Watch “Is Free Speech for Assholes?”

The panel discussion from the Speech Holes conference is now available online, where First Amendment scholars grapple with the age-old question, “Is Free Speech for Assholes?

Information Libertarianism

Jane and I have a new article coming out in volume 105 of California Law Review, titled Information Libertarianism. Here’s the abstract:

Recent First Amendment precedent is widely attacked as unprincipled: a deregulatory judicial agenda disguised as free speech protection. The scholarly consensus is mistaken. Descriptively, free speech protections scrutinize only information regulation, usefully pushing government to employ more direct regulations with fewer collateral consequences. Even an expansive First Amendment is compatible with the regulatory state, rather than being inherently libertarian. Normatively, courts should be skeptical when the state tries to design socially-beneficial censorship.  

This Article advances a structural theory that complements classic First Amendment rationales, arguing that information libertarianism has virtues that transcend political ideology. Regulating information is peculiarly difficult to do well. Cognitive biases cause regulators to systematically overstate risks of speech and to discount its benefits. Speech is strong in its capacity to change behavior, yet politically weak. It is a popular scapegoat for larger societal problems and an attractive tool for rent-seeking interest groups. Collective action, public choice, and government entrenchment problems arise frequently. First Amendment safeguards provide a vital counterpressure. Information libertarianism encourages government to regulate conduct directly because when the state censors communication, the results are often counterproductive. A robust First Amendment deserves support regardless of ideology.

Comments and feedback warmly welcomed!

The iPhone Writ Large

Apple and the Department of Justice are dueling over whether the iPhone maker must write code to help the government break into the San Bernadino shooter’s phone. The government obtained a warrant to search the phone (a nicety, perhaps, since the phone’s owner has consented to the search, and the shooter is dead). But, the killer took advantage of the iPhone 5C’s security: it’s locked with a passcode, and it is likely to wipe the contents after a certain number of incorrect attempts to enter that code. (And, iOS forces a delay in retrying the passcode once the user incorrectly enters the code 4 times.) DoJ relies on the All Writs Act, originally passed in 1789, back when the Blackberry was the smartphone of choice.

There’s been some excellent analysis of the situation; I would point you in particular to Dan Guido’s technical analysis of Apple’s ability to comply, Cyrus Farivar and David Kravets’s overview of the legal precedent and facts, and Michael Dorf’s primer on the AWA. There is also a fair amount of spin, BS, and misunderstanding on both sides of the argument. So, I thought I’d chime in, just to make matters worse, with a few points.

First, this is not a fight about Apple’s encryption – at least, not directly. The government wants the ability to attempt to crack the passcode via brute force. What it wants Apple to do is to make that easier, and to make mistakes less costly. (I’m not sure why the latter is vital. The FBI could easily clone the phone’s storage, so if it gets bricked, they can swap in a new version. Certainly, it’s convenient to have Apple deactivate the error bomb, but hardly necessary.)

Second, we don’t fully understand the depth of the government’s request. Guido notes that iOS imposes a minimum of 80ms per passcode query. That still lets an attacker run a lot of queries, but it’s not at all clear that this is anything other than a programming choice. Quoting him, the DoJ has demanded that “[Apple] will ensure that when the FBI submits passcodes to the SUBJECT DEVICE, software running on the device will not purposefully introduce any additional delay between passcode attempts beyond what is incurred by Apple hardware.” (emphasis mine) Again, I’m not expert in iOS, but it looks like the 80ms delay is a choice made by iOS, not a limit introduced by hardware capabilities. I would bet that the government wants an iOS update that runs queries as fast as the processor, memory, and storage can handle them, which will cut its time to break in.

Third, there may be nothing useful on the phone. Both attackers are dead. The FBI says it can’t rule out that there are accomplices out there, but they’re doing a thorough job of investigating the shooter’s brother, along with other possible conspirators, and at this point, we also can’t rule out a second gunman on the grassy knoll. I don’t think there is much exigency here. Yes, getting into the iPhone might help the investigation. But it’s not clear that there is any extant threat, nor even any extant defendants. This looks a bit like a fishing expedition.

