There Are Lots Of Ways To Punish Big Tech Companies, But Only A Few Will Actually Help Improve The Internet

from the this-is-important dept

There are many reasonable complaints making the rounds these days about the big internet companies, and many questions about what should be done. Unfortunately, too much of the thinking around this can be summarized as "these companies are bad, we should punish them, any punishment therefore is good." This is dangerous thinking. I tend to agree with Benedict Evans who noted that there's a similarity between calls to break up big tech companies and Brexit in the UK:

I've pointed out a few times now that most calls to break up or regulate these companies fail to explain how these plansactually solve the problems people highlight. Companies are callous about our privacy? Will regulating them or breaking them up actually stop that? The GDPR has proven otherwise already. The companies algorithms recommend bad things? How will breaking them up stop that?

Too much of the thinking seems to just be focused on "company bad, must punish" and don't get much beyond that.

And that's a pretty big problem, because many of the ideas being passed around could ultimately end up harming the wider internet much more than they end up damaging the few big companies anyway. We've already seen that with the GDPR, which has served to further entrench the giants. The same will almost certainly be true when the EU Copyright Directive goes into effect, since the entire plan is designed to entrench the giants so that the big entertainment companies can negotiate new licensing deals with them.

In a new piece for the Economist, Cory Doctorow warns that many of these attempts to "harm" the big internet companies through regulation will actually do much more harm to the wider internet, while making the biggest companies stronger.

The past 12 months have seen a blizzard of new internet regulations that, ironically, have done more to enshrine Big Tech’s dominance than the decades of lax antitrust enforcement that preceded them. This will have grave consequences for privacy, free expression and safety.

He talks about the GDPR, FOSTA, the EU Copyright Directive and various "terrorist" and "online harms" regulatory proposals -- all of which end up making the big internet companies more powerful in the name of "regulating/punishing" them. It's worth reading Cory's take on all those laws, but he summarizes the key point here:

Creating state-like duties for the big tech platforms imposes short-term pain on their shareholders in exchange for long-term gain. Shaving a few hundred million dollars off a company's quarterly earnings to pay for compliance is a bargain in exchange for a world in which they need not fear a rival growing large enough to compete with them. Google can stop looking over its shoulder for the next company that will do to it what it did to Yahoo, and Facebook can stop watching for someone ready to cast it in the role of MySpace, in the next social media upheaval.

These duties can only be performed by the biggest companies, which all-but forecloses on the possibility of breaking up Big Tech. Once it has been knighted to serve as an arm of the state, Big Tech cannot be cut down to size if it is to perform those duties.

Cory is much more engaged in the idea of breaking up the big tech companies than I am (we recently debated the topic on the Techdirt podcast), but his point here is valid. So much of the "punish big tech" movement is at odds with other parts of the "punish big tech" movement. That's because there is no coherent strategy here -- it's just "punish big tech."

Cory's article suggests that any move towards antitrust should include mandating interoperability in an effort to build up competition:

One exciting possibility is to create an absolute legal defence for companies that make "interoperable" products that plug into the dominant companies' offerings, from third-party printer ink to unauthorised Facebook readers that slurp up all the messages waiting for you there and filter them to your specifications, not Mark Zuckerberg's. This interoperability defence would have to shield digital toolsmiths from all manner of claims: tortious interference, bypassing copyright locks, patent infringement and, of course, violating terms of service.

Interoperability is a competitive lever that is crying to be used, hard. After all, the problem with YouTube isn't that it makes a lot of interesting videos available—it is that it uses search and suggestion filters that lead viewers into hateful, extreme bubbles. The problem with Facebook isn't that they have made a place where all your friends can be found—it is that it tries to "maximise engagement" by poisoning your interactions with inflammatory or hoax material.

This actually reminds me of another similar piece, written last month by Josh Constine at TechCrunch, arguing that the FTC should force Facebook to mandate "friend portability" for Facebook:

I don’t expect the FTC to launch its own “Fedbook” social network. But what it can do is pave an escape route from Facebook so worthy alternatives become viable options. That’s why the FTC must require Facebook to offer truly interoperable data portability for the social graph.

In other words, the government should pass regulations forcing Facebook to let you export your friend list to other social networks in a privacy-safe way. This would allow you to connect with or follow those people elsewhere so you could leave Facebook without losing touch with your friends. The increased threat of people ditching Facebook for competitors would create a much stronger incentive to protect users and society.

Both Cory and Josh are making an important point: part of the reason why these platforms have become so big and so powerful is because there is real friction in leaving -- not because it's hard to just start using another platform, but because if all the other users are still on that other platform, it's meaningless if just you switch. Of course, history shows us that over time, many people will migrate over to new platforms. And you know this if you've been on the internet for the past two decades. Remember the 2000s when you used AIM to communicate with your friends while chatting with folks on MySpace? Over time, folks moved.

But making platforms more open -- forcing "interoperability" -- is certainly one way forward. I'd actually argue it does not go far enough. I've argued an even better solution is not just about forced interoperability, but moving to a world of protocols instead of platforms. In such a world, interoperability would be standard, but would also be just one piece of the puzzle for making the world more dynamic and competitive. If we relied on more open platforms, then third parties could build all sorts of new services, from better front ends, to better features and tools, and users could choose which implementation(s) they wanted to use, making switching from any particular service provider much easier -- especially if that provider did anything to hurt user trust. Interoperability would be one step in that direction, but only one step.

It's quite reasonable that people are concerned about big tech these days, but if we're going to have a reasonable solution that doesn't create wider negative consequences for the internet, we should be thinking much more carefully about the various proposals on the table. A simple "punish big tech because big tech is bad" may get people riled up, but the chances for negative consequences are too great to ignore.

Filed Under: antitrust, big tech, competition, copyright, gdpr, interoperability, punishment, regulations
Companies: facebook, google

Trump Whines About AT&T, Ignores His FCC Has Spent Two Years Kissing The Company's Ass

from the ill-communication dept

While there are countless news outlets that justifiably criticize the President, Trump has long been particularly fixated on CNN. So fixated, in fact, that it's believed this disdain for the network (in addition to Rupert Murdoch's competitive desires) played a starring role in his DOJ's bungled effort to try and block AT&T's $86 billion merger with CNN parent company Time Warner.

