-
Website
http://techliberation.com/ -
Original page
http://techliberation.com/2008/12/05/more-on-copyright-enforcement-and-surveillance/ -
Subscribe
All Comments -
Community
-
-
Top Commenters
-
Popular Threads
All Comments
Fine: if I choose to continue this debate, I will do so elsewhere. You may not like the results of that—you would probably have been better served had our debate remained in the comment section of your posts on TLF, something I would have been content to do but for your run-and-rethread tactics. But markets are a harsh mistress—they discipline our thoughts and acts by letting us make our own choices, and live with their consequences.
At any rate, I must assume that this is why you created this new thread, Tim, because the comment that you have highlighted does not “make a really good point,” it regurgitates an infantile fallacy.
The Internet does not confront us with a bipolar choice between anarchy and a police state. Indeed, that argument is not just wrong, it is a threat to freedom that would never be made by anyone familiar with human history. Sadly, through the ages, many people really have been forced to choose between authoritarianism and anarchy. Those familiar with this history know why artificially forcing this choice upon those of us lucky enough to live in 21st Century America would have predictably tragic consequences.
Indeed, even were the silly extremes that you posit the only choices compatible with a TCP/IP-based Internet, then a sensible third path forward would remain: we could choose to abandon the fatal mistakes and unacceptable costs of TCP/IP and re-engineer a means of interactive, digital communications and data exchange compatible with rational forms of human governance and consentual, bilateral exchange.
And to be clear, Tim, I am not arguing that a TCP/IP-based Internet involves “fatal mistakes and unacceptable costs.” You are. Indeed, you are using a “blog dedicated to keeping politicians' hands off the 'net” to revive the argument that Lessig used, in his 1999 book Code, to argue for government control of the Internet: Both you and Lessig argue that private property rights are now a threat to liberty because bilateral, consentual, market exchange requires means of identifying persons, and any such means will inevitably turn the Internet into a “panopticon” of pervasive government surveillance.
But again, you and Lessig draw opposed conclusions from the same premise. Lessig posits this silly, bipolar choice and argues that people must opt for authoritarianism. You posit the same choice, and argue for anarchy. Here, Lessig has the great weight of human history on his side.
Thanks again for your views. --Tom Sydnor
PS: For the benefit of TLF readers, I also reproduce, below, the comment that Tim would apparently prefer that you not see.
Tim, your characterizations of my beliefs and those of others at PFF are too obviously wrong to require any response. I do think it worth clarifying a few points, however.
I did not argue that ISPs are or should be required by law to maintain IP-address records. But the law does state that those internet access providers who wish to avail themselves of the sweeping limitations on copyrights provided by 512(a) must take a few simple measures--like having and reasonably implementing a policy of terminating repeat infringers--that cannot be taken by an access provider who cannot reliably identify anyone. The law imposes no penalty upon ISPs who fail to qualify for 512(a); it simply declines to grant them a privileged status superior to that accorded to any other class of entities or persons.
As to my claim that the London-Sire order has unfortunate implications for those seeking to enforce federal laws or rights other than copyrights, there is a difference between "making a scary argument" and "acknowledging reality."
Reality is simple: File-sharing networks are used by identity thieves, pedophiles, and terrorists. If failures to keep reliable IP-address records begin seriously compromising the investigation and prosecution of these types of users--(and, at least in the case of identity thieves and pedophiles, significant law-enforcement efforts are underway right now)--legal obligations will be imposed. ISPs have avoided that result so far, and BU could be compromising those efforts. And for what? Campus copyright piracy?
Online privacy is a tremendously important issue, and I am very glad that people like Jim Harper and Adam are thinking seriously about it. But nothing will compromise the future of privacy on the Internet more effectively than dogmatic opposition to the legitimate needs of private or governmental law enforcement. For example, in 2006, a World Bank study calculated that intangible assets accounted for about 80% of the wealth of the developed world,and that "rule of law" accounted for about 57% of that intangible capital. I think it unlikely that anyone will be convinced that "rule of law" is an asset worth surrendering.
