Spying, Sharing, Stealing: What You Have In Common with the NSA and RIAA

You and I share a problem with the NSA, the RIAA, the MPAA, and even the Department of Energy and Oregon’s Department of Revenue: digital data is exceedingly slippery and hard to control. Collecting data is an inherently leaky process – to borrow the old joke, it’s like loading frogs into a wheelbarrow. Going digital gives the frogs Olympic-class leaping ability and hyperactive dispositions. In a networked environment, data is surpassingly easy to copy, distribute, and analyze in new ways.

This may be helpful. The National Security Agency, with the helpful assistance of major phone companies, is aggregating data about our phone calls to try to discern patterns that indicate terrorist behavior. The Administration wants ISPs to retain data about consumers’ Internet usage to combat child pornography. (Note that Bill, Ed Felten, and Nart among others have raised serious concerns about false positives and other flaws.) I can download operating systems, music, and books for little or no cost.

The problem is when the frogs depart the wheelbarrow. Will the government use the NSA’s call data, collected for anti-terror operations, to investigate people who belong to peaceful activist organizations? Will I share my lawfully ripped MP3 files with the world via Kazaa? Will a tax collector with a taste for adult entertainment inadvertently reveal taxpayers’ personal information? Will digitized books shred an author’s vision of a work by allowing anyone to annotate, re-organize, and even re-write it? In short, fast computers, cheap storage, wide network pipes, and digitized information make it easy (too easy?) for data to be put to other than its intended uses.

Responses basically fall into three categories, none successful or satisfactory yet:

  1. Law – use copyright law to go after uploaders or downloaders of digitized works or technology seen as enabling illicit use, or sue careless government agencies for losing confidential personal information. Threaten those who want to convert frogs into cuisses de grenouilles.
  2. Code – employ digital rights management / technological protection measures to limit what one can do with data. Make the wheelbarrow’s walls higher.
  3. Attitudes – seek to make downloading movies or music uncool, or make information collection programs politically unpopular, leading to their demise. Cause people to regard the frogs as gross or unattractive. (Not Kermit!)

None has worked well. Law is stuck in a set of assumptions based on a technological era that was analog, with relatively expensive copying, and requires (expensive) enforcement. Code is vulnerable to being hacked, and it frequently interferes with the initial, desired user’s interactions with the data. Finally, attitudes are slow to shift, and efforts to make things cool / uncool are huge failures, as any parent with teenagers knows.

My hope with this post is to suggest that more interests are aligned regarding these problems than it first appears. An approach that helps the RIAA limit unlawful file-sharing might also protect data privacy. In short, solutions may be generalizable, and that’s likely to be a good thing.

One Response to “Spying, Sharing, Stealing: What You Have In Common with the NSA and RIAA”

  1. With all of the recent theft of confidential data, a data security policy is more important than ever.