Michael Scott points us to a report suggesting that one way to deal with the privacy issues of data stored online is to set up databases that automatically have plans to let data "fade away" over a certain period of time. Of course, I'm not sure what's particularly new or unique about this. Lots of companies have systems in place to purge types of data after it reaches a certain age. Most companies have log files that delete after 6 or 12 months or whatever. The other issue, of course, is that with new data retention laws in place, many companies are forced by the government to retain certain types of data. And, finally, even if you plan for certain data to be deleted, there's not necessarily a guarantee that it actually has been deleted.
We were recently tipped off to a case in the federal courts that raises all sorts of legal issues about some questionable interpretations of the law -- many of which we've discussed here recently. It involves a Utah company, named Public Engines, suing a competitor, named Report See. Public Engines, it appears, contracts with various police departments around the country to get crime data from them, and then they put that data online in various formats. Its main business tends to be working with law enforcement and providing them software and services around that data. But, it also presents the data publicly on the site CrimeReports.com. Apparently, law enforcement agencies pay Public Engines to provide data to the site. Public Engines claims it does work on that data, to "de-identify" it and make it appear in a more user-friendly format. As the company notes, it does not add any editorial on the site and does not include any advertising or seek any additional business from users. The service is basically provided totally free of all that -- but the company makes money from the law enforcement agencies, who pay to take part and to use Public Engines' software.
Along comes Report See. It operates a similar site, called SpotCrime.com. However, its business model is different. It seeks to get the data for free -- combing various other sources and working out deals with law enforcement itself. Its business model is to sell advertising on the site, as well as to work out partnerships with different media properties, who wish to use the data SpotCrime has collected.
You can probably see where this is headed. Report See, not surprisingly, found the publicly available CrimeReports site to be a treasure trove of good data, and began scraping it to include in CrimeSpot. Public Engines took issue with this and demanded Report See stop. Apparently, the company initially agreed to do so, but then soon began scraping the site again. From there a technical one-upmanship battle appears to have ensued. Public Engines kept trying to block the CrimeSpot scraper, and Report See kept adapting its scraper. Also, somewhere along the way, Report See started going to the same law enforcement groups that Public Engines worked with, asking for access to the same data, and pointing out that, as public records, the data should be available under various public records access laws.
And, now, we get to the lawsuit. Public Engines pretty much tries to throw everything at Report See, some of which seems pretty questionable. The one thing that surprised me, actually, was that Public Engines didn't toss in a copyright claim. Thankfully, it seems to have realized that would have gone way too far. But it's other arguments are still pretty problematic.
First, Public Engines pulls out a Computer Fraud and Abuse Act claim. This is the anti-hacking law that we recently discussed, as many lawsuits (and a few judges) have tried to stretch way beyond its intended purpose. The CFAA is supposed to deal with actual malicious hacking -- that is breaking in to a computer system that has been secured. This is a public website we're talking about here. Claiming a CFAA violation is silly and an attempt to extend the law well beyond what it was intended to cover. Allowing CFAA claims on public websites is really problematic.
Second, Public Engines says there's a breach of contract. But, you might point out, Report See and Public Engines have no contract. Indeed. But Public Engines claims that the terms of service on its website represent a valid contract. Again, it seems like Public Engines is stretching the law to claim that a contract has been made here. Even though it notes there's a link to the terms on every page, it never made Report See agree to the contract, and even so there are still some questions about whether or not any "clickthrough" agreement is really binding.
Third, Public Engines pulls out a Utah statute on "anti-cyberterrorism." No, I'm not kidding. Apparently, Public Engines is claiming that by accessing the website without authorization (see the two points above) and then "obtaining CrimeReports.com's intellectual property" in a way that "led to a material diminution in the value of Public Engines' intellectual property," Report See is violating this anti-cyberterrorism law. My question: what intellectual property? Remember, Public Engines knew better than to include a copyright claim. And that's because it holds no copyright on the data. So what intellectual property has actually been obtained here? Public Engines skips over that.
