So, when I speak in places where the first lan­guage of the nation is not English, there is a dis­claimer and an apol­o­gy, because I am one of nature’s fast talk­ers. When I was at the United Nations at the World Intellectual Property Organization, I was known as the scourge of the simul­ta­ne­ous trans­la­tion corps. I would stand up and speak and turn around, and there would be win­dow after win­dow of trans­la­tor. And every one of them would be doing this. [places face in hand] So in advance, I give you per­mis­sion when I start talk­ing quick­ly to do this [waves hands in air] and I will slow down. 

So, tonight’s talk is not a copy­right talk. I do copy­right talks all the time. Questions about cul­ture and cre­ativ­i­ty are inter­est­ing enough, but to be hon­est I’m quite sick of them. If you want to hear free­lancer writ­ers like me bang on about what’s hap­pen­ing to the way we earn our liv­ing, by all means go and find one of the many talks I’ve done on this sub­ject on YouTube. But tonight I want to talk about some­thing more impor­tant. I want to talk about gen­er­al pur­pose com­put­ers. Because gen­er­al pur­pose com­put­ers are in fact astound­ing. So astound­ing that our soci­ety is still strug­gling to come to grips with them. To fig­ure out what they’re for. To fig­ure out how to accom­mo­date them and how to cope with them. Which, unfor­tu­nate­ly, brings me back to copy­right.

Because the gen­er­al shape of the copy­right wars and the lessons they can teach us about the upcom­ing fights over the des­tiny of the gen­er­al pur­pose com­put­er are impor­tant. In the begin­ning, we had pack­aged soft­ware and the atten­dant indus­try, and we had Sneakernet. So we had flop­py disks in Ziploc bags, or in card­board box­es, hung on pegs in shops and sold like can­dy bars and mag­a­zines. And they were emi­nent­ly sus­cep­ti­ble to dupli­ca­tion, and so they were dupli­cat­ed quick­ly and wide­ly, and this was to the great cha­grin of peo­ple who made and sold soft­ware.

Enter DRM 0.96. They start­ed to intro­duce phys­i­cal defects to the disks, or start­ed to insist on oth­er phys­i­cal indi­cia which the soft­ware could check for. Dongles, hid­den sec­tors, challenge/response pro­to­cols that required that you had phys­i­cal pos­ses­sion of large, unwieldy man­u­als that were dif­fi­cult to copy. And of course these failed, for two rea­sons. First, they were com­mer­cial­ly unpop­u­lar of course, because they reduced the use­ful­ness of the soft­ware to the legit­i­mate pur­chasers, while leav­ing the peo­ple who took the soft­ware with­out pay­ing for it untouched. The legit­i­mate pur­chasers resent­ed the non-functionality of their back­ups. They hat­ed the loss of scarce ports to the authen­ti­ca­tion don­gles. And they resent­ed the incon­ve­nience of hav­ing to trans­port large man­u­als when they want­ed to run their soft­ware.

And sec­ond, these didn’t stop pirates, who found it triv­ial to patch the soft­ware and bypass authen­ti­ca­tion. Typically, the way that hap­pened is some expert who had pos­ses­sion of tech­nol­o­gy and exper­tise of equiv­a­lent sophis­ti­ca­tion to the soft­ware ven­dor itself, would reverse engi­neer the soft­ware and release cracked ver­sions that quick­ly became wide­ly cir­cu­lat­ed. While this kind of exper­tise and tech­nol­o­gy sound­ed high­ly spe­cial­ized, it real­ly wasn’t. Figuring out what recal­ci­trant pro­grams were doing, and rout­ing around the defects in shit­ty flop­py disk media were both core skills for com­put­er pro­gram­mers, and were even more so in the era of frag­ile flop­py disks and the rough-and-ready ear­ly days of soft­ware devel­op­ment. Anti-copying strate­gies only became more fraught as net­works spread. Once we had BBSes, online ser­vices, Usenet news­groups, and mail­ing lists, the exper­tise of peo­ple who fig­ured out how to defeat these authen­ti­ca­tion sys­tems could be pack­aged up in soft­ware and passed around as lit­tle crack files, or as the net­work capac­i­ty increased, the cracked disk images or exe­cuta­bles them­selves could be spread on their own.

Which gave us DRM 1.0. By 1996, it became clear to every­one in the halls of pow­er that there was some­thing impor­tant about to hap­pen. We were about to have an infor­ma­tion econ­o­my, what­ev­er the hell that was. They assumed it meant an econ­o­my where we bought and sold infor­ma­tion. Now, infor­ma­tion tech­nol­o­gy makes things effi­cient, so imag­ine the mar­kets that an infor­ma­tion econ­o­my would have. You could buy a book for a day. You could sell the right to watch the movie for one euro. And then you could rent out the pause but­ton at one pen­ny per sec­ond. You could sell movies for one price in one coun­try, and anoth­er price in anoth­er, and so on, and so on. The fan­tasies of those days were a lit­tle like a bor­ing sci­ence fic­tion adap­ta­tion of the Old Testament book of Numbers, a kind of tedious enu­mer­a­tion of every per­mu­ta­tion of things peo­ple do with infor­ma­tion, and the ways we could charge them for it. 

But none of this would be pos­si­ble unless we could con­trol how peo­ple use their com­put­ers and the files that we trans­fer to them. After all, it was well and good to talk about sell­ing some­one the twenty-four hour right to a video, or the right to move music onto an iPod, but not the right to move music from the iPod onto anoth­er device. But how the hell could you do that once you’d giv­en them the file? 

In order to do that, to make this work, you need­ed to fig­ure out how to stop com­put­ers from run­ning cer­tain pro­grams and inspect­ing cer­tain files and process­es. For exam­ple, you could encrypt the file, and then require the user to run a pro­gram that only unlocked the file under cer­tain cir­cum­stances. But as they say on the Internet, now you have two prob­lems. You also now have to stop the user from sav­ing the file while it’s in the clear, and you have to stop the user from fig­ur­ing out where the unlock­ing pro­gram stores its keys, because if the user finds the keys she’ll just decrypt the file and throw away that stu­pid play­er app.

