The Center for Information Technology Policy (CITP) at Princeton University seeks candidates for positions as visiting faculty members or researchers, or postdoctoral research associates for the 2010-2011 academic year.

About CITP

Digital technologies and public life are constantly reshaping each other—from net neutrality and broadband adoption, to copyright and file sharing, to electronic voting and beyond.

Realizing digital technology’s promise requires a constant sharing of ideas, competencies and norms among the technical, social, economic and political domains.

The Center for Information Technology Policy is Princeton University’s effort to meet this challenge. Its new home, which opened in September 2008, is a state of the art facility designed from the ground up for openness and collaboration. Located at the intellectual and physical crossroads of Princeton’s engineering and social science communities, the Center’s research, teaching and public programs are building the intellectual and human capital that our technological future demands.

To see what this mission can mean in practice, take a look at our website, at http://citp.princeton.edu.

About the Search

The Center has secured limited resources from a range of sources to support visiting faculty, scholars or policy experts for up to one-year appointments during the 2010-2011 academic year. We are interested in applications from academic faculty and researchers as well as from individuals who have practical experience in the policy arena. The rank and status of the successful applicant(s) will be determined on a case-by-case basis. We are particularly interested in hearing from faculty members at other universities and from individuals who have first-hand experience in public service in the technology policy area.

The successful applicant(s) will conduct research, engage in public programs, and may teach a seminar during their appointment subject to review and approval by the Dean of the Faculty. They’ll play an important role at a pivotal time in the development of this new center. They may be appointed to a visiting faculty or visiting fellow position, a term-limited research position, or a postdoctoral appointment, depending on qualifications.

We are happy to hear from anyone who works at the intersection of digital technology and public life. In addition to our existing strengths in computer science and sociology, we are particularly interested in identifying engineers, economists, lawyers, civil servants and policy analysts whose research interests are complementary to our existing activities.

If you are interested, please submit a CV and cover letter, stating background, intended research, and salary requirements, to http://www.jobs.princeton.edu.

Princeton University is an equal opportunity employer and complies with applicable EEO and affirmative action regulations. For information about applying to Princeton and voluntarily self-identifying, please see http://www.princeton.edu/dof/about_us/dof_job_openings/

Deadline: March 1, 2010.

Jonathan Zittrain famously argued in his book "The Future of the Internet, and How to Stop It" that we were headed for a future in which general purpose computers would be replaced by locked-down computing appliances.

Apple's new iPad will put Zittrain's thesis to the test. The iPad, as announced, has aspects of both an appliance and a general purpose computer. (Zittrain would say "generative", but I'll stick with the standard computer science term "general purpose".) Will the appliance side kill the general-purpose side?

The iPad is an appliance in the sense that it runs applications from Apple's App Store. The App Store is a "walled garden" containing only apps that have been approved by Apple. Apple has systematically refused to approve certain types of apps, and it has subjected apps to a vetting process that can be slow and mystifying. To the extent that Apple refuses broad categories of apps, this is an appliance approach to computing.

On the other hand, the iPad has a web browser. Modern browsers have become general-purpose platforms for delivering a broad class of applications. Pair a Bluetooth keyboard to your iPad, fire up the browser, and you have a fancy netbook -- a general-purpose device that can run applications of any type.

For the iPad to become a Zittrain-type appliance, two things must happen. First, Apple must remain picky about which apps are available in the App Store. Second, Apple must limit the device's browser so that it lacks the features that make today's browsers viable application platforms. Will Apple be able to limit their product in this way, despite competition from other, more general-purpose tablets? I doubt it.

But even this -- even an appliance-style iPad -- would not be enough to prove Zittrain's thesis. Zittrain argued not just that appliances would exist, but that they would replace general purpose computers. Amazon's kindle is an appliance, but it doesn't prove Zittrain's thesis because nobody is ditching their laptop in favor of a Kindle. Instead, the Kindle is an extra device which is used for its purpose, while the general-purpose device is used for everything else. If the iPad ends up like the Kindle -- a complement to the laptop or netbook, rather than a replacement for it -- this will not prove Zittrain's thesis.

It seems unlikely, then, that the iPad, even if it succeeds, will provide strong support for Zittrain's thesis. General-purpose computers are so useful that we're not likely to abandon them.

UPDATE: A few minutes after posting this, I saw that Zittrain had published his own take on this question.

BitTorrent is popular because it lets anyone distribute large files at low cost. Which kinds of files are available on BitTorrent? Sauhard Sahi, a Princeton senior, decided to find out. Sauhard's independent work last semester, under my supervision, set out to measure what was available on BitTorrent. This post, summarizing his results, was co-written by Sauhard and me.

Sauhard chose a (uniform) random sample of files available via the trackerless variant of BitTorrent, using the Mainline DHT. The sample comprised 1021 files. He classified the files in the sample by file type, language, and apparent copyright status.