Fourth, Public Engines pulls out a Lanham Act false advertising claim. Again, this appears to be a stretch of the law's purpose. The point of this law is to stop someone from advertising a product as being from Coca-Cola, when it's really Bob's soda. That's to avoid harm to the consumers (remember, the Lanham Act is really about consumer protection) who bought Bob's soda thinking it's Coca-Cola. But here, there's no "confusion" or issue where consumers are likely to be tricked in a damaging way. The data is the same. There's no harm done. The "data" is not "owned" by Public Engines or CrimeReports. It's factual data.
Given all of these points, you had to guess that the next claim from Public Reports was (you guessed it!) our favorite insanity and recently back-from-the-dead legal craze: hot news, which is showing up in all sorts of lawsuits these days, and is an incredibly troubling restriction on free speech and freedom of the press. Remember, Public Reports knows that it has no copyright claim on this data. It's factual data from public agencies about crime. It would have an incredible chilling effect to suggest that such data is covered by the hot news doctrine.
Public Engines still isn't done yet. Its sixth claim is for "interference with a contract," because of Report See's attempts to go to police agencies directly. This, again, seems silly and beyond the scope of the law. It's perfectly normal and basic competition to approach customers of competitors and to try to get deals yourself. That's how business works. Claiming that no one else can try to get this data from law enforcement agencies is ridiculous.
Honestly, the only legal claim that I thought the company might have that made any sense at all, was about the claim that Report See had promised to stop scraping its site, and then changed its mind. But even that might be a tough sell. Of course, we've seen judges make all sorts of crazy rulings on nearly every one of the issues above, and given that it's a local court (Public Engines filed it in its home court), who knows what might happen. But if the court buys any of these arguments it could set really bad and chilling precedents.
Now, you may ask, what should Public Engines be doing in this situation, since it clearly is going through a lot of effort to collect and format this data. That's all true, but it can still compete pretty easily against Report See. If you compare CrimeReports to SpotCrime, you'll quickly realize that CrimeReports is much nicer and much more user-friendly. It's also not weighed down with annoying advertisements everywhere. Anyone who is interested in using such a tool would almost certainly gravitate to CrimeReports over time. It's just a better site, and since it apparently gets the data first, you'd figure it's also more up-to-date.
In other words, CrimeReports should be able to compete effectively in the marketplace. It's disappointing that rather than doing so, it broke out the lawyers.
Separately, this is now the second case we've seen in just the past few weeks that has tried to combine both a hot news claim and a CFAA claim -- and in both cases, these were attempts to stretch the doctrines and the law well beyond intended purposes. It would be nice if the courts quickly realized what's happening and fixed things (either that or Congress came in and got rid of hot news and clearly limited the CFAA -- but don't expect that to happen).
In the end, though, this really does come down to a simple question. Just because one company went through the trouble of collecting factual data from public agencies can it stop others from using it? The US has, on purpose, rejected any sort of "sweat of the brow" concept for protecting intellectual property. It does not, for the most part, recognize "database rights" for this reason. Public Engines is basically trying to replicate a database right by misusing a variety of other laws and doctrines. If we're serious about protecting First Amendment rights, it would be good to see the courts smack down such attempts to stretch the law.
As governments around the world continue to go overboard in their condemnations of Google's (admittedly bad) collection of open WiFi data via its Street View cars, much more interesting than the political grandstanding is the legal limbo mess that the collected data has been placed into. After realizing that it had accidentally collected this data, Google announced that it would stop collecting and begin deleting the data it collected (Update: more specifically, it said it wanted to delete the data, but would discuss with regulators before doing so). But that raised alarm bells from some, who worried that doing so would be deleting evidence for a possible lawsuit against Google. Then, governments started demanding that Google share the data with regulators, so they could determine how serious a privacy breach this really was. However, Google is noting that sharing the data would be a violation of privacy rights in many countries, pissing off regulators who put those privacy laws in place in the first place.
So... Google can't collect this data, but it can't delete the data it accidentally collected. Regulators want to see the data to see if it's okay for Google to delete it, but they can't see it, because that would violate privacy regulations. But, regulators feel they need to see it, to see if Google violated privacy regulations. So, basically everyone's stuck in a state of limbo.
