Saturday, March 01, 2008

Part 3: Where We Explore Some Philosophy of Law Drivel That Supports this Twaddle

In Episode One, A New Dope, we explored how Part 15 spectrum is an unlicensed commons that cannot be stolen, and how WiFi is a protocol designed to operate in the commons and it itself (as a protocol) can also not be stolen.

In Episode Two, The Lawyers Strike Back, we explored how, where a commons property is proximate to another property, it is incumbent on the owner of the proximate property to provide notice that access is unauthorized. Lacking such notice, an individual accessing the proximate property could not be said to be unauthorized.

Now, in Episode Three, The Return of the Lawyers, we explore some philosophy of law drivel that supports all this twaddle.

The legal question before us is, when a commons network is proximate to another network, and the owner of the proximate network wishes to restrict access to the proximate network, who has the duty: the proximate network owner to disclose this information or the individual seeking access to discover this information. The conclusion in Part II, based on precedent, was that the proximate network owner has the duty to provide notice both of the restriction to access and the boundary between the commons network and the proximate network. Now we will explore two areas of philosophy of law that support this conclusion.

Theory one: Burden on the Holder of Information: Procedural rules generally place the burden of moving on the party with information. If one party has the relevant information and the other party is dependent on that information, then either (a) procedure places the burden on the information holder or (b) procedure provides a means for the first party to obtain the information. The burden may be the burden to move in a proceeding, or it may be the burden to make the persuasive argument. The procedure that provides the ability to obtain the information may be litigation discovery, it could be regulatorily required corporate filings, or it could be the Freedom of Information Act.

There are situations where the burden and the location of information are not in alignment, and this does not work very well. An example of this may be consumer claims where the burden of making the claim lies with the consumer, but the information about an alleged violation lies with a corporation. Without the information, the consumer cannot proceed with a claim, and without a claim, the judiciary can do little. This is a philosophical underpinning of why agencies are given the task of consumer protection, where they are in a better position vis-a-vis the corporation, in requiring information disclosures and building cases thereon.

In our situation, the information is held by the owner of the proximate network: is it public or private – is access restricted or open? Information jurisprudence looks to the network owner to either disclose the information or to have the burden (in this case, the burden would pretty much be the same as disclosing the information; it would be the burden to prove that the individual knew that access to the network was unauthorized).

Theory two: law and economics: Law and economics addresses issues of tort in order to answer - not who is at fault - but who has responsibility. The classic example is a steam train going down the tracks in farm land, with sparks emanating from the engine. Who is responsible for damages caused by crop fire? Is it the train engine which is throwing the sparks, or is it the farmer who built the farm right up to the edge of the tracks? Law and Economics answers this question by asking, which party can most efficiently mitigate the harm? Which would cost less: the train company not throwing sparks… which basically means not running… which basically would not be good for public welfare – or the farmers who could either move the crops back or build a fence? Which ever party can do this more economically is the party blessed with responsibility. After all, the performance of both parties benefits public welfare, and the cheapest solution maximizes welfare where a more costly solution would detract from it.

Just like we economically like trains and farms, we also like networks and end users. Communications networks carry the raw stuff of the new economy: information. The issue before us concerns the information regarding whether the individual’s access to the proximate network is authorized or not. The Law and Economics question asks which party could satisfy this need most efficiently.

The Proximate Network is owned by Network Owner who knows whether it is public or private, restricted or not. The Network Owner’s cost of announcing this information is de minimis and involves configuring the AP to either be open or secure (where “secure” would effectively provide notice that the network is not open).

Let’s make up some arguable facts. If the Network Owner wishes to maintain an open network, the Network Owner would need to configure the network AP to signal this intention. If we assume this will take 15 minutes at a salary of $40 an hour (I am picking this number out of the air, but I will make the salary of the network owner the same as the individual for comparison purposes), then it would cost the network owner $10. This cost is incurred once, regardless of how many people use the network. If the Network Owner wants to terminate access after hours, the network owner can simply turn off the AP. If the Network Owner wants to be more sophisticated, the Network Owner can insert a splash page that announces the terms of access. We will be generous and say that in total the owner had to dedicate an hour to this task during a month, for the cost of $40.

Now let’s examine the individual’s cost of obtaining the information regarding whether the network is open or shut, assuming that the information provided by the AP is insufficient. The individual opens a laptop and detects a network. The individual must then determine the owner of the network and whether it is restricted. If the SSID says “CoffeeShop,” then the individual has a clue that the network is owned by the Coffee Shop (although this is no guarantee). If the SSID says something generic like “Linksys,” then the individual has no clue and must resort to some other method of investigation. Depending on where the individual is sitting, this could be any number of potential network owners. The individual can stand up and walk around, attempting to triangulate the signal. This method could be aggravated where there are multiple networks with the same SSID, causing confusing results. It could also be aggravated by the environment of the individual that does not permit sufficient movement to permit triangulation (such as a doctor’s office waiting area). If the triangulation is successful and the Individual identifies a probable Network Owner, then the Individual must be able to approach the Network Owner. But that may not be possible. It could be a library after hours or a residence that has an open AP. It could be a municipal network with APs hidden in the infrastructure. It could be a busy coffee house where the manager is too busy speaking Pretalian. Next the Individual can attempt to research. If, for instance, the probable Network Owner is a public library, the Individual could get on the Internet, search for the library website, and search for information on the network AUP – hoping that it has been presented in a readily apparent manner. And this goes on. Now multiply this cost by every single user of this network. Let’s say the average time to obtain information about the network is 30 minutes at a cost of $40 per hour resulting in a cost of $20. Now multiple this by hundreds of potential users.

While it might be difficult to obtain a specific figure for this, it is easy to conclude that the cost to the individuals is higher than the cost to the Network Owner. Therefore, Law and Economics would conclude that the responsibility is placed on the Network Owner to announce the terms and restrictions, if any, on access.

This is a sound outcome. If the burden is placed on the individual to acquire the information, there are too many scenarios were the individual cannot reliably obtain that information. Network owners who want to make their networks open will not be able to do so because the individual cannot get that information from them (assume that the Network Owner’s signaling of this information through the AP is considered not sufficient notice). This will thwart any number of potential business models and decreases public welfare. If we start with the assumption that we like networks and end users (if we assume that the use of broadband increases the public welfare), then we will favor those solutions which favor broadband deployment and availability. Placing the burden on the owner through the use of the AP means that the owner can flip on and configure the AP, and the requirement is satisfied. Placing the burden on the individual means that there may be no practical means for owners to reliably get this information to individuals, therefore decreasing broadband availability and thwarting efforts at deployment.

In the end, we face two paradigm shifts. First, the judiciary must get over the notion that WiFi networks can be stolen – they cant be stolen. Second, the judiciary and law enforcement must get over the anxiety of how to keep people out of networks. Part 15 and WiFi were not designed to exclude individuals; they were designed to facilitate the spread of advanced telecommunications to all Americans.

When a Network Owner elects to place a network proximate to a commons network, then placing the burden on the proximate network owner to provide notice of boundary and restriction is sound in terms of legal precedent, philosophy of law, and broadband policy. You cant steal Wifi!