Adam Thierer's Blog, page 100

After the NSA's aggressive pursuit of a greater role in civilian cybersecurity, and last week's statement by Sen. John McCain criticizing the Lieberman-Collins bill for not including a role for the agency, some feared that the new G.O.P. cybersecurity bill would allow the military agency to gather information about U.S. citizens on U.S. soil. So, it's refreshing to see that the bill introduced today–the SECURE IT Act of 2012–does not include NSA monitoring of Internet traffic, which would have been very troubling from a civil liberties perspective.

In fact, this new alternative goes further on privacy than the Liberman-Collins bill. It limits the type of information ISPs and other critical infrastructure providers can share with law enforcement. Without such limits, "information sharing" could become a back door for government surveillance. With these limits in place, information sharing is certainly preferable to the more regulatory route taken by the Liberman-Collins bill.

It seems to me that despite Sen. McCain's stated preference for an NSA role, the G.O.P. alternative is looking to address the over-breadth of the Lieberman-Collins bill without introducing any new complications. The SECURE IT bill is also more in line with the approach taken by the House, so it would make reaching consensus easier.

I'll be posting more here as I learn about the bill.

Cross posted from JerryBrito.com

Tomorrow Sen. John McCain, along with five other Republican senators, plans to unveil a cybersecurity bill to rival the Lieberman-Collins bill that Majority Leader Harry Reid has said he plans to bring to the Senate floor without an official markup by committee.

At a hearing earlier this month, Sen. McCain criticized the Lieberman-Collins bill for not giving the NSA authority over civilian networks. And as we've heard this week, the NSA has been aggressively seeking this authority–so aggressively in fact that the White House publicly rebuked Gen. Keith Alexander in the pages of the Washington Post. But as CDT's Jim Dempsey explains in a blog post today,

The NSA's claims are premised on the dual assumptions that the private sector is not actively defending its systems and that only the NSA has the skills and the technology to do effective cybersecurity. The first is demonstrably wrong. The Internet and telecommunications companies are already doing active defense (not to be confused with offensive measures). The Tier 1 providers have been doing active defense for years – stopping the threats before they do damage – and the companies have been steadily increasing the scope and intensity of their efforts.

The second assumption (that only the NSA has the necessary skills and insight) is very hard for an outsider to assess. But given the centrality of the Internet to commerce, democratic participation, health care, education and multiple other activities, it does not seem that we should continue to invest a disproportionate percentage of our cybersecurity resources in a military agency. Instead, we should be seeking to improve the civilian government and private sector capabilities.

The military, and especially the NSA, has great experience and useful intelligence that should leveraged to protect civilian networks. But that assistance should be provided at arms-length and without allowing the military to conduct surveillance on the private Internet. Military involvement in civilian security is as inappropriate in cyberspace as it is in the physical world.

As Gene Healy has explained, civilian law enforcement and security agencies "are trained to operate in an environment where constitutional rights apply and to use force only as a last resort", while the military's objectives are to defeat adversaries. The NSA's warrantless wiretapping scandal speaks to this difference. "Accordingly, Americans going back at least to the Boston Massacre of 1770 have understood the importance of keeping the military out of domestic law enforcement." The Senate Republicans would do well to leave NSA involvement in civilian networks out of a new cybersecurity bill.

And FYI: I will be presenting at a Cato Institute Capitol Hill briefing on cybersecurity on March 23rd along with Jim Harper and Ryan Radia. Full details and RSVP are here.

Cross posted from JerryBrito.com

Sen. Carl Levin wants Facebook to pay an extra $3 billion in taxes on its Initial Public Offering (IPO). The Senator claims the Facebook IPO illustrates why we need to close what he calls the "stock-option loophole." (He explains that "Stock options grants are the only kind of compensation where the tax code allows companies to claim a higher expense for tax purposes than is shown on their books.") He wants Facebook to pay its "fair share" and insists that "American taxpayers will have to make up for what Facebook's tax deduction costs the Treasury."

