Information Technology and the Law

I know the research suggests a correlation between pornography and harm to children (e.g., STDs, teenage pregnancy, sex crimes, and sexual addiction). But these assertions are not hard fact. As a minor, I was exposed to pornographic internet pop-ups (my high school had not installed any filters on the computers). Yet I am not a sex addict. I have never committed a sex crime, and have no STDs or children. Where does this paranoia and fear come from in this country? Not all rapists keep pornographic magazines underneath their mattresses, and not all children who go into the XXX section of their local video store view women as mere sex objects.

I can understand a parent’s desire to protect their children from material they believe to be morally abject. But why should the government play any role in this? Yes, the state does have the right and responsibility to protect its citizens. But the state has no place in the home. This means protecting the rights not only of the people who like pornography and gain something valuable from it, but the rights of parents to raise their children. Parents want the government to let them spank their children and allow them to educate their kids how ever they want, but when it comes to performing the responsibilities of passing on the values and morals that they themselves hold down to their offspring, they’d prefer to have the government suppress information that is contrary to their own sensibilities rather than to teach these values to their children themselves.

Because the values of various people in our culture differ, parents should decide what their kids are exposed to—not the government. Mom and Dad should 1) apply the appropriate website filters, and 2) tell their kids not to go to these sites, and explain why. Are children so subject to their primal curiosity/imminent sexual desires that they won’t listen to mom and dad? And if so, why not and whose fault is that? Attributing moral problems in the culture to the media, is irresponsible. Eminem and Marilyn Manson don’t cause school shootings. 50 Cent and Tupac aren’t responsible for gang violence. Parents don’t want their kids’ sex education video encouraging condoms for gay sex for fear that their kid may “become” gay. Aside from the ridiculousness of this assertion, if the parents sat down and discussed homosexuality with their kids instead of trying to pretend that it does not exist, or pretend that their kids are not sexual beings (at least near adolescents), then they would not need to depend on the government to solve their parenting problems.

When parents grew up, Lucy and Ricky slept in separate beds. Now moms have their Desperate Housewives and Sex and the City. This, and the nature of the way information is passed through society today results in kids being exposed to sex at earlier ages. They gain access to smut in a culture where it is widely available to adults. I am shocked at what comes on network television. Eva Longoria prances around in a bra and panties, pops a birth control pill, and sleeps with the gardener; On Law and Order SVU, sex crimes are detailed thoroughly. On the Simpsons, you have an animated dysfunctional family with unruly children, frequent sexual references, and characters with questionable morality; but the episode where the town of Springfield passes a law condoning gay marriage drives FOX to place a “parental advisory” screen up, informing parents that this episode deals with sensitive subject matter. But how is the death of Snowball the cat not sensitive subject matter? Or when Maude Flanders falls to her demise from the bleachers? Or when Homer almost has an affair with a coworker? And many parents have no problem letting their children watch this cartoon, and many don’t bother to watch the show alongside them. These are some of America’s favorites. Parents can’t have their cake and eat it, too.

The first two prongs of the Miller v. California Test state that something is obscene if:

(a)the average person, applying contemporary community standards would find that the work, taken as a whole, appeals to the prurient interest;
(b) the work depicts or describes, in a patently offensive way, sexual conduct specifically defined by the applicable state law

Part (a) is unfair, over broad, and unnecessary to achieve the state’s interest in defining obscenity and thus dealing with those who spread it because:

•It is vague. What exactly are contemporary community standards? Communities of people cannot agree as to whether Sponge Bob Squarepants is moral. They can’t agree on whether or not tolerance for gay marriages causes homosexuality or not.
•The means by which community standards are agreed upon do not provide adequate representation of community opinions. In 2000, there were 5,589,293 people living in the state of Tennessee. Yet 12 people determine these community standards by which the other 5,589, 281 are judged. If 1,000 people in the state of Tennessee love pornography, then this .018% of the population should be represented; but this wouldn’t even amount to a full juror. It is unlikely that in an obscenity trial the state would allow a prolific pornographer to be selected to the jury. I also find it hard to believe that jurors can put aside their personal biases, especially when in comes to such a subjective judgment. In a criminal trial, jurors are asked to look at the facts and the law. It is difficult to put aside one’s detest for a defendant, but it is easier to near that impartiality when one’s own sensibilities are irrelevant. But when it comes to obscenity, it is these very sensibilities they are otherwise advised to suppress that are encouraged and provide for the foundation of binding law.
•This prong is unnecessary in that state law should accomplish the goal of defining community standards. This way, everyone has a vote, and the majority opinion is reflected in the leglislation. The state law should be the standard that defendants are held to in the courtroom, and the jurors’ purpose should be limited to looking at the law and performing the basic function of determining whether or not it had been violated in that particular case. Jurors should not set precedents.

