Will the U.S. get an Internet “Kill Switch”? :: The Future of the Internet

Will the U.S. get an Internet “Kill Switch”?

March 4th, 2011 | by mollysauter | Published in cybersecurity, news | 5 Comments

In the past month we’ve seen two countries try to “turn off” the Internet. On January 27, in Egypt, which had previously known few restrictions on Internet access (though, to be sure, intimidation of bloggers and activists was common), nearly all ISPs stopped delivering bits to their subscribers, even though data transiting Egypt from the outside world kept flowing normally. One Egyptian ISP, Noor, stayed up for a few days amidst speculation that it had been spared because major banks and the Egyptian stock exchange were subscribers; subsequently it went down, too. Internet access was then restored before the Mubarak government fell. In Libya, irregular nationwide outages lasting anywhere from a few minutes to seven hours have been occurring since the February 19.

This is nearly unprecedented; only brief incidents in Nepal and Burma, in 2005 and 2007 respectively, could compare. The events have renewed debate over proposed U.S. legislation that might give the government a similar ability to pull the plug on Internet communications in an emergency.

The bill, introduced in the Senate first last fall and again this spring by Senators Collins and Lieberman, was first titled “Protecting Cyberspace as a National Asset Act of 2010,” and then “Cybersecurity and Internet Freedom Act of 2011.” Many observers have simply called it the “kill switch” bill, suggesting that the bill would give the President authority to shut down the Internet, perhaps in ways just seen in the Middle East. That’s an unfair characterization. But there are other reasons to be skeptical about S.3480.

The bill contains a lot more than just the provision for a so-called “kill switch.” It provides for the establishment of a White House Office of Cyberspace Policy, tasked with oversight over all “instruments of national power relating to ensuring the security and resiliency of cyberspace” and the enforcement of security standards developed by the National Institute of Standards and Technology (NIST) across both public and private sector “critical infrastructure systems.” (NIST is the National Institute of Standards and Technology, an agency at the Department of Commerce tasked with advancing measurement science, standards and technology. Among other things, it houses the atomic clock which keeps the nation’s official time.) It also provides for the establishment of a National Center for Cybersecurity and Communications at the Department of Homeland Security, which would oversee the United States Computer Emergency Response Team, which, as the public/private operational arm of the National Cyber Security Division, acts to disseminate cybersecurity information from the research and government communities to the private sector.

Then there’s the most controversial bit: the bill proposes that, in the event of a “cyber emergency” as declared by the President, the Department of Homeland Security could issue mandatory orders and directives to “critical infrastructure systems”. This has been interpreted as meaning that the goverment could “shut down” the internet within the United States.

Under what circumstances this would be warranted depends largely on interpretation. The bill says a “cyber emergency” is an “actual or imminent action by any individual or entity to exploit a cyber risk in a manner that disrupts, attempts to disrupt, or poses a significant risk of disruption to the operation of the information infrastructure essential to the reliable operation of covered critical infrastructure”. “Critical infrastructure” is in turn defined as those systems whose “disruption or destruction would cause a mass casualty event which includes an extraordinary number of fatalities; severe economic consequences; mass evacuations with a prolonged absence; or severe degradation of national security capabilities, including intelligence and defense functions”.

That all sounds pretty narrow: most Web servers would not qualify as that type of infrastructure–nor would a small ISP. Responding to criticism of the kill switch idea, the Senate has said that the bill is intended to provide a “precise, targeted and focused way for the President to defend our most sensitive infrastructure,” further defining that infrastructure as systems involved in the vital maintenance of the telecommunications networks, electrical grid, water systems and financial systems. Of course, as more systems move to the cloud, there’s a question of whether we will start to find these critical infrastructure systems interwoven with more mundane civilian resources, and what the implications of such mixing would be under this bill.

