A new domestic intelligence network has made vast amounts of data available to federal and state agencies and law enforcement officials. The network is anchored by “fusion centers,” novel sites of intergovernmental collaboration that generate and share intelligence and information. Several fusion centers have generated controversy for engaging in extraordinary measures that place citizens on watch lists, invade citizens’ privacy, and chill free expression. In addition to eroding civil liberties, fusion center overreach has resulted in wasted resources without concomitant gains in security.

We began our work by holding (along with Priscilla Regan of GMU) a roundtable on fusion centers in April, 2009. Citron convened a panel on fusion centers at AALS in New Orleans. Since then, we’ve repeatedly found ourselves astonished by the pace of advances in domestic intelligence operations. In roughly reverse chronological order:

1) The Obama administration is now pushing for “Congress to require all services that enable communications — including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct “peer to peer” messaging like Skype — to be technically capable of complying if served with a wiretap order.” The insistence on a “backdoor” here recalls the UAE/Saudi ban on Blackberrys—not exactly regimes the US should be emulating. Julian Sanchez and the ACLU provide more background.

2) Back in 2003, an official at an “anti-terrorism center” commented that “You can almost argue that a protest against [a war on terror] is a terrorist act.” Citron and I discuss the quote in our article, and I for one thought it was a relic of the “bad old days” of Bush-Cheney. The following story suggests I was wrong:

The FBI executed six search warrants in Minneapolis . . . including homes of political activists, in connection to a terrorism investigation. . . . A SWAT team, accompanied by the FBI, knocked on Kelly’s door about 7 a.m. and Kelly’s partner answered, [Kelly's Attorney Ted] Dooley said. “They said they had a search warrant,” he said. “She asked to see it, she couldn’t read it through the peephole, so they busted down the door. The door flew across the room and broke a fish tank. There are now eight FBI agents in the apartment, going through every piece of paper in there, and all the books.”

What’s particularly striking here is that the raid came the same week as the DOJ Inspector General criticized the investigation of Greenpeace, The Catholic Worker, and the Thomas Merton Center, as the Boston Globe notes:

The report chastised the bureau for having a “weak’’ rationale for some of its investigations; investigating where there was “little indication of any possible federal crimes’’; and extending “the duration of investigations involving advocacy groups or their members without adequate basis.’’ The agency was also taken to task for improperly retaining information about the targeted groups in its files and for classifying investigations of peace groups “under its ‘Acts of Terrorism’ classification.’’ These are serious abuses. Using anti-terrorism laws to target domestic protest organizations is redolent of the actions of the Justice Department against law-abiding protesters during World War I and the Vietnam War — actions that are rightly remembered as disgraceful.

Citron and I discuss an incident in Maryland where “fifty-three nonviolent political activists were classified as “terrorists,” including two Catholic nuns and a Democratic candidate for local office.”

3) The Top Secret America series shows that the same concerns Eisenhower had about the military-industrial complex apply to an ever-expanding surveillance-industrial complex. Given the military’s important role in the political economy of innovation in the US, we need a lot more research on how much of its investment is being directed toward programs designed to classify and investigate US citizens.

4) Finally, for those interested in a more personal account about the dangers of out-of-control law enforcement, I highly recommend this podcast. While I don’t have too much sympathy for the man at the center of the first story, the second one about a police vendetta against a whistleblower is genuinely frightening. The accompanying series in the Village Voice has a sad, Kafkaesque leitmotif: the very “scientific policing” programs that are supposed to incentivize police forces to work harder and smarter are also creating pressures to “pump up” numbers of nuisance crimes and underreport violence. It’s a lot easier to harass loiterers than it is to get to the bottom of serious crime—just as it is easier to keep tabs on Quakers than it is to develop “HUMINT” that can provide reliable information on a serious terrorist group.

There are many other stories I could include. But for now, I’ll close with the thoughts Citron and I use to end our article:

Someone must “watch the watchers,” especially when surveillance is based not merely on a single agency database, but on a vast reservoir of public and private data. Without immutable audit-enabling technology, fusion centers will remain black boxes, preventing effective oversight. They will pair ever more pervasive surveillance with aggressive deflection of inquiries about it. A no-holds-barred assault on terror cannot become the template for ordinary law enforcement without seriously disrupting the balance of power between police and citizen, government and the governed.

