Ayout 1
0465039146-FM:FM 12/5/06 12:25 AM Page i
C O D E
0465039146-FM:FM 12/5/06 12:25 AM Page iii
C O D E
v e r s i o n
2 . 0
L A W R E N C E
L E S S I G
A Member of the Perseus Books Group
New York
0465039146-FM:FM 12/5/06 12:25 AM Page iv
Copyright © 2006 by Lawrence Lessig CC Attribution-ShareAlike
Published by Basic Books
A Member of the Perseus Books Group
Printed in the United States of America. For information, address Basic Books, 387
Park Avenue South, New York, NY 10016–8810.
Books published by Basic Books are available at special discounts for bulk purchases
in the United States by corporations, institutions, and other organizations. For more
information, please contact the Special Markets Department at the Perseus Books
Group, 11 Cambridge Center, Cambridge MA 02142, or call (617) 252-5298, (800)
255-1514 or e-mail special.markets@perseusbooks.com.
CIP catalog record for this book is available from the Library of Congress.
ISBN-10: 0–465–03914–6
ISBN-13: 978–0–465–03914–2
06 07 08 09 / 10 9 8 7 6 5 4 3 2 1
0465039146-FM:FM 12/5/06 12:25 AM Page v
Code version 1.0
FOR CHARLIE NESSON, WHOSE EVERY IDEA
SEEMS CRAZY FOR ABOUT A YEAR.
Code version 2.0
TO WIKIPEDIA,
THE ONE SURPRISE THAT TEACHES MORE THAN EVERYTHING HERE.
0465039146-FM:FM 12/5/06 12:25 AM Page vii
C O N T E N T S
Preface to the Second Edition
ix
Preface to the First Edition
xiii
Chapter 1. Code Is Law
1
Chapter 2. Four Puzzles from Cyberspace
9
PART I: “REGULABILITY”
Chapter 3. Is-Ism: Is the Way It Is the Way It Must Be?
31
Chapter 4. Architectures of Control
38
Chapter 5. Regulating Code
61
PART II: REGULATION BY CODE
Chapter 6. Cyberspaces
83
Chapter 7. What Things Regulate
120
Chapter 8. The Limits in Open Code
138
PART III: LATENT AMBIGUITIES
Chapter 9. Translation
157
Chapter 10. Intellectual Property
169
Chapter 11. Privacy
200
Chapter 12. Free Speech
233
Chapter 13. Interlude
276
PART IV: COMPETING SOVEREIGNS
Chapter 14. Sovereignty
281
Chapter 15. Competition Among Sovereigns
294
0465039146-FM:FM 12/5/06 12:26 AM Page viii
PART V: RESPONSES
Chapter 16. The Problems We Face
313
Chapter 17. Responses
325
Chapter 18. What Declan Doesn’t Get
335
Appendix
340
Notes
347
Index
399
0465039146-01 12/5/06 12:27 AM Page ix
P R E F A C E
T O
T H E
S E C O N D
E D I T I O N
This is a translation of an old book—indeed, in Internet time, it is a transla-
tion of an ancient text. The first edition of this book was published in 1999.
It was written in a very different context, and, in many ways, it was written in
opposition to that context. As I describe in the first chapter, the dominant idea
among those who raved about cyberspace then was that cyberspace was
beyond the reach of real-space regulation. Governments couldn’t touch life
online. And hence, life online would be different, and separate, from the
dynamic of life offline. Code v1 was an argument against that then common
view.
In the years since, that common view has faded. The confidence of the
Internet exceptionalists has waned. The idea—and even the desire—that the
Internet would remain unregulated is gone. And thus, in accepting the invita-
tion to update this book, I faced a difficult choice: whether to write a new
book, or to update the old, to make it relevant and readable in a radically dif-
ferent time.
I’ve done the latter. The basic structure of the first edition remains, and
the argument advanced is the same. But I’ve changed the framing of particu-
lar examples, and, I hope, the clarity of the writing. I’ve also extended the
argument in some parts, and added brief links to later work in order to better
integrate the argument of the original book.
One thing I have not done, however, is extend the argument of this book
in the places that others have worked. Nor have I succumbed to the (insanely
powerful) temptation to rewrite the book as a response to critics, both sym-
pathetic and not. I have included direction in the notes for those wanting to
follow the arguments others have made in response. But, even more than
when it was first published, this book is just a small part of a much bigger
debate. Thus, you shouldn’t read this to the exclusion of extraordinary later
work. Two books in particular already published nicely complement the argu-
ment made here—Goldsmith and Wu’s Who Controls the Net? (2006), and
Benkler’s The Wealth of Networks (2006)—and a third by Zittrain, expected in
2007, significantly extends the same argument.
ix
0465039146-01 12/5/06 12:27 AM Page x
x
preface to the second edition
I have also not tried to enumerate the mistakes, real and alleged, made in
the first edition. Some I’ve simply corrected, and some I’ve kept, because,
however mistaken others take them to be, I continue to believe that they are
not mistakes. The most important of the second type is my view that the
infrastructure of the Net will become increasingly controlled and regulable
through digital identity technologies. Friends have called this “mistake” a
“whopper.” It is not. I’m not sure what time horizon I had in mind in 1999,
and I concede that some of the predictions made there have not come to
pass—yet. But I am more confident today than I was then, and thus I have
chosen to stick with this “fundamental mistake.” Perhaps this is simply to
hedge my bets: If I’m right, then I have the reward of understanding. If I’m
wrong, then we’ll have an Internet closer to the values of its original design.
The genesis of the revisions found here was a wiki. Basic Books allowed
me to post the original edition of the book in a wiki hosted by Jotspot, and a
team of “chapter captains” helped facilitate a conversation about the text.
There were some edits to the text itself, and many more valuable comments
and criticisms.1 I then took that text as of the end of 2005 and added my own
edits to produce this book. While I wouldn’t go as far as the musician Jeff
Tweedy (“Half of it’s you, half is me”), an important part of this is not my
work. In recognition of that, I’ve committed the royalties from this book to
the nonprofit Creative Commons.
I am grateful to JotSpot (<jot.com>) for donating the wiki and hosting
services that were used to edit Code v1. That wiki was managed by an
extraordinary Stanford undergraduate, Jake Wachman, who gave this project
more time than he had. Each chapter of the book, while living on the wiki,
had a “chapter captain.” I am grateful to each of them—Ann Bartow, Richard
Belew, Seth Finkelstein, Joel Flynn, Mia Garlick, Matt Goodell, Paul Gowder,
Peter Harter, Brian Honermann, Brad Johnson, Jay Kesan, John Logie, Tom
Maddox, Ellen Rigsby, and Jon Stewart—for the work they volunteered to do,
and to the many volunteers who spent their time trying to make Code v1 bet-
ter. I am especially grateful to Andy Oram for his extensive contributions to
the wiki.
In addition to these volunteers, Stanford helped me gather an army of
law students to help complete the research that Code v2 required. This work
began with four—David Ryan Brumberg, Jyh-An Lee, Bret Logue, and Adam
Pugh—who spent a summer collecting all the work that built upon or criti-
cized Code v1. I relied upon that research in part to decide how to modify
Code v1. During the fall semester, 2005, a seminar of Stanford students added
their own critical take, as well as classes at Cardozo Law School. And then
during the year, two other students, John Eden and Avi Lev Robinson-
0465039146-01 12/5/06 12:27 AM Page xi
preface to the second edition
xi
Mosher, spent many hours helping me complete the research necessary to
finish a reasonable draft of Code v2.
No student, however, contributed as much to the final version of Code v2
as Christina Gagnier. In the final months of this project, she took command
of the research, completing a gaggle of unresolved questions, putting the
results of this 18-month process in a form that could be published, and super-
vising a check of all citations to verify their completeness and accuracy. With-
out her work, this book would not have been completed.
I am also grateful to friends and colleagues who have helped me see how
this work needed to change—especially Ed Felten, David Johnson, Jorge Lima,
Alan Rothman, and Tim Wu. Jason Ralls designed the graphics for Code v2.
And finally, I am indebted beyond words to Elaine Adolfo, whose talent and
patience are far beyond anything I’ve ever known, and without whom I could
not have done this, or much else in the past few years.
0465039146-01 12/5/06 12:27 AM Page xiii
P R E F A C E
T O
T H E
F I R S T
E D I T I O N
In the spring of 1996, at an annual conference organized under the title “Com-
puters, Freedom, and Privacy” (CFP), two science-fiction writers were invited
to tell stories about cyberspace’s future. Vernor Vinge spoke about “ubiquitous
law enforcement” made possible by “fine-grained distributed systems,” in which
the technology that will enable our future way of life also feeds data to, and
accepts commands from, the government. The architecture that would enable
this was already being built—it was the Internet—and technologists were
already describing ways in which it could be extended. As this network which
could allow such control became woven into every part of social life, it would
be just a matter of time, Vinge said, before the government claimed control over
vital parts of this system. As the system matured, each new generation of system
code would increase the power of government. Our digital selves—and increas-
ingly, our physical selves—would live in a world of perfect regulation, and the
architecture of this distributed computing—what we today call the Internet
and its successors—would make that regulatory perfection possible.
Tom Maddox followed Vinge and told a similar story, though with a
slightly different cast. The government’s power would not come just from
chips, he argued. Instead, it would be reinforced by an alliance between gov-
ernment and commerce. Commerce, like government, fares better in a well-
regulated world. Commerce would, whether directly or indirectly, help supply
resources to build a well-regulated world. Cyberspace would thus change to
take on characteristics favorable to these two powerful forces of social order.
Accountability would emerge from the fledgling, wild Internet.
Code and commerce.
When these two authors spoke, the future they described was not yet
present. Cyberspace was increasingly everywhere, but it was very hard for
those in the audience to imagine it tamed to serve the ends of government.
And at that time, commerce was certainly interested in cyberspace, though
credit card companies were still warning customers to stay far away from the
Net. The Net was an exploding social space of something. But it was hard to
see it as an exploding space of social control.
xiii
0465039146-01 12/5/06 12:27 AM Page xiv
xiv
preface to the first edition
I didn’t see either speech. I first listened to them through my computer,
three years after they were given. Their words had been recorded; they now sit
archived on a server at MIT.1 It takes a second to tune in and launch the
recording of their speeches. The very act of listening to these lectures given
years before—served on a reliable and indexed platform that no doubt
recorded the fact that I had listened, across high-speed, commercial Internet
lines that feed my house both the Internet and ABC News—confirmed some-
thing of their account. One can hear in the audience’s reaction a recognition
that these authors were talking fiction—they were science-fiction writers,
after all. But the fiction they spoke terrified those who listened.
Ten years later, these tales are no longer fiction. It is no longer hard to
understand how the Net could become a more perfectly regulated space or
how the forces behind commerce could play a role in facilitating that regula-
tion.
The ongoing battle over peer-to-peer filesharing is an easy example of
this dynamic. As an astonishing quantity of music files (among others) was
made available for free (and against the law of copyright) through P2P
applications, the recording industry has fought back. Its strategy has
included vigorous prosecution of those downloading music illegally,
extraordinary efforts to secure new legislation to add new protections for
their copyrighted content, and a host of new technical measures designed to
change a feature of the original architecture of the network—namely that
the Net copies content blind to the rules of copyright that stand behind that
content. The battle is thus joined, and the outcome will have implications
for more than just music distribution. But the form of the battle is clear:
commerce and government working to change the infrastructure to make
better control possible.
Vinge and Maddox were first-generation theorists of cyberspace. They
could tell their stories about perfect control because they lived in a world that
couldn’t be controlled. They could connect with their audience because it
wanted to resist the future they described. Envisioning this impossible world
was sport.
Now the impossible is increasingly real. Much of the control in Vinge’s
and Maddox’s stories that struck many of their listeners as Orwellian now
seems to many quite reasonable. It is possible to imagine the system of perfect
regulation that Vinge described, and some even like what they see. It is
inevitable that an increasingly large part of the Internet will be fed by com-
merce. Most don’t see anything wrong with that either. The “terrifying” has
now become normal, and only the historians (or authors of old books like
this) will notice the difference.
0465039146-01 12/5/06 12:27 AM Page xv
preface to the first edition
xv
This book continues Vinge’s and Maddox’s stories. I share their view of
the Net’s future; much of this book is about the expanding architecture of reg-
ulation that the Internet will become. But I don’t share the complacency of the
self-congratulatory cheers echoing in the background of that 1996 recording.
It may well have been obvious in 1996 who “the enemy” was. But it is not
obvious now.
The argument of this book is that our future is neither Vinge’s nor Mad-
dox’s accounts standing alone. Our future is the two woven together. If we
were only in for the dystopia described by Vinge, we would have an obvious
and powerful response: Orwell gave us the tools, and Stalin gave us the resolve
to resist the totalitarian state. After 9/11, we may well see a spying and invasive
Net. But even that will have limits. Totalitarian control by Washington is not
our future. 1984 is solidly in our past.
Likewise, if we were only in for the future that Maddox described, many
of our citizens would call that utopia, not science fiction. A world where “the
market” runs free and the “evil” of government is defeated would be, for them,
a world of perfect freedom.
But when you tie the futures described by Vinge and Maddox together, it
is a different picture altogether: A future of control in large part exercised by
technologies of commerce, backed by the rule of law (or at least what’s left of
the rule of law).
The challenge for our generation is to reconcile these two forces. How do
we protect liberty when the architectures of control are managed as much by
the government as by the private sector? How do we assure privacy when the
ether perpetually spies? How do we guarantee free thought when the push is
to propertize every idea? How do we guarantee self-determination when the
architectures of control are perpetually determined elsewhere? How, in other
words, do we build a world of liberty in the face of the dangers that Vinge and
Maddox together describe?
The answer is not in the knee-jerk antigovernment rhetoric of a libertar-
ian past: Governments are necessary to protect liberty, even if they are also
able to destroy it. But neither does the answer lie in a return to Roosevelt’s
New Deal. Statism has failed. Liberty is not to be found in some new D.C.
alphabet soup (WPA, FCC, FDA . . . ) of bureaucracy.
A second generation takes the ideals of the first and works them out
against a different background. It knows the old debates; it has mapped the
dead-end arguments of the preceding thirty years. The objective of a second
generation is to ask questions that avoid dead-ends and move beyond them.
There is great work from both generations. Esther Dyson and John Perry
Barlow, and Todd Lapin still inspire, and still move one (Dyson is editor at
0465039146-01 12/5/06 12:27 AM Page xvi
xvi
preface to the first edition
large at CNET Networks; Barlow now spends time at Harvard). And in the
second generation, the work of Andrew Shapiro, David Shenk, and Steven
Johnson is becoming well known and is compelling.
My aim is this second generation. As fits my profession (I’m a lawyer), my
contribution is more long-winded, more obscure, more technical, and more
obtuse than the best of either generation. But as fits my profession, I’ll offer it
anyway. In the debates that rage right now, what I have to say will not please
anyone very much. And as I peck these last words before e-mailing the man-
uscript off to the publisher, I can already hear the reactions: “Can’t you tell the
difference between the power of the sheriff and the power of Walt Disney?”
“Do you really think we need a government agency regulating software code?”
And from the other side: “How can you argue for an architecture of cyber-
space (free software) that disables government’s ability to do good?”
But I am also a teacher. If my writing produces angry reactions, then it
might also effect a more balanced reflection. These are hard times to get it
right, but the easy answers to yesterday’s debate won’t get it right.
I have learned an extraordinary amount from the teachers and critics
who have helped me write this book. Hal Abelson, Bruce Ackerman, James
Boyle, Jack Goldsmith, and Richard Posner gave patient and excellent advice
on earlier drafts. I am grateful for their patience and extremely fortunate to
have had their advice. Larry Vale and Sarah Whiting guided my reading in the
field of architecture, though no doubt I was not as patient a student as I
should have been. Sonya Mead helped me put into pictures what it would take
a lawyer ten thousand words to say.
An army of students did most of the battle on earlier drafts of this book.
Carolyn Bane, Rachel Barber, Enoch Chang, Ben Edelman, Timothy Ehrlich,
Dawn Farber, Melanie Glickson, Bethany Glover, Nerlyn Gonzalez, Shannon
Johnson, Karen King, Alex Macgillivray, Marcus Maher, David Melaugh,
Teresa Ou, Laura Pirri, and Wendy Seltzer provided extensive, if respectful,
criticism. And my assistants, Lee Hopkins and Catherine Cho, were crucial in
keeping this army in line (and at bay).
Three students in particular have influenced my argument, though none
are fairly called “students.” Harold Reeves takes the lead in Chapter 10. Tim
Wu forced me to rethink much of Part I. And Andrew Shapiro showed me the
hopefulness in a future that I have described in very dark terms.
I am especially indebted to Catherine Marguerite Manley, whose extraor-
dinary talent, both as a writer and a researcher, made it possible to finish this
work long before it otherwise could have been finished. Thanks also to Tawen
Chang and James Stahir for their careful review of the notes and work to
keep them honest.
0465039146-01 12/5/06 12:27 AM Page xvii
preface to the first edition
xvii
This is a not a field where one learns by living in libraries. I have learned
everything I know from the conversations I have had, or watched, with an
extraordinary community of academics and activists, who have been strug-
gling over the last five years both to understand what cyberspace is and to
make it better. This community includes the scholars and writers I discuss in
the text, especially the lawyers Yochai Benkler, James Boyle, Mark Lemley,
David Post, and Pam Samuelson. I’ve also benefited greatly from conversa-
tions with nonlawyers, especially Hal Abelson, John Perry Barlow, Todd Lapin,
Joseph Reagle, Paul Resnick, and Danny Weitzner. But perhaps more impor-
tantly, I’ve benefited from discussions with the activists, in particular the Cen-
ter for Democracy and Technology, the Electronic Frontier Foundation, and
the American Civil Liberties Union. They have made the issues real, and they
have done much to defend at least some of the values that I think important.
This book would not have been written, however, but for a story by Julian
Dibbell, a conference organized by Henry J. Perritt, and many arguments with
David Johnson. I am grateful to all three for what they have taught.
I began this project as a fellow at Harvard’s Program on Ethics and the
Professions. I am grateful to Dennis Thompson for his skeptical encourage-
ment that year. The Berkman Center for Internet and Society at Harvard Law
School has made much of my research possible. I am grateful in particular to
Lillian and Myles Berkman for that support, and especially to the center’s co-
director and my sometime coteacher, Jonathan Zittrain, for his support and,
more important, friendship. I’ve dedicated this book to the other co-director
of the Berkman Center, Charlie Nesson, who has given me the space and sup-
port to do this work and a certain inspiration to push it differently.
But more significant than any of that support has been the patience, and
love, of the person to whom I’ve dedicated my life, Bettina Neuefeind. Her
love will seem crazy, and wonderful, for much more than a year.
0465039146-01 12/5/06 12:27 AM Page xix
C O D E
0465039146-01 12/5/06 12:27 AM Page 1
O N E
c o d e
i s
l a w
ALMOST TWO DECADES AGO, IN THE SPRING OF 1989, COMMUNISM IN EUROPE
died—collapsed, like a tent, its main post removed. The end was not brought
by war or revolution. The end was exhaustion. A new political regime was
born in its place across Central and Eastern Europe, the beginnings of a new
political society.
For constitutionalists (like me), this was a heady time. I had graduated
from law school in 1989, and in 1991 I began teaching at the University of
Chicago. At that time, Chicago had a center devoted to the study of the emerg-
ing democracies in Central and Eastern Europe. I was a part of that center.
Over the next five years I spent more hours on airplanes, and more mornings
drinking bad coffee, than I care to remember.
Eastern and Central Europe were filled with Americans telling former
Communists how they should govern. The advice was endless. And silly. Some
of these visitors literally sold translated constitutions to the emerging consti-
tutional republics; the rest had innumerable half-baked ideas about how the
new nations should be governed. These Americans came from a nation where
constitutionalism seemed to work, yet they had no clue why.
The Center’s mission, however, was not to advise. We knew too little to
guide. Our aim was to watch and gather data about the transitions and how
they progressed. We wanted to understand the change, not direct it.
What we saw was striking, if understandable. Those first moments after
communism’s collapse were filled with antigovernmental passion—a surge of
anger directed against the state and against state regulation. Leave us alone,
the people seemed to say. Let the market and nongovernmental organiza-
tions—a new society—take government’s place. After generations of com-
munism, this reaction was completely understandable. Government was the
1
0465039146-01 12/5/06 12:27 AM Page 2
2
CODE 2.0
oppressor. What compromise could there be with the instrument of your
repression?
A certain kind of libertarianism seemed to many to support much in this
reaction. If the market were to reign, and the government were kept out of the
way, freedom and prosperity would inevitably grow. Things would take care
of themselves. There was no need, and could be no place, for extensive regu-
lation by the state.
But things didn’t take care of themselves. Markets didn’t flourish. Govern-
ments were crippled, and crippled governments are no elixir of freedom.
Power didn’t disappear—it shifted from the state to mafiosi, themselves often
created by the state. The need for traditional state functions—police, courts,
schools, health care—didn’t go away, and private interests didn’t emerge to fill
that need. Instead, the needs were simply unmet. Security evaporated. A mod-
ern if plodding anarchy replaced the bland communism of the previous three
generations: neon lights flashed advertisements for Nike; pensioners were
swindled out of their life savings by fraudulent stock deals; bankers were mur-
dered in broad daylight on Moscow streets. One system of control had been
replaced by another. Neither was what Western libertarians would call “free-
dom.”
{TXB2}
About a decade ago, in the mid-1990s, just about the time when this post-
communist euphoria was beginning to wane, there emerged in the West
another “new society,” to many just as exciting as the new societies promised
in post-communist Europe. This was the Internet, or as I’ll define a bit later,
“cyberspace.” First in universities and centers of research, and then through-
out society in general, cyberspace became a new target for libertarian utopi-
anism. Here freedom from the state would reign. If not in Moscow or Tblisi,
then in cyberspace would we find the ideal libertarian society.
The catalyst for this change was likewise unplanned. Born in a research
project in the Defense Department,1 cyberspace too arose from the unplanned
displacement of a certain architecture of control. The tolled, single-purpose
network of telephones was displaced by the untolled and multipurpose net-
work of packet-switched data. And thus the old one-to-many architectures of
publishing (television, radio, newspapers, books) were complemented by a
world in which anyone could become a publisher. People could communicate
and associate in ways that they had never done before. The space seemed to
promise a kind of society that real space would never allow—freedom without
anarchy, control without government, consensus without power. In the words
of a manifesto that defined this ideal: “We reject: kings, presidents and voting.
We believe in: rough consensus and running code.”2
0465039146-01 12/5/06 12:27 AM Page 3
code is law
3
As in post-Communist Europe, these first thoughts about freedom in
cyberspace tied freedom to the disappearance of the state. As John Parry Bar-
low, former lyricist for the Grateful Dead and co-founder of the Electronic
Frontier Foundation, declared in his “Declaration of Independence for Cyber-
space,”
Governments of the Industrial World, you weary giants of flesh and steel, I come
from Cyberspace, the new home of Mind. On behalf of the future, I ask you of
the past to leave us alone. You are not welcome among us. You have no sover-
eignty where we gather.
But here the bond between freedom and the absence of the state was said
to be even stronger than in post-Communist Europe. The claim for cyber-
space was not just that government would not regulate cyberspace—it was
that government could not regulate cyberspace. Cyberspace was, by nature,
unavoidably free. Governments could threaten, but behavior could not be
controlled; laws could be passed, but they would have no real effect. There was
no choice about what kind of government to install—none could reign.
Cyberspace would be a society of a very different sort. There would be defini-
tion and direction, but built from the bottom-up. The society of this space
would be a fully self-ordering entity, cleansed of governors and free from
political hacks.
I taught in Central Europe during the summers of the early 1990s; I wit-
nessed through my students the transformation in attitudes about communism
that I described above. And so I felt a bit of déjà vu when, in the spring of 1995,
while teaching the law of cyberspace, I saw in my students these very same post-
communist thoughts about freedom and government. Even at Yale—not known
for libertarian passions—the students seemed drunk with what James Boyle
would later call the “libertarian gotcha”:3 no government could survive without
the Internet’s riches, yet no government could control the life that went on
there. Real-space governments would become as pathetic as the last Communist
regimes: It was the withering of the state that Marx had promised, jolted out of
existence by trillions of gigabytes flashing across the ether of cyberspace.
But what was never made clear in the midst of this celebration was why.
Why was cyberspace incapable of regulation? What made it so? The word
itself suggests not freedom but control. Its etymology reaches beyond a novel
by William Gibson (Neuromancer, published in 1984) to the world of “cyber-
netics,” the study of control at a distance through devices.4 So it was doubly
puzzling to see this celebration of “perfect freedom” under a banner that
aspires (to anyone who knows the origin, at least) to perfect control.
0465039146-01 12/5/06 12:27 AM Page 4
4
CODE 2.0
As I said, I am a constitutionalist. I teach and write about constitutional
law. I believe that these first thoughts about government and cyberspace were
just as misguided as the first thoughts about government after communism.
Liberty in cyberspace will not come from the absence of the state. Liberty
there, as anywhere, will come from a state of a certain kind. We build a world
where freedom can flourish not by removing from society any self-conscious
control, but by setting it in a place where a particular kind of self-conscious
control survives. We build liberty as our founders did, by setting society upon
a certain constitution.
But by “constitution” I don’t mean a legal text. Unlike my countrymen in
Eastern Europe in the early 1990s, I am not trying to sell a document that our
framers wrote in 1787. Rather, as the British understand when they speak of
their “constitution,” I mean an architecture—not just a legal text but a way of
life—that structures and constrains social and legal power, to the end of pro-
tecting fundamental values. (One student asked, “constitution” in the sense of
“just one tool among many, one simple flashlight that keeps us from fumbling
in the dark, or, alternatively . . . more like a lighthouse that we constantly call
upon?” I mean constitution as in lighthouse—a guide that helps anchor fun-
damental values.)
Constitutions in this sense are built, they are not found. Foundations get
laid, they don’t magically appear. Just as the founders of our nation learned
from the anarchy that followed the revolution (remember: our first constitu-
tion, the Articles of Confederation, was a miserable failure of do-nothing-
ness), so too are we beginning to understand about cyberspace that this
building, or laying, is not the work of an invisible hand. There is no reason to
believe that the foundation for liberty in cyberspace will simply emerge.
Indeed, the passion for that anarchy—as in America by the late 1780s, and as
in the former Eastern bloc by the late 1990s—has faded. Thus, as our framers
learned, and as the Russians saw, we have every reason to believe that cyber-
space, left to itself, will not fulfill the promise of freedom. Left to itself, cyber-
space will become a perfect tool of control.
Control. Not necessarily control by government, and not necessarily
control to some evil, fascist end. But the argument of this book is that the
invisible hand of cyberspace is building an architecture that is quite the
opposite of its architecture at its birth. This invisible hand, pushed by gov-
ernment and by commerce, is constructing an architecture that will perfect
control and make highly efficient regulation possible. The struggle in that
world will not be government’s. It will be to assure that essential liberties are
preserved in this environment of perfect control. As Siva Vaidhyanathan
puts it,
0465039146-01 12/5/06 12:27 AM Page 5
code is law
5
While once it seemed obvious and easy to declare the rise of a ”network society”
in which individuals would realign themselves, empower themselves, and under-
mine traditional methods of social and cultural control, it seems clear that net-
worked digital communication need not serve such liberating ends.5
This book is about the change from a cyberspace of anarchy to a cyber-
space of control. When we see the path that cyberspace is on now—an evolu-
tion I describe below in Part I—we see that much of the “liberty” present at
cyberspace’s founding will be removed in its future. Values originally consid-
ered fundamental will not survive. On the path we have chosen, we will
remake what cyberspace was. Some of that remaking will make many of us
happy. But some of that remaking, I argue, we should all regret.
Yet whether you celebrate or regret the changes that I will describe, it is
critical to understand how they happen. What produced the “liberty” of
cyberspace, and what will change to remake that liberty? That lesson will then
suggest a second about the source of regulation in cyberspace.
That understanding is the aim of Part II. Cyberspace demands a new
understanding of how regulation works. It compels us to look beyond the
traditional lawyer’s scope—beyond laws, or even norms. It requires a broader
account of “regulation,” and most importantly, the recognition of a newly
salient regulator.
That regulator is the obscurity in this book’s title—Code. In real space, we
recognize how laws regulate—through constitutions, statutes, and other legal
codes. In cyberspace we must understand how a different “code” regulates—
how the software and hardware (i.e., the “code” of cyberspace) that make
cyberspace what it is also regulate cyberspace as it is. As William Mitchell
puts it, this code is cyberspace’s “law.”6 “Lex Informatica,” as Joel Reidenberg
first put it,7 or better, “code is law.”
Lawyers and legal theorists get bothered, however, when I echo this slo-
gan. There are differences, they insist, between the regulatory effects produced
by code and the regulatory effects produced by law, not the least of which is
the difference in the “internal perspective” that runs with each kind of regu-
lation. We understand the internal perspective of legal regulation—for exam-
ple, that the restrictions the law might impose on a company’s freedom to
pollute are a product of self-conscious regulation, reflecting values of the
society imposing that regulation. That perspective is harder to recognize with
code. It could be there, but it need not. And no doubt this is just one of many
important differences between “code” and “law.”
I don’t deny these differences. I only assert that we learn something useful
from ignoring them for a bit. Justice Holmes famously focused the regulator
0465039146-01 12/5/06 12:27 AM Page 6
6
CODE 2.0
on the “bad man.”8 He offered a theory of regulation that assumed that “bad
man” at its core. His point was not that everyone was a “bad man”; the point
instead was about how we could best construct systems of regulation.
My point is the same. I suggest we learn something if we think about the
“bot man” theory of regulation—one focused on the regulation of code. We
will learn something important, in other words, if we imagine the target of
regulation as a maximizing entity, and consider the range of tools the regula-
tor has to control that machine.
Code will be a central tool in this analysis. It will present the greatest threat
to both liberal and libertarian ideals, as well as their greatest promise. We can
build, or architect, or code cyberspace to protect values that we believe are fun-
damental. Or we can build, or architect, or code cyberspace to allow those val-
ues to disappear. There is no middle ground. There is no choice that does not
include some kind of building. Code is never found; it is only ever made, and
only ever made by us. As Mark Stefik puts it, “Different versions of [cyberspace]
support different kinds of dreams. We choose, wisely or not.”9 Or again, code
“determines which people can access which digital objects . . . How such pro-
gramming regulates human interactions . . . depends on the choices made.”10
Or, more precisely, a code of cyberspace, defining the freedoms and controls of
cyberspace, will be built. About that there can be no debate. But by whom,
and with what values? That is the only choice we have left to make.
My argument is not for some top-down form of control. The claim is
not that regulators must occupy Microsoft. A constitution envisions an envi-
ronment; as Justice Holmes said, it “call[s] into life a being the development
of which [cannot be] foreseen.”11 Thus, to speak of a constitution is not to
describe a hundred-day plan. It is instead to identify the values that a space
should guarantee. It is not to describe a “government”; it is not even to select
(as if a single choice must be made) between bottom-up or top-down control.
In speaking of a constitution in cyberspace we are simply asking: What values
should be protected there? What values should be built into the space to
encourage what forms of life?
The “values” at stake here are of two sorts—substantive and structural. In
the American constitutional tradition, we worried about the second first. The
framers of the Constitution of 1787 (enacted without a Bill of Rights) were
focused on structures of government. Their aim was to ensure that a partic-
ular government (the federal government) did not become too powerful. And
so they built into the Constitution’s design checks on the power of the federal
government and limits on its reach over the states.
Opponents of that Constitution insisted that more checks were needed,
that the Constitution needed to impose substantive limits on government’s
0465039146-01 12/5/06 12:27 AM Page 7
code is law
7
power as well as structural limits. And thus was the Bill of Rights born. Rati-
fied in 1791, the Bill of Rights promised that the federal government would
not remove certain freedoms—of speech, privacy, and due process. And it
guaranteed that the commitment to these substantive values would remain
despite the passing fancies of normal, or ordinary, government. These val-
ues—both substantive and structural—were thus entrenched through our
constitutional design. They can be changed, but only through a cumbersome
and costly process.
We face the same questions in constituting cyberspace, but we have
approached them from the opposite direction.12 Already we are struggling
with substance: Will cyberspace promise privacy or access? Will it enable a free
culture or a permission culture? Will it preserve a space for free speech? These
are choices of substantive value, and they are the subject of much of this
book.
But structure matters as well, though we have not even begun to under-
stand how to limit, or regulate, arbitrary regulatory power. What “checks and
balances” are possible in this space? How do we separate powers? How do we
ensure that one regulator, or one government, doesn’t become too powerful?
How do we guarantee it is powerful enough?
Theorists of cyberspace have been talking about these questions since its
birth.13 But as a culture, we are just beginning to get it. As we slowly come to
see how different structures within cyberspace affect us—how its architec-
ture, in a sense I will define below, “regulates” us—we slowly come to ask
how these structures should be defined. The first generation of these archi-
tectures was built by a noncommercial sector—researchers and hackers,
focused upon building a network. The second generation has been built by
commerce. And the third, not yet off the drawing board, could well be the
product of government. Which regulator do we prefer? Which regulators
should be controlled? How does society exercise that control over entities
that aim to control it?
In Part III, I bring these questions back down to the ground. I consider
three areas of controversy—intellectual property, privacy, and free speech—
and identify the values within each that cyberspace will change. These values
are the product of the interaction between law and technology. How that
interaction plays out is often counter-intuitive. My aim in this part is to map
that interaction, so as to map a way that we might, using the tools of Part II,
preserve the values that are important to us within each context.
Part IV internationalizes these questions. Cyberspace is everywhere,
meaning those who populate cyberspace come from everywhere. How will the
sovereigns of everywhere live with the claimed “sovereignty” of cyberspace? I
0465039146-01 12/5/06 12:27 AM Page 8
8
CODE 2.0
map a particular response that seems to me inevitable, and will reinforce the
conclusion of Part I.
The final part, Part V, is the darkest. The central lesson of this book is that
cyberspace requires choices. Some of these are, and should be, private:
Whether an author wants to enforce her copyright; how a citizen wants to
protect his privacy. But some of these choices involve values that are collective.
I end by asking whether we—meaning Americans—are up to the challenge
that these choices present. Are we able to respond rationally—meaning both
(1) are we able to respond without undue or irrational passion, and (2) do we
have institutions capable of understanding and responding to these choices?
My strong sense is that we are not, at least now, able to respond rationally
to these challenges. We are at a stage in our history when we urgently need to
make fundamental choices about values, but we should trust no institution of
government to make such choices. Courts cannot do it, because as a legal
culture we don’t want courts choosing among contested matters of values.
Congress should not do it because, as a political culture, we are deeply skep-
tical (and rightly so) about the product of this government. There is much to
be proud of in our history and traditions. But the government we now have
is a failure. Nothing important should be trusted to its control, even though
everything important is.
Change is possible. I don’t doubt that revolutions remain in our future.
But I fear that it is too easy for the government, or specially powered interests,
to dislodge these revolutions, and that too much will be at stake for it to allow
real change to succeed. Our government has already criminalized the core
ethic of this movement, transforming the meaning of hacker into something
quite alien to its original sense. Through extremism in copyright regulation,
it is criminalizing the core creativity that this network could produce. And this
is only the beginning.
Things could be different. They are different elsewhere. But I don’t see
how they could be different for us just now. This no doubt is simply a confes-
sion of the limits of my own imagination. I would be grateful to be proven
wrong. I would be grateful to watch as we relearn—as the citizens of the for-
mer Communist republics are learning—how to escape these disabling ideas
about the possibilities for governance. But nothing in the past decade, and
especially nothing in the past five years, has convinced me that my skepticism
about governance was misplaced. Indeed, events have only reinforced that
pessimism.
0465039146-01 12/5/06 12:27 AM Page 9
T W O
f o u r
p u z z l e s
f r o m
c y b e r s p a c e
EVERYONE WHO IS READING THIS BOOK HAS USED THE INTERNET. SOME HAVE BEEN
in “cyberspace.” The Internet is that medium through which your e-mail is
delivered and web pages get published. It’s what you use to order books on
Amazon or to check the times for local movies at Fandango. Google is on the
Internet, as are Microsoft “help pages.”
But “cyberspace” is something more. Though built on top of the Internet,
cyberspace is a richer experience. Cyberspace is something you get pulled “into,”
perhaps by the intimacy of instant message chat or the intricacy of “massively
multiple online games” (“MMOGs” for short, or if the game is a role-playing
game, then “MMORPGs”). Some in cyberspace believe they’re in a community;
some confuse their lives with their cyberspace existence. Of course, no sharp
line divides cyberspace from the Internet. But there is an important difference in
experience between the two. Those who see the Internet simply as a kind of Yel-
low-Pages-on-steroids won’t recognize what citizens of cyberspace speak of. For
them, “cyberspace” is simply obscure.
Some of this difference is generational. For most of us over the age of 40,
there is no “cyberspace,” even if there is an Internet. Most of us don’t live a life
online that would qualify as a life in “cyberspace.” But for our kids, cyberspace is
increasingly their second life. There are millions who spend hundreds of hours
a month in the alternative worlds of cyberspace—later on we will focus on one
of these worlds, a game called “Second Life.”1 And thus while you may think to
yourself, this alien space is nothing I need worry about because it’s nowhere I’ll
ever be, if you care to understand anything about the world the next generation
will inhabit, you should spend some time understanding “cyberspace.”
That is the aim of two of the stories that follow. These two describe cyber-
space. The other two describe aspects of the Internet more generally. My aim
9
0465039146-01 12/5/06 12:27 AM Page 10
10
CODE 2.0
through these four very different stories is to orient by sometimes disorienting.
My hope is that you’ll come to understand four themes that will recur through-
out this book. At the end of this chapter, I come clean about the themes and pro-
vide a map. For now, just focus on the stories.
BORDERS
It was a very ordinary dispute, this argument between Martha Jones and her
neighbors.2 It was the sort of dispute that people have had since the start of
neighborhoods. It didn’t begin in anger. It began with a misunderstanding. In
this world, misunderstandings like this are far too common. Martha thought
about that as she wondered whether she should stay; there were other places she
could go. Leaving would mean abandoning what she had built, but frustrations
like this were beginning to get to her. Maybe, she thought, it was time to move on.
The argument was about borders—about where her land stopped. It seemed
like a simple idea, one you would have thought the powers-that-be would have
worked out many years before. But here they were, her neighbor Dank and she,
still fighting about borders. Or rather, about something fuzzy at the borders—
about something of Martha’s that spilled over into the land of others. This was
the fight, and it all related to what Martha did.
Martha grew flowers. Not just any flowers, but flowers with an odd sort of
power. They were beautiful flowers, and their scent entranced. But, however
beautiful, these flowers were also poisonous. This was Martha’s weird idea: to
make flowers of extraordinary beauty which, if touched, would kill. Strange no
doubt, but no one said that Martha wasn’t strange. She was unusual, as was this
neighborhood. But sadly, disputes like this were not.
The start of the argument was predictable enough. Martha’s neighbor, Dank,
had a dog. Dank’s dog died. The dog died because it had eaten a petal from one
of Martha’s flowers. A beautiful petal, and now a dead dog. Dank had his own
ideas about these flowers, and about this neighbor, and he expressed those
ideas—perhaps with a bit too much anger, or perhaps with anger appropriate to
the situation.
“There is no reason to grow deadly flowers,” Dank yelled across the fence.
“There’s no reason to get so upset about a few dead dogs,” Martha replied.“A dog
can always be replaced. And anyway, why have a dog that suffers when dying? Get
yourself a pain-free-death dog, and my petals will cause no harm.”
I came into the argument at about this time. I was walking by, in the way one
walks in this space. (At first I had teleported to get near, but we needn’t compli-
cate the story with jargon. Let’s just say I was walking.) I saw the two neighbors
becoming increasingly angry with each other. I had heard about the disputed
0465039146-01 12/5/06 12:27 AM Page 11
four puzzles from cyberspace
11
flowers—about how their petals carried poison. It seemed to me a simple prob-
lem to solve, but I guess it’s simple only if you understand how problems like this
are created.
Dank and Martha were angry because in a sense they were stuck. Both had
built a life in the neighborhood; they had invested many hours there. But both
were coming to understand its limits. This is a common condition: We all build
our lives in places with limits. We are all disappointed at times. What was differ-
ent about Dank and Martha?
One difference was the nature of the space, or context, where their argument
was happening. This was not “real space” but virtual space. It was part of what I
call “cyberspace.” The environment was a “massively multiple online game”
(“MMOG”), and MMOG space is quite different from the space we call real.
Real space is the place where you are right now: your office, your den, maybe
by a pool. It’s a world defined by both laws that are man-made and others that are
not. “Limited liability” for corporations is a man-made law. It means that the
directors of a corporation (usually) cannot be held personally liable for the sins
of the company. Limited life for humans is not a man-made law: That we all will
die is not the result of a decision that Congress made. In real space, our lives are
subject to both sorts of law, though in principle we could change one sort.
But there are other sorts of laws in real space as well. You bought this book,
I trust, or you borrowed it from someone who did. If you stole it, you are a thief,
whether you are caught or not. Our language is a norm; norms are collectively
determined. As our norms have been determined, your “stealing” makes you a
thief, and not just because you took it. There are plenty of ways to take something
but not be thought of as a thief. If you came across a dollar blowing in the wind,
taking the money will not make you a thief; indeed, not taking the money makes
you a chump. But stealing this book from the bookstore (even when there are so
many left for others) marks you as a thief. Social norms make it so, and we live
life subject to these norms.
Some of these norms can be changed collectively, if not individually. I can
choose to burn my draft card, but I cannot choose whether doing so will make
me a hero or a traitor. I can refuse an invitation to lunch, but I cannot choose
whether doing so will make me rude. I have choices in real life, but escaping the
consequences of the choices I make is not one of them. Norms in this sense con-
strain us in ways that are so familiar as to be all but invisible.
MMOG space is different. It is, first of all, a virtual space—like a cartoon on
a television screen, sometimes rendered to look three-dimensional. But unlike a
cartoon, MMOG space enables you to control the characters on the screen in real
time. At least, you control your character—one among many characters con-
trolled by many others in this space. One builds the world one will inhabit here.
0465039146-01 12/5/06 12:27 AM Page 12
12
CODE 2.0
As a child, you grew up learning the physics that governed the world of Road
Runner and Wile E. Coyote (violent but forgiving); your children will grow up
making the world of Road Runner and Wile E. Coyote (still violent, but maybe
not so forgiving). They will define the space and then live out the story. Their
choices will make the laws of that space real.
This is not to say that MMOG space is unreal. There is real life in MMOG
space, constituted by how people interact. The “space” describes where people
interact—much as they interact in real space no doubt, but with some important
differences. In MMOG space the interaction is in a virtual medium. This inter-
action is “in” cyberspace. In 1990s terms, people “jack” into these virtual spaces,
and they do things there. And “they” turns out to be many many people. As
Edward Castronova estimates,“an absolute minimum figure would be 10 million
[but my] guess is that it is perhaps 20 to 30 million” participating in these virtual
worlds.3 The “[t]ypical user spends 20–30 hours per week inside the fantasy.
Power users spend every available moment.”4 As one essay estimates, “assuming
just average contact time among these 9.4 million people, subscribers to virtual
worlds could be devoting over 213 million hours per week to build their virtual
lives.”5
The things people do there are highly varied. Some play role-playing games:
working within a guild of other players to advance in status and power to some
ultimate end. Some simply get together and gab: They appear (in a form they
select, with qualities they choose and biographies they have written) in a virtual
room and type messages to each other. Or they walk around (again, the ambigu-
ity is not a slight one) and talk to people. My friend Rick does this as a cat—a
male cat, he insists. As a male cat, Rick parades around this space and talks to
anyone who’s interested. He aims to flush out the cat-loving sorts. The rest, he
reports, he punishes.
Others do much more than gab. Some, for example, homestead. Depending
on the world and its laws, citizens are given or buy plots of undeveloped land,
which they then develop. People spend extraordinary amounts of time building
a life on these plots. (Isn’t it incredible the way these people waste time? While
you and I spend up to seventy hours a week working for firms we don’t own and
building futures we’re not sure we’ll enjoy, these people are designing and build-
ing things and making a life, even if only a virtual one. Scandalous!) They build
houses—by designing and then constructing them—have family or friends move
in, and pursue hobbies or raise pets. They may grow trees or odd plants—like
Martha’s.
MMOG space grew out of “MUD” or “MOO” space.6 MUDs and MOOs
are virtual worlds, too, but they are text-based virtual worlds. There are no real
graphics in a MUD or MOO, just text, reporting what someone says and does.
0465039146-01 12/5/06 12:27 AM Page 13
four puzzles from cyberspace
13
You can construct objects in MOO space and then have them do things. But the
objects act only through the mediation of text. (Their actions are generally
quite simple, but even simple can be funny. One year, in a MUD that was part
of a cyberlaw class, someone built a character named JPosner. If you poked
JPosner, he muttered, “Poking is inefficient.” Another character was FEaster-
brook. Stand in a room with FEasterbrook and use the word “fair,” and FEast-
erbrook would repeat what you said, substituting the word “efficient.” “It’s not
fair” became “You mean, it’s not efficient.”)
Although it was easy for people who liked texts or who wrote well to under-
stand the attraction of these text-based realities, it was not so easy for the many
who didn’t have that same fondness. MMOG space lifts that limit just a bit. It is
the movie version of a cyberspace novel. You build things here, and they survive
your leaving. You can build a house, and people walking down the street see it.
You can let them come in, and in coming into your house, they see things about
you. They can see how you construct your world. If a particular MMOG space
permits it, they might even see how you’ve changed the laws of the real world.
In real space, for instance, people “slip and fall” on wet floors. In the MMOG
space you’ve built, that “law” may not exist. Instead, in your world, wet floors
may make people “slip and dance.”
The best example of this space today is the extraordinary community of
Second Life. In it, people create both things and community, the avatars are
amazingly well crafted, and their owners spend hundreds of thousands of hours
building things in this space that others see, and some enjoy. Some make clothes
or hair styles, some make machines that make music. Whatever object or service
the programming language allows, creators in Second Life are creating it. There
are more than 100,000 residents of Second Life at the time of this writing. They
occupy close to 2,000 servers housed in downtown San Francisco, and suck 250
kilowatts of electricity just to run the computers—about the equivalent of 160
homes.
But here we get back to Martha and Dank. In their exchange—when Martha
blamed Dank for having a dog that died with pain—they revealed what was
most amazing about that particular MMOG. Martha’s remarks (“Why do you
have a dog that suffers when dying? Get yourself a pain-free-death dog, and my
petals will cause no harm”) should have struck you as odd. You may have
thought,“How weird that someone would think that the fault lay not in the poi-
sonous petals but in a dog that died with pain.” But in this space, Dank did have
a choice about how his dog would die. Maybe not a choice about whether “poi-
son” would “kill” a dog, but a choice about whether the dog would “suffer” when
it “died.” He also had a choice about whether a copy of the dog could be made,
so that if it died it could be “revived.” In MMOG space, these possibilities are not
0465039146-01 12/5/06 12:27 AM Page 14
14
CODE 2.0
given by God. Or rather, if they are defined by God, then the players share the
power of God. For the possibilities in MMOG space are determined by the
code—the software, or architecture, that makes the MMOG space what it is.
