In short, [proponents of more aggressive copyright enforcement] made unrealistic demands on reality and reality did not oblige them. Copying only got easier following the passage of these laws—copying will only ever get easier. Right now is as hard as copying will get. Your grandchildren will turn to you and say “Tell me again, Grandpa, about when it was hard to copy things in 2012, when you couldn’t get a drive the size of your fingernail that could hold every song ever recorded, every movie ever made, every word ever spoken, every picture ever taken, everything, and transfer it in such a short period of time you didn’t even notice it was doing it.”

I’ve found myself stressing this to reporters who call to ask about what we should do “instead” of SOPA and PIPA, because the framing of this entire debate remains mindblowingly shortsighted. In five years, regardless of anything Congress does now, the current round of garment rending over “rogue websites” is going to seems as comically quaint and irrelevant as old jeremiads against the libidinous excesses of jazz dancing and Elvis lyrics. The big, dumb, obvious technological fact that an awful lot of smart people seem reluctant to grok is this: Copying and sharing information is vastly cheaper and easier than it has ever been at any time in human history. It is also vastly more difficult and expensive than it will ever be again.

This weekend I finally upgraded to the latest version of Mac OSX, Lion. Owing to some weird decisions by Apple, I had to install it from physical media: An 8 gigabyte “thumb drive,” which is really rather misnamed, because it’s actually about the size of two wooden matchsticks. The year I was born, that amount of data storage space—without any software—would have cost more than the office building you’d need to house it. The year I got my drivers’ license, it would’ve cost about as much as a good used car. In 2012, 8 gigs of storage is the kind of thing you give away as freebie conference schwag—like a logo-embossed pen, except a good deal smaller. If I decide to use it for something else now that I’m done installing the OS, it will easily accommodate about 4 feature-length films in high definition. IBM recently announced a breakthrough in storage technology that could increase current capacity by a factor of 100 within a few years, which means instead of just carting half our music libraries around with us in our pockets, we’ll have entire music libraries, and high-def video libraries to boot.

One of the features I noticed they’d added in Lion is Airdrop, which establishes an ad hoc peer-to-peer WiFi connection with other nearby Apple devices. This isn’t particularly useful for my desktop, since anyone who’s actually in my apartment is probably already on my home WiFi network, but one can imagine it being awfully handy for mobile devices. “What am I listening to? Hang on, I’ll beam it over.” For transfers outside physical proximity, the next generation wireless data standard recently approved by the International Telecommunications Union maxes out at about a Gigabit per second. In practical terms, that means about a minute to transmit  an uncompressed music CD (and much shorter for, say, MP3s at the bitrate you get from iTunes) or 90 seconds for a high-definition TV episode.

Existing online social networks, with near universal adoption in many social circles, already provide a trust infrastructure for limited sharing that will make these kinds of transfers almost impossible to police—or even reliably detect. In a world where every teenager in the country is carrying a pocket-sized server, and encrypted wireless VPN relays can run out of palm-sized cubes, an enforcement strategy based on raiding data centers is just going to look cute. Legislators who think “the Internet” means “the Web,” who are too fixated on the problems some lobbyist is complaining about right now to think two steps ahead, are in for a rude awakening. They’re in the grip of the enforcement fantasy: The misapprehension that technology is going to stay still long enough for traditional, targeted law enforcement approaches to effectively limit the scope and scale of copying.

That’s not to say that nothing can be done to avert a near-future world of largely unregulated and unregulable copying and sharing. If we were willing to implement  a comprehensive scheme of innovation-stifling technology mandates and pervasive surveillance so absolute as to  make the People’s Republic of China look like Burning Man, it could at least be delayed. But I assume that the United States is not yet prepared to completely betray its basic principles to safeguard the profitability of Friends reruns.

If we’re not willing to be China, though, then all these discussions about “what we’re going to do” about piracy are just the wonky equivalent of fanboy debates about whether Wolverine would beat Batman in a fight, for all the bearing they have on reality. What are we going to do that makes a long-term difference? Nothing. Anyone who wants to copy stuff without paying for it can do so easily, and it only gets easier and faster from here. Finding this morally outrageous or throwing a tantrum about the deep unfairness of it all won’t make it less true, though the tantrum might break a vase or two.

A slightly more Zen approach would be to “accept the things you cannot change,” as the coffee mug has it, and take the opportunity to step back and reevaluate. We have a legal structure for incentivizing creativity that makes copying and public performance the key points of regulatory intervention. There isn’t some deep moral reason that it’s these points and not others. There are lots of other ways to enjoy creative works without paying the creator, after all: Borrowing a copy, buying used, watching at a friends house, DVRing the broadcast and skipping all the commercials, incessantly singing (to yourself or with a friend) that catchy tune you overheard in the cab. Nobody tries to claim those are “stealing,” mainly because we’ve decided not to try to regulate those activities.

We decided to regulate copying instead, because copying was a lot easier and cheaper to regulate when we wrote the copyright statutes. Copying a book or record on a mass scale, unlike lending or singing in the shower, was not the kind of thing an ordinary person had the necessary equipment for—and the equipment tended to be bulky enough that you could usually track it down without having to pry into a lot of homes (and bathrooms). But the thing we decided to regulate because it was rare and expensive is now as cheap and ubiquitous as all the other stuff we didn’t regulate because it was cheap and ubiquitous. The good news is, most people are still glad to pay for the content they really like, if it’s provided in a convenient form and at a reasonable price, even when they can (or did!) easily copy it free. But maybe that’s not enough, and there are other points of regulatory intervention that will help creators internalize enough of the value of their output to make the investment worthwhile. That’s an actually productive subject of inquiry, but it’s not one anybody’s putting much effort into as long as they remain in the grips of the enforcement fantasy.

The last innovation is always safe. That’s why it’s easy to claim concrete examples of the harm regulation might do are hyperbolic fearmongering: Nobody’s going to shut down YouTube or Twitter now, because we’ve already seen the incredible value creation they enable, even if they also make it a bit easier to infringe copyrights. And anyway, the success stories eventually get big enough to afford their own fancy lawyers. It’s the next platform that we risk strangling in the cradle, because every new medium starts out recapitulating old media content before it becomes truly generative. Early radio is full of people reading newspapers and books out loud. Early TV and film looks like what you get when someone points a camera at a stage play.

