Archive for the ‘Web 2.0’ Category

Tempest in Tempe: First Amendment in the Desert

posted by Derek Bambauer

In the spirit of the excellent colloquy here about Marvin’s thinking on First Amendment architectures, I bring up this news item: Arizona State University blocked both Web access to, and e-mail from, the change.org Web site. ASU students had begun a petition demanding that the university reduce tuition. The university essentially made three claims as to why it did so (below, in order of increasing stupidity):

1. It was a technical mistake;
2. Change.org was spamming ASU; and
3. ASU needs to “protect the use of our limited and valuable network resources for legitimate academic, research and administrative uses.”

#1 and #2 run together. If spam is the problem, you don’t need to block access to the Web site. However, if you are concerned that students are going to read the petition, and sign it, you do need to block access to the Web site.

For #2, sorry, ASU, this isn’t spam. Spam is unsolicited bulk commercial e-mail. Change.org is, allegedly, sending unsolicited political e-mail. And that’s protected by the First Amendment – see, for example, the Virginia Supreme Court’s analysis of that state’s anti-spam law that covered political messages. Potential political spammers have a sharp disincentive to fill recipient’s inboxes – it’s a sure-fire way to annoy them into opposing your position.

For #3, ASU doesn’t get to determine what academic and research uses are “legitimate.” If they throttle P2P apps, that’s fine. If they limit file sizes for attachments, no problem. But deciding that the message from Change.org is not “legitimate” is classic, and unconstitutional, viewpoint discrimination.

This looks like censorship. I think it’s more likely to be stupidity: someone in ASU’s IT department decided to block these messages as spam, and to filter outbound Web requests to the site contained within those messages. But: with great power over the network comes great responsibility. Well-intentioned constitutional violations are still unlawful. It would also help if ASU’s spokesperson simply admitted the mistake rather than engaging in idiotic justification.

As I mention in Orwell’s Armchair, public actors are increasingly important sources of Internet access. But when ASU and other public universities take on the role of ISP, they need to remember that they are not AOL: their technical decisions are constrained not merely by tech resources, but by our commitment to free speech. Let’s hope the Sun Devils cool off on the filtering…

Cross-posted at Info/Law.

  February 10, 2012 at 5:10 pm   Posted in: Architecture, Civil Rights, Constitutional Law, Current Events, Cyber Civil Rights, Cyberlaw, First Amendment, Politics, Social Network Websites, Technology, Web 2.0   Print This Post   No Comments

The Hardest Thing to Predict Is the Future

posted by Derek Bambauer

SOPA and PROTECT IP are dead… for now. (They’ll be back. COICA is like a wraith inhabiting PROTECT IP.) Until then, Michelle Schusterman has a terrific graphic about the movie industry’s predictions of doom with each new technological revolution. (Ditto the music industry: the player piano, radio, CDs, the MP3 player, etc., etc.) One reason for this is that it’s difficult to predict the effects of a new communications technology. People thought we’d use the telephone to listen to concerts from afar. But another reason is that content industries see advances not as an opportunity but as a threat – a threat that they deploy IP law to combat, or at least control. And in a policy space where lawmakers don’t demand actual data on threats before acting, trumped-up assertions of job loss and revenue loss can carry the day. This puts the lie to the theory that IP owners will move to exploit new communications media, if only they are protected against infringement. We didn’t get viable Internet-based music sales until iTunes in 2003, and Spotify is the first serious streaming app (the “celestial jukebox“). Think about prior efforts like Pressplay and MusicNow, and how terrible they were. Letting the content industry design delivery models is like letting Matt Millen draft your football team.

This is why piracy is a helpful pointer: it tells us what channels consumers want to use to access content. Sometimes this is just displacement of lawful consumption, as when college students with copious disposable income download songs via BitTorrent, but sometimes it indicates an unaddressed market niche (as with me and the baseball playoffs). To paraphrase Thomas Jefferson, I think a little bit of infringement now and again is a good thing. It is only when there is a viable threat in a new medium that existing players innovate – or cut deals with those who do. In that regard, even if SOPA and PROTECT IP are effective at reducing infringement, we might not want them.

Cross-posted at Info/Law.

  January 31, 2012 at 6:58 pm   Posted in: Architecture, Culture, Cyberlaw, DRM, Innovation, Intellectual Property, Media Law, Movies & Television, Politics, Technology, Web 2.0   Print This Post   2 Comments

The E.U. Data Protection Directive and Robot Chicken

posted by Derek Bambauer

The European Commission released a draft of its revised Data Protection Directive this morning, and Jane Yakowitz has a trenchant critique up at Forbes.com. In addition to the sharp legal analysis, her article has both a Star Wars and Robot Chicken reference, which makes it basically the perfect information law piece…

  January 25, 2012 at 4:32 pm   Posted in: Advertising, Architecture, Civil Rights, Consumer Protection Law, Current Events, Cyber Civil Rights, Cyberlaw, Google and Search Engines, Innovation, Politics, Privacy, Privacy (Consumer Privacy), Social Network Websites, Technology, Web 2.0   Print This Post   No Comments

Cybersecurity Puzzles

posted by Derek Bambauer

Cybersecurity is in the news: a network intrusion allegedly interfered with railroad signals in the Northwest in December; the Obama administration refused to support the Stop Online Piracy Act due to worries about interfering with DNSSEC; and the GAO concluded that the Department of Homeland Security is making things worse by oversharing. So, I’m fortunate that the Minnesota Law Review has just published the final version of Conundrum (available on SSRN), in which I argue that we should take an information-based approach to cybersecurity:

Cybersecurity is a conundrum. Despite a decade of sustained attention from scholars, legislators, military officials, popular media, and successive presidential administrations, little if any progress has been made in augmenting Internet security. Current scholarship on cybersecurity is bound to ill-fitting doctrinal models. It addresses cybersecurity based upon identification of actors and intent, arguing that inherent defects in the Internet’s architecture must be remedied to enable attribution. These proposals, if adopted, would badly damage the Internet’s generative capacity for innovation. Drawing upon scholarship in economics, animal behavior, and mathematics, this Article takes a radical new path, offering a theoretical model oriented around information, in distinction to the near-obsession with technical infrastructure demonstrated by other models. It posits a regulatory focus on access and alteration of data, and on guaranteeing its integrity. Counterintuitively, it suggests that creating inefficient storage and connectivity best protects user capabilities to access and alter information, but this necessitates difficult tradeoffs with preventing unauthorized interaction with data. The Article outlines how to implement inefficient information storage and connectivity through legislation. Lastly, it describes the stakes in cybersecurity debates: adopting current scholarly approaches jeopardizes not only the Internet’s generative architecture, but also key normative commitments to free expression on-line.

Conundrum, 96 Minn. L. Rev. 584 (2011).

Cross-posted at Info/Law.

  January 24, 2012 at 4:13 pm   Posted in: Anonymity, Architecture, Articles and Books, Current Events, Cyberlaw, Innovation, Intellectual Property, Law Rev (Minnesota), Military Law, Politics, Privacy (National Security), Technology, Web 2.0   Print This Post   No Comments

Goldilocks and Cybersecurity

posted by Derek Bambauer

It may seem strange in a week where Megaupload’s owners were arrested and SOPA / PROTECT IP went under, but cybersecurity is the most important Internet issue out there. Examples? Chinese corporate espionage. Cyberweapons like Stuxnet. Anonymous DDOSing everyone from the Department of Justice to the RIAA. The Net is full of holes, and there are a lot of folks expert in slipping through them.