And now you have three prob­lems. Because now you have to stop the users who fig­ure out how to ren­der the file in the clear from shar­ing it with oth­er users. And now you’ve got four prob­lems. Because now you have to stop the users who fig­ure out how to extract secrets from unlock­ing pro­grams from telling oth­er users how to do it, too. And now you’ve got five prob­lems. Because now you have to stop users who fig­ure out how to extract secrets from unlock­ing pro­grams from telling oth­er users what the secrets were. That’s a lot of prob­lems.

But by 1996, we had a solu­tion. We had the WIPO Copyright Treaty, passed by the United Nations World Intellectual Property Organization, which cre­at­ed laws that made it ille­gal to extract secrets from unlock­ing pro­grams. And it cre­at­ed laws that made it ille­gal to extract media clear­t­exts from the unlock­ing pro­grams while they were run­ning. And it cre­at­ed laws that made it ille­gal to tell peo­ple how to extract secrets from unlock­ing pro­grams. And it cre­at­ed laws that made it ille­gal to host copy­right­ed works, and secrets, and all with a handy stream­lined process that let you remove stuff from the Internet with­out hav­ing to screw around with lawyers and judges and all that crap.

And with that, ille­gal copy­ing end­ed for­ev­er [laugh­ter], the infor­ma­tion econ­o­my blos­somed into a beau­ti­ful flower that brought pros­per­i­ty to the whole wide world. As they say on the air­craft car­ri­ers, Mission accom­plished”. [laugh­ter]

Well, of course that’s not how the sto­ry ends, because pret­ty much any­one who under­stood com­put­ers and net­works under­stood that while these laws would cre­ate more prob­lems than they could pos­si­bly solve. After all, these were laws that made it ille­gal to look inside your com­put­er when it was run­ning cer­tain pro­grams. They made it ille­gal to tell peo­ple what you found when you looked inside your com­put­er. They made it easy to cen­sor mate­r­i­al on the Internet with­out hav­ing to prove that any­thing wrong had hap­pened. In short, they made unre­al­is­tic demands on real­i­ty and real­i­ty did not oblige them. 

After all, copy­ing only got eas­i­er fol­low­ing the pas­sage of these laws. Copying will only ever get eas­i­er. Here, 2011, this is as hard as copy­ing will get! Your grand­chil­dren will turn to you around the Christmas table and say, Tell me again, Grandpa. Tell me again, Grandma, about when it was hard to copy things in 2011. When you couldn’t get a dri­ve the size of your fin­ger­nail that could hold every song ever record­ed, every movie ever made, every word ever spo­ken, every pic­ture ever tak­en, every­thing, and trans­fer it in such a short peri­od of time you didn’t even notice it was doing it. Tell us again when it was so stu­pid­ly hard to copy things back in 2011.”

And so, real­i­ty assert­ed itself, and every­one had a good laugh over how fun­ny our mis­con­cep­tions were when we entered the 21st cen­tu­ry and then a last­ing peace was reached with free­dom and pros­per­i­ty for all.

Well, not real­ly. Because, like the nurs­ery rhyme lady who swal­lows a spi­der to catch a fly, and has to swal­low a bird to catch the spi­der, and a cat to catch the bird, and so on, so must a reg­u­la­tion that has broad gen­er­al appeal but is dis­as­trous in its imple­men­ta­tion beget a new reg­u­la­tion aimed at shoring up the fail­ure of the old one.

Now, it’s tempt­ing to stop the sto­ry here and con­clude that the prob­lem is that law­mak­ers are either clue­less or evil, or pos­si­bly evil­ly clue­less, and just leave it there, which is not a very sat­is­fy­ing place to go because it’s fun­da­men­tal­ly a coun­sel of despair. It sug­gests that our prob­lems can­not be solved for so long as stu­pid­i­ty and evil­ness are present in the halls of pow­er, which is to say they will nev­er be solved. 

But I have anoth­er the­o­ry about what’s hap­pened. It’s not that reg­u­la­tors don’t under­stand infor­ma­tion tech­nol­o­gy. Because it should be pos­si­ble to be a non-expert and still make a good law. MPs and con­gress­men and so on are elect­ed to rep­re­sent dis­tricts and peo­ple, not dis­ci­plines and issues. We don’t have a mem­ber of Parliament for bio­chem­istry, and we don’t have a sen­a­tor from the great state of urban plan­ning, and we don’t have an MEP from child wel­fare. But per­haps we should. And yet those peo­ple who are experts in pol­i­cy and pol­i­tics, not tech­ni­cal dis­ci­plines, nev­er­the­less often do man­age to pass good rules that make sense. And that’s because gov­ern­ment relies on heuris­tics, rules of thumb about how to bal­ance out expert input from dif­fer­ent sides of an issue.

But infor­ma­tion tech­nol­o­gy con­founds these heuris­tics. It kicks the crap out of them in one impor­tant way, and this is it: one impor­tant test of whether or not a reg­u­la­tion is fit for pur­pose is first whether, of course, it will work, but sec­ond of all whether or not in the course of doing its work it will have lots of effects on every­thing else. If I want­ed Congress or Parliament to write, or the EU to reg­u­late, a wheel, it’s unlike­ly I’d suc­ceed. If I turned up and said, Well, every­one knows wheels are good and right. But have you noticed that every sin­gle bank rob­ber has four wheels on his car when he dri­ves away from the bank rob­bery? Can’t we do some­thing about this?” The answer would of course be no. Because we don’t know how to make a wheel that is still gen­er­al­ly use­ful for legit­i­mate wheel appli­ca­tions but use­less to bad guys. And we can all see that the gen­er­al ben­e­fits of wheels are so pro­found that we’d be fool­ish to risk them in a fool­ish errand to stop bank rob­beries by chang­ing wheels. Even if there were an epi­dem­ic of bank rob­beries, even if soci­ety were on the verge of col­lapse thanks to bank rob­beries, no one would think that wheels were the right place to start solv­ing our prob­lems.