An important thing to understand about innovation that involves computing technology, annd in particular innovation in Web platforms, is that it’s user-driven to a much greater, much faster extent than we’re accustomed to. It is, of course, impossible to predict how a major new technology like the car or the cell phone will change society over the long term, but you have a pretty good idea what the technology is for at the time it’s introduced. I doubt Ford anticipated drive-in theaters, but he knew that the Model T was a machine for getting you from point A to point B.

Online innovation isn’t really like that. The most important new platforms of the Internet era have essentially opened up a space and seen what thousands or millions of users communicating with each other want to do with it. Think of the early phases of Twitter’s popularity, when there were plenty of pundits scoffing at this fad for letting people know what you had for breakfast—which at first was not a wholly inaccurate picture. Nobody anticipated that it would play a pivotal role in global anti-authoritarian revolutions, or that CNN would soon be mining it as a kind of realtime Zeitgeist thermometer during debates and primaries.

On the Internet, you don’t know what a new technology is for until you see what people do with it. Biologists have a saying: “Evolution is smarter than you are.” They mean that even a fundamentally blind process of trial and error, iterated over millions of years, will come up with better solutions to adaptive problems than even the cleverest primate product of that process. Smart tech entrepreneurs know how to take advantage of the corrolary: The Internet is smarter than you are. Online innovation is a collaborative process, and the most interesting uses the users find for your platform won’t neecessarily be the ones you intended. Indeed, that’s the guiding idea behind the “end to end principle” that has made the meta-platform of the Internet itself so incredibly generative. The pipes are, more or less, dumb: They know how to pass packets. Everything actually intereresting about the Internet arises from what people do on top of that dumb infrastructure, and it works because the pipes are basically open. A coder with a new idea doesn’t have to convince someone to enable the functionality they’re interested in implementing—a feed of 140 character messages? come on, who needs that?—they just try it, and the ideas that provide value spread like wildfire.

One corrolary of this is that the initial phase of deployment for a new platform is typically going to be the “what I had for breakfast” phase—the experimental phase when people are trying out a lot of different things and figuring out what the platform is good for. And very often, the first thing it will be good for is copyright infringement.

Consider YouTube for a minute. Seven years in, we see a dizzying array of creative purposes YouTube is good for. There’s professional quality programming produced specifically for YouTube, fantastically creative amateur mashups, lip dub videos, aspiring Biebers singing cover songs, amateur talk shows and game reviews and diaries, cute kittens and playful toddlers, kids showing off their light-saber skills, and a surprising number of people just unpacking the loot from their latest trip to the mall. We have an online video culture——a meme culture, if that’s not too redundant—that provides a thousand models for the kind of thing someone with a webcam and consumer video editing software might want to do with the platform… along with the realization that you, too, could even create a whole new genre.

In 2006—on YouTube, day one—none of that existed. We didn’t even have a mental model of what mass amateur video creation would look like, never mind the actual content to populate the platform. What did exist was a lot of copyrighted music and video sitting around on people’s hard drives. Needless to say, it would not have been feasible on day one for the platform to effectively pre-filter every user upload and determine which videos infringed someone’s copyright. A filter algorithm wouldn’t be able to tell the difference, up front, between Fair Use and simple infringement, even if it had amassed in advance an enormous and constantly updated database of content samples to compare uploads against. (And of course, when the platform isn’t limited to a specific type of content—like video or music—a filter can’t do much of anything with a compressed or encrypted file.) The only way for the platform to launch at all, in anything remotely like the form we know it, was to launch open.

I don’t clearly recall what all was on YouTube in those early days, but I’d wager the proportion of copyright infringing material was a good deal higher than it is today, because on day one, that’s most of what there was to upload. For those who figured out how to download or capture the underlying video files, though, those clips would provide the raw material for a lot of the creative, transformative fair use output that is now virtually synonymous with the platform.

We can even see something analogous in older industries. Japanese companies started by making cheap knock offs of American technology, then learned enough to start innovating themselves. One rather telling passage in a 2010 GAO report on counterfeiting and piracy suggests that the most important effect of “counterfeiting” is actually knowledge transfer: The thing that enables the copiers to rapidly transform themselves into legitimate competitors.

We can boil all this down to a few basic principles:

(1) In their early phases, new and open platforms for user-contributed content will tend to look a lot like tools for copyright infringement, because copying naturally precedes creation.

(2) Generative platforms need to “launch open” in order to fully harness the creative and innovative capabilities of a distributed user base.

(3) This creates a tradeoff between copyright enforcement and generativity. A regulatory regime that is more protective of one interest will tend to yield more “collateral damage” to the other.

(4) The collateral damage to copyright interests will always—and especially initially—be more visible than the damage to generativity. Copying that does happen is apparent, but there’s no way to detect user-driven innovation and creation that doesn’t happen. If you knew what to expect in advance, it wouldn’t be innovation.

(5) The value of existing intellectual property,  its production mechanisms, and its distribution channels, is already apparent. The owners of those assets can readily identify themselves and each other, making it relatively easy to organize to advance their interests, and point to visible harms inflicted by open platforms. Beneficiaries of future generativity are less easy to organize because they don’t know who they are yet.

(6) This creates institutional and political bias in favor of protecting IP at the expense of generativity. The bias itself is undetectable because its primary manifestation is a relative absence of change.

(7) Attempts to  strike a calculated balance between these interests on the basis of what we currently know about the uses of technology will tend to get it wrong. Hence SOPA, PIPA, PRO-IP, ACTA, and all the rest.

