Monday, October 24, 2011

The Donation Blockade Threatening WikiLeaks...

Last year when Wikileaks published thousands of classified State Department documents, many large financial companies like Visa and Mastercard decided to no longer allow payments to be made to the Wikileaks website. As described in The Nerfherder at the time, hacktivist groups then responded by launching denial-of-service attacks against those financial companies. These attacks lasted for a few weeks, but mostly subsided once the story dropped out of the headlines and all returned to normal.

But a funny thing happened. Almost a full year later, the "donation blockade" implemented by Visa, Mastercard, eBay, Western Union, PayPal, and others is actually having a serious effect. Ars Technica is reporting that the donation blockade is proving so effective that the very existence of Wikileaks is currently under threat. Payment transactions from those financial service companies constitute 95% of WikiLeaks' revenue, and the site claims to need $3.5 million over the next 12 months just in order to maintain its current level of service.

Servers, after all, cost money.

It's an interesting dilemma worth noting. In an increasingly cash-less age of ubiquitous digital transactions, how would most organizations function if suddenly and completely cut off from all credit cards, PayPal, and various other type-your-number-and-click payment services? My guess is most businesses, and for that matter most individuals, would probably face a near-existential financial threat within a few short months.

The majority of Wikileaks supporters, right now, don't even know how to make a donation even if they want to.

Whether this donation blockade does ultimately succeed in shutting down Wikileaks, or even if it just cripples it, there's an important lesson here that's playing out before our very eyes... to anyone who believes the internet has democratized power, this case is just one more example of how institutions still matter, and how only a small handful of them can, at any time or for any reason of their choosing, exert their will over others.

Even though Wikileaks garnered all the headlines a year ago for being a new kind of transformative force, these financial companies may indeed have the last laugh.

Monday, October 17, 2011

App Store Constitutionalism...

For anyone looking for a truly thoughtful read today, check out Timothy B. Lee's article in Ars Technica, "How I Learned to Stop Worrying and Love the App Store".

There is an ongoing problem with App Stores; the problem being that app stores like Apple's and Google's implement unprecedented controls over the types of software that people can use, and this has the effect of greatly limiting our freedom. These app stores have been characterized as "walled gardens", which stands in contrast to the open and free World Wide Web. Much has already been written about it in books like Jonathan Zittrain's The Future of the Internet, and How to Stop It or popular blogs like Cory Doctorow's on Boing Boing, not to mention here in The Nerfherder repeatedly.

To review, here are just some of the ways in which Apple strictly controls what software can run on the iPhone...

  • Apple doesn't allow apps that "duplicate existing functionality" of the iPhone, for instance. At various times in the past, that has meant restrictions on podcasting apps, alternative browsers, and e-mail clients. Apple may also reject apps if they "duplicate apps already in the App Store" or "are not very useful or do not provide any lasting entertainment value."

  • Apple has also imposed a number of important technical restrictions. At one time, Apple accepted only native C-based apps, rejecting apps that were produced with the help of cross-platform development tools like Flash. Apple relaxed that restriction last year, but it still prohibits apps from downloading executable code.

  • Apple imposes restrictions to bolster its business model and those of its partners. For example, Apple has tried to force all in-app content purchases to pass through Apple's payment infrastructure, allowing Apple to take a 30 percent cut. (Apple has also been criticized in the past for restricting charitable donations from within iPhone apps.) Apple has also reportedly blocked bandwidth-heavy apps that offer VoIP, streaming video, and tethering in order to conserve AT&T's bandwidth.

  • Apple imposes a wide variety of purely content-based restrictions. Last year, Apple had to eat crow after cartoonist Mark Fiore won a Pulitzer prize. Apple had rejected an app featuring Fiore's work because it "ridiculed public figures" in violation of the iPhone developer guidelines. Apps that "encourage excessive consumption of alcohol or illegal substances" are also out. In June, Apple announced it would start rejecting DUI checkpoint apps.