Before describing the results, we need to offer two caveats. First, the results apply only to the Mainline trackerless BitTorrent system that we surveyed. Other parts of the BitTorrent ecosystem might be different. Second, all files that were available were equally likely to appear in the sample -- the sample was not weighted by number of downloads, and it probably contains files that were never downloaded at all. So we can't say anything about the characteristics of BitTorrent downloads, or even of files that are downloaded via BitTorrent, only about files that are available on BitTorrent.

With that out of the way, here's what Sauhard found.

File types

46% movies and shows (non-pornographic)
14% games and software
14% pornography
10% music
1% books and guides
1% images
14% could not classify

Movies/Shows

For the movies and shows category, the predominant file format was AVI, and other formats included RMVB (a proprietary format for RealPlayer), MPEG, raw DVD, and some multi-part RAR archives. Interestingly, this section was heavily biased towards recent movies, instead of being spread out evenly over a number of years. In descending order of frequency, we found that 60% of the randomly selected movies and shows were in English, 8% were in Spanish, 7% were in Russian, 5% were in Polish, 5% were in Japanese, 4% were in Chinese, 4% could not be determined, 3% were in French, 1% were in Italian, and other infrequent languages accounted for 2% of the distribution.

Games/Software

For the games and software category, there was no clearly dominant file type, but common file types for software included ISO disc images, multi-part RAR archives, and EXE (Windows executables). The games were targeted for running on different architectures, such as the XBOX 360, Nintendo Wii, and Windows PC’s. In descending order, we found that 74% of games and software in the sample were in English, 12% were in Japanese, 5% were in Spanish, 4% were in Chinese, 2% were in Polish, and 1% were in Russian and French each.

Pornography

For the pornography category, the predominant encoding format was AVI, similar to the movies category. However, there were significantly more MPG and WMV (Windows Media Video) files available. Also, most pornography torrents included the full pornographic video, a sample of the video (a 1-5 minute extract of the video), as well as posters or images of the porn stars in JPEG format. Also, as these videos are not typically dated like movies are, it is difficult to make any remarks regarding the recency bias for pornographic torrents. Our assumption would be that demand for pornography is not as time-sensitive as demand for movies, so it is likely that these pornographic videos constitute a broader spectrum of time than the movies do. In descending order, we found that 53% of pornography in our sample was in English, 16% was in Chinese, 15% was in Japanese, 6% was in Russian, 3% was in German, 2% was in French, 2% was unclassifiable, and Italian, Hindi, and Spanish appeared infrequently (1% each).

Music

For the music category, the predominant encoding format for music was MP3, there were some albums ripped to WMA (Windows Media Audio, a Microsoft codec), and there were also ISO images and multi-part RAR archives. There is still a bias towards recent albums and songs, but it is not as strongly evident as it is for movies—perhaps because people are more willing to continue seeding music even after it is no longer new, so these torrents are able to stay alive longer in the DHT. In descending order, we found that 78% of music torrents in our sample were in English, 6% were in Russian, 4% were in Spanish, 2% were in Japanese and Chinese each, and other infrequent languages appeared 1% each.

Books/Guides

The books/guides and images categories were fairly minor. We classified 15 torrents under books and guides—13 were in English, 1 was in French, and 1 was in Russian. We classified 3 image torrents—one was a set of national park wallpapers, one was a set of pictures of BMW cars (both of these are English), and one was a Japanese comic strip.

Apparent Copyright Infringement

Our final assessment involved determining whether or not each file seemed likely to be copyright-infringing. We classified a file as likely non-infringing if it appeared to be (1) in the public domain, (2) freely available through legitimate channels, or (3) user-generated content. These were judgment calls on our part, based on the contents of the files, together with some external research.

By this definition, all of the 476 movies or TV shows in the sample were found to be likely infringing. We found seven of the 148 files in the games and software category to be likely non-infringing—including two Linux distributions, free plug-in packs for games, as well as free and beta software. In the pornography category, one of the 145 files claimed to be an amateur video, and we gave it the benefit of the doubt as likely non-infringing. All of the 98 music torrents were likely infringing. Two of the fifteen files in the books/guides category seemed to be likely non-infringing.

Overall, we classified ten of the 1021 files, or approximately 1%, as likely non-infringing, This result should be interpreted with caution, as we may have missed some non-infringing files, and our sample is of files available, not files actually downloaded. Still, the result suggests strongly that copyright infringement is widespread among BitTorrent users.

“We stand for a single internet where all of humanity has equal access to knowledge and ideas. And we recognize that the world’s information infrastructure will become what we and others make of it. "

These two sentences, from Secretary of State Clinton's groundbreaking speech on Internet freedom, sum up beautifully the challenge facing our Internet policy. An open Internet can advance our values and support our interests; but we will only get there if we make some difficult choices now.

One of these choices relates to anonymity. Will it be easy to speak anonymously on the Internet, or not? This was the subject of the first question in the post-speech Q&A:

QUESTION: You talked about anonymity on line and how we have to prevent that. But you also talk about censorship by governments. And I’m struck by – having a veil of anonymity in certain situations is actually quite beneficial. So are you looking to strike a balance between that and this emphasis on censorship?