I argue in a forthcoming paper, Conundrum, that cybersecurity can only be understood as an information problem. Conundrum posits that, if we’re worried about ensuring access to critical information on-line, we should make the Net less efficient – building in redundancy. But for cybersecurity, information is like the porridge in Goldilocks: you can’t have too much or too little. For example, there was recent panic that a water pump burnout in Illinois was the work of cyberterrorists. It turned out that it was actually the work of a contractor for the utility who happened to be vacationing in Russia. (This is what you get for actually answering your pager.)

The “too little” problem can be described via two examples. First, prior to the attacks of September 11, 2001, the government had information about some of the hijackers, but was impeded by lack of information-sharing and by IT systems that made such sharing difficult. Second, denial of service attacks prevent Internet users from reaching sites they seek – a tactic perfected by Anonymous. The problem is the same: needed information is unavailable. I think the solution, as described in Conundrum, is:

increasing the inefficiency with which information is stored. The positive aspects of both access to and alteration of data emphasize the need to ensure that authorized users can reach, and modify, information. This is more likely to occur when users can reach data at multiple locations, both because it increases attackers’ difficulty in blocking their attempts, and because it provides fallback options if a given copy is not available. In short, data should reside in many places.

But there is also the “too much” problem. This is exemplified by the water pump fiasco: after 9/11, the federal government, including the Department of Homeland Security, began a massive information-sharing effort, such as through Fusion Centers. The difficulty is that the Fusion Centers, and other DHS projects, are simply firehosing information onto companies who constitute “critical infrastructure.” Much of this information is repetitive or simply wrong – as with the water pump report. Bad information can be worse than none at all: it distracts critical infrastructure operators, breeds mistrust, and consumes scarce security resources. The pendulum has swung too far the other way: from undersharing to oversharing. Finding the “just right” solution is impossible; this is a dynamic environment with constantly changing threats. But the government hasn’t yet made the effort to synthesize and analyze information before sounding the alarm. It must, or we will pay the price of either false alarms, or missed ones.

(A side note: I don’t put much stock in which federal agency takes the lead on cybersecurity – there are proposals for the Department of Defense, or the Department of Energy, among others – but why has the Obama administration delegated responsibility to DHS? Having the TSA set Internet policy hardly seems sensible. Beware of Web-based snow globes!)

Cross-posted at Info/Law.

  January 21, 2012 at 7:38 pm   Posted in: Architecture, Cyberlaw, Government Secrecy, Innovation, Intellectual Property, Technology, Web 2.0   Print This Post   No Comments

Censorship on the March

posted by Derek Bambauer

Today, you can’t get to The Oatmeal, or Dinosaur Comics, or XKCD, or (less importantly) Wikipedia. The sites have gone dark to protest the Stop Online Piracy Act (SOPA) and the PROTECT IP Act, America’s attempt to censor the Internet to reduce copyright infringement. This is part of a remarkable, distributed, coordinated protest effort, both online and in realspace (I saw my colleague and friend Jonathan Askin headed to protest outside the offices of Senators Charles Schumer and Kirstin Gillibrand). Many of the protesters argue that America is headed in the direction of authoritarian states such as China, Iran, and Bahrain in censoring the Net. The problem, though, is that America is not alone: most Western democracies are censoring the Internet. Britain does it for child pornography. France: hate speech. The EU is debating a proposal to allow “flagging” of objectionable content for ISPs to ban. Australia’s ISPs are engaging in pre-emptive censorship to prevent even worse legislation from passing. India wants Facebook, Google, and other online platforms to remove any content the government finds problematic.

Censorship is on the march, in democracies as well as dictatorships. With this movement we see, finally, the death of the American myth of free speech exceptionalism. We have viewed ourselves as qualitatively different – as defenders of unfettered expression. We are not. Even without SOPA and PROTECT IP, we are seizing domain names, filtering municipal wi-fi, and using funding to leverage colleges and universities to filter P2P. The reasons for American Internet censorship differ from those of France, South Korea, or China. The mechanism of restriction does not. It is time for us to be honest: America, too, censors. I think we can, and should, defend the legitimacy of our restrictions – the fight on-line and in Congress and in the media shows how we differ from China – but we need to stop pretending there is an easy line to be drawn between blocking human rights sites and blocking Rojadirecta or Dajaz1.

Cross-posted at Info/Law.

  January 18, 2012 at 5:31 pm   Posted in: Advertising, Architecture, Civil Procedure, Constitutional Law, Culture, Current Events, Cyberlaw, First Amendment, Google & Search Engines, Google and Search Engines, Innovation, Intellectual Property, Media Law, Movies & Television, Politics, Technology, Web 2.0, Wiki   Print This Post   No Comments

Supporting the Stop Online Piracy Act Protest Day

posted by Danielle Citron

As my co-blogger Gerard notes, today is SOPA protest day.  Sites like Google or WordPress have censored their logo or offered up a away to contact your congressperson, though remain live.  Other sites like Wikipedia, Reddit, and Craigslist have shutdown, and more are set to shut down at some point today.  There’s lots of terrific commentary on SOPA, which is designed to tackle the problem of foreign-based websites that sell pirated movies, music, and other products–but with a heavy hand that threatens free expression and due process. The Wall Street Journal’s Amy Schatz has this story and Politico has another helpful piece; The Hill’s Brendan Sasso’s Twitter feed has lots of terrific updates.  Mark Lemley, David Levine, and David Post carefully explain why we ought to reject SOPA and the PROTECT IP Act in “Don’t Break the Internet” published by Stanford Law Review Online.  In the face of the protest, House Judiciary Committee Chairman Lamar Smith (R-TX) vowed to bring SOPA to a vote in his committee next month. “I am committed to continuing to work with my colleagues in the House and Senate to send a bipartisan bill to the White House that saves American jobs and protects intellectual property,” he said.  So, too, Senator Patrick Leahy (D-VT) pushed back against websites planning to shut down today in protest of his bill.  “Much of what has been claimed about the Senate’s PROTECT IP Act is flatly wrong and seems intended more to stoke fear and concern than to shed light or foster workable solutions. The PROTECT IP Act will not affect Wikipedia, will not affect reddit, and will not affect any website that has any legitimate use,” Chairman Leahy said. Everyone’s abuzz on the issue, and rightly so.  I spoke at a panel on intermediary liability at the Congressional Internet Caucus’ State of the Net conference and everyone wanted to talk about SOPA.  I’m hoping that the black out and other shows of disapproval will convince our representatives in the House and Senate to back off the most troubling parts of the bill.  As fabulous guest blogger Derek Bambauer argues, we need to bring greater care and thought to the issue of Internet censorship.  Cybersecurity is at issue too, and we need to pay attention.  Derek may be right that both bills may go nowhere, especially given Silicon Valley’s concerted lobbying efforts against the bills.  But we will have to watch to see if Representative Smith lives up to his promise to bring SOPA back to committee and if Senator Leahy remains as committed to PROTECT IP Act in a few weeks as he is today.

  January 18, 2012 at 10:11 am   Posted in: Architecture, Civil Rights, Current Events, Cyber Civil Rights, Cyberlaw, First Amendment, Law Talk, Media Law, Social Network Websites, Technology, Web 2.0   Print This Post   2 Comments

The Fight For Internet Censorship

posted by Derek Bambauer

Thanks to Danielle and the CoOp crew for having me! I’m excited.

