google

In June, Presidential candidate Hillary Clinton surprised business leaders by issuing a detailed Technology and Innovation platform.  Tech issues rarely feature in Presidential campaigns, but Clinton seems determined to shore up an already strong position in Silicon Valley by promising an administration that recognizes the singular role disruptive innovation has played in driving U.S. economic growth over the last two decades.

Clinton’s plan may have been designed to deflect concern here in California and other innovation hubs about growing criticism of the tech economy from the Obama Administration and Democrats on the left.  Just a day after Clinton released her plan, for example, Sen. Elizabeth Warren, who has taken an increasingly active role in the campaign, directly attacked leading technology companies including Apple, Amazon and Google, hinting that they had grown too large to escape the blunt instrument of antitrust to break them up.

Overall, the Clinton agenda is something of a dog’s breakfast, mixing unlikely promises for significantly increased federal spending in education, basic research, and infrastructure with more specific reforms in such hot-button areas as immigration, intellectual property, and tech infrastructure.

Though nearly every aspect of the plan would require a cooperative Congress, there is still much to admire in the particulars, and, more to the point, much that innovators and their investors have wanted to hear from Washington for a long time:

Immigration - Among Silicon Valley’s highest priorities, for example, Clinton promises “comprehensive” immigration reform, including a pledge to “staple a green card” to the diplomas of non-U.S. masters and PhD students in science and engineering, “enabling international students who complete degrees in these fields to move to green card status.”  No technology company would object to that proposal.

Patents - Clinton also pledges to fix the badly out-of-balance patent system, although here the promised reforms are modest.  Clinton endorses legislation floating around Congress that would break the stranglehold of the notoriously plaintiff-friendly Eastern District of Texas, which openly courts patent trolls and frivolous litigation.  But there is no mention of larger patent issues, notably the scaling back or eliminating patent protection for software and business methods, an invention of the courts and the patent office in recent years.  The consensus, even among many leading software providers, is that those new categories have done far more harm than good.

Copyright - On copyrights, Clinton promises a law that would “unlock” a ballooning number of older written and audio-visual works that, thanks to repeated and retroactive copyright extensions on behalf of Disney and other large rights holders, can’t be licensed or used because no one knows who owns them anymore.  (Liberation of so-called “orphan works” would have been enabled by a proposed settlement in a case involving wholesale scanning by Google Books, but that settlement was scuttled in 2011.  Google went on to win the case outright.)  The Clinton plan is silent, however, on scaling back the expanding copyrights that created the orphan works problem—and others—in the first place.

The Sharing Economy - During the primaries, both Sen. Bernie Sanders and Secretary Clinton raised repeated concerns about new “sharing economy” services, including Uber and TaskRabbit, that help contractors and freelancers coordinate their work through network technologies.  Sanders dismissed these services as “unregulated” and said he had “serious problems” with Uber in particular.  For her part, Clinton said last year that network-based employment raised “hard questions about workplace protections and what a good job will look like in the future.”

Clinton’s Tech and Innovation plan is more measured, if non-committal, about whether she sees the sharing economy as a direct attack on unions and labor regulators.  She promises only to “convene a high level working group of experts, business and labor leaders to recommend how best to ensure that people have the benefits and security they need no matter how they work.”  Depending on what specific “benefits and security” her experts believe casual workers need, that could mean either an endorsement of the sharing economy or its death by a thousand regulations.

Broadband Infrastructure - The recent decision by the Federal Communications Commission, at the urging of the White House, to transform Internet access into a public utility has already spooked investors, who spent nearly $1.5 trillion over the previous twenty years continually upgrading broadband infrastructure even as America’s roads, bridges, water pipes, gas mains and electrical grid—the actual public utilities—fell catastrophically behind.  (D.C.’s own Metro system, once the city’s pride and joy, is largely closed for the summer for repairs.)

On that front, the Clinton agenda gets a mix grade.  On the positive side, the candidate strongly endorses reducing regulatory barriers (largely at the state and local level, however) that unnecessarily deter more and more efficient private infrastructure, including “dig once” and “climb once” policies to encourage faster deployment of, respectively, fiber optic cable and next-generation mobile equipment.

