Among Internet users, there are a variety of concerns about privacy, security and the ability to access content. Some of these concerns are quite serious, while others may be more debatable. Regardless, the goal of this ongoing series is to detail the tools available to users to implement their own subjective preferences. Anonymizers allow privacy-sensitive users to protect themselves from the following potential privacy intrusions:

1. Advertisers Profiling Users. Many online advertising networks build profiles of likely interests associated with a unique cookie ID and/or IP address. Whether this assembling of a "digital dossier" causes any harm to the user is debatable, but users concerned about such profiles can use an anonymizer to make it difficult to build such profiles, particularly by changing their IP address regularly.
2. Compilation and Disclosure of Search Histories. Some privacy advocates such as EFF and CDT have expressed legitimate concern at the trend of governments subpoenaing records of the Internet activity of citizens. By causing thousands of users' activity to be pooled together under a single IP address, anonymizers make it difficult for search engines and other websites--and, therefore, governments--to distinguish the web activities of individual users.
3. Government Censorship. Some governments prevent their citizens from accessing certain websites by blocking requests to specific IP addresses. But an anonymizer located outside the censoring country can serve as an intermediary, enabling the end-user to circumvent censorship and access the restricted content.
4. Reverse IP Hacking. Some Internet users may fear that the disclosure of their IP address to a website could increase their risk of being hacked. They can use an anonymizer as an intermediary between themselves and the website, thus preventing disclosure of their IP address to the website.
5. Traffic Filtering. Some ISPs and access points allocate their Internet bandwidth depending on which websites users are accessing. For example, bandwidth for information from educational websites may be prioritized over Voice-over-IP bandwidth. Under certain circumstances, an anonymizer can obscure the final destination of the end-user's request, thereby preventing network operators or other intermediaries from shaping traffic in this manner. (Note, though, that to prevent deep packet inspection, an anonymizer must also encrypt data).

A Simple Anonymizer

An anonymizer is an intermediary server between the end-user and the website that acts as a proxy for the user, effectively accessing websites on the end-user's behalf, thereby hiding the end-user's IP address (and perhaps other information).

A Real-World Analogy: Let's say I want to order pizza from the local pizza shop, but I do not want them to have my phone number, which they could get from caller ID if I called them directly. Instead of calling them myself, I could call a friend and ask him to call them on my behalf, place my order, and then let me know how much it will cost and the estimated delivery time.

A Somewhat More Complicated Anonymizer Setup

A more sophisticated (and more realistic) anonymizer setup pools hundreds or even thousands of end-users through one or more anonymizing intermediaries. Consequently, web servers receive requests that originated from hundreds of end-users through a single IP address (that of the anonymizer). As a result, the web server is unable to distinguish and personally identify the IP addresses of any users.

An Even More Complicated Anonymizer Setup

The above setup provides a layer of privacy beyond the traditional setup of direct end-user-to-website communication. But even so, if the anonymizer's logs are compromised, so too is the privacy of the end-user -because it will likely be possible to associate specific requests with individual users.

A much greater degree of privacy protection is obtained by "daisy-chaining" together multiple anonymizers, but every additional hop slows down the browsing experience and leaves additional traces of the end-user's traffic.

How Do I Set Up an Anonymizer?

A variety of anonymizer services exist. Due to considerable variations in how each is installed, it is impossible to provide universal step-by-step details for installing one. But perhaps the two most trustworthy (free) options are Tor and Privoxy. While both services have experienced occasional vulnerabilities and hiccups, they are the best established among anonymizers. Other providers include: CGIProxy, AlchemyPoint, Nginx, SafeSquid, Squid, and yProxy. Since each anonymizer works differently and comes with its own set of pros, cons, and risks, it is extremely important to see whether a specific anonymizer meets your specific needs.

What Are the Downsides and Risks of an Anonymizer?

While an anonymizer offers considerable benefit to end-users concerned about the risks mentioned above, it is not a "silver bullet" or a "privacy panacea." To start, an anonymizer is primarily a privacy tool, not a security tool (except insofar as sharing your IP address may increase your vulnerability to some cyber-attacks). In other words, an anonymizer does nothing to protect the integrity of your data as it is sent to and from the web server. Moreover, using an anonymizer may increase your vulnerability to a cross-site request forgery, cookie stealing, and, in particular, simple packet sniffing. Beyond the security risks to your data, anonymizers may increase a number of other potential privacy risks:

(1) Anonymizer Recordkeeping. If an anonymizing intermediary server is located within a country that requires ISPs and other service providers to keep records of traffic, your browsing habits are not invisible. The government or an authorized third party could subpoena or seize the history of your browsing activity from the anonymizer.