Speaking of exciting developments, it appears that the Stop Online Piracy Act (SOPA) is dead, at least for now. House Majority Leader Eric Cantor has said that the bill will not move forward until there is a consensus position on it, which is to say, never. Media sources credit the Obama administration’s opposition to some of the more noxious parts of SOPA, such as its DNSSEC-killing filtering provisions, and also the tech community’s efforts to raise awareness. (Techdirt’s Mike Masnick has been working overtime in reporting on SOPA; Wikipedia and Reddit are adopting a blackout to draw attention; even the New York City techies are holding a demonstration in front of the offices of Senators Kirstin Gillibrand and Charles Schumer. Schumer has been bailing water on the SOPA front after one of his staffers told a local entrepreneur that the senator supports Internet censorship. Props for candor.) I think the Obama administration’s lack of enthusiasm for the bill is important, but I suspect that a crowded legislative calendar is also playing a significant role.

Of course, the PROTECT IP Act is still floating around the Senate. It’s less worse than SOPA, in the same way that Transformers 2 is less worse than Transformers 3. (You still might want to see what else Netflix has available.) And sponsor Senator Patrick Leahy has suggested that the DNS filtering provisions of the bill be studied – after the legislation is passed. It’s much more efficient, legislatively, to regulate first and then see if it will be effective. A more cynical view is that Senator Leahy’s move is a public relations tactic designed to undercut the opposition, but no one wants to say so to his face.

I am not opposed to Internet censorship in all situations, which means I am often lonely at tech-related events. But these bills have significant flaws. They threaten to badly weaken cybersecurity, an area that is purportedly a national priority (and has been for 15 years). They claim to address a major threat to IP rightsholders despite the complete lack of data that the threat is anything other than chimerical. They provide scant procedural protections for accused infringers, and confer extraordinary power on private rightsholders – power that will, inevitably, be abused. And they reflect a significant public choice imbalance in how IP and Internet policy is made in the United States.

Surprisingly, the Obama administration has it about right: we shouldn’t reject Internet censorship as a regulatory mechanism out of hand, but we should be wary of it. This isn’t the last stage of this debate – like Wesley in The Princess Bride, SOPA-like legislation is only mostly dead. (And, if you don’t like the Obama administration’s position today, just wait a day or two.)

Cross-posted at Info/Law.

  January 16, 2012 at 7:28 pm   Posted in: Architecture, Civil Procedure, Constitutional Law, Culture, Cyber Civil Rights, Cyberlaw, First Amendment, Google & Search Engines, Google and Search Engines, Intellectual Property, Media Law, Movies & Television, Politics, Technology, Web 2.0   Print This Post   One Comment

The idealization/practice nexus

posted by Biella Coleman

Inspired by Orin Kerr’s question (“is your work focused on the internal narratives and ideologies that people use to describe/justify what they do, or is it focused externally on the actual conduct of what people do?”) below I will give a sense of how I walk the line between what we might call idealism and practice among the geeks and hackers I study.

One of the toughest parts about working with the type of technologists I focus on— intelligent, opinionated, online a lot of the time—is that many will unabashedly dissect my every word, statement, and media appearance. This attribute of my research, unsurprisingly, has been the source of considerable anxiety, only made worse in recent times with Anonymous as I have to make “authoritative” statements about them in the midst studying them, in other words, in the midst of having incomplete information.

All of this is to say I am deliberate and diplomatic when it comes to word choice, framing, and arguments. But most of the time examining practice in light of or up against idealism does not take the somewhat noxious form of “exposing” secrets, the implication being that people are so mystified and deluded that you, the outsider, are there to inform the world of what is really going on (there is a a long standing tradition in the humanities and social sciences, loosely inspired by Karl Marx and especially Pierre Bourdieu, taking this stance, not my favorite strain of analysis unless done really when needed and very well).

Much of what I do is to unearth those dynamics which may not be natively theorized but are certainly in operation. Take for instance the following example at the nexus of law and politics: during fieldwork it was patently clear that many free software hackers were wholly uninterested in politics outside of software freedom and those aligned with open source explicitly disavowed even this narrowly defined political agenda. Many were also repelled by the law (as one developer put it, “writing an algorithm in legalese should be punished with death…. a horrible one, by preference”) and yet weeks into research it was obvious that many developers are nimble legal thinkers, which helps explain how they have built, in a relatively short time period, a robust alternative body of legal theory and laws. One reason for this facility is that the skills, mental dispositions, and forms of reasoning necessary to read and analyze a formal, rule-based system like the law parallel the operations necessary to code software. Both are logic-oriented, internally consistent textual practices that require great attention to detail. Small mistakes in both law and software—a missing comma in a contract or a missing semicolon in code—can jeopardize the integrity of the system and compromise the intention of the author of the text. Both lawyers and programmers develop mental habits for making, reading, and parsing what are primarily utilitarian texts and this makes a lot of free software hackers, who already must pay attention to the law in light of free software licenses, adept legal thinkers, although of course this does not necessarily mean they would make good lawyers.

Read the rest of this post »

  January 15, 2012 at 11:52 am  Tags: Anonymous, Free Software, idealization, practice  Posted in: Philosophy of Social Science, Politics, Web 2.0   Print This Post   4 Comments

BRIGHT IDEAS: Anita Allen’s Unpopular Privacy

posted by Danielle Citron

Lucky for CoOp readers, I had a chance to talk to Professor Anita Allen about her new book Unpopular Privacy, which Oxford University Press recently published.  My co-blogger Dan Solove included Professor Allen’s new book on his must-read privacy books for the year.  And rightly so: the book is insightful, important, and engrossing.  Before I reproduce below my interview with Professor Allen, let me introduce her to you.  She is a true renaissance person, just see her Wikipedia page.  Professor Allen is the Henry R. Silverman Professor of Law and professor of philosophy at the University of Pennsylvania Law School.  She is also a senior fellow in the bioethics department of the University of Pennsylvania School of Medicine, a collaborating faculty member in African studies, and an affiliated faculty member in the women’s studies program.  In 2010, President Barack Obama named Professor Allen to the Presidential Commission for the Study of Bioethical Issues. She is a Hastings CenterFellow.  Her publications are too numerous to list here: suffice it to say that she’s written several books, a casebook, and countless articles in law reviews and philosophy journals.  She also writes for the Daily Beast and other popular media.

Question: You began writing about privacy in the 1980s, long before the Internet and long before many of the federal privacy statutes we take for granted. What has changed? 

 I started writing about privacy when I was a law student at Harvard in the early 1980s and have never stopped. Unpopular Privacy, What Must We Hide (Oxford University Press 2011) is my third book about privacy in addition to a privacy law casebook Privacy Law and Society (West Publishing 2011).  My original impetus was to understand and explore the relationships of power and control among governments, individuals, groups, and families.  In the 1970s and 1980s, the big privacy issues in the newspapers and the courts related to abortion, gay sex, and the right to die.  Surveillance, search and seizure, and database issues were on the table, as they had been since the early 1960s, but they often seemed the special province of criminal lawyers and technocrats.

To use a cliché, it’s a brave new world.   Since my early interest in privacy, times have indeed changed, the role of electronic communications and the pervasiveness of networked technologies in daily life has transformed how personal data flows and how we think about and prioritize our privacy.  Terms like webcam, “text messaging,” “social networking,” and “cloud computing” have entered the lexicon, along with devices like mobile, personal digital assistants, and iPads.