Proponents of ever stronger and longer copyrights, supported by ever more draconian enforcement mechanisms, like to toss around terms like “piracy” and “theft” for the emotional reactions they provoke. This is not, as Matt Yglesias notes, an aid to clear thinking: Copyright infringement and theft are both illegal—along with jaywalking, murder, and speeding—but they’re otherwise quite different acts, which are quite properly treated very differently as a matter of law, and prioritized differently as a matter of enforcement practice. The most obvious reason the analogy fails is that “theft” centrally involves depriving the owner of the thing that’s stolen. Copying a CD or DVD for a friend—or letting them borrow your copy, for that matter—may occasionally displace a legitimate purchase, but it doesn’t leave the artist or rightsholder with any fewer copies than they had before. That’s not to say copyright infringement isn’t also problematic, or something the government needn’t worry about deterring. Copyright maximalists insist on “theft” instead of “copyright infringement,” however, mostly because they don’t want people thinking too hard about the myriad ways these offenses are different, and how they might therefore call for different policy responses.

But if the defining characteristic of theft is that it deprives the victim of something they were entitled to use and enjoy, then there are things that can accurately be described as “intellectual property theft.” When legislators—many of whom now support censoring the Internet to stop “piracy”—rewrote the copyright bargain with the Sonny Bono Copyright Term Exension Act, they retroactively extended the monopoly of rightsholders over existing works by 20 years. That retroactive extension, of course, did nothing to incentivize new creation. And since economists have estimated that the present value of a copyright monopoly was already barely distinguishable from the value of an unlimited term, it’s doubtful that even the prospective extension bought us much additional creativity. But it did mean that the general public would be denied, for another 20 years, the free use of works that had been slated to fall into the public domain under the original copyright bargain. That sounds more like “theft” of intellectual property—and not just theft from a particular creator or industry, but from the whole of the public.

When rightsholders engage in copyfraud, insisting that other creators beg for permission and pay licensing fees for “fair uses” copyright law allows—and when skittish lawyers make that insistence effective, creators and their audiences are deprived of a use of that intellectual property they’re entitled to. When overbroad DMCA notices sent by careless lawyers remove original creations that making novel transformative use of prior work from the public Internet, users are robbed of art they are entitled to enjoy.

The pillaging of the public domain is real “intellectual property theft.” How about a crackdown on that?

Now,  Brad Plumer reports, there’s research suggesting that online review sites like Yelp are cutting into chains’ bottom line by providing an alternative solution to the information problem. The combination of peer-produced online reviews (which cover local diners along with the big-city restaurants) and mobile, location-aware Internet devices has made it incredibly easy  to figure out where you can find the nearest restaurants with good reputations, wherever you might be. Under conditions of uncertainty, the chain represents a rational maximin strategy. As ubiquitous connectivity and peer-production of information reduce that uncertainty, the chain becomes an unnecessary hedge.

Yet it’s not just chain restaurants that have thrived by using standardization and branding to solve a consumer information problem: Branding and marketing generally often serve much the same function. Frequently, generic or store-branded products (soda, cereal, ibuprofen) are literally chemically identical to the more recognizable name-brand product, and only cheaper because they haven’t been saddled with the overhead of a costly marketing campaign designed to signal quality. (Think of the traditional argument for the evolution of peacock feathers: To survive while paying the high overhead cost of such a gaudy display signals genetic fitness.)

Imagine, then, what effect it might have if, five or ten years hence, augmented reality using sophisticated image recognition were as ubiquitous as Internet-enabled phones are becoming in the developed world. Imagine that, for nearly any product consumers encountered, some kind of aggregate rating—based on whatever criteria the individual has determined are most important—would simply appear, with minimal effort. Simply looking at an aisle of products—or even passing shops on the street—I might effortlessly learn which were deemed most satisfactory by people with tastes similar to mine. My incentive to take the time to rank products would be provided by my desire to give the system a basis for determining which other user’s rankings were most likely to be relevant for me. (Think here of Netflix recommendations or other type of social filtering, where contributing ratings enables the system to make better predictions about what I am likely to enjoy.)

With such information more directly available, marketing would become far less relevant to the buyer—and a far less worthwhile investment for the producer. Products, of course, would still need to be distinguished in some way, but a seller with a superior product would be far better able to compete without investing in a costly national marketing campaign. Advertising might be initially important in raising awareness about a new product and building an initial pool of reviews, but its salience would rapidly diminish.

That’s one way things might go, at least. The picture is a bit complicated because today we often “consume” the brand, and not just the product itself. That is a company like Nike might invest a great deal in slick marketing partly in order to create a series of public associations with their logo, so that part of what I’m buying when I purchase their sneakers is what (I hope) the Swoosh signals about the sort of person I am—or how I see myself, at any rate. But this seems like a major consideration in a relatively limited number of product areas, such as clothing (precisely because it’s displayed on the person). If that’s right, the “Yelp Effect” in world where augmented reality technology has been widely adopted could dramatically diminish the broader cultural prominence of corporate logos and brands.

The conspiratorially minded hinted that this might be overt political censorship, which was presumably good for clicks, but also completely ludicrous if you thought about it for ten seconds or so. Try to imagine the conversation:

Suit: Hey, Steve, listen, I know it’s sorta winding down, but I’m starting to worry this little Wall Street protest could spell the end of our nefarious system of capitalist exploitation. So I want you to start giving people error messages when they try to send legitimate e-mails about the protest. Sure, it’ll piss off our user base, and it’ll probably be terrible PR, but it’s a small price to pay for crushing the Revolution. We’ll fix the block within a day or so and blame it on a “technical error.”

Tech: But, sir, listen… most active Internet users these days have a second e-mail account, not to mention Twitter, Facebook, IM, Google+, blogs… won’t blocking people’s e-mails in such an obvious way just annoy our users for no reason, and draw more attention to the protest? I mean, the blocking in Egypt was a lot more comprehensive and sophisticated, and they still ended up having to shut down the whole Internet—do you really think one provider’s crude filter is going to make that much difference in a protest that’s already been so widely announced? Also, uh, I’m no lawyer, but political censorship doesn’t sound like a “routine business purpose.” Even if our lackeys in the corporate press can be persuaded to look the other way, aren’t we opening ourselves to a federal felony prosecution under the Electronic Communications Privacy Act if anyone figures out we did this on purpose? What exactly is the benefit to Yahoo! of inviting a potential shitstorm just to block a tiny percentage of emails about one more demonstration?