We need to do a lot more to ensure that a growing law enforcement apparatus is itself respecting the law.

Hat Tip: Andrew Sullivan.

[T]he Bush administration . . . ordered the National Security Agency to eavesdrop on American citizens without the warrants required by law and without any external oversight at all. Despite the fact that the 30-year-old FISA law made every such act of warrantless eavesdropping a felony, “punishable by a fine of not more than $10,000 or [...]]]> Today brings news that the “Electronic Privacy Information Center [has] filed a request under the Freedom of Information Act for documents related to any agreement between Google and the NSA” on cybersecurity and related matters. The controversy over the request reminds me of an excellent recent debate on the digital surveillance state at Cato Unbound. Glenn Greenwald leads off by documenting an array of intrusive surveillance practices:

[T]he Bush administration . . . ordered the National Security Agency to eavesdrop on American citizens without the warrants required by law and without any external oversight at all. Despite the fact that the 30-year-old FISA law made every such act of warrantless eavesdropping a felony, “punishable by a fine of not more than $10,000 or imprisonment for not more than five years, or both,” and despite the fact that all three federal judges who ruled on the program’s legality concluded that it was illegal, there was no accountability of any kind. . . .

[Medical] “files” are maintained through a 2005 law which, the Government claims, authorizes it to monitor and record all prescription drug use by all citizens via so-called “Prescription Drug Monitoring Programs.” And there is a slew of other under-discussed surveillance programs whereby the U.S. government stores vast data on our private activities: everything from every domestic telephone call we make to “risk assessment” records based on our travel activities. A bipartisan group of Senators is currently promoting mandated “biometric ID cards” for every American as a purported solution to illegal immigration.

Paul Rosenzweig responds that there are several programs internal to federal agencies designed to protect privacy, including DHS’s “statutorily required Privacy Officer” and “Officer for Civil Rights and Civil Liberties.” Julian Sanchez insists that, regardless of these formal protections, the overall architecture of communications and data storage has enabled a quantum leap in surveillance:

The plummeting cost of data storage, the increasing ubiquity of network communications, and the vastly increased capacity of law enforcement to fruitfully analyze “transactional data” subject to far more anemic protections than the contents of communications all combine to make an extraordinary degree of monitoring both more feasible and more attractive to investigators, even holding constant the legal framework within which that monitoring occurs. A few decades ago, intelligence agents might have found it convenient to compare a list of everyone reading unsavory publications with a list of people who share group memberships with a suspicious number of subjects already under investigation — but they would have had no practical way of doing so. Now it is not only feasible, but inundated telecom providers and profit-seeking contractors are racing to find plug-and-play solutions that make the process ever cheaper and easier.

There’s also ample evidence suggesting that individualized, subject-based monitoring of communications themselves is yielding to a broader algorithmic approach that seeks to monitor entire data streams. John Yoo, who wrote the (now repudiated) memoranda providing the legal basis for the NSA wiretapping program, for example, has described a system in which “computers are initially searching through communications first and only bringing correlations to the attention of a human, to a security officer when there’s a certain level of confidence that they might involve terrorism.” Where once we identified targets and then looked for suspicious behavior or incriminating communications, the “new” approach — whose closest precedent may be the NSA’s scandalous SHAMROCK program uncovered by the Church Committee’s investigations in the 1970s — involves monitoring behavior patterns and communications streams in search of targets.

Sanchez’s closing thoughts have particular relevance for the Google/NSA litigation: “Surveillance infrastructures and databases built for benign purposes tend to persist even when their administrators cease to be benign.”

1) The companies’ CEOs have stated that, in their view, “A provider that offers a broadband Internet access service complying with [basic net neutrality] principles” should be able to “offer any other additional or differentiated services” free of net neutrality regulation. The key question here is the quality and cost of the “broadband Internet access service complying with [net neutrality] principles,” as compared with the “additional services” that can be offered without net neutrality. In the best case [...]]]> There has been a lot of insightful commentary on the new Verizon/Google framework proposal; Marvin Ammori’s post is a good place to start. Here are my “two cents” on the larger implications of this move from business cooperation to lobbying alliance.

