InfoTech and Public Policy

Imagine a government, where people would be allowed to propose legislative bills, comment and vote in every law that may affect them. This would be a real democratic system the way my ancestors envisioned it, a democracy that holds true to its meaning: the rule (‘kratos’) of the people (‘demos’). Professor Noveck’s article on Wiki-Government claims that such a system, if well implemented, would be far better than the current expert-based decision process which admittedly has limited success so far. She also claims that this is not infeasible to realize any more since technological advances, such as the internet, have allowed us to communicate, learn and interact with ease.

The idea of people having the power to comment and vote on important social decisions is something that I support. It has been successfully implemented in courts, where important decisions of life and death are taken by ordinary people without the intervention of any higher authority. Our society has many remarkable paradigms of self-sustaining, self-assembling collaborative projects to demonstrate and most of them are feasible because of the underlying technologies that have been developed: open-source software communities, wiki knowledge databases, peer2peer and financial support networks are just some of them. However when it comes to important civic decisions, at what level would our society feel comfortable to allow direct intervention from any person? A public forum where people can comment on the existence, need or proper enforcement of a law would be by all means beneficial for our legislative system and in some cases this already happens. But such “suggestive” or advisory forum would have no or limited power. On the other hand, one can imagine a society where people would actually vote on a diverse set of subjects, a risky tactic that can also have its own benefits.

The idea of inviting public assessment of current or upcoming work can be easily implemented in other fields, one of which is the academic peer review system. There is a plethora of examples where the peer review system has failed to ensure the integrity of scientific research, most notably in the case of peer review drug practices according to a New York Times article.

Currently, if someone wants to publish his work, has to send it as a paper to the editor of a journal, who will in turn send it to a few experts (two to five) that will review it. This process can take a considerable amount of time and there are several caveats such as not truthful or sloppy assessment of the research, conflicts of interest etc. An alternative solution might be to have a database where all papers can be added and publicly viewed and commended. Journals will be given the option to select what they would like to consider for publication and then send it to review with the permission of the author(s). Finally, journal editorial boards may opt to enter a bid or offer an acceptance for publication to the author(s) who may have a deadline to decide which – if any – of the offers would interest him. Such system would make the selection for publication based more on merit and less to the (maybe biased) opinion of the few (also would give controversial research, like the one generated by the Princeton’s notorious PEAR lab more visibility). Fortunately, there are several moves lately towards this direction including the ArXiv of the physics community, the PLOS ONE and Harvard’s recent move on an open access free publication service (which has already been approved).

My first encounter with web cookies back in the mid 90’s was accompanied with joy, admiration and fear. Joy, because I was no longer obligated to put my login information every single time to authenticate myself, while I was more than happy to learn that - finally - ads will depict sports cars instead of pregnancy pills. Admiration was only natural, given how this small piece of data achieved so much without significant complexity or effort from my part. And fear, because I could see a future where I would no longer be the poor lonesome cowboy surfing the world wild web carefree and certain that no one knows what I am doing without my consent. Almost ten years later, this future is finally here: Government agencies can clone and analyze private communications, malicious users attack me daily with worms and viruses, while advertising companies try to predict what I like in order to deliver more relevant ads. At least in the case of ads, they can’t possibly track every single click I make. Or can they?

Custom tailored ads exist for quite some time now, almost immediately after web cookies started to appear in the web. In the next few months though, their power and predictive potential will be increased significantly thanks to the appearance of two new companies called NebuAd and Phorm. Both these companies want to enhance the effect of ads and marketing by installing devices on the networks of the participating ISPs. These devices will then monitor all unsecured WWW traffic that each user produces, including searches and Web page hits, and will look for ways to match want may interest you with a database of product and services. This way, participating vendors and websites will be able to display ads of higher relevance than before, potentially highly increasing their revenue. According to New York Times, already 3 major ISPs in UK have made deals with Phorm to implement its technology, and although NebuAd declines to reveal its partners (why is that I wonder ? Also read this New York Times blog entry on the same topic), Washington Post has revealed two of its ISP partners.

The implications of this technological partnership are tremendous. ISPs, who traditionally were out of the advertisement game, will now get a part of the multi-billion revenues related to internet advertisements. Internet advertising agencies and vendors are happy to be able to target the right market (according to Microsoft there is as much as 76% more chance that a visitor would click on an ad enhanced by behavioral targeting technology) with higher accuracy, while web site owners that will be able to charge more in order to host ads. As for the user, he will be able to get more relevant information about products that are closer to his interests than before. Nevertheless, all the above will come at a potentially high cost to user privacy, as each user action will be recorded by third party software, something that forced the Foundation of Information Policy Research (FIPS) to write an open letter to UK’s Information Commissioner urging to pass legislation that would render any technology of this kind illegal. Similar legislation, although with a much broader scope, is also sponsored by Democrat NY assemblyman Richard Brodsky who wants to make it a crime for certain Web companies to use personal information about consumers for advertising without their consent (New York Times Article).