“What happens when” is a statement of logic; it asserts a relationship that is
manifested in code. In real space we don’t have much control over that code. In
MMOG space we do.
So, when Martha said what she said about the dog, Dank made what
seemed to me an obvious response. “Why do your flowers have to stay poison-
ous once they leave your land? Why not make the petals poisonous only when
on your land? When they leave your land—when, for example, they are blown
onto my land—why not make them harmless?”
It was an idea. But it didn’t really help. For Martha made her living selling
these poisonous plants. Others (ok not many, but some) also liked the idea of
this art tied to death. So it was no solution to make poisonous plants that were
poisonous only on Martha’s property, unless Martha was also interested in col-
lecting a lot of very weird people on her land.
But the idea did suggest another. “Okay,” said Dank, “why not make the
petals poisonous only when in the possession of someone who has ‘purchased’
them? If they are stolen, or if they blow away, then let the petals lose their poi-
son. But when kept by the owner of the plant, the petals keep their poison. Isn’t
that a solution to the problem that both of us face?”
The idea was ingenious. Not only did it help Dank, it helped Martha as well.
As the code existed, it allowed theft.7 (People want reality in that virtual space;
there will be time enough for heaven when heaven comes.) But if Martha could
modify the code slightly so that theft8 removed a plant’s poison, then “theft”
would also remove the plant’s value. That change would protect the profit in
her plants as well as protect Dank’s dogs. Here was a solution that made both
neighbors better off—what economists call a pareto superior move. And it was
a solution that was as possible as any other. All it required was a change of code.
Think for a second about what’s involved here.“Theft” entails (at minimum)
a change in possession. But in MMOG space “possession” is just a relation
defined by the software that defines the space. That same code must also define
the properties that possession yields. It might, like real space, distinguish between
having a cake and eating it. Or it might erase that distinction, meaning you can
“eat” your cake, but once it’s “eaten,” it magically reappears. In MMOG space you
can feed a crowd with five loaves and two fishes, and it isn’t even a miracle.9
So why not craft the same solution to Martha and Dank’s problem? Why
not define ownership to include the quality of poisonousness, and possession
without ownership to be possession without poison? If the world is designed
this way, then it could resolve the dispute between Martha and Dank, not by
0465039146-01 12/5/06 12:27 AM Page 15
four puzzles from cyberspace
15
making one of them change his or her behavior, but by changing the laws of
nature to eliminate the conflict altogether.
We’re a short way into this not so short book, though what I’m about to say
may make it a very short book indeed (for you at least). This book is all about
the question raised by this simple story, and about any simplicity in this appar-
ently simple answer. This is not a book about MMOG space or avatars. The
story about Martha and Dank is the first and last example that will include
avatars. But it is a book about cyberspace. My claim is that both “on the Inter-
net” and “in cyberspace,” we will confront precisely the questions that Martha
and Dank faced, as well as the questions that their solution raised. Both “on the
Internet” and “in cyberspace,” technology constitutes the environment of the
space, and it will give us a much wider range of control over how interactions
work in that space than in real space. Problems can be programmed or “coded”
into the story, and they can be “coded” away. And while the experience with
gamers so far is that they don’t want virtual worlds to deviate too far from the
real, the important point for now is that there is the capacity to make these
worlds different. It is this capacity that raises the question that is at the core of
this book: What does it mean to live in a world where problems can be coded
away? And when, in that world, should we code problems away, rather than
learn to work them out, or punish those who cause them?
It is not MMOG space that makes these questions interesting problems for
law; the very same problems will arise outside of MMOG space, and outside
MUDs and MOOs. The problems of these spaces are problems of the Internet
in general. And as more of our life becomes wired (and weird), in the sense that
more of our life moves online, these questions will become more pressing.
But I have learned enough in this business to know that I can’t convince you
of this with an argument. (I’ve spent the last 12 years talking about this subject;
at least I know what doesn’t work.) If you see the point, good for you. If you
don’t, I must show you. So my method for readers of the second sort must be
more indirect. Proof, for them, will come in a string of stories, which aim to
introduce and disorient. That, again, is the purpose of this chapter.
Let me describe a few other places and the oddities that inhabit them.
GOVERNORS
A state—call it “Boral”—doesn’t like its citizens gambling, even if many of its
citizens do like gambling. But the state is the boss; the people have voted; the law
is as it is. Gambling in the state of Boral is illegal.
Then along comes the Internet. With the Net streaming into their homes
through phones or cable lines, some citizens of Boral decide that Internet
0465039146-01 12/5/06 12:27 AM Page 16
16
CODE 2.0
gambling is the next “killer app.” A citizen of Boral sets up a “server” (a com-
puter that is accessible on the Internet) that provides access to online gam-
bling. The state doesn’t like it. It tells this citizen, “Shut down your server or
we will lock you up.”
Wise, if evasive, the gambling Boralian agrees to shut his server down—at
least in the state of Boral. But he doesn’t choose to leave the gambling business.
Instead, he rents space on a server in an “offshore haven.” This offshore web
server hums away, once again making gambling available on the Net and acces-
sible to the people of Boral via the Internet. Here’s the important point: Given
the architecture of the Internet (at least as it was circa 1999), it doesn’t really
matter where in real space the server is. Access doesn’t depend on geography.
Nor, depending on how clever the gambling sorts are, does access require that
the user know anything about who owns, or runs, the real server. The user’s
access can be passed through anonymizing sites that make it practically impos-
sible in the end to know what went on where and with whom.
The Boral attorney general thus now faces a difficult problem. She may
have moved the server out of her state, but she hasn’t succeeded in reducing
Boralian gambling. Before the Net, she would have had a group of people she
could punish—those running gambling sites, and those who give those places
custom. Now, the Net has made them potentially free from punishment—at
the least because it is more difficult to know who is running the server or
who is gambling. The world for this attorney general has changed. By going
online, the gamblers moved into a world where this behavior is no longer
regulable.
By “regulable” I mean simply that a certain behavior is capable of regula-
tion. The term is comparative, not absolute—in some place, at some time, a cer-
tain behavior will be more regulable than at another place and in another time.
My claim about Boral is simply that the Net makes gambling less regulable
there than it was before the Net. Or at least, in a sense that will become clearer
as the story continues, with the architecture of the Net as it originally was, life
on the Net is less regulable than life off the Net.
JAKE’S COMMUNITIES
If you had met Jake at a party in Ann Arbor (were Jake at a party in Ann Arbor),
you would have forgotten him.10 If you didn’t forget him, you might have
thought, here’s another quiet, dweeby University of Michigan undergraduate,
terrified of the world, or, at least, of the people in the world.
You wouldn’t have figured Jake for an author—indeed, quite a famous
short-story author, at least within his circles. In fact, Jake is not just a famous
0465039146-01 12/5/06 12:27 AM Page 17
four puzzles from cyberspace
17
author, he was also a character in his own stories. But who he was in his stories
was quite different from who he was in “real” life—if, that is, after reading his
stories you still thought this distinction between “real life” and “not real life”
made much sense.
Jake wrote stories about violence—about sex as well, but mainly about vio-
lence. They seethed with hatred, especially of women. It wasn’t enough to rape
a woman, she had to be killed. And it wasn’t enough that she was killed, she had
to be killed in a particularly painful and tortured way. This is, however unfor-
tunate, a genre of writing. Jake was a master of this genre.
In real space Jake had quite successfully hidden this propensity. He was
one of a million boys: unremarkable, indistinguishable, harmless. Yet however
inoffensive in real space, the harmfulness he penned in cyberspace was
increasingly well known. His stories were published in USENET, in a group
called alt.sex.stories.
USENET isn’t itself a network, except in the sense that the personal ads of
a national newspaper are part of a network. Strictly speaking, USENET is the
product of a protocol—a set of rules named the network news transfer protocol
(NNTP)—for exchanging messages intended for public viewing. These mes-
sages are organized into “newsgroups,” and the newsgroups are organized into
subjects. Most of the subjects are quite technical, many are related to hobbies,
and some are related to sex. Some messages newsgroups come with pictures or
movies, but some, like Jake’s, are simply stories.
There are thousands of newsgroups, each carrying hundreds of messages at
any one time. Anyone with access to a USENET server can get access to the
messages (or at least to the ones his administrator wants him to read), and any-
one with access can post a message or respond to one already posted. Imagine
a public bulletin board on which people post questions or comments. Anyone
can read the board and add his or her own thoughts. Now imagine 15,000
boards, each with hundreds of “threads” (strings of arguments, each tied to the
next). That, in any one place, is USENET. Now imagine these 15,000 boards,
with hundreds of threads each, on millions of computers across the world. Post
a message in one group, and it is added to that group’s board everywhere. That,
for the world, is USENET.
Jake, as I said, posted to a group called alt.sex.stories. “Alt” in that name
refers to the hierarchy that the group sits within. Initially, there were seven pri-
mary hierarchies.11 “Alt” was created in reaction to this initial seven: Groups
are added to the seven through a formal voting process among participants in
the groups. But groups are added to “alt” based solely on whether administra-
tors choose to carry them, and, generally, administrators will carry them if
they are popular, as long as their popularity is not controversial.
0465039146-01 12/5/06 12:27 AM Page 18
18
CODE 2.0
Among these groups that are carried only on demand, alt.sex.stories is quite
popular. As with any writing space, if stories are “good” by the standards of the
space—if they are stories that users of the space demand—they are followed
and their authors become well known.
Jake’s stuff was very valuable in just this sense. His stories, about kidnap-
ping, torturing, raping, and killing women, were as graphic and repulsive as any
such story could be—which is why Jake was so famous among like-minded
sorts. He was a supplier to these people, a constant and consistent fix. They
needed these accounts of innocent women being violated, and Jake supplied
them for free.
One night in Moscow, a sixteen-year-old girl read a story by Jake. She
showed it to her father, who showed it in turn to Richard DuVal, a Michigan
alum. DuVal was shocked at the story, and angry that it bore the tag
“umich.edu” on the story’s header. He called his alma mater and complained.
They took the complaint seriously.12
The university contacted the police; the police contacted Jake—with hand-
cuffs and a jail cell. A slew of doctors examined him. Some concluded that he
was a threat. The local prosecutors agreed with these doctors, especially after his
computer was seized and e-mails were discovered between Jake and a Canadian
fan who was planning to re-enact in real space one of the stories Jake published
in cyberspace. At least, that’s what the e-mails said. No one could tell for certain
what the two men really intended. Jake said it was all pure fiction, and indeed,
there was no evidence to prove otherwise.
Nonetheless, federal charges were brought against Jake for the transmission
of a threat. Jake said that his stories were only words, protected by the First
Amendment to the U.S. Constitution. A month and a half later, a court agreed.
The charges were dropped,13 and Jake returned to the special kind of obscurity
that had defined his life before.
I don’t care so much just now about whether Jake Baker’s words should
have been protected by the Constitution. My concern is Jake Baker himself, a
person normed into apparent harmlessness in real space, but set free in cyber-
space to become the author of this violence. People said Jake was brave, but he
wasn’t “brave” in real space. He didn’t express his hatred in classes, among
friends, or in the school newspaper. He slithered away to cyberspace, and only
there did his deviancy flourish.
He did this because of something about him and something about cyber-
space. Jake was the sort who wanted to spread stories of violence, at least if he
could do so without public account. Cyberspace gave Jake this power. Jake was
in effect an author and publisher in one. He wrote stories, and as quickly as he
finished them he published them—to some thirty million computers across
0465039146-01 12/5/06 12:27 AM Page 19
four puzzles from cyberspace
19
the world within a few days. His potential audience was larger than twice that
for the top fifteen best-selling novels combined, and though he made nothing
from his work, the demand for it was high. Jake had discovered a way to main-
line his depravity into the veins of a public for whom this stuff was otherwise
quite difficult to find. (Even Hustler wouldn’t publish the likes of this.)
Of course, there were other ways Jake could have published. He could have
offered his work to Hustler, or worse. But no real-world publication would have
given Jake a comparable audience. Jake’s readership was potentially millions,
stretching across country and continent, across culture and taste.
This reach was made possible by the power in the network: Anyone any-
where could publish to everyone everywhere. The network allowed publication
without filtering, editing, or, perhaps most importantly, responsibility. One
could write what one wanted, sign it or not, post it to machines across the
world, and within hours the words would be everywhere. The network removed
the most important constraint on speech in real space—the separation of pub-
lisher from author. There is vanity publishing in real space, but only the rich can
use it to reach a broad audience. For the rest of us, real space affords only the
access that the publishers want to give us.
Thus cyberspace is different because of the reach it allows. But it is also
different because of the relative anonymity it permits. Cyberspace permitted
Jake to escape the constraints of real space. He didn’t “go to” cyberspace when
he wrote his stories, in the sense that he didn’t “leave” Ann Arbor. But when he
was “in” cyberspace, it allowed him to escape the norms of Ann Arbor. He was
free of real-life constraints, of the norms and understandings that had success-
fully formed him into a member of a college community. Maybe he wasn’t per-
fectly at home; maybe he wasn’t the happiest. But the world of the University of
Michigan had succeeded in steering him away from the life of a psychopath—
except when it gave him access to the Net. On the Net he was someone else.
As the Internet has grown, it has produced many more opportunities for
Jake-like characters—characters that do things in the virtual world that they
would never do in the real world. One of the most popular MMOGs is a
game called “Grand Theft Auto.” In this game, one practices committing
crimes. And one of the most troubling uses of video chat is the practice of vir-
tual-prostitution by children. As the New York Times recently reported, thou-
sands of children spend hundreds of hours prostituting themselves online.
Sitting in the “privacy” of their own bedroom, using the iSight camera their
parents gave them for Christmas, a 13-year-old girl or boy enacts the sexual
behavior demanded by the audience. The audience gets their fix of sexual
perversion. The kid gets money, and whatever psychological baggage this
behavior creates.14
0465039146-01 12/5/06 12:27 AM Page 20
20
CODE 2.0
It is impossibly difficult to look across this range of Jake-like characters
and not think that, at some point, the virtual has crossed over into something
real. Or, at least, the virtual has real effects—either on those who live it, or on
those who live with them.15 When Jake was prosecuted, many First Amendment
defenders argued his words, however vivid, never crossed into reality. And no
doubt, there is a difference between writing about rape and raping, just as there
is a difference between an actor enacting rape and actually raping someone.
But I take it that all concede a line is crossed somewhere as we move across this
range of Jake-like characters. If a parent was untroubled by the virtual prostitu-
tion of her son in his bedroom, we would not understand that to be principled
free speech activism, even if the only “prostitution” was the son describing in
text how he was molested by those in the chat.
But my point is not to draw lines between the acceptable virtual dual-lives
and the unacceptable. It is instead to remark that this space enables more of this
duality. And though part of this duality is always “only virtual,” and sometimes
“only words,” real-space regulators (whether parents or governments) will feel
compelled to react. The Net enables lives that were previously impossible, or
inconvenient, or uncommon. At least some of those virtual lives will have effects
on non-virtual lives—both the lives of the people living in the virtual space, and
the lives of those around them.
WORMS THAT SNIFF
A “worm” is a bit of computer code that is spit out on the Net and works its way
into the systems of vulnerable computers. It is not a “virus” because it doesn’t
attach itself to other programs and interfere with their operation. It is just a bit
of extra code that does what the code writer says. The code could be harmless
and simply sit on someone’s machine. Or it could be harmful and corrupt files
or do other damage that its author commands.
Imagine a worm designed to do good (at least in the minds of some).
Imagine that the code writer is the FBI and that the FBI is looking for a partic-
ular document belonging to the National Security Agency (NSA). Suppose
that this document is classified and illegal to possess without the proper clear-
ance. Imagine that the worm propagates itself on the Net, finding its way onto
hard disks wherever it can. Once on a computer’s hard disk, it scans the entire
disk. If it finds the NSA document, it sends a message back to the FBI saying as
much. If it doesn’t, it erases itself. Finally, assume that it can do all this without
“interfering” with the operation of the machine. No one would know it was
there; it would report back nothing except that the NSA document was on the
hard disk.
0465039146-01 12/5/06 12:27 AM Page 21
four puzzles from cyberspace
21
Is this an unconstitutional worm? This is a hard question that at first seems
to have an easy answer. The worm is engaging in a government-initiated search
of citizens’ disks. There is no reasonable suspicion (as the law ordinarily
requires) that the disk holds the document for which the government is search-
ing. It is a generalized, suspicionless search of private spaces by the govern-
ment.
From the standpoint of the Constitution—the Fourth Amendment in par-
ticular—you don’t get any worse than that. The Fourth Amendment was writ-
ten against the background of just this sort of abuse. Kings George II and
George III would give officers a “general warrant” authorizing them to search
through private homes looking for evidence of a crime.16 No suspicion was
needed before the officer ransacked your house, but because he had a warrant,
you were not able to sue the officer for trespass. The aim of the Fourth Amend-
ment was to require at least suspicion, so that the burden of the search fell on a
reasonably chosen class.17
But is the worm really the same as the King’s general search? One important
difference is this: Unlike the victims of the general searches that the Framers of
our Constitution were concerned about, the computer user never knows that his
or her disk is being searched by the worm. With the general search, the police
were breaking into a house and rummaging through private stuff. With the
worm, it is a bit of computer code that does the breaking, and (I’ve assumed) it
can “see” only one thing. And perhaps more importantly, unlike the general
search, the worm learns little and leaves no damage after it’s finished: The code
can’t read private letters; it doesn’t break down doors; it doesn’t interfere with
ordinary life. And the innocent have nothing to fear.
The worm is silent in a way that King George’s troops were not. It searches
perfectly and invisibly, discovering only the guilty. It does not burden the inno-
cent; it does not trouble the ordinary citizen; it captures only what is outside the
protection of the law.
This difference complicates the constitutional question. The worm’s behav-
ior is like a generalized search in that it is a search without suspicion. But it is
unlike the historical generalized search in that it creates no disruption of ordi-
nary life and “discovers” only contraband. In this way, the worm is like a dog
sniff—which at least at airports is constitutionally permissible without probable
cause18—but better. Unlike the dog sniff, the worm doesn’t even let the com-
puter user know when there is a search (and hence the user suffers no particu-
larized anxiety).
Is the worm, then, constitutional? That depends on your conception of
what the Fourth Amendment protects. In one view, the amendment protects
against suspicionless governmental invasions, whether those invasions are bur-
0465039146-01 12/5/06 12:27 AM Page 22
22
CODE 2.0
densome or not. In a second view, the amendment protects against invasions
that are burdensome, allowing only those for which there is adequate suspicion
that guilt will be uncovered. The paradigm case that motivated the framers
does not distinguish between these two very different types of protections,
because the technology of the time wouldn’t distinguish either. You couldn’t—
technically—have a perfectly burdenless generalized search in 1791. So they
didn’t—technically—express a view about whether such a search should be
constitutionally proscribed. It is instead we who must choose what the amend-
ment is to mean.
Let’s take the example one step further. Imagine that the worm does not
search every machine it encounters, but instead can be put on a machine only
with judicial authorization—say, a warrant. Now the suspicionless-search part
of the problem has been removed. But now imagine a second part to this rule:
The government requires that networks be constructed so that a worm, with
judicial authorization, could be placed on any machine. Machines in this
regime, in other words, must be made worm-ready, even though worms will be
deployed only with judicial warrant.
Is there any constitutional problem with this? I explore this question in
much greater detail in Chapter 11, but for now, notice its salient feature. In
both cases, we are describing a regime that allows the government to collect data
about us in a highly efficient manner—inexpensively, that is, for both the gov-
ernment and the innocent. This efficiency is made possible by technology,
which permits searches that before would have been far too burdensome and
invasive. In both cases, then, the question comes to this: When the ability to
search without burden increases, does the government’s power to search
increase as well? Or, more darkly, as James Boyle puts it: “Is freedom inversely
related to the efficiency of the available means of surveillance?” For if it is, as
Boyle puts it, then “we have much to fear.”19
This question, of course, is not limited to the government. One of the defin-
ing features of modern life is the emergence of technologies that make data
collection and processing extraordinarily efficient. Most of what we do—hence,
most of what we are—is recorded outside our homes. When you make tele-
phone calls, data are recorded about whom you called, when, how long you
spoke, and how frequently you made such calls.20 When you use your credit
cards, data are recorded about when, where, what, and from whom you made
purchases. When you take a flight, your itinerary is recorded and possibly pro-
filed by the government to determine whether you are likely to be a terrorist.21
If you drive a car in London, cameras record your license plate to determine
whether you’ve paid the proper “congestion tax.” No doubt Hollywood’s image
of counter-terrorist units—where one person sitting behind a terminal instantly
0465039146-01 12/5/06 12:27 AM Page 23
four puzzles from cyberspace
23
tracks the life of another—is wrong. But it need not be terribly wrong for much
longer. It may not be easy to imagine systems that follow an individual wherever
he goes, but it is easy to imagine technologies that gather an extraordinary
amount of data about everything we do and make those data accessible to those
with the proper authorization. The intrusiveness would be slight, and the payoff
could be great.
Both private and public monitoring in the digital age, then, have the same
salient feature: monitoring, or searching, can increase without increasing the
burden on the individual searched. Both present a similar question: How should
we think about this change? How should the protection the framers gave us be
applied to a world the framers couldn’t even imagine?
THEMES
Four stories, four themes, each a window into one aspect of cyberspace that will
be central in all that follows. My aim in the balance of this book is to work
through the issues raised by these four themes. I thus end this chapter with a
map of the four, laid out in the order they will appear in the balance of the book.
That order begins with story number two.
Regulability
“Regulability” is the capacity of a government to regulate behavior within its
proper reach. In the context of the Internet, that means the ability of the govern-
ment to regulate the behavior of (at least) its citizens while on the Net. The
story about Boral was thus a story about regulability, or more specifically, about
the changes in regulability that cyberspace brings. Before the Internet, it was rel-
atively easy for the attorney general of Boral to control commercial gambling
within her jurisdiction; after the Internet, when the servers moved outside of
Boral, regulation became much more difficult.
For the regulator, this is just a particular instance of a much more general
story. To regulate well, you need to know (1) who someone is, (2) where they
are, and (3) what they’re doing. But because of the way the Internet was origi-
nally designed (and more on this below), there was no simple way to know (1)
who someone is, (2) where they are, and (3) what they’re doing. Thus, as life
moved onto (this version of) the Internet, the regulability of that life decreased.
The architecture of the space—at least as it was—rendered life in this space
less regulable.
The balance of Part I is about regulability. Can we imagine a more regulable
cyberspace? Is this the cyberspace we are coming to know?
0465039146-01 12/5/06 12:27 AM Page 24
24
CODE 2.0
Regulation by Code
The story about Martha and Dank is a clue to answering this question about
regulability. If in MMOG space we can change the laws of nature—make pos-
sible what before was impossible, or make impossible what before was possi-
ble—why can’t we change regulability in cyberspace? Why can’t we imagine an
Internet or a cyberspace where behavior can be controlled because code now
enables that control?
For this, importantly, is just what MMOG space is. MMOG space is “reg-
ulated,” though the regulation is special. In MMOG space regulation comes
through code. Important rules are imposed, not through social sanctions,
and not by the state, but by the very architecture of the particular space. A
rule is defined, not through a statute, but through the code that governs the
space.
This is the second theme of this book: There is regulation of behavior on
the Internet and in cyberspace, but that regulation is imposed primarily
through code. The differences in the regulations effected through code distin-
guish different parts of the Internet and cyberspace. In some places, life is fairly
free; in other places, it is more controlled. And the difference between these
spaces is simply a difference in the architectures of control—that is, a difference
in code.
If we combine the first two themes, then, we come to a central argument
of the book: The regulability described in the first theme depends on the code
described in the second. Some architectures of cyberspace are more regulable
than others; some architectures enable better control than others. Therefore,
whether a part of cyberspace—or the Internet generally—can be regulated
turns on the nature of its code. Its architecture will affect whether behavior
can be controlled. To follow Mitch Kapor, its architecture is its politics.22
And from this a further point follows: If some architectures are more
regulable than others—if some give governments more control than others—
then governments will favor some architectures more than others. Favor, in
turn, can translate into action, either by governments, or for governments.
Either way, the architectures that render space less regulable can themselves be
changed to make the space more regulable. (By whom, and why, is a matter we
take up later.)
This fact about regulability is a threat to those who worry about govern-
mental power; it is a reality for those who depend upon governmental power.
Some designs enable government more than others; some designs enable gov-
ernment differently; some designs should be chosen over others, depending
upon the values at stake.
0465039146-01 12/5/06 12:27 AM Page 25
four puzzles from cyberspace
25
Latent Ambiguity
The worm tells a different story still. Though it is a technology for searching, the
worm’s function differs from “searching” in real space. In real space, a search car-
ries costs: the burdens of the search, the insecurities it might create, the exposure
it might make possible to invasions beyond a legitimate reach.23 The worm
erases those costs: The burden is gone, the search is (practically) invisible, and
the searching technology is programmed to find only what is illegal. This raises
a question about how such a search should, under the Constitution, be under-
stood.
A fair view of the Constitution’s protections could go in either of two ways.
It may be that we see the worm’s invasion as inconsistent with the dignity that
the amendment was written to protect,24 or it may be that we see the invasion
of the worm as so unobtrusive as to be reasonable. The answer could be either,
which means that the change reveals what I will call “a latent ambiguity” in the
original constitutional rule. In the original context, the rule was clear (no gen-
eralized search), but in the current context, the rule depends upon which value
the Constitution was meant to protect. The question is now ambiguous between
(at least) two different answers. Either answer is possible, depending upon the
value, so now we must choose one or the other.
You may not buy my story about the worm. You may think it is pure science
fiction. But by the end of the book, I will convince you that there are any num-
ber of cases in which a similar ambiguity troubles our constitutional past. In
many of them our Constitution yields no answer to the question of how it
should be applied, because at least two answers are possible—in light of the
choices that the framers actually made and given the technologies of today.
For Americans, this ambiguity creates a problem. If we lived in an era when
courts felt entitled to select the value that produced an answer that made the
most sense in the context, there would be no problem. Latent ambiguities would
be answered by choices made by judges—the framers could have gone either
way, but our judges choose to go this way.
But we don’t live in such an era, and so we don’t have a way for courts to
resolve these ambiguities. As a result, we must rely on other institutions. My
claim is a dark one: We have no such institutions. If our ways don’t change, our
constitution in cyberspace will be a thinner and thinner regime.
Cyberspace will present us with ambiguities over and over again. It will
press this question of how best to go on. We have tools from real space that will
help resolve the interpretive questions by pointing us in one direction or
another, at least some of the time. But in the end the tools will guide us even less
than they do in real space and time. When the gap between their guidance and
0465039146-01 12/5/06 12:27 AM Page 26
26
CODE 2.0
what we do becomes obvious, we will be forced to do something we’re not very
good at doing—deciding what we want, and what is right.
Competing Sovereigns
But regulation by whom? For the rules are different in one place versus another.
This was one important issue raised by Jake Baker. Jake lived in Ann
Arbor, Michigan. His life there was subject to the norms of Ann Arbor, and he
apparently adapted to these norms reasonably well. The authority of that
space governed Jake, and, as far as anyone knew, it appeared to govern him
exclusively.
But in cyberspace, Jake’s behavior changed, in part because the norms of
the space were different. That created the problem. For when Jake “went to”
cyberspace, he didn’t leave real space. In particular, he never left Ann Arbor.
While sitting in a dorm at the University of Michigan, he was able to teleport
himself—in the only normatively significant sense—to a different world
where the norms of civility and decency that governed outside his dorm room
did not reign. Cyberspace gave Jake the chance to escape Ann Arbor norms
and to live according to the norms of another place. It created a competing
authority for Jake and gave him the chance to select between these competing
authorities merely by switching his computer on or off.
Again, my point is not that no similar possibility exists in real space—it
plainly does. There is no doubt a Jake living in Hackensack, New Jersey (a sub-
urban town with suburban values), who drives every night into lower Man-
hattan and lives for a few hours according to the “rules” of lower Manhattan.
Those rules are not the rules of Hackensack; that life is different. Like Ann
Arbor Jake, the Hackensack Jake lives under competing authorities. But
between the lives of these two Jakes, there is a difference in degree that ripens
into a difference in kind: It is at least conceivable that the Ann Arbor Jake
raises a more significant problem for Ann Arbor than the Hackensack Jake
raises for Hackensack. The differences could well be greater, and the effect
more pervasive.
Nor should we think too narrowly about the competing normative com-
munities into which a Jake might move. “Escape” here can be good or bad. It
is escape when a gay teen in an intolerant small town can leave the norms of
that town through a gay chat room on America Online;25 it is escape when a
child predator escapes the norms of ordinary society and engages a child in
online sex.26 Both escapes are enabled by the architecture of cyberspace as we
now know it. Our attitudes about each, however, are very different. I call the
first escape liberating and the second criminal. There are some who would call
0465039146-01 12/5/06 12:27 AM Page 27
four puzzles from cyberspace
27
both escapes criminal, and some who would call both liberating. But the
question isn’t about name-calling, it’s about the consequences of living in a
world where we can occupy both sorts of space at the same time. When 50
people from 25 jurisdictions around the world spend 2,000 hours building a
virtual community in Second Life that is housed on servers in San Francisco,
what claim should real world jurisdictions have over that activity? Which of
the 25 jurisdictions matters most? Which sovereign should govern?
{TXB2}
These four themes frame everything that follows. They also map the under-
standing that I want this book to provide. Regulation in cyberspace can
help us see something important about how all regulation works. That’s
the lesson of the first theme, “regulability.” It will also introduce a regulator
(“code”) whose significance we don’t yet fully understand. That’s the second
theme, “Regulation by Code.” That regulation will render ambiguous certain
values that are fundamental to our tradition. Thus, the third theme,“latent
ambiguity.” That ambiguity will require us, the United States, to make a
choice. But this choice is just one among many that many sovereigns will
have to make. In the end the hardest problem will be to reckon these “com-
peting sovereigns,” as they each act to mark this space with their own dis-
tinctive values.
I explore these four themes against a background that, as I said at the
start, has changed significantly since the first edition of this book. When I first
wrote the book, two ideas seemed to dominate debate about the Net: first, that
the government could never regulate the Net, and second, that this was a
good thing. Today, attitudes are different. There is still the commonplace that
government can’t regulate, but in a world drowning in spam, computer
viruses, identity theft, copyright “piracy,” and the sexual exploitation of chil-
dren, the resolve against regulation has weakened. We all love the Net. But if
some government could really deliver on the promise to erase all the bads of
this space, most of us would gladly sign up.
Yet while attitudes about the Net have progressed, my own views have
not. I still believe the Net can be regulated. I still believe that the obvious
consequence of obvious influences will be to radically increase the ability of
governments to regulate this Net. I also still believe that, in principle, this is
not a bad thing. I am not against regulation, properly done. I believe regula-
tion is essential to preserving and defending certain fundamental liberties.
But I also still believe that we are far from a time when our government in
particular can properly regulate in this context. This is both because of a
general skepticism about government—grounded in a disgust about the par-
ticular form of corruption that defines how our government functions—and
0465039146-01 12/5/06 12:27 AM Page 28
28
CODE 2.0
a particular skepticism about government—that it has not yet fully recog-
nized just how regulation in the digital age works.
No doubt this particular mix of views will continue to puzzle some. How
can I believe in regulation and yet be so skeptical about government? But it
doesn’t take much imagination to understand how these apparently conflict-
ing views can go together. I take it we all believe in the potential of medicine.
But imagine your attitude if you were confronted with a “doctor” carrying a
vial of leeches. There’s much we could do in this context, or at least, that is my
view. But there’s a very good reason not to want to do anything with this par-
ticular doctor.
0465039146-01 12/5/06 12:27 AM Page 29
P A R T
O N E
“ r e g u l a b i l i t y ”
It is said that cyberspace can’t be regulated. But what does it mean to say that
something could be regulated? What makes regulation possible? That’s the
question raised in this Part. If the Internet can’t be regulated, why? And what-
ever the reason, can it change? Might an unregulable space be tamed? Might
the Wild West be won, and how?
0465039146-01 12/5/06 12:27 AM Page 30
0465039146-01 12/5/06 12:27 AM Page 31
T H R E E
i s - i s m :
i s
t h e
w a y
i t
i s
t h e
w a y
i t
m u s t
b e ?
The rise of an electronic medium that disregards geographical bound-
aries throws the law into disarray by creating entirely new phenomena
that need to become the subject of clear legal rules but that cannot be
governed, satisfactorily, by any current territorially based sovereign.
David Johnson and David Post1
Some things never change about governing the Web. Most prominent is
its innate ability to resist governance in almost any form.
Tom Steinert-Threlkeld2
IF THERE WAS A MEME THAT RULED TALK ABOUT CYBERSPACE, IT WAS THAT CYBERSPACE
was a place that could not be regulated. That it “cannot be governed”; that its
“nature” is to resist regulation. Not that cyberspace cannot be broken, or that
government cannot shut it down. But if cyberspace exists, so first-generation
thinking goes, government’s power over behavior there is quite limited. In its
essence, cyberspace is a space of no control.
Nature. Essence. Innate. The way things are. This kind of rhetoric should
raise suspicions in any context. It should especially raise suspicion here. If
there is any place where nature has no rule, it is in cyberspace. If there is any
place that is constructed, cyberspace is it. Yet the rhetoric of “essence” hides
this constructedness. It misleads our intuitions in dangerous ways.
31
0465039146-01 12/5/06 12:27 AM Page 32
32
CODE 2.0
This is the fallacy of “is-ism”—the mistake of confusing how some-
thing is with how it must be. There is certainly a way that cyberspace is. But
how cyberspace is is not how cyberspace has to be. There is no single way
that the Net has to be; no single architecture that defines the nature of the
Net. The possible architectures of something that we would call “the Net”
are many, and the character of life within those different architectures is
diverse.
That most of us commit this fallacy is not surprising. Most of us
haven’t a clue about how networks work. We therefore have no clue about
how they could be different. We assume that the way we find things is the
way things have to be. We are not trained to think about all the different
ways technology could achieve the same ends through different means.
That sort of training is what technologists get. Most of us are not technol-
ogists.
But underlying everything in this book is a single normative plea: that
all of us must learn at least enough to see that technology is plastic. It can
be remade to do things differently. And that if there is a mistake that we
who know too little about technology should make, it is the mistake of
imagining technology to be too plastic, rather than not plastic enough. We
should expect—and demand—that it can be made to reflect any set of val-
ues that we think important. The burden should be on the technologists to
show us why that demand can’t be met.
The particular is-ism that I begin with here is the claim that cyberspace
can’t be regulated. As this, and the following chapters argue, that view is
wrong. Whether cyberspace can be regulated depends upon its architecture.
The original architecture of the Internet made regulation extremely diffi-
cult. But that original architecture can change. And there is all the evidence
in the world that it is changing. Indeed, under the architecture that I
believe will emerge, cyberspace will be the most regulable space humans
have ever known. The “nature” of the Net might once have been its unreg-
ulability; that “nature” is about to flip.
To see the flip, you must first see a contrast between two different
cyber-places. These two cyber-places are ideal types, and, indeed, one of the
two ideals no longer exists anywhere on the Net. That fact is confirmation
of the point this section aims to make: that we’re moving from one Internet
to another, and the one we’re moving to will be significantly more regula-
ble.
The following descriptions are not technical; I don’t offer them as com-
plete definitions of types of networks or types of control. I offer them to
illustrate—to sketch enough to see a far more general point.
0465039146-01 12/5/06 12:27 AM Page 33
is-ism
33
CYBER-PLACES: HARVARD VERSUS CHICAGO
The Internet was born at universities in the United States. Its first subscribers
were researchers. But as a form of life, its birth was tied to university life. It
swept students online, pulling them away from life in real space. The Net was
one of many intoxicants on college campuses in the mid-1990s, and its signif-
icance only grew through time. As former New York Times columnist J. C.
Herz wrote in her first book about cyberspace:
When I look up, it’s four-thirty in the morning. “No way.” I look from the clock to my
watch. Way. I’ve been in front of this screen for six hours, and it seems like no time
at all. I’m not even remotely tired. Dazed and thirsty, but not tired. In fact, I’m
euphoric. I stuff a disheveled heap of textbooks, photocopied articles, hilighters and
notes into my backpack and run like a madwoman up the concrete steps, past the
security guard, and outside into the predawn mist. . . .
I stop where a wet walkway meets a dry one and stand for a sec. . . . [I] start
thinking about this thing that buzzes around the entire world, through the phone
lines, all day and all night long. It’s right under our noses and it’s invisible. It’s like
Narnia, or Magritte, or Star Trek, an entire goddamned world. Except it doesn’t phys-
ically exist. It’s just the collective consciousness of however many people are on it.
This really is outstandingly weird.3
Yet not all universities adopted the Net in the same way. Or put differently,
the access universities granted was not all the same. The rules were different.
The freedoms allowed were different. One example of this difference comes
from two places I knew quite well, though many other examples could make
the same point.
In the middle 1990s at the University of Chicago, if you wanted access to
the Internet, you simply connected your machine to Ethernet jacks located
throughout the university.4 Any machine with an Ethernet connection could
be plugged into these jacks. Once connected, your machine had full access to
the Internet—access, that is, that was complete, anonymous, and free.
The reason for this freedom was a decision by an administrator—the
then-Provost, Geoffrey Stone, a former dean of the law school and a promi-
nent free speech scholar. When the university was designing its net, the tech-
nicians asked Stone whether anonymous communication should be
permitted. Stone, citing the principle that the rules regulating speech at the
university should be as protective of free speech as the First Amendment, said
yes: People should have the right to communicate at the university anony-
mously, because the First Amendment to the Constitution guarantees the
0465039146-01 12/5/06 12:27 AM Page 34
34
CODE 2.0
same right vis-à-vis governments. From that policy decision flowed the archi-
tecture of the University of Chicago’s net.
At Harvard, the rules are different. If you plug your machine into an Eth-
ernet jack at the Harvard Law School, you will not gain access to the Net. You
cannot connect your machine to the Net at Harvard unless the machine is
registered—licensed, approved, verified. Only members of the university
community can register their machines. Once registered, all interactions with
the network are monitored and identified to a particular machine. To join the
network, users have to “sign” a user agreement. The agreement acknowledges
this pervasive practice of monitoring. Anonymous speech on this network is
not permitted—it is against the rules. Access can be controlled based on who
you are, and interactions can be traced based on what you did.
This design also arose from the decision of an administrator, one less
focused on the protections of the First Amendment. Control was the ideal at
Harvard; access was the ideal at Chicago. Harvard chose technologies that
made control possible; Chicago chose technologies that made access easy.
These two networks differ in at least two important ways. First and most
obviously, they differ in the values they embrace.5 That difference is by design.
At the University of Chicago, First Amendment values determined network
design; different values determined Harvard’s design.
But they differ in a second way as well. Because access is controlled at Har-
vard and identity is known, actions can be traced back to their root in the net-
work. Because access is not controlled at Chicago, and identity is not known,
actions cannot be traced back to their root in the network. Monitoring or
tracking behavior at Chicago is harder than it is at Harvard. Behavior in the
Harvard network is more controllable than in the University of Chicago net-
work.
The networks thus differ in the extent to which they make behavior
within each network regulable. This difference is simply a matter of code—a
difference in the software and hardware that grants users access. Different
code makes differently regulable networks. Regulability is thus a function of
design.
These two networks are just two points on a spectrum of possible net-
work designs. At one extreme we might place the Internet—a network defined
by a suite of protocols that are open and nonproprietary and that require no
personal identification to be accessed and used. At the other extreme are tra-
ditional closed, proprietary networks, which grant access only to those with
express authorization; control, therefore, is tight. In between are networks
that mix elements of both. These mixed networks add a layer of control to the
otherwise uncontrolled Internet. They layer elements of control on top.
0465039146-01 12/5/06 12:27 AM Page 35
is-ism
35
Thus the original—there have been some changes in the last years6—
University of Chicago network was close to the norm for Internet access in the
middle of the 1990s.7 Let’s call it Net95. At the other extreme are closed net-
works that both predate the Internet and still exist today—for example, the
ATM network, which makes it possible to get cash from your California bank
at 2:00 A.M. while in Tblisi. And in the middle are Harvard-type networks—
networks that add a layer of control on top of the suite of protocols that
define “the Internet.” These protocols are called “TCP/IP.” I describe them
more extensively in Chapter 4. But the essential feature of the Harvard net-
work is that this suite was supplemented. You get access to the Internet only
after you’ve passed through this layer of control.
All three designs are communication networks that are “like” the Internet.
But their differences raise an obvious question: When people say that the
Internet is “unregulable,” which network are they describing? And if they’re
talking about an unregulable network, why is it unregulable? What features in
its design make it unregulable? And could those features be different?
Consider three aspects of Net95’s design that make it hard for a regulator
to control behavior there. From the perspective of an anonymity-loving user,
these are “features” of Net95—aspects that make that network more valuable.
But from the perspective of the regulator, these features are “bugs”—imper-
fections that limit the data that the Net collects, either about the user or about
the material he or she is using.
The first imperfection is information about users—who the someone is
who is using the Internet. In the words of the famous New Yorker cartoon of
two dogs sitting in front of a PC, “On the Internet, nobody knows you’re a
dog.”8 No one knows, because the Internet protocols don’t require that you
credential who you are before you use the Internet. Again, the Internet proto-
col doesn’t require that credential; your local access point, like the Harvard
network, might. But even then, the information that ties the individual to a
certain network transaction is held by the access provider. It is not a part of
your Internet transaction.
The second “imperfection” is information about geography—where the
someone is who is using the Internet. As I will describe more in Chapter 4,
although the Internet is constituted by addresses, those addresses were initially
simply logical addresses. They didn’t map to any particular location in the
physical world. Thus, when I receive a packet of data sent by you through the
Internet, it is certainly possible for me to know the Internet address from
which your packet comes, but I will not know the physical address.
And finally, the third “imperfection” is information about use—what is
the data being sent across this network; what is its use? The Internet does not
0465039146-01 12/5/06 12:27 AM Page 36
36
CODE 2.0
require any particular labeling system for data being sent across the Internet.
Again, as we’ll see in more detail below, there are norms that say something,
but no rule to assure data gets distributed just according to the norms. Noth-
ing puts the bits into a context of meaning, at least not in a way that a machine
can use. Net95 had no requirement that data be labeled. “Packets” of data are
labeled, in the sense of having an address. But beyond that, the packets could
contain anything at all.
These three “imperfections” tie together: Because there is no simple way
to know who someone is, where they come from, and what they’re doing,
there is no simple way to regulate how people behave on the Net. If you can’t
discover who did what and where, you can’t easily impose rules that say “don’t
do this, or at least, don’t do it there.” Put differently, what you can’t know
determines what you can control.
Consider an example to make the point clearer. Let’s say the state of Penn-
sylvania wants to block kids from porn. It thus passes a rule that says “No kid
in Pennsylvania can get access to porn.” To enforce that rule, Pennsylvania has
got to know (1) whether someone is a kid, (2) where they come from (i.e.,
Pennsylvania or Maine), and (3) what they’re looking at (porn or marzipan).
Net95, however, won’t be of much help to Pennsylvania as it tries to enforce
this rule. People accessing content in Pennsylvania using Net95 need not
reveal anything about who they are or where they come from, and nothing in
the design of Net95 requires sites to describe what content they carry. These
gaps in data make regulating hard. Thus from the perspective of the regulator,
these are imperfections in the Net’s original design.
But the Harvard network suggests that it is at least possible for the “bugs”
in Net95 to be eliminated. The Net could know the credentials of the user
(identity and location) and the nature of the data being sent. That knowledge
could be layered onto the Internet without destroying its functionality. The
choice, in other words, is not between the Internet and no Internet, or
between the Internet and a closed proprietary network. Harvard suggests a
middle way. Architectures of control could be layered on top of the Net to
“correct” or eliminate “imperfections.” And these architectures could, in other
words, facilitate control.9
That is the first, very small, claim of this early chapter in a story about
emerging control: Architectures of control are possible; they could be added
to the Internet that we already know. If they were added, that would radically
change the character of the network. Whether these architectures should be
added depends upon what we want to use the network for.
I say this is a small claim because, while it is important, it is the sort of
point that one recognizes as obvious even if one didn’t see it originally. More
0465039146-01 12/5/06 12:27 AM Page 37
is-ism
37
than obvious, the point should be pedestrian. We see it in lots of contexts.
Think, for example, of the post office. When I was growing up, the Post Office
was a haven for anonymous speech. The job of the Post Office was simply to
deliver packages. Like Net95, it didn’t worry about who a piece of mail was
from, or what was in the envelope or package. There was no enforced require-
ment that you register before you send a letter. There was no enforced require-
ment that the letter have a return address or that the return address be correct.
If you were careful to avoid fingerprints, you could use this government-
subsidized facility to send perfectly anonymous messages.
Obviously, the Post Office could be architected differently. The service
could require, for example, a return address. It could require that you verify
that the return address was correct (for example, by checking your ID before
it accepted a package). It could even require inspection before it shipped a
particular package or envelope. All of these changes in the procedures for the
post would produce a world in which mail was more easily monitored and
tracked. The government makes that choice when it designs the Post Office as
it does. If monitoring becomes important, the government can change the
system to facilitate it. If not, they can leave the postal system as it (largely) is.
But if it does change the system to make monitoring more simple, that will
reflect changes in values that inform the design of that network.
The claim of this book is that there are sufficient interests to move the
Net95 from a default of anonymity to a default of identification. But nothing
I’ve said yet shows how. What would get us from the relatively unregulable lib-
ertarian Net to a highly regulable Net of control?
This is the question for the balance of Part I. I move in two steps. In
Chapter 4, my claim is that even without the government’s help, we will see
the Net move to an architecture of control. In Chapter 5, I sketch how govern-
ment might help. The trends promise a highly regulable Net—not the liber-
tarian’s utopia, not the Net your father (or more likely your daughter or son)
knew, but a Net whose essence is the character of control.
An Internet, in other words, that flips the Internet as it was.
0465039146-01 12/5/06 12:27 AM Page 38
F O U R
a r c h i t e c t u r e s
o f
c o n t r o l
THE INVISIBLE MAN DOESN’T FEAR THE STATE. HE KNOWS HIS NATURE PUTS HIM
beyond its reach (unless he gets stupid, and of course, he always gets stupid).
His story is the key to a general lesson: If you can’t know who someone is, or
where he is, or what he’s doing, you can’t regulate him. His behavior is as he
wants it to be. There’s little the state can do to change it.
So too with the original Internet: Everyone was an invisible man. As
cyberspace was originally architected, there was no simple way to know who
someone was, where he was, or what he was doing. As the Internet was orig-
inally architected, then, there was no simple way to regulate behavior there.
The aim of the last chapter, however, was to add a small but important
point to this obvious idea: Whatever cyberspace was, there’s no reason it has
to stay this way. The “nature” of the Internet is not God’s will. Its nature is
simply the product of its design. That design could be different. The Net
could be designed to reveal who someone is, where they are, and what
they’re doing. And if it were so designed, then the Net could become, as I
will argue throughout this part, the most regulable space that man has ever
known.
