Yesterday's excellent Freedom To Connect sessions (thanks, David I!) brought home just how hard it is to Decide What We're Talking About -- and then what to do about it.

There are many concerns about broadband policy in the US.  There are worries about ISP control over services.  There are worries about broadcast indecency rules.  We're worried about so many things.  Meanwhile, the web seems to be doing pretty well.  But not enough people are connected.

It would be good to have a list of the Ten Top Things Worried People Can Do -- and a set of talking points with which to approach each rulemaker and legislator and public figure and neighbor.  Our messaging needs massaging. 

Dan says consolidation of data access into the hands of two or three providers is the real problem (talking about Brand X and Madison River), because they'll always discriminate against competitive content.  Big bills for distributing popular content by individuals are a big problem, so P2P is the only real alternative, and the Grokster discussion is most important. 

The key message is "don't make me ask for permission." I'm all for ensuring that competitive modes of access to online resources exist -- baseline access.  But it's a difficult step to take to ensure more than that.  And providers should have the chance to offer more (and different) services if they want to. 

These sessions are interesting -- it's still not clear what a proto-activist would do to agitate to change the world of online access.

At a Grokster forum this afternoon (graciously hosted by GW), the power of the Nimmer copyright treatise was on display.  There is really no caselaw on contributory copyright liability for "inducement."   In 1911, Justice Holmes said that "the most innocent objects may be used for unlawful purposes."  But the case in which he said this wasn't about inducement -- it was about direct infringement.  Since then courts really haven't discussed "inducement" in the copyright context, except as part of boilerplate lists.

Tom Perrelli of Jenner & Block is a very skilled and thoughtful lawyer.  He told us this afternoon that the Nimmer treatise describes two branches of contributory liability in copyright.  One branch covers active encouragement/inducement, and the other covers distribution of products.  So all the talk about inducement during today's argument has ample support -- from the Nimmer treatise.  Cindy Cohn of EFF said at one point during the discussion [paraphrasing]:  "We discovered a new branch of copyright infringement liability today.  It must be because it's cherry blossom season in Washington." 

Why do we depend so much on copyright treatises?  I heard a talk by Ann Bartow last week about the power of the Nimmer treatise (among other treatises), and Perrelli's comment today seemed to bring this back around.

One of Perrelli's central points this afternoon was the following question:  "Is this [Grokster] the kind of innovation we should be fostering?"  That's the content industry's goal.  Sure, we're all for innovation.  But shouldn't we be careful just what kind of innovation we allow? Hmm?  (As readers will anticipate, that last "Hmm" was intended to be humorous.)

Perrelli also makes the point that the "rule" of Sony isn't all that clear.  If it provides such strong protection for innovation, why has there been so much litigation over what it means?  He noted that petitioners were pleased that the Court spent so little time focusing on the dominant aspects of respondents' arguments -- parsing Sony and being told to go to Congress -- and so much time swimming in the difficulty of establishing what the right rule for contributory liability should be.  Another panelist piped up and said that it's a mistake to think that the business community even knows what the Sony rule is, so how could they possibly be relying on it?  (Hmm.) 

I'm looking forward to the blogging about the argument. The Court did not find this an easy case, either procedurally ("bizarre!") or substantively ("what about the iPod?").  No one is predicting a clear win for either side.     

Given everything that's going on in communications policy, David Isenberg's conference -- coming up later this week -- is particularly timely.. 

Did you know that the US Congress is in charge of all devices worldwide?  Let me explain.

Legislation that has something to do with computers often uses the defined term "protected computer."  I recently looked up that definition, which is found in 18 USC Sec. 1030(e)(1).  It's an emotionally powerful definition.  It's breathtaking.  It's almost spiritual in its sweep.

First, the term "computer" is defined as:

an electronic, magnetic, optical, electrochemical, or other high speed data processing device performing logical, arithmetic, or storage functions

In other words, any device you can think of that has something to do with data processing.  That's a lot of devices.  But wait -- there's more:

and includes any data storage facility or communications facility directly related to or operating in conjunction with such device

So that means any wires or wireless communications or storage or almost anything else you can think of that is associated with communications or devices.  Anything.

Luckily, Congress was sensible and excluded from this definition:

automated typewriters or typesetters, portable hand held calculators, or other similar devices.

Phew.  Your slide rule is not included in the definition of "computer."  But everything else is.

Now we know what a computer is -- what's a protected computer?  Well, in addition to devices used by financial institutions, a protected computer is a computer that:

is used in interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States.

So a protected computer is any device, anywhere, that "affects" commerce or communication by the US.  That could mean every single router, wire, backbone, gateway.  That means the internet is a protected computer.

Where am I going with this?  Well, both the SPY BLOCK act, S. 687, and the SPY ACT, HR 29, use this defined term "protected computer."  The Spy Block Act, for example, says it's unlawful for anyone who isn't an "authorized user" of a protected computer to cause software to be installed secretly on that computer.  It's illegal to prevent a "user" of a protected computer from having an opportunity to knowingly grant consent to that installation.