Putting it all together, this means that a cyber emergency would only to be declared in the event of an imminent risk of massive death and destruction, severe economic damage, mass evacuations or harm to our national security capabilities—the worst of all possible scenarios. But a critical issue is what kind of review there would be of whether a declared emergency really qualifies under the bill. Though there is no direct identification of critical infrastructure beyond those whose disruption would cause scenes from the movie 2012, there is a means in the bill for those designated as critical infrastructure systems to appeal that classification.

The new draft of the bill– likely responding to public anxiety over kill switches–explicitly forbids a shut down: “neither the President, the Director of the National Center for Cybersecurity and Communications or any officer or employee of the United States Government shall have the authority to shut down the Internet.”

Any emergency measures developed and implemented in the event of a cyber emergency would also expire within thirty days, with the possibility of several thirty day extensions. To be sure though, thirty days is a long while in Internet time, and more than enough time to change, perhaps irreversibly, a company who find itself on the wrong side of the critical infrastructure designation. Most important is to try. It’s also hard to imagine the circumstances under which these provisions would be invoked. By the language of the bill, it would appear to be nothing short of a massive virus–or physical–attack in which ISPs stood idly by as malware spread like. Of course, should that situation arise, it’s not clear that sending in the Marines (figuratively, if not literally), and telling various ISP’s to fix it would make any difference–as if they somehow wouldn’t be trying to do that anyway, and as if the government would have any comparative advantage in understanding the situation than the Internet engineers themselves would have.

Oddly, the U.S. government may already have the authority to shut down the Internet anyway. Section 706 of the Communications of Act of 1934 – written into the Act shortly after the 1941 attacks on Pearl Harbor – provides the President with the ability to shut down “any facility or station for wire communication” or take federal control of such facilities in the event of a “state of war” and for up to six months after the expiration of such a state. Of course, the War Congress of 1941 wasn’t thinking about the Internet at the time, though there is some indication that the Department of Homeland Security believes this provision could apply. In June of 2010, the Department of Homeland security apparently cited Section 706 as “one of the authorities the President would rely on if the nation were under a cyber attack.”

The new bill does not permit such a Federal takeover or shutdown, limits the amount of time a cyber emergency declaration can be in effect, and contains language intended to render the emergency measures as non-disruptive as possible.

Beyond the legalities or politics of drastic action, it’s worth asking whether the type of Internet shutdown seen in Egypt and elsewhere is even possible in the United States. Internet penetration in Egypt is around 15.4%, high for Africa but low compared to the rest of the Middle East; penetration in Libya is around 5% ; in Burma Internet penetration is at less than 1%. They have much smaller populations than the US, in smaller geographic areas. The shuttering of one or two ISPs has a much greater effect in these small markets than it would in the States. It is unlikely that the government could, though social and political pressure not backed up by statute and public accord, cow the hundreds of different ISPs operating in the continental United States to all shut down at once. Someone bent on disrupting Internet access would have to focus on Tier 1 ISPs – those who provide Internet access to other ISPs, and for which a shutdown would have the biggest ramifications. Another potential method for shutdown would be disrupting one or more of the major Internet exchange points or “carrier hotels” that exist around the country. Going after major wireless providers could also have a big impact. However, the likelihood of a complete shutdown remains low: at the point such a measure would be attempted we’d likely have plenty of other problems to raise with such an overreaching government. More important, with Internet access so crucial to the economy and to state and federal governments, a broad-based shutdown would carry incalculable costs. The point at which the Internet is so suffused in a society that a censorious government could consider turning it off is also the point at which the Internet is so suffused in a society that a government would likely not dare turn it off. Egypt and Libya provide new and surprising counter-examples to that hypothesis, but even in Egypt access was restored while the Mubarak government was still in power. And the level of integration of the Internet with layers of the American economy and communications system is an order of magnitude more than in Egypt and certainly Libya.

