Do you remember archy and mehitabel?

"expression is the need of my soul," declares Archy, who labored as a free-verse poet in an earlier incarnation. At night, alone, he dives furiously on the keys of Don Marquis' typewriter to describe a cockroach's view of the world, rich with cynicism and humor. It's difficult enough to operate the typewriter's return bar to get a fresh line of paper; all of Archy's dispatches are written lowercase, and without punctuation, because he is unable to hit both shift and letter keys to produce a capital letter.

Don Marquis introduced Archy in 1916.  By 1927 Archy was putting out quite a bit of poetry:

i met a toad
the other day by the name
of warty bliggens
he was sitting under
a toadstool
feeling contented
he explained that when the cosmos
was created
that toadstool was especially
planned for his personal
shelter from sun and rain
thought out and prepared
for him

(The toad goes on to explain that there must be a purpose to the universe, and that the universe's purpose is to serve the toad.) 

Around the same time, in 1920, e.e. cummings is writing poems like "In just-".

N Just-

But now neither Archy nor Cummings is at all unusual.  No one uses capital letters any more.  Who cares about punctuation?  Their typography has lost its shock value.  We're completely used to the way Archy writes.

There are probably at least two generations now who would never care if you wrote "i" and abbreviated everything.  Just another text message, you famous poet e.e. cummings you.

It's the absence of competition for broadband access in the U.S. that is causing all the anxiety about network neutrality.  If even one of the big telco/cable players was interested in providing unfettered, symmetric access we could all relax.

Wouldn't it be great if MSN, Yahoo!, and Google all got together and bought up spectrum for a competing wireless broadband network?

With the defeat of the Markey net neutrality amendment, and the passage out of the House Energy and Commerce Committee of the COPE bill [pdf], the action is moving to the Senate.

Sen. Stevens's (R-Alaska) comprehensive bill isn't public yet, but we do have a draft network neutrality amendment [pdf] being circulated by Sens. Olympia Snowe (R-Maine) and Bryon Dorgan (D-N.D.) 

It's becoming clear that a good thing that could happen this year on this front may be nothing.  Even if the well-intentioned and well-drafted Snowe/Dorgan amendment is put in place, we won't necessarily have the unfettered internet that SaveTheInternet wants.

The amendment requires broadband providers "not to block, interfere with, discriminate against, impair, or degrade the ability of any person to use a broadband connection to access, use, send, post, receive, or offer any lawful content, application, or service made available via the Internet." 

That's good, yes.  But the bill goes on.  It provides that network providers:

(1) are allowed to offer "to users a broadband video service or other service that requires prioritization of content, applications or services," (as long as those video services don't amount to bocking or interfering), 

(2) are allowed to prioritize in a most favored nation sense (nonaffiliates get the same quality of service as affiliates),

(3) are allowed to discriminate based on "type of application," and

(4) aren't required to provide symmetric transport up and down.

Under this amendment, we're still in a swamp of provider control that will be infinitely malleable in the providers' capable hands.  What's a similar "type of application" (and who gets to decide this question)?  What's a "broadband video service"-- won't that be anything the provider prefers? What's "similar content," access to which has got to be at the same speeds under the bill?

These are hard issues.  It may not be possible to write a better "network neutrality" description that both takes the current provider structure as a given and tries to legislate an open network.  I fully accept that the drafters of this amendment did the very best they could.  I'm sure there will be many more attempts to write these concepts down.

But it would be simpler -- given the concentrated market in broadband access that we're dealing with now -- just to go back to required interconnection with competitive access providers.

With everyone talking about network neutrality, with all the heat, it didn't feel good to have to be in NY today and miss the goings-on in Washington.  I watched part of the late afternoon markup session online, with Rep. Barton sounding awfully effective as he marched steadily through Title III -- quickly taking votes, soothing congresspeople who were suggesting soon-to-be-rejected amendments, and sounding confident.  The only substantive work I heard was the rejection of an amendment that would have left in place all state laws that regulate the subjects of the bill -- like muni wireless networks.  

But the real news had already happened by the time I started to watch:  the House network neutrality amendment had been defeated largely along party lines.  Now it's on to the Senate, where arguments about the future of the internet may be more effective. 

There are some compensating things about being in NY today.  It's the city Jane Jacobs had in mind when she wrote The Death and Life of Great American Cities (a book that is comfortably applicable to online life).  Jane Jacobs died yesterday, and it's good to walk down the streets she wrote about.  She would have understood the arguments that will be made in the Senate.