But at the same time, and even as the Clinton plan waves in the direction of continued Internet self-governance under the multistakeholder process that has worked so well, Secretary Clinton “strongly supports” the idea that Internet access should be closely regulated as a utility.  As I’ve argued before, that approach is bound to slow both the speed and size of investments in continued infrastructure improvements.

Radio Spectrum for 5G Networks – On the plus side of the ledger, Clinton promises to continue President Obama’s support for next-generation mobile networks, known as 5G, which utilize densely-packed cellular antennae and higher-band radio spectrum to offer as much as 100 times the speed and capacity of today’s wireless Internet. Secretary Clinton promises to release spectrum warehoused by the federal government itself, and to support a mix of licensed, unlicensed, and shared new frequencies that will accelerate nascent 5G applications including the Internet of Things and autonomous vehicles, as well as increasingly high-definition video.

Internet Adoption -  The Clinton plan also promises to expand broadband entitlement programs aimed at closing what remains of the digital divide.  But these programs, including the troubled Broadband Technology Opportunities Fund, have had limited (if any) success.  So far, they’ve produced little besides wasted taxpayer billions and corruption.

While everyone shares the goal of universal broadband adoption for all Americans, the solution doesn’t come from raising taxes on consumer phone bills (currently approaching 20%!) to fund poorly-managed programs to subsidize rural and low-income communities.  Among those who do not have a broadband connection at home, as repeated surveys make clear, availability and even price are rarely cited as the principal reasons.

Non-adopters—especially older Americans—don’t have a broadband connection, it turns out, largely because they don’t want one.  Rightly or wrongly, digital hold-outs don’t see the Internet as having any relevance to their life.  That was a problem identified as long ago as 2010 in the visionary National Broadband Plan, from which the Clinton agenda cribs frequently without acknowledgment.   And it’s one problem government could play a crucial role in solving through public education and the President’s bully pulpit.  But not from throwing more money at federal contractors.

***

As Secretary Clinton’s wish list suggests, what Silicon Valley really wants from both presidential candidates is not more government, but less.  In many cases, much less.

That desire, of course, distinguishes tech from most special interests, and Clinton’s team deserves praise for getting it at least partly right.  For years, I’ve watched visiting politicians looking to partner with the venture community grow disappointed to hear from tech leaders across the political spectrum that they don’t actually want new federal programs or legislation aimed at promoting innovation.

What they really want most is to be left alone; to be allowed to continue to practice the kind of largely unregulated experimentation that the Mercatus Center’s Adam Thierer calls “permissionless innovation.”  That wise policy has been strongly supported by a bi-partisan coalition since the mid-1990’s.  It has done more than any grant or subsidy could to promote U.S. leadership in the Internet and other emerging technologies, in sharp contrast to Europe, where centralized innovation planning and micromanagement have had the opposite effect.

But Washington’s commitment to permissionless innovation has been under attack, particularly in the last few years.  As the innovation economy increasingly becomes the economy, lawmakers can’t help but refocus their attention there.  Law enforcement and intelligence operations, at the same time, are increasingly wary of open networks and encrypted communications (about which the Clinton plan hedges), generating some very public fights with innovators in the name of both consumer privacy and national security.

The closer the next President--whoever it turns out to be--can hew to the U.S.’s longstanding if battered commitment to let a thousand Silicon Valley start-ups bloom, the better off everyone will be, in the short as well as the long run.  Political pandering aside, what the innovation ecosystem really needs is a reboot of the 1990’s promise to leave the Internet “unfettered by Federal or State regulation” – a policy that now needs expansion to equally high-potential disruptors in energy, materials, robotics, genomics, health care, transportation and manufacturing.

That, in any case, is the lesson of the last election in which innovation policy played a major role—the election, that is, of that other Clinton.

The fall issue of Democracy Journal features an essay by Larry on the growing divide between disruptive innovation and technology policy, part of a series on the digital future.

