Tracy Mitrano's blog

Internet Governance

On Friday, March 24 I gave a talk on internet governance at the Information Technology Conference at UMass Amherst. Directed mostly at undergraduates, this talk incorporates many of the issues I have already discussed in this blog space. But if you were interested, I thought I would share it nonetheless. I look forward to comments.

You are young, vibrant, and more than once already I am sure you have had elders at your church, teachers at your college or other classmates say that you are the generation that will inherit responsibility for your community, this society, this country, this planet, for better or for worse. 

And no matter what the technological advances -- artificial intelligence being the latest craze, but almost now 60 I can tell you that I have already lived through many: semi-conductor maximization, digitization, computers, network systems -- all promising to change your life, you will face some age-old challenges. 

There is enough food to feed the world. And yet every day millions of people starve and/or are chronically malnourished. There is enough medical science to address essential health needs across the globe, and yet we don’t do it. There is more than enough wealth in the world to provide for basic shelter, sanitary conditions, and utilities -- safe water and food -- why aren’t wealth and basic resources distributed with some sense of commonality, decency and magnanimousness? 

Do we lack the will? The way? Are there forces we must overcome to make the world a more fair and equitable place? If so, what are those forces and why or how to they impede best intentions and honest efforts? 

Allow me to add more thoughts about what needs your attention as you go forward in life:

  • How to work toward environmental sustainability on a comprehensive scale, including prevention of global warming and of the extinction of many species.
  • How to inculcate an understanding of local or national culture, history, and traditions sufficiently to encourage tolerance for diverse religions, manners, and mores.
  • How to understand the human condition through the study of cross-cultural and trans-historical art, literature, languages, and humanities.
  • How to live the ethics of scientific research, whether it be the exploration of the outer spaces of our universe or the inner spaces of particle and nuclear physics, or genomics and the creation of species for which we do not yet know the intended, or unintended, consequences.

And finally, the one for which you are here to discuss at this conference:

  • How to deploy all layers (physical, logical, and applications) of the Internet while also developing international governing bodies and policy principles for information and communications technologies, including search engines, algorithms, and the repositories of information and knowledge that includes international jurisdiction and substantive law to settle legal disputes.

Before the election of 2016, these questions and the one regarding the internet especially, might have seemed theoretical, or, at least, the kind of questions reserved for specialists. Now we recognize these questions are germane to the integrity of our political process, or, for that matter, any sovereign nation’s autonomy from subversive external influences. Had I delivered this talk before Monday I might have had to go into more detail to be sure that the audience understood the context. National news as a Monday of this week speaks for itself. The heads of both the FBI and NSA testified that there is an ongoing investigation of Russian interference in that election. That investigation comports with the finding of the joint intelligence report that came out in January. And news reports in reputable journals such as The Washington Post, New York Times, The Guardian of the U.K. and Die Welt of Germany, among others, have similar accounts of Russian interference with elections in an array of European countries, not only those formerly under Soviet influence, but including those thought to be independent and robust, such as the Federal Republic of Germany. 

From a technical perspective, cyber insecurity is the tactic by which this interference took place. This played out through “phishing” for credentials that allow criminals unauthorized access to accounts. The release of Jon Podesta’s emails, the chairman of candidate Clinton’s campaign, probably caused the most public relations damage. Compounded by the contretemps of Secretary Clinton’s private email server while working for the government – which by the way, was neither illegal nor against policy at that time – and the FBI announcement that the emails of her friend and confident were under review in a completely unrelated case, became fodder along with the Podesta release to innuendo that there was something nefarious about Clinton herself. As we now know, Candidate Trump proved particularly effective at using these issues to create doubt in swing voters in key states. 

U.S. intelligence reports identified four actors in the Podesta email release, all of whom are outside the United States and connected with Russia, two of whom are highly placed in the Russian intelligence service. Together, these individuals are alleged to have executed the phish, accessed Mr. Podesta’s email account fraudulently, removed its contents, and then either directly, or in an underground electronic forum, made a connection with the website WikiLeaks which agreed to release the contents. 

