One of the main concerns of those who worry about net neutrality is how a network provider might block or charge extra for competing services. For example, telcos who still make a fair bit of money from voice services might not like competing services like Skype. Or... Apple FaceTime. So it's interesting to see a report from 9to5Mac suggesting that AT&T may be planning to charge extra to use FaceTime over cellular. This came out when testing iOS6 and receiving a popup requiring "activation." Here's the screenshot of what 9to5 saw:
This does not absolutely mean that they're going to charge. Currently, FaceTime only works over WiFi, but iOS6 is set to enable it for cellular. It's possible that this popup is just because iOS6 is still in beta, and it's just a generic message for a service that is not yet available. But it's at least raising concerns about the intentions of AT&T, with groups like Free Press already warning that this would violate existing (if contested) FCC rules on net neutrality (which, it should be noted are very, very limited when it comes to mobile services). To be honest, I'm not sure why AT&T would actually go down this path. It's already trying to cap and/or meter mobile bandwidth, so it already has a natural restriction on usage. Furthermore, since the iPhone is now widely available on other platforms, charging extra for FaceTime seems like a perfect strategy for driving iPhone users to other mobile operators.
The American Enterprise Institute (AEI) recently held an event about cybersecurity and cybersecurity legislation. The keynote speech was from NSA boss General Keith Alexander. He of course talked about why he supports cybersecurity legislation, such as CISPA and other proposals that will make it easier for the NSA access private content from service providers -- much of which, reports claim, they're already capturing and storing. Alexander has claimed that the NSA doesn't have "the ability" to spy on American emails and such, and reiterates that claim during the Q&A in this session, insisting that the Utah data center doesn't hold data on Americans' emails (and makes a joke about just how many emails that would be to read). That's nice for him to say, but so many people with knowledge of the situation claim the opposite.
In a motion filed today, the three former intelligence analysts confirm that the NSA has, or is in the process of obtaining, the capability to seize and store most electronic communications passing through its U.S. intercept centers, such as the "secret room" at the AT&T facility in San Francisco first disclosed by retired AT&T technician Mark Klein in early 2006.
So it's interesting to pay attention to what Alexander has to say in pushing for cybersecurity legislation. You can watch the full video below, if you'd like:
Much of what he talks about online involves basic malware and hack attacks. These are definitely issues -- but are they issues that we need the military (which the NSA is a part of) to step in on? His "quote" line is that these attacks represent the "greatest transfer of wealth in history." That is a pretty broad statement, and there's almost no evidence to support it. He points to studies from Symantec and McAfee on the "costs" of dealing with security issues -- but remember, those are two of the biggest sellers of security software, and have every incentive in the world to inflate the so-called "costs." Also, seriously? The "greatest transfer of wealth in history"? Has he paid absolutely no attention to what's happened on Wall Street and the financial world over the past decade? Does anyone honestly believe that the amount of money "transferred" due to hack attacks is greater than the amount of money transferred due to dodgy financial deals and the mortgage/CDO mess? That doesn't pass the laugh test.
He does insist that worse attacks are coming, but provides no basis for that (or, again, why the NSA needs your info). In fact, according to a much more believable study, the real risks are not outside threats and hackers, but internal security screwups and disgruntled inside employees. None of that requires NSA help. At all.
But it sure makes for a convenient bogeyman to get new laws that take away privacy rights.
Alexander, recognizing the civil liberties audience he was talking to, admits that the NSA neither needs nor wants most personal info, such as emails, and repeatedly states that they need to protect civil liberties (though, in the section quoted below, you can also interpret his words to actually mean they don't care about civil liberties -- but that's almost certainly a misstatement on his part):
One of the things that we have to have then [in cybersecurity legislation], is if the critical infrastructure community is being attacked by something, we need them to tell us... at network speed. It doesn't require the government to read their mail -- or your mail -- to do that. It requires them -- the internet service provider or that company -- to tell us that that type of event is going on at this time. And it has to be at network speed if you're going to stop it.
It's like a missile, coming in to the United States.... there are two things you can do. We can take the "snail mail" approach and say "I saw a missile going overhead, looks like it's headed your way" and put a letter in the mail and say, "how'd that turn out?" Now, cyber is at the speed of light. I'm just saying that perhaps we ought to go a little faster. We probably don't want to use snail mail. Maybe we could do this in real time. And come up with a construct that you and the American people know that we're not looking at civil liberties and privacy, but we're actually trying to figure out when the nation is under attack and what we need to do about it.