1) The companies’ CEOs have stated that, in their view, “A provider that offers a broadband Internet access service complying with [basic net neutrality] principles” should be able to “offer any other additional or differentiated services” free of net neutrality regulation. The key question here is the quality and cost of the “broadband Internet access service complying with [net neutrality] principles,” as compared with the “additional services” that can be offered without net neutrality. In the best case scenario, most people use the compliant service for most traffic, and run “additional services” on top of it in order to access special content/apps. Unfortunately, I think it’s far more likely that the net-neutrality-compliant service will gradually decline in quality, so that it’s vestigial (like public broadcasting) or a poor program for poor people (ala Medicaid).

2) Whatever the details of this proposal, I believe that carrier/search engine business alliances will proliferate in the future. The more ISPs like Verizon can characterize what they do as “search like,” involving technical genius and editorial discretion, the better a chance they have at evading utility-style regulation. Search is basically a “no man’s land” regulatorily. Just as key actors in the finance sector engaged in regulatory arbitrage to make their “innovative financial products” not merely unregulable but also unmonitorable, the big ISPs are likely to do the same by recharacterizing their services as “search like.” This affords them three big advantages:

a) More extensive trade secrecy: The same obstacles to holding Google accountable (including trade secret protection for its ordering algorithms) may also interfere with network neutrality regulation. As Jonathan Zittrain noted in the NYT yesterday, the details of “‘peer arrangements in which I.S.P.s agreed to carry each other’s traffic . . . are typically trade secrets.” Like search engines, carriers face an information overload problem, with spam, viruses, and high-demand applications threatening to overwhelm their networks. In the long run, they are likely to make key network-management practices as confidential as search engine rankings. Even many broadband penetration stats are now trade secrets (see B.W. Cramer, The Secrecy of FCC Broadband Infrastructure Statistics, 31 Hastings Comm. & Ent L.J. 339, 340, 347 (2009)).

The larger business/PR strategy here is to make carriers look as inventive and innovative as search engines do, so that they also face very little regulation, and get excused for doing things secretly. The more ISP’s and carriers integrate services, the more convincing this characterization becomes. I talked about early moves in this direction here.

b) First Amendment protections: Search engines claim that their results are like the output of media organizations, and therefore deserve First Amendment protection. They’ve won several cases on this basis. Expect to hear more of this argument from carriers as they fold search technologies into their network management practices. If this line of argument succeeds, the net will basically get Lochnerized, and we’ll be biding our time till some FDR of the 2030s can scare persuade the Supreme Court to act more reasonably. If you thought Citizens United was scary, just wait until Justice Roberts gets to wax eloquent on the need to free our corporate John Peter Zengers to speak truth to power (or power to truth—whatever works).

c) Selling user secrets for cash: For years ISPs have grumbled that they were unable to monetize user data to the extent Google can. Again, by basking in the brand appeal and goodwill of Google, Verizon will move closer toward the status it needs to start capitalizing on this data stream.

3) So that’s one look at the road ahead: vertical integration of the physical, app, social, and content layers of the internet, driven by the regulatory arbitrage opportunities pioneered by search engines in their dual assertion of trade secrecy (to prevent scrutiny of their ranking practices) and First Amendment protection (to deflect any efforts to regulate the results they provide). Expect internet behemoths to buttress their tradde secrecy claims with national security/cyberwar rationales for state secrecy, too. Both the warrantless wiretapping controversy and the Google/NSA response to Chinese hacking presage the increasing integration of the internet sector with Top Secret America.

4) We’ve seen a cognate regulatory arbitrage story before in the financial sector: think of the opaque dealmaking that sunk big banks, and the rating agencies’ First Amendment immunity from liability for utterly conflicted assessments of mortgage-backed securities. The dual assertion of trade secrecy and First Amendment protection may be a cornerstone of crony capitalism for years to come.

Whatever transpires from the present VerGoogle alliance, we are likely to see increasing integration of internet service and search in coming years. That will raise some difficult questions about the very possibility of democratic accountability for internet regulation and governance. The net may soon be as much of a “black box” as the iPhone, Enron, or the NSA.

X-Posted: Balkinization.

Photo Credit: Me (photo of tracks into the water off Cape Cod); copyright abandoned.