This week, Trump doubled down once again, proclaiming that the public should stop using AT&T services as punishment for CNN's criticism of the President:

The tirade resulted in a fairly feeble effort to get the #DumpATT hashtag trending on Twitter, and some consternation and furrowed brows among journalists who took the rambling Tweet a bit too seriously.

The irony here, at least if you're an adult who has actually paid attention to this administration's policies, is that AT&T has received a near-endless list of favors from Trump's administration, many of which it's not entirely clear that Trump is even aware of. In fact, AT&T has probably received more regulatory handouts from this administration than any other administration in American history. Which, if you tracked the favors doled out by Bush-era FCC boss Michael Powell (now the top lobbyist for the cable industry), that's saying something.

AT&T was a massive beneficiary of the Trump tax cuts, now saving $3 billion annually in perpetuity. According to AT&T, that money was supposed to go back into the company's network and employees, but instead resulted widespread layoffs. Trump's FCC also gave AT&T a massive regulatory handout when it helped kill broadband privacy protections, killed net neutrality rules with popular bipartisan support, and voluntarily eroded its own authority over ISPs like AT&T at lobbyist behest. Trump's FCC has also routinely turned a blind eye to AT&T scandals like its failure to police location data sales.

There's countless other favors AT&T has gleaned from the Trump administration as well, whether it's the FCC decision to weaken the very definition of broadband competition or the killing of plans to bring more competition to the cable box. The Trump administration fealty to AT&T is so severe, we're at the point that when reporters contact Trump's FCC for information, they've occasionally been directed to US Telecom, a lobbyist organization spearheaded by... AT&T.

People tend to look at the Trump DOJ's decision to sue to thwart the Time Warner merger (which again had more to do with helping Rupert Murdoch and hurting CNN than any disdain for AT&T) as a sign of Trump's "opposition" to AT&T, but you'd be pretty hard pressed to find a company that's done as well under Trump as CNN's new parent company. That quickly forgotten $600,000 AT&T's lobbyists paid now-imprisoned Trump lawyer Michael Cohen for broader access to the administration seems to have been money well spent.

The entire fracas once again highlights how Trump's Twitter tirades are only tangentially related to reality, and very rarely tethered to his administration's actual policies. In fact, based on his comments on net neutrality, it's not really clear the President of the United States has the foggiest understanding of what his own FCC is doing. If Trump really wanted to hurt AT&T and CNN, a good first step would probably be to stop kissing the Dallas-based telecom giant's massive, monopolized ass.

Filed Under: antitrust, doj, donald trump, fcc, oversight, regulations, subsidies, telcos
Companies: at&t

A Legal Fight Against The SEC May Represent Our Last Hope For An Open, Distributed Internet

from the pay-attention dept

Let's get this out of the way up top: yes, many cryptocurrencies and "Initial Coin Offerings" (ICO's) were complete scams, designed to dupe people out of billions of dollars. It's entirely reasonable to call those out, and to argue that there should be some significant regulatory oversight of such scams. However, it is also possible to believe that an overreaction to such scams could kill off a nascent attempt to rebuild a truly open and distributed internet. For years now, I've been talking about why we could better fulfill the dream of an open, distributed internet if we were to move to a world of protocols, not platforms, and in a more recent post, I've discussed some policy proposals to help the world move in that direction -- with the final one concerning the SEC, and getting it to stop looking at cryptocurrencies solely as a financial instrument nearly identical to a security. This is not to avoid all scrutiny of cryptocurrencies. But having a working cryptocurrency system in which the success of a protocol can be driven by its actual usage and development, rather than ads or "surveillance capitalism", would benefit massively from more freedom to experiment.

While it does not appear that, by itself, it will be that successful, a few years back the social network/messaging app Kik started an experiment in this space, raising $100 million with an ICO and designing it so that its "Kin" tokens could be used to reward developers who build services. The company has put some effort into encouraging developers to build within its ecosystem, and for others to use the Kin tokens as currency.

However, mostly behind the scenes, Kik and the SEC have been having a bit of a fight over whether or not the ICO was an unregistered securities sale. Back in January, the company revealed that it had been negotiating with the SEC over the whole thing.

The SEC isn’t accusing Kik of fraud, Mr. Livingston said. Rather, its enforcement division believes Kik failed to register the sale with the SEC and thus didn’t give investors the proper information. The agency’s enforcement action must be authorized by the SEC’s commissioners, and it’s unknown whether they have voted to authorize the litigation.

[....]

The SEC says most digital tokens are covered by a 73-year-old Supreme Court decision that defined which investments are considered securities. Many tokens meet the court’s test because they can be traded for profit, and their value is tied to the performance of the startup that sold them, regulators say.

In a 39-page rebuttal on Dec. 10 to the SEC, Kik argued the sale terms, in fact, don’t constitute an investment contract, and investors weren’t led to expect to profit on their purchase of kin.

“Bringing the proposed enforcement action against Kik and the foundation would amount to doubling down on a deeply flawed regulatory and enforcement approach,” the company’s lawyers wrote, according to copy of the rebuttal reviewed by the Journal.

Since that time, the two sides have continued to negotiate, with Kik basically now admitting it wants a judge to weigh in because it can't get the SEC to see things its way. It has announced that it has set aside $5 million to go to court with the SEC over this matter (and is asking for further donations).

Despite the fact that last month over 300,000 people earned and spent Kin as a currency, the SEC is still saying that it might be a security. After months of trying to find a reasonable solution, Kin has been unable to reach a settlement that wouldn’t severely impact the Kin project and everyone in the space. So Kin is going to take on the SEC in court to make sure there is a foundation for innovation going forward.

As the company notes, the current ambiguity is acting as a real "innovation tax" in the space. Many companies are refusing to experiment with these kinds of offerings, or even to work with existing tokens, out of fear of how an SEC might completely upend the space with a decision one way or the other. Indeed, in a recent talk by SEC Commissioner Hester Peirce (who is supportive of more experimentation with crypto), she very clearly worries about how ambiguities in the way the SEC has acted over the last couple of years will stifle innovation. The speech notes that the SEC has mostly avoided heavy handed regulation in the space, but that it has not done much to help actually clarify the rules.