Fourth, this is a political play by the government. The FBI has been pushing for some time to get law enforcement access to encryption systems. (This is often referred to as a backdoor, but it’s really just key escrow. It means either that data is encrypted such that more than one private key will decrypt it, or that the vendor keeps a copy of all private keys and can access them. Lotus Notes, which I worked on for five years, introduced key escrow reluctantly in version 5. And, to comply with export controls limiting the strength of encryption sold outside the U.S., the company turned over part of the private key that Notes uses to the U.S. government. This meant, for example, that key strength was 128 bits against the world, except for the U.S. government, against which it was 64 bits.) It hasn’t gotten much traction; even the NSA has come out against it. I think that’s why the FBI / DoJ have launched this effort to compel Apple. If they succeed, they get a means to bypass encryption more easily without having to pass any legislation or get any new regulations. If they fail, it provides a politically potent example with which to press its cause: we can’t fight terrorists without backdoors! And, the case has generated some bad publicity and badwill for Apple. Marmot impersonator Donald Trump has called for a boycott of Apple, despite using an iPhone himself.

Fifth, if the government presses its legal case (which I fully expect them to do), I think they’ll win. The All Writs Act is the sort of catchall that seems like it ought to run afoul of due process or separation of powers concerns, but the Supreme Court has upheld it. As I understand U.S. v. N.Y. Telephone Co., there are three prongs to the analysis of an AWA request to a third party: whether the measure is necessary, whether the burden imposed on the target is unreasonable, and whether the party is too distant / removed from the situation (a sort of gloss on burden and reasonableness). The iOS update is arguably necessary, since Apple’s security could brick the phone if DoJ doesn’t guess correctly, quickly. Since Apple is the vendor, they are not likely to be too removed. Burden is the harder one, but it’s much easier to remove functionality than to add it. This is Apple’s best hope, but it doesn’t seem a strong one. The case law on AWA is mixed, but it generally runs in favor of the government.

Sixth, the government’s contention that this update applies only to a single iPhone is sophistry. Sure, the code will specify this particular device’s hardware identifiers and the like. But changing that for future iPhones – at least, future iPhones 5C – is trivial: it’s literally find-and-replace in the code. So, the update isn’t a universal zero-day or anything like that. But it is a tool that will be ready the next time law enforcement wants to hack an iPhone – and, it’s one where Apple will no longer have a credible burden argument to resist creating an update. Neither side is portraying this problem very accurately: it’s not a one-off and it’s not a silver bullet that kills iOS security.

Finally, this case leaves aside the hard issue. Imagine Apple’s next iOS update locks the company out of access: once a user encrypts data, there’s no way for a third party to access it short of a brute force attack. Can the government mandate an operating system update that reverses this? Or that captures the user’s password securely somewhere accessible to Apple / law enforcement if need be? This is, in other words, the encryption / escrow debate, and it has strong flavors of the fight over whether tech firms must build in features that protect against copyright infringement (the one the Supreme Court ducked in MGM v. Grokster). That’s the real puzzle, and one for which this iPhone story is merely a play within a play.

Tyler Broker on Expanding the “No Speculation” Test in Free Speech Cases

My friend and former student Tyler Broker is publishing an interesting and provocative free speech essay in the Gonzaga Law Review. I’ve asked Tyler to prepare a guest blog post. A draft of the full essay is available here.


Who would be so base as to challenge the conventional wisdom that commercial speakers receive less protection than noncommercial speakers? On the other hand, who would be so incurious as to leave unexamined the fact that during the last 20 years not a single regulation on commercial speech has been upheld by the United States Supreme Court while noncommercial speakers have occasionally lost?

