Theories of cyberspace regulation
Download
Report
Transcript Theories of cyberspace regulation
Theories of
cyberspace regulation
Internet Governance, Topic 3
Professor Graham Greenleaf
Cyberspace regulation?
The problem: Cyberspace is a different
context from the physical world.
We may need to rethink how regulation of
behaviour works.
The questions:
(i) What regulates? - What different forms of
regulation are there?
(ii) Who regulates? - Who controls the forms
of regulation, and what is their legitimacy?
Theorists and theories
‘Digital libertarians’/ anarchists
Theorists
Barlow’s ‘Cyberspace Declaration of Independence’ (1996)
Self-governance theorists (eg David Post)
Theories criticising:
Irrelevance of legal concepts based on matter
Ineffectiveness and illegitimacy of territorially-based
government in cyberspace
Scepticism about international agreements or institutions
(even self-governing ones)
Theories favouring
Effectiveness of self-governing cyberspace institutions
Arguments for the most decentralised forms of regulation,
and for ‘private orderings’ based on contract
Other theorists
Trotter Hardy - most decentralised level of
regulation is the ‘proper regime’ (1994)
Joel Reidenberg - ‘Lex Informatica’
The Internet (somehow) provides the
appropriate technical devices for regulation
Do theories describe or / and
prescribe?
Barlow
Regulation will fail; Nations have no
Internet cannot be right to regulate
‘new realm of
regulated
mind’
Post
Self-regulation
can work
Self-regulation
should be left to
work
Hardy
Decentralised
regulation is
efficient
Decentralised is
the ‘proper
regime’
Description and/or prescription
Reidenberg’s
lex informatica
Technology
Regulators should
provides effective use infrastructure
tools for regulation to regulate
Lessig
Cyberspace is
regulated by all 4
modes; code is
increasingly
effective
Legitimacy of
those controlling
code should be
questioned
‘Digital realists’
Lawrence Lessig (best known), James Boyle
Lessig's answers to what and who regulates:
4 things regulate - Norms; Markets, Law and 'Code'
Law also regulates the other 3 - indirect regulation
Effectiveness is very different in cyberspace
Main lesson: Consider all 4 and their interaction
Criticisms:
‘code’ does not capture all of ‘architecture’
misses other forms of regulation (informal sanctions;
surveillance?)
Constraint 1 -Norms,
morality, conventions
Real space norms cause disapproval and guilt
Cyberspace has its own 'netiquette'
Examples: using CAPITALS; attachments sent to lists
Some Internet self-regulation creates norms
Eg observance of Robot Exclusion Standard
Observance is by voluntary conduct, not code
Numerous other Internet governance conventions
Effectiveness increased by surveillance
The morality of the goldfish bowl
‘In cyberspace no one knows you’re a dog’ is false
Constraint 2 - Markets
Market constrains work in cyberspace
Unpopular 'code' can perish
Selling region-blocked DVD players in HK?
Surveillance damaged DoubleClick's share price
Prices can affect norms
Are CD / DVD prices considered fair?
Is DVD region blocking fair?
Theories of network economics are important
Constraint 3 - 'Code’
In real space - Natural and built environment Bank robberies - Laws and morality help; but walls,
locks, glass & guns are better
Immigration - Distance and lack of borders
Easy to ignore, often because unchangeable
In cyberspace - ‘Code’ is the equivalent
Can control access, and monitor it
Determines what actions are possible and impossible
‘A set of constraints on how one can behave’ -Lessig
The walls, bridges, locks and cameras of cyberspace
E2e: 'code' layer commons
e2e ('end to end') network design
Philosophy of the original Internet designers
'Smart' features are at the margins
Anyone can add a new application to the net
Network controllers do not decide applications allowed
Innovation irrespective of the wishes of network
owners
'Code' helps determine the level of innovation
Absence of control by code here enables innovation
‘Code' or 'architecture'?
'Code' is cute but confusing
East coast code (Washington) vs West coast code
(Redmond)
The US Code vs hackers' code
'Architecture' is more accurate
Cyberspace is more than software
Protocols (non-material artefacts)
Hardware (material artefacts)
Biology and geography (natural environment)
'Code' is part of cyberspace architecture
More confusion:
Code and ‘code layer’
‘physical layer’
‘Computers and wires that
link them’
‘code layer’
Includes Internet protocols
(or ‘logical layer’)
‘content layer’
(‘material served across the
network’)
From Lessig ‘The
Internet Under Siege’
Includes applications
software (still called ‘code’,
but not in the ‘code layer’)
Cyberspace architecture:
why it is different
It is almost entirely artefact
It has generally high plasticity
Its easier to change cyberspace, even when built
Exceptions: Internet protocols; open source code
Greater immediacy of application
It is often self-executing
Its legitimacy is questionable
We should ask the pedigree of any regulation
What should private companies control?
4 Law - direct and indirect
Law increasingly directly regulates cyberspace
behaviour - both national and international
But it indirectly regulates the other 3 constraints
Legal regulation of architecture is the key
It is the most effective strategy for governments
Anti-circumvention laws protect private control of
architecture
It is also vital for limiting private power
The digital libertarians were wrong
Effective regulation
Finding the best mix of constraints
How to prevent discrimination?
Prohibition; education; building codes
How to stop people smoking?
Age limits; prohibited places; education;
warnings; taxes
Q: Does Lessig’s model describe adequately
the range of constraints? ….
5th constraint?:
Informal sanctions
Much regulation is by informal sanctions:
Ability to exclude (taking your ball home)
Ability to use physical force / intimidation
Informal sanctions (IS) do not necessarily
require any of the other constraints:
Much law aims at limiting IS
IS may but need not support norms
Q: In cyberspace, are informal sanctions largely
dependent on control of architecture?