The SEC staff recently issued a framework to assist issuers with conducting a Howey analysis of potential token offerings. The document is a thorough 14 pages. It points to features of an offering and actions by an issuer that could signal that the offering is likely a securities offering. If this framework helps issuers understand what the different Howey factors might look like in an ICO context, it may be valuable. I am concerned, however, that it could raise more questions and concerns than it answers.

While Howey has four factors to consider, the framework lists 38 separate considerations, many of which include several sub-points. A seasoned securities lawyer might be able to infer which of these considerations will likely be controlling and might therefore be able to provide the appropriate weight to each. Whether the framework gives anything new to the seasoned securities lawyer used to operating in the facts and circumstances world of Howey is an open question. I worry that non-lawyers and lawyers not steeped in securities law and its attendant lore will not know what to make of the guidance. Pages worth of factors, many of which seemingly apply to all decentralized networks, might contribute to the feeling that navigating the securities laws in this area is perilous business. Rather than sorting through the factors or hiring an expensive lawyer to do so, a wary company may reasonably decide to forgo certain opportunities or to pursue them in a more crypto-friendly jurisdiction overseas.

On the same day the Corporation Finance staff issued the Framework, the staff also issued the first token no-action letter in response to an inquiry from TurnKey Jet, a charter jet company. The company intended to effectively tokenize gift cards. Customer members could purchase tokens that would be redeemable, dollar for dollar, for charter jet services. The tokens could be sold only to other members. This transaction is so clearly not an offer of securities that I worry the staff’s issuance of a digital token no-action letter—the first and so far only such letter—may in fact have the effect of broadening the perceived reach of our securities laws. If these tokens were securities, it would be hard to distinguish them from any medium of stored value. Is a Starbucks card a security? If we are going that far, I can only imagine what name the barista will write on my coffee cup.

And yet, the staff’s letter did not stop at merely stating that the token offering would not qualify as a securities offering, but highlighted specific but non-dispositive factors. In other words, the letter effectively imposed conditions on a non-security. For example, the staff’s response prohibits the company from repurchasing the tokens unless it does so at a discount. Further, as I mentioned earlier, the incoming letter precluded a secondary market that includes non-members. Does that mean that a company that chooses to offer to repurchase gift cards at a premium or that allows gift card purchasers to sell or give them to third parties needs to call its securities lawyer to start the registration process?

As Peirce notes, there are still so many hugely open questions, and the potential liability for getting any of these wrong is clearly holding back many possible innovations that could be quite important to a more distributed, more open, internet. After listing out a bunch of unanswered questions, she notes:

On these points, the SEC has been nearly silent. This silence may ultimately be deadly. An issuer can conduct a private securities offering with no SEC involvement. The rules that distinguish a private from a public offering focus on the offerees and investors. The form that the security is in—whether shares of common stock or interests in orange groves—has no bearing on how the rules operate. The rules that govern broker-dealers, investment advisers, auditors, and trading platforms are different. They govern the ownership, storage, and exchange of securities—exactly the aspects of digital assets that the crypto industry seeks to transform. A broker or adviser cannot custody an asset if it does not know how to show it has possession and control of the asset. An auditor must be able to review and verify the actual transactions.

Additionally, while issuers that rely on the private offering exemption do not need SEC permission to issue securities, a platform cannot trade securities unless it is registered with the SEC as an exchange or an alternative trading system. A broker-dealer generally must register with the SEC and FINRA.

The SEC has yet to provide guidance to the public or FINRA on any of the core questions. The result is that many would-be brokers and trading platforms are stuck in a frustrating waiting mode; they are unable to get clear answers to questions about how they may proceed in this market.

This is why Kik/Kin going to court to force the SEC to make some decisions is so important here. Venture capitalist Fred Wilson put up a blog post explaining why:

Sadly, the SEC looks at crypto tokens and sees securities that they want to regulate as such. They cannot seem to understand that not all of these assets are securities, they cannot seem to understand that most are commodities, currencies, or utilities like frequent flyer miles. They cannot understand that crypto tokens are unlike any assets that have come before them and that crypto tokens need new regulatory structures. They cannot understand that their unwillingness to come up with new rules paired with their “regulate by enforcement” strategy is hurting the crypto sector, pushing it offshore, and is causing most of the new projects to raise capital outside of the US and/or put together legal structures that look like Frankenstein monsters.

None of this is an attempt to argue that there shouldn't be any oversight over cryptocurrencies. Clearly, and obviously, there have been many that are little more than ponzi schemes and get rich quick cons. The entire space will benefit from some clear rules that enable greater experimentation with things like helping to fund protocols via such tokenization -- but the SEC's overall approach to date has been one where it seems on the one hand to be afraid to do anything at all other than make scary noises and threats, and on the other to be hinting that any new cryptocurrency offering should have to go through an FDA-like approval process before it might hit the market. This is an untenable position.

I have my doubts as to whether the Kik/Kin approach to cryptocurrency will itself work. But its legal fight is an important one, if you'd like to see a better decentralized internet. Dealing with scams is one thing, but if every new platform startup needs to go through the regulatory rigmarole as if it were a company preparing to go public, that would be a massive chill on innovation and experimentation. There needs to be a better, more permissionless manner of exploring these ideas, so what happens with Kik's legal challenge here will ultimately be extremely important for the future of a world of protocols over platforms.

Filed Under: cryptocurrency, distributed internet, kin, protocols, regulations, sec
Companies: kik, kin

Facebook's 'Please Regulate Us' Tour Heads To France

from the we'll-see-how-that-goes dept

On Friday, Mark Zuckerberg went to France, just in time for the French government to release a vague and broad proposal to regulate social media networks. Similar to Zuckerberg's pleas to Congress to ramp up its regulation of the company (and because he knows that any pushback on regulations will likely be slammed by the world of Facebook-haters), Zuckerberg tried to embrace the plans.

"It's going to be hard for us, there are going to be things in there we disagree with, that's natural," Zuckerberg said. "But in order for people to trust the internet overall and over time, there needs to be the right regulation put in place."

He also said that he was "encouraged and optimistic about the regulatory framework that will be put in place."

