This book is about using data noise to make your personal information less easily digestible by privacy-consuming systems.
This book is a necessary book because it presents hopeful tactics and strategies for privacy defense at a time when—in spite of half a century of debates about (electronic) privacy laws, regulations and court decisions, best practices and privacy enhancing technologies—we seem to be living in a state of privacy resignation.
This book is concise, rich with examples, written in clear language, does not shy away from the moral hazards and practical limitation of data noise creation, and clarifies again and again that privacy is about informational power relationships in which the powerless have to enlarge their options.
In the authors’ words, “[o]bfuscation is the deliberate addition of ambiguous, confusing, or misleading information to interfere with surveillance and data collection” (P. 1.) clarifying that obfuscation is not about total disappearance or erasure. It is what they call a “relative utility,” (P. 58.) but it is useful nevertheless. It helps to win time for privacy in the rush for completing personal profiles by the informational powerful. At a minimum, it raises the costs of gaining meaningful information and may do so significantly. The authors provide examples, historical ones, like chaff confusing anti-aircraft measures, to bring across the concept, and contemporary ones from the networked life like Twitter bots, CacheCloak, and TrackMeNot to encourage use and further design.
Obfuscation is a tool to be used when and where opting out is not an option, and where one is faced with an asymmetrical information power relationship, when it is unclear what is being done with the information with which consequences, and when there is neither trust nor adequate safeguards. “We aim,” the authors say at P. 44, “to persuade readers that for some privacy problems obfuscation is a plausible solution, and that for some it is the best solution.”
Yet, obfuscation poses its own moral challenges: What about dishonesty, what about wasting bandwidth, polluting or even damaging systems, what about free riding? Brunton and Nissenbaum lead us through exemplary uses of obfuscation, explaining where they see sufficient proportionality in the balance between ends and means to justify obfuscation, emphasizing that the values we attach to means and ends are ultimately social ones and as such need to be negotiated politically. For those reflecting on the use of obfuscation, the authors provide a checklist with a taxonomy of goals, threats, and benefits to allow for a realistic assessment of obfuscation’s ramifications and likely success. Success, the authors hope, would not only encompass a specific outcome of a specific use of obfuscation, but widespread use that eventually leads to progress in research, regulations and policies, and to changing social practices.
Ultimately, as you are putting down the book, you become aware that with obfuscation you cannot tilt any power balance significantly. You may also wonder if these complex means of obfuscation will not accentuate that imbalance between the less and more powerful that the book’s authors seek to address. But obfuscation practices may indeed catch the imagination of more system designers, programmers, and even politicians to develop structural mechanisms to counterbalance the current organizational omnipotence fantasies of foreseeability.
In the meantime it may at least help users to gain and maintain—what has been emphasized in another recently published How-to-Guide, Spy Secrets that Can Save your Life, A Former CIA Officer Reveals Safety and Survival Techniques to Keep You and Your Family Protected, by Jason Hanson—“Situational Awareness.” But this was in a different context, and besides that would be a different jot …
RonNell Anderson Jones & Lyrissa Barnett Lidsky, Of Reasonable Readers and Unreasonable Speakers: Libel Law in a Networked World
, Va. J. Soc. Pol'y & L.
(forthcoming 2016), available at SSRN
Though it can be uplifting and life affirming to read law review articles written by people you almost always agree with, better cerebral benefits are usually obtained from reading the writings of people who challenge your ideas and force you to reconsider your views a bit. Of Reasonable Readers and Unreasonable Speakers: Libel Law in a Networked World by Lyrissa Barnett Lidsky and RonNell Andersen Jones, forthcoming in the Virginia Journal of Social Policy and the Law, is an engaging article that taught me a lot about the state of online defamation litigation.
Both co-authors tend to be more libertarian about the First Amendment than I am, so I always learn a lot from reading their scholarship. I also appreciate their clear and accessible writing. The older I become, the less patience I have for tangled prose, poor organization and conclusions so thick with ambiguity you have to eat them with a fork. Though the previous sentence reflects my exercise of the opinion privilege, the bad writers responsible will remain unnamed, due to the actual malice that infuses those words. (A good companion piece to this excellent article is The Death of Slander by Leslie Yalof Garfield.)
Lidsky and Jones explicitly state that the goal furthered by their article is to assist future courts by providing specific guidance about adapting the opinion privilege and the actual malice rule to social media. The authors suggest applying the opinion privilege (the constitutional doctrine protecting statements that are unverifiable or cannot be interpreted as stating actual facts) broadly to social media expression with a detailed awareness of the internal and external contexts in which the speech occurred to allow unfettered expression to flourish.
The actual malice rule, however, needs to be read narrowly by courts, according to the authors. This is to prevent vengeful or delusional speakers from escaping liability when they engage in character assassination against pubic figures or public officials.
Lidsky and Jones spend the bulk of the article explaining and illustrating the importance of context for evaluating defamation claims based on speech that was uttered via social media. The article theorizes that courts that have addressed online defamation claims have stretched the opinion privilege a bit wider than it is typically deployed in traditional print media. The evidence is offered via summaries of cases that have been decided and reported. The judges rendering these opinions typically list various aspects of the contexts of the challenged speech as justifying a broad latitude for allowable opinion. Important contextual factors have included Twitter conversations in totality, use of informal language, use of social media venues that are “understood” to traffic in un-intermediated opinion, and to prize speed of information delivery over accuracy, use of supporting links, the signaling function of hashtags, and the goddamn frequent use of fucking expletives. Based on the cases reported by Lidsky and Jones, judges seem eager to avoid finding actionable defamation. The authors push back a little, reminding readers that “Defamation law should continue to play a role in preventing character assassination and guaranteeing that public discourse has at least some anchor in truth, even in the social-media age.” (P. 21.)