One could object, on principle, to Levin's premise that tax deductions "cost" the Treasury money—as if the "national income" were all money that belonged to the government by default. One could also point out that Mark Zuckerberg, will pay something like $2 billion in personal income taxes on money he'll earn from this stock sale—and that California is counting on the $2.5 billion in tax revenue the IPO is supposed to bring to the state over five years.

But the broader point here is that Sen. Levin wants to increase taxes on IPOs—and any economist will tell you that taxing something will produce less of it. IPOs are the big pay-off that fuels early-stage investment in risky start-ups—you know, those little companies that drive innovation across the economy, but especially in Silicon Valley? So, while Sen. Levin singles out Facebook as an obvious success story, his IPO tax would really hurt countless small start-ups who struggle to attract investors as well as employees with the promise of large pay-offs in the future.

It's especially ironic that Sen. Levin proposed his IPO tax just a day after GOP Majority Leader Eric Cantor introduced the "JOBS Act," a compilation of assorted bi-partisan proposals designed to promote job creation by helping small companies attract capital. That's exactly where we should be heading: doing everything we can to encourage job creation by rewarding entrepreneurship. Sen. Levin would, in the name of fairness do just the opposite—and, in the long-run, almost certainly produce less revenue by slowing economic growth.

And just to underscore the drop-off in tech IPOs since the heydey of the dot-com "bubble" in the late 90s, check out the following BusinessInsider Chart:

 

Paying close attention to language can reveal what's going on in the world around you.

Note the simple but important differences between the phrases "open government" and "open government data." In the former, the adjective "open" modifies the noun "government." Hearing the phrase, one would rightly expect a government that's more open. In the latter, "open" and "government" modify the noun "data." One would expect the data to be open, but the question whether the government is open is left unanswered. The data might reveal something about government, making government open, or it may not.

David Robinson and Harlan Yu document an important parallel shift in policy focus through their paper: "The New Ambiguity of 'Open Government.'"

Recent public policies have stretched the label "open government" to reach any public sector use of [open] technologies. Thus, "open government data" might refer to data that makes the government as a whole more open (that is, more transparent), but might equally well refer to politically neutral public sector disclosures that are easy to reuse, but that may have nothing to do with public accountability.

It's a worthwhile formal articulation and reminder of a trend I've noted in passing once or twice.

There's nothing wrong with open government data, but the heart of the government transparency effort is getting information about the functioning of government. I think in terms of a subject-matter trio—deliberations, management, and results—data about which makes for a more open, more transparent government. Everything else, while entirely welcome, is just open government data.

Time Warner Cable (TWC) has announced it will once again attempt an experiment with usage-based pricing (UBP) for its broadband services. (News coverage here, here, and here.) The company gave UBP a shot a few years ago and some consumers, regulatory advocates, and lawmakers howled in protest. The radical activist group Free Press called for immediate policy action and former Rep. Eric Massa's (D-NY) was happy to oblige with his proposed "Broadband Internet Fairness Act," which would have let the FCC decide whether such pricing plans were permissible.

For their latest UBP experiment, TWC goes out of its way to avoid controversy, primarily by making it clear the plan is entirely optional. Here's what their consumers are offered as part of what is being labelled it's "Value Edition" plan:

Up to 5GB/month of data transmission for a $5/month discount from one's current monthly bill. All Standard, Basic and Lite broadband customers will be eligible. Turbo, Extreme and Wideband customers will continue as always, with access to unlimited broadband and no optional tiered plan or discounts.
The ability to opt-in and opt-out of a tiered package at any time.
A "meter" that tracks usage on a daily, monthly, weekly or even hourly basis, enabling customers to accurately gauge usage. Below is an example of the hourly meter:
A 60 day/2 billing-cycle grace period to allow customers to adjust usage patterns. During this time we will notify customers of overages but won't charge for them.
Overages will cost $1 per GB, not to exceed a maximum of $25/month.