Suit: Hell’s bells, Steve, where’s your ruling class solidarity? Your career, my career, even the company itself—all well worth the risk if our dear friends at Goldman Sachs have one less hippie to wade through on the way to work!

Here’s an ever so slightly more plausible scenario. There’s suddenly a huge uptick in e-mail traffic, maybe a lot of basically identical messages CCed to large numbers of users by enthusiastic activists, with a link to a very recently registered domain. Lots of recipients who got a copy from vaguely-recalled acquaintances blasting their address books flag it as spam, and (whoops) the Yahoo filter algorithm decides the URL is a spam marker. Also, given that Anonymous has been one of the more vocal champions of this particular protest, it’s not exactly beyond the realm of possibility that some overeager supporters might have tried to do some kind of automated mass notification. Let’s tentatively say that this is at least as plausible as the whole pointless-and-risky-conspiracy-that-makes-no-sense theory.

So this is a “move along, nothing to see here” kind of story? Ah, not at all! The second scenario is actually still pretty disturbing: It means a bunch of legitimate political speech got blocked on the basis of some very superficial similarities to mass emails that the algorithm might well have reasonably pegged as spam. That’s still a fail on Yahoo’s part, and a sign they really ought to take another look at their detection algorithm.

Still more worrisome, though, is the possibility that if they don’t fix it, this incident makes it clear that it’s possible to exploit Yahoo’s algorithmic overkill to block third-party messages containing certain phrases or (especially) links. In this case, it was probably an inadvertent, distributed own-goal scored by people whose sincere attempt to promote a cause backfired. It could just as easily be exploited deliberately by someone sending pseudo-spam seeming to promote a cause they actually wanted to harm. In a way, this would be a modern variant of a classic political dirty trick: A campaign starts putting out offensive flyers or annoying, repetitive dinnertime robocalls purporting to come from their opposition—and the bewildered opposition suffers the backlash. Imagine what an unscrupulous political operative could do in the 48 hours before election day with a false-flag spam campaign? Not only do they pepper voters with hard-to-attribute misinformation, but as a lagniappe, they manage to block the opposing campaign and its supporters from sending genuine get-out-the-vote messages!

I guarantee you that somewhere out there, the Karl Rove of the Social Media Douchebag set has already thought of this—sits steepling his or her fingers and emitting a guttural “eeeeexcellent” at the prospect. That gives Yahoo about 13 months to fix the problem before it resurfaces in a way that might actually make a difference.

The question at the heart of the suit is: Does this constitute illegal wiretapping? A free tip if you ever want to pose as an online privacy expert: For basically any question about how the Electronic Communications Privacy Act applies to the Internet, the correct answer is “It’s complicated, and the law is unclear.” Still, being a little fuzzy on the technical details of how Paxfire and the ISP accomplished this, I thought about what the end result of this was without focusing too much on how the result was arrived at. The upshot is that Paxfire (if we take their description of their practices at their word) only ends up logging a small subset of terms submitted via address bars, which are at least plausibly regarded as user attempts to specify addressing information, not communications content. In other words, I basically treated the network as a black box and thought about the question in terms of user intent: If someone who punches “apple” into their search bar is almost always trying to tell their ISP to take them to Apple’s website, that’s addressing information, which ISPs have a good deal of latitude to share with anyone but the government under federal law. And it can’t be wiretapping to route the communication through Paxfire, because that’s how the Internet works: Your ISP sends your packets through a series of intermediary networks owned by other companies and entities, and their computers obviously need to look at the addressing information on those packets in order to deliver them to the right address. So on a first pass, it sounded like they were probably clear legally.

Now I think that’s likely wrong. My mistake was in not thinking clearly enough about the mechanics. Because, of course, neither your ISP nor Paxfire see what you type into your address bar; they see specific packets transmitted to them by your browser. And it turns out that the way they pull out the terms you’ve entered in a search bar is, in effect, by opening a lot of envelopes addressed to somebody else.

Some quick Internet 101: When you type “apple.com” into your address bar, your browser first checks with your ISP (or, if you’re a techie, maybe with some other Domain Name System server you’ve specified) to look up the computer-friendly numerical address corresponding to the human-friendly URL. Then the browser sends a GET request—basically just a packet saying “give me this page please”—to the IP address of the machine where it think apple.com lives. But if you just type “apple” into a lot of modern browsers, then depending on their settings, they may not pass that on to your ISP’s DNS server at all. Instead, the browser recognizes that you’ve entered something that isn’t formatted like a URL, and sends a packet straight to your default search engine, whose content is “please give me a page of results for the search term apple.” That’s annoying to the ISP, because it means they get cut out of an opportunity to monetize your eyeballs by (for instance) charging Apple to send you straight there, or delivering you their own search results (with their own ads).

According to some network researchers who explained their findings at EFF’s site, here’s how Paxfire and some of its ISP partners have apparently solved the “problem.” When your browser goes to look up the IP address of your default search engine—that is, when it asks your ISP’s domain name server where it can find “Bing.com” or “Google.com”—the ISP just systematically lies. It tells your browser that one of Paxfire’s servers is really Google.* Paxfire then acts as an invisible proxy, or “man in the middle”: It looks at the request your browser was trying to submit to Google, and in most cases resubmits the identical request to Google itself, then passes along Google’s response without logging anything. An ordinary user wouldn’t notice that Paxfire had been involved at all. But! When their servers see a search that was both originated from a browser’s address bar (the search parameters apparently reveal this) and matches their list of trademarked terms, they’ll log the query and instead return their own page.

The crucial point here is that by the time the packet gets to Paxfire, it’s no longer ambiguous whether “apple” was supposed to be an address or a search term. By the time it gets to Paxfire, “apple” is the content of a message addressed to Google, which reads “please send me search results for apple, and by the way, I’m asking from a Firefox address bar.” The mechanics are opaque to the average user, but Paxfire is in effect combing through all these messages to find the ones that maybe, possibly, perchance the user really meant to be an address rather than a search request, because they don’t really understand how their browsers work. And thaaats kinda wiretappy.