What is that regulatory framework? Well, it's pretty vague. It also has PowerPoint artwork that looks like it was designed decades ago by someone who has no business being anywhere near PowerPoint:

To its credit, the plan does recognize that "freedom of expression" is a key value that needs to be protected, as well as freedom for innovation, but then also says those need to be balanced with a protection from harm. The key issue, as we've seen in other such plans is that it creates what people are referring to as a "duty of care" for social media -- requiring the company to "protect" users and allows regulators to somehow step in if they feel the company isn't succeeding (as if that won't be abused).

The plan also sets up a regulator who will be tasked with overseeing how social media platforms operate. There is also some hand-waving, suggesting that these rules will only apply to platforms of a certain size, which lets them argue that it won't impact or discourage startups, without recognizing how it might alter the overall market as companies seek to avoid whatever threshold rules put them into the "regulated" category. Also, much of the plan does focus on increasing transparency, which is a good thing, but how that gets worked out in practice is a really big question.

The issue in all of this is the same as we've discussed before: Facebook can deal with these rules. It's not clear if other companies can. In effect, the rules might lock in Facebook and this particular paradigm of centralized, siloed social media as what must exist going forward. And that's a problem. Also, trusting regulators to handle these issues in a reasonable way should raise some eyebrows. For people who hate Donald Trump, how would you feel if he were in charge of regulating what sort of "duty of care" Facebook had to take concerning allowing or disallowing certain speech? Or if you like Trump, then how would you feel if, say, Hillary Clinton or AOC were in charge of such things?

In short, who the regulator is can have a pretty massive impact here, and there seems to be little in these proposals to consider that. It's not surprising that Facebook seems resigned to "support" these kinds of proposals. The company is such a target right now that any pushback would probably lead to even worse rules. And, as mentioned, the company is well aware that it can probably weather any such rules, while any potential competitors will probably be hit much harder by them.

Filed Under: duty of care, france, free expression, free speech, innovation, intermediary liability, mark zuckerberg, regulations, responsibility, social media
Companies: facebook

Don't Regulate The Internet Like Every Company Is The Same

from the bad-regulations dept

This year seems to be the year in which governments all over the globe really, really want to regulate the internet. And they're doing a ridiculously dumb job of it. We've talked a lot about the EU, with the Copyright Directive and now the Terrorist Content Regulation. And then there's Australia with its anti-encryption law and its "abhorrent content" law. India has already passed a few bad laws regarding the internet and is discussing a few more. Then there's the UK, Germany, South Korea, Singapore, Thailand, Cameroon, etc. etc. etc. You get the idea.

Oh, and certainly, the US is considering some really bad ideas as well.

When you look at what "problem" all of these laws are trying to solve, it can basically be boiled down to "people do bad things on the internet, and we need to regulate the internet because of it." This is problematic to me for a variety of reasons, in part because it seems to be regulating the wrong party. We should, ideally, be going after the people doing the bad things, rather than the tools and services they are using to do the bad things (or to merely promote the bad things they're doing). However, there is an argument -- not one that I wholly buy into -- that one reasonable way to regulate is to focus less on which party is actually doing the bad thing, and more on which party is best positioned to minimize the harm of the bad thing. And it's that theory of regulation (applied stupidly) that is behind much of the regulatory theory on the internet these days.

Well, there's also a second theory behind many of the regulatory approaches, and it's "Google and Facebook are big and bad, so anything that punishes them is good regulation". This makes even less sense to me than the other approach, but it is certainly driving a lot of the thinking, at least in the EU (and possibly the US).

Combine those two driving theories for regulating the internet and you've got a pretty big mess. They seem to be taking a sledge hammer to huge parts of the internet, rather than looking for narrow, targeted approaches. And, on top of that, in focusing so much on Google and Facebook, so many of these laws are written solely with those two platforms in mind, and with no thought to how it impacts every other internet company, many of which operate on a very different basis.

Earlier this year, I wrote up my thoughts on what sort of regulatory approach would really "break up" big tech while preserving an open internet, but it's an approach that would require a very big shift in mindsets (one I'm still hoping will occur).

However, Ben Thompson has taken a much more practical approach to thinking through regulating the internet. He, like me, is skeptical of most of these attempts to regulate the internet, but recognizing that it's absolutely going to happen no matter how skeptical we are, he is proposing a framework for thinking about regulating the internet, in a way that would (hopefully) minimize the worst outcomes from the approaches being used today.

You should read the whole thing to understand the thinking, the background, and the approach, but the key aspects to Thompson's framework are to recognize that there are different kinds of internet companies -- and that's true not just up and down the stack, but across the different kinds of services. So his hope is that if the regulatory approaches were more narrowly targeted to a manner in which they fit better we'd have a lot less collateral damage in trying to shove a square regulatory approach through a round internet service.

Another key to his approach is a more modern update to the common "free as in speech v. free as in beer" concept that everyone in the open source world is familiar with. Ben talks about a third option that has been discussed for decades, which is "free as in puppy" -- meaning something that you get for free, but which then has an ongoing cost in terms of maintaining the free thing you got.

Most in the West agree, at least in theory, with the idea that the Internet should preserve “free as in speech”; China in particular represents a cautionary tale as to how technology can be leveraged in the opposite direction. The question that should be asked, though, is if preserving “free as in speech” should also mean preserving “free as in beer.”

Specifically, Facebook and YouTube offer “free as in speech” in conjunction with “free as in beer”: content can be created and proliferated without any responsibility, including cost. Might it be better if content that society deemed problematic were still “free as in speech”, but also “free as in puppy” — that is, with costs to the supplier that aligned with the costs to society?

With that premise, he suggests a way to better target any potential platform regulation:

In theory, this lets various countries who believe there are certain problems on the internet more narrowly target their regulations without harming other parts of the internet:

This distinct categorization is critical to developing regulation that actually addresses problems without adverse side effects. Australia, for example, has no need to be concerned about shared hosting sites, but rather Facebook and YouTube; similarly, Europe wants to rein in tech giants without — and I will give the E.U. the benefit of the doubt here — burdening small online businesses with massive amounts of red tape. And, from a theoretical perspective, the appropriate place for regulation is where there is market failure; constraining the application to that failure is what is so difficult.

Please don't comment on this without first reading Ben's entire piece, as it gets into a lot more detail. He very readily admits that this doesn't answer all the questions (and, indeed, likely creates a bunch of new ones).