The public is just beginning to grasp ways in which genetics and neuroscience will impact privacy in daily life—I have begun to reflect, write, and speak more about these matters recently, including in connection with my work as a member of President Obama’s Presidential Commission for the Study of Bioethical Issues.

Question: Your book coins the phrase “unpopular privacy.”  In what way is privacy unpopular?  

First let me say that I think of “popular privacy” as the privacy that people in the United States and similar developed nations tend to want, believe they have a right to, and expect government to secure.  For example, typical adults very much want privacy protection for the content of their telephone calls, e-mail, tax filings, health records, academic transcripts, and bank transactions.

I wrote this book because I think we need to think more about “unpopular” privacy. “Unpopular” privacy is the kind that people reject, despise, or are indifferent to.  My book focuses on the moral and political underpinnings of laws that promote, require, and enforce physical and informational privacy that is unpopular with the very people that those laws are supposed to help or control.  (I call such people the beneficiaries and targets of privacy laws.)  “Don’t Ask, Don’t Tell,” for instance, was an unpopular government mandated privacy for military service members.  My book suggests that some types of privacy that should be popular aren’t and asks what, if anything, we should do about it.

Question: If people don’t want privacy or don’t care about it, why should we care?

We should care because privacy is important.  I urge that we think of it as a “foundational” good like freedom and equality.  Privacy is not a purely optional good like cookies and sports cars.  Since the 1960s, when scholars first began to analyze privacy in earnest, philosophers and other theorists have rightly linked the experience of privacy with dignity, autonomy, civility, and intimacy. They have linked it to repose, self-expression, creativity, and reflection. They have tied it to the preservation of unique preferences and distinct traditions.  I agree with moral, legal and political theorists who have argued that privacy is a right.

I go further to join a small group of theorists that includes Jean L. Cohen who have argued that privacy is also potentially a duty; and not only a duty to others, but a duty to one’s self.  I believe we each have a duty to take into account the way in which one’s own personality and life enterprises could be affected by decisions to dispense with foundational goods that are lost when one decides to flaunt, expose, and share rather than to reserve, conceal, and keep.

If people are completely morally and legally free to pick and choose the degrees of privacy they will enter, they are potentially deprived of highly valued states that promote their vital interests, and those of their fellow human beings. For me, this suggests that we need to restrain choice—if not by law, then by ethics and other social norms.  Respect for privacy rights and the ascription of privacy duties must comprise a part of a society’s formative project for shaping citizens. Read the rest of this post »

  January 13, 2012 at 9:24 am   Posted in: Bright Ideas, Feminism and Gender, Privacy, Privacy (Consumer Privacy), Race, Technology, Web 2.0   Print This Post   No Comments

Neil Richards on Why Video Privacy Matters

posted by Danielle Citron

Our guest blogger Neil Richards, a Professor of Law at Washington University School of Law, turns his sights on video privacy in this guest blog post.  It whets our appetite for his forthcoming book on Intellectual Privacy.  So here is Professor Richards’s post:

The House of Representatives recently passed an amendment to a fairly obscure a law known as the Video Privacy Protection Act.  This law protects the privacy of our video rental records.  It ensures that companies who have information about what videos we watch keep them confidential, and it requires them to get meaningful consent from us before they publish them.  The House, at the urging of Netflix and Facebook, has passed an amendment that would allow these companies to share our movie watching habits much more easily.  The Video Privacy Act was passed after the Washington City Paper obtained the video rental records of Supreme Court nominee Robert Bork and published them in order to politically discredit him.  It worked.  The Video Privacy Act rests on the enduring wisdom that what we watch is our own business, regardless of our politics.  It allows us to share films we’ve watched on our own terms and not those of video stores or online video providers.

What’s at stake is something privacy scholars call “intellectual privacy” – the idea that records of our reading habits, movie watching habits, and private conversations deserve special protection from other kinds of personal information.  The films we watch, the books we read, and the web sites we visit are essential to the ways we make sense of the world and make up our minds about political and non-political issues.  Intellectual privacy protects our ability to think for ourselves, without worrying that other people might judge us based on what we read.  It allows us to explore ideas that other people might not approve of, and to figure out our politics, sexuality, and personal values, among other things.  It lets us watch or read whatever we want without fear of embarrassment or being outed.  This is the case whether we’re reading communist or anti-globalization books; or visiting web sites about abortion, gun control, cancer, or coming out as gay; or watching videos of pornography, or documentaries by Michael Moore, or even “The Hangover 2.”

For generations, librarians have understood this.  Libraries were the Internet before computers – they presented the world of reading to us, and let us as patrons read (and watch) freely for ourselves. But librarians understood that intellectual privacy matters.  A good library lets us read freely, but keeps our records confidential in order to safeguard our intellectual privacy.   But we are told by Netflix, Facebook, and other companies that the world has changed.  “Sharing” as they call it is the way of the future.  I disagree.  Sharing can be good, and sharing of what we watch and read is very important.  But the way we share is essential.  Telling our friends “hey – read this – it’s important” or “watch this movie – it’s really moving” is one of the great things that the Internet has made easier.  But sharing has to be done on our terms, not on those that are most profitable for business.  Sharing doesn’t mean a norm of publishing everything we read on the Internet.  It means giving us a conscious choice about when we are sharing our intellectual habits, and when we are not.

Industry groups are fond of saying that good privacy practices require consumer notice and consumer choice.  The current Video Privacy Act is one of the few laws that does give consumers meaningful choice about protecting their sensitive personal information.  Now is not the time to cut back on the VPPA’s protections.  Now is the time to extend its protections to the whole range of intellectual records – the books we buy, our internet search histories, and ISP logs of what we read on the Internet.  As a first step, we should reject this attempt to eviscerate our intellectual privacy.

  January 4, 2012 at 11:42 am   Posted in: Legal Theory, Privacy, Privacy (Consumer Privacy), Web 2.0   Print This Post   No Comments

Bigoted Harassment, Alive and Well Online

posted by Danielle Citron

With the help of law and changing norms, invidious discrimination has become less prevalent in arenas like schools, workplaces, hotels, and public transportation.  Due to our social environments, anti-discrimination law is fairly easy to enforce.  Because leaders usually can figure out those responsible for discriminatory conduct and ignore such behavior at their peril, bigotry raises a real risk of social sanction.  So too hate discourse in the public sphere is more muted.  A hundred years ago, Southern newspapers and leaders explicitly endorsed mob violence against blacks.  As late as 1940, a newspaper editor in Durham, North Carolina could state that: “A Negro is different from other people in that he’s an unfortunate branch of the human family who hasn’t been able to make out of himself all he is capable of” due to his “background of the jungle.”  In the post-Civil Rights era, the public expression of bigoted epithets and slurs occurs infrequently.  One rarely hears racist, sexist, or homophobic speech in mainstream media outlets.  Some interpret this state of affairs optimistically, as a sign that we are moving beyond race, gender, and arguably even sexual orientation.  The election of the first black President provoked proclamations of our entry into a “post-racial” era.  Many contend that we no longer need feminism anymore.  Prime time television is filled with images of female power, from Brenda Leigh Johnson’s chief on The Closer to Dr. Miranda Bailey’s “take no prisoners” surgeon on Grey’s Anatomy.  Who needs feminism anymore as its goals have been achieved?