(2) Man in the Middle Attacks. By routing your traffic through intermediaries, you increase your exposure to man-in-the-middle attacks.

(3) Selling Browsing Records. An anonymizer could sell or provide unauthorized access to your browsing history. If you transmit sensitive unencrypted data through an anonymizer, you are taking a considerable security risk.

(4) Login-Based Records. Some web services such as Google's Web History record a significant amount of end-user behavior based upon voluntary user login. In other words, when logged in to your Google account, your Google search behavior (among other things) will be personally identifiable by Google-even if you are using an anonymizer.

(5) TCP Only. When most end-users access the Internet, they utilize many different services (e.g., email, Internet, teleconferencing) and these differing services often require different network protocols. "Packet sniffer" tools such as WireShark will let you examine the protocols and packets sent and received by your computer. Because many anonymizers do not handle non-TCP traffic, they would not anonymize other online activities such as Voice-over-IP phone calls.

If the FCC is to regulate the Internet -- an outcome I do not think necessary or beneficial -- we would be better served by having Congress debate and pass such legislation, than by having unelected government officials attempt to make it up as they go along.

Express delegations of authority are important for two reasons: they both give power and limit its exercise in ways agreed upon by our elected representatives through duly enacted legislation. The problem with the FCC's conception of its ancillary jurisdiction is that is potentially limitless.

As I write in the essay, unchecked administrative power, no matter how well-intentioned, is dangerous. The doctrine of ancillary jurisdiction, properly understood, permits the FCC only to fill in small gaps in its statutory authority to take account of new developments closely related to the services the agency is authorized to regulate. But the courts have upheld this doctrine only when necessary, if not imperative, to the execution of its expressly granted regulatory responsibilities. The gap between the FCC's proposed net neutrality rules and the statutory provisions the agency claims authorize its action is not small, it is in the vernacular sense of the word, quantum.

The regulators at the FCC have their claws deep in the flesh of broadcast licensees (and derivatively newspaper owners), and it is plain that they are scrambling for any excuse to keep them there. Meanwhile, both of these Industries, which have long been the platform for some of the best journalism ever produced, slowly bleed to death.

Just this week, by way of example, the local paper in Mesa, Arizona, announced that it will shutter its doors permanently at the end of this year. The "East Valley Tribune," which won a Pulitzer Prize only a few months back for its investigative journalism, is owned by Freedom Communications -- itself in bankruptcy. Freedom apparently tried to sell the Tribune, but received no serious offers. Cyclical downturn indeed.

Gilbert, Arizona, Vice Mayor Linda Abbott "hit the nail with her head," as one of my law professors used to say: "Any time there is a newspaper that is extinguished, that is something that is a sadness for all of us. It is imperative that you have the press as the guard for our citizenry, and with the closing of the Tribune, that's one less critical oversight on public policy."

Meanwhile, the principal daily paper in San Francisco announced that it will begin printing on high-quality glossy paper. The change is a dramatic attempt to somehow slow the evaporation of its readership. Remarkaly, the "Chron" (as it is known to those few left who still read it) witnessed a 26 percent decline in circulation in the April to September reporting period. Does that sound like a cyclical bump in the road to anyone?

I feel like I am beating the proverbial dead horse, but newspaper offices may well end up being the ghost towns left by our generation. Industry-wide, newspaper advertising sales declined by almost 30 percent in the first quarter of 2009. This follows similar, though less dramatic, drops in each of the last several years. Can we finally say it? The emperor has no clothes; the business model has collapsed. Sadly, broadcast newsrooms may not be far behind.

And what do our intrepid leaders in Washington do while Rome burns? To call it fiddling would be charitable - fiddling at least would not be affirmatively deleterious to these businesses. Instead, the powers that be in Washington have under consideration a seemingly endless list of new regulatory obligations and burdens with which they would like to saddle broadcast licensees. And when these Industries ask for some relief from ridiculous, outdated restrictions on how they may organize themselves and who may own these properties, the FCC twiddles its fingers. Perhaps it will only be when the wise men and women making communications policy in Washington are left standing amongst the ruins of once important journalistic media that they will appreciate their folly.

