Happy New Year.

Two tech policy hearings toward the end of the year exhibited a common theme despite very different subject matters: a Congressional hearing before the Communications and Technology Subcommittee of House Energy and Commerce on the spectrum incentive auctions and an informational hearing conducted by the Federal Trade Commission on “Comprehensive Online Data Collection.”

The common theme is people talking past each other despite their presence on a panel that’s supposed to be focused on a particular issue.

Speculating on Spectrum

The C&T hearing was called because members are uncomfortable with statements from the FCC indicating an agency agenda with the potential to derail the auctions. In short, Congress wants the FCC to focus the hearing on releasing the greatest amount of spectrum for mobile broadband licenses as is reasonably possible, while the FCC apparently wants to hold back some spectrum for White Spaces systems that don’t require licenses, don’t add money to the treasury, and don’t permit cellular networks to expand from their current licenses in the 700 MHz band into nearby channels. The FCC is intrigued by the possibilities that the White Spaces system may offer, but is admittedly unsure of the specific forms of innovation that the system offers.

The element of the White Spaces notion that holds the most appeal is something called an “authorization database” (sometimes simply called the “White Spaces database”) that allows the FCC to change the usage permissions of particular frequencies in particular areas as they wish. The database enables the FCC to stay in the game and re-assign spectrum on a daily basis, where the traditional license runs for perpetuity. So we have a classic conflict between the desire of some to allow the market to control access to resource and the desire of others to make the access contingent upon ongoing regulatory approval. With an authorization database, the FCC can change its mind as conditions warrant, but licenses reduce regulator involvement.

This conflict is so essential that there’s no easy way to resolve it: it’s a fundamental philosophical impasse in which there are good arguments on both sides. Conditions do change, so permanent licenses can cause problems. The simple fact that so much of the 700 MHz band is still assigned to TV broadcasting is an example of this happening.

In the 1950s, it seemed perfectly clear that it was appropriate to deliver TV broadcasts over the public airwaves; there was no other way to do it at the time, as the nation lacked a wired network with the capability to deliver TV to every home and it wasn’t clear that the nascent TV system would be worthy of the investment in a new system of wires. We actually had two national wireline networks with extensive coverage, one for telephones and another for telegraph, but neither had the capacity to carry TV signals.

Fifty years later, everything has changed: we now use our mobile telephones over the air, we receive TV over a wire or from a satellite, and the telegraph network is retired. The mobile and satellite networks rely on licensed spectrum, the cable TV network carries telephone calls and Internet Protocol in its spare time, and the TV spectrum is seriously under-utilized while the cellular network is plainly over-utilized, if such a thing is possible.

On the other side, ongoing regulator involvement opens a door to regulatory mischief. This is not so much to say that today’s FCC is anything but a paragon of virtue as it is to suggest that some future FCC may abuse its powers if we arm it with too many of them today. The specter of a federal agency going a step too far is not completely delusional: there were internment camps during World War II, the Public Health Service has engaged in such misbehavior as the Tuskegee Experiment, and the FCC itself has become a little over-enthusiastic about several technologies that didn’t go anywhere, such as Ultra-Wideband. So there is certainly a lot of appeal in washing the government’s hands of things the private sector is willing and able to handle on its own.

Unfortunately, the discussion didn’t focus on this issue. As with so many hearings, it dealt with side issues that seemed to serve as proxies for the central ones. Democratic members of the FCC made the argument that unlicensed spectrum is good for innovation, which is true enough, while Republican members argued that licensed spectrum is good for innovation, which is also true. But these arguments were simply the table stakes for the debate, and hardly need to be articulated. The issue for the Incentive Auctions on licensed vs. unlicensed is actually about where the unlicensed services should be located in the overall spectrum map and whether there is a present need to expand the inventory of unlicensed, which currently stands at about 450 MHz in the range below 4 GHz.