So, while there is no a kill switch hidden in the bill, it provides for the establishment of two federal bodies responsible for the development and enforcement of certain private and governmental security standards in the area of critical infrastructure systems, and establishes the ability of the government to give mandatory directives and orders to the private operators of critical infrastructure systems in the event of a cyber emergency, which is defined to sound a lot like a real emergency.

That said, is this bill a reasonable reaction to the current state of cybersecurity in this country?

The bill endows NIST with the ability to create security standards, in conjunction with the private sector, which would then be imposed on federal agencies and private operators of critical infrastructure systems. This introduces the potential for mission creep, and moreover, it is simply not known what those standards will be yet. Would such standards include the capacity for deep-packet sniffing, other methods of surveillance or backdoors? Who within NIST and the private sector would have final say in the creation of these standards, their implementation and enforcement? Does the government currently possess the expertise to take on this task to begin with? What actions will the relevant agencies take to ensure they have that experience at the ready when it comes to developing these standards?

When it comes to improving the online security environment in this country, everyone has work to do, including the federal government. Keeping up with patches and updates, changing default usernames and passwords on critical systems and choosing unique, complex passwords that change regularly are just some habits of good security that should be widespread but aren’t. Some parts of this bill, like section 301 which in part provides for the withholding of bonuses to senior agency officials whose agencies aren’t up to snuff, may be a good step towards implementing a functional and habitual security environment at the federal level. Some other sections clearly need more consideration and debate.

That the information security environment in this country and around the world needs work is clear. Whether or not this is the bill that is needed, or even whether the federal government should have a role in regulating civilian, private sector infosec, is less so.

An edited version was published this morning by the MIT Technology Review.

Responses

Feed

Stephen Downes says:

March 4th, 2011 at 5:01 pm (#)

I think it would be naive to suppose that the U.S. internet doesn’t already have a kill switch.
Name says:

March 4th, 2011 at 6:18 pm (#)

There is no possible way to evaluate the effectiveness, even the constitutionality of this elaborate emergency plan without conducting an inclusive emergency test for the various anticipated scenarios.
Losing Hope says:

March 4th, 2011 at 7:46 pm (#)

Telecom carriers do what they are told. Corporate executives in general are not driven by national pride; loyalty to stockholders, employees or customers. Evidence has shown that they don’t even care about the long-term viability of their corporations. They take the quick buck as fast as they can get it. [Regulators recently proposed a 3-year deferral of bank-executive bonuses; but that's only the banks. And a 3-year horizon may still be insufficient.]

If uncle sam says wiretap, executives will order the wiretap. As we discovered after 911.

If uncle sam says pull the plug (or more interestingly: wiggle the plug to debilitate the “undesirables”), the carriers will most certainly follow orders.

In government, the Executive branch is nearly out of control. No matter who we vote in, nothing changes. Congress has become nearly dysfunctional; they are not providing an effective balance against the executive branch. Instead, they have allowed the executive to vastly grow in power. It is so bad now, that the executive branch can announce that they are going to issue a death Fatwa against a US citizen (al-Awlaki), and no one bats an eyelash. If the executive branch can get away with overt extrajudicial assassination of a US citizen (however revolting he may be) then they can sure as hell get away with any form of surveillance or disruption to communications.

All those movies about future dystopia seem to be coming true. And it will likely get worse. Once the dust settles in the middle east, we’ll probably have three or more new theocracies run by reactionary Luddite wackos. [e.g. What kind of a democracy are we going to see in Egypt, where the World Health Organization reports Female Genital Mutilation is widespread. If democracy reaches Saudi, what will happen there? Women in Saudi can't vote or drive, and require a "guardian" to look after their affairs. And if you're not their faith, then you meet the same fate as Shahbaz Bhatti.]

We grew up watching Star Trek, assuming technological achievement and space exploration would be the future. More and more it looks like our future will be Atwood’s Handmaid’s Tale. Christian wackos crushing us here; Islamist wackos threatening us from overseas. What’s left!?