While listening to opening remarks given by Commissioner Copps, I was struck by the vastly different portrayals of the media industry by Ken and the Commissioner. For example, Copps claimed media consolidation was temporarily slowed by the economic climate but will soon rear its ugly head again:

These [ownership] issues have been pending before this Commission since I got here and we have done almost nothing to stem the tide of media consolidation and lax government oversight. The consolidation was momentarily slowed by the current economic downturn--itself largely the result of the kind of policies in finance and other businesses that I've been complaining about in media for years. But consolidation is coming back, and once the economic indices start heading north, you'll see media properties galore--all pining for those elusive "economies of scale" whose chase doomed so many companies over the past few years.

Ken's testimony tells a different story:

[W]hy are we fixating on the appropriate ownership limits for broadcast properties? Indeed, today you are working on rules that limit those who may own broadcast properties; tomorrow this all may be inverted and the government may be trying to craft rules to encourage people to buy these same properties, perhaps in distress. The lead news stories today having to do with media ownership are not about acquisitions of broadcast properties, but of sales and disaggregation of large media companies. The list is quite long, but it includes such noteworthy transactions as Disney selling its radio group, Time Warner divesting its cable companies, Viacom splitting with CBS, News Corp. shedding its DIRECTV distribution arm, The Tribune Company's bankruptcy, and Clear Channel's sale of all of its television stations and its efforts to reduce its radio holdings. In short, the age of broadcast media consolidation appears to be past - we are now squarely in the age of media fragmentation.

Indeed, Ken cited various figures (from Adam Thierer's book Media Metrics) on viewership, circulation and ownership to show that the influence and health of traditional broadcasters have been waning for some time and does not directly coincide with the economic downturn.

Ken's comments on the shape of broadcast properties and newspapers also differed from the rest of the members of the panel. While all agreed that something needed to be "done" to help preserve professional media, the roll of competing distribution platforms, especially the Internet, played in the rapid deconsolidation in the market was downplayed by the other speakers. Ken, however, identified the audience fragmentation brought on by these largely unregulated platforms as a key threat to traditional media, not ownership consolidation:

Network broadcast news audiences continue to shrink and circulation figures for even the jewels of the newspaper business like the New York Times, are deteriorating. It takes a certain size and scope to support a sophisticated national news organization with bureaus in far flung locations - a size and scope that is increasingly hard to maintain. Moreover, the audience fragmentation that has occurred with the onset of new media threatens not only the ability of large organizations to cover in depth news stories with national and international implications, but also the continuing viability of local news operations in communities large and small.

Ken concluded that if a goal of the review of ownership rules is to help struggling media properties and preserve "localism" in the media sector, more regulation is definitely not the answer:

The goal of re-energizing and revitalizing local commercial broadcast service, if it ever is to be realized, will come only when the shackles that bind broadcasters' ability to respond to new competitive pressures are removed. Of course, with respect to this proceeding, that would include eliminating outdated ownership restrictions so that broadcasters can organize in economically efficient ways.

Ken's entire testimony can be read here and the entire proceeding can be viewed here.

Sorry, I couldn't resist, this being Guy Fawkes day (a major traditional holiday for Britons and, more recently, geeky American libertarians such as myself, who dress up as V for Vendetta for Halloween). Google's announcement of its Privacy Dashboard (TechCrunch) is a major step forward in both informing users about what data Google has tied to their account in each of Google's many products and in empowering users to easily manage their privacy settings for each product. If users decide they'd rather "take their ball and go home," they can do that, too, by simply deleting their data.

Users can access the dashboard at www.google.com/dashboard (duh). Or, from the Google homepage, you just have to:

1. Click on Settings at the top right > Google Account Settings


2. Click on "View data stored with this account" next to "Dashboard"

1. See what data is associated with your account in 23 of Google's products (Google notes that it will incorporate its 18 other products in the near future).