The conventional wisdom is correct, to some extent. Federal regulators impose an extensive and complex set of rules on commercial advertising that have no analogs for noncommercial speech. And yet, when First Amendment challenges are brought, the Supreme Court applies a scrutiny that is rhetorically harsher but substantively weaker to noncommercial speech. This essay does not criticize nor argue for additional limits on the evolution of the commercial speech doctrine, in fact quite the opposite. The essay proposes a leveling up process, arguing that the Central Hudson “no speculation rule” should apply to all free speech cases.

No case better illustrates the mechanics of the commercial speech doctrine than Rubin v. Coors Brewing Co., 514 U.S. 46 (U.S. 1995). In Rubin, a beer manufacturer challenged the Federal Alcohol Administration Act’s (FAAA), 27 U.S.C.S. § 201, prohibition against disclosing alcohol content on beer labels. The Rubin Court struck down the restriction as an irrational governmental regulatory scheme, and cast serious doubt as to whether the regulation would advance the government interest in preventing the overconsumption of alcohol “in a direct and material way”. The Rubin Court acknowledged it was “common sense” to assume “that a restriction on the advertising of a product characteristic would decrease consumer selection of a product based on that trait,” yet insisted that commercial speech regulation must not promote the government interest based on “mere speculation or conjecture.”

In contrast to the judicial skepticism in Rubin, the Roberts Court in Morse v. Frederick, 551 U.S. 393, (2007) relied on a form of speculation and conjecture. There the Court accepted a principal’s speculation not only about the consequences of a student’s message “Bong Hits 4 Jesus” displayed during a school sanctioned event at a public place, but also about the student’s intent and mental state. This speculation was allowed to stand even though 1) the Court admitted the banner was “cryptic” and could be interpreted in many ways; 2) there was no evidence the sign caused a disruption; and 3) there was no evidence that would suggest any student who views such a sign is more susceptible to drug use. Further adding to the doctrinal incoherence, the Court in Frederick refused to treat the banner as political despite the fact that Alaska voters had debated and substantially supported marijuana legislation for two decades. An evidence-based standard has been found wanting even in noncommercial cases involving political speech such as Arizona Free Enterprise Club’s Freedom Fund PAC v. Bennett, which received the strictest scrutiny possible by the Court.

When courts refuse to allow government speculation and conjecture to establish the need for censorship, the government is usefully pressed to provide material evidence proving that its speech restrictions truly serve its stated objectives. All free speech scrutiny should incorporate some form of a “no speculation” rule, requiring material evidence to justify the regulation of speech. The reasoning of the commercial speech cases is sound enough to inform all other areas of free speech scrutiny. To protect speakers from overreaching restrictions based on the Court’s (or a principal’s) untested common sense, the government must supply some evidence that the harms of speech are real.

 

Is Free Speech for Assholes?

The College of Law at the University of Arizona is holding a First Amendment conference in February; the public lecture, which features a bevy of free speech luminaries, is titled, “Is Free Speech for Assholes?” The panel will debate the virtues and pitfalls of current First Amendment doctrine, from corporate speech to hate speech to whether free expression is leading to a new Lochner era. Please attend!

When: Thursday, 25 February 2016, 12:15PM

Where: Room 164, James E. Rogers College of Law, University of Arizona, 1201 E. Speedway, Tucson, AZ

Who: Jack Balkin (Yale), Ron Collins (Washington), Genevieve Lakier (Chicago), Helen Norton (Colorado), Margot Kaminski (OSU), Seth Kreimer (Penn), David Skover (Seattle)

What else: free lunch!

Speech Holes Poster

Does the Ninth Circuit’s “Dancing Baby” Decision Mean Anything for Fair Use Under the DMCA’s Anticircumvention Rules?

Last fall, in Lenz v. Universal Music Corp., the Ninth Circuit ruled that copyright owners are required to have a procedure (even if it is mostly an automated, computer-implemented procedure) in place to consider whether someone else’s use of the copyright owner’s work online is legally protected under the fair use doctrine prior to sending a takedown notice to the site where the work has been posted. Failure to consider whether a use is fair, the court implied, disentitles the copyright holder to use the takedown procedure of 17 U.S.C. § 512(c) and (g) (which remains by far the most expeditious lawful means of removing allegedly infringing content from the internet). (For more on the background and consequences of the court’s decision, see Rebecca Tushnet’s analysis).