Except, of course, it’s still complicated. If an ordinary citizen taps your phone or your Internet connection, they’re guilty of wiretapping (a felony, for those keeping score at home) the instant they “acquire” the communication, regardless of what they do with it. If I rig your computer to send me copies of all your emails (without your consent), it makes no difference whether I ever read any of them or use them for any purpose. If, for some bizarre reason, I’ve done this and then set my system set to automatically erase the e-mails upon receipt, I’m still equally guilty of illegal “interception” of your communications. (It’s a separate offense to “use” or “disclose” communications that have been illegally intercepted.) The crime occurs at the instant of acquisition.

The rules are different for telecom companies, because the only way to have communications on a packet switched network is for various intermediaries to “acquire” your communications in order to pass them along. So the Wiretap Act’s definition of “interception” explicitly excludes acquisition by a provider’s computers in the “ordinary course of business.” It’s a separate offense for the provider to “divulge” the contents of a communication to any third party, and here there’s no loose “ordinary course of business” exception. Third-party disclosure is allowed when it’s a “necessary incident” of providing the communications service, or when the contents are passed to an entity whose facilities are used to forward the communication to its intended recipient, or with the consent of one of the parties to the communication. (There are a bunch of other exceptions, but they’re not relevant here.) The interesting wrinkle here is that while for most of us, it’s simple to determine when we’ve “intercepted” a communication, for telecom providers it’s kind of complicated: Unlike the rest of us, they’re allowed to acquire and disclose other people’s communications in the ordinary course of business, so whether an illegal interception has occurred doesn’t just depend on where the data goes, but on what they’re doing with it, and why.

Unsurprisingly, Paxfire’s reply to the suit against them seeks to invoke the “ordinary course of business” exception, among other arguments. Exactly what qualifies as the “ordinary course of business” in this rapidly changing industry is an open question, and circuit court rulings are all over the map, with none directly on point. If that were what we had to assess, I might say flip a coin. But the standard for “divulging” to third parties is more stringent—which makes sense, when you think about it. The law essentially gives providers more leeway in deciding what kinds of internal monitoring or processing are necessary, but sets a higher bar for disclosure to others.

Claiming that redirection of search traffic to Paxfire is a “necessary incident” of service seems like a nonstarter. The more obvious out for the ISPs here is 18 U.S.C. 2511(3)(b)(iii), authorizing disclosure to a person whose facilities are used to forward the message. But a little common sense is needed here: Anyone eavesdropping on a realtime packet-switched communication would normally forward the intercepted packets to their intended recipients. We can’t read this as a sort of blanket loophole for wiretapping executed as a man-in-the-middle attack.

What seems dispositive here is that, while Paxfire is ultimately forwarding most query packets to their intended recipients, ISPs aren’t routing traffic through Paxfire as a means of getting it to the intended recipient, Google. The more direct way to achieve that would be not lying to our browsers when they ask for Google’s IP address, and letting our requests go through normally. Rather, the only rationale for routing the traffic to Paxfire is what they do other than the normal routing and forwarding Internet switches do. The only difference Paxfire makes is that it sometimes doesn’t just forward packets to their intended recipients in the normal way, but sends the user to some affiliate’s page instead. It would make a kind of nonsense of the statute to apply the forwarding exception to these circumstances.

Perhaps counterintuitively, it’s not nearly as clear that Paxfire itself falls on the wrong side of the law here, because a court might well regard their actions as covered by the telecom provider’s “ordinary course of business” restriction on the statutory definition on “interception.” If everyone whose traffic was routed through Paxfire had clearly given informed consent to the filtering and occasional rerouting of their search queries, what Paxfire’s doing would clearly be legal, and one could argue it’s really the ISP’s problem to ensure they’re allowed to pass along the traffic they do.

That, of course, brings us back to the crucial question of consent. All of this is moot if the ISPs had the informed consent of their subscribers to do this. Paxfire says they all did, pointing to privacy policies like this one on RCN’s website. But it’s not clear that this does or should meet the relatively high standard for consent to interception under the Wiretap Act. Congress clearly wanted to establish a pretty strong presumption against the interception of communications content. In this case, that means that when monitoring or disclosure go beyond the “ordinary course” and “necessary incident” exceptions, it seems appropriate to demand that each individual whose communications are intercepted have actual, specific, effective notice that their communications are subject to interception. In considering a case involving workplace monitoring of an employee’s personal calls, the 11th Circuit gave an indication of the stringency of the consent requirement:

It is clear, to start with, that Watkins did not actually consent to interception of this particular call. Furthermore, she did not consent to a policy of general monitoring. She consented to a policy of monitoring sales calls but not personal calls. This consent included the inadvertent interception of a personal call, but only for as long as necessary to determine the nature of the call. So, if Little’s interception went beyond the point necessary to determine the nature of the call, it went beyond the scope of Watkins’ actual consent.

Consent under title III is not to be cavalierly implied. Title III expresses a strong purpose to protect individual privacy by strictly limiting the occasions on which interception may lawfully take place.

Your mileage may differ, but that sounds hard to square with the claim that “consent” exists for each user provided that whichever member of the household pays the bills checked a box next to a link to a dozen pages of dense legal boilerplate, which studies suggest nobody actually reads. Title III, after all, is to a substantial extent a regulation of telecom operators themselves—which means it would be contrary to the purpose of the statute to let them so easily disclaim liability, and to pile broad new exceptions atop the detailed list Congress created.

The key point to bear in mind here is that the strong statutory presumption against interception is of enormous benefit to the providers. People normally don’t scrutinize the legal boilerplate on ISP privacy policies, I want to suggest, because they take for granted that wiretapping is illegal, and that ISPs will not, in fact, routinely allow marketers to sift through the contents of their private communications. If users and customers had to fear that a communications provider was likely to assert the right to do this, based on item D(3) on page 12… a lot of providers would lose a hell of a lot of business, because most people don’t want to have to get a JD in order to be able to feel confident they can communicate securely. I know some of my libertarian friends will say it would be better if everyone did have to pay close attention to all these clickwrap contracts, but in the world we currently live in, people do rely on the strong statutory default prohibiting interception and disclosure. Providers whose business depends pretty heavily on consumer expectations of a strong default shouldn’t be allowed to turn around and assert that the default is actually so weak as to be almost trivially overcome when it might permit them to rake in a few extra bucks on the side.