Now let me ask you, is there anything illegal about this activity? Inured to identity theft and reports of phishes and cyber insecurity attacks, many of you assume not. Cyber insecurity seems to occur with abandon, all around us, how could it possibly be illegal if there is so much of it?  But the basic facts are that acquiring an individual’s credentials perpetrated on a fraud – this one involved a fake google email account – and then using those credentials to access the email account and remove its contents are all violations of the Computer Fraud and Abuse Act of 1986.

That is the same law that copyright reform advocate Aaron Swartz is alleged to have violated when he hacked into the MIT network. It is the same law that Edward Snowden is alleged to have violated because he removed classified content from protected computers and systems and released it to journalists.  For those of you steeped in the history of the internet, it is the same law that the young graduate student Robert Morris Jr. at Cornell University broke and resulted in parole, a fine, and dismissal from Cornell. (He now is a professor of computer science at MIT, so maybe that was not such a bad fate … but be that as it may …) my point is this: there is a law and it has a well-worn history already of famous cases. 

If there is a law, how did these actors get away with it, and why wasn’t there more attention to the violation? The contents of Podesta’s emails, while politically sensitive because of the challenge that Bernie Sanders brought to the Clinton campaign, did not reveal anything illegal or immoral about him, Clinton, or the campaign.  I grant you, politics vastly overdetermined the context of this hack, but I can’t help but go back and ask why, in the moment, didn’t more people say, “Hang on a minute … how did WikiLeaks get those emails, and isn’t there something wrong with that process? Why should any candidate ask me to trust information procured in violation of federal law? Shouldn’t we be focused on enforcing our laws and prosecuting people who break them? Why would we encourage hackers by supporting candidates that would use what is in effect ‘stolen property?’ Is there a law to protect against that?”

This line of inquiry gets to the heart of my thesis: all countries and people of good will, one’s interested in commerce, communication, political discourse, the dissemination of culture and knowledge – including higher education that uniquely lauds learning and knowledge for its own sake – will be persistently at a disadvantage to use the internet for these purposes so long as we lack sound and robust global internet governance. Could you imagine trying to control the crime of theft in physical space with technology alone? You have a lock on your door for which the thief gets a crow bar that breaks the lock, so then you get a security system to sound an alarm, for which the thief figures out a way to trip it, and so on.  Technology alone will never address the root problem of criminal behavior and intent.  For that aspect, law is a prerequisite. Does the existence of law eliminate crime? No, of course not. But can you imagine addressing crime in a stable social order without it? I can’t. 

In the Podesta case, not only do we lack international law to cover these events, we have actors outside the United States and in countries with no extradition treaty to send them here for trial. Should we create extradition treaties with countries such as Russia, China, and Nigeria to prosecute these crimes?  Sure, but that is the problem. The United States lacks the diplomatic apparatus and/or relationships with these countries sufficient to the meet the task. No amount of military buildup or show of might, and certainly no “deals” – no matter how “artistic” – are going to change that landscape.  When President Xi of the People’s Republic of China visited the United States, he and President Obama shook hands on an agreement to tone down the nation-state attacks between our two countries.  In and of itself, that was a good thing, but upon a handshake is not how to manage a diplomatic matter as significant as trust in the internet. Under this administration and its “America First” doctrine, no one can expect the quality of collaboration among nation-states required to lay the foundation for this kind of cooperation and consent. No administration to date has thought through the implications of how the internet changes the nature of international law well enough to offer so much as a template. 

