November 30, 1999


by Andy Oram
American Reporter Correspondent

CAMBRIDGE, MASS.—WTO, IMF, EU: has one of these changed your life recently? How about SDMI, PICS, or CALEA?

You’ll probably recognize the first set of acronyms as a few of the intergovernmental organizations that have received increasing public attention over the past few years, often being criticized as “supergovernments” that impose their decisions on member nations. The second set of acronyms will be gibberish to most people, but refers to another kind of control: decisions built right into hardware and software.

Intergovernmental organizations are in the headlines as the World Trade Organization opens its Seattle global summit on November 30. Widespread grassroots protests will shine light on rulings that affect environmental and labor policy, on China’s attempt to join, and—most significant for this article—on intellectual property disputes.

The heavy-handed pronouncements of the WTO and the International Monetary Fund excite warnings about their vast power from many critics, some speaking sinisterly from the left and others righteously from the right. Intergovernmental organizations do play a significant role nowadays, but we must remember that ultimate power still rests in national governments with their police, their armies, and their popular mandates.

Plenty of times, a national government has reacted to an intergovernmental organization by ignoring it, stonewalling it in court, or even threatening its continued existence by withdrawing funds. While the United States is the most common rebel, there are others as well. For instance, France refused to lift a ban on British beef when ordered to earlier this month by the European Commission.

Challenges by national governments can get a lot more serious than relatively puny trade disputes. Israel has no intention of obeying U.N. Security Council resolutions regarding the Palestinian Arabs. Russia has told the Organization for Security and Co-operation in Europe to bug off and let Russia fight its Chechen war the way it wants.

And while everybody, including the IMF, admits that the IMF can exacerbate a crisis, it can rarely gain leverage over governments until their own corruption and poor financial regulation lead to grief. Furthermore, the spectacular failures of the past two years suggest that the IMF is not as powerful as its critics claim.

So in the areas of Internet and telecommunications, corporations have stumbled upon another way to get what they want: build it into information architecture. The complex relationship between government regulation and software regulation has been tracked for several years by law professor Lawrence Lessig, who has just released a book called Code and Other Laws of Cyberspace (Basic Books, October 1999, ISBN:0-465-03912-X). Rather than cover what Lessig has so adeptly handled in his book, my goal in this article is to bring a similar analysis to intergovernmental organizations.

A simple example involves electronic commerce. It is fully reasonable to expect that, over the next decade, the bulk of contracts and payments will move to the Internet. But some critical pieces of the infrastructure for this commerce are still missing, and they’ll come online much faster if aided by governments and international coordination.

So companies have asked for laws requiring electronic or digital signatures to be accepted where feasible, and for help in creating the clearing houses (certificate authorities) that hand out such signatures. The European Commission came out in 1998 for such regulations. And the U.S. Congress passed a bill on the subject earlier this month, after narrowly avoiding defeat over critics’ concerns for customer rights.

The plot thickens when we turn to an area beset by more controversy, intellectual property. Companies excited about using the Internet to deliver this material—news, music, travel listings, software, movies, and things whose existence we probably don’t even imagine today—are obsessed with preventing people from making unauthorized copies. Laws have traditionally offered adequate protection to generate a profit on intellectual property, but in the new digital age they may fall short.

Intellectual property is a major issue at the WTO, particularly the goal of getting China to cut down bandits within its borders. There’s also a body called the World Intellectual Property Organization to bring international laws into harmony. But if you can’t have a policeman on every corner in real life, you certainly can’t have one at every router in cyberspace.

Thus, companies are trying to batten down their products by turning to “technical protection measures.” Encryption restricts viewing to people with passwords. Digital watermarks embed information about the owner in the document. Conversely, companies can also mark a document with information about the user in order to trace who generated a contraband copy. Further protections against copying are built into devices, so they will cause quality to degrade after a certain number of copies, or just shut down and refuse to make more copies.

Copy-protection is an old idea. Crude anti-copying techniques were used on floppy diskettes in the 1980s, but were rejected decisively by the public, who had many legitimate reasons to make copies. But current encryption technologies and security on Internet sites allow for more sophisticated measures.

The Secure Digital Music Initiative, mentioned in the first paragraph of this article, is an example of a technical copyright protection measure. It was developed by record companies with high hopes that it will allow them to supersede MP3 and end the free exchange of music over the Internet.

To companies producing intellectual property, the ideal protection would be a technical system that was unbreakable. But no such system exists. Witness the recent cracking of the DVD format (originally Digital Video Disc, now Digital Versatile Disc) by some anonymous programmers in Europe. And it is highly unlikely that current digital watermarks can survive stretching, shrinking, darkening, lightening, and other standard techniques that anybody can do with PhotoShop.

