Tag Archives: cispa

Should we celebrate about Google joining net neutrality fight?

Posted on by

It’s time we be skeptical of high tech companies that support policies that we want. Today, a large number of tech companies came out against the FCC’s plan to allow internet fast lanes. They aren’t as bold as Mozilla in their claims, they don’t push for the most extreme best for the consumer perspective. We, as consumers, have to understand there’s a reason for this. These companies (and there are a lot) wrote the letter without stating what their position actually is, just that they are for a “free and open internet.” This is essentially a dream statement for a lawyer/lobbyist, because “free” and “open” can mean a variety of things based on that company’s perspective.

These companies are willing to push for a free/open internet insofar as it enables them to make money. We have to understand that. Many of these companies are looking to disrupt incumbent market players and are leveraging the internet to enable them to do that.

Normally, I’d be really excited about all these companies coming out in favor of net neutrality. However, because of their tepid support, their lack of recommendations of what to do to address the net neutrality issue, and tardiness to the conversation I’m concerned as to what their actual motives are for this debate. This is a very different discussion than SOPA, where just coming out against the bill was enough. In this case it’s not, we need them to provide clear direction on what the FCC SHOULD do instead. This provides the FCC a path forward and a way to drive the conversation. Without that, essentially there’s no clearly articulated alternative during THIS debate. Yes, they’ve made an argument before, but they aren’t this time.

I also am concerned by this turn of events because of the recent report that Google and the NSA had a very close relationship. In very strict version of net neutrality deep packet inspection wasn’t possible because there was no way to actually do it. The first step to packet discrimination is knowing what’s in the material. Truly end-to-end net neutrality precludes the ability to eavesdrop and snoop on content being passed along the IP backbone. Any sort of relationship between the NSA and arguably the largest internet company in the world necessarily limits the full extent that Net Neutrality can actually be implemented.

Furthermore, we also must remember that a large number of these companies that are now for Net Neutrality were also for CISPA which includes handing over data to the government. Which, based on Google’s relationship with the NSA, they essentially did anyway.

So, it’s a good thing that these companies came out for Net Neutrality because truly only the power of their lobbying can overcome the FCC’s proposal and push Comcast and Verizon into accept the new rules. I don’t think that we citizens could do it on our own.

(if you want to try to fight corruption that’s sort of on display here, check out Mayone.us)

A bit remiss

Posted on by

Sorry dear readrs, I’ve been very bad about writing any blogs lately. I’ve had some pretty big changes in the past two months as you all know. I’ve moved back from the Netherlands to the US, did some consulting work and I just started a job at AMD. Consequently, I’ve not been able to post as much as I have in the past. Big changes have been happening in my life.

Because of these changes I wasn’t able to pay enough attention to the CISPA fiasco that just occurred in the US. This law is a terrible step in the direction of data tyranny. I’m even being hyperbolic about this either. I wrote about the risks of having a voluntary data sharing program and in my review of Consent of the Networked I discussed the different data and Government regimes out in the “wild.” These concerns are valid. We need to be aware of what’s going on. Now, I have to say we pretty much blew our collective internet protest load with the SOPA/PIPA protests. Which is actually a problem. I would hazard that in many ways CISPA is as bad or worse than SOPA, however I didn’t see as much chatter about CISPA on reddit, twitter, Google+ or Facebook about CISPA as I did about SOPA.

I think there are a few reasons for this actually. First, the majority of the people were able to clearly understand the risks associated with SOPA. These risks are pretty straight forward and understandable. These risks affect us tomorrow not in some future time period. In many ways SOPA like acts can already happen today. This makes it extremely obvious why SOPA/PIPA are terrible laws and should be opposed at many levels. Second, with CISPA coming so quickly after the SOPA/PIPA protests there was likely something of a protest overload or disbelief that another law could come through so quickly that is as bad or worse than SOPA. Especially with the language that was being used at the time of SOPA. It would have broken the Internet, how could anything be worse than that? Third, there was more support by large companies for this law than for SOPA. Apparently that actually matters more than we realized. We were able to push Wikipedia, Facebook, and other large companies to protest this law. However in this case Facebook and Microsoft supported the law while Google sat on the sideline saying nothing about the law.

I think from this stand point, people that weren’t happy with CISPA but didn’t understand the importance likely didn’t do anything about it. However, whenever a fantastic website like Wikipedia blacks out in protest for a law it will get people who are only on the fence about the law to actually do something about the law.

