A version of net neutrality I can endorse

In an attempt to offer something constructive, here's a version of network neutrality--let's call it Lippard Network Neutrality--that seems to me to be reasonable, providing me with what I want as a consumer of Internet services and what I would want if I were managing security for the provider of those services:

1. Nondiscrimination

Companies that provide facilities-based wireline broadband (i.e., those who own the last-mile wires) to residences must provide unrestricted Internet access to their customers who wish to purchase Internet access, allowing the use of any Internet service or application that does not violate any laws or cause degradation or disruption to the service or other customers. The provider may engage in filtering for consumer-grade service in order to prevent the spread of malware and the sending of spam, including (for example) SMTP filtering or redirection to the provider's mail services, but must allow the purchase of business-grade service under which customers may operate their own mail servers. The provider retains the right to suspend service or quarantine users that send spam, become compromised with malware, or engage in illegal activity or activity that disrupts the service.

2. Unbundling

Providers must unbundle Internet access from other services sold over the same connection, so that a customer may use the entire capacity of the circuit for Internet access.

These two requirements would give me what I want as a customer, as well as give the provider the ability to recover their costs, provide services that use QoS, provide additional filtering to protect their network and the rest of their customer base from malware, and so on. I think it's quite reasonable for a basic consumer Internet service to do port 25 filtering, force the use of the provider's mail servers, and to do network-based filtering of malware--but I would like the ability to pay extra for completely unfiltered Internet service and take steps to protect myself. And in fact, that's what I'm currently paying Cox for today--I pay for business-grade service to my home in order to run my own servers here, though I could put those servers into a colo facility and get the same effect, which is what I would do if Cox decided to discontinue offering business-class service to residences. Because that option exists, it would not be necessary to mandate that providers must provide business class service as I described above, but I'd still want to be able to ensure that I could access my remotely hosted services from home.

How this differs from what many network neutrality advocates are arguing for:

1. I don't prohibit QoS or tiering, as that is a genuinely useful network feature where I expect to see future innovation of services that depend on it.
2. The nondiscrimination provision is written to allow some kind of less-than-full-Internet walled garden service at low cost--so long as customers can still purchase real Internet service. (I think such a service would be under competitive pressure to allow access to the full Internet, for the same reason AOL ended up allowing full Internet access--otherwise the service wouldn't attract enough users to be a successful product offering.)
3. I don't prohibit differential pricing for different services and classes of service.
4. I don't set any restrictions on contractual arrangements (apart from these two restrictions), including interconnection agreements or who pays. I think that should be left to private negotiation and competition.
5. I don't extend these requirements to other types of Internet providers such as backbone providers or those providing business services, as those are areas with plenty of competition.
6. I don't extend these requirements to wireless providers, because I think that with sensible market-based allocation of spectrum, there could be plenty of independent competition with much less capital expenditure than for wireline deployment.

I could possibly be persuaded that there is a place for common carriage requirements, especially for access circuits to businesses, which is where the last-mile providers could really engage in anti-competitive behavior against backbone providers that don't own a lot of last-mile wires (e.g., Level 3, Global Crossing, Sprint), now that the major telco last-mile providers have each merged with a major backbone provider themselves (Qwest/U.S. West, AT&T/SBC/BellSouth, Verizon/MCI). This requirement currently exists in the law for telcos, and unlike the common carriage requirement for DSL, is not planned to go away next year.

I would not put the above into the purview of the FCC, at least not with their current dispute resolution procedures which favor the telcos. Paul Kouroupas at Global Crossing (also my employer) has been arguing for "baseball-style" or final arbitration dispute resolution, where each side submits their best and final offer to an arbitrator, who chooses the best. This provides incentive for each side to try to reach the best agreement up front, as well as a process that can proceed quickly, without any government involvement or expense. This suggestion is the second point of Global Crossing's proposed REFORM legislative agenda. (Unbundling and common carriage of bottlenecks such as last-mile access circuits are the sixth point.)

