Americans expect dramatically more privacy online than they currently have; that is the essence of the findings of an outstanding new independent study led by Professor Joseph Turow of the Annenberg School at the University of Pennsylvania entitled: “Americans Reject Tailored Advertising.” The study/poll found:

 

 

  • 86% of young adults say they don’t want tailored advertising if it is the result of following their behavior on websites other than one they are visiting, and 90% of them reject it if it is the result of following what they do offline.
  • 69% of American adults feel there should be a law that gives people the right to know everything that a website knows about them.
  • 92% agree there should be a law that requires “websites and advertising companies to delete all stored information about an individual, if requested to do so.”

 

This study strongly validates the findings of an important Consumer Reports Survey from last September: Consumer Reports Poll: Americans Extremely Concerned About Internet Privacy: Most Consumers Want More Control Over How Their Online Information Is Collected & Used.

  • That survey found: “The poll revealed that 93 percent of Americans think internet companies should always ask for permission before using personal information and 72 percent want the right to opt out when companies track their online behavior.”

Web 2.0 publicacy proponents have a big problem. (“Publicacy” is the opposite of privacy.)

  • The new study suggests that the pervasive publicacy practice to collect whatever private information one can get away with:
    • Is a big overreach by industry;
    • Does not have the support of the American public; and
    • Is obviously not fair representation.

Americans have been misled to believe that their privacy has been respected online, when the reality is the opposite.

  • It is ironic that the Web 2.0 movement claims to be consumer-friendly and “grass roots” because the overwhelming evidence is that the average American does not want their publicacy, but their own privacy.

In conclusion, what’s needed is a consumer-centric privacy policy that puts consumers in control of their own private information so that can chose themselves whether they want to exploit it or protect it. This is what I recommended in my June testimony before the House Internet Subcommittees:

 

 

  • “Why A Consumer-Driven, Technology/Competition-Neutral, Privacy Framework Is Superior to a Default ‘Finders Keepers Losers Weepers’ Privacy Framework”
 

 

 

Privacy-Publicacy Faultline Series here:

 

  • Part I: The Growing Privacy-Publicacy Fault-line — The Tension Underneath World Data Privacy Day
  • Part II: Implications of User Location Tracking
  • Part III: Extreme Publicacy — Does Privacy Stand a Chance?
  • Part VI: Why FTC’s Behavioral-Ad Principles Are a Big Deal
  • Part V: Privacy prevailed in Facebook’s privacy-publicacy earthquake
  • Part VI: Do People Own Their Private Information Online?
  • Part VII: Where is the line between privacy and publicacy?
  • Part VIII: “Privacy is Over”
  • Part IX: “Interventional Targeting? “Get into people’s heads”
  • Part X: “Latest publicacy arguments against privacy”
  • Part XI: “The Web 2.0 movement is opposed to the privacy movement.”
  • Part XII: “No consumer control over the commercialization of their privacy?”
  • Part XIII: “Does new Government cookie policy favor publicacy over privacy? “
  • Part XIV: “Google Book Settlement “absolutely silent on user privacy”

 

Advertisements

My NPR Online op-ed: “Net Neutrality Regulations Compromise Freedoms” makes the case why the FCC Chairman’s proposed net neutrality regulations are likely unconstitutional in multiple dimensions.

If you like the op-ed please click on the “Recommend” check button above the title or at the end of the piece, that is in the link below, because that will keep the op-ed posted longer than otherwise.

My proposed title, which was supplanted for space concerns, was: “Taking Freedom From Some Takes Freedom From All.”

  • Below is the text of my NPR Online op-ed.

“Net Neutrality Regulations Compromise Freedoms

September 29, 2009

Be suspicious when anyone argues that the government must take away the freedoms of a few to “preserve” the freedoms of the many. This is true of a slogan-driven issue that most Americans have never heard of, called “net neutrality” or an “open Internet”. It’s about whether government should forbid broadband companies from prioritizing Internet traffic, because that potentially could limit consumers’ access to the content or applications of their choice. In an innocuous-sounding speech entitled “Preserving a Free and Open Internet,” the new FCC Chairman proposed new regulations for all broadband providers to prevent this potentiality.

Our founding fathers understood that it is government that takes away people’s freedoms, not individuals or companies. The proposed FCC regulations assault our constitution in at least four ways:

First, they offend due process. The FCC proposes to take away the freedom of enterprise from about 2,000 companies, because of only two problematic incidents over several years. Imposing an extremely restrictive industry-wide “solution” in the absence of a proven industry problem is like being found guilty until proven innocent.