CISPA and SOPA are both bad but in very different ways. CISPA is something of an abstraction of risk. Losing your privacy when so many people already voluntarily give up so much information about themselves on Facebook and Twitter might not seem like as big of a deal. The secondary abstraction is a lack of understanding of the impact of the data sharing. It’s unclear of what exactly the Feds would do with the data once they have it. It’s unclear how data sharing would occur within the government. However, it is likely that the data would be shared throughout the government including the military. Which many privacy experts are say essentially legalizes military spying on US civilians. The third problem is that many people also feel that if you aren’t doing something wrong you don’t have anything to worry about. However, this is a fallacy as even people who are doing things that aren’t wrong can get in trouble. I’ve discussed the cases where people are fired for posting drunken pictures on Facebook. Additionally, this type of law represents the biggest of the big government that we can imagine. There’s no reason why the government needs to know what we’re doing in this level of detail.

It’s going to be a long and difficult fight to keep our internet free. However, it’s something that we must do and I believe we can do it. We will just need to keep vigilant and work together to ensure that our internet stays our internet.

Free-market, Small Government and Regulations

Posted on by

The free-market has been used to argue against regulations and for small government for years. However, I believe that the major supporters of using the free-market argument are disingenuous in their application of the argument. In addition, the free-market is a flawed theory which needs to be revisited by neoclassical scholars and adjusted.

The free-market theory comes from the idea that there is an invisible hand that guides the market towards equilibrium between supply and demand. This assumes that once the equilibrium is hit it will stay at that point until there is some shock to the system which would find a new equilibrium. Each time that there is a shock, the invisible hand would push the market into a new equilibrium. This idea came as a side comment in the Wealth of Nations. This idea has become enshrined in the minds of neoclassical economics in a manner that Newtonian Physics was presumed to be accurate. In both cases the theory is incorrect. Relativistic Physics has replaced Newtonian, but in Economics the free-market is still the prevailing mechanism for policy creation. There has been no evidence for an invisible hand at all. In fact Metcalf created the theory of a networked economy which argues that the value of a good becomes more valuable as more people use it. I’ve mentioned this in the past. Essentially, this will prevent any equilibrium from every being found as the price can increase and people will still adopt the networked item because it’s becoming more valuable to the user. Or the price can remain constant even when it should drop for other factors such as a reduction in cost of production. A perfect example is the iPhone. According to research Apple has a whopping 72% margins on the iPhone, even if production was moved to the US Apple would still make 42% margin on the iPhone. There also is an over production of the iPhone and strong competition, which would indicate that the iPhone should drop prices as they are capable with that large of a margin. This market has a great deal of competition and has a large number of companies producing, which indicates that it Apple should be under pressure to drop prices. However this isn’t happening because of the networked value of the iPhone. There are a huge number of apps for the phone, the apps are high quality and the product works well with other iPhones. The market has had no impact on the cost of the iPhone.

However, free-market champions would look at any effort to change the labor practices of Apple as wrong headed and regulation that isn’t required. The Market isn’t demanding any change to labor practices because the market can bear the current prices and the demand indicates that people don’t care about labor practices. However, it’s well known that there are no alternatives to Apple’s iPhone that are produced in an ethical manner. So voting with your money wouldn’t actually work here. The problem arises because there is something of a monopoly in the manufacturing of the smart phones in FoxConn. In this case there is a market failure. Which is something that neoclassical theorists argue cannot occur. The market cannot send a signal to firms because there is no mechanism in which the market could send a signal. This is can be understood if you view this industry as a networked economy. Where you see the ties between manufacturers and handset companies, which would show a massive connection to FoxConn.

Efforts to regulate the manufacturing of devices have been argued as the reason for moving the manufacturing to other countries. However, this is not the case in the case of Apple, as they would still have huge margins. It’s because the company is attempting to maximize profits, not reduce costs to be profitable. The same arguments have been used to argue for smaller government. Saying that since there are no market failures the government should not intervene in the industry.

The unfortunate thing is that these arguments immediately disappear when it comes to protecting the profits of record industries. The same free-market advocates then move to argue that intellectual property must be protected. Essentially, creating protection for a specific product through IP causes a market failure and prevents the market from operating at its most efficient because there are not other competitors in the market. Creating IP requires a huge regulatory framework from the mechanisms of registering, logging complaints and prosecuting actors that infringe on the IP.

