#38 - Tech policy: Legislation over litigation

While litigation is structurally incompatible to form the cornerstone of tech policy, legislation is only situationally incompatible. But legislation really needs to pick up the pace.

Policy can punch at tech in two primary ways: Litigation and legislation. Litigation is the interpretation and enforcement of laws through court, and legislation is the creation of new laws or rules by state or federal agencies. But should policy lead with litigation or legislation? I argue that litigation is structurally and fundamentally ill-suited to form the cornerstone of tech policy while legislation is more appropriate but currently situationally not prepared to handle technology. As a result, tech policy is in a losing boxing match against technology. Tech is punching policy in the face, but policy lags for an uncomfortably frustrating amount of time before registering even so much as a recoiling head-jerk. And by the time policy even begins to move, tech is already in the middle of its next punch.

Tech vs. litigation: Forward-looking vs. backward-looking

Litigation is structurally backward-looking in two ways. First, litigators wait on the sidelines and don’t jump into action until the law has been violated. In other words, litigation remedies harms ex post, after a loss has already been incurred, rather than continually brainstorming and working to prevent harms before they occur. Second, strong legal arguments are of the form: “We’ve always done it this way, so you should continue doing it this way.” On the other hand, a more risky legal argument is to say “I’m asking you to deviate from established precedent.” Lawyers reason by making analogies to the past. Judges are allergic to change.

Tech, meanwhile, is structurally forward-looking. An entrepreneur or venture capitalist spends their day thinking about how to change the status quo. Technologists embrace change.

The clash, then, is obvious. Tech continually changes, but when tech issues get litigated in court, lawyers strain to mold their arguments to fit outdated paradigms. It’s like trying to fit a square peg into a round hole.

For instance, our antitrust laws were created in the 1800s in the age of dominant railroads. Through years of litigation, antitrust jurisprudence evolved slowly with an eye to the short-term interests of consumers, not to the long-term health of producers or the competitive market as a whole. The now-prevalent “Chicago school” of antitrust sees low consumer prices alone to be evidence of sound competition. However, the Internet flips this rationale on its head. Indeed, Internet companies reduce consumer costs while the competitive market increasingly becomes consolidated in the hands of a few players. The dynamics of the Internet are fundamentally different from what came before and don’t fit neatly within the existing antitrust litigation framework.

Another example comes from the Supreme Court’s First Amendment jurisprudence. Through the years, the Supreme Court has created different medium-specific standards under the First Amendment. For instance, newspapers, broadcast networks, radio networks, company towns, public trustees, shopping malls, and schools all engage in different forms of “speech” and have different First Amendment rights. Now that the Internet has come along, the natural starting point for many legal scholars has been to analogize the Internet to the past—is the Internet more like a newspaper? Or a company town? And if/when the Supreme Court takes a case where it needs to clarify the First Amendment standard to apply to the Internet, you can bet that will look to the past as its north star. But if technology is completely unlike the past, one has to wonder how productive it would be to advance tech policy by depending primarily on courts, whose default position is rooted in historical analogy.

Tech vs. legislation: Fast vs. slow

Because litigation is fundamentally backward-looking, I argue for a new host of Internet-specific legislation. After all, legislation is the enactment of new laws that address current and future harms. However, the problem with legislation is that it proceeds slowly, infrequently, and in lurches. Congress spends months debating a bill, listening to stakeholders, and playing bureaucratic chess before any new legislation gets passed. And when legislation does get passed, it usually comes as a complex behemoth. For instance, nobody, not even the lawyers, really knew what compliance with the GDPR or the CCPA entailed when those laws were passed. To make matters worse, political polarization and the shrinking amount of common ground stalls legislation even further. Legislation is painfully slow.

Not so in the world of tech. Software engineers push millions of lines of code per day. Product experiments are constantly being run, tweaked, stopped, and rolled out. It’s a continuous, iterative process. And when something doesn’t work, tech quickly pivots and tries a different solution.

To be fair, I’m not saying that legislation needs to match tech tit-for-tat. Every change in the codebase doesn’t require a corresponding change in the law. That would be impossible. My concern, however, is that legislation may quickly become outdated if legislation doesn’t pick up the pace at least a little.