  • Sexual content has emerged as another flashpoint. The app store rules have prohibited pornographic apps, including apps that "contain user generated content that is frequently pornographic." Apple has apparently interpreted this restriction broadly. For example, the gay dating app Grindr blames Apple for the service's rule that public Grindr profiles must be G-rated.
So the big question is how can individuals retain their digital freedoms while still living in the contemporary App Store world?

Lee argues that what's needed "are mechanisms for users to delegate authority over their devices to third parties while holding those parties accountable for their decisions". In other words, most of us are inevitably willing to give up some of our freedoms in exchange for ever-more helpful devices - and that's OK, so long as the makers of those devices and their software can be held accountable.

How can such companies be held accountable? This is, after all, capitalism, so all that's required is true market competition and for users to have a real capability to switch providers.

But often today, meaningful competition is lacking and switching costs are too high.

Lee draws an analogy to four principles of constitutional government that can be usefully applied to app stores....
  1. Federalism -

    The right of exit is a powerful check against over-reaching regulators. In the world of nation-states, citizens flee repressive regimes for freer ones. In the world of technology, users and developers switch from one platform to another to find the one that best meets their needs. Of course, in both cases, exit can be expensive. Most of us have friends, family, jobs, and other ties holding us to the nation of our birth. Similarly, network effects and human capital keep us tied to existing platforms. If the developer gets his iPhone app rejected by Apple, it's expensive to re-write it for Android.

    The American founders developed a novel solution to this problem: multiple semi-sovereign entities within the same nation. If I don't like the policies of the government here in Pennsylvania, I can move to one of the 49 other American states without giving up the benefits of American citizenship. These "laboratories of democracy" compete with each other to serve their citizens.

    Google's decision to make Android open source has created a similar dynamic. Amazon has run its own app store for Android since March, and in September the company jumped into the hardware game with the Kindle Fire. Barnes & Noble also sells Android devices and has an app store of its own.

    So within the Android "nation" are sovereign "states" like Google, Amazon, and Barnes & Noble. Users and developers who find Google's app store rules not to their liking can flee to the Amazon app store without incurring the high costs of moving to a completely new platform. This is a key selling point for app developers, because it means that developers aren't too dependent on any one company to sell their apps. And it gives each Android vendor a stronger incentive to treat their customers and developers well, since they can easily leave for another Android-based platform.

  2. Judicial Independence -

    The United States, like most free countries, has a judiciary that's charged with applying the law in an impartial fashion. Judges' impartiality is guaranteed by giving them structural and financial independence from the other branches of government. Many private firms use this strategy as well. For example, reputable news organizations avoid conflicts of interest between their news coverage and advertisers by creating separate business and editorial departments.

    Companies that run app stores would be well-served by a similar strategy. Users and developers are entitled to expect that app reviewers will act in the interests of users, rather than using the power to reject apps as a weapon against competitors. While "strategic" app rejections might seem like good business in the short term, the long-term result will be to tarnish the platform's reputation among both users and developers.

    To guard against this temptation, employees who run the company's app store could report to a different senior executive than the ones that run other parts of the company. And that executive should be explicitly told to put the interests of users ahead of the short-term interests of the rest of the company. This would give users, and especially developers, more confidence to invest in the long-term health of the platform.

    Indeed, Google already has a model for this strategy: its own search engine division. The people who run the search engine are part of a completely separate management hierarchy from the people who sell search ads, and it's expected that the search division will sometimes make decisions that are contrary to the interests of major advertisers. That might be bad for Google's bottom line in the short run, but it's proven a good move in the long run, because it promotes search quality and fosters user trust.

  3. Transparency -

    One of the most common complaints of iOS developers is the lack of transparency in app review decisions. Apple provides developers with a partial list of "guidelines" for iOS developers, but there are apparently undisclosed criteria, and it's not always clear why one app is approved while another is rejected.

    Moreover, if the published guidelines are ambiguous or silent on a particular point, it can be hard to get a straight answer about what the rules are. This creates uncertainty that discourages developers from creating new apps.