From a 2001 interview with Jane Jacobs:

JJ: Well what was getting immediately under my skin was this mad spree of deceptions and vandalism and waste that was called urban renewal. And the way it had been adopted like a fad and people were so mindless about it and so dishonest about what was being done. That’s what ticked me off, because I was working for an architectural magazine and I saw all this first hand and I saw how the most awful things were being excused.

. . . . I’ll tell you something that had been worrying me: I liked to visit museums that showed old time machines and tools and so forth. And I was very struck. There was one of these museums in Fredricksburg, Virginia, which was my father’s hometown. He was from a farm near Fredricksburg. I was very struck with the way these old machines were painted. They were painted in a way to show you how they worked. Evidently the makers of them and the users of them cared about how these things were put together and how what moved what so that other people would be interested in them. I used to like to go to the railroad station in Scranton and watch the locomotives. I got a big bang out of seeing the locomotives and those pistons that moved the wheels. And that interested me how they were moved by those things and then the connection of that with the steam inside and so on. In the meantime, along had come these locomotives that had skirts on them and you couldn’t see how the wheels moved and that disturbed me. And it was supposed to be for some aerodynamics reason, but that didn’t make sense. And I began to notice how everything was being covered up and I thought that was kinda sick.

. . .  Everybody’s got a worldview whether they know they have it or they don’t. They might even get it when they are little tiny kids. Suppose they get it when they are in college which is often the case, or in high school, whatever. Everything they learn after that or every thing they see after that, they fit it into that worldview. And they are making coherence of what’s good, what’s bad, what will work, what won’t work, what’s noble, what’s ignoble, and so on…all through this filter.

There are two ways you encounter things in the world that are different. One is everything that comes in reinforces what you already believe and everything that you know. The other thing is that you stay flexible enough or curious enough and maybe unsure of yourself enough, or may be you are more sure of yourself—I don’t know which it is—that the new things that come in keep reforming your world view. . . . And a lot of these people [who build private Garden Cities] —what I am getting at—they learn something and they are so sure of it and it’s a terrible threat to them—an emotional threat. I don’t think it’s so much of an intellectual threat even. But an emotional threat that their whole worldview will have to go through that upsetting thing of being confused. . . .

With a bad Barton bill up for discussion tomorrow, and a worse DMCA expansion under consideration, all I can do is feebly point out that the internet is doing rather well without any particular help from either the prioritizing telcos or the entrepreneurial law enforcement community.

The BBC is becoming MySpace -- that's the tagline, according to the Media Guardian, but the bigger story is Mainstream Media (Well-Funded) Takes the Intelligent Plunge.  (It helps to have a license fee in your country supporting you.) 

The BBC is putting everything online, huge amounts of content, and encouraging users to mash it up, build blogs on their site, go to Web 2.0 town -- nirvana for user-created content.  The BBC is going the right direction, understanding that big media can't be authoritative any more, but also understanding that the filter/visualization/prioritization efforts the company provides will make a huge difference to users. 

BBC's site is already enormously popular.  Now it will be home -- not just a place to visit.

A recent DOJ legislative proposal claims to be about child pornography -- but it's really not.  Instead, it's designed to force online providers of speech that is legal for adults in the US (sexually explicit, non-obscene material) to label their materials.  With government-provided labels.

DOJ is also planning to ask that ISPs be required to retain data.  This isn't (really) about child pornography either.  This is about having ISPs incur enormous costs to store massive amounts of data on the off chance that law enforcement may need it.  Existing law already requires that ISPs preserve data when the government asks them to.

The former suggestion is part of an old, long battle about making it more difficult for adults to access (legal) pornography.  The latter suggestion is part of the CALEA pattern:  trying to have systems and applications designed so that they can be easily accessible by law enforcement.

In the first fight, the goal is to block access to particular online speech by the rest of us.  In the second fight, the goal is to enable perfect (and perfectly easy) access by law enforcement to everything we do online.

The costs to legal speech and lawful ISP operations surely outweigh the possible benefits of such moves.  We really need some economic analysis here.  What are we willing to do, what burdens are we willing to undertake, to make life as "safe" as possible?  Is there no limit?

The Yale Law School Access to Knowledge conference this past weekend was engaging and challenging.  There were many activists from many countries -- with many things to say.  Good blog coverage here and here.

I took notes of what Pam Samuelson said.  She's an activist who has gotten a lot done, particularly when it comes to maximalist approaches to intellectual property issues.  Prof. Samuelson is also someone who is optimistic about human nature.  Because many of the IP fights she's been involved in are now playing out -- again -- as communications policy issues, I wanted to write today about what she had to tell us on Saturday.