2. Directly access the privacy management settings for that account.


3. Access more information--"Links to relevant help articles and information pages."

The Dashboard really couldn't be much easier to use--yet we can be sure it won't be good enough for some privacy zealots who arrogantly presume that their fellow homo sapiens are basically vegetables with hair--unable to use any tool online, no matter how simple, and barely able to tie their own shoelaces without government reminding them how. The principled alternative is to "Trust People & Empower Them." Because privacy is so profoundly subjective and because there is an inherent trade-off between clamping down on data and the many benefits enjoyed by Internet users from sharing their data, Adam Thierer and I have argued for that "household standards" set by individuals should trump "community standards" imposed on everyone from above:

Some advocates of government restrictions on online data collection and use may applaud Google's innovation but claim that it happened only because FTC regulators and lawmakers have turned up the heat on Google and other online operators. While the threat of regulation surely does increase the pressure for many companies to improve their user education and empowerment tools, I doubt that played much role in Google's decision to launch this product. Instead, Google seems to be responding again and again to reputational incentives. With their much-trumpeted promise "not to be evil," they've set high expectations for ongoing improvement in transparency, user control, data portability, etc. Simply by virtue of their size, they will always be the object of paranoia--but that "Googlephobia" plays a critical role in getting them to keep raising the bar. In turn, the standards set by Google up the ante for the rest of the industry. That's what self-regulation really means: a dynamic process of competition among rivals for our trust online. That system takes time, but I think advocates of a more regulatory approach should bear a pretty high burden to justify why they think bureaucratic diktaks would work better for consumers in the long-term. I certainly don't! Instead, I look forward to seeing how other companies respond, and how Google improves its Dashboard in the future.

As the review's title indicates, Ars Technica is no cheerleader for copyrights or content industries. Indeed, its biases slant against them, but Ars is still worth listening to--it usually avoids the unhinged ranting of copyhate blogs like TechDirt, (and its coverage of the two Thomas trials and the Tenenbaum trial was invaluable and unique).

But that makes the Ars review of Moral Panics and the Copyright Wars ("Copyright Wars") all the more telling. As Ars notes, "the tone [in Copyright Wars] gets so one-sided at points that all but the most hardened copyfighter will probably set the book down at some passages, scratch the chin, and ask, 'Really?'"

• "'The DMCA is the 21-century equivalent of letting copyright owners put a chastity belt on someone else's wife.'"

• "'The term graduated response should be replaced with a more accurate term "digital guillotine".... If proportionality is a hallmark of civilization, the digital guillotine is the hallmark of barbarians....'"

• "'I cannot think of a single significant innovation in either the creation or distribution of works of authorship that owes its origins to the copyright industries.'"

• "Corporatism was previously thought to have reached its zenith during Mussolini's Fascist Italy, but with the DMCA, it is enjoying a healthy resurgence."

[T]here's a certain irony in the method here. The quotes above rely on the most vivid of metaphors--copyright battles as cancer, graduated response laws as guillotines, the Digital Millennium Copyright Act as a chastity belt [and fascism]--in order to discredit what they describe, yet this is exactly what Patry spends much of the book accusing Big Content of doing.

Finally, I must note that Ars should not harbor the notion that Mr. Patry will contemplate its review of his book. Unfortunately, Ars--like two other "multiple reviewers" of Copyright Wars--was so rude as to note that Copyright Wars is a parody of itself. The "most prolific scholar of copyright in history" has explained what he does with the reviews of such "haters":

There are, of course, the haters who pen diatribes that are not in any meaning of the word a "review." Two people in particular have write multiple such "reviews," apparently unable to ever purge themselves of the bile that poisons their lives as they attempt to poison others' lives. To them, I quote Max Reger's letter to a music reviewer of one of his compositions: "I am sitting in the smallest room in my house. I have your review before me. Soon, it will be behind me."

Obviously, I will have more to say about the preceding--and oh-so-scholarly--"analysis" soon enough.

Three serious risks emerge from this situation. First, there is the risk of self-contradiction: Agency A says "X," while Agency B says "not X," and Agency C says "Y." Second, there is the risk of needless duplication of effort or creation of error: if four different agencies are trying to summarize how the ISP safe-harbor provisions work, duplication of effort is inevitable and the odds of material error increase. Third, there is the risk that IP-related policy lacks any overall vision or guidance.

In effect, the Coordinator is charged with managing and reducing these risks. But the Coordinator is not a "czar" in any sense of that word: He or she will not be issuing binding orders to the vast array of Administrators, Representatives, Commissioners and Secretaries whose missions implicate aspects of IP law and policy. Rather, the Coordinator must coordinate by persuading, informing, and assisting a diverse range of federal entities. In the past, the importance of IP rights to U.S. trade policy made the Office of the United States Trade Representative (USTR) a particularly important voice in overall U.S. policy towards intellectual-property rights. Consequently, the potential for conflict between the Coordinator and other federal entities may be more pronounced in the case of USTR.

