Theories of cyberspace regulation Internet Governance Topic 3
Theories of cyberspace regulation Internet Governance, Topic 3 Professor Graham Greenleaf
Cyberspace regulation? z. The problem: Cyberspace is a different context from the physical world. y. We may need to rethink how regulation of behaviour works. z. The questions: y(i) What regulates? - What different forms of regulation are there? y(ii) Who regulates? - Who controls the forms of regulation, and what is their legitimacy?
Theorists and theories z ‘Digital libertarians’/ anarchists y. Theorists x. Barlow’s ‘Cyberspace Declaration of Independence’ (1996) x. Self-governance theorists (eg David Post) y. Theories criticising: x. Irrelevance of legal concepts based on matter x. Ineffectiveness and illegitimacy of territorially-based government in cyberspace x. Scepticism about international agreements or institutions (even self-governing ones) y. Theories favouring x. Effectiveness of self-governing cyberspace institutions x. Arguments for the most decentralised forms of regulation, and for ‘private orderings’ based on contract
Other theorists z. Trotter Hardy - most decentralised level of regulation is the ‘proper regime’ (1994) z. Joel Reidenberg - ‘Lex Informatica’ y. The Internet (somehow) provides the appropriate technical devices for regulation
Do theories describe or / and prescribe? Barlow Post Hardy Regulation will fail; Nations have no Internet cannot be right to regulated ‘new realm of mind’ Self-regulation can Self-regulation work should be left to work Decentralised regulation is efficient Decentralised is the ‘proper regime’
Description and/or prescription Reidenberg’s lex informatica Technology Regulators should provides effective use infrastructure tools for regulation to regulate Lessig Cyberspace is regulated by all 4 modes; code is increasingly effective Legitimacy of those controlling code should be questioned
‘Digital realists’ z Lawrence Lessig (best known), James Boyle z Lessig's answers to what and who regulates: y 4 things regulate - Norms; Markets, Law and 'Code' y. Law also regulates the other 3 - indirect regulation y. Effectiveness is very different in cyberspace z Main lesson: Consider all 4 and their interaction z Criticisms: y‘code’ does not capture all of ‘architecture’ ymisses other forms of regulation (informal sanctions; surveillance? )
Constraint 1 - Norms, morality, conventions z Real space norms cause disapproval and guilt z Cyberspace has its own 'netiquette' y. Examples: using CAPITALS; attachments sent to lists z Some Internet self-regulation creates norms y. Eg observance of Robot Exclusion Standard y. Observance is by voluntary conduct, not code y. Numerous other Internet governance conventions z Effectiveness increased by surveillance y. The morality of the goldfish bowl y‘In cyberspace no one knows you’re a dog’ is false
Constraint 2 - Markets z Market constrains work in cyberspace z Unpopular 'code' can perish y. Selling region-blocked DVD players in HK? y. Surveillance damaged Double. Click's share price z Prices can affect norms y. Are CD / DVD prices considered fair? y. Is DVD region blocking fair? z Theories of network economics are important
Constraint 3 - 'Code’ z In real space - Natural and built environment y. Bank robberies - Laws and morality help; but walls, locks, glass & guns are better y. Immigration - Distance and lack of borders y. Easy to ignore, often because unchangeable z In cyberspace - ‘Code’ is the equivalent y. Can control access, and monitor it y. Determines what actions are possible and impossible y‘A set of constraints on how one can behave’ -Lessig y. The walls, bridges, locks and cameras of cyberspace
E 2 e: 'code' layer commons ye 2 e ('end to end') network design x. Philosophy of the original Internet designers x'Smart' features are at the margins x. Anyone can add a new application to the net x. Network controllers do not decide applications allowed y. Innovation irrespective of the wishes of network owners x'Code' helps determine the level of innovation x. Absence of control by code here enables innovation
‘Code' or 'architecture'? z 'Code' is cute but confusing y. East code (Washington) vs West coast code (Redmond) y. The US Code vs hackers' code z 'Architecture' is more accurate y. Cyberspace is more than software x. Protocols (non-material artefacts) x. Hardware (material artefacts) x. Biology and geography (natural environment) z 'Code' is part of cyberspace architecture
More confusion: Code and ‘code layer’ ‘physical layer’ ‘Computers and wires that link them’ ‘code layer’ Includes Internet protocols (or ‘logical layer’) ‘content layer’ (‘material served across the network’) From Lessig ‘The Internet Under Siege’ Includes applications software (still called ‘code’, but not in the ‘code layer’)
Cyberspace architecture: why it is different z It is almost entirely artefact z It has generally high plasticity y. Its easier to change cyberspace, even when built y. Exceptions: Internet protocols; open source code z Greater immediacy of application y. It is often self-executing z Its legitimacy is questionable y. We should ask the pedigree of any regulation y. What should private companies control?
4 Law - direct and indirect z Law increasingly directly regulates cyberspace behaviour - both national and international z But it indirectly regulates the other 3 constraints z Legal regulation of architecture is the key y. It is the most effective strategy for governments y. Anti-circumvention laws protect private control of architecture y. It is also vital for limiting private power z The digital libertarians were wrong
Effective regulation z. Finding the best mix of constraints y. How to prevent discrimination? x. Prohibition; education; building codes y. How to stop people smoking? x. Age limits; prohibited places; education; warnings; taxes y. Q: Does Lessig’s model describe adequately the range of constraints? ….