Now the remainder of my ideas are mere social commentary, and because it greatly exceeds the word limit, I’ll just affix it to a separate post.

ICANN is “a failed experiment in internet policy development” and an “unstable and suspicious environment”
-ICANN Board Members in 2002

ICANN sets the transaction charges on all domains sold or renewed. They charge $2 for some. 25 cents for others. They ask for multimilliondollar budgets; and the world obliges. Only the Department of Commerce currently has the power to hold ICANN accountable. A US Government agency is controlling a private corporation that governs a public good! So why doesn’t the rest of the world step in? Why does everyone else just sit back and watch as this private organization, set up by and running on instructions from the US Government controls the world’s internet? It seems to me that even though ICANN’s board is made up of an international committee, every country is not represented (via countrymen or electees), and every country therefore does not have much of a say in the decisions that affect them. Also, ICANN is not performing counterterrorism intelligence or anything else that would require the level of secrecy in which they act. This absence of information and representation are undemocratic, and yield unto ICANN power that is unwarranted, given their basic role.

I am interested to know how and why ICANN retains its power amongst such staunch opposition. I read that the International Telecommunication Union is interested in assuming some of ICANN’s responsibilities. If this is the case, what is the hold up? Perhaps it is the fact that the US holds claim to managing the database on the root system. But what legitimizes this? And even in assumption that this claim is valid, it normatively suspect, given that they are essential to the very functioning of the internet.

Despite strong objections to the way ICANN operates, the international community continues to fund it. They continue to play by ICANN’s rules rather than addressing an alternative. Assuming this stronghold that ICANN has on so many is unbreakable, there should be some way to hold them accountable under international law. If not, then under international consensus that something needs to change, and somehow finding the gusto to make it happen.

Someone sent this to me and did not include the source:

Recording Industry Vows Lawsuits Against Students
Collegians Accused of Illegally Distributing Music, Movies on Super-Fast Internet2

By TED BRIDIS, AP

WASHINGTON (April 12) - The super-fast ”Internet2” network that connects universities researching the next-generation Internet is also apparently popular among college students who download pirated music and movies.

Entertainment groups said Tuesday they intend to sue hundreds of students accused of illegally distributing copyrighted songs and films across college campuses using the private research network, which boasts speeds hundreds of times faster than the Internet.

How much faster? Internet2 researchers once demonstrated they can download a DVD-quality copy of the popular movie ”The Matrix” in 30 seconds over their network, a feat they said would take roughly 25 hours over the Internet.

The Recording Industry Association of America, the trade group for the largest labels, said it will file federal lawsuits Wednesday against 405 students at 18 colleges with access to the Internet2 network. The Motion Picture Association of America said it will file an unspecified number of lawsuits against Internet2 users.

The recording industry said it found evidence of more illegal activity at 140 more schools in 41 states and sent warning letters to university presidents.

Internet2 is used by several million university students, researchers and professionals around the world but is generally inaccessible to the public.

”We don’t condone or support illegal file-sharing,” said Internet2’s chief executive, Doug Van Houweling. ”We’ve always understood that just like there is a lot of file-sharing going on on the public Internet, there’s also some file-sharing going on on Internet2.”

The recording industry said some students were illegally sharing across Internet2 as many as 13,600 music files - far more than most Internet users - and that the average number of songs offered illegally by the students was 2,300 each.

”We cannot let this high-speed network become a zone of lawlessness where the normal rules don’t apply,” said Cary Sherman, president of the recording association.

Targets of the Lawsuit:

Students to be named in the lawsuits attend the following institutions:

Boston University
University of California – Berkeley
University of California – San Diego
Carnegie Mellon University
Columbia University
Drexel University
Georgia Institute of Technology
Harvard University
Massachusetts Institute of Technology
University of Massachusetts – Amherst
Michigan State University
New York University
Ohio State University
University of Pittsburgh
Princeton University
Rensselaer Polytechnic Institute
Rochester Institute of Technology
University of Southern California

Source: Recording Industry Association of America

Van Houweling cautioned universities against filtering data to block illegal activity in ways that would slow the network’s performance.

He said Internet2 does not attempt to screen illegal files from the vast amounts of data flowing over the network because of technical limitations and privacy concerns. He said Internet2 also enjoys liability protection in the courts as long as the organization can’t be shown to be responsible for material flowing over the network.

”It’s possible to attack this problem in ways that do compromise the performance,” Van Houweling said.

The lawsuits illustrate the aggressiveness of the entertainment industry in trying to stifle piracy even on up-and-coming technologies, as it continues to individually sue thousands of computer users accused of sharing copyrighted songs and films over the public Internet.

The recording industry said the lawsuits also pierce the perception by Internet2 researchers that they operate in a closed environment that entertainment groups can’t monitor.

”We are putting students and administrators everywhere on notice that there are consequences for unlawful uses of this special network,” Sherman said.