Prof. Samuelson's topic was the political economy of recent intellectual property debates.  Here's a paraphrased account of her remarks.

How did we get to this place?  For many of you, it is old news that the maximalist IP agenda has dominated the access to knowledge conversation in the past few decades.  We can see this as a classic public choice problem -- there are concentrated benefits available for a small group of well-organized, well-financed industry groups, diffuse costs distributed widely among the public, and a collective action problem in organizing people to recognize these costs and take effective action to thwart the maximalist agenda.

The result:  the "best laws money can buy" from the standpoint of the concentrated benefits group.

In response to IP maximalists, we spent the 1990s in an intensively defensive struggle -- writing, speaking, and lobbying.  We pointed out why the white paper/NII paper were bad information policy; why us shouldn't adopt EU style database protection; why states should not adopt proposed article 2B of the UCC (now UCITA); why WIPO treaties did not require what became the DMCA aniti-circumvention laws.

We scored some defensive victories.  The US didn't adopt database protection; UCITA is no longer alive; and the DMCA  anti-circumvention rules could have been worse.  Other white paper agenda items were not adopted in the WIPO treaty -- so we don't have an international norm on temporary copies, or strict liability for ISPs.  We have some new exceptions for digital environments and ISP safe harbors.

In the US, ISPs were putting up a fight about strict copyright liability, duty to monitor, and temporary RAM copies as infringement. And the IT industry was upset about proposed outlawing of technology if primary purpose or effect was circumventing TPMs.  We dodged one big thing:  the US has not been able to use WIPO to advance its otherwise shaky domestic IP proposals.  We were able to put together representatives of telcos, scientific researchers, and IT to make this happen.

But -- now the USTR has been captured by the IP maximalists.  "Free trade" agreements have undercut national freedoms to implement IP rules under the flexibility that TRIPS and WIPO treatives would allow (eg, DMCA without exceptions).  After so many "free trade" agreements have been put in place, we're concerned that the IP industries will insist that the US DMCA rules must be strengthened because international higher protection norms now exist.  Will they insist that we get rid of Copyright Office rulemaking?  Will they override the Federal Circuit, which has required a "nexus" requirement between circumvention and copyright infringement?

And when it comes to A2K, there is an IP maximalist agenda.  IP owners interpret the WIPO copyright treaty as having three provisions that allow control over access to content:

(1) temporary copies are reproductions, giving us exclusive right to control access to digital works
(2) the communication right gives us exclusive access rights
(3) anti-circumvention rules allow us to use technical access controls, which cannot be bypassed

A pay-per-use, technically locked down information environment hasn't happened yet, but trusted computing platforms and tech mandates may yet bring it about.  And the net neutrality debate may bring about a two-tiered internet -- with a very closed fast tier.

But there are signs of hope:

Canada has been resisting US-style DMCA anticircumvention rules.
Australia is recommending allowing noncommercial creation of tools to allow circumvention.
The WIPO development agenda is proceeding.

What we have learned is that the best defense is a good offence.  A2K provides us with a framework for a postive agenda for promoting progressive information policy.  We shouldn't just criticize IP maximalist proposals.  We have to have arguments based on a positive conception of an information society in which we want to live.  We'll win -- because the IP maximalist agenda has no moral compass, so we can appeal to a broader audience.

There's an important role for academics now.  We need to popularizing insights from research; to bridge across disciplinary commmunities; to assist in coalition building by activist organizations; and to promote A2K policy initiatives.  We should work on making progress locally.

Here Prof. Samuelson directly addressed the audience, and spoke sternly:  I am concerned about some of the writing I see.  We need less polemics and less worship.  We need more rigor and more grounding in the world.  We need to be willing to write about failures in some of these spaces.  We need to do better.

=================================================================

On the communications policy front, we need to take Prof. Samuelson's advice in several ways:

1.  We need a positive conception of the life that, say, network neutrality will bring us, and why that life is the *good* life to which the polity should aspire. 

2.  We need more rigorous economic work about why a neutral broadband network is better -- for more people -- than handing perfect control to a handful of broadband network providers.

3.  At the same time that we are being active and agenda-setting, we need to score some defensive victories.  Forestalling the adoption of a Communications Act in 2006 should be a top policy goal. 

4.  And we need to do better.

Back on April 23.

Here's a plug for Yale Law School's great upcoming conference:  Access to Knowledge (A2K).  See you there.