Second, they offend equal protection under the law. While the FCC previously urged all Internet-related companies to voluntarily comply with its policy statement, the FCC now proposes to selectively and unfairly apply the rules to only some Internet distributors and not to all. This selective regulation approach would have the perverse effect of punishing competitive broadband companies that the FCC admits have done nothing wrong yet, to advantage application “netopolies,” like Google and eBay, because the FCC believes they can innovate better in the future.

Third, the regulations offend the constitution’s protection of property. The FCC’s position that users have an absolute freedom to access the content and applications of their choice, with no regard to the rights of others, is extreme given that net neutrality freedoms are found nowhere in the constitution or law. Surely, a newly proposed FCC net neutrality freedom does not trump two-century-old property-right protections that allow property owners to require permission and payment for the use of their property. Surely the FCC does not have the authority to effectively transform the current Internet free market into an information commons where competitive property owners would have no rights to set the terms of use of their property or get fairly compensated for their products and services.

 

Fourth, they offend freedom of speech. Like it or not, the Supreme Court has affirmed that corporations have constitutionally protected free speech. The FCC proposed ban would perversely conclude that to protect the free speech of Internet users, who have many outlets of free speech, the FCC must ban the free speech rights of corporations.

At the core, the FCC’s proposed preemptive “net neutrality” regulations to preserve an “open Internet” are not at all about promoting freedom but exactly the opposite. Freedom is not a zero sum game where taking it away from some gives more to others. Taking away freedoms of some takes away freedom from all.”

 

 

 

 

The FCC Chairman’s proposed preemptive net neutrality/open Internet regulations are unjustified.

  • That’s the thrust of an excellent Washington Post lead editorial today entitled: “The FCC’s Heavy Hand: Federal regulators should not be telling Internet service providers how to run their businesses.”

Kudos to the Post for great clarity of thought in getting right to the crux of the problem with the proposed regulations in asking the simple bottom line question: “Is this intervention necessary?”

  • The editorial put a bright spotlight on an embarassing vulnerability of these proposed regulations — that they obviously are unjustified on their face.

The Post is also dead on in exposing the severity and intrusiveness of the intervention that the FCC Chairman is proposing, despite assurances to the contrary.

  • In short, ISPs, which have poured billions of dollars into building infrastructure, would have little control — if any — over the kinds of information and technology flowing through their pipes.”

Lastly, the editorial belies the FCC Chairman’s claim that the FCC won’t overreach, by accurately calling the proposed regs for what they truly are: “attempts to micromanage what has been a vibrant and well-functioning marketplace.”

Simply, the old adage is true here: “if it ain’t broke, don’t fix it.”

What an “Open Internet” does not mean is as important as what it does mean.

  • Surely an “Open Internet” is not intended to mean what it certainly can mean: un-protected, unguarded, or vulnerable to attack.
  • Thus, it is essential for the FCC to be explicit in defining what the terms — “Open Internet,” “net neutrality,” and Internet non-discrimination — don’t mean, as well as what they do mean.

The word “open” has 88 different definitions per Dictionary.com and the word “open” has even more different connotations depending on the context. While the term “open” generally has a positive connotation to mean un-restricted, accessible and available, it can also have a negative or problematic connotation if it means unprotected, unguarded or vulnerable to attack.

  • When such an amorphous, multi-use term like “open” is proposed as a new effective purpose for the FCC, and a new formal basis for new economic regulation, it is essential that the term be defined very specifically, for what it is, and just as importantly, for what it is not.

FCC Chairman Genachowski’s seminal speech on “Preserving a Free and Open Internet: A Platform for Innovation, Opportunity, and Prosperity,” which can be found at www.OpenInternet.gov, did a good job of beginning to define the positive aspects of what “open” means in this context.

  • Clearly from the Chairman’s speech the intention is for an “open” Internet to promote good, positive and consensus things like: “innovation, opportunity, and prosperity.
  • It is also clear that the Chairman believes an “Open Internet” fosters “innovation without permission;” he said in his speech:
    • “…the core principle of openness — the freedom to innovate without permission — …has been a hallmark of the Internet since its inception, and has made it so stunningly successful as a platform for innovation, opportunity and prosperity.”
  • However, it is still not clear what the term “net neutrality” means other than preventing anti-competitive behavior, which is what antitrust law already does.
While Chairman Genachowski’s speech began the process of defining the positive aspects of an “Open Internet,” it was largely and conspicuously silent on specifically what “open Internet” regulations would not mean or not do.

