Reflecting on the recent argument about Howard Dean’s old smartcard speech, Larry Lessig condemns the kind of binary thinking that would divide us all into two camps, pro-privacy vs. pro-national-security. He argues that Dean’s balanced speech was (perhaps deliberately) misread by some, with the goal of putting Dean into the extreme pro-national-security/anti-privacy camp.

There is a special circle in hell reserved for those who try to destroy the middle ground on issues like this. Dean was clearly trying to take a balanced position, and it’s unfair to ignore the pro-privacy part of his speech to paint him as anti-privacy. Dean was advocating a reasonable balance.

But it’s not enough simply to want balance. You also have to figure out how to achieve it, or at least approximate it, by adjusting the available policy levers. And that can be difficult, especially if those levers are weak or hard to understand. Opting for balance is not the end of the policy process, but the beginning.

Rather than accusing politicians like Dean of wanting the worst for America, we can do much more good by helping them understand what the policy levers do and why it might not be such a good idea to pull that one they’re reaching for.

Declan McCullagh at CNet news.com criticizes a speech given by Howard Dean about two years ago, in which Dean called for aggressive adoption of smartcard-based state driver’s licenses and smartcard readers. Declan highlights the privacy-endangering aspects of the smartcard agenda, and paints Dean as a hypocrite for pushing that agenda while positioning himself as pro-privacy.

Larry Lessig (among others) argues that Declan mischaracterized Dean’s speech, and urges people to read the text of Dean’s speech. Others have compared this incident to Declan’s infamous role in manufacturing the “Al Gore claims to have invented the Internet” meme back in 2000.

There is certainly a disconnect between the tone of Declan’s article and that of Dean’s speech. Reading the speech, we see Dean genuflecting properly, and at length, to the importance of privacy. We don’t hear about that in Declan’s article.

But Declan’s omissions aren’t the whole story. The first half of Declan’s piece quotes extensively from Dean’s speech, and it portrays accurately the technical proposal that Dean was endorsing. Declan’s reaction to that technical agenda is not unreasonable. For example, a National Academy study report on national ID technologies took a position closer to Declan’s than to Dean’s.

The fact is that there is a deep disconnect between the different sections of Dean’s speech. It’s hard to reconcile the privacy-is-paramount part of the speech with the smartcards-everywhere part. At least, it’s hard to reconcile them if you really understand the technology. Dean makes a compelling argument that computer security is important, and he makes an equally compelling argument in favor of preserving privacy. But how can we have both? Enter the smartcard as deus ex machina. It sounds good, but unfortunately it’s not a technically sound argument.

Now, nobody expects state governors to understand technology well enough to spot the technical flaws in Dean’s speech. Probably, nobody advising Dean at the time had the knowledge to notice the problem. That’s not good; but it hardly makes Dean unique.

At bottom, what we have here is a mistake by Dean, in deciding to give a speech recommending specific technical steps whose consequences he didn’t fully understand. That’s not good. But on the scale of campaign gaffes, this one seems pretty minor.

[Disclaimer: My longstanding policy is to avoid partisan politics on this blog. I’m commenting on this issue because of my expertise in computer security, and not to make a political point or to urge anyone to vote for or against Dean.]

Several things have been missed in the recent flare-up over Adobe Photoshop’s refusal to import images of currency. (For background, see Ted Bridis’s APstory.)

There’s a hidden gem in the Slashdot discussion, pointing to a comment by Markus Kuhn of Cambridge University. Markus established that some color copiers look for a special pattern of five circles (usually yellow or orange in color), and refuse to make high-res copies of documents containing them. Sure enough, the circles are common on paper money. (On the new U.S. $20 bills, they’re the zeroes in the little yellow “20”s that pepper the background on the back side of the bill.) Markus called the special five-dot pattern the “constellation EURion” because he first spotted it on Euro notes.

But reported experiments by others show that Photoshop is looking for something other than EURion. For example, Jon Sullivan says that Photoshop refuses to load this image, which nobody would mistake for currency.