The United States carries neither the authority nor the influence to create that template.  History complicates this state of affairs. Domination in its own hemisphere up to the 20th century, and then one compounded by global politics throughout the twentieth unto today, is why the United States is not uniformly trusted around the globe to set the rules unilaterally for internet governance. The specific history of the internet underscores these circumstances. For the most part, it was the United States Department of Defense, working with U.S. research universities and some corporate actors, developed the TCP/IP protocol into a network system (and their routers and switches, cables, wires, fiber and wireless access points, etc.) that form the physical and technical foundation of the internet.  As a result, the United States, now under its Department of Commerce, controls what are known as the root domain servers, those devices translate names into the numbers and direct internet traffic. Without that function, the internet would grind down to a halt and/or function as a bunch of unconnected subnets throughout the world, undermining the very extraordinary functions it serves as a global, interactive communication network. 

That control is at this stage of development both a blessing and a curse for the United States. The reason why no administration, Democratic or Republican, has corrected cybersecurity from the perspective of internet governance is primarily because it has technical control and wants to maintain that control. Concomitantly, the U.S. engages in state sponsored cyber security attacks. Suxnet is the most notable example. This was malware sent out by computer/intelligence operatives of the United States and Israel that destabilized Iranian nuclear reactors. This destabilization is thought to have brought Iran to the bargaining table. But now, when cybersecurity is exacted against us, we find that behavior abhorrent. The hack into Podesta’s emails are a case in point.  Very few would have made the argument that cyber insecurity should be fixed before the election for the sake of the integrity of American democracy. Now it seems we should be thinking about nothing else. 

I am not advocating that the United States relinquish control over those root domain servers.  What I am advocating for is the beginning of serious discussion on how to build a framework of multi-stakeholder internet governance. Without it, the internet will continue to be a compromised communication platform. It will never live up to its economic, social, political, intellectual, or cultural promise. What we would not tolerate in physical space – thieves routinely gaining entry to our houses without the state acting to protect us – we should not tolerate in cyberspace – hackers who use fraud or any other method to penetrate private communications or correspondence. This observation applies to hackers who steal personally identifiable information for garden-variety financial fraud as well as those who do so for purpose of influencing international politics.

I propose that we renounce the practice of cyber insecurity practiced by or against the United States government, its institutions, and its people. Furthermore, since nation-states have engaged in the practices of cybersecurity, they cannot be relied upon to create that framework. And since corporate entities, from telecoms to application developers, have their own interests at stake, neither can they be trusted to serve a greater purpose than profit.  So I have an idea that goes along with my proposal: Let higher education do it.

Higher education is the only institution that can lay claim to a mission that strives for the sake of knowledge itself. It is, notwithstanding its inevitable political dimensions relevant to time and space, dedicated to both a principle and a process that is larger than a nation-state governments or multi-national corporations. It has a custom and practice of international connections and relationships. A framework created out of multi-stakeholder discourse would act as a starting point, a draft, a position paper, a straw man. Higher education can facilitate a discussion about how international internet governance might operate. Only then can we address cyber insecurity as its core weakness: the lack of governance. The rule of law must prevail over commerce, communications and content on the internet. 

I began this talk with an overview of the some of the significant challenges that your generation faces. Depending on your academic and personal interests, you may choose to pursue any number of these challenges such as environmental sustainability, global health, a more equitable distribution of the world’s resources or how to achieve understanding among people of different religious practices and faiths.

But some of you out there must have a penchant for law, for negotiation. Some of you must be peacemakers who know how to bring people together to converse about complicated and challenging topics as to advance a common good. It is to you I speak and to the University of Massachusetts Amherst campus.

Global internet governance is among some of the most important issues that your generation must address. Working collaboratively with other higher educational institutions as well as centers for internet governance that already exist, colleges and universities can bring diverse, international, stakeholders together to think deeply about this challenge. Would we allow criminals, thieves and thugs to run our cities? Of course not. There is no reason why we should allow them to have as much control as they now exercise over the internet. The integrity of our political process – the heart of a democratic republic – is also at stake. It is time to get serious about global internet governance, and I see no reason why such an effort shouldn’t start right here, among us. 


