June 14, 2008 · Lessig
I’ve gotten lots of email and comments about my criticism of privacy-revealing behavior related to Chief Judge Kozinski. After reading that criticism, I am more convinced.
- Privacy is not determined by technology: The core point that’s important to me here is to reject the sense many have that “privacy” is that stuff you can’t get access to technically. So something’s private if encrypted, but if there’s a way for me to hack into it, it is public. I reject that sense of the norm of privacy. Think of a party line telephone. Anyone on the party line had a simple ability to pick up the telephone and listen to any conversation going on. But if you did that, others would rightly call you a louse. You had invaded the privacy of the people having a telephone call, even though it was technically trivial to listen to that private conversation.
- This FTP server was improperly configured (given its use): Though you could access this (or practically any) FTP site through the web, this was not a web site. It was a file server. Just like the server that contains the files for this blog, that means it enables people to get access to files. But it also enables the maintainer to control who gets access to what files. So with this blog, if you download a file I’ve linked from the blog, you can easily figure out what directory that file is located in. But you can’t (without serious hacking) see the other files in that directory, or see the directory structure. That’s because those friends who have helped me set this up have disabled that ability. Yale Kozinski apparently didn’t with the Kozinski server. So again, as with the party line, it was trivial to see all the files in any particular directory, or the directory structure. But that doesn’t make peddling the list of stuff kept on the server to news organizations not a violation of privacy.
- Metaphors are metaphors.: My original metaphor here was about someone jiggering a lock and breaking in. That was a metaphor. As with any metaphor, there are an infinite number of ways the metaphor is like the particular example, and an infinite number of ways it is unlike the particular example. The parts I found analogous were these: like someone breaking in, the litigant went where he wasn’t invited; like someone breaking in, the litigant found stuff in a place anyone could have placed it; like the den where anyone could place stuff, you can’t know who is responsible for whatever is there; like the den in a private house, privacy means not having to defend or explain what is in your den. As I explained in the comments, I didn’t mean the metaphor to suggest the litigant was a criminal for trespassing. As many of you know, I am not a believer in the trespass theory of cyberspace. But just because you’re not a criminal doesn’t mean you’re not a chump.
- “Hacker”: I called the litigant a “hacker.” That was the nicest thing I said about him. I do not subscribe to the view that “hacker” predicates only of criminals. RMS is famous for his greeting “Happy hacking.” It means nothing more than someone who explores. But again, that it is a good thing to explore does not mean it is a good thing to wander into someone’s den.
- The irrelevance of the MP3s.: Some suggest my view would have been different had I known the judge had MP3s on his site. Those sorts are wrong. Indeed, I did know he had a few MP3s on his site — the first reporter calling me about this told me that. That fact does not change anything in the analysis. As the Fed Circuit has indicated in an unrelated case, an unindexed FTP site is not a “public” site. The fact that you have copyrighted MP3s on a nonprivate site does not make you a copyright infringer. Kozinski was not offering this content to the world. The fact that some Russian MP3 sites found it doesn’t change Kozinski’s responsibility. Obviously while I don’t support the practice of wrongful distribution of copyrighted material, I certainly do believe people have the right to space-shift their material, and even share it with a friend (“Hey, listen to this…”) That’s all that’s happening here.
- Your privacy should not depend upon your political party.: This also disappoints me here — the schadenfreude. Here’s a Republican judge getting in trouble for racy content with questionable copyright status. So we (or some of us) liberals get all outraged and angry at his bad behavior. But had the politics been different, would the reaction have been the same? Privacy, in my view, is more important than this. A Republican judge deserves his privacy as much as the rest of us.
I’ll add to this as I think of it. Now I’m late to taking my kid to see Alcatraz.