But a new era is not upon us.  In some arenas, hate’s explicit form has repackaged itself in subtlety.  In public discourse, crude biological views of group inferiority are often replaced with a kinder, gentler “color-blind racism,” as sociologist Eduardo Bonilla-Silva calls it. The face of modern racism is, in journalist Touré’s estimation, “invisible or hard to discern, lurking in the shadows or hidden.”  The media has also better disguised sexism with its anxiety about female achievement, renewed and amplified objectification of young women’s bodies and faces, and the dual exploitation and punishment of female sexuality, as media scholar Susan Douglas explains.

Offline public discourse may now be on more neutral ground but its online counterpart is not.  While virulent bigotry continues behind closed doors, it increasingly appears in online spaces that blend public and private discourse.  Although televised sports commentary rarely features anti-gay rhetoric, online sports message boards are awash in in-your-face homophobic speech.  Racial epithets and slurs are common online, whether in Facebook profiles, Twitter posts, blog comments, or YouTube videos.  College students encounter more sexually inappropriate speech in online interactions than in face-to-face ones.

Matters have not improved since I started talking and writing about it since 2007, when we woke up, for a brief second, and paid attention to sexualized, misogynistic attacks on Kathy Sierra on her blog and two others and the targeting of female law students on AutoAdmit.  Then, technologist Tim O’Reilly and Wikipedia co-founder Jimmy Wales called for a Blogger’s Code of Conduct.  That effort failed to gain traction, and ever since the bigoted online abuse continues, silencing victims, ruining their online reputations, costing them jobs, and interfering with their ability to engage with others online and offline.  Newsweek’s always insightful Jessica Bennett has published important new piece on online misogyny and the Guardian’s Vanessa Thorpe and Richard Rogers similarly explore the rape threats and abuse of female bloggers.  I will be blogging about bigoted online harassment, as I am amidst writing a book about it and serving on the Inter-Parliamentary Task Force on Online Hate, which recently held a hearing at the House of Commons.  This all has to stop, and now.

  November 7, 2011 at 10:56 am   Posted in: Cyber Civil Rights, Cyberlaw, Feminism and Gender, Privacy, Privacy (Gossip & Shaming), Web 2.0   Print This Post   16 Comments

Parents Facilitating Facebook Use for the Under 13 Set: The False Promise of Minimum Age Requirements

posted by Danielle Citron

The Child Online Privacy Protection Act (COPPA), enacted in 1998 and finalized in 2000, requires commercial websites that target children under 13 or have actual knowledge that users are under 13 to ask for parental permission before collecting and using their information.  Legislators hoped to protect children from predatory marketing, safety risks such as stalking or kidnapping, and other abuses related to the use of children’s private data.  They also wanted more parental involvement in online data-collection practices and to encourage the development of technologies designed to give parents better tools to protect their kids’ online privacy.  Although COPPA has succeeded in stopping egregious predatory data practices, it has fallen short of its core goals.  The Federal Trade Commission (FTC), tasked with implementing and enforcing COPPA, admits that online industries have neither innovated nor emphasized mechanisms for obtaining verifiable parental consent.  Instead, to avoid costs associated with obtaining parental consent including potential fines for inappropriately dealing with children’s data, many sites just limit their services to children 13 and older. Sites typically include the age restriction in their Terms of Service agreements (ToS), to which users must consent when they create an account.  Many sites ask users for their age or birth date to ascertain if they are 13 or over.  Facebook does, for instance, and reserves the right to terminate accounts of users who “violate the letter or spirit” of its ToS.  To protect itself from possible legal exposure, Facebook employs cookies to prevent users from changing their minds about their age to evade the site’s requirements and actively deletes accounts where evidence suggests that the users are not in fact 13 or older.  This spring, the FTC called for comments on a proposed amendment to its Child Online Privacy Protection Rule, enacted in 2000 and renewed without change in 2005.  As FTC Chairman Jon Leibowitz explained: “In this era of rapid technological change, kids are often tech savvy but judgment poor. We want to ensure that the COPPA Rule is effective in helping parents protect their children online, without unnecessarily burdening online businesses.  We look forward to the continuing thoughtful input from industry, children’s advocates, and other stakeholders as we work to update the Rule.”

A study released this week by danah boyd, Eszter Hargittai, Jason Schultz, and John Palfrey sheds new light on COPPA’s failings.  Given the current regulatory attention to COPPA, the study could not be more timely or more important.  The authors surveyed a national sample of 1,007 parents and guardians who have children ages 10-14 living with them.  They found that although many sites restrict access to children, many parents knowingly allow their children to lie about their age–indeed, they often help them do so– to gain access to age-restricted sties in violation of the sites’ ToS.  This is true for some of the most popular social media sites and services, such as Facebook, Gmail, and Skype.  Specifically, the study revealed that 55% of 12 year olds had Facebook accounts while 32% of 11 year olds and 19% of 10 year olds did as well.  Seventy-eight percent of the parents of 10 year olds helped their kids set up their Facebook accounts; 68% of the parents of 11 year olds helped their kids sign up; and 76% of the parents of 12 year olds did the same.  Of those parents who reported that their child joined Facebook underage and helped create the child’s account, 74% knew that Facebook had a minimum age that their kids failed to meet.  Although Facebook’s minimum age is a requirement, just over a third of the those parents believed the minimum age was a recommendation.  Over three-quarters of parents believed that there are circumstances that make it okay for their child to sign up for a service even if their child fell short of the age requirement.  Those reasons included communicating with parents, other family members, and friends; use of the service for educational purposes; and because classmates used the service.  Half of the parents indicated that their child could violate the restriction only if under parental supervision.  As the authors explained, those parents felt as though the violation was acceptable because they were monitoring their children’s online practices.  Importantly, most parents either did not understand the reason for the age requirement or failed to appreciate its privacy goals.  While most parents had no idea what animated the requirement, some offered explanations such as concerns about the adult content or language on the site, “children don’t need to have a social media presence,” and “to protect minors from perverts.”  A small fraction of the parents referred to legal issues.  Only two parents referenced privacy.

What does all of this tell us?   Rather than providing parents and children with greater options for controlling the use of youth’s personal information, COPPA has actually encouraged the adoption of formal limits on children’s access to online services.  Those limits are rather meaningless, though.  As the authors explain, parents are “taking matters into their own hands to circumvent the restrictions . . . at the cost of their children’s privacy and at the risk of acting unethically and potentially in violation of the law.”  While providers and parents together circumvent COPPA’s requirements, the true losers are the parents who don’t get the chance to audit and delete their children’s data, as COPPA mandates when sites have actual knowledge that they are collecting and using data from kids under 13.  We are also seeing parents help their children engage in public deceit because they think their kids would benefit from online services.  This creates a serious parenting conflict among those who wish to encourage honesty. Because children pretend that they are far older than they actually are in online interactions, they also may open themselves up to other risks including stalking, something the statute sought to avoid.  In the end, COPPA has accomplished very little and risked a lot.  Kids under 13 do not end up with privacy protections afforded by COPPA and may even put themselves at risk.  Providers get around COPPA’s requirements with age cutoffs that are routinely violated.  Innovation for greater parental controls remains illusive.  As the study’s authors urge, policy-makers should “shift away from privacy regulation models that are based on age or other demographic categories and instead develop universal privacy protections for online users.”