Show on Jobs site: 

Strange Bedfellows

President Trump and Edward Snowden have much in common these days. Taking his cues from the illuminati of Breitbart and Fox News, President Trump has not only announced that President Obama tapped his Trump Tower phone but that the British got involved in it. In so doing, he is giving the world a lesson in U.S. style government surveillance. The last person to do so at this level of attention was Edward Snowden. And both are shocked, shocked that the United States would do such a thing. 

When President Trump first tweeted his discontent, from the language that he used, that he referred to what us lawyers, see, I am lawyer, call a traditional Title III criminal court. For that, President Obama would have had to get his Department of Justice attorneys to go to a judge with evidence of probable cause of criminal activity.  The Federal Bureau of Investigation would implement it, probably, since it is on commercial telecom network, using a centrally located switch in one of its Manhattan centers. Remember CALEA, the Communications Assistance Law Enforcement Act? That law would be the reason that telecoms can automatically implement a wiretap from a remote location.  It is not like the old days, and movie depictions, of swarthy agents cutting into a wire closet in Trump Towers with alligator clips.

When everyone and their uncle denounced the suggestion that President Obama, the Department of Justice, the Federal Bureau of Investigation, together with the telecoms, executed such a series of acts, the conversation shifted. Fox got the U.K. involved. Prime Minister Theresa May hissed. Apologies were issued, then they were not. Spicer read from Fox News as if it were the Golden Tablets brought down by Moses, or was it Joseph Smith? And in an official meeting with German Chancellor Angela Merkel, President Trump did not miss a beat. Slyly, he joked, why are you asking me? Go ask … Alice?

Here is where in my mind’s drama, Edward Snowden steps in. I can just see him pacing around the stage that is made to appear like his Moscow apartment. “That’s what I said!” And indeed, he did. What Edward Snowden exposed more than anything else was that the National Security Administration conducted mass global telecommunications surveillance.  Here comes that police chief from Casablanca again! “Shocked, shocked!” Director Karl Marx jumps on the set with a line from the Eighteenth Brumaire of Louis Napoleon, “history repeats itself, first as tragedy, then as farce!”  Groucho thought when he heard the call the angels beckoned him, and so he shows up yelling “comedy, not farce, it’s comedy!” Soon the stage is filled with actors from all walks of life. There’s Michael Hayden saying, “we kill people based on metadata.” President Bush, “shame me once, I won’t get fooled again!” And President Clinton, “I did not have sex with that woman!”

Behold, friends, this is the world the United States wrought. President Trump is onto something about surveillance. His buddies at Fox are not crazy to suggest that the Britain’s Government Communication Headquarters works hand in glove with the United States. By the way, if President Trump's detractors have not yet learned that this man has an uncanny ability to sniff out a weakness and play it for all it is worth, then there is no teaching them anything after November 8. Because here comes Laura Poitras with her Edward Snowden documentary, CitizenFour, which has everything you need to know about the NSA (except the legal backdrop in the Foreign Intelligence Surveillance Courts), GCHQ, and U.S. global communications surveillance. 

When my younger son asked me what I was writing my blog about this week, I asked him whether he had ever heard of the phrase “Politics makes strange bedfellows.” A business major with minor in political science, he had not.  I tried to explain it him, and learned in the process that the phrase comes from none other than the great Bard’s Tempest, an adaptation of “misery makes strange bedfellows.”  It all fits. The politics, the misery, the drama. In Washington sits a president who cozied up to Putin to help him win that esteemed office.  And in Moscow sits ... A hero? A traitor? An expat who, on the lam for exposing what any thinking person could have guessed, found succor in the arms of the same man. Who knew? This story is a romance. 

Show on Jobs site: 

Internet Governance

For many posts over the years, I have called for some framework of international governance to address cybersecurity. Yesterday’s New York Times expose of one of Russia’s most famous cybercriminals is another case in point. Without international agreements, how does anyone expect to constructively address a world of such criminality, especially one intertwined with espionage as the Russians practice it? 

Before the 2016 we might have filed such problems as something for technology to fix. With Russian interference in the election, we ignore the implications of cybersecurity at the peril of our own republic. Especially as that republic struggles within itself for a foothold of integrity and fairness.