Comments, criticisms? I should add that I believe what I've spelled out above is pretty close to what I've heard is in Sen. Stevens' telecom reform bill, though I haven't read it and I suspect he applies the nondiscrimination and unbundling requirements more widely than to residential broadband.

Extending CALEA to VoIP: a bad idea

The Information Technology Association of America (ITAA) has issued a report on “Security Implications of Applying the Communications Assistance to Law Enforcement Act to Voice over IP” (21-page PDF) by Steven Bellovin, Matt Blaze, Ernest Brickell, Clinton Brooks, Vinton Cerf, Whitfield Diffie, Susan Landau, Jon Peterson, and John Treichler. This report comes at a time when the FCC and courts have already ruled that VoIP and facilities-based broadband providers must provide lawful interception capabilities under CALEA for VoIP services that are “interconnected” with the publicly-switched telephone network (PSTN).

The report effectively argues that in order to extend CALEA compliance to VoIP, “it is necessary either to eliminate the flexibility that Internet communications allow—thus making VoIP essentially a copy of the PSTN—or else introduce serious security risks to domestic VoIP implementations. The former would have significant negative effects on U.S. ability to innovate, while the latter is simply dangerous.”

The report gives a good basic explanation of VoIP (which comes in a variety of possible flavors), an explanation of pre-CALEA wiretapping and current CALEA wiretapping (including cellular telephone wiretapping and roving wiretaps), and then describes the similarities and differences between the Internet and the PSTN.

It then describes the issues of security raised by applying CALEA to VoIP and the risks to innovation created by applying CALEA to VoIP.

Two of the key problems for applying CALEA to VoIP are:

• VoIP mobility. A VoIP phone can be plugged in anywhere on the Internet, for non-facilities-based VoIP providers like Vonage. The network that connects the VoIP phone to the Internet—which is the one in a position to intercept the call data--need not be the network of the VoIP provider, or have any relationship with the VoIP provider.
• VoIP identity agility. A VoIP user can have multiple VoIP providers and easily switch between them from moment to moment. The owner of the Internet access network is not in a position to know who a VoIP user is purchasing VoIP services from. They are in a position to be able to intercept and detect what VoIP providers the user connects to directly, but not if the VoIP user is using encrypted traffic through proxies.

Further problems are caused by the fact that the communications between two VoIP phones is peer-to-peer, and the routing of a call at the IP layer can change in mid-call. Because of the former issue, the call contents may not traverse the VoIP provider's network, and thus it will not be in a position to intercept (unless it behaves like the PSTN, forcing the call contents to also come through its network, using SIP proxies/RTP relays). In order to truly be able to intercept all VoIP calls using VoIP as it is designed, there would have to be cooperation between the VoIP user’s access provider of the moment (which could be any Internet provider—a WiFi hotspot, a friend’s ISP, a hotel’s Internet connection) and the VoIP provider being used—but law enforcement may not be in a position to know either of these. The kind of cooperation required would have to be very rapid, with interception equipment and systems already in place and able to eavesdrop wherever the voice traffic may flow, upon appropriate request. This would require extensive coordination across every VoIP and Internet provider in the United States of a sort that doesn’t exist today. It would require extremely careful design and implementation to avoid creating vulnerabilities that would allow this incredibly complex infrastructure to be exploited by unauthorized users--but with so many parties involved, I think that's a pipe dream. This incident with cellular telephony in Greece shows what can already happen today with unauthorized parties exploiting CALEA technology.

And the FCC has ordered that it be in place by May 14, 2007. There’s no way that’s remotely possible--note that the FCC gave ordinary wireline telephone companies over a decade to implement CALEA in the PSTN, and it has been an extremely difficult and expensive process. At best, by the deadline facilities-based VoIP providers will be able to provide interception for call traffic that goes across their own networks, and apparently be forced to do that for all traffic (or else there would be a way to distinguish calls being rerouted for interception from all other calls). And if that's the only kind of VoIP that is permitted, VoIP innovation is stifled.