More broadly, the study shows us that parents are involved in their kids’ social media use, whether it’s deceptive and in violation of ToS or not.  One might say that parents are increasingly taking over the role of Chief Family Privacy Officer, but, as we now appreciate, without COPPA’s protections.  What’s needed is far more education for parents and kids about the privacy risks associated with social media.  That’s of course true for the under 13 set and for those 13 and older. But since parents are helping expose their kids to social media services without COPPA’s protections, we need to work on education as early as elementary/lower school.  High school students, their parents, and educators often don’t appreciate the potential privacy risks of social media so one can imagine that kids in lower school, their parents, and teachers don’t as well.  Do students really want to spend hundreds of thousands of dollars on a college education and then end up unemployable due to something they posted on Facebook (which now is at greater risk for being indexed and searched online due to changes in Google’s algorithm)?  Do they know that colleges may someday look at their social media activity, to their detriment?  A new survey done by Kaplan Test Prep of admissions officers at 359 selective colleges and universities revealed that 24 percent of respondents reported using Facebook or other social networking pages to research an applicant, see here too.  All of this also reinforces the lessons of Ryan Calo’s important work on the flaws of current notice regimes and the potential for improvement through thoughtful design–parents neither get that ToS requirements are not just suggestions nor appreciate the privacy concerns animating those requirements.  Intermediaries can and should do better in that regard.  The study has contributed much to our appreciation of COPPA and the regulation of privacy online more generally.  I am hoping that legislators and regulators are paying attention.

  November 6, 2011 at 10:19 am   Posted in: Anonymity, Privacy, Privacy (Consumer Privacy), Web 2.0   Print This Post   2 Comments

Facebook, Bullet Not Dodged Yet (Part Deux)

posted by Danielle Citron

In June, I blogged about the dreaded question (for parents of teenagers): “Mom, can I have a Facebook profile?”  At the time, we talked about its benefits and drawbacks.  On the one hand, it’s a gateway to socializing that she had been missing given her late birthday.  Different sports leagues had Facebook groups, perhaps she needed to join, and other activities would as well.  On the other hand, her privacy and reputation could be jeopardized, by her own hand or her “friends.”  Facebook’s privacy settings are notoriously whimsical, and more importantly as Steve Bellovin’s work shows notoriously misunderstood–setting up an account was indeed a game of chance, or as Bob Keller notes, like giving your kid a pipe of crystal meth.  We gave our thirteen year old kid the choice and told her to talk to us when she was ready to get started.  The summer came and went and all was quiet.  So now, a good five months later and a good five months wiser, my kid has decided that she wants to think about getting a Facebook page again.  And the conversation went something like this (she did all of the talking):  So I’m feeling excited about this.  Facebook would let me stay in touch with my sleep-away camp friends who live all over the place and I could friend kids that I meet from other schools in the area, at games, mixers, etc.  And I am jazzed about this new close friends feature that everyone’s been talking about.  This way I can share photographs only with my five best pals and I don’t have to worry.  (Pause).  But, I really want to friend the kids from camp and want them to see what I am up to, so this close friends feature may not work.  And what if those camp friends have weird friends or end up being strange themselves.  I can’t de-friend them, can I and still pal around at camp?  And I don’t want other people making judgments about me based on what those not-so-close friends are up to?  Will colleges see what I am doing, when it comes time?  And what if someone goes on my close friend’s computer and copy and pastes my silly remarks and it goes viral, like the Friday girl who ended up getting death threats and harassed.  Can I put up my favorite artists?  I definitely can say I like the Beatles and Elton John, but can I say Kesha?  Will people think I am appropriate if I put Kesha down or Katy Perry?  Some of their songs are, err, a little inappropriate.

After all of that, my kid said she needed to think about it, it all seemed so, well, complicated.  That seemed just the right word: complicated.  But the question seems even more tricky now than it did in June.  Who is she doing this for?  Taking cues from Erving Goffman, life is a performance.  Some of it is just for you–a way to develop oneself, experiment, play, and figure out who you are as much as who you are not.  Much of it is for others.  We perform different roles for the people in our lives: friends, parents, co-workers, coach, priest/imam/rabbi, acquaintances, and strangers.  Some performances are oppressive: we cover or pass as best we can in the face of stigma and prejudice.  And we perform at a time of extensive social and political surveillance.  We feel watched, and for good reason.  Companies give us social influence scores.  Employers, marketers, and businesses use those scores to benefit some, leaving others less favored and less fortunate.  Maybe we perform online for them?  Colleges look at social media profiles.  (danah boyd has a great piece about a question a college asked her about a student’s MySpace page, which seemingly contradicted his college essay.)  Do young people perform for them?  At the same time, government monitors our online presence, searching for threats to critical infrastructure and the like.  Government 2.0 social media sites may be keeping track of the stories we like, the friends we make, and pictures we post.  Who knows?  Agencies aren’t promising not to watch us, so maybe being careful is smart.  Are we performing for fusion centers and our government social media friends?  All of this watching brings to mind Julie Cohen’s book Configuring the Networked Self: Law, Code, and the Play of Everyday Practice (Yale University Press, forthcoming 2011, see her talk here)–more on that in early 2012 in our online symposium on the book.  Navigating those questions every time one posts on Facebook is bewildering, especially because we can’t really control what happens to the information posted there.  A commentator on my previous post basically said that I had better get a grip on reality, that nothing I did or said could influence what she did and she would hate me anyway.  I guess we just fundamentally disagree.  Parenting is a huge responsibility, and lots of what my kid is mulling comes from long, long conversations we have had about being a responsible and smart digital citizen.  I am looking forward to talking it through again, once she has a better idea of what she wants to do.

P.S. Sorry about the light blogging, working on my first book on cyber mobs and hate (forthcoming Harvard University Press).

H/T Susan McCarty (who helped me find the db piece) , JJC

  October 6, 2011 at 9:07 am   Posted in: Culture, Privacy, Privacy (Consumer Privacy), Privacy (Electronic Surveillance), Social Network Websites, Technology, Web 2.0, Weird   Print This Post   5 Comments

Hot Summer Flashes, Black Urban Mobs

posted by Olivier Sylvain

  September 5, 2011 at 11:52 pm   Posted in: Constitutional Law, Culture, Current Events, First Amendment, Media Law, Philosophy of Social Science, Politics, Race, Social Network Websites, Sociology of Law, Technology, Web 2.0   Print This Post   8 Comments

Comic-Con and Social Networks

posted by Ari Waldman

Comic-Con is many things: awesome, hilarious, tragic, fun, hilarious, expensive and hilarious. Every July, San Diego becomes the homeof more than just balmy temperatures and the alt-rock tones of Jason Mraz; it hosts Comic-Con, an extraordinary pop culture event that brings together Trekkies and Chris Evans (the 2011 Captain America), Jedis and Ryan Kwanten (of True Blood) and more than a few people who have never picked up a comic book. I’ve joined the crowds the past two years because, well, it’s what you do in San Diego this weekend.

I have found that Comic-Con is a prime beneficiary of the decline of anonymity in online social networks.