I've been asking people what improvements are needed in ICANN, and here is a (non-exhaustive) list that includes comments that I have received as well as my own thoughts.  Comments very welcome, here or via email.  Obviously, these suggestions are not intended to, and do not, bind the Board in any way.  This is merely a list.

1.  Transparency  [text in italic font comes from ICANN’s bylaws]

ICANN and its constituent bodies shall operate to the maximum extent feasible in an open and transparent manner and consistent with procedures designed to ensure fairness.

 1.1 Detailed minutes (example:  “SC agreed but listed the following concerns about status of MoU discussion that would need to be addressed publicly: 1, 2, 3 [details]”) to be published of Board conference calls within 5 business days of calls.

 1.2 Web site must include “a docket of all pending policy development matters, including their schedule and current status”.

 1.3 Web site must include “information on ICANN's budget, annual audit, financial contributors and the amount of their contributions, and related matters” (information is out of date)

 1.4 Manager for Public Participation must be appointed.  There shall be a staff position designated as Manager of Public Participation, or such other title as shall be determined by the President, that shall be responsible, under the direction of the President, for coordinating the various aspects of public participation in ICANN, including the Website and various other means of communicating with and receiving input from the general community of Internet users.

 1.5 We need to make better tools available for policy development purposes.

 1.6 We need to have all correspondence (not selected correspondence) to and from ICANN posted promptly online. 

  1.6.1 There should be a single point of contact at ICANN for all ICANN correspondence – a named staff member who is responsible for ensuring that letters get to the right entities/people within ICANN and are promptly posted. 

  1.6.2 All correspondence from ICANN that is closely related to ICANN’s policy development forum role (everything except, e.g., communications with meeting-services vendors) should be posted.

 1.7 We need promptly to respond to correspondence.  Both ALAC and GNSO have complained that they receive no acknowledgement for communications.

 1.8 Bloggers and large-entity journalists should be treated equally when ICANN makes announcements of “press conferences.”

 1.9 We need to publicly explain why ICANN runs a root server.

 1.10 We need to post all reports given at meetings -- preferably before the meeting.  In general, the "proceedings" of meetings should be provided online. 

2.  Accountability

 2.1 Web site must include information about availability of Independent Review.  The current page, http://www.icann.org/committees/indreview/, doesn’t give this information.  ICANN needs to post the procedures for Independent Review, information about the body with which it has made arrangements for Independent Review, and the policies that body has adopted.  . The IRP operating procedures, and all petitions, claims, and declarations, shall be posted on the Website when they become available.

 2.2 We need to formally consider whether the current Reconsideration and Independent Review procedures leave ICANN’s actions essentially unreviewed – as made clear in the recent fracas over the Reconsideration requests filed in connection with the VeriSign settlement.

3.  Reviews

 3.1 We need to have a review of the ALAC, as they have requested.

 3.2 We need to begin discussing changes to the structure of the GNSO, even before we hear back from the LSE.  The GNSO’s views of its powers, and the power that the Bylaws give them, do not necessarily fit with ICANN’s actual structure.

 3.3 The UDRP has never been reviewed.

4.  Meetings

 4.1 The Public Forum may not be working well.  A good format would be to have topics, and a panel of 3-5 staff or committee people associated with that topic, and an open microphone for the floor. Instead of a powerpoint by the staff, we could perhaps start with a staff-prepared discussion paper of no more than 10 pages, issued a week before, a short introduction by staff reviewing that paper and telling people where things stand and who is responsible for doing what, then open it up to floor, Board, staff.

 4.2 We need to treat remote participants as equals – post all emails somewhere findable, have comments routinely read (not summarized).

 4.3 We need to stop reading reports at meetings.

 4.4 Consider committing to, as of 2008, alternating between Vancouver/Toronto and Amsterdam, or Singapore and Amsterdam – two predictable locations that are major airport hubs. 
 
 4.5  We need to have ICANN staff run standardized meeting arrangements, rather than relying on local hosts to take on the expense of making these arrangements themselves.

5.  gTLD accreditation

 5.1 We need to create an accreditation process for new gTLDs that (i) involves only the following elements and that (ii) can be made quickly operational:

  1.  adequate technical ability
  2.  adequate financial status
  3.  agreement to abide by future consensus policies
  4.  gating – only X new gTLDs per year

In my view, the current “beauty contest” approach has not served ICANN or the public well.  .

6.  Other policy/operational issues

 6.1 IDNs  (much to discuss here -- what's realistic?)

 6.2 Excellence in IANA

I noticed that the GNSO Council has approved a particular statement of purpose for Whois:

The purpose of the gTLD Whois service is to provide information sufficient to contact a responsible party for a particular gTLD domain name who can resolve, or reliably pass on data to a party who can resolve, issues related to the configuration of the records associated with the domain name within a DNS nameserver.