In "Fewer, Faster, Smarter," Larry argues that the continued explosion of digital innovation has created a public policy crisis for the 21st century.  New regulators are coming face-to-face for the first time with disruptions that challenge decades or more of compromises and cozy relations between government and industries now being reconstructed.

Innovators in the sharing economy, the Internet of things, artificial intelligence, the quantified self, self-driving cars, drone aircraft, digital currency and 3D printing are already feeling the pinch as regulators try to shove round disruptors into square laws, often with the encouragement of incumbents.

Some of these issues may well rise to the surface in the 2016 Presidential elections.  Already, Larry has been asked several times to comment on what the elections mean for Silicon Valley, which candidates best represent technology interests, and how technology will affect the election.  While it is far too soon to answer many of these questions, there's little doubt that innovators and investors are watching closely--or ought to be!

See also "Silicon Valley is a Political Issue in the 2016 Election" (TechCrunch, August 20, 2015), Andrew Keen's interview with Larry.  And see 'Which Presidential Campaign is Winning Over Silicon Valley? 'None of Them'" (L.A. Times, Sept. 11, 2015), which quotes Larry on the current prospects and their campaigns.

 

Last week, I participated in a program co-sponsored by the Progressive Policy Institute, the Lisbon Council, and the Georgetown Center for Business and Public Policy on "Growing the Transatlantic Digital Economy." The complete program, including keynote remarks from EU VP Neelie Kroes and U.S. Under Secretary of State Catherine A. Novelli, is available below.

My remarks reviewed worrying signs of old-style interventionist trade practices creeping into the digital economy in new guises, and urged traditional governments to stay the course (or correct it) on leaving the Internet ecosystem largely to its own organic forms of regulation and market correctives:

Vice President Kroes’s comments underscore an important reality about innovation and regulation. Innovation, thanks to exponential technological trends including Moore’s Law and Metcalfe’s Law, gets faster and more disruptive all the time, a phenomenon my co-author and I have coined “Big Bang Disruption.”

Regulation, on the other hand, happens at the same pace (at best). Even the most well-intentioned regulators, and I certainly include Vice President Kroes in that list, find in retrospect that interventions aimed at heading off possible competitive problems and potential consumer harms rarely achieve their objectives, and, indeed, generate more harmful unintended consequences.

This is not a failure of government. The clock speeds of innovation and regulation are simply different, and diverging faster all the time. The Internet economy has been governed from its inception by the engineering-driven multistakeholder process embodied in the task forces and standards groups that operate under the umbrella of the Internet Society. Innovation, for better or for worse, is regulated more by Moore’s Law than traditional law.

I happen to think the answer is “for better,” but I am not one of those who take that to the extreme in arguing that there is no place for traditional governments in the digital economy. Governments have and continue to play an essential part in laying the legal foundations for the remarkable growth of that economy and in providing incentives if not funding for basic research that might not otherwise find investors. And when genuine market failures appear, traditional regulators can and should step in to correct them as efficiently and narrowly as they can.

Sometimes this has happened. Sometimes it has not. Where in particular I think regulatory intervention is least effective and most dangerous is in regulating ahead of problems—in enacting what the FCC calls “prophylactic rules.” The effort to create legally sound Open Internet regulations in the U.S. has faltered repeatedly, yet in the interim investment in both infrastructure and applications continues at a rapid pace—far outstripping the rest of the world.

The results speak for themselves. U.S. companies dominate the digital economy, and, as Prof. Christopher Yoo has definitively demonstrated, U.S. consumers overall enjoy the best wired and mobile infrastructure in the world at competitive prices. At the same time, those who continue to pursue interventionist regulation in this area often have hidden agendas. Let me give three examples:

1. As we saw earlier this month at the Internet Governance Forum, which I attended along with Vice President Kroes and 2,500 other delegates, representatives of the developing world were told by so-called consumer advocates from the U.S. and the EU that they must reject so-called “zero rated” services, in which mobile network operators partner with service providers including Facebook, Twitter and Wikimedia to provide their popular services to new Internet users without use applying to data costs.