Google's getting some attention for its decision to launch a tool highlighting the information requests made by various governments to Google, either to gather information or to take down certain content. According to Google, this is a part of its efforts to try to keep the internet more open, as seen by its decision to leave China and its pushing back on Australia's attempts at censorship. Of course, many will claim that this is just self-serving on Google's part, since it's better off with a more open internet -- but that doesn't mean the initiative is a bad idea.
Still, it's not clear really how much there is to learn from this tool. Basically, we see that Brazil requests a lot of information and takedowns -- and the US requests an awful lot of info. And... well.. then we're left wondering. The tool does breakdown the nature of the removal requests, but not in very much detail. And it doesn't do that for the data requests. So, really, all this tool does is leave us wondering what exactly is being requested and/or taken down. Perhaps that's the point of the tool: to get people to ask more questions, but it seems like Google could have done a bit more to highlight that kind of information as well.
Separately, in its op-ed about the new program, Google also suggests that the best tool for encouraging a decrease in repressive governments is through better free trade agreements. If only that were the case. Real free trade agreements can increase openness tremendously, but lately the sorts of "free trade agreements" we've seen have been things like ACTA -- which is not at all about openness, and very much about using the same repressive tools used by China to try to block forms of communication.
It's good that Google is encouraging some discussion on this topic, and perhaps this is the point of the limited tool, but looking through it seems to simply open up a lot more questions than it answers.
Netflix, of course, received tons of attention and (apparently) a lot of valuable research, with its Netflix prize competition, that allowed anyone to take a bunch of Netflix data and try to improve on Netflix's ranking algorithm. Of course, whenever you're dealing with "anonymized data" there are questions about whether or not it can really be anonymous. In nearly every case, someone figures out how to "re-nonymize" at least some of the data. And, of course, that also happened with the original Netflix Prize data. This was especially troubling for Netflix because of the Video Privacy Protection Act (VPPA), 18 USC 2710, a special law that was passed after Supreme Court nominee Robert Bork ran into some trouble when his movie rental lists were made public, which made it specifically illegal to reveal movie rental data. And thus... a lawsuit was born, late last year.
Netflix has announced that it has now settled the lawsuit, but as a part of that settlement it is canceling the plans it had announced for additional Netflix prizes. While the company can still do contests in the future, it will need to make sure that the data cannot be reconnected to an actual person, which may be quite difficult in practice. This does raise some interesting questions for other attempts to crowdsource research. There are certainly benefits to opening up data to a community of smart people -- but companies are going to need to be extra careful in those settings in dealing with privacy issues.
While we keep presenting details of CwF+RtB working for various musicians, big, medium and small, some have complained that there needs to be more data to demonstrate that these kinds of business models can work. So, here we go. I briefly got to meet Shamal Ranasinghe from Topspin at Midem, but unfortunately wasn't able to go to his presentation. Thankfully, he's posted his slides along with some data from Topspin's own artists, who are making these business models work:
Some of the key points they've found so far are that fans are paying greater than $20 on average per band on its platform (more than a CD costs) and with big name "branded artists" that number is more like $50. But.. but.. but don't we keep hearing that no one wants to pay musicians any more? Apparently that's not true.
Digging into some of the details, Topspin found that while many people do pay for digital downloads, the big chunk of revenue actually comes from physical scarce goods:
And while the number of folks who buy cheaper packages is much higher, the total revenue earned on higher priced packages is much, much higher. In fact, more than 50% of the revenue was earned on price points higher than $25. The under $10 sales, while making up more than 50% of the volume, account for less than 18% of the revenue:
Again, it becomes clear: if you offer things of value people have no problem paying -- and often paying more than they did in the past. The claim that fans just want everything for free is pretty clearly untrue.
I won't go through all the slides, but Shamal also spends a fair amount of time talking about converting fans into buyers, and (no surprise) suggests that it helps to have a real connection with the fans, as opposed to just putting stuff out and expecting people to just show up and buy. You can't give it away and pray, but have to provide a real connection and real scarcities. But part of making that work is getting widespread distribution (Topspin uses a music playing widget) that helps bring people to the purchasing options, if they like the music. Rather than trying to hold back and hoard access to the music, sharing freely, and connecting it to reasons to buy helps bring in a lot of fans who are happy and willing to buy.