I will admit that I'm not convinced by this model, but I do appreciate that it's given me a lot to think about. At the very least, in targeting just the ad-supported platforms for regulation solves two problems: (1) the mis-aligned incentives of ad-supported platforms to consider the wider societal impact of the platform, and (2) the sledge-hammer approach to regulating all internet platforms, no matter what type and where in the internet stack they reside, by more narrowly focusing it just at the application level and just at a particular type of service. And, frankly, this kind of approach could potentially move us towards that world of "protocols, not platforms" that I envision (a more regulated ad-supported platform world might push companies to explore non-advertising based business models).

I still have lots of concerns, however, for all of the complaints about what Google and Facebook have done with an ad supported model, we should be willing to admit that an ad supported model has created some incredibly powerful services that have really done amazing things for many, many people. Everyone focuses on the negatives -- which exist -- but we shouldn't ignore how much of the good stuff we've gotten because of an internet built on the back of advertising. Can it be improved? Absolutely. But targeting internet advertising as "the problem" still feels too broad to me (and, in fact, I think Ben would likely agree on that point). If there must be a regulatory approach, it should not be targeted just by the nature of the platform, but around the specific and articulated harm that it is trying to solve. At least that way, we can weigh the harms such a law might mitigate, against the good aspects it might hinder, and then be better able to judge whether or not the regulatory approach makes sense.

I'm still skeptical that most plans to regulate the internet will do a very good job of narrowly targeting actual harms (and to do so without throwing away lots of good stuff), but since we're going to be having lots of discussions around these regulations in the coming weeks, months, and years, we might as well start having the discussion of how we should view and analyze these proposed laws. And, on that front, Ben's contribution is a useful way of thinking about these things.

Filed Under: app, competition, free, free as in beer, free as in puppy, free as in speech, infrastructure, internet, lock in, regulations
Companies: facebook, google, youtube

Be Careful What You Wish For: Twitter Temporarily Bans 'Get Out The Vote' Ads To Comply With 'Fake News' Law

from the why-does-no-one-ever-think-these-things-through dept

If there's one consistent theme that we've talked about on Techdirt over the past few decades, it's that attempts to regulate the internet based on a specifically observed "harm" almost always leads to bad outcomes. That's because trying to regulate away a harm frequently fails to take into account context and the specifics of how such laws would be interpreted. For example, over the last few years, there's been plenty of concern about fake news and questionable "political advertising" that is really just, let's say, "propaganda" from parties wishing to mess up the democratic process, rather than actually encourage effective democracy. Because of this we've seen attempts to pass "fake news" laws and "online political ads" laws that clearly come from a place of good intentions (mostly), but the actual impact can be far reaching and lead to unintended consequences.

For example, just last week people suddenly realized that, with the EU Parliamentary elections coming up next month, and France's new anti-fake news political advertisements law, that Twitter would be blocking the French government's own "get out the vote" advertising campaign:

Since December, France requires online political campaigns to declare who paid for them, and how much was spent.

But now Twitter has rejected a government voter registration campaign.

The company could not find a solution to obey the letter of the new law, officials said – and opted to avoid the potential problem altogether.

Of course, rather than realize that maybe the law they wrote was too broad, French government officials immediately... blamed Twitter. Oh, and they did so on Twitter.

That's France's Minister of the Interior saying "Twitter's priority should be to fight content that glorifies terrorism. Not campaigns to register on the electoral lists of a democratic republic." But, of course, that ignores that it was France's own extreme position on the law that lead Twitter to conclude the best way to comply was to block all political advertising, rather than go through the arduous process of keeping track of which political ads are allowed, which are banned, and to provide an open database of information about all of those ads.

Other French officials also complained... also on Twitter. Minister of Culture Franck Reister -- most recently seen eagerly cheering on censorship filters -- also chose to attack Twitter for trying to comply with France's bad law:

That one roughly says:

We must put an end to the irresponsibility of the platforms: @ Twitter pretends not to understand a law allowing simply a better information of the citizens during an electoral period ... whereas @ facebook has decided to apply it, in anticipation, in all the countries !

Note the focus: blaming Twitter for deciding it was too burdensome to host political ads, rather than recognizing it was the French law that made it so. Also, pointing to Facebook as a "good example" of agreeing to go through the arduous process kind of misses the whole point: the bigger companies (Facebook is a hell of a lot bigger than Twitter) can more easily comply with these laws, while smaller platforms find it too expensive. But, no matter. France's Minister of Culture assumes that all companies should have to spend tons of money just so his government can advertise on them.

Then there's Cedric O, the country's digital minister, who apparently thinks that Twitter should be forced to host some kinds of political advertising, because "the vote is sacred."

Right. The vote is sacred. But it was your government that passed a law that made it quite expensive to host any such advertising. Stop blaming the platforms for reacting appropriately to your bad laws.

Either way, after getting so much pressure in France, the company did back down, saying it was "clarifying" its political advertising rules in France to allow "Get Out The Vote" ads. So perhaps this is a happy ending situation, but what's most annoying is how French officials seem to think their own bad lawmaking is never the problem -- and that internet platforms making rational decisions based on the costs of complying with overreaching laws somehow reflects poorly on the platforms, rather than on their legislative abilities.

Filed Under: france, get out the vote, political advertising, regulations
Companies: twitter

A Conversation With EU Parliament Member Marietje Schaake About Digital Platforms And Regulation, Part II

from the the-view-from-the-EU dept

Yesterday we published Part I of Danish journalist/author and Cato Institute Fellow Flemming Rose's very interesting conversation with Dutch MEP Marietje Schaake concerning questions around internet platforms and regulation. This is the second and final part of that conversation.

FR: I want to focus on the small players. People concerned about regulation say that if you only focus on the big players like Facebook, Google or Twitter and how to regulate them, you will make it very difficult for the small players to stay in the market because transaction costs and other costs connected to regulation will kill the small companies. Regulation becomes a way to lock in the existing regime and market shares because it takes so many resources and so much money to stay in the market and compete. And new companies will never be able to enter the market. What do say to that argument?