Zero rating is an extremely popular tool for helping the 2/3 of the world’s population not currently on the Internet get connected and, likely, from these services to many others. But such services violate the “principle” of neutrality that has mutated from an engineering concept to a nearly-religious conviction. And so zero rating must be sacrificed, along with users who are too poor to otherwise join the digital economy.

2. Closer to home, we see the wildly successful Netflix service making a play to hijack the Open Internet debate into one about back-end interconnection, peering, and transit—engineering features that work so well that 99% of the agreements involved between networks, according to the OECD, aren’t even written down.

3. And in Europe, there are other efforts to turn the neutrality principle on its head, using it as a hammer not to regulate ISPs but to slow the progress of leading content and service providers, including Apple, Amazon and Google, who have what the French Digital Council and others refer to as non-neutral “platform monopolies” which must be broken.

To me, these are in fact new faces on very old strategies—colonialism, rent-seeking, and protectionist trade warfare respectively. My hope is that Internet users—an increasingly powerful and independent source of regulatory discipline in the Internet economy—will see these efforts for what they truly are…and reject them resoundingly.

The more we trust (but also verify) the engineers, the faster the Internet economy will grow, both in the U.S. and Europe, and the greater our trade in digital goods and services will strengthen the ties between our traditional economies. It’s worked brilliantly for almost two decades.

The alternatives, not so much.

 

This week, Forbes Senior Online Editor Kashmir Hill and I launched a new video series, “VC/DC,” where we review the latest developments at the accident-prone intersection of technology and policy. The first two episodes are embedded below.

We’ve envisioned the series as a regular look at the policy issues technology companies and investors should be paying attention to but probably aren’t.

Kashmir and I each bring a unique perspective to technology and policy. A former D.C. resident, Kashmir relocated to the Bay Area a few years ago to cover privacy, security, digital currency and other cutting edge topics.

As a Silicon Valley veteran who now spends nearly half my time in Washington at the Georgetown Center for Business and Public Policy, on the other hand, I am working to bridge the gap between disruptive innovations and the regulators who sometimes love them to death.

The program will cover a wide range of topics, and won’t be limited just to developments inside the beltway. As our inaugural episodes makes clear, we’re also looking closely at how technology businesses are affected by local and international laws, as well as developments in the courts and the legal system overall.

I hope you like the series and find it interesting enough to subscribe.  We'd be grateful for your feedback in any case, as well as suggestions for future episodes.

 

Episode 1:  "The Accident-Prone Intersection of Innovation and Policy"

 

Episode 2:  "Security Standards and the Patent Crisis"

1

Earlier this week, I spoke in San Francisco at an event co-sponsored by the Reason Foundation, TechFreedom, and the Koch Institute.  Hosted by my CNET colleague Declan McCullagh, the topic was "DC vs. SF:  A Clash of Visions for Tech Policy."

The discussion ranged widely, from copyrights and patents to NSA surveillance to the failure of the government's Healthcare.gov website.  Although panelists from the political left and right disagreed on some issues, there was as usual widespread consensus that from the standpoint of entrepreneurs and engineers, the core problem in technology policy is that the pace of change for innovation continues to accelerate while the pace of government, at best, remains constant.  Moore's Law, increasingly, trumps legislated law, often unintentionally, and often with unintended negative consequences.

At the same time, as I emphasized, the shift in commerce, social life, civil life and nearly everything else from offline to online media means that future collisions at the intersection of innovation and regulation are inevitable and, indeed, certain to increase in both frequency and the degree of collateral damage.  Governments claim a monopoly on regulating much of this activity, after all, and like any institution that believes in its own mission is unlikely to let itself go quietly out of business as its markets change.

Governments rely for revenue on taxes. As more traditionally taxable activity migrates online, lawmakers are certain to follow. That's been true in the development of any frontier, physical or virtual.

The longstanding Silicon Valley approach of ignoring Washington in hopes lawmakers won't notice what we're doing was always a dangerous policy, and has now become downright reckless.  So how should innovators engage with regulators?

Watch the video below to find out!