* Actually, they’ve apparently stopped proxying Google specifically, but roll with me for illustrative purposes.

In other words: movie and TV theft is inevitable. Why? Because it’s easy to steal something that, in physical form, exists only as data, and easy to justify stealing it as a result?

First, as Masnick notes: Yes! However huffy you get about it, however morally outrageous you might find it, online copying clearly isn’t going anywhere. Lots of bad things are, indeed, pretty much inevitable regardless of what we think about that fact.

Second, a couple things worth pointing out about this familiar copyright maximalist trope. You know the one: “If you wouldn’t shoplift a CD, you shouldn’t think it’s any less wrong to ‘steal’ music and movies just because it’s easier to get away with!”

I always find this an odd line to take, because one of the reasons it’s easy to get away with copyright infringement than theft is that copying has no direct impact (and in many cases not even an indirect impact) on the rights holder, which means they don’t just have to expend resources to find infringers—it takes some work just to find out how much infringement is happening! And this seems relevant to the aptness of the equivalence with stealing.

Suppose I tell you that assaulting people is wrong, and it doesn’t become any less wrong just because it’s easy to get away with, owing to the fact that the victim doesn’t notice. You might think a reasonable response is that, while it’s surely possible for a genuine assault to go unnoticed by the victim under certain circumstances, that sounds like a prima facie reason to wonder whether what we’re talking about really is an assault. It’s a little odd to lean on this “don’t forget it’s theft just because it’s so easy!” when the reason it’s easy is also a reason it’s not a whole lot like real theft.

The other point to make is that, while I’ve certainly never done it, shoplifting actually also seems pretty easy. I suspect a well-dressed person who’s minimally clever about it could routinely just walk off with small items from brick-and-mortar shops. For someone in the habit of doing it, safely pocketing a couple items from a low-security store now and again probably is not appreciably more difficult or risky than hunting down a new movie on BitTorrent. Probably some small percentage of adults do just that. But the vast majority of people who download pirated music or movies clearly don’t. Indeed, probably the reason it would often be easy is precisely that the vast majority of people think stealing is wrong, and so most people don’t do it even when they can easily get away with it. Since most people are honest, shops that don’t sell especially expensive items generally don’t find it worth investing in higher security to deter the few exceptions, since the security would often cost more than the stolen items.

That makes this, too, an oddly counterproductive comparison for copyright maximalists to make. Because once you acknowledge that physical stealing is, in many circumstances, effectively about as easy and low-risk as pirating, you need to come up with some other story to explain why vast numbers of people who’d never dream of doing the former will do the latter. And the obvious answer is that despite a relentless propaganda campaign aimed at equating the two, most people intuitively see a difference between copying and stealing, for reasons that have nothing to do with how easy or risky it is. That doesn’t mean people who pirate necessarily think it’s morally unproblematic—they might do it a bit guiltily, thinking they really ought to be paying—but regard it as a venial sin, not something on the same order as real theft.

Of course, a widespread moral intuition is no infallible guide—plenty of societies countenance grossly immoral practices—but it seems at least like an important data point, at least. First, because it seems wildly out of wack to impose such enormous penalties (often, indeed, far in excess of what would apply to someone who did shoplift the same music) on actions that most people sincerely do not regard as wrong. Even if it were the efficient thing to do (because only very high penalties will deter piracy enough to save valuable industries) it would not seem particularly just. Second, because any system of rules relies overwhelmingly on voluntary compliance—on people respecting the rules because they dovetail with people’s views about what’s right and wrong, not because of formal enforcement measures. That makes law and regulation that run contrary to people’s moral intuitions vastly more costly to enforce, precisely because so much more actual enforcement is necessary to achieve the same level of compliance. That, in turn, means that the social gain from achieving given level of rule compliance has to be much higher to make the rule worthwhile.

I recently did a diavlog with my friend Tim Lee on the new BloggingHeads spinoff site TechHeads, during which I had a thought that seems like it might be worth spinning out. We’re all accustomed to seeing horror stories about ludicrously broad, bad technology patents that have given rise to a wasteful arms race between real tech companies and patent trolls. A growing body of scholarly literature suggests that two decades of software patents, in particular, have been a hindrance rather than a net plus for innovation, and I think it’s worth thinking a bit about why that’s especially likely to be the case.

It has probably always been the case that our intellectual property policy has been skewed by a romantic vision of the lone genius in his workshop crying eureka! as some radical breakthrough strikes—when real innovation is more a matter of gradual, cumulative evolution. But I suspect it’s also true that one kind of innovation is more likely when you have a small number of pioneers working in a new field. A Newton or an Einstein born today wouldn’t be as likely to make similarly earthshattering contributions, partly for the simple reason that Newton and Einstein already did it (you can’t write the Principia twice), and partly because with thousands of people making small, incremental additions to our knowledge pool, it’s harder for even a genius to outpace them in a single bound. But we still want our genius—an identifiable individual to credit with the latest leap forward.

The thing is, as technologies mature, and innovation is more likely to proceed by a series of increments that shouldn’t be individually patentable, it also becomes much harder to police the quality of patents, which makes it more likely bad patents will slip through. To see why, consider the old economist’s aphorism that “division of labor is limited by the extent of the market.” That is, the more people are connected in an extended system of economic cooperation, the more specialization becomes possible. Robinson Crusoe has to be a generalist—has to know how to produce everything he’s going to consume. In a small isolated village, most people need to be food producers first and foremost, and a few others can focus on providing other necessities. In a globally networked marketplace, an incredible amount of specialization is possible—which is why, notoriously, there’s almost no type of porn so bizarre or niche that someone hasn’t created a website dedicated to providing it.

