Jonathan Zittrain

I’ll be picking up blogging again, and after giving up on sorting out cross-site RSS’ing, the posts will be going solely on the book site at http://www.futureoftheinternet.net/blog.  See you over there!  …JZ

Adam Thierer has posted a thoughtful review of the Future of the Internet. He picks up on something that others have mentioned that I don’t realize I appear to suggest: that my distinction between sterile and generative technologies appears to be too much of a dichotomy, and that I think that only generative technologies are good ones.

I don’t mind sterile technologies in principle — I like the idea of taking the rough-hewn innovations that spring from the Internet and packaging them into cleaner, more reliable forms.  I love my TiVo.  (Indeed, that used to be the first sentence of the book. Then I went with the iPhone.) I even appreciate that sterile technologies can come about without having to emulate the products of generative ones — not every toaster comes from nerds experimenting with heating elements.

My worry, though, is that we’ll lose a sense of equilibrium between the generative and sterile spheres, and that the emergence of contingently generative technologies — platforms that are open to third party innovation at first, but then close off selectively — will squeeze out fully generative technologies, to the detriment of innovation and enhancement of exquisite regulatory control. This is in part because the amateur nerds that drive innovation here rarely read the fine print; teenagers will code for the Facebook, iPhone and Google platforms without thinking about the ways in which their advances can be eliminated or proprietized.

Adam’s point of view is sympathetic to markets and skeptical of government intervention. He rightly asks why the market doesn’t just solve this. For that, I point to my reply to similar questions raised to parts of FOI that have been excerpted in the Boston Review:

Will the market solve this problem? Generative technologies allow consumers to become participants: to change technologies for themselves or to adopt improvements offered by others not operating through the usual mechanisms of the firm. Whether this is a market force depends on how broadly we define the term. Is any voluntary behavior endogenous to a market? Or are only those choices that have to do with purchases? If a group of people coalesces in Central Park for a game of Ultimate Frisbee, is the market for Ultimate working its magic? The question is important because often we rely too readily on the solutions proposed by firms and government. If there’s litter in a public space, the government should fine violators and clean it up, or pay a firm to do so. But the amount of litter in a park may depend not so much on the rules against it or the schedule for cleaning, but rather on the habits and normative commitments of the people who use it.

The solutions to the generative dilemma that I find most interesting are ones that don’t assume a zero-sum tradeoff between generativity and security. If we narrow ourselves to firms offering some devices that are generative but quickly compromised, and others that are sterile or contingently generative, but incapable of generating whimsical change, the market will no doubt achieve equilibrium somewhere along the axis. Bruce Owen figures that demand will create supply and the optimal point will be achieved. But Owen’s faith in the market ignores the role that a civic instinct can play if people take shared responsibility for their own and others’ security. To do so, they will need certain tools. But those tools may not be money makers, thus the market may not produce them. If the reply is “well, yes, but someone named Jimbo was moved to produce Wikipedia, and his charity is part of the market,” then the market is circularly defined as every possible action by someone. We can contribute more to our shared public life than what results indirectly through our buying or voting.

Moreover, the market may have trouble pricing the benefits of generative platforms. Behavioral economics is beginning to confirm the conventional wisdom that people do not plan very well. This is true in the PC market where people making platform investment decisions rarely weigh the unknown as part of their thought processes. They buy the PC for email or Web surfing, and only later find that it can be used for Internet telephony. And often the platform’s buyer is not the same as the user. Much of the revolution in PC software has taken place through user adventurousness on office computers acquired by companies for other reasons. What the economists might call an “agency gap” has produced great things. The true value of generative technologies is too easily dismissed when portrayed, á la Owen, as “the extent to which end-users and their communicants may indulge the whim to customize these tools.” What’s at stake is not just setting wallpaper style on your iPhone, but the very Net generativity that has facilitated entire new markets and social relationships.

Looking back, the market produced some sterile, competing consumer networks—CompuServe, the Source, and the like. Non-market forces led production on another course—the Internet. To be sure, the Internet’s reach was greatly extended through its later commercialization, but had the Internet’s architecture been obvious enough for the market to discover it, no modest government subsidies would have been needed. Sperry Rand, IBM, and Prodigy would have easily outpaced academics in producing the technologies underlying the dot-com boom. They did not.

I imagine Adam might agree with me on not reaching too quickly to government for solutions — the question is whether some of the cooperative solutions (rather than regulatory interventions) I suggest have any traction for a market-oriented thinker.

 After weighing the possibilities, he will focus on Change Congress.

The page on ActBlue to draft him has been converted into a straight candidate support page.  And lessig08.org is registered, so far pointing to a blank.

