Regulating The Internet? Not the Tubes Themselves…

If Net Neutrality is an argument about economics (and federal administrative law), Content Regulation is an argument about ethics and culture.

Net Neutrality is becoming an old hobby horse for a lot of people. It gets a lot more attention than most telecommunications policy issues. Even though questions about copper wire lines vs fiber optic cables actually affects more people, the internet is generally united by the fact of its own existence.  This is about regulation at the highest level, determining the equality and/or equity of access to content. No one online is indifferent to the internet—the only debate about net neutrality is which policies are best for the consumer and the telecommunications marketplace (or, in the United States, “telecommunications marketplace”).

But there is another layer of regulation that is quickly gaining attention. If Net Neutrality is about the form of the internet (its structure and broad organization), there is a growing need to consider questions about the regulation of the content of the internet. Over the years, the internet has been a vector for some amazingly good and amazingly bad actions by humans. The differences in the kind of regulatory concept at play are hard to understate. Rather than comparing it to different video games, I would compare it to the difference between a video game and a tabletop game.

1) I’ve always been fascinated by the dawn of the computer age. My childhood was the tail-end of a world in which homes did not have internet access. By the start of law school, everyone looked up famous cases and Latin phrases on Wikipedia during class (except for the people who did the reading the night before- they looked it up before class). I’ve often compared the early days of the internet to a kind of Wild West setting: a lawless frontier where fundamental questions about the mold of civilization were not yet settled. I thought most of those questions would be settled by 2015. We are not close to a consensus on rules. Indeed, we are still testing what types of rules are feasible or desirable.

Video games are literally made of rules: the computer code that constitutes the game itself. Tabletop games are made of… usually cardboard, or some kind of paper. (Occasionally, they have some plastic – or even metal if you got the collector’s edition.) This may sound like a silly or vacuous distinction, but it has important ramifications for the kinds of problems that can happen in a game, and the kinds of solutions that will (or won’t) be effective.

2) Lawlessness can lead to problems. This was probably not known until 2 decades of unfettered internet, but now we know. Free to do anything, people have tried very hard to do everything. Every app, platform, hosting site, game, or program online that gets big enough eventually starts to experience just about every problem type that humans can present. From intellectual property disputes to death threats, from fraud to manslaughter, the internet has been a way for people to discover criminal behaviors that past generations could never have the opportunity to access. The unethical choices of both multi-national companies and village simpletons are available for repeated viewing.

In a video game, the code can sometimes glitch and create problems for players. The code can also execute perfectly, but there may be complaints about the design of the game itself (a level being too difficult or some power or tactic being of an unsuitable level of power). With some difficulty, players can cheat by actually breaking the code, but more games can detect this (and especially so in professional e-sports settings). In a tabletop game, anyone can cheat, the rules may be wrongly applied (or not applied at all), and all manner of chaos can ensue. DDoSing an opponent during a game might be a little bit akin to literally flipping a table during a game of Monopoly or checkers,

3)  YouTube’s takedown system is already an example of an effort to regulate content, and it already shows some of the challenges with instituting a content regulation system: people will find ways to game that system. Any system of regulation will have two negative outcomes: it will penalize the innocent, and it will be dodged by the guilty. The most you can hope for is that it will protect most of the innocent and it will penalize most of the guilty. The US justice system, even when working as intended, will sometimes produce undesirable results: a guilty person will go free, and an innocent person will go to prison. The hope is that this happens very infrequently.

The most common reaction to bad behavior online has been for authoritative parties to do nothing. The most common reaction by authoritative parties to actually do something has been to ban the bad actor. The most common reaction to this ban is to come back with a different username or account.

In video games, cheaters are often banned (if they are making the game worse for other players). But in table top games, people who ruin the game are just not invited back. No one will play with them anymore. People might hang out with someone less if they behaved in a wildly unacceptable way during a casual weekend game of Risk or Werewolf. In a video game, bad behavior has very limited consequences. In a tabletop game, bad behavior can have lots of meaningful implications.

 

4) What would it look like to regular content? Getting it wrong is easy — which is the primary reason that’s what’s going to continue to happen. Whether trying to penalize criminals or regulate behavior online, creating a fair and ethical system that consistently produces more good results than bad ones is difficult. One problem is that incentives are at odds: most platforms want to turn a profit, and if bad behavior yields a net gain, the platform needs a solution that will actually make more money than the current bad behavior (plus the cost of implementing the remedy). Another problem is that platforms tend to think of regulating their content the way that most Americans think about regulations: an appointed governing authority (or combination of authorities).

 

Conclusion

You can’t make people be good, but you can keep deleting all of their manifestations of their behavior on the internet: You can suspend or ban accounts, and eventually IP addresses. You can automatically censor strings of characters, and continually update the list of banned strings. These will continue to be the solutions offered, and they will continue to mostly fail while they almost half-succeed.

