Archive for November, 2005

We know that incumbents often use regulation as a tool to raise the costs of their competitors.  What's new about the E911 and CALEA regulatory capture stories at the FCC is that a whole new set of actors saw the opportunity to help incumbents raise competitors' costs and make money by moving telephony social policies over to the internet:  vendors of outsourced compliance services.

It's a much more sophisticated game.  Rather than urge the FCC to issue an impossible-to-comply-with-and-unbelievably-costly regulation (like, say, either E911 or CALEA), help the FCC to draft an impossible-to-comply-with-and-unbelivably-costly regulation while helpfully pointing out that there are plenty of third parties out there who can help you comply.  You, young whippersnapper competitor, don't have to reinvent the wheel — just use the vendors' wheels that are already out there.

The ex parte filings before the FCC tell the whole story.  It's a case study in capture, facilitated by very well-meaning (and steeped in telephony culture) civil servants who were told they had serious problems to solve.  Vendors showed up to explain exactly how these problems could be fixed by regulated entities in standard ways that didn't involve reengineering their systems (“just outsource!“).  And the result, in both the E911 and CALEA contexts, is crushing for new online businesses and entities that didn't think they were regulated — like universities.

There's an echo here of recent efforts to get rid of fair use in copyright.  We don't need it, so the argument goes, because the digital age makes it possible to charge for these kinds of uses.  Well, the power to charge for something doesn't necessarily carry with it the right to charge for it.  Similarly, that there are ways to pay for compliance with a particular policy doesn't mean that the policy is a good idea.

What with ICANN, and WSIS, and the FCC, there's an awful lot to do to protect the free flow of information online.  Thank goodness Doc is getting a movement together to save the net. 

The UN Secretary-General has been invited to “convene a new forum for multi-stakeholder policy dialogue.”   Everyone can see his/her hearts' desires in the WSIS deal:  ICANN can believe that it has survived for another day; governments can belive that they will have “an equal role and responsibility for international Internet governance”; and there will be an enormous meeting in Greece by the second quarter of 2006 to start the Internet Governance Forum going.

Here's the “oversight” paragraph:

77.  The IGF [Internet Governance Forum] would have no oversight function and would not replace existing arrangements, mechanisms, institutions or organisations, but would involve them and take advantage of their expertise. It would be constituted as a neutral, non-duplicative and non-binding process. It would have no involvement in day-to-day or technical operations of the Internet.

ICANN needs to strengthen its legitimacy so that it is apparent to the world that ICANN doesn't need oversight from a UN body or any other multi-government institution.  This will take a lot of work — we're barely at the beginning.  I'm focused on paying attention to the steps that are necessary to get there. 

Early reports from WSIS, via Jamie Love, are that plans for an “Internet Governance Forum,” a body that would have some relationship to the UN but would not itself make binding rules, are moving ahead.  ICANN's role remains the same, for the time being.  We'll need more detail about all this, so I'm reluctant to make any pronouncements about what this means.

I'm moving offices tonight, and my packing up revealed yet another copy of the August 2004 CALEA NPRM.  Back when it came out I marked it up — and on the front page there's a note reading, “is there anything CALEA doesn't cover?”

The Mercury News had a fine editorial yesterday about this very subject.  The headline reads:  “Lawsuit reflects profound flaws in FCC rules for online eavesdropping.”  Here's an excerpt:

The new rules would extend the Communications Assistance for Law Enforcement Act, or CALEA, to a wide swath of the Internet. The 1994 law currently requires telephone companies to design their networks so they can quickly intercept conversations at the request of law enforcement.

Under the new rules, ISPs or anyone else operating a network connected to the Internet — a university, a city or coffeehouse offering wireless Internet access, a private company — would be forced to install specialized equipment throughout their communications infrastructure. Internet phone firms and other innovators would have to engineer complex changes to their products to facilitate eavesdropping. . …

[B]y forcing as yet unspecified design mandates on new communications products, the government would be killing the innovation goose. Products that could not accommodate the eavesdropping technology would never reach the market. And those that could, would be pricier. Free Internet telephones, for instance, may never be available if the government imposes high costs on service providers.

….When Congress passed CALEA, it specifically exempted the Internet from it. Any changes to the law to accommodate the needs of law enforcement should be carefully debated by lawmakers — not imposed by the FCC in the form of dangerous and costly new mandates on the Internet.

That's right.  If Americans hope to lead the world in guiding the regulatory structure for the internet, we need to get our own house in order.  We need to talk this through — slowly — and think hard about what “social policies” (if any) should be lifted from the world of telephones and imposed on online life.  Right now, we're hurtling towards a controlled online future without evaluating the economic costs these regulations may impose on society as a whole.

