Technologies of Governance

Yesterday’s Washington Post reports that the U.S. Patent and Trademark Office is introducing an element of peer production into their patent examination process:

The Patent and Trademark Office is starting a pilot project that will not only post patent applications on the Web and invite comments but also use a community rating system designed to push the most respected comments to the top of the file, for serious consideration by the agency’s examiners. A first for the federal government, the system resembles the one used by Wikipedia, the popular user-created online encyclopedia.

As far as I know, this is one of the first cases in which a government makes targeted use of the Internet’s new collaborative technologies. It seems to be a promising approach. For a long time, scholars and policy makers have complained about the increasing knowledge gap on part of government agencies on a rather abstract level. Now there is an active attempt at leveraging the (in many people’s opinion already rather buzzwordy) “wisdom of crowds” for better regulation.

It will be interesting to see how the decentralized review fares in practice: Will a critical mass of people participate? How susceptible is the process to gaming? And in a government context most importantly, will the system meet the normative benchmarks of the legal system, such as due process and accountability?

Beth Noveck, one of the masterminds behind the plan, addressed some of these issues in a recent paper for the U.S. context.

I wonder what other applications of recommendation systems in public policy one can imagine, especially in the European context. One idea would be to think about the problem of how to classify content that is potentially harmful to minors, a big issue in most Western European countries. A collaborative filter that generates community-specific ratings based on the reputation of raters may be just one idea to think about. It would bypass the problem of rather obscure procedures in overworked and understaffed content rating commissions and add transparency as well as – arguably – legitimacy to the process.

Perhaps it is because I don’t own a car, but I’ve always been fascinated by traffic jams. Especially at intersections, it can be great fun to watch myriads of cars, pedestrians, and cyclists approaching the bottleneck at the same time. Sometimes people get hopelessly stuck, but most of the time they somehow manage to avoid collision and move on. This is not a trivial problem: road traffic is definitely one of today’s higher-risk activities (see here and here).

What is interesting from the perspective of regulation is that there seem to be quite different mechanisms for coordinating traffic in different parts of the world. Two examples from my own experience: In my home country Germany, the default still seems to be coordination by traffic lights. The state sets rules as to who is allowed to cross the intersection at what time in what direction. Red light, stop. Green light, go. This is regulation by law, and most people abide by it – even if they are the only ones waiting at a deserted intersection in the middle of the night.

In southern Italy, my experience has been different. Traffic lights exist, but people do not seem to pay too much attention to them. Rather, they tend to slowly roll into the intersection and wait for reactions of other drivers. If the other driver slows down, this is taken as permission to cross. If not, people wait. If one driver notes that another driver cannot see her approaching, she honks. This is not regulation by law, but regulation by eye contact and honking.

Does one work better than the other?

I am not aware of any studies, but it would be interesting to know on what conditions each system depends. Isn’t the Italian way of coordinating traffic a real-world example of what others have called “peer production of governance” on the Internet? Under what circumstances does a decentralized social signaling system (eye contact and honking) trump a centralized law-based regime (traffic lights)? May it work particularly well in communications networks? And could the law do anything to foster it?

As to the latter question, Jonathan Zittrain mentioned after one of his recent lectures that Germany is gradually introducing roundabouts. As research (German only) indicates, this promises to be a big success – and an example of the law facilitating regulation by honking.

Sounds pathetic, but our blogs seem to be finally up and running again!

Sorry for the tohubohu in this space during the past couple of days. A major hardware problem knocked out the entire OII blogosphere. By now, everything should be working again. I re-added the (lost) comments from Google cache with original date stamps and hope that all your contributions are in good shape again. If not, drop me a line and I’ll take care of it. Thanks!

A PC World article about some people’s dissatisfaction with Google’s badware warnings brings up a couple of interesting questions. The story goes like this:

Some Web site operators are complaining that Google is flagging their sites as containing malicious software when they believe their sites are harmless.

At issue is an interstitial page that Google presents when a user clicks on a search result link to a site that Google believes contains malware. The page cautions users with the words “Warning – visiting this web site may harm your computer!” Google does not block access to the site, but a user must manually type in the Web site address to continue.

Website operators, who think they were flagged mistakenly and want the decision to be reviewed, can appeal by sending an e-mail to stopbadware.org*, a central clearinghouse for research on badware.

Browsing through some of the complaints on the stopbadware discussion list gives an (of course merely anecdotal) overview of what people expect from Google in this case: the right to be heard before being flagged, a fast and efficient appeals process, a fair trial for their site, and transparency about the process by which Google arrived at its decision.

This language sounds familiar to lawyers. It is the language of “due process,” a set of mostly procedural safeguards to ensure fundamental fairness whenever the government encroaches on a person’s basic rights to life, liberty, or property. As a constitutional principle, due process only applies to state action. Google, however, is a private company. So what’s the point?