There’s been lots of talk, too, about artists’ legitimate desire to use currency images, and lots of criticism of Adobe for stopping them from doing so. But check out the U.S. government’s legal limitations on representations of currency, which are much more restrictive than I expected. Representations of U.S. currency must be one-sided, and must differ substantially in size from real bills, and all copies (including computer files) must be destroyed after their final use. Photographs or other likenesses of other U.S. securities, or non-U.S. currency, must satisfy all of the preceding rules, and must be in black and white. (Other countries’ rules are available too.)

Finally, the European Central Bank (ECB) is considering recommending legislation to the EU to require inclusion of currency recognition into digital imaging products. Predictably, the ECB’s proposal is wildly overbroad, applying to “any equipment, software, or other product[]” that is “capable of capturing images or transferring images into, or out of, computer systems, or of manipulating or producing digital images for the purposes of counterfeiting”. As usual, the “capable of” construction captures just about every general purpose communication technology in existence – the Internet, for example, is clearly “capable of … transferring images into, or out of, computer systems”. Note to self: it’s way past time to write that piece about the difficulties of regulating general purpose technologies.

[Thanks to Seth Schoen for pointers to some of this information.]

Wendy Seltzer (pointing to Ross Mayfield) quotes Verisign CEO Stratton Sclavos as saying, “We have to move the complexity back into the center of the network and remove it from the edge.” As even mid-level netheads know, this is the antithesis of the Internet’s design – the Internet approach is to put intelligence at the edge of the network. Here’s Wendy:

Painters buy white canvases for a reason. The Internet has succeeded as a platform for innovation because its architecture does not preempt its uses; instead, the stupid network offers a neutral background for line drawing, oil painting, and collage. Sure a grid on the blank canvas would help those making mechanical drawings at the right scale, but it’s just noise to the rest, who now need to paint an extra layer to cover it up. Complexity built into the network (such as a search engine that responds to every nonexistent domain name query [i.e., Verisign’s abortive stunt]) may enable a few uses, but it slows or breaks many more, and impedes the development of alternatives.

I’m not sure why Verisign thinks that its contract to perform certain administrative functions gives it a license to redesign the Net; but somehow it does. Just another reminder that the Net does need to be governed, if only to keep outfits like Verisign from fouling it up. Even ICANN looks pretty good at times like this.

Steven Levy, in Newsweek, offers a dystopian vision for the future of the Internet:

Picture, if you will, an information infrastructure that encourages censorship, surveillance and suppression of the creative impulse. Where anonymity is outlawed and every penny spent is accounted for. Where the powers that be can smother subversive (or economically competitive) ideas in the cradle, and no one can publish even a laundry list without the imprimatur of Big Brother. Some prognosticators are saying that such a construct is nearly inevitable. And this infrastructure is none other than the former paradise of rebels and free-speechers: the Internet.

Pretty scary! Fortunately, it’s not gonna happen.

To understand why, let’s rewind, as Levy does, to the early days of Internet mania, when many saw the Net as an anarchist utopia that didn’t have laws, and didn’t need them. A few contrarians like Larry Lessig argued that the Net wasn’t inherently immune from control and regulation, and that society would bring its norms, and government its laws, to the Net. And indeed that is what happened.

This should have been obvious, considering the pervasive connections between our on-line and off-line lives. I write and publish this posting in cyberspace; but at the same time I’m sitting in a chair in Princeton, New Jersey, watching the sun rise out my back window. I have one foot in cyberspace and one foot in meatspace. And how can one foot be bound by laws and the other be immune? The rules of cyberspace and the rules of meatspace will necessarily be similar – any big disparity between them will be resolved by changing the rules on one side or the other.

For the same reason, a locked-down Net can’t really happen, at least not here in the free world. For how can one foot be enslaved while the other is free? To lock down the Internet is to disconnect it from everyday life, from the life where I can send an invitation, or a business memo, or a home movie to anyone at any time, where I can read whatever I like without asking a censor’s permission.
We might go some short distance down the road of control, but ultimately the rules of cyberspace are firmly tethered to the rules of meatspace. And in the rules of meatspace – at least where I’m lucky enough to live – lockdown isn’t allowed.

This isn’t to say that we should ignore the forces of control, or that we should acquiesce in whatever small victories they may be able to win. We need to be vigilant and fight for the right to build and use new technologies. It’s that struggle that keeps the Net connected to the freedoms we enjoy in the real world. It’s that struggle that keeps techno-lockdown in the realm of speculation and not reality.