Update: lessig08.org is live:

I have decided I want to give as much energy as I can to the Change Congress movement. I will decide in the next week or so whether it makes sense to advance that movement by running for Congress.

Much more detail there, including this:

Wikileaks is a set of strategically placed wikis around the world.  It’s designed to accept leaked documents, generally from anonymous dissidents around the world, and to get them into circulation.

A Cayman Island bank and its Swiss parent company filed for an emergency restraining order in a California court asking the registrar for wikileaks.org to change its entry in the .org registry so that people can no longer get to the corresponding IP address for Wikileaks.  It worked: trying to visit wikileaks.org results in a page not found, even though the server that is its destination is presumably still up and running.

The details are still coming in, and there’s a very lucid summary by my colleagues at the Citizen Media Law Project. The initial injunction was not even fashioned as a temporary restraining order, which is puzzling since no one from Wikileaks was even there to argue its case. (It also seems to order anyone who reads the order not to leak to any of the documents — I wonder if my telling you that means you already are as good as bound by the court, at least if you’re in California.) An amended injunction has already been filed, and a fuller hearing will be held soon.

In the meantime, the other Wikileaks sites remain up with the documents and with everything else.

I’m trying to work through some of the recent criticisms of Barack Obama. Some seem contradictory.

One is that he is too liberal, at least to appeal to moderates. It’s pointed out that the National Journal rated him the “most liberal” Senator for 2007. On the other hand, he is said to be too compromising. The Clinton campaign seized on comments he made about the Republican Party being the “party of ideas” for some time, suggesting that Obama thought Republican ideas were better than Democratic ones. Both Hillary Clinton and John Edwards have said that Obama is too accommodating with political enemies, choosing to talk rather than fight. These two lines of attack — Obama is too liberal; Obama is too accommodating — at least partially offset each other.

Another criticism is that Obama is too messianic.  And it’s true, many of his supporters have been working to flesh out why they like him aside from emotions his speeches inspire.  Here I’m struck by some of the reporting from earlier in the campaign, when crowds turned up to Obama events expecting rhetoric as soaring as that of Obama’s speech at the Democratic convention in 2004. In an article entitled “2 Years After Big Speech, a Lower Key for Obama,” Adam Nagourney chronicled Obama’s low key style:

He does not tell many jokes. He talks in even, measured tones, and at times is so low-key that he lulls his audiences into long, if respectful, silences. … His campaign events end almost as an afterthought, surprising voters used to the big finishes typically served up by the presidential candidates seeking their support.

His audiences are rapt, if sometimes a tad restless; long periods can go by when there is not a rustle in the crowd. Yet Iowa is not the Fleet Center, and this appeal — “letting people see how I think,” as Mr. Obama put it in an interview — could clearly go a long way in drawing the support of Iowans who are turning out in huge numbers to see him in the state where the presidential voting process will start.

Certainly Obama’s style has changed since those early days. But I think there’s something good about the fact that there are different styles at all — and a resistance to simply being a celebrity for celebrity’s sake, and basking in the glory that people were wanting to offer him even then. It signals a maturity and judgment that has persisted through the campaign. Obama and his team rarely seem lost in a news cycle, even a negative one. They keep their heads about them — exactly the quality that is desirable in a crisis.

There’s still lots of time left in the primaries and the general election looms, and no doubt at some point between now and then Obama will make a true gaffe from the media point of view: he might do or say something that even he himself regrets. (At the moment some hay is being made of the fact that an Obama volunteer office in Houston had a large Cuban flag with a picture of Che Guevara on display, and Obama himself only mildly repudiated it as “inappropriate.”) That or some other mini-event will trigger a new round of emperor’s-new-clothes discussions. But overall: so far, Obama’s temperament seems the least megalomaniacal of any of the candidates — knowing that anyone running for President will have to have a big ego to begin with.

… the Facebook group tops 1,000 people in 24 hours, and there are four badges to choose from at the newly-appeared Draft Lessig website, complete with trademark P22 typewriter font.