All of this would suggest that an ideal nominee for the role of IP Coordinator would possess (1) deep familiarity with the various agencies and personnel now involved in aspects of intellectual property law and policy; (2) proven and widely respected expertise and judgment, and (3) close connections to USTR.

From personal experience, I can report that President Obama's nominee for IP Coordinator, Victoria Espinel, satisfies all three criteria. During the last Administration, I served as an advisor on copyright law and policy in USPTO's Office of International Relations. Because much of my work involved either our always colorful IP relations with China or the U.S.-Korea Free Trade Agreement, I often worked closely with the excellent IPR team at USTR.

The leader of USTR's IP-related efforts was the Assistant United States Trade Representative for Intellectual Property and Innovation, Victoria Espinel. She was very widely respected because she was hard-working, substantive, pragmatic and sensible--she could analyze details with the best of the experts and then explain their implications in plain terms to politicians and foreign officials.

Turns out, she also proves another point that I have made: I have always argued that one good thing about intellectual property law and policy is that it is almost uniquely non-partisan. (There are divisions, of course, but they do not break down along any party or political lines that I have can discern.)

Consequently, I had never asked nor cared what Ms. Espinel's political affiliations might be--she was really good, and that was what mattered. Today, that is still what matters. I thus congratulate the President for selecting such a qualified nominee for the office of Intellectual Property Enforcement Coordinator.

This seems reasonable: In the context of pleading, I do not see why Inducement should have to be pled separately. But when thinking about the three current forms of indirect liability for copyright infringement--inducement, contributory liability and vicarious liability--all three claims must be kept analytically distinct. For at least two reasons, they differ in ways that can be dispositive in practice.

Nevertheless, before Grokster, intent-based inducement liability was moribund. Nor is it difficult to imagine why--causation would often be impossible to prove, particularly if claims were brought against a distributor of a widely-used device or program. How would you prove that particular inducing acts proximately caused particular infringing uses? Indeed, this was how the Sony majority dismissed the relevance of Sony's "build a library" advertisements. Compare 464 U.S. at 438, with id. at 459 (Blackmun, J., dissenting).

But in Grokster, 545 U.S. at 940 n.13, the Court unanimously resolved these causation problems in favor of copyright owners:

It is not only that encouraging a particular consumer to infringe a copyright can give rise to secondary liability for the infringement that results. Inducement liability goes beyond that, and the distribution of a product can itself give rise to liability where evidence shows that the distributor intended and encouraged the product to be used to infringe. In such a case, the culpable act is not merely the encouragement of infringement but also the distribution of the tool intended for infringing use.

Second, Grokster also seems to resolve many doubts about whether an otherwise qualifying entity can invoke a "Sony defense" against a claim for vicarious liability for copyright infringement. The Sony case itself might suggest that the Sony defense does apply to vicarious-liability claims. See 464 U.S. at 435. But in A & M Records, Inc. v. Napster, Inc., the Ninth Circuit held the Sony defense inapplicable to vicarious-liability claims. See 239 F.3d 1004, 1022-23 (9th Cir. 2001).

Many, including me, found that conclusion perplexing, and the analysis supporting it underdeveloped. Napster just did not convincingly explain why the Sony defense should be inapplicable to vicarious-liability claims.

But Grokster supplied the rationale that Napster did not. In Grokster, the Court unanimously held that the Sony defense defined when intent could be imputed or presumed as a matter of law. 545 U.S. at 932 ("there is no injustice in presuming or imputing an intent to infringe"); id. at 933 ("Sony barred secondary liability based on presuming or imputing intent to cause infringement solely from the design or distribution of a product capable of substantial lawful use, which the distributor knows is in fact used for infringement"); id. at 934 ("Sony's rule limits imputing culpable intent as a matter of law from the characteristics or uses of a distributed product"); see also id. at 940, 941.

Now that we know that the Sony defense defines when intent can be presumed as a matter of law--rather than proven as a matter of fact, as in an inducement claim--then the Sony defense should be inapplicable to a vicarious-liability claim. Intent is not relevant to a vicarious-liability claim, which focuses, instead, on broadly defined elements of "right-or-ability to control," and "direct financial benefit." See, e.g., Grokster, 545 U.S. at 930 n.9.

Of, course, this begs another question: If the Sony defense is inapplicable to vicarious liability claims against device distributors or Internet service providers, then what standards do apply?