Personally, I am up for any technology that enhances the user experience. I believe that systems like those discussed here can contribute to this, by enhancing the level of prediction that a content provider can have on your interests and character. Additionally this technology may have some beneficial side-effects, as for example Phorm software is able to identify fake websites and thus protect user privacy. It may also foster collaboration, innovation, internet entrepreneurship and emergence of free services, fueled by higher revenues in industry and internet markets. However, in order for me to wholeheartedly support such efforts, I need to be certain that certain conditions are satisfied. First, all parties involved must make sure that at no stage can the personal information of a person be associated with his identity. Given the way the current technology is implemented, I think it is very difficult for these companies to ensure that this will be the case, even with the randomization and no-storage policy assurances that they provide. This kind of association is what is dreadful to most people, from ordinary users to internet pioneers (for example see Sir Tim Berners-Lee BBC interview on net tracking). As a computer scientist I see a number of ways that similar results can be achieved with no such danger to privacy, but at the cost of higher bandwidth requirements.

Additionally, I believe that opting-in the service must be the default and not vice versa. Currently, this is not happening and even opting-out is painful according to this blog entry about Embarq ISP NebuAd opting out option. Legislation can make clear that users should have the option to opt-in and out, with the earlier to be the default mandatory practice and frankly a lot of other sectors would benefit from converting opt-out actions to their opt-in counterparts. This way, ISPs and companies like Phorm can even give monetary incentives to users in order to opt-in, returning some of the profits to the end-user base.

Finally, I have some ethical concerns over what kind of information such companies should be allowed to collect. Should they try to predict your need of cancer or funeral related services? You would be surprised on some of the choices that the coalition of marketing, advertising, ISPs and related software companies have agreed to (dis)allow. There is also the question of whether all the above will lead to increased utterly useless for the average user purchases, something that does not benefit the society as a whole. And since at the end of the day this is the only single objective function that we have to optimize, i.e. allow actions that increase short and long term social benefit, we have to ensure that the implementation and evolution of such techniques and technologies are leading to a more stable, humane and robust society rather than increasing the revenues of a selected few organizations and people.

For further reading there are several articles in the Bits blog of New York Times including what Saul Hansell calls “The Mother of All Privacy Battles“, interviews with Phorm and NebuAd chief executives, and more information on how Phorm cookies work.

The stability and future trajectory of a society is heavily dependent on the level of protection and robustness that it has. In other words, it is in a society’s best interest to be able to defend itself and create mechanisms that would quickly and efficiently absorb any destabilizing fluctuations. And of course, defense shouldn’t only be confined to a reflexive response to environmental events, but should encompass preemptive actions guided by accurate predictions of future events and phenomena. And here is where communication monitoring comes into play, since in order to be able to predict the future you need to have a good perception of the current dynamic environment around you. Along these lines, it is not only a right but also an obligation for governments – and any other entity of a similar protective role for that matter – to fully exploit technology and resources for the social good.

Naturally, regulatory mechanisms should be in place in order for governments and their agencies not to overstep their authority, misinterpret and misuse this social mandate: it should be absolutely clear who can do what, and in what circumstances. There is a plethora of cases where these lines are blurring. For example, should a school camera installed to catch trespassers, fights and harassment be used to report intimate moments of students (article)? What about personal text messages in a cell phone that has been confiscated (article)? Should a program that analyses employee video streams and uses this information to infer the stress levels be also used to calculate the productivity and overall performance of a worker, something that can lead to his lay-off or promotion (article and patent)?

The threat of misusing sensitive data becomes more imminent with technological progress. Pervasive computing and sensor networks open endless possibilities that the Big Brother always wanted but couldn’t afford. Universality and data integration increase the processing efficiency but also make the effect of a potential leak even more devastating to human privacy. Often technology precedes regulatory and safety mechanisms and some may claim that this is what is happening in the recent attempt of the federal government to launch a system that would bring together thousands of city-owned video cameras that would feed video into a central office at the D.C. Homeland Security and Emergency Management Agency (article).