The point is that, under certain circumstances, people seem to have the same normative expectations of private intermediaries as of the state. In this case, it is the perceived adjudicative power of a leading search engine, balancing competing values like freedom of speech and security in its flagging decisions. In other cases, it may be rather the legislative and executive constraints embedded in code that make people suspicious.

So even though it is crystal clear that traditional due process doctrine does not generally apply to private information intermediaries: Is there a need to translate this constitutional value into cyberspace? What would “due process” look like in the networked information economy? If it is true that we all have more of a voice on a read/write Internet, isn’t it all about transparency? Or do we need more restrictive safeguards against concentrations of power in code?

Maybe we can even learn from the law when trying to define a normative benchmark for recommendation systems like the Google badware warnings.

[* Disclaimer: Even though the OII is a co-sponsor of stopbadware.org, I am not personally involved in this project and only speak for myself.]

Doing background research on tracking technologies, I came across some interesting new ways of identifying individuals. Especially curious are techniques triggered by our increased ability to track and crunch behavioral data. At Ralf Bendrath, I found my three favorites so far:

• The way we text: Tim Grant and other forensic linguists at the University of Leicester work on something called “forensic authorship analysis“. They basically analyze the way people write text messages on their mobile phones. Apparently, these techniques already play an important role in providing evidence in criminal cases (examples here and here).

• The way we click: In a recent working paper, Balaji Padmanabhan and Yinghui Yang ask whether there is something like a “clickprint” – a unique pattern of surfing behavior based on how long you visited what websites at what time of the day and other actions. They conclude that it is in fact possible to distinguish two persons based on clickstream data, given the optimal level of aggregation as computed by their method.

• The way we walk: Researchers at GeorgiaTech work on “Human Identification at a Distance.” Their focus is on gait recognition and the way we move as an “activity-specific biometric.” They propose “a technique that recovers static body and stride parameters of subjects as they walk.” (No, they have nothing to do with these guys.)

Even though privacy advocates are likely to loose some sleep over such possibilities, one could – perhaps a bit sarcastically – argue that there is also a good side to it: it seems to become harder and harder not to be unique.

A great side effect of being a DPhil student is that you find plenty of ways to refine your procrastination techniques. Shuffling through my spam folder the other day, I noticed a new quality of spam subject lines. Many of them turned out to be surprisingly poetic:

rare second
and something
without a tenacious soul
hover in secret

Having been plagued by rather annoying attempts like “Re: Hi”, “you happy?”, and “need V#%GR@” for some time, I found this quite edifying.

As always, I am light years behind. Bloggers like Kristin Thomas, Grant Hutchinson, or Morton Hurley had picked up this trend a long time ago and received media coverage from all over the world. There even is a wikipedia entry on Spoetry as a new art form.

Nevertheless, even though these lines seem to be mainly a reaction to increasingly sophisticated spam filters, they are great fun. If you want to take up the challenge, the comment section is yours.

One of the most remarkable things about the OII is probably its diversity. Students, fellows, and faculty come from all over the world and bring their own and very special ideas. The diversity spans disciplines (read Max Loubser’s thoughts on multi- and interdisciplinary work), but also different views of how to do and present research more generally. This leads to fascinating discussions – especially for DPhil students, struggling to figure out the projects that will keep them busy for the next three years.

One aspect that strikes me as particularly interesting is the balance between down-to-earth analysis of the past and a more forward-looking (and more obviously normative) design perspective. Of course, I do not have any empirical data on the different approaches to writing a doctoral thesis in different cultures. But when I think about my western European civil-law background, there seems to be a deeply rooted belief that a doctoral thesis is first and foremost a thorough analysis of the past. This is where we get our data from, can interview people about, and do extensive literature reviews on. To qualify as scholarly, a thesis has to meet at least one of these criteria, fill a gap in the existing literature, and eventually culminate in a “big book” (as opposed to a series of papers). There may be a reference to future developments and policy implications, but it is normally well hidden in the last couple of pages before the conclusion.

No doubt, there is a lot of value in this approach. But maybe doing research in dynamic fields like the Internet sometimes requires an even more forward-looking perspective: how much of a design perspective can a thesis shoulder? Is scenario writing a viable research method? As to presentation, how much story telling and anecdotal evidence makes a thesis comprehensible without risking its credibility in traditional academic settings? Where is the line between science and science fiction?

If this sounds too abstract, try to think about the following question: would Lessig’s Code, and Other Laws of Cyberspace have been accepted as a doctoral thesis at your university?

So this is my brand new research blog. Frankly, it took me some time to get started. I’ve always been a bit timid about blogging myself. But now that my wonderful new colleagues at the OII forced provided me with the once-in-a-lifetime opportunity to share my thoughts online, I just couldn’t resist.

Hopefully, some of you will take an interest and comment. So fire up your RSS readers and keep in touch!