 Those among us who fail to recognize the inherent contradictions of the president’s on-going conflicts of interest blind themselves from their own self-interest. Those who do not see the beginnings of a cover-up in the firing of New York’s federal prosecutor Preet Bharara are missing what could become the critical link in a proper investigation into Trump’s campaign relationships with Russia. 

Would it be possible to play cover-up politics in an international framework of Internet governance?  Of course. Corruption can and does exist at every level of governance, no matter how high or vaulted. But is it more difficult to propagate corruption at that level? Yes, because more eyes rest on it. A larger group invests a stake. A diversity of perspectives creates more innovative and free thought. The expectation that the framework exists to serve a common good exerts more force than the closed, parochial interests. 

 Multi-stakeholder attention to the internet might make a difference in some of the national reversals we now experience. A new F.C.C. Commissioner signals intent to de-categorize the internet as a utility, with the purpose of ending the net neutrality rules that came along with it. This past week, we learned that the Commissioner won a vote to halt data privacy and security rules that would apply to telecommunications companies. This path does not bode well for consumers. Nor does it send the right message in the fight to address cybersecurity.  If we cannot regulate privacy and security for consumers, why do we care about hackers? Civil and criminal law are closely linked.

Zeynep Tufekci, to my mind the most respected commentator about the internet writing today, this week exposed the WikiLeaks announcement for exactly what it is: a lot of puff.  What WikiLeaks released is old and tired stuff. Anyone who thinks that the CIA does not truck in zero days or that the United States is not involved in global surveillance needs to take a basic history course. There was nothing new in that release. Rather, it was a pathetic plea from Assange who is trying to warm up to the Silicon Valley tech world. He is concerned that the election results in Ecuador might get him ejected from his hidey hole in London; he is desperate for new friends.  Whoa to any company or country that reciprocates.

Thomas B. Edsall recently wrote to suggest that the internet has disrupted democracy.  In the wake of all of the above, I can see how he might think that to be the case. But he confuses cause and effect. Significantly disruptive technologies: the proverbial guns and steel, or, more fitting, the printing press, exacerbate and accelerate change that is already taking place. What that change will look like or how it will be described for the world, or even just the United States, should animate future historians for centuries to come. And of course, the winners get to write the text.  I only know this much: we still have choices to make. The more we resist some form of reasonable, rational, multi-stakeholder, global governance to address issues of both international and domestic importance, from the economics of commerce to the power of politics, the more unsavory will be our future to contemplate.


Show on Jobs site: 

Will Wonders Never Cease!

 “It’s a combination of the culture, the legal framework, the logistics and the risks.” Said Fred Goldberg, who served as I.R.S. commissioner from 1989 to 1992 talking about the likelihood that an insider would leak President Trump’s returns. 

Truer words were never spoken in advising organizations on the variety of controls to preserve and protect information. As an instructor in a cybersecurity program, employee of both state and private institutions, and as a consultant in information management, I strive to get these key points across. Technology alone will not fix the problem; logistical controls are necessary but not sufficient.  The best approach is multi-dimensional and involves the oft-quoted three prongs of administration, technology and physical security. There is no silver bullet. Perhaps more vital than any other factor is culture, as expert Rebecca Herold repeatedly demonstrates in her classic, Managing an Information Security and Privacy Training and Awareness Program. 

Risk remains highly elevated until users on a network system – all users, including the weakest links -- thoroughly and completely internalize information management. Higher education networks pose special challenges by comparison to industry and government for many reasons: financial constraints that limit everything from the purchase of necessary technologies to the staff required to implement a comprehensive program; faculty pushback on theories that range from “academic freedom” to “information wants to be free” in the belief that they are not obliged to comply with institutional policy; general user ignorance and negligence for the failure of the institution to adequately instruct or rigorously enforce policy. Notably, some good tools exist from anti-virus to SIEM products; specialists know the usual suspects.  For risk management, which more advanced institutions are turning for support, RiskLens, is the emerging product on the market.  Without legislation or even a good standard under state tort law for a breach, keeping up the Jone’s remains an institution’s best approach, which means, in this context, that utilizing these products is a good line of defense.  But when all is said and done, moving the dial progressively on culture remains the most significant nut that higher education has not cracked.

