Social Protocols: Enabling Sophisticated Commerce on the Web. Technical and Legal Design.

Audience: Students of HLS and MIT 6.805: Ethics and Law on the Electronic Frontier

Goal: With social protocols introduced, go into technical and legal design principles and rules of thumb. I have not yet enunciated enough principles, but I outline some of the issues.

Anecdotes:

5 Key Points

Abstract

Outline:

Engineering under Policy Constraints

Good engineering requires flexibility, layering and modularity

Web Technology and Policy

Developing web technology in the policy domain is hard

Relationship between Technology and Policy (1/2)

Some technologies are intrinsically limited to serving certain policies effectively.

Other technologies can effectively serve multiple policies.

Relationship between Technology and Policy (2/2)

A useful pair of strategies for technologists is to

  1. find the right "layer" for addressing policy issues and
  2. delimit the range of options which they will support.

For example,

Enabling Multiple Policies (1/2)

In social protocol design one needs to understand the greater context:

Note, the examination itself may be questioned since it make shed light on power previously exercised privately. (Much of Internet policy has been set this way -- to good effect -- by an Internet old boy network.)

Enabling Multiple Policy (2/2)

Supporting multiple policies can be contentious:

The arguments of "where to draw line" and "if to draw line" are often confused.

Cases in point: PICS, JEPI, IPR

Common Regulatory Strategies

These strategies are not exclusive, rather they are often used in conjunction:

  1. link: couple a related issue to a contentious issue. (Clipper 3 coupled digital signatures (and their legitimiticy) to key escrow policies; strong confidentiality to export controls.)
  2. choke: regulate those that are easy to go after. (CDA focussed on large ISPs, and telco common carriers, rather than those creating the content.)
  3. gouge: regulate those that have deep pockets, often used with choke. (Some have pushed to criminalize the contributory infringement of copyright.)
  4. browbeat:  use the bully pulpit to abash, or threaten further regulatory action. (US privacy policy has to date been predicated on the fact that if the "industry" doesn't self regulate, the government will get involved.)
  5. herd: selectively place and remove liability to channel policy towards a goal without overtly setting the direction. ("Mandatory self regulation" and safe harbor provisions are frequently proposed solutions to Internet content issues.)

How do the regulators propose to address the Technical Constraints of Regulation Technology?

Technical Regulatory Strategies.

Technical Regulation by Specifying an Instance

Engineering principles which served the Internet well (such as decentralization) also made it difficult for governments to regulate.

In the CDA hearings, the DoJ certainly tried strategy #1 with the argument (based on Dr. Olsen of BYU) that IPV6 would support an adult/minor tag in each datagram, but failed.

PICS, based on principles of decentralization and user control, was seen as a better alternative

However, now there is fear that PICS builds censorship into the Net.

Technical Regulation by Configuring an Option

I talked about social protocols over a year ago on "Internet Control" and concluded with:

"A social protocol is not so much an 'Internet Control,' but a way of using meta-data and negotiation to control the interactions one has with others on the Internet/Web."

In the PICSRules debate, critics missed the true danger: regulations on the UI. As you promote configuration and preference expression to the UI (good things), governments may shift their strategy from infrastructure to UI.

Social Protocol Regulation Dilemma

Is there a way to limit protocols intended for self-emergent communities from being co-opted by external communities?

Observations on Constraints (over-generalized but useful)