Finally, Tim, I know that you have argued that we might not need copyrights because the costs and risks inherent in the private production of all major expression could be cross-subsidized in ways that would make them seem "free" to Internet users. Such claims are just too speculative and extreme too require much comment.
Not even Professor Lessig goes so far. To the contrary, in his books Free Culture and Remix, he speculated that if the Internet does preclude copyright enforcement, then we must resume use of the means of subsidizing the production of expression that prevailed before effectively enforceable private rights became available--taxes levied by government officials who make "unavoidably vague" judgements about the value of private expression.
So who is right, Lee or Lessig? To me, the great thing about the flexibility provided by an enforceable system of private property rights in expressive works is that it can let the producers who actually bear the relevant risks and cost sexperiment with a vast range of production methods--from profit-driven to open source. That way, the future of expression need not rest on anyone's guess about which set of speculations seem more credible at the moment.
Thanks again for the comments. --Tom Sydnor
By the way, I also agree with Don Marti: More attention needs to be paid to the vulnerability of these networks to disruption. Some of my own work focuses on this issue.
You continue this pattern with your latest comment, bizarrely attributing to me the view that "private property rights are now a threat to liberty because bilateral, consentual, market exchange requires means of identifying persons, and any such means will inevitably turn the Internet into a “panopticon” of pervasive government surveillance." How you derived that conclusion from what I wrote is a mystery to me.
Now look, I'm not the best writer in the world, so when someone interprets my writing in a way I don't expect, I normally take that as a sign that my writing wasn't clear. But you misread peoples' writing so frequently and egregiously that it's hard to escape the conclusion that you're not trying very hard to represent peoples' views accurately. So you can understand why I'm reluctant to invest a lot of time trying to clarify my views.
"A federal judge has reportedly held that Boston University (BU) is such an incompetent internet-access provider that it cannot disclose the identities of allegedly infringing users of its network."
Anonymous network access really is not compatible with strict enforcement of copyright, as you correctly note. Your solution is to ban anonymity, which is another way of saying that there must be a record of exactly when and where each and every person goes online that can be made available to the law to connect infractions with individuals. This is not some weird hypothetical -- try using an internet cafe in Italy without a passport. What is especially galling about your position is that it won't even work for its supposedly limited purpose -- you can fit a lot of music and video on an 8 gig flash pen drive passed around a dorm. The battle to get college kids to pay for recorded music was lost a long time ago, and yet we are still heroically sacrificing core 1st Amendment principles and turning the law itself into a ludicrous King Canute. $1.5 million/per album fines are both a punch line and the current law. Meanwhile (h/t Orwell), it is considered extreminst to advocate shorter copyright terms, non-draconian fines for copyright violations, and tolerance for a somewhat leaky copyright system that discourages infringement but respects traditional privacy of personal communications. That is not "anarchy", it is just a slightly different set of priorities, one that happens to be shared by almost everyone who is familiar with the details of what it would require to extend the analog copyright system into the digital world.
Of course, stripping ISPs of immunity could, in effect, amount to a de facto ban on anonymity, as firms have a strong disincentive to expose themselves to the massive liability risks stemming from copyright infringement.
Call it a "Ban Plus", if you like, and be prepared to show your papers when you go to a cafe or library. If that sounds like a joke (not an uncommon problem when dealing with IP maximalist "ideas") read this.
My understanding of John Doe subpoenas filed by content owners is that they are often filed hours or even days after the act of infringing has ended (ie the Bittorrent client has been closed). If content owners requested expedited discovery while infringing computers were still seeding a copyrighted file online, but ISP still couldn't identify the accused account holder, then I think the ISP should lose its DMCA immunity. But I don't see why an ISP's failure to retain IP logs necessarily eliminates the ability to maintain a policy for identifying and terminating repeat infringers.