  • Consequently, it is a wide-open-question if the effort to define “open,” will be an open-and-shut” case or if it will turn out to be an open-ended process with no satisfactory answer.

Without publicly and explicitly defining what “open” in “Open Internet” is, and is not, there could be several areas of substantial unnecessary confusion, uncertainty and conflict that serve no ones interests.

 

1. Is an “Open Internet” defined like an “open market?”

 

Miriam-Webster’s Dictionary of Law defines an open market as: “a freely competitive market in which any buyer and seller may trade and in which prices are set by competition.

  • Surely an “Open Internet” cannot mean the opposite of a “open market” — in that it is a regulated market where only applications providers may trade or where the government effectively sets prices, terms and conditions and not competition.
  • Surely if competition sets prices in an “open market,” then an “Open Internet” cannot mean that subscription-based or transaction-based business models do not have the freedom to compete with free-advertising-based business models.
  • Surely the definition of an Open Internet cannot mean that one company’s “freedom to innovate” would negate another company’s freedom to compete or an entire sector’s freedom to engage in free enterprise, because that definition would be a zero-sum construct that logically would not be the “platform for innovation, opportunity and prosperity” that Chairman Genchowski aspired to in his speech.
  • Surely the freedom of enterprise, and the freedom of property, and the freedom to innovate all include the freedom to offer “managed services” unfettered by regulation to meet the diversity of growing demands of consumers and businesses.
  • Surely the Internet’s design is not genuinely “future-proof” when the Internet’s co-designer, Vint Cerf, admitted in a Guardian interview that it was a mistake not to incorporate managed services in the Internet’s design:
    • …”The idea of a virtual private network was not part of the original design,” says Cerf, with a grin. “It was actually an oversight. It didn’t occur to me that it would be useful until afterwards.

 

2. Is “Open Internet” non-discrimination defined as an absolute principle?

A major confusion about what an “Open Internet” means comes from what Chairman Genachowski said: “The fifth principle is one of non-discrimination — stating that broadband providers cannot discriminate against particular content or applications.

  • The speech’s explicit language implies that the FCC’s non-discrimination definition could be absolute, like it is in the current Markey-Eshoo Bill (HR 3458), in that it is not a qualified-term as all non-discrimination provisions have been since 1934 as… “unjust or unreasonable discrimination” or “undue or unreasonable preferences… predjudice, or disadvantage.” [Bold added]
  • Surely the FCC can’t be interpreting the FCC’s Title I authority that the FCC has authority to impose a non-discrimination requirement for unregulated broadband information services that is more strict than the strictest non-discrimination requirement for regulated telecom services that is already in Title I section 10 and in Title II section 202.
  • Surely that extreme absolute can’t be the case because that would imply that the FCC intends to regulate Internet transmissions for the first time much more restictively than any communications transmissions have been regulated the last 75 years.
  • Surely a “free and open Internet” means what the language implies, a competition-driven unrestricted Internet, not a euphemism for disguising a new regulator-driven, hyper-restricted Internet that proactively discriminates in favor of applications at the expense of networks.
  • Surely the FCC can’t be interpreting the FCC’s Title I authority to empower the FCC to restrict the business practices of competitive companies more strictly than the business practices of monopoly companies ever were.
  • Surely the FCC cannot be interpreting the FCC’s Title I authority to regulate broadband companies that are not common carriers (cable, wireless, and satellite), as common carriers, when the law explicitly has always treated them differently even if they are “all paths to the same Internet.”
  • Surely the FCC cannot interpret constitutional due process and equal protection to allow the preemptive and selective restriction and punishment of hundreds of broadband companies (that the FCC Chairman implictily acknowleged have done nothing wrong), based on just two official problems the FCC has found in several years of oversight, and also based on the FCC’s Broadband Policy Statement which explictly applies to more than just broadband providers: “consumers are entitled to competition among network providers, application and service providers and content providers.

3. Is an “Open Internet” defined to be un-protected, unguarded, or vulnerable to attack?

In describing the FCC’s new purpose in preserving an “Open Internet,” Chairman Genachowski was largely silent on whether an “Open Internet” would be a “safe Internet” or a “secure Internet.”