I'm not there, and I haven't seen many messages about it.  I'm wondering what will come out of it.  Am I waiting for white smoke or black smoke?  What would the black smoke result be?  

It's hard to tell what's going on unless you're there, I have a feeling.  Send word!

But can what WSIS decides make a difference to our online lives?  It's our internet.  All of ours.  Of course we're all subject to local laws, and to contracts (some we sign, some our ISPs sign, some about which we don't have much choice).  But in the end, it's not law that matters.  What matters is how we choose to spend our attention.   

Our attention can't be arrested — not even by an international governmental forum.

I suppose if the world decides to create a kind of global Ministry of Information, with perfect control over all evils that could possibly arise online, that might have an effect on our attention — but that's a long way off.  Surely greater connectivity is what really matters, not greater control.

But, as I say, I'm waiting.

The FCC's E911 order was supposed to be complied with by November 28.  The idea was that all “interconnected VoIP” customers would have acknowledged by then the limitations on any E911 service provided by their vendors, and would have received stickers repeating this warning.  VoIP customers who didn't have E911 service were to be cut off.  (None of this ever happened to wireless or wireline companies that were having trouble with 911 services — no acknowledgements, no limitations on marketing, and certainly no requirement to terminate service.)

The Commission has relented, slightly.  They'll forbear from enforcing the acknowledgement requirement, as long as they keep getting detailed reports from the VoIP providers.  And:

Although we do not require providers that have not achieved full 911 compliance by November 28, 2005, to discontinue the provision of interconnected VoIP service to any existing customers, we do expect that such providers will discontinue marketing VoIP service, and accepting new customers for their service, in all areas where they are not transmitting 911 calls to the appropriate PSAP in full compliance with the Commission’s rules.

That's remarkable.  Stop selling these wildly successful services, you industry, until you've plugged into our legacy emergency system.  Okay, so you don't have authority to plug into the system.  Go work with a third party!  Okay, so no third parties have nationwide nomadic 911 capabilities (and when one emerges, it will have a captive market) – just do your best, and we'll be watching.  In fact, we think you should do just what Verizon and AT&T did when they did their mergers.  They had some great plans for compliance, and it's only coincidental that those plans were filed just before we allowed the mergers to go through.

We think (this is still the voice of the FCC, although parody is difficult in the blog format) that Verizon had an “innovative compliance plan” for nomadic 911.  Here are the details:

By November 28, Verizon expects to have a capability to detect when a customer’s VoiceWing telephone adapter is disconnected from the network. If we detect that the customer’s adapter has been disconnected, we will suspend the customer’s service, with the exception of 911 calls and calls to customer service. At the same time, we will send the customer an e-mail and post a message to the customer’s Personal Account Manager asking the customer to confirm his or her existing Registered Location, or register a new location.

While in suspend status, if the customer attempts to make any calls, other than 911 calls or calls to customer service, before he or she confirms or registers a new location, Verizon will intercept the call and play an announcement that will inform the customer of the service suspension and transfer the customer to a customer service representative for assistance. If the customer confirms to the service representative that the customer’s Registered Location has not changed, full service will be restored by Verizon. If the customer indicates that he or she has moved from the existing Registered Location, service will remain suspended unless and until the customer registers a new address in an area where Verizon can provide 911 service. If the customer fails to choose either option (for example by hanging up), service will remain suspended . . . As a result, the customer will be required to register a new address when the service is used nomadically.

Ta-daah!  Very innovative.  And the FCC is strongly encouraging VoIP providers to mimic the AT&T/Verizon promises — here's the threat:  “The Bureau applauds the steps undertaken by AT&T, MCI and Verizon and strongly encourages other providers to adopt similar measures.  The Bureau will carefully review a provider’s implementation of steps such as these in deciding whether and how to take enforcement action.”

Someone publicly suggested at the Pulver conference the other day that the E911 rules had been written by third-party providers of E911 compliance technology.  Digging, digging.  At any rate, this shows what regulatory mischief can be done at key moments in a company's history – such as when a merger needs to close.

Translating common carriage to the 21st century internet is difficult, because companies and regulators are getting used to cutting across the protocol stack.  So much more of this will happen, of course, in the absence of any rules saying discrimination is unlawful, and it will take years to write any such rules. 

“Transport” wants to do more discrimination so as to make money for itself, and so is demanding the right to be free to run its “own” network.  Many people think we should create and enforce the norm of neutrality, thus ensuring that no applications or content or devices are ever discriminated against.  

But applications want to discriminate too.  Should email providers be forced to provide address portability?  Should search engines be forced to reveal the algorithms that they use, so that they can be checked for fairness?  No, you say, shocked.  But shouldn't they be treated as common carriers if the transport layer is?  Where does the principle of nondiscrimination stop?  Can't you imagine law enforcement requiring end-to-end encryption so that no discrimination could possibly occur (no packet inspection possible) but then saying that as a trade it will need the keys to all of this within two hours after any encryption scheme is released? 