There is a danger that we will become even less well-informed, as the web becomes both more personalised and more social. Concerns that the internet traps users in unchallenging information ghettos are not new, stretching back to 2001 and the US legal scholar Cass Sunstein’s book Republic.com. Sunstein argues that, when compared to older [...]]]> I often hear statements like “I’m the top Google result for my name!” or “Kiwi is the top search result for shoe polish!” Truth is, there’s no such thing. You can know the top results that you see, and you can survey what others see, but only the search engine knows what everybody is seeing in response to a query. Evgeny Morozov worries about this trend:

There is a danger that we will become even less well-informed, as the web becomes both more personalised and more social. Concerns that the internet traps users in unchallenging information ghettos are not new, stretching back to 2001 and the US legal scholar Cass Sunstein’s book Republic.com. Sunstein argues that, when compared to older media, the internet allows users to seek out opinions and news with which they already agree, creating online news ghettos in which the views of right and left rarely mix.

What is surprising, however, is that today’s technology companies seem to use that book as a to-do-list. Google, for example, has been pushing to provide personalised search results to its users, meaning that two people searching for the same term may now get different results, altered according to what they have clicked on before. In December 2009, Google tweaked its rules in such a way that even users who are not signed into Google—thus denying the search giant access to their previous search history—will see their results personalised too. Facebook is not far behind.

Admittedly, these developments are helpful to individuals—how could anyone use Facebook without hiding Farmville? But they counsel extreme epistemological modesty for anyone who would write about the effects of search engines on the public sphere. Alex Halavais notes in his book Search Engine Society that, “[i]n the process of ranking results, search engines effectively create winners and losers on the web as a whole.” But we have little idea who exactly those winners and losers are at the level of granularity that search engines can operate at.

The search engine’s role here reminds me of WalMart’s power to turn off individual registers around the US from its command center in Bentonville, or ConEd’s power to force certain buildings to turn down their air conditioning on hot days. Our products phone home, our iPhones can turn into iBricks if we annoy Steve Jobs, and cell phones can double as microphones. Everyone’s being profiled, and extraordinary power may well lie with the network that can put all those profiles together.

Internet cheerleaders encourage a generalized gratitude and wonder at all the new technologies can do for us. But we are light-years away from the institutions of accountability and auditing that are necessary for such attitudes to be reasonable. Admittedly, deficiencies in enterprise software and power supplies may keep the “infinite database” from ever being built, but is there any doubt it would be a dream-come-true for business and government? If it is built, existing doctrines of trade secrecy and state secrecy will make it very difficult to figure out how it is operating.

Heraclitus wrote that “for the waking there is one world, and it is common; but sleepers turn aside each one into a world of his own.” In our age of fragmented lifeworlds, narrowcasting, and personalization, internet searchers are increasingly like Heraclitus’s sleepers. They will increasingly consume customized media on the persons and events they take an interest in. Many will unwittingly enter a media environment shaped in ways they can’t understand. While some authors have lamented the effects of the “Daily Me” on politics, and others have noted the Kafkaesque implications of black box databases, few have considered the intersection of these trends. They threaten to make a scholarly understanding of media consumption difficult, as we have less and less objective sense of what’s really being presented as choices.

Image Credit: Bandido of Oz.

It also turns out that FOIA research may make you the subject of FBI scrutiny. The FBI approaches disclosure of information (predictably) like a security agency.

Author and attorney Alexander Charns wrote a very interesting book entitled Cloak and Gavel (1992), which concerned the history of the Supreme Court and its interactions with the FBI. Pursuant to one of his FOIA requests seeking historical records about Hoover abuses of power, the FBI inadvertently released to him an internal FBI memorandum that described him, his research, and the type [...]]]> I have a love/hate relationship with FOIA. I need it and can’t live without it. For those who do original primary research, it’s an essential tool. But it is also painfully slow, hit or miss, unpredictable, and frustrating.

It also turns out that FOIA research may make you the subject of FBI scrutiny. The FBI approaches disclosure of information (predictably) like a security agency.

Author and attorney Alexander Charns wrote a very interesting book entitled Cloak and Gavel (1992), which concerned the history of the Supreme Court and its interactions with the FBI. Pursuant to one of his FOIA requests seeking historical records about Hoover abuses of power, the FBI inadvertently released to him an internal FBI memorandum that described him, his research, and the type of information he was provided.  Apparently, such memoranda on FOIA requesters are not uncommon. They are called “high visibility memoranda” and are created by the FBI FOIA section to “anticipate and minimize negative publicity resulting from FOIA releases.” A former student who recently worked with FOIA shared that she too was aware of similar memoranda maintained by the government. Apparently this practice continues.