The economy has determined that unlicensed is primarily useful for low-power, limited distance, occasional use system such as Bluetooth and Wi-Fi where the number of spectrum managers is so large that the administrative overhead of regulating each one would be ridiculously high. Licenses are held by network operators who serve millions of users, but there is no network operator for Bluetooth other than the end user with a Bluetooth-enabled smart phone and a Bluetooth headset, keyboard, mouse, or fitness monitor. So we have a few dozen major license holders for TV broadcast and cellular compared to a hundred million or so Bluetooth “operators.” These are two radically different scenarios.

The FCC’s Democratic majority asserts that they don’t know what use will be made of wide area unlicensed spectrum, a point about which there is broad agreement. The economics of wide area networks suggest that certainty of ownership and protection from interference are essential prerequisites to investment, which in turn is a prerequisite to offering services to the public.

Any wide area network is going to exhibit the same economic characteristics whether the spectrum is licensed on an ongoing basis or simply authorized for a short time by a “contingent sharing database.” The experimental applications for which White Spaces have currently been authorized function in the same way that licensed spectrum does: Users have exclusive access to the spectrum, so they’re free to act in the same way that a licensed carrier does.

The hearing didn’t reach an accommodation, so the subject will be dealt with again and again until it’s resolved. Hopefully, this won’t delay the auction by too much or take too much spectrum off the table. One thing that would help would be for the FCC to simply refuse to renew any TV broadcast licenses except a small number of shared channels in remote areas with poor cable service. That will probably require an act of Congress, however.

Shooting the Messenger

The FTC’s privacy hearing was quite painful. I testified at the first Congressional hearing on Internet privacy four years ago, and the issue hasn’t made much progress since then. We’re still debating whether ISPs are in a unique position to gather information about user activities on the web (they aren’t) and what constitutes the privacy harm with Internet data collection. A number of components know where people go on the Internet: browsers, domain name servers, operating systems, network interfaces, home routers, ISP routers, backbone routers, Internet Exchange switches, load balancers, Content Delivery Networks, cloud services, web sites, hosting services, advertisers, and payment processors. The Internet is an open system, and it’s open in every sense of the word.

In a sense, “Internet privacy” is an oxymoron. The Internet doesn’t function unless all of these components know enough about what you’re doing to make their part of it happen, so there’s no good or practical way to eliminate “online data collection,” nor should we want to eliminate it or restrict it. To do so simply endangers the very concept of an internet.

So the privacy debate is still struggling to define the precise harm that a privacy law or regulation would prevent. The term “privacy” is part of the problem, because it carries a load of baggage from the analog world that doesn’t really make any sense in the digital space. We know that the “Do Not Call” database is a wonderful thing that protects a certain form of privacy.

When our phone numbers are registered with Do Not Call, we’re free to eat dinner without the phone ringing. Most of the time, we don’t have to worry about phone calls from seedy solicitors at all, other than pollsters or political campaigns posing as pollsters who push a lot of dubious assumptions into their questions, such as: “Would knowing that candidate X is a Nazi who eats babies for breakfast make you more or less likely to vote for the rotten bastard?”

Despite the wonders of the Do Not Call database, we have technology now that makes it essentially irrelevant, such as Caller ID and voice mail.

The issue that was most evident at the FTC hearing is the fact that the term “privacy” means different things to different people. Do Not Call deals with intrusion, but that’s not really an issue on the web with the exception of pop-up ads and viruses.

So web privacy generally deals with something that’s more akin to “monitoring” or “surveillance,” if you prefer a more alarming term. Basic monitoring is obviously necessary to the reliable operation of a large network, especially one that is designed in the peculiar “stateless” way the Internet was designed. The Internet is what engineers call a “datagram” network, which means that packets flow from one end point to another regardless of the desires of the destination end point. By contrast, the telephone network doesn’t permit the flow of data unless both parties agree to communicate with each other in advance: The called party has to answer the phone before the calling party can talk.

The Internet is designed the way it is because it was originally a research network whose primary purpose was to serve as a testbed for the “protocols” or communication norms that would be best for a production system. The stateless datagram that anyone can send to anyone else at any time is simply the most general and abstract unit of communication for such a network. After the Internet was made operational on January 1, 1983 (happy 30th birthday, Internet!) it became apparent that the stateless datagram was in fact too flexible for a general use network because it permits security and stability exploits such as denial of service attacks. These are cases in which a computer is simply flooded with unwanted traffic.