Seems increasingly likely.  From NSI WHOIS, change-congress.com is registered:

AboutUs: CHANGE-CONGRESS.COM
	LESSIG, LAWRENCE **
	Stanford, CA 94305
	US
	Domain Name: CHANGE-CONGRESS.COM
	Administrative Contact , Technical Contact :
	LESSIG, LAWRENCE **
	Stanford, CA 94305
	US
	Phone:
	Fax: 123 123 1234
	Record expires on 11-Jan-2009
	Record created on 11-Jan-2008
	Database last updated on 11-Jan-2008
	Domain servers in listed order:	Manage DNS
	NS19.WORLDNIC.COM	205.178.190.10
	NS20.WORLDNIC.COM	205.178.189.10
	Show underlying registry data for this record

I don’t think he’s fully decided, but the special election is very soon: April 8, with a runoff on June 3, which is the regular California primary election day, if no candidate gets more than 50% of the vote.  Time to join the the newly minted Draft Lessig Facebook group created by my colleague John Palfrey …

My OS X machine has had Office 2004 on it since, well, about 2004.  Nearly four years later I’m alerted to an update from its auto-updater:

This update fixes a vulnerability that an attacker can use to overwrite the contents of your computer’s memory with malicious code. This update also contains an improvement that enhances the stability of Entourage.

So … routine. It does not bode well that years after the release of a major piece of software from a competent vendor there are still vulnerabilities that are as casually breathtaking as these. (A nice cherry on the sundae that Entourage’s stability is improved, too…)

Enterprising UVa senior Adrienne Felt has developed an intriguing argument about privacy for Web 2.0 apps like those on the Facebook development platform.  It will get lots of news coverage, much of it boiling down to reports that don’t capture the richness of the problem.  Here’s how Felt puts it:

When Jane installs a Facebook application, the application is given the ability to see anything that Jane can see. This means that the application can request information about Jane, her friends, and her fellow network members. The owner of the application is free to collect, look at, and potentially misuse this information. The Facebook Terms of Use agreement tells application developers not to do this, but Facebook has no way of finding out or stopping them.

This is true — the point of enabling Facebook apps is so outsiders can write new code to make use of the data within one’s Facebook profile. A similar leap of faith is required anytime someone runs a new piece of software on Windows, Linux, or a Mac: generally that software will have the keys to the user’s kingdom, able to access any and all data on the hard drive (or beyond, if the user has access to network shares), and to ship it off anywhere. (Much software now has auto-update and other Net communications capability independent of whatever it’s supposed to do.) Felt did some tallying of apps and found that many of them don’t really need that access.  For example, a Facebook app that lets you send a New Year’s greeting to all your friends (and announce as much in your newsfeed and theirs) doesn’t need to know your birthday. Felt and a co-author calculate a percentage of apps that get more access than they need; this is probably an uninformative number, because the universe of applications is now arbitrarily big, and it can’t easily take into account the popularity of each app. But suffice it to say that plenty of apps that people install can, if the app authors wanted, access one’s private data at any time. Felt points out that the data could then be extracted and sent to marketers or worse. Facebook policies make developers promise not to do such things, and Facebook technology has a few restrictions on what the apps can see — they can’t see users’ email addresses, for example — but the promise alone could, it is true, be ignored.

So — is this problem any different from the potential abuse that can come from installing any desktop app?  Perhaps in two ways. First, a Facebook app might be thought to have access to more sensitive data than available on one’s machine — birthday, religion, etc., are offered up for the plucking in a way that they are not on one’s hard drive. On the other hand, there are surely much more sensitive documents on a hard drive, and that someone would enter data into Facebook at all suggests a threshhold willingness to share that isn’t present with the data accessible to a desktop app.

But there is another difference at work: partly because of technology and partly because of historical inertia, Facebook can more obviously be asked to play a gatekeeper role with its apps than an OS maker can with its desktop apps. Felt’s solution to the problem she identifies is to have Facebook run interference — serve as a proxy — between most apps and the data they presumably don’t really need. The app can say to Facebook, “Display the user’s birthday in the upper right corner of the screen,” without having to know the user’s birthday. Only in a few instances, they say, must an app really access the data in order to work.

For apps that do need that data, Felt suggests that the user could be prompted. This takes advantage of the fact that unlike the information on a hard drive, data on Facebook is already nicely organized — one’s birthday is placed into the “birthday” field, and can be pre-labeled as sensitive. This is an interesting and measured solution, but it carries a cost. First, as Facebook and its apps — still brand new! — evolve, much of the data of interest to people and the apps they install may not be located in such readily-defined fields. How to treat that without an excess of prompts to the user? Second, this puts Facebook increasingly in the position of gatekeeper, a position that Facebook itself may not even want to be in. The more it must take responsibility for the apps running on its system, the more it will be tempted — or pressured — to confine the possible abuses of those apps. The hurdles that are erected to prevent abuse can too often prevent good experimentation, too.

Social networks are rightly recognized as powerful, even transformative. The ability for unaccredited third parties to write apps that users can run to access their data and do cool things with it further leverages their power. The wild card of the platform makers’ power over those apps creates a range of options simply not available to the OS makers that preceded Web 2.0, and being put out of business by it.