Lidsky and Jones spend somewhat less time discussing actual malice, the standard derived from New York Times Co. v. Sullivan, which requires libel plaintiffs who are public officials to prove that a defendant published a defamatory statement with knowledge or reckless disregard of its falsity. As with the opinion privilege, actual malice is a subjective determination that so far at least seems to be very context driven when the speech at issue is delivered over social media. What little case law so far exists suggests the possibility that actual malice may become even harder to prove in online venues. The authors caution readers here too, reminding us that libel that reaches large numbers of readers can have an enormous impact that may not be adequately addressed by judges who write angry and false allegations off as inevitable and unavoidable parts of the normative culture of social media platforms.
It would be reassuring to think that Internet users are so used to reading hyperbolic insults and allegations online that they do not take them seriously, as many judges seem to believe. But the well documented destructive impact that social media driven excoriation has had on individuals and businesses (see e.g. these books) suggests that the speech torts are legal tools that are more necessary than ever to regulate (or at least temper) some kinds of online speech. The authors were wise to remind judges of this fact, and I fervently hope their message is heard. This is a topic of terrific importance now and looking forward.
Olivier Sylvain, Network Equality
, 67 Hastings L.J.
443 (2016), available at SSRN
From the halls of Congress to the cocktail parties of Davos, “innovation” is celebrated as the central rationale for Internet policy. Whatever its utility decades ago, the term is now overused, a conceptual melange that tries to make up in capaciousness what it lacks in rigor. Fortunately, legal scholars are developing more granular accounts of the positive effects of sociotechnical developments. Olivier Sylvain’s Network Equality is a refreshing reminder that Internet policy is more complex than innovation maximization. Sylvain carefully documents how access disparities interfere with the internet’s potential to provide equal opportunity.
Network Equality makes a critical contribution to communications law scholarship because it questions the fundamental terms of the last twenty years of debates in the area. For at least that long, key internet policymakers have assumed what Sylvain calls the “trickle-down theory of Internet innovation”—that if policymakers incentivized more innovation at the edge of the network, that would in the end redound to the benefit of all, since increased economic activity online would lead to better and cheaper infrastructure. Now that once-“edge” firms like Facebook are rich enough to propose to dictate the terms of access themselves, this old frame for “net neutrality” appears creaky, outdated, even obsolete. Sylvain proposes a nuanced set of policy aims to replace it.
As Susan Crawford’s Captive Audience shows, the mainstream of internet policymaking has not inspired confidence from American citizens. Large internet service providers are among the least popular companies, even for those with access. They also tend to provide slower service, at higher prices, than ISPs in the rest of the developed world. But the deepest shame of the US internet market, as Sylvain shows, is the troubling exclusion of numerous low-income populations, disproportionately affecting racial minorities.
Sylvain is exactly right to point out that these disparities will not right themselves automatically: policy is needed. Nor should we embrace “poor internet for poor people,” ala the “poor programs for poor people” so common in U.S. history. The situation in Flint shows what happens when the state simply permits some of its poorest citizens to access lower-quality infrastructure. It is not hard to imagine similar results when catch-as-catch-can internet access is proposed as a “solution” to extant infrastructure’s shortcomings.
Sylvain shows that enabling statutes require better access to telecommunications technologies, even as the policymakers charged with implementing them repeatedly demonstrate more interest in innovation than access. Their “trickle down” ideal is for innovation to draw user interest which, in turn, is supposed to attract further investment in infrastructure. But in a world of vast inequalities, that private investment is often skewed, reinforcing structural inequalities between the “information haves and have nots” regarding access to and use of the internet.
Treating the internet more like a public resource would open the door to substantive distributional equality. We generally do not permit utilities to market cheaper-but-more-dangerous, or even intermittent, electricity to disadvantaged communities, however “efficient” such second-rate services may be. Nor should we permit wide disparities in quality-of-service to become entrenched in our communicative infrastructure. Sylvain’s Network Equality may spur state-level officials to assure a “social minimum” of internet access available to all.
Sylvain’s work is an exceptionally important contribution to scholarship on access to the internet, not just in the US, but globally. Indian regulators recently stunned Facebook by refusing to permit its “Free Basics” plan. When activists pointed out that the project smacked of colonialism, celebrity venture capitalist Marc Andreessen fumed, “Anti-colonialism has been economically catastrophic for the Indian people for decades.” For him and many other techno-libertarians, the innovation promised by Facebook was worth whatever power asymmetries may have emerged once so much control was exercised by a largely foreign company. If the price of innovation was colonialism—so be it.
Andreessen’s comment was dismissed as a gaffe. But it reveals a great deal about the mindset of both elites. “Innovation” has become a god term, an unquestionable summum bonum. Few pause to consider that new goods and services can be worse than the old, or merely spark zero-sum competitions. (Certainly the example of high frequency trading in Sylvain’s article suggests that access speed and quality could be decisive in some markets, without adding much, if anything, to the economy’s productive capacity.) Nor is the unequal spread of innovation critically interrogated enough. Finally, the terms of access to innovation may be dictated by “philanthrocapitalists” more devoted to their own profits and political power than to eleemosynary aims.
According to Sylvain, the FCC has been wrong to treat distributive equality as a second-order effect of innovation, rather than directly pursuing it as a substantive goal. Since inequalities in internet access track demographic differences in race, class, and ethnicity, it is clear that the innovation-first strategy is not working. Sylvain’s perspective should embolden future FCC commissioners to re-examine the agency’s approach to inclusion and equal opportunity, going beyond innovation and competition as ideals. Among academics, it should spur communications law experts to consider whether the goal of greater equality per se (rather than simply striving to assure everyone some minimum amount of speed) is important to the economy. Sylvain’s oeuvre makes the case for internet governance institutions that can better deliberate on these issues. His incisive, insightful work is a must-read for the communications and internet policy community.
Have you ever thought of who will have access to your email when you die? If you have social media, have you prepared a digital will that will allow your loved ones to dispose of your online presence? Have you ever wondered what happens to people’s digital accounts when they pass away? These and many other questions are part of a growing number of legal issues arising from our increasingly networked life, and it is the main subject of Virtual Worlds – a Legal Post-Mortem Account, which looks at the issue of post-mortem digital arrangements for virtual world accounts, where the author discusses several possible ways of looking at virtual goods to allow them to be transferred when the owner of the account dies. The article is a great addition to the growing scholarship in the area, but it is also an invaluable shot-in-the-arm to the subject of virtual worlds.