SECRETARY CLINTON: Absolutely. I mean, this is one of the challenges we face. On the one hand, anonymity protects the exploitation of children. And on the other hand, anonymity protects the free expression of opposition to repressive governments. Anonymity allows the theft of intellectual property, but anonymity also permits people to come together in settings that gives them some basis for free expression without identifying themselves.

None of this will be easy. I think that’s a fair statement. I think, as I said, we all have varying needs and rights and responsibilities. But I think these overriding principles should be our guiding light. We should err on the side of openness and do everything possible to create that, recognizing, as with any rule or any statement of principle, there are going to be exceptions.

So how we go after this, I think, is now what we’re requesting many of you who are experts in this area to lend your help to us in doing. We need the guidance of technology experts. In my experience, most of them are younger than 40, but not all are younger than 40. And we need the companies that do this, and we need the dissident voices who have actually lived on the front lines so that we can try to work through the best way to make that balance you referred to.

Secretary Clinton's answer is trying to balance competing interests, which is what good politicians do. If we want A, and we want B, and A is in tension with B, can we have some A and some B together? Is there some way to give up a little A in exchange for a lot of B? That's a useful way to start the discussion.

But sometimes you have to choose -- sometimes A and B are profoundly incompatible. That seems to be the case here. Consider the position of a repressive government that wants to spy on a citizen's political speech, as compared to the position of the U.S. government when it wants to eavesdrop on a suspect's conversations under a valid search warrant. The two positions are very different morally, but they are pretty much the same technologically. Which means that either both governments can eavesdrop, or neither can. We have to choose.

Secretary Clinton saw this tension, and, being a lawyer, she saw that law could not resolve it. So she expressed the hope that technology, the aspect she understood least, would offer a solution. This is a common pattern: Given a difficult technology policy problem, lawyers will tend to seek technology solutions and technologists will tend to seek legal solutions. (Paul Ohm calls this "Felten's Third Law".) It's easy to reject non-solutions in your own area because you have the knowledge to recognize why they will fail; but there must be a solution lurking somewhere in the unexplored wilderness of the other area.

If we're forced to choose -- and we will be -- what kind of Internet will we have? In Secretary Clinton's words, "the world’s information infrastructure will become what we and others make of it." We'll have a free Internet, if we can keep it.

[Last year, I wrote an essay for Princeton's Woodrow Wilson School, summarizing the technology policy challenges facing the incoming Obama Administration. This week they published my follow-up essay, looking back on the Administration's first year. Here it is.]

Last year I identified four information technology policy challenges facing the incoming Obama Administration: improving cybersecurity, making government more transparent, bringing the benefits of technology to all, and bridging the culture gap between techies and policymakers. On these issues, the Administration's first-year record has been mixed. Hopes were high that the most tech-savvy presidential campaign in history would lead to an equally transformational approach to governing, but bold plans were ground down by the friction of Washington.

Cybersecurity : The Administration created a new national cybersecurity coordinator (or "czar") position but then struggled to fill it. Infighting over the job description -- reflecting differences over how to reconcile security with other economic goals -- left the czar relatively powerless. Cyberattacks on U.S. interests increased as the Adminstration struggled to get its policy off the ground.

Government transparency: This has been a bright spot. The White House pushed executive branch agencies to publish more data about their operations, and created rules for detailed public reporting of stimulus spending. Progress has been slow -- transparency requires not just technology but also cultural changes within government -- but the ship of state is moving in the right direction, as the public gets more and better data about government, and finds new ways to use that data to improve public life.

Bringing technology to all: On the goal of universal access to technology, it's too early to tell. The FCC is developing a national broadband plan, in hopes of bringing high-speed Internet to more Americans, but this has proven to be a long and politically difficult process. Obama's hand-picked FCC chair, Julius Genachowski, inherited a troubled organization but has done much to stabilize it. The broadband plan will be his greatest challenge, with lobbyists on all sides angling for advantage as our national network expands.

Closing the culture gap: The culture gap between techies and policymakers persists. In economic policy debates, health care and the economic crisis have understandably taken center stage, but there seems to be little room even at the periphery for the innovation agenda that many techies had hoped for. The tech policy discussion seems to be dominated by lawyers and management consultants, as in past Administrations. Too often, policymakers still see techies as irrelevant, and techies still see policymakers as clueless.

In recent days, creative thinking on technology has emerged from an unlikely source: the State Department. On the heels of Google's surprising decision to back away from the Chinese market, Secretary of State Clinton made a rousing speech declaring Internet freedom and universal access to information as important goals of U.S. foreign policy. This will lead to friction with the Chinese and other authoritarian governments, but our principles are worth defending. The Internet can a powerful force for transparency and democratization, around the world and at home.