It's hard to see how anyone could be against this and I was pleased to see that Harold Feld of Public Knowledge didn't automatically dismiss it and, in fact, had some rather favorable things to say about it. Nonetheless, as UBP schemes begin to multiply — and they will — we can expect some of the same old concerns and criticisms to surface. Many folks hate the sound of differential pricing / price discrimination, believing it to be annoying at best or unfair at worst. But price discrimination and UBP techniques are all around us in the real world.

The important thing to keep in mind here is that pricing experimentation is good, not only because it can save consumers money and more fairly allocate costs, but because it helps pay for future investments and innovations in high fixed cost / low marginal cost industries like broadband. I won't go into all the details about why I'm particularly fond of a "Ramsey pricing" (a two-part charge that would involve a flat fee for service up to a certain level and then a per-unit or metered fee over a certain level of use) approach because I've said it all here before. See:

Smartphones & Usage-Based Pricing: Are Price Controls Coming (July 12, 2011)
Netflix Falls Prey to Marginal Cost Fallacy & Pleads for a Broadband Free Ride (July 8, 2011)
Why Congestion Pricing for the iPhone & Broadband Makes Sense (October 7, 2009)
The (Un)Free Press Calls for Internet Price Controls: "The Broadband Internet Fairness Act" (June 17, 2009)
Free Press Hypocrisy over Metering & Internet Price Controls (June 18, 2009)
Bandwidth Cap Hysteria & the Alternative  (October 4, 2008)
Once Again, Why Not Meter Broadband Pipes?  (September 7, 2007)
Why Not Meter? (March 12, 2007)
The Real Net Neutrality Debate: Pricing Flexibility Versus Pricing Regulation (October 27, 2005)

While I think some variant of UBP makes a great deal of sense for broadband (whether its wired or wireless), I believe it is essential that public policy remains agnostic regarding which pricing techniques are optimal and instead lets ongoing marketplace experimentation figure that out for us. It may be that different companies devise different pricing schemes in an attempt to differentiate themselves from competitors or potential new entrants. Let the experiments continue! I look forward to watching the Time Warner Cable experiment and others like it.

On the podcast this week, Clay Johnson, co-founder of Blue State Digital and former director of Sunlight Labs at the Sunlight Foundation, discusses his new book, The Information Diet. According to Johnson, America's diet of mass-produced unhealthy food has resulted in an obesity epidemic and we may be seeing the same thing when it comes to our media diet. He believes the problem is not too much information, rather it is the quality of information that people choose to consume. Johnson encourages more responsibility in choosing information intake, similar to what is required to make healthy food choices. He ends by outlining a plan of action and offers tips on consuming "healthy" information.

Related Links

"The Information Diet", by Johnson"How to Start Your Information Diet", lifehacker.com'Plug In Better': A Manifesto, The Atlantic

To keep the conversation around this episode in one place, we'd like to ask you to comment at the webpage for this episode on Surprisingly Free. Also, why not subscribe to the podcast on iTunes?

I'm pleased to report that the Mercatus Center at George Mason University has just released my huge new white paper, "Technopanics, Threat Inflation, and the Danger of an Information Technology Precautionary Principle." I've been working on this paper for a long time and look forward to finding it a home in a law journal some time soon.  Here's the summary of this 80-page paper:

Fear is an extremely powerful motivating force, especially in public policy debates where it is used in an attempt to sway opinion or bolster the case for action. Often, this action involves preemptive regulation based on false assumptions and evidence. Such fears are frequently on display in the Internet policy arena and take the form of full-blown "technopanic," or real-world manifestations of this illogical fear. While it's true that cyberspace has its fair share of troublemakers, there is no evidence that the Internet is leading to greater problems for society.