The RIAA declined to explain how it could detect piracy over Internet2 except to say it acted lawfully. Internet2’s corporate members include Warner Brothers Entertainment Inc., a subsidiary of Time Warner Inc., a leading music label.

Even Internet2 officials said they were unaware how the entertainment companies traced the purportedly illegal activity on their network.

”They haven’t shared with us,” Van Houweling said. ”We have provided no special access to any of those organizations that would enable them in some nonstandard way to gain access to this information.”

AP-NY-04-12-05 21:44 EDT

Our readings of the Computer Fraud and Abuse Act have led us to ponder the questions of access. How responsible can one be for making “unauthorized access” to a computer if it is not clear to him that this access is indeed unauthorized? Professor Felten proposed a hypothetical case in class where the question was whether accessing another’s non-password protected H-Drive without their explicit consent was an unauthorized access. The unlocked house door analogy has been used plenty of times, and criticized by some. Nonetheless, I would like to apply it here. I think it works, so long as we factor into the equation common sense.

A man owns a house. He wants to sell it, but it’s a weekday and he doesn’t want to entertain any potential buyers. I think it’s fair to say that whether or not he installs a lock on his door, going into his house to check It out constitutes a trespass. And the reason we can all agree on this is because it is common knowledge that homes are typically private property. There is no sign on the door saying “don’t come in here!” It is unnecessary. Now, let’s say it is the weekend and the homeowner wants to conduct an open house. He calls his realtor. He would not expect strangers to visit his open house until the realtor advertised in the paper or placed a sign out front reading “Open House!” Only then should a) the homeowner get the visits he wants, and b) the public understand that their presence in his house is authorized. I would argue that the same is true for H-drives. It is common knowledge to the user that those H-drives belong to individuals other than him. The drive need not be named “private, do not enter” for it to be clear that the drive is private. The owner need not ban everyone from accessing the folders if he doesn’t want to; he might prefer to not have to tediously enter a password to see his own stuff, or perhaps he is simply incompetent. But none of this should matter. The information is his own. The very nature of it being n H-drive with someone else’s name on it implies that it is private, just as homes are generally assumed to be private, even in the absence of any signs and security systems. It is not until we are invited into someone’s home, whether by the person himself or by an “Open House!” sign, that entering that home becomes an authorized access. And this goes for most everything: land, cars, homes, wallets found on the sidewalk containing IDs, sofas on Bubba’s front lawn—everything.

Now arises the question of the World Wide Web. Should the same standard of “unauthorized unless otherwise indicated” apply to websites? And because the issue of website ownership has not be entirely resolved, is it really fair to apply the unlocked home analogy to the web? I believe that this issue is different from the H-drive problem for the following reasons: first, by putting information on the web to be accessible from a web page, this information is being introduced into a place where most other information is public and authorized for access. Second, because of this fact that most websites actually welcome traffic, this can create ambiguity for users as to what they can and can not access given that on the web, the standard is the opposite to that of H-drives—“public, unless otherwise indicated.” It is because of this that we place the burden on the website owner to protect their pages. Although web access scenarios do deviate from those of H-drive access, the home analogy can still be applied. This time, we have a block party with each home having a particular exhibit, or a neighborhood expo where all the homes are on sale and are holding open houses (as in the latest new stucco suburban community). Here, the presiding notion is that all homes on the block are open and available to the public. In this case, the disgruntled party pooping neighbor who hates kids and chooses not to participate in the neighborhood festivities (or only wants to allow cats in) should indicate that she is not allowing entrance into her home by placing a “no trespassing” sign on her lawn or locking her doors (or in the case of only cats being allowed, she could retrofit her house with a small door only cats could fit through, though small dogs and rodents could prove to be a problem). The same goes for the website owner who wishes to defect from the festival of all-access on the web by setting up shop in an arena otherwise considered to be open to the public.

I do not believe that this problem is so difficult to diagnose. Perhaps my trivial view of the situation stems from an insufficient understanding of how the internet works. But I do believe that there is a common sense difference between an internal network drive that clearly doesn’t belong to me, and pages on the World Wide Web where the overwhelming majority of sites I visit do not require a password or present any other mechanism to prevent me from accessing the information posted. In the case of the network, because my common sense (and presumably social/community norms) tells me that folders with other people’s names on them don’t belong to me, there is no confusion as to whether or not I am authorized to access them. I can’t access them because they don’t belong to me. If the owner of the folders wants me to use them, they’ll let me know. So by default, I should stay away. However with the web, the default characteristic is that the sites are public. Those posting on the web know this, and therefore if they would like to deviate from the standard, they must make that deviation known to a public that approaches assuming all access.

In class, when discussing ebay v. Bidder’s Edge, an interesting question was posed: how much should property/chattel owners be expected to do to prevent trespass?