The big news today is Google's carefully worded statement changing its policy toward China. Up to now, Google has run a China-specific site, google.cn, which censors results consistent with the demands of the Chinese government. Google now says it plans to offer only unfiltered service to Chinese customers. Presumably the Chinese government will not allow this and will respond by setting the Great Firewall to block Google. Google says it is willing to close its China offices (three offices, with several hundred employees, according to a Google spokesman) if necessary.

This looks like a significant turning point in relations between U.S. companies and the Chinese government.

Before announcing the policy change, the statement discusses a series of cyberattacks against Google which sought access to Google-hosted accounts of Chinese dissidents. Indeed, most of the statement is about the attacks, with the policy change tacked on the end.

Though the statement adopts a measured tone, it's hard to escape the conclusion that Google is angry, presumably because it knows or strongly suspects that the Chinese government is responsible for the attacks. Perhaps there are other details, which aren't public at this time, that further explain Google's reaction.

Or maybe the attacks are just the straw that broke the camel's back -- that Google had already concluded that the costs of engagement in China were higher than expected, and the revenue lower.

Either way, the Chinese are unlikely to back down from this kind of challenge. Expect the Chinese government, backed by domestic public opinion, to react with defiance. Already the Chinese search engine Baidu has issued a statement fanning the flames.

We'll see over the coming days and weeks how the other U.S. Internet companies react. It will be interesting, too, to see how the U.S. government reacts -- it can't be happy with the attacks, but how far will the White House be willing to go?

Please, chime in with your own opinions.

[UPDATE (Jan. 13): I struck the sentence about Baidu's statement, because I now have reason to believe the translated statement I saw may not be genuine.]

FreePress and the National Cable and Telecom Association (NCTA) are talking past each other about TV Everywhere, a new initiative from the cable TV industry. FreePress says TV Everywhere is the cable industry's collusive attempt to limit competition; the NCTA says it's an exciting new product opportunity for consumers. Let's unpack this issue and see who might have a point, and who is blowing smoke.

We're at a critical point in the history of television. In recent years, most people have gotten TV shows from a traditional cable or satellite service. Now more and more people are getting shows on the Internet. Cable companies need to adapt, somehow, or become dinosaurs.

Which brings us to TV Everywhere. The idea, according to the NCTA, is for cable companies to offer their residential subscribers online access to the same shows they get at home. Existing consumers get more, at no extra charge -- who would complain about that? -- but only if they keep buying traditional cable service.

FreePress tells a different story, in which cable industry companies have agreed among themselves that this is their sole Internet distribution strategy. If such an agreement exists, it is problematic -- it looks like a classic market division agreement, which is bad for consumers and (as I understand it) presumptively illegal.

To understand why this would be bad, consider an analogy. Suppose there are only two pizza restaurants in Princeton, Alice's Pizza and Bob's Pizza, and neither one offers home delivery. Customers want delivery, so both restaurants are considering how to provide it. Alice and Bob meet, and they agree that Alice's will only deliver to customers east of Nassau Street, and Bob's will only deliver to customers west of Nassau Street. Alice and Bob have divided the market. Customers suffer because of the lack of competition.

Now obviously Alice and Bob are free to set reasonable limits on where they will deliver. Some customers may be too far away, or too difficult to deliver to for some reason. But customers would rightly complain if Alice and Bob agreed to divide the market. Even if we didn't have smoking-gun evidence of an agreement, there might be very strong circumstantial evidence, for example if Alice offered to deliver to places five miles away while refusing to deliver to homes directly across the street from her Nassau Street restaurant, or if Alice and Bob's restaurants were right next to each other but had totally disjoint delivery areas.

Notice too that Alice and Bob can't get off the hook by pointing out that they are offering a new service -- delivery -- that they had never offered before. The problem is not that they are offering a new service, but that they have agreed not to offer certain other services.

How does this analogy apply to cable TV? Alice and Bob are like the cable companies, which are considering expanding beyond their traditional service. Home delivery of pizza is like Internet delivery of TV shows. As the cable industry expands to offer TV shows on the Internet, are they open to competing against each other, or have they agreed not to do so? If the cable companies have made an agreement to offer online TV shows only to their own residential customers, that looks like an agreement to divide the market -- each company will be offering its product only in the limited geographic areas where it has a cable TV license.

So the key question -- really the only one that matters, as far as I can see -- is whether the cable companies have agreed not to compete. FreePress says, or strongly implies, that there is such an agreement. NCTA says there is not.

Who is right? Unfortunately the publicly available facts are consistent with either theory. Maybe TV Everywhere is just the first step and the cable companies will soon enough be competing with each other to distribute shows to Internet customers wherever they may be. Or maybe the companies have decided as a group to restrict themselves to TV Everywhere style services within geographic limits (or to otherwise restrict business models or prices).

At this point we can't tell who is right. FreePress offers indirect but suggestive circumstantial evidence that questionable discussions might have occurred within the cable industry. The NCTA mostly just changes the subject, talking about the complexity of their industry and praising cable companies for offering shows on the Internet at all.