Questions like who will have access and analyze the data, and for how long these data will be stored will also determine the risk to privacy in such monitoring systems. As algorithms become more sophisticated we can transition from a supervised or semi-supervised monitor scheme to a fully unsupervised one, where image processing and machine learning techniques will render any human-data interaction in the majority of cases unnecessary. This in turn reduces the risk of leaks and malicious human actions, one of the major concerns today. Regarding the storage of the personal data, there is again a trade-off between privacy and enhanced protection. Although the amount of information that passes through an ISP is vast and prohibiting to be stored for large periods of time, this may change in the near future. Storing everything can provide a fossil record of communication that may prove valuable to future investigations, but also seriously increasing the harmful effect of a severe security breech.

For all these reasons we have to push for a close regulation - not prohibition - of governmental monitoring of human communication. The question of who is going to watch over the watchers is always there, but I am optimistic that in a mature democracy sufficient regulatory mechanisms will be implemented and updated whenever necessary (as was the case with the creation of FISA in the 70’s).

in·no·va·tion (Date: 15th century)

1 : the introduction of something new

2 : a new idea, method, or device : novelty

Definition taken from Merriam-Webster (link)

In his paper on what separates and unifies “Openist” and “Deregulationists” over Broadband Policy, Tim Wu presents an interesting argument that Network Neutrality should be a point of reconciliation for both sides. All his work stems from the well-known fact (also discussed here in Stanford Law professor Lawrence Lessing’s blog) that the common faith that unites all technologists is the belief that innovation is the basis of economic growth.

Is it truly so? If we strictly follow its dictionary definition, innovation is by no means sufficient (or necessary at least for the short term) for a growing economic potential. The introduction of something new isn’t necessary a good thing; it may be neutral or even detrimental for economic growth. Ideas, methods and devices can be notoriously bad as history has taught us, from nationalist ideology to Windows Vista (mentioning MS software and fascist ideas in the same sentence is purely a coincidence).

There are several attributes that innovation must have in order to drive economic growth. First, it must provide a service that is practical and useful for at least a set of people. Practical, because it should be implementable; and useful, because no one will invest in something that serves no purpose (purpose here has a generic meaning, which includes vanity satisfaction as for example in the case of the $40 “bling” water bottle with Swarovski crystals). The larger the group of people it affects and the more practical, pioneering and useful the innovation is, the bigger the impact it may have to economic growth.

Furthermore, innovation must be self-sustaining and not inhibitory of its own progression. An innovative method, regulation or device that would impose a selection pressure against other positive innovations is most likely not beneficial, regardless of the short term economic benefit that confers to the society (I used probability instead of certainty since such innovations may have clauses that also disallow other negative innovations to appear, hence preventing an economic Armageddon).

Finally, in order for an innovation to truly benefit the economy, it should have a long term stabilizing effect that renders the latter more robust to perturbations. Note that this is not mutual exclusive with the utility principle of the previous paragraphs. There is a plethora of innovations that had a devastating effect to long term economic growth, without lacking usefulness or practicality. For our amusement, I will claim that we are living the economically deleterious effects of such an innovation that is called Collateralized Debt Obligation or CDO, an ingenious, practical and useful way for making money, at least for some people.

But wait! Why do we care so much about economic growth? When did economic growth replace social benefit as a driving force in public policy decision-making? Tim Wu has some valid arguments on the link between economic growth, social benefit and happiness, when he states that economic growth and innovation is good for us because it give us hope, allows us to dream a better place, and makes our life easier through technological progress. I believe that such analysis, although it captures the dynamics of human society, it is insufficient to provide the most fundamental criterion that we should have in mind when we assess the impact of a new idea or device, which is that above all, innovation must be beneficial for the evolution and survival of a society. Innovations can canalize (stabilize) existing social traits, or they can go completely the opposite way and act as renegades to the social norm by exploring new neighborhoods, as long as they elevate humanity to higher spheres of mental and scientific achievements. And although the future is not ours to see, there are some principles - such as freedom, cooperation, universality, scientific curiousness - that have led us in the past and can certainly lead us in the future towards awareness of our role in this universe. Novel ideas and devices that adhere to these principles are the true vehicles of humanity towards its path to completeness.

At last we had him. Arthas, the most diabolical creature in our universe was finally cornered by our guild at this tiny spot of Azeroth after a month’s hunt. This was my moment; I could barely wait to draw my precious “Hammer of the Titans” to claim my price. Alas, it had just disappeared and a notice was left in its place reading: “Confiscated by VIRS due to tax evasion: Please contact us for a Virtual Audit”. First my home and now this, where is my sword and why Arthas winks at me?