Laying aside any question about the FBI’s authority to prepare such memoranda (perhaps based on Google research or other Internet-based information), does the FBI appreciate how the maintenance of memoranda about FOIA requesters plays with the public? I won’t hold out great hopes for more information transparency from the Obama administration, but perhaps it could at least get the FBI to lay off on the domestic FOIA surveillance?

Update (3-29-2010): This article just ran today in the Boston Globe’s online edition on the subject of the FBI, the release of documents held in the FBI’s “Special File Room,” and their availability through a volunteer group called governmentattic.org. H/T Michael Ravnitzky

Brancheau’s family announced this week that they would seek an injunction to protect the release of the death imagery, captured by SeaWorld’s surveillance cameras on Feb. 24. And though the video has not yet been publicly released, it’s presently in the hands of the Florida Orange County Sheriff’s Office, which is investigating the woman’s death.

According to FoxNews:

The Orange County Sheriff’s Office, who now has the video, has received several calls from sources trying to obtain copies of the video, the Orlando Sentinel reported.Once the Orange County Sheriff’s Office concludes its investigation, the material would become public under [...]]]> Jessica Bennett at Newsweek brought my attention to a story about the family of the killer whale trainer (Dawn Brancheau) who was killed while training the whale at SeaWorld:

Brancheau’s family announced this week that they would seek an injunction to protect the release of the death imagery, captured by SeaWorld’s surveillance cameras on Feb. 24. And though the video has not yet been publicly released, it’s presently in the hands of the Florida Orange County Sheriff’s Office, which is investigating the woman’s death.

According to FoxNews:

The Orange County Sheriff’s Office, who now has the video, has received several calls from sources trying to obtain copies of the video, the Orlando Sentinel reported.Once the Orange County Sheriff’s Office concludes its investigation, the material would become public under Florida law. . . .

Brancheau’s family said through a spokesman that public airing of the killing would only worsen their grief.They could seek a court injunction to stop the release, at least temporarily. The family has been consulting the lawyer who represented Dale Earnhardt’s widow in a court fight over his autopsy photos.

I believe that the Brancheau family has a good case.  They want to prevent the sad events that happened to the family of Nikki Catsouras, whose gruesome accident death photos started appearing all over the Internet.  In that case, the court held that the family could bring common law privacy claims against the police department for improperly leaking the photographs.

In this instance, the video might be required to be disclosed by public records law, so tort privacy claims would likely not be available against the government if they conflicted with state disclosure obligations or against others who disseminated the video post-disclosure (due to First Amendment protection).

Thus, the family’s redress could come in two possible forms: (1) a provision of the public record law that would not allow for the disclosure of the video; or (2) a constitutional right to information privacy challenge.

Regarding Florida public records law, the Earnhardt Family Protection Act prohibits the disclosure of autopsy photos.  It was enacted because of concerns over the distribution of autopsy photos of race car driver Dale Earnhardt, who died in a crash on the race track.

The Earnhardt Family Protection Act, Fla. Stat. ch. 406.135 (2001), provides, in part:

A photograph or video or audio recording of an autopsy held by a medical examiner is confidential and exempt from s. 119.07(1) and s. 24(a), Art. I of the State Constitution, except that a surviving spouse may view and copy a photograph or video recording or listen to or copy an audio recording of the deceased spouse’s autopsy. . . .

The law doesn’t completely bar disclosure of autopsy materials — it allows them to be disclosed pursuant to a court order:

In determining good cause, the court shall consider whether such disclosure is necessary for the public evaluation of governmental performance; the seriousness of the intrusion into the family’s right to privacy and whether such disclosure is the least intrusive means available; and the availability of similar information in other public records, regardless of form.

The Brancheau family has a good chance of blocking the release of the video under this law.

Second, the Brancheau family could raise a constitutional right to information privacy challenge.  The constitutional right to information privacy provides protection if a person has a privacy interest, if government officials violated that interest by disclosing personal information, and if the privacy interest isn’t outweighed by the government’s interest in disclosure.