And what if the transport layer sees itself as a speaker — doesn't it have First Amendment claims (however specious) about wanting to support its own video and gaming services that could tie us up in court for years? 

What happened to all of the deep concerns about technical mandates that came out in the broadcast flag context?  Do they just disappear at the lower layers?  Are the lower layers incapable of innovation?  Should they be fixed in one form?  Wouldn't it be better just to force access providers to be truthful about what they did, so that consumers could figure out what was going on and decide for themselves?

I am as committed to the ideal of the open internet as the next guy, and my dream is to have OneWebDay support that goal.  But the mischief that can be done to our future (in so many unexpected ways) by insisting on statutory and regulatory definition of neutrality seems to outweigh the possible benefits of this path.  There is so much nonsense, so much horse-trading, between where we stand now and the glorious goal of neutrality.  The sad fact is that Americans don't mind vertical integration one bit, and the duopolists know that.  Not only that, but price discrimination in a competitive market is actually a good thing.  Now all we need is a competitive market.

I'd rather see a future that doesn't depend on a “third pipe” but that includes broadband internet access that is neither cable nor DSL.  I can imagine a network owned by its users, or by a cooperative, or subsidized by a large company that has no interest in controlling use of the network.  Our devices will be doing most of the computation, so there will be no way to tell the difference between devices and routing.  We'll have network-aware applications, too.

This admittedly techno-determinist view fits with how the internet was supposed to work.  Routing is not supposed to be centrally determined, and the idea of mesh networks pushes this even more to the edge — individual devices will make decisions about routing.  As long as we don't make this kind of broadband provision illegal (even by accident, by some casual legislative drafting), it will likely emerge in time. 

As David Reed might say, we're in a phase transition of sorts, and there are many people who want to force us into hierarchical and rigid solids.  Stay liquid, and the outcome will be extremely positive — as humans, we're good at being liquid. 

No blogging today.  But look what Howard Rheingold said about Beth Noveck's paper, A Democracy of Groups.

I've lost my voice, which is bad timing for the much-looked-forward-to Pulver conference tomorrow.

Here's what I would say if I could say it:

Can the FCC’s course of regulation under Title I of the Communications Act succeed in developing an effective framework to goven the Internet and new communications technologies like VoIP?  Is it either beneficial or likely for Congress to step in with a more detailed and (ideally) more rational strategy?

We seem to be limited in our imagination.  So I’ll start with the unimaginative answer:  The FCC’s current course “under Title I” has been disastrous, unprincipled, ad hoc, and puts enormous weight on some very slender reeds – an administrative housekeeping “necessary and proper” rules statement in Title I (never designed to support legislative rulemaking), and dicta in Brand X.  The world has changed since Southwestern Cable, and, in light of Mead, in the absence of a delegation from Congress the FCC just doesn’t have the power to regulate the internet – particularly in light of Section 230.  It’s just too important a step to be taken based on silence (and conflicting statements) from Congress.

But that’s a statement I can make without imagination, and it doesn’t lead us anywhere.  I only get to leave you with one big idea, so this is it:  I want to persuade us that all of this talk about convergence over the last few years is not true.  Stepping away from interpretation of the 1996 Act itself, it seems to me that telephone services are fundamentally different from the internet, and the notion of carrying particular social policies over from the telephone world to the internet (without taking into account what the internet is) is already proving to be hopelessly wrongheaded, needlessly expensive, and shortsighted. 

The question assumes that we need “an effective framework to govern the internet.”  There’s a lot of law that already applies online, and I have not seen a demonstration that more new law is needed – and, in any event, it’s not the FCC that is in the best position to do it.  If we’re going to depart from the central Section 230 notion that the online world is unfettered by special-purpose federal or state laws, that should be a conscious choice.  Right now, it’s all ad hoc, backwards looking, and unprincipled.  And destructive.  E911 and CALEA certainly fit this description, and I have a feeling that universal service will too when it erupts from the Commission.

We need a sustained national conversation about all this – maybe we’ll end up with this same approach, but I’d like to think not. Why can’t we be both more hopeful and emphatic – take the lead, around the world – about the approach to the internet that we want?  What are the “social policies” that make sense for the online world?  Focusing particularly on universal service, which seems hopelessly corrupt and mismanaged, why not assess a general purpose tax to support broadband access? Devote resources to consumer education and the development of better client-side protections against spyware and spam?  Get law enforcement data streams they need instead of getting them involved in application design?  Work on requiring things that feel like phones to have innovative windows to useful health data (that third party vendors compete to manage and provide) instead of plugging into hopelessly outdated legacy 911 systems? 