In this chapter, I describe the changes that could—and are—pushing the
Net from the unregulable space it was, to the perfectly regulable space it could
be. These changes are not being architected by government. They are instead
being demanded by users and deployed by commerce. They are not the prod-
uct of some 1984-inspired conspiracy; they are the consequence of changes
made for purely pragmatic, commercial ends.
This obviously doesn’t make these changes bad or good. My purpose just
now is not normative, but descriptive. We should understand where we are
going, and why, before we ask whether this is where, or who, we want to be.
38
0465039146-01 12/5/06 12:27 AM Page 39
architectures of control
39
{TXB2}
The history of the future of the Internet was written in Germany in January
1995. German law regulated porn. In Bavaria, it regulated porn heavily. Com-
puServe made (a moderate amount of, through USENET,) porn available to its
users. CompuServe was serving Bavaria’s citizens. Bavaria told CompuServe to
remove the porn from its servers, or its executives would be punished.
CompuServe at first objected that there was nothing it could do—save
removing the porn from every server, everywhere in the world. That didn’t
trouble the Germans much, but it did trouble CompuServe. So in January
1995, CompuServe announced a technical fix: Rather than blocking access to
the USENET newsgroups that the Bavarians had complained about for all
members of CompuServe, CompuServe had devised a technology to filter
content on a country-by-country basis.1
To make that fix work, CompuServe had to begin to reckon who a user
was, what they were doing, and where they were doing it. Technology could
give them access to the data that needed reckoning. And with that shift, the
future was set. An obvious response to a problem of regulability would begin
to repeat itself.
CompuServe, of course, was not the Internet. But its response suggests the
pattern that the Internet will follow. In this Chapter, I map just how the Inter-
net can effectively be made to run (in this respect at least) like CompuServe.
WHO DID WHAT, WHERE?
To regulate, the state needs a way to know the who, in “Who did what, where?”
To see how the Net will show the state “who,” we need to think a bit more
carefully about how “identification” works in general, and how it might work
on the Internet.
Identity and Authentication: Real Space
To make sense of the technologies we use to identify who someone is, consider
the relationship among three familiar ideas—(1) “identity,” (2) “authentica-
tion,” and (3) “credential.”
By “identity” I mean something more than just who you are. I mean as
well your “attributes,” or more broadly, all the facts about you (or a corpora-
tion, or a thing) that are true. Your identity, in this sense, includes your name,
your sex, where you live, what your education is, your driver’s license number,
your social security number, your purchases on Amazon.com, whether you’re
a lawyer—and so on.
0465039146-01 12/5/06 12:27 AM Page 40
40
CODE 2.0
These attributes are known by others when they are communicated. In
real space, some are communicated automatically: for most, sex, skin color,
height, age range, and whether you have a good smile get transmitted auto-
matically. Other attributes can’t be known unless they are revealed either by
you, or by someone else: your GPA in high school, your favorite color, your
social security number, your last purchase on Amazon, whether you’ve passed
a bar exam.
Just because an attribute has been asserted, however, does not mean the
attribute is believed. (“You passed the bar?!”) Rather belief will often depend
upon a process of “authentication.” In general, we “authenticate” when we
want to become more confident about the truth about some asserted claim
than appears on its face. “I’m married,” you say. “Show me the ring,” she says.
The first statement is an assertion about an attribute you claim you have. The
second is a demand for authentication. We could imagine (in a comedy at
least) that demand continuing. “Oh come on, that’s not a wedding ring. Show
me your marriage license.” At some point, the demands stop, either when
enough confidence has been achieved, or when the inquiry has just become
too weird.
Sometimes this process of authentication is relatively automatic. Some
attributes, that is, are relatively self-authenticating: You say you’re a woman;
I’m likely to believe it when I see you. You say you’re a native speaker; I’m
likely to believe it once I speak with you. Of course, in both cases, I could be
fooled. Thus, if my life depended upon it, I might take other steps to be
absolutely confident of what otherwise appears plain. But for most purposes,
with most familiar sorts of attributes, we learn how to evaluate without much
more than our own individual judgment.
Some attributes, however, cannot be self-authenticating. You say you’re
licensed to fly an airplane; I want to see the license. You say you’re a member
of the California bar; I want to see your certificate. You say you’re qualified to
perform open heart surgery on my father; I want to see things that make me
confident that your claim is true. Once again, these authenticating “things”
could be forged, and my confidence could be unjustified. But if I’m careful to
match the process for authentication with the level of confidence that I need,
I’m behaving quite rationally. And most of us can usually get by without a ter-
ribly complicated process of authentication.
One important tool sometimes used in this process of authentication is a
credential. By “credential,” I mean a standardized device for authenticating (to
some level of confidence) an assertion made. A driver’s license is a credential
in this sense. Its purpose is to authenticate the status of a driver. We’re gener-
ally familiar with the form of such licenses; that gives us some confidence
0465039146-01 12/5/06 12:27 AM Page 41
architectures of control
41
that we’ll be able to determine whether a particular license is valid. A passport
is also a credential in this sense. Its purpose is to establish the citizenship of
the person it identifies, and it identifies a person through relatively self-
authenticating attributes. Once again, we are familiar with the form of this
credential, and that gives us a relatively high level of confidence about the facts
asserted in that passport.
Obviously, some credentials are better than others. Some are architected
to give more confidence than others; some are more efficient at delivering
their confidence than others. But we select among the credentials available
depending upon the level of confidence that we need.
So take an obvious example to bring these points together: Imagine you’re
a bank teller. Someone appears in front of you and declares that she is the
owner of account # 654–543231. She says she would like to withdraw all the
money from that account.
In the sense I’ve described, this someone (call her Ms. X) has asserted a
fact about her identity—that she is the owner of account # 654–543231. Your
job now is to authenticate that assertion. So you pull up on your computer the
records for the account, and you discover that there’s lots of money in it. Now
your desire to be confident about the authentication you make is even
stronger. You ask Ms. X her name; that name matches the name on the
account. That gives you some confidence. You ask Ms. X for two forms of
identification. Both match to Ms. X. Now you have even more confidence. You
ask Ms. X to sign a withdrawal slip. The signatures seem to match; more con-
fidence still. Finally, you note in the record that the account was established by
your manager. You ask her whether she knows Ms. X. She confirms that she
does, and that the “Ms. X” standing at the counter is indeed Ms. X. Now you’re
sufficiently confident to turn over the money.
Notice that throughout this process, you’ve used technologies to help you
authenticate the attribute asserted by Ms. X to be true. Your computer links a
name to an account number. A driver’s license or passport ties a picture to a
name. The computer keeps a copy of a signature. These are all technologies to
increase confidence.
And notice too that we could imagine even better technologies to increase
this confidence. Credit cards, for example, were developed at a time when
merely possessing the credit card authenticated its use. That design creates the
incentive to steal a credit card. ATM cards are different—in addition to pos-
session, ATM cards require a password. That design reduces the value of
stolen cards. But some write their passwords on their ATM cards, or keep
them in their wallets with their ATMs. This means the risk from theft is not
totally removed. But that risk could be further reduced by other technologies
0465039146-01 12/5/06 12:27 AM Page 42
42
CODE 2.0
of authentication. For example, certain biometric technologies, such as
thumbprint readers or eye scans, would increase the confidence that the
holder of a card was an authorized user. (Though these technologies them-
selves can create their own risks: At a conference I heard a vendor describing
a new technology for identifying someone based upon his handprint; a par-
ticipant in the conference asked whether the hand had to be alive for the
authentication to work. The vendor went very pale. After a moment, he
replied, “I guess not.”)
We are constantly negotiating these processes of authentication in real
life, and in this process, better technologies and better credentials enable more
distant authentication. In a small town, in a quieter time, credentials were
not necessary. You were known by your face, and your face carried with it a
reference (held in the common knowledge of the community) about your
character. But as life becomes more fluid, social institutions depend upon
other technologies to build confidence around important identity assertions.
Credentials thus become an unavoidable tool for securing such authentica-
tion.
If technologies of authentication can be better or worse, then, obviously,
many have an interest in these technologies becoming better. We each would
be better off if we could more easily and confidently authenticate certain facts
about us. Commerce, too, would certainly be better off with better technolo-
gies of authentication. Poor technologies begat fraud; fraud is an unproduc-
tive cost for business. If better technology could eliminate that cost, then
prices could be lower and profits possibly higher.
And finally, governments benefit from better technologies of authentica-
tion. If it is simple to authenticate your age, then rules that are triggered based
upon age are more easily enforced (drinking ages, or limits on cigarettes).
And if it is simple to authenticate who you are, then it will be easier for the
government to trace who did what.
Fundamentally, the regulability of life in real-space depends upon certain
architectures of authentication. The fact that witnesses can identify who com-
mitted a crime, either because they know the person or because of self-
authenticating features such as “he was a white male, six feet tall,” enhances
the ability of the state to regulate against that crime. If criminals were invisible
or witnesses had no memory, crime would increase. The fact that fingerprints
are hard to change and are now automatically traced to convicted felons
increases the likelihood that felons will be caught again. Relying on a more
changeable physical characteristic would reduce the ability of the police to
track repeat offenders. The fact that cars have license plates and are registered
by their owners increases the likelihood that a hit-and-run driver will be
0465039146-01 12/5/06 12:27 AM Page 43
architectures of control
43
caught. Without licenses, and without systems registering owners, it would be
extremely difficult to track car-related crime. In all these cases, and in many
more, technologies of authentication of real-space life make regulating that
life possible.
These three separate interests therefore point to a common interest. That’s
not to say that every technology of authentication meets that common inter-
est, nor is it to say that these interests will be enough to facilitate more effi-
cient authentication. But it does mean that we can see which way these
interests push. Better authentication can benefit everyone.
Identity and Authentication: Cyberspace
Identity and authentication in cyberspace and real space are in theory the
same. In practice they are quite different. To see that difference, however, we
need to see more about the technical detail of how the Net is built.
As I’ve already said, the Internet is built from a suite of protocols referred
to collectively as “TCP/IP.” At its core, the TCP/IP suite includes protocols for
exchanging packets of data between two machines “on” the Net.2 Brutally sim-
plified, the system takes a bunch of data (a file, for example), chops it up into
packets, and slaps on the address to which the packet is to be sent and the
address from which it is sent. The addresses are called Internet Protocol
addresses, and they look like this: 128.34.35.204. Once properly addressed, the
packets are then sent across the Internet to their intended destination.
Machines along the way (“routers”) look at the address to which the packet is
sent, and depending upon an (increasingly complicated) algorithm, the
machines decide to which machine the packet should be sent next. A packet
could make many “hops” between its start and its end. But as the network
becomes faster and more robust, those many hops seem almost instantaneous.
0465039146-01 12/5/06 12:27 AM Page 44
44
CODE 2.0
In the terms I’ve described, there are many attributes that might be asso-
ciated with any packet of data sent across the network. For example, the
packet might come from an e-mail written by Al Gore. That means the e-mail
is written by a former vice president of the United States, by a man knowl-
edgeable about global warming, by a man over the age of 50, by a tall man, by
an American citizen, by a former member of the United States Senate, and so
on. Imagine also that the e-mail was written while Al Gore was in Germany,
and that it is about negotiations for climate control. The identity of that
packet of information might be said to include all these attributes.
But the e-mail itself authenticates none of these facts. The e-mail may say
it’s from Al Gore, but the TCP/IP protocol alone gives us no way to be sure. It
may have been written while Gore was in Germany, but he could have sent it
through a server in Washington. And of course, while the system eventually
will figure out that the packet is part of an e-mail, the information traveling
across TCP/IP itself does not contain anything that would indicate what the
content was. The protocol thus doesn’t authenticate who sent the packet,
where they sent it from, and what the packet is. All it purports to assert is an
IP address to which the packet is to be sent, and an IP address from which the
packet comes. From the perspective of the network, this other information is
unnecessary surplus. Like a daydreaming postal worker, the network simply
moves the data and leaves its interpretation to the applications at either end.
This minimalism in the Internet’s design was not an accident. It reflects a
decision about how best to design a network to perform a wide range over
very different functions. Rather than build into this network a complex set of
functionality thought to be needed by every single application, this network
philosophy pushes complexity to the edge of the network—to the applications
that run on the network, rather than the network’s core. The core is kept as
simple as possible. Thus if authentication about who is using the network is
necessary, that functionality should be performed by an application con-
nected to the network, not by the network itself. Or if content needs to be
encrypted, that functionality should be performed by an application con-
nected to the network, not by the network itself.
This design principle was named by network architects Jerome Saltzer,
David Clark, and David Reed as the end-to-end principle.3 It has been a core
principle of the Internet’s architecture, and, in my view, one of the most
important reasons that the Internet produced the innovation and growth that
it has enjoyed. But its consequences for purposes of identification and authen-
tication make both extremely difficult with the basic protocols of the Internet
alone. It is as if you were in a carnival funhouse with the lights dimmed to
darkness and voices coming from around you, but from people you do not
0465039146-01 12/5/06 12:27 AM Page 45
architectures of control
45
know and from places you cannot identify. The system knows that there are
entities out there interacting with it, but it knows nothing about who those
entities are. While in real space—and here is the important point—anonymity
has to be created, in cyberspace anonymity is the given.
Identity and Authentication: Regulability
This difference in the architectures of real space and cyberspace makes a big
difference in the regulability of behavior in each. The absence of relatively self-
authenticating facts in cyberspace makes it extremely difficult to regulate
behavior there. If we could all walk around as “The Invisible Man” in real
space, the same would be true about real space as well. That we’re not capable
of becoming invisible in real space (or at least not easily) is an important rea-
son that regulation can work.
Thus, for example, if a state wants to control children’s access to “inde-
cent” speech on the Internet, the original Internet architecture provides little
help. The state can say to websites, “don’t let kids see porn.” But the website
operators can’t know—from the data provided by the TCP/IP protocols at
least—whether the entity accessing its web page is a kid or an adult. That’s dif-
ferent, again, from real space. If a kid walks into a porn shop wearing a mus-
tache and stilts, his effort to conceal is likely to fail. The attribute “being a kid”
is asserted in real space, even if efforts to conceal it are possible. But in cyber-
space, there’s no need to conceal, because the facts you might want to conceal
about your identity (i.e., that you’re a kid) are not asserted anyway.
All this is true, at least, under the basic Internet architecture. But as the
last ten years have made clear, none of this is true by necessity. To the extent
that the lack of efficient technologies for authenticating facts about individ-
uals makes it harder to regulate behavior, there are architectures that could be
layered onto the TCP/IP protocol to create efficient authentication. We’re far
enough into the history of the Internet to see what these technologies could
look like. We’re far enough into this history to see that the trend toward this
authentication is unstoppable. The only question is whether we will build
into this system of authentication the kinds of protections for privacy and
autonomy that are needed.
Architectures of Identification
Most who use the Internet have no real sense about whether their behavior is
monitored, or traceable. Instead, the experience of the Net suggests
anonymity. Wikipedia doesn’t say “Welcome Back, Larry” when I surf to its
0465039146-01 12/5/06 12:27 AM Page 46
46
CODE 2.0
site to look up an entry, and neither does Google. Most, I expect, take this lack
of acknowledgement to mean that no one is noticing.
But appearances are quite deceiving. In fact, as the Internet has matured,
the technologies for linking behavior with an identity have increased dra-
matically. You can still take steps to assure anonymity on the Net, and many
depend upon that ability to do good (human rights workers in Burma) or evil
(coordinating terrorist plots). But to achieve that anonymity takes effort. For
most of us, our use of the Internet has been made at least traceable in ways
most of us would never even consider possible.
Consider first the traceability resulting from the basic protocols of the
Internet—TCP/IP. Whenever you make a request to view a page on the Web,
the web server needs to know where to sent the packets of data that will
appear as a web page in your browser. Your computer thus tells the web server
where you are—in IP space at least—by revealing an IP address.
As I’ve already described, the IP address itself doesn’t reveal anything
about who you are, or where in physical space you come from. But it does
enable a certain kind of trace. If (1) you have gotten access to the web through
an Internet Service Provider (ISP) that assigns you an IP address while you’re
on the Internet and (2) that ISP keeps the logs of that assignment, then it’s
perfectly possible to trace your surfing back to you.
How?
Well, imagine you’re angry at your boss. You think she’s a blowhard who
is driving the company into bankruptcy. After months of frustration, you
decide to go public. Not “public” as in a press conference, but public as in a
posting to an online forum within which your company is being discussed.
You know you’d get in lots of trouble if your criticism were tied back to
you. So you take steps to be “anonymous” on the forum. Maybe you create an
account in the forum under a fictitious name, and that fictitious name makes
you feel safe. Your boss may see the nasty post, but even if she succeeds in get-
ting the forum host to reveal what you said when you signed up, all that stuff
was bogus. Your secret, you believe, is safe.
Wrong. In addition to the identification that your username might, or
might not, provide, if the forum is on the web, then it knows the IP address
from which you made your post. With that IP address, and the time you made
your post, using “a reverse DNS look-up,”4 it is simple to identify the Internet
Service Provider that gave you access to the Internet. And increasingly, it is rel-
atively simple for the Internet Service Provider to check its records to reveal
which account was using that IP address at that specified time. Thus, the ISP
could (if required) say that it was your account that was using the IP address
that posted the nasty message about your boss. Try as you will to deny it
0465039146-01 12/5/06 12:27 AM Page 47
architectures of control
47
(“Hey, on the Internet, no one knows you’re a dog!”), I’d advise you to give up
quickly. They’ve got you. You’ve been trapped by the Net. Dog or no, you’re
definitely in the doghouse.
Now again, what made this tracing possible? No plan by the NSA. No
strategy of Microsoft. Instead, what made this tracing possible was a by-prod-
uct of the architecture of the Web and the architecture of ISPs charging access
to the Web. The Web must know an IP address; ISPs require identification
before they assign an IP address to a customer. So long as the log records of
the ISP are kept, the transaction is traceable. Bottom line: If you want
anonymity, use a pay phone!
This traceability in the Internet raised some important concerns at the
beginning of 2006. Google announced it would fight a demand by the govern-
ment to produce one million sample searches. (MSN and Yahoo! had both
complied with the same request.) That request was made as part of an inves-
tigation the government was conducting to support its defense of a statute
designed to block kids from porn. And though the request promised the data
would be used for no other purpose, it raised deep concerns in the Internet
community. Depending upon the data that Google kept, the request showed
in principle that it was possible to trace legally troubling searches back to
individual IP addresses (and to individuals with Google accounts). Thus, for
example, if your Internet address at work is a fixed-IP address, then every
search you’ve ever made from work is at least possibly kept by Google. Does
that make you concerned? And assume for the moment you are not a
terrorist: Would you still be concerned?
A link back to an IP address, however, only facilitates tracing, and again,
even then not perfect traceability. ISPs don’t keep data for long (ordinarily);
some don’t even keep assignment records at all. And if you’ve accessed the
Internet at an Internet café, then there’s no reason to believe anything could
be traced back to you. So still, the Internet provides at least some anonymity.
But IP tracing isn’t the only technology of identification that has been lay-
ered onto the Internet. A much more pervasive technology was developed
early in the history of the Web to make the web more valuable to commerce
and its customers. This is the technology referred to as “cookies.”
When the World Wide Web was first deployed, the protocol simply
enabled people to view content that had been marked up in a special pro-
gramming language. This language (HTML) made it easy to link to other
pages, and it made it simple to apply basic formatting to the content (bold, or
italics, for example).
But the one thing the protocol didn’t enable was a simple way for a web-
site to know which machines had accessed it. The protocol was “state-less.”
0465039146-01 12/5/06 12:27 AM Page 48
48
CODE 2.0
When a web server received a request to serve a web page, it didn’t know any-
thing about the state of the requester before that request was made.5
From the perspective of privacy, this sounds like a great feature for the
Web. Why should a website know anything about me if I go to that site to view
certain content? You don’t have to be a criminal to appreciate the value in
anonymous browsing. Imagine libraries kept records of every time you
opened a book at the library, even for just a second.
Yet from the perspective of commerce, this “feature” of the original Web
is plainly a bug, and not because commercial sites necessarily want to know
everything there is to know about you. Instead, the problem is much more
pragmatic. Say you go to Amazon.com and indicate you want to buy 20 copies
of my latest book. (Try it. It’s fun.) Now your “shopping cart” has 20 copies of
my book. You then click on the icon to check out, and you notice your shop-
ping cart is empty. Why? Well because, as originally architected, the Web had
no easy way to recognize that you were the same entity that just ordered 20
books. Or put differently, the web server would simply forget you. The Web as
originally built had no way to remember you from one page to another. And
thus, the Web as originally built would not be of much use to commerce.
But as I’ve said again and again, the way the Web was is not the way the
Web had to be. And so those who were building the infrastructure of the Web
quickly began to think through how the web could be “improved” to make it
easy for commerce to happen. “Cookies” were the solution. In 1994, Netscape
introduced a protocol to make it possible for a web server to deposit a small
bit of data on your computer when you accessed that server. That small bit of
data—the “cookie”—made it possible for the server to recognize you when
you traveled to a different page. Of course, there are lots of other concerns
about what that cookie might enable. We’ll get to those in the chapter about
privacy. The point that’s important here, however, is not the dangers this tech-
nology creates. The point is the potential and how that potential was built. A
small change in the protocol for client-server interaction now makes it possi-
ble for websites to monitor and track those who use the site.
This is a small step toward authenticated identity. It’s far from that, but it
is a step toward it. Your computer isn’t you (yet). But cookies make it possible
for the computer to authenticate that it is the same machine that was access-
ing a website a moment before. And it is upon this technology that the whole
of web commerce initially was built. Servers could now “know” that this
machine is the same machine that was here before. And from that knowledge,
they could build a great deal of value.
Now again, strictly speaking, cookies are nothing more than a tracing
technology. They make it simple to trace a machine across web pages. That
0465039146-01 12/5/06 12:27 AM Page 49
architectures of control
49
tracing doesn’t necessarily reveal any information about the user. Just as we
could follow a trail of cookie crumbs in real space to an empty room, a web
server could follow a trail of “mouse droppings” from the first entry on the
site until the user leaves. In both cases, nothing is necessarily revealed about
the user.
But sometimes something important is revealed about the user by associ-
ation with data stored elsewhere. For example, imagine you enter a site, and it
asks you to reveal your name, your telephone number, and your e-mail address
as a condition of entering a contest. You trust the website, and do that, and
then you leave the website. The next day, you come back, and you browse
through a number of pages on that website. In this interaction, of course,
you’ve revealed nothing. But if a cookie was deposited on your machine
through your browser (and you have not taken steps to remove it), then when
you return to the site, the website again “knows” all these facts about you. The
cookie traces your machine, and this trace links back to a place where you
provided information the machine would not otherwise know.
The traceability of IP addresses and cookies is the default on the Internet
now. Again, steps can be taken to avoid this traceability, but the vast majority
of us don’t take them. Fortunately, for society and for most of us, what we do
on the Net doesn’t really concern anyone. But if it did concern someone, it
wouldn’t be hard to track us down. We are a people who leave our “mouse
droppings” everywhere.
This default traceability, however, is not enough for some. They require
something more. That was Harvard’s view, as I noted in the previous chapter.
That is also the view of just about all private networks today. A variety of
technologies have developed that enable stronger authentication by those
who use the Net. I will describe two of these technologies in this section. But
it is the second of these two that will, in my view, prove to be the most impor-
tant.
The first of these technologies is the Single Sign-on (SSO) technology.
This technology allows someone to “sign-on” to a network once, and then get
access to a wide range of resources on that network without needing to
authenticate again. Think of it as a badge you wear at your place of work.
Depending upon what the badge says (“visitor” or “researcher”) you get dif-
ferent access to different parts of the building. And like a badge at a place of
work, you get the credential by giving up other data. You give the receptionist
an ID; he gives you a badge; you wear that badge wherever you go while at the
business.
The most commonly deployed SSO is a system called Kerberos. But
there are many different SSOs out there—Microsoft’s Passport system is an
0465039146-01 12/5/06 12:27 AM Page 50
50
CODE 2.0
example—and there is a strong push to build federated SSOs for linking many
different sites on the Internet. Thus, for example, in a federated system, I
might authenticate myself to my university, but then I could move across any
domain within the federation without authenticating again. The big advan-
tage in this architecture is that I can authenticate to the institution I trust
without spreading lots of data about myself to institutions I don’t trust.
SSOs have been very important in building identity into the Internet. But
a second technology, I believe, will become the most important tool for iden-
tification in the next ten years. This is because this alternative respects impor-
tant architectural features of the Internet, and because the demand for better
technologies of identification will continue to be strong. Forget the hassle of
typing your name and address at every site you want to buy something from.
You only need to think about the extraordinary growth in identity theft to rec-
ognize there are many who would be eager to see something better come
along.
To understand this second system, think first about how credentials work
in real space.6 You’ve got a wallet. In it is likely to be a driver’s license, some
credit cards, a health insurance card, an ID for where you work, and, if you’re
lucky, some money. Each of these cards can be used to authenticate some fact
about you—again, with very different levels of confidence. The driver’s license
has a picture and a list of physical characteristics. That’s enough for a wine
store, but not enough for the NSA. The credit card has your signature. Ven-
dors are supposed to use that data to authenticate that the person who signs
the bill is the owner of the card. If the vendor becomes suspicious, she might
demand that you show an ID as well.
Notice the critical features of this “wallet” architecture. First, these creden-
tials are issued by different entities. Second, depending upon their technology,
they offer different levels of confidence. Third, I’m free to use these credentials
in ways never originally planned or intended by the issuer of the credential.
The Department of Motor Vehicles never coordinated with Visa to enable
driver’s licenses to be used to authenticate the holder of a credit card. But
once the one was prevalent, the other could use it. And fourth, nothing
requires that I show all my cards when I can use just one. That is, to show my
driver’s license, I don’t also reveal my health insurance card. Or to use my Visa,
I don’t also have to reveal my American Express card.
These same features are at the core of what may prove to be the most
important addition to the effective architecture of the Internet since its birth.
This is a project being led by Microsoft to essentially develop an Identity
Metasystem—a new layer of the Internet, an Identity Layer, that would com-
plement the existing network layers to add a new kind of functionality. This
0465039146-01 12/5/06 12:27 AM Page 51
architectures of control
51
Identity Layer is not Microsoft Passport, or some other Single Sign-On tech-
nology. Instead it is a protocol to enable a kind of virtual wallet of credentials,
with all the same attributes of the credentials in your wallet—except better.
This virtual wallet will not only be more reliable than the wallet in your
pocket, it will also give you the ability to control more precisely what data
about you is revealed to those who demand data about you.
For example, in real space, your wallet can easily be stolen. If it’s stolen,
then there’s a period of time when it’s relatively easy for the thief to use the
cards to buy stuff. In cyberspace, these wallets are not easily stolen. Indeed, if
they’re architected well, it would be practically impossible to “steal” them.
Remove the cards from their holder, and they become useless digital objects.
Or again, in real space, if you want to authenticate that you’re over 21 and
therefore can buy a six-pack of beer, you show the clerk your driver’s license.
With that, he authenticates your age. But with that bit of data, he also gets
access to your name, your address, and in some states, your social security
number. Those other bits of data are not necessary for him to know. In some
contexts, depending on how creepy he is, these data are exactly the sort you
don’t want him to know. But the inefficiencies of real-space technologies
reveal these data. This loss of privacy is a cost of doing business.
The virtual wallet would be different. If you need to authenticate your age,
the technology could authenticate that fact alone—indeed, it could authenti-
cate simply that you’re over 21, or over 65, or under 18, without revealing any-
thing more. Or if you need to authenticate your citizenship, that fact can be
certified without revealing your name, or where you live, or your passport
number. The technology is crafted to reveal just what you want it to reveal,
without also revealing other stuff. (As one of the key architects for this meta-
system, Kim Cameron, described it: “To me, that’s the center of the system.”7)
And, most importantly, using the power of cryptography, the protocol makes
it possible for the other side to be confident about the fact you reveal without
requiring any more data.
The brilliance in this solution to the problems of identification is first
that it mirrors the basic architecture of the Internet. There’s no central repos-
itory for data; there’s no network technology that everyone must adopt. There
is instead a platform for building identity technologies that encourages com-
petition among different privacy and security providers—TCP/IP for identity.
Microsoft may be leading the project, but anyone can build for this protocol.
Nothing ties the protocol to the Windows operating system. Or to any other
specific vendor. As Cameron wisely puts it, “it can’t be owned by any one
company or any one country . . . or just have the technology stamp of any one
engineer.”8
0465039146-01 12/5/06 12:27 AM Page 52
52
CODE 2.0
The Identity Layer is infrastructure for the Internet. It gives value (and
raises concerns) to many beyond Microsoft. But though Microsoft’s work is
an important gift to the Internet, the Identity Layer is not altruism.
“Microsoft’s strategy is based on web services,” Cameron described to me.
“Web services are impossible without identity.”9 There is important public
value here, but private interest is driving the deployment of this public value.
The Identity Layer would benefit individuals, businesses, and the gov-
ernment, but each differently. Individuals could more easily protect them-
selves from identity theft;10 if you get an e-mail from PayPal demanding you
update your account, you’ll know whether the website is actually PayPal. Or if
you want to protect yourself against spam, you could block all e-mail that
doesn’t come from an authenticated server. In either case, the technology is
increasing confidence about the Internet. And the harms that come from a
lack of confidence—mainly fraud—would therefore be reduced.
Commerce too would benefit from this form of technology. It too benefits
from the reduction of fraud. And it too would benefit from a more secure
infrastructure for conducting online transactions.
And finally, the government would benefit from this infrastructure of
trust. If there were a simple way to demand that people authenticate facts
about themselves, it would be easier for the government to insist that they do
so. If it were easier to have high confidence that the person on the website was
who he said he was, then it would be cheaper to deliver certain information
across the web.
But while individuals, commerce, and government would all benefit from
this sort of technology, there is also something that each could lose.
Individuals right now can be effectively anonymous on the Net. A plat-
form for authenticated identity would make anonymity much harder. We
might imagine, for example, a norm developing to block access to a website by
anyone not carrying a token that at least made it possible to trace back to the
user—a kind of driver’s license for the Internet. That norm, plus this technol-
ogy, would make anonymous speech extremely difficult.
Commerce could also lose something from this design. To the extent that
there are simple ways to authenticate that I am the authorized user of this
credit card, for example, it’s less necessary for websites to demand all sorts of
data about me—my address, my telephone numbers, and in one case I
recently encountered, my birthday. That fact could build a norm against
revealing extraneous data. But that data may be valuable to business beyond
simply confirming a charge.
And governments, too, may lose something from this architecture of
identification. Just as commerce may lose the extra data that individuals need
0465039146-01 12/5/06 12:27 AM Page 53
architectures of control
53
to reveal to authenticate themselves, so too will the government lose that. It
may feel that such data is necessary for some other purpose, but gathering it
would become more difficult.
Each of these benefits and costs can be adjusted, depending upon how the
technology is implemented. And as the resulting mix of privacy and security
is the product of competition and an equilibrium between individuals and
businesses, there’s no way up front to predict what it will be.
But for our purposes, the only important fact to notice is that this infra-
structure could effectively answer the first question that regulability requires
answering: Who did what where? With an infrastructure enabling cheap iden-
tification wherever you are, the frequency of unidentified activity falls dra-
matically.
{TXB2}
This final example of an identification technology throws into relief an
important fact about encryption technology. The Identity Layer depends
upon cryptography. It thus demonstrates the sense in which cryptography is
Janus-faced. As Stewart Baker and Paul Hurst put it, cryptography “surely is
the best of technologies and the worst of technologies. It will stop crimes and
it will create new crimes. It will undermine dictatorships, and it will drive
them to new excesses. It will make us all anonymous, and it will track our
every transaction.”11
Cryptography can be all these things, both good and bad, because encryp-
tion can serve two fundamentally different ends. In its “confidentiality” func-
tion it can be “used to keep communications secret.” In its “identification”
function it can be “used to provide forgery-proof digital identities.”12 It
enables freedom from regulation (as it enhances confidentiality), but it can
also enable more efficient regulation (as it enhances identification).13
Its traditional use is secrets. Encrypt a message, and only those with the
proper key can open and read it. This type of encryption has been around as
long as language itself. But until the mid-1970s it suffered from an important
weakness: the same key that was used to encrypt a message was also used to
decrypt it. So if you lost that key, all the messages hidden with that key were
also rendered vulnerable. If a large number of messages were encrypted with
the same key, losing the key compromised the whole archive of secrets pro-
tected by the key. This risk was significant. You always had to “transport” the
key needed to unlock the message, and inherent in that transport was the
risk that the key would be lost.
In the mid-1970s, however, a breakthrough in encryption technique was
announced by two computer scientists, Whitfield Diffie and Martin Hell-
man.14 Rather than relying on a single key, the Diffie-Hellman system used
0465039146-01 12/5/06 12:27 AM Page 54
54
CODE 2.0
two keys—one public, the other private. What is encrypted with one can be
decrypted only with the other. Even with one key there is no way to infer the
other.
This discovery was the clue to an architecture that could build an extraor-
dinary range of confidence into any network, whether or not the physical
network itself was secure.15 And again, that confidence could both make me
confident that my secrets won’t be revealed and make me confident that the
person using my site just now is you. The technology therefore works to keep
secrets, but it also makes it harder to keep secrets. It works to make stuff less
regulable, and more regulable.
In the Internet’s first life, encryption technology was on the side of pri-
vacy. Its most common use was to keep information secret. But in the Inter-
net’s next life, encryption technology’s most important role will be in making
the Net more regulable. As an Identity Layer gets built into the Net, the easy
ability to demand some form of identity as a condition to accessing the
resources of the Net increases. As that ability increases, its prevalence will
increase as well. Indeed, as Shawn Helms describes, the next generation of the
Internet Protocol—IPv6—“marks each packet with an encryption ‘key’ that
cannot be altered or forged, thus securely identifying the packet’s origin. This
authentication function can identify every sender and receiver of information
over the Internet, thus making it nearly impossible for people to remain
anonymous on the Internet.”16
And even if not impossible, sufficiently difficult for the vast majority of
us. Our packets will be marked. We—or something about us—will be known.
WHO DID WHAT, WHERE?
Regulability also depends upon knowing the “what” in “who did what,
where?” But again, the Internet as originally designed didn’t help the regulator
here either. If the Internet protocol simply cuts up data into packets and
stamps an address on them, then nothing in the basic protocol would tell
anyone looking at the packet what the packet was for.
For example, imagine you’re a telephone company providing broadband
Internet access (DSL) across your telephone lines. Some smart innovator
develops Voice-over-IP (VOIP)—an application that makes it possible to use
the Internet to make telephone calls. You, the phone company, aren’t happy
about that, because now people using your DSL service can make unmetered
telephone calls. That freedom cuts into your profit.
Is there anything you can do about this? Relying upon just the Internet
protocols, the answer is no. The “packets” of data that contain the simulated-
0465039146-01 12/5/06 12:27 AM Page 55
architectures of control
55
telephone calls look just like any packet of data. They don’t come labeled with
VOIP or any other consistent moniker. Instead, packets are simply marked
with addresses. They are not marked with explanations of what is going on
with each.
But as my example is meant to suggest, we can easily understand why
some would be very keen to understand what packets are flowing across their
network, and not just for anti-competitive purposes. Network administrators
trying to decide whether to add new capacity need to know what the existing
capacity is being used for. Businesses keen to avoid their employees wasting
time with sports or porn have a strong interest in knowing just what their
employees are doing. Universities trying to avoid viruses or malware being
installed on network computers need to know what kind of packets are flow-
ing onto their network. In all these cases, there’s an obvious and valid will to
identify what packets are flowing on the network. And as they say, where
there’s a will, there’s a way.
The way follows the same technique described in the section above. Again,
the TCP/IP protocol doesn’t include technology for identifying the content
carried in TCP/IP packets. But it also doesn’t interfere with applications that
might examine TCP/IP packets and report what those packets are about.
So, for example, consider a package produced by Ipanema Technologies.
This technology enables a network owner to inspect the packets traveling on
its network. As its webpage promises,
The Ipanema Systems “deep” layer 7 packet inspection automatically recognizes
all critical business and recreational application flows running over the network.
Real-time graphical interfaces as well as minute-by-minute reports are available
to rapidly discover newly deployed applications.17
Using the data gathered by this technology, the system generates reports
about the applications being used in the network, and who’s using them.
These technologies make it possible to control network use, either to econo-
mize on bandwidth costs, or to block uses that the network owner doesn’t per-
mit.
Another example of this kind of content control is a product called “iPro-
tectYou.”18 This product also scans packets on a network, but this control is
implemented at the level of a particular machine. Parents load this software
on a computer; the software then monitors all network traffic with that com-
puter. As the company describes, the program can then “filter harmful web-
sites and newsgroups; restrict Internet time to a predetermined schedule;
decide which programs can have Internet access; limit the amount of data that
0465039146-01 12/5/06 12:27 AM Page 56
56
CODE 2.0
can be sent or received to/from your computer; block e-mails, online chats,
instant messages and P2P connections containing inappropriate words; [and
produce] detailed Internet activity logs.” Once again, this is an application that
sits on top of the network and watches. It intervenes in network activity when
it identifies the activity as the kind the administrator wants to control.
In addition to these technologies of control, programmers have developed
a wide range of programs to monitor networks. Perhaps the dominant appli-
cation in this context is called “nmap”—a program
for network exploration or security auditing . . . designed to rapidly scan large net-
works. . . . Nmap uses raw IP packets in novel ways to determine what hosts are
available on the network, what services (application name and version) those
hosts are offering, what operating systems (and OS versions) they are running,
what type of packet filters/firewalls are in use, and dozens of other characteristics.19
This software is “free software,” meaning the source code is available, and
any modifications of the source code must be made available as well. These
conditions essentially guarantee that the code necessary to engage in this
monitoring will always be available.
Finally, coders have developed “packet filtering” technology, which, as
one popular example describes, “is the selective passing or blocking of data
packets as they pass through a network interface. . . . The most often used cri-
teria are source and destination address, source and destination port, and
protocol.” This again is a technology that’s monitoring “what” is carried
within packets, and decides what’s allowed based upon what it finds.
In each of these cases, a layer of code complements the TCP/IP protocol,
to give network administrators something TCP/IP alone would not—namely,
knowledge about “what” is carried in the network packets. That knowledge
increases the “regulability” of network use. If a company doesn’t want its
employees using IM chat, then these technologies will enforce that rule—by
blocking the packets containing IM chat. Or if a company wants to know
which employees use sexually explicit speech in Internet communication,
these technologies will reveal that as well. Again, there are plenty of perfectly
respectable reasons why network administrators might want to exercise this
regulatory authority—even if there are plenty of cases where such power
would be an abuse. Because of this legitimate demand, software products like
this are developed.
Now, of course, there are countermeasures that users can adopt to avoid
just this sort of monitoring. A user who encrypts the data he sends across the
network will avoid any filtering on the basis of key words. And there are plenty
0465039146-01 12/5/06 12:27 AM Page 57
architectures of control
57
of technologies designed to “anonymize” behavior on the Net, so administra-
tors can’t easily know what an individual is doing on a network. But these
countermeasures require a significant investment for a particular user to
deploy—whether of time or money. The vast majority won’t bother, and the
ability of network administrators to monitor content and use of the network
will be preserved.
Thus, as with changes that increased the ability to identify “who” someone
is who is using a network, here too, private interests provide a sufficient incen-
tive to develop technologies that make it increasingly easy to say “what” some-
one is doing who is using a network. A gap in the knowledge provided by the
plain vanilla Internet is thus plugged by these privately developed technologies.
WHO DID WHAT, WHERE?
Finally, as long as different jurisdictions impose different requirements, the
third bit of data necessary to regulate efficiently is knowing where the target of
regulation is. If France forbids the selling of Nazi paraphernalia, but the United
States does not, then a website wanting to respect the laws of France must know
something about where the person accessing the Internet is coming from.
But once again, the Internet protocols didn’t provide that data. And thus,
it would be extremely difficult to regulate or zone access to content on the
basis of geography.
The original Internet made such regulation extremely difficult. As origi-
nally deployed, as one court put it:
The Internet is wholly insensitive to geographic distinctions. In almost every
case, users of the Internet neither know nor care about the physical location of
the Internet resources they access. Internet protocols were designed to ignore
rather than document geographic location; while computers on the network
do have “addresses,” they are logical addresses on the network rather than geo-
graphic addresses in real space. The majority of Internet addresses contain no
geographic clues and, even where an Internet address provides such a clue, it
may be misleading.20
But once again, commerce has come to the rescue of regulability. There
are obvious reasons why it would useful to be able to identify where someone
is when they access some website. Some of those reasons have to do with reg-
ulation—again, blocking Nazi material from the French, or porn from kids in
Kansas. We’ll consider these reasons more extensively later in this book. For
now, however, the most interesting reasons are those tied purely to commerce.
0465039146-01 12/5/06 12:27 AM Page 58
58
CODE 2.0
And, again, these commercial reasons are sufficient to induce the development
of this technology.
Once again, the gap in the data necessary to identify someone’s location
is the product of the way IP addresses are assigned. IP addresses are virtual
addresses; they don’t refer to a particular geographic place. They refer to a log-
ical place on the network. Thus, two IP addresses in principle could be very
close to each other in number, but very far from each other in geography.
That’s not the way, for example, zip codes work. If your zip code is one digit
from mine (e.g., 94115 vs. 94116), we’re practically neighbors.
But this gap in data is simply the gap in data about where someone is
deducible from his IP address. That means, while there’s no simple way to
deduce from 23.214.23.15 that someone is in California, it is certainly possible
to gather the data necessary to map where someone is, given the IP address. To
do this, one needs to construct a table of IP addresses and geographic loca-
tions, and then track both the ultimate IP address and the path along which
a packet has traveled to where you are from where it was sent. Thus while the
TCP/IP protocol can’t reveal where someone is directly, it can be used indi-
rectly to reveal at least the origin or destination of an IP packet.
The commercial motivations for this knowledge are obvious. Jack Gold-
smith and Tim Wu tell the story of a particularly famous entrepreneur, Cyril
Houri, who was inspired to develop IP mapping technology. Sitting in his
hotel in Paris one night, he accessed his e-mail account in the United States.
His e-mail was hosted on a web server, but he noticed that the banner ads at
the top of the website were advertising an American flower company. That
gave him a (now obvious) idea: Why not build a tool to make it easy for a
website to know from where it is being accessed, so it can serve relevant ads to
those users?21
Houri’s idea has been copied by many. Geoselect, for example, is a com-
pany that provides IP mapping services. Just browse to their webpage, and
they’re 99 percent likely to be able to tell you automatically where you are
browsing from. Using their services, you can get a geographical report listing
the location of the people who visit your site, and you can use their products
to automatically update log files on your web server with geographic data. You
can automatically change the greeting on your website depending upon where
the user comes from, and you can automatically redirect a user based upon
her location. All of this functionality is invisible to the user. All he sees is a web
page constructed by tools that know something that the TCP/IP alone doesn’t
reveal—where someone is from.
So what commercial reasons do websites have for using such software?
One company, MaxMind,22 lists the major reason as credit card fraud: If your
0465039146-01 12/5/06 12:27 AM Page 59
architectures of control
59
customer comes from a “high risk IP address”—meaning a location where it’s
likely the person is engaged in credit card fraud—then MaxMind’s service will
flag the transaction and direct that it have greater security verification. Max-
Mind also promises the service will be valuable for “targeted advertising.” Using
its product, a client can target a message based upon country, state, or city, as
well as a “metropolitan code,” an area code, and connection speed of the user
(no need to advertise DVD downloads to a person on a dial-up connection).
Here too there is an important and powerful open source application
that provides the same IP mapping functions. Hostip.info gives website oper-
ators—for free—the ability to “geolocate” the users of their site.23 This again
means that the core functionality of IP mapping is not held exclusively by cor-
porations or a few individuals. Any application developer—including a gov-
ernment—could incorporate the function into its applications. The
knowledge and functionality is free.
Thus, again, one of the original gaps in the data necessary to make behav-
ior regulable on the Internet—geographic identity—has been filled. But it
has not been filled by government mandate or secret NSA operations (or so
I hope). Instead, the gap has been filled by a commercial interest in providing
the data the network itself didn’t. Technology now layers onto the Internet to
produce the data the network needs.
But it is still possible to evade identification. Civil liberty activist Seth
Finkelstein has testified to the relative ease with which one can evade this
tracking.24 Yet as I will describe more below, even easily evaded tracking can
be effective tracking. And when tied to the architectures for identity described
above, this sort will become quite effective.
RESULTS
In the last chapter, we saw that the unregulability of the Internet was a product
of design: that the failure of that network to identify who someone is, what
they’re doing, and where they’re from meant that it would be particularly
difficult to enforce rules upon individuals using the network. Not impossible,
but difficult. Not for all people, but for enough to matter. The Internet as it
originally was gave everyone a “Ring of Gyges,” the ring which, as Plato reports
in The Republic, made Gyges the shepherd invisible. The dilemma for regula-
tion in such a world is precisely the fear Plato had about this ring: With such
a ring, “no man can be imagined to be of such an iron nature that he would
stand fast in justice.”25
And if such a man did choose justice, even with the power of the ring,
then “he would be thought by the lookers-on to be a most wretched idiot,
0465039146-01 12/5/06 12:27 AM Page 60
60
CODE 2.0
although they would praise him to one another’s faces, and keep up appear-
ances with one another from a fear that they too might suffer injustice.”
But these gaps in the Internet’s original design are not necessary. We can
imagine networks that interact seamlessly with the Internet but which don’t
have these “imperfections.” And, more importantly, we can see why there
would be an important commercial interest in eliminating these gaps.
Yet you may still be skeptical. Even if most Internet activity is traceable
using the technologies that I’ve described, you may still believe there are sig-
nificant gaps. Indeed, the explosion of spam, viruses, ID theft, and the like are
strong testimony to the fact that there’s still a lot of unregulable behavior.
Commerce acting alone has not yet eliminated these threats, to both com-
merce and civil life. For reasons I explore later in this book, it’s not even clear
commerce could.
But commerce is not the only actor here. Government is also an impor-
tant ally, and the framework of regulability that commerce has built could be
built on again by government.
Government can, in other words, help commerce and help itself. How it
does so is the subject of the chapter that follows.
0465039146-01 12/5/06 12:27 AM Page 61
F I V E
r e g u l a t i n g
c o d e
COMMERCE HAS DONE ITS PART—FOR COMMERCE, AND INDIRECTLY, FOR
governments. Technologies that make commerce more efficient are also
technologies that make regulation simpler. The one supports the other.
There are a host of technologies now that make it easier to know who some-
one is on the Net, what they’re doing, and where they’re doing it. These
technologies were built to make business work better. They make life on the
Internet safer. But the by-product of these technologies is to make the Net
more regulable.
More regulable. Not perfectly regulable. These tools alone do a great deal.