One company that has been pushing hard for these extensions of CALEA is Verisign. They have been doing so because they want to act as the one-stop-shop for U.S. law enforcement, setting up their own infrastructure to interconnect with all Internet and VoIP providers to provide everything from subpoena handling to wiretapping services under contract to the providers. This would effectively hand off wiretapping capability to a third party, working on behalf of the government, over which the individual providers would have little oversight.

For more on CALEA, see the Electronic Frontier Foundation's CALEA website. For more on the history and politics of wiretapping, see Whitfield Diffie and Susan Landau's excellent book, Privacy on the Line: The Politics of Wiretapping and Encryption.

UPDATE July 7, 2006: I've updated the above text in light of Charles' comment, to make it more accurate about interception by forcing VoIP calls to route through the VoIP provider's network.

How to cause charitable organizations to depart your state

Two Michigan legislators have proposed a bill requiring all foundations operating in the state of Michigan to give at least 50% of their giving in any three-year period to charities based in Michigan.

This is an example of a ridiculously short-sighted piece of legislation that will have an unintended consequence precisely the opposite of its intended purpose--it will cause foundations to move out of Michigan and discourage new ones from being created there. This bill is directed specifically at the Ford Foundation, which does seem to have some real issues, but this misguided cure is worse than the disease.

Hat tip to Trent Stamp of Charity Navigator, who calls it "about the silliest thing I've ever heard."

67 national academies of science support evolution

The Interacademy Panel on International Issues has issued a statement in support of the scientific evidence for evolution (PDF), urging the teaching of the facts and evidence. The statement is endorsed by 67 national academies of science and the executive board of the International Council for Science.

The statement says that:

We agree that the following evidence-based facts about the origins and evolution of the Earth and of life on this planet have been established by numerous observations and independently derived experimental results from a multitude of scientific disciplines. Even if there are still many open questions about the precise details of evolutionary change, scientific evidence has never contradicted these results:

1. In a universe that has evolved towards its present configuration for some 11 to 15 billion years, our Earth formed approximately 4.5 billion years ago.

2. Since its formation, the Earth - its geology and its environments - has changed under the effect of numerous physical and chemical forces and continues to do so.

3. Life appeared on Earth at least 2.5 billion years ago. The evolution, soon after, of photosynthetic organisms enabled, from at least 2 billion years ago, the slow transformation of the atmosphere to one containing substantial quantities of oxygen. In addition to the release of the oxygen we breathe, the process of photosynthesis is the ultimate source of fixed energy and food upon which human life on the planet depends.

4. Since its first appearance on Earth, life has taken many forms, all of which continue to evolve, in ways which paleontology and the modern biological and biochemical sciences are describing and independently confirming with increasing precision. Commonalities in the structure of the genetic code of all organisms living today, including humans, clearly indicate their common primordial origin.

It goes on to give a statement about the nature of science.

For those who would like to see some of the supporting evidence for each of these four statements, I highly recommend the TalkOrigins website. For the fourth statement in particular, I recommend Douglas Theobald's article at the TalkOrigins site, "29+ Evidences for Macroevolution: The Scientific Case for Common Descent."

(Hat tip to Pharyngula)

Broadcast and audio flags, learn from history

The recording and movie industries want to force a "broadcast flag" and "audio flag" into TV and radio transmissions, and require all electronic manufacturers to enforce these flags to prohibit unauthorized copying and redistribution of such content. These flags have been entered into Sen. Stevens' telecom reform bill, and Sen. Sununu has a proposed amendment to take them out. This issue is being discussed in committee today, so if you've got a Senator on this list, call them today and ask them to support the Sununu amendment to remove both flags from the bill (there's a separate Sununu amendment that only removes the audio flag):