This statement was chosen over one that would have said that the purpose of Whois was for legal actions as well. The rejected position:

The purpose of the gTLD Whois service is to provide information sufficient to contact a responsible party or parties for a particular gTLD domain name who can resolve, or reliably pass on data to a party who can resolve, technical, legal or other issues related to the registration or use of a domain name.

From my perspective -- and I'm not speaking for anyone here, and I don't know what my colleagues on the ICANN Board would say about this -- this seems like an important event.

The Whois discussion has been going on for years and years. Now we have some movement. This shows that things can happen (yes, slowly, but happen) in the ICANN context. It shouldn't be about counting noses on the GNSO council -- it should be about documented consensus. But however you demonstrate consensus, it's certainly important to pay attention to people who are worried about registrant privacy.

This is an area of work that is within the contractual "picket fence" of subjects appropriate for consensus policy development. Now there's some leadership on this subject. Of course law enforcement and intellectual property interests should have access to this information, but it doesn't necessarily have to be public to everyone (and thus subject to abuse of various kinds). This is exactly the kind of discussion that the ICANN forum should foward.

It was great to see a picture of Secretary Rice playing with her friends in DC in the Times today.

She is not the only secretary of state to pursue amateur music-making. Thomas Jefferson, the first to hold the office, was an excellent violinist who played chamber music, especially Baroque trio sonatas, throughout his political career. But back then, playing music at home was commonplace.

Not so today, in the era of recording technology, when you can hear almost any piece from the entire history of music by switching on an iPod. The trade-off is that so few people know the personal joy of making music. Whatever else she is to political supporters and opponents, Ms. Rice may be the most prominent amateur musician in the world right now, which is big news for classical music.

Okay, so maybe this was a transparent attempt by the Bush administration to raise its sagging ratings by appealing to amateur musicians.  (They'll stop at nothing!)  But it's still great to see.

Back in November 2002, the Walt Disney Company was a member of the "Coalition of Broadband Users and Innovators."  Here's the letter the Coalition sent asking that the FCC ensure that "transmission network operators do not encumber relationships between their customers and destinations on the network."

A couple of weeks ago (March 2006), the Walt Disney Company said something quite different:

Walt Disney CEO Robert Iger weighed in on the network neutrality debate Monday with an opinion guaranteed to please his hosts here at the TelecomNext show -- in that he doesn't think any new legislation is needed.

"We appreciate the pledges made" by the telecom and cable companies not to block or degrade services, applications or content, Iger said at the end of his keynote presentation. "We do not support any [Network Neutrality] legislation at this time."

Now, the 2002 letter didn't evince much trust in the telcos.  Why the change of heart?

As of March 2006, Disney has deals with Verizon (according to the article linked to above).  What's in these deals? 

The MPAA (of which Disney is a member) has always wanted to get rid of P2P.  In 2002, the MPAA filed a short paper with the Senate Judiciary Committee reporting progress on three goals:  implementing the broadcast flag, plugging the analog hole, and "[p]utting an end to the avalanche of movie theft on so-called ‘file-sharing” services, such as Morpheus, Gnutella, and other peer-to-peer (p2p) networks."

Someone needs to look into the contractual relationships between network providers and movie studios carefully.  Is it possible that the network providers have agreed to help Hollywood eradicate P2P, and that in exchange Hollywood has decided to actively oppose the network neutrality policies it argued for in 2002?

Two years ago, you'll remember, someone did a survey showing that about three-quarters of the office workers who walked by were willing to give up their passwords in exchange for a chocolate bar.  Other surveys show that passwords will be given up for cheap pens or for nothing at all -- just because someone asked. 

In a world in which users will sell their passwords for a candy bar, or a cheap pen, or just because someone asks, why are we worried about privacy?  Heck, kids don’t seem to care about privacy at all, and they’re a key demographic, so let’s do everything we can – let’s get deep into the online narrative of people’s lives; let’s find ways to get them the most useful content, personalized ads, and psychically appropriate materials we can...

We care about privacy because we live in a weirdly split world.  Yes, people will sell passwords for a candy bar, and yes they’ll sign up to have supermarkets track everything they do – willingly.  But there are tipping points when people suddenly get extremely nervous and upset about tracking behaviors they weren’t aware of – and then they go wild. 

