Toward a Technology Bill of Rights

A few hundred years ago, the world was a vastly different place by just about any measure. In fact, it was 220 years ago this year that the Bill of Rights was first introduced in order to explicitly lay out the rights of the people in the brand-new democracy of the United States of America. We’re all well versed in the Bill of Rights (or at least we should be), and it forms much of the basis of modern law. The impetus for the creation of the Bill of Rights was the tyranny of the rulers in Britain and its effect on the colonies. As with much of human history, it takes a significant problem to cause the creation of a significant change to society. We may be nearing that point right now, and the time may soon be right for another Bill of Rights — one centered around technology.

[ Keep up on the day’s tech news headlines with InfoWorld’s Today’s Headlines: First Look newsletter and InfoWorld Daily podcast. ]

Here are a few potential elements of a Technology Bill of Rights:

Article 1. Any individual shall be able to choose anonymity when posting to Internet sites The fact that many open comment pages rapidly fall into a cesspool of human waste is not lost on anyone. It’s a sad commentary on the state of our society, but it also brings this problem into the light — you may not know you had termites unless you looked, for instance. But the fact that a few people consistently pee in the pool doesn’t mean that everyone else must suffer. Anonymity on the Internet is very important part of the Internet subculture. Yes, it’s likely that discourse would improve if every post written on a message board had the author’s real name attached, but there would be far fewer comments, and Internet communities would languish. Let’s be straight — if someone absolutely wants to post anonymously, they will find a way do so, whether allowed or not. Thus, the right to basic anonymity should be maintained. Besides, in the vast majority of cases, an anonymous post will still be traceable to some degree by the site admins, but not by the casual reader.

Article 2. No network provider may constrain or restrict access to the Internet in any way, shape, or form other than agreed-upon access speeds This is Net neutrality, and it’s of vital importance. The pathways to the Internet should never be artificially constrained by one company, and the concept of doing so is tantamount to censorship if there are no other alternatives. Much of the population of the United States lives in areas that are served by only one broadband carrier; thus, there isn’t even an option for those people to switch providers to escape problems such as this. If there was a modern-day definition of technological tyranny, most broadband providers would fit the description.

Article 3. No individual shall be held liable for effects of malware or malicious code unknowingly run on a personal computer This one was added with Julie Amero in mind. To make her very long story short, in 2004, Amero was a substitute teacher in New London, Conn., who walked into a classroom where unsupervised students had been playing on the classroom PC. Subsequently, pornographic images began popping up on the computer screen, a very common effect of a malware infestation. Amero was later convicted on charges of injury to a minor and impairing the morals of a child. She faced a 40-year prison sentence for those charges. The school lacked any form of reasonable Web content filtering, and the “expert” witness in the case himself admitted that the computer was never checked for malware, yet Amero was still convicted.

The conviction was eventually overturned in November 2008, but she lost her Connecticut teaching license. This case was built on sheer ignorance, but must serve some good for all the pain and suffering it caused. A right such as this might be just the thing. Unless and until Microsoft (or anyone else) can prove unequivocally that it is not possible for a third party to surreptitiously gain control over a computer without the knowledge of the operator, the fact that illegal activities may have been conducted from or on that computer must be considered hearsay. It’s a double-edged sword to some degree, but still necessary.

Article 4. A company that produces and sells closed source software for use on computers shall be responsible for the security of that product, and a user has a right to seek damages in the event of a failure to secure their product Related to Article 3, this is a sticky one. On the one hand, a company should be held responsible for damages caused by negligence in their product. On the other hand, attributing this to computer software could be extremely problematic to proprietary software companies. Maybe it should be met halfway — a proprietary software company is compelled by law to immediately notify the public when vulnerabilities are discovered in their products. They are then granted two weeks to issue a patch to fix the problem. If not, they face increasing fines for every day a patch is not released. Also, there should be a mandatory update check in every product. This is far from a perfect implementation, but some form of this concept needs to be introduced.

Article 5. Any software or hardware used to conduct or support laws and public policy shall be open-source Software is everywhere, but who’s writing it? Has anyone but the company producing the software every verified the code? As time marches on, we will continue to use software to perform functions vital to our safety and our freedoms. Much as the Sixth Amendment of the real Bill of Rights states that the accused has the right “to be confronted with the witnesses against him,” we need to update our definition of the witness.

Bruce Schneier discusses a specific problem related to this, arriving in the form of the breathalyzer. The code used in this particular breathalyzer is closed source and could not be independently verified for accuracy until after a two-year legal battle relating to a DUI case. An independent party inspected the code and found multiple significant problems relating to the proper operation of the device and the results generated by the device. If a DUI conviction is obtained solely on the readings of this device, it counts as an eyewitness, and should be held as accountable as any other witness, but that is not currently possible. The same goes for red-light cameras, radar/laser speed guns, and a whole host of other technology used to provide data used to convict people of various crimes. The other application of this right would be voting machines, obviously. Errors — malicious or not — in devices used to convict a single individual is a terrible thing. Errors — malicious or not — in devices used to elect our leaders is deeply disturbing and simply inexcusable. There is absolutely no reason whatsoever that these devices should not be running open source code.

Article 6. Any media content legally purchased by an individual shall be available for private use on any device, at any time Yes, the DRM article — this one comes directly from the problems facing a large number of people who “purchased” content such as songs from online retailers, only to completely lose access to those purchases when the retailer decided to shut down the authorization servers or similar issues faced by anyone spending money on digital goods. If a person has purchased media, they should be able to retrieve that media on any device they control at any time: from a PC to a Mac to an iPod to whatever. The entertainment industry has long had a built-in media control device simply due to the distribution method of that media — the cassette, the CD, the DVD. With digital files they lose that control, but that shouldn’t mean that the purchaser should lose their rights to use their purchase either. I’m not going to go further into this debate, since both sides are deeply entrenched already.

With a new age and new technologies follow new laws. However, those laws should distinctly grant rights to the citizens of the country as well as outlining legal issues pertaining to that technology. We need legislation like this, not just in the United States, but throughout the civilized world. Utopian ideal? Perhaps, but it’s a necessity nevertheless.

These six made it to the top of my list, but there are sure to be more. Have any ideas?