As Joel Reidenberg notes, they are already leading courts to recognize how
behavior on the Net can be reached—and regulated.1 But they don’t yet create
the incentives to build regulability into the heart of the Net. That final step
will require action by the government.2
When I wrote the first version of this book, I certainly expected that the
government would eventually take these steps. Events since 1999—including
the birth of Z-theory described below—have only increased my confidence. In
the United States, the identification of “an enemy”—terrorism—has weak-
ened the resolve to resist government action to make government more pow-
erful and regulation more effective. There’s a limit, or at least I hope there is,
but there is also no doubt that the line has been moved. And in any case,
there is not much more that the government would need to do in order to
radically increase the regulability of the net. These steps would not themselves
excite any significant resistance. The government has the means, and the
motive. This chapter maps the opportunity.
The trick is obvious once it is seen. It may well be difficult for the govern-
ment to regulate behavior directly, given the architecture of the Internet as it
61
0465039146-01 12/5/06 12:27 AM Page 62
62
CODE 2.0
is. But that doesn’t mean it is difficult for the government to regulate the
architecture of the Internet as it is. The trick, then, is for the government to
take steps that induce the development of an architecture that makes behavior
more regulable.
In this context, I don’t mean by “architecture” the regulation of TCP/IP
itself. Instead, I simply mean regulation that changes the effective constraints
of the architecture of the Internet, by altering the code at any layer within that
space. If technologies of identification are lacking, then regulating the archi-
tecture in this sense means steps the government can take to induce the
deployment of technologies of identification.
If the government takes these steps, it will increase the regulability of
behavior on the Internet. And depending upon the substance of these steps
taken, it could render the Internet the most perfectly regulable space we’ve
known. As Michael Geist describes it, “governments may have been willing
to step aside during the commercial Internet’s nascent years, but no
longer.”3
REGULATING ARCHITECTURE: THE REGULATORY TWO-STEP
We can call this the “regulatory two-step”: In a context in which behavior is
relatively unregulable, the government takes steps to increase regulability.
And once framed, there are any number of examples that set the pattern for
the two-step in cyberspace.
Car Congestion
London had a problem with traffic. There were too many cars in the central
district, and there was no simple way to keep “unnecessary” cars out.
So London did three things. It first mandated a license plate that a video
camera could read, and then it installed video cameras on as many public
fixtures as it would take to monitor—perpetually—what cars were where.
Then, beginning in February 2003, the city imposed a congestion tax:
Initially £5 per day (between 7 A.M. and 6:30 P.M.) for any car (save taxis and
residents paying a special fee), raised to £8 in July 2005. After 18 months in
operation, the system was working “better than expected.” Traffic delays were
down 32 percent, traffic within the city was down 15 percent, and delays on
main routes into the zones were down 20 percent. London is now exploring
new technologies to make it even easier to charge for access more accurately.
These include new tagging technologies, as well as GPS and GSM technologies
that would monitor the car while within London.4
0465039146-01 12/5/06 12:27 AM Page 63
regulating code
63
Telephones
The architecture of telephone networks has undergone a radical shift in the
past decade. After resisting the design of the Internet for many years,5 tele-
phone networks are now shifting from circuit-switched to packet-switched
networks. As with the Internet, packets of information are spewed across the
system, and nothing ensures that they will travel in the same way, or along the
same path. Packets take the most efficient path, which depends on the
demand at any one time.
This design, however, creates problems for law enforcement—in particular,
that part of law enforcement that depends upon wiretaps to do their job. In the
circuit-switched network, it was relatively simple to identify which wires to tap.
In the packet-switched network, where there are no predictable paths for pack-
ets of data to travel, wiretapping becomes much more difficult.
At least it is difficult under one design of a packet-switched network. Dif-
ferent designs will be differently difficult. And that potential led Congress in
1994 to enact the Communications Assistance for Law Enforcement Act
(CALEA). CALEA requires that networks be designed to preserve the ability
of law enforcement to conduct electronic surveillance. This requirement has
been negotiated in a series of “safe harbor” agreements that specify the stan-
dards networks must meet to satisfy the requirements of the law.
CALEA is a classic example of the kind of regulation that I mean this
chapter to flag. The industry created one network architecture. That architec-
ture didn’t adequately serve the interests of government. The response of the
government was to regulate the design of the network so it better served the
government’s ends. (Luckily for the networks, the government, at least ini-
tially, agreed to pick up part of the cost.6) As Susan Crawford writes,
Most critically for the future of the Internet, law enforcement . . . has made clear
that it wants to ensure that it reviews all possibly relevant new services for com-
pliance with unstated information-gathering and information-forwarding
requirements before these services are launched. All prudent businesses will
want to run their services by law enforcement, suggests the DOJ: “Service
providers would be well advised to seek guidance early, preferably well before
deployment of a service, if they believe that their service is not covered by
CALEA. . . . DOJ would certainly consider a service provider’s failure to request
such guidance in any enforcement action.”7
CALEA is a “signal,” Crawford describes, that the “FCC may take the view
that permission will be needed from government authorities when designing
0465039146-01 12/5/06 12:27 AM Page 64
64
CODE 2.0
a wide variety of services, computers, and web sites that use the Internet pro-
tocol. . . . [I]nformation flow membranes will be governmentally mandated as
part of the design process for online products and services.”8 That hint has
continued: In August 2005, the Federal Communications Commission (FCC)
ruled that Voice-over-IP services “must be designed so as to make government
wiretapping easier.”9
Of course, regulating the architecture of the network was not the only
means that Congress had. Congress could have compensated for any loss in
crime prevention that resulted from the decreased ability to wiretap by
increasing criminal punishments.10 Or Congress could have increased the
resources devoted to criminal investigation. Both of these changes would have
altered the incentives that criminals face without using the network’s potential
to help track and convict criminals. But instead, Congress acted to change the
architecture of the telephone networks, thus using the networks directly to
change the incentives of criminals indirectly.
This is law regulating code. Its indirect effect is to improve law enforce-
ment, and it does so by modifying code-based constraints on law enforce-
ment.
Regulation like this works well with telephone companies. There are few
companies, and the regulation is relatively easy to verify. Telephone companies
are thus regulable intermediaries: Rules directed against them are likely to be
enforced.
But what about when telephone service (or rather “telephone service”)
begins to be carried across the Internet? Vonage, or Skype, rather than Bell
South? Are these entities similarly regulable?11
The answer is that they are, though for different reasons. Skype and Von-
age, as well as many other VOIP providers, seek to maximize their value as
corporations. That value comes in part from demonstrating reliably regulable
behavior. Failing to comply with the rules of the United States government is
not a foundation upon which to build a healthy, profitable company. That’s as
true for General Motors as it is for eBay.
Telephones: Part 2
Four years after Congress enacted CALEA, the FBI petitioned the Federal
Communications Commission to enhance even further government’s power
to regulate. Among the amendments the FBI proposed was a regulation
designed to require disclosure of the locations of individuals using cellular
phones by requiring the phone companies to report the cell tower from which
the call was served.12 Cellular phone systems need this data to ensure seamless
0465039146-01 12/5/06 12:27 AM Page 65
regulating code
65
switching between transmitters. But beyond this and billing, the phone com-
panies have no further need for this information.
The FBI, however, has interests beyond those of the companies. It would
like that data made available whenever it has a “legitimate law enforcement
reason” for requesting it. The proposed amendment to CALEA would require
the cellular company to provide this information, which is a way of indirectly
requiring that it write its code to make the information retrievable.13
The original motivation for this requirement was reasonable enough:
Emergency service providers needed a simple way to determine where an
emergency cellular phone call was coming from. Thus, revealing location
data was necessary, at least in those cases. But the FBI was keen to extend
the reach of location data beyond cases where someone was calling 911, so
they pushed to require the collection of this information whenever a call is
made.
So far, the FBI has been successful in its requests with the regulators but
less so with courts. But the limits the courts have imposed simply require the
FBI to meet a high burden of proof to get access to the data. Whatever the
standard, the effect of the regulation has been to force cell phone companies
to build their systems to collect and preserve a kind of data that only aids the
government.
Data Retention
Computers gather data about how they’re used. These data are collected in
logs. The logs can be verbose or not—meaning they might gather lots of
data, or little. And the more they gather, the easier it will be to trace who did
what.
Governments are beginning to recognize this. And some are making
sure they can take advantage of it. The United States is beginning to
“mull,”14 and the European Union has adopted, legislation to regulate “data
generated or processed in connection with the provision of publicly avail-
able electronic communications,” by requiring that providers retain speci-
fied data to better enable law enforcement. This includes data to determine
the source, destination, time, duration, type, and equipment used in a given
communication.15 Rules such as this will build a layer of traceability into the
platform of electronic communication, making it easier for governments to
track individual behavior. (By contrast, in 2006, Congressman Ed Markey of
Massachusetts proposed legislation to forbid certain Internet companies,
primarily search engines, from keeping logs that make Internet behavior
traceable.16 We’ll see how far that proposed rule gets.)
0465039146-01 12/5/06 12:27 AM Page 66
66
CODE 2.0
Encryption
The examples so far have involved regulations directed to code writers as a
way indirectly to change behavior. But sometimes, the government is doubly
indirect: Sometimes it creates market incentives as a way to change code writ-
ing, so that the code writing will indirectly change behavior. An example is the
U.S. government’s failed attempt to secure Clipper as the standard for encryp-
tion technology.17
I have already sketched the Janus-faced nature of encryption: The same
technology enables both confidentiality and identification. The government
is concerned with the confidentiality part. Encryption allows individuals to
make their conversations or data exchanges untranslatable except by someone
with a key. How untranslatable is a matter of debate,18 but we can put that
debate aside for the moment, because, regardless, it is too untranslatable for
the government’s liking. So the government sought to control the use of
encryption technology by getting the Clipper chip accepted as a standard for
encryption.
The mechanics of the Clipper chip are not easily summarized, but its aim
was to encourage encryption technologies that left a back door open for the
government.19 A conversation could be encrypted so that others could not
understand it, but the government would have the ability (in most cases with
a court order) to decrypt the conversation using a special key.
The question for the government then was how it could spread the Clip-
per chip technology. At first, the Clinton administration thought that the best
way was simply to ban all other encryption technology. This strategy proved
very controversial, so the government then fixed on a different technique: It
subsidized the development and deployment of the Clipper chip.20
The thinking was obvious: If the government could get industry to use
Clipper by making Clipper the cheapest technology, then it could indirectly
regulate the use of encryption. The market would do the regulation for the
government.21
The subsidy plan failed. Skepticism about the quality of the code itself,
and about the secrecy with which it had been developed, as well as strong
opposition to any governmentally directed encryption regime (especially a
U.S.-sponsored regime), led most to reject the technology. This forced the
government to take another path.
That alternative is for our purposes the most interesting. For a time, some
were pushing for authority to regulate authors of encryption code directly—
with a requirement that they build into their code a back door through which
the government could gain access.22 While the proposals have been various,
0465039146-01 12/5/06 12:27 AM Page 67
regulating code
67
they all aim at ensuring that the government has a way to crack whatever
encryption code a user selects.
Compared with other strategies—banning the use of encryption or
flooding the market with an alternative encryption standard—this mode
presents a number of advantages.
First, unlike banning the use of encryption, this mode of regulation does not
directly interfere with the rights of use by individuals. It therefore is not vulner-
able to a strong, if yet unproven constitutional claim that an individual has a
right “to speak through encryption.” It aims only to change the mix of encryption
technologies available, not to control directly any particular use by an individual.
State regulation of the writing of encryption code is just like state regulation of
the design of automobiles: Individual use is not regulated. Second, unlike the
technique of subsidizing one market solution, this solution allows the market to
compete to provide the best encryption system, given this regulatory constraint.
Finally, unlike both other solutions, this one involves the regulation of only a rel-
atively small number of actors, since manufacturers of encryption technology are
far fewer in number than users or buyers of encryption systems.
Like the other examples in this section, then, this solution is an example
of the government regulating code directly so as to better regulate behavior
indirectly; the government uses the architecture of the code to reach a partic-
ular substantive end. Here the end, as with digital telephony, is to ensure that
the government’s ability to search certain conversations is not blocked by
emerging technology. And again, the government pursues that end not by
regulating primary behavior but by regulating the conditions under which
primary behavior happens.
REGULATING CODE TO INCREASE REGULABILITY
All five of these examples address a behavior that the government wants to
regulate, but which it cannot (easily) regulate directly. In all five, the govern-
ment thus regulates that behavior indirectly by directly regulating technolo-
gies that affect that behavior. Those regulated technologies in turn influence
or constrain the targeted behavior differently. They “influence the develop-
ment of code.”23 They are regulations of code that in turn make behavior
more regulable.
The question that began this chapter was whether there were similar ways
that the government might regulate code on the Internet to make behavior on
the Net more regulable. The answer is obviously yes. There are many steps the
government might take to make behavior on the network more regulable,
and there are obvious reasons for taking those steps.
0465039146-01 12/5/06 12:27 AM Page 68
68
CODE 2.0
If done properly, these steps would reduce and isolate untraceable Inter-
net behavior. That in turn would increase the probability that bad behavior
would be detected. Increased detection would significantly reduce the
expected return from maliciousness. For some significant range of malevolent
actors, that shift would drive their bad behavior elsewhere.
This would not work perfectly, of course. No effort of control could ever
be perfect in either assuring traceability or tracking misbehavior. But perfec-
tion is not the standard. The question is whether the government could put
enough incentives into the mix of the network to induce a shift towards trace-
ability as a default. For obvious reasons, again, the answer is yes.
The General Form
If the government’s aim is to facilitate traceability, that can be achieved by
attaching an identity to actors on the network. One conceivable way to do that
would be to require network providers to block actions by individuals not dis-
playing a government-issued ID. That strategy, however, is unlikely, as it is
politically impossible. Americans are antsy enough about a national identity
card;24 they are not likely to be interested in an Internet identity card.
But even if the government can’t force cyber citizens to carry IDs, it is not
difficult to create strong incentives for individuals to carry IDs. There is no
requirement that all citizens have a driver’s license, but you would find it very
hard to get around without one, even if you do not drive. The government
does not require that you keep state-issued identification on your person, but
if you want to fly to another city, you must show at least one form of it. The
point is obvious: Make the incentive to carry ID so strong that it tips the nor-
mal requirements of interacting on the Net.
In the same way, the government could create incentives to enable digital
IDs, not by regulating individuals directly but by regulating intermediaries.
Intermediaries are fewer, their interests are usually commercial, and they are
ordinarily pliant targets of regulation. ISPs will be the “most important and
obvious” targets—“focal points of Internet control.”25
Consider first the means the government has to induce the spread of
“digital IDs.” I will then describe more what these “digital IDs” would have to
be.
First, government means:
• Sites on the Net have the ability to condition access based on whether someone car-
ries the proper credential. The government has the power to require sites to impose
this condition. For example, the state could require that gambling sites check the
0465039146-01 12/5/06 12:27 AM Page 69
regulating code
69
age and residency of anyone trying to use the site. Many sites could be required to
check the citizenship of potential users, or any number of other credentials. As
more and more sites complied with this requirement, individuals would have a
greater and greater incentive to carry the proper credentials. The more credentials
they carried, the easier it would be to impose regulations on them.26
• The government could give a tax break to anyone who filed his or her income tax
with a proper credential.
• The government could impose a 10 percent Internet sales tax and then exempt
anyone who purchased goods with a certificate that authenticated their state of
residence; the state would then be able to collect whatever local tax applied when
it was informed of the purchase.27
• The government could charge users for government publications unless they
gained access to the site with a properly authenticated certificate.
• As in other Western democracies, the government could mandate voting28—
and then establish Internet voting; voters would come to the virtual polls with
a digital identity that certified them as registered.
• The government could make credit card companies liable for the full cost of
any credit card or debit card online fraud whenever the transaction was
processed without a qualified ID.
• The government could require the establishment of a secure registry of e-mail
servers that would be used to fight spam. That list would encourage others to
begin to require some further level of authentication before sending e-mail.
That authentication could be supplied by a digital ID.
The effect of each of these strategies would be to increase the prevalence
of digital IDs. And at some point, there would be a tipping. There is an obvi-
ous benefit to many on the Net to be able to increase confidence about the
entity with whom they are dealing. These digital IDs would be a tool to
increase that confidence. Thus, even if a site permits itself to be accessed with-
out any certification by the user, any step beyond that initial contact could
require carrying the proper ID. The norm would be to travel in cyberspace
with an ID; those who refuse would find the cyberspace that they could
inhabit radically reduced.
The consequence of this tipping would be to effectively stamp every
action on the Internet—at a minimum—with a kind of digital fingerprint.
That fingerprint—at a minimum—would enable authorities to trace any
action back to the party responsible for it. That tracing—at a minimum—
could require judicial oversight before any trace could be effected. And that
oversight—at a minimum—could track the ordinary requirements of the
Fourth Amendment.
0465039146-01 12/5/06 12:27 AM Page 70
70
CODE 2.0
At a minimum. For the critical part in this story is not that the govern-
ment could induce an ID-rich Internet. Obviously it could. Instead, the
important question is the kind of ID-rich Internet the government
induces.
Compare two very different sorts of digital IDs, both of which we can
understand in terms of the “wallet” metaphor used in Chapter 4 to describe
the evolving technology of identity that Microsoft is helping to lead.
One sort of ID would work like this: Every time you need to identify
yourself, you turn over your wallet. The party demanding identification rum-
mages through the wallet, gathering whatever data he wants.
The second sort of ID works along the lines of the Identity Layer
described in Chapter 4: When you need to identify yourself, you can provide
the minimal identification necessary. So if you need to certify that you’re an
American, only that bit gets revealed. Or if you need to certify that you’re
over 18, only that fact gets revealed.
On the model of the second form of the digital ID, it becomes possible to
imagine then an ultra-minimal ID—an identification that reveals nothing on
its face, but facilitates traceability. Again, a kind of digital fingerprint which is
meaningless unless decoded, and, once decoded, links back to a responsible
agent.
These two architectures stand at opposite ends of a spectrum. They
produce radically different consequences for privacy and anonymity. Per-
fect anonymity is possible with neither; the minimal effect of both is to
make behavior traceable. But with the second mode, that traceability itself
can be heavily regulated. Thus, there should be no possible traceability
when the only action at issue is protected speech. And where a trace is to be
permitted, it should only be permitted if authorized by proper judicial
action. Thus the system would preserve the capacity to identify who did
what when, but it would only realize that capacity under authorized cir-
cumstances.
The difference between these two ID-enabled worlds, then, is all the dif-
ference in the world. And critically, which world we get depends completely
upon the values that guide the development of this architecture. ID-type 1
would be a disaster for privacy as well as security. ID-type 2 could radically
increase privacy, as well as security, for all except those whose behavior can
legitimately be tracked.
Now, the feasibility of the government effecting either ID depends cru-
cially upon the target of regulation. It depends upon there being an entity
responsible for the code that individuals use, and it requires that these entities
can be effectively regulated. Is this assumption really true? The government
0465039146-01 12/5/06 12:27 AM Page 71
regulating code
71
may be able to regulate the telephone companies, but can it regulate a diver-
sity of code writers? In particular, can it regulate code writers who are com-
mitted to resisting precisely such regulation?
In a world where the code writers were the sort of people who governed
the Internet Engineering Task Force29 of a few years ago, the answer is prob-
ably no. The underpaid heroes who built the Net have ideological reasons to
resist government’s mandate. They were not likely to yield to its threats. Thus,
they would provide an important check on the government’s power over the
architectures of cyberspace.
But as code writing becomes commercial—as it becomes the product of
a smaller number of large companies—the government’s ability to regulate it
increases. The more money there is at stake, the less inclined businesses (and
their backers) are to bear the costs of promoting an ideology.
The best example is the history of encryption. From the very start of the
debate over the government’s control of encryption, techies have argued that
such regulations are silly. Code can always be exported; bits know no borders.
So the idea that a law of Congress would control the flow of code was, these
people argued, absurd.
The fact is, however, that the regulations had a substantial effect. Not on
the techies—who could easily get encryption technologies from any number
of places on the Net—but on the businesses writing software that would
incorporate such technology. Netscape or IBM was not about to build and sell
software in violation of U.S. regulations. The United States has a fairly pow-
erful threat against these two companies. As the techies predicted, regulation
did not control the flow of bits. But it did quite substantially inhibit the devel-
opment of software that would use these bits.30
The effect has been profound. Companies that were once bastions of
unregulability are now becoming producers of technologies that facilitate
regulation. For example, Network Associates, inheritor of the encryption pro-
gram PGP, was originally a strong opponent of regulation of encryption; now
it offers products that facilitate corporate control of encryption and recovery
of keys.31 Key recovery creates a corporate back door, which, in many contexts,
is far less restricted than a governmental back door.
Cisco is a second example.32 In 1998 Cisco announced a router product
that would enable an ISP to encrypt Internet traffic at the link level—between
gateways, that is.33 But this router would also have a switch that would disable
the encryption of the router data and facilitate the collection of unencrypted
Internet traffic. This switch could be flipped at the government’s command;
in other words, the data would be encrypted only when the government
allowed it to be.
0465039146-01 12/5/06 12:27 AM Page 72
72
CODE 2.0
The point in both cases is that the government is a player in the market
for software. It affects the market both by creating rules and by purchasing
products. Either way, it influences the supply of commercial software
providers who exist to provide what the market demands.
Veterans of the early days of the Net might ask these suppliers, “How
could you?”
“It’s just business,” is the obvious reply.
EAST COAST AND WEST COAST CODES
Throughout this section, I’ve been speaking of two sorts of code. One is the
“code” that Congress enacts (as in the tax code or “the U.S. Code”). Congress
passes an endless array of statutes that say in words how to behave. Some
statutes direct people; others direct companies; some direct bureaucrats. The
technique is as old as government itself: using commands to control. In our
country, it is a primarily East Coast (Washington, D.C.) activity. Call it “East
Coast Code.”
The other is the code that code writers “enact”—the instructions imbed-
ded in the software and hardware that make cyberspace work. This is code in
its modern sense. It regulates in the ways I’ve begun to describe. The code of
Net95, for example, regulated to disable centralized control; code that encrypts
regulates to protect privacy. In our country (MIT excepted), this kind of code
writing is increasingly a West Coast (Silicon Valley, Redmond) activity. We can
call it “West Coast Code.”
West Coast and East Coast Code can get along perfectly when they’re not
paying much attention to each other. Each, that is, can regulate within its own
domain. But the story of this chapter is “When East Meets West”: what happens
when East Coast Code recognizes how West Coast Code affects regulability,
and when East Coast Code sees how it might interact with West Coast Code to
induce it to regulate differently.
This interaction has changed. The power of East Coast Code over West
Coast Code has increased. When software was the product of hackers and indi-
viduals located outside of any institution of effective control (for example, the
University of Illinois or MIT), East Coast Code could do little to control West
Coast Code.34 But as code has become the product of companies, the power of
East Coast Code has increased. When commerce writes code, then code can be
controlled, because commercial entities can be controlled. Thus, the power of
East over West increases as West Coast Code becomes increasingly commercial.
There is a long history of power moving west. It tells of the clash of ways
between the old and the new. The pattern is familiar. The East reaches out to
0465039146-01 12/5/06 12:27 AM Page 73
regulating code
73
control the West; the West resists. But that resistance is never complete. Values
from the East become integrated with the West. The new takes on a bit of the
old.
That is precisely what is happening on the Internet. When West Coast
Code was born, there was little in its DNA that cared at all about East Coast
Code concerns. The Internet’s aim was end-to-end communication. Regula-
tion at the middle was simply disabled.
Over time, the concerns of East Coast Coders have become much more
salient. Everyone hates the pathologies of the Internet—viruses, ID theft, and
spam, to pick the least controversial. That universal hatred has warmed West
Coast Coders to finding a remedy. They are now primed for the influence
East Coast Code requires: adding complements to the Internet architecture
that will bring regulability to the Net.
Now, some will continue to resist my claim that the government can
effect a regulable Net. This resistance has a common form: Even if architec-
tures of identification emerge, and even if they become common, there is
nothing to show that they will become universal, and nothing to show that at
any one time they could not be evaded. Individuals can always work around
these technologies of identity. No control that they could effect would ever be
perfect.
True. The control of an ID-rich Internet would never be complete. There
will always be ways to escape.
But there is an important fallacy lurking in the argument: Just because
perfect control is not possible does not mean that effective control is not pos-
sible. Locks can be picked, but that does not mean locks are useless. In the
context of the Internet, even partial control would have powerful effects.
A fundamental principle of bovinity is operating here and elsewhere.
Tiny controls, consistently enforced, are enough to direct very large animals.
The controls of a certificate-rich Internet are tiny, I agree. But we are large ani-
mals. I think it is as likely that the majority of people would resist these small
but efficient regulators of the Net as it is that cows would resist wire fences.
This is who we are, and this is why these regulations work.
So imagine the world in which we all could simply establish our creden-
tials simply by looking into a camera or swiping our finger on a thumbprint
reader. In a second, without easily forgotten passwords, or easily forged
authentication, we get access to the Net, with all of the attributes that are
ours, reliably and simply assertable.
What will happen then? When you can choose between remembering a
pass-phrase, typing it every time you want access to your computer, and sim-
ply using your thumb to authenticate who you are? Or if not your thumb,
0465039146-01 12/5/06 12:27 AM Page 74
74
CODE 2.0
then your iris, or whatever body part turns out to be cheapest to certify?
When it is easiest simply to give identity up, will anyone resist?
If this is selling your soul, then trust that there are truly wonderful bene-
fits to be had. Imagine a world where all your documents exist on the Internet
in a “virtual private network,” accessible by you from any machine on the Net
and perfectly secured by a biometric key.35 You could sit at any machine, call
up your documents, do your work, answer your e-mail, and move on—every-
thing perfectly secure and safe, locked up by a key certified by the markings in
your eye.
This is the easiest and most efficient architecture to imagine. And it comes
at (what some think) is a very low price—authentication. Just say who you
are, plug into an architecture that certifies facts about you, give your identity
away, and all this could be yours.
Z-THEORY
“So, like, it didn’t happen, Lessig. You said in 1999 that commerce and govern-
ment would work together to build the perfectly regulable net. As I look
through my spam-infested inbox, while my virus checker runs in the back-
ground, I wonder what you think now. Whatever was possible hasn’t hap-
pened. Doesn’t that show that you’re wrong?”
So writes a friend to me as I began this project to update Code v1. And
while I never actually said anything about when the change I was predicting
would happen, there is something in the criticism. The theory of Code v1 is
missing a part: Whatever incentives there are to push in small ways to the
perfectly regulable Net, the theory doesn’t explain what would motivate the
final push. What gets us over the tipping point?
The answer is not fully written, but its introduction was published this
year. In May 2006, the Harvard Law Review gave Professor Jonathan Zittrain
(hence “Z-theory”) 67 pages to explain “The Generative Internet.”36 The arti-
cle is brilliant; the book will be even better; and the argument is the missing
piece in Code v1.
Much of The Generative Internet will be familiar to readers of this book.
General-purpose computers plus an end-to-end network, Zittrain argues,
have produced an extraordinarily innovative (“generative”) platform for
invention. We celebrate the good stuff this platform has produced. But we (I
especially) who so celebrate don’t pay enough attention to the bad. For the
very same design that makes it possible for an Indian immigrant to invent
HoTMaiL, or Stanford dropouts to create Google, also makes it possible for
malcontents and worse to create viruses and worse. These sorts use the
0465039146-01 12/5/06 12:27 AM Page 75
regulating code
75
generative Internet to generate evil. And as Zittrain rightly observes, we’ve just
begun to see the evil this malware will produce. Consider just a few of his
examples:
• In 2003, in a test designed to measure the sophistication of spammers in finding
“open relay” servers through which they could send their spam undetected,
within 10 hours spammers had found the server. Within 66 hours they had sent
more than 3.3 million messages to 229,468 people.37
• In 2004, the Sasser worm was able to compromise more than 500,000 comput-
ers—in just 3 days.38 The year before, the Slammer worm infected 90 percent of
a particular Microsoft server—in just 15 minutes.39
• In 2003, the SoBig.F e-mail virus accounted for almost 70 percent of the e-mails
sent while it was spreading. More than 23.2 million messages were sent to AOL
users alone.40
These are of course not isolated events. They are instead part of a growing
pattern. As the U.S. Computer Emergency Readiness Team calculates, there
has been an explosion of security incidents reported to CERT. Here is the
graph Zittrain produced from the data:41
Number of Security Incidents Reported to CERT/CC, 1988-2003
160,000
140,000
120,000
100,000
80,000
60,000
40,000
20,000
0
1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003
0465039146-01 12/5/06 12:27 AM Page 76
76
CODE 2.0
The graph ends in 2004 because CERT concluded that the incidents were
so “commonplace and widespread as to be indistinguishable from one
another.”42
That there is malware on the Internet isn’t surprising. That it is growing
isn’t surprising either. What is surprising is that, so far at least, this malware
has not been as destructive as it could be. Given the ability of malware authors
to get their malicious code on many machines very quickly, why haven’t more
tried to do real harm?
For example, imagine a worm that worked itself onto a million machines,
and in a synchronized attack, simultaneously deleted the hard drive of all
million machines. Zittrain’s point is not that this is easy, but rather, that it is
just as difficult as the kind of worms that are already successfully spreading
themselves everywhere. So why doesn’t one of the malicious code writers do
real damage? What’s stopping cyber-Armageddon?
The answer is that there’s no good answer. And when there’s no good
explanation for why something hasn’t happened yet, there’s good reason to
worry that it will happen. And when this happens—when a malware author
produces a really devastatingly destructive worm—that will trigger the polit-
ical resolve to do what so far governments have not done: push to complete
the work of transforming the Net into a regulable space.
This is the crucial (and once you see it, obvious) insight of Z-theory. Ter-
ror motivates radical change. Think about, for example, the changes in law
enforcement (and the protection of civil rights) effected by the “Patriot Act.”43
This massively extensive piece of legislation was enacted 45 days after the ter-
ror attacks on 9/11. But most of that bill had been written long before 9/11.
The authors knew that until there was a serious terrorist attack, there would
be insufficient political will to change law enforcement significantly. But once
the trigger of 9/11 was pulled, radical change was possible.
The same will be true of the Internet. The malware we’ve seen so far has
caused great damage. We’ve suffered this damage as annoyance rather than
threat. But when the Internet’s equivalent of 9/11 happens—whether spon-
sored by “terrorists” or not—annoyance will mature into political will. And
that political will will produce real change.
Zittrain’s aim is to prepare us for that change. His powerful and extensive
analysis works through the trade-offs we could make as we change the Inter-
net into something less generative. And while his analysis is worthy of a book
of its own, I’ll let him write it. My goal in pointing to it here is to provide an
outline to an answer that plugs the hole in the theory of Code v1. Code v1
described the means. Z-theory provides the motive.
{TXB2}
0465039146-01 12/5/06 12:27 AM Page 77
regulating code
77
There was an awful movie released in 1996 called Independence Day. The
story is about an invasion by aliens. When the aliens first appear, many earth-
lings are eager to welcome them. For these idealists, there is no reason to
assume hostility, and so a general joy spreads among the hopeful across the
globe in reaction to what before had seemed just a dream: really cool alien life.
Soon after the aliens appear, however, and well into the celebration, the
mood changes. Quite suddenly, Earth’s leaders realize that the intentions of
these aliens are not at all friendly. Indeed, they are quite hostile. Within a very
short time of this realization, Earth is captured. (Only Jeff Goldblum realizes
what’s going on beforehand, but he always gets it first.)
My story here is similar (though I hope not as awful). We have been as
welcoming and joyous about the Net as the earthlings were about the aliens in
Independence Day; we have accepted its growth in our lives without ques-
tioning its final effect. But at some point, we too will come to see a potential
threat. We will see that cyberspace does not guarantee its own freedom but
instead carries an extraordinary potential for control. And then we will ask:
How should we respond?
I have spent many pages making a point that some may find obvious.
But I have found that, for some reason, the people for whom this point should
be most important do not get it. Too many take this freedom as nature. Too
many believe liberty will take care of itself. Too many miss how different
architectures embed different values, and that only by selecting these different
architectures—these different codes—can we establish and promote our val-
ues.
Now it should be apparent why I began this book with an account of the
rediscovery of the role for self-government, or control, that has marked recent
history in post-Communist Europe. Market forces encourage architectures of
identity to facilitate online commerce. Government needs to do very little—
indeed, nothing at all—to induce just this sort of development. The market
forces are too powerful; the potential here is too great. If anything is certain,
it is that an architecture of identity will develop on the Net—and thereby
fundamentally transform its regulability.
But isn’t it clear that government should do something to make this archi-
tecture consistent with important public values? If commerce is going to
define the emerging architectures of cyberspace, isn’t the role of government
to ensure that those public values that are not in commerce’s interest are also
built into the architecture?
Architecture is a kind of law: It determines what people can and cannot
do. When commercial interests determine the architecture, they create a kind
of privatized law. I am not against private enterprise; my strong presumption
0465039146-01 12/5/06 12:27 AM Page 78
78
CODE 2.0
in most cases is to let the market produce. But isn’t it absolutely clear that
there must be limits to this presumption? That public values are not
exhausted by the sum of what IBM might desire? That what is good for Amer-
ica Online is not necessarily good for America?
Ordinarily, when we describe competing collections of values, and the
choices we make among them, we call these choices “political.” They are
choices about how the world will be ordered and about which values will be
given precedence.
Choices among values, choices about regulation, about control, choices
about the definition of spaces of freedom—all this is the stuff of politics.
Code codifies values, and yet, oddly, most people speak as if code were just a
question of engineering. Or as if code is best left to the market. Or best left
unaddressed by government.
But these attitudes are mistaken. Politics is that process by which we col-
lectively decide how we should live. That is not to say it is a space where we
collectivize—a collective can choose a libertarian form of government. The
point is not the substance of the choice. The point about politics is process.
Politics is the process by which we reason about how things ought to be.
Two decades ago, in a powerful trilogy drawing together a movement in
legal theory, Roberto Unger preached that “it’s all politics.”44 He meant that we
should not accept that any part of what defines the world is removed from
politics—everything should be considered “up for grabs” and subject to
reform.
Many believed Unger was arguing that we should put everything up for
grabs all the time, that nothing should be certain or fixed, that everything
should be in constant flux. But that is not what he meant.
His meaning was instead just this: That we should interrogate the neces-
sities of any particular social order and ask whether they are in fact necessities,
and we should demand that those necessities justify the powers that they
order. As Bruce Ackerman puts it, we must ask of every exercise of power:
Why?45 Perhaps not exactly at the moment when the power is exercised, but
sometime.
“Power,” in this account, is just another word for constraints that humans
can do something about. Meteors crashing to earth are not “power” within the
domain of “it’s all politics.” Where the meteor hits is not politics, though the
consequences may well be. Where it hits, instead, is nothing we can do any-
thing about.
But the architecture of cyberspace is power in this sense; how it is could
be different. Politics is about how we decide, how that power is exercised, and
by whom.
0465039146-01 12/5/06 12:27 AM Page 79
regulating code
79
If code is law, then, as William Mitchell writes, “control of code is power”:
“For citizens of cyberspace, . . . code . . . is becoming a crucial focus of political
contest. Who shall write that software that increasingly structures our daily
lives?”46 As the world is now, code writers are increasingly lawmakers. They
determine what the defaults of the Internet will be; whether privacy will be
protected; the degree to which anonymity will be allowed; the extent to which
access will be guaranteed. They are the ones who set its nature. Their deci-
sions, now made in the interstices of how the Net is coded, define what the
Net is.
How the code regulates, who the code writers are, and who controls the
code writers—these are questions on which any practice of justice must focus
in the age of cyberspace. The answers reveal how cyberspace is regulated. My
claim in this part of the book is that cyberspace is regulated by its code, and
that the code is changing. Its regulation is its code, and its code is changing.
We are entering an age when the power of regulation will be relocated to
a structure whose properties and possibilities are fundamentally different. As
I said about Russia at the start of this book, one form of power may be
destroyed, but another is taking its place.
Our aim must be to understand this power and to ask whether it is prop-
erly exercised. As David Brin asks, “If we admire the Net, should not a burden
of proof fall on those who would change the basic assumptions that brought
it about in the first place?”47
These “basic assumptions” were grounded in liberty and openness. An
invisible hand now threatens both. We need to understand how.
{TXB2}
One example of the developing struggle over cyber freedoms is the still-not-
free China. The Chinese government has taken an increasingly aggressive
stand against behavior in cyberspace that violates real-space norms. Purveyors
of porn get 10 years in jail. Critics of the government get the same. If this is
the people’s republic, this is the people’s tough love.
To make these prosecutions possible, the Chinese need the help of net-
work providers. And local law requires that network providers in China help.
So story after story now reports major network providers—including Yahoo!
and Microsoft—helping the government do the sort of stuff that would make
our Constitution cringe.
The extremes are bad enough. But the more revealing example of the
pattern I’m describing here is Google. Google is (rightly) famous for its fan-
tastic search engine. Its brand has been built on the idea that no irrelevant fac-
tor controls its search results. Companies can buy search words, but their
results are bracketed and separate from the main search results. The central
0465039146-01 12/5/06 12:27 AM Page 80
80
CODE 2.0
search results—that part of the screen your eyes instinctively go to—are not
to be tampered with.
Unless the company seeking to tamper with the results is China, Inc. For
China, Google has promised to build a special routine.48 Sites China wants to
block won’t appear in the Google.CN search engine. No notice will be pre-
sented. No system will inform searchers that the search results they are read-
ing have been filtered by Chinese censors. Instead, to the Chinese viewer, this
will look like normal old Google. And because Google is so great, the Chinese
government knows most will be driven to Google, even if Google filters what
the government doesn’t want its people to have.
Here is the perfect dance of commerce with government. Google can
build the technology the Chinese need to make China’s regulation more per-
fectly enabled, and China can extract that talent from Google by mandating
it as a condition of being in China’s market.
The value of that market is thus worth more to Google than the value of
its “neutral search” principle. Or at least, it better be, if this deal makes any
sense.
My purpose here is not to criticize Google—or Microsoft, or Yahoo!
These companies have stockholders; maximizing corporate value is their
charge. Were I running any of these companies, I’m not sure I would have
acted differently.
But that in the end is my point: Commerce has a purpose, and govern-
ment can exploit that to its own end. It will, increasingly and more frequently,
and when it does, the character of the Net will change.
Radically so.
0465039146-01 12/5/06 12:27 AM Page 81
P A R T
T W O
r e g u l a t i o n
b y
c o d e
The lesson of the last part was that the interaction between commerce and
government will change the effective architecture of the Internet. That change
will increase the regulability of behavior on the Internet. Powder will be
sprayed on the invisible men of cyberspace, and after the spray, their exploits
will be more easily known.
But so far my story has not changed the basic mode by which government
regulates. So far, the government threatens punishment, and that threat is
intended to create the incentive for individuals to obey the government’s rule.
The changes in the effective architecture of cyberspace that I have described
would simply make it easier for the state to make good on its threat, and that
would reduce the expected value of criminal behavior (preferably below zero).
Traceability will increase effective enforcement; effective enforcement will
increase the costs of deviating from a state-specified rule.
In this part, I consider a different kind of regulation. The question here is
not how the architecture of the Net will make it easier for traditional regula-
tion to happen. The issue here is how the architecture of the Net—or its
“code”—itself becomes a regulator. In this context, the rule applied to an
individual does not find its force from the threat of consequences enforced by
the law—fines, jail, or even shame. Instead, the rule is applied to an individual
0465039146-01 12/5/06 12:27 AM Page 82
82
CODE 2.0
through a kind of physics. A locked door is not a command “do not enter”
backed up with the threat of punishment by the state. A locked door is a
physical constraint on the liberty of someone to enter some space.
My claim is that this form of regulation will become increasingly com-
mon in cyberspace. And it has, moreover, a distinctive and often counter-
intuitive character. The aim of this part is to explore this distinctive mode of
regulation as a step to understanding more systematically the interaction
between technology and policy.
0465039146-01 12/5/06 12:27 AM Page 83
S I X
c y b e r s p a c e s
I’VE SAID WE CAN DISTINGUISH THE INTERNET FROM CYBERSPACE. TO MAKE THE
distinctive form of regulation that is the subject of this part salient, we need
to say a bit more about this distinction. The Internet is a medium of commu-
nication. People do things “on” the Internet. Most of those things are trivial,
even if important. People pay bills on the Internet, they make reservations at
restaurants. They get their news from the Internet. They send news to family
members using e-mail or IM chat. These uses are important in the sense that
they affect the economy and make life easier and harder for those using the
Internet. But they’re not important in the sense that they change how people
live. It’s very cool that you can buy books with one click at Amazon. I buy tons
(maybe literally) of books I wouldn’t otherwise have bought. But my life has
not been changed by one-click (even if my bank account has). It’s been made
easier and more literate, but not anything fundamentally different.
Cyberspace, by contrast, is not just about making life easier. It is about
making life different, or perhaps better. It is about making a different (or sec-
ond) life. It evokes, or calls to life, ways of interacting that were not possible
before. I don’t mean that the interaction is new—we’ve always had commu-
nities; these communities have always produced something close to what I will
describe cyberspace to have produced. But these cyberspace communities cre-
ate a difference in degree that has matured into a difference in kind. There is
something unique about the interactions in these spaces, and something espe-
cially unique about how they are regulated.
Life in cyberspace is regulated primarily through the code of cyberspace.
Not regulated in the sense of Part I—my point is not that the code makes it
easy to know who did what so that penalties can be visited upon those who
behaved badly. Regulated in the sense that bars on a prison regulate the
83
0465039146-01 12/5/06 12:27 AM Page 84
84
CODE 2.0
movement of a prisoner, or regulated in the sense that stairs regulate the
access of the disabled. Code is a regulator in cyberspace because it defines the
terms upon which cyberspace is offered. And those who set those terms
increasingly recognize the code as a means to achieving the behaviors that
benefit them best.
And so too with the Internet. Code on the Internet is also a regulator, and
people live life on the Internet subject to that regulation. But my strategy in
this chapter is to begin with the more obscure as a way to build recognition
about the familiar. Once you see the technique applied to worlds you are
unlikely to inhabit, you will recognize the technique applied to the world you
inhabit all the time.
{TXB2}
Cyberspace is not one place. It is many places. And the character of these
many places differ in ways that are fundamental. These differences come in
part from differences in the people who populate these places, but demo-
graphics alone don’t explain the variance. Something more is going on.
Here is a test. Read the following passage, and ask yourself whether the
description rings true for you:
I believe virtual communities promise to restore to Americans at the end of the
twentieth century what many of us feel was lost in the decades at the beginning of
the century—a stable sense of community, of place. Ask those who’ve been mem-
bers of such a virtual community, and they’ll tell you that what happens there is
more than an exchange of electronic impulses in the wires. It’s not just virtual
barn raising. . . . It’s also the comfort from others that a man like Phil Catalfo of the
WELL can experience when he’s up late at night caring for a child suffering from
leukemia, and he logs on to the WELL and pours out his anguish and fears. People
really do care for each other and fall in love over the Net, just as they do in geo-
graphic communities. And that “virtual” connectedness is a real sign of hope in a
nation that’s increasingly anxious about the fragmentation of public life and the
polarization of interest groups and the alienation of urban existence.1
There are two sorts of reactions to talk like this. To those who have been
in “cyberspace” for some time, such talk is extremely familiar. These people
have been on different kinds of “nets” from the start. They moved to the Inter-
net from more isolated communities—from a local BBS (bulletin board serv-
ice), or, as Mike Godwin (the author of the passage) puts it, from a “tony”
address like The WELL. For them the Net is a space for conversation, connec-
tions, and exchange—a wildly promising location for making life in real space
different.
0465039146-01 12/5/06 12:27 AM Page 85
cyberspaces
85
But if you are a recent immigrant to this “space” (the old-timers call you
“newbies”), or if all you do on the Internet is check your stocks or look up
movie times, you are likely to be impatient with talk like this. When people
talk about “community,” about special ways to connect, or about the amazing
power of this space to alter lives, you are likely to ask, “What is this idea of
cyberspace as a place?” For newbies, those who have simply e-mailed or surfed
the Web, the “community” of the Net is an odd sort of mysticism. How can
anyone think of these pages full of advertisements and spinning icons as a
community, or even as a space? To the sober newbie, this just sounds like
hype high on java.2
Newbies are the silent majority of today’s Net.3 However much one
romanticizes the old days when the Net was a place for conversation and
exchange, this is not its function for most of its users now. There are explod-
ing communities of bloggers and creativity. But bloggers are still just 3 percent
of Internet users; the vast majority of Internet use has no connection to any
ideal of community.
Cyberspace has changed in its feel.4 How it looks, what you can do there,
how you are connected there—all this has changed. Why it has changed is a
complicated question—a complete answer to which I can’t provide. Cyber-
space has changed in part because the people—who they are, what their inter-
ests are—have changed, and in part because the capabilities provided by the
space have changed.
But part of the change has to do with the space itself. Communities,
exchange, and conversation all flourish in a certain type of space; they are
extinguished in a different type of space.5 My hope is to illuminate the differ-
ences between these two environments.
The next sections describe different cyber-places. The aim is to build
intuitions about how to think through the differences that we observe. These
intuitions, in turn, will help us see something about where cyberspace is
moving.
THE VALUES OF A SPACE
Spaces have values.6 They manifest these values through the practices or lives
that they enable or disable. As Mark Stefik puts it:
[B]arriers within cyberspace—separate chat rooms, intranet gateways, digital
envelopes, and other systems to limit access—resemble the effects of national
borders, physical boundaries, and distance. Programming determines which
people can access which digital objects and which digital objects can interact
0465039146-01 12/5/06 12:27 AM Page 86
86
CODE 2.0
with other digital objects. How such programming regulates human interac-
tions—and thus modulates change—depends on the choices made.7
Choices mean that differently constituted spaces enable and disable differ-
ently. This is the first idea to make plain. Here is an example.
At the start of the Internet, communication was through text. Media such
as USENET newsgroups, Internet Relay Chat, and e-mail all confined
exchange to text—to words on a screen, typed by a person (or so one
thought).
The reason for this limitation is fairly obvious: The bandwidth of early Net
life was very thin. In an environment where most users connected at 1,200 baud,
if they were lucky, graphics and streaming video would have taken an unbearably
long time to download, if they downloaded at all. What was needed was an effi-
cient mode of communication—and text is one of the most efficient.8
Most think of this fact about the early Net as a limitation. Technically, it
was. But this technical description does not exhaust its normative description
as an architecture that made possible a certain kind of life. From this perspec-
tive, limitations can be features; they can enable as well as disable. And this
particular limitation enabled classes of people who were disabled in real-
space life.
Think about three such classes—the blind, the deaf, and the “ugly.” In
real space these people face an extraordinary array of constraints on their
ability to communicate. The blind person in real space is constantly con-
fronted with architectures that presume he can see; he bears an extraordinary
cost in retrofitting real-space architectures so that this presumption is not
totally exclusionary. The deaf person in real space confronts architectures
that presume she can hear; she too bears an extraordinary cost in retrofitting
these architectures. The “ugly” person in real space (think of a bar or a social
club) confronts architectures of social norms that make his appearance a bar-
rier to a certain sort of intimacy. He endures extraordinary suffering in con-
forming to these architectures.
In real space these three groups are confronted with architectures that dis-
able them relative to “the rest of us.” But in cyberspace, in its first iteration,
they did not.