The sweep of this illegality is amazing.  It will be unlawful for any communications device to experience automatic installations that aren't upgrades or network security fixes.  That's really something.

We're in control.    

Halliburton managed to get audit reports of its Iraq expenses (including $108 million in overcharges) designated as confidential, and thus not subject to disclosure to reporters (or legislators).

DeCSS was originally claimed to be a trade secret.

EFF has a "patent busting project."  What are examples of the most unlikely and most abusive uses of the law of trade secrets?  There's a story here.

Anything a company generates that is the subject of reasonable secrecy-maintaining efforts by the company (and that has economic value because it is secret) can be a trade secret.  Things that aren't copyrightable or patentable may be trade secrets.  Shh.  I'd tell you what's going to happen next, but I can't -- it's a secret.  

I'm talking tomorrow about the intersection between the qualified reporter's privilege and trade secret law.  If you feel like reading a beautiful but quite long decision about the contours of the qualified privilege, here [pdf] it is -- from Judge Sweet of the SDNY not long ago.

The law of trade secrets is ripe for abuse.  It's under-theorized and over-puffed by venture capitalists and IP lawyers.  In an era of secrecy and a time of privatization of government functions, any Administration (and certainly this one) could figure out routes using trade secret law to block publication of just about anything. 

Our poor First Amendment.  It's being trumped all over the place. 

Two definitions for plangent: (1) loud and resounding, as in "plangent bells," and (2) sad or plaintive.  Both these definitions fit the tech policy world today -- the alarm bells are ringing both loudly and...sadly.

Just today, the governor of Utah signed into law an unconstitutional bill that will lead to massive overblocking of innocent web sites.  (Read the CDT analysis.)

Sen. Burns and Sen. Wyden today introduced yet another spyware bill that will likely have substantial unintended consequences.  It covers all devices "used in interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States."  (We're in charge!) It probably covers all software that is secretly installed (with exceptions -- I haven't seen the final text).  There's no telling how the bill will be construed -- it's very broad. 

I'm sure spyware legislation will pass, and I'm concerned about the precedent it will set for the design of code by legislatures.

Next Tuesday, the Grokster and BrandX arguments will be heard in front of the Supreme Court.  These two cases are linked in a deep way that may not be widely reported.  In Grokster, the content industry is trying to ensure that developers of new applications have to ask permission -- the content community wants to make sure that infringement has been frustrated. 

In BrandX, the DOJ/FBI is trying to ensure that developers of new applications have to ask permission -- the law enforcement community wants to make sure that applications are easily tappable.  (FCC has probably made a deal with the DOJ that it will apply CALEA obligations to information services if DOJ fights on FCC's behalf for judicial deference to FCC's determination about the regulatory classification of cable modem service.)

And we may want to worry about software defined/cognitive radios.

Therefore, send not to know for whom the bell tolls.

Michael Geist has a new column up today about ISP "accountability" and it's very worth reading.  Geist proposes some baseline requirements for ISPs.  His proposals don't wander into content control issues but do provide for nondiscrimination (against VoIP and other applications), adequate treatment of spam, and adequate responsbility for the privacy and security of consumer data.

What Geist is proposing is sensible.  My concern is that the content community is also proposing global ISP accountability.  Their kind of accountability is very different from the Geistian contribution.  The content industry would like to see international treaties make ISPs liable in lots of ways for activities occurring across their wires.

There really are black helicopters in the global sky.  The content guys are looking for global broadcast flag mandates [ppt] and they'll be working on the analog hole next.  

So I worry that the good-faith, reasonable, sensible Geistian step will morph into something much less reasonable all too easily.

HR 29, the SPY ACT, has a section requiring that "information collection programs" (or ICPs) provide notice and obtain user consent before they are transmitted or installed.  ICPs also have to have particular functions.

Today's question:  Would this section, if enacted into law, amount to compelled speech in a noncommercial setting -- and thus be unconstitutional?

Here's how this might work.  "Information collection programs" are defined as "computer software" that either collects personally identifiable information and sends it to someone else or uses it to display ads -- or software that collects information about the web pages accessed by the computer and uses that information to trigger ads.

There's no requirement that the software be commercial.  More generally, it's not clear that this software would fit under the Supreme Court's definition of "commercial speech."  Yet ICPs are required by this section to present particular statements -- e.g., "This program will collect and transmit information about you.  Do you accept?" 

Requiring the use of particular labels and notices is arguably a violation of the First Amendment right "to refrain from speaking at all." (from the Supreme Court's opinion in Wooley v. Maynard).  As the Supreme Court put it in Riley v. National Federation of the Blind of North Carolina: "Mandating speech that a speaker would not otherwise make necessarily alters the content of the speech. We view [doing so] as a content-based regulation of speech."