Unfortunately, public discourse about industry structure often confuses issues like this. We often say things like "the cable industry is worried about X" or "the cable industry wants Y". That could be a kind of shorthand, meaning that the individual companies in the industry, facing competitive pressures, generally tend to worry about X or to want Y -- perfectly reasonable market behavior. Or it could reflect an assumption that the industry acts as a unit, which of course is problematic. This ambiguity is especially common in political/policy debates, to our detriment. We'd be better off talking saying things like "cable companies worry about X" or "cable companies want Y", just to remind ourselves that these are supposed to be independent actors who decide independently what they want.

For now, I'd say the cable companies bear watching. As the companies lay out their Internet strategies and products, I hope the antitrust authorities are watching closely. If the cable companies are really acting as competing companies, this will be obvious from their actions.

Here are our predictions for 2010. These are based on input from Ari Feldman, Ed Felten, Alex Halderman, Joseph Lorenzo Hall, Tim Lee, Paul Ohm, David Robinson, Dan Wallach, Harlan Yu, and Bill Zeller. Please note that individual contributors (including me) don't necessarily agree with all of these predictions.

(1) DRM technology will still fail to prevent widespread infringement. In a related development, pigs will still fail to fly.

(2) Federated DRM systems, such as DECE and KeyChest, will not catch on.

(3) Content providers will crack down on online sites that host unlicensed re-streaming of live sports programming. DMCA takedown notices will be followed by a lawsuit claiming actual knowledge of infringing materials and direct financial benefits.

(4) Major newspaper content will continue to be available online for free (with ads) despite cheerleading for paywalls by Rupert Murdoch and others.

(5) The Supreme Court will strike down pure business model patents in its Bilski opinion. The Court will establish a new test for patentability, rather than accepting the Federal Circuit's test. The Court won't go so far as to ban software patents, but the implications of the ruling for software patents will be unclear and will generate much debate.

(6) Patent reform legislation won't pass in 2010. Calls for Congress to resolve the post-Bilski uncertainty will contribute to the delay.

(7) After the upcoming rulings in Quon (Supreme Court), Comprehensive Drug Testing (Ninth Circuit or Supreme Court) and Warshak (Sixth Circuit), 2010 will be remembered as the year the courts finally extended the full protection of the Fourth Amendment to the Internet.

(8) Fresh evidence will come to light of the extent of law enforcement access to mobile phone location-data, intensifying the debate about the status of mobile location data under the Fourth Amendment and electronic surveillance statutes. Civil libertarians will call for stronger oversight, but nothing will come of it by year's end.

(9) The FTC will continue to threaten to do much more to punish online privacy violations, but it won't do much to make good on the threats.

(10) The new Apple tablet will be gorgeous but expensive. It will be a huge hit only if it offers some kind of advance in the basic human interface, such as a really effective full-sized on-screen keyboard.

(11) The disadvantages of iTunes-style walled garden app stores will become increasingly evident. Apple will consider relaxing its restrictions on iPhone apps, but in the end will offer only rhetoric, not real change.

(12) Internet Explorer's usage share will fall below 50 percent for the first time in a decade, spurred by continued growth of Firefox, Chrome, and Safari.

(13) Amazon and other online retailers will be forced to collect state sales tax in all 50 states. This will have little impact on the growth of their business, as they will continue to undercut local bricks-and-mortar stores on prices, but it will remove their incentive to build warehouses in odd places just to avoid having to collect sales tax.

(14) Mobile carriers will continue locking consumers in to long-term service contracts despite the best efforts of Google and the handset manufacturers to sell unlocked phones.

(15) Palm will die, or be absorbed by Research In Motion or Microsoft.

(16) In July, when all the iPhone 3G early adopters are coming off their two-year lock-in with AT&T, there will be a frenzy of Android and other smartphone devices competing for AT&T's customers. Apple, no doubt offering yet another version of the iPhone at the time, will be forced to cut its prices, but will hang onto its centralized app store. Android will be the big winner in this battle, in terms of gained market share, but there will be all kinds of fragmentation, with different carriers offering slightly different and incompatible variants on Android.

(17) Hackers will quickly sort out how to install their own Android builds on locked-down Android phones from all the major vendors, leading to threatened or actual lawsuits but no successful legal action taken.

(18) Twitter will peak and begin its decline as a human-to-human communication medium.

(19) A politican or a candidate will commit a high-profile "macaca"-like moment via Twitter.

(20) Facebook customers will become increasingly disenchanted with the company, but won't leave in large numbers because they'll have too much information locked up in the site.

(21) The fashionable anti-Internet argument of 2010 will be that the Net has passed its prime, supplanting the (equally bogus) 2009 fad argument that the Internet is bad for literacy.

(22) One year after the release of the Obama Administration's Open Government Directive, the effort will be seen as a measured success. Agencies will show eagerness to embrace data transparency but will find the mechanics of releasing datasets to be long and difficult. Privacy-- how to deal with personal information available in public data-- will be one major hurdle.

