The Cost of Control
Legislation now pending would make tamperproofing the law of the land. Senator Fritz Hollings (D-South Carolina) has introduced a bill that would require all electronic devices-from computers to Furby toys-to have built into them some form of rights-management or security software that would limit users’ rights to inspect and modify them. According to Hollings’s office, the measure is intended to prod the electronics and media industries to come to an agreement on security standards.Some information technology experts remain sanguine. Even if the Hollings bill becomes law, they contend, competition and market pressures will preserve people’s freedom to modify the technological products they buy. Mark Granovetter, a professor of sociology at Stanford University, says that a massive public backlash would prevent Microsoft from implementing the Secure Computing Base.
Others, however, are more pessimistic. Jonathan Zittrain, a professor of information law at Harvard, foresees the introduction of “closed, appliance-like devices as substitutes for the general PC.” Such appliances would be more reliable than PCs but would offer their owners less control. Zittrain fears the end of what will be seen, in retrospect, as a fleeting era of computer freedom. “A diverse and vibrant community of independent software developers and vendors,” he says, may have been “a transitory phenomenon of the 1980s and 1990s.”
If Zittrain’s prophecy proves correct, the locked-down landscape of technology will disappoint its architects. First, incapacitation will not eliminate the costs of accountability but rather shift them. A regime of constraints depends on laws banning technologies that would defeat or circumvent the control schemes, and those bans will need to be enforced. Second, protection may degrade data, if only subtly, and introduce bugs that may stain a brand’s reputation and compromise its market share.
Most seriously, forms of control that work through incapacitation will undermine the chaotic, dynamic society that made the personal-computing revolution possible in the first place. Powerless against determined pirates, they would strike hardest at creative customers, such as the chip-modifying fans who have breathed new life into moribund computer games-the very people whose ideas could help develop new generations of lucrative products. As MIT management professor Eric von Hippel wrote in 2001 in the Sloan Management Review, “innovations that only a few leaders use today may be in general demand tomorrow”-especially, he says, if early adopters “have a chance to innovate, to learn by doing, and to develop the general utility of their innovations.” Incapacitating designs will slam the door in the faces of these vital supertinkerers.
Incapacitation would also limit the academic training of companies’ future technical staff. Freedom to tinker-defined by Felten as “your freedom to understand, discuss, repair, and modify the technological devices that you own”-benefits technology industries most of all. Even the film industry needs young people who have had free access to the nuts and bolts of digital graphics and special effects, and I’ll bet that Microsoft doesn’t make its young Xbox game-programming recruits sign an affidavit that they have never violated an end-user license agreement. New hardware security is manifestly a good idea for servers with sensitive information. There is a good case for new levels of protection, like the Microsoft scheme, for these vulnerable sites. But if they extend incapacitation too far, the builders of the Trojan mouse may find themselves caught in their own trap.