This type of industrial policy is typically derided by the small government fans, as it is a type of regulation that selects a “winner” (IP owners) over “losers” (non IP owners). Which may be fine. However, whenever this selection pushes our government to select a winner (Music) over the fastest growing, possibly only growing, part of our economy (internet based companies) there is a serious risk to the future. As I’ve mentioned before these laws represent huge risks for innovation.

These laws are SOPA and PIPA, which I’ve discussed extensively. However, the next round of internet regulations come in the form of CISPA. This bill, which requires allows companies to share extensively with government agencies. This type of sharing of user data and information about the activities going on at the company would not go over very well from the the free-market advocates if this was a request for data about customer data for car dealerships or steel mills. Essentially, this is going to increase the cost of doing business in the US. This may prevent companies from working in the US and prevent innovation. If I was to create a company that dealt with social data I would not want to do so after the passing of this bill. It would be likely that I would be blackmailed into giving the government data about my users that I had no desire to give them.

The internet is the perfect example of a networked economy. Facebook’s value comes from the fact that it has a huge user base. This is true for Google, Amazon and Instagram (List of companies that support CISPA). Without the users the services is literally worthless. With the users a company without any revenues can be worth $1 Billion (Instagram). The difference between this bill and other bills like SOPA and PIPA is that the agreement is bidirectional. The government will likely help Facebook and Google fight Chinese attacks and give information to each other about the activities of online hacktivist groups like Anonymous. It is likely that 4chan will end up giving over IP data and other information related to anonymous and Anonymous users.

This is regulation that the internet doesn’t need and will stifle innovation. The government already has these powers, which maybe why the Obama administration is opposed to CISPA. It is also ironic that Obama plans on sanctioning countries that use Tech to abuse human rights specifically committing genocide. A whistle blower has recently announced that the NSA has intercepted 20 TRILLION emails and likely has copies of all of these stored somewhere. The passing of CISPA and any other law of similar persuasion  would likely protect companies like AT&T from future lawsuits for being complicit with these activities.

For devotes of the Free-Market these laws create market distortions and will cause serious harm to innovation on the internet. For people that understand networked economies, this will greatly undermine the value of these networks as users will likely change their behavior to mitigate the amount of information the Government can compile on them. CISPA and its sister laws SOPA and PIPA represent big government actions attempting to control and regulate industries that do not need to be regulated. In this case there is no market failure that needs to be addressed. Privacy is something that the users have been pushing for and Facebook and Google have steadily improved on those accounts. Surprisingly industry is doing a decent job at regulating itself. Finally, regulations being pushed by advocates of small government and free-market smack of hypocrisy and a lack of understanding. These laws require a deep understanding of the internet and how the market of the internet works. Without this understanding terrible laws will be passed that will damage our privacy and freedoms. For the issues that this law would protect from there are other methods that could be employed to gain the desired results without passing laws.

Contact your congressional members to fight against this bill.

CISPA and the problem with volunteering data

Posted on by
So, CISPA, Cyber Information Sharing and Protection Act, is the newest cyber bill on the block. There is a difference between this and the other laws though. In SOPA and PIPA the laws were mandatory, and the government could simply act. In CISPA companies can willingly filter material and this may be based upon information the government provides as a threat. This was a bad situation and internet companies seem to like this law. Facebook and Microsoft are straight up supporting the law. There is uncertainty in the public if Google is or not.

So, in this law the government and internet companies can voluntarily share information about cyber threats and suspicious activities online. However, the problem with voluntary sharing programs is that they can turn into “voluntary” programs. What do I mean? Well, if the government is not required to give the information to all parties that could be affected in some sort of terrorist act the government could decide to give information to companies that are sharing information with the government. Additionally, the government could punish companies, like Twitter, that fight the government over privacy issues by not sharing information.

These are pretty obvious problems with this type of law. It assumes that each event is independent and previous actions have no consequent. This is a faulty premise. If this is viewed as a multi-turn prisoner’s dilemma, it’s obvious that with repeat interactions the best actions will always be to share. This will likely lead to sharing when there are cases of doubt over if the company should share or not. Companies will fault on the side of security over privacy, because the future benefits outweigh any punishment the users can enact on the companies.