One obvious answer might be, "the same control/benefit-based standards applicable to everyone else." But an obvious answer need not be the right answer. Cases like Sony and Grokster strongly suggest that under the Copyright Act of 1976, the Supreme Court concludes that courts retain their common-law power to evolve the standards for indirect liability to ensure that they produce sound results when applied to newer types of intermediaries like device distributors, program distributors, and online service providers.

I am not sure whether the traditional standards for vicarious liability do produce optimal results in these contexts. In particular, it is not clear to me that the traditional standards adequately accommodate both (1) the legitimate interests of distributors that want to exercise control while taking reasonable, but perhaps imperfect, measures to deter unlawful uses of their programs, devices, or services; and (2) the legitimate interests of copyright owners that do not want distributors to be able to adopt lame, well-below-state-of-the-art half-measures to deter infringement in order to reap both the benefits of control and the benefits of infringing uses.

Thinking further about how vicarious liability ought to work in this context is one of the items on my substantive "To Do" list. I urge others to think about it as well.

N.B.: To be very clear, as to direct liability for copyright infringement, I do not think that the Copyright Act of 1976 gives court any lawful authority to concoct novel limitations on direct liability--like "volitionalness." I have discussed why in more detail here. But suffice it to say that in the 1976 Act, Congress set the standards for direct liability for infringement. Consequently, only Congress can change them.

The taxonomy is located here.

The taxonomy of 21 different threats is organized as a table that indicates the "threat vector" and goal(s) of attackers using each threat. Following the table is a glossary defining each threat and providing links to more information.Threats can come from websites, intermediaries such as an ISP, or from users themselves (e.g. using an easy-to-guess password). The goals range from simply monitoring which (or what type of) websites you access to executing malicious code on your computer.

Please share any comments, criticisms, or suggestions as to other threats or self-help privacy/security management tools that should be added by posting a comment below.

In addition to presenting sensible suggestions for policymakers, including creating incentives to spur deployment and redirecting universal service funds, Barbara offered a bit of perspective on the issue of broadband deployment:

As important access to broadband Internet service is, if the choice comes down to clean water, Medicaid benefits, or bandwidth, I submit that limited government financial resources might be best directed first to clean water and health care.

This is particularly true of state or local efforts to finance a second, third or fourth provider of high speed Internet service, or to go into the bandwidth business itself. Government spending on broadband infrastructure should be directed primarily to those areas where market forces are unlikely, due to high costs and low prospect for returns, to extend network infrastructure without government assistance.

Her prepared remarks can be found here.

This story by Washington Post reporters Ellen Nakashima and Paul Kane has exposed the latest in a long line of file-sharing disasters stretching back to 2001. In short, a highly confidential report detailing the activities of the House Committee on Standards of Official Conduct, (often called the "Ethics Committee") was broadcast over a peer-to-peer file-sharing network. The disclosed report summarized confidential ongoing or potential investigations relating to at 33 Members of Congress and some Congressional staff.

A Member of the Ethics Committee, responding to the report of the breach, "said the breach was an isolated incident."

No, it wasn't. There was nothing "isolated" about this incident of inadvertent sharing--as demonstrated by the five Congressional hearings on inadvertent file-sharing and countless other media reports. (Links to the hearings are here, here, here, here and here; and a much longer listing of incidents can be found here). Indeed, were someone to fund the necessary research, I confidently predict that this sort of file-sharing-related breach of confidential data would be found to be affecting the constituents of every single Representative and Senator in Congress--every one. There is nothing "isolated" about inadvertent sharing. That is why, in New York alone about 150,000 tax returns were being "shared" with identity thieves.

Nor are such disasters really accidents. To the contrary, they occur regularly because piracy-adapted file-sharing networks don't work well unless many users share popular files--almost all of which, the Supreme Court noted in Grokster, are infringing. Consequently, once content distributors and their public-interest allies finally succeeded in demanding copyright enforcement against consumers using these programs, consumers using these programs tried to stop sharing files--as groups like EFF had advised.

For the distributors of these programs, this was Bad. So--as computer scientists had long predicted--distributors of these programs began to incorporate into their programs certain "features" that were long known to dupe unsophisticated users into sharing many thousands of personal files, including their entire collections of music and movies. Pretty soon, even the theoretically tech-savvy EFF became incapable of telling users of its own client's file-sharing program how to stop sharing files.

In short, from the perspective of distributors of piracy-adapted file-sharing programs, inadvertent file-sharing looks like a very deliberate strategy to increase the amount of content on the network. Voluntary self-regulation by these distributors has now failed miserably--twice.