The legal discussion of virtual worlds has gone through a rollercoaster ride, if you pardon the use of the tired cliché. In 1993 author Julian Dibbell published a remarkable article entitled A Rape in Cyberspace. In it he recounts the happenings of a virtual world called LambdaMOO, a text-based environment with roughly one hundred subscribers where the users adopted assumed personalities (or avatars) and engaged in various role-playing scenarios. Dibbell describes how the community dealt with perceived sexual offences committed by a member upon other avatars. The story of LambdaMOO has become a classic in Internet regulation literature, and has been pondered and retold in seminal works such as Lessig’s Code and Goldsmith and Wu’s Who Controls the Internet. Dibbell’s powerful story of the virtual misconduct of an avatar during the early days of Cyberspace still resonates with legal audiences because it brings us back to crucial questions that have been the subject of literature, philosophy and jurisprudence for centuries. How does a community organise itself? Is external action needed, or does self-regulation work? What constitutes regulatory dialogue? How does regulatory consensus arise? And most importantly, who enforces norms?
There was a period of maturity in the literature as other interesting legal questions began to arise, such as ownership of virtual goods, customer protection, contractual validity of end user licence agreements (EULAs), just to name a few. The growing legal interest arose from the evident value of the virtual economy. A report on the virtual economy for the World Bank calculated that the global market for online games was $12.6 billion USD in 2009, and that the size of the secondary market in virtual goods (the monetary value of real money transactions in virtual goods) reached an astounding $3 billion USD. The culmination of this more mature era of research consists of two excellent books, Virtual Justice by Greg Lastowka and Virtual Economies: Design and Analysis by Vili Lehdonvirta and Edward Castronova.
However, after that golden period we have had a marked decline in the number of papers discussing legal issues, with the exception of the continuing existence of the Journal of Virtual Worlds Research. The apparent drop in published research could be caused by the fact that virtual worlds themselves have been losing subscribers. The once-mighty Second Life is now mostly mentioned in phrases that begin with “Whatever happened to Second Life”? Even popular massively multiplayer online games (MMOGs) such as World of Warcraft have also been losing subscribers. But most importantly, many legal issues that seemed exciting some time ago, such as virtual property, or the legal status of the virtual economy, did not produce the level of litigation expected. Most legal issues have been solved through a combination of consumer and contract law.
Edina Harbinja’s article resurrects the interest in virtual worlds with the study of an area of research that has been often neglected, and it is the status of virtual world accounts after the death of the user. While subscriptions figures have been on the wane, the value of the virtual economy has remained the same. Blizzard recently made it easy for subscribers of World of Warcraft to transfer funds from the real world into the virtual economy, and vice versa, with the introduction of in-game token systems. This has meant an injection of real money into virtual economies, potentially resulting in an increased legal interest as to the assets of virtual goods.
Harbinja describes the various types of virtual assets and virtual property, using a range of theories of property to justify the existence of virtual worlds as viable and valuable assets subject of the same rights as ‘real’ property. These include rivalrouness, permanence and interconnectedness as elements that are present in virtual goods making them worthy of legal protection as property. For example, in order to apply tangible notions of property to virtual goods, commentators remark that the possession and consumption of a virtual good must exclude “other pretenders to the same resource.” If virtual goods can have some of the similar characteristics that make tangible goods valuable and worthy of protection, then they should be similarly protected.
She then explores various theories of how to deal with virtual property, including the use of contract law in the shape of end-user licensing agreements, the constitutionalization of virtual worlds, and even going as far as suggesting the creation of virtual usufruct to describe the situation of property in virtual worlds. An usufruct is a civil law concept dating back to Roman times (as a type of personal servitude) that “entitles a person to the rights of use of and to the fruits on another person’s property.” A virtual usufruct would therefore contain limited rights by a person to use an item, to transfer an item, and even to exclude others from exercising the above. Harbinja proposes that since the usufruct would terminate on death, the personal representative of the deceased would be required to assess whether any of these rights can be monetised and the value transferred to the account-holder’s estate.
That being the case, the author explores various options of how to deal with virtual property after the death of the subscriber. This is tricky, as at the moment there is not a single regime of property allocation of virtual goods, and some type of rights may hinge on the value of the virtual goods. The author seems to favour strongly legal reform to allow for some form of usufruct after death as described above.
This is a welcome addition to the body of virtual world literature, and it may help to inject life to a declining genre, pun intended.
Kristen Eichensehr, Cyber War & International Law Step Zero
, 50 Tex. Int'l L.J. 355 (2015), available at SSRN
Kristen Eichensehr recently published a piece entitled Cyberwar & International Law Step Zero that describes an unfolding of events that is by now familiar to international lawyers contemplating the emergence of new military technologies. First, a new military technology X (where X has been drones, cyber weapons, nuclear weapons, lethal autonomous weapons) appears. Nations then ask the “step-zero” question — “does international law apply to the use or acquisition of X”? And the answer is inevitably, “yes, but in some ways existing international law needs to be tweaked to adjust for some of the novel characteristics of X.”
Eichensehr offers a compelling explanation for both the persistence of this question and the recurrent answer. Regarding persistence, she points out that for international law, unlike domestic law, the bound parties—nations—bind themselves consensually. For example, she writes that “The tradition of requiring state consent (or at least non-objection) to international law predisposes the international legal community to approach new issues from the ground up: When a new issue arises, the question is whether international law addresses the issue, because if there is no evidence that it does, then it does not.” In other words, asking the step-zero question is the first step in proceeding down a path that may result in a state’s opting out.