5 th constraint? : Informal sanctions z Much regulation is by informal sanctions: y. Ability to exclude (taking your ball home) y. Ability to use physical force / intimidation z Informal sanctions (IS) do not necessarily require any of the other constraints: y. Much law aims at limiting IS y. IS may but need not support norms y. Q: In cyberspace, are informal sanctions largely dependent on control of architecture?
6 th constraint? : Surveillance y. A relationship of knowledge x. Knowledge by the watcher of those watched x. Foucault's 'discipline'; Bentham's Panopticon x. Facilitated by architecture, but not part of it x. Facilitates observance of norms and laws, but independent y. More important in cyberspace regulation x. The normal context of identification is removed x. Identification, not anonymity, is the default y. Q: In cyberspace, does surveillance depend on control of architecture?
Law modifying surveillance z. Law acts indirectly to modify surveillance y. Data protection laws protect privacy x. Eg Personal Data (Privacy) Ordinance y. Laws mandate compliance xeg smart ID card y. Laws prevent circumvention x. Eg illegal to modify smart card, or possess xeg DRMS anti-circumvention …
Example: Copyright, DRMS and anti-circumvention z. DRMS - The new paradigm for content protection y. Copyright law was the old paradigm z. Content owners want to control 3 parties y. Content consumers y. Consumer hardware manufacturers y. Content intermediaries z(DRMS diagram modified from Bechtold)
Technological measures z. Distinguish content-protection technologies and systems (aka DRMS) z. Technologies are broadly either for copyprotection or access-prevention
Contract’s new role in IP z ‘Click wrap’ contracts with consumers y. Contracts go beyond © law y. Can impose contracts on all consumers y. Recognised in Pro. CD v Zeidenberg (USA, 1996); no equivalent HK development yet z Distribution licences with intermediaries y. Stronger anti-circumvention and RMI z DRMS licences with hardware makers y. Ensuring hardware enforces copy-protection
Technology protection legislation z Hong Kong Copyright Ordinance y. Q: Does the Ordinance prohibit actions which are not breaches of ©? ys 273 - Devices to circumvent copy-protection ys 274 - interference with rights management information (RMI)
Residual role of © law z. Copyright legislation no longer the principal protection of content ‘owners’ z. Some content owners wish to eliminate consumer rights in © laws z. Control over content outside © law is one objective: eg works out of ©; database content
DRMS, theory and innovation z. DRMS are one of the best examples of the interaction between forms of Internet regulation z. Lessig also attempts to demonstrate how the Internet is losing its character as an ‘innovation commons’, partly through changes to IP law and regulation
Importance of 'commons' y. Lessig's argument in ’The Future of Ideas' x. The Internet is an 'innovation commons’ x. It is in danger of losing that character y'Commons' - Resources from which no-one may be excluded - the 'free' y. Commons are not necessarily 'tragic': x. Not if they are non-rivalrous (eg protocols) x. Not if you control over-consumption x. Both require sufficient incentives to create
Internet as an 'innovation commons' y. Benefits of the Internet as a commons x. Benefits to freedom (first book) x. Benefits to innovation (second book) y. Must consider each Internet 'layer' x. Physical layer, 'code' layer (protocols and applications) and content layer x. Each could be a commons or controlled x. Currently, each layer is partly controlled x. Changes imperil the mix providing innovation
Lessig's innovation recipe (1) y 1 'Physical' layer reforms x. Spectrum allocation for wireless Internet y 2 'Code' layer reforms x. Government encouragement of open code • US government uses proprietary programs • [The PRC government has done this already] x. Require 'code neutrality' by carriers, by • (a) Banishment from providing Internet services; or • (b) Requirement to provide open access; or • (c) No TCP/IP without observing e 2 e
Lessig's innovation recipe (2) y 3 a Content layer - Copyright law reforms x. Short renewable terms • Eldred v Ashmore: stop the term being extended • [Shorter or renewable terms would breach US treaty obligations] x. For software, 5 year term only, renewable once x. A defence for new technologies • 'No breach if no harm to copyright owner' x. Compulsory licensing of music for file-sharing
Lessig's innovation recipe (3) y 3 a Content layer - Copyright law reforms (cont) x. Tax benefits for putting works into the public domain x. A 'right to hack' DRMS to protect fair use ('Cohen theorem') x. Stop contract law undermining copyright law y 3 b Content layer - Patent law reforms x. Moratorium on patents for software and business methods
References(1) z. Works by Lawrence Lessig • Lawrence Lessig 'The Law of the Horse: What Cyberlaw Might Teach' (PDF only) (1999) 113 Harvard Law Review 501 (drafts were available from 1997) • Lawrence Lessig Code and Other Laws of Cyberspace Basic Books 1999 • Lawrence Lessig 'Cyberspace's Architectural Constitution' (June 2000, Text of lecture at www 9, Amsterdam) • Lawrence Lessig The Future of Ideas: The Fate of the Commons in a Connected World Random House, 2001 • See his home page for links to these and others
References(2) z. Works by others • James Boyle 'Surveillance, Sovereignty, and Hard-Wired Censors' (1997) • Graham Greenleaf 'An Endnote on Regulating Cyberspace: Architecture vs Law? (1998) University of New South Wales Law Journal Volume 21, Number 2 • Stefan Bechtold 'From Copyright to Information Law Implications of Digital Rights Management'. Workshop on Security and Privacy in Digital Rights Management 2001. 5. November 2001, Philadelphia, USA. • See the Timetable for further reading
- Slides: 34