Fortunately, Members of Congress have introduced H.R. 1319, the Informed P2P Users Act. It would serve the useful purpose of reminding the Federal Trade Commission that it is, in fact, a federal law enforcement agency charged to protect consumers from bad actors--like the ones that it has been "working with" since 2004 to no effect.

Some will try to blame this latest episode on the hapless staffer who disclosed sensitive government data. But that misses the point. Granted, sensitive data--governmental or personal--should never be stored on any computer running a file-sharing program. But here is the problem: every home computer that I own or have owned has housed sensitive personal data. Consequently, if file-sharing programs cannot be safely used on computers housing sensitive data, then they cannot be safely used by ordinary consumers. That is the point.

OnGuardOnline has just released a terrific new online safety resource called Net Cetera: Chatting with Kids about Being Online. This 54-page document is an outstanding resource for parents. The report's advice and recommendations are spot on across the board and I particularly want to highlight the important section right at the front of the document entitled, "Talk to Your Kids." It begins: "The best way to protect your kids online? Talk to them. Research suggests that when children want important information, most rely on their parents." Quite right. And the NetCetra report goes on to offer the following excellent advice:

• Start early. After all, even toddlers see their parents use all kinds of devices. As soon as your child is using a computer, a cell phone or any mobile device, it's time to talk to them about online behavior, safety, and security. As a parent, you have the opportunity to talk to your kid about what's important before anyone else does.


• Create an honest, open environment. Kids look to their parents to help guide them. Be supportive and positive. Listening and taking their feelings into account helps keep conversation afloat. You may not have all the answers, and being honest about that can go a long way.

This is exactly the sort of thing I called for the government to start doing in my report, Parental Controls & Online Child Protection. In Sec IV.B(2) of my report (beginning on pg. 150 of Ver. 4.0), I called for public officials to get serious about online safety education and awareness building by using collaborative efforts and promotional tools to spread general safety messages. This sort of education and awareness building is the constructive alternative to regulatory efforts that are all too often favored by some policymakers and regulators.

The FTC and all the other agencies and organizations involved in creating the Net Cetera report deserve high praise for what they've done here. Absolutely outstanding work. Read it.

FREEDOM IS SLAVERY

IGNORANCE IS STRENGTH

Rachel Maddow [dripping with sarcasm]: Sen. McCain's bill, as you mentioned, is actually called the "Internet Freedom Act of 2009," and he's deriding the government effort to keep telecoms from walling off the Internet as "government intrusion" and "trying to regulate the Internet." What that means is that he's picked better branding, he's picked better names. It doesn't really relate the facts of what he's doing. I'm wondering if it's too late for a rebranding of the other side here. We need to get better about talking about this, because the language seems sort of corrupt at this point.

Xeni Jardin: the Internet really is a basic right, it's a necessity,such a fundamental way for communicating and accessing information now. Telecoms shouldn't be able to throttle, to block, to slow down our access to something that might not be in their corporate interests.

But let's not nitpick about the credentials Ms. Kidman brings to the table or whether it makes any sense for PTC to elevate her opinions to proof of theory when it comes to a supposed connection between depictions of violence against women in film or television and real world acts of violence against women. PTC, however, suggests that's exactly what is going on today. They allude to a few lab studies which are of the "monkey see, monkey do" variety -- where the results of artificial lab experiments are used to claim that watching depictions of violence will turn us all into killing machines, rapists, robbers, or just plain ol' desensitized thugs.

There's just one problem with such studies, and the PTC report: Reality.

Now, let me be perfectly clear about something. When analyzing such things it is vitally important to recall one of the first rules of statistical analysis: correlation does not necessarily equal causation. This works in both directions. Even if an increase in real-world violence was closely tracking depictions of violence on television or in video games, it wouldn't necessarily mean there is a connection. But it would also be wrong to state that, on its own, an inverse correlation (with the trends moving in opposite directions) meant that there was absolutely no connection between these things.

At the margin, I believe that some media can have negative impacts on some people. Certainly, in heavy enough doses, watching non-stop depictions of sex or violence probably would have some sort of negative effect on some people -- loss of sleep, if nothing else. Perhaps more.