Regarding the frequent recurrence of the same answer (i.e., “yes”), she points out that international law—especially International Humanitarian Law (“IHL”)—is often adaptable to new weapons technologies, in large part because the interests that IHL seeks to protect are constant. (I would prefer the term “values” rather than “interests,” but the point is the same.) For example, she writes that “[e]xisting law was designed, for example, to protect civilians from the consequences of conflict. That concern transcends the type of weapon deployed. Thus, although the nature of the weapon has changed, the underlying concern has not, which reduces one possible justification for altering existing law.” Lastly, she argues that even if existing law does not perfectly apply to new technologies, asserting the contrary raises the fearsome prospect of a world in which a new technology is not subject to any legal constraint at all. In her words, “[e]ven if existing law is an imperfect means of regulating States’ actions . . ., imperfect law is preferable to no law at all.”
The explanation seems compelling to me, though I confess from the start that my understanding of law is that of an amateur. But I’m also a long-time observer of many military technologies. I’ve thought often about how international law attends to these technologies, and I suggest that her explanation is applicable to a broader range of phenomena than she discusses.
Speaking in very broad terms, law—and especially international law—depends heavily on precedent. Precedent provides stability, which is regarded as a desirable attribute of law in large part because in the absence of legal stability, people—and nations—would have no way of knowing how law would regard their actions. But technologists have very different goals. Rather than stability, the dream of every technologist is to invent a disruptive technology, one that completely changes the way people can accomplish familiar goals. Even better is when a technologist can create not just new ways of doing old business, but can invent entirely new lines of business.
Against this backdrop, consider a broadened step-zero sequence of events. A new technology A is invented. At first, when the use of A is small and limited, the law pays little or no attention to it. But as A becomes used by more and more and more people, a variety of unanticipated consequences appear, some of which are regarded as undesirable by some people. These people look to the law for remedy, and they naturally ask the question “how, if at all, does existing law apply?” Their lawyers look for precedent—similar cases handled in the past that may provide some guide for today—and there is always a previous case involving technology that bears some similarity to A today. So the answer is, “yes, existing law applies, but tweaks are necessary to apply precedent properly.”
So, I suggest, Eichensehr’s step-zero analysis of cyber weapons and international law sheds light on a very long standing tension between technological change and legal precedent. For that reason, I think anyone interested in that tension should consider her analysis.
The Atomic Age of Data: Policies for the Internet of Things
Report of the 29th Annual Aspen Institute Conference on Communications Policy, Ellen P. Goodman, Rapporteur, available at SSRN
The phrase “Internet of Things,” like its cousin “Big Data,” only partially captures the phenomenon that it is meant to describe. The Atomic Age of Data, a lengthy report prepared by Ellen Goodman (Rutgers Law) following a recent Aspen Institute conference, bridges the gap at the outset: “The new IoT [Internet of Things] – small sensors + big data + actuators – looks like it’s the real thing. … The IoT is the emergence of a network connecting things, all with unique identifiers, all generating data, with many subject to remote control. It is a network with huge ambitions, to connect all things.” (P. 2) The Atomic Age of Data is not a scholarly piece in a traditional sense, but it is the work of a scholar, corralling and shaping a critical public discussion in an exceptionally clear and thoughtful way.
The IoT is in urgent need of being corralled, at least conceptually and preliminarily, so that a proper set of relevant public policy questions may be asked. What are the relevant opportunities and hazards? What are its costs and benefits, to the extent that those can be discerned at this point, and where should we be looking in the future? That set of questions is the gift of this report, which is the documented product of many expert and thoughtful minds collaborating in a single place (face to face, rather than via electronic networks).
Simply defining the IoT is one continuing challenge. As The Atomic Age of Data affirms, the IoT isn’t the Internet, though it is enabled by the Internet and in many ways it extends the Internet. (P. 2) What it is, where it is, how it functions, what it might do in the future – or permit other to do – remains at least a little cloudy. The first contribution that The Atomic Age of Data makes is simply to map these contours, contrasting the Internet of Things with the network of networks that today we call the Internet, or the Internet of People. It identifies several distinguishing characteristics of the IoT: its sheer scale (the amount of data that can be gathered from ubiquitous sensor networks); the reduction or even elimination of user control over data collection; the widespread deployment of actuators, embedding a level of agency in the IoT; data analytics that rest atop communications and transactions; its demonstrably global character (in contrast to the initiated-in-the-US character of the Internet); and its framing of data as infrastructure, enabling the provision of a broad variety of services.
The bulk of The Atomic Age of Data consists of a comprehensive sorting of policy questions and recommendations. The foundational premise is the idea that data itself is (or are) infrastructure – “as a vital input to progress much like water and roads, and just as vulnerable to capture, malicious or discriminatory use, scarcity, monopoly and sub-optimal investment”. (P. 12) The analogy between data infrastructure and communications infrastructure is purposeful. Characterizing data as infrastructure, like characterizing communications as infrastructure, only frames policy and technical questions; it doesn’t resolve them. Data ownership and data access are related questions. They connect to questions of data formats, interoperability and interconnectivity, and common technical standards. Identifiability of data is a cross-cutting concern for privacy purposes. The respective domains of public and private investment in the IoT, and corresponding expectations of public access and use and private returns, remains open questions. The report clusters these topics together; one might label the cluster with a single theme: governance.
How, or more precisely, by whom, will all of this data be produced? The report examines the adequacy of incentives for private (commercial) provision of data and the appropriate role for government as regulator and supplier of subsidies.
This “data as infrastructure” section of The Atomic Age of Data concludes with a series of policy recommendations, focusing on two overarching principles (also reduced to several more specific recommendations): that there should be broad accessibility of data and data analytics, with open access to some (but not all); and that government should subsidize and facilitate data production, particularly in cases where data is an otherwise under-produced public good.
The Atomic Age of Data moves next to a review of privacy topics in the context of the IoT, beginning with when, whether, and how to design privacy protections into systems from the start, and the role and implementation of Fair Information Practice Principles (FIPPs). As the report notes, these are critical questions for the IoT because so much of the IoT is invisible to individuals and has no user interface to which data protection and FIPPs might be applied. To what extent should privacy protection be designed in to the IoT, and to what extent should privacy protection be a matter of strategies that focus on individual choice?To what extent might choice undermine the production, collection, and processing (aggregation) of good data, or the right data? Privacy questions thus intersect with incentive questions. Cost, benefit, and values questions extend further. To what extent is choice even technologically feasible without compromising other societal values? Production, collection, identification, and processing/aggregating data lead next to related privacy questions about retention and curation of data.