(23) The Open Government agenda will be the bright spot in the Administration's tech policy, which will otherwise be seen as a business-as-usual continuation of past policies.

As usual, we’ll kick off the new year by reviewing the predictions we made for the previous year. Here now, our 2009 predictions, in italics, with hindsight in ordinary type.

(1) DRM technology will still fail to prevent widespread infringement. In a related development, pigs will still fail to fly.

By tradition this is our first prediction, and it has always been accurate. Guess what our first 2010 prediction will be? Verdict: right.

(2) Patent reform legislation will come closer to passage in this Congress, but will ultimately fail as policymakers wait to determine the impact of the Bilski case's apparent narrowing of business model patentability.

Everyone agrees that patent reform is needed, but no specific bill is close to passage, and everyone is waiting for the Supreme Court's Bilski decision. Verdict: right.

(3) As lawful downloading of music and movies continues to grow, consumer satisfaction with lossy formats will decline, and higher-priced options that offer higher fidelity will begin to predominate. At least one major online music service will begin to offer music in a lossless format.

People seem to accept lossy formats. Verdict: wrong.

(4) The RIAA's "graduated response" initiative will sputter and die because ISPs are unwilling to cut off users based on unrebutted accusations. Lawsuits against individual end-user infringers will quietly continue.

"Graduated response" has gotten lots of talk but hasn't had much of a practical impact yet. Verdict: mostly right.

(5) The DOJ will bring criminal actions against big-time individual copyright infringers based on data culled from the server logs of a large "private" BitTorrent community.

I don't think this happened. Verdict: wrong.

(6) Questions over the enforceability of free / open source software licenses will move closer to resolution.

Debate continued, but I don't recall any major legal rulings on this issue. Verdict: mostly wrong.

(7) NebuAd and the regional ISPs recently sued for deploying NebuAd's advertising system will settle with the class action plantiffs for an undisclosed sum. At least in part because of the lawsuit and settlement, no U.S. ISP will deploy a new NebuAd/Phorm-like system in 2009. Meanwhile, Phorm will continue to be successful with privacy regulators in the UK and will sign up reluctant ISPs there who are facing competitive pressure. Activists will raise strong objections to no avail.

NebuAd is now dead and Phorm appears to be in trouble. US ISPs steered clear of them after strong pushback from consumers and legislators. Phorm seemed to have some preliminary deals with ISPs in the UK, but it appears that they have not yet had a wide deployment there (since an early pilot program in 2007). Verdict: mostly right.

(8) The federal Court of Appeals for the Ninth Circuit will hear oral argument in the case of U.S. v. Lori Drew, the Megan Meier/MySpace prosecution. By year's end, the Ninth Circuit panel still will not have issued a decision, although after oral argument, the pundits will predict a 3-0 or 2-1 reversal of the conviction.

The Drew case did not reach the Ninth Circuit, because the original trial judge set aside the jury's guilty verdict. Verdict: wrong.

(9) As a result of the jury's guilty verdict in U.S. v. Lori Drew, dozens of plaintiffs will file civil lawsuits in 2009 alleging violations of the federal Computer Fraud and Abuse Act premised on the theory that one can "exceed authorized access" or act "in excess of authorization" by violating Terms of Service. Thankfully, the Department of Justice won't bring any other criminal cases premised on this theory, at least not until it sees how the Ninth Circuit rules.

Despite worries, we didn't see many such lawsuits. The DoJ did not bring criminal cases. Verdict: mostly wrong.

(10) The Computer Fraud and Abuse Act (CFAA) will be the new DMCA. Many will argue that the law needs to be reformed, but this argument will struggle to gain traction with the lay public, notwithstanding the fact that lay users face potential liability for routine behaviors due to CFAA overbreadth.

This hasn't happened, at least not yet. There are concerns about the CFAA, but the issue hasn't gotten tracttion. Verdict: mostly wrong.

(11) An academic security researcher will face prosecution under the CFAA, anti wire tapping laws, or other computer intrusion statutes for violations that occurred in the process of research.

Thankfully, this didn't happen. Verdict: wrong.

(12) An affirmative action lawsuit will be filed against a university, challenging the use of a software algorithm used in evaluating applicants.

Verdict: wrong.

(13) There will be lots of talk about net neutrality but no new legislation, as everyone waits to see how the Comcast/BitTorrent issue plays out in the courts.

There has been lots of talk but no legislation passed. The main action on net neutrality seems to be in the FCC. Verdict: right.

(14) The Obama administration will bring an atmosphere of antitrust enforcement to the IT industry, but no major cases will be brought in 2009.

The atmosphere is indeed more pro-enforcement. We almost made it to the end of the year without a major case being filed, but then the FTC brought a case against Intel in mid-December. Verdict: mostly right.

(15) The new administration will be seen as trying to "reboot" the FCC.

There are certainly changes at the FCC, but not a full-on reboot. Verdict: mostly wrong.

(16) One of the major American voting system manufacturers (Diebold/Premier, Sequoia, ES&S, or Hart InterCivic) will go out of business or be absorbed into one of its rivals.