Rereading the court’s decision in preparation for my classes this semester, I was struck by the possible consequences of the Ninth Circuit’s reasoning for a different DMCA issue, to wit, whether fair use may be invoked as a defense to liability under the anticircumvention rules of 17 U.S.C. § 1201. The Ninth Circuit’s ruling strengthens, albeit perhaps only slightly, the argument that fair use belongs in the DMCA case law, and that those courts that have ruled that it doesn’t (including the Second Circuit in Universal City Studios, Inc. v. Corley, 273 F. 3d 429, 443-44, 458-59 (2d Cir. 2001); and [at least by implication] the Ninth Circuit’s own decision in MDY Industries, LLC v. Blizzard Entertainment, Inc., 629 F. 3d 928 (9th Cir. 2010)) were in error. Read more…

Copyright = Speech

I have an essay coming out in volume 65 of the Emory Law Journal, as part of the terrific 2015 Thrower Symposium. It’s titled “Copyright = Speech,” and here’s the abstract:

Expression eligible for copyright protection should be presumptively treated as speech for First Amendment purposes. Both copyright and the First Amendment share the goal of fostering the creation and dissemination of information. Copyright’s authorship requirement furnishes the key link between the doctrines. The Article examines where the two areas of law align and conflict in offering or denying protection. Using copyright law as a guide for the First Amendment offers three benefits. First, many free speech problems can be clarified when examined through copyright’s lens. Second, this approach makes the seeming puzzle of non-human speakers understandable. Finally, it can help end technological exceptionalism in First Amendment doctrine.

Comments and feedback welcomed!

Against Jawboning and Outrageous and Irrational

Volume 100 of Minnesota Law Review has just been published. “Against Jawboning” is in the first issue, along with co-blogger / spouse Jane Bambauer, whose article “Outrageous and Irrational” is co-authored with constitutional law / First Amendment expert and friend Toni Massaro. Minnesota LRev continues to be one of the top venues for publishing information law scholarship, and we’re grateful for their support for the articles. Abstracts below:

Against Jawboning

Despite the trend towards strong protection of speech in U.S. Internet regulation, federal and state governments still seek to regulate online content. They do so increasingly through informal enforcement measures, such as threats, at the edge of or outside their authority—a practice this Article calls “jawboning.” The Article argues that jawboning is both pervasive and normatively problematic. It uses a set of case studies to illustrate the practice’s prevalence. Next, it explores why Internet intermediaries are structurally vulnerable to jawboning. It then offers a taxonomy of government pressures based on varying levels of compulsion and specifications of authority. To assess jawboning’s legitimacy, the Article employs two methodologies, one grounded in constitutional structure and norms, and the other driven by process-based governance theory. It finds the practice troubling on both accounts. To remediate, this Article considers four interventions: implementing limits through law, imposing reputational consequences, encouraging transparency, and labeling jawboning as normatively illegitimate. In closing, it extends the jawboning analysis to other fundamental constraints on government action, including the Second Amendment. This Article concludes that the legitimacy of informal regulatory efforts should vary based on the extent to which deeper structural limits constrain the government’s regulatory power.

Outrageous and Irrational

A wealth of scholarship comments on enumerated and unenumerated fundamental rights, such as freedom of speech, the right to marital privacy, and suspect classifications that trigger elevated judicial scrutiny. This Article discusses the other constitutional cases—the ones that implicate no fundamental right or suspect classification, but nevertheless ask for relief from uncategorizable abuses of power. These cases come in two forms: claims that the government’s conduct is outrageous (satisfying the “shocks the conscience” test), or claims that the government’s conduct is irrational (failing the rational basis test). Both forms trigger highly deferential judicial review and serve similar purposes. But they are on divergent trajectories. Courts have cautiously expanded use of the rational basis test in contexts as varied as gay marriage, hair braiding, and coffin sales. The outrageousness test, by contrast, is universally maligned and mistrusted.