The blind could easily implement speech programs that read the (by def-
inition machine-readable) text and could respond by typing. Other people on
the Net would have no way of knowing that the person typing the message
was blind, unless he claimed to be. The blind were equal to the seeing.
The same with the deaf. There was no need to hear anything in this early
Internet. For the first time many of the deaf could have conversations, or
0465039146-01 12/5/06 12:27 AM Page 87
cyberspaces
87
exchanges, in which the most salient feature was not that the person was deaf.
The deaf were equal to the hearing.
And the same with the “ugly.” Because your appearance was not transmit-
ted with every exchange, the unattractive could have an intimate conversation
with others that was not automatically defined by what they looked like. They
could flirt or play or be sexual without their bodies (in an extremely under-
appreciated sense) getting in the way. This first version of the Net made these
people equal to “the beautiful.” In a virtual chat room, stunning eyes, a capti-
vating smile, or impressive biceps don’t do it. Wit, engagement, and articulate-
ness do.
The architecture of this original cyberspace gave these groups something
that they did not have in real space. More generally, it changed the mix of ben-
efits and burdens that people faced—the literate were enabled and the attrac-
tive disabled relative to real space. Architectures produced these enablings
and disablings.
I’ve told this story as if it matters only to those who in real space are “dis-
abled.” But of course, “disabled” is a relative term.9 It is more accurate to say
that the space changes the meaning of the enabled. A friend—a strikingly
beautiful and powerful woman, married, and successful—described for me
why she spends hours in political chat spaces, arguing with others about all
sorts of political topics:
You don’t understand what it’s like to be me. You have lived your whole life in a
world where your words are taken for their meaning; where what you say is
heard for what it says. I’ve never had a space, before this space, where my words
were taken for what they meant. Always, before, they were words of “this babe,”
or “wife,” or “mother.” I could never speak as I. But here, I am as I speak.
Clearly, the space is enabling her, even though one would not have said
that in real space she was “disabled.”10
Over time, as bandwidth has expanded, this architecture has changed,
and so has the mix of benefits and burdens. When graphics entered the Net
through the World Wide Web, the blind became “blind” again. As sound files
or speech in virtual spaces have been created, the deaf have become “deaf ”
again. And as chat rooms have started segregating into spaces where video-
cams capture real images of the people chatting and spaces where there is
just text, the video-unappealing are again unappealing.11 As the architectures
change, definitions of who is “disabled” change as well.
My point is not to argue that the Net should not change—though of
course, if it can change in ways that minimize the disabling effect of sound
0465039146-01 12/5/06 12:27 AM Page 88
88
CODE 2.0
and graphics, then it no doubt should.12 However important, my point is not
really about the “disabled” at all. I use this example simply to highlight a
link—between these structures of code and the world this code enables. Codes
constitute cyberspaces; spaces enable and disable individuals and groups. The
selections about code are therefore in part a selection about who, what, and,
most important, what ways of life will be enabled and disabled.
CYBER-PLACES
We can build on this point by looking at a number of “communities” that are
constituted differently and that constitute different forms of life and by con-
sidering what makes these differences possible.
America Online
America Online (AOL) is an online service provider—“by far the largest ISP
in the world”13 with some 12 million subscribers in 1998 and 27 million
today.14 But despite having the population of New York and New Jersey com-
bined, AOL still describes itself as a “community.” A large community per-
haps, but a community nonetheless.
This community has a constitution—not in the sense of a written docu-
ment (though there is that as well), but in the sense of a way of life for those
who live there. Its founding vision was that community would make this
place sing. So from its start, AOL’s emphasis has been on enabling people to
interact, through chat, bulletin boards, and e-mail. (Today, AOL hosts the
exchange of more messages daily than does the U.S. Post Office.15) Earlier
providers, obsessed with providing content or advertising, limited or ignored
the possibilities for interaction and exchange, but AOL saw interaction as the
stuff that makes cyberspace different. It built itself on building a community
and establishing itself as a place where people could say what they wanted.16
This interaction is governed by the rules of the place. Some of these rules
are formal, others customary. Among the formal are express terms to which
every member subscribes upon joining AOL. These terms regulate a wide
range of behaviors in this space, including the behavior of AOL members
anywhere on the Internet.17
Increasingly, these rules have become controversial. AOL policies have
been called “Big Brother” practices. Arguments that get heated produce
exchanges that are rude. But rudeness, or offensiveness, is not permitted in
AOL’s community. When these exchanges are expunged, claims of “censor-
ship” arise.18
0465039146-01 12/5/06 12:27 AM Page 89
cyberspaces
89
My aim here, however, is not to criticize these rules of “netiquette.” AOL
also has other rules that regulate AOL members—rules expressed not in con-
tracts but rather through the very architectures of the space. These rules are
the most important part of AOL’s constitution, but they are probably the part
considered last when we think about what regulates behavior in this cyber-
place.
Consider some examples:
For most of AOL’s life,19 as a member of AOL you could be any one of five
people. This was just one amazing feature of the space. When you started an
account on AOL, you had the right to establish up to five identities, through
five different “screen names” that in effect establish five different accounts.
Some users, of course, used the five screen names to give other family mem-
bers access to AOL. But not everyone used an AOL account like this. Think
about the single woman, signing up for her first AOL account. AOL gave her
up to five identities that she can define as she wishes—five different personae
she can use in cyberspace.
What does that mean? A screen name is just a label for identifying who
you are when you are on the system. It need not (indeed, often cannot) be
your own name. If your screen name is “StrayCat,” then people can reach you
by sending e-mail to “straycat@aol.com.” If you are online, people can try to
talk to you by paging StrayCat on the AOL system; a dialogue would then
appear on your screen asking whether you want to talk to the person who
paged you. If you enter a chat room, the list of residents there will add you as
“StrayCat.”
But who is StrayCat? Here is a second dimension of control. StrayCat is
who StrayCat says she is. She can choose to define herself as no one at all. If
she chooses to place a description of herself in the members’ directory, that
description can be as complete or incomplete as she wishes. It can be true or
false, explicit or vague, inviting or not. A member stumbling across StrayCat,
then, in a chat room set up for stamp collectors could get her profile and read
that StrayCat lives in Cleveland and is single and female. What happens next
is anyone’s guess.
Yet this need only be one of StrayCat’s five identities. Let’s say there is a
different persona that StrayCat likes to have when she wanders through chat
rooms. She can then select another screen name and define it in the directory
as she wishes. Perhaps when StrayCat is having a serious discussion in a news-
group or political list she prefers to speak as herself. She could then select a
screen name close to her own name and define it according to who she really
is. At other times StrayCat may like to pretend to be a man—engaging in vir-
tual cross-dressing and all that might bring with it. One of her screen names
0465039146-01 12/5/06 12:27 AM Page 90
90
CODE 2.0
could then be a man’s. And so on. The point is the multiplicity that AOL
allows, and the freedom this multiplicity permits.
No one except StrayCat needs to know which screen names are hers. She
is not required to publish the full list of her identities, and no one can find out
who she is (unless she breaks the rules). (After revealing to the U.S. Navy the
name of one of its members so that the Navy could prosecute the person for
being a homosexual, AOL adopted a very strict privacy policy that promises
never to allow a similar transgression to happen again.)20
So in AOL you were given a fantastic power of pseudonymity that the
“code writers” of real space simply do not give. You could, of course, try in real
space to live the same range of multiple lives, and to the extent that these
lives are not incompatible or inconsistent, you could quite often get away
with it. For instance, you could be a Cubs fan during the summer and an
opera buff during the winter. But unless you take extraordinary steps to hide
your identity, in real space you are always tied back to you. You cannot simply
define a different character; you must make it, and more important (and dif-
ficult), you must sustain its separation from your original identity.
That is a first feature of the constitution of AOL—a feature constituted by
its code. A second is tied to speech—what you can say, and where.
Within the limits of decency, and so long as you are in the proper place,
you can say what you want on AOL. But beyond these limits, speech on AOL
is constrained in a more interesting way: not by rules, but by the character of
the potential audience. There are places in AOL where people can gather;
there are places where people can go and read messages posted by others. But
there is no space where everyone gathers at one time, or even a space that
everyone must sooner or later pass through. There is no public space where
you could address all members of AOL. There is no town hall or town meeting
where people can complain in public and have their complaints heard by oth-
ers. There is no space large enough for citizens to create a riot. The owners of
AOL, however, can speak to all. Steve Case, the founder of AOL, used to write
“chatty” letters to the members as the community’s “town mayor.”21 Case left
AOL in 2005, and apparently no one has stepped into his speaker shoes. AOL
does still advertise to all its members and can send everyone an e-mail, but
only the owners and those they authorize can do so. The rest of the members
of AOL can speak to crowds only where they notice a crowd—and never to a
crowd greater than thirty-six (up from twenty-three when the first edition of
this book was published).
This is another feature of the constitution of the space that AOL is, and it
too is defined by code. That only twenty-three people can be in a chat room
at once is a choice of the code engineers. While their reasons could be many,
0465039146-01 12/5/06 12:27 AM Page 91
cyberspaces
91
the effect is clear. One can’t imagine easily exciting members of AOL into
public action, such as picketing the latest pricing policy. There are places to go
to complain, but you have to take the trouble to go there yourself. There is no
place where members can complain en masse.
Real space is different in this respect. Much of free speech law is devoted
to preserving spaces where dissent can occur—spaces that can be noticed,
and must be confronted, by nondissenting citizens.22 In real space there are
places where people can gather, places where they can leaflet. People have a
right to the sidewalks, public streets, and other traditional public forums.
They may go there and talk about issues of public import or otherwise say
whatever they want. Constitutional law in real space protects the right of the
passionate and the weird to get in the face of the rest. But no such design is
built into AOL.23 As Dawn Nunziato writes,
AOL explains in its Community Guidelines that “like any city, we take pride
in—and are protective of—our community.” Unlike any other city, however,
AOL enjoys the unfettered discretion to censor constitutionally-protected speech
in its discussion forums and other online spaces, including “vulgar language”
(which, it warns, is “no more appropriate online than [it] would be at Thanks-
giving dinner”), “crude conversations about sex,” and “discussions about . . .
illegal drug abuse that imply it is acceptable.”24
This is not to romanticize the power of real-space public forums. (Nor is
it to pick on AOL: As Nunziato continues, “users seeking stronger protection
for their expression might turn to an ISP other than AOL. They will find,
however, similar restrictions on speech imposed by many other major
ISPs.”25) We have become such an apolitical society that if you actually exer-
cised this constitutionally protected right, people would think you were a nut.
If you stood on a street corner and attacked the latest tax proposal in Con-
gress, your friends would be likely to worry—and not about the tax proposal.
There are exceptions—events can make salient the need for protest—but in
the main, though real space has fewer controls through code on who can
speak where, it has many more controls through norms on what people can
say where. Perhaps in the end real space is much like AOL—the effective space
for public speech is limited and often unimportant. That may well be. But my
aim here is to identify the feature and to isolate what is responsible for it.
And once again, it turns out to be a feature built into the code.
A third feature of AOL’s constitution also comes from its code. This is
traceability. While members are within the exclusive AOL content area (in
other words, when they’re not using AOL as a gateway to the Internet), AOL
0465039146-01 12/5/06 12:27 AM Page 92
92
CODE 2.0
can (and no doubt does) trace your activities and collect information about
them. What files you download, what areas you frequent, who your “buddies”
are—all this is available to AOL. These data are extremely valuable; they help
AOL structure its space to fit customer demand. But gaining the ability to col-
lect these data required a design decision. This decision too was part of the
constitution that is AOL—again, a part constituted by its code. It is a decision
that gives some but not others the power to watch.
AOL is not exclusive in this enabling capacity. It shares the power. One
wonderful feature of the online space is something called “buddy lists.” Add
someone to your buddy list, and when he comes online you hear the sound of
a creaking door and are notified that he is online. (The “buddy” need not
know he is being watched, though he can, if he knows, block the watching.) If
that person goes into a chat area and you “locate” him, you will be told in
what chat area he is. This power, given to ordinary users, can have complicated
consequences. (Imagine sitting at work with your buddy feature turned on,
watching your spouse come online, enter a chat area, and—you get the point.)
This ability to monitor is built into the space. Individuals can turn it off, at
least for a single watcher, but only if they know about it and think to change
it.
Consider one final feature of the constitution of AOL, closely linked to the
last: commerce. In AOL you can buy things. You can buy things and download
them, or buy things and have them sent to your home. When you buy, you
buy with a screen name, and when you buy with a screen name, AOL knows
(even if no one else does) just who you are. It knows who you are, it knows
where you live in real space, and most important, it knows your credit card
number and the security it provides.
AOL knows who you are—this is a feature of its design. All your behavior
on AOL is watched; all of it is monitored and tracked back to you as a user.
AOL promises not to collect data about you individually, but it certainly col-
lects data about you as part of a collective. And with this collective, and the
link it provides back to you, AOL is a space that can better, and more effi-
ciently, sell to you.
These four features mark AOL space as different from other places in
cyberspace. It is easier for AOL to identify who you are, and harder for indi-
viduals to find out who you are; easier for AOL to speak to all its “citizens” as
it wishes, and harder for dissidents to organize against AOL’s views about
how things ought to be; easier for AOL to market, and harder for individuals
to hide. AOL is a different normative world; it can create this different world
because it is in control of the architecture of that world. Members in that
space face, in a sense, a different set of laws of nature; AOL makes those laws.
0465039146-01 12/5/06 12:27 AM Page 93
cyberspaces
93
Again, my aim is not to criticize the creation of this world or to say that
it is improper. No doubt AOL makes promises to its members that are
designed to allay some of the concern that this control creates, and no doubt
if the place became oppressive, the market would provide plenty of alterna-
tives.
Rather my objective is to impart a sense of what makes AOL the way it is.
It is not just written rules; it is not just custom; it is not just the supply and
demand of a knowing consuming public. What makes AOL is in large part the
structure of the space. You enter AOL and you find it to be a certain universe.
This space is constituted by its code. You can resist this code—you can resist
how you find it, just as you can resist cold weather by putting on a sweater. But
you are not going to change how it is. You do not have the power to change
AOL’s code, and there is no place where you could rally AOL members to
force AOL to change the code. You live life in AOL subject to its terms; if you
do not like them, you go elsewhere.
These features of the AOL space have important implications for how it
is regulated. Imagine there is a problem on AOL that AOL wants to stop. It
wants to prevent or at least control a certain behavior. What tools does AOL
have?
First, it has all the tools that any club, fraternity, or “community” might
have. It can announce rules for its members (and AOL certainly does). Or it
can try to stigmatize the behavior, to use the norms of the community to
help regulate the problem. This AOL does as well. Alternatively, if the problem
comes from the overuse of a particular resource, then the managers at AOL
can price that resource differently by exacting a tax to reduce its usage or a dif-
ferent price for those who use it too much.
But AOL has something more at hand. If AOL does not like a certain
behavior, then in at least some cases it can regulate that behavior by changing
its architecture. If AOL is trying to control indecent language, it can write
routines that monitor language usage; if there is improper mixing between
adults and kids, AOL can track who is talking to whom; if there is a virus
problem caused by people uploading infected files, it can run the files auto-
matically through virus checkers; if there is stalking or harassing or threaten-
ing behavior, AOL can block the connection between any two individuals.
In short, AOL can deal with certain types of problems by changing its
code. Because the universe that AOL members know (while in AOL) is
defined by this code, AOL can use the code to regulate its members.
Think a bit about the power I am describing—and again, I am not com-
plaining or criticizing or questioning this power, only describing it. As you
move through this space that AOL defines—entering a chat area, posting a
0465039146-01 12/5/06 12:27 AM Page 94
94
CODE 2.0
message to a bulletin board, entering a discussion space, sending instant-
messages to another person, watching or following other people, uploading
or downloading files from sites, turning to certain channels and reading cer-
tain articles, or obsessively paging through a space looking for pictures of a
certain actor or actress—as you do any of these things, AOL is, in an impor-
tant sense, there. It is as if the system gives you a space suit that you use to
navigate the space but that simultaneously monitors your every move.
In principle, the potential for control is extraordinary. Imagine AOL
slowing the response time for a certain kind of service it wants to discourage,
or channeling the surfer through ads that it wants customers to see, or iden-
tifying patterns of behavior that its monitors would watch, based on the fear
that people with patterns like X are typically dangerous to people of type Y.
I do not think AOL engages in activities like these, and I am not saying that
there would be anything wrong if it did. But it is important to note that the
potential for control in this “community” is unlimited—not in the sense that
AOL could make life miserable (since people would then leave), but in the
sense that it has a regulatory tool that others, in both real space and other
cyberspaces, do not. Its power is, of course, checked by the market, but it
has a tool of control that others in the market, but outside cyberspace, do not
have.
In principle, then, AOL must choose. Every time AOL decides that it
wants to regulate a certain kind of behavior, it must select from among at least
four modalities—rules, norms, prices, or architecture. And when selecting
one of these four modalities, selecting architecture as a regulator will often
make the most sense.
Counsel Connect
David Johnson began Counsel Connect (CC) in 1992 as an online lawyers’
cooperative. The idea was simple: Give subscribers access to each other; let
them engage in conversations with each other; and through this access and
these conversations, value would be created. Lawyers would give and take
work; they would contribute ideas as they found ideas in the space. A different
kind of law practice would emerge—less insular, less exclusive, more broadly
based.
I thought the idea amazing, though many thought it nuts. For a time the
system was carried by Lexis; in 1996 it was sold to American Lawyer Media,
L.P.; in 1997 it migrated to the Internet, and it closed in 1999.26 At its peak, it
boasted thousands of subscribers, though it is hard to know how many of
them contributed to the discussion online. Most simply watched the discus-
0465039146-01 12/5/06 12:27 AM Page 95
cyberspaces
95
sions of others, perhaps linking three or four discussion groups of their par-
ticular interest, plus a few of more general interest. But many saw the emerg-
ing culture as something amazing and new (for lawyers at least). As its
founder, David Johnson, described it, “Think of The Well for lawyers, with its
own highly unique evolution, emergence, maintenance, and adaptation.”27
Members got to know each other well. “Inevitably, this led to numerous real
world meetings. . . . Of those I attended, it always resemble[d] a get together
of long-time acquaintances even though many of us ha[d] not previously
met face to face.”28
The discussion was organized into legal topics. Each topic was divided
into discussion groups, with each group led by a discussion leader. The leader
was not a moderator; he or she had no power to cancel a post. The leader was
there to inspire conversation—to induce others to speak by being encouraging
or provocative.
At its height, there were some 90 groups in this space. The poster of a par-
ticular message may have had it removed, but if the poster did not remove it,
it stayed—at first in the list of topics being discussed, and later in an archive
that could be searched by any member.
Members paid a fee to join and get an account with their real name on it.
Postings use members’ real names, and anyone wondering who someone is
could simply link to a directory. Members of CC must be members of the bar,
unless they are journalists. Others have no right to access; the community
here is exclusive.
Postings in the space look very much like postings in a USENET news-
group. A thread could be started by anyone, and replies to a thread were
appended to the end. Because messages did not move off the system, one
could easily read from the start of a thread to its end. The whole conversation,
not just a snippet, was preserved.
These features of CC space were obviously designed; the architects chose
to enable certain features and to disable others. We can list here some of the
effects of these choices.
First, there was the effect from being required to use your own name.
You were more likely to think before speaking and to be careful about being
right before saying something definitive. You were constrained by the com-
munity, which would judge what you said, and in this community you could
not escape from being linked to what you said. Responsibility was a conse-
quence of this architecture, but so was a certain inhibition. Does a senior
partner at a leading law firm really want to ask a question that will announce
his ignorance about a certain area of law? Names cannot be changed to pro-
tect the ignorant, so they will often simply not speak.
0465039146-01 12/5/06 12:27 AM Page 96
96
CODE 2.0
Second, there was an effect from forcing all discussion into threads. Post-
ings were kept together; a question was asked, and the discussion began from
the question. If you wanted to contribute to this discussion, you had to first
read through the other postings before responding. Of course, this was not a
technical requirement—you certainly had a choice not to read. But if you did
not read through the entire thread, you could well end up repeating what
another had said and so reveal that you were speaking without listening.
Again, the use of real names ties members’ behavior to the norms of the com-
munity.
Third, there was the effect of reputation: The reputation you built in this
space was based on the kind of advice you gave. Your reputation survived any
particular post and was, of course, affected by any subsequent posts. These
posts were archived and searchable. If you said one thing about topic X and
then the opposite later on, you were at least open to a question about consis-
tency.
Fourth, there was the effect of tying reputation to a real name in a real
community of professionals. Misbehaving here mattered elsewhere. CC thus
got the benefit of that community—it got the benefit, that is, of the norms of
a particular community. These norms might have supported relatively pro-
ductive community behavior—more productive, that is, than the behavior of
a group whose members are fundamentally mixed. They might also have sup-
ported punishing those who deviated from appropriate behavior. Thus, CC
got the benefit of community sanction to control improper behavior, whereas
AOL had to rely on its own content police to ensure that people stayed prop-
erly on topic.
We can describe the world of CC that these features constitute in two
different ways, just as we can describe the world AOL constitutes in two dif-
ferent ways. One is the life that CC’s features made possible—highly dialogic
and engaged, but monitored and with consequences. The other is the regula-
bility by the manager of the life that goes on in the CC space. And here we can
see a significant difference between this space and AOL.
CC could have used the norms of a community to regulate more effec-
tively than AOL can. CC benefited from the norms of the legal community;
it knew that any misbehavior would be sanctioned by that community.
There was, of course, less “behavior” in this space than in AOL (you did
fewer things here), but such as it was, CC behavior was quite significantly
regulated by the reputations of members and the consequences of using
their real names.
These differences together had an effect on CC’s ability to regulate its
members. They enabled a regulation through modalities other than code.
0465039146-01 12/5/06 12:27 AM Page 97
cyberspaces
97
They made behavior in CC more regulable by norms than behavior in AOL is.
CC in turn may have had less control than AOL does (since the controlling
norms are those of the legal community), but it also bore less of the burden
of regulating its members’ behavior. Limiting the population, making mem-
bers’ behavior public, tying them to their real names—these are the tools of
self-regulation in this virtual space.
But CC was like AOL in one important way: It was not a democracy and
neither is AOL. Management in both cases controls what will happen in the
space—again, not without constraint, because the market is an important con-
straint. But in neither place do “the people” have the power to control what goes
on. Perhaps they did, indirectly, in CC more than AOL, since it is the norms of
“the people” that regulate behavior in CC. But these norms cannot be used
against CC directly. The decisions of CC and AOL managers may have been
affected by market forces—individuals can exit, competitors can steal customers
away. But voting doesn’t direct where AOL goes, and it didn’t with CC either.
That’s not the case with the next cyber-place. At least, not anymore.
LambdaMOO
LambdaMOO is a text-based virtual reality. People from across the world
(today close to six thousand of them) link to this space and interact in ways
that the space permits. The reality is the product of this interaction. Individ-
uals can participate in the construction of this reality—sometimes for
upwards of eighty hours a week. For some this interaction is the most sus-
tained human contact of their entire lives. For most it is a kind of interaction
unmatched by anything else they know.
In the main, people just talk here. But it is not the talk of an AOL chat
room. The talk in a MUD is in the service of construction—of constructing
a character and a community. You interact in part by talking, and this talking
is tied to a name. This name, and the memories of what it has done, live in the
space, and over time people in the space come to know the person by what
these memories recall.
The life within these MUDs differ. Elizabeth Reid describes two different
“styles”29—social-style MUD and an adventure or game-style MUD. Social
MUDs are simply online communities where people talk and build characters
or elements for the MUD. Adventure MUDs are games, with (virtual) prizes
or power to be won through the deployment of skill in capturing resources or
defeating an enemy. In either context, the communities survive a particular
interaction. They become virtual clubs, though with different purposes. Mem-
bers build reputations through their behavior in these clubs.
0465039146-01 12/5/06 12:27 AM Page 98
98
CODE 2.0
You get a character simply by joining the MOO (though in Lamb-
daMOO the waiting list for a character extends over many months). When
you join the space, you define the character you will have. At least, you
define certain features of your character. You select a name and a gender (no
gender is an option as well) and describe your character. Some descriptions
are quite ordinary (Johnny Manhattan is “tall and thin, pale as string cheese,
wearing a neighborhood hat”).30 Others, however, are quite extraordinary.
(Legba, for instance, is a Haitian trickster spirit of indeterminate gender,
brown-skinned and wearing an expensive pearl gray suit, top hat, and dark
glasses.)31
Julian Dibbell broke the story of this space to the nonvirtual world in an
article in the Village Voice.32 The story that was the focus of Dibbell’s article
involved a character called Mr. Bungle who, it turns out, was actually a group
of NYU undergraduates sharing this single identity. Bungle entered a room
late one evening and found a group of characters well known in that space.
The full story cannot be told any better than Dibbell tells it. For our purposes,
the facts will be enough.33
Bungle had a special sort of power. By earning special standing in the
LambdaMOO community, he had “voodoo” power: he could take over the
voices and actions of other characters and make them appear to do things
they did not really do. This Bungle did that night to a group of women and at
least one person of ambiguous gender. He invoked this power, in this public
space, and took over the voices of these people. Once they were in his control,
Bungle “raped” these women, violently and sadistically, and made it seem as
if they enjoyed the rape.
The “rape” was virtual in the sense that the event happened only on the
wires. “No bodies touched,” as Dibbell describes it.
Whatever physical interaction occurred consisted of a mingling of electronic
signals sent from sites spread out between New York City and Sydney, Australia.
. . . He commenced his assault entirely unprovoked at, or about 10 P.M. Pacific
Standard Time. . . . [H]e began by using his voodoo doll to force one of the
room’s occupants to sexually service him in a variety of more or less conven-
tional ways. That this victim was exu. . . . He turned his attentions now to Moon-
dreamer . . . forcing her into unwanted liaisons with other individuals present in
the room. . . . His actions grew progressively violent. . . . He caused Moon-
dreamer to violate herself with a piece of kitchen cutlery. He could not be
stopped until at last someone summoned Iggy . . . who brought with him a gun
of near wizardly powers, a gun that didn’t kill but enveloped its targets in a cage
impermeable even to a voodoo doll’s powers.34
0465039146-01 12/5/06 12:27 AM Page 99
cyberspaces
99
Rape is a difficult word to use in any context, but particularly here. Some
will object that whatever happened in this virtual space, it has nothing to do
with rape. Yet even if “it” was not “rape,” all will see a link between rape and
what happened to these women there. Bungle used his power over these
women for his own (and against their) sexual desire; he sexualized his vio-
lence and denied them even the dignity of registering their protest.
For our purposes, whether what happened here was really rape is beside
the point. What matters is how the community reacted. The community was
outraged by what Bungle had done, and many thought something should be
done in response.
They gathered, this community of members of LambdaMOO, in a virtual
room at a set time, to discuss what to do. Some thirty showed up, the largest
meeting the community had known. Some thought that Bungle should be
expelled—“toaded,” as it is described, killed for purposes of the MOO. Others
thought that nothing should be done; Bungle was certainly a creep, but the
best thing to do to creeps was simply to ignore them. Some called on the
Wizards of the space—the creators, the gods—to intervene to deal with this
character. The Wizards declined: Their job, they replied, was to create the
world; the members had to learn to live within it.
There was really no law that governed what Bungle had done. No real-
space law reached sexual pranks like this, and neither did any explicit rule of
LambdaMOO.35 This troubled many who wanted to do something. Invoking
real-space ideals about fair notice and due process, these people argued that
Bungle could not be punished for violating rules that did not exist at the time.
Two extremes eventually emerged. One side urged vigilantism: Bungle
was a miscreant, and something should be done about him. But what
shouldn’t be done, they argued, was for LambdaMOO to respond by creating
a world of regulation. LambdaMOO did not need a state; it needed a few
good vigilantes. It needed people who would enforce the will of the commu-
nity without the permanent intrusion of some central force called the state.
Bungle should be expelled, killed, or “toaded”—and someone would do it. But
only if the group resisted the call to organize itself into a state.
The other side promoted just one idea: democracy. With the cooperation
of the Wizards, LambdaMOO should establish a way to vote on rules that
would govern how people in the space behaved. Any question could be made
the subject of a ballot; there was no constitution limiting the scope of what
democracy could decide. An issue decided by the ballot would be imple-
mented by the Wizards. From then on, it would be a rule.
Both extremes had their virtues, and both invited certain vices. The anar-
chy of the first risked chaos. It was easy to imagine the community turning
0465039146-01 12/5/06 12:27 AM Page 100
100
CODE 2.0
against people with little or no warning; one imagined vigilantes roaming
the space, unconstrained by any rules, “toading” people whose crimes hap-
pened to strike them as “awful.” For those who took this place less seriously
than real space, this compromise was tolerable. But what was tolerable for
some was intolerable to others—as Bungle had learned.
Democracy seemed natural, yet many resisted it as well. The idea that
politics could exist in LambdaMOO seemed to sully the space. The thought
that ideas would have to be debated and then voted on was just another bur-
den. Sure, rules would be known and behavior could be regulated, but it all
began to seem like work. The work took something from the fun the space
was to have been.
In the end, both happened. The debate that evening wound down after
almost three hours. No clear resolution had found its way in. But a resolution
of sorts did occur. As Dibbell describes it:
It was also at this point, most likely, that TomTraceback reached his decision. Tom-
Traceback was a wizard, a taciturn sort of fellow who’d sat brooding on the sidelines
all evening. He hadn’t said a lot, but what he had said indicated that he took the
crime committed against exu and Moondreamer very seriously, and that he felt no
particular compassion toward the character who had committed it. But on the other
hand he had made it equally plain that he took the elimination of a fellow player just
as seriously, and moreover that he had no desire to return to the days of wizardly
intervention. It must have been difficult, therefore, to reconcile the conflicting
impulses churning within him at that moment. In fact, it was probably impossible,
for . . . as much as he would have liked to make himself an instrument of the MOO’s
collective will, [he surely realized that under the present order of things] he must in
the final analysis either act alone or not act at all.
So TomTraceback acted alone.
He told the lingering few players in the room that he had to go, and then he
went. It was a minute or two before 10 P.M. He did it quietly and he did it privately,
but all anyone had to do to know he’d done it was to type the @who command,
which was normally what you typed if you wanted to know a player’s present loca-
tion and the time he last logged in. But if you had run an @who on Mr. Bungle not
too long after TomTraceback left emmeline’s room, the database would have told you
something different.
“Mr_Bungle,” it would have said, “is not the name of any player.”
The date, as it happened, was April Fool’s Day, but this was no joke: Mr. Bungle
was truly dead and truly gone.36
0465039146-01 12/5/06 12:27 AM Page 101
cyberspaces
101
When the Wizards saw this, they moved to the other extreme. With no
formal decision by the citizens, the Wizards called forth a democracy. Starting
May 1, 1993,37 any matter could be decided by ballot, and any proposition
receiving at least twice as many votes for as against would become the law.38
Many wondered whether this was an advance or not.
There is a lot to think about in this story, even in my savagely abridged
version.39 But I want to focus on the sense of loss that accompanied the Wiz-
ards’ decision. There is a certain romance tied to the idea of establishing a
democracy—Kodak commercials with tearful Berliners as the Wall comes
down and all that. The romance is the idea of self-government and of estab-
lishing structures that facilitate it. But LambdaMOO’s move to self-govern-
ment, through structures of democracy, was not just an achievement. It was
also a failure. The space had failed. It had failed, we could say, to self-regulate.
It had failed to engender values in its population sufficient to avoid just the
sort of evil Bungle had perpetrated. The debate marked the passage of the
space from one kind of place to another. From a space self-regulated to a
space regulated by self.
It might seem odd that there would be a place where the emergence of
democracy would so depress people. But this kind of reaction is not uncom-
mon in cyber-places. Katie Hafner and Matthew Lyon tell a story of the emer-
gence of a “widget” called the FINGER command on UNIX, that would allow
users to see when the last time another user had been on the computer, and
whether she had read her mail. Some thought (not surprisingly, I should
think) that this command was something of an invasion of privacy. Whose
business was it when I was last at my machine, and why should they get to
know whether I have read my mail?
A programmer at Carnegie Mellon University, Ivor Durham, changed the
command to give the user the power to avoid this spying finger. The result?
“Durham was flamed without mercy. He was called everything from spineless
to socially irresponsible to a petty politician, and worse—but not for pro-
tecting privacy. He was criticized for monkeying with the openness of the
network.”40
The values of the UNIX world were different. They were values embedded
in the code of UNIX. To change the code was to change the values, and mem-
bers of the community fought that change.
So too with the changes to LambdaMOO. Before the balloting, Lamb-
daMOO was regulated through norms. These regulations of social structures
were sustained by the constant policing of individual citizens. They were the
regulations of a community; the rise of democracy marked the fall of this
community. Although norms would no doubt survive the establishment of a
0465039146-01 12/5/06 12:27 AM Page 102
102
CODE 2.0
democracy, their status was forever changed. Before the democracy, a struggle
over which norms should prevail could be resolved only by consensus—by
certain views prevailing in a decentralized way. Now such a struggle could be
resolved by the power of a majority—not through what a majority did, but
through how they voted.
I’ve romanticized this bizarre little world far more than I intended. I do
not mean to suggest that the world of LambdaMOO before democracy was
necessarily better than the one after. I want only to mark a particular change.
Like CC, and unlike AOL, LambdaMOO is a place where norms regulate. But
unlike CC, LambdaMOO is now a place where members have control over
restructuring the norms.
Such control changes things. Norms become different when ballots can
overrule them, and code becomes different when ballots can order Wizards to
change the world. These changes mark a movement from one kind of norma-
tive space to another, from one kind of regulation to another.
In all three of these cyber-places, code is a regulator. But there are important
differences among the three. Norms have a relevance in CC and LambdaMOO
that they do not in AOL; democracy has a relevance in LambdaMOO that it
does not have in CC or AOL. And monitoring has a relevance in AOL that it
does not have in LambdaMOO or CC (since neither of the latter two use data
about individuals for commercial purposes, either internal or external to the
organization). Code constitutes these three communities; as Jennifer Mnookin
says of LambdaMOO,“politics [is] implemented through technology.”41 Differ-
ences in the code constitute them differently, but some code makes community
thicker than others. Where community is thick, norms can regulate.
The next space in this survey is also constituted by code, though in this
case the “management” has less ability to change its basic architecture. This
code is net code—a protocol of the Internet that is not easily changed by a sin-
gle user. At least it was not easy for me.
.law.cyber
His name was IBEX, and no one knew who he was. I probably could have fig-
ured it out—I had the data to track him down—but after he did what he did,
I did not want to know who he was. He was probably a student in the very first
class about cyberspace that I taught, and I would have failed him, because I
was furious about what he had done. The class was “The Law of Cyberspace”;
version one of that class was at Yale.
I say version one because I had the extraordinary opportunity to teach that
class at three extraordinary law schools—first at Yale, then at the University of
0465039146-01 12/5/06 12:27 AM Page 103
cyberspaces
103
Chicago, and finally at Harvard. These were three very different places, with
three very different student bodies, but one part of the course was the same in
each place. Every year a “newsgroup” was associated with the class—an elec-
tronic bulletin board where students could post messages about questions
raised in the course, or about anything at all. These postings began conversa-
tions—threads of discussion, one message posted after another, debating or
questioning what the earlier message had said.
These newsgroups constituted what philosophers might call “dialogic
communities.” They were spaces where discussion could occur, but where
what was said was preserved for others to read, as in CC. That was the dialogic
part. The community was what was made over time as people got to know
each other—both in this space and in real space. One year students in the class
and students outside the class (who had been watching the .law.cyber discus-
sions develop) had a party; another year the students outside the class were
invited to attend one class. But over the three years, at three different schools,
it was clear that three communities had been made. Each was born on a par-
ticular date, and each lived for at least a couple of months.
My story here comes from Yale. Yale is an odd sort of law school, though
odd in a good way. It is small and filled with extremely bright people, many of
whom do not really want to be lawyers. It fashions itself as a community, and
everyone from the dean on down (not a “Yale” way to describe things) strives
continuously to foster and sustain this sense of community among the stu-
dents. To a large extent, it works—not in the sense that there is perpetual
peace, but in the sense that people everywhere are aware of this sense of com-
munity. Some embrace it, others resist it, but resistance, like an embrace, says
that something is there. One does not resist the community of people on a
Greyhound bus.
One extraordinary feature of the Yale Law School is “the Wall.” The Wall
is a place where people can post comments about whatever they want to say.
A letter can be posted about gay rights at Yale, or a protest about Yale’s treat-
ment of unionized workers. Political messages are posted as well as points
about law. Each posting makes additional ones possible—either scribbled on
the original post or appended underneath the post.
An extraordinary sign for any visitor, the Wall is located right at the center
of the law school. In the middle of a fake Gothic structure is a stone space with
scores of papers posted in random fashion. Around the posts stand wandering
students, reading what others have said. This is Yale’s speakers’ corner, though
the speakers are writers, and the writing is substantive. There is little to be
gained on the Wall through rhetoric; to gain respect there, you must say some-
thing of substance.
0465039146-01 12/5/06 12:27 AM Page 104
104
CODE 2.0
One rule, however, governs this space. All postings must be signed; any
posting without a signature is removed. Originally, no doubt, the rule meant
that the posting must be signed by the person who wrote it. But because this
is Yale, where no rule can exist without a thousand questions raised, a custom
has emerged whereby an anonymous post can be signed by someone not its
author (“Signed but not written by X”). That signature gives the post the
pedigree it needs to survive on the Wall.
The reasons for this rule are clear, but so too are its problems. Let’s say you
want to criticize the dean for a decision he has made. The dean, however
sweet, is a powerful person, and you might well prefer to post a message with-
out your name attached to it. Or say you are a student with political views that
make you an outsider. Posting a message with those views and your signature
might draw the scorn of your classmates. Free speech is not speech without
consequence, and scorn, or shame, or ostracism are likely consequences of lots
of speech.
Anonymity, then, is a way around this dilemma. With anonymity, you
can say what you want without fear. In some cases, for some people, the right
to speak anonymously makes sense.
Still, a community might want to resist this right. Just as anonymity might
give you the strength to state an unpopular view, it can also shield you if you
post an irresponsible, or slanderous, or hurtful view. You might want to ques-
tion the policies of the dean, or you might want falsely to accuse a fellow stu-
dent of cheating. Both utterances benefit from anonymity, but the community
has good reason to resist utterances like the second.
As far as I know, IBEX never said anything on the Wall. Instead, he spoke
in the newsgroup associated with my class. By design, the newsgroup was
open to anyone at Yale who wanted to speak. Unlike the Wall, however, the
technology allowed users to call themselves whatever they wanted. “IBEX,” of
course, was a pseudonym. For purposes of the Wall, a pseudonym was just like
anonymous speech—you did not have to use your real name. But in a news-
group a pseudonymous posting is quite different from an anonymous post-
ing. Over time you can come to know the character of a pseudonym. In the
class that year, along with IBEX, we had SpeedRacer, MadMacs, CliffClaven,
Aliens, blah, and Christopher Robbin. While members of the class might
know who these participants were (we all knew who MadMacs was, but only
a few of us knew SpeedRacer), each pseudonym had a character.
The character of IBEX was bad; this much was clear from the start. Before
IBEX appeared, life in the space flourished. At first people were timid, but
polite. Brave souls would post an idea or a joke, and conversation would con-
tinue around the idea or joke for a bit. After a couple of weeks the conversa-
0465039146-01 12/5/06 12:27 AM Page 105
cyberspaces
105
tion would become quite intense. Patterns of exchange began. People had
questions; others had answers. People stumbled as they spoke, but they were
beginning, slowly, to speak.
Some things about how they spoke were immediately noticeable. First,
women spoke more in this space than they did in class. Maybe not more in a
statistically significant sense, but more.42 Second, helpers quickly developed
and differentiated from those who received their help. Soon a class developed
online—a real class that identified itself as such and spoke as a class in a way
that a teacher dreams of in real space, and in a way I had never known.
Why this happened I could not really say. Una Smith may have been a cat-
alyst. I said that I taught this course three times. Each time (without my inter-
vention at all) there was an Una Smith participating in the newsgroup. At Yale
she was a real person, but after Yale I thought of her as a type. She was always
a woman from outside the class; she was always extremely knowledgeable
about the Net and about USENET; and she always wandered into my (virtual)
class and began telling the others how they should behave. When someone
violated a norm of the Net, Una would correct them. Often this instruction was
not taken terribly well (these were, after all, law students). Soon the class would
rally to defend the instructed and to challenge her to defend her rules. And of
course, expert that she was, she usually had an answer that did defend the
rules she had dictated. This exchange soon became a focus of the class. Una had
drawn their anger, and the class gained cohesiveness as a result.
About a month and a half into the course, the group reached an apex of
sorts. It became the best it would be. I remember the moment well. Early on
a spring afternoon I noticed that someone had posted the first line of a poem.
By the end of the day, without any coordination, the class had finished the
poem. There had been rhythm to the exchanges; now there was rhyme. Things
hummed in the newsgroup, and people were genuinely surprised about this
space.
It was then that IBEX appeared. I think it was just after we had discussed
anonymity in class, so maybe his later claims to have been serving a pedagog-
ical role were true. But he appeared after one of our classes—appeared, it
seemed, just to issue an attack on another member of the class. Not an attack
on his ideas, but on him. So vicious and so extensive was this attack that when
I read it, I didn’t know quite how to understand it. Could it have been real?
Almost immediately, conversation in the group died. It just stopped. No
one said anything, as if everyone were afraid that the monster that had entered
our space would turn his fury on one of them next. Until, that is, the victim
responded, with an answer that evinced the wounds of the attack. IBEX’s
words had cut. The victim was angry and hurt, and he attacked back.
0465039146-01 12/5/06 12:27 AM Page 106
106
CODE 2.0
But his salvo only inspired another round of viciousness, even more vile
than the first. With this, other members of the class could not resist joining in.
IBEX was attacked by a string of characters in the class as cowardly for hiding
behind a pseudonym and as sick for what he had said. None of this had any
effect. IBEX came back, again and again, with an ugliness that was as extreme
as it was unrelenting.
The space had been changed. Conversation fell off, people drifted away.
Some no doubt left because they were disgusted with what had happened;
others did not want to be IBEX’s next target. There was a brief period of life
in the space as people rallied to attack IBEX. But as he came back again and
again, each time more vicious than the last, most simply left. (One time IBEX
came back to protest that he had been wronged; in the week before, he
claimed, he had not posted anything, but someone wearing the white sheet of
IBEX had posted in IBEX’s name, so that he, the real IBEX, had been defamed.
The class had little sympathy.)
But it was not just the online class that changed. As we met face to face
each week, I felt the atmosphere bend. People felt the creature in the room,
though no one could believe he was a student at the Yale Law School. This was
their classmate, hiding behind a smile or a joke in real space, but vicious in
cyberspace. And the very idea that this evil was hidden under a smile changed
how people felt about smiles.
Some called this the “David Lynch effect,” an allusion to the director who
portrays the rot of society just under freshly painted façades. We felt in that
class the rot of our community just under the surface of smiling and func-
tional students. There was a (relatively tame) Jake Baker in our midst. The
space had permitted behavior that destroyed community—community that
the space itself had created. Community had been created in part through the
ability to hide—to hide behind a benign pseudonym; to hide hesitation, or
editing, in the writing; to hide your reaction; to hide that you were not paying
attention. These anonymities had made the community what it was. But the
same anonymity that created the community gave birth to IBEX as well, and
thus took the community away.
SecondLi(f/v)e(s)
These four places that I have just described were all described in the first edi-
tion of this book, each in just about the same terms. They’re old stories, and
the lessons they teach are still precisely the lesson this chapter is meant to
convey. But I don’t mean to suggest that there’s been no interesting progress
in the cyberspaces that the Internet has inspired. The last five years have wit-
0465039146-01 12/5/06 12:27 AM Page 107
cyberspaces
107
nessed an explosion in cyberspaces, much more dramatic than anything I
imagined when I first wrote this book.
In one sense, these spaces are nothing really new. They have fancy new
technology that, because computers are faster and bandwidth is broader, func-
tions much better than their earlier versions. But the MMOG space I
described in Chapter 2 was inspired by real places.
What’s changed, however, is size. As Julian Dibbell described it to me, the
question is
does size matter in these kinds of spaces? And I think it does. The text-based
world is naturally limited in size. The limit is not so much text versus graphics
as it is limited cultural accessibility versus a much broader accessibility. That
makes for larger spaces.43
The result is “something socially richer in a lot of ways,”“not so much the
particular affordances of 3D graphic imagery, which will also someday look
pretty crude.”
Massively Multiple Online Role Playing Games (again, MMOGs, or
MMORPGs) have become a whole industry. Literally millions spend hun-
dreds, sometimes thousands of hours each year in these spaces along with lit-
erally billions of dollars to live these second lives. While living these second
lives, of course, they are also living a life in real space. When they’re playing
the MMOG World of Warcraft, they are at the same time playing father or
wife in real space. They have thus not left the real world to go to these other
places. But they integrate the other places into their real world life, and the last
five years has seen an explosion in the percentage of real-world life that is
lived virtually.
These “games” can be divided roughly into two types. In one type, people
“play” a game that has been defined by others. These are “role-playing games.”
Thus, World of Warcraft is a role-playing game in which people compete to
gain wealth and status (making it not so different from real life). Grand Theft
Auto is a game in which people engage in a kind of virtual crime. These games
all have a structure to them, but they differ in the degree to which people can
customize or create their own characters or environments. The vast majority
of online games are role-playing games in this sense. One site that tracks these
communities estimates 97 percent are role-playing games of some sort.44
The second type involves much more construction. These spaces provide
communities in which people at a minimum socialize. In addition to social-
izing, there is creative and commercial activity. Depending upon the game,
the mix among these activities differs substantially. But they all aim to create
0465039146-01 12/5/06 12:27 AM Page 108
108
CODE 2.0
a virtual world that inspires a real community within itself. These games are
an extension of the MOOs I described above. But they extend the virtual
community of a MOO beyond those who feel comfortable manipulating
text. These worlds are graphically real, even if they are virtual.
Of course, within both of these types of MMOGs, there is creativity. The
differences between them are simply a matter of degree. And within both,
there is commerce. Second Life—described more below—generates over
“$4,000,000 U.S. in interpersonal transactions”45 a month. Aggregated across
games, as Edward Castronova describes, there is a great deal of commerce
produced by these virtual worlds.
“The commerce flow generated by people buying and selling money and
other virtual items (that is, magic wands, spaceships, armor) amounts to at
least $30 million annually in the United States, and $100 million globally.”46
And more interesting (and bizarre) is Castronova’s estimate of the gross
national product per capita produced in various virtual worlds. EverQuest, for
example, has a GDP which is about half that of “the Caribbean Island Nation
of Dominica.”47 And the GDP per capita of Norrath “was about the same as
Bulgaria’s and four times higher than China’s or India’s.”48
For my purposes here, however, I want to focus on the second type of
MMOG, and two of these in particular. The first was an early leader in this
space—There. The second is a growing and extraordinary success—Second
Life.