ES&S bought Premier. This was one of our best calls. Verdict: correct.

(17) The federal voting machine certification regime will increasingly be seen as a failure. States will strengthen their own certification processes, and at least one major state will stop requiring federal certification. The failure of the federal process to certify systems or software patches in a timely fashion will be cited as a reason for this move.

Consensus is growing that the certification regime is expensive and ineffective. But not much has changed on the state level. Verdict: mostly wrong.

(18) Estonia and other countries will continue experimenting in real elections with online or mobile phone voting. They will claim that these trials are successful because "nothing went wrong." Security analysts will continue to claim that these systems are fundamentally flawed and will continue to be ignored. Exactly the same thing will continue to happen with U.S. overseas and military voters.

Verdict: right.

(19) We'll see the first clear-cut evidence of a malicious attack on a voting system fielded in a state or local election. This attack will exploit known flaws in a "toe in the water" test and vendors will say they fixed the flaw years ago and the new version is in the certification pipeline.

Thankfully, this didn't happen. Verdict: wrong.

(20) U.S. federal government computers will suffer from at least one high-profile compromise by a foreign entity, leaking a substantial amount of classified or highly sensitive information abroad.

Such a breach probably happened -- what are the odds that such a large number of computers could be secured continuously for a year -- but I don't recall a "high-profile" compromise. Verdict: mostly wrong.

(21) There will be one or more major Internet outages attributed to attacks on DNS, BGP, or other Internet plumbing that is immediately labeled an act of "cyber-warfare" or "cyber-terrorism." The actual cause will be found to be the action of spammers or other professional Internet miscreants.

Thankfully, such attacks did not happen. Verdict: wrong.

(22) Present flaws in the web's Certification Authority process, such as the MD5 issue or the leniency of some CAs in issuing certificates, will lead to regulation of the CA process. Among other things, there will be calls for restrictions on which CAs can issue certs for which Top Level Domains.

The CA process does have serious problems, but regulators have not stepped in. Verdict: mostly wrong.

(23) One or more major Internet services or top-tier network providers will experience prolonged failures and/or unrecoverable data severe enough that the company's president ends up testifying before Congress about it.

The closest thing to this kind of failure was Danger's loss of customer data. In the end, most of the data was recoverable; and no Congressional testimony occurred. Verdict: mostly wrong.

(24) Shortly after the start of the new administration, the TSA will quietly phase out the ban on flying with liquids or stop enforcing it in practice. The color-coded national caution levels (which have remained at "orange" forever) will be phased out.

Practical enforcement of the liquid ban became spotty. We still had to separate our liqud-baggie at the checkpoint, but in practice the TSA almost never complained about larger containers left in carry-ons. Of course, all this may have changed due to the attempted attack last week. The color-coded caution levels remained in place. Verdict: mostly wrong.

(25) All 20 of the top 20 U.S. newspapers by circulation will experience net reductions in their newsroom headcounts in 2009. At least 15 of the 20 will see weekday circulation decline by 15% or more over the course of the year. By the end of the year, at least one major U.S. city will lack a daily newspaper.

This one is tough to check exhaustively. Preliminary research shows headcount reductions at all major papers. Circulation fell at all of the top-20 papers that reported figures, but not by as much as we predicted. Half saw a 10% drop but only about a quarter saw a drop of 15% or more. We're not sure if there's a major U.S. city without a daily -- it probably depends on what counts as "major". On the whole, things were bad but not quite as bad as we predicted. Verdict: mostly right.

(26) Advertising spending in older media will plummet, but online ad spending will be roughly level, as advertisers warm to online ads whose performance is more easily measured. Traditional media will be forced to offer advertisers fire sale prices, and the ratio of content to advertising in many traditional media outlets will increase.

This one is hard to evaluate but is consistent with anecdotal reports. Verdict: mostly right.

(27) An embarrassing leak of personal data will emerge from one or more of the social networking firms (e.g., Facebook), leading Congress to consider legislation that probably won't solve the problem and will never actually reach the floor for a vote.

We didn't see an accidental leak, but Facebook's privacy changes late in the year are a lesser version of what we predicted. It's not clear yet what if anything Congress will do. Verdict: mostly wrong.

(28) Facebook will be sold for $4 billion and Mark Zuckerberg will step down as CEO.

Verdict: wrong.

(29) Web 2.0 startups will not be hammered by the economic downtown. In fact, web 2.0 innovation may prove to be countercyclical. Costs are controllable: today's workstyles don't require lavish office space, marketing can be viral, and pay-as-you-go computing services eliminate the need for big upfront investments in infrastructure. Laid off big-company workers and refugees from the financial world will keep skilled wages low. The surge in innovation will be real, but its effects will mostly be felt in future years.

It's hard to judge this, but I think it was right. Innovation continued to be robust, even though investment capital was (relatively) scarce. Verdict: right.

(30) The Blu-ray format will increasingly be seen as a failure as customers rely more on online streaming.