DC v. SF: A Clash of Visions for Tech Policy from Charles Koch Institute on FORA.tv

***Cross-posted from Forbes.com***

It was, to paraphrase Yogi Berra, déjà vu all over again. Fielding calls last week from journalists about reports the NSA had been engaged in massive and secret data mining of phone records and Internet traffic, I couldn’t help but wonder why anyone was surprised by the so-called revelations.

Not only had the surveillance been going on for years, the activity had been reported all along—at least outside the mainstream media. The programs involved have been the subject of longstanding concern and vocal criticism by advocacy groups on both the right and the left.

For those of us who had been following the story for a decade, this was no “bombshell.” No “leak” was required. There was no need for an “expose” of what had long since been exposed.

As the Cato Institute’s Julian Sanchez and others reminded us, the NSA’s surveillance activities, and many of the details breathlessly reported last week, weren’t even secret. They come up regularly in Congress, during hearings, for example, about renewal of the USA Patriot Act and the Foreign Intelligence Surveillance Act, the principal laws that govern the activity.

In those hearings, civil libertarians (Republicans and Democrats) show up to complain about the scope of the law and its secret enforcement, and are shot down as being soft on terrorism. The laws are renewed and even extended, and the story goes back to sleep.

But for whatever reason, the mainstream media, like the corrupt Captain Renault in “Casablanca,” collectively found itself last week “shocked, shocked” to discover widespread, warrantless electronic surveillance by the U.S. government. Surveillance they’ve known about for years.

Let me be clear. As one of the long-standing critics of these programs, and especially their lack of oversight and transparency, I have no objection to renewed interest in the story, even if the drama with which it is being reported smells more than a little sensational with a healthy whiff of opportunism.

In a week in which the media did little to distinguish itself, for example, The Washington Post stood out, and not in a good way. As Ed Bott detailed in a withering post for ZDNet on Saturday, the Post substantially revised its most incendiary article, a Thursday piece that originally claimed nine major technology companies had provided direct access to their servers as part of the Prism program.

That “scoop” generated more froth than the original “revelation” that Verizon had been complying with government demands for customer call records.

Except that the Post’s sole source for its claims turned out to a PowerPoint presentation of “dubious provenance.” A day later, the editors had removed the most thrilling but unsubstantiated revelations about Prism from the article. Yet in an unfortunate and baffling Orwellian twist, the paper made absolutely no mention of the “correction.” As Bott points out, that violated not only common journalistic practice but the paper’s own revision and correction policy.

All this and much more, however, would have been in the service of a good cause--if, that is, it led to an actual debate about electronic surveillance we’ve needed for over a decade.

Unfortunately, it won’t. The mainstream media will move on to the next story soon enough, whether some natural or man-made disaster.

And outside the Fourth Estate, few people will care or even notice when the scandal dies. However they feel this week, most Americans simply aren’t informed or bothered enough about wholesale electronic surveillance to force any real accountability, let alone reform. Those who are up in arms today might ask themselves where they were for the last decade or so, and whether their righteous indignation now is anything more than just that.

As Politico’s James Hohmann noted on Saturday, “Government snooping gets civil libertarians from both parties exercised, but this week’s revelations are likely to elicit a collective yawn from voters if past polling is any sign.”

Why so pessimistic? I looked over what I’ve written on this topic in the past, and found the following essay, written in 2008, which appeared in slightly different form in my 2009 book, “The Laws of Disruption.” It puts the NSA’s programs in historical context, and tries to present both the costs and benefits of how they’ve been implemented. It points out why at least some aspects of these government activities are likely illegal, and what should be done to rein them in.

What I describe is just as scandalous, if not moreso, than anything that came out last week.

Yet I present it below with the sad realization that if I were writing it today--five years later--I wouldn’t need to change a single word. Except maybe the last sentence. And then, just maybe.

Searching Bits, Seizing Information

U.S. citizens are protected from unreasonable search and seizure of their property by their government. In the Constitution, that right is enshrined in the Fourth Amendment, which was enacted in response to warrantless searches by British agents in the run-up to the Revolutionary War. Over the past century, the Supreme Court has increasingly seen the Fourth Amendment as a source of protection for personal space—the right to a “zone of privacy” that governments can invade only with probable cause that evidence of a crime will be revealed.