Re-enter the intergovernmental organizations. WIPO issued a Performance and Phonograms Treaty in 1996 that required member nations to “provide adequate legal protection and effective legal remedies against the circumvention of effective technological measures” that prevent copying. In the U.S., penalties appear in an audio recording law, in the omnibus 1998 copyright law, and in an act called UCITA regarding software. In effect, governments and intergovernmental organizations are saying, “We can’t completely protect companies, and they can’t completely protect themselves, so we will work together.”

The DVD flap shows that the laws can have an effect. The Motion Picture Association of America is threatening a lawsuit against every site they can find that offers the free-software DVD player. But the clever code-breakers were not planning to make or distribute illegal copies of movies. They broke the code in order to create a DVD player that ran on the trendy free-software operating system Linux, for which the DVD manufacturers have not provided players. Thus, even though we’re at the very start of the era of “technical measures,” we have evidence both of their fragility and of their potential to hold back technological progress and consumer choice.

The link between technology and law is not always just for the benefit of businesses. As Professor Lessig points out, it can be used to meet the goals of governments and intergovernmental organizations too. In fact, governments show a liking for hiding behind technical measures, which everybody knows are supposed to be “objective,” “flexible,” and “value-free.”

Take content control. When the Communications Decency Act turned out to be a dud, Senator (and current Presidential candidate) John McCain pushed through restrictions on schools and libraries using federal universal service funds to gain Internet access. The vehicle for these restrictions is technology: the bill requires all such schools and libraries to install software filters for Internet content. In short, Congress is using filters to achieve what the Supreme Court would not let it do directly. (Even this law will probably be overturned, but Congress will keep trying until it manages to navigate the constitutional straits.)

In Europe an even more elaborate shell game is emerging, with the participation of the European Union, national governments, filter manufacturers, and Internet providers. Ready to hack through this thicket? Here are the steps in marrying law and technology.

  1. The European Union announced that it would support a system for putting control over content in the hands of individual users. They put up 25 million Euros (which are roughly equivalent to dollars) for the development of a rating system that is culturally neutral. That’s an impossible goal, but it can be faked enough to become the basis for law.

  2. Meanwhile, a technical standards body, the World Wide Web Consortium, has developed a filtering protocol called the Platform for Internet Content Selection. It is explicitly designed to allow the blocking of Web traffic at any point along its route (an Internet provider, a corporate hub, or an individual user).

  3. The EU has then encouraged the Internet providers of each country to create codes of conduct. Such government intervention is a bait-and-switch ruse, because the control was originally advertised as the choice of the individual user. But no one can challenge codes of conduct legally, because they’re voluntary.

  4. Now for the kicker. National governments can pass laws that make Internet providers liable for any content passing over their routers that is illegal or harmful to children—but only if blocking is “technically possible” and they “can reasonably be required to prevent” transmission. (The phrases I quoted come from a German law that was promoted as protecting Internet providers from liability.)

Did you catch the trick? PICS and software filters, with all their weaknesses, give governments the excuse to claim that blocking is now feasible. Governments can say that Internet providers are responsible for content that the government doesn’t want to see online. The fear of going to jail for something done by some Web site in Idaho is plenty of incentive for an Internet provider in Germany to adopt voluntary filters! There is even a proud new term for the solution: coregulation.

And even though no filter will work perfectly, well-known sites can be censored while a chilling effect will restrain all content providers. Commercial, regulatory, and technical measures intertwine—at the expense of liberty.

We are seeing many other areas where technology and governments start to overlap; espionage and privacy top the list. In the U.S., after passage of the Communications Assistance for Law Enforcement Act, technology is being built into the phone system to preserve government’s ability to wiretap, and the body responsible for Internet protocols (the Internet Engineering Task Force) was asked to hack Internet protocols to the same end. Luckily, the IETF firmly refused—but future trials loom.

But protocols are starting to come under the formal purview of intergovernmental groups. The unusual corporation/governing body ICANN has been given responsibility by the U.S. Department of Commerce for protocols related to Internet names and numbers. The International Telecommunication Union, one of the grand-daddy intergovernmental groups that ratifies communication protocols, is also trying to get a say in the development of the Internet.

I highly recommend Lessig’s book for examples and a deep analysis of how law and technology combine powerfully for good or ill. One consequence of their merger is that everybody can stop taking responsibility.

Thus, intergovernmental groups call for the development of technologies. Countries pass laws enforcing their use, leaning on the excuse that they’re conforming to international treaties. Software and hardware developers put the technologies of control into products because they know a market exists for them. Companies simply offer their wares using “available technologies.”

And the rest of us don’t know what hit us.

An online discussion of this article followed its citation in the popular “News for Nerds” site, Slashdot, which is read by many free-software programmers and general technology followers. I rearranged the paragraph of the article concerning Israel and Russia following one minor criticism in the discussion.

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

Member, Computer Professionals for Social Responsibility
Editor, O’Reilly Media
Author’s home page
Other articles in chronological order
Index to other articles