When my parents were children, “computer programmer” was not even an occupational category. Now we have thousands upon thousands of people who specialize in working on very specific types of software: Web applications or encryption or databases or first-person-shooter games. Crucially, an innovation developed by one person can be circulated to a whole community almost instantaneously—which makes it less likely that we need a “genius” to make huge innovative leaps because small components of his big idea, if they do already exist, are scattered across obscure journals in other languages where he’ll never encounter them. Predictably, this enables an enormous amount of very rapid progress.

It also makes it a lot harder to evaluate patent quality. Patents are not supposed to just be a pointless monopoly granted to the first person who happens to file a description of a particular invention with the Patent Office; the justification for granting the monopoly is that it (in theory) elicits innovations that would not exist but for the incentive a patent provides. To that end, patents are only supposed to be granted for inventions that are “non-obvious.” But of course, “obvious” is a relative term: You wouldn’t want to give an industrial engineer a monopoly on some minor improvement to a production process just because it might not be obvious to me. The standard, rather, is whether it would be obvious to a person “skilled in the relevant art” applying reasonable diligence and effort.

The more highly specialized professionals are in rapid communication with each other, the more likely it becomes that you’ll see innovations that are “obvious” because they involve combining various disparate kinds of incremental prior innovative steps, but which don’t have “prior art”—meaning nobody has taken that exact step before, because it required a bunch of other pieces to be in place before it was viable. So searching for “prior art”—if that means exactly the same preexisting invention—becomes a less reliable guide to what is “obvious” in the relevant sense. But as specialization increases, it also becomes vastly more difficult for a patent examiner with broadly relevant training (engineering and electronics, say) to use his own understanding and expertise as a guide to what is truly “obvious” to someone trained in the specifically relevant domain (say, engineering mobile cellular data networks). It’s increasingly unreasonable to expect even the smartest and most diligent examiner—even assuming away all the bureaucratic and institutional incentives to err on the side of granting patents—to judge the “obviousness” of innovations across an ever-proliferating array of subspecialties.

As specialization increases the number of eyes on each particular type of problem, it also shifts the degree of non-obviousness that makes the granting of a patent monopoly a wise bargain for society. As I suggest above, when a small number of people are working on a problem, and in only sporadic communication, then you’re more likely to need someone to make a big leap to hit on an innovation rather than relying on the accumulation of many small incremental insights. (Perversely, patents may create an incentive to keep quiet about those incremental insights along the road to a functioning, patentable idea.) But sheer numbers also make it vastly more likely that someone—and more likely many someones independently—will arrive at even less-obvious ideas. If only 1 in 100 people working on a type of problem would hit on a specific solution, it seems a stretch to call it “obvious.” But if there are 10,000 people working on the same class of problems, that’s still 100 independent inventors.

That very much changes the shape of the problem patents are meant to solve. If you’re in a market with a dozen other players, then in the absence of a patent monopoly, your inventive might be to take measures to keep that one-in-a-hundred innovation secret so your competitors can’t copy it. (Send me your raw materials and I’ll apply my new improved production process behind closed doors, rather than making a machine to sell.) The public loses the benefit of learning how the invention works because secrecy is an effective alternative means of maintaining a monopoly. If there are a thousand other players in the same market, the perverse secrecy incentive drops away, because you can be reasonably sure lots of other people are going to hit on the same invention, and it’s likely that your costly efforts to maintain secrecy won’t actually leave you with a monopoly, or even ultimately prevent the knowledge of how the invention works from getting out.

More specialization, in short, means that society can get the benefit of even less-obvious innovations without having to pay the cost of an inefficient monopoly grant. Needless to say, the greater the efficient standard of “non-obviousness”—the larger the logical leap it makes sense to require from “prior art” to a new innovation before that step becomes patentable—the harder it is for a non-specialist examiner to correctly apply that standard.

So there’s an irony here: As a sector becomes more innovative, as even “good” patents become less necessary and more likely to hinder rather than spur innovation on net, and as the economically efficient “non-obviousness” standard for patent issuance rises, patent examiners necessarily become less likely to be able to discriminate effectively between good and bad patents. In other words, the circumstances under which it is efficient to be granting fewer patents are the very circumstances under which patent examiners lose the ability to accurately judge “obviousness,” and therefore become more likely to grant more patents. No wonder it’s such a mess.

In early July, the bankrupt tech company Nortel put its 6,000 patents up for auction as part of a liquidation. A bidding war broke out among Silicon Valley powerhouses. Google said it wanted the patents purely to defend against lawsuits and it was willing to spend over $3 billion to get them. That wasn’t enough, though.

The portfolio eventually sold to Apple and a consortium of other tech companies including Microsoft and Ericsson. The price tag: $4.5 billion dollars. Five times the opening bid. More than double what most people involved were expecting. The largest patent auction in history.

That’s $4.5 billion on patents that these companies almost certainly don’t want for their technical secrets. That $4.5 billion won’t build anything new, won’t bring new products to the shelves, won’t open up new factories that can hire people who need jobs. That’s $4.5 billion dollars that adds to the price of every product these companies sell you. That’s $4.5 billion dollars buying arms for an ongoing patent war.

Perhaps this is an obvious point, but it’s worth dragging it out explicitly: The very existence of such massive trade in “defensive patents” is, in itself, pretty strong evidence that there’s something systematically quite wrong with the American patent system—because a patent that’s useful for “defensive” purposes is very likely to be a bad patent.

As everyone acknowledges, there’s a large deadweight loss involved in the creation of any patent system (and intellectual property more generally), because it prevents people from making free use of an intrinsically non-rivalrous good: Information. The static loss is, in theory, supposed to be outweighed by a dynamic gain: The incentives created by the patent system lead to the creation of new inventions that would never have existed but for the inventor’s ability to fully internalize the value of that invention.

But now think about how defensive patents work. Companies aren’t buying them—or buying into the services of companies like Intellectual Ventures—because they provide otherwise unavailable technical insights. The point, rather, is to acquire (or have access to) a bundle of patents that any potential litigant who sues you is likely to be “infringing” in their own products. Like nuclear weapons, the point is not to actually use them—but only to be able to threaten to use them if anyone else should deploy theirs against you.