But, if I were to show up in that same body to say that I had absolute proof that hands-free phones were mak­ing cars dan­ger­ous, and I said, I would like you to pass a law that says it’s ille­gal to put a hands-free phone in a car,” the reg­u­la­tor might say, Yeah, I take your point. We’ll do that.” And we might dis­agree about whether or not this is a good idea or whether or not my evi­dence made sense, but very few of us would say, Well, once you take the hands-free phones out of the car, they stop being cars.” We under­stand that we can keep cars cars even if we remove fea­tures from them. Cars are special-purpose, at least in com­par­i­son to wheels, and all that the addi­tion of a hands-free phone does is add one more fea­ture to an already spe­cial­ized tech­nol­o­gy.

In fact, there’s that heuris­tic that we can apply here. Special-purpose tech­nolo­gies are com­plex. And you can remove fea­tures from them with­out doing fun­da­men­tal dis­fig­ur­ing vio­lence to their under­ly­ing util­i­ty. This rule of thumb serves reg­u­la­tors well by and large, but it is ren­dered null and void by the general-purpose com­put­er and the general-purpose net­work, the PC and the Internet. Because if you think of com­put­er soft­ware as a fea­ture, that is a com­put­er with spread­sheets run­ning on it has a spread­sheet fea­ture, and one that’s run­ning World of Warcraft has an MMORPG fea­ture, then this heuris­tic leads you to think that you could rea­son­ably say, Make me a com­put­er that doesn’t run spread­sheets,” and that it would be no more of an attack on com­put­ing than, Make me a car with­out a hands-free phone” is an attack on cars.

And if you think of pro­to­cols and sites as fea­tures of the net­work, then say­ing, Fix the Internet so that it doesn’t run BitTorrent,” or, Fix the Internet so that thep​i​rate​bay​.org no longer resolves,” it sounds a lot like Change the sound of busy sig­nals,” or, Take that pizze­ria on the cor­ner off the phone net­work,” and not like an attack on the fun­da­men­tal prin­ci­ples of inter­net­work­ing.

Not real­iz­ing that this rule of thumb that works for cars and hous­es and every oth­er sub­stan­tial area of tech­no­log­i­cal reg­u­la­tion fails for the Internet does not make you evil and it does not make you an igno­ra­mus. It just makes you part of that vast major­i­ty of the world for whom ideas like Turing com­plete” and end-to-end” are mean­ing­less. So our reg­u­la­tors go off and they blithe­ly pass these laws, and they become part of the real­i­ty of our tech­no­log­i­cal world.

There are sud­den­ly num­bers that we aren’t allowed to write down on the Internet, pro­grams we’re not allowed to pub­lish. And all it takes to make legit­i­mate mate­r­i­al dis­ap­pear from the Internet is to say, That? That infringes copy­right.” It fails to attain the actu­al goal of the reg­u­la­tion. It doesn’t stop peo­ple from vio­lat­ing copy­right, but it bears a kind of super­fi­cial resem­blance to copy­right enforce­ment. It sat­is­fies the secu­ri­ty syl­lo­gism. Something must be done; I am doing some­thing; some­thing has been done. And thus, any fail­ures that arise can be blamed on the idea that the reg­u­la­tion doesn’t go far enough rather than the idea that it was flawed from the out­set.

This kind of super­fi­cial resem­blance and under­ly­ing diver­gence hap­pens in oth­er engi­neer­ing con­texts. I have a friend who was once a senior exec­u­tive at a big con­sumer pack­aged goods com­pa­ny who told me about what hap­pened when the mar­ket­ing depart­ment told the engi­neers that they’d thought up a great idea for deter­gent. From now on, they were going to make deter­gent that made your clothes new­er every time you washed them. 

Well, after the engi­neers had tried unsuc­cess­ful­ly to con­vey the con­cept of entropy to the mar­ket­ing depart­ment, they arrived at anoth­er solu­tion. (“Solution.”) They devel­oped a deter­gent that used enzymes that attacked loose fiber ends, the kind that you get with bro­ken fibers that make your clothes look old. So every time you washed your clothes in the deter­gent, they would look new­er, but that was because the deter­gent was lit­er­al­ly digest­ing your clothes. Using it would cause your clothes to lit­er­al­ly dis­solve in the wash­ing machine. This was the oppo­site of mak­ing clothes new­er. Instead, you were arti­fi­cial­ly aging your clothes every time you washed them. And as a user, the more you deployed the solu­tion,” the more dras­tic your mea­sures had to be to keep your
clothes up to date. You actu­al­ly had to go buy new clothes because the old ones fell apart.

So today we have mar­ket­ing depart­ments who say things like, We don’t need com­put­ers, we need…appliances. Make me a com­put­er that doesn’t run every pro­gram, just a pro­gram that does this spe­cial­ized task like stream­ing audio or rout­ing pack­ets or play­ing Xbox games. And make sure it doesn’t run pro­grams that I haven’t autho­rized that might under­mine our prof­its.” And on the sur­face, this seems like a rea­son­able idea. Just a pro­gram that does one spe­cial­ized task. After all, we can put an elec­tric motor in a blender, and we can install a motor in a dish­wash­er, and we don’t wor­ry whether it’s still pos­si­ble to run a dish­wash­ing pro­gram in a blender.

