Theories of cyberspace regulation
� The problem: Cyberspace is a different context from the physical world.� We may need to rethink how regulation of
behaviour works.
� The question: What regulates? � What different forms of regulation are there?
Forms of regulation
� Lawrence Lessig's answers: � 4 things regulate - Norms; Markets, Law and 'Code'
(environment)� Law also regulates the other 3 - indirect regulation by
law � Effectiveness is very different in cyberspace
� Lessig's main lesson: Consider all 4 and how they interact
� Criticism: Surveillance is a 5th form of regulation
1 Norms, morality and self-regulation
� Real space norms cause disapproval and guilt
� Cyberspace has its own 'netiquette'� Examples: using CAPITALS; attachments
sent to lists
� Effectiveness in cyberspace increased by surveillance� The morality of the goldfish bowl
2 Markets
� Market constrains work in cyberspace� Unpopular 'code' can perish
� Selling region-blocked DVD players in HK?� Surveillance damaged DoubleClick's share
price
� Prices can affect norms� Are CD / DVD prices considered fair?� Is DVD region blocking fair?
3 'Code’ (environment)
� In real space - Natural and built environment -� Bank robberies - Laws and morality help; but walls,
locks, glass & guns are better� Immigration - Distance and lack of borders� Easy to ignore, often because unchangeable
� In cyberspace - ‘Code’ is the equivalent� Can control access, and monitor it� Determines what actions are possible and impossible� ‘A set of constraints on how one can behave’ -Lessig� The walls, bridges, locks and cameras of cyberspace
‘Code' or 'architecture'?
� 'Code' is cute but confusing� East coast code (Washington) vs West coast code
(Redmond)� The US Code vs hackers' code
� 'Architecture' is more accurate� Cyberspace is more than software
� Protocols (non-material artefacts)� Hardware (material artefacts) � Biology and geography (natural environment)
� 'Code' is part of cyberspace architecture
4 Law - direct and indirect
� Law increasingly directly regulates cyberspace behaviour
� But it indirectly regulates the other 3 constraints
� Legal regulation of architecture is the key� It is the most effective strategy for
governments� It is also vital for limiting private power
Effective regulation
� Finding the best mix of constraints� How to prevent discrimination?
� Prohibition; education; building codes
� How to stop people smoking?� Age limits; prohibited places; education; warnings;
taxes
Surveillance: 5th constraint
� A relationship of knowledge� Knowledge by the watcher of those watched� Foucault's 'discipline'; Bentham's Panopticon� Facilitated by architecture, but not part of it� Facilitates observance of norms and laws, but
independent
� More important in cyberspace regulation� The normal context of identification is
removed� Identification, not anonymity, is the default
Law modifying surveillance
� Law acts indirectly to modify surveillance� Data protection laws protect privacy
� Eg Personal Data (Privacy) Ordinance
� Laws mandate compliance� eg smart ID card
� Laws prevent circumvention � eg DRMS anti-circumvention
Cyber-regulation is different
� Cyberspace architecture is mainly artefact� Greater immediacy of application
� Cyberspace architecture is often self-executing
� Most architecture has high plasticity� Its easier to change cyberspace
� Architecture's legitimacy is questionable� We should ask the pedigree of any regulation� What should private companies control?
Example: Copyright, DRMS and anti-circumvention
� DRMS - The new paradigm for content protection� Copyright law was the old paradigm
� Content owners want to control 3 parties� Content consumers� Consumer hardware manufacturers� Content intermediaries
� (DRMS diagram modified from Bechtold)
Digital content owners
Content intermediaries(licensed)
Pirate distributors
Publishers, retailers,
DRMS intermediaries, theatres, TV, etc
Consumer hardware manufacturers
(DRMSlicencees)
Circumvention device mfgs;unlicensed hardware mfgs.
Content consumers(purchasers)
Illegal consumer copiers; borrowers, renters etc
Contract
Technological measures
Technology protection legislation
Content protection legislation
Importance of 'commons'
� Lessig's argument in ’The Future of Ideas'� The Internet is an 'innovation commons’� It is in danger of losing that character
� 'Commons' - Resources from which no-one may be excluded - the 'free'
� Commons are not necessarily 'tragic':� Not if they are non-rivalrous (eg protocols)� Not if you control over-consumption� Both require sufficient incentives to create
Internet as an 'innovation commons'
� Benefits of the Internet as a commons � Benefits to freedom (first book)� Benefits to innovation (second book)
� Must consider each Internet 'layer'� Physical layer, 'code' layer (protocols and
applications) and content layer� Each could be a commons or controlled� Currently, each layer is partly controlled� Changes imperil the mix providing innovation
E2e: 'code' layer commons
� e2e ('end to end') network design� Philosophy of the original Internet designers� 'Smart' features are at the margins� Anyone can add a new application to the net� Network controllers do not decide
applications allowed
� Innovation irrespective of the wishes of network owners� 'Code' helps determine the level of innovation
Lessig's recipe for innovation (1)
� 1 'Physical' layer reforms� Spectrum allocation for wireless Internet
� 2 'Code' layer reforms� Government encouragement of open code
� US government uses proprietary programs� [The PRC government has done this already]
� Require 'code neutrality' by carriers, by� (a) Banishment from providing Internet services; or� (b) Requirement to provide open access; or� (c) No TCP/IP without observing e2e
Lessig's recipe for innovation (2)
� 3a Content layer - Copyright law reforms� Short renewable terms
� Eldred v Ashmore: stop the term being extended� [Shorter or renewable terms would breach US
treaty obligations]
� For software, 5 year term only, renewable once
� A defence for new technologies� 'No breach if no harm to copyright owner'
� Compulsory licensing of music for file-sharing
Lessig's recipe for innovation (3)
� 3a Content layer - Copyright law reforms (cont)� Tax benefits for putting works into the public
domain� A 'right to hack' DRMS to protect fair use
('Cohen theorem')� Stop contract law undermining copyright law
� 3b Content layer - Patent law reforms� Moratorium on patents for software and
business methods
References(1)
� Works by Lawrence Lessig• Lawrence Lessig 'The Law of the Horse: What Cyberlaw
Might Teach' (PDF only) (1999) 113 Harvard Law Review 501 (drafts were available from 1997)
• Lawrence Lessig Code and Other Laws of Cyberspace Basic Books 1999
• Lawrence Lessig 'Cyberspace's Architectural Constitution' (June 2000, Text of lecture at www9, Amsterdam)
• Lawrence Lessig The Future of Ideas: The Fate of the Commons in a Connected World Random House, 2001
• See his home page for links to these and others
References(2)
� Works by others• James Boyle 'Surveillance, Sovereignty, and Hard-Wired
Censors' (1997)• Graham Greenleaf 'An Endnote on Regulating
Cyberspace: Architecture vs Law? (1998) University of New South Wales Law Journal Volume 21, Number 2
• Stefan Bechtold 'From Copyright to Information Law - Implications of Digital Rights Management'. Workshop on Security and Privacy in Digital Rights Management 2001. 5. November 2001, Philadelphia, USA.
• See the Timetable for further reading