MS: It depends on how the regulations are made but it is a real risk. It is the risk of GDPR (general data protection regulation), and with filtering as suggested now. The size of a company is always a way to assess whether there is a problem, and I think we should do the same with these regulations so that there could be a progressive liability depending on how big the company is or there could be some kind of mechanism that would help small or medium size companies to deal with these requirements. Indeed, it is true that for companies that have billions of euros or dollars of revenue, it's easy to deploy lots of people. A representative of Google yesterday (at a conference in the European Parliament) said they have 10,000 people working on content moderation. Those are extraordinary figures, and they are proportionate because of the big the impact of these companies, but if you are a small company you may not be able to do it, and this is always an issue. It's not the first time we have been dealing with this. With every regulation the question is how hard it is for small and medium enterprises.

FR: The challenge or threat from misinformation is also playing a big role in the debate about regulation and liability. We will soon have an election in Denmark. Sweden recently had an election where there was a big focus on misinformation, but it turns out that misinformation doesn't work as well in Denmark as in the US or some other countries because the public is more resilient. Why not focus more on resilience and less on regulation so people have a choice? We are up against human nature, these things are triggered by tribalism and other human characteristics. To counter it you need education, media pluralism, and so on.

MS: I think you need to focus on both. First, what is choice if you have a few near monopolies dominating the market? Second, how much can we expect from citizens? If you look at the terms of service for a common digital provider that you and I use, they are quite lengthy. Is that a choice for a consumer? I think it's nonsense. That's one thing. Moreover, we are lucky because we are from countries where basic trust is relatively high, media pluralism exists, there are many political parties, and our governments will be committed to investing in education and media pluralism, knock on wood. How will this play out in a country like Italy where basic trust is lower and where there is less media pluralism, how are you ever going to overcome this with big tech, so I think there is a sufficient risk if you look at the entire European Union, Hungary and other countries, that governments will not commit resources to what is right and they will create the kind of resilience that our societies already have. In the Netherlands trust in the media is among the highest, and it's probably also because of a certain quality of life and certain kind of freedom that people have enjoyed for a long time. Even in our country you see a lot of anti-system political parties rise, so it's not a given that this balance will continue forever because it requires public resources to be spend on media and other factors. So I think both are very important and I don't want to suggest that we should not involve people but I don't know if we can expect of the average citizen to have the time and the ability to have access to information it would take to make them resilient enough on their own.

FR: Do you think a version of the German "Facebook law" with the delegation of law enforcement to the digital platforms will make it to the agenda of lawmakers in the European Parliament?

MS: No, I think there are too many flaws in it. It's bad. Some form of responsibility on behalf of companies to take down information will exist, but I hope the law will be the primary tool. The companies will take down content measured against the law with the proper safeguards and proportionality. If there are incentives like big fines to be overtly ambitious in taking down information, that's a risk. But on the other hand, the platforms as private companies already have all the freedom they want to take down any information with a reference to their terms of use. We are assuming that they are going to take the law as guidance, but nothing indicates they will. In fact, Facebook doesn't accept breastfeeding pictures, so they are already setting new social norms. A new generation may grow up thinking breastfeeding is obscene. The platforms are already regulating speech, and people who are scared about regulation should understand that it is Mark Zuckerberg who is regulating speech right now.

FR: Recently the EU praised the Code of Conduct to fight hate speech online that they signed with the tech companies in 2016. A lot of speech has been taken down according to the EU: 89 percent of flagged content within 24 hours in the past year, but my question is: Do we know how much speech has been taken down that should not have been taken down?

MS: No, we don't know.

FR: That will concern those who value free speech. You have the law and you have community standards and then you have a mob mentality, i.e. the people who are complaining most and screaming louder will have their way and they will set the standards. So if you organize people to complain about certain content, it will be taken down to make life easier for Facebook and Twitter and Google.

MS: Yes.

FR: So you agree that it's a concern?

MS: It's a huge concern. If you believe in freedom of expression which I know you do, and I think it's one of the most important rights and so many people have been fighting for it, why will we give it up? Just a little bit of erosion of freedom of expression is a huge danger and therefore to put responsibility on these companies to take down content without a check against the law is a risk, to allow these companies to set their own terms of use that can be at complete odds with the law and also with social norms (consider the restrictions on the breastfeeding, on Italian Renaissance statues as pornographic, or on the photo of a naked girl hit by napalm in Vietnam). Let me give you an example from my own experience. I gave a speech here in parliament, it was a very innocent and clearly political speech, but it was taken down by YouTube. They said it was marked as spam, which I don't believe. I have never posted anything that was labeled spam. What I think happened was that my speech was about banning goods and trade that can be used for torture and the death penalty. I think that the machine flagged torture because torture is bad, but a political debate about torture is not bad. I took a screenshot of the fact that YouTube took it down, posted it on twitter and said "wow!, see what happened", and they were on the phone within two hours, but that's not the experience most people (including the people I represent) will have. That's the danger. We also know examples of Russians having flagged Ukrainian websites and then they were taken down. And if that happens to a political candidate in the last 24 hours before an election it could be decisive, even if the companies say they'll restore it within 24 hours.

FR: I spoke to a representative from one of the tech companies who said that when they consult with German lawyers whether something is legal or not, they will get three different answers from three different lawyers. He said that his company would be willing to do certain things on behalf of the government, but it requires clear rules and today the rules aren't clear.

MS: Right, so now you see incentives coming from the companies as well. It's no longer working for them to take on all these responsibilities whether they are pushed to do so or just asked to do it. The fact that they have to do things is also a consequence of them saying "don't regulate us, we can fix this." I think it's a slippery slope. I don't want to see privatized law enforcement. What if Facebook is bought by Alibaba tomorrow? How happy would we be?

FR: I want to ask you about monopolies, competition and regulation. If you go back to 2007 MySpace was the biggest platform, then it was outcompeted by Facebook. As you say, there are concerns about the way Facebook manages our data and its business model with ads and sensational news driving traffic and getting more eyeballs. But why not let the market sort things out? If there is dissatisfaction with the way Facebook is running their business and our data, why not set up a competing company based on a different business model that will satisfy customers' need?

MS: States don't built companies in Europe.

FR: I was having private companies in mind. Netflix has a subscription model, wouldn't a digital platform like Facebook be able to do the same?