What would happen if something like your and/or Tom Snydor's proposal went through? In order not to be exposed to the preposterous penalties under the law, and because of the complexity of the problem, every cafe and library would sign on with one or another proxy+authentication service, which because of network effects would converge on one or two winners per market. Big telcos would probably offer it as an add-on -- you would use an ID and a credit card to establish identity once and probably not pay anything. The authenticators would be falling over themselves to enable easy sign-on via student IDs. A big lawsuit against a college would then end with a settlement requiring all its students to use a de-anonymizer that filters for file-sharing. Then a harassment lawsuit will be successful against a blog, and exemptions would be added for blogs who attempt to prevent anonymous abuse, and then a restaurant review defamation suit will do the same for Yelp, and before long anonymity will be gone forever. Because the only purpose of the de-anonymizers will be to interface with law enforcement, and because they will be cheap and have no margins, most of their "customer service" will be directed at the police and courts, or perhaps the 1st Brigade Combat Team of the 3rd Infantry Division. Then there will be a "hot pursuit" case of some child rapist or Islamist monster, and the urgent necessity of cutting down the 24-hr court-deanonymizer-cop circuit will be used to make all records immediately available.
This is what Tim means by "illiberal", and it is the major civil liberty question of at least this quarter century, and frankly more important than preventing kids sharing copies of "Oops I did it again." Extreme copyright enforcement really does butt up against privacy, it is a hard problem.
In my previous comment (in which I suggested that ISPs that fail to maintain reasonable policies for identifying repeat infringers should lose their DMCA immunity) I was presuming the existence of a billing relationship between service providers and the end users. When no such relationship exists, however, I think the service provider should retain its immunity even if it cannot necessarily identify an accused infringer.
Under the DMCA, service providers retain immunity only if they make a reasonable effort to provide information to a content owner that assists in the process of determining the identity of an infringing user. The real question is how exactly we define "reasonable" steps. Failure to use a proxy+authentication service, as you point out, shouldn't affect a service provider's immunity. If Starbucks receives a subpoena for an IP address that is being used by somebody with whom Starbucks has no identifiable business relationship, then Starbucks should be required to take reasonable steps to assist the content owner in identifying the infringer. To me, such steps would include providing the content owner the MAC address of the PC connected to the Starbucks wi-fi network. And perhaps Starbucks should even be required to help a content owner triangulate the physical location of an infringing computer. But the fact that Starbucks' business model for its wireless internet service does not involve the transfer of personally identifiable information should not, in itself, mean that Starbucks automatically loses the ability to terminate repeat infringers.
512(a) makes reference to 'subscribers' and 'account holders' for the purposes of notification and termination per the implemented policy. But suppose an ISP chooses to have neither 'subscribers' nor 'account holders', but instead offers open access. How would such ISP be in violation? An arguable point for sure, but vague enough to generate some legal fees. The presence of some language to the effect of 'any and all users' would be much more clear cut against the ISPs, but such language is not there.
Yes, that's definitely a pattern with Tim.
These copyright debates are heated enough. I think we should all be just a little bit more careful about leaping to assumptions about the motives of those we disagree with.
If we can't "all just get along," can we at least agree that if someone really, really feels the need to start a new post continuing a discussion on an existing post, that the new post *begin* with a link to the prior post? It might also be helpful to post a comment on the old post linking to the new post so readers can continue the conversation.
While we're at it, everyone, how about using Disqus' "reply" feature so that the comments actually flow in a conversation?
And I do, in fact, use categories and dividers. I think we have a bit of a difference of opinion about how long posts should be before they get divided, but (for example) you'll notice that the post I linked to above has a divider. I don't use tags because those are a relatively recent addition to the site and I just haven't yet gotten into the habit of using them yet.
On the technology side of things, a data retention mandate is getting very easy to implement. Just wait until log analyzers and grep are updated to be able to scan through bzip2 files! Bzip2 is such a powerful compression algorithm that it can easily take a 7-8TB block of text data and compress it down to fit on a 1-1.5TB hard drive. I was able to compress a 18MB SQL script representing my installation of Movable Type down to 2.5MB with it. It's just a matter of updating the software to handle very powerful new compression algorithms.
For the average ISP, a large SAN or two would be more than enough to store all of the data that flows through their networks aside from large blobs of binary data like the actual files being transferred via P2P; it would certainly be enough to store all of the information about what someone is doing on a P2P network.