The Computer Fraud and Abuse Act (CFAA) is a particularly egregious example. The CFAA was enacted in 1986, when there were only about 2,000 computers connected to the Internet, and before we knew how the Internet would evolve. Motivated by national security and hacking concerns, the law makes it a crime to access a computer connected to the Internet “without authorization.” Over the years, the law has metastasized in some jurisdictions into an all-purpose tool to criminalize all kinds of normal activities—including the failure to abide by computer use policies like click-thru terms of service. Today, with hundreds of millions of Americans on the Internet, taking thousands of digital actions per day and blindly accepting terms of service, are we all criminals, punishable by jail-time, for minor infractions? According to the black-letter law, yes, we are.

While cybersecurity is a worthy goal, the CFAA has proven to be a failed shot on goal. Even more surprising, however, is how few shots on goal Congress has taken. The CFAA has been amended only four times in the last 25 years. Congress has been unable to overcome the activation energy to move on the matter.

Where do we go from here?

The proper avenue for tech policy isn’t litigation but legislation. Litigation is structurally at a disadvantage to think about tech policy issues, so we can’t really mold litigation into a great vehicle for tech policy without changing how litigation fundamentally works.

Legislation, however, is only situationally at a disadvantage given its slow speed. There are ways to make it faster without changing how legislation fundamentally works. While these proposals are by no means new, they are important and worth doubling down on:

• De-polarize politics. In a polarized world, politicians prefer stagnation to collaboration, and when power switches sides, policies schizophrenically flip-flop rather than moving forward. Unfortunately, politics has only become more and more polarized in the last decade. With Joe Biden taking the presidency, we’ll see if he can fulfill on his promise to de-polarize the government. In a de-polarized world, politics can proceed more iteratively.

• Recruit more technologists to government. Indeed, technologists can infuse more of tech’s fast-moving, imaginative culture into the government when it comes to crafting tech legislation.

• Create more tech-specific agencies, like the National Security Commission on Artificial Intelligence. With specific government agencies and employees continually marinating in technology, they are further able to understand how technology is progressing and create more sensible legislation.

Finally, while tech policy should lead with legislation, that doesn’t mean litigation has no role to play. With new tech-specific laws on the books, lawyers and judges can interpret and shape the contours of those laws through litigation. As courts continue applying the law, and as technology continues evolving, the law may eventually become outdated relative to technology, bringing us back to the world of legislation. In the ideal state, policy and technology trade blow-for-blow in an increasingly-exciting match, with neither ever getting knocked down. But today, technology is simply far too swift for policy. Can policy catch up?

---

📚 What I’m reading

1. Are experts real? The power class has been infiltrated by a host of fake experts. The cause? Lack of transparent feedback loops + over-specialization, leading to opaque silos. (Fantastic Anachronism)

2. Unjustified true disbelief. A follow-up to the above. What do we do about all the fake experts? Alvaro de Menard argues that, on balance, the average person is better off listening to experts. You should feel comfortable rejecting the “experts” only if you have an objective track record showing you know better. (Fantastic Anachronism)

3. Why has Israel succeeded at COVID vaccination? (Elad Gil)

4. We need a new media system. The current media ecosystem, on both the right and the left, is broken. (Matt Taibbi)

5. This is the Stanford vaccine algorithm that left out frontline doctors. (MIT Technology Review)

6. CIA’s rebrand likened to that of a millennial pop-shop. This re-brand is getting meme’d on, but if this brings more talented technologists into the government, I’m all for it. (AdAge)

7. How mRNA vaccine technology works. (TIME)

8. On the appeal of Trump to Trump fans. (Volokh Conspiracy)

9. The Metaverse is coming. (Wired)

10. Venture capital funding Q4 2020. In spite of the pandemic, 2020 was the biggest-ever funding year, with venture capitalists disbursing $130 billion in capital. (CB Insights)

11. The 'megascale' structures that humans could one day build. (BBC Future)

12. What’s wrong with the way we work. (The New Yorker)