This paper considers the structure of fear appeal arguments in technology policy debates and then outlines how those arguments can be deconstructed and refuted in both cultural and economic contexts. Several examples of fear appeal arguments are offered with a particular focus on online child safety, digital privacy, and cybersecurity. The  various  factors  contributing  to  "fear  cycles"  in these policy areas are documented.

To the extent that these concerns are valid, they are best addressed by ongoing societal learning, experimentation, resiliency, and coping strategies rather than by regulation. If steps must be taken to address these concerns, education and empowerment-based solutions represent superior approaches to dealing with them compared to a precautionary principle approach, which would limit beneficial learning opportunities and retard technological progress.

The complete paper can be found on the Mercatus site here, on SSRN, or on Scribd.  I've also embedded it below in a Scribd reader.

Technopanics and Threat Inflation [Adam Thierer - Mercatus Center]

Over at Forbes I have posted some thoughts on the new privacy framework (Consumer Data Privacy in a Networked World) that the Obama Administration released today. In my essay, "The Problem with Obama's "Let's Be More Like Europe" Privacy Plan," I hammer home the same point I've made here before many times: Regulation is not a costless exercise. No matter how well-intentioned regulatory proposals may be, they can often have unforeseen, unintended consequences. This is equally true for privacy controls. I discuss how a new privacy regulatory regime could drive up prices for services that currently are free or inexpensive, limit new digital services and innovations, create barriers to entry for new entrants and entrepreneurs, negatively impact the competitiveness of existing U.S. Internet operators, and, more generally, increase the horizons of government power over the Internet.

For a more detailed analysis of these issues, I encourage you to check out my big Mercatus Center filing to the FTC last year on privacy and Do Not Track regulation. Also, here are few TLF essays that summarize my skepticism about expanded privacy controls:

Isn't "Do Not Track" Just a "Broadcast Flag" Mandate for Privacy?
Privacy as an Information Control Regime: The Challenges Ahead
Obama Admin's "Let's-Be-Europe" Approach to Privacy Will Undermine U.S. Competitiveness
Lessons from the Gmail Privacy Scare of 2004
When It Comes to Information Control, Everybody Has a Pet Issue & Everyone Will Be Disappointed
And so the IP & Porn Wars Give Way to the Privacy & Cybersecurity Wars
Book Review: Solove's Understanding Privacy

The White House's "Consumer Data Privacy in a Networked World" report outlines a revised framework for consumer privacy, proposes a "Consumer Privacy Bill of Rights," and calls on Congress to pass new legislation to regulate online businesses. The following statement can be attributed to Berin Szoka, President of TechFreedom, and Larry Downes, TechFreedom Senior Adjunct Fellow:

This Report begins and ends as constitutional sleight-of-hand. President Obama starts by reminding us of the Fourth Amendment's essential protection against "unlawful intrusion into our homes and our personal papers"—by government. But the Report recommends no reform whatsoever for outdated laws that have facilitated a dangerous expansion of electronic surveillance. That is the true threat to our privacy. The report dismisses it in a footnote.

Instead, the Report calls for extensive new regulation of Internet businesses to address little more than the growing pains of a vibrant emerging economy. "For businesses to succeed online," President Obama asserts, "consumers must feel secure."  Yet online businesses that rely on data to deliver innovative and generally free services are the one bright spot in a sour economy. Experience has shown consumers ultimately bear the costs of regulations imposed on emerging technologies, no matter how well-intentioned.

The report is a missed opportunity. The Administration should have called for increased protections against government's privacy intrusions. Focusing on the real Bill of Rights would have respected not only the Fourth Amendment, but also the First Amendment. The Supreme Court made clear last year that the private sector's use of data is protected speech—an issue also not addressed by this Report.

Szoka and Downes are available for comment at media@techfreedom.org.

Congress freed up much-needed electromagnetic spectrum for mobile communications services Friday (H.R. 3630), but it set the stage for years of wasteful lobbying and litigating over whether regulators should be allowed to pick winners and losers among mobile service providers.