We explain and vindicate both tests. We argue that the very features that attract reflexive scorn—their vagueness and flexibility—have a counterintuitive, normative, and practical beauty. They allow courts to occasionally strike down egregious abuses of power without expanding other constitutional rights. They allow limited judicial experimentation before introducing new rights or adding classifications to elevated scrutiny, enabling courts to reach results that have little doctrinal impact beyond their narrow facts. Thus, contrary to their reputations, the tests promote judicial restraint and preserve constitutional coherence.

Backpage, Dominatrixes, and a Victory Against Jawboning

Sheriff Thomas Dart, of Cook County, is a crusader against prostitution, sex trafficking, and related criminal activity. He has concentrated his efforts recently on Internet platforms such as Craigslist and Backpage, which have an “adult” section as thriving and variegated in its offers as any free weekly newspaper in a major metropolitan area. Dart is far from alone in opposing sex work, but like many crusaders, he feels free to move beyond the law’s limits to pursue higher goals. For example, he sent letters threatening Visa and MasterCard, which process payments for Backpage, with a series of legal and extra-legal consequences should the firms continue to do business with Backpage. Visa and MasterCard stopped. Backpage sued Dart.

Yesterday, the Seventh Circuit, in a concise and cutting opinion by Judge Richard Posner, rejected Dart’s attempt to paint his actions as informal suasion, and enjoined him from continuing his crusade. (The opinion brilliantly cites XOJane on being a dominatrix, discusses people who dislike pets, and casually drops a reference to phone sex.) It turns out the First Amendment means threats from Sheriff Dart to MasterCard get treated differently than threats from you or I. If I complain to MasterCard about its interaction with BackPage, and threaten to write a Tweet denouncing the company, no one at MC is going to reach for a Tums. Sheriff Dart, though, has a lot more firepower – albeit none of it lawful. 47 USC 230(c)(1) prevents Backpage from being held liable civilly, or under state criminal law, for content provided by a third party, such as the folks who advertise in the Adult section of the site. Backpage isn’t entirely in the clear: if the site violates federal law it can be prosecuted (see 230(e)(1)). So, Dart can ask the feds to go after Backpage, but he can’t successfully prosecute or sue the site himself. The caselaw on this point is littered with the failures of better lawyers who have tried, and Dart himself went after Craigslist as a public nuisance and lost badly.

Dart was cunning enough, though, to know that he didn’t need to win in court against Backpage if he could beat them another way, such as cutting off their funding. That meant targeting payment processors, the favorite 21st century trick of law enforcement. He did just that, along several dimensions. First, he told Visa he’d hold a press conference about their relationship to Backpage – the contents of which would depend on whether they had severed their relationship with the platform. The content wasn’t subtle: “Obviously the tone of the press conference will change considerably if your executives see fit to sever ties with Backpage and its imitators. Of course we would need to know tonight if that is the case so that we can ensure the Sheriff’s messaging celebrates Visa’s change in direction as opposed to pointing out its ties to sex trafficking.” (opinion at p.8) Message received: a Visa employee referred to the exchange as “blackmail.” (p.8)

Second, he raised the possibility of federal criminal liability for the site for money laundering, which is a bit like a Pop Warner football coach threatening Miami with NCAA sanctions for violating collegiate rules. It’s not Dart’s decision to make.

Third, Dart wanted Visa and MasterCard to cut all transactions with Backpage, not just those related to the Adult section. The goal, obviously, is deterrence: to make it massively costly for Backpage to have an Adult section, even at the price of cutting off unrelated (and harmless) speech.