MS: I think it would be difficult now, because there is a lock-in effect. In Europe we are trying to provide people with the ability to take their data out again. If you use gmail for 12 years, your pictures, your correspondence with your family and loved ones, with your boss and colleagues, it could all be in there, and you want to take all those data with you. It's your correspondence, it's private, you may need it for your personal records. You may have filed your taxes and saved your returns and receipts in the cloud. If you are not able to move that data to another place, then competition exist only in theory. Also, if you look at Facebook, almost everybody is on Facebook now. For somebody else to start from scratch and reach everybody is very difficult. It's not impossible but it's difficult. And for those models to make money the question is how much are customers willing to pay as required by the subscription model?

Facebook and Google already have so much data about us. Even if I am not on Facebook, but all my friends are, then a sketch of my identity emerges because I am the empty spot between everybody else. If people start posting pictures of a birthday party with the 10 people who are on Facebook and the one person that is not, and then somebody says I can't wait to go on holiday with Marietje or whatever, then at some point it would be clear who I am, even if I am not on the platform, so they already know so much and they already has access to so much data about people's behaviour that effectively it will be very hard for any competitor to get close, and we have seen it in practice. Why hasn't there been more competition?

FR: Do you compare notes with US lawmakers on this? And do you see that your positions are getting closer to one another?

MS: Yes.

FR: Can you say a bit more about that?

MS: First of all the talk has changed. The Europeans were dismissed as being jealous of US companies and therefore proposing regulations, i.e. we were proposing regulations in order to destroy US competitors. I don't think that's true, but this stereotypical view has been widespread. Also, we were being accused of being too emotional about this, so we were dismissed as being irrational which is quite insulting, but not unusual when Americans look at Europeans. I think we are in a different place now with a privacy law in California, with New York Times editorials about the need for tougher competition regulations, with senators proposing more drastic measures, with organizations like the Center for Humane Technology focusing om time well spent, and with Apple hiring people to focus on privacy issues. Recall also conversations about inequality in San Francisco. We have a flow of topics and conversations that suggest that the excessive outcomes of this platform economy need boundaries. I think this has become more and more accepted. The election of Donald Trump was probably the tipping point. We learned later how Facebook and others had been manipulated.

FR: You said that the problem with these companies is that they have become so powerful and therefore we need to regulate them. Is the line between public and private as blurred in Europe compared to the US? You focus on power no matter whether it's the government or a private company when it comes to protection of free speech, while in the US the First Amendment exclusively deals with the government. Do you see that as a fundamental distinction between Europe and the US?

MS: There are more articulated limitations on speech in Europe: for example, Holocaust denial, hate speech and other forms of expression may be prohibited by law. I think there is another context here that matters. Americans in general trust private companies more than they trust the government, and in Europe roughly speaking it's the other way round, so intuitively most people in Europe would prefer safeguards coming from law than trusting the market to regulate itself. That might be more important than the line between private and public and the First Amendment compared to European free speech doctrine.

Filed Under: eu, eu parliament, flemming rose, free speech, intermediary liability, internet platforms, marietje schaake, regulations

Deep Fakes: Let's Not Go Off The Deep End

from the some-perspective dept

In just a few short months, "deep fakes" are striking fear in technology experts and lawmakers. Already there are legislative proposals, a law review article, national security commentaries, and dozens of opinion pieces claiming that this new deep fake technology — which uses artificial intelligence to produce realistic-looking simulated videos — will spell the end of truth in media as we know it.

But will that future come to pass?

Much of the fear of deep fakes stems from the assumption that this is a fundamentally new, game-changing technology that society has not faced before. But deep fakes are really nothing new; history is littered with deceptive practices — from Hannibal's fake war camp to Will Rogers' too-real impersonation of President Truman to Stalin's disappearing of enemies from photographs. And society's reaction to another recent technological tool of media deception — digital photo editing and Photoshop — teaches important lessons that provide insight into deep fakes’ likely impact on society.

In 1990, Adobe released the groundbreaking Adobe Photoshop to compete in the quickly-evolving digital photograph editing market. This technology, and myriad competitors that failed to reach the eventual popularity of Photoshop, allowed the user to digitally alter real photographs uploaded into the program. While competing services needed some expertise to use, Adobe designed Photoshop to be user-friendly and accessible to anyone with a Macintosh computer.

With the new capabilities came new concerns. That same year, Newsweek published an article called, “When Photographs Lie.” As Newsweek predicted, the consequences of this rise in photographic manipulation techniques could be disastrous: “Take China's leaders, who last year tried to bar photographers from exposing [the leaders’] lies about the Beijing massacre. In the future, the Chinese or others with something to hide wouldn't even worry about photographers.”

These concerns were not entirely without merit. Fred Ritchin, formerly the picture editor of The New York Times Magazine who is now the Dean Emeritus of the International Center of Photography School, has continued to argue that trust in photography has eroded over the past few decades thanks to photo-editing technology:

There used to be a time when one could show people a photograph and the image would have the weight of evidence—the “camera never lies.” Certainly photography always lied, but as a quotation from appearances it was something viewers counted on to reveal certain truths. The photographer’s role was pivotal, but constricted: for decades the mechanics of the photographic process were generally considered a guarantee of credibility more reliable than the photographer’s own authorship. But this is no longer the case.

It is true that the “camera never lies” saying can no longer be sustained — the camera can and often does lie when the final product has been manipulated. Yet the crisis of truth that Ritchin and Newsweek predicted has not come to pass.

Why? Because society caught on and adapted to the technology.

Think back to June 1994, when Time magazine ran O.J. Simpson’s mugshot on the cover of its monthly issue. Time had drastically darkened the mugshot, making Simpson appear much darker than he actually was. What’s worse, Newsweek ran the unedited version of the mugshot, and the two magazines sat side-by-side on supermarket shelves. While Time defended this as an artistic choice with no intended racial implications, the obviously edited photograph triggered massive public outcry.

Bad fakes were only part of the growing public awareness of photographic manipulation. For years, fashion magazines have employed deceptive techniques to alter the appearance of cover models. Magazines with more attractive models on the cover generally sell more copies than those featuring less attractive ones, so editors retouch photos to make them more appealing to the public. Unfortunately, this practice created an unrealistic image of beauty in society and, once this was discovered, health organizations began publically warning about the dangers this phenomenon caused — most notably eating disorders. And due to the ensuing public outcry, families across the country became aware of photo-editing technology and what it was capable of.