If you think that the above scenario is far-fetched, you haven’t pay attention in the latest developments in virtual worlds. Virtual worlds are booming with a frantic rate, millionaires are being born (article), while their GDP is on par with that of small nations (based on a 2005 article, virtual worlds have a growth rate of 10-15 % while the GDP of Second Life alone is $500-700m (article), close to that of Malvides (wiki)). This growth has attracted the attention of policymakers for some years now and some think that taxation of virtual assets is something inevitable (article). However, it is not clear whether such action would be sound and viable in the near future.

In my opinion, there is a clear distinction between the two universes, the real and the virtual. Although the real universe consists of our world only (little green men are still to be found), the virtual universe is a superset of many virtual worlds (creations of several game companies, with names like Ultima Online, Lineage, World of Warcraft, etc). Laws that are enforced in the real world should not necessary be in place in virtual worlds and vice versa. Along these lines, governments should not be allowed to impose real taxation of virtual income generated from actions within these worlds (such as the selling of virtual goods or performing services), although the companies that have developed and currently host the virtual worlds may opt for having a virtual taxation system for their own benefit.

However, these two universes are linked since virtual goods and currency can be converted to real money. It is exactly these conversions of virtual goods to real ones that offer a place for governmental regulation. If we want all people to be treated equally, the same amount of taxation should be applied to any real income derived from either virtual or real worlds. This setting, i.e. taxation only during the conversion of virtual goods to real ones, saves policymakers from a lot of trouble have they tried to impose sale and income tax directly to virtual universe transactions and services. Although income tax is easier to regulate in virtual worlds, Plato’s quote is still valid: “When there is an income tax, the just man will pay more and the unjust less on the same amount of income”.

Nevertheless, there are few details that have to be worked out. For example, should every transaction have the same tax, regardless of the total annual gain of the individual? Is it possible for governments to adopt tax brackets, similar to those in place of real income taxation? Since buyers and sellers may be residents in different countries, which country should impose the tax? A naïve solution would be to have a flat taxation rate with the seller’s country of residence collecting the tax. At the same time, law enforcement agencies should actively monitor and identify any suspicious action since these transactions may prove an excellent way of conducting illegal activities (for example international money laundering or funding terrorist cells).

Value and efficiency are useless when it comes to government contracts. This is how John Pugh, a member of the parliament (MP) in U.K. interprets his government’s reluctance to explore any alternatives, such as open source solutions, to using Microsoft software.  In a recent article, Mr. Pugh accuses U.K. government that its IT policy is “in breach of European Union regulations” on competition and Microsoft itself of “predatory pricing and stultifying competition”. It is not the first time that Mr. Pugh expressed his dismay over U.K. ‘s IT policy for being anti-competitive and anti-innovative: in 2006 he moved against the Department of Education and Skills (and its advisor board “BECTA”) for denying schools the choice of installing open-source software (article).

This brings up an interesting question on how governments should proceed with the evaluation and selection of various contractors. This is not a trivial matter, as an erroneous policy may prove devastating for a country’s free market, given the size and volume of contracts that governments issue each year.  A fundamental issue is who should be eligible to participate in such competitions. Is everyone who comes up with a single product that serves the needs and goals  of a community eligible to apply, or must it be that only companies with a pool of services (many of which may be unrelated to the main goal of the contract) and interrelated products should be given a seat? Strikingly, having an innovating solution, that even outperforms its competitors in price and utility, is neither sufficient nor necessary to be victorious in the governmental contact arena, at least in the case of the U.K. As our liberal democratic MP notes “suppliers usually needed annual revenues of over £50m before they could realistically bid for a government contract” (article). It is my opinion that in order to level the playing field, everyone should be eligible to participate in a competition given that he can provide the minimum standards, that should only correlate to the goals of the competition and not to the size, fame or revenue of the participant. This is valid for all businesses but even more in the IT world, where the requirements for infrastructure are minimal (i.r.t other fields, like construction for example) and where in many instances small players have proven to innovate and deliver superior solutions.

The major factor that governments have to optimize during the evaluation phase is the efficiency of the solution and its benefit to the society for the money they spend.  During evaluation, parameters such as the confidence level of a successful delivery (based on past performance and a company’s capabilities), quality of ongoing support, compatibility to existing products etc should definitely play a role. However, their weight should not be disproportional to other crucial factors such as performance and utility of the proposed solutions, as the former tend to be characteristics of only large sized companies that are already established in the field. Doing so would certainly lead to a self sustaining cycle of contracts given to only to small set of players with no opportunity of other entrepreneurs to join. Allowing new companies with innovating ideas to prove what they are worth, will foster a healthy market and give incentives for newcomers to develop and implement ground breaking ideas.