Why would Visa and MasterCard listen to a blowhard of a local sheriff? This is a question I tackle in a paper forthcoming in the Minnesota Law Review, Against Jawboning. Threats and informal pressures are routine in the modern administrative state. The problem is when officials engage in jawboning – when they threaten action at the edges of or wholly outside their legal authority, as Dart did. Jawboning is particularly problematic for Internet platforms, which largely subsist on third-party content. Any one piece of that content generally earns a minuscule amount for the platform. But if government threatens the platform for hosting that material, the Internet firm faces the full cost of the potential penalty and of defending against the action. It’s just good economics to comply, and to take down the material. Or, in this case, to drop Backpage as a customer. As Posner notes,

The revenue [MasterCard and Visa] derived from Backpage’s adult ads must have been a small fraction of their overall revenue, especially since not all of Backpage’s ad customers pay for their ads with a MasterCard or Visa credit card. Yet the potential cost to the credit card companies of criminal or civil liability and of negative press had the companies ignored Sheriff Dart’s threats may well have been very high, which would explain their knuckling under to the threats with such alacrity. (pp. 13-14)

Moreover, successfully defending any legal action is not a slam dunk. Defendants win most Section 230 cases, but the results are variegated. And judges make mistakes – in this case, the district court judge denied a preliminary injunction to block Dart’s power grab (with some particularly muddled reasoning about Sheriff Dart’s First Amendment rights, IMO). Thus, even very weak legal arguments can compel Internet platforms to censor content.

The Article argues that jawboning, in the context of Internet intermediaries, is normatively illegitimate. (If you’re unsympathetic to Backpage, which is understandable, you might consider the Obama administration using the banking system to cut off services to gun store owners, or the Bush administration trying to coerce ISPs into retaining data about their users’ activities. All three of these case studies are described in the Article.)

The trouble is that it’s quite hard to constrain jawboning. Legislation could narrow officials’ ability to operate, but it is difficult to keep them from threatening to do so, from threatening to call in someone who has enforcement authority, or from lobbying for more power. Constitutional doctrine imposes only weak and uncertain limits, via the unconstitutional conditions doctrine. Here, the state action and standing requirements operate to bar some plaintiffs from seeking relief, at least in federal court. As the Article argues, “Put simply, the political branches find jawboning too easy, attractive, and powerful to impose meaningful internal or interbranch checks on the practice. And, the demands of the modern administrative state make regulators wary of limiting informal enforcement.” Finally, hoping that regulators themselves forgo jawboning as a tool is to wish away the problem.

What can we do? I offer a few small-scale solutions: applauding firms that resist jawboning and decrying those who knuckle under (to provide a counterweight to governmental pressures on reputation); encouraging companies to be transparent about when and how jawboning occurs, perhaps with analogues to warrant canaries; and using the term “jawboning” as a term of disapprobation, in much the way the term “censorship” operates in common parlance.

The problem with jawboning is that, unlike in the case of Backpage and Dart, it typically operates offstage, with companies that are averse to the risk either of liability or bad publicity. Counterintuitively, this is what makes the weak formal legal position of enforcers like Dart so effective: their power operates best in an atmosphere of uncertainty and asymmetric costs. Hopefully the Seventh Circuit’s opinion will stiffen the backbones of companies, like Backpage, that face jawboning.

 

Sharing Shortcomings

I have a new essay coming out in Loyola University Chicago Law Journal titled Sharing Shortcomings. Comments and feedback are very much welcomed. Here’s the abstract:

Current cybersecurity policy emphasizes increasing the sharing of threat and vulnerability information. Legal reform is seen as crucial to enabling this exchange, both within the public and private sectors and between them. Information sharing is due for some skepticism, though, and this Essay (part of a symposium on Privacy in a Data Collection Society) attempts to provide it. Not only are there few real legal barriers to data exchange, but greater sharing will generate little benefit and will create significant privacy risks. This Essay creates a typography of vertical and horizontal information sharing, and argues that while top-down communication could be useful, it faces important practical impediments. The present focus on sharing increases the scope of the surveillance state unnecessarily and displaces more effective cybersecurity policy measures.