Nice thing about cyber is that everything you do in cyber, you can audit. With 100% reliability. Seems to be there's a great approach there.
Now all that's interesting, because if that's true, then why is he supporting legislation that would override any privacy rules that protect such info? If he really only needs limited information sharing, then why isn't he in favor of more limited legislation that includes specific privacy protections for that kind of information? He goes back to insisting they don't care about this info later on in the talk, but never explains why he doesn't support legislation that continues to protect the privacy of such things:
The key thing in information sharing that gets, I think, misunderstood, is that when we talk about information sharing, we're not talking about taking our personal emails and giving those to the government.
So make that explicit. Rather than supporting cybersecurity legislation that wipes out all privacy protections why not highlight what kind of information sharing is blocked right now and why it's blocked? Is it because of ECPA regulations? Something else? What's the specific problem? Talking about bogeymen hackers and malicious actors makes for a good Hollywood script, but there's little evidence to support the idea that it's a real threat here -- and in response, Alexander is asking us all to basically wipe out all such privacy protections... because he insists that the NSA doesn't want that kind of info. And, oh yeah, this comes at the same time that three separate whistleblowers -- former NSA employees -- claim that the NSA is getting exactly that info already.
So, this speech is difficult to square up with that reality. If he really believes what he's saying, then why not (1) clearly identify the current regulatory hurdles to information sharing, (2) support legislation that merely amends those regulations and is limited to just those regulations and (3) support much broader privacy protections for the personal info that he insists isn't needed? It seems like a pretty straightforward question... though one I doubt we'll get an answer to. Ever. At least not before cybersecurity legislation gets passed.
We've talked for a while about just how often law enforcement seeks information from mobile operators -- often without getting any actual warrant -- knowing that it was astounding. But after an article from a few months ago in the NY Times noting that it was both routine and a big business for mobile operators, who charge law enforcement for each request, Rep. Ed Markey asked all of the major mobile operators just how often they get requests from law enforcement for subscriber info, and discovered that last year they responded to an astounding 1.3 million requests for subscriber info -- including location info, text messages and other data. And, apparently, this number likely undercounts the true size, because it notes that there was "incomplete record-keeping" in some cases. Oh yeah, and also, this just requests, not individuals -- a single request might include multiple people whose information was being sought. So, an awful lot of people were spied on this way.
Not surprisingly, the number of requests continues to rise drastically, with AT&T admitting that it had seen a tripling in requests in the last five years. As the report notes:
AT&T alone now responds to an average of more than 700 requests a day, with about 230 of them regarded as emergencies that do not require the normal court orders and subpoena.... Sprint, which did not break down its figures in as much detail as other carriers, led all companies last year in reporting what amounted to at least 1,500 data requests on average a day.
This isn't a huge surprise, but does raise significant questions about how reasonable these information trawling operations are. Do we honestly believe that law enforcement needed all of that info? This seems like a case where, of course, if the info is easy to get, law enforcement wants it. But is that reasonable?
And, telcos have little incentive to stand up for the rights of their users. They actually make money from these kinds of requests:
AT&T, for one, said it collected $8.3 million last year compared with $2.8 million in 2007, and other carriers reported similar increases in billings.
For a company that large, this isn't a major cash cow, but it is something. It's unclear how carefully the telcos review the request. At least one (smaller) telco, C Spire Wireless, reported that it had rejected about 15% of the requests, but most of the other operators didn't provide any info on rejections (and it makes you wonder if they ever rejected any requests at all).
None of this is surprising. When such a tool is available, it's almost impossible for it not to be abused. It's just too easy for law enforcement to snoop on anyone's location or text messages, and they can't resist doing so. It seems like telcos (1) could be a lot more transparent about this. While Google and Twitter both have voluntarily opened up to provide data on law enforcement requests, the only reason this info became public from the mobile operators was because of Markey's request. On top of that, it seems that the rules concerning an individual's privacy rights should also be a lot clearer, to give the telcos more ammo to push back against bogus requests.
Apparently AT&T-land is a place where basic economics doesn't apply. AT&T boss Randall Stephenson, still hurt from the rejection of his attempted merger with T-Mobile, is telling the world that greater competition means higher prices and less efficient markets. That this goes against nearly all understanding of economics seems like an important point that would be worth bringing up to Stephenson, but apparently the reporters present didn't bother. In particular, he claims that AT&T had to increase its data rates by 30% because it doesn't own T-Mobile. That makes no sense, but okay. Then he claims that competition makes things less efficient:
"The more competitors you have, the less efficient the allocation of spectrum will be," he said. "It's got to change. I don't think the market's going to accommodate the number of competitors there are in the landscape."
