Fifteen years ago, David Post and David Johnson published what some still regard as the seminal paper of cyberlaw scholarship: Law and Borders: The Rise of Law in Cyberspace. Post and Johnson argued that because cyberspace was defined, in a way, by the very absence of territoriality, cyberspace should be governed by laws and lawmakers not tied in traditional ways to territorial states. That paper provoked a reply, Against Cyberanarchy, by Jack Goldsmith, and those two positions – “cyberspace is different”; “no, it isn’t” — have pretty much defined the landscape of cyberlaw ever since. Later scholars have had little choice but to explore the implications and details of staking out intermediate positions. When and how does cyberspace differ, and what do we do about it?
Marketa Trimble’s article approaches this topic by revisiting a species of the territorial question that prompted Law and Borders. How can and should the law address behavior online by people who are physically located in one place but who wish to create or manage online identities in other places? Trimble calls this the challenge of “cybertravel,” a phenomenon that is hardly new but that has taken on renewed significance as Internet technologies (and governments) have caught up to the many ways in which cybertravelers can be in more than one place at a time.
The article describes the problem to be addressed in blunt terms. Governments have ongoing interests in effective taxation and in regulating at least some online behavior (gambling, for example), and commercial interests (often backed by governments) have strong interests in policing geographically-dependent use of intellectual property rights. Individual interests in online freedom and privacy, particularly in anonymous and pseudonymous behavior – in “cybetravel” — have long been threatened by both law and technology used to back interests in regulation. What has changed is the development and use of geolocation tools that have made it easier than ever for both governments and firms to determine where a particular online actor is located in physical space. That technological shift is compounded by the growing acknowledgement of the inadequacy “soft law” approaches to balancing government, commercial, and individual interests (that is, approaches grounded in application of jurisdictional rules in cyberspace-related litigation), and the undesirability from both technical and policy levels of accommodating those interests via compulsory or voluntary activity (such as the use of geographically-oriented filtering technology) at the service provider level. The question is, as it was 15 years ago, how to construct a manageable and sensible regime at the user level.
Approaching this question, Trimble adopts a premise that may put off cyberlaw idealists: Borders should be viewed positively from a normative perspective. Borders are enabling (they help governments keep the bad guys in – such as a gambling enterprises that might like to “offshore” their activities — so that they can be regulated productively) as well as disabling (they help governments keep the good guys out). That pragmatic perspective informs the whole article. Cyberlaw no longer deals in a purely borderless world, online or off. I have a lot of sympathy for that point of view, and I confess that my appreciation of Trimble’s article is grounded in the first place by the fact that she does not try to dodge the point. Some appeal to borders in a geographic sense – physical, virtual, or simply psychic – may be hard-wired into our appreciation of what cyberspace “is.” But the point is hardly uncontested, or uncontestable. Trimble does not cite to the post-Law and Borders literature of a decade ago, which included a number of articles addressing the law and policy implications of the arguable “place-ness” or “placeless-ness” of cyberspace, but she comes down clearly on the side of the scholars who argued that cyberspace is a place, after all.
The article conducts a thorough review of geolocation technologies, with appropriate nods to history and “lower” or less sophisticated or complex technological versions of contemporary tools. It reviews evasion approaches, some that permit access to illegal or regulated content or services, some that enable online participation by individuals or groups with legitimate concerns for their own safety or the safety of others if their location and/or identity were disclosed. The article acknowledges, in other words, that the cybertravel problem is related to jurisdictional issues and to anonymity and identity questions, but also distinct from both.
There is a long section talking about liability risks faced by those who engage in evasion tactics and by those who supply evasion tools. This section describes relevant contract law, copyright law, anti-circumvention law, and tort and fraud questions, with significant and appropriate attention to international and non-US legal regimes. The article does not make its case only from the US perspective.
The most interesting part of the article consists of its review of the normative and prescriptive future. Under what circumstances should individual evasion of geolocation technologies be lawful – that is, what is the proper scope of legitimate regulation of cybertravel? Trimble begins by accepting an analogy between virtual travel and physical travel, such that the interests of citizens (and governments) in each are approximately identical. The argument here is rooted partially in US law and partially in international legal and human rights norms. Given the physical travel analogy, a partial remedy is proposed in the form of a “digital passport” for “netizens” (she does not use that term, but it seems appropriate here, given the modestly anachronistic flavor of the underlying problem), with the rights and duties of the passport holder coded into the architecture of the Internet. Acknowledgement of the “passport” would be more or less a matter of technology rather than politics; the rights underlying the passport holder would be grounded in the holder’s residence or nationality (or perhaps, both). Basing digital rights on terrestrial rights offers a way of balancing the virtues of permitting and enabling evasion of geolocation with legitimate commercial and state interests in supporting a robust geolocation infrastructure.
It is almost a tautology to note that, in light of the article’s Law and Borders ancestry, the solution is unsatisfactory. To her great credit, Trimble acknowledges as much, describing the serious risks to individual privacy that the proposal entails, and the concerns regarding data integrity that it engenders. She also takes care to observe that the proposal could not be implemented without a business, technical, and regulatory infrastructure to support it, and that such an infrastructure would create second-order risks of privatization of the entire enterprise and a corresponding lack of meaningful transparency. Both the proposal and the critique borrow heavily from themes developed originally by Lawrence Lessig.
Trimble closes not with despair that the idealism of cyberlaw pioneers has not been sustained, but with a pragmatic acknowledgement that we live in a second-best world. She argues that the tradeoffs embedded in her proposal are worth accepting, at least conceptually, in order to enable cybertravel that is to some degree freer than it might be in an age of unrestricted use of geolocation tools. Implicit in that conclusion is a response to the debate between Post and Johnson, on the one hand, and Goldsmith, on the other, the conflict between the idea of reinventing social and political life online and the idea of continuing online our lives as we have always lived them. Trimble’s careful, pragmatic article shows that this split is and has always been irremediable, and that the Internet and our experiences within, by, on, and through it, are simultaneously and entirely new and the same.