Oh yea: global warming and multi-drug-resistant diseases.

Our poor grand kids.
Andrew says:

March 5th, 2011 at 11:04 pm (#)

The rich who control the US have far too much money directly at stake to see any kind of internet shutdown happen. EVER.
Christopher Dize says:

March 11th, 2011 at 8:21 pm (#)

Great article on the kill switch bill. Thoroughly enjoyed reading it and had a couple thoughts.

Any time there’s turmoil, there’s always a someone trying to pass a law to deal with it. The bottom line here, however, is that even if there is an law on the books that says under xyz circumstances, we, the governing body of this country, can cut off the internet, the xyz circumstances would have to be so bad that it wouldn’t much matter if they cut off the net.

Think about it. How much of the economy in the US is based in the internet? I’m not going to run out and find statistics to support this proposition but two words should do it: Google and Facebook. Now if the government thought there was an actual reason to cut off the internet, that reason would have to outweigh the damage that would be done to the economy. That’s some serious reason.

The difference between this country and those countries where despots readily cut off the internet to quell dissent is that in those countries the cost to the ruling power, assuming continuing unfettered internet access, is the very object of its rule. Assuming they shut it off, what have they got to lose? I doubt internet markets account for such a great percentage of the economy in Libya.

Could be wrong, though. Don’t have the figures.

Blog

Rethinking Online Culpability: The Amazon “Keep Calm” Shirts Controversy (Part 1: A/B Testing)

In early March, the online retailer Solid Gold Bomb provoked outrage when customers discovered that its Amazon store, which featured apparel bearing dozens of variants on the “Keep Calm [and Carry On]” slogan, included a t-shirt that read “Keep Calm and Rape A Lot.” Solid Gold Bomb generated the shirts, and Amazon offered them for sale in its marketplace. To complicate matters, it appears that Amazon doesn’t review the stores in its marketplace like a mall owner might review physical storefronts, and, particularly unusual, Solid Gold Bomb didn’t review the shirts it offered for sale: the designs were computer generated. How far, then, should blame extend? When unsupervised automation produces results that everyone regrets, how do we decide whom to hold responsible, and when do we decide to hold anyone responsible in the first place?

Solid Gold Bomb’s official apology explained that its Amazon store featured millions of hypothetical shirts to be produced on-demand, should anyone order one. The “Keep Calm” debacle resulted from an automated script that generated words to approximately fit the design’s syntax and layout. The resulting list, says SGB owner Michael Fowler, “was culled from 202k words to around 1100 and ultimately slightly more than 700 were used due to character length and the fact that I wanted to closely reflect the appearance of the original slogan graphically.” Clearly, the vendor is at fault for failing to eliminate possible ending phrases to the Keep Calm slogan like “rape a lot” and “choke her” from a 700-word list. However, similarly automated practices regularly take place on a much larger scale across the internet. Determining accountability for these widespread and fundamental operations can be much less straightforward.

In some ways, Solid Gold Bomb’s generation of the offensive shirts can be seen merely as A/B testing gone awry. Offering thousands of options and printing shirts to order is a way of using user behavior to cull successful products. Presumably, if one of the quasi-randomly-generated shirts began to outstrip the others in sales, Solid Gold Bomb would have adjusted its inventory and marketing accordingly.

With A/B testing, the line between savvy capitalism and unethical business practice can get fairly nebulous. Zynga, for example, relies on a practice that CEO Mark Pincus calls “ghetto testing.” One of Zynga’s approaches to game development is to advertise games that do not yet exist, in order to test consumer response to a basic premise. Says Pincus,

“We’ll put up a link for five minutes saying, ‘Hey! Do you ever fantasize about running your own hospital?’…We’ll put that up for five minutes, and the link will maybe take you to a survey, where you give us your email and we say when this comes out we’ll contact you. If you’re really doing ghetto, it says ‘404 not found’. That’s bad. So first you try to get the heat around it, you see how much do people like it, then…”

This isn’t all that dissimilar to Solid Gold Bomb’s approach. Like Zynga’s “ghetto-tested” games, the “Rape a Lot” shirts didn’t actually exist, and would only have been produced in accordance with user demand. In fact, Solid Gold Bomb didn’t misdirect potential buyers as deliberately as Zynga’s “ghetto testing” approach does.

