Archive for June, 2008

Knowing less

By On June 10, 2008 In Uncategorized With No Comments Permanent Link to Knowing lessPermalink

The announcement this morning in the Times that New York State AG Andrew Cuomo had reached an agreement with three US network operators (Verizon, Sprint, and Time Warner) about blocking child pornography was both less and more important than it appeared.

It’s less important in that part of the agreement covers something ISPs already do, which is to react swiftly when they get information about child porn on the sites they actually host. Federal law requires hosts to report such material they learn about promptly to the federally-sponsored National Center for Missing and Exploited Children (NCMEC), or risk fines of $50,000 per image.  ISPs also routinely (and promptly) take down this material from their servers once they know about it. (Here’s a code of conduct suggesting this.)

It’s more important in that it takes a practice that had been implicit, voluntary, and quiet – the sharing of information between law enforcement authorities and ISPs about child pornography, including the sharing of lists of sites that law enforcement authorities want blocked – and makes it into an enforceable, mandatory agreement.  It looks as if the explicit agreement that is the subject of the Times story concerns only Usenet.  But there is no particular limiting principle here, and the agreement could extend to anything else that law enforcement believes to be illegal.

Coupled with the story today that French ISPs have agreed to block a wide variety of distasteful content, including hate speech as well as child pornography, today is a day to reflect on possible negative consequences of such an approach.  (I’ve written about this in the past, here.)

What’s on the list? Once AGs move beyond Usenet, and they will, what more will be added?  Will innocent speech be mistakenly identified as unsavory, and blacklisted?  How does a site get off the list?  Movie houses can stop showing adult movies, and URLs can stop being the site of indecent material.

Who makes the list? The story about the French approach indicates that users can nominate sites to be blocked.  In our country, NCMEC has enormous authority.  What’s the clearance process for these techniques?  Could they be abused?

What does it take to carry out the desires behind the list? If an ISP is handed a list of sites/communications to block, what do they have to do to implement the blockade?  Four years ago blocking IP addresses (the then-common technique) was found to block too much innocent speech to be constitutional. (Opinion here.)  If ISPs have figured out how to do more sensitive filtering, does that sensitivity require detailed information about what each user is up to (deep packet inspection)?  Could that sensitivity be misused for the ISPs own commercial reasons (targeted advertising)?  Also – could the blocking of categories (note the reference to all usenet postings) result in the blocking of innocent speech?

What does this mean for the free flow of information online? Governments around the world have an interest in shielding their citizens from illegal speech – in the case of child pornography, the animating idea is protecting children from being abused.  We react immediately to child pornography, and its creation and dissemination is widely prosecuted.  (We’re even going after the dissemination of virtual child porn these days — but see Justice Souter’s stirring dissent.)

Going beyond the prosecution of the people involved in the production of this unspeakable material to requiring network operators to affirmatively monitor for child pornography is a substantial step – and one U.S. federal law has avoided as far as I know.  Will this interest in going after intermediaries, reported on today, always trump the social value of having an interconnected, un-inspected, fast-flowing internet?

National Conference for Media Reform

By On June 6, 2008 In Uncategorized With 2 Comments Permanent Link to National Conference for Media ReformPermalink

So this is the week of the conference posts.  Today through Sunday I’m at the National Conference for Media Reform.  There are apparently thousands of people here.

My talk was earlier this afternoon.

This is quite a collection of people from different disciplines and with different skills.  Lots of questions and comments about local community activism, the depth of the socio-economic digital divide – a refreshing change for me from the focus on federal-level legislation or FCC action.

Back Monday.

Personal Democracy Forum

By On June 5, 2008 In Uncategorized With No Comments Permanent Link to Personal Democracy ForumPermalink

It’s bigger than ever and one of the key 2008 conferences – don’t miss it! (How great to be in Rose Hall at Lincoln Center.)

Register here. June 23 and 24.

Technology has been changing politics for a hundred years now, but the process is speeding up right now. More data is visible, and there are more ways for the candidates to be in touch with the rest of us. But are candidates actually listening, and is the electorate actually engaged?

The forum will feature an unprecedented cross-partisan roster of speakers and panelists—individuals who are altering the landscape of the electoral process, political action and communication in our wired world on a daily basis. Now in its fifth year, the Personal Democracy Forum (PdF) is expanding to a two day event covering not only how the Internet is impacting campaigns and elections, but also how governance is changing.