What does this mean for the public? Through FedThread people can more easily track issues regarding “rules, proposed rules, and notices of Federal agencies and organizations, as well as executive orders and other presidential documents” as they are posted to the Federal Register website (weekdays [...]]]> The Federal Register has moved to an XML format. That has allowed Princeton’s Center For Information Technology Policy to be on the move once more. The new project is called FedThread. As the site puts it now that the Federal Register is in XML, “citizens [can] create new services that in turn provide value back to government. Kudos to the Government Printing Office, National Archives and Records Administration, and Office of Science and Technology Policy for making this all possible.”

What does this mean for the public? Through FedThread people can more easily track issues regarding “rules, proposed rules, and notices of Federal agencies and organizations, as well as executive orders and other presidential documents” as they are posted to the Federal Register website (weekdays except for government holidays). So today’s documents include material about the Delaware River Basin Commission, Department of Education, Federal Communication Commission, Department of Health and Human Services, and the National Science Foundation proceedings. Actions regarding postesecondary education, rulemaking at the FCC, and pandemic influenza vaccines are apparently on the table. Go to this link for today’s full list.

In other words, rejoice, wonk and non-wonk, for you may can now see what your government is doing. In fact FedThread offers some rather great features including:

* collaborative annotation: Attach a note to any paragraph of the Federal Register; start a conversation.
* advanced search: Search the Federal Register (back to 2000) on full text, by date, agency, and other fields.
* customized feeds: Turn any search into an RSS or email feed, which will send you any new items that match the search query.

As I understand it, one can set up a search and receive updates about the topic. Policy makers, academics, and engaged citizens should take advantage of these features. It should allow one to see how the law is evolving and take action much more quickly than before.

One point for those who may confuse making a note with a comment. FedThread is not affiliated with the U.S. government. Notes appear on the FedThread site but are not part of the Federal Register. Formal comments must follow the proper procedures related to commenting on whatever particular topic upon which one wishes to comment. In addition, the notes are just that, notes of those who wnat to share their views about a topic. It should open debate and discussion, but as with many areas of the Web, one will have to sort between useful and irrelevant notes.

I am sure I will learn more from my colleagues here at CITP as the project moves forward. For now, I hope people enjoy the offering.

For those interested in “some of the driving principles behind the project,” this paper Government Data and the Invisible Hand is a good place to start. Last, I want to call out the people involved in building this project. Joe Calandrino, Ari Feldman, Harlan Yu, and Bill Zeller developed it. Calvin Lee at Princeton’s Student Design Agency handled the graphic design. Prof. Ed Felten and Stephen Schultze led the project. You can contact FedThread at info@fedthread.org.

The obvious one is that judicial opinions are the public good that the parties prompt society to buy.  The price we would pay for any kind of litigation reform would be [...]]]> Eugene Volokh (among many others) recently posted the opinions in Klein v. Amtrak, the now famous EDPA unpublication case involving a settlement that led to the vacating of eight defense-unfriendly district court opinions.  Although commentators across the web seemed surprised, in my experience the practice of asking a judge to vacate an opinion that produced a settlement is fairly common – this particular instance is only a small variant on the ordinary case.  But Klein provides the opportunity to reflect on some of the unexpected benefits that we get from our ridiculous court system.

The obvious one is that judicial opinions are the public good that the parties prompt society to buy.  The price we would pay for any kind of litigation reform would be fewer public decisions, and thus more uncertainty of the kind that unpublication like Klein promotes. The Third Circuit in particular was known for years for having very thin law  – indeed, the late Chief Judge Eddie Becker of the Circuit famously led a one-man crusade against the dearth of law by writing copious dicta.  The certainty that we get from having opinions strongly suggests that we should resist private attempts to keep the law secret – and should be similarly skeptical of the courts’ unwillingness to free PACER. Here, it appears merely that Judge Stengel asked WL and LEXIS to remove his opinions from his databases.  Thus, like 80% of all substantive orders, they are on the docket, but aren’t available to the general public.

There’s an additional private benefit that accompanies litigation which is less illuminated by Klein: the parties get to communicate with one another.  Given a regulatory regime that prohibits competitor contact, litigation can be the best way for companies to talk to one another (through discovery and signalling about which positions to take).  That litigation-mediated-communication is one reason why some companies might prefer to continue to fight in the public system, rather than in commercial arbitration, where their ability to get discovery may be limited.  Again, this isn’t to say that all lawsuits are worth the time and expense that the public invests in settling them, but it does suggest that litigation reform needs to account for these substantial litigation spillovers.