He also highlighted two case studies of amazing conversion rates. The David Byrne and Brian Eno album widget (the very first launched on Topspin) had a stunning 20% conversion rate of plays to purchases. Yes, one in five people who listened to the widget then purchased in the first few weeks of the campaign. That's an astounding rate -- and one I doubt many other bands would see, or sustain -- but still an amazing data point. In their case, since the average transaction price was over $15, it meant that every play was worth about $3 in sales. And yet some still don't believe that music online has promotional value that can lead to sales?
The second case study was with Fanfarlo, who sought to build up its email list -- and found that for every 1,000 plays of the widget, 49 fans either purchased or signed up for the email list. The presentation compares that to paid advertising, which found that per 1,000 impressions, they ended up with 0.7 new email users. Once again: the music is a great promotional tool, much better than traditional advertising in actually driving a conversion.
And, taking it one step further, to highlight the massive power of word of mouth, Topspin found that (again with Fanfarlo), the "Shares to Sales" ratio was 1.1. Yes, this meant that for every one person who shared the musical widget, more than one person ended up buying something -- though, admittedly, this number was likely skewed greatly by a $1 promo offer that ran for three weeks. But, either way, it shows that if you offer something that people want, at a good price, and you let people share (rather than punish them for sharing), great things can happen.
A fascinating article points out that the government could make the process of filing your tax returns significantly easier by simply sending you pre-filled out forms of what they know (basically what's been sent in from your employer(s)) so that you could just take the pre-filled form, check it over, make any additions or changes as necessary and submit it. Apparently, many places that have done this have had great success with it. But it's not happening in the US in large part due to heavy lobbying from Intuit, who fears (perhaps correctly) that this would put a big dent into its tax preparation software business. Of course, that's not how Intuit puts it. The company first claims that this functionality is "already available" (it's not) and that it is a "conflict of interest for government to be both tax collector and tax preparer." However, that is also inaccurate. No one is asking the government to be the tax preparer, but just to share the information it already has so that individuals aren't forced to rebuild the info themselves. As one person quoted in the article notes, it's "as if Visa sent customers a blank piece of paper, requiring that they assemble their receipts, list their purchases -- and pay a fine if they forget one." So, everyone, thank Intuit for making tax season that much more frustrating.
In the past we've had an ongoing discussion with some folks on this site concerning whether or not it's now a better time to be a musician than before the internet became central to everything music-related. We've argued that today there are more options and more opportunities for bands than ever, and that's only a good thing. It doesn't mean that every band will be a success or can make a living. That's never going to be true (and has never been true, either). Many will still fail, but there are more tools and opportunities that if you learn to embrace them, you can absolutely do much better than you ever could under the old system -- which required massive backing to become successful. It was the golden lottery ticket story of musical stardom.
Last week, we wrote a post about an interview with Tommy Boy Entertainment boss, Tom Silverman, claiming that just 14 unsigned artists "broke the obscurity line," -- which was defined as sales of 10,000 albums. Amusingly, three days after this post, I met Silverman on an airplane over the Atlantic... and only realized it was him when he started talking to the guy seated next to me about my post not realizing who I was (small freaking world). We had a brief, but quite enjoyable conversation, and while I see his point, I'm still not convinced his conclusion is correct on the issue of breaking artists (his view of business models, however, seems right on). Meanwhile, in the comments to our post, Peter Wells from TuneCore disputed Tom's numbers. Since then, both have expanded on the discussion.
Clearly the ease of making and distributing music does not benefit "breaking" music. Breaking music requires mass exposure which requires luck or money or both. I can say with great authority that less new music is breaking now in America than any other time in history. Technology has not helped more great music rise to the top, it has inhibited it. I know this is a bold statement but it is true.