But that’s not what we do when we turn a com­put­er into an appli­ance.” We’re not mak­ing a com­put­er that runs only the appli­ance” app. We’re mak­ing a com­put­er that can run every pro­gram, but which uses some com­bi­na­tion of rootk­its, spy­ware, and code-signing to pre­vent the user from know­ing which process­es are run­ning, from installing her own soft­ware, and from ter­mi­nat­ing process­es that she doesn’t want. In oth­er words, an appli­ance is not a stripped-down com­put­er. It is a fully-functional com­put­er with spy­ware on it out of the box. [applause] Thanks. 

Because we don’t know how to build the gen­er­al pur­pose com­put­er that is capa­ble of run­ning any pro­gram we can com­pile except for some pro­gram that we don’t like, or that we pro­hib­it by law, or that los­es us mon­ey. The clos­est approx­i­ma­tion we have to this is a com­put­er with spy­ware. A com­put­er on which remote par­ties set poli­cies with­out the com­put­er user’s knowl­edge, over the objec­tion of the computer’s own­er. And so it is that dig­i­tal rights man­age­ment always con­verges on mal­ware.

There was of course this famous inci­dent, a kind of gift to peo­ple who have this hypoth­e­sis, in which Sony loaded covert rootk­it installers on six mil­lion audio CDs, which secret­ly exe­cut­ed pro­grams that watched for attempts to read the sound files on CDs and ter­mi­nat­ed them, and which also hid the rootkit’s exis­tence by caus­ing the ker­nel to lie about which process­es were run­ning, and which files were present on the dri­ve.

But it’s not the only exam­ple. Just recent­ly, Nintendo shipped the 3DS, which oppor­tunis­ti­cal­ly updates its firmware and does an integri­ty check to make sure that you haven’t altered the old firmware in any way. And if it detects signs of tam­per­ing, it bricks itself.

Human rights activists have raised alarms over UEFI, the new PC boot­loader that restricts your com­put­er so it runs signed oper­at­ing sys­tems, not­ing that repres­sive gov­ern­ments will like­ly with­hold sig­na­tures from OSes unless they have covert sur­veil­lance oper­a­tions.

And on the net­work side, attempts to make a net­work that can’t be used for copy­right infringe­ment always con­verges with the sur­veil­lance and con­trol mea­sures that we know from repres­sive gov­ern­ments. So, SOPA, the American US Stop Online Piracy Act, bans tools like DNSSEC because they can be used to defeat DNS-blocking mea­sures. And it bans tools like Tor, because they can be used to cir­cum­vent IP-blocking mea­sures. In fact, the pro­po­nents of SOPA, the Motion Picture Association of America, cir­cu­lat­ed a memo cit­ing research that SOPA would prob­a­bly work, because it uses the same mea­sures as are used in Syria, China, and Uzbekistan. And they argued that these mea­sures are effec­tive in those coun­tries, and so they would work in America, too. [applause] Don’t applaud me, applaud the MPAA.

Now, it may seem like SOPA is the end game in a long fight over copy­right and the Internet, and it may seem like if we defeat SOPA, we’ll be well on our way to secur­ing the free­dom of PCs ad net­works. But as I said at the begin­ning of this talk, this isn’t about copy­right. Because the copy­right wars are just the 0.9 beta ver­sion of the long com­ing war on com­pu­ta­tion. The enter­tain­ment indus­try were just the first bel­liger­ents in this com­ing century-long con­flict. We tend to think of them as par­tic­u­lar­ly suc­cess­ful. After all, here is SOPA, trem­bling on the verge of pas­sage, break­ing the Internet on this fun­da­men­tal lev­el in the name of pre­serv­ing Top 40 music, real­i­ty TV shows, and Ashton Kutcher movies.

But the real­i­ty is that copy­right leg­is­la­tion gets as far as it does pre­cise­ly because it’s not tak­en seri­ous­ly. Which is why on one hand Canada has had Parliament after Parliament intro­duce one stu­pid copy­right law after anoth­er. But on the oth­er hand, Parliament after Parliament has failed to actu­al­ly vote on the bill. It’s why we got SOPA, a bill com­posed of pure stu­pid, pieced togeth­er mol­e­cule by mol­e­cule into a kind of Stupidite 250 that is nor­mal­ly only found in the heart of a new­born star. 

And it’s why the rushed-through SOPA hear­ings had to be adjourned mid­way through the Christmas break so that law­mak­ers could get into a real vicious, nationally-infamous debate over an impor­tant issue, unem­ploy­ment insur­ance. It’s why the World Intellectual Property Organization is gulled time and again into enact­ing crazed, pig-ignorant copy­right pro­pos­als. Because when the nations of the world send their UN mis­sions to Geneva, they send water experts, not copy­right experts. They send health experts, not copy­right experts. They send agri­cul­ture experts, not copy­right experts. Because copy­right is just not impor­tant to pret­ty much every­one. [applause]

Canada’s Parliament didn’t vote on its copy­right bills because of all the things that Canada needs to do, fix­ing copy­right ranks well below resolv­ing health emer­gen­cies on First Nations reser­va­tions, exploit­ing the oil patch in Alberta, inter­ced­ing in sec­tar­i­an resent­ments among French and English-speakers, solv­ing resource crises in the nation’s fish­eries, and a thou­sand oth­er issues. The triv­i­al­i­ty of copy­right tells you that when oth­er sec­tors of the econ­o­my start to evince con­cerns about the Internet and the PC, that copy­right will be revealed for a minor skir­mish and not a war. 

Why would oth­er sec­tors nurse grudges against com­put­ers? Well, because the world we live in today is made of com­put­ers. We don’t have cars any­more, we have com­put­ers we ride in. We don’t have air­planes any­more, we have fly­ing Solaris box­es with a big buck­et­ful of SCADA con­trollers. A 3D print­er is not a device. It’s a periph­er­al, and it only works con­nect­ed to a com­put­er. A radio is no longer a crys­tal. It’s a general-purpose com­put­er with a fast ADC and a fast DAC and some soft­ware. The griev­ances that arose from unau­tho­rized copy­ing are triv­ial when com­pared to the calls for action that our new computer-embroidered real­i­ty will cre­ate.