These aren’t (really) legal concerns.  There isn’t a broad online (or offline) privacy law regime in the US.  In fact, it’s very difficult to tell what is meant by privacy.  It’s sometimes as if kids are standing yelling at someone else:  “you invaded my privacy!”  One thing is clear – things computers are good at, like collecting and aggregating and slicing and disseminating data – are often viewed as informational privacy issues.  And particular kinds of data (about health and money and kids) being processed by computers is of particular concern.

So companies care because people and legislators and attorneys general care about privacy, in a somewhat faddish way.  Companies also care because it’s the right thing to do -- so they use fair information practices and make their best guesses at how things will work.

I believe that within the next year or so there will be a tremendous privacy-related backlash related to search/advertising and social network applications.  It will come from some unexpected direction, despite the best efforts of online search companies' inside and outside advisors to keep it from happening.  It will come because people don’t realize how public the internet is. Every once in a while, people wake up and realize what search engines/advertisers know about them, and it worries them enormously.  And they write letters and organize boycotts, and all of this activity can be enormously harmful -- as Sony found in connection with the root kit episode [pdf; fine Ed Felten and Alex Halderman paper].  

I also believe that all of the privacy-related energy directed at the application layer (at social networks and portals and search engines) may be missing the point.  The real story in this country about privacy will be at a lower layer – at the transport layer of the internet.  The pipes.  The people who run the pipes, and particularly the last mile of those pipes, are anxious to know as much as possible about their users.  And many other incumbents want this information too, like law enforcement and content owners.  They’re all interested in being able to look at packets as they go by their routers, something that doesn’t traditionally happen on the traditional internet. 

The network owners will point out that there are lots of good reasons for this – in a sense, it’s like turning the internet into a mobile phone network.  Everything on a mobile phone network is tracked and known to some central authority.  We don’t (really) have spam or viruses on mobile phone networks, and that’s because packets can be authenticated.  Someone is in charge. 

The connection between broadband providers and law enforcement is very tight, and so the connection between the information gathered by these providers and law enforcement access to this information will also be very tight.  Maybe that’s fine.  We swing back and forth – right after 9/11 we were only mad about commercial uses of data, and the government could do no wrong.  Now the pendulum is going in the other direction – we are beginning to be upset about what the government knows about us. 

But let’s start with social networks.

MySpace, Xanga, Flickr, Facebook.  Hugely popular, full of people, MySpace second only to Yahoo! in page views, and has more people visiting than NYTimes.  

These sites are easily publicly searchable and viewable, although you have to register for MySpace and Xanga to look around,  and have a college email address for Facebook.

Oddly, people using these spaces may feel that they’re just having a conversation with their friends, not thinking about large-scale, perhaps automated searches/hunts about them carried out.  This is like being on a live TV interview, and seeing only the guy across from you, and not realizing that anyone can see you in the world.  This kind of belief that the internet is a special area, not subject to usual policing, has recently come into conflict with the desires of actual police to track people down who are listed in these spaces.  Princeton has caught people scaling buildings and drinking – both against campus rules – by searching these spaces, and Wikipedia has a whole page of campus/actual police raids of these spaces.  Not to mention the records created for future employers and political enemies to check.  (The comments on Ed Felten's blog have guided me in writing this.)

So this strangeness of assuming it’s a private space is running headlong into reality.  Most of the social clues on these sites seem to indicate that you’re just talking to a small group, because comments come from people you know or who are repeat players.  Users really don’t see EULAs or privacy notices.  What they see is a warm community that seemes to care about them, and they don’t monkey with the defaults made available to them that could shield their information from people they didn’t know.  Facebook supports this understanding:

We built Facebook to make it easy to share information with your friends and people around you. We understand you may not want everyone in the world to have the information you share on Facebook; that is why we give you control of your information. Our default privacy settings limit the information displayed in your profile to your school, your specified local area, and other reasonable community limitations that we tell you about.

When people wake up and realize that MySpace and Facebook are not private, they will experience a kind of loss of innocence, and they may even take down their sites.  Some are prognosticating that a long, slow backlash against Web 2.0's social applications is now going on.  The recent embrace of a deli.cio.us "no-sharing" setting for tags seems to support this trend. (see also isolatr and snubster.

More seriously, a student in Toronto was recently suspended for making a death threat against a classmate as well as Dickens and Shakespeare on Myspace.  A man, 23, flies from Georgia to Minnesota to find a 15 year old he imagines he is in love with, and the evidence shows they kept in touch via Myspace.  There are a couple of murders that seem to connect to Myspace.