Does societal adaptation mean that no one falls for photo manipulation anymore? Of course not. But instead of prompting the death of truth in photography, awareness of the new technology has encouraged people to use other indicators — such as trustworthiness of the source — to make informed decisions about whether an image presented is authentic. And as a result, news outlets and other publishers of photographs have gone on to establish policies and make decisions regarding the images they use with an eye toward fostering their audience’s trust. For example, in 2003, the Los Angeles Times quickly fired a reporter who had digitally altered Iraq War photographs because the editors realized that publishing a manipulated image would diminish their reader’s perception of the paper’s veracity.

No major regulation or legislation was needed to prevent the apocalyptic vision of Photoshop’s future; society adapted on its own.

Now, however, the same “death of truth” claims — mainly in the context of fake news and disinformation — ring out in response to deep fakes as new artificial-intelligence and machine-learning technology enter the market. What if someone released a deep fake of a politician appearing to take a bribe right before an election? Or of the president of the United States announcing an imminent missile strike? As Andrew Grotto, International Security Fellow at the Center for International Security and Cooperation at Stanford University, predicts, “This technology … will be irresistible for nation states to use in disinformation campaigns to manipulate public opinion, deceive populations and undermine confidence in our institutions.” Perhaps even more problematic, if society has no means to distinguish a fake video from a real one, any person could have plausible deniability for anything they do or say on film: It’s all fake news.

But who is to say that societal response to deep fakes will not evolve similarly to the response to digitally edited photographs?

Right now, deep fake technology is far from flawless. While some fakes may appear incredibly realistic, others have glaring imperfections that can alert the viewer to their forged nature. As with Photoshop and digital photograph editing before it, poorly made fakes generated through cellphone applications can educate viewers about the existence of this technology. When the public becomes aware, the harms posed by deep fakes will fail to materialize to the extent predicted.

Indeed, new controversies surrounding the use of this technology are likewise increasing public awareness about what the technology can do. For example, the term “deep fake” actually comes from a Reddit user who began using this technology to generate realistic-looking fake pornographic videos of celebrities. This type of content rightfully sparked outrage as an invasion of the depicted person’s privacy rights. As public outcry began to ramp up, the platform publically banned the deep fake community and any involuntary pornography from its website. As with the public outcry that stemmed from the use of Photoshop to create an unrealistic body image, the use of deep fake technology to create inappropriate and outright appalling content will, in turn, make the public more aware of the technology, potentially stemming harms.

Perhaps most importantly, many policymakers and private companies have already begun taking steps to educate the public about the existence and capabilities of deep fakes. Notable lawmakers such as Sens. Mark Warner of Virginia, and Ben Sasse of Nebraska, have recently made deep fakes a major talking point. Buzzfeed released a public service announcement from “President Obama,” which was in fact a deep fake video with a voice-over from Jordan Peele, to raise awareness of the technology. And Facebook recently announced that it is investing significant resources into deep fake identification and detection. With so much focus on educating the public about the existence and uses of this technology, it will be more difficult for bad actors to successfully spread harmful deep fake videos.

That is not to say deep fakes do not pose any new harms or threats. Unlike Photoshop, anyone with a smartphone can use deep fake technology, meaning that a larger number of deep fakes may be produced and shared. And unlike during the 1990s, significantly more people use the internet to share news and information today, facilitating the dissemination of content across the globe at breakneck speeds.

However, we should not assume that society will fall into an abyss of deception and disinformation if we do not take steps to regulate the technology. There are many significant benefits that the technology can provide, such as aging photos of children missing for decades or creating lifelike versions of historical figures for children in class. Instead of rushing to draft legislation, lawmakers should look to the past and realize that deep fakes are not some unprecedented problem. Instead, deep fakes simply represent the newest technique in a long line of deceptive audiovisual practices that have been used throughout history. So long as we understand this fact, we can be confident that society will come up with ways of mitigating new harms or threats from deep fakes on its own.

Jeffrey Westling is a Technology and Innovation policy associate at the R Street Institute, a free-market think tank based in Washington, D.C.

Filed Under: deep fakes, fake videos, overhype, photoshopping, propaganda, regulations

How The GDPR Nearly Ruined Christmas

from the this-is-getting-silly dept

While the thinking behind the GDPR may seem sensible, time and time again we hear stories about how, in practice, it's a complete disaster. Some of that may be because of people misinterpreting the law. Some of it may be because the law is being abused. And some of it may be because the law is too vague. But some of it is just because the law tries to do way too much. So, today, we have a little story of how the GDPR nearly ruined Christmas for a small town in Germany.

The town of Roth has a long-standing tradition where children would write down their Christmas wishes, which would then be placed on a tree in the market. The city council would read the wishes and try to get the children what they wanted. Nice, wholesome, holiday good deeds and all. But... it became tricky under various privacy regulations, starting with Germany's own data privacy law and, later, the GDPR, because in order to get your wishes fulfilled, children had to provide their names and identifying information... and that's a big no-no under the law:

That legislation states that parents of minors have to provide consent to the use of their kids' data. Organizations that fail to comply face big financial penalties.

Providing proof of this was deemed too onerous by the council and the city decided against festive wish lists for 2018.

"The yearly trips to the fire brigade unit and the mayor were especially popular with children" Melanie Hanker, who works on events and public relations in the town's administration, told Die Welt last week. "Without the wishing lists, both these events will not take place this year," she added. Hanker refused CNN's request for an interview.

After initially cancelling this traditional wish-making and wish-granting, thankfully, a local radio station worked out a solution:

It created a wish list, which included a parental consent disclaimer, which can be printed from their website and put in the wishing box at the Christmas market, which opens on Thursday.

"This way, the wishes can be submitted and collected from Father Christmas also this year," the city said in a statement on Tuesday.

So... at least Christmas wasn't totally ruined, but now the simple process of making a wish involves a silly unnecessary extra tradition: having parents sign legal consent disclaimers to allow their children to make wishes that they hope the city council will fulfill. It's a Christmas miracle bureaucracy!

Filed Under: bureaucracy, christmas, data protection, eu, gdpr, germany, parental consent, privacy, regulations, roth, wishes