Second Life is, as its website describes, “a 3-D virtual world entirely
built and owned by its residents.” 3-D in the sense that the experience seems
three dimensional—the characters and the objects appear to be in three
dimensions. A virtual world in the sense that the objects and people are
rendered by computers. Built by its residents in the sense that Second Life
merely provided a platform upon which its residents built the Second Life
world. (And not just a few. On any given day, 15 percent of Second Life res-
idents are editing the scripts that make Second Life run.49 That platform
originally rendered beautiful green fields. Residents acquired land in that
world, and began building structures.) And owned by its residents in the
sense that the stuff that the residents of Second Life build is theirs—both
the “physical” thing itself (the car, or the surfboard, or the house), and any
intellectual property right which might be embedded in that thing that they
have built.
It is this last feature that contrasts most interestingly (for me at least)
with the other MMOG that I mentioned, There. There was also a community
site. But it was a radically different (and less successful) world from Second
Life. It was to be centered around corporate franchises—Sony or Nike, for
0465039146-01 12/5/06 12:27 AM Page 109
cyberspaces
109
example, were expected to set up shop in There. People would also be allowed
to create things in There, and when they sold or gave them away, There would
get a percentage. The space itself came much more pre-fab, but there was sig-
nificant opportunity for customization.
Its founders crafted the rhetoric of There at least around (at least their
understanding of) the ideals of the United States. The exchange rate for
There-bucks was 1787 to 1—1787 being the year the United States Constitu-
tion was written. And as the then-CEO of There explained to a class I was
teaching, the values of the American republic informed the values of There.
My students were skeptical. And one fantastically bright student, Cather-
ine Crump, gave the CEO a bit of a rough ride. She asked whether There
would respect the principles of the First Amendment. “Of course,” responded
the CEO. “Would a citizen of There be allowed to put a sign on his land?”“Of
course.” “Would she be allowed to buy land next to, say, Nike?” “Of course.”
“Would she be allowed to put a sign up on her land next to Nike that says
‘Nike uses sweatshop labor’?” “Umm. I’m not sure about that.” So much for
the First Amendment.
Or more relevantly to Second Life, Crump asked, “Who owns the IP
[intellectual property] in the designs a citizen creates?” “There does.” “Who
owns the IP in the designs Nike creates?”“Of course, Nike does. How could it
be any other way?” Well, it could be another way if you followed the principles
of the American Constitution, Crump suggested, which said IP rights get
vested in “authors or inventors,” not in corporations.
There’s real problem, however, was structural. It is the same problem of
any planned or centralized economy. There was to be built by There, Inc. And
therein was its problem. The structures of these virtual worlds are extraordi-
narily complex. The cost of building them is immense, and thus There, Inc.
faced a huge capital cost in making There run.
Second Life (like all new nations) outsourced that cost of construction to
its citizens. When you buy land in Second Life, you get an empty field or
deserted island. You then have to buy, barter, or build to make it habitable.
There’s an economy to building it, and it can be hard work. But the things you
build you can sell. And again, the designs you make are yours. More than
100,000 people now inhabit, and construct, Second Life. For them, the game
is what it says.
These current rules, however, are the product of an evolution in Second
Life. In the first public Alpha testing of the site that would become Second
Life, there was no concept of land ownership. Everything was public. The
ownership of land began with Beta testing, when all users could claim the
public land at a price. When the land was claimed, the user could select
0465039146-01 12/5/06 12:27 AM Page 110
110
CODE 2.0
whether others could create objects, scripts, or landmarks for the land. Later
the options were extended.
In version 1.1, there was a fairly major change to the physics of land.
Whereas before users were free to teleport anywhere, now, to avoid harass-
ment, owners of land could decide whether others could “trespass” or not—
either by setting a default to grant or deny access, or by adding a list of people
who were free to visit. These restrictions, however, applied only to the first 15
meters above the property. Beyond that, anyone was free to fly, even if the
owner didn’t want them on the property.
Now this last restriction has an interesting parallel to the history of Amer-
ican law. As I describe in Free Culture,50 property law in the American tradi-
tion considered the owner of land the owner of the space from the ground “an
indefinite extent, upwards.”51 This created an obvious conflict when airplanes
appeared. Did the pilot of an airplane trespass when he flew over your land?
The accommodation the law eventually drew was between flying very
low and flying very high. It was not trespassing to fly very high over someone’s
land; it was a nuisance to fly very low over someone’s land. So something like
the solution that Second Life achieved was also achieved by the law.
But notice the important difference. In real space, the law means you can
be penalized for violating the “high/low” rule. In Second Life, you simply
can’t violate the 15-meter rule. The rule is part of the code. The code controls
how you are in Second Life. There isn’t a choice about obeying the rule or not,
any more than there’s a choice about obeying gravity.
So code is law here. That code/law enforces its control directly. But obvi-
ously, this code (like law) changes. The key is to recognize that this change in
the code is (unlike the laws of nature) crafted to reflect choices and values of
the coders.
Consider another illustration of the same point. As I said, Second Life
gives the creators of Intellectual Property in Second Life ownership of that
property—both inside and outside Second Life.52 (As one of the founders
described, “Our lawyers shook their heads, but we decided the future of our
company isn’t tied up in our owning what our users create.”53) That’s the
same with IP in real space: Unless you’ve signed your rights away to a corpo-
ration (don’t!), when you create in real space, the law automatically gives you
a copyright in your creativity. In both spaces, too, you have the right to give
those rights away. I run a nonprofit called Creative Commons that makes it
simple for creators to signal the freedoms they want to run with their creativ-
ity. In real space, when you use a Creative Commons license, you mark your
content with the license you want. Users then know the freedoms they have.
If a right is violated, it gets remedied through the law.
0465039146-01 12/5/06 12:27 AM Page 111
cyberspaces
111
Second Life has taken this idea one step further. Creators in Second Life
can mark their content with the license they want. But the wizards of this
world are exploring the idea that the license they’ve selected could affect
directly what others can do with that creativity. If content is marked with a
Creative Commons license, then someone can take a picture of it without
express permission. But if it is not marked with a license, then if you try to
take a picture of it, the object will be invisible. Here again, the code expresses
the law more effectively than the law in real space ever could.
The Internet
As I said, we can distinguish cyberspace from the Internet. But the point of
this chapter, however clear with respect to cyberspace, is still true of the Inter-
net. There are architectural features of the Internet that embed certain values.
Those features can also change, and if they do, the values the Internet pro-
motes will be different.
The most significant example of this is one I only mentioned in the first
edition of this book, but which was at the center of The Future of Ideas. This
is the “end-to-end” principle described by network architects Jerome Saltzer,
David Clark, and David Reed in 1981.54 The end-to-end (“e2e”) principle is a
design philosophy about how networks should be built. It counsels that a
network should be kept as simple as possible and that the intelligence required
in a network be vested in the edge, or ends of a network, at least so far as that’s
possible.
As I’ve already described, the Internet embodied this principle by keeping
the functionality of TCP/IP focused quite narrowly—that is, on the single
function best-efforts delivery of packets of data. What those packets do, or
who they’re meant for, is not a concern of the protocol. Just delivering packets
is the end.
One consequence of this design, then, is that people can innovate for this
network without any need to coordinate with any network owner. If you want
to develop an application to deliver voice across IP, then all you need to do is
to write the application to use the TCP/IP protocols to send data across the
network in a way that will make your application run.
This design embeds a value that encourages innovation in applications
for the network. It does so both because it minimizes the costs of developing
new applications (you don’t need the hassle of asking or clearing permission
with anyone) and because it avoids strategic behavior by the network owner.
Consider again the idea of developing a Voice-over-IP application. If the net-
work is owned by the telephone companies, they would not be excited about
0465039146-01 12/5/06 12:27 AM Page 112
112
CODE 2.0
an application that will cannibalize their telephone market. Thus, if permis-
sion were required before the VOIP application could be deployed, we might
well expect the VOIP application not to be deployed—either because some-
one developed it, but it was blocked, or because smart developers knew it was
a waste of time to develop it, because it would be blocked. As Susan Crawford
describes, “The miraculous growth of the Internet has in large part come
from the nondiscrimination against higher levels. . . . Innovators at the appli-
cation layer have been able to assume the continued stable existence of the
lower layers.”55
The value here is innovation and competition. The network empowers
the widest range of innovators—users of the network—and entitles all of
them to innovate for this network. Any innovation can be deployed on the
network (so long as it respects the TCP/IP protocols). If users of the network
like the innovation, then the innovation is a success.
Simultaneously—at least so long as the e2e principle is respected—this
design disables the potentially most powerful actor in the network, the net-
work owner, from interfering with the opportunity for innovation within the
network. The network owner might not like the stuff being developed, but e2e
disables the opportunity to block that development.
In the same way that the original TCP/IP network could be effectively
changed so that “gaps” in information about that network could be closed, the
TCP/IP network could be changed to remove its e2e character. Indeed, the
very tools that I described in Chapter 4 could have this effect. For example, a
network owner could scan the packets that were traveling across its network
and block any packet that didn’t come from a known, or approved, applica-
tion. To get on that list, application developers would have to contact the net-
work owner and ask to be included on the list. That change to the way the
Internet functions is completely technically possible. Indeed, versions of it
are being pursued for both competitive and security reasons. That is, some
networks, keen to control the kind of applications that run on the network for
competitive reasons, could use this to block disfavored applications (again,
think of telephone companies blocking VOIP). Others, keen to avoid viruses
or other trouble on their network, could simply decide to block everything to
make life simple. Either reason would produce the same result: that innova-
tion on the Internet would be stifled.
As with the stories about “cyberspace,” this case about the Internet also
demonstrates the link between architecture and policy. End-to-end is a para-
digm for technology that embeds values. Which architecture we encourage is
a choice about which policy we encourage. This is true even in the context in
which the Internet is not a “place”—even where, that is, it is “just” a medium.
0465039146-01 12/5/06 12:27 AM Page 113
cyberspaces
113
HOW ARCHITECTURES MATTER AND SPACES DIFFER
The spaces I have described here are different. In some places there is commu-
nity—a set of norms that are self-enforcing (by members of the community).
Features such as visibility (as opposed to anonymity) and nontransience help
create those norms; anonymity, transience, and diversity make it harder to
create community.
In places where community is not fully self-enforcing, norms are supple-
mented by rules imposed either through code or by the relevant sovereign.
These supplements may further some normative end, but at times they can be
in tension with the goal of community building.
If we had to simplify this diversity of spaces by finding a dimension along
which we could rank them, one such dimension might be each group’s
amenability to control. Some groups on this list can be controlled only
through norms—.law.cyber, for example. The only technology for changing
behavior there—given my commitment not to monitor and punish bad
behavior—was the norms of the students in the law school class. Other
groups are amenable to other technologies of control. Indeed, as we move
from .law.cyber to CC to LambdaMOO to AOL to Second Life, the ability to
use these other technologies of control increases, though, of course, that abil-
ity is constrained by competition. If the code makes the place no longer
attractive, people will leave.
Thus, in CC and AOL, the architects could use technology to change
behavior. But if the change is too far removed from what most members think
the space is about, members may simply leave. The threat of that constraint
turns upon the alternatives, of course. As blogs have flourished, a space like
CC would have relatively little market power. AOL’s market power is more
complicated. There are many alternative ISPs, of course. But once you’re a
member of one, the costs of migrating are significant.
In LambdaMOO the story is even more complicated. Nothing really
binds people to a particular MOO. (There are hundreds, and most are free.)
But because characters in a MOO are earned rather than bought, and because
this takes time and characters are not fungible, it becomes increasingly hard
for members of a successful MOO to move elsewhere. They have the right to
exit, but in the sense that Soviet citizens had the right to exit—namely, with
none of the assets they had built in their particular world.
Finally, Second Life offers the potential for the most control. Code regu-
lates experience in Second Life more than in any of the other four spaces,
and the intimacy of experience in Second Life pulls people into the space and
makes escape costly. Again, there are limits to the control, but the controls are
0465039146-01 12/5/06 12:27 AM Page 114
114
CODE 2.0
more finely articulated here than in any of the other contexts. And if Philip
Rosedale, the CEO of Second Life, is to be believed, the control through code
here will only become more subtly expressed. As he described to me:
[O]ur feeling is . . . that we should aggressively move into code anything we can,
because of the enhanced scalability it gives us. And we should execute policy out-
side of code only when absolutely necessary or unfeasible. There are things
where we look at them and we say, “Well, we’ll be able to do that in code some
day, but for today, we’re just going to do it by hand.”56
REGULATING CODE TO REGULATE BETTER
I’ve surveyed a range of cyberspaces to make clear the elements of regulation
within each. One increasingly important element is code. In cyberspace in
particular, but across the Internet in general, code embeds values. It enables,
or not, certain control. And as has been the focus of this part, it is also a tool
of control—not of government control, at least in the cases I’ve surveyed—
but instead control to the end of whatever sovereign does the coding.
These stories suggest a technique, and once we see the idea, we’ll recog-
nize the technique in many different contexts of regulation. If Second Life can
use code to better control behavior, what about first-life? If AOL can use code
to better control fraud, what about America off-line? If the Internet can use
the design of e2e to better enable competition, what does that teach regulators
on the ground? How do these techniques of policy inform the practice of
policy makers?
The answer is that policy makers have done the same in real space for a
long time. Just as Chapter 5 described regulators using code to make behavior
more regulable, so too have regulators used code to directly control behavior.
Consider a few obvious examples:
Tapes
The most significant feature of digital media is that copies can be perfect.
Digital media is just data, and data is just a string of 1’s and 0’s. Computers
have complex algorithms to verify that when they’ve copied a string of data
they’ve copied that string precisely.
This feature thus creates a new risk for sellers of content. While the code
of analog copying technology meant that a copy was a degraded version of the
original, the code of digital technologies means that a copy could be identical
0465039146-01 12/5/06 12:27 AM Page 115
cyberspaces
115
to the original. That means the threat to content providers from “copies” is
greater in the digital world than in the analog world.
Digital Audio Technology (DAT) was the first technology to expose this
risk. Like any digital recording, it can, in principle, copy content perfectly.
Content providers were thus terrified that piracy from DAT tapes would
destroy their industry, so they lobbied Congress effectively to add new laws to
protect them from the digital threat.
Congress could have responded to their request in any number of ways.
It could have used law to regulate behavior directly, by increasing the penalty
for illegal copying. It could have funded a public ad campaign against illegal
copying or funded programs in schools to discourage students from buying
pirated editions of popular recordings. Congress could have taxed blank tapes
and then transferred the revenue to owners of copyrighted material.57 Or
Congress could have tried to regulate DAT technology to weaken the threat
that technology presented for copyright.
Congress chose the latter two. The Audio Home Recording Act both taxed
blank tapes slightly and regulated the code of digital reproduction technolo-
gies directly. The Act requires producers of digital recording devices to install
a chip in their systems that implements a code-based system to monitor the
copies of any copy made on that machine.58 The chip would allow a limited
number of personal copies, but on copies of copies, the quality of the record-
ing would be degraded. Congress in essence required that the code of digital
copying be modified to restore the imperfections that were “natural” in the
earlier code.
This again is Congress regulating code as a means of regulating behav-
ior—mandating that multiple copies be imperfect as a way to minimize illegal
copying. Like the telephone regulation, this regulation succeeds because there
are relatively few manufacturers of DAT technology. Again, given a limited tar-
get, the government’s regulation can be effective, and the effect of the govern-
ment’s regulation is to make more regulable the primary targeted
behavior—copyright infringement.
Televisions
By the mid-1990s, parents’ concern about the effect that violence on television
has on their kids had caught the attention of Congress, and Congress
responded through legislation. But given the state of First Amendment law, it
would have been difficult for Congress to block violence on television directly.
Thus, Congress sought a way to block violence on television indirectly. It
sought to require that those broadcasting television content tag their content
0465039146-01 12/5/06 12:27 AM Page 116
116
CODE 2.0
with labels that signaled the level of violence in the film, and it mandated
that the television industry develop a technology to block content on the
basis of those labels.
This was the “V-Chip,” mandated as part of the Telecommunications Act
of 1996.59 The V-chip would facilitate the automatic blocking of television
broadcasts, based on criteria of content that have not yet been completely
determined. The crudest proposals involve something like the Motion Picture
Association’s movie rating system; the more sophisticated envision selections
based on a much richer set of factors.
This again is Congress regulating code to affect a targeted behavior (pro-
viding violent programming) rather than regulating that behavior directly.
The constraint on direct regulation here is similarly a regulability problem.
But the lack of regulability in this context comes from constitutional limits,
not the inability to track those being regulated by the technology. The con-
straint of the Constitution thus pushed Congress to require technology to
empower parents. By giving parents more power to discriminate, Congress
indirectly discourages an ill (exposure to violence) that it is constitutionally
unable to regulate directly.60
Anti-Circumvention
Whatever problem the content industry had with DAT tapes, no doubt they
look tiny compared with the problems the content industry has with digital
content and the Internet. Although DAT makes perfect copies possible, it
doesn’t make distributing those perfect copies any easier. That honor fell to
the Internet. Now digital technology not only assured perfect copies of the
original, it also made it trivial to distribute those digital copies for free.
As I describe more in Chapter 10, one response to this “feature” of digital
technologies is “digital rights management” technology. DRM technologies
add code to digital content that disables the simple ability to copy or distrib-
ute that content—at least without the technical permission of the DRM tech-
nology itself.
Thus, the songs I’ve purchased and downloaded from Apple’s iTunes
music store are protected by Apple’s “fairplay” DRM technology. That tech-
nology permits me to copy the song to a limited number of machines, but it
restricts my ability to copy those songs broadly.
This restriction is effected through code. The “copy” function is produced
through code; the DRM technology modifies, or qualifies, that “copy” func-
tionality. It is thus a classic example of code being deployed to restore control
over something that (different) code had disabled.
0465039146-01 12/5/06 12:27 AM Page 117
cyberspaces
117
These systems of DRM are privately created. But in 1998, they got an
important subsidy of protection from Congress. In the Digital Millennium
Copyright Act, Congress banned the creation and distribution of technologies
“produced for the purpose of circumventing a technological measure that
effectively controls access” to a copyrighted work, or “primarily designed or
produced for the purpose of circumventing protection afforded by a techno-
logical measure that effectively protects a right of a copyright owner.”61 By
banning this code, Congress aimed to add support to the code content cre-
ators were distributing to protect their content. Thus, by directly regulating
code, Congress indirectly regulated copyright infringement.
Since this enactment, there has been no end to trouble and litigation
surrounding it. Beginning in 1999, the DVD-Copy Control Association
began suing individuals and websites that facilitated access to a program,
DeCSS, which could be used to decrypt data on DVDs.62 In July 2001, 27-
year-old Russian programmer Dmitry Sklyarov was arrested while giving a
presentation in Las Vegas because the company he worked for in Russia
had produced software that enabled people to circumvent the access protec-
tion technologies built into Adobe’s eBook system.63 Sklyarov spent six
months in an American jail before he was permitted to return to his family
in Russia.
The effect of this regulation is hard to measure. The Electronic Frontier
Foundation has cataloged its view of the law’s effect five years after the law was
enacted.64 And while the EFF’s view may not be universal, there is a fairly
universal surprise at the range of cases that have been brought under the
statute. (I doubt the framers of the DMCA imagined that garage door com-
panies would be suing to protect their automatic door openers from compe-
tition under the DMCA (they lost).65)
Broadcast Flags
As broadcast television moves to digital television, copyright holders have
become concerned about the risk they face in broadcasting copyrighted con-
tent. Unlike an ordinary television broadcast, the quality of a digital broadcast
is perfect, so copies of digital broadcasts could likewise be perfect. And the
spread of perfect copies of digital broadcasts on a free digital network (the
Internet) terrifies copyright holders.
Their response is similar to the response with DAT technologies. First in
the FCC, and now in Congress, copyright holders have pushed the govern-
ment to mandate that any technology capable of reproducing digital broad-
casts be architected to respect a “broadcast flag.” If that flag was turned on,
0465039146-01 12/5/06 12:27 AM Page 118
118
CODE 2.0
then the technology would be required to block any copy of that content.
The content could be played, but it couldn’t be reproduced. As Susan Craw-
ford describes it,
The broadcast flag rule, distilled to its essence, is a mandate that all consumer
electronics manufacturers and information technology companies ensure that
any device that touches digital television content “recognized and give effect to”
the flag by protecting content against unauthorized onward distribution. The
FCC claimed that the rule would protect digital television (“DTV”) broadcasts
from massive redistribution over the Internet.66
There is a lot to say about the broadcast flag, and if I were doing the say-
ing, most of it would be bad.67 But for our purposes, it is the form, not sub-
stance, of the broadcast flag that is relevant. This is the most direct example
of a regulation of code designed to control primary behavior: law regulating
code to make behavior better.
{TXB2}
In each case, the government directs an intermediary that has some power
over code to change that code to effect a change in behavior. Whether that
change in code will effect a change in behavior depends upon the power of the
particular application. If the application is a MOO, or an online discussion
space like Counsel Connect, the power to control behavior is significantly
limited. If the application is AOL or Second Life, the exit costs for a user could
well be higher. The scope for effective regulation will thus be greater. And if
the application is the Internet, or any digital technology produced or sold in
the United States, then the power of the regulator is greater still. Code
becomes law even if there remains a capacity to escape the regulation of that
code.
These examples point to a general question about how regulation will
function. That general point requires many significant qualifications. To
understand the effect of code requirements on any regulatory policy will
require, as Polk Wagner writes, an understanding that is “profoundly
dynamic.”68 Part of that dynamic, of course, is resistance. Individuals can act
to resist the force of code directly. Or individuals can act to resist the force of
code through code. As Tim Wu has rightly described, code itself is not neces-
sarily regulation enhancing—code can be used to foil regulation. A gun is a bit
of code. It works wonders to destroy the peace. Circumvention technologies
are code. They weaken rules reinforcing control. P2P filesharing protocols
are code. They undermine the effectiveness of copyright regulations that
restrict the freedom to distribute copyrighted works. Whether a particular
0465039146-01 12/5/06 12:27 AM Page 119
cyberspaces
119
regulation will be effective, then, requires consideration of these interactions,
and any code-based resistance it might engender. As Wu puts it,
The reason that code matters for law at all is its capability to define behavior on
a mass scale. This capability can mean constraints on behavior, in which case
code regulates. But it can also mean shaping behavior into legally advantageous
forms.69
In this second sense, code functions “as an anti-regulatory mechanism: a
tool to minimize the costs of law that certain groups will use to their advan-
tage.”70
More fundamentally, these complications suggest that a more general
framework is needed. I’ve highlighted an interaction between technology,
policy, and the law in this chapter. That interaction suggests a much broader
model. In the next chapter, I describe that model. In the chapter following
that, we will return to the dynamic of code regulation to consider one other
important qualification.
0465039146-01 12/5/06 12:27 AM Page 120
S E V E N
w h a t
t h i n g s
r e g u l a t e
JOHN STUART MILL WAS AN ENGLISHMAN. HE WAS ALSO ONE OF THE MOST
influential political philosophers in America. His writings ranged from
important work on logic to a still striking text about sexual equality, The Sub-
jection of Women. But perhaps his most important continuing influence
comes from a relatively short book titled On Liberty. Published in 1859, this
powerful argument for individual liberty and diversity of thought represents
an important view of liberal and libertarian thinking in the second half of the
nineteenth century.
“Libertarian,” however, has a specific meaning for us. For most, it associ-
ates with arguments against government.1 Government, in the modern liber-
tarian’s view, is the threat to liberty; private action is not. Thus, the good
libertarian is focused on reducing government’s power. Curb the excesses of
government, the libertarian says, and you will ensure freedom for your society.
Mill’s view was not so narrow. He was a defender of liberty and an oppo-
nent of forces that suppressed it, but those forces were not confined to govern-
ment. Liberty, in Mill’s view, was threatened as much by norms as by
government, as much by stigma and intolerance as by the threat of state pun-
ishment. His objective was to argue against these private forces of coercion.
His work was a defense against liberty-suppressing norms, because, in Eng-
land at that time, these were the real threat to liberty.
Mill’s method is important, and it should be our own as well. It asks,
What is the threat to liberty, and how can we resist it? It is not limited to ask-
ing, What is the threat to liberty from government? It understands that more
than government can threaten liberty, and that sometimes this something
more can be private rather than state action. Mill was not concerned with the
source of the threat to liberty. His concern was with liberty.
120
0465039146-01 12/5/06 12:27 AM Page 121
what things regulate
121
Threats to liberty change. In England, norms may have been the threat to free
speech in the late nineteenth century; I take it they are not as much a threat today.
In the United States in the first two decades of the twentieth century, the threat to
free speech was state suppression through criminal penalties for unpopular
speech; the strong protections of the First Amendment now make that particular
threat less significant.2 The labor movement was founded on the idea that the
market is sometimes a threat to liberty—not so much because of low wages, but
because the market form of organization itself disables a certain kind of freedom.3
In other societies, at other times, the market is a key to liberty, not the enemy.
Thus, rather than think of “liberty’s enemy” in the abstract, we should focus
upon a particular threat to liberty that might exist in a particular time and
place. And this is especially true when we think about liberty in cyberspace. I
believe that cyberspace creates a new threat to liberty, not new in the sense that
no theorist had conceived of it before,4 but new in the sense of newly urgent. We
are coming to understand a newly powerful regulator in cyberspace. That reg-
ulator could be a significant threat to a wide range of liberties, and we don’t yet
understand how best to control it.
This regulator is what I call “code”—the instructions embedded in the soft-
ware or hardware that makes cyberspace what it is. This code is the “built envi-
ronment” of social life in cyberspace. It is its “architecture.”5 And if in the middle
of the nineteenth century the threat to liberty was norms, and at the start of the
twentieth it was state power, and during much of the middle twentieth it was the
market, then my argument is that we must come to understand how in the
twenty-first century it is a different regulator—code—that should be our cur-
rent concern.
But not to the exclusion of other significant “regulators.” My argument is
not that there’s only one threat to liberty, or that we should forget other, more
traditional threats. It is instead that we must add one more increasingly salient
threat to the list. And to see this new, salient threat, I believe we need a more
general understanding of how regulation works—one that focuses on more
than the single influence of any one force such as government, norms, or the
market, and instead integrates these factors into a single account.
This chapter is a step toward that more general understanding.6 It is an
invitation to think beyond the threat to liberty from government power. It is a
map for this more general understanding.
A DOT’S LIFE
There are many ways to think about “regulation.” I want to think about it
from the perspective of someone who is regulated, or, what is different, con-
0465039146-01 12/5/06 12:27 AM Page 122
122
CODE 2.0
strained. That someone regulated is represented by this (pathetic) dot—a
creature (you or me) subject to different regulations that might have the effect
of constraining (or as we’ll see, enabling) the dot’s behavior. By describing the
various constraints that might bear on this individual, I hope to show you
something about how these constraints function together.
Here then is the dot.
How is this dot “regulated”?
Let’s start with something easy: smoking. If you want to smoke, what
constraints do you face? What factors regulate your decision to smoke or not?
One constraint is legal. In some places at least, laws regulate smoking—if
you are under eighteen, the law says that cigarettes cannot be sold to you. If
you are under twenty-six, cigarettes cannot be sold to you unless the seller
checks your ID. Laws also regulate where smoking is permitted—not in
O’Hare Airport, on an airplane, or in an elevator, for instance. In these two
ways at least, laws aim to direct smoking behavior. They operate as a kind of
constraint on an individual who wants to smoke.
But laws are not the most significant constraints on smoking. Smokers in
the United States certainly feel their freedom regulated, even if only rarely by
the law. There are no smoking police, and smoking courts are still quite rare.
Rather, smokers in America are regulated by norms. Norms say that one
doesn’t light a cigarette in a private car without first asking permission of the
other passengers. They also say, however, that one needn’t ask permission to
smoke at a picnic. Norms say that others can ask you to stop smoking at a
restaurant, or that you never smoke during a meal. These norms effect a certain
constraint, and this constraint regulates smoking behavior.
Laws and norms are still not the only forces regulating smoking behavior.
The market is also a constraint. The price of cigarettes is a constraint on your
ability to smoke—change the price, and you change this constraint. Likewise
with quality. If the market supplies a variety of cigarettes of widely varying
quality and price, your ability to select the kind of cigarette you want
increases; increasing choice here reduces constraint.
0465039146-01 12/5/06 12:27 AM Page 123
what things regulate
123
Finally, there are the constraints created by the technology of cigarettes, or
by the technologies affecting their supply.7 Nicotine-treated cigarettes are
addictive and therefore create a greater constraint on smoking than untreated
cigarettes. Smokeless cigarettes present less of a constraint because they can be
smoked in more places. Cigarettes with a strong odor present more of a con-
straint because they can be smoked in fewer places. How the cigarette is, how
it is designed, how it is built—in a word, its architecture—affects the con-
straints faced by a smoker.
Thus, four constraints regulate this pathetic dot—the law, social norms,
the market, and architecture—and the “regulation” of this dot is the sum of
these four constraints. Changes in any one will affect the regulation of the
whole. Some constraints will support others; some may undermine others.
Thus, “changes in technology [may] usher in changes in . . . norms,”8 and the
other way around. A complete view, therefore, must consider these four
modalities together.
So think of the four together like this:
In this drawing, each oval represents one kind of constraint operating
on our pathetic dot in the center. Each constraint imposes a different kind of
cost on the dot for engaging in the relevant behavior—in this case, smoking.
The cost from norms is different from the market cost, which is different
from the cost from law and the cost from the (cancerous) architecture of cig-
arettes.
0465039146-01 12/5/06 12:27 AM Page 124
124
CODE 2.0
The constraints are distinct, yet they are plainly interdependent. Each
can support or oppose the others. Technologies can undermine norms and
laws; they can also support them. Some constraints make others possible;
others make some impossible. Constraints work together, though they func-
tion differently and the effect of each is distinct. Norms constrain through the
stigma that a community imposes; markets constrain through the price that
they exact; architectures constrain through the physical burdens they impose;
and law constrains through the punishment it threatens.
We can call each constraint a “regulator,” and we can think of each as a
distinct modality of regulation. Each modality has a complex nature, and the
interaction among these four is also hard to describe. I’ve worked through this
complexity more completely in the appendix. But for now, it is enough to
see that they are linked and that, in a sense, they combine to produce the reg-
ulation to which our pathetic dot is subject in any given area.
We can use the same model to describe the regulation of behavior in
cyberspace.9
Law regulates behavior in cyberspace. Copyright law, defamation law, and
obscenity laws all continue to threaten ex post sanction for the violation of
legal rights. How well law regulates, or how efficiently, is a different question:
In some cases it does so more efficiently, in some cases less. But whether better
or not, law continues to threaten a certain consequence if it is defied. Legisla-
tures enact;10 prosecutors threaten;11 courts convict.12
Norms also regulate behavior in cyberspace. Talk about Democratic pol-
itics in the alt.knitting newsgroup, and you open yourself to flaming; “spoof ”
someone’s identity in a MUD, and you may find yourself “toaded”;13 talk too
much in a discussion list, and you are likely to be placed on a common bozo
filter. In each case, a set of understandings constrain behavior, again through
the threat of ex post sanctions imposed by a community.14
Markets regulate behavior in cyberspace. Pricing structures constrain
access, and if they do not, busy signals do. (AOL learned this quite dramati-
cally when it shifted from an hourly to a flat-rate pricing plan.)15 Areas of the
Web are beginning to charge for access, as online services have for some time.
Advertisers reward popular sites; online services drop low-population forums.
These behaviors are all a function of market constraints and market opportu-
nity. They are all, in this sense, regulations of the market.
Finally, an analog for architecture regulates behavior in cyberspace—
code. The software and hardware that make cyberspace what it is constitute a
set of constraints on how you can behave. The substance of these constraints
may vary, but they are experienced as conditions on your access to cyberspace.
In some places (online services such as AOL, for instance) you must enter a
0465039146-01 12/5/06 12:27 AM Page 125
what things regulate
125
password before you gain access; in other places you can enter whether iden-
tified or not.16 In some places the transactions you engage in produce traces
that link the transactions (the “mouse droppings”) back to you; in other
places this link is achieved only if you want it to be.17 In some places you can
choose to speak a language that only the recipient can hear (through encryp-
tion);18 in other places encryption is not an option.19 The code or software or
architecture or protocols set these features, which are selected by code writers.
They constrain some behavior by making other behavior possible or impos-
sible. The code embeds certain values or makes certain values impossible. In
this sense, it too is regulation, just as the architectures of real-space codes are
regulations.
As in real space, then, these four modalities regulate cyberspace. The same
balance exists. As William Mitchell puts it (though he omits the constraint of
the market):
Architecture, laws, and customs maintain and represent whatever balance has
been struck in real space. As we construct and inhabit cyberspace communities,
we will have to make and maintain similar bargains—though they will be
embodied in software structures and electronic access controls rather than in
architectural arrangements.20
Laws, norms, the market, and architectures interact to build the environ-
ment that “Netizens” know. The code writer, as Ethan Katsh puts it, is the
“architect.”21
But how can we “make and maintain” this balance between modalities?
What tools do we have to achieve a different construction? How might the
mix of real-space values be carried over to the world of cyberspace? How
might the mix be changed if change is desired?
ON GOVERNMENTS AND WAYS TO REGULATE
I’ve described four constraints that I’ve said “regulate” an individual. But
these separate constraints obviously don’t simply exist as givens in a social
life. They are neither found in nature nor fixed by God. Each can be
changed, though the mechanics of changing them is complex. Law can
have a significant role in this mechanics, and my aim in this section is to
describe that role.
A simple example will suggest the more general point. Say the theft of
car radios is a problem—not big in the scale of things, but a frequent and
costly enough problem to make more regulation necessary. One response
0465039146-01 12/5/06 12:28 AM Page 126
126
CODE 2.0
might be to increase the penalty for car radio theft to life in prison, so that
the risk faced by thieves made it such that this crime did not pay. If radio
thieves realized that they exposed themselves to a lifetime in prison each
time they stole a radio, it might no longer make sense to them to steal
radios. The constraint constituted by the threatened punishment of law
would now be enough to stop the behavior we are trying to stop.
But changing the law is not the only possible technique. A second might
be to change the radio’s architecture. Imagine that radio manufacturers
program radios to work only with a single car—a security code that elec-
tronically locks the radio to the car, so that, if the radio is removed, it will no
longer work. This is a code constraint on the theft of radios; it makes the
radio no longer effective once stolen. It too functions as a constraint on the
radio’s theft, and like the threatened punishment of life in prison, it could be
effective in stopping the radio-stealing behavior.
Thus, the same constraint can be achieved through different means,
and the different means cost different amounts. The threatened punishment
of life in prison may be fiscally more costly than the change in the architec-
ture of radios (depending on how many people actually continue to steal
radios and how many are caught). From this fiscal perspective, it may be
more efficient to change code than law. Fiscal efficiency may also align with
the expressive content of law—a punishment so extreme would be barbaric
for a crime so slight. Thus, the values may well track the efficient response.
Code would be the best means to regulate.
The costs, however, need not align so well. Take the Supreme Court’s
hypothetical example of life in prison for a parking ticket.22 It is likely that
whatever code constraint might match this law constraint, the law con-
straint would be more efficient (if reducing parking violations were the
only aim). There would be very few victims of this law before people con-
formed their behavior appropriately. But the “efficient result” would conflict
with other values. If it is barbaric to incarcerate for life for the theft of a
radio, it is all the more barbaric as a penalty for a parking violation. The reg-
ulator has a range of means to effect the desired constraint, but the values
that these means entail need not align with their efficiency. The efficient
answer may well be unjust—that is, it may conflict with values inherent in
the norms, or law (constitution), of the society.
Law-talk typically ignores these other regulators and how law can affect
their regulation. Many speak as if law must simply take the other three con-
straints as given and fashion itself to them.23
I say “as if ” because today it takes only a second’s thought to see that this
narrowness is absurd. There were times when these other constraints were
0465039146-01 12/5/06 12:28 AM Page 127
what things regulate
127
treated as fixed—when the constraints of norms were said to be immovable
by governmental action,24 or the market was thought to be essentially
unregulable,25 or the cost of changing real-space code was so high as to
make the thought of using it for regulation absurd.26 But we see now that
these constraints are plastic.27 They are, as law is, changeable, and subject to
regulation.
The examples are obvious and many. Think first about the market: talk of
a “free market” notwithstanding, there is no more heavily regulated aspect of
our life.28 The market is regulated by law not just in its elements—it is law that
enforces contracts, establishes property, and regulates currency—but also in
its effects. The law uses taxes to increase the market’s constraint on certain
behaviors and subsidies to reduce its constraint on others. We tax cigarettes in
part to reduce their consumption, but we subsidize tobacco production to
increase its supply. We tax alcohol to reduce its consumption. We subsidize
child care to reduce the constraint the market puts on raising children. In
many such ways the constraint of law is used to change the constraints of the
market.
Law can also change the regulation of architecture. Think about the
Americans with Disabilities Act (ADA).29 Many of the “disabled” are cut off
from access to much of the world. A building with only stairs is a building that
is inaccessible to a person in a wheelchair; the stairs are a constraint on the
disabled person’s access to that building. But the ADA in part aims to change
that constraint by requiring builders to change the design of buildings so that
the disabled are not excluded. Here is a regulation of real-space code, by law,
to change the constraint that real-space code creates.
Other examples are even better.
• Some of the power of the French Revolution derived from the architecture of
Paris: The city’s small and winding streets were easily barricaded, making it
possible for revolutionaries to take control of the city with relatively little
absolute strength. Louis Napoleon III understood this, and in 1853 he took
steps to change it.30 Paris was rebuilt, with wide boulevards and multiple
passages, making it impossible for insurgents to take control of the city.
• Every schoolchild learns of L’Enfant’s design to make an invasion of Washing-
ton difficult. But more interesting is the placement of the White House rela-
tive to the Capitol. The distance between them is one mile, and at the time it
was a mile through difficult terrain (the mall was a swamp). The distance
was a barrier meant to tilt the intercourse between Congress and the presi-
dent by making it marginally more difficult for them to connect—and
thereby more difficult for the executive to control the legislature.
0465039146-01 12/5/06 12:28 AM Page 128
128
CODE 2.0
• This same idea has influenced the placement of constitutional courts in
Europe. Throughout Europe constitutional courts were placed in cities other
than the capital. In Germany the court is in Karlsruhe rather than Berlin; in
the Czech Republic it is in Brno rather than Prague. The reason again is tied
to the constraint of geography: Placing constitutional courts far away from
legislatures and executives was meant to minimize both the pressure the latter
two bodies could place on the court and reduce the court’s temptation to
bow to it.
• The principle is not limited to high politics. Designers of parking garages or
streets where children may play place speed bumps in the road so that drivers
must slow down. These structures have the same purpose as a speed limit or
a norm against driving too fast, but they operate by modifying architecture.
• Neither is the principle limited to virtuous regulation: Robert Moses built
bridges on Long Island to block buses, so that African Americans, who
depended primarily on public transportation, could not easily get to public
beaches.31 That was regulation through architecture, invidious yet familiar.
• Nor is it limited to governments. A major American airline noticed that pas-
sengers on early Monday morning flights were frustrated with the time it
took to retrieve bags from the plane. They were much more annoyed than
other passengers, even though it took no longer than average to retrieve the
bags from these flights. The company began parking these flights at gates far-
ther away from baggage claim, so that by the time the passengers arrived at
baggage claim, their bags were there. Frustration with the baggage handling
system was eliminated.
• A large hotel in an American city received many complaints about the slow-
ness of its elevators. It installed mirrors next to the elevator doors. The com-
plaints ended.
• Few are likely to recognize the leading regulation-through-architecture pro-
ponent of the 20th century—Ralph Nader. It is astonishing today to read his
account of the struggle to get safety standards enforced upon auto makers.
Nader’s whole objective was to get the law to force car manufacturers to build
safer cars. It is obvious today that the code of cars is an essential part of auto
safety. Yet on this basic point, there was fundamental disagreement.32
• Neal Katyal has extensively considered the relationship of architecture to
criminal law, from the deployment of street lights to the design of public
spaces to maximize visibility.33 The 2000 Sydney Olympics, for example, “self-
consciously employed architecture to reduce crime.”34 And architects have
begun to identify principles of design that can minimize crime—called
“Crime Prevention Through Environmental Design.”35
0465039146-01 12/5/06 12:28 AM Page 129
what things regulate
129
In each example, an architecture is changed so as to realize different behav-
ior. The architecture effects that difference. As a sign above one of the portals
at the 1933 Chicago World’s Fair put it (though it was speaking of science):
“Science Explores: Technology Executes: Man Conforms.”36
Law can change social norms as well, though much of our constitutional
jurisprudence seems dedicated to forgetting just how.37 Education is the most
obvious example. As Thurgood Marshall put it, “Education is not the teaching
of the three R’s. Education is the teaching of the overall citizenship, to learn to
live together with fellow citizens, and above all to learn to obey the law.”38 Edu-
cation is, in part at least, a process through which we indoctrinate children into
certain norms of behavior—we teach them how to “say no” to sex and drugs.
We try to build within them a sense of what is correct. This sense then regulates
them to the law’s end.
Plainly, the content of much of this education is regulated by law. Conser-
vatives worry, for example, that by teaching sex education we change the norm
of sexual abstinence. Whether that is correct or not, the law is certainly being
used to change the norms of children. If conservatives are correct, the law is
eliminating abstinence. If liberals are correct, the law is being used to instill a
norm of safe sex. Either way, norms have their own constraint, and law is aim-
ing to change that constraint.
To say that law plays a role is not to say that it always plays a positive role.
The law can muck up norms as well as improve them, and I do not claim that
the latter result is more common than the former.39 The point is just to see the
role, not to praise or criticize it.
In each case, the law chooses between direct and indirect regulation. The
question is: Which means best advances the regulator’s goal, subject to the
constraints (whether normative or material) that the regulator must recognize?
My argument is that any analysis of the strategies of regulation must take into
account these different modalities. As Polk Wagner puts it, focusing on one
additional modality:
[J]ust as the choice of a legal rule will involve analytic trade offs between the
familiar categories of property rules and liability rules, the incorporation of legal
preemption rules in the cyberspace context will require a similar exercise along an
additional dimension—the impact that the legal rule will have on corresponding
software regulation (and thus the effect on the law-software interface).40
Or again, “legal policy proposals unsupported by predictions of techno-
logical response are deeply incomplete.”41 And the same can be said generally
about the interaction between any modality and any policy proposal.
0465039146-01 12/5/06 12:28 AM Page 130
130
CODE 2.0
We can represent the point through a modification of the second figure:
As Wagner rightly insists, again, the interaction among these modalities is
dynamic, “requiring consideration of not only . . . legal adjustments, but also
predicting the responsive effects such changes will stimulate.”42 The regulator
seeks an “equilibrium,” constantly considering trade-offs among modalities of
regulation.
The point should be familiar, and the examples can be multiplied.
Seatbelts: The government may want citizens to wear seatbelts more
often.43 It could pass a law to require the wearing of seatbelts (law regulating
behavior directly). Or it could fund public education campaigns to create a
stigma against those who do not wear seatbelts (law regulating social norms
as a means to regulating behavior). Or it could subsidize insurance companies
to offer reduced rates to seatbelt wearers (law regulating the market as a way
of regulating behavior). Finally, the law could mandate automatic seatbelts, or
ignition-locking systems (changing the code of the automobile as a means of
regulating belting behavior). Each action might be said to have some effect on
seatbelt use; each has some cost. The question for the government is how to
get the most seatbelt use for the least cost.
0465039146-01 12/5/06 12:28 AM Page 131
what things regulate
131
Discrimination against the disabled: The disabled bear the burden of sig-
nificant social and physical barriers in daily life.44 The government might
decide to do something about those barriers. The traditional answer is law
regulating behavior directly: a law barring discrimination on the basis of
physical disability. But the law could do more. It could, for example, educate
children in order to change social norms (regulating norms to regulate behav-
ior). It could subsidize companies to hire the disabled (regulating the market
to regulate behavior). It could regulate building codes to make buildings more
accessible to the disabled (regulating “natural” or real-space codes to regulate
behavior). Each of these regulations would have some effect on discrimina-
tion and would have a cost. The government would have to weigh the costs
against the benefits and select the mode that regulates most effectively.
Drugs: The government is obsessed with reducing the consumption of
illicit drugs. Its main strategy has been direct regulation of behavior through
the threat of barbaric prison terms for violation of the drug laws. This policy
has obvious costs and non-obvious benefits. But most interesting for our
purposes are the non-obvious costs. As Tracey Meares persuasively argues,
one effective structure for regulating the consumption of illegal drugs is the
social structure of the community in which an individual lives.45 These are
what I’ve called social norm constraints: standards of appropriate behavior
enforced by the sanctions of a community—whether through shame, exclu-
sion, or force.
Just as government can act to strengthen these social norm constraints, it
should be obvious that government can also act to weaken them.46 One way
to do this is by weakening the communities within which these norms oper-
ate. This, says Meares, is what the extreme sanctions of the criminal law do.47
In their extremity and effect, they undermine the social structures that would
support this social policy. This is an indirect effect of the direct regulation of
law, and at some point this effect may overwhelm the effect of the law. We
might call this the Laffer Curve for criminal law.
The net effect of these different constraints cannot be deduced a priori.
The government acts in many ways to regulate the consumption of drugs. It
supports extensive public education campaigns to stigmatize the consump-
tion of drugs (regulating social norms to regulate behavior). It seizes drugs at
the border, thereby reducing the supply, increasing the price, and presumably
reducing demand (regulating the market to regulate behavior). And at times
it has even (and grotesquely) regulated the “code” of drugs (by, for example,
spraying marijuana fields with paraquat), making them more dangerous and
thereby increasing the constraint on their consumption.48 All of these together
influence the consumption of drugs. But as advocates of legalization argue,
0465039146-01 12/5/06 12:28 AM Page 132
132
CODE 2.0
they also influence the incidence of other criminal behavior as well. The pol-
icy maker must assess the net effect—whether on the whole these regulations
reduce or increase social costs.
Abortion: One final example will complete the account. Since Roe v.
Wade, the Court has recognized a woman’s constitutional right to an abor-
tion.49 This right, however, has not stopped government from seeking to
eliminate or reduce the number of abortions. Again, the government need
not rely on direct regulation of abortion (which under Roe would be uncon-
stitutional). It can instead use indirect means to the same end. In Rust v.
Sullivan, the Court upheld the power of the government to bias the provision
of family planning advice by forbidding doctors in “government-funded”
clinics from mentioning abortion as a method of family planning.50 This is
a regulation of social norms (within the social structure of medical care) to
regulate behavior. In Maher v. Roe, the Court upheld the right of the govern-
ment to disable selectively medical funding for abortion.51 This is the use of
the market to regulate behavior. And in Hodgson v. Minnesota, the Court
upheld the right of the state to force minor women to wait forty-eight hours
before getting an abortion.52 This is the use of real-space code (the con-
straints of time) to regulate access to abortion. In all these ways, Roe notwith-
standing, the government can regulate the behavior of women wanting
abortions.
In each of these examples, law functions in two very different ways.53
When its operation is direct, it tells individuals how to behave and threatens
punishment if they deviate from that behavior. When its operation is indirect,
it modifies one of the other structures of constraint.54 The regulator selects
from among these various techniques according to the return from each—
both in efficiency and in the values that each might express.