This is how a monopolist argues: if we controlled everything, why things would be much more efficient. He's seriously arguing that the fact that they have to compete for resources means that they can't get the same level of monopoly rents. Yeah, that's called capitalism, where you actually have to compete in the market. I mean, I'm sure UPS hates that it has to share the roads with Fedex (so inefficient), but it's actually good for the consumers to have real competition. Apparently, though, AT&T has a different point of view.
Years ago, we used to joke about the prevalence of "up to" language in the marketing around any kind of broadband connection. You'd see claims of speeds that could be reached in huge letters, but right before that, in fine print, would be an "up to." So sign up now to get "up to" 3 Mb per second. Of course that means anything less than that qualifies. Hell, they could argue any top speed, and as long as they included the "up to," they could get away with it. Eventually there was some cracking down on that and some threats that such language was potentially misleading, and companies have been somewhat (but not totally) clearer in describing their speeds. But, when it comes to DSL, there are other problems as well, including the general limitations on speed based on how far you are from the central office (CO). For reasons that still escape me, DSL providers seem notoriously bad at being able to predict ahead of time just how far you really are and what kind of speeds you can get. In the past, I've had these arguments with my DSL provider -- even to the point where a few years ago, when I had terrible DSL (despite living in the middle of Silicon Valley), I actually had an AT&T rep tell me that the company never should have provisioned my DSL because I was simply "too far" from the CO.
Either way, this confusion over distance has resulted in a new lawsuit -- which is trying to become a class action lawsuit -- against Verizon in California for over-promising speeds. This isn't just about the "up to" speeds being marketed. In this case, a woman was convinced to upgrade her account from a 768k top speed account to a 1.5 Mb top speed account -- at $10 more per month -- only to find that her line could only handle the 768k, based on her distance from the CO. She then had a Verizon rep tell her she should downgrade her account, but the company was unwilling to reimburse her for the higher fees she paid on a level of service she couldn't technically get.
Whether or not this specific suit has merit, it does highlight just how confused the DSL providers often are, where each time you call or speak to a rep, you will get different info. In another situation that I once had, I called to sign up for DSL a few years ago, and the rep told me that I couldn't get it at my location. When I said I was surprised, she told me to wait as she tried it on her "other computer," and that one said I could get DSL. It seems that even the DSL providers don't seem to have very good or consistent information themselves, so it's little surprise that customers get conflicting reports -- some of which lead them to paying too much for services they can't actually use.
We first wrote about IP Relay fraud all the way back in 2004, when it was pointed out that a huge percentage of calls using this system were fraudulent, and the telcos were doing nothing to stop it, because they were profiting at the taxpayer's expense. If you're unfamiliar with the system, IP Relay has a good intention: to help hearing impaired people communicate -- allowing them to send text-based messages to phone numbers, which are then read by operators. In order to fund this service, the FCC pays telcos an astounding $1.50 per minute on such calls. Scammers, however, quickly realized that this was a way to make free, almost totally anonymous, calls. And the telcos had every incentive to encourage any usage, scammy or not, since it meant they got paid (from taxpayers).
The fact that all of this was obvious eight years ago but it was only just now that feds decided to sue AT&T for abusing the system is pretty incredible. To be fair, the FCC passed rules in 2008 that required telcos try to register users to verify who they were (to take away some of the anonymity of the system). The key issue with this lawsuit is the claim that AT&T intentionally implemented an authentication system that wouldn't work. In other words, it purposely scammed taxpayers out of a ton of money:
The United States alleges that AT&T violated the False Claims Act by facilitating and seeking federal payment for IP Relay calls by international callers who were ineligible for the service and sought to use it for fraudulent purposes. The complaint alleges that, out of fears that fraudulent call volume would drop after the registration deadline, AT&T knowingly adopted a non-compliant registration system that did not verify whether the user was located within the United States. The complaint further contends that AT&T continued to employ this system even with the knowledge that it facilitated use of IP Relay by fraudulent foreign callers, which accounted for up to 95 percent of AT&T’s call volume. The government’s complaint alleges that AT&T improperly billed the TRS Fund for reimbursement of these calls and received millions of dollars in federal payments as a result.