Think of radio for a minute. The entire basis for radio reg­u­la­tion up until today was based on the idea that the prop­er­ties of a radio are fixed at the time of man­u­fac­ture and can’t be eas­i­ly altered. You can’t just flip a switch on your baby mon­i­tor and turn it into some­thing that inter­feres with air traf­fic con­trol sig­nals. But pow­er­ful software-defined radios can change from baby mon­i­tor to emer­gency ser­vices dis­patch­er to air traf­fic con­troller, just by load­ing and exe­cut­ing dif­fer­ent soft­ware. Which is why the first time the American tele­coms reg­u­la­tor, the FCC, con­sid­ered what would hap­pen when we put SDRs in the field, they asked for com­ment on whether it should man­date that all software-defined radios should be embed­ded in trust­ed com­put­ing machines. Ultimately, whether every PC should be locked so that the pro­grams they run are strict­ly reg­u­lat­ed by cen­tral author­i­ties.

And even this is a shad­ow of what is to come. After all, this was the year in which we saw the debut of open-sourced shape files for con­vert­ing AR-15s to full auto­mat­ic. This was the year of crowd­fund­ed open-sourced hard­ware for gene sequenc­ing. And while 3D print­ing will give rise to plen­ty of triv­ial com­plaints, there will be judges in the American South and mul­lahs in Iran who will lose their minds over peo­ple in their juris­dic­tion print­ing out sex toys. The tra­jec­to­ry of 3D print­ing will most cer­tain­ly raise real griev­ances, from solid-state meth labs, to ceram­ic knives.

And it doesn’t take a sci­ence fic­tion writer to under­stand why reg­u­la­tors might be ner­vous about the user-modifiable firmware on self-driving cars, or lim­it­ing inter­op­er­abil­i­ty for avi­a­tion con­trollers, or the kind of thing you could do with bio-scale assem­blers and sequencers. Imagine what will hap­pen the day that Monsanto deter­mines that it’s real­ly, real­ly impor­tant to make sure that com­put­ers can’t exe­cute pro­grams that cause spe­cial­ized periph­er­als to out­put organ­isms that eat their lunch, lit­er­al­ly.

Regardless of whether you think these are real prob­lems or mere­ly hys­ter­i­cal fears, they are nev­er­the­less the province of lob­bies and inter­est groups that are far more influ­en­tial than Hollywood and Big Content are on their best day, and every one of them will arrive at the same place. Can’t you just make us a general-purpose com­put­er that runs all the pro­grams except for the ones that scare and anger us? Can’t you just make us an Internet that trans­mits any mes­sage over any pro­to­col between any two points, unless it upsets us?” And per­son­al­ly, I can see that there will be pro­grams that run on general-purpose com­put­ers and periph­er­als that will even freak me out. So I can believe that peo­ple who advo­cate for lim­it­ing general-purpose com­put­ers will find recep­tive audi­ences for their posi­tions.

But just as we saw with the copy­right wars, ban­ning cer­tain instruc­tions or pro­to­cols or mes­sages, will be whol­ly inef­fec­tive as a means of pre­ven­tion and rem­e­dy. And as we saw in the copy­right wars, all attempts at con­trol­ling PCs will con­verge on rootk­its. All attempts at con­trol­ling the Internet will con­verge on sur­veil­lance and cen­sor­ship. Which is why all this stuff mat­ters. Because we’ve spent the last ten-plus years as a body send­ing our best play­ers out to fight what we thought was the final boss at the end of the game, but it
turns out it’s just been the mini-boss at the end of the lev­el.

And the stakes are only going to get high­er. As a mem­ber of the Walkman gen­er­a­tion, I have made peace with the fact that I will require a hear­ing aid long before I die. And of course, it won’t be a hear­ing aid. It will be a com­put­er I put in my body. So when I get into a car (a com­put­er I put my body into), with my hear­ing aid (a com­put­er I put inside my body), I want to know that these tech­nolo­gies are not designed to keep secrets from me and to pre­vent me from ter­mi­nat­ing process­es on them that work against my inter­ests. [applause] Thank you.

So last year, the Lower Merion School District, in a middle-class, afflu­ent sub­urb of Philadelphia found itself in a great deal of trou­ble, because it was caught dis­trib­ut­ing PCs to its stu­dents equipped with rootk­its that allowed for remote covert sur­veil­lance through the computer’s cam­era and net­work con­nec­tion. It tran­spired that they had been pho­tograph­ing stu­dents thou­sands of times, at home and at school, awake and asleep, dressed and naked. Meanwhile, the lat­est gen­er­a­tion of law­ful inter­cept tech­nol­o­gy can covert­ly oper­ate cam­eras, mics, and GPSes on PCs, tablets, and mobile devices. Freedom in the future will require us to have the capac­i­ty to mon­i­tor our devices and set mean­ing­ful pol­i­cy on them, to exam­ine and ter­mi­nate the process­es that run on them, to main­tain them as hon­est ser­vants to our will, and not as trai­tors and spies work­ing for crim­i­nals, thugs, and con­trol freaks. 

And we haven’t lost yet, but we have to win the copy­right wars to keep the Internet and the PC free and open. Because these are the matériel in the wars that are to come. We won’t be able to fight on with­out them. And I know this sounds like a coun­sel of despair. But as I said, these are ear­ly days. We have been fight­ing the mini-boss, and that means great chal­lenges are yet to come. But like all good lev­el design­ers, fate has sent us a soft tar­get to train our­selves on. We have a chance, a real chance, and if we sup­port open and free sys­tems and the orga­ni­za­tions that fight for them—EFF, Bits of Freedom, EDRi, [Org?] , CCC, Netzpolitik, La Quadrature du Net, and all the oth­ers who are thank­ful­ly too numer­ous to name here—we may yet win the bat­tle, and secure the ammu­ni­tion we’ll need for the war. Thank you.