Certainly bold words, though they did not address my original criticism with the point -- which is that number of albums sold is a poor measure of "obscurity" (or non-obscurity, as the case may be). As I said then: "You don't have to sell albums to become well known, and just because you're well known, it doesn't mean you sell albums. It's not the best proxy for figuring this stuff out." This week, at Midem, musician Hal Ritson of The Young Punx put it much more succinctly: "Sales are not how you measure success any more. You figure out how to get as many people as possible to hear your music, and then you figure out if you're profitable." Also, I still think it's wrong to only count totally independent artists in this list, because many artists signed to labels (both indie and majors) may use new technology to help breakout (with or without massive support from their labels).
Either way, even beyond that, it looks like Silverman's numbers may be suspect. Peter Wells Jeff Price (from Tunecore) followed up Peter Wells' comment on our site with a super detailed post about the problems with Silverman's numbers -- which rely on Nielsen SoundScan data, which Wells Price notes is massively incomplete. He quickly names multiple artists who sold hundreds of thousands of tracks, which aren't measured by SoundScan, and suggests the real issue isn't that new artists can't break, but that the measuring system doesn't take into account how they break these days.
I have to say that Wells' Price's post is quite convincing. It's incredibly well-detailed and provides multiple examples of clearly successful (and hardly obscure) artists that aren't counted by Silverman's method. I still think that the points raised by Silverman about new business models in his original interview were dead on (and even he made the point that sometimes it made sense to release albums totally for free and use other ways of getting money -- which under his own definition would have made them impossible to "break out."). But it seems like there's an awful lot of evidence that our original assertion is still true: there are plenty of artists that are, in fact, breaking out thanks to new technologies -- and many are able to do so without a label. Whether or not it's "harder" to break out today due to increased competition may be another issue, but I'm not yet convinced this is a real problem.
In the wake of the September 11 attacks, we had a post detailing why greater surveillance wouldn't have helped prevent the attacks. The data was all there, it just wasn't put together. And yet, in the time since then, the government has, in fact, continually focused on gathering more surveillance (warrantless wiretaps, anyone?), rather than on making better use of the data that is there. Back in 2002, in another post, we discussed how collecting more surveillance data in data retention schemes also made it harder to find the useful data and harder to connect the dots on the data that you had.
With the attempted terror attack on Christmas, it appears that this focus on doing more surveillance rather than better security was a major part in "failing to connect the dots" that allowed the plot to get as far as it did. The EFF points us to a report noting that the reason why Abdulmutallab was allowed on an airplane into the US in the first place -- despite widespread warnings, was that there was a backlog in processing all the data:
Abdulmutallab never made it onto a no-fly list because there are simply too many reports of suspicious individuals being submitted on a daily basis, which causes the system to be "clogged" -- overloaded -- with information having nothing to do with Terrorism. As a result, actually relevant information ends up obscured or ignored.
At what point do people realize that collecting more data doesn't make us more secure, and actually can do the opposite. As is pointed out at the Salon link above, the idea that you even can sacrifice liberty for security is wrong. The famous saying may say that you "deserve neither," but increasingly people are realizing that sacrificing liberty doesn't necessarily get you more security anyway.
Karl Bode, over at Broadband Reports, wrote up a great article a little while back about why Google Voice was more disruptive than anyone (especially the telcos) were willing to give it credit for being. The key underlying point: voice is just a form of data. Once you realize that, you realize that no one needs to be tied to any telco's own dialing system. Your mobile phone service provider really could just be a dumb pipe.
For years, I've always felt that the calls for "triple play" or "quadruple play" was incredibly misleading. All of the different "plays" (voice, video, data) were actually all just data. And when things are all just data, and its on an open network, then anyone can provide the services on top of that data. The telcos recognize this, somewhat -- which is why they've tried to block out others from offering certain telco services (it's why Google Voice was blocked on the iPhone), but it could be really game changing. Imagine if you could just buy a mobile phone that had no calling plan at all -- but it was all in the software? You could even use different dialers (with different numbers?) depending on what made the most sense or was cheapest.
The telcos hate thinking of themselves as dumb pipes, but there's something to be said for focusing on the pipes and making them as strong as possible, while letting everyone else innovate at the service level, and just selling good data plans. The more others innovate, the more valuable those data connections become.