The wireless industry has thrived in the near absence of any regulation since 1993.  But lately the Federal Communications Commission has been hard at work attempting to change that.

A leaked staff report in December helped sink AT&T's attempted acquisition of T-Mobile.  And the commission has taken the extraordinary step of requesting public comments on an agreement between Comcast and Verizon Wireless to jointly market their respective cable TV, voice and Internet services, beginning in Portland and Seattle.  Nothing in the Communications Act prohibits cable operators and mobile phone service providers from jointly marketing their products.

FCC Chairman Julius Genachowski objected to a previous version of the spectrum bill which, among other things, would have prohibited the commission from manipulating spectrum auctions for the benefit of preferred entities.  The limitation was removed, and Sec. 6404 provides that nothing in the legislation "affects any authority the Commission has to adopt and enforce rules of general applicability, including rules concerning spectrum aggregation that promote competition.

The common thread is a determination limit the size of leading firms for the benefit of smaller or less successful wireless competitors, such as Sprint, T-Mobile or approximately 100 other entities.  Conventional theory implies that more equally-sized competitors yield lower prices for consumers.  In this case, however, if a wireless service provider cannot obtain additional spectrum to meet growing demand for its service, it could be forced to raise prices in order to reduce network congestion rather than lower prices to sell more service.

The FCC tried a similar "pro-competition" experiment in the late 1990s.  Seeking to promote retail competition in local telephone service, the commission ensured that new entrants got below-cost wholesale access to incumbent networks.  It also delayed the incumbents from competing in the long-distance market to ensure their obedience.  These policies precipitated a disastrous investment bubble that burst in 2000-02.  Meaningful voice competition eventually emerged from the wireless and cable industries, which are subject to minimal FCC oversight.

Congress gave the commission wide-ranging powers in 1934 to tame telephone monopolies and award "scarce" broadcasting rights to "worthy" men.  Although technological innovation has radically reduced the economic and physical barriers to competition, influential commercial and ideological special interest groups refuse to let go of power and privilege.

Free Press, one of the most strident of the FCC's ideological clients, claims that the Comcast-Verizon Wireless joint marketing agreement would "put an end to any hope for nationwide competition between truly high-speed Internet service providers, while dousing any chance of next-generation wireless services competing against cable and telco broadband."

Free Press is the same group that argued in 2007 that wireless and wireline broadband services are completely different products.  "They are not comparable in either performance or price; they are not substitutable services; and they are certainly not direct competitors."  That was a snapshot, not a trending analysis.  Pew Research found in 2010 that 59 percent of U.S. adults now access the internet wirelessly.  And according to the FCC, nearly 70 percent of the U.S. population can choose between four or more wireless broadband providers.  Now even Free Press acknowledges that next-generation wireless services can compete against cable and telco broadband.

Free Press also predicted in 2007 that "carriers that dominate the wireline broadband market are highly unlikely to offer a wireless broadband product that can potentially cannibalize their wireline marketshare."  But this is exactly what Verizon and AT&T are doing with the roll out of faster fourth generation mobile broadband networks.

If the wireless market is difficult to predict, that is because it's still a dynamic arena where innovative providers compete to offer superior coverage, reliability and functionality.  It is not a mature commodity market where retail price is the only basis of competition, everything else being equal.

If regulators create obstacles for firms that have invested wisely and operate efficiently, to make it easier for rivals catch up, they reduce the incentive to innovate.  Ultimately the best way to achieve the lowest prices is to maintain incentives for private investment in bigger and faster networks.  If investment is discouraged as a result of regulation, there is a danger wireless service providers will have no choice but to ration service to relieve network congestion.

With wireless device and service providers delivering constantly improving products and services, it is not clear there is anything regulators can or should do to promote consumer welfare besides conducting efficient auctions in which spectrum can be assigned to the highest bidders and approving spectrum license transfers between willing buyers and sellers.