In large, computer-conducted A/B testing campaigns, it becomes impossible to demand human supervision of every output. Solid Gold Bomb’s 700-word list for generating T-shirts should have been thoroughly scrutinized, of course, but operations with more permutations of A’s and B’s seem less accountable for each potential outcome. For example, it’s hard to believe it would be within a webmaster’s responsibility—or even her ability—to make sure that every possible banner ad on every single page of a site doesn’t combine unfortunately with the page’s content.

A/B testing is practically ubiquitous online, and most of its applications are unequivocally benign. Wikipedia, for one, famously self-published the test results of its 2010 fundraising push. Moreover, unsupervised, computer-conducted A/B testing can produce serendipitous results that no human could ever have engineered or anticipated. The popular twitter handle @horse_ebooks, for example, began as a poorly functioning spam account intended to drive traffic to an e-book site. But its garbled messages are so striking—and occasionally poignant (cf. a recent example)—that the bot currently has over 170,000 followers.

The problem, then, is that our expectations for internet commerce haven’t quite caught up with the techniques that drive internet commerce. If a store offers things for sale that we find offensive, our typical reaction is to get mad at the store—after all, being willing to profit off an item seems to imply some kind of endorsement of that item. Today, however, these assumptions about endorsement are challenged by the ubiquity of A/B testing and other automated content generators. A “ghetto test” by Zynga might not mean that the company fully endorses a game that simulates running a hospital. Similarly, the presence of an item in the Amazon Marketplace might not be enough to presume Amazon’s approval of that item.

[Parts 2-4 will be published over the next week]

- Ben Sobel, Kendra Albert, and JZ

The Future of the Internet: Five Years Later

In 2008, The Future of the Internet called attention to a “sea change” in the way consumer devices interact with the Internet. “The future is not one of generative PCs attached to a generative network,” the book warns; “it is instead one of sterile appliances tethered to a network of control.” In response to the security threats posed by malicious third-party code, increasing numbers of users will likely gravitate towards gadgets “tethered” by continuous communication between product and vendor. And this proliferation of tethered computing—the “appliancization” of PCs—will deal a serious blow to the principles of generativity and free expression that drove the early Internet.

Since the publication of The Future of the Internet, the ethos of strict appliancization has taken a new turn. In 2011, Professor Zittrain wrote an update on the book’s message: “at the time of the book’s drafting, the alternatives seemed stark: the “sterile” iPhone that ran only Apple’s software on the one hand, and the chaotic PC that ran anything ending in .exe on the other. The iPhone’s openness to outside code beginning in ’08 changed all that. It became what I call “contingently generative” — it runs outside code after approval (and then until it doesn’t).” This trend towards contingently generative models continues into the present day, and represents a shift similar in many respects to the one The Future of the Internet predicted.

Jon Brodkin and Peter Bright’s Ars Technica op-ed on the Microsoft Metro app store offers some valuable commentary on a big development in this “sea change.” The article recognizes that “Microsoft is imitating Apple in one very bad way, by limiting the distribution of Metro applications to a Microsoft-controlled app store… by bringing Windows to tablets, Microsoft could strike a blow for openness in a market dominated by a closed system. Instead, Microsoft is bringing the same restrictions found on iPads to both Windows tablets and PCs.” As forecasted by The Future of the Internet, devices that only run approved code are gaining popularity. Metro, the curated user interface that has found its way onto Microsoft’s tablets and PCs (in the case of the PCs, alongside a fully-functional desktop mode capable of side-loading non-Windows Store applications), won’t run applications from outside the Windows Store. Moreover, the apps available through the Store are subject to a bevy of restrictions on content. With these restrictions on installable applications come the restrictions on generativity that The Future of the Internet anticipated: “lock down the device, and network censorship and control can be extraordinarily reinforced.” And, as the Ars Technica piece observes, the Windows Store’s rules would exclude critically-acclaimed content like the video game Elder Scrolls: Skyrim, simply for its PEGI 18/ESRB M rating. It isn’t hard to extrapolate, as Brodkin and Bright do, that these rules could give rise to debacles similar to Apple’s (repealed) ban of a satire app developed by a Pulitzer Prize winner.