Chairman Ted Stevens (AK), (202) 224-3004                                
John McCain (AZ), (202) 224-2235                                         
Conrad Burns (MT), Main: 202-224-2644                                    
Trent Lott (MS), (202) 224-6253                                          
Kay Bailey Hutchison (TX), (202) 224-5922                                
Gordon H. Smith (OR), (202) 224 3753
John Ensign (NV), (202) 224-6244                                         
George Allen (VA), (202) 224-4024                                        
John E. Sununu (NH), (202) 224-2841                                      
Jim DeMint (SC), (202) 224-6121                                          
David Vitter (LA),(202) 224-4623                                         
Co-Chairman Daniel K. Inouye (HI), (202) 224-3934                        
John D. Rockefeller (WV), (202) 224-6472                                 
John F. Kerry (MA), (202) 224-2742                                       
Barbara Boxer (CA), (202) 224-3553                                       
Bill Nelson (FL), (202) 224-5274                                         
Maria Cantwell (WA), (202) 224-3441                                      
Frank R. Lautenberg (NJ), (202) 224-3224                                 
E. Benjamin Nelson (NE), (202) 224-6551                                  
Mark Pryor (AR), (202) 224-2353

The Consumer Electronics Association has a new advertisement out that shows the lunacy of the arguments for these flags based on the past record of these industries crying wolf about the dangers of new technology:

“I forsee a marked deterioration in American music…and a host of other injuries to music in its artistic manifestations, by virtue—or rather by vice—of the multiplication of the various music-reproducing machines…” -John Philip Sousa on the Player Piano (1906)

“The public will not buy songs that it can hear almost at will by a brief manipulation of the radio dials.” -Record Label Executive on FM Radio (1925)

“But now we are faced with a new and very troubling assault on our fiscal security, on our very economic life and we are facing it from a thing called the videocassette recorder.” -MPAA on the VCR (1982)

“When the manufacturers hand the public a license to record at home…not only will the songwriter tie a noose around his neck, not only will there be no more records to tape [but] the innocent public will be made an accessory to the destruction of four industries.” -ASCAP on the Cassette Tape (1982)

Matt Stoller refuses to come clean

Matt Stoller at MyDD wrote a blog post titled "Please lie to me about Net Neutrality" in which he repeated Tom Foremski's statement about Cox blocking Craigslist with a "blacklist," even though he was already aware that the issue had nothing to do with a blacklist. Now that the facts are well-known and accepted (including by Craig Newmark), he now insists that he never said anything to imply that Cox was intentionally blocking Craigslist, contrary to the written record, and accuses George Ou and David Berling at ZDNet of being "lying liars."

Look, Matt--why don't you just show some integrity and admit that you were mistaken to continue to repeat Foremski's statement after you knew there was no blacklist, and mistaken to claim that this issue has something to do with the kind of discrimination that network neutrality regulations intend to prohibit. When caught uttering falsehoods that you should have known were falsehoods, you should come clean and apologize, rather than engage in ad hominem arguments against those who point it out. Your continued demonization of your adversaries damages your credibility.

The future of connectivity options

Telco 2.0 has a nice list of types of connectivity options from a business and pricing model standpoint:

Name	Technical relationship of service and connectivity	Financial relationship of service and connectivity	Examples
vertically integrated interactive service	Integrated	Integrated	PSTN, mobile voice, SMS
vertically integrated broadcast service	Integrated	Integrated	FM radio, DVB-H
stand-alone best-effort connectivity	Separate	Separate	dial-up, today's broadband
QoS and billing enhanced connectivity	Application-aware; session/control plane integrated	Integrated	IMS
service-funded connectivity	Application-aware; no technical integration	Integrated	Skype Zones
user- or community-built free connectivity	Separate	Separate	Open Wi-Fi, basic muni service, mesh
local unrouted connectivity	Varies	No monetary exchange	Bluetooth, Family Radio Service
other connectivity	Application-agnostic	Tiered	Paris Metro pricing

They go on to give projections of the relative significance of each of these options from today through 2016--they foresee huge declines in the vertically integrated interactive service model and expansion of all of the others, with the greatest growth in the stand-alone best-effort connectivity model. That much is a pretty easy prediction based on the replacement of the PSTN with IP.