  • The only reference to Internet safety and security in Chairman Genachowski’s ~4000 word speech was: the non-discrimination “principle will not constrain efforts to ensure a safe, secure, spam-free Internet experience, or to enforce the law. It is vital that illegal conduct be curtailed on the Internet.”
  • Apparently there was no place in the positive definition of an “Open Internet” for the concept of cyber-security because it was not mentioned at all as a problem or threat to the Internet.
  • It is noteworthy, that a speech about “preserving a free and open Internet” made no mention at all of President Obama’s important declarations on cyber-security and cyber-security threats in his cybersecurity address 5-29-09.
  • President Obama said:
    • This new approach starts at the top, with this commitment from me: From now on, our digital infrastructure — the networks and computers we depend on every day — will be treated as they should be: as a strategic national asset. Protecting this infrastructure will be a national security priority. We will ensure that these networks are secure, trustworthy and resilient. We will deter, prevent, detect, and defend against attacks and recover quickly from any disruptions or damage.”
    • In short, America’s economic prosperity in the 21st century will depend on cybersecurity.” …”It’s about the privacy and economic security of American families.” “…this is also a matter of public safety and national security.”
  • Remarkably, FCC Chairman Genachowski’s speech about “Preserving a Free and Open Internet: a Platform for Innovation, Opportunity, and Prosperity” did not consider raging cyber-crime and rapidly-escalating cyber terrorism threats to the reliable operation of the Internet, our financial system, and our electrical grid, to be mentioned as a danger to the Open Internet and American opportunity and prosperity — or to be worthy of the FCC’s internet policy attention.
  • Also remarkable was that the only mention of a “danger” in Chairman Genachowski’s “Open Internet” speech was:
    • The concern about “a dangerous retreat from the core principle of openness — the freedom to innovate without permission...” and that
    • This is not about protecting the Internet from imaginary dangers.”

Surely the FCC’s definitions of an “Open Internet,” “net neutrality” and a non-discrimination Fifth principle will not effectively define broadband providers as the greatest threat and danger to an Open Internet and its users — a greater threat and danger than cyber-criminals or cyber-terrorists.

Surely, the FCC does not see the potential for anti-competitive discrimination that harms innovation as a bigger danger to consumers and a more important problem to address than the real, pervasive every day cyber-security threat of viruses, worms, malware, cyber-crime, identity theft, cyber-stalking, fraud, denial of service attacks, bot-net zombie networks, etc.

Surely the FCC will be explicit in caring if the Internet is reliably available and operational so that the Internet can be free and open and can enable innovation, opportunity and prosperity.

Surely the FCC will be explicit that it understands some things are more important than others and that without meeting physical, security, and social Internet needs first, aspirational needs like openness tautologically cannot be met. (See my post: “A Maslow’s Internet Heirarchy of Needs? Will the Internet have priorities or be a priority-less Internet?”)

Surely if competitive broadband providers’ business models are truly not viewed as a danger to users but as an essential part of the cybersecurity solution, the non discrimination “Fifth Principle” definition should make it explicit that nothing in that principle should be interpreted to hinder network operators’ ability to manage, protect and safeguard their networks and customers from the full and evolving spectrum of unforeseen cyber-security risks and harms.

  • Surely any new regulation definitions to fulfill its new found purpose of preserving an “Open Internet” must square with the FCC’s 75-year-old purposes Congress authorized for the FCC from Title I section 1: “…for the purpose of the national defense, for the purpose of promoting safety of life and property…”
  • Surely any new FCC Open Internet regulatory definitions will comport with, agree with, and stay within the bounds of existing longstanding FCC statutory authority and precedent.

Given that Chairman Genachowski’s speech focused a good bit on the history of Internet openness as a design principle, it is relevant to share the security assessment of an “Open Internet” — from the perspective of Vint Cerf, the renowned actual co-designer of the Internet’s end-to-end protocol.

  • In an interview with the Guardian, Mr. Cerf shared his candid assessment of the many security vulnerabilities of an Open Internet:
    • It’s every man for himself,” he says, grinning. “In the end, it seems every machine has to defend itself. The internet was designed that way.”
    • “…every machine that can be compromised is a potential hazard. A machine that was OK yesterday is certainly not OK today: it may have ingested an infected memory stick….”
    • “My bias right now tends to be ‘It’s every man for himself’ – you need to be suspicious whether you’re inside the trusted cloud or not, and when it fails, the house of cards tends to collapse.”

Given Mr. Cerf’s blunt assessment of the security problems inherent at the edge of an end-to-end architecture of the “Open Internet,” there are many security threats: malware, viruses, worms, trojans, denial of service attacks, etc., which require reasonable network management to defend against.