As Karl Bode at Broadband Reports notes, if you start doing the math, the claim that this is about "millions of dollars" may be a "severe under-estimate." We're talking about 95% of all of these calls, done for many years, being fraudulent, with AT&T having no incentive to cut them out, and scammers having tremendous incentive to use the service as well. Again, all of this done with taxpayers footing the bill. While AT&T definitely deserves scorn for allegedly purposely choosing to set up a bogus registration system, a ton of blame has to go to the government for letting all of this happen for so damn long, and not recognizing just how much AT&T was fleecing taxpayers for under the system (not to mention all of the scams this probably helped enable).
As you may have heard over the last couple months, AT&T has gone to war with customers who bought its "unlimited" data plans. While the company no longer offers such plans, existing users were grandfathered in. And they like those plans. AT&T, however, would prefer to move them over to tiered plans under which they'll pay more. So it began throttling their connections. If they were using a fair amount of data (really not that much), it slowed their connection down to the point of being basically useless. This is a pure bait-and-switch tactic, where the company sold customers something that it then failed to deliver.
A guy named Matt Spaccarelli felt that this was a clear breach of contract and sued in small claims court... and won $850 ($85 is his monthly fee, and the judge felt that there were 10 months left on the contract that was violated... so, $850). Spaccarelli then also set up a website with all the details, so that others could file their own lawsuits. Apparently, AT&T is none too pleased about this and is playing hardball with the guy, threatening to cut off his phone service after determining that he used the phone to tether.
How nice, right? Beat AT&T in small claims court, and they'll potentially cut off your phone service.
Separately, they're trying to "settle" with him, but are pissed off that he's been public about the settlement attempts so far, as the key thing in the mind of AT&T lawyers and execs is getting a gag order in place to stop others from going down the same path. Of course, there's no requirement that Spaccarelli settle or agree to any gag order, and it sounds like he's not planning to:
Spaccarelli has posted online the documents he used to argue his case and encourages other AT&T customers copy his suit. Legal settlements usually include non-disclosure agreements that would force Spaccarelli to take down the documents.
In its letter, AT&T asked Spaccarelli to be quiet about the settlement talks, including the fact that it offered to start them, another common stipulation. Spaccarelli said he was not interested in settling, and forwarded the letter to The Associated Press.
After years of not suing anyone (but always threatening that it might, someday), Intellectual Ventures has become more and more aggressive of late in suing lots of companies. A few weeks ago it sued AT&T, Sprint and T-Mobile over a bunch of patents that (of course) involved some of IV's favorite shell companies. Just as it was preparing this lawsuit, a VP from IV went public with an attempt to argue that all this litigation is a sign of innovation at work. The article is rather shocking in how it presents its argument. It mainly relies on false claims that correlation means causation, concerning historical periods of innovation and lawsuits over patents. Of course, what it ignores is that the patent fights often come right after the innovation, not before. In other words, the patent battles aren't a sign that innovation is working. Rather it's a sign of patent holders freaking out that others are innovating. It's entirely about hindering innovation, not helping move it forward.
Along those lines, the folks at M-CAM who continue to call out bogus claims in patent lawsuits analyzed the patents in this IV lawsuit and found them... well... lacking:
Our systems found nearly 500 AT&T patents, with similar claims, that predate the fifteen asserted patents. Sprint Nextel also owns 12 patents that predate the asserted portfolio.
M-CAM also questions the claims that these lawsuits have anything at all to do with innovation, and hint at more nefarious reasons for the use of a bunch of shell companies:
Is IV’s patent litigation helping inventors or investors? Considering that the bulk of the patents in suit were each “acquired” from what the USPTO characterizes as a “merger” with a different relatively unknown LLC, we’ll let you decide. Seems to us that it simply represents an attempt to use opacity and “hidden weapons” for a tactical assault having ABSOLUTELY NOTHING to do with innovation. In fact, these kinds of structures are also typically employed for tax “optimization” which is to say, to avoid paying taxes for any economic gains resulting from a successful assault, ahem sorry again, we mean “settlement”.
By the way, you may have noticed that Verizon is conspicuously absent from the list of mobile operators being sued here. That's because Verizon paid the entrance fee and is a "member" in the IV club... which apparently only cost the company $350 million. Oh yeah... and it then became an enabler. One of the patents in the new lawsuit... once was owned by Verizon.