More than once I have embarrassed myself with an argument that higher education is no different.  One time in a webinar a couple of years ago I got so worked up I lost a good client.  After working closely with students this past year in the TACC Program, many of whom work for a Fortune 500 financial services corporation, I have shifted my analysis.  I still bristle at the dismissive attitudes that vertical peers level at us since they tend to compare apples to apples and fail to recognize that higher education is a special fruit.  But where I think that industry and government have pulled meaningfully ahead us in addressing the cultural component.  In many cases, it is not for want of trying. Almost every information security specialist in higher ed I have ever met is sincere, dedicated and hard working.  The problem is simply larger than the resources at hand or even the defined scope of their work. 

Given the bully pulpit that comes with this blog, readers will recognize my approach: to pull contemporary politics into this context.  If we see the connections between what we do on our campuses, not least of which is how we education students, and the larger world around us, we have a better chance at capturing the quality of attention we need to change our culture towards greater commitment to information management.  Think of it a little as one would a religious experience, when some inspiration from suffering to glee opens the heart.   The distinctions between a hack and fake news are collapsing, for example.  “Digital” and “information” literacy, once emphasized for difference, have become part and parcel of the same training and awareness. Even the term with which we are so familiar, “information technology,” holds the potential for a shift.   When first used, most people thought of information as an adjective.  It should now be regarded as a noun.  That is the kind of transition we now need to be comprehensive in our approach.   

It is therefore not a coincidence that the opening quote comes from an article on the probability that President Trump’s IRS returns can be hacked.  Curiously, in a world where just about everything can be hacked and/or leaked, this one document, according to the article, appears relatively sacrosanct. Leave it to our democratic republic to protect the wealthy more than its own foreign intelligence.  That is a sign of the times, and if that order of things does not get one’s attention I am not sure what else would. But do you also see the connections between information security and national security, policy and politics, in this one piece? Perhaps it is more metaphor than fact, but even in that case, it is potent.

Policy is inherently Janus-faced.  It presents in multiple forms, from operations through organizations and institutional strategies. It exists as need-translated-to-action at every level from the most local to the global.  It is important to distinguish the various types. But it is equally critical to recognize the connections between and among this complex universe of what “policy” constitutes. Rote memorization and simple answers won’t serve us. Never has it been more essential not only to the work we do but to the context in which we do it to deeply and meaningfully think. 

Show on Jobs site: 

Lock Him Up

In talks about government surveillance I gave after June 2013 when the Edward Snowden revelations came out, I commonly joked that I was sending him a $25 Amazon Gift Card. I thanked him for bringing issues about the significance of the USA-Patriot Act and FISA Amendment of 2008 into the open. This week I want to send one to Donald Trump. His claim that President Obama tapped his Trump Tower phone has the same effect.

I first became curious about these issues when Flynn resigned. News reports stated that the NSA monitored his communications with Russian diplomats. I understood how that could occur. Immediately after the events of September 11, Bush ordered the NSA to monitor all international communications for “conversational detail,” under the reforms of the Foreign Intelligence Surveillance Act included in the USA-Patriot Act. In an unknown number of cases, the monitoring escalated to content. To accomplish this feat technically, telecommunication companies created special, unmarked “closets” for NSA staff. The New York Times disclosed this activity in 2006. As a result, Congress passed the FISA amendment in 2008. This Act provided cover for the content monitoring as a matter of government surveillance and gave legal immunity to the telecommunication companies that were concerned about their liability under the Electronic Communications Privacy Act.  When Snowden disclosed that such activity was, in fact, occurring, it was no surprise to anyone who followed these events and who understood the implications of the FISA “secret” courts.