 

  • And most importantly, these threats are constantly evolving and many are unforeseen, so surely a non-discrimination definition would need to provide substantial latitude to engage in reasonable network management to address the many vulnerabilities of an “Open Internet.”
  • One category of cyber-security threat, so-called zero-day-threats are so new and potentially pernicious that if there is no flexibility to engage in reasonable network management there would be no way to fulfill President Obama’s cyber-security pledge to: “deter, prevent, detect, and defend against attacks and recover quickly from any disruptions or damage.”

 

  • Tom Tovar, CEO of Nominum, wrote an excellent analysis on the essential role of networks in cyber-security entitled: “Network-based Security Is Our Future.”
    • The simple but essential takeaway from his analysis is that an “Open Internet” will increasingly need network-based security solutions to cope with rapidly proliferating security threats and attacks.
    • Surely any FCC non-discrimination definition from the FCC will explicitly ensure the network flexibility to make the Internet more safe and secure and not more unprotected, unguarded and vulnerable to attack.

    Given that the Internet’s co-designer candidly admits that the Open Internet architecture design has major design flaws that create an “every man for himself” environment, the FCC must take great care in the definition of the non-discrimination fifth principle, to not “force openness” or “force dumbness” on networks.

     

 

Surely the FCC’s definitions will make clear that nothing in a non-discrimination fifth principle could be interpreted to authorize any:

  • Abandonment of precautions, prevention, and protections that defends users;
  • Loss of necessary cyber-security safeguards; or
  • Opening to new dangers, risks and harms by barring defenses that require discrimination or prioritization.

Surely the FCC’s definitions will explicitly allow sufficient flexibiliity for reasonable network management/protections and smart network innovation to enable:

  • Rapid and effective responses to crises, intrusions, infections and outages;
  • Efforts to prevent and protect from cyber-crime, cyber-terrorism and Internet pollution; and
  • A necessary safety valve for unforeseen network pressures.

4. Does an “Open Internet” “freedom to innovate without permission” definition respect property rights?

It is clear that the Chairman believes “innovation without permission” is important to openness, he said in his speech:

  • “…the core principle of openness — the freedom to innovate without permission — …has been a hallmark of the Internet since its inception, and has made it so stunningly successful as a platform for innovation, opportunity and prosperity.”

Surely the FCC’s proposed “freedom to innovate without permission” which is found nowhere in law or the constitution, is not a new absolute FCC principle that overrides or negates other freedoms and rights that are actually based in the constitution or existing law — like property rights.

Surely the FCC’s proposed “freedom to innovate without permission,” does not override the constitutional right to own property and control and profit from its use.

Surely any new non-discrimination principle that is not based on any specific statutory authority, but only interpreted ancillary authority, will not override network owners property rights to require a consumer to agree to and abide by contracted terms of service and pay for services rendered.

Surely the non-discrimination definition will make it clear that “innovation without permission” or non-discrimination is not a license for a taking of property nor does it mean that a property owner does not have the right to require permission and payment for the use of their property.

Surely the FCC’s definitions will make clear that when constitutional and statutory protections of property are not different on the Internet than in the physical world.

Surely the FCC’s “Open Internet” definitions will be specific that they in no way contradict or contravene the official “policy of the United States… to preserve the vibrant and competitive free market that presently exists for the Internet,” which is in the 1996 Telecom Act, and surely the definitions will not have the effect of practically transforming the Internet from a “free market” to an “information commons” where property owners cannot require permission and payment for use of their property.

 

5. How

 does a new non-discrimination definition thread-the-needle of dealing with anti-competitive behavior without preempting free and open competition? Surely the FCC’s regulatory definitions to implement its new found open Internet purpose does not ignore or conflict with the most current law and regulatory precedents related to the 1996 Telecom Act’s promotion of competition.

Surely the challenge in the non-discrimination definition is to not define anti-competitive as anything that could increase regulation that would in effect discourage competition, given that the statutory purpose the 1996 Telecom Act was “to promote competition and reduce regulation… and encourage the rapid deployment of new telecommunications technologies.

In conclusion, surely the FCC does not want to create confusion, uncertainty and conflict in fulfilling its signature policy initiative, nor create many new unintended vulnerabilities for Internet users, when the FCC simply can clearly and explicitly define what an “Open Internet,” “net neutrality” and a non-discrimination fifth principle, are not intended to do or mean.

For those trying to better understand some obvious, important and necessary reasons why networks need to engage in “reasonable network management” and prioritize Internet traffic to ensure quality of service for all — please read a great post by George Ou over at Digital Society.

Traffic prioritization is not anti-competitive or anti-openness — its simple common sense network management.