This is the year of PdF. I wish I could be there, and I think you should go and tell me all about it later.

Another reason on McCain

By On June 4, 2008 In internet law, surveillance With 4 Comments Permanent Link to Another reason on McCainPermalink

About ten days ago, I was a co-moderator (with Ari Schwartz) of a panel at CFP during which surrogates for the Obama and McCain campaigns had a civil and well-informed conversation about tech policy. I was impressed by Chuck Fish, the McCain representative, who did his best to win the respect of the geek crowd in the room. (ArsTechnica report about the panel here.)

In response to a question about immunity for the telcos in connection with their cooperation with the NSA’s warrantless wiretapping program, Fish said that there should be hearings held to figure out what the NSA had been up to. He also (although vaguely) suggested that there should be statutory limits to what the NSA could do, and that the telcos and the NSA should be held to those limits.

Now Wired is reporting that McCain has repudiated Fish’s remarks. (That’s unfortunate, and I think unfair to Fish, who works full-time for the campaign and is clearly a careful guy. He didn’t seem like someone who would make misstatements when he was speaking for the campaign.)

McCain is going with Bush’s Law: No matter what the law or the Constitution says, if the president needs to carry out warrantless surveillance in his capacity as Commander in Chief of the armed forces, he can do it. This is the familiar, overreaching view that Article II essentially trumps everything else. If we’re “in a time of war,” anything goes.

From the campaign:

Here is the bottom line: Senator McCain supports the FISA modernization bill passed by the Senate without qualification. He believes no additional steps should be necessary to secure immunity for the telecoms; both the 109th and 110th Congresses have conducted extensive evaluation and examination of this topic and have satisfied the public’s need for appropriate oversight; hearings purportedly designed to ‘get to the bottom of things’ have already occurred; and neither the Administration nor the telecoms need apologize for actions that most people, except for the ACLU and the trial lawyers, understand were Constitutional and appropriate in the wake of the attacks on September 11, 2001.

Senator McCain has never stated, nor does he believe that telecoms should only receive retroactive immunity in exchange for congressional testimony about their actions. We do not know what lies ahead in our nation’s fight against radical Islamic extremists, but John McCain will do everything he can to protect Americans from such threats, including asking the telecoms for appropriate assistance to collect intelligence against foreign threats to the United States as authorized by Article II of the Constitution.

Wired’s Ryan Singel explains that McCain has apparently been pushed into this Curtiss-Wright-So-I’m-Right chest-thumping position by commentary from the National Review Online.

The legal argument is straightforward: in general, domestic eavesdropping without a warrant is illegal. If the government is eavesdropping on “foreign powers” inside the U.S. it can go to a special court, the Foreign Intelligence Surveillance Court, and get an order authorizing the surveillance – or it can start the surveillance and ask for judicial authority afterwards. This allows the President to act in foreign affairs with expedition, but retains judicial supervision.

It’s alarming that McCain says he will be willing to ignore the law on the books if needed. We adopted this structure after evidence of overwhelming domestic surveillance abuse was revealed as part of the Church Committee’s work.

(It’s also alarming that some Democrats are willing to believe that prospective judicial supervision of warrant requests is an outmoded idea – you can see this in the FISA-rewrite debates. At least they seem to believe that the statute would have to be rewritten in order to avoid the current judicial supervision requirement.)

But let’s start with McCain. He’s more alarming. He’s saying he’d be willing to ignore the statute, whatever it says. I don’t think Obama would take this view.

VZ open development initiative

By On June 3, 2008 In Uncategorized With 1 Comment Permanent Link to VZ open development initiativePermalink

Verizon’s Open Development Initiative may end up being a breakthrough for device manufacturers.  As usual, the devil is in the details, and we don’t even have the details to dig through yet.  But at least the outlines of the project sound encouraging.

As it was explained to me, the idea is to be more open to manufacturers of CDMA devices using VZ spectrum (all of it).  Manufacturers will need to get their devices certified for use on VZ’s networks, a process which is supposed to take 4-6 weeks.  This is much quicker than the current VZ device certification process for devices sold as VZ – that can take a year.  (Device manufacturers who are working through the Open Development Initiative will also need to figure out with VZ what their joint business model will be – how much of a cut VZ gets, what kind of voice and data plans will be offered to end users, etc.)  Then customers can take those new devices and go to a web portal to activate it.  Then they’ll be on the VZ network.