When we see regulation in this more general way, we can see more clearly
how the unregulability of cyberspace is contingent. We get a stronger sense of
how the state could intervene to make regulation work, and we should also get
a sense of the increased dangers presented by this more expansive sense of reg-
ulation. In particular, we should have a stronger sense of the danger it presents
to constitutional values. The next section considers one such threat.
THE PROBLEMS OF INDIRECTION
In 1985, after years of inaction, Congress passed the Low Level Radioactive
Waste Policy Amendments Act to deal with the problem of nuclear waste.
Someone needed to take and store nuclear waste.55 After sufficient prodding
by the government, a number of states formed a compact, which Congress
0465039146-01 12/5/06 12:28 AM Page 133
what things regulate
133
then ratified, implementing a number of requirements and incentives for
states to deal with the nuclear waste they produce.
The details of the overall plan are not important here. It is enough to
focus on just one part. To induce states to follow federal guidelines for regu-
lating nuclear waste, Congress gave them a choice: Either enact certain regu-
lations or “take title” to the spent nuclear fuel. This was a “your money or your
life” regulation, for the fuel to which the states would take title was not an
asset but a great liability. In a very heavy-handed way, Congress was essentially
forcing states to pass the regulations it wanted.
The Supreme Court struck down this part of the law. In effect, the Court
held, Congress was commandeering the state legislatures to enact Congress’s
law. Congress itself, of course, had the power to enact those regulations
directly. But it did not have the power to order states to enact laws. Indirection
here was not allowed.
This case—New York v. United States—does not stand for the broad prin-
ciple that government must regulate only directly, or even for the principle
that indirect regulation generally is disfavored. The case was focused quite
narrowly on the question of indirection as it involved the states. The most
New York stands for is the idea that states, as independent sovereigns deserving
of special constitutional respect, cannot be co-opted to the federal govern-
ment’s ends—that when the federal government has a program it wants to
carry out, it must put its own name behind it.
But while New York doesn’t establish a general constitutional principle, it
does suggest why indirection should be a more general concern.
Indirection misdirects responsibility. When a government uses other
structures of constraint to effect a constraint it could impose directly, it mud-
dies the responsibility for that constraint and so undermines political
accountability. If transparency is a value in constitutional government, indi-
rection is its enemy. It confuses responsibility and hence confuses politics.56
Such misunderstandings are possible in other contexts as well. Think
again about the case of Rust. The federal government helps to fund family
planning clinics. (“Helps” fund, not completely funds.)57 Before 1988 these
clinics gave advice on a wide range of birth-related topics, including abortion.
Doctors in family planning clinics would advise their patients about abortion
whenever they felt such advice was proper.
The Reagan administration wanted to change that, so it ordered (the
details of how are not important here) doctors in those clinics to not discuss
abortion as a method of family planning with their patients. If asked, the
doctors were to say, “The project does not consider abortion an appropriate
method of family planning.”58
0465039146-01 12/5/06 12:28 AM Page 134
134
CODE 2.0
The aim of this regulation was clear: to reduce the incidence of abortion.
It did this by using doctors to steer patients away from abortion. A doctor has
a great deal of power over a patient in a context like this, and the patient
would most likely believe the doctor was recommending against abortion.
But notice the technique. The federal government could have stated its
own position about abortion. It could have put up posters and billboards
saying that abortion is wrong, or it could have used space in its clinics to
advertise its view. But it chose instead to bury its policy choice in the words of
doctors. It thereby could trade on the professional authority of the doctors to
advance its own ends. It could regulate abortion indirectly by regulating the
doctors directly.
Just as it tried to use the authority of the states to effect its ends in New
York, the government trades on a misrepresentation in Rust. But worse than
in the federalism context, the victim of the misrepresentation here does not
even realize that the misrepresentation is a policy choice. The patient is
unlikely to hear the doctor’s statement as a political broadcast from the gov-
ernment; she is most likely to hear it as a medical opinion. Not only is there
a confusion about who is responsible for the opinion expressed, but there is
also confusion about whether it is an opinion at all.
Rust v. Sullivan is one of the great embarrassments of the Supreme
Court—the case proving Justice Scalia’s rule that any issue gets distorted once
it gets near the question of abortion.59 But my argument here doesn’t depend
upon whether Rust was right. My aim is to bring out a certain sensibility
about regulation; Rust simply points the way.
Consider a third case. Until 1948 deeds could include covenants
(promises) that the property covered by the deed could not be sold to people
of a particular race. The purpose of these provisions was clear: to effect and
preserve segregation. Their use was extensive. It was estimated, for example,
that when Shelley v Kraemer60 struck these provisions down as unconstitu-
tional under the equal protection clause, 25 percent of the properties in south
Chicago had been prohibited from sale to African Americans.61
As awful as such provisions were, they had a certain integrity. They clearly
stated their purpose and were transparent about the values they affirmed. No
one could pretend that the segregation they effected was somehow an acci-
dental by-product of decisions made elsewhere. Although they were private
covenants, they were enforced by the state and, indeed, derived their meaning
from the state. They said: This society is racist.
When the Court struck these provisions down, however, the question
became what would replace them. Few expected that the attitudes behind these
covenants would suddenly disappear because of a single court judgment. So
0465039146-01 12/5/06 12:28 AM Page 135
what things regulate
135
when the Court ended direct segregation, we should expect indirect segrega-
tion to emerge to replace it.
Sure enough, after 1948 local communities shifted their technique for
preserving segregation. Rather than covenants, they used architecture. Com-
munities were designed to “break the flow” of residents from one to another.
Highways without easy crossings were placed between communities. Railroad
tracks were used to divide. A thousand tiny inconveniences of architecture
and zoning replaced the express preferences of covenants. Nothing formally
prohibited integration, but informally, much did. 62
Local governments thus did something very much like what the federal
government did in Rust and tried to do in New York: No longer able to effect
segregation directly, they used zoning laws—geographical architecture, or real-
space code—to effect it indirectly. They built their communities and designed
their streets to make it hard for integration to occur, and the tiny inconven-
iences of zoning regulations succeeded in keeping communities separate.
What is most significant is that now, even more than with Rust, it
becomes very difficult to see the link between the regulation and its conse-
quence. The continuing segregation of these communities is described as the
product of “choice.” Individuals choose to live in one neighborhood rather
than another. In a strict sense, that is correct, but their choices are made in the
face of costs that the state has imposed. It is easier to remain segregated, so
people choose to do that. But it is only easier because government has moved
mountains to make it that way.
Here the government is regulating indirectly by using the structures of
real-space code to effect its ends, but this regulation, again, is not seen as reg-
ulation. Here the government gets an effect at no political cost. It gets the
benefit of what would clearly be an illegal and controversial regulation with-
out even having to admit any regulation exists.
In all three cases, the government is commandeering the power of
another modality—another structure of constraint—to effect its own ends.63
This in itself is not necessarily improper. There are plenty of examples that
anyone would consider proper. A requirement that streets be well lit, for
instance, is a regulation designed to reduce crime, and no one would think
that regulation improper. Nor does all such regulation hide its pedigree. Think
again about speed bumps–they are examples of indirect regulation. Like a
winding road, they use the code of streets to keep down the speed of a car. But
no one is fooled about the source of this regulation; no one believes the
bumps are accidental.
Thus, the point is not against indirect regulation generally. The point is
instead about transparency. The state has no right to hide its agenda. In a
0465039146-01 12/5/06 12:28 AM Page 136
136
CODE 2.0
constitutional democracy its regulations should be public. And thus, one issue
raised by the practice of indirect regulation is the general issue of publicity.
Should the state be permitted to use nontransparent means when transparent
means are available?
WHERE THIS LEADS
After I published an essay in the (then existing) Industry Standard arguing that
“code is law,”64 the following letter was sent to the editor:
Typical for a Harvard Law Professor. . . . Lessig misses the entire forest while dancing
among the trees. . . . While his riff on West Coast Code (from Silicon Valley Program-
mers) vs. East Coast Code (from government lawyers) is very cleverly crafted, it
completely avoids the real difference between the two.
The good professor seems to apply the word “regulation” equally to the efforts
of private enterprises to control the behavior of their customers through market
mechanisms and the efforts of government agencies to control the behavior of all cit-
izens through force of law.
So long as the creators and purveyors of West Coast Code (no matter how self-
ish, monopolistic, demonic or incompetent they may be) do not carry guns and
badges, I will choose them over the enforcers of East Coast Code any time.65
Whether or not I’ve missed the “real difference” between code and law, the
genius in this letter is that its author clearly sees the real similarity. The author
(the president of an Internet-related business) understands that “private
enterprises” try to “control the behavior of their customers,” and he writes that
they use “market mechanisms” to achieve that control. (Technically, I was
speaking about architectures to achieve that effect, but never mind. Whether
markets or architectures, the point is the same.) He therefore sees that there
is “regulation” beyond law. He just has his favorite between the two (corporate
executive that he is).
What this author sees is what we all must see to understand how cyber-
space is regulated and to see how law might regulate cyberspace. I’ve argued
in this chapter that government has a range of tools that it uses to regulate,
and cyberspace expands that range. Indirectly, by regulating code writing, the
government can achieve regulatory ends, often without suffering the political
consequences that the same ends, pursued directly, would yield.
We should worry about this. We should worry about a regime that makes
invisible regulation easier; we should worry about a regime that makes it eas-
ier to regulate. We should worry about the first because invisibility makes it
0465039146-01 12/5/06 12:28 AM Page 137
what things regulate
137
hard to resist bad regulation; we should worry about the second because we
don’t yet—as I argue in Part III—have a sense of the values put at risk by the
increasing scope of efficient regulation.
That’s a lot of worries, no doubt. But before we go further with these
worries, we could consider in more detail the contexts within which these
worries become real.
0465039146-01 12/5/06 12:28 AM Page 138
E I G H T
t h e
l i m i t s
i n
o p e n
c o d e
I’VE TOLD A STORY ABOUT HOW REGULATION WORKS, AND ABOUT THE INCREASING
regulability of the Internet that we should expect. These are, as I described,
changes in the architecture of the Net that will better enable government’s
control by making behavior more easily monitored—or at least more trace-
able. These changes will emerge even if government does nothing. They are
the by-product of changes made to enable e-commerce. But they will be
cemented if (or when) the government recognizes just how it could make
the network its tool.
That was Part I. In this part, I’ve focused upon a different regulabil-
ity—the kind of regulation that is effected through the architectures of the
space within which one lives. As I argued in Chapter 5, there’s nothing new
about this modality of regulation: Governments have used architecture to
regulate behavior forever. But what is new is its significance. As life moves
onto the Net, more of life will be regulated through the self-conscious
design of the space within which life happens. That’s not necessarily a bad
thing. If there were a code-based way to stop drunk drivers, I’d be all for it.
But neither is this pervasive code-based regulation benign. Due to the man-
ner in which it functions, regulation by code can interfere with the ordinary
democratic process by which we hold regulators accountable.
The key criticism that I’ve identified so far is transparency. Code-based
regulation—especially of people who are not themselves technically
expert—risks making regulation invisible. Controls are imposed for partic-
ular policy reasons, but people experience these controls as nature. And
that experience, I suggested, could weaken democratic resolve.
Now that’s not saying much, at least about us. We are already a pretty
apathetic political culture. And there’s nothing about cyberspace to suggest
138
0465039146-01 12/5/06 12:28 AM Page 139
the limits in open code
139
things are going to be different. Indeed, as Castranova observes about vir-
tual worlds: “How strange, then, that one does not find much democracy at
all in synthetic worlds. Not a trace, in fact. Not a hint of a shadow of a trace.
It’s not there. The typical governance model in synthetic worlds consists of
isolated moments of oppressive tyranny embedded in widespread anar-
chy.”1
But if we could put aside our own skepticism about our democracy for
a moment, and focus at least upon aspects of the Internet and cyberspace
that we all agree matter fundamentally, then I think we will all recognize a
point that, once recognized, seems obvious: If code regulates, then in at
least some critical contexts, the kind of code that regulates is critically
important.
By “kind” I mean to distinguish between two types of code: open and
closed. By “open code” I mean code (both software and hardware) whose
functionality is transparent at least to one knowledgeable about the technol-
ogy. By “closed code,” I mean code (both software and hardware) whose
functionality is opaque. One can guess what closed code is doing; and with
enough opportunity to test, one might well reverse engineer it. But from the
technology itself, there is no reasonable way to discern what the functional-
ity of the technology is.
The terms “open” and “closed” code will suggest to many a critically
important debate about how software should be developed. What most call
the “open source software movement,” but which I, following Richard Stall-
man, call the “free software movement,” argues (in my view at least) that
there are fundamental values of freedom that demand that software be
developed as free software. The opposite of free software, in this sense, is
proprietary software, where the developer hides the functionality of the
software by distributing digital objects that are opaque about the underlying
design.
I will describe this debate more in the balance of this chapter. But
importantly, the point I am making about “open” versus “closed” code is dis-
tinct from the point about how code gets created. I personally have very
strong views about how code should be created. But whatever side you are
on in the “free vs. proprietary software” debate in general, in at least the con-
texts I will identify here, you should be able to agree with me first, that
open code is a constraint on state power, and second, that in at least some
cases, code must, in the relevant sense, be “open.”
To set the stage for this argument, I want to describe two contexts in
which I will argue that we all should agree that the kind of code deployed
matters. The balance of the chapter then makes that argument.
0465039146-01 12/5/06 12:28 AM Page 140
140
CODE 2.0
BYTES THAT SNIFF
In Chapter 2, I described technology that at the time was a bit of science fic-
tion. In the five years since, that fiction has become even less fictional. In
1997, the government announced a project called Carnivore. Carnivore was to
be a technology that sifted through e-mail traffic and collected just those e-
mails written by or to a particular and named individual. The FBI intended to
use this technology, pursuant to court orders, to gather evidence while inves-
tigating crimes.
In principle, there’s lots to praise in the ideals of the Carnivore design.
The protocols required a judge to approve this surveillance. The technology
was intended to collect data only about the target of the investigation. No
one else was to be burdened by the tool. No one else was to have their privacy
compromised.
But whether the technology did what it was said to do depends upon its
code. And that code was closed.2 The contract the government let with the
vendor that developed the Carnivore software did not require that the source
for the software be made public. It instead permitted the vendor to keep the
code secret.
Now it’s easy to understand why the vendor wanted its code kept secret.
In general, inviting others to look at your code is much like inviting them to
your house for dinner: There’s lots you need to do to make the place present-
able. In this case in particular, the DOJ may have been concerned about secu-
rity.3 But substantively, however, the vendor might want to use components of
the software in other software projects. If the code is public, the vendor might
lose some advantage from that transparency. These advantages for the vendor
mean that it would be more costly for the government to insist upon a tech-
nology that was delivered with its source code revealed. And so the question
should be whether there’s something the government gains from having the
source code revealed.
And here’s the obvious point: As the government quickly learned as it
tried to sell the idea of Carnivore, the fact that its code was secret was costly.
Much of the government’s efforts were devoted to trying to build trust around
its claim that Carnivore did just what it said it did. But the argument “I’m
from the government, so trust me” doesn’t have much weight. And thus, the
efforts of the government to deploy this technology—again, a valuable tech-
nology if it did what it said it did—were hampered.
I don’t know of any study that tries to evaluate the cost the government
faced because of the skepticism about Carnivore versus the cost of developing
Carnivore in an open way.4 I would be surprised if the government’s strategy
0465039146-01 12/5/06 12:28 AM Page 141
the limits in open code
141
made fiscal sense. But whether or not it was cheaper to develop closed rather
than open code, it shouldn’t be controversial that the government has an
independent obligation to make its procedures—at least in the context of
ordinary criminal prosecution—transparent. I don’t mean that the investiga-
tor needs to reveal the things he thinks about when deciding which suspects
to target. I mean instead the procedures for invading the privacy interests of
ordinary citizens.
The only kind of code that can do that is “open code.” And the small
point I want to insist upon just now is that where transparency of government
action matters, so too should the kind of code it uses. This is not the claim
that all government code should be public. I believe there are legitimate areas
within which the government can act secretly. More particularly, where trans-
parency would interfere with the function itself, then there’s a good argument
against transparency. But there were very limited ways in which a possible
criminal suspect could more effectively evade the surveillance of Carnivore
just because its code was open. And thus, again, open code should, in my
view, have been the norm.
MACHINES THAT COUNT
Before November 7, 2000, there was very little discussion among national
policy makers about the technology of voting machines. For most (and I was
within this majority), the question of voting technology seemed trivial. Cer-
tainly, there could have been faster technologies for tallying a vote. And there
could have been better technologies to check for errors. But the idea that any-
thing important hung upon these details in technology was not an idea that
made the cover of the front page of the New York Times.
The 2000 presidential election changed all that. More specifically, Florida
in 2000 changed all that. Not only did the Florida experience demonstrate the
imperfection in traditional mechanical devices for tabulating votes (exhibit 1,
the hanging chad), it also demonstrated the extraordinary inequality that
having different technologies in different parts of the state would produce. As
Justice Stevens described in his dissent in Bush v. Gore, almost 4 percent of
punch-card ballots were disqualified, while only 1.43 percent of optical scan
ballots were disqualified.5 And as one study estimated, changing a single vote
on each machine would have changed the outcome of the election.6
The 2004 election made things even worse. In the four years since the
Florida debacle, a few companies had pushed to deploy new electronic voting
machines. But these voting machines seemed to create more anxiety among
voters than less. While most voters are not techies, everyone has a sense of the
0465039146-01 12/5/06 12:28 AM Page 142
142
CODE 2.0
obvious queasiness that a totally electronic voting machine produces. You
stand before a terminal and press buttons to indicate your vote. The machine
confirms your vote and then reports the vote has been recorded. But how do
you know? How could anyone know? And even if you’re not conspiracy-
theory-oriented enough to believe that every voting machine is fixed, how can
anyone know that when these voting machines check in with the central
server, the server records their votes accurately? What’s to guarantee that the
numbers won’t be fudged?
The most extreme example of this anxiety was produced by the leading
electronic voting company, Diebold. In 2003, Diebold had been caught fudg-
ing the numbers associated with tests of its voting technology. Memos leaked
to the public showed that Diebold’s management knew the machines were
flawed and intentionally chose to hide that fact. (The company then sued
students who had published these memos—for copyright infringement. The
students won a countersuit against Diebold.)
That incident seemed only to harden Diebold in its ways. The company
continued to refuse to reveal anything about the code that its machines ran.
It refused to bid in contexts in which such transparency was required. And
when you tie that refusal to its chairman’s promise to “deliver Ohio” for Pres-
ident Bush in 2004, you have all the makings of a perfect trust storm. You con-
trol the machines; you won’t show us how they work; and you promise a
particular result in the election. Is there any doubt people would be suspi-
cious?7
Now it turns out that it is a very hard question to know how electronic
voting machines should be designed. In one of my own dumbest moments
since turning 21, I told a colleague that there was no reason to have a confer-
ence about electronic voting since all the issues were “perfectly obvious.”
They’re not perfectly obvious. In fact, they’re very difficult. It seems obvious
to some that, like an ATM, there should at least be a printed receipt. But if
there’s a printed receipt, that would make it simple for voters to sell their
votes. Moreover, there’s no reason the receipt needs to reflect what was
counted. Nor does the receipt necessarily reflect what was transmitted to any
central tabulating authority. The question of how best to design these systems
turns out not to be obvious. And having uttered absolute garbage about this
point before, I won’t enter here into any consideration of how best this might
be architected.
But however a system is architected, there is an independent point about
the openness of the code that comprises the system. Again, the procedures
used to tabulate votes must be transparent. In the nondigital world, those
procedures were obvious. In the digital world, however they’re architected, we
0465039146-01 12/5/06 12:28 AM Page 143
the limits in open code
143
need a way to ensure that the machine does what it is said it will do. One sim-
ple way to do that is either to open the code to those machines, or, at a mini-
mum, require that that code be certified by independent inspectors. Many
would prefer the latter to the former, just because transparency here might
increase the chances of the code being hacked. My own intuition about that
is different. But whether or not the code is completely open, requirements for
certification are obvious. And for certification to function, the code for the
technology must—in a limited sense at least—be open.
{TXB2}
Both of these examples make a similar point. But that point, however, is not
universal. There are times when code needs to be transparent, even if there are
times when it does not. I’m not talking about all code for whatever purposes.
I don’t think Wal*Mart needs to reveal the code for calculating change at its
check-out counters. I don’t even think Yahoo! should have to reveal the code
for its Instant Messaging service. But I do think we all should think that, in
certain contexts at least, the transparency of open code should be a require-
ment.
This is a point that Phil Zimmermann taught by his practice more than
15 years ago. Zimmermann wrote and released to the Net a program called
PGP (pretty good privacy). PGP provides cryptographic privacy and authen-
tication. But Zimmermann recognized that it would not earn trust enough to
provide these services well unless he made available the source code to the
program. So from the beginning (except for a brief lapse when the program
was owned by a company called NAI8) the source code has been available for
anyone to review and verify. That publicity has built confidence in the code—
a confidence that could never have been produced by mere command. In this
case, open code served the purpose of the programmer, as his purpose was to
build confidence and trust in a system that would support privacy and
authentication. Open code worked.
The hard question is whether there’s any claim to be made beyond this
minimal one. That’s the question for the balance of this chapter: How does
open code affect regulability?
CODE ON THE NET
I’ve spent lots of time talking about “code.” It’s time to be a bit more specific
about what “code” in the context of the Internet is, in what sense should we
consider this code to be “open,” and in what contexts its openness will matter.
As I’ve mentioned, the Internet is constructed by a set of protocols
together referred to as TCP/IP. The TCP/IP suite includes a large number of
0465039146-01 12/5/06 12:28 AM Page 144
144
CODE 2.0
protocols that feed different “layers” of the network. The standard model for
describing layers of a network is the open systems interconnect (OSI) refer-
ence model. It describes seven network layers, each representing a “function
performed when data is transferred between cooperating applications across”
the network. But the TCP/IP suite is not as well articulated in that model.
According to Craig Hunt, “most descriptions of TCP/IP define three to five
functional levels in the protocol architecture.” In my view, it is simplest to
describe four functional layers in a TCP/IP architecture.9 From the bottom of
the stack up, we can call these the data link, network, transport, and applica-
tion layers.10
Three layers constitute the essential plumbing of the Internet, hidden in
the Net’s walls. (The faucets work at the next layer; be patient.) At the very
bottom, just above the physical layer of the Internet, in the data link layer, very
few protocols operate, since that handles local network interactions exclu-
sively. More protocols exist at the next layer up, the network layer, where the
IP protocol is dominant. It routes data between hosts and across network
links, determining which path the data should take. At the next layer up, the
transport layer, two different protocols dominate—TCP and UDP. These
negotiate the flow of data between two network hosts. (The difference
between the two is reliability—UDP offers no reliability guarantee.)
The protocols together function as a kind of odd UPS. Data are passed
from the application to the transport layer. There the data are placed in a
(virtual) box and a (virtual) label is slapped on. That label ties the contents of
the box to particular processes. (This is the work of the TCP or UDP proto-
cols.) That box is then passed to the network layer, where the IP protocol
puts the package into another package, with its own label. This label includes
the origination and destination addresses. That box then can be further
wrapped at the data link layer, depending on the specifics of the local network
(whether, for example, it is an Ethernet network).
The whole process is thus a bizarre packaging game: A new box is added
at each layer, and a new label on each box describes the process at that layer.
At the other end, the packaging process is reversed: Like a Russian doll, each
package is opened at the proper layer, until at the end the machine recovers
the initial application data.
On top of these three layers is the application layer of the Internet. Here
protocols “proliferate.”11 These include the most familiar network application
protocols, such as FTP (file transfer protocol, a protocol for transferring files),
SMTP (simple mail transport protocol, a protocol for transferring mail), and
HTTP (hyper text transfer protocol, a protocol to publish and read hypertext
documents across the Web). These are rules for how a client (your computer)
0465039146-01 12/5/06 12:28 AM Page 145
the limits in open code
145
will interact with a server (where the data are), or with another computer (in
peer-to-peer services), and the other way around.12
These four layers of protocols are “the Internet.” Building on simple
blocks, the system makes possible an extraordinary range of interaction. It is
perhaps not quite as amazing as nature—think of DNA—but it is built on the
same principle: keep the elements simple, and the compounds will astound.
When I speak about regulating the code, I’m not talking about changing
these core TCP/IP protocols. (Though in principle, of course, they could be
regulated, and others have suggested that they should be.)13 In my view these
components of the network are fixed. If you required them to be different,
you’d break the Internet. Thus rather than imagining the government chang-
ing the core, the question I want to consider is how the government might
either (1) complement the core with technology that adds regulability, or (2)
regulates applications that connect to the core. Both will be important, but my
focus is on the code that plugs into the Internet. I will call that code the “appli-
cation space” of the Internet. This includes all the code that implements
TCP/IP protocols at the application layer—browsers, operating systems,
encryption modules, Java, e-mail systems, P2P, whatever elements you want.
The question for the balance of this chapter is: What is the character of that
code that makes it susceptible to regulation?
A SHORT HISTORY OF CODE ON THE NET
In the beginning, of course, there were very few applications on the Net. The
Net was no more than a protocol for exchanging data, and the original pro-
grams simply took advantage of this protocol. The file transfer protocol (FTP)
was born early in the Net’s history;14 the electronic message protocol (SMTP)
was born soon after. It was not long before a protocol to display directories in
a graphical way (Gopher) was developed. And in 1991 the most famous of
protocols—the hyper text transfer protocol (HTTP) and hyper text markup
language (HTML)—gave birth to the World Wide Web.
Each protocol spawned many applications. Since no one had a monopoly
on the protocol, no one had a monopoly on its implementation. There were
many FTP applications and many e-mail servers. There were even a large
number of browsers.15 The protocols were open standards, gaining their bless-
ing from standards bodies such as the Internet Engineering Task Force (IETF)
and, later, the W3C. Once a protocol was specified, programmers could build
programs that utilized it.
Much of the software implementing these protocols was “open,” at least
initially—that is, the source code for the software was available along with the
0465039146-01 12/5/06 12:28 AM Page 146
146
CODE 2.0
object code.16 This openness was responsible for much of the early Net’s
growth. Others could explore how a program was implemented and learn
from that example how better to implement the protocol in the future.
The World Wide Web is the best example of this point. Again, the code
that makes a web page appear as it does is called the hyper text markup lan-
guage, or HTML.17 With HTML, you can specify how a web page will appear
and to what it will be linked.
The original HTML was proposed in 1990 by the CERN researchers Tim
Berners-Lee and Robert Cailliau.18 It was designed to make it easy to link
documents at a research facility, but it quickly became obvious that docu-
ments on any machine on the Internet could be linked. Berners-Lee and Cail-
liau made both HTML and its companion HTTP freely available for anyone
to take.
And take them people did, at first slowly, but then at an extraordinary
rate. People started building web pages and linking them to others. HTML
became one of the fastest-growing computer languages in the history of com-
puting.
Why? One important reason was that HTML was always “open.” Even
today, on most browsers in distribution, you can always reveal the “source” of
a web page and see what makes it tick. The source remains open: You can
download it, copy it, and improve it as you wish. Copyright law may protect
the source code of a web page, but in reality it protects it very imperfectly.
HTML became as popular as it did primarily because it was so easy to copy.
Anyone, at any time, could look under the hood of an HTML document and
learn how the author produced it.
Openness—not property or contract but free code and access—created
the boom that gave birth to the Internet that we now know. And it was this
boom that then attracted the attention of commerce. With all this activity,
commerce rightly reasoned, surely there was money to be made.
Historically the commercial model for producing software has been dif-
ferent.19 Though the history began even as the open code movement contin-
ued, commercial software vendors were not about to produce “free” (what
most call “open source”) software. Commercial vendors produced software
that was closed—that traveled without its source and was protected against
modification both by the law and by its own code.
By the second half of the 1990s—marked most famously by Microsoft’s
Windows 95, which came bundled Internet-savvy—commercial software ven-
dors began producing “application space” code. This code was increasingly
connected to the Net—it increasingly became code “on” the Internet. But for
the most part, the code remained closed.
0465039146-01 12/5/06 12:28 AM Page 147
the limits in open code
147
That began to change, however, around the turn of the century. Especially
in the context of peer-to-peer services, technologies emerged that were dom-
inant and “open.” More importantly, the protocols these technologies
depended upon were unregulated. Thus, for example, the protocol that the
peer-to-peer client Grokster used to share content on the Internet is itself an
open standard that anyone can use. Many commercial entities tried to use that
standard, at least until the Supreme Court’s decision in Grokster. But even if
that decision inspires every commercial entity to abandon the StreamCast
network, noncommercial implementations of the protocol will still exist.
The same mix between open and closed exists in both browsers and blog-
ging software. Firefox is the more popular current implementation of the
Mozilla technology—the technology that originally drove the Netscape
browser. It competes with Microsoft’s Internet Explorer and a handful of
other commercial browsers. Likewise, WordPress is an open-source blogging
tool that competes with a handful of other proprietary blogging tools.
This recent growth in open code builds upon a long tradition. Part of
the motivation for that tradition is ideological, or values based. Richard Stall-
man is the inspiration here. In 1984, Stallman began the Free Software Foun-
dation with the aim of fueling the growth of free software. A MacArthur
Fellow who gave up his career to commit himself to the cause, Stallman has
devoted the last twenty years of his life to free software. That work began
with the GNU project, which sought to develop a free operating system. By
1991, the GNU project had just about everything it needed, except a kernel.
That final challenge was taken up by an undergraduate at the University of
Helsinki. That year, Linus Torvalds posted on the Internet the kernel of an
operating system. He invited the world to extend and experiment with it.
People took up the challenge, and slowly, through the early 1990s, marry-
ing the GNU project with Torvald’s kernel, they built an operating system—
GNU/Linux. By 1998, it had become apparent to all that GNU/Linux was
going to be an important competitor to the Microsoft operating system.
Microsoft may have imagined in 1995 that by 2000 there would be no other
server operating system available except Windows NT, but when 2000 came
around, there was GNU/Linux, presenting a serious threat to Microsoft in
the server market. Now in 2007, Linux-based web servers continue to gain
market share at the expense of Microsoft systems.
GNU/Linux is amazing in many ways. It is amazing first because it is the-
oretically imperfect but practically superior. Linus Torvalds rejected what
computer science told him was the ideal operating system design,20 and
instead built an operating system that was designed for a single processor (an
Intel 386) and not cross-platform-compatible. Its creative development, and
0465039146-01 12/5/06 12:28 AM Page 148
148
CODE 2.0
the energy it inspired, slowly turned GNU/Linux into an extraordinarily pow-
erful system. As of this writing, GNU/Linux has been ported to at least eight-
een different computer architecture platforms—from the original Intel
processors, to Apple’s PowerPC chip, to Sun SPARC chips, and mobile devices
using ARM processors.21 Creative hackers have even ported Linux to squeeze
onto Apple’s iPod and old Atari systems. Although initially designed to speak
only one language, GNU/Linux has become the lingua franca of free software
operating systems.
What makes a system open is a commitment among its developers to
keep its core code public—to keep the hood of the car unlocked. That com-
mitment is not just a wish; Stallman encoded it in a license that sets the terms
that control the future use of most free software. This is the Free Software
Foundation’s General Public License (GPL), which requires that any code
licensed with GPL (as GNU/Linux is) keep its source free. GNU/Linux was
developed by an extraordinary collection of hackers worldwide only because
its code was open for others to work on.
Its code, in other words, sits in the commons.22 Anyone can take it and use
it as she wishes. Anyone can take it and come to understand how it works. The
code of GNU/Linux is like a research program whose results are always pub-
lished for others to see. Everything is public; anyone, without having to seek
the permission of anyone else, may join the project.
This project has been wildly more successful than anyone ever imagined.
In 1992, most would have said that it was impossible to build a free operating
system from volunteers around the world. In 2002, no one could doubt it
anymore. But if the impossible could become possible, then no doubt it could
become impossible again. And certain trends in computing technology may
create precisely this threat.
For example, consider the way Active Server Pages (ASP) code works on
the network. When you go to an ASP page on the Internet, the server runs a
program—a script to give you access to a database, for example, or a program
to generate new data you need. ASPs are increasingly popular ways to provide
program functionality. You use it all the time when you are on the Internet.
But the code that runs ASPs is not technically “distributed.” Thus, even if
the code is produced using GPL’d code, there’s no GPL obligation to release it
to anyone. Therefore, as more and more of the infrastructure of networked
life becomes governed by ASP, less and less will be effectively set free by free
license.
“Trusted Computing” creates another threat to the open code ecology.
Launched as a response to virus and security threats within a networked envi-
ronment, the key technical feature of “trusted computing” is that the platform
0465039146-01 12/5/06 12:28 AM Page 149
the limits in open code
149
blocks programs that are not cryptographically signed or verified by the plat-
form. For example, if you want to run a program on your computer, your
computer would first verify that the program is certified by one of the author-
ities recognized by the computer operating system, and “incorporat[ing]
hardware and software . . . security standards approved by the content
providers themselves.”23 If it isn’t, the program wouldn’t run.
In principle, of course, if the cost of certifying a program were tiny, this
limitation might be unproblematic. But the fear is that this restriction will
operate to effectively block open code projects. It is not easy for a certifying
authority to actually know what a program does; that means certifying
authorities won’t be keen to certify programs they can’t trust. And that in
turn will effect a significant discrimination against open code.
REGULATING OPEN CODE
Open code projects—whether free software or open source software projects—
share the feature that the knowledge necessary to replicate the project is intended
always to be available to others. There is no effort, through law or technology, for
the developer of an open code project to make that development exclusive. And,
more importantly, the capacity to replicate and redirect the evolution of a project
provided in its most efficient form is also always preserved.
How does this fact affect the regulability of code?
In Chapter 5, I sketched examples of government regulating code. But think
again about those examples: How does such regulation work?
Consider two. The government tells the telephone company something
about how its networks are to be designed, and the government tells television
manufacturers what kinds of chips TVs are to have. Why do these regulations
work?
The answer in each case is obvious. The code is regulable only because the
code writers can be controlled. If the state tells the phone company to do some-
thing, the phone company is not likely to resist. Resistance would bring punish-
ment; punishment is expensive; phone companies, like all other companies, want
to reduce the cost of doing business. If the state’s regulation is rational (that is,
effective), it will set the cost of disobeying the state above any possible benefit. If
the target of regulation is a rational actor within the reach of the state, then the
regulation is likely to have its intended effect. CALEA’s regulation of the network
architecture for telephones is an obvious example of this (see Chapter 5).
An unmovable, and unmoving, target of regulation, then, is a good start
toward regulability. And this statement has an interesting corollary: Regulable
code is closed code. Think again about telephone networks. When the govern-
0465039146-01 12/5/06 12:28 AM Page 150
150
CODE 2.0
ment induces the telephone networks to modify their network software, users
have no choice about whether to adopt this modification or not. You pick up the
phone, you get the dial tone the phone company gives you. No one I know hacks
the telephone company’s code to build a different network design. The same
with the V-chip—I doubt that many people would risk destroying their television
by pulling out the chip, and I am certain that no one re-burns the chip to build
in a different filtering technology.
In both cases the government’s regulation works because when the target of
the regulation complies, customers can do little but accept it.
Open code is different. We can see something of the difference in a story told
by Netscape’s former legal counsel, Peter Harter, about Netscape and the
French.24
In 1996, Netscape released a protocol (SSL v3.0) to facilitate secure electronic
commerce on the Web. The essence of its function is to permit secure exchange
between a browser and a server. The French were not happy with the security that
SSL gave; they wanted to be able to crack SSL transactions. So they requested that
Netscape modify SSL to enable their spying.
There are plenty of constraints on Netscape’s ability to modify SSL—not the
least of which being that Netscape has given SSL over to the public, in the form
of a public standard. But assume for a second that it had not. Assume Netscape
really did control the standards for SSL and in theory could modify the code to
enable French spying. Would that mean that Netscape could comply with the
French demand?
No. Technically, it could comply by modifying the code of Netscape Com-
municator and then posting a new module that enabled hacking by a govern-
ment. But because Netscape (or more generally, the Mozilla project) is open
source, anyone is free to build a competing module that would replace the
Frenchified SSL module. That module would compete with other modules. The
module that wins would be the one users wanted. Users don’t typically want a
module that enables spying by a government.
The point is simple, but its implication is profound. To the extent that code
is open code, the power of government is constrained. Government can demand,
government can threaten, but when the target of its regulation is plastic, it cannot
rely on its target remaining as it wants.
Say you are a Soviet propagandist, and you want to get people to read lots of
information about Papa Stalin. So you declare that every book published in the
Soviet Union must have a chapter devoted to Stalin. How likely is it that such
books will actually affect what people read?
Books are open code: They hide nothing; they reveal their source—they are
their source! A user or adopter of a book always has the choice to read only the
0465039146-01 12/5/06 12:28 AM Page 151
the limits in open code
151
chapters she wants. If it is a book on electronics, then the reader can certainly
choose not to read the chapter on Stalin. There is very little the state can do to
modify the reader’s power in this respect.
The same idea liberates open code. The government’s rules are rules only to
the extent that they impose restrictions that adopters would want. The govern-
ment may coordinate standards (like “drive on the right”), but it certainly cannot
impose standards that constrain users in ways they do not want to be con-
strained. This architecture, then, is an important check on the government’s reg-
ulatory power. Open code means open control—there is control, but the user is
aware of it.25
Closed code functions differently. With closed code, users cannot easily
modify the control that the code comes packaged with. Hackers and very sophis-
ticated programmers may be able to do so, but most users would not know
which parts were required and which parts were not. Or more precisely, users
would not be able to see the parts required and the parts not required because the
source code does not come bundled with closed code. Closed code is the propa-
gandist’s best strategy—not a separate chapter that the user can ignore, but a per-
sistent and unrecognized influence that tilts the story in the direction the
propagandist wants.
So far I’ve played fast and loose with the idea of a “user.” While some “users”
of Firefox could change its code if they didn’t like the way it functioned, the vast
majority could not. For most of us, it is just as feasible to change the way
Microsoft Word functions as it is to change the way GNU/Linux operates.
But the difference here is that there is—and legally can be—a community of
developers who modify open code, but there is not—or legally cannot be—a
community of developers who modify closed code, at least without the owner’s
permission. That culture of developers is the critical mechanism that creates the
independence within open code. Without that culture, there’d be little real differ-
ence between the regulability of open and closed code.
This in turn implies a different sort of limit on this limit on the regulability
of code. Communities of developers are likely to enable some types of deviations
from rules imposed by governments. For example, they’re quite likely to resist the
kind of regulation by the French to enable the cracking of financial safety. They’re
less likely to disable virus protection or spam filters.
WHERE THIS LEADS
My argument so far has taken a simple path. In answer to those who say that
the Net cannot be regulated, I’ve argued that whether it can be regulated
depends on its architecture. Some architectures would be regulable, others
0465039146-01 12/5/06 12:28 AM Page 152
152
CODE 2.0
would not. I have then argued that government could take a role in deciding
whether an architecture would be regulable or not. The government could
take steps to transform an architecture from unregulable to regulable, both
indirectly (by making behavior more traceable) and directly (by using code to
directly effect the control the government wants).
The final step in this progression of regulability is a constraint that is
only now becoming significant. Government’s power to regulate code, to
make behavior within the code regulable, depends in part on the character of
the code. Open code is less regulable than closed code; to the extent that code
becomes open, government’s power is reduced.
Take for example the most prominent recent controversy in the area of
copyright—peer-to-peer filesharing. As I’ve described, P2P filesharing is an
application that runs on the network. Filesharing networks like StreamCast
are simply protocols that P2P applications run. All these protocols are open;
anyone can build to them. And because the technology for building to them
is widely available, whether or not a particular company builds to them
doesn’t affect whether they will be built to—but demand does.
Thus, imagine for the moment that the recording industry is successful in
driving out of business every business that supports P2P filesharing. The
industry won’t be successful in driving P2P out of existence. This is because
open code has enabled noncommercial actors to sustain the infrastructure of
P2P sharing, without the commercial infrastructure.
This is not, obviously, an absolute claim. I am discussing relative, not
absolute, regulability. Even with open code, if the government threatens pun-
ishments that are severe enough, it will induce a certain compliance. And
even with open code, the techniques of identity, tied to code that has been cer-
tified as compliant, will still give government plenty of power. Thus, much of
the argument from Part I survives this point about open code—if the world
becomes certificate-rich, regulability still increases. The same conclusion fol-
lows if more code were burned into hardware rather than left to exist as soft-
ware. Then, even if the code were open, it would not be modifiable.26
But when designing an architecture for cyberspace, the margins matter.
The values of a given space are not only the values of speech, autonomy,
access, or privacy. They may also be values of limited control. As John Perry
Barlow puts it, they are the values of a certain bug being programmed into the
architecture of the Net—a bug that inhibits the power of government to con-
trol the Net perfectly, even if it does not disable that power entirely.
For some, the objective is to build code that disables any possible govern-
mental control. That is not my objective. I certainly believe that government
must be constrained, and I endorse the constraints that open code imposes,
0465039146-01 12/5/06 12:28 AM Page 153
the limits in open code
153
but it is not my objective to disable government generally. As I’ve argued
already, and as the next part makes plain, some values can be achieved only if
government intervenes. Government has a role, even if not as substantial a
role as it would wish. We need to understand this role, as well as how our val-
ues might be advanced in the context of the Web.
One constraint seems clear in this account. As I argue more extensively
later in the book, even if open code does not disable government’s power to
regulate completely, it certainly changes that power. On the margin, open
code reduces the reward from burying regulation in the hidden spaces of
code. It functions as a kind of Freedom of Information Act for network reg-
ulation. As with ordinary law, open code requires that lawmaking be public,
and thus that lawmaking be transparent. In a sense that George Soros ought
to understand, open code is a foundation to an open society.
Even this is an important—some might say an essential—check on the
power of government. But whether or not one is for transparency generally,
my aim so far is just to map out the links. Regulability is conditional on the
character of the code, and open code changes that character. It is a limit on
government’s power to regulate—not necessarily by defeating the power to
regulate, but by changing it.
0465039146-01 12/5/06 12:28 AM Page 154
0465039146-01 12/5/06 12:28 AM Page 155
P A R T
T H R E E
l a t e n t
a m b i g u i t i e s
The story so far has focused on regulation—both the changing regulabil-
ity of behavior in cyberspace (it is increasing) and the distinctive way in
which behavior in cyberspace will be regulated (through code).
In this Part, I apply the analysis drawn so far to three areas of social
and political life that will be affected by these changes—intellectual prop-
erty, privacy, and free speech.
In each of these areas, I will identify values that are relevant. I will
then ask how those values translate to life online. In some cases, the values
carry over quite directly, but, in others, they produce what I called in
Chapter 2 a “latent ambiguity.” That ambiguity forces us to choose
between two very different conceptions of the value at stake. My aim is not
to make that choice, but instead simply to throw at least two options into
relief.
I have another objective in each chapter as well. In my view, the most
important lesson about law in cyberspace is the need for law to account
for the regulatory effect of code. Just as the wise regulator accounts for the
way the market interacts with legal regulation, so too the wise regulator
must account for the ways in which technology interacts with legal regu-
lation. That interaction is often counterintuitive. But unless a regulator
0465039146-01 12/5/06 12:28 AM Page 156
156
CODE 2.0
takes this interactive effect into account, the regulation—whether to con-
trol behavior or to protect certain liberties—will fail.
To know what values are relevant, however, we need a method for car-
rying values into a new context. I begin this part with an account of that
method. The values I will describe are part of our tradition, and they need
to be interpreted and made real in this context. Thus, I begin this part
with one approach that the law has developed for recognizing and respect-
ing these values. This is the interpretive practice I call “translation.” A
translator practices a fidelity to earlier commitments to value. Latent
ambiguities are those instances where fidelity runs out. We have nothing
to be faithful to, because the choices we now face are choices that our for-
bears did not.1
0465039146-01 12/5/06 12:28 AM Page 157
N I N E
t r a n s l a t i o n
AT THE HEIGHT OF A PREVIOUS WAR ON DRUGS—PROHIBITION, IN THE LATE
1920s—the federal government began using a technique of police work that
startled many but proved quite effective: wiretapping.1 Life had just begun to
move onto the wires, and, in an effort to take advantage of the evidence that
this new medium might yield, the government began to tap phones without
warrants.
Because law enforcement officials themselves were conflicted about the
ethics of wiretapping, taps were used sparingly. Nonetheless, for threats per-
ceived to be extremely grave, the technique was deployed. Illegal alcohol, the
obsession of the age, was just such a threat.
The most famous of these taps led to the 1928 Supreme Court case Olm-
stead v. United States. The government was investigating one of the largest ille-
gal liquor import, distribution, and sales organizations in the nation. As part
of the investigation, the government began to tap the telephones used by
dealers and their agents. These were private phones, but the taps were always
secured without trespassing on the property of the targets.2 Instead, the taps
were placed on the wires in places where the government had rightful access
to the phone lines.
Using these taps, the government recorded many hours of conversations
(775 typewritten pages, according to Justice Louis Brandeis),3 and it used
these recordings to convict the defendants in the case. The defendants chal-
lenged the use of these recordings, claiming that the government had violated
the Constitution in securing them. The Fourth Amendment protects “per-
sons, houses, papers, and effects, against unreasonable searches and seizures,”
and this wiretapping, the defendants argued, was a violation of their right to
be protected from unreasonable searches.
157
0465039146-01 12/5/06 12:28 AM Page 158
158
CODE 2.0
Under then-existing law, it was plain that to enter the apartments of
alleged bootlegger Roy Olmstead and his associates and search them (at least
while they were gone), the government investigators would have needed a
warrant, that is, they would have needed the approval of a judge or magistrate
before invading the defendants’ privacy. This is what the Fourth Amendment
had come to mean—that certain places (persons, houses, papers, and effects)
were protected by presumptively requiring a warrant before they could be
invaded.4 Here there had been no warrant, and hence, as the defendants
argued, the search had been illegal. The evidence had to be excluded.
We might pause to ask why. If we read the text of the Fourth Amendment
carefully, it is hard to see just where a warrant is required:
(a) The right of the people to be secure in their persons, houses, papers, and
effects, against unreasonable searches and seizures, shall not be violated, and
(b) no Warrants shall issue, but upon probable cause, supported by Oath or
affirmation, and particularly describing the place to be searched, and the persons
or things to be seized.
The Fourth Amendment is really two commands. (I’ve added “a” and “b”
to help make the point.) The first says that a certain right (“the right of the
People to be secure”) shall not be violated; the second limits the conditions
under which a warrant shall be issued. But the text of the amendment does
not state a relationship between the first part and the second part. And it cer-
tainly does not say that a search is unreasonable if it is not supported by a war-
rant. So why the “warrant requirement”?5
To make sense of the amendment, we must go back to its framing. At
that time, the legal protection against the invasion of privacy was trespass
law. If someone entered your property and rifled through your stuff, that per-
son violated your common law rights against trespass. You could sue that
person for trespass, whether he was a police officer or private citizen. The
threat of such suits gave the police an incentive not to invade your privacy.6
Even without a warrant, however, a trespassing police officer might have a
number of defenses. These boil down to whether the search was “reasonable.”
