A fantastic write-up by Bruce Schneier (crypto/security guru, one of my favorite technology thinkers, and fellow Minnesotan) on privacy. In response to the declarations by the CEOs of Facebook, Google, and others that “privacy is dead,” Schneier points out that young people don’t think that at all.

Schneiers point is that to the old guard, privacy equals secrecy, but to young people privacy means control. This explains why Facebook’s privacy changes and Google Buzz created such a backlash despite claims that young people don’t care about privacy. Well worth the read.

The Court of Appeals for the DC circuit released their decision on the Comcast, where the FCC’s authority to regulate traffic management techniques was challenged.  The court sided with Comcast 3-0, finding no basis for ancillary authority that the FCC claimed.  This decision was probably not a surprise to many – the FCC’s ancillary justification in Comcast was always a stretch. Here is the full decision.

This decision does not remove all methods of justifying ancillary authority, only the Title I authority the FCC had relied on.

So where does the FCC go from here? Search for another source of ancillary authority? Try and categorize broadband providers as Title II common carriers? Head to the Hill to get statutory authority to regulate the Internet?

The FCC has released a statement on the decision, which certainly indicates their commitment to continuing on a course of involvement in the Internet and their open access initiatives.

Another upcoming event at GW Law. See http://www.futureofprivacy.org/invitation/ for more details.

“Online Privacy: Where are Law and Technology Headed?”

A moderated discussion
with guest speakers
Alessandro Acquisti, Carnegie Mellon University
Ellen Blackler, AT&T
Ryan Calo, Stanford Center for Internet & Society

Tuesday, April 13, 2010
8:00 am – 10:30 am

A recent article in the New York Times entitled “Redrawing the Route to Online Privacy” (February 27, 2010)observed: “On the Internet, things get old fast. One prime candidate for the digital dustbin, it seems, is the current approach to protecting privacy on the Internet.” The article went on to catalog the criticisms of “notice and choice” and concluded: “Whatever the future of regulation, better digital tools are needed.” At this program, which is part of the collaboration between the Future of Privacy Forum and the George Washington University Law School, panelists Alessandro Acquisti will discuss “privacy nudges,” Ryan Calo will discuss the development of technologies that deliver “visceral notice”; and Ellen Blackler will demonstrate how one telecommunications company has provided “layered notices” to achieve transparency. The discussion of new approaches to transparency will be set against the backdrop of a discussion of emerging US and EU law on consumer control.

A light breakfast and coffee will be served.

Faculty Conference Center (Room B 505)
Burns Building, Fifth Floor
2000 H Street, NW,
Washington, DC 20052

Please RSVP to info@futureofprivacy.org

On April 1st, GW Cyberlaw will be hosting an expert panel discussing the cybersecurity and privacy portions of the National Broadband Plan. For more information on the plan and the applicable recommendations, see www.broadband.gov. Cybersecurity is in Chapter 16 and privacy is spread among chapters 4, 11, 12, 17, and a few other scattered places.

Cybersecurity and Privacy in the FCC’s National Broadband Plan
April 1st, 5pm
George Washington University Law School
Faculty Conference Center (Burns 505)

Panelists:
Dan Caprio, McKenna Long
Jeffrey Goldthorp, FCC
Jim Harper, Cato Institute
Robert Mayer, US Telecom Association
Moderated by Orin Kerr, GW Law School

For more information email Andy Blair (ablair@law.gwu.edu) or Ari Moskowitz (azmoskowitz@law.gwu.edu).

Bloomberg is reporting that the FCC is considering requiring Verizon and AT&T to lease fast internet to rival ISPs. The proposal is backed by Cbeyond, a provider of Internet and data services to small businesses, and has the support of the Small Business Administration as a job creation tool.

This is interesting given the recent trend at the FCC to move away from common carrier-type regulation of telecommunications providers. The data services are indistinguishable from those of the cable TV companies, so it seems sort of silly to only require phone companies and not cable providers to share their lines. Cable and telcos are subject to separate regulation regimes because of their differing history and technological evolution, but both are becoming just data service providers with different legacy expertise. Hopefully the FCC starts to regulate them more consistently.

Allowing other companies access to the physical lines is a good idea. Telcos and cable companies insist that they will not have incentives to invest in the lines if they have to share. There is not a lot of evidence either way, but a system where consumers have one or at most two or three choices between effectively identical companies is not competition and is not good for consumers.

Curious as to the thoughts of the law school community on the Google Buzz release this week. There is some significant chatter as to the privacy implications and how Google rolled out the service that are legitimate. This story for one (strong language warning). Here is another strong perspective.

Will there be any legal backlash against Google for exposing information that was not intended to be shared? There are situations that there might be cognizable claims – see the first link above, essentially a lot of supposedly private information was exposed to a woman’s abusive ex-husband without any warning or clear way to turn it off. Imagine the information exposed was something the ex-husband didn’t know that set him off. Could Google be liable if he attacked or killed her? Google would probably claim that there should have been no expectation of privacy, but users have such an expectation whether it is well-founded or not.

The problem with the Google Buzz rollout is the combination of 1) no notice of what exactly it was and what information it would share with whom, 2) sharing everything with everyone by default rather than a more limited opt-in approach, and 3) difficult and intricate process for opting out/turning it off.

It seems that every few months someone (Facebook more often than not) makes some change that has widespread privacy implications for users of a major social networking or communications service. Despite warnings from journalists, career counselors, lawyers, and about anyone else who has said something on the matter, users don’t seem to get that anything and everything they say will be recorded, stored, and sold.

Thoughts? My prediction is that there will be at least one class-action attempt from the Google Buzz release. Never underestimate pissed-off users + greedy lawyers.

Update: Didn’t take long to make changes. The big disconnect seems to be for people that already had Google profiles when they turned on Buzz – there was never any checkbox for those people (like me) telling them that the follower lists would be public.

Update2: Right on time. Class-action suit v. Google because of Buzz.

DC’s weather is no obstacle to the Free Culture Conference being held at GW this weekend. There are talks scheduled on open networks, fair use, along with a keynote by the always-interesting Jonathan Zittrain from the Berkman Center.

For more details on events, speakers, and schedules, see http://conference.freeculture.org/.