Though the Windows Store’s restrictions resemble Apple’s policies in many ways, there is a crucial difference: Metro-running Windows 8 products are designed as PC replacements, rather than sui generis devices like the iPad. And since Windows desktops have long been preferred gaming platforms, the theoretical exclusion of content like Skyrim from the Windows Store makes Windows 8’s emphasis on the Metro interface particularly jarring.

With Metro, Microsoft has made a decisive move towards contingent generativity. Brodkin and Bright note that “there are security benefits to a closed app store model, particularly for less tech-savvy users who may not understand all the dangers on the Web. There are also, arguably, convenience benefits; end-users can be reasonably confident that the apps they download will work correctly and be at least marginally useful…But while these security and convenience benefits might be enough to justify the existence of a curated app store, they don’t justify the decision to make that store the only option for all users. Informed users should be allowed to install applications from wherever they want.” Brodkin and Bright prefer a system like Gatekeeper, a fixture in newer versions of Apple’s OS X, from Mountain Lion forward. Gatekeeper gives users the choice to restrict their operating system to App Store apps and outside apps that have been signed with Apple-issued Developer IDs, or open up the device to all programs, whether or not they’ve been vetted by Apple. The “Future of the Internet” Blog is fairly enthusiastic about Gatekeeper: about a year ago, a post here suggested that “the middle ground of allowing non-App Store signed code may represent the best of both worlds.” But we were quick to warn that Gatekeeper strikes a tenuous balance: “one small tweak — lose that Control-click for sideloading — and OS X could fully merge with iOS, both in functionality and in security methods.” Metro’s riff on content control could be just that sort of tweak—especially given recent speculation that Microsoft may dump desktop mode in Windows 9, leaving only Metro.

Moreover, a contingently generative business model like the Windows Store’s carries some ethical implications that, while not damning, are certainly worth examining. Distribution systems like the Windows Store, Apple’s App Store, and the Android Market receive 30% of the sales revenue from applications sold in their stores (in the Windows Store, this cut drops to 20% after an app reaches $25,000 USD in revenue). Further restrictions on side-loading in new operating systems would drive a great deal of business towards big companies’ proprietary marketplaces—and with that traffic would come big payouts. With the uptick in store traffic that tighter gatekeeping would engender, it’s easy to imagine the equilibrium of Mac’s OS X Gatekeeper being forsaken for more restrictive, and more lucrative, operating systems. To analogize, a la The Future of the Internet: when the company that makes your computer requires you to install programs through their official store, it isn’t so different from the company that makes your toaster forcing you to buy from their bakery—and taking a cut out of every bread purchase you make.

Even though Windows 8 PC users can still make use of a fully-functioning desktop operating system, Microsoft’s failure to include a side-loading option for the heavily-emphasized Metro interface—particularly in devices marketed as PC replacements—is a step in the wrong direction. It’s also an indication that the seas are changing in the way The Future of the Internet predicted. Given that Android’s more open approach to outside applications [1] still leaves the Android Market increasingly economically viable, Ars Technica is right to voice its disappointment in xenophobic operating systems like iOS and Metro.

- Ben Sobel, Kendra Albert, and JZ

[1] Though the Google Play approach to openness is far from perfect! Ad-Blocking apps were recently pulled from the Play Store, in a move that will come to illustrate just how viable it is to distribute a side-loaded Android app without any help from the Play Store.