Over a decade ago, Lawerence Lessig asserted that laws are of four types: market, cultural, legal, and architectural. It turns out that enforcing the legal type of law in a digital space is very difficult. But cultural norms practically enforce themselves. And architectural laws are always already enforced. Market rules can be fickle, but persuasive. A lot of efforts to regulate content will fail because they will hinge on the concepts of legal enforcement.

The lack of rules and regulations is what made the internet a place where amazing things could happen. Without rules to stop imagination and creativity, people created art, solved problems, built positive communities, and enriched themselves and each other. In that same landscape: without rules to stop hate and anger, people created harassment and bullying, invaded privacy, ruined lives, occasionally killed people, and destroyed a lot of good in the world. Lawless frontiers are the best opportunity for the most beautiful, important, and inspiring expressions of humanity. They are also the best opportunities for the most despicable, dangerous, and damaging expressions of humanity. What the internet becomes will be decided—has always been decided—by what people bring to it.

Advertisements

What the Internet of Things can Learn from “The Order 1886”

Great (Sounding, Looking) Potential

The Order 1886 has great quality graphics, but is a poor quality game. Just because the technology involved is cutting edge doesn’t mean the final product is good. The internet of things relies on some cutting edge technology and novel ideas, but that doesn’t mean the final product is always favorable.

I’ve been hearing about the “Internet of Things” for several years now. Middle-aged entrepreneurs are just sure that this “the next big thing,” except it’s going to be bigger than the car or the light bulb. From what I’ve seen, IoT is a glossy, shiny, pretty gimmick that hasn’t shown it’s poised to really solve problems that consumers feel they have. So far, we don’t think a fridge that buys eggs for us is really what’s missing in our lives.

Having sophisticated technology isn’t the same as having a great (or even marketable) tech product. In the same way, having glossy graphics isn’t the same as having a good (or even marketable) game. Both IoT and Order 1886 are impressive at a glance, but fail to live up to expectations as one spends more time with them.

Burger King Sets Itself Up For Trolling

The broad IoT idea continues to reveal vulnerabilities and half-thought-out applications. A few months ago, Burger King aired an ad in which the actor in the commercial asked the viewer’s smart phones to read the first paragraph of the Wikipedia page about Burger King’s flagship product, The Whopper. The completely predictable result was that people started vandalizing the Wikipedia page in question, leading the ad to tell people that The Whopper contained humans and cyanide.

There’s a lot I could go into about this example, especially about troll behavior and the weaknesses of IoT’s reliance on unsecure nodes. I want to highlight that the problem wasn’t about hacking into Burger King or Android systems. There are some concerns with IoT and that sort of hacking, but there’s another problem: Entrepreneurs rely on the web without knowing what 4Chan is or having have never been verbally abused by a stranger for the length of an entire League of Legends match. That is a mistake.

This example also illustrates why IoT hasn’t gotten traction: It’s still a gimmick that breaks often. Even when it works at its best, IoT is a fun and surprising answer to a question no one asked. The best case for Burger King’s commercial is that they surprise a few consumers, but also stir fears about privacy and security in doing so. The success of IoT still hangs on the uncomfortable reality of diminishing personal privacy, and many consumers haven’t completely reconciled leaving the past with entering the future.

The Order 1886 Fails as a Game, IoT Still Fails as a Tech Product

One of the reasons people were so angry about The Order 1886 is that the trailers looked so good. People bought into the promise and the hype, and then it failed to deliver in meaningful ways. Similarly, the more glossy the presentations about IoT get, the more consumers will feel the gap when they don’t experience a meaningful impact as a result of using it.

It’s the applications that go on top of the tech that really matter. Platforms and apps that balance consumer’s emotions about privacy and security will be the only thing that can really bring about the kind of pervasive, omnipresent IoT about which I keep hearing (excited and vague) presentations.

Things that look really good but don’t do anything are called art. Things that do something useful are called products. Usefulness is not the sole factor in a product’s quality or its marketability, but it is important- especially if it wants to be more than a fad or gimmick that ends up with a discount sticker in the bargain bin.

ISPs Tell Two Lies: “This is Fair” and “This Will Work”

Intro: The Parable of the Watermelon Stand

Once upon a time, two folks (Alphonzet and Balantanoid) decided to sell watermelons at a roadside stand. The two-step business model was: 1) buy watermelons for $1 apiece from a farm, then 2) transport them in their pickup truck to the roadside stand, where they sold the watermelons at a retail price of $1 apiece. After some time, accountant Balantanoid informed business partner Alphonzet that, due to the price of gasoline and other incidental business costs, they were actually losing money. Alphonzet reviewed the numbers and pondered, and then ventured a solution:

“Do you think we need a bigger truck?”

Businesses looking to buy consumer information from ISPs are like the characters in this story considering using a bigger truck. More data isn’t what businesses need, and there is danger is believing otherwise. Furthermore, ISPs unjustly shirk responsibility that ought to come with the entitlement to the data they intend to sell.