Under U.S. law, Americans have little in the way of protection of their privacy from businesses or from each other. The Fourth Amendment is an exception, albeit one that applies only to government.

But digital life has introduced new and thorny problems for Fourth Amendment law. Since the early part of the twentieth century, courts have struggled to extend the “zone of privacy” to intangible interests—a right to privacy, in other words, in one’s information. But to “search” and “seize” implies real world actions. People and places can be searched; property can be seized.

Information, on the other hand, need not take physical form, and can be reproduced infinitely without damaging the original. Since copies of data may exist, however temporarily, on thousands of random computers, in what sense do netizens have “property” rights to their information? Does intercepting data constitute a search or a seizure or neither?

The law of electronic surveillance avoids these abstract questions by focusing instead on a suspect’s expectations. Courts reviewing challenged investigations ask simply if the suspect believed the information acquired by the government was private data and whether his expectation of privacy was reasonable.

It is not the actual search and seizure that the Fourth Amendment forbids, after all, but unreasonable search and seizure. So the legal analysis asks what, under the circumstances, is reasonable. If you are holding a loud conversation in a public place, it isn’t reasonable for you to expect privacy, and the police can take advantage of whatever information they overhear. Most people assume, on the other hand, that data files stored on the hard drive of a home computer are private and cannot be copied without a warrant.

One problem with the “reasonable expectation” test is that as technology changes, so do user expectations. The faster the Law of Disruption accelerates, the more difficult it is for courts to keep pace. Once private telephones became common, for example, the Supreme Court required law enforcement agencies to follow special procedures for the search and seizure of conversations—that is, for wiretaps. Congress passed the first wiretap law, known as Title III, in 1968. As information technology has revolutionized communications and as user expectations have evolved, the courts and Congress have been forced to revise Title III repeatedly to keep it up to date.

In 1986, the Electronic Communications Privacy Act amended Title III to include new protection for electronic communications, including e-mail and communications over cellular and other wireless technologies. A model of reasonable lawmaking, the ECPA ensured these new forms of communication were generally protected while closing a loophole for criminals who were using them to evade the police. (By 2005, 92 percent of wiretaps targeted cell phones.)

As telephone service providers multiplied and networks moved from analog to digital, a 1994 revision required carriers to build in special access for investigators to get around new features such as call forwarding. Once a Title III warrant is issued, law enforcement agents can now simply log in to the suspect’s network provider and receive real-time streams of network traffic.

Since 1968, Title III has maintained an uneasy truce between the rights of citizens to keep their communications private and the ability of law enforcement to maintain technological parity with criminals. As the digital age progresses, this balance is harder to maintain. With each cycle of Moore’s Law, criminals discover new ways to use digital technology to improve the efficiency and secrecy of their operations, including encryption, anonymous e-mail resenders, and private telephone networks. During the 2008 terrorist attacks in Mumbai, for example, co-conspirators used television reports of police activity to keep the gunmen at various sites informed, using Internet telephones that were hard to trace.

As criminals adopt new technologies, law enforcement agencies predictably call for new surveillance powers. China alone employs more than 30,000 “Internet police” to monitor online traffic, what is sometimes known as the “Great Firewall of China.” The government apparently intercepts all Chinese-bound text messages and scans them for restricted words including democracy, earthquake, and milk powder.

The words are removed from the messages, and a copy of the original along with identifying information is stored on the government’s system. When Canadian human rights activists recently hacked into Chinese government networks they discovered a cluster of message-logging computers that had recorded more than a million censored messages.

Netizens, increasingly fearful that the arms race between law enforcement and criminals will claim their privacy rights as unintended victims, are caught in the middle. Those fears became palpable after the September 11, 2001, terrorist attacks and those that followed in Indonesia, London, and Madrid. The world is now engaged in a war with no measurable objectives for winning, fought against an anonymous and technologically savvy enemy who recruits, trains, and plans assaults largely through international communication networks. Security and surveillance of all varieties are now global priorities, eroding privacy interests significantly.