This privacy section concludes with brief set of recommendations, focusing on three overarching principles (again with several more specific points): that IoT systems should design in privacy controls to minimize the collection of personally identifiable information; that IoT systems should effectuate FIPPs to the extent possible; and that individuals should have a way to control collection and transmission of their personal data.
The balance of the report is divided among four additional topics that are treated more briefly, though in each case the topic concludes with a short set of basic recommendations. The first is “Equity, Inclusion, and Opportunity,” which collects questions about prospects of citizen empowerment and disempowerment via the IoT. Data collection in some respects signifies “who counts” in modern society – whose voice and presence “matters,” both individually and collectively, but also, in some respects, whose voice and presence is worth watching. The report points out the relevance of comparable concerns with respect to the deployment of broadband communications infrastructure and its impacts on things like access to education and health resources. The second is “Civic Engagement,” which touches on how IoT technologies might be used both by governments and by the private sector to increase democratic accountability. The third is “Telecommunications Network Architecture,” which concerns the intersection of the IoT and competition, service innovation, and interoperability among IoT systems and related communications networks. The key topic here is the heterogeneity of the data generated by IoT applications, recalling the question of whether the Internet of Things is, or should be, truly a single “Internet” at all, with interconnected networks, connections across verticals (home, health, transport, for example), and common platforms. (P. 39) The fourth is security, which raises the relatively simple question of security vulnerabilities introduced at both the level of individual devices and at systemic levels. The question may be simple but the answer assuredly is not; this section of the report is comparatively brief, perhaps because the salience of the interest is so obvious.
The Atomic Age of Data finishes with a case study, on The Smart City, which refers to the idea of networks of ubiquitous sensors deployed within urban infrastructure to generate data about usage patterns and service needs. (P. 45) The discussion of this use case is decidedly and appropriately pragmatic, putting utopian hopes for the Smart City in context and noting privacy and surveillance concerns and related but independent equity concerns.
To conclude this review:
This is an enormously clear, useful, and timely product. One cannot critique a report of a conference on the ground that it did not address a critical topic, if the conference itself did not address that topic. Yet as helpful as The Atomic Age of Data is in canvassing the policy territory of the IoT, I couldn’t help but notice how the boundaries of that territory are implicitly defined. The Atomic Age of Data contains a lot of discussion of “Internet” topics and less discussion of “things.” In this day and age, one should never take things or thing-ness for granted. What is a thing? 3D printing, the current label for additive manufacturing, promises to revolutionize the meaning of “thingness” – because objects may be dynamic and emergent, as well as static and fixed – just as the “Internet of Things” promises to revolutionize the meanings of identity and presence.
“Data for Peace,” the title of this review, builds a bit on the naïve sense of modernity and progress expressed (purposefully, no doubt) by the report’s Atomic Age title. During the 1950s and 1960s, “atomic” things were full of optimism. Later, we learned that splitting the atom changed the meanings of matter in unexpected ways. “Atomic” gave way to a variety of more complex political, cultural, and technological expressions and concerns, few of which were foreseen at the dawn of the Atomic Age. Similarly, 3D printing may turn out to change the meanings of matter in unexpected – but other – ways. As the IoT and Big Data mature — along with 3D printing – I expect that future reports on its implications will be similarly but unexpectedly complex.
Ira Rubinstein & Woodrow Hartzog, Anonymization and Risk,
91 Wash. L. Rev.
(forthcoming 2016), available on SSRN
In the current Age of Big Data, companies are constantly striving to figure out how to better use data at their disposal. And it seems that the only thing better than big data is more data. However, the data used is often personal in nature and thus linked to specific individuals and their personal details, traits, or preferences. In such cases, sharing and use of the data conflict with privacy laws and interests. A popular remedy applied to sidestep privacy-based concerns is to render the data no longer “private” by anonymizing it. Anonymization is achieved through a variety of statistical measures. Anonymized data, so it seems, can be sold, shared with researchers, or even possibly released to the general public.
Yet, the Age of Big Data has turned anonymization into a difficult task, as the risk of re-identification seems to be constantly looming. Re-identification is achieved by “attacking” the anonymous dataset, aided by the existence of vast datasets (or “auxiliary information”) from various other sources available to the potential attacker. It is, therefore, difficult to establish whether anonymization was achieved, whether privacy laws pertain to the dataset at hand, and if so, how. In a recent paper, Ira Rubinstein and Woodrow Hartzog examine this issue’s pressing policy and legal aspects. The paper does an excellent job in summarizing the way that the current academic debate in this field is unfolding. It describes recent failed and successful re-identification attempts and provides the reader with a crash course on the complicated statistical methods of de-identification and re-identification. Beyond that, it provides both theoretical insights and a clear roadmap for confronting challenges to properly releasing data.
The discussion on anonymization, or de-identification (the more precise term which the authors choose to apply, as it does not imply full anonymization) was once mostly of academic interest: Statisticians introduced ways to anonymize data, while mathematicians and computer scientists strove to prove re-identification “attacks” were nonetheless possible. Several successful re-identification attacks (perhaps the most famous one involved Neflix and IMDb) also led legal scholars to debate proper policy practices, as well broader implications of re-identification. However, this academic discussion is quickly crossing over into the world of practitioners. Recent policy papers published by regulators in the U.S., U.K., and the E.U. strive to create legal and normative guidelines for the manner in which personal information can be shared and released. In addition, corporations are turning to legal counsel for advice on using anonymization to mitigate potential liability.