But there were two important facts about this reasonableness. First, the deter-
mination of reasonableness was made by a jury. Neighbors and peers of the
officer judged whether his behavior had been proper. Second, in some cases
reasonableness was found as a matter of law—that is, the judge would instruct
the jury to find that the search had been reasonable. (For example, when the
officer found contraband on the property of the defendant, whether there was
sufficient suspicion before the search or not, the search was reasonable.)7
0465039146-01 12/5/06 12:28 AM Page 159
translation
159
This regime created obvious risks for an officer before he searched some-
one’s property. If he searched and found nothing, or if a jury thought later
that his search had not been reasonable, then he paid for his illegal behavior
by being held personally liable for the rights he had violated.
But the regime also offered insurance against this liability—the warrant.
If the officer secured a warrant from a judge before he made his search, the
warrant immunized him against trespass liability. If he then found no contra-
band or his search turned out to be unreasonable, he still had a defense to a
suit.
Creating incentives was one aim of the original system. The law gave an
officer an incentive to obtain a warrant before he searched; if he was uncer-
tain, or wanted to avoid all risk of liability, he could first check his judgment
by asking a judge. But if the officer was sure, or wanted to hazard the gamble,
then not getting a warrant did not make the search automatically unreason-
able. He was at risk of increased liability, but his liability was all that was at
stake.
The weak link in this system was the judge. If judges were too lax, then
warrants would be too easy to get,8 and weak judges were a concern for the
framers. Under British rule judges had been appointed by the Crown, and by
the time of the Revolution, the Crown was the enemy. Having seen much
abuse of the power to issue warrants, the framers were not keen to give judges
control in determining whether the government’s searches were reasonable.
In particular (as I described in Chapter 2), the framers had in mind some
famous cases in which judges and the executive had issued “general warrants”
giving government officers the power to search generally for objects of contra-
band.9 In modern terms, these were “fishing expeditions.” Because the officers
had warrants, they could not be sued; because the judges were largely immune
from suit, they could not be sued. Because no one could be sued, there was a
temptation for abuse. The framers wanted to avoid just such judge-made
abuse. If there was to be immunity, it would come from a jury, or from a suc-
cessful search.
This is the origin of clause (b) of the Fourth Amendment. The framers
required that judges, when issuing warrants, name particularly “the place to
be searched, and the persons or things to be seized,” so that judges would not
be able to issue warrants of general power. The immunity of the warrant
would be limited to particular people and places, and only when probable
cause existed to issue the warrant.
This constitutional regime was designed to balance the people’s interests
in privacy against the legitimate need for the government to search. The offi-
cer had an incentive to get a warrant (to avoid the risk of personal liability);
0465039146-01 12/5/06 12:28 AM Page 160
160
CODE 2.0
the judge had a rule that restricted the conditions under which he could issue
a warrant; and together these structures limited official invasions of privacy to
cases that presented a strong reason to invade.
That much is background. But notice what follows.
The original regime presupposed a great deal. Most obviously, it presup-
posed a common-law system of trespass law—it was the threat of legal liability
from trespass law that created the incentives for officers to seek warrants in
the first place. This presupposition placed property at the core of the Consti-
tution’s original protections.
Equally important, the regime presupposed much about the technology
of the time. The Fourth Amendment focuses on trespass because that was
the primary mode of searching at the time. If it had been possible simply to
view the contents of a house without going inside, the restrictions of the
Fourth Amendment would have made little sense. But the protections of the
amendment did make sense as a way to draw the balance between govern-
ment’s power to search and the people’s right to privacy given the regime of
trespass law and privacy-invading technologies that prevailed at the end of the
eighteenth century.
Presuppositions—what is taken for granted or considered undebatable—
change.10 How do we respond when such presuppositions change? How do we
read a text written against a background of certain presuppositions when
those presuppositions no longer apply?
For Americans, or for any nation with a constitution some two hundred
years old, this is the central problem for constitutional interpretation. What if
state governments, for example, were simply to abolish rights against trespass?
Would the amendment be read any differently?11 What if technologies for
searching were to change so dramatically that no one would ever need to
enter another’s property to know what is kept there? Should the amendment
then be read differently?
The history of the Supreme Court’s treatment of such questions lacks a
perfectly clear pattern, but we can identify two distinct strategies competing
for the Court’s attention. One strategy is focused on what the framers or
founders would have done—the strategy of one-step originalism. The second
strategy aims at finding a current reading of the original Constitution that
preserves its original meaning in the present context—a strategy that I call
translation.
Both strategies are present in the Olmstead wiretapping case. When the
government tapped the phones of the defendants without any warrant, the
Court had to decide whether the use of this kind of evidence was permissible
or consistent with the principles of the Fourth Amendment. The defendants
0465039146-01 12/5/06 12:28 AM Page 161
translation
161
said: The government must get a warrant to tap phones. The government
said: The Fourth Amendment simply does not apply.
The government’s argument was quite simple. The amendment presup-
posed that the government would be trespassing to search, and it was regulat-
ing the conditions under which officers could trespass. But because
wiretapping is an invasion of privacy without a trespass, the government is
able to tap the defendants’ phones without ever entering their property; the
amendment therefore does not apply. It simply does not reach to protect inva-
sions that are invasions without trespass.
The Supreme Court agreed. In an opinion written by Chief Justice (and
former President) William Howard Taft, the Court followed the government.
The amendment does not forbid what was done here. There was no
searching. There was no seizure. The evidence was secured only by the use of
the sense of hearing and that only. The language of the amendment cannot be
extended and expanded to include telephone wires reaching to the whole
world from the defendant’s house or office.12
This conclusion was received with surprise and shock. Already much of
life had moved to the wires. People were beginning to understand what it
meant to have intimate contact “online”; they counted on the telephone sys-
tem to protect their intimate secrets. Indeed, telephone companies, having
strongly fought the authority that the government claimed, pledged not to
assist the government except as required by law.13 This resistance notwith-
standing, the Court concluded that the Constitution did not interfere with
invasions of this sort. It would not have done so when the Constitution was
written; it did not do so at the time when the case was decided.
But the dissent written by Justice Brandeis (there was also a dissent by Jus-
tices Holmes, Stone, and Butler) had a different view. As with Taft’s opinion,
the focus was fidelity. But his fidelity was quite differently conceived.
Brandeis acknowledged that the Fourth Amendment, as originally writ-
ten, applied only to trespass.14 But it did so, he argued, because when it was
written trespass was the technology for invading privacy. That was the
framers’ presupposition, but that presupposition had now changed. Given
this change, Brandeis argued, it was the Court’s responsibility to read the
amendment in a way that preserved its meaning, changed circumstances
notwithstanding. The aim must be to translate the original protections into a
context in which the technology for invading privacy had changed.15 This
would be done, Brandeis argued, by applying the Fourth Amendment’s pro-
tection to invasions that were not themselves trespasses.
These two opinions mark two different modes of constitutional interpre-
tation. Taft finds fidelity by simply repeating what the framers did; Brandeis
0465039146-01 12/5/06 12:28 AM Page 162
162
CODE 2.0
finds fidelity by finding the current equivalent to what the framers did. If we
followed Taft, Brandeis argued, we would defeat the protections for privacy
that the framers originally set; if we followed Brandeis, Taft implied, we would
be adding something to the Constitution that the framers had not written.
Partisans on both sides claimed that the opinion of the other would have
“changed” the meaning of the Constitution. But whose opinion, the Court’s
or Justice Brandeis’s, would really “change” the meaning of the Fourth
Amendment?
To answer this question, we must first ask: Change relative to what? What
is the baseline against which this change is a change? Certainly Brandeis
would have agreed that in 1791 any finding by the Court that the amendment
reached beyond trespass would have been improper. But when something
presupposed by the original amendment has changed, is it clear that the
Court’s proper response is to act as if nothing has changed at all?
Brandeis’s method accounted for the changed presupposition. He offered
a reading that changed the scope of the amendment in order to maintain the
amendment’s protection of privacy. Taft, on the other hand, offered a reading
that maintained the scope of the amendment but changed its protection of
privacy. Each reading kept something constant; each also changed something.
The question is: Which reading preserved what fidelity demands should be
preserved?
We might better see the point through a somewhat stylized re-creation.
Imagine that we could quantify privacy; we could thus describe the change in
the quantity of privacy that any change in technology might bring. (Robert
Post has given an absolutely persuasive argument about why privacy is not
quantifiable, but my purposes here are simply illustrative.16) Imagine that in
1791 protecting against physical trespass protected 90 percent of personal
privacy. The government could still stand on the street and listen through
open windows, but the invasion presented by that threat was small, all things
considered. For the most part, a regime that protected against trespass also
protected privacy.
When telephones came along, however, this protection changed. A lot of
private information was put out across the phone lines. Now, if tapping was
not trespass, much less of private life was protected from government snoop-
ing. Rather than 90 percent being protected by the amendment, only 50 per-
cent was protected.
Brandeis wanted to read the amendment so that it protected the 90 per-
cent it originally protected—even though doing so required that it protect
against more than simple trespass. He wanted to read it differently, we could
say, so that it protected the same.
0465039146-01 12/5/06 12:28 AM Page 163
translation
163
This form of argument is common in our constitutional history, and it is
central to the best in our constitutional tradition.17 It is an argument that
responds to changed circumstances by proposing a reading that neutralizes
those changes and preserves an original meaning. It is an argument invoked
by justices on both the right and the left,18 and it is a way to keep life in a con-
stitutional provision—to make certain that changes in the world do not
change the meaning of the Constitution’s text. It is an argument, we can say,
that aims at translating the protections that the Fourth Amendment gave in
1791 into the same set of protections at any time later in our history. It
acknowledges that to do this the Court may have to read the amendment dif-
ferently, but it is not reading the amendment differently to improve the
amendment or to add to its protections. It is reading the amendment differ-
ently to accommodate the changes in protection that have resulted from
changes in technology. It is translation to preserve meaning.
If there is a justice who deserves cyberspace’s praise, if there is a Supreme
Court opinion that should be the model for cyber activists in the future, if
there is a first chapter in the fight to protect cyberspace, it is this justice, this
opinion, and this case. Brandeis gave us a model for reading the Constitution
to preserve its meaning, and its values, across time and context. It is a method
that recognizes what has changed and accommodates that change to preserve
something of what the framers originally gave us. It is a method that translates
the Constitution’s meaning across fundamentally different contexts—whether
they are as temporally distant as we are from the framers or as distant as
cyberspace is from real space.
But it was Taft’s opinion that became law and his narrow view of the
Fourth Amendment that prevailed. It took forty years for the Supreme Court
to embrace Brandeis’s picture of the Fourth Amendment—40 years before
Olmstead was overruled. The case overruling it was Katz v. United States.19
Charles Katz was suspected of transmitting gambling information to
clients in other states by telephone. Federal agents recorded his half of several
of his telephone calls by attaching an eavesdropping device to the outside of
a public phone booth where he made his calls. Katz was convicted on the
basis of this evidence, and the court of appeals upheld the conviction on the
basis of Olmstead.
Harvard Law School Professor Laurence Tribe was involved in the case at
the beginning of his legal career:
As a [law] clerk to Supreme Court Justice Potter Stewart, I found myself working on
a case involving the government’s electronic surveillance of a suspected criminal in
the form of a tiny device attached to the outside of a public telephone booth. Because
0465039146-01 12/5/06 12:28 AM Page 164
164
CODE 2.0
the invasion of the suspect’s privacy was accomplished without physical trespass
into a “constitutionally protected area,” the Federal Government argued, relying
upon Olmstead, that there had been no “search” or “seizure” and therefore the Fourth
Amendment “right of the people to be secure in their persons, houses, papers, and
effects, against unreasonable searches and seizures” simply did not apply.
At first, there were only four votes to overrule Olmstead and to hold the Fourth
Amendment applicable to wiretapping and electronic eavesdropping. I’m proud to
say that, as a 26-year-old kid, I had at least a little bit to do with changing that num-
ber from four to seven—and with the argument, formally adopted by a seven-Justice
majority in December 1967, that the Fourth Amendment “protects people, not
places” [389 US at 351]. In that decision, Katz v. United States, the Supreme Court
finally repudiated Olmstead and the many decisions that had relied upon it, reason-
ing that, given the role of electronic telecommunications in modern life, the [First
Amendment] purposes of protecting free speech as well as the [Fourth Amendment]
purposes of protecting privacy require treating as a “search” any invasion of a per-
son’s confidential telephone communications, with or without physical trespass.20
The Court in Katz followed Brandeis rather than Taft. It sought a reading
of the Fourth Amendment that made sense of the amendment in a changed
context. In the framers’ context of 1791, protecting against trespass to prop-
erty was an effective way to protect against trespass to privacy, but in the Katz
context of the 1960s it was not. In the 1960s much of intimate life was con-
ducted in places where property rules did not reach (in the “ether,” for exam-
ple, of the AT&T telephone network). And so a regime that made privacy
hang on property did not protect privacy to the same degree that the framers
had intended. Justice Stewart in Katz sought to remedy that by linking the
Fourth Amendment to a more direct protection of privacy.
The link was the idea of “a reasonable expectation of privacy.” The core
value, Stewart wrote, was the protection of “people, not places.”21 Hence, the
core technique should be to protect people where they have a reasonable
expectation of privacy. Where this is the case, the government cannot invade
that space without satisfying the requirements of the Fourth Amendment.
There is much to admire in Stewart’s opinion, at least to the extent that he
is willing to fashion tools for preserving the Constitution’s meaning in
changed circumstances—or again, to the extent that he attempts to translate
the protections of the Fourth Amendment into a modern context. There is
also much to question.22 But we can put those questions aside for the moment
and focus on one feature of the problem that is fairly uncontentious.
While lines will be hard to draw, it is at least fairly clear that the framers
made a conscious choice to protect privacy. This was not an issue off the table
0465039146-01 12/5/06 12:28 AM Page 165
translation
165
of their original debate or a question they did not notice. And this is not the
“right to privacy” that conservatives complain about in the context of the
right to abortion. This is the right to be free from state intrusion into the
“sanctity” of a private home. State-enforced threats to individual privacy were
at the center of the movement that led to the republic. Brandeis and Stewart
simply aimed to effect that choice in contexts where the earlier structure had
grown ineffectual.
Translations like these are fairly straightforward. The original values cho-
sen are fairly clear; the way in which contexts undermine the original appli-
cation is easily grasped; and the readings that would restore the original values
are fairly obvious. Of course, such cases often require a certain interpretive
courage—a willingness to preserve interpretive fidelity by changing an inter-
pretive practice. But at least the direction is clear, even if the means are a bit
unseemly.23
These are the easy cases. They are even easier when we are not trying to
carry values from some distant past into the future but instead are simply
carrying values from one context into another. When we know what values we
want to preserve, we need only be creative about how to preserve them.
Cyberspace will present many such easy cases. When courts confront
them, they should follow the example of Brandeis: They should translate, and
they should push the Supreme Court to do likewise. Where circumstances
have changed to nullify the protections of some original right, the Court
should adopt a reading of the Constitution that restores that right.
But some cases will not be so easy. Sometimes translation will not be an
option, and sometimes the values that translation would track are values we
no longer want to preserve. Sometimes we cannot tell which values translation
would select. This was the problem in Chapter 2 with the worm, which made
the point about latent ambiguities. Changing contexts sometimes reveals an
ambiguity latent in the original context. We must then choose between two
different values, either of which could be said to be consistent with the orig-
inal value. Since either way could be said to be right, we cannot say that the
original context (whether now or two hundred years ago) decided the case.
Professor Tribe describes an example in a founding article in the law of
cyberspace, “The Constitution in Cyberspace.”24 Tribe sketches a method of
reading the Constitution in cyberspace that aims to make the Constitution
“technologically neutral.” The objective is to adopt readings (or perhaps even
an amendment) that make it plain that changes in technology are not to
change the Constitution’s meaning. We must always adopt readings of the
Constitution that preserve its original values. When dealing with cyberspace,
judges are to be translators: Different technologies are the different languages,
0465039146-01 12/5/06 12:28 AM Page 166
166
CODE 2.0
and the aim is to find a reading of the Constitution that preserves its meaning
from one world’s technology to another.25
This is fidelity as translation. This kind of translation speaks as if it is
just carrying over something that has already been said. It hides the creativity
in its act; it feigns a certain polite or respectful deference. This way of reading
the Constitution insists that the important political decisions have already
been made and all that is required is a kind of technical adjustment. It aims to
keep the piano in tune as it is moved from one concert hall to another.
But Tribe then offers an example that may make this method seem empty.
The question is about the meaning of the confrontation clause of the Sixth
Amendment—the defendant’s right in a criminal trial “to be confronted with
the witnesses against him.” How, Tribe asks, should we read this clause today?
At the time of the founding, he argues, the technology of confrontation
was simple—confrontation was two-way. If a witness confronted the accused,
the accused, of necessity, confronted the witness. This was a necessity given to
us by the technology of the time. But today it is possible for confrontation to
be one-way—the witness confronts the accused, but the accused need not
confront the witness. The question then is whether the confrontation clause
requires one-way or two-way confrontation.26
Let us grant that Tribe’s descriptions of the available technologies are
correct and that the framers embraced the only confrontation clause that
their technology permitted. The real question comes in step two. Now that
technology allows two possibilities—one-way or two-way confrontation—
which does the Constitution require?
The Court’s answer in its 1990 decision in Maryland v. Craig was clear:
The Constitution requires only one-way confrontation. A confrontation
clause regime that permits only one-way confrontation, at least when there are
strong interests in not requiring two, is a fair translation of the original
clause.27
As a matter of political choice, I certainly like this answer. But I do not see
its source. It seems to me that this is a question the framers did not decide,
and a question that if presented to them might well have divided them. Given
the technology of 1791, they did not have to decide between one-way and
two-way confrontation; given the conflict of values at stake, it is not obvious
how they would have decided it. Thus, to speak as if there were an answer here
that the framers gave us is a bit misleading. The framers gave no answer here,
and, in my view, no answer can be drawn from what they said.
Like the worm in Chapter 2, the confrontation clause presents a latent
ambiguity.28 Constitutional law in cyberspace will reveal many more such
latent ambiguities. And these ambiguities offer us a choice: How will we go on?
0465039146-01 12/5/06 12:28 AM Page 167
translation
167
Choices are not terrible. It is not a disaster if we must make a decision—
as long as we are capable of it. But here is the nub of the problem as I see it.
As I argue in more detail in Part IV, given the current attitudes of our courts,
and our legal culture generally, constitutional choices are costly. We are bad at
making them; we are not likely to get better at it soon.
When there is no answer about how to proceed—when the translation
leaves open a question—we have two sorts of responses in constitutional
practice. One response is passive: The court simply lets the legislature decide.
This is the response that Justice Scalia presses in the context of the Fourteenth
Amendment. On matters that, to the framers, were “undebatable,” the Consti-
tution does not speak.29 In this case, only the legislature can engage and press
questions of constitutional value and thus say what the Constitution will con-
tinue to mean.
The second response is more active: The court finds a way to articulate
constitutional values that were not present at the founding. The courts help
spur a conversation about these fundamental values—or at least add their
voice to this conversation—to focus a debate that may ultimately be resolved
elsewhere. The first response is a way of doing nothing; the second is a way of
exciting a dialogue about constitutional values as a means to confronting and
resolving new questions.30
My fear about cyberspace is that we will respond in the first way—that the
courts, the institutions most responsible for articulating constitutional values,
will stand back while issues of constitutional import are legislatively deter-
mined. My sense is that they will step back because they feel (as the balance of
this book argues) that these are new questions that cyberspace has raised.
Their newness will make them feel political, and when a question feels polit-
ical, courts step away from resolving it.
I fear this not because I fear legislatures, but because in our day constitu-
tional discourse at the level of the legislature is a very thin sort of discourse.
The philosopher Bernard Williams has argued that because the Supreme
Court has taken so central a role in the articulation of constitutional values,
legislatures no longer do.31 Whether Williams is correct or not, this much is
clear: The constitutional discourse of our present Congress is far below the
level at which it must be to address the questions about constitutional values
that will be raised by cyberspace.
How we could reach beyond this thinness of discourse is unclear. Consti-
tutional thought has been the domain of lawyers and judges for too long. We
have been trapped by a mode of reasoning that pretends that all the important
questions have already been answered, that our job now is simply to translate
them for modern times. As a result, we do not quite know how to proceed
0465039146-01 12/5/06 12:28 AM Page 168
168
CODE 2.0
when we think the answers are not already there. As nations across the world
struggle to express and embrace constitutional values, we, with the oldest
written constitutional tradition, have lost the practice of embracing, articulat-
ing, and deciding on constitutional values.
I return to this problem in Chapter 15. For now, my point is simply
descriptive. Translation is one way to deal with the choices that cyberspace
presents. It is one way of finding equivalence across contexts. But in the four
applications that follow, I press the question: Is the past enough? Are there
choices the framers did not address? Are they choices that we must make?32
0465039146-01 12/5/06 12:28 AM Page 169
T E N
i n t e l l e c t u a l
p r o p e r t y
HAROLD REEVES IS AMONG THE BEST RESEARCH ASSISTANTS I HAVE HAD. (BUT ALAS,
the law has now lost him—he’s become a priest!). Early into his second year
at the University of Chicago Law School, he came to me with an idea he had
for a student “comment”—an article that would be published in the law
review.1 The topic was trespass law in cyberspace—whether and how the law
should protect owners of space in cyberspace from the kinds of intrusions
that trespass law protects against in real space. His initial idea was simple:
There should be no trespass law in cyberspace.2 The law should grant “own-
ers” of space in cyberspace no legal protection against invasion; they should
be forced to fend for themselves.
Reeves’s idea was a bit nutty, and in the end, I think, wrong.3 But it con-
tained an insight that was quite brilliant, and that should be central to think-
ing about law in cyberspace.
The idea—much more briefly and much less elegantly than Reeves has
put it—is this: The question that law should ask is, What means would bring
about the most efficient set of protections for property interests in cyberspace?
Two sorts of protections are possible. One is the traditional protection of
law—the law defines a space where others should not enter and punishes
people who enter nonetheless. The other protection is a fence, a technological
device (a bit of code) that (among other things) blocks the unwanted from
entering. In real space, of course, we have both—law, in the form of trespass
law, and fences that supplement that law. Both cost money, and the return
from each is not necessarily the same. From a social perspective, we would
want the mix that provides optimal protection at the lowest cost. (In eco-
nomics-speak, we would want a mix such that the marginal cost of an addi-
tional unit of protection is equivalent to the marginal benefit.)
169
0465039146-01 12/5/06 12:28 AM Page 170
170
CODE 2.0
The implication of this idea in real space is that it sometimes makes sense
to shift the burden of protection to citizens rather than to the state. If, for
example, a farmer wants to store some valuable seed on a remote part of his
farm, it is better for him to bear the cost of fencing in the seed than to require
the police to patrol the area more consistently or to increase the punishment
for those they catch. The question is always one of balance between the costs
and benefits of private protection and state protection.
Reeves’s insight about cyberspace follows the same line. The optimal
protection for spaces in cyberspace is a mix between public law and private
fences. The question to ask in determining the mix is which protection, on
the margin, costs less. Reeves argues that the costs of law in this context are
extremely high—in part because of the costs of enforcement, but also
because it is hard for the law to distinguish between legitimate and illegiti-
mate uses of cyberspaces. There are many “agents” that might “use” the
space of cyberspace. Web spiders, which gather data for web search engines;
browsers, who are searching across the Net for stuff to see; hackers (of the
good sort) who are testing the locks of spaces to see that they are locked; and
hackers (of the bad sort) who are breaking and entering to steal. It is hard,
ex ante, for the law to know which agent is using the space legitimately and
which is not. Legitimacy depends on the intention of the person granting
access.
So that led Reeves to his idea: Since the intent of the “owner” is so crucial
here, and since the fences of cyberspace can be made to reflect that intent
cheaply, it is best to put all the incentive on the owner to define access as he
wishes. The right to browse should be the norm, and the burden to lock doors
should be placed on the owner.4
Now put Reeves’s argument aside, and think for a second about some-
thing that will seem completely different but is very much the same idea.
Think about “theft” and the protections that we have against it.
• I have a stack of firewood behind my house. No one steals it. If I left my bike out
overnight, it would be gone.
• A friend told me that, in a favorite beach town, the city used to find it impossible
to plant flowers—they would immediately be picked. But now, he proudly
reports, after a long “community spirit” campaign, the flowers are no longer
picked.
• There are special laws about the theft of automobiles, planes, and boats. There
are no special laws about the theft of skyscrapers. Cars, planes, and boats need
protection. Skyscrapers pretty much take care of themselves.
0465039146-01 12/5/06 12:28 AM Page 171
intellectual property
171
Many things protect property against theft—differently. The market pro-
tects my firewood (it is cheaper to buy your own than it is to haul mine away);
the market is a special threat to my bike (which if taken is easily sold). Norms
sometimes protect flowers in a park; sometimes they do not. Nature some-
times conspires with thieves (cars, planes, and boats) and sometimes against
them (skyscrapers).
These protections are not fixed. I could lock my bike and thereby use
real-space code to make it harder to steal. There could be a shortage of fire-
wood; demand would increase, making it harder to protect. Public campaigns
about civic beauty might stop flower theft; selecting a distinctive flower might
do the same. Sophisticated locks might make stolen cars useless; sophisticated
bank fraud might make skyscrapers vulnerable. The point is not that protec-
tions are given, or unchangeable, but that they are multiplied and their
modalities different.
Property is protected by the sum of the different protections that law,
norms, the market, and real-space code yield. This is the implication of the
argument made in Chapter 7. From the point of view of the state, we need law
only when the other three modalities leave property vulnerable. From the
point of view of the citizen, real-space code (such as locks) is needed when laws
and norms alone do not protect enough. Understanding how property is pro-
tected means understanding how these different protections work together.
Reeves’s idea and these reflections on firewood and skyscrapers point to
the different ways that law might protect “property” and suggest the range of
kinds of property that law might try to protect. They also invite a question
that has been asked by Justice Stephen Breyer and many others: Should law
protect some kinds of property—in particular, intellectual property—at all?5
Among the kinds of property law might protect, my focus in this chapter
will be on the property protected by copyright.6 Of all the different types of
property, this type is said to be the most vulnerable to the changes that cyber-
space will bring. Many believe that intellectual property cannot be protected
in cyberspace. And in the terms that I’ve sketched, we can begin to see why
one might think this, but we will soon see that this thought must be wrong.
ON THE REPORTS OF COPYRIGHT’S DEMISE
Roughly put, copyright gives a copyright holder certain exclusive rights over
the work, including, most famously, the exclusive right to copy the work. I
have a copyright in this book. That means, among other rights, and subject to
some important exceptions, you cannot copy this book without my permis-
sion. The right is protected to the extent that laws (and norms) support it, and
0465039146-01 12/5/06 12:28 AM Page 172
172
CODE 2.0
it is threatened to the extent that technology makes it easy to copy. Strengthen
the law while holding technology constant, and the right is stronger. Prolifer-
ate copying technology while holding the law constant, and the right is
weaker.
In this sense, copyright has always been at war with technology. Before the
printing press, there was not much need to protect an author’s interest in his
creative work. Copying was so expensive that nature itself protected that inter-
est. But as the cost of copying decreased, and the spread of technologies for
copying increased, the threat to the author’s control increased. As each gener-
ation has delivered a technology better than the last, the ability of the copy-
right holder to protect her intellectual property has been weakened.
Until recently, the law’s response to these changes has been measured and
gradual. When technologies to record and reproduce sound emerged at the
turn of the last century, composers were threatened by them. The law responded
by giving composers a new, but limited, right to profit from recordings. When
radio began broadcasting music, the composers were held to be entitled to
compensation for the public performance of their work, but performers were
not compensated for the “performance” of their recordings. Congress decided
not to remedy that problem. When cable television started rebroadcasting tel-
evision broadcasts, the copyright holders in the original broadcasts complained
their work was being exploited without compensation. Congress responded by
granting the copyright holders a new, but limited, right to profit from the
rebroadcasts. When the VCR made it simple to record copyrighted content
from off the air, copyright holders cried “piracy.” Congress decided not to
respond to that complaint. Sometimes the change in technology inspired Con-
gress to create new rights, and sometimes not. But throughout this history, new
technologies have been embraced as they have enabled the spread of culture.
{TXB2}
During the same period, norms about copyrighted content also evolved. But
the single, defining feature of these norms can perhaps be summarized like
this: that a consumer could do with the copyrighted content that he legally
owned anything he wanted to do, without ever triggering the law of copyright.
This norm was true almost by definition until 1909, since before then, the law
didn’t regulate “copies.” Any use the consumer made of copyrighted content
was therefore highly unlikely to trigger any of the exclusive rights of copyright.
After 1909, though the law technically regulated “copies,” the technologies to
make copies were broadly available. There was a struggle about Xerox
machines, which forced a bit of reform,7 but the first real conflict that copy-
right law had with consumers happened when cassette tapes made it easy to
copy recorded music. Some of that copying was for the purpose of making a
0465039146-01 12/5/06 12:28 AM Page 173
intellectual property
173
“mixed tape,” and some was simply for the purpose of avoiding the need to buy
the original recording. After many years of debate, Congress decided not to leg-
islate a ban on home taping. Instead, in the Audio Home Recording Act, Con-
gress signaled fairly clear exemptions from copyright for such consumer
activity. These changes reinforced the norm among consumers that they were
legally free to do whatever they wanted with copyrighted work. Given the tech-
nologies most consumers had access to, the stuff they wanted to do either did
not trigger copyright (e.g., resell their books to a used bookstore), or if it did,
the law was modified to protect it (e.g., cassette tapes).
Against the background of these gradual changes in the law, along with the
practical norm that, in the main, the law didn’t reach consumers, the changes of
digital technology were a considerable shock. First, from the perspective of tech-
nology, digital technologies, unlike their analog sister, enabled perfect copies of
an original work. The return from copying was therefore greater. Second, also
from the perspective of technology, the digital technology of the Internet enabled
content to be freely (and effectively anonymously) distributed across the Internet.
The availability of copies was therefore greater. Third, from the perspective of
norms, consumers who had internalized the norm that they could do with “their
content” whatever they wanted used these new digital tools to make “their con-
tent” available widely on the Internet. Companies such as Napster helped fuel
this behavior, but the practice existed both before and after Napster. And fourth,
from the perspective of law, because the base technology of the Internet didn’t
reveal anything about the nature of the content being shared on the Internet, or
about who was doing the sharing, there was little the law could do to stop this
massive “sharing” of content. Thus fifth, and from the perspective of copyright
holders, digital technologies and the Internet were the perfect storm for their
business model: If they made money by controlling the distribution of “copies”
of copyrighted content, you could well understand why they viewed the Internet
as a grave threat.
Very quickly, and quite early on, the content industry responded to this
threat. Their first line of defense was a more aggressive regime of regulation.
Because, the predictions of cyberspace mavens notwithstanding, not everyone
was willing to concede that copyright law was dead. Intellectual property
lawyers and interest groups pushed early on to have law shore up the protec-
tions of intellectual property that cyberspace seemed certain to erase.
LAW TO THE RESCUE
The initial response to this push was a White Paper produced by the Com-
merce Department in 1995. The paper outlined a series of modifications
0465039146-01 12/5/06 12:28 AM Page 174
174
CODE 2.0
aimed, it said, at restoring “balance” in intellectual property law. Entitled
“Intellectual Property and the National Information Infrastructure,” the
report sought to restate existing intellectual property law in terms that anyone
could understand, as well as to recommend changes in the law in response to
the changes the Net would bring. But as scholars quickly pointed out, the
first part was a bust.8 The report no more “restated” existing law than Soviet
historians “retold” stories of Stalin’s administration. The restatement had a
tilt, very definitely in the direction of increased intellectual property protec-
tion, but it pretended that its tilt was the natural lay of the land.
For our purposes, however, it is the recommendations that were most
significant. The government proposed four responses to the threat presented
by cyberspace. In the terms of Chapter 7, these responses should be familiar.
The first response was traditional. The government proposed changes in
the law of copyright to “clarify” the rights that it was to protect.9 These
changes were intended to better define the rights granted under intellectual
property law and to further support these rights with clarified (and possibly
greater) legal penalties for their violation.
The second response addressed norms, specifically copying norms. The
report recommended increased educational efforts, both in schools and
among the general public, about the nature of intellectual property and the
importance of protecting it. In the terms of Chapter 7, this is the use of law
to change norms so that norms will better support the protection of intellec-
tual property. It is an indirect regulation of behavior by direct regulation of
norms.
The third and fourth responses mixed technology and the market. The
report called for legal support—through financial subsidies and special legal
protection—of “copyright management schemes.” These “schemes” were sim-
ply technologies that would make it easier to control access to and use of
copyrighted material. We will explore these “schemes” at some length later in
this chapter, but I mention them now as another example of indirect regula-
tion—using the market to subsidize the development of a certain software
tool, and using law to regulate the properties of other software tools. Copy-
right management systems would be supported by government funding and
by the threat of criminal sanctions for anyone deploying software to crack
them.10
Congress followed the recommendations of the 1995 White Paper in some
respects. The most important was the enactment of the Digital Millennium
Copyright Act in 1998. That statute implemented directly the recommendation
that “technological protection measures” be protected by law. Code that some-
one implements to control either access to or use of a copyrighted work got
0465039146-01 12/5/06 12:28 AM Page 175
intellectual property
175
special legal protection under the DMCA: Circumvention of that code, subject
to a few important exceptions, constituted a violation of the law.
We will return to the DMCA later. The point just now, however, is to rec-
ognize something important about the presumption underlying the White
Paper. The 1995 package of proposals was a scattershot of techniques—some
changes in law, some support for changing norms, and lots of support for
changing the code of cyberspace to make it better able to protect intellectual
property. Perhaps nothing better than this could have been expected in
1995—the law promised a balance of responses to deal with the shifting bal-
ance brought on by cyberspace.
Balance is attractive, and moderation seems right. But something is miss-
ing from this approach. The White Paper proceeds as if the problem of pro-
tecting intellectual property in cyberspace was just like the problem of
protecting intellectual property in real space. It proceeds as if the four con-
straints would operate in the same proportions as in real space, as if nothing
fundamental had changed.
But something fundamental has changed: the role that code plays in the
protection of intellectual property. Code can, and increasingly will, displace
law as the primary defense of intellectual property in cyberspace. Private
fences, not public law.
The White Paper did not see this. Built into its scattershot of ideas is one
that is crucial to its approach but fundamentally incorrect—the idea that the
nature of cyberspace is anarchy. The White Paper promises to strengthen law
in every area it can. But it approaches the question like a ship battening down
for a storm: Whatever happens, the threat to copyright is real, damage will be
done, and the best we can do is ride it out.
This is fundamentally wrong. We are not entering a time when copyright
is more threatened than it is in real space. We are instead entering a time
when copyright is more effectively protected than at any time since Guten-
berg. The power to regulate access to and use of copyrighted material is about
to be perfected. Whatever the mavens of the mid-1990s may have thought,
cyberspace is about to give holders of copyrighted property the biggest gift of
protection they have ever known.
In such an age, the real question for law is not, how can law aid in that
protection? but rather, is the protection too great? The mavens were right
when they predicted that cyberspace will teach us that everything we thought
about copyright was wrong.11 But the lesson in the future will be that copy-
right is protected far too well. The problem will center not on copy-right but
on copy-duty—the duty of owners of protected property to make that prop-
erty accessible.
0465039146-01 12/5/06 12:28 AM Page 176
176
CODE 2.0
That’s a big claim. To see it, however, and to see the consequences it
entails, we need consider three examples. The first is a vision of a researcher
from Xerox PARC (appropriately enough), Mark Stefik, and his idea of
“trusted systems.”12 The second is an implication of a world dominated by
trusted systems. The third is an unreckoned cost to the path we are now on to
“protect intellectual property.” The examples will throw into relief the threat
that these changes present for values that our tradition considers fundamen-
tal. They should force us to make a choice about those values, and about their
place in our future.
THE PROMISE FOR INTELLECTUAL PROPERTY IN CYBERSPACE
It all depends on whether you really understand the idea of trusted sys-
tems. If you don’t understand them, then this whole approach to com-
merce and digital publishing is utterly unthinkable. If you do
understand them, then it all follows easily.
Ralph Merkle, quoted in Stefik, “Letting Loose the Light” (1996)
In what we can call the first generation of digital technologies, content
owners were unable to control who copied what. If you have a copy of a copy-
righted photo rendered in a graphics file, you could make unlimited copies of
that file with no effect on the original. When you make the one-hundredth
copy, nothing would indicate that it was the one-hundredth copy rather than
the first. And as we’ve described again and again, in the original code of the
Internet, there was nothing to regulate how or to whom copyrighted content
was distributed. The function of “copying” as it was developed by the coders
who built it, either in computers or networks, aimed at “copying”—not at
“copying” with specified permissions.
This character to the function “copy” was not unique to cyberspace. We
have seen a technology that presented the same problem, and I’ve already
described how a solution was subsequently built into the technology.13 Digital
Audio Tape (DAT) technology was thought to be a threat to copyright owners.
A number of solutions to this threat were proposed. Some people argued for
higher penalties for illegal copying of tapes (direct regulation by law). Some,
such as Richard Stallman, argued for a tax on blank tapes, with the proceeds
compensating copyright holders (indirect regulation of the market by law).
Some argued for better education to stop illegal copies of tapes (indirect reg-
ulation of norms by law). But some argued for a change in the code of DAT
machines that would block unlimited perfect copying.
0465039146-01 12/5/06 12:28 AM Page 177
intellectual property
177
The tax and code regulators won. In late 1992, as a compromise between
the technology and content industries, Congress passed the Audio Home
Recording Act. The act first imposed a tax on both recorders and blank DAT
media, with the revenues to be used to compensate copyright holders for the
expected copyright infringement enabled by the technology. But more inter-
estingly, the Act required manufacturers of DAT technology to include a Serial
Copy Management System, which would limit the ability of DAT technology
to copy. That limit was effected through a code inserted in copies made using
DAT technology. From an original, the technology would always permit a
copy. But from a copy made on a DAT recorder, no further digital copy could
be made. (An analog copy could be made, thus degrading the quality of the
copy, but not a perfect digital copy.) The technology was thus designed to
break the “copy” function under certain conditions, so as to indirectly protect
copyright owners. The net effect of these two changes was to minimize any
harm from the technology, as well as to limit the functionality of the technol-
ogy where it would be expected that functionality would encourage the vio-
lation of copyright. (Many think the net effect of this regulation also killed
DAT technology.)
Something like the same idea animated Stefik’s vision.14 He was not keen
to make the quality of copies decrease. Rather, his objective was to make it
possible to track and control the copies of digital content that are made.15
Think of the proposal like this. Today, when you buy a book, you may do
any number of things with it. You can read it once or one hundred times. You
can lend it to a friend. You can photocopy pages in it or scan it into your
computer. You can burn it, use it as a paperweight, or sell it. You can store it
on your shelf and never once open it.
Some of these things you can do because the law gives you the right to do
them—you can sell the book, for example, because the copyright law explicitly
limits the copyright owner’s right to control your use of the physical book
after the “first sale.” Other things you can do because there is no effective way
to stop you. A book seller might sell you the book at one price if you promise
to read it once, and at a different price if you want to read it one hundred
times, but there is no way for the seller to know whether you have obeyed the
contract. In principle, the seller could sell a police officer with each book to
follow you around and make sure you use the book as you promised, but the
costs of this control would plainly exceed any benefit.
But what if each of these rights could be controlled, and each unbundled
and sold separately? What if, that is, the software itself could regulate whether
you read the book once or one hundred times; whether you could cut and
paste from it or simply read it without copying; whether you could send it as
0465039146-01 12/5/06 12:28 AM Page 178
178
CODE 2.0
an attached document to a friend or simply keep it on your machine; whether
you could delete it or not; whether you could use it in another work, for
another purpose, or not; or whether you could simply have it on your shelf or
have it and use it as well?
Stefik describes a network that makes such unbundling of rights possible.
He describes an architecture that would allow owners of copyrighted materi-
als to sell access to those materials on the terms they want and would enforce
those contracts.
The details of the system are not important here (it builds on the encryp-
tion architecture I described in Chapter 4),16 but its general idea is easy
enough to describe. As the Net is now, basic functions like copying and access
are crudely regulated in an all-or-nothing fashion. You generally have the
right to copy or not, to gain access or not.
But a more sophisticated system of rights could be built into the Net—
not into a different Net, but on top of the existing Net. This system would
function by discriminating in the intercourse it has with other systems. A
system that controlled access in this more fine-grained way would grant access
to its resources only to another system that controlled access in the same way.
A hierarchy of systems would develop, and copyrighted material would be
traded only among systems that properly controlled access.
In such a world, then, you could get access, say, to the New York Times and
pay a different price depending on how much of it you read. The Times could
determine how much you read, whether you could copy portions of the news-
paper, whether you could save it on your hard disk, and so on. But if the code
you used to access the Times site did not enable the control the Times
demanded, then the Times would not let you onto its site at all. In short, sys-
tems would exchange information only with others that could be trusted, and
the protocols of trust would be built into the architectures of the systems.
Stefik calls this “trusted systems,” and the name evokes a helpful analog.
Think of bonded couriers. Sometimes you want to mail a letter with some-
thing particularly valuable in it. You could simply give it to the post office, but
the post office is not a terribly reliable system; it has relatively little control
over its employees, and theft and loss are not uncommon. So instead of going
to the post office, you could give your letter to a bonded courier. Bonded
couriers are insured, and the insurance is a cost that constrains them to be
reliable. This reputation then makes it possible for senders of valuable mate-
rial to be assured about using their services. As Stefik writes:
with trusted systems, a substantial part of the enforcement of a digital contract
is carried out by the trusted system. [T]he consumer does not have the option of
0465039146-01 12/5/06 12:28 AM Page 179
intellectual property
179
disregarding a digital contract by, for example, making unauthorized copies of
a work. A trusted system refuses to exercise a right that is not sanctioned by the
digital contract.17
This is what a structure of trusted systems does for owners of intellectual
property. It is a bonded courier that takes the thing of value and controls
access to and use of it according to the orders given by the principal.
Imagine for a moment that such a structure emerged generally in cyber-
space. How would we then think about copyright law?
An important point about copyright law is that, though designed in part
to protect authors, the control it was designed to create was never to be per-
fect. As the Supreme Court noted, copyright “protection has never accorded
the copyright owner complete control over all possible uses of his work.”18
Thus, the law grants only particular exclusive rights, and those rights are sub-
ject to important limitations, such as “fair use,” limited terms, and the first sale
doctrine. The law threatened to punish violators of copyright laws—and it
was this threat that induced a fairly high proportion of people to comply—
but the law was never designed to simply do the author’s bidding. It had pub-
lic purposes as well as the author’s interest in mind.
Trusted systems provide authors with the same sort of protection.
Because authors can restrict unauthorized use of their material, they can
extract money in exchange for access. Trusted systems thus achieve what copy-
right law aims to, but they can achieve this protection without the law doing
the restricting. It permits a much more fine-grained control over access to and
use of protected material than the law permits, and it can do so without the
aid of the law.
What copyright seeks to do using the threat of law and the push of norms,
trusted systems do through the code. Copyright orders others to respect the
rights of the copyright holder before using his property; trusted systems give
access only if rights are respected in the first place. The controls needed to reg-
ulate this access are built into the systems, and no users (except hackers) have
a choice about whether to obey them. The code complements the law by cod-
ifying the rules, making them more efficient.
Trusted systems in this sense are a privatized alternative to copyright law.
They need not be exclusive; there is no reason not to use both law and trusted
systems. Nevertheless, the code is effectively doing the work that the law was
designed to do. It implements the law’s protection, through code, far more
effectively than the law did.
What could be wrong with this? We do not worry when people put dou-
ble bolts on their doors to supplement the work of the neighborhood cop. We
0465039146-01 12/5/06 12:28 AM Page 180
180
CODE 2.0
do not worry when they lock their cars and take their keys. It is not an offense
to protect yourself rather than rely on the state. Indeed, in some contexts it is
a virtue. Andrew Jackson’s mother, for example, told him, “Never tell a lie, nor
take what is not your own, nor sue anybody for slander, assault and battery.
Always settle them cases yourself.”19 Self-sufficiency is strength and going to
the law a sign of weakness.
There are two steps to answering this question. The first rehearses a famil-
iar but forgotten point about the nature of “property”; the second makes a less
familiar, but central, point about the nature of intellectual property. Together
they suggest why perfect control is not the control that law has given owners
of intellectual property. And together they suggest the potential problem that
copyright law in cyberspace will create.
THE LIMITS ON THE PROTECTION OF PROPERTY
The realists in American legal history (circa 1890–1930) were scholars who (in
part) emphasized the role of the state in what was called “private law.”20 At the
time they wrote, it was the “private” in private law that got all the emphasis.
Forgotten was the “law,” as if “property” and “contract” existed independent of
the state.
The realists’ aim was to undermine this view. Contract and property law,
they argued, gave private parties power.21 If you breach a contract with me, I
can have the court order the sheriff to force you to pay; the contract gives me
access to the state power of the sheriff. If your contract with your employer
says that it may dismiss you for being late, then the police can be called in to
eject you if you refuse to leave. If your lease forbids you to have cats, then the
landlord can use the power of the courts to evict you if you do not get rid of
the cats. These are all instances where contract and property, however
grounded in private action, give a private person an entitlement to the state.
No doubt this power is justified in many cases; to call it “law” is not to call
it unjust. The greatest prosperity in history has been created by a system in
which private parties can order their lives freely through contract and prop-
erty. But whether justified in the main or not, the realists argued that the
contours of this “law” should be architected to benefit society.22
This is not communism. It is not an attack on private property, and it is
not to say that the state creates wealth (put your Ayn Rand away). These are
claims about the relationship between private law and public law, and they
should be uncontroversial.
Private law creates private rights to the extent that these private rights
serve some collective good. If a private right is harmful to a collective good,
0465039146-01 12/5/06 12:28 AM Page 181
intellectual property
181
then the state has no reason to create it. The state’s interests are general, not
particular. It has a reason to create rights when those rights serve a common,
rather than particular, end.
The institution of private property is an application of this point. The
state has an interest in defining rights to private property because private
property helps produce a general, and powerful, prosperity. It is a system for
ordering economic relations that greatly benefits all members of society. No
other system that we have yet devised better orders economic relations. No
other system, some believe, could.23
But even with ordinary property—your car, or your house—property
rights are never absolute. There is no property that does not have to yield at
some point to the interests of the state. Your land may be taken to build a
highway, your car seized to carry an accident victim to the hospital, your
driveway crossed by the postman, your house inspected by health inspectors.
In countless ways, the system of property we call “private property” is a system
that balances exclusive control by the individual against certain common state
ends. When the latter conflict with the former, it is the former that yields.
This balance, the realists argued, is a feature of all property. But it is an
especially important feature of intellectual property. The balance of rights
with intellectual property differs from the balance with ordinary real or per-
sonal property. “Information,” as Boyle puts it, “is different.”24 And a very
obvious feature of intellectual property shows why.
When property law gives me the exclusive right to use my house, there’s
a very good reason for it. If you used my house while I did, I would have less
to use. When the law gives me an exclusive right to my apple