Although it is true that commercial speech receives less protection than non-commercial speech, and that disclosures can be required to keep commercial speech from being deceptive, it is not at all clear that software swept within the SPY ACT is necessarily commercial speech.

The Supreme Court has identified three factors which, when they're all present together, identify commercial speech: (1) an advertisement; (2) mentioning a specific product by name; that is (3) economically motivated speech.  Software transmitted to users and networks -- even software that ends up triggering ads -- does not necessarily meet this standard.

And even if software is commercial speech, it is not necessarily misleading or part of an illegal activity -- the threshold inquiry for regulation of commercial speech under the Supreme Court's jurisprudence.  As the Court said in Zauderer, "Our recent decisions involving commercial speech have been grounded in the faith that the free flow of commercial information is valuable enough to justify imposing on would-be regulators the costs of distinguishing the truthful from the false, the helpful from the misleading, and the harmless from the harmful."

Source code has been held (at least by the Sixth Circuit) to be expressive, pure speech that is protected by the First Amendment.  So you'd have to show a compelling interest in restricting the speech and you'd have to convince a court examining the Act that the restriction was necessary and narrowly tailored.  

The SPY ACT doesn't seem narrowly tailored, because it may sweep innocent speech within its scope and may be too vague to be predictable.  And, of course, it doesn't deal with offline data abuses/surveillance practices of which users may not be aware.

This question is easier for CAN-SPAM, because it's clear that that act is focused on commercial speech.  I'm not as certain about the constitutionality of the SPY ACT. 

First Amendment mavens: please comment.

Acting on a tip from a well-informed source, I trundled off to Primanti Bros. tonight.  The cheesesteak sandwich they sell, from top to bottom, is made up of:  (1) meat, (2) cheese, (3) french fries (4) cole slaw, (5) tomatoes.  It's sort of a french fry delivery device.

On the menu, it says "PITTS-BURGER CHEESE STEAK (#2 Best Seller)."

I ask:  "What's the best-selling sandwich?"

Guy says: "The cheesesteak."

I say: "But it says #2 Best Seller."

Guy says:  "It doesn't say #2 best selling sandwich."

I say:  "Oh.  What's the #1 Best Seller?"

Guy, pleased, says: "Beer."

Dah-DUM.

As requested by one of my fellow conference attendees:  the ultimate in empirical work (via discourse.net).

At Mike Madison's kind invitation, I'm in Pittsburgh.  I passed what Mike identified as the largest free-standing Gothic structure in the world.  I said, "I know what that is -- that's the Cathedral of Knowledge."  Mike said, "No, that's the Cathedral of Learning."

It's always a good idea to be mindful of death.  Bach thought about death all the time; Sherwin Nuland wrote, beautifully, about how we die. An online "death clock" can helpfully predict your last day, but I wouldn't trust it.  The NRA has its own clock up, just to show how harmless firearms are.  Just in case you might run into a disoriented doctor, or a misfiring shotgun, it's best to live as if each day was the last. 

My old law firm sent out an email today saying that John Pickering had suffered a severe stroke and was in grave condition.  I had an office next to John's for several years. I always enjoyed sitting down and talking with him.

The first time John Pickering ever appeared in court to argue a case was at the U.S. Supreme Court. Only a few years out of school, the former clerk to Justice Frank Murphy was appointed to represent an indigent defendant. Murphy's beliefs in protecting the rights of the individual inspired Pickering to develop one of the most influential and diverse records in Supreme Court advocacy. He played a major role in cases that defined the limits on presidential authority (Youngstown v. Sawyer), checks and balances between the branches of government (Powell v. McCormack), civil rights (NAACP v. Claiborne County, Mississippi), and physician-assisted suicide (Vacco v. Quill). More recently, Pickering has been a leading legal mind in the right-to-die debate, an issue he has repeatedly taken back to where he started: the Supreme Court.

Good news from the DC Circuit today, which issued an opinion asking for further facts about petitioners' right to be in front of them complaining about FCC's jurisdiction in the broadcast flag matter.  Everyone (including, apparently, the FCC) assumed quite reasonably that the petitioners had every right to be there -- in other words, everyone thought petitioners had "standing."

But the DC Circuit wasn't so sure about it.  Under the applicable legal standard, you have to show a concrete, particularized, actual/imminent harm from an administrative rule in order to complain about it.  The petitioners in this case include the American Libraries Association, Public Knowledge, and EFF.  (Things would have been simpler if a single consumer electronics manufacturer had wanted to face the ire of the content community and join the lawsuit.) 

At oral argument, petitioners' concrete etc. harm was sharply questioned -- how was one consumer's harm any different from that of the rest of the populace?

The court has given petitioners two weeks to provide statements of facts showing special harms caused by the broadcast flag rule -- and has provided some helpful hints:  show us whether any of your members are engaged in storing TV broadcasts and sending them to distant locations; show us whether you'll be hindered in lawful copying and distribution; show us whether your member-educators (if you have any) will be hindered in distance education efforts.