This only works, however, if other companies are almost certain to have independently come up with the same idea. A patent that is truly so original that somebody else wouldn’t arrive at the same solution by applying normal engineering skill is useless as a defensive patent. You can’t threaten someone with a countersuit if your idea is so brilliant that your opponents—because they didn’t think of it—haven’t incorporated it in their technology. The ideal defensive patent, by contrast, is the most obvious one you can get the U.S. Patent Office to sign off on—one that competitors are likely to unwittingly “infringe,” not realizing they’ve made themselves vulnerable to legal counterattack, because it’s simply the solution a good, smart engineer trying to solve a particular problem would naturally come up with.

Needless to say, every patent granted for an idea that any number of suitably skilled engineers could have (and would have, and did) come up with is a patent that probably shouldn’t be granted—a pure deadweight loss that’s actually compounded by the squandering of resources on the “arms race,” with no compensating dynamic gain. Actually, there’s probably a dynamic loss: You end up creating a huge incentive for smart and skilled people to spend their time and energy not coming up with a brilliant idea that nobody else would have, but instead trying to be the first to put on paper ideas that are obvious (to a properly trained and up-to-date person) but haven’t been locked down yet—the solution, again, that almost any professional would have come up with once they were actually trying to implement the relevant technology. A sector where investment in defensive patents is so massive, then, is a sector where—even if some of them do genuinely add value—patents are probably doing more harm than good on net.

Update: Conveniently, via Techdirt, some empirical support for this idea comes in a new paper by Stanford law prof Mark Lemley. Rather than being produced by a lone genius who must be granted a monopoly to encourage creation of a benefit we’d otherwise do without, major innovations are typically independently arrived at by many people or groups nearly simultaneously. They are, as the saying goes, ideas whose time had come.

So, for instance, maybe I’m having a beer with a couple neighbors on my porch, a bunch of other folks are across town where a BBQ I plan to swing by later is getting into gear, and another friend is stuck in a hotel room in the Midwest on a reporting trip and doesn’t want to totally miss out. Most of us are probably talking to our co-located people, but the experience is shared without anyone having to retreat from socialization to tap at their phones. If I want to know when a critical mass of folks I know have arrived at the BBQ, there’s no need to keep checking Twitter, and no need for them to go out of their way to announce their arrival—I just notice out of the corner of my eye that folks are there and, hey, maybe it’s time to hop a bus over. Our friend in the hotel can do his work, but also perhaps welcome the occasional distraction as a friend walk by the Stargate and checks in. Could be a short-lived fad, but I think it could also be as socially normal, in the relatively near future, to have social gatherings connected by virtual windows as it is to text friends about what you’re doing.

(2) The feature most immediately likely to be useful is huddle, which facilitates more conventional text/IM style communication with a select group in a kind of mobile-friendly chat room—handy when you’re trying to coordinate plans with a dozen people.

I note though, that there may be some interesting side effects of integrating virtual social networks more closely into actual socialization. With social circles—as opposed to Circles—the boundaries are fuzzy and ad-hoc. Even among a somewhat well-defined group of friends, it’s always somewhat a matter of happenstance which particular subsets of people end up communicating and making plans on any given day. A person may gradually drift out of touch with once circle and into another in a gradual and almost imperceptible way, ideally with no hard feelings on either side.

Making it technologically easy to communicate with groups means that, for activities involving more than a relative handful of people, that technology becomes more likely to be the default mechanism of interaction. Individuals will define their own Circles, but there will be a tendency toward convergence. But these aren’t fuzzy-bordered circles, they’re Circles in which membership is really an either-or. I wonder if we won’t find ourselves feeling the need to make uncomfortably explicit, conscious decisions about who’s in the “folks I meet for drinks after work” or “always invited to parties” group—which seems rather more freighted than the question of who happened to get asked to come out for a specific round of drinks or a particular party.. People, of course, don’t see which circles anyone else has included them in, but to the extent they’re the basis of actual group interaction, it should be readily apparent to everyone quickly enough who is and isn’t part of the conversation. I’m guessing this sets up some potential awkwardness as people figure out how to navigate all that.

(3) Finally, as Mike Masnick observes, some people are already worrying about a potential privacy “loophole” in G+: Items shared with one “circle” can, by default, easily be RE-shared by the members of that circle. I agree with Mike that it’s weird to treat this as some kind of disturbing privacy violation on Google’s part: After all, in general, everything we share with one set of friends might be shared by them with others. Something you say in conversation might be repeated; a photo you e-mail can be forwarded. Normally, the solution is to ensure that your friends know when you don’t want a specific bit of informatoin shouted to the four winds.

That said, a lot of privacy has more to do with ease of information sharing than whether it’spossible, and more to do with the clarity of norms than explicit prohibitions. Someone could copy the contents of a private e-mail (or, by hand, the contents of a private letter) and forward it to hundreds of friends. But that would be both effortful and rude. If I share a photo with my “Friends” circle, I realize they could save and reupload it if there’s not sharing functionality built in… but they’d have to be big jerks (and ergo probably not “Friends”) to make the effort to do so, in particular if I’ve signaled via my settings that I don’t expect these pictures to be more widely circulated.

It’s not a question of Google “violating my privacy,” which is the unhelpful frame of stories about social networks much of the time. But what Google can do is facilitate social signalling about the information norms we expect friends, peers, and colleagues to respect. On most Twitter clients, for instance, while you can always copy-and-paste text into a retweet, the one-click retweet button is inactive for tweets from locked accounts. Obviously, that doesn’t literally prevent anyone from sharing a message on a private feed—it just means it’s hard to do it thoughtlessly, and the very fact that you’ve got to take the unusual extra step of doing it manually reminds you that, hey, your friend doesn’t actually expect this stuff to be more widely distributed. Increasingly, I think, having “good privacy practices” as a social networking site isn’t going to be so much about what the site does with your information (important as that is), or even about the literal control they give you—since “control” over information in any really strong sense is always pretty chimerical—but how fluidly and organically they allow us to establish norms and articulate expectations about how our peers will use the information they have access to.