Then again, I just cannot entirely dismiss the real-world evidence being so starkly at odds with the "monkey see, monkey do" theories bandied about by PTC and some researchers or regulatory proponents. At a minimum, the real-world evidence should at least call into question the "world-is-going-to-hell" sort of generalizations made by proponents of increased media regulation, who all too often make casual inferences about the relationship between media exposure and various social indicators. Such a causal relationship is even more dubious today since all Americans, especially youngsters, are surrounded by a much wider variety of media than ever before. Even though television viewing has gone down slightly in recent years, it has been due to the rise of other media substitutes that command the attention of children, including the Internet, cell phones and video games. Overall, therefore, it appears that children are "consuming" as much, if not more, media than ever before. One would think that if depictions of violence in media really were leading to increased aggression among youth it would start showing up in some of these indicators at some point. But that's just not occurring. [If you're interested, I've discussed all these issues at much greater detail here, here, here, and here.]

Another argument I often here is: 'Well, the numbers would be even better if not for media violence!' But there's just no way to prove that one way or the other. Would the juvenile crime rate be down 46% instead of the 36% decrease we've actually since 1995? I don't know. Nobody can know. But I certainly hope that media critics and regulatory proponents aren't so foolish as to suggest that the crime rate would drop to zero if we just forced everybody to watch "Mary Poppins" all day long.

Finally, let's assume that the PTC is right and that depictions of violence against women are on the rise on TV. I can actually accept that statement. With all the forensic science shows and crime dramas on TV today, it's clear that some of the plot lines are going to involve people dying in some fashion and many of those people will be women. And yes, some of the depictions will get pretty gritty. "Fringe" and the various "CSI" shows are clearly showing things we didn't see on "Quincy" back in the day. (Bring back Jack Klugman! He was awesome.)

But, hey, culture has changed. Envelopes have been pushed a bit. A little less is left to the imagination. But most of us can live with that fact. Indeed, many of us actually enjoy that fact! And for those who do not share that worldview or who have heightened sensitivities about depictions of violence in TV shows, movies, or games, I would like to tell them that I really do understand and appreciate where they are coming from.

Yet, there are many other ways you can deal with that without forcing us all to forgo content we might enjoy consuming. And, you guessed it, this is where I remind the world for the umpteenth time that I have written a whole book about parental control tools and methods! [The shameless self-promotion never ends here, folks!] In fact, part of the reason I have invested so much time in that project -- and my ongoing efforts to get companies and other third parties to expand the range of tools, ratings, and other information that we have access to -- is because I genuinely want to make sure that those individuals and families who have different needs and values than I have the ability to craft their own "household media standard." I want each family to be empowered to make media content decisions for themselves such that they can find the media content they want and discard all the rest. Luckily, that is the world we increasingly live in today. Parents have more tools and methods at their disposal to help them decide what constitutes acceptable media content in their homes and in the lives of their children.

I know that some critics including the PTC feel that the tools aren't good enough, but I just don't buy it. Sure, there's always some room for improvement regarding parental control tools and rating systems, but the existing panoply of tools and methods offer families unprecedented control over their media consumption habits. And that includes tools and methods which enable them to find enriching and educational content, which we have more of than ever before.

I understand PTC doesn't share my worldview on these matters. But the difference between us is that they want to take something away from me (the right to watch certain types of content) while I want to give something to them (the ability to block that which they find distasteful). To be fair, however, their report did not rush to the regulatory solution, even though they did call for more hearings and they warn that:

if the television industry is unwilling or unable to take serious steps to reduce or tone down such graphic images, then we will urge the Congress and the FCC, by virtue of their regulatory authority over the public airwaves, to step in and take action.

The rapidly changing world of digital media - including TV, videogames, the Internet and mobile devices - creates many opportunities for children, but also presents potential dangers, from cyber-bullying to exposure to inappropriate content. The Supreme Court has remanded FCC v. Fox Television back to the Third Circuit for further consideration. The Senate recently held a hearing on the Children's Television Act in the digital age. Is new legislation or regulation imminent?

• Daniel Brenner, Partner, Hogan and Hartson


• Angela Campbell, Professor, Georgetown Law Center


• Kim Matthews, Attorney Advisor, Media Bureau, Policy Division, Federal Communications Commission


• Douglas Gansler, Attorney General of Maryland


• Jim Steyer, CEO & Founder, Common Sense Media [moderator]

It's an open event but those interested should RSVP via email to: rsvp2@law.georgetown.edu and indicate that they are replying for the Nov 2nd event. I have already told my friends at Common Sense Media I will be there to cause some trouble! (and get a free lunch, of course).