The solution to this problem is to require a call/accept procedure before data can be transfered between end systems, something that was part of the Open System Interconnection project of the 1980s and is part of the RINA system today. (I wrote about RINA in a paper sponsored by the Time Warner Research Program.)

In the absence of call/accept procedure, network operators are required to monitor traffic flows to stop the denial of service attacks that take place hundreds of times a day; if they don’t, their networks become unstable and nobody’s happy. This monitoring provides operators with a great deal of raw information about what’s happening on the Internet, and if one wants to demagogue the issue, it can be called “surveillance,” but that’s a loaded, prejudicial term.

On another level, most web sites are financially supported by paid advertising, most of it not relevant to most of us most of the time. If advertisers are able to collect information about our tastes, preferences, and predilections, they become capable of targeting advertising to us that is both more relevant and more financially valuable than advertising crudely targeted to mass markets the way that broadcast and print ads are.

If the Major League Baseball shop knew I’m a fan of the Oakland A’s, they wouldn’t try to sell me San Francisco Giants gear. (They know this, actually, but still try to sell me the bad stuff because they’re inept.) If the dossiers that advertisers had on me were sufficiently precise, I can imagine a web experience that was much closer to being ad-free than it is today. Perhaps the nirvana would be to see one ad a day for a product or service that was so perfect for me that I would buy it on the spot, but no more than that.

A number of the privacy hawks at the FTC workshop refused to define the harm that comes from web monitoring, and simply declared the practice bad by labeling it “surveillance;” Alissa Cooper of the Center for Democracy and Technology did this. Cooper knows that the web has to be monitored to be stable, because she has a technical education, but privacy isn’t her area of expertise so I can only surmise that she thought it best to stick to CDT’s company line rather than confusing the regulators with facts.

Before privacy regulation can make any progress, it’s necessary to define the harm that we’re trying to prevent by regulation, and simple “surveillance” isn’t it. One thing that concerns me is the botnets that want to infect computers around the world with key loggers and other exploits that steal credit card numbers and passwords. These privacy violations clearly have a criminal purpose and cause tangible economic harm. They also resemble the activities that “Do Not Call” seeks to discipline, the unwanted intrusion into personal space. So let’s start with this harm and validate all the systems that curb such viruses. That takes the pressure off the ISPs who are the second line of defense against such exploits, after the users who are generally not technical enough to protect their own assets. This should be uncontroversial.

The second problem is similar, in that it’s also geared to keeping personal assets out of criminal hands: database security for the personal information that allows advertisers to make preference-based decisions about which ads to show which people. This becomes dicey when we consider that credit card numbers are among the most sensitive information, and they’re also the most informative to advertisers. Knowing what I’ve bought probably tells an advertisers more about what I will buy than any other dimension of my digital life, and this information is ultimately indexed by my credit card numbers and social security numbers. This information can be protected from prying eyes by replacing actual credit card numbers with numerical transformations that can be used by the managers of credit card history to determine card numbers but by no one else. For example, a request for my purchase history in the category of sporting goods with a Visa card would be presented by a reference number to the credit card company that ensure the authenticity of the requestor and is the changed into a real credit card number internally. Math tricks like this are part of the SSL and SSH protocols widely used today.

Other FTC issues related to user permissions and retention policies, but these are often fringe issues that grab inordinate regulator time simply because they’re easy to understand.

The work that needs to be done in this area should probably focus on the design of databases of personal information that are secure from leaks and not vulnerable to attack. Throwing out scary words like “surveillance” doesn’t help, and it’s actually a bit McCarthy-esque. Instead of scaring people, let’s see if we can’t help inform them in a balanced way.

The Internet is designed in such a way that the practices it requires of operators are enough like “surveillance” that those with an ax to grind can always accuse them of bad actions. This is simply shooting the messenger. The first step toward a reasonable Internet privacy framework is a recognition of the Internet’s technical shortcomings and the consequent validation of the practices that its design forces on network operators.