January 13, 2025

Posts Comments

2008 Predictions Scorecard

January 6, 2009 by

As usual, we’ll kick off the new year by reviewing the predictions we made for the previous year. Here now, our 2008 predictions, in italics, with hindsight in ordinary type.

(1) DRM technology will still fail to prevent widespread infringement. In a related development, pigs will still fail to fly.

We predict this every year, and it’s always right. This prediction is so obvious that it’s almost unfair to count it. Verdict: right.

(2) Copyright issues will still be gridlocked in Congress.

We could predict this every year, and it would almost always be right. History teaches that it usually takes a long time to build consensus for any copyright changes. Verdict: right.

(3) No patent reform bill will be passed. Baby steps toward a deal between the infotech and biotech industries won’t lead anywhere.

Verdict: right.

(4) DRM-free sales will become standard in the music business. The movie studios will flirt with the idea of DRM-free sales but won’t take the plunge, yet.

This was basically right. DRM-free music sales are much more common than before. Whether they’re “standard” is a matter for debate. The movie studios haven’t followed the record industry, yet. Verdict: mostly right.

(5) The 2008 elections will not see an e-voting meltdown of Florida 2000 proportions, but a bevy of smaller problems will be reported, further fueling the trend toward reform.

As predicted, there was no meltdown but we did see a bevy of smaller problems. Whether this fueled the trend toward reform is debatable. The problems that did occur tended to be ignored because the presidential election wasn’t close. Verdict: mostly right.

(6) E-voting lawsuits will abound, with voters suing officials, officials suing other officials, and officials suing vendors (or vice versa).

There were some lawsuits, but they didn’t “abound”. Verdict: mostly wrong.

(7) Second Life will jump the shark and the cool kids will start moving elsewhere; but virtual worlds generally will lumber on.

Second Life seems to have lost its cool factor, but then so have virtual worlds generally. Still, they’re lumbering on. Verdict: mostly right.

(8) MySpace will begin its long decline, losing customers for the first time.

I haven’t seen data to confirm or refute this one. (Here’s one source.) Comscore said that Facebook passed MySpace in user share, but that doesn’t imply that MySpace decreased. Verdict: unknown.

(9) The trend toward open cellular data networks will continue, but not as quickly as optimists had hoped.

This one is hard to call. The growth of Android and iPhone unlocking would seem to be steps toward open cellular data networks, but the movement has not been rapid. Verdict: mostly right.

(10) If a Democrat wins the White House, we’ll hear talk about reinvigorated antitrust enforcement in the tech industries. (But of course it will all be talk, as the new administration won’t take office until 2009.)

Verdict: right.

(11) A Facebook application will cause a big privacy to-do.

There were Facebook privacy issues, but mostly about non-application issues. Overall, interest in Facebook apps declined during the year. Verdict: mostly wrong.

(12) There will be calls for legislation to create a sort of Web 2.0 user’s bill of rights, giving users rights to access and extract information held by sites; but no action will be taken.

Verdict: right.

(13) An epidemic of news stories about teenage webcam exhibitionism will lead to calls for regulation.

Verdict: wrong.

(14) Somebody will get Skype or a similar VoIP client running on an Apple iPhone and it will, at least initially, operate over AT&T’s cellular phone network. AT&T and/or Apple will go out of their way to break this, either by filtering the network traffic or by locking down the iPhone.

Various VoIP clients did run on the iPhone. Apple said they would allow this over conventional WiFi networks but intended to prevent it on the cellular network, presumably by banning from the iPhone App Store any application that provided VoIP on the cell network. Verdict: right.

Our final scorecard: six right, four mostly right, two mostly wrong, one wrong, one unknown.

Stay tuned for our 2009 predictions.