Some of you youngsters may not remember what really kicked off the big "net neutrality" fight over the past few years. It was back in 2005, when then AT&T CEO Ed Whitacre suggested that internet companies should pay a second time to reach users. This was particularly nefarious. What Whitacre was suggesting was actually that AT&T get to double charge everyone. That's because the way it was (and still) is that everyone pays for their own bandwidth -- including the big internet services like Google. However, the way Whitacre was describing it, the bandwidth you got only paid for half the transit. That is, you only paid for your bandwidth from your premise to "the cloud" but not back out to any end machine. That that bandwidth was paid for by whoever owns those end machines was entirely ignored. So the plan was not just that Google would pay for its own bandwidth, but that Google would also pay for your bandwidth to get Google to your computer (ignoring that you already paid for it).
That didn't go over so well with people, and got particularly ridiculous when Mike McCurry, running an AT&T lobbying effort, insisted that Google didn't pay a dime for its bandwidth. For rather obvious reasons, he refused my proposition that he agree to pay Google's bandwidth bills.
Either way, it appears that the brilliant minds at AT&T have been trying to devise a new way to present such a plan that doesn't leave them so open to charges of being greedy double chargers -- and they may have found it by focusing on the mobile world, with their new love of "tiered" and "capped" plans that limit how much bandwidth you actually get. What they're going to do is charge app makers a fee to offer their services to you in a way that the data doesn't count against your cap. They describe it as an "800 number for the mobile internet."
"A feature that we're hoping to have out sometime next year is the equivalent of 800 numbers that would say, if you take this app, this app will come without any network usage," Donovan said on the sidelines of a mobile-industry conference here. It's far from clear how willing technology companies would be to pay wireless carriers for data use. Mr. Donovan said there was interest from companies who could use the feature to drum up new business from customers wary of using data-heavy services like mobile video.
This is nefariously brilliant. People associate 800 numbers with toll-free phone calls, so it's kind of like that... except it isn't anything like that at all. It's just a way to get companies to pay for the data connection you're already paying for. But the end result is exactly like what Whitacre wanted five years ago: get the app providers to pay double for bandwidth. Karl Bode summarizes the whole ridiculous plan as only he can (via that link above):
The end result is the same, with AT&T imposing bizarre tolls on content companies to obtain preferred customer status, picking winners and losers while retaining power in the wireless ecosystem.
It's an idea we're sure AT&T will pitch as a cost-saving endeavor for consumers, but given this is AT&T, you'd be naive to think cost savings will be in the equation. You'll still pay the same data rates, content companies will now just pay a fee to obtain preferred "reduced cap impact" status, then pass the higher development costs on to you. It's a ridiculous and dangerous idea, and the fallout will likely be similar to AT&T's "free ride" comments. AT&T executives either don't care how bad these ideas make them look, or don't realize it thanks to too many isolated meetings at headquarters packed with telco-think yes men.
Eventually you start to think that AT&T executives should just stop thinking before they hurt someone or themselves. If AT&T put half as much energy into running a top-flight network with quality support as they did cooking up hare-brained troll toll schemes -- they might just stop coming in last place in all major customer satisfaction studies.
This is really just another reason why the telcos are pushing so hard to move users into unnecessary tiered plans -- because they can't pull off scams like this on unlimited data plans nearly as easily.
Of the four national mobile operators, only Sprint still offers an "unlimited" data plan -- and most industry watchers expect that to go away soon. When the operators talk about this stuff, they complain about how unlimited plans are abused and the amount of data being used by so-called "data hogs" is crippling network bandwidth. Of course, the alternative story is that they just want to charge people higher rates, and putting a toll booth on data usage makes that possible. A new study by Validas confirms that the latter theory seems to match with reality. The company looked at 11,000 mobile phone bills of users on both throttled (tiered) plans and unlimited data plans and found... data usage was effectively the same. In other words, for all the talk about how tiers and throttles are needed to stop bandwidth hogging... reality shows that these plans have little impact on actual data usage. Or, to put it really simply: these plans are all about the mobile operators making more money and have nothing to do with network capacity.
Of course, as I've argued in the past, this is a pretty short-sighted strategy by the mobile operators. While they have every right to set up whatever business models they want in order to maximize profit, this might come back to haunt them. The problem with a tiered or throttled data plan is that it actually makes the mobile data service less valuable. Not only does it cost more for the same usage, it adds mental transaction costs as users have to keep track of their usage. That's only going to make people value alternatives much more. The carriers can get away with that if there are no alternatives (as is the case some of the time), but as more alternatives hit the market, expect people to shift their usage to networks they can actually use without fear.