On the other hand, we won’t see social collapse because of people showing their profiles to others.  We love to see our fellow humans talking about themselves.  It’s like that great documentary series, 7-Up, tracking children across their lives (which someone should give me someday) -- completely gripping.

So what happens when Yahoo! buys Facebook, or MSN?  Facebook is said to want $2 billion, and they turned down an offer for $750 million.  Does all of this stuff become even more searchable?  Does that make people feel betrayed?  I don’t know, but I suspect it will.

And what happens when all of these applications become reachable by all mobile devices?  Phones signal their locations constantly, as long as they are on.  Wireless companies need this business, because mere wireless phone service isn’t really worthwhile any more.  So they want to be able to allow you to wirelessly look up names and browse social software message boards.  

The next step, which is not so very far away, will be the ability for someone to create a detailed dossier of your life.  The idea is that all the pictures of you (taken by friends) and uploaded to Flickr could be recognized through biometric identifiers.  The place of uploading can be determined because someone will know what phone was used – and all devices will have their own IP address (although the IETF has made sure that this number isn’t necessarily linked to its hardware identification, the phone's ISP will know).

Now, good things can happen this way – people can meet up and murders can be solved

But what about the looseness of online life and the free speech found there.  Will this be chilled?

I don’t think so.  But we will need to have better education about what happens when you interact with one of these social software applications, and make far better disclosures about what happens potentially to the information you share.  Visual signals about what’s going to happen to your data might be a great idea.

Recently, six agencies cooperated to substantially simplify Gramm Leach Bliley disclosures by creating a prototype financial privacy notice.  The end result is you can’t do much to limit disclosure of your data, but at least you knew that.

Speaking of police searching social network sites, it seems to me likely that the privacy backlash will come from some combustible combination of commercial plus law enforcement use of social network data.

Some background here:  Our government has an insatiable desire for data, and outsources the collection of enormous amounts of it to avoid the operation of surveillance laws.  This is leading to an unstable situation – the GAO reported recently that data being gathered/paid for isn’t necessarily accurate, and health data isn’t necessarily kept secure, yet it stays around forever.

A couple of recent events brought this home.  The NSA scandal, reported in the NYT in Dec. 2005:  President Bush had authorized warrantless wiretapping of people – telephone calls and internet communications -- on US soil without express statutory authority.  (John Dean has said that Bush is acting just like Nixon.)  There’s an argument over whether Bush had authority under an Authorization to use Military Force in Afghanistan, but it’s questionable.  EFF has sued AT&T, pointing out that AT&T essentially opened its electronic doors to the govt, collaborating in what was arguably an illegal domestic spying program.  The DOJ has kept the documents at the heart of that case from coming out, but it’s clear that what DOJ was doing was datamining enormous amounts of records, finding relationships and patterns.

So – three things are working together here, a toxic combination of a view of the presidency as being beyond the law, a view by citizens that the internet is somehow “safe,” and collaborating intermediaries who possess enormous amounts of data. 

The recent Google subpoena case fits here as well.  Again, the government was seeking a lot of data to help it prove a case, and trying to argue that Google was essential to its argument.  Google justly was applauded for resisting the subpoena, but the case is something of a double-edged sword.  It made people realize just how much Google has on hand.  It isn't really a privacy case, because all that was sought were search terms and URLS stored by Google -- no personally-identifiable information.  But still this case sounds an alarm bell in the night.

Just imagine what the search engines and social networks know about us – how useful they are as a kind of Easy button for law enforcement to use to pull together previously-unimaginably rich data.

But the real privacy story isn’t in social software applications or search, even though there will undoubtedly be some enormous privacy backlash soon.

The real privacy story is, as I said at the beginning, in the depths of the pipes, where the network operators are seeking control.  First, all packets won’t be equal, and second, network providers will be tracking who is using their network, what IP addresses are doing what.

Prioritizing packets requires looking at them, and looking at them makes it possible for much more information to be available.  Cisco, in particular, has a strategy it calls the “self-defending network,” which boils down to tracking much more information about who’s doing what.  All of this plays on our desires for security – everyone wants a much more secure network, right?

So, long story short:  the real battle over privacy has to do with how much the telcos will know (when they are our only ISPs) and who they’re willing to share it with, and how much they’re willing to do with it.  This battle is being fought around the world, but it's a lopsided fight. 

To sum up this overly long post:  social networks are rich minefields for privacy backlashes, particularly when combined with governmental desire for data; but law enforcement desire for data may lead, with the telcos' cooperation, to the reality of perfectly surveilled and authenticated networks -- making the powers of MySpace seem irrelevant. 