In an age in which legal scholarship seems to be drifting away from legal practice, this paper demonstrates how both can be brought together. To a great extent, the knowledge conveyed in this paper is now essential for all legal practitioners advising clients with large databases. To demonstrate the relevance of this discussion, note a recent debate regarding the practices of Yodlee, an online financial tools provider, which has also emerged as a powerful financial-data aggregator. As recently reported by the Wall Street Journal, Yodlee sells information, gathered by facilitating consumer transactions, to investors and research firms. The WSJ claimed that Yodlee clients’ privacy is being compromised, and Yodlee responded by arguing that all personal information was properly handled and de-identified. It is safe to assume that similar stories involving other companies’ collecting, marketing, or de-identifying personal data are just around the corner.
Perhaps the central point that Rubinstein and Hartzog’s paper strives to articulate is that classifying personal data as either anonymous or identifiable is both incorrect and useless. With regard to anonymization, the authors further note that: “[a]lmost all uses of the term to describe the safety of data sets are misleading, and often they are deceptive. Focusing on the language of process and risk will better set expectations” (P.4). In other words, anonymity (or rather – de-identification) is not an absolute term, but one indicating degrees on a scale – one that should be measured by the effort required to reveal the personal data, and the chance it could occur. As the authors note, this latter notion was already introduced (perhaps most famously by Paul Ohm). Rubinstein and Hartzog’s important contribution is to break this notion down into practical steps – formulating a proper data release policy as well as providing a full toolbox of measures to be applied in the process.
Beyond this important observation, the paper’s most substantial analytical contribution is to link appropriate data release policies with the notion of data security. The relationship, as explained by the authors, is based on these concepts mutual need to meet a specific standard of care in the process, and not necessarily be judged by the outcome. The authors also explain that context matters, and list various parameters and attributes of the data release process that should be considered when formulating a release policy (p. 32). In addition, they demonstrate that an integral part of a release policy is the technical measures applied when distributing and sharing the information. In doing so, they note that the Release-and-Forget Model of data sharing (in which, for example, a de-identified database is merely made available over the internet) is most likely obsolete (p. 36); all data release schemes must include unique measures (technological, contractual – or both) which strive to limit re-identification by potential attackers.
Beyond the rich policy discussion the authors provide in comparing and equating security policy to data release policy, several additional theoretical questions (with practical implications) come to mind and are worthy of future discussion: Is a regulatory response similarly necessary in the security and data release contexts? While companies usually under-invest in security (given, among other factors, the negative externalities of security breaches), there have been examples of instances in which corporate motivation to enhance security was close to sufficient, especially in view of market pressures and the reputational costs of breaches. In many cases, companies’ and clients’ interests in maintaining security are aligned. More often, though, corporations’ and clients’ interests regarding data releases directly conflict. Corporations are interested in capitalizing on their data, whereas consumers do not necessarily share corporate enthusiasm for sharing their de-identified personal information, as they are not likely to benefit from or be compensated for this additional revenue stream. For this and other reasons, the security-release policy comparison has its limits; data release policies might call for stricter rules and enforcement mechanism.
In addition, it would be interesting to consider the role insurance could play in the process of data release—an issue also currently emerging in the context of data security. An active insurance market might indeed facilitate the shift from outcome- to process-based liability without the need to change the regulatory framework. Therefore, the change the authors here advocate for might be just around the corner. Insurers could, for instance, limit indemnification to those companies that follow acceptable data-release policies (yet nonetheless cause harms to third parties). Yet, relying on insurance markets may not be a safe bet. In this specific context, insurance markets face several difficulties, which mandate further discussion. The comparison to data security can prove illuminating here as well.
Marco Loos & Joasia Luzak, Wanted: A Bigger Stick. On Unfair Terms in Consumer Contracts with Online Service Providers
(Ctr. for the Study of European Contract Law, Working Paper No. 2015-01, 2015), available at SSRN
The reliance of online service providers on lengthy terms of service or related documents is easily mocked. When I teach this topic, I can choose to illustrate the topic with the selling of souls, in cartoon or written form, point to the absurd length of the policies of popular sites, and highlight experiments that call us out on our love of the I Accept button. But behind the mirth lie a number of serious legal issues, and the recent working paper by Marco Loos & Joasia Luzak of the University of Amsterdam tackles some of them.
Loos & Luzak work at the Centre for the Study of European Contract Law, and their particular concern is with the European Union’s 1993 Unfair Contract Terms Directive. They point out that although the gap between typical terms and policies and the requirements of the Directive is often pointed to, it is rarely studied in detail. In their thorough study, the authors examined the instruments used by five well-known service providers, and evaluated them against the Directive’s stipulation that mass terms (those not individually negotiated with the consumer) be ‘fair’.
The detailed paper, full of examples from the policies of the services under review (Dropbox, Facebook, Twitter and Google), covers topics including modification and termination of the agreement, as well as how liability is managed. Despite the focus of the work being the UCT Directive, the analysis is also linked with developments in related fields of law, such as the gradual expansion through Court of Justice of the EU (CJEU) decisions of the ‘consumer’ provisions of the Brussels Regulation on jurisdiction. The authors save particular criticism for the lack of clarity in how terms are drafted.
Importantly, the paper also tackles the preliminary question of whether the statements we know and love actually fall within the scope of the Directive, which is about contracts and about consumers. They challenge the assumption that ‘free’ services are excluded, but do note that in some cases more detail on the actual use of an account may be necessary in order to be certain that the Directive is applicable.
What Loos & Luzak have done here also contributes to debates on consent, rights and technology. In data protection and in consumer law, much depends on assumptions about information – what must be provided, how it informs decisions, and what legal options are available to the end user. One cannot doubt the skill that goes into drafting some of the examples that are cited in this paper, but the authors are right to call for greater study and vigilance – particularly on the part of national consumer authorities. They hope that if the CJEU is faced with appropriate questions in future years, the result might be a gradual raising of consumer protection standards. Indeed, this might well have implications across the world – as Jack Goldsmith and Tim Wu discussed regarding earlier data protection disputes in their 2006 book, Who Controls The Internet? – and of course other agencies, such as the FTC and the Australv.ian Privacy Commissioner, are interested in these issues. So, this recent work on common clauses and legal requirements for fairness should interest European and non-European audiences alike.