Cory Doctorow: So, either questions or long rambling statements followed by, "What do you think of that?" Any questions?

Audience 1: So if you game this out all the way to the end, you end up with a situation where either the censorship people have to outlaw von Neuman and Harvard architectures and replace them with something that's not a universal Turing machine… Or they lose, full stop. And there's a big spectrum in between the two. Don't let me distract from that. I'm not talking about the very very last bastion line of freedom there. Do you think a bunch of assholes that don't even understand how DNS works are going to be willing to shoot themselves in the foo—are going to be going to shoot themselves in the head that hard?

Doctorow: So, I guess my answer is that the fact that there's no such thing as witchcraft didn't stop them from burning a lot of witches, right?

Audience 1: Right, right.

Doctorow: So by the same token, I think the ineffectiveness of the remedy is actually even worse for us, right. Because this is like the five-year plan that produces no wheat, that yields an even more drastic five-year plan that also produces no corn. I mean, this will make them angrier and cause them to expand the scope of the regulation. You know, "the beatings will continue until morale improves" as the t-shirt goes, right. That's actually my worry. I think if they saw some success they might actually back off. The fact that this will be a dismal failure over and over and over again, the fact that terrorists will continue to communicate terrorist messages, and child pornographers will continue to communicate child pornographic messages and so on will, just make them try harder at ineffective remedies.

Audience 1: Yeah. I mean, a specialized Turing machine on an ASIC is actually really really hard. Because you have to make one for every application, and that sucks.

Doctorow: Yeah. So again, I don't think they are going to ban general purpose computers. I think what they're going to do is they're going to say, "We want more spyware in computers. We want more UEFI." And not just UEFI that helps you detect spyware but UEFI where the signing is controlled by third parties, and you don't have an easy owner override, and all the rest of it. I think that that's going to be the trajectory of this stuff, not, "Gosh that stupid policy that we pursued at great expense for ten years was a complete failure. We should admit it and move on." I think that the answer is going to be, "Oh my god. Look at what idiots we looked like. We can't possibly admit defeat." You know, see: the War on Drugs.

Moderator: We've actually got quite a bit of time here so long, rambling statements are cool. So, next question.

Audience 2: Regarding the recent initative by a big software company to promote to secure boot on UEFI, do you think that personal computers will arrive like the situation on the PlayStation or platforms soon? And do think that we'll have some means to counterattack or to…

Doctorow: Yeah, so the question is really is UEFI going to be a means of freezing out alternative operating systems on the desktop? And I kind of feel like kind of…technocratic, well-educated, Western, Northern, middle-class people are always going to be able to figure out how to get around this stuff. What I'm more concerned about, not least because I think organizations like the FTC will probably object pretty strenuously unless there's…you know, you can take the lid off and press a little red button to reset UEFI, which is what they're talking about now. But I think it's way more likely that repressive governments are going to say, "Any boards that are imported into our country," which will be most of them, not all of them, but most of them, "will have to only run OSes signed by our certificate authority, and our certificate authority will say unless you've got spyware you can't import the machine."

Audience 2: But do think it will be illegal to reverse engineer, for example to defeat the secure boot—

Doctorow: I mean, that's an an interesting question. I kind of put that to some people who were involved in the Software Freedom Law Center, where they've been working on this. And my feeling is that that would be the right kind of stupid law. Because it would be one that I think is pretty coherent with existing free speech and code questions like Bernstein and so on. And it would probably actually knock back anti-circumvention provisions in most places where you tried it. I think that that would be the kind of case we could maybe win, as opposed to some of the harder ones. So yeah, I'm not super worried about that, I'm moderately worried. I think if you are worried, the right place to go is the Software Freedom Law Center. This is their big issue for the year. So, they need your donations, it's the end of the year.

Audience 3: Hi. Don't you think that after the dust settles of all this idiocy over the Internet, that in the end it will be something like the law of the sea? That you have exclusive economic zones where some states and policymakers will run wild with spyware and everything. And then you have a more or less lawless common zone, where there's absolute freedom because not only the individuals will need them but also companies, in the end, and everyone else?

Doctorow: Well, I guess companies don't need lots of freedom if all you want is incumbents to stay where they are, right. I mean, that was the thing that freaks everyone out about Singapore, is that there is this doctrine that said free markets brought freedom. And one always led to the other, and one required the other, and Singapore showed you that you could actually have vibrant, thriving markets that also didn't have any kind of freedom and where you could have serious regulation. China, too, I think.

So I don't know that the kind of historical forces you're describing, you know, companies will demand freedom therefore we will have lawless zones, are necessarily true. I think if there's one thing companies generally want, it's monopoly not freedom. It's lots of regulation that gores everyone else's ox and supports their own business model. That's always been the case.

Audience 3: And on an organizational idea, that you say, sort of in an international law perspective, let's say. A treaty of digital high seas? Something like that?

Doctorow: I guess that the difference is that the Internet's not the ocean, right. Things that happen in the middle of the Pacific Ocean, their light cone, to borrow some physics jargon here, the light cone may never in fact reach shore. And if it does, it could take a very long time, especially when the "law of the seas" was being countenanced, when it take weeks and months.

The Internet's more like a web, right, where everything that trembles on the web makes the whole web shake. And so the fact that something is happening in the "lawless zone" is unlikely to have no intersection with what's happening in the lawful zones. I don't know that that's a great answer. I think maybe laws that respect freedom everywhere that we can get them and using the Internet to try to expand that sphere might be a better way to go.

Audience 4: The problem I see that is that we're looking at a system that is getting more and more complex but more and more broken on the way, too. And not just the Internet but everything. The production of goods of big companies; we have two produces of CPUs, and maybe seven who produce memory. And so if Intel or AMD decide okay, we just ship every product we make with UEFI, with signed firmware, we're fucked.