Facebook may be leading the way in the fight against anonymity, but digital communities built around shared interest in science fiction are giving Mark Zuckerberg a run for his anti-anonymity money. To be sure, online games like World of Warcraft (WoW) allow you to create fantastic identities and personae for yourself, but I had a feeling they have become so much more than that. I did not know from experience: I enjoy Sci Fi and have my share of SyFy shows waiting on my DVR, but I’ve never played WoW. I was never a big gamer, even when “Where in the World is Carmen Sandiego” actually came on those large black floppy discs. So, I did what any nerd would do: I went to Comic-Con to test a theory.

I looked for groups where members were of similar ages (thus excluding families), but did not restrict myself to any particular age, race, gender or costume. I spoke to about 100 people. I wanted to know where they met their friends: online or in person? If online, on what platform? If not on a traditional social networking site like Facebook, where? Did they ever have pseudonyms or online identities that hid their real identities? If so, how and when did they come out of the closet to meet each other? In other words, I was trying to understand the role of online anonymity in social interaction among people at Comic-Con, many of whom are highly wired.

Of 107 people, 67 met the friends they were with at the time online. Notably, that is not the same as saying that nearly 2/3 of respondents came to Comic-Con with people they met online, but still, that is a staggering number! In any event, all of them eventually ”met” or “found” each other on Facebook, but some initially linked up through sci-fi themed groups. But, since it all happened through Facebook, no one was anonymous. 

Not all relationships started on Facebook’s science fiction corner. A few knew each other as frequent commenters on Gateworld.net, an all-things-Stargate fan website; some were WoW buddies who “never kept [themselves]hidden. He sounded cool, so whatever. It’s all on Facebook or MySpace anyway.” Another young man met his Jedi-clad friend “playing a few different online games. In the chat rooms, he mentioned he was from China and I thought that was so cool, especially since I live in Georgia.” He meant the country, not the state. The two struck up a friendship, became MySpace “friends,” then Facebook “friends” and then decided that they both should meet each others’ friends at Comic-Con. I also met a few young women who lamented that I wasn’t in costume and said that they too bonded online as three of the precious few females to comment about the show Warehouse 13 with any frequency. “As soon as I saw another girl, I immediately asked who she was and where she was. She then friended me on Facebook and I had a friend in a place called Riverside, California. I live in Oklahoma.”

Comic-Con attendees bear the brunt of a lot of stereotypes, none more common than of the adolescent, nonathletic boy who projects the kind of person he wants to be into his WoW elf. But, my initial research suggests that these men and women are not hiding behind the perceived anonymity that their online games could provide. Instead, they see their digital selves as extensions of their physical selves and their online identities as ways to help them meet people in real life. It is difficult for all of us to meet new people, so while an elf-self may be a foot in the door, the man behind the elf wants nothing more than to drop his mask and allow his digital community to supplement his physical community.

Admittedly, my tiny sample set answered informal questions in an unscientific survey. But, this concept — who we really are online and what are we really doing — has implications for the kind of policies websites, intermediaries and users would want to adopt to make the Internet a safe community for all. If we don’t want to be anonymous and have less and less need for it, why should we put safety and certain rights at risk in the name of protecting absolute anonymity? If even elf-selves are eschewing anonymity because of the community-building possibilities of Facebook and Gateworld.net, perhaps anonymity is not part of the liberating potential of the Internet. Perhaps community-building is.

  July 22, 2011 at 6:40 pm   Posted in: Culture, Cyberlaw, Web 2.0   Print This Post   4 Comments

When We Say “Stop Cyberbullying,” What Are Our Goals?

posted by Ari Waldman

Being laid up for a week with a nasty tonsil infection gave me the opportunity to catch up on some Sunday NY Times crosswords (Side Note: I refuse to accept that we’re now spelling the word “epilogue” as “epilog,” Mr. Will Shortz), some nerdy SciFi television and some law review articles on cyberharassment. Many esteemed colleagues, not to mention countless law students, are writing about this or related topics in some way. There is indeed much to talk about. But, what does not get as much play are the assumptions upon which much of the results-oriented scholarship is based.

The face-to-face and online harassment of young people, of any sexual orientation, of any gender, of any race, of any socio-economic status, is a bad thing. For the moment, let us put aside those who cling to the antiquated “this is all part of growing up” meme and assume that we all think harassing, attacking and emotionally abusing young people is bad. But, when we are asked to evaluate potential ameliorative responses — harsh punishments, tolerance education, increasing the role of government and a host of other possibilities — it is not enough to simply assume that a problem exists. In order to compare one response against another, we must first engage in a discussion about the values we’re trying to protect over and above solving the problem.

For example, let us assume for the moment that cyberharassment raises only two issues: the speech rights of harassers and the speech rights of victims. If we have to factor into any solution concerns about these stakeholders’ free speech, must we weigh them equally? No. But, then how do we weigh them? Does it matter whose rights? Sure. Those mean harassing kids don’t deserve their rights, only victims do. But, we all know what that kind of reasoning implies. Does it matter that in our example both the perpetrators and victims are students? Do minors even have speech rights (ask Justice Thomas for a resounding “Pfft. Surely you jest!“).

Do we have an adequate basis for finding an answer other than our own personal prejudices? I think we do, but our Internet speech law misses the mark. The legislative history of Section 230 of the Communications Decency Act (the immunity clause) and judicial opinions in cases like Reno v. ACLU, Ashcroft v. ACLU and Zeran v. AmericaOnline suggest that we determine what to value based on our vision of the Internet user as a modern day “pamphleteer” who can reach out “to a world-wide audience,” and do so “anonymous[ly].” A person like that in an environment like that would value individual autonomy and autonomy-based free speech values more than anything else, devaluing other First Amendment values. That vision of the Internet user and his online experience, however, is simply incorrect. Anonymity as a technical matter does not really exist and social networking platforms like Facebook are making anonymity a thing of the past. And, being a pamphleteer that can reach anyone is a little difficult when all content goes through and can be arranged and censored by intermediaries. This Internet user with this online experience would not only be concerned with individual autonomy above all other things. He would be concerned with his reputation, which can be irreparably damaged by online defamation and misbehavior. And, he would be concerned with getting his voice out there, especially since he is completely dependent upon third parties for access.

  July 15, 2011 at 3:24 pm   Posted in: Cyberlaw, First Amendment, Web 2.0   Print This Post   5 Comments

Scoring Ourselves to Economic Death

posted by Danielle Citron

In The New York Times, Stephanie Rosenbloom asks readers to “imagine a world in which we are assigned a number that indicates how influential we are.”  That number would help determine our success at getting a job, hotel-room upgrade, break on a service, or free samples at the store.  As Rosenbloom tells us, imagine no more, companies, such as Klout, PeerIndex, and Twitter Grader, are mining our social media activities and assigning us influence scores.  Social scoring is based on our online social network activity, including the number of followers, friends, and the extent to which our online activity gets people moving.  If if you recommend a salon to your social network friends and they follow suit, your good word has two functions.  You’re doing a good thing for your friends and the salon (let’s hope), and now you’re doing good for you.  Because you have inspired people to take action, your influence score may rise.  In the present, people with high scores get preferential treatment by retailers.  More than 2,500 marketers are now using Klout’s data.  Audi will begin offering Facebook users promotions based on their Klout score.  The Las Vegas Palms Hotel and Casino is using Klout data to give highly rated guests an upgrade or tickets to a show.  In the future, those scores could be used by prospective employers, friends, and dates.