What's notable, though, is that there are other models besides stand-alone best-effort connectivity which they also see growing substantially, with QoS and billing enhanced connectivity the largest of those, through next-gen telco services like IMS.

Those who advocate network neutrality regulations should be careful not to endorse rules which would prohibit or impair the possibility of innovations using business models other than stand-alone best-effort connectivity.

Kentucky Governor blocks state employee access to critical blogs

Gov. Ernie Fletcher (R-KY), embroiled in scandal, has had the state block access to blogs reporting on the scandal, including the BlueGrassReport. The blocking was apparently put into place the day after the New York Times mentioned the BlueGrassReport blog. The list of blogs known to be blocked:

BlueGrassRoots
http://www.bluegrassroots.org/

The Compassionate eCommunity (Jonathan Miller)
http://compassionatecommunity.blogspot.com/

Kentucky Progress (David Adams)
http://kyprogress.blogspot.com/

Kentucky Republican Voice
http://kyrepublicanvoice.blogspot.com/

The Kentucky Democrat (Daniel Solzman)
http://kydem.blogspot.com/

Fletcher's administration is currently facing 15 indictments, including three misdemeanor charges against Fletcher himself for his role in a patronage scheme, forcing Democrats out of state civil service jobs and giving the jobs to his cronies. In the process he's lost 6 of his 9 cabinet members and is on his sixth press secretary since his 2003 election.

Content providers and ISPs: who really has the stronger hand?

George Ou points out a case where the content provider is already offering content only to the ISPs who enter into agreements with the content provider, rather than an ISP only allowing connectivity to content providers who enter into agreements with the ISP. While there are lots of examples of content providers making arrangements with individual users, it has been relatively rare that the arrangements are made on the part of an entire ISP. This is extremely common, however, in the cable industry, where there have frequently been disputes between content providers and cable companies which have led to content providers denying the use of certain popular channels unless the cable companies agreed to per-user fees or to carry other additional channels. A similar dust-up occurred in March 2004 in the direct broadcast satellite business, when Viacom and EchoStar (Dish Network) could not reach an agreement to carry some additional Viacom channels. So Viacom pulled local CBS channels it owned, MTV, Comedy Central, Nick at Night, BET, and other channels, until EchoStar budged.

In this case ESPN360 only makes its video content available to selected ISPs (including Adelphia and Verizon) but not to others (such as Cox, Comcast, Time Warner, and SBC). ESPN has regularly behaved similarly with respect to cable companies.

Proposed network neutrality regulations have had nothing to say about the inability of users to obtain content because content providers block their ISPs, or surcharges on ISPs by content providers for their users to have access to premium content. And this is even though there are often real monopolies on content (only a single provider owns it, and may completely control who has access to it, at least until it gets out to P2P networks), while there aren't any real monopolies on Internet access (though some network neutrality advocates have endorsed nationalization of "backbone," which would create a government monopoly).

I think that in general, the ISP does have more overall power and influence than the content provider, but there are exceptional cases where content providers like ESPN360 may have a stronger hand against ISPs. Overall, there's a lot more money spent on communications than there is on content (as Andrew Odlyzko's 2001 "Content is Not King" essay explained), and the real drivers of that spending are business and peer-to-peer communications, not content providers.

Digital camera blocking technology

Researchers at Georgia Tech have come up with a technology for preventing video cameras from working. The setup uses sensors to detect cameras from the reflectivity and shape of CCD sensors (or is it actually detecting the lens?), then directs a beam of light (potentially a laser) at the CCDs to prevent it from recording images. The prospective uses they suggest include prevention of piracy in movie theaters and as a countermeasure against espionage. Their small-area technology is apparently close to ready for commercialization, but the large-area version still has a ways to go.

The camera-neutralization technology "may never work against single-lens reflex cameras."

Let's hope it doesn't become a technology used to prevent the documentation of abuses, governmental or otherwise.