I think this court wants to find standing.  Once this legal threshold is in place, the court can walk right in and declare that the FCC had no jurisdiction to adopt the flag rule.  And we'll be back at Congress.

The implications of this case are much broader than they may appear on the surface.  FCC is asserting very broad jurisdiction over anything associated with the overall circuit of messages sent and received via all interstate radio and wire communication.  The Madison River flap of two weeks ago is part of this overall picture.  I don't think the FCC's powers extend beyond what is specifically given them by Congress -- and Congress hasn't given the FCC the internet, PCs, or consumer electronics devices.

When this hot potato is back in Congress's lap, it should act to lead the world in self restraint.  Don't do it.  Don't let one industry (content, law enforcement, or telecom) control another (high-tech innovation) without a strong social consensus to do so.

ICANN has posted its suggested .net agreement.  The new draft puts the ICANN Board and the Names Council firmly in control of the registry's future, and represents a substantial change to the existing registry contracts.  No one gave ICANN the power to do this, and it is strange that no approval by anyone -- including the US Dept of Commerce -- is being sought to make this happen.  ICANN is taking the occasion of the .net rebid to restructure its entire relationship to the world.

It takes a lot -- too much -- to explain this issue to people who aren't closely involved with ICANN.  This, of course, is part of the problem.  ICANN can operate in great obscurity because it is simply too difficult (and too time-consuming) to understand what is going on.  But I'm going to try to spell this issue out briefly.

The central deal behind the creation of ICANN was that the businesses who ran registries and registrars would agree, by contract, in advance, to new generally-applicable policies.  This was a tremendously innovative approach taken to solve a difficult problem.  ICANN has no delegated governmental power to act.  Its role is to recommend additions to the root zone server, and work with IP registries on allocation of IP addresses.  (Already the eyes of non-ICANN groupies are starting to glaze over.  But stay with me -- this won't take long.) 

It was clear that changes to the ways registries and registrars operate might be needed someday.  But how could ICANN ask registries and registrars to change the way they operate without any power?  The answer that was dreamed up at ICANN's creation was that decisions could only be imposed on registries by consensus.  This is the same way that actual technical standard-setting bodies operate. 

Consensus is a hard word to understand.  It doesn't mean that everyone agrees to go along.  It means only that most people affected by a particular rule are in favor of it, and that opposition comes from people who are either unaffected or who are trying to hijack the process for unjustifiable or wrongful reasons.  The ICANN deal was that registries would go along with policies adopted by consensus as long as that consensus was adequately documented.  Registries would have a right to appeal if consensus didn't really exist.

ICANN staff never liked this deal very much.  But in the intervening years, a number of policies that have been the subject of documented consensus have in fact been adopted.  The consensus process has worked.  The idea was, and is, that there would be very few global policies, and that most things would be left to local, registry control.

In recent years, ICANN has changed its bylaws to ensure that the ICANN Board can (with a vote of the Names Council in support) simply adopt policies.  (I wrote about this here [pdf])  This didn't match the existing contractual scheme, but ICANN went ahead and did it anyway.  ICANN didn't want to have to wait to adopt things that were demonstrated and documented.  It wanted to have a relatively quick process driven in large part by voting.   

Now ICANN is ready to take the next step:  to conform the contracts it has with registries to match its view of itself as a regulator.  That's what this net draft represents.  Although the draft refers to "consensus policies," that's an Orwellian reuse of the words -- these new policies can be established if enough numbers of the Names Council want to beat up on a particular registry, and vote to do so.  That's very different from the documented process established by the original contracts.

I'm an ICANN supporter.  I think the ICANN experiment in governance is a good one.  But ICANN needed to remain true to the idea of consensus (which was working, by the way) rather than move into simply imposing rules without accountability or legitimacy. 

Whoever wants to run .net really has no choice -- they have to sign this contract.  This isn't negotiable, as a matter of reality.  But I wanted to note that this particular element in this draft contract represents a substantial move into an unaccountable future for ICANN, and an unpredictable future for registries and registrars.

Patrick Radden Keefe has his first book out.  It's called Chatter, and it's a page-turner.  It forces us to focus on the longstanding, stop-at-nothing informational ties among Britain, the US, Australia, Canada, and New Zealand.

I knew that these countries cooperated closely on consumer protection and policing matters, but I hadn't realized how broad the relationships among the five were, and I didn't know about the unimaginable amount of data they make available to one another.  (Constraints on local law enforcement's abilities to spy are dignified and appropriate, but irrelevant -- constitutional protections aren't barriers when your cousins across the ocean can spy on your citizens for you.)  The US seems to act in a somewhat hoggish manner, taking in more than it divulges, but there's plenty of activity all the way around.