On the one hand, this market trend has something important to commend — its visibility.  Consumers can find out their influence scores and work to raise them.  By contrast, the impact of behavioral advertising is often hidden.  We are tracked and scored in databases and have no idea how it shakes out.  Joe Turow’s excellent book Niche Envy explains that consumers know very little about how their data personalizes market transactions.  Some individuals may end up as haves and others as have-nots, but neither group knows the extent of it.  As Turow explains, “our simple corner store is turning into a Marrakech bazaar–except that the merchant has been analyzing our diaries while we negotiate blindfolded, behind a curtain, through a translator.”  On the other hand, the information isn’t perfect and the algorithms secret so people may waste time doing things that they believe will raise their scores but don’t.  But that isn’t really troubling, unless every job or blog post had the effect we hoped it might.  What’s troubling is the trend’s implications for society and culture.  It seems old school to say that people blog, make friends, and engage in online chats to play, experiment, and create culture.  Now, they may feel pressured to do all of these things as a matter of economic necessity.  We may forgo experimentation for product endorsements, and idle chatter for better job prospects.  This makes our children’s choice to engage with social media seem like less of choice than a carefully cultivated necessity.  It also spells far more trouble for people who are already victimized, those who cyber mobs target with lies, threats, technical attacks, and privacy invasions.  They go offline or write under pseudonyms to protect themselves.  We now know that those choices (if we can call it that) cost more economically than they already do aside from the many other costs that my work discusses.  I imagine there’s more to this influence score story but I thought I’d share my initial take.

  June 28, 2011 at 6:24 pm   Posted in: Advertising, Architecture, Culture, Cyber Civil Rights, Cyberlaw, Google & Search Engines, Privacy, Privacy (Consumer Privacy), Web 2.0   Print This Post   3 Comments

Another Day, Another Sexting Politician

posted by Ari Waldman

My first reaction to Congressman Anthony Weiner’s admission was, “Oh… my… god!” My second reaction was to laugh — no matter how old we men get, we are all still 12 year old boys inside — and think of a post filled with double entendre. My third reaction was to wonder what this deeply unfortunate story means for tech law.

(NOTE: Any double entendre is purely unintentional! My mother reads these things!).

Brooklyn Congressman Anthony Weiner, a man I have had the opportunity to meet and even challenge to running race, first alleged that his Twitter account had been hacked, then maintained that he did not send the tweet but the image could have been of him and then, finally and mercifully, admitted that he sent the tweet and was carrying on “inappropriate relationships” with “several” women that he met online. Minority Leader Nancy Pelosi has called for an ethics investigation, conservative pundits are calling for the Congressman’s head and the rest of us are probably unmoved. We live in a world where Eric Massa, Christopher Smith, Mark Foley and so many other politicians are sexually crazed and hooked into a virtual world they either do not understand or are simply too arrogant to care about.

Weinergate has obvious lessons on the perils of throwing no caution to the wind regarding your Internet presence. It also reminds us that some men in power tend to lose their grip on reality. But, you do not have to be in Congress to be victimized by careless, stupid digital behavior.

If one divorcing spouse wanted to prove infidelity, perhaps as part of denying a 50/50 split of marital assets, text messages, emails and self-taken photographs on the other spouses cell phone, Twitter history and email inbox may be fair game. Just last year, a New York state judge in part used evidence of a man’s sexually charged conversations with various women online to deny him child custody. Notably, there had been no evidence that this man ever met any of these women in person or committed any sexual act. He messaged them online, adding jpegs of himself. Another judge in New Hampshire refused to use evidence of a divorcing spouse’s virtual interactions without evidence of an actual affair outside the digital universe. Family court judges have wide latitude in this area, but what are your thoughts about these cases?

Outside of the family law context, lewd online behavior can trigger morality clauses in contracts. Assuming for the moment that morality clauses — provisions in contracts that restrict certain elements of or behaviors in a party’s personal life — are even enforceable, sending a lewd photograph of yourself to “several” women with whom you are having “inappropriate relationship[s]” could be grounds for dismissal.

The operative question is whether evidence of digital hanky-panky, without even a hint of actual infidelity or inappropriateness in real life, is enough wrongdoing in these and other contexts. It seems incongruous to simultaneously recognize the pervasiveness and salience of digital interaction today and still diminish the importance of digital inappropriate behavior below face-to-face conduct. We are both virtual and physical beings now. Excusing a person’s bad conduct in the former simply because it happened through packets of 1′s and 0′s on the Internet seems antiquated and a recipe for a blind spot in social norms.

  June 6, 2011 at 7:43 pm   Posted in: Culture, Current Events, Cyberlaw, Humor, Technology, Web 2.0   Print This Post   6 Comments

Bullet, So Not Dodged

posted by Danielle Citron

The question that I had been dreading came at last: “Mom, can I have a Facebook page?”  My daughter provided a strong defense: she’s 13, so she meets Facebook’s Terms of Service age requirement; she’s nearly an adult in her religion’s eyes (her bat mitzvah is in a week); past practices proves she’s responsible; and well, she feels ready.  (And I just discovered, she’s done her homework: see this Yahoo Answers! “My mom won’t let me get a Facebook page, how do I convince her?” thread that I found on my computer).

Next came the conversation.  We talked about how increasingly social media activity is part of one’s life’s biography.  Anything said and done in social network spaces becomes part of who you are in our Information Age.  Colleges may ask for your Facebook password.  Over 70% of employers look at social media data for interviewing and hiring (and sad to say, the outcomes are grim for applicants who over 60% of the time don’t get the interview or job due to social network profiles).  It’s not just what you post that speaks volumes — your social network (friends and their friends) tells some of your story for you.  There goes any control that you thought you had.  FB users often wrestle with whether they should de-friend those whose online personas don’t match their sensibilities (or the way in which they want others to perceive them).  This means that users need to keep a careful eye on their friends’ profiles (as well as ever-changing privacy settings).

That’s a lot of responsibility.  Or, as Bill Keller of the New York Times put it when he allowed his 13-year old daughter to join Facebook, he felt “a little as if I had passed my child a pipe of crystal meth.“  Beyond the potential privacy and reputational concerns that accompany social media use, an online life has other potential perils, like overuse (and thus inattention to studies, face-to-face family time, etc.) that cyber-pessimists underscore (see Nicholas Carr’s The Shallows).  And bullying, serious harassment, bigotry increasingly appear in mainstream social media in ways that kids can’t necessarily avoid (my work explores those problems, see here, here, and here, as well as terrific work by guest bloggers Ari Waldman and Mary Anne Franks).  Of course, there’s also lots of positive stuff emerging from these networked spaces.  Social media outlets like Facebook allow us to enact our personalities.  They let us express ourselves in ever-changing and expanding ways.  FB and other outlets host civic engagement as Helen Norton and I have emphasized.

I wonder, too, if my kid has a meaningful choice.  Can digital natives really stay away from social media if all of their friends socialize there?  And will employers and colleges expect that applicants partake in these activities because everyone else does?  Someday, will resisting having a Facebook profile express something negative about you?  Will it signal that you’re not socially adjusted or successful?  As Scott Peppet underscores in his work, we may be forced to give up our privacy to show that we are indeed healthy, social, smart, and the like.  That’s a lot to process, right?  I’m going to chew on this a while.  Your thoughts are most welcome!

  June 4, 2011 at 11:19 am   Posted in: Architecture, Cyber Civil Rights, Cyberlaw, Google & Search Engines, Privacy, Privacy (Gossip & Shaming), Web 2.0   Print This Post   5 Comments

• « Older Entries