6th constraint?: Surveillance
A relationship of knowledge
Knowledge by the watcher of those watched
Foucault's 'discipline'; Bentham's Panopticon
Facilitated by architecture, but not part of it
Facilitates observance of norms and laws, but independent
More important in cyberspace regulation
The normal context of identification is removed
Identification, not anonymity, is the default
Q: In cyberspace, does surveillance depend on
control of architecture?
Law modifying surveillance
Law acts indirectly to modify surveillance
Data protection laws protect privacy
Eg Personal Data (Privacy) Ordinance
Laws mandate compliance
eg smart ID card
Laws prevent circumvention
Eg illegal to modify smart card, or possess
eg DRMS anti-circumvention …
Example: Copyright, DRMS
and anti-circumvention
DRMS - The new paradigm for content
protection
Copyright law was the old paradigm
Content owners want to control 3 parties
Content consumers
Consumer hardware manufacturers
Content intermediaries
(DRMS diagram modified from Bechtold)
Co n ten t
in termed iaries
(licen sed )
P u b lish ers, retaile rs,
DRM S in termed iaries,
th eatres, TV, etc
Dig ital
co n ten t
o wn ers
P irate d istrib u to rs
Co n tract
Tech n o lo g ical measu res
Tech n o lo g y p rot ectio n leg islatio n
Co n ten t p ro tectio n leg islatio n
Co n su mer
h ard ware
man u factu rers
(DRM S
licen cees)
Circu mv en tio n d ev ice mfg s;
u n licen sed h ard ware mfg s.
Co n ten t
co n su mers
(p u rch asers)
Illeg al co n su mer co p iers;
b o rro wers, ren ters etc
Technological measures
Distinguish content-protection
technologies and systems (aka DRMS)
Technologies are broadly either for copyprotection or access-prevention
Contract’s new role in IP
‘Click wrap’ contracts with consumers
Contracts go beyond © law
Can impose contracts on all consumers
Recognised in ProCD v Zeidenberg (USA, 1996); no
equivalent HK development yet
Distribution licences with intermediaries
Stronger anti-circumvention and RMI
DRMS licences with hardware makers
Ensuring hardware enforces copy-protection
Technology protection legislation
Hong Kong Copyright Ordinance
Q: Does the Ordinance prohibit actions which
are not breaches of ©?
s273 - Devices to circumvent copy-protection
s274 - interference with rights management
information (RMI)
Residual role of © law
Copyright legislation no longer the
principal protection of content ‘owners’
Some content owners wish to eliminate
consumer rights in © laws
Control over content outside © law is one
objective: eg works out of ©; database
content
DRMS, theory and innovation
DRMS are one of the best examples of
the interaction between forms of Internet
regulation
Lessig also attempts to demonstrate how
the Internet is losing its character as an
‘innovation commons’, partly through
changes to IP law and regulation
Importance of 'commons'
Lessig's argument in ’The Future of Ideas'
The Internet is an 'innovation commons’
It is in danger of losing that character
'Commons' - Resources from which no-one
may be excluded - the 'free'
Commons are not necessarily 'tragic':
Not if they are non-rivalrous (eg protocols)
Not if you control over-consumption
Both require sufficient incentives to create
Internet as an 'innovation
commons'
Benefits of the Internet as a commons
Benefits to freedom (first book)
Benefits to innovation (second book)
Must consider each Internet 'layer'
Physical layer, 'code' layer (protocols and
applications) and content layer
Each could be a commons or controlled
Currently, each layer is partly controlled
Changes imperil the mix providing innovation
Lessig's innovation recipe (1)
1
'Physical' layer reforms
Spectrum allocation for wireless Internet
2
'Code' layer reforms
Government encouragement of open code
• US government uses proprietary programs
• [The PRC government has done this already]
Require 'code neutrality' by carriers, by
• (a) Banishment from providing Internet services; or
• (b) Requirement to provide open access; or
• (c) No TCP/IP without observing e2e
Lessig's innovation recipe (2)
3a
Content layer - Copyright law reforms
Short renewable terms
• Eldred v Ashmore: stop the term being extended
• [Shorter or renewable terms would breach US treaty
obligations]
For software, 5 year term only, renewable once
A defence for new technologies
• 'No breach if no harm to copyright owner'
Compulsory licensing of music for file-sharing
Lessig's innovation recipe (3)
3a
Content layer - Copyright law reforms
(cont)
Tax benefits for putting works into the public
domain
A 'right to hack' DRMS to protect fair use ('Cohen
theorem')
Stop contract law undermining copyright law
3b
Content layer - Patent law reforms
Moratorium on patents for software and business
methods
References(1)
Works by Lawrence Lessig
• Lawrence Lessig 'The Law of the Horse: What Cyberlaw
Might Teach' (PDF only) (1999) 113 Harvard Law Review
501 (drafts were available from 1997)
• Lawrence Lessig Code and Other Laws of Cyberspace
Basic Books 1999
• Lawrence Lessig 'Cyberspace's Architectural
Constitution' (June 2000, Text of lecture at www9,
Amsterdam)
• Lawrence Lessig The Future of Ideas: The Fate of the
Commons in a Connected World Random House, 2001
• See his home page for links to these and others
References(2)
Works by others
• James Boyle 'Surveillance, Sovereignty, and Hard-Wired
Censors' (1997)
• Graham Greenleaf 'An Endnote on Regulating
Cyberspace: Architecture vs Law? (1998) University of
New South Wales Law Journal Volume 21, Number 2
• Stefan Bechtold 'From Copyright to Information Law Implications of Digital Rights Management'. Workshop
on Security and Privacy in Digital Rights Management
2001. 5. November 2001, Philadelphia, USA.
• See the Timetable for further reading