Chatter forces a change of perspective.  Most of our disputations about privacy and identity theft and the rest seem like the banter of hobbyists in light of the real information flows that Keene documents.  Privacy legislation in the US might mitigate some private company uses of data, but it seems as if there is always a way for the highest levels of national security agencies to get access to whatever they need for whatever purpose.  While citizens occupy themselves with the activities of legislators and regulatory agencies -- and credit bureaus -- the real conversation may be elsewhere.

What effect does all of this have on online life?  As groups form happily online, doing their work and padding around chatting amiably, does it matter that they're being watched?  Perhaps it doesn't.  Perhaps there's just too much to watch, and the patterns that these useful groups create aren't of any interest to the watchers.  Or perhaps the watched won't know they're watched until later.

Cardozo was visited by Seth Waxman this past week.  Waxman did a number of great things -- he gave a public talk about the SG's office, taught a class (about Roper v. Simmons, the juvenile death penalty case he successfully argued last fall), had lunch with students to talk about his capital defense work, and taught a moot court master class.

Waxman speaks in a measured way.  (We had a distinguished French jurist visiting us who was absolutely captivated by Waxman in part because Waxman was so easy to understand.)  You believe everything he says.  He's not pedantic, but he never falters and he hardly needs notes.  His sentences and paragraphs have structure and direction, and he is completely prepared.  He even carefully prepared for the students' moot court class, taking the made-up problem very seriously and questioning the oralists closely. 

He told us that he thinks of himself as teaching the judges (and Justices) before whom he argues.  They're very smart students, and they'll take him apart if he says something too sweeping, but he something to convey to them that is worth their time.

Watching Waxman at work was a joy.  I'm sure he prepares a great deal for every public appearance he makes, but he carries things off effortlessly.  He is an exceptional teacher.

Brian Leiter's advice to people considering going on the law teaching market does say:

"Teaching is an enormous pleasure, as well as a wonderful learning experience; if you don't think you'll enjoy teaching, you probably want to re-think whether you want to pursue an academic career."

But that's all that Leiter says about teaching itself.  Most of his advice has to do with how to get a teaching job. 

There are very very few Seth Waxmans out there who know what they're talking about and can convey their thoughts clearly.  Waxman himself, of course, is busy in front of the Supreme Court.  If he ever wants to spend more time in the classroom, he'll be quite a catch for the finest law schools in the land.

Back in November 2004, representatives of the MPAA said that they were interested in working with Internet2 to find ways to manage illegal filetrading on that network.

A few days ago, Jon Ippolito posted a manifesto claiming that the MPAA/Internet2 collaboration "could give media conglomerates a chokehold on the 21st-century Internet."

Then someone else responded, saying that Ippolito had all of his facts wrong.  Routers remain dumb in Internet2.  Sure, multicasting is possible, but that's also part of Internet1, and no digital rights management is built in.

So what is the nature of the collaboration between MPAA and Internet2?  It's at least interesting to wonder.

PS:  A helpful person writes to me to say that there's nothing glamorous about Internet2.  It's just a collection of big pipes between particular destinations.  Same address space, same DNS space, same protocols.

More than 650 people are going to gather tonight in Washington to celebrate CDT's last ten years.  Legislators, lawyers, friends, lobbyists, visionaries -- it will be quite a crowd. 

CDT has played a key role.  Just this week, they questioned a new state bill that would create ISP blocking obligations, and suggested to the FTC that they sue deceptive download sites.  They're at the very center of the spyware debate.  They're at the very center of the debate over law enforcement's request to have online applications built to be easily tappable.  They're fighting for online privacy legislation.  They're writing amicus briefs.  They're defending the First Amendment.  All with just a few people involved.

Several things set CDT apart from any other policy group I know of.  They know what they're talking about, they serve a crucial convening role, and they care about the future of the internet.  Bravo to CDT!

Back in December 2004, Apple sued several John Does for allegedly releasing confidential information about a new Apple product.  Under the auspices of that lawsuit, Apple had requested subpoenas for information from three web sites (ThinkSecret, AppleInsider, and PowerPage), asking for information about the identity of the source of the leak.  According to EFF (counsel for two of the three sites), Apple has asked for a subpoena to be issued to PowerPage's ISP, Nfox.  Last Friday (three days ago), the judge in the case preliminarily ruled that these subpoenas should not be quashed.

EFF is arguing that a blogger is entitled to a reporter's privilege (under the First Amendment and the California shield law) not to reveal his sources.  So far, the judge isn't convinced -- or is of the view that even if the reporter's privilege applies, Apple's need for the information outweighs the reporter's need to protect his sources.

It seems to me the outcome (if not the reasoning) of the judge's preliminary ruling is right.  Bloggers are certainly journalists.  There is no principled distinction between one and the other.  (Gillmor on this.)   But as long as we're being principled, breaches of trade secret confidentiality are not the stuff of democratic transparency.  It's important to protect sources who are leaking government information -- that's democracy at work.  It's not as important to protect sources who are allegedly breaking promises to keep information confidential. 