As far as I can tell the specs for the devices aren’t on the Initiative site for public consumption, but I’ve been told that manufacturers are happy with them.  Certification processes are supposed to be in place soon, implemented by third-party labs.  VZ is also saying that they will not limit the applications that can be run using these new devices, although they’re hopeful that the new plan will provide additional distribution outlets for their own software.

I’m curious how CALEA and E911 compliance will be handled – we’ll have to see that in the certification specifications.

VZ is saying that devices that aren’t theirs won’t get device-customer-service from VZ (unless the manufacturer has arranged for VZ to provide it), but network issues will remain VZ’s to deal with.

VZ’s plan is that the Open Development Initiative will be very attractive for device-to-device business models and will help offset losses in pure voice revenues.  They’d like to be investing in new partners that they meet through the initiative.  And they plan to allow this new initiative to compete directly for attention and customers with the traditional Verizon Wireless part of their business.  (They’re not planning to have new applications from this initiative running on traditional VZ handsets.)

Lots of details to come.  Will ordinary end-users opt for unsubsidized handsets?  Will the certification process require that the devices only allow applications that adhere to IMS-like signaling standards, or other limitations that might be harmful to innovation? What pricing plans will be offered to customers, and will they be attractive? How restrictive will certification testing be?  How useful will the certification information be to application developers?  Why aren’t the new applications allowed to run on VZ handsets? I’m skeptical, but looking forward to knowing more.

We haven’t yet seen the first device deal, but all of this is in the works and VZ is promising news very soon – hence this post.

P2P traffic standards

By On June 2, 2008 In internet policy With 4 Comments Permanent Link to P2P traffic standardsPermalink

Someone pointed me today to an IETF workshop held last week at MIT (announcement here) about possible standard-setting activities focused on P2P issues. The workshop was prompted by the Comcast/BitTorrent experience.

This is a good development, in my view. Putting aside the policy implications of the Comcast situation (and the question whether the FCC has or should have jurisdiction to do anything about that situation), the key problem for the globally interoperable internet as a whole is whether network operators are adhering to internet standards.

The cable networking standard, DOCSIS, was designed by CableLabs to be profoundly asymmetrical. More traffic can travel down than up, across widely-shared neighborhood uplinks. As I understand it, the standard also provides for long buffer lengths – lots of packets lining up as TCP fills the buffer – which makes for multi-second lags that are frustrating for VoIP and gamers. Additionally, and somewhat paradoxically, heavy upstream users are automatically sent to the front of the line – “ordinary” interactive users may get stuck behind them. Cable network operators argue that these infrastructural factors, and others, make network management to interfere with heavy P2P use necessary. I understand that DOCSIS 3.0 will increase bandwidth available to cable subscribers – by joining together cable channels – but will still have asymmetry (if perhaps not as profound).

Meanwhile, of course, P2P is extremely useful as a solution to content-distribution issues because it allows for spreading the weight of transmission. Randomly cutting off P2P sessions, or having standards that differ across network operators, will harm innovation.

So while we wait for network operators to upgrade their networks, it would be better for application developers and for the internet as a whole for standards to be developed for application-agnostic congestion control. Hence the IETF workshop.

All the papers for the workshop are here, and there’s a particularly interesting BitTorrent paper (#22 on the list). BitTorrent says:

The IETF could help solve the problem P2P apps currently pose for ISPs and users in these ways:
1. Standardize a mechanism for BitTorrent cache discovery. This is the lowest-hanging
fruit.
2. Standardize a mechanism for conveying information about the network to P2P software, which would enable smarter peer selection, and standardize ways to use this information. Cache discovery could be a part of this potentially more general mechanism or could be separate.
3. Document an experimental approach to end-to-end congestion control that meets the objective of not increasing delay substantially even if bottleneck device buffers are large relative to the bitrate.
4. Publish an informational RFC that documents caching, smarter peer selection, and better congestion control as the best current practices in solving problems caused by P2P.

Take a look. Application-agnostic standards like TCP/IP made internetworking possible in the first place. It would be good to continue with the goal of a globally interoperable, application-agnostic internet.

Newer Entries →