I. Background.  Internet Service Providers Aren’t Satisfied With a de facto Monopoly

Internet service providers have no competitors and provide a borderline necessity. They can charge anything (and do) and provide a low quality product and service (as they do), and customers will still pay them (and they do). This isn’t enough for them. The telecommunications industry has successfully lobbied congress into repealing an FCC order that previously prevented the sale of tracked, identifiable consumer data to third parties.

Of course, ISPs are the only ones who can risk fighting their customers. Service providers operating on the internet can’t antagonize their customers because they are subject to fundamental concepts of free market capitalism: If they anger their customers, their customers will go elsewhere. ISPs don’t have “customers” in the traditional sense. They have “victims” or “hostages”- so it makes sense that ISPs wouldn’t worry about treating them like customers.

II. “This Will Work.” ISP’s Already Lie to Consumers and Government- Now They Get to Lie to Businesses

I don’t know how many lies the telecommunications industry had to tell congress to get the FCC’s rule repealed. Probably not many- after some generous donations, congress rarely asks very many questions, or cares about answers. But the lie that ISPs are relying on now is for 3rd party companies to believe that (in the context of the aforementioned parable) a bigger truck will turn their watermelon business profitable. There are two likely outcomes of this business arrangement: either advertising will get better, more efficient, more streamlined, more effective, and benefit both advertiser and consumer, OR advertising will become more obnoxious, more noisy, less useful, less relevant, more intrusive, and worse for consumers and advertisers.

In his NYT Op-Ed on this legislation, former FCC Chairman Tom Wheeler gives the example of ISPs selling data to car dealerships about which customers are visiting car websites, thus allowing car dealers to target more likely customers. One interpretation is that this will help car dealers only target relevant audiences, and customers will get better opportunities and information as customer-business connectivity is optimized. My experience is that this is supremely unlikely.

My most recent experience with targeted advertising is that the business model is not effective. I spent an evening looking for a new pair of shoes from online stores. The next day, ads for shoes show up on my Facebook feed. But I had already bought shoes. I was no longer a potential customer in that market. No amount of advertising is going to persuade me to make a purchase, because the purchase was already complete.

More data doesn’t mean you understand your customer better. You need the right data- and ISPs just can’t provide that. Data science simply isn’t good enough yet. The algorithms consistently fail to capture human thought, intent, and desire. The greater danger in the loss of this privacy isn’t in other parties knowing who you are- it’s in other parties THINKING they know who you are.

This example reveals two facts that render third party purchases of consumer data useless: a single data point or grouping of data points doesn’t tell you all of the important data about a consumer, and second, consumers move faster than companies. For the same reasons that cause all of us to receive junk mail addressed to people who haven’t lived at an address for years, (or even addressed to deceased persons), companies efforts to use consumer data are routinely ineffective. The myriad problems with the over-reliance on big data is its own subject, but one that informs this issue.

The effort to make money off of violating privacy won’t work because companies aren’t equipped to turn data into sales.

III. “This Is Fair.” Justice Requires That ISPs Pick A Single Classification: Common Carrier or Private Enterprise

There is a doctrine in tort law that common carrier services like buses and trains have reduced duties to customers. Private carriers have more discretion about how to run their business, but have increased liability. In the famous tort case Paslgraf v. Long Island Railroad, a railroad company was not held liable when a passenger’s explosive package accidentally detonated, causing injuries. Part of the reasoning relied on the notion that the railroad was a common carrier, and such service providers are not liable for some acts of their customers because they have less discretion regarding their customers than a private carrier has.

This reasoning ought to be applied to internet service providers: ISPs can be either a common carrier or a private carrier, but must accept the responsibilities and limitations of whichever classification they choose.

If ISPs want the benefits of being private enterprises, they need to take on the liability commensurate with those benefits. The concept of safe harbours in the DMCA is predicated on the notion that ISPs are a sort of public utility or common carrier. ISPs that want the benefits of private business need to be liable for crimes and damages that common carriers would not be liable for.

ISPs believe they have a right to the data of their individual customers, such as their browser histories and app usage rates. If they are so interested in the private information of their customers, they should take on criminal liability for crimes committed by their customers, from piracy to identity theft to terrorism or child pornography. This is the burden of responsibility. If an ISP is truly entitled to the content of a customer’s online activity, they are responsible for that content. There is no entitlement without responsibility. This is a fundamental precept of justice that permeates the law.

If the ISP does not want to be liable for the crimes committed using their services, they must opt for the common carrier approach to providing internet and information services. The idea of ISP access to consumer data without responsibility to the consumer is not just offensive to privacy or comfort- it is offensive to the very concept of justice and fairness. It is the ISP getting something extra from a consumer in return for nothing. Forcibly taking from someone in exchange for nothing is the clearest possibly understanding of theft.

Conclusion

The data that ISPs will sell to 3rd parties is unlikely to make advertising substantially better, due to the challenges in execution. The larger issue is settling the classification of ISPs in the context of telecommunications law. ISPs can be either private enterprises or common carriers. They cannot continually shift their classification from moment to moment to suit convenience, reaping rewards and rejecting responsibility.

Update: ISPs earn their place… And they really have a cultural status.