In my view, the reporter's shield (like anti-SLAPP motions in California) should be reserved for information/sources that actually have something to do with the democratic process.  Let's allow judges to carry out this weighing of the importance of the reporter's privilege.  An absolute rule ("never force reporters to divulge sources") will weaken that privilege when we need it the most -- when reporters are reporting on government corruption. 

The lists were alive today with messages and stories about the FCC's consent decree [doc] with Madison River Communications, LLC.  This is an extremely troubling development, in my view.

From Madison River's site, it looks as if most of its operations are common carrier telephone companies.  But at least part of the LLC is an ISP (a broadband provider), and FCC has fined that ISP for blocking VoIP services -- by blocking ports so as to interfere with the connectivity between equipment people have at home to use Vonage, and Vonage's servers.

Three major points here:

1.  There are many reasons why an ISP might want to provide different levels of service or block particular ports.  If the ISP fails to disclose that to customers, that's a problem.  But if the ISP does disclose, and does block, customers who are unhappy can just go somewhere else (provided adequate competition exists).

2.  FCC has no jurisdiction over ISPs.  (Although the parent company here is a telephone company, the ISP is not a common carrier.)  It seems to be hanging its hat on that familiar weak (now buckled) reed: ancillary jurisdiction.  But FCC has not been delegated power by Congress [lengthy doc] to make rules about what ISPs can or cannot do, just as it hasn't been delegated power to make rules about what PC manufacturers and consumer electronics companies can do.

3.  This may seem like a benevolent thing to do -- force an ISP to carry VoIP traffic.  But the power to do this benevolent act carries with it the power to do anything to an ISPs service.  That "power to do anything" is an enormous regulatory stretch for the FCC that should not be assumed.  It could lead to:  "don't allow devices to be attached to a broadband connection that permit copyright infringement," or "don't allow an ISP to provide broadband service unless it is piped directly to law enforcement," or other rules that no one gave FCC the authority to make.

It's clear that FCC's intent is to stop this ISP from blocking VoIP for purely anticompetitive reasons.  But the consequences of the FCC's assertion of power are enormous.  They shouldn't have done it.

Bad news, good news from today.  Beatallica, a band that combines Beatles music/lyrics with Metallica lyrics, is being beaten up by Sony lawyers and has taken down its sites for the time being.  Thousands of people are rallying to Beatallica's side, but it takes a lot of federal judges to decide whether something is funny -- and Beatallica may not want to fight for its affirmative parody defense.

But the good news:  Dell's CEO said yesterday that both Congress and the courts (and let's include the FCC) should avoid imposing restrictions on ways consumers use computers and other devices to listen to digital music and watch movies.  Finally, a device manufacturer who is willing to stand up and say something about the value of innovation.  There may be a business model for the content industry that is not based on litigation.

I'm just so pleased, so chuffed, at Yahoo!'s birthday netrospective.  It's beautiful.

World Net Day in 2006 will coincide with Earth Day.  This makes sense, because the net has become a resource for the world, like air and water, that needs to be paid attention to.  When's Earth Day, you ask?  Well, this year it's on April 22.  And next year it's also on April 22nd.  It's always on April 22nd.  So, now that we know the date, what should we do?   

Yahoo!'s netrospective is just the kind of thing that World Net Day should encourage.  We need to celebrate and protect the net -- we also need to add more people to the net.  And the idea should be to encourage many different projects to emerge.  No one organization can pretend to control or manage World Net Day.  Why can't World Net Day be a day to make sure there's greater connectivity in Africa and South America?  Can we encourage a World Net Day tag to emerge, and use the aggregated data to build a monument to the net -- online?  Can we help people do something simple and artistic that has enormous aggregated impact online? (making art by 10 million people at once)  Can we get designers involved to help us help the net visualize itself, for 24 straight hours, and then create displays that show that dynamic image?  We somehow have to make this into a new plant form -- a fun and interesting evolution of designs that let us "see" the net. 

It's going to be a gratifying day of extraordinary online events, made up of many many people doing simple things that create beauty and interest.  April 22, 2006.

There's a review [link will go out of business too soon] today in the Times of "House/Lights," a play (if that's an adequate word for it) being put on now at St. Ann's Warehouse by the Wooster Group. It's a play on Gertrude Stein's play on the Faust legend, fused with with Joseph Mawra's B-film classic "Olga's House of Shame."

But it's really a review of life in the 21st century: 

The world according to the Wooster Group is the world that most of us live in now - any of us, that is, who spend time with some kind of computer, cellphone, television and/or recording device. Heck, just take a stroll through that open-air sound-and-light show called Times Square, land of giant television screens and walking telephone conversations, and you'll be in the terrain mapped by the Wooster Group.