Blu-ray growth has been disappointing, but streaming of movies has not shown as much growth as we predicted. Verdict: mostly right.

(31) Emboldened by Viacom's example against Time Warner, TV network owners will increasingly demand higher payments from cable companies with the threat of moving content online instead. Cable companies will attempt to more heavily limit the content that network owners can host on Hulu and other sites.

Verdict: right.

(32) The present proliferation of incompatible set-top boxes that aim to connect your TV to the Internet will lead to the establishment of a huge industry consortium with players from three major interest groups (box builders, content providers, software providers), reminiscent of the now-defunct SDMI consortium, and with many of the same members. In 2009, they will generate a variety of press releases but will accomplish nothing.

An initiative called DECE tried to do exactly this, with the predicted results. Verdict: right.

(33) A hot Christmas item will be a cheap set-top box that allows normal people to download, organize, and view video and audio podcasts in their own living rooms. This product will work with all of the major free online sources of audio and video, and a few of the paid sources.

This prediction made a certain amount of market sense but, realistically, there would have been no way to negotiate the necessary permissions. Verdict: wrong.

(34) Internet Explorer's usage share will fall below 50 percent for the first time in a decade, spurred by continued growth of Firefox and Safari and deals with OEMs to pre-load Google Chrome.

IE's share is falling but is still above 60%. Chrome didn't get many (any?) OEM deals. Verdict: mostly wrong.

(35) Somebody besides Apple will sell an iPod clone that's a drop-in replacement for a real iPod, complete with support for iTunes DRM, video playback, and so forth. Apple will sue (or threaten to sue), but won't be able to stop distribution of this product.

Verdict: wrong.

(36) Apple will release a netbook, which will be a souped-up iPhone with an 8" screen and folding keyboard. It will sell for $899.

This didn't happen. Instead, we will apparently get the long-rumored Apple tablet computer, a souped-up iPhone with a 8-10" screen, selling for $800 or so. Verdict: wrong.

(37) No white space devices will be approved for use by the FCC. Submitted spectrum sensing devices will fare well in both laboratory and field tests, but approval will be delayed politically by the anti-white space lobby.

Verdict: right.

(38) More and more Internet traffic will encrypted, as concern grows about eavesdropping, content modification, filtering, and security attacks.

Concern about traffic modification is growing, but we haven't seen much growth in encryption. Verdict: mostly wrong.

The bottom line: 9 right, 6 mostly right, 12 mostly wrong, 11 wrong. Our goal was to make bolder predictions than in previous years, and we did succeed in that respect. Our accuracy suffered accordingly. Interesting, provocative predictions are rarely safe, but still I would have preferred a higher success rate.

Stay tuned for our 2010 predictions.

Facebook is once again clashing with its users over privacy. As a user myself, I was pretty unhappy about the recently changed privacy control. I felt that Facebook was trying to trick me into loosening controls on my information. Though the initial letter from Facebook founder Mark Zuckerberg painted the changes as pro-privacy -- which led more than 48,000 users to click the "I like this" button -- the actual effect of the company's suggested new policy was to allow more public access to information. Though the company has backtracked on some of the changes, problems remain.

Some of you may be wondering why Facebook users are complaining about privacy, given that the site's main use is to publish private information about yourself. But Facebook is not really about making your life an open book. It's about telling the story of your life. And like any autobiography, your Facebook-story will include a certain amount of spin. It will leave out some facts and will likely offer more and different levels of detail depending on the audience. Some people might not get to hear your story at all. For Facebook users, privacy means not the prevention of all information flow, but control over the content of their story and who gets to read it.

So when Facebook tries to monetize users' information by passing that information along to third parties, such as advertisers, users get angry. That's what happened two years ago with Facebook's ill-considered Beacon initiative: Facebook started telling advertisers what you had done -- telling your story to strangers. But perhaps even worse, Facebook sometimes added items to your wall about what you had purchased -- editing your story, without your permission. Users revolted, and Facebook shuttered Beacon.

Viewed through this lens, Facebook's business dilemma is clear. The company is sitting on an ever-growing treasure trove of information about users. Methods for monetizing this information are many and obvious, but virtually all of them require either telling users' stories to third parties, or modifying users' stories -- steps that would break users' mental model of Facebook, triggering more outrage.

What Facebook has, in other words, is a governance problem. Users see Facebook as a community in which they are members. Though Facebook (presumably) has no legal obligation to get users' permission before instituting changes, it makes business sense to consult the user community before making significant changes in the privacy model. Announcing a new initiative, only to backpedal in the face of user outrage, can't be the best way to maximize long-term profits.

The challenge is finding a structure that allows the company to explore new business opportunities, while at the same time securing truly informed consent from the user community. Some kind of customer advisory board seems like an obvious approach. But how would the members be chosen? And how much information and power would they get? This isn't easy to do. But the current approach isn't working either. If your business is based on user buy-in to an online community, then you have to give that community some kind of voice -- you have to make it a community that users want to inhabit.