    One way to help alleviate this uncertainty would be for Apple to create a publicly available database of past decisions, along with the rationale behind rejections. Then a developer could look for apps similar to his own to see what issues the developers of those apps encountered during the review process.

  4. Stare Decisis -

    This is the legal principle that courts should respect the precedents set by earlier judicial decisions. In America's common law legal system, much of the law exists not as formally enacted statutes, but as the accumulation of precedents. The principle of stare decisis promotes predictability and fairness in the legal system. By committing themselves to following past precedents in future cases, courts ensure that all similarly situated parties are treated alike, and they make it possible for citizens to predict how the courts will rule even on subjects that Congress hasn't explicitly litigated about.

    Adopting a stare decisis principle for app stores would have similar benefits. The arbitrary and unpredictable nature of Apple's app store review process has been a frequent complaint. Adopting a formal policy of following past precedents when making future decisions would do a lot to allay those fears.

    Moreover, when transparency and stare decisis are combined, they become a clever way to crowdsource the effort required to render consistent decisions. When lawyers are arguing a case in court, they do legal research to find examples of similar cases that reached an outcome favorable to the lawyer's clients. This makes the judge's job easier, since the relevant precedents are placed at his fingertips. Similarly, Apple could encourage app developers to include with their application examples of past apps with similar functionality, and to explain how the app under review is consistent with those past decisions.

    Of course, stare decisis isn't an absolute principle. Congress can and does enact new statutes that overrule past precedents. Similarly, Apple may change its mind and overrule past decisions. But it should do so by explicitly issuing a new policy, and in close cases it should "grandfather" already approved apps and features. And the default should be to treat past decisions as binding.

These are all interesting talking points and the analogy to constitutional principles may, indeed, be a workable one. However, what strikes me as lacking is the Big Picture. Lee's approach here is to try and improve the business model of the app stores, but the problem isn't the business model, it's what the "walled gardens" of the app stores actually threaten - an end to the free and open World Wide Web; the Web where anyone can develop pages, sites, software, and technology; the Web that doesn't need prior corporate approval before something can be shared; the Web of innovation; the Web where free speech, free expression, and free assembly flourish.

THAT is what's at stake, and the app stores, particularly Apple's, threaten the open Web's very existence. Lee proposes ways of making the app stores work better; to be more consumer-friendly. That's all well and good, but it would be nice if we the people, especially in this context of individual freedoms, weren't only thought of only as consumers.

For once.

Thursday, October 13, 2011

Following the 'Occupy Wall Street' Protests Online...

Regardless of whether you support or oppose what's happening, here are just some quick links and info for following the "Occupy Wall Street" protests on the Web...

  • The Official Website

  • WeArethe99Percent Blog on Tumblr - a running list of blog posts, photographs, tweets, likes, and more.

  • - over 1500 meetups across the country, as of the time of this writing.

  • @OccupyWallStNYC - one of the movement's main Twitter accounts, with 50,000 followers and growing. For a more general look at the ongoing Twitter discussion related to the movement, view these updated search results.

  • Occupy Wall St. Facebook Page - over 188,000 "likes", and growing.

  • YouTube - Over 14,000 search results come up related to "occupy wall street". One popular channel is TheOther99Percent and this single video of female protesters being penned in and maced by police has over one million views.

  • Trendrr - While people in New York are still dominating the conversation on Twitter, an analysis of Twitter data shows that almost half of the posts were made in other parts of the country, namely, Los Angeles, San Francisco, Chicago and Washington D.C.


Wednesday, October 12, 2011

A Taxonomy of Internet Privacy Problems...

Too often, people lump together very different problems like posting embarassing photos on Facebook and a hacker breaking into a database and stealing Social Security numbers, all under the umbrella term of "Internet privacy". Obviously, these are vastly different problems, and policies designed to address them would (and should) require vastly different solutions.

Daniel Solove, in his book Understanding Privacy, puts forth a taxonomy of Internet privacy problems to draw out the many different types of problems out there.