First, if we are to consider eBay’s servers to be chattels, we should hold them to the same standard as we would someone pursuing this claim in a more traditional sense (although, the claim is hardly traditional given its scarcity).

Let’s assume a world where no grand theft auto laws exist.

If I park my car in the parking lot of a public park, should I be required to lock my doors? Do I have top get LoJack? What if my car didn’t come with GPS, or if I can’t afford an alarm system? Does this mean that it is my fault if someone steals my car? Are we prepared to consider contributory negligence in such a case? Of course not! Leaving my car door unlocked does not make a car thief out of someone. An unlocked door is not an invitation to car theft, just as a lack of a password prompt is not an invitation to trespass.

If we will allow websites to use this chattels claim, why should we then require deterrence? If it is against the law to trespass, then it is against the law to trespass. I understand that at times it might not be clear that the property is private. In the case of a house, property lines are real and are available at the City Hall, so breaking into them to steal stuff…well, there’s just no excuse. In the case of my car, there is no indication that the vehicle is abandoned, or free for the taking. In the case of eBay, they had business dealings with Bidder’s Edge in the past, and it was well known that those servers belonged to eBay. What more of a burden should lie on the owners? Just as I am not required to lock my car doors, or get a fancy security system, eBay should not have to implement technological means to block deviant users. ebay should need only say, “this is my stuff, and I don’t want you using it” (and of course, make sure that this information is reasonably known to the other party, a la a no trespassing sign, or a simple unavoidable notice on the home page).

Abandoning one’s property in the middle of the street is one thing, but claiming it, maintaining it, and requesting that others refrain from using it is another thing al together. These torts are affirmative. When given due notice that the property is private, trespassing is not the byproduct of an innocent existence, but rather an assertive action aimed at violating another’s rights to their own stuff. No form of contributory negligence should play any role in these types of cases, as it is not negligent to tell people to follow the law, and not negligent to expect them to do so and leave my stuff alone. Regardless of whatever means have been put in place, from electrical fences to passwords to locks on doors, one simple fact remains the same: if you take something that doesn’t belong to you, it is you that are responsible, not me.

Judge Newman states in Universal v. Corley that “without reference to the content of the regulated speech, this type of regulation [DCMA] is therefore content neutral” (19). This presumes that “because the DCMA is targeting the ‘functional’ aspects of that speech, it is ‘content neutral’” (7), and therefore places a less demanding responsibility on the government (given a demonstrated compelling interest) to ensure that the law isn’t too burdensome on the speech being curtailed. But what if the restriction is not content neutral? Assuming you can separate the functional from the expressive here, it may be worth noting that the text itself may not be where the expressive elements end. Would it be possible for the expressive elements to extend into the execution of the code (or do we run into technicalities with the computer being the intermediary)? And if the expressive elements do extend to the final product of the code’s execution, say, a java script that when run displays on the screen a lovely colorful arty applet, would this be considered expressive? I think so. And if what I think makes sense, I would argue that any legislation against the final product of the DeCSS code (namely decryption) would qualify as ‘content based,’ as the colorful arty applet, just as expressive the DeCSS execution, is exempt. To argue that DeCSS is not expressive and the applet is obviously so, is to venture down that gray road of interpretation, and using Newman’s own words, “the ease with which a work is comprehended is irrelevant to the constitutional query” (11). I personally loathe bland functional architecture (a la the Engineering Quadrangle), but my personal interpretation of the artistic merit of such a structure does not mean that the architect did not use every crevice of his right brain to conjure it up.

I do realize that Corley simply published the text of the code rather than the execution of it. Looking at its execution as speech and not everything in between (namely the code itself) may be a step or two removed from the actual printing of the text. But I suppose it really doesn’t matter in either case because content-based restrictions in themselves are not prohibited by the constitution, and are permissible “if they serve compelling state interests and do so by the least restrictive means available” (15). Civil liberties are often compromised for various specific government interests. Free speech is not an absolute right. If certain speech, even if of specific content, causes harm and conflicts with a legitimate and compelling government interest (for example, speech that incites violence or breeches the peace), it is well within their right to restrict such speech in order to fulfill its constitutional obligation to protect the people. If protecting copyright is to be considered a compelling state interest, even in the face of the DeCSS code being 100% pure speech, if it causes harm to another party, restrictions are applicable. Unlike non-harmful speech, Universal can’t just cover its ears (although one might argue that they could counter DeCSS with their own expressive response, such as better decryption measures, so long as we are considering code to be speech). Universal is claiming real harm in this case, and not simply complaining about a message they don’t like and would rather not hear (which is not reason enough for a content based restriction).

But I guess none of this really matters so long as the courts believe that the algorithms are expressive and the products the algorithms produce are not. Until that changes, the DCMA will only apply to the “functional elements,” and all of these first amendment arguments are moot.