Information Law Possum

… and should there be one at all?

According to netdialogue.org, anti-spam efforts on an international level are rather informal and non-committing.  Is the risk of having a bad international convention so high that industrialized nations are reluctant to instigate one?

I’m much excited that the Herdict project, sponsored–among others–by the Berkman Center and the OII, is being pushed to the next level this summer!

The project is awesome because the software will allow users to benchmark the performance of their computers against their peers.  (See here for more information.)

My wish list for Herdict is short–it has only one item if I don’t count the best wishes for the Herdict team:

It would be awesome if Herdict could also periodically measure the available internet bandwidth. 

Here in Switzerland, there’s been a great deal of discussion concerning broadband subscribers who get much less bandwidth than they subscribed for, and I don’t think the situation is much different elsewhere–especially in the U.S. where the average bandwidth is lower than in Central Europe. One of the country’s telcos, Sunrise, already offers a “ADSL speedometer” on its website.

However, this service is inferior to Herdict in several ways:

• First, the company that offers it is not neutral by any measure;
• Second, users cannot benchmark test results;
• Third, it’s a web service, and each testing requires user activity.

The problem with lower-than-promised bandwidth is now, as I perceive it, an information problem–and also a problem of collective action.  Herdict can solve both of them:

• With Herdict, it would be easy for anyone to get good data about the actual bandwidth of his or her connection.  (The software might even include analyses as to the average bandwidth depending on the daytime, cross-provider comparisons, etc.)
• In cases where a provider doesn’t live up to its promises, users would see that they’re not alone.  Consumer organizations and the media, both being already interested in the issue, would be more than happy to use and publicize that information.
• Maybe even the OECD would be interested in high-level aggregates of the so-produced information in order to refine their broadband statistics.
• At least in countries that allow class actions, providers would be under a credible threat of legal action and could not hide behind the best efforts clauses in their Terms & Conditions any longer.
• All of this would eventually prompt providers to improve their services and increase quality competition in the broadband sector.  (In Switzerland, at least, there is little price competition since the physical landlines are owned by only two companies, Swisscom and Cablecom, in most parts of the country.)

Of course, where the potential impact of a software on a market is so high and much is at stake for big market players, the prevention of manipulations of all sorts deserves a great deal of attention.

P.S. The release version of Herdict should come in multiple languages, otherwise only a small percentage of users could use it outside the anglophone countries.

In July, Professor John Palfrey and Robert Rogoyski published an article called “The Move to the Middle: The Enduring Threat of ‘Harmful’ Speech to Network Neutrality”, which draws our attention to an important shift in the way how legislators regulate the internet: Instead of regulating end-points, governments across the globe have been targeting intermediaries (in particular ISPs) over the last years. The authors argue that this approach has important drawbacks which result from their inherent violation of the end-to-end principle.
Here are some lessions I personally learned from that reading:

Intermediary regulation - a powerful enforcement tool
Compared to end-point regulation, intermediary regulation is a very effective enforcement tool. Accordingly, it can make - and has made in most cases - bad policies worse. Examples are the censoring policies of repressive governments, such as China, Burma, and many others, but also copyright and TPM laws in democratic countries, which are widely perceived as having undesirable effects. But in my view, we cannot make the effectiveness of intermediary regulation responsible for the bad policies which can be enforced through it.

Does intermediary regulation curb (what kind of) innovation?
As the authors write, one of the well-known advantages of the end-to-end principle is its openness to innovation on top of the basic layers of the internet. I suspect that intermediary regulation can be used to curb innovation, e.g. if data that is expressed in a peer-to-peer file sharing protocol is systematically filtered. However, the existing cases of intermediary regulation seem to target certain types of content (e.g. pornographic, racist or political websites, or copyrighted MP3 files), and I am not sure whether these activities are apt to curb the development of new protocols or applications.

On the other hand, intermediary regulation might curb social innovation, especially the emergence of peer production of governance the authors mention: I believe that governance problems are regarded as problems of the government - and not of citizens - as soon as the government attends to a problem, and that the latter are more likely to do that if an effective means of enforcements such asi intermediary regulation is at their disposal.

Spillover effects: the most important practical problem
The authors mention spillover effects of intermediary regulation that take place at two levels:

• First, as intermediaries don’t have a direct stake in what content flows through their pipes, there seem to be considerable incentives for them to over-comply with the law.
• Second, for the same reason, but also due to insufficient technology and incompetence, intermediaries often apply overshooting means to block or filter traffic. Worse, many of the more straightforward counter-measures to prevent this are ineffective: The authors exemplify that in an impressive way, showing the inherent dysfunctionality of a procedure to ask the library staff to unblock URLs which are erroneously blocked by their automatic blocking software.

Is intermediary regulation evil?
The authors’ main conclusion is - in my eyes - that, when a democratic society considers targeting intermediaries to accomplish its policy goals, the costs and drawbacks of violating the end-to-end principle should be acknowledged. In other words, intermediary regulation is not evil per se.

A good example is child pornography, where end-point regulation has not been totally ineffective, as the many successful police raids prove, but it has inherent cost and jurisdictional limitations. On the other hand, the example of the British Internet Watch Foundation (IWF) demonstrates the effectiveness of intermediary (self-)regulation: When the organization set to work in 1997, 18 % of the child abuse content reported by citizens and reviewed by the foundation was hosted in the UK; now, it’s 0.2 %. (In contrast, 51% of child abuse content found by that organization is hosted in the US.)

Call for action
The (mainly negative) experiences with existing attempts to regulate intermediaries call for action: Information lawyers could assist legislators in pursuing legitimate policy goals through intermediary regulation, and companies in implementing the regulatory framework, by developing a best practice model for intermediary regulation. The model could contain recommendations concerning due process safeguards (for all stakeholders, not only for intermediaries), safe harbor rules (which could prevent anticipatory obedience, as long as they are simple), and much more. Unless we help making good intermediary regulation, we will continue to see bad regulation in the future!