The company has become the American theater's most inspired and articulate interpreter of an age in which machines mediate between the perceiver and the perceived, between subject and object. In its productions of the last 15 years in particular, it has increasingly specialized in ravishing, meticulous marriages of live and recorded performance that make it shatteringly clear reality ain't what it used to be.

What is real?  What's a reproduction?  Does it matter?  In The Recognitions, by William Gaddis, there's an enormous scene with a very skilled forger of paintings.  The forger says that all of the reproductions of his works in magazines are calumnies.  Someone else says, coldly, "Every piece you do is calumny on the artist you forge."  And then the forger says this:

It's not.  It's not, damn it, I . . . when I'm working, I . . . do you think I do these the way all other forging has been done?  Pulling the fragments of ten paintings together and making one, or taking a . . . a Durer and reversing the composition so that the man looks to the right instead of left, putting a beard on him from another portrait, and a hat, a different hat from another, so that they look at it and recognize Durer there?  No, it's . . . the recognitions go much deeper, much further back.   [The experts can test all they want, but] they don't just look for a hat or a beard, or a style they can recognize, they look with memories that . . . go beyond themselves, that go back to . . . where mine goes.

All the pastiche and collage and reproduction we see online is just as real as any "original."  It's real enough.

The big copyright tussle, the ancient battle between content and technology, is going into a new phase.  Now it's all about product liability. 

Here's how the argument goes:

1.  Failing to design something so as to constrain copyright infringement is just like failing to design something so as to avoid injury.  When the foreseeable risks of harm posed by the product could have been reduced or avoided by the adoption of a reasonable alternative design, failure to use that alternative design renders the product not reasonably safe.

2.  Failing to keep people from infringing copyrighted materials using technologies is just like failing to warn consumers of the dangers of that technology.  When the foreseeable risks of harm posed by the product could have been reduced or avoided by reasonable instructions or warnings, their omission renders the product not reasonably safe.

3.  So copyright protection is really a matter of consumer protection.  That's why 40 state AGs filed a brief supporting the grant of cert in the Grokster case.  They're worried about the injuries (child pornography, spyware) being caused to their constituents through the continued existence of peer to peer software.

4.  Bad design and failure to warn give rise to liability for product manufacturers -- the same should be true for manufacturers of copying devices and technologies. 

This is a brilliant move.  It captures so much of our current sensibilities:  McDonald's should be liable if we eat too much; tobacco companies should be liable if we smoke too much; Xerox should be liable if we copy too much.  This move has the potential to target everyone in the chain of distribution -- anyone who made a dime out of anything that was eventually used to infringe, whatever their intent was.

But it's absolutely crazy.  Manufacturers of flammable clothing can be liable because people are hurt when that clothing burns.  The point is that we're trying to protect people from being hurt by the products they use.  But you can't be injured by a consumer electronics device.  The copyright tort injury is felt (if it's felt at all) by someone thousands of miles away in Hollywood. 

Even though it's absolutely crazy, it's clearly worth a try.  The tough issues in a "failure to warn" case will cost defendants zillions of dollars to fight against -- what's a "foreseeable risk" of copying?  what are "reasonable instructions or warnings" that might have lessened the infringement?

Time to re-read The Hunting of the Snark. 

But the Judge said he never had summed up before;
So the Snark undertook it instead,
And summed it so well that it came to far more
Than the Witnesses ever had said!

When the verdict was called for, the Jury declined,
As the word was so puzzling to spell;
But they ventured to hope that the Snark wouldn't mind
Undertaking that duty as well.

So the Snark found the verdict, although, as it owned,
It was spent with the toils of the day:
When it said the word "GUILTY!" the Jury all groaned,
And some of them fainted away.

Today's activity was a panel dedicated to discussing Peter Swire's proposals to revise the PATRIOT Act.  It was a terrific panel -- Peter really knows what he's talking about, and so does Patricia Bellia, and so does Richard Phillips, counsel to Sen. Leahy and the Senate Judiciary Committee.  All I had to do was direct traffic.

Peter Swire's paper on the Foreign Intelligence Surveillance Act of 1978 (and the changes to it made by PATRIOT) is well worth reading.  It's very clear.  FISA was a grand compromise that has been substantially undermined by PATRIOT -- much broader permitted searches, authorized at lower levels, with less of a nexus to foreign intelligence gathering required, are all now possible under PATRIOT.

Richard Phillips seemed pessimistic that any of this could be narrowed in the current environment.  We might, he suggested, be able to do something about the powers of the Foreign Intelligence Surveillance Court to review and authorize records requests (and release gag orders about them eventually).  But it's an uphill battle.

A key part of the policy discussion about all of this has to be resisting the claimed newness of this post-cold war age.  The same arguments are made over and over again -- evil is rampant, we have to give up our civil liberties to respond.  In fact, the world hasn't changed so very much, and it doesn't require new laws, new bureaucracies, or new asymmetries of information to deal with the current situation.  But try telling legislators that.  You won't win.