So online companies need not only to have the best practices for social data, but also to support their voices in Washington fighting for an open internet.  It’s a hard fight and the telcos are way ahead of us.

Just a year ago, I gave a talk at David Isenberg's 2005 Freedom to Connect conference.  I said, essentially, that we should be careful in asking for regulation to protect the net, because the power to protect carries with it the power to constrain.  This was a very troubling message for the audience, and the chatroom projected behind me went wild with disapproval.

Since then, I've become very concerned about the concentration in broadband service provision in this country, and worried that there won't be any competition for unfettered internet access.  We clearly need better empirical evidence of what's actually going on, but the risk is that even now investments aren't flowing into new applications that will produce enormous secondary value for us.  Because those applications may need unfettered bandwidth and won't be able to pay for prioritization, venture capitalists won't fund them.  I'm also concerned about the future of the internet ecosystem, and the path dependencies that will be created by the network providers' plans.

The report of this year's Isenberg conference includes this summary of a debate between Tim Wu and Martin Geddes, who squared off about "network neutrality."  Martin makes some good points -- particularly about not wanting the FCC to try to design the internet.  And Michael Powell has weighed in sowing doubts about regulatory intervention.

It's a hard problem.  The latest Barton bill is being marked up today and may end up resolving things in the telcos' favor, according to rumor. 

As I've said in the past, we need better empirical evidence -- both CAIDA-style and antitrust-style -- about the state of the broadband marketplace in the U.S. today.  Until we have that, it's hard to say how the net is being harmed or what we should do about it. 

How about this:  let's create a Draconian set of escalating remedies (injunctions, escalating damages, structural separation mandates) and write them down in careful detail.  Let's say that unless the network providers show over the next two years that they are not, in fact, illegitimately shaping network management in order to favor their own business plans, these remedies will be put in place -- two years from now.  This delayed-action regulation might be easier to push through, and might just make the providers toe the line.  If they do, we'll all be rewarded by solidified consumer expectations of an unfettered, blazing-fast internet for everyone.

I began April 1 by leaving the hotel in Wellington, NZ at 5am; I ended it by arriving in Greenwich Village, NYC, at 10:30pm.  I keep trying to mentally calculate how many hours that was, but I'm too tired to get the same answer twice in a row.

It's an indication of just how badly things are going for telecom policy in this country that TWO well-respected people just posted to well-respected policy listservs the confident announcement that a terrible Telecom Act of 2006 had passed Congress in the middle of the night.  They did this with saddened alarm.

They had fallen for an April Fools' joke, but ... it's understandable.  They took as valid a posting by Benton's Communications-Related Headlines that said:

In votes cast in the wee hours of Saturday morning, the House and Senate passed, by narrow majorities, the Telecommunications Competition and Investment Act of 2006. President Bush signed it without a ceremony after a quick return from a visit to Mexico just a few hours ago. Because of the timing of the votes -- held when even C-SPAN cameras were dark -- and the President's signature, coverage of the new legislation is spotty. The Telecom Act of 2006, as some are already referring to the bill, aims to increase competition in the video delivery market by allowing easily entry for telephone companies like AT&T and Verizon. Apparently, the process for awarding truly "national" franchises has been streamlined for these new entrants so that they may simply inform the Securities & Exchange Commission of their intent to provide video services before beginning to bill consumers. The complex provisions related to Universal Service, critics are already saying, will redirect up to 30% of USF funds to just four states: Alaska, Texas, Illinois and Montana.

Funny, right?  Of COURSE the SEC notification is ridiculous; of COURSE there won't be billions going to the home states of key Commerce Committee members.  But it feels as if anything is possible these days.

The Benton tomfoolery post continues:

In addition, the legislation phases in spectrum fees on all licenses beginning in Fiscal Year 2007 and ends the use of "unlicensed" spectrum. Municipal telecommunications networks, including so-called "Wi-Fi" networks, will be prohibited beginning January 1, 2008.

Hah! Unbelievable, right?  But there's more:

Finally, the bill aims to end the "Net Neutrality" debate by 1) allowing network operators to discriminate between traffic if it is "economically advantageous," 2) relying solely on "market-driven agreements" to determine interconnection and 3) restricting use of a network by the terms of service agreed to when subscribing.

The best jokes cut closest to the bone, prompting a shocked laugh of recognition.  That's what the much-forwarded Benton post did, because all the Benton folks had to do was slap together slightly-enhanced versions of the current network owners' rhetoric.  Wise minds were fooled.

Another April Fools' razor-sharp joke:  New York Metropolitan Transit Authority Outlaws Speaking on Subway.