Filed Under: Uncategorized Tagged With:

Taking Advantage of Citizen Contrarians

January 2, 2009 by

In my last post, I argued that sifting through citizens’ questions for the President is a job best done outside of government. More broadly, there’s a class of input that is good for government to receive, but that probably won’t be welcome at the staff level, where moment-to-moment success is more of a concern than long-term institutional thriving. Tough questions from citizens are in this category. So is unexpected, challenging or contrarian citizen advice or policy input. A flood of messages that tell the President “I’m in favor of what you already plan to do,” perhaps leavened with a sprinkling of “I respectfully disagree, but still like you anyway,” would make for great PR, and better yet, since such messages don’t offer action guiding advice, they don’t actually drive any change whatsoever in what anyone in government—from the West Wing to the furthest corners of the executive branch—does.

Will the new administration set things up to run this way? I don’t know. Certainly, the cookie-cutter blandness of their responses to the first round of online citizen questions is not a promising sign. There’s no question that Obama himself sees some value in real, tough questions that come from the masses. But the immediate practical advantages of a choir that echoes the preacher may be a much more attractive prospect for his staff then the scrambling, search, and actual policy rethought that might have to follow tough questions or unexpected advice.

This outcome would be a lost opportunity precisely because there are pockets of untapped expertise, uncommon wisdom, and bright ideas out there. Surfacing these insights—the inputs that weren’t already going to be incorporated into the policy process, the thoughts that weren’t talking points during the campaign, the things we didn’t already know—is precisely what the new collaborative technologies have made possible.

On the other hand, in order for this to work, we need to be able to regard (at least some of) the surprising, unexpected or quirky citizen inputs as successes for the system that attracted them, rather than failures. We can already find out what the median voter thinks, without all these fancy new systems, and in any case, his or her opinion is unlikely to add new or unexpected value to the policy process.

Obamacto.org, a potential model for external sites that gather citizen input for government, has a leaderboard of suggested priorities for the new CTO, voted up by visitors to the site. The first three suggestions are net neutrality regulation, Patriot Act repeal and DMCA repeal—unsurprising major issues. Arguably, if enough people took part in the online voting, there would be some value in knowing how the online group had prioritized these familiar requests. But with the fourth item, things get interesting: it reads “complete the job on metrication that Ronald Reagan defunded.”

On the one hand, my first reaction to this is to laugh: Regardless of whether or not moving to the metric system would be a good idea, it’s something that doesn’t have nearly the political support today that would be needed in order for it to be a plausible priority for Obama’s CTO. Put another way, there’s no chance that persuading America to do this is the best use of the new administration’s political capital.

On the other hand, maybe that’s what these sorts of online fora are for: Changing which issues are on the table, and how we think about them. The netroots turned net neutrality into a mainstream political issue, and for all I know they (or some other constellation of political forces) could one day do the same for the drive to go metric.

Readers, commenters: What do you think? Are quirky inputs like the suggestion that Obama’s CTO focus on metrication a hopeful sign for the value new deliberative technologies can add in the political process? Or, are they a sign that we haven’t figured out how these technologies should work or how to use them?

Filed Under: Uncategorized Tagged With:

Government Shouldn't "Help" Citizens Pick Tough Questions for Obama

December 31, 2008 by

A couple of weeks ago, Julian Sanchez at Ars Technica, Ben Smith at Politico and others noted a disturbing pattern on the incoming Obama administration’s Change.gov website: polite but pointed user-submitted questions about the Blagojevich scandal and other potentially uncomfortable topics were being flagged as “inappropriate” by other visitors to the site.

In less than a week, more than a million votes-for-particular-questions were cast. The transition team closed submissions and posted answers to the five most popular questions. The usefulness and interest of these answers was sharply limited: They reiterated some of the key talking points and platform language of Obama’s campaign without providing any new information. The transition site is now hosting a second round of this process.

It shouldn’t surprise us that there are, among the Presdient-elect’s many supporters, some who would rather protect their man from inconvenient questions. And for all the enthusiastic talk about wide-open debate, a crowdsourced system that lets anyone flag an item as inappropriate can give these few a perverse kind of veto over the discussion.