First the good news:  It seems clear from published reports of this morning's argument that at least two members of the DC Circuit don't think the FCC has jurisdiction to issue the flag rules. 

"You're out there in the whole world, regulating. Are washing machines next?" asked Judge Harry Edwards. Quipped Judge David Sentelle: "You can't regulate washing machines. You can't rule the world."

That's great.  And it has enormous implications for the future of internet regulation.  The FCC is using the same "ancillary jurisdiction" argument to support its efforts in "social policy" regulation of IP-enabled services.  Now the FCC will have to rethink -- and will have to go up on the Hill to seek statutory authority.  This will be a battle. 

Now, the bad news.  It sounds as if Judge Sentelle didn't think much of plaintiffs' standing (ability to claim injury and seek the help of the courts) to challenge the broadcast flag rules.  It seems to me that the libraries certainly have special injury here -- they won't be able to make fair use of materials in ways that otherwise are guaranteed them.  Because the library association is a plaintiff in the flag case, there's a good chance that they can answer the standing questions that were raised today.  And I'm also hopeful that the DC Circuit judges involved wouldn't have said so much about the merits of the jurisdiction arguments if there wasn't standing to begin with.

On balance, it's a great day for the internet.  If only some consumer electronics manufacturers would see their longterm interests more clearly -- it has to be more important to be able to innovate in ways consumers will like than to build to a required standard that no consumer wants.  There is no market demand for the broadcast flag.

Now, I don't like the word "whither" any more than you do.  But this Reuters article was circulating today and it seemed to call for a "whither."

It's a short story, so let's do a close reading.

A U.N.-sponsored panel aims to settle a long-running tug of war for control of the Internet by July and propose solutions to problems such as cyber crime and email spam, panel leaders said on Monday.

We're going to decide what "internet governance" is by July?  And we're going to propose solutions to cybercrime and email spam?  Wow.  Here is the preliminary report [pdf] that Nitin Desai, Chairman of the Working Group on Internet Governance, has transmitted to the WSIS Preparatory Committee and the ITU.  This report isn't as brave as the Reuters story; in fact, it seems to be quite limited -- although WGIG is still planning to submit "proposals for action.. on the governance of the Internet."

Right now, the most recognizable Internet governance body is a California-based non-profit company, the International Corporation for Assigned Names and Numbers (ICANN).

But developing countries want an international body, such as the U.N.'s International Telecommunication Union (ITU), to have control over governance -- from distributing Web site domains to fighting spam.

"There is an issue that is out there and that needs to be resolved," said Nitin Desai, chairman of working group and special adviser to U.N. Secretary-General Kofi Annan

It's clear that Desai has ICANN in his sights.  But ICANN has absolutely nothing to do with "fighting spam," and even having that subject reflected in the Reuters story reflects some deep confusion on someone's part. 

ICANN doesn't do internet governance.  ICANN makes recommendations about what gets added to the root (new TLDs) and has some role in allocating IP addresses, but ICANN absolutely does not approve new internet protocols.  ICANN has nothing to do with how packets get routed or any other key internet agreements.  ICANN gets the respect and deference of ISPs and network operators --  a very thin (and unwritten) form of respect.  There's no governance there -- and, so, there's nothing for the UN to take over.

So, fine, solve cybercrime and spam by July.  It will be interesting to see how this happens -- and what on earth ICANN has to do with this effort.

I did the first in a string of talks about spyware today.  My fancy-schmanzty software (MindManager -- I thought it would be great) crashed over and over again before I started, so I gave up and just talked.  I did not blame or even mention the software problem (this is similar to not blaming the horse who throws you to the ground).   

Boy, do we have a long way to go on this issue.  Some people say it's all about privacy.  Other people (including Utah) say it's really about unauthorized uses of trademarks prompting unauthorized ads (or sponsored links).  I'm saying it's all about oppressive relationships, and we have lots of law to deal with these relationships already.  But because of relatives and cluelessness (bet you there are lots of legislators with relatives who have spyware problems), legislators are swinging for the fences on this one.

 Just as the broadcast flag is really about control over the design of devices, the spyware debate is really about control over the design of code.  We should be cautious in legislating these design decisions -- no matter how pernicious particular stories/examples are -- because our language for these distinctions is so impoverished.  We don't know and can't describe in advance what "bad software" will look like two months from now.  HTML?  JavaScript?  Cookies?  What's "bad" and needs notice and consent?

Someone asked me how to make a trackback show up on a blog.  Here's how:

1.  Find a good blog.

2.  Find an entry and copy the URL for the "permanent link" to that entry.

3.  Create a link to that entry in your own blog.

Yahoo! has rolled out a new service, Y!Q, that allows for contextual searching -- on web pages, through a blog, whatever.  Yahoo! blogs about it here.

It's a pretty neat tool.  Is it spyware?