Cite as: Daithí Mac Síthigh, Is it Fair to Sell Your Soul?
(October 29, 2015) (reviewing Marco Loos & Joasia Luzak, Wanted: A Bigger Stick. On Unfair Terms in Consumer Contracts with Online Service Providers
(Ctr. for the Study of European Contract Law, Working Paper No. 2015-01, 2015), available at SSRN), http://cyber.jotwell.com/is-it-fair-to-sell-your-soul/
When the law faces a new technology, a basic question is who governs it and with what rules? Technological development disrupts regulatory schemes. Take, for example, the challenges the Federal Aviation Administration (FAA) now faces with drones. The FAA usually regulates aircraft safety. Drones force the FAA to consider—and in some cases reject as outside the agency’s mandate—issues of privacy, spectrum policy, data security, autonomous decision-making, and more. The pace and complexity of recent technological change has led some to call for the creation of new agencies, including a Federal Robotics Commission. But given the significant hurdles involved in agency creation, it is valuable in the short run to assess what tools we already have.
In Unfair and Deceptive Robots, Woodrow Hartzog takes up the question of who will govern consumer robots. Hartzog proposes that the Federal Trade Commission (FTC) is best equipped to govern most issues that consumer robots will soon raise. He reasons that the FTC is well prepared both as a matter of subject-matter expertise and as a matter of institutional practice.
This article was a hit at the 2015 We Robot conference. It blends practical guidance, expert knowledge of the FTC, and a range of thoughtful and often amusing examples. It also provides a window onto a number of framing questions recurring in the field: to what extent are robots new? How does that answer vary, depending on what aspect of robots you focus on? And how do you best choose or design institutions to adapt to fast-changing technology?
Hartzog points out a number of ways in which robots, or really robotics companies, might take advantage of vulnerable consumers. A company might falsely represent a robot’s capabilities, touting effectiveness in sped-up videos that make a robot look more capable than it is. Or a company might use a “Wizard-of-Oz” setup to operate a robot from behind the scenes, causing it to appear autonomous when it is not. A company might use a robot to spy on people, or to nudge their behavior. Autonomous robots and robotic implantables raise their own classes of consumer protection concerns. If you were not already worried about robots, you will be after reading this. From the robot vacuum that ate its owner’s hair, to flirtatious Twitter bots, to a dying Roomba pleading for a software upgrade, to the “Internet of Things Inside Our Body,” Hartzog’s examples are visceral and compelling.
The FTC, Hartog claims, is thankfully well positioned to address many of the consumer protection issues raised by this pending host of scambots, decepticons, autobots, and cyborgs. The FTC has a broad grant of authority to regulate “unfair and deceptive” trade practices. It has used that Section 5 authority in recent years to regulate online privacy and data security. While the FTC started by addressing classic truth-in-advertising problems, and enforcing company promises, it has developed more complex theories of unfairness that it now extends to data security and user interface design. His recent authoritative work with Dan Solove on the FTC’s Section 5 “jurisprudence” makes Hartzog uniquely qualified to discuss FTC coverage of robotics. There is no doubt that this paper will have practical applicability.
Hartzog also contributes to ongoing conversations about technological change and regulatory design. He touts the FTC’s institutional ability to adapt to changes through productive co-regulation, including its tendency to defer to industry standards and avoid “drastic regulatory lurches.” Hartzog thus identifies not just substantive but structural reasons why the FTC is a good fit for governing consumer robots.
But the view Hartzog presents is a little too rosy. The FTC has vocal and litigious critics whom Hartzog mainly ignores. Not everyone is happy with its settlement agreement process, which some regard as arbitrary and lacking notice. While Hartzog mentions in passing that the FTC’s authority to regulate data security has been challenged, the pending Wyndham decision in the Third Circuit could seriously rock the Section 5 boat. Moreover, the FTC’s focus on notice and design is in tension with developing First Amendment jurisprudence on commercial and compelled speech. And there are plenty of other good reasons why we might want to be careful about focusing governance on technological design as Hartzog proposes.
If I have one larger criticism, it is that the “which agency is best” framing is a little disingenuous. Hartzog frames his question in a way that drives his answer. He asks which agency is best positioned for governing consumer protection issues raised by robots; unsurprisingly, his answer is the FTC, a consumer protection agency. If he had asked which regime is best for governing robotic torts, or which is best for governing robotic IP issues, the answer would have differed. In other words, the article provides solid guidance for how the FTC might approach robots. It does not answer, or really justify asking, the question of who governs them best.
Which brings us to the larger conversation this piece briefly engages in, on just how new and disruptive robots will be. I am increasingly convinced that the answer to this question is dependent on the asker’s perspective. Asking how robots disrupt a particular area of law will highlight the features of the technology and its social uses that are disruptive to that particular area of law. A new technology will be disruptive to different regulatory regimes in different ways. And because Hartzog picks the FTC as his lens, he is bound to solutions the FTC provides, and somewhat blinded to the problems it can not solve. Robots fit within the FTC’s consumer protection regime, but they also fundamentally disrupt it. As with the Internet of Things, the owner of the robot is often not the only person facing harm. The FTC protects the consumer, not the visitor to a consumer’s house. As Meg Jones has recently pointed out, the FTC is not particularly well equipped to handle problems raised by this “Internet of Other People’s Things.”
Unfair and Deceptive Robots is clever and extremely useful: it tells us what the FTC is equipped to handle, and argues for the FTC’s competence in this area. As a robot’s road map to FTC jurisprudence, the piece shines. But regulating robots will take many regulatory players. While we are trying to spot the gaps and encourage them to cooperate, it might be counterproductive to name one as the “best.”