Rock star RA wanted

I’m seeking a full-time one-year rock star research associate to engage with a variety of projects and classes, with a broad opportunity to immerse in cyberlaw and Internet topics. Blurb below, with more information on how to apply at <http://cyber.law.harvard.edu/getinvolved/jzra>. …JZ

–

Professor Jonathan Zittrain of Harvard Law School, the Harvard Kennedy School of Government, the Harvard School of Engineering and Applied Sciences, and the Berkman Center for Internet & Society, seeks a full-time research associate in Cambridge, MA for a period of one year, beginning no sooner than June 1, 2013.

This position requires the ability to absorb large amounts of written and other media materials from various sources (including but not restricted to: original sources, scholarly articles, news articles/blogs, interviews, databases) in a short amount of time, critically analyze that material and render it forward. This could take the form of prep materials for panels, conferences and presentations; article outlines; fact checking materials; original article or paper drafts; slide decks or other digested forms. The research assistant should be prepared to help prepare materials for class sessions and syllabi, lead discussions and work with project managers to accomplish research-related goals.

Research is often self-directed with little outside guidance beyond broad outlines and themes (though occasional targeted research assignment for a specific fact or image can be expected, and feedback is provided), so the ability to quickly critically appraise sources and identify interesting, relevant and original paths is essential. Wide-ranging interests and the ability to work on almost any issue or topic that arises is a plus, as is an ability to ramp up quickly on unfamiliar fields or topic areas. Excellent writing and editorial skills with an attention to detail are also required.

This job is an ideal opportunity for those interested in future graduate school or law school studies, whether currently admitted or still applying to such programs.

Over the course of the year, a motivated individual will sharpen and focus his or her research agenda and make valuable contributions (in his or her own name) to the field of cyberlaw and beyond, while being exposed to interesting thinkers in academia, industry, and government. A research associate in this position will work very closely with Professor Jonathan Zittrain and his team, assisting in a variety of research areas, e.g. ubiquitous human computing, mesh networking, and cybersecurity, as well as on topics around access to knowledge and open scholarly publishing under the auspices of the Harvard Law School Library.

The position will not start before June 1, 2013. As with all Berkman staff positions, this is a term position, ending June 30, 2014.

F-T: Don’t sue over tweets

I just published a short piece in the F-T in the wake of legal threats against users who tweeted or retweeted a link to a BBC report of child abuse that turned out to be wrong. Here’s the full text –

Those who didn’t see the false child abuse accusations against Lord Alistair McAlpine on an ill-considered BBC documentary may have instead heard about them through social media. This week, London’s Metropolitan Police suggested they might file charges against those Twitter users who sullied the reputation of the retired Conservative politician by knowingly repeating the lie that he was a child abuser. But the police may be less fearsome to the average BBC-linking tweeter than Lord McAlpine himself. Read more »

Taking More than Candy from a Baby

Update – 10/17/2012: The parties involved in the lawsuit – Speak for Yourself and SCS/PRC reached a settlement, allowing the app to remain in the Android and iOS app stores. More at the Nieder family blog.

Original Post:

Generativity hasn’t had a poster child — until now.

Meet Maya, a four-year-old child who could lose her ability to speak with the elimination of an app from the iOS App Store.

As detailed in the Nieder family’s original blog post on the subject, Maya uses Speak for Yourself (SfY), an iPad app that serves as an “augmentative and alternative communication” (AAC) device. Before finding SfY, Maya had tried multiple AAC devices, but hadn’t found one that worked for her. Read more »

About Jonathan Zittrain

Jonathan Zittrain is Professor of Law at Harvard Law School and co-founder of the Berkman Center for Internet and Society at Harvard Law School

Tweets from Z

An error has occurred, which probably means the feed is down. Try again later.