What happened to our leadership on internet policy?  When did we lose the ability to walk and slide back into the sea?  We experimented and tugged and pulled and came up with the idea of linking machines together with a common language, making it possible for humans to interact in unprecedented ways.  Now we’re turning those machines back into the machines we thought we were escaping – telephones, cable systems, and televisions – using insiders’ language so that we can hide what’s going on from the general public.  What happened?

What, if any, version of common carriage rules should govern Internet communications platforms?  More specifically, can some concept of Network Neutrality be defined and enforced proactively in the form of prescriptive regulations?

I think this is the wrong question.  It assumes the limited world of online access providers we’ve got, makes them into “communications platforms,” and then suggests we need to make rules about them.  Not very imaginative.  I have lost faith in our ability to write about code in words, and I’m confident that any attempt at writing down network neutrality will be so qualified, gutted, eviscerated, and emptied that it will end up being worse than useless.  Besides, I’m sure there are very good reasons to manage networks, and writing down the difference between management and incremental control of users’ experiences is an impossible task. 

The only way around this issue is to avoid it by encouraging the development of alternative online access methods, and being careful not to let the incumbents call them illegal.  Let the dinosaurs huddle together in the snow, controlling and commoditizing to their hearts’ content.  We’re made of better stuff.  It should be no more illegal to have an open wireless network in your house than to practice the piano with the windows open.  And having an open wireless network can lead to a community mesh network and a host of devices that open immediately to others, connecting us to the world. 

If that’s not possible, then the second best solution is structural separation, paying off the carriers for their stranded costs and moving to open utility platforms.  BT seems to think that’s a fine idea; why couldn’t it work here?
 
As Internet communications platforms become more significant, what types of regulatory strategies—best practices developed by market actors; self-regulatory regimes; agency regulation; or antitrust oversight—are likely to be most effective in governing markets ranging from the Internet backbone (think Cogent-Level 3) to VoIP (think SIP interoperability) to instant messaging (the recent MSFT-Yahoo! Deal) to broadband (i.e., port blocking, preferential treatment, etc.)

I’m not confident that any of the issues listed in the question are actually “problems.”  Nor do I think that the FCC has a role in any of them.  Peering is private, SIP is an open standard, we don’t force private bookstores to share their customer lists (so why treat IM any differently), and network access may require management   If there are problems in any of these areas that are caused by a lack of competition, then let’s use our very broad antitrust statutes to work on them.  But otherwise, we should lead the world by letting our imagination take us forward.  Not every change in the world needs to be addressed by a regulatory strategy, and there’s a very high risk that those who are comfortable with the regulatory world will use levers that are easily available to them to make life uncomfortable for their upstart competitors.

We so easily slide into the notion that the internet is “bad” and needs to be regulated.  We’re cutting off the best of ourselves this way; we should be encouraging it to have a life of its own, to catalyze new ways of living and doing business, and only getting in the way when market control leads to an absence of choices and inappropriately high prices.

The work I'm doing on OneWebDay and the work I'm going to do for ICANN are related.  Both of these projects are aimed at preserving innovation and the free flow of information that is the net. 

Two important questions for internet governance debates are “who” and “when.”  The ICANN experiment suggests that the “who” is the community as a whole.  The “when” question is about when global rules should be made (rarely) and when local autonomy should be preserved (most of the time).  ICANN's processes (done right) focus work on the few global rules that are needed for the narrow domain of naming. 

That's the reverse assumption from what I've understood to be coming out of the UN/WSIS discussion.  There, most people seem to be assuming that someone should be in charge of the internet, and that someone inevitably will be.  Why assume that?  Why not keep things open, and allow the edges to make rules for themselves?  Connectivity for developing nations should certainly be a focus of global discussion.  But international institutions aimed at “governing the internet” will inevitably have negative effects on the innovation and information flows that make the internet work so well.

I'm a huge fan of Martin Geddes's blog.

A few days ago, he said:  “Telcos that divide connectivity from service, by design or through regulation, are in a better position to survive.”  He's pointing out that the song is not the CD, and people will always figure this out given a chance.

You can’t put the genie back in the bottle. It only takes one Napster to make people see that the music and the disc were separable. It only takes one Amsterdam [municipal fiber network] to succeed to blow away the “it doesn’t work” argument. Bit haulage and application service are equally separable and economically viable independently.

There has to be a way to make a strong empirical case in this country that we are being forced to cover the past outlays of inefficient, monopolistic telephone companies, and that these same companies plan to ask us to pay for services we don't want.  Meanwhile, we can focus on building our own wireless mesh networks that don't feed on regulatory barriers.

Bob Frankston has been talking about this and related subjects for some time.