So the problem is that we are as humanity not able to produce goods that we understand and we can use as we want. So I think that the effort we should really put on distributing networks and building our own hardware, because we have the Internet, but nowadays 99.9% of the population think the Web is the Internet, and they think Facebook is the best thing that was invented in human existence. So we have to really break things down much more again and try to put out open source solutions for every problem. I know this is a lot of effort and not really convenient because you don't have this great integration that Apple will bring you, but yeah maybe just as a thought.

Doctorow: Well, I think that the thing about Facebook is that it works incredibly well, it just fails very badly. So all the things that it's good at, it's really good at. But when it fails, it destroys your personal life or it allows all of your friends to be rounded up by the Syrian secret police and tortured and murdered or whatever, right. I mean, there's lots of ways in which Facebook is unfit for purpose.

But we have to understand why people use it. They use it because it works well. And if we want to convince people that proprietary or difficult technologies are likely to bite them in the ass in the future, we have to convey to them its failure modes. And that's the tricky thing. And of course this is not a new problem to computers, although maybe the stakes are a little higher. This is the problem with smoking, right? If you got cancer as soon as you put the cigarette in your mouth, no one would put a second cigarette in their mouth.

I smoked for half my life. When I went to quit, my doctor said, "You need a better reason than not getting cancer in thirty years, because next week when you crave a cigarette, not getting cancer in thirty years won't keep you warm at night." And what I actually did was I realized that I was spending two laptops a year on cigarettes. And so I just said I'll buy myself a laptop every year from now on if I give up smoking, and I did. And that kind of helped.

But we need to help people understand— The problem that I find is that we tend to attack people on the upside. We say, "Oh, Apple's integration isn't as good as you think it is." Or, "Facebook isn't as entertaining as you feel like it is." And in fact, both of those, they are. I think what we need to convey is all the ways in which it fails that are not immediately obvious at the outset. And that's a hard problem.

Moderator: Here we have another question from the mighty Internets. Can you please say something about the difference between Europe and the USA, and if there is something of a feedback loop in driving each other in the wrong direction?

Doctorow: So the question is the feedback loop between America and Europe, or the USA and Europe, and what direction they go. And I mean, obviously there is this transatlantic table tennis in terms of copyright that we've had before where you get term extension, an extension of the length of copyright in America and then Europe has to "harmonize" with America by extending its copyright even longer than America's. And then America has to "harmonize" with Europe to make its copyright longer than Europe's, and so on.

But increasingly, the way that that kind of stuff happens is in these really secretive and sinister treaty negotiations like ACTA and the Trans-Pacific Partnership, where you have treaties negotiated by European and American representatives but without any representatives from the governments. They're done by their administrations and without any transparency into it, and then it's presented as a fait accompli. And in that way I think that there's not much difference, because they're both getting shitty laws in the same way now. They're they're coming out of the same source.

And they're not really American companies. I mean, EMI is technically kind of a "British" company. And Bertelsmann is technically a German company, and Holtzbrinck is, too. And so on and so forth. Sony is technically Japanese, right.

Audience 5: So you had quite a few questions. I'm your rambling guy for tonight. Short. I really like the analogy of the five-year plan, and the next five-year plan, and the next five-year plan. Because I come from Poland and we know how the five-year plans in Poland went. So. I have this feeling that those five-year plans will probably end up just like they ended up in Poland. What do you think about that?

Doctorow: Yeah. And that's probably an extension of what this gentleman over here said when I finished a little out of turn, which was if this has the trajectory of the drug war, where the hell are we going to end up, because obviously the drug war has been a disaster, continues to be a disaster, and shows no sign of receding from its disastrousness.

And the difference is that although I guess there are people who who would argue that drugs deliver a certain bit of the solution to their own problem— In other words, once you've taken the right drugs you no longer see the problem with drugs. And I don't mean that sarcastically. All due respect to my friends on the drug legalization side, and the idea of cognitive liberty and the rest of it.

But it's not the same way that computers hold the key to unlocking computers. Because what computers do, what networks do, is they make it cheaper and easy for us to do things together. So you know, in contrast to, and again with respect to my friend Evgeny Morozov, in contrast to things that he says, I'm much more optimistic about what computers can do for justice struggles. Because by definition, people in charge have already figured out how to coordinate their actions, right. That's how they got to be in charge. So giving them technology to make them better coordinated is a small incremental improvement, whereas people who are oppressed by definition have no capacity to steer the state and work collectively. Adding the capacity to work collectively to people who are at the bottom is a phase change for them in a way that it's not— It's a difference in kind and not just a difference in degree.

And so I think the computers and networks allow us to do stuff together that we could never have done before. And the more computers and networks we get, the more things we can do together with them. You know, there was this kind of tedious thing that happened about six or eight months ago. Whenever I mention the word "anonymous" in public, I would say, "Anonymous is a group that—"

And someone would come along and go, "They're not a group."

And I'd say, "Anonymous last week did—"

And they'd say, "Anonymous never does anything."

And I'd say, "People using the name 'Anonymous' did—"

"Well, they didn't all call themselves 'Anonymous.' Some of them called themselves LulzSec. Some of them called themselves AntiSec…"

And like, on and on and on. And for a while I thought it was just a sort of tedious word game, you know. It's free/libre/open source. This kind of endless kind of correctspeak.

But then I realized that it was actually because Anonymous and many other new kinds of institutions that we've seen in the last year are novel. That we don't actually have a vocabulary. There's something new on this earth, this kind of affinity organization that doesn't have the same hierarchical structures even if there are pockets of leadership, the way that there are with AnonOps or with bits of Occupy being spokespeople or coordinators. It's not anything like what these institutions would have been ten or twenty years ago. You couldn't have had anything on the scale of Occupy. You know, simultaneous coordinated actions in cities all over the world. You couldn't possibly have had that without a big sort of military-style command and control organization prior to the network, prior to to Internet. And so we lack a vocabulary to describe them. We lack a vocabulary even to think about them, in some ways.