These types of pseudo quid pro quo is impacting the US government in other ways including lobbying. It is likely that this information exchange will be used by companies whenever there are negotiations for future laws. They will be able to say, “you need to respect our rights to X, look how friendly we’ve been with the government” and then show a list of times they voluntarily gave data to the government. This was a tactic that Ma Bell used to keep their monopoly as long as they did. Because the company was providing the government with extra public goods (military research), the government was willing to over look the fact that the company was a monopoly and perhaps should be broken up.

CISPA is a dangerous law that we need to carefully weigh accepting. We need to pressure internet companies to step away from the law. We also need, if it passes, better understanding of when companies hand over data willingly and for what reasons. We should also be notified any time a company hands over our data about us to the government for any reason.

Book review: Consent of the Networked by Rebecca MacKinnon

Posted on by

I just finished Consent of the Networked today. This title, of course, is a play on the idea of the consent of the governed. Where governments are only able to govern with the express permission of the people it governs. We have seen recently with the Arab spring that it is possible to reject the govdrnment and show that the governed do not consent.

The book starts with a discussion of how the internet is different than traditional governments. As, most people are aware the internet is international, operated by many different actors including individuals governments and companies, and is not has some of its own rules and norms which are different than the physical world.

Because of the diverse set of stakeholders for the internet the way we (an average person) is different based on the country you live in, the network you are using and the relationship between your government and businesses from other countries. Then toss in advocates that use the internet to promote democracy (or are progovernment) and human rights experts and we have a very messy situation that will likely lead to more and more conflict.

Some of these conflicts are unsurprising, such as countriess like China, Iran and prefall Egypt and Tunisia want greater and greater control of their internet and networks. Which the US State department doesn’t want and puts the countries in great disagreement over the future of the internet. However this is not the only source of conflicts. There is conflict in the US itself.

The State department is pushing for more circumvention tools and techniques to make it possible to get around firwalls. TOR is one of these I’ve talked about in the past. However, the US legislature is pushing for more control and better access to what data is flowing and ways to block it. These laws, SOPA, PIPA and now CISPA all attempt to contol the internet in the name of IP or cybersecurity. However, they are methods that allow censorship and control over the internet. The US is not the only country implementing these laws, the UK has and the EU parliment is still considering ACTA.

MacKinnon also indicates that these actions help to validate countries like China. In some cases the support comes from artists like Bono or the RIAA when they say they want the same abilities as China for blocking access to content. However, the laws can only do what companies are capable of providing to governments and consumers and other agencies.

Copyright laws would be useless if companies had not created ways to inspect data and then stop the transfer. Some of this comes in tne form of filters and blockers for parents. These can be applied at the national level. Cisco and other major western comoanies provide equipment through sales to countries like China for the firewalls and censorship abilities.

These are not the only way businesses are complicit with repressive regimes (in many cases the equipment is essentially off the shelf), MacKinnon also describes the cases of Yahoo and other companies where they hand personal information over to the regimes. In some cases this has led to death for the person whose information was requested. Of course this isn’t just in China, but the same companies hand data over in the US and other democracies.

At this point human rights groups and other rights groups have become more active around the world on matters of the internet. A large portion of her book deals with these problems with through a human rights perspective. I believe that this is a good way to look at these problems. This levels the field across socio-economic levels. It begins with the assumption that protection of data should be universal. It frames the perspective that she argues for netizens to engage and to be active in address these issues.

She argues that we can’t expect the next CEO of Facebook to be benevolent as Zuckerberg has sort of been. The netizens need to pressure companies and governments for better clarity of what our data is being used for, how long it is stored and why it is collected. This important, because we “consent” by clicking I accept without reading and with no control over a change in contract. Anger at changes Facebook has made lead to changes, so as a group we have the ability to effect change at companies. We have also seen what collective action can do to government in light of the SOPA and ACTA discussions.

These matters are important because they affect all of us. This book does an excellent job explaining what is at stake. It provides a perspective from the developing world and the people under dictatorships. It highlights the fine line we are currently treading and that countries like the US and UK could easily slip from democracy into digital dictatorships where the views of a select few are paid a great deal of attention and the rest are ignore and censored.

Over all i give this book 4/5. At times the book was somewhat repetitive but it was to ensure the point was made. This book should be read by any cyber activist, developmental scholar and student of dictatorships.