His four principle categories include:

  1. Information Collection - what information is being gathered and through what means is it occurring.

  2. Information Processing - how it is stored, combined, manipulated, searched, and used.

  3. Information Dissemination - how it is released or transferred to others.

  4. Invasion - impingements directly on the individual.
This taxonomy is pretty straightforward, and it ought to be helpful to anyone trying to make sense out of the myriad of "Internet privacy problems" thrown around in the headlines. Most people's knee-jerk reaction of "Hey, that's an invasion of my privacy!" isn't really an adequate analysis for scholars, not to mention policymakers. Solove's taxonomy, by drawing distinctions among privacy problems, helps clarify the issue and bring meaning and context to the news headlines we often come across.

Perhaps what's even more interesting, however, is his examination of why privacy should even be considered a good thing. Sure, privacy is a core value that we all instinctively cherish, but what happens when it comes into conflict with other core values like free speech or security? Even though his taxonomy is interpretively helpful, Solove's greater contribution, in my opinion, is his argument that the value of privacy should be determined on the basis of its importance to society, NOT in terms of individual rights. Privacy's value in a particular context "depends upon the social importance of the activities that it facilitates".

To try and conceive of privacy not in terms of individual rights but in a more collectivist sense might be a little counterintuitive, but it's an interesting logical exercise. I just wonder what the ramifications might be if we conceived of other individual rights - like free speech, free assembly, free religion, etc. - in similar non-individualistic terms.


Wednesday, October 05, 2011

Fighting Hate Speech Online...

Hate speech proliferates everywhere on the Web. No one denies this. The question is, what can be done about it?

In the most recent issue of Policy & Internet, Raphael Cohen-Almagor takes an applied ethics approach to the problem in his article "Fighting Hate and Bigotry on the Internet". After studying dozens of hate sites and conducting interviews with over 50 leading Internet scholars, security experts, and human rights activists, he formulates the following strategy for countering hate speech online...

  1. Speech vs. Speech: tackling net hate with more communication, more openness, and exposing the problem in the free marketplace of ideas.

  2. Education: entailing activity at both primary and high school levels.

  3. Hate Watch: Names of hate sites should be published to have a continually updated list of them in order to alert people about the sites and have them properly labeled by search engines and ISPs.

  4. Citizens' Initiatives to Combat Hate: to educate people, provide funds or other assistance to help the victims of hate crimes, and assist in fighting hate groups.

  5. Internet Users' Initiatives to Combat Hate: Facebook forums, forums that call upon ISPs to adopt a code of responsible conduct, including anti-hate provisions, etc.

  6. Content Filters: both client- and server-side filtering, monitoring, and auditing tools.

  7. Blocking Programs at Work and School: Governments at all levels employ between 30 and 60 percent of the workforce and public schools attract an even higher percentage of the school age population. It should be a matter of government policy that no employees or students be able to access hate sites unless this access is related to their work.

  8. Responsibility of ISPs: ISPs are often reluctant to block service to those who violate their terms of service (TOS) agreements because it eats into their profit margins, however they commonly deny service or remove material from their servers in the event of copyright violations. They ought to start taking hate speech at least as seriously as copyright.

  9. Link to a CyberTipline: What ISPs and hosting companies could certainly do is provide a uniform channel for user complaints, like a CyberTipline, and link to it from a prominent place on their website.

  10. Omit or Label Hate Websites in Search Engines

  11. Label, Name, and Shame ISPs and web-hosting services that refuse to cooperate

  12. Seek out Global Cooperation

Cohen-Almagor is right to try and balance the benefits of free expression, on the one hand, and the benefits of social responsibility, on the other. However, here is the controversial point... At the conclusion of his paper, he provides a detailed list of hate websites, complete with URLs. Certainly, publishing this list serves his stated desire to bring such sites to the public's attention. However, many critics will argue that publishing this list, and others like it, by bringing it to the public's attention, actually serves just as much as a marketing tool for these hate sites, which might otherwise go unnoticed by those fringe elements who might actually support them, as it does to raise public opinion to counter them.

Should the list of hate sites be promulgated? Would spreading it around as much as possible to everyone do more good or harm? What are your thoughts?