The emphasis on security over privacy is likely to be felt for decades to come. Some of the loss has already been felt in the real world. To protect ourselves from future attacks, everyone can now expect more invasive surveillance of their activities, whether through massive networks of closed-circuit TV cameras in large cities or increased screening of people and luggage during air travel.

The erosion of privacy is even more severe online. Intelligence is seen as the most effective weapon in a war against terrorists. With or without authorization, law enforcement agencies around the world have been monitoring large quantities of the world’s Internet data traffic. Title III has been extended to private networks and Internet phone companies, who must now insert government access points into their networks. (The FCC has proposed adding other providers of phone service, including universities and large corporations.)

Because of difficulties in isolating electronic communications associated with a single IP address, investigators now demand the complete traffic of large segments of addresses, that is, of many users. Data mining technology is applied after the fact to search the intercepted information for the relevant evidence.

Passed soon after 9/11, the USA Patriot Act went much further. The Patriot Act abandoned many of the hard-fought controls on electronic surveillance built into Title III. New “enhanced surveillance procedures” allow any judge to authorize electronic surveillance and lower the standard for warrants to seize voice mails.

The FBI was given the power to conduct wiretaps without warrants and to issue so-called national security letters to gag network operators from revealing their forced cooperation. Under a 2006 extension, FBI officials were given the power to issue NSLs that silenced the recipient forever, backed up with a penalty of up to five years in prison.

Gone is even a hint of the Supreme Court’s long-standing admonitions that search and seizure of information should be the investigatory tool of last resort.

Despite the relaxed rules, or perhaps inspired by them, the FBI acknowledged in 2007 that it had violated Title III and the Patriot Act repeatedly, illegally searching the telephone, Internet, and financial records of an unknown number of Americans. A Justice Department investigation found that from 2002 to 2005 the bureau had issued nearly 150,000 NSLs, a number the bureau had grossly under-reported to Congress.

Many of these letters violated even the relaxed requirements of the Patriot Act. The FBI habitually requested not only a suspect’s data but also those of people with whom he maintained regular contact—his “community of interest,” as the agency called it. “How could this happen?” FBI director Robert Mueller asked himself at the 2007 Senate hearings on the report. Mueller didn’t offer an answer.

Ultimately, a federal judge declared the FBI’s use of NSLs unconstitutional on free-speech grounds, a decision that is still on appeal. The National Security Agency, which gathers foreign intelligence, undertook an even more disturbing expansion of its electronic surveillance powers.

Since the Constitution applies only within the U.S., foreign intelligence agencies are not required to operate within the limits of Title III. Instead, their information- gathering practices are held to a much more relaxed standard specified in the Foreign Intelligence Surveillance Act. FISA allows warrantless wiretaps anytime that intercepted communications do not include a U.S. citizen and when the communications are not conducted through U.S. networks. (The latter restriction was removed in 2008.)

Even these minimal requirements proved too restrictive for the agency. Concerned that U.S. operatives were organizing terrorist attacks electronically with overseas collaborators, President Bush authorized the NSA to bypass FISA and conduct warrantless electronic surveillance at will as long as one of the parties to the information exchange was believed to be outside the United States.

Some of the president’s staunchest allies found the NSA’s plan, dubbed the Terrorist Surveillance Program, of dubious legality. Just before the program became public in 2005, senior officials in the Justice Department refused to reauthorize it.

In a bizarre real-world game of cloak-and-dagger, presidential aides, including future attorney general Alberto Gonzales, rushed to the hospital room of then-attorney general John Ashcroft, who was seriously ill, in hopes of getting him to overrule his staff. Justice Department officials got wind of the end run and managed to get to Ashcroft first. Ashcroft, who was barely able to speak from painkillers, sided with his staff.

Many top officials, including Ashcroft and FBI director Mueller, threatened to resign over the incident. President Bush agreed to stop bypassing the FISA procedure and seek a change in the law to allow the NSA more flexibility. Congress eventually granted his request.