So we say, "Oh, Occupy doesn't have a set of unitary goals. They must not be serious." What's interesting is that prior to this, assembling a big organization without first agreeing on your goals was cosmically insane because you'd you'd put all this energy into organizing and then it would turn out that you weren't all there for the same reason; you'd have to all go home again.

And now what we can do is we can all get together and figure out the stuff that we agree on. You know, our minimum common agreement, our TCP/IP of protest. And then we can work on that stuff. And then when we come to some stuff that we don't agree on, we can all go off and have a different Occupy over there to do that stuff, because the organizing itself has been cheap. It's no longer the case that the job of an activist is 98% stuffing envelopes and 2% figuring out what to put in them. Now we get the envelope stuffing for free, and we get to spend 100% of our time figuring out how to do stuff together. And so I do think that there is hope, because the terrain is not the same as the terrain in the War on Drugs.

Moderator: Okay, we've got like ten minutes here. So I'm going to ask Cory. Cory we've got like ten minutes. I think that's like five questions.

Doctorow: So why don't we take like three questions, then I'll answer as many as I can.

Audience 6: Okay, so I think it might become harder to influence the minds in government in the right direction because we are sending mixed signals. On the one hand we're talking about how they should chill and lay off the DRM and then you know copyright war. While on the other hand we are creating technology like Bitcoin or similar stuff that… We don't beat at the money that the lobbyists get. We are trading things that are competing with the Reichsbank and the Fed. And now you're getting the government really pissed. I mean, I'm a big proponent of that— I mean, not not the Fed but Bitcoin or stuff like that. So yeah, what you think about that?

Doctorow: Right. Two more questions.

Audience 7: Okay. Question was general-purpose computers versus appliances. You said the threat is mostly by the lawmakers. One guy before went in this direction I'm going. The problem I'm seeing is that we already do have these appliances. Even in this audience, people own iPhones and iPads. We have Kindles. At home we have PlayStations and Xboxes. The list goes on and on and on. So even we, we want this stuff because it has good features. You try to answer in this direction. I was curious if you have anything more to say. I think this is more of the problem.

Doctorow: Okay, one last question and then I'll try and answer them all in one go.

Audience 8: Okay, do you think a movement will develop to change the moral perception of computing like DARE, to make us feel bad about computing? And do you think hypocrisy developed among powerful people, to say, "Well, when I was young I programmed a computer but I didn't inhale?"

Doctorow: Alright. So the first two questions, the question about Bitcoin, and the question about why we continue to use these devices even though they contain our own chains, in some ways are the same question, right. Because the reason that we use these devices is because they work, and we're pretty sanguine about their failure modes because we're technocrats. We're like, "Oh, well. If they lock down my iPad I know how to jailbreak it. If I ever want to run some code on it that someone else won't let me, I know how to do it. I've got a runtime on my computer. I can take my apps off of here and run them there," and so on. So we're very sanguine about it. And so we tend not to worry that the consequences are going to come up and bite us in the ass.

But that's not all that different from lots of other ways in which people tend to overestimate their immortality. I mean, I felt that way. You know, I bought DRM media once. I once bought thousands of dollars worth of Audible books over the period of several years, and it wasn't until I switched to an operating system that Audible didn't have a player for that I realized that I was going to have to spend a month running two PowerBooks all the time through an audio capture app to get all those audio books out of the proprietary wrapper and into something I could play back. And then I went, "Oh my god, I'm an idiot."

But I was also a smoker, right? And I also sometimes forget to put on my seatbelt. I mean there's lots of ways in which we do this, and if we have to be pure in order to fight, then we'll probably never succeed. I mean, we have to admit that we live in the world and we sometimes either make mistakes or misjudge consequences or just do the thing that's most convenient, and that's how life goes.

The question about whether or not it's wise to piss them off while we're fighting them… You know, I don't think they could be any more afraid of the Internet. I don't think that the thing that they most fear is Bitcoin. I think the thing that they most fear is all the disruption that arises from the Internet.

And Bitcoin's not the major disruptive application of the Internet of the last several years. It's things like Amazon, and its things like automated high-speed trading and so on. All these things that are kind of legitimate Fortune 100 halls of power stuff that has been most disruptive and that has got people running around like headless chickens. Bitcoin is just a thing over on the side. The number people in the halls of power who understand it is minuscule, and the number who take it seriously is a fraction of them. And that's even true of cryptographers, not just people in the halls of power.

And then the last question was will there be a DARE to stop using computers movement in the future? I think we've already got it now, don't we? I write young adult novels sometimes as well as novels for adults. And I did the young adult breakfast at Book Expo America, which is a big book expo show in America where all the book sellers come. They have all the young adult booksellers show up, and they have a celebrity come and introduce the three young adult writers who are there.

And our celebrity that year was the Duchess of York, Sarah Ferguson. And I didn't know this, but Sarah Ferguson writes novels about how the whole world sucks and you need to shelter your children from them. You know, strangers are bad, video games are bad, and so on and so forth. So she was introduced around to us, and she said, "What's your book about, Mr. Doctorow?" And I said well, it's a book about kids who play video games and use it to win their freedom.

And she said, "Oh. You like video games, then."

And I was like, "Yeah, my wife used to play Quake for England. I love video games!" I mean, there's already lots of people who think computers are terrible and bad for us and will destroy our lives. I don't think we have to wait for the future for that. I think it's here.

Anyway, thank you all very much.

Help Support Open Transcripts

If you found this useful or interesting, please consider supporting the project monthly at Patreon or once via Square Cash, or even just sharing the link. Thanks.