Kate Crawford & Tarleton Gillespie, What is a flag for? Social media reporting tools and the vocabulary of complaint
, New Media & Society
(2014), available at SSRN
The problem of handling harassing and discriminatory online speech, as well as other forms of unpleasant and unlawful content—infringing, privacy-invading, or otherwise tortious—has been a matter for public discussion pretty much since people noticed that there were non-governmental intermediaries involved in the process. From revenge porn to videos of terrorist executions to men kissing each other to women’s pubic hair, controversies routinely erupt over whether intermediaries are suppressing too much speech, or not enough.
“Flagging” offensive content is now an option offered to users across many popular online platforms, from Facebook to Tumblr to Pinterest to FanFiction.net. Flagging allows sites to outsource the job of policing offensive content (however defined) to unpaid—indeed, monetized—users, as well as to offer a rhetoric to answer charges of censorship against those sites: the fact that content was reported makes the flagging user/s responsible for a deletion, not the platform that created the flagging mechanism. But the meaning of flags, Crawford and Gillespie persuasively argue, is “anything but straightforward.” Users can use flags strategically, as can other actors in the system who claim to be following community standards.
One of the most significant, but least visible, features of a flagging system is its bluntness. A flag is binary: users can only report one level of “badness” of what they flag, even if they are allowed several different subcategories to identify their reasons for flagging. Nor are users part of the process that results, which is generally opaque. (As they note, Facebook has the most clarity on its process, likely not because of its commitment to user democracy but because it has faced such negative PR over its policies in the past.)
Another, related feature is flagging’s imperviousness to precedent—the memory-traces that let communities engage in ongoing debates about norms, boundaries, and difficult marginal judgments. Crawford and Gillespie explain:
[F]lags speak only in a narrow vocabulary of complaint. A flag, at its most basic, indicates an objection. User opinions about the content are reduced to a set of imprecise proxies: flags, likes or dislikes, and views. Regardless of the proliferating submenus of vocabulary, there remains little room for expressing the degree of concern, or situating the complaint, or taking issue with the rules. There is not, for example, a flag to indicate that something is troubling, but nonetheless worth preserving. The vocabulary of complaint does not extend to protecting forms of speech that may be threatening, but are deemed necessary from a civic perspective. Neither do complaints account for the many complex reasons why people might choose to flag content, but for reasons other than simply being offended. Flags do not allow a community to discuss that concern, nor is there any trace left for future debates. (P. 7.)
We often speak of the internet as a boon for communities, but it is so only in certain ways, and website owners can structure their sites so that certain kinds of communities have a harder time forming or discussing particular issues. Relatedly, YouTube’s Content ID, now a major source of licensing revenue for music companies, allows those companies to take down videos to which they object regardless of the user’s counternotifications and fair use claims, because Google’s agreements with the music companies go beyond the requirements of the DMCA. No reasoned argument need be made, as it would be in a court of law, and so neither the decisionmakers nor the users subject to YouTube’s regime get to think through the limiting principles—if any—applied by the algorithms and/or their human overlords. I have similar concerns with Amazon’s Kindle Worlds (and the Kindle’s ability to erase or alter works that Amazon deems erroneously distributed, leaving no further trace) compared to the organic, messy world of noncommercial fan fiction.
This is a rich paper with much to say about the ways that, for example, Flickr’s default reporting of images as “inappropriately classified” rather than completely unacceptable structures users’ relation to the site and to each other. “Whether a user shoehorns their complex feelings into the provided categories in a pull-down menu in order to be heard, or a group decides to coordinate their ‘complaints’ to game the system for political ends, users are learning to render themselves and their values legible within the vocabulary of flags.” Crawford and Gillespie’s useful discussion also offers insights into other forms of online governance, such as the debates over Twitter’s reporting system and the merits of “blocking” users. A “blocking” feature, available for example on Tumblr and Twitter, enables a logged-in user to avoid seeing posts from any blocked user; the offensive user disappears from the site, but only from the blocker’s perspective. Like denizens of China Miéville’s Besźel and Ul Qoma, they occupy the same “space” but do not see each other. This literalization of “just ignore the trolls” has its merits, but it also allows the sites to disclaim responsibility for removing content that remains visible to, and findable by, third parties. We may be able to remake our view of the world to screen out unpleasantness, but the unpleasantness persists—and replace “unpleasantness” with “slander and threats” and this solution seems more like offering victims blinders rather than protecting them.
What about total openness instead? As Crawford and Gillespie point out, Wikipedia generally retains a full history of edits and removals, but that process can also become exclusionary and opaque in other ways. Nonetheless, they suggest that an “open backstage” might offer a good way forward, in that it could “legitimize and strengthen a site’s decision to remove content. Significantly, it would offer a space for people to articulate their concerns, which works against both algorithmic and human gaming of the system to have content removed.” Moreover, an “open backstage” would emphasize the ways in which platforms are social systems where users can and should play a role in shaping norms.
I’m not as sanguine about this prospect. As Erving Goffman explained so well, even “backstage” is in fact a performance space when other people are watching, so I would expect new and different forms of manipulation (as has happened on Wikipedia) rather than a solution to opacity. Proceduralization and the ability to keep arguing endlessly can be a recipe for creating indifference by all but a tiny, unrepresentative fraction of users, which arguably is what happened with Wikipedia. It’s a new version of the old dilemma: If people were angels, no flags would be necessary. If angels were to govern people, neither external nor internal controls on flags would be necessary.
As someone who’s been deeply involved in writing and subsequently revising and enforcing the terms of service of a website used by hundreds of thousands of people, I know all too well the impossibility of writing out in advance every way in which a system might be abused by people acting in good faith, or even just (mis)used by people who simply don’t share its creators’ assumptions. Open discussion of core discursive principles can be valuable for communities; but freewheeling discussion, especially of individual cases, can also be destructive. And, as Dan Kahan has so well explained, our different worldviews often mean that a retreat from one field (from ideology to facts, or from substance to procedure, or vice versa) brings all the old battles to the new ground.
Still, there’s much to like about the authors’ call for a system that leaves some traces of debates over content and the associated worldviews, instead of a flagging and deletion system that “obscures or eradicates any evidence that the conflict ever existed.” Battles may leave scars, but that doesn’t mean that the better solution is a memory hole.