The NSA’s machinations were both clumsy and dangerous. Still, I confess to having considerable sympathy for those trying to obtain actionable intelligence from online activity. Post-9/11 assessments revealed embarrassing holes in the technological capabilities of most intelligence agencies worldwide. (Admittedly, it also revealed repeated failures to act on intelligence that was already collected.) Initially at least, the public demanded tougher measures to avoid future attacks.

Keeping pace with international terror organizations and still following national laws, however, is increasingly difficult. For one thing, communications of all kinds are quickly migrating to the cheaper and more open architecture of the Internet. An unintended consequence of this change is that the nationalities of those involved in intercepted communications are increasingly difficult to determine.

E-mail addresses and instant-message IDs don’t tell you the citizenship or even the location of the sender or receiver. Even telephone numbers don’t necessarily reveal a physical location. Internet telephone services such as Skype give their customers U.S. phone numbers regardless of their actual location. Without knowing the nationality of a suspect, it is hard to know what rights she is entitled to.

The architecture of the Internet raises even more obstacles against effective surveillance. Traditional telephone calls take place over a dedicated circuit connecting the caller and the person being called, making wiretaps relatively easy to establish. Only the cooperation of the suspect’s local exchange is required.

The Internet, however, operates as a single global exchange. E-mails, voice, video, and data files—whatever is being sent is broken into small packets of data. Each packet follows its own path between connected computers, largely determined by data traffic patterns present at the time of the communication.

Data may travel around the world even if its destination is local, crossing dozens of national borders along the way. It is only on the receiving end that the packets are reassembled.

This design, the genius of the Internet, improves network efficiency. It also provides a significant advantage to anyone trying to hide his activities. On the other hand, NSLs and warrantless wiretapping on the scale apparently conducted by the NSA move us frighteningly close to the “general warrant” American colonists rejected in the Fourth Amendment. They were right to revolt over the unchecked power of an executive to do what it wants, whether in the name of orderly government, tax collection, or antiterrorism.

In trying to protect its citizens against future terror attacks, the secret operations of the U.S. government abandoned core principles of the Constitution. Even with the best intentions, governments that operate in secrecy and without judicial oversight quickly descend into totalitarianism. Only the intervention of corporate whistle-blowers, conscientious government officials, courts, and a free press brought the United States back from the brink of a different kind of terrorism.

Internet businesses may be entirely supportive of government efforts to improve the technology of policing. A society governed by laws is efficient, and efficiency is good for business. At the same time, no one is immune from the pressures of anxious customers who worry that the information they provide will be quietly delivered to whichever regulator asks for it. Secret surveillance raises the level of customer paranoia, leading rational businesses to avoid countries whose practices are not transparent.

Partly in response to the NSA program, companies and network operators are increasingly routing information flow around U.S. networks, fearing that even transient communications might be subject to large-scale collection and mining operations by law enforcement agencies. But aside from using private networks and storing data offshore, routing transmissions to avoid some locations is as hard to do as forcing them through a particular network or node.

The real guarantor of privacy in our digital lives may not be the rule of law. The Fourth Amendment and its counterparts work in the physical world, after all, because tangible property cannot be searched and seized in secret. Information, however, can be intercepted and copied without anyone knowing it. You may never know when or by whom your privacy has been invaded. That is what makes electronic surveillance more dangerous than traditional investigations, as the Supreme Court realized as early as 1967.

In the uneasy balance between the right to privacy and the needs of law enforcement, the scales are increasingly held by the Law of Disruption. More devices, more users, more computing power: the sheer volume of information and the rapid evolution of how it can be exchanged have created an ocean of data. Much of it can be captured, deciphered, and analyzed only with great (that is, expensive) effort. Moore’s Law lowers the costs to communicate, raising the costs for governments interested in the content of those communications.

The kind of electronic surveillance performed by the Chinese government is outrageous in its scope, but only the clumsiness of its technical implementation exposed it. Even if governments want to know everything that happens in our digital lives, and even if the law allows them or is currently powerless to stop them, there isn’t enough technology at their disposal to do it, or at least to do it secretly.

So far.