If the site’s operators recognize this kind of deliberative narrowing as a problem, there are ways to deal with it. One could require a consensus judgement of “inappropriateness” by a cross-section of Change.gov users that is large enough, or is diverse with respect to geography, time of visit, amount of past involvement in the site, or any number of other criteria before taking a question out of circulation. Questions that have been preliminarily flagged as inappropriate could enter a secondary moderation queue where their appropriateness can be debated, leading to a considered “up or down” vote on whether a given question belongs in the mix. The Obama transition team could even crowdsource this problem itself, looking for lay input (or input from experts at places like Digg) about how to make sure that reasonable-but-pointed questions stay in, while off topic, off color, or otherwise unacceptable ones remain out.

But what are the incentives of the new administration’s online team? They might well find it convenient, as Julian writes, to “crowdsource a dodge” to inconvenient questions–if the users of Change.gov adopt an expansive view of “inappropriateness,” the Obama team will likely benefit slightly from soft, supportive questions in the near term, though it will run the risk of allowing substantive problems, or citizen concerns, to fester over the longer term. And that tradeoff could hold much more appeal for the median administration staffer than it does for the median American.

In other words, having the administration’s own tech people manage the moderation of questions directed at the President may be like having the fox guard the henhouse. I agree that even this is much more open than recent past administrations, but I think the more interesting question here is what would be ideal.

I suspect this key plank of the new administration’s plans will never be able to be fully realized within government. The President needs to answer questions that a nonzero number of his most enthusiastic supporters are willing to characterize as “inappropriate.” And for that to happen, the online moderation needs to take place outside of .gov. A collective move toward one of the .org alternatives, for this key activity of sifting questions, would be a great first step. That way, the goal of finding tough but honest questions can plausibly sit paramount.

Filed Under: Uncategorized Tagged With:

Internet voting-a-go-go

December 29, 2008 by

Yes, we know that there’s no such thing as a perfect voting system, but the Estonians are doing their best to get as far away from perfection as possible. According to the latest news reports, Estonia is working up a system to vote from mobile phones. This follows on their earlier web-based Internet voting. What on earth are they thinking?

Let’s review some basics. The Estonian Internet voting scheme builds on the Estonian national ID card, which is a smartcard. You get the appropriate PCMCIA adapter and you can stick it into your laptop. Then, through some kind of browser plug-in, it can authenticate you to the voting server. No card, no voter impersonation. The Estonian system “avoids” the problem of voter bribery / coercion by allowing the voter to cast as many votes as they want, but only the last one actually counts. As I understand it, a voter may also arrive, on election day, at some sort of official polling place and substitute a paper ballot for their prior electronic ballot.

The threats to this were and are obvious. What if some kind of malware/virus/worm contraption infects your web browser and/or host operating system, waits for you to connect to the election server, and then quietly substitutes its own choices for yours? You would never know that the attack occurred and thus would never think to do anything about it. High tech. Very effective. And, of course, somebody can still watch over your shoulder while you vote. At that point, they just need to keep you from voting again. They could accomplish this by simply having you vote at the last minute, under supervision, or they could “borrow” your ID card until it’s too late to vote again. Low tech. Still effective.

But wait, there’s more! The central database must necessarily have your vote recorded alongside your name in order to allow subsequent votes to invalidate earlier votes. That means they’ve almost certainly got the technical means to deanonymize your vote. Do you trust your government to have a database that says exactly for whom you voted? Even if the vote contents are somehow encrypted, the government has all the necessary key material to decrypt it. (And, an aforementioned compromised host platform could be leaking this data, regardless.)

Okay, what about voting by cellular telephone? A modern cell phone is really no different from a modern web browser. An iPhone is running more-or-less the same OS X and Safari browser that’s featured on Apple’s Mac products. Even non-smart-phones tend to have an environment that’s powerful and general-purpose. There’s every reason to believe that these platforms are every bit as vulnerable to software attacks as we see with Windows systems. Just because hackers aren’t necessarily targeting these systems doesn’t mean they couldn’t. Ultimately, that means that the vulnerabilities of the phone system are exactly the same as the web system. No better. No worse.

Of course, crypto can be done in a much more sophisticated fashion. One Internet voting system, Helios, is quite sophisticated in this fashion, doing end-to-end crypto in JavaScript in your browser. With its auditability, Helios gives you the chance to challenge the entire client/server process to prove that it maintained your vote’s integrity. There’s nothing, however, in Helios to prevent an evil browser from leaking how you voted, thus compromising your anonymity. An evil election server could possibly be prevented from compromising your anonymity, depending on how the decryption keys are managed, but all the above privacy concerns still apply.

Yes, of course, Internet and cell-phone voting have lots of appeal. Vote from anywhere! At any time! If Estonia did more sophisticated cryptography, they could at least have a hope at getting some integrity guarantees (which they appear to be lacking, at present). Estonians have absolutely no privacy guarantees and thus insufficient protection from bribery and coercion. And we haven’t even scratched the surface of denial-of-service attacks. In 2007, Estonia suffered a large, coordinated denial-or-service attack, allegedly at the hands of Russian attackers. I’m reasonably confident that they’re every bit as vulnerable to such attacks today, and cell-phone voting would be no less difficult for resourceful attackers to disrupt.

In short, if you care about voter privacy, to defeat bribery and coercion, then you want voters to vote in a traditional polling place. If you care about denial of service, then you want these polling places to be operable even if the power goes out. If you don’t care about any of that, then consider the alternative. Publish in the newspaper a list of every voter and how they voted, for all the world to see, and give those voters a week to submit any corrections they might desire. If you were absolutely trying to maximize election integrity, nothing would beat it. Of course, if you feel that publishing such data in the newspaper could cause people to be too scared to vote their true preferences, then maybe you should pay more attention to voter privacy.

(More on this from Eric Rescorla’s Educated Guesswork.)

Filed Under: Uncategorized Tagged With:

The DC Metro and the Invisible Hand

December 22, 2008 by

My friend Tom Lee has been pestering the Washington Metropolitan Area Transit Authority, the agency that runs the DC area’s public transit system, to publish its schedule data in an open format. That will allow companies like Google to include the information in products like Google Transit. It seems that Google has been negotiating with WMATA for months to get access to the data, and the negotiations recently broke down, depriving DC-area transit users of the opportunity to use Google Transit. Reading between the lines, it appears that the sticking point is that WMATA wants Google to cough up some money for access to the data. It seems that WMATA earns some advertising revenue from its existing website, and it’s afraid that Google will undermine that revenue source.

While as a taxpayer I’m happy to see WMATA worrying about its bottom line, this seems like a pretty misguided decision. For starters, this really isn’t about Google. Google has been lobbying transit agencies around the country to publish data in the Google Transit Feed Specification. Although it may sound proprietary, the GTFS is an open standard. This means that absolutely anyone can download GTFS-formatted data and put it to new uses. Of course, Google has a small head start because they invented the format, but with Google making open-sourced tools available for manipulating GTFS files, the barrier to entry here is pretty small.

WMATA seems to have lost sight of the fact that it is a government agency accountable to the general public, not a profit-making business. It’s laudable that the agency is looking for new revenue sources, but it’s silly to do so in the way that’s contrary to its broader mission. And the amount of money we’re talking about here—DCist says the agency made $68,000 in ad revenue 2007—is truly trivial for an agency with a billion-dollar budget. Scuttling WMATA participation in Google Transit looks especially shortsighted when we consider that making schedule information easier to access would almost certainly bring additional riders (and, therefore, additional revenues) to the system.

Finally, and most importantly, WMATA should remember the point made by my colleagues in their recent paper: the most important uses for public data are often the ones that no one expects at the outset. Google Transit is great, and Metro riders will enjoy immediate benefits from being able to access schedule information using it. But there may be even more valuable uses to which the data could be put. And not everyone with a good idea for using the data will have the resources to negotiate directly with the WMATA for access. This is why it’s crucial that WMATA not only release the data to Google, but to make it freely and widely available to the general public, so that other private parties can get access to it. To its credit, Google has asked WMATA to do just that. WMATA should say yes.

Filed Under: Uncategorized