I was therefore not surprised that NSA captured Flynn on international communications with Russian diplomats. What did surprise me is that the man who was to become the National Security Advisor did not anticipate that he would be subject to this kind of surveillance before having those talks on delicate topics. I also found it curious that Trump did not make more out of the surveillance, although I offset that thought with the recognition that he wanted to sweep the whole matter under the rug. Moreover, since his primary concern is for himself, he did not want to draw any additional attention to such surveillance because of the on-going investigations into his connections with Russians especially about the DNC hack.  Maybe he didn’t really didn’t know anything from Russia about it?  

Poof! went that thought the minute I learned of his allegation about President Obama. Trump does not know how to keep his mouth shut. Whenever pressed towards accountability, he projects (“you’re a puppet!") and deflects. Either he finally understands how the NSA under FISA operates and is concerned about what the investigation will produce, or he has learned that the intelligence community has definitive evidence.  Good money is on communications between his former campaign manager, Paul Manafort, and someone significantly placed in the Putin government. And so he deflects … I pray that the American people will not be so swayed by this obvious tactic to obfuscate information about the most important issue in his presidency and for our body politic.

Now I want to get Trump that gift card. Behind the smoke and mirrors is a lesson in law, policy and technology of government surveillance as well as the significance of cybersecurity in our democratic republic. He is doing the public a service to bring these issues out in bold relief. I am also prepared to give him extra points for becoming a contender for poster child of Computer Fraud and Abuse Act. This is the law implicated in the DNC hack. A book, perhaps a basic law primer, would make good use of that card. After all, he should have lots of time to read when the dust settles. Soon enough, it will be time to lock him up. 

Show on Jobs site: 


When I became Director of IT Policy at Cornell in 2001, the internet was hot. It was a perfect way to bring a legal education together with a life-long dedication to higher ed. The field exploded with excitement  I remember well the night my husband brought home a modem, connected to the computer and our telephone to get online. Remember that two-tone “eee-eee” screech? Or the sessions in law school when we learned how to search with Westlaw and Lexis-Nexis electronically. Employers thought me brilliant when I would return from the law library in minutes instead of hours to do legal research until I explained the trick. Or the time I asked my father-in-law, who also had a legal education but worked in computers, how people find stuff online and he introduced me to Google. September 11 and a community’s response to the USA-Patriot Act, patriotic democracy at work.

I am forever grateful for the opportunities that the people and position at Cornell provided me. The first time I ever heard Lawrence Lessig speak was at a conference at Berkeley. I attended one of his founding seminars at Stanford on law and internet. The Institute for Computer Policy and Law, as well as the University complement, UCPL, featured so many fantastic speakers: Deanna Markum (digitization and the Library of Congress), Miriam Nisbit (ALA and copyright), Dan Solove (privacy), Yochai Benkler (internet governance). Remember the night we hosted top representatives from the RIAA, MPAA and EFF for a pinot-noir infused debate on copyright? (It is too bad that the powers that be at Cornell have taken those videotapes down; even if dated they were a great resource, especially since the law has moved so little, many are still very much on point).
I am deeply saddened that the energy we put into trying to figure out intellectual property, privacy and citizenship – to name a few topics -- in the age of the internet is all but drained off by the state of contemporary politics. I would like to sit down and write a blog about, I don’t know, social networking, just like the afternoon 11 years ago this March when I wrote “Thoughts on Facebook,” without thinking about Donald Trump. That is an almost impossible task in a week when he talks crazy at a conference, his special advisor has called for the destruction of the administrative state, and his press secretary cordoned off a meeting from major news outlets.

A few weeks ago, David Brooks, a columnist for the New York Times who, on balance, has been moderate among his brethren, offered three scenarios for how to resist: Dietrich Bonhoeffer (fight against fascism), St. Benedict (head in the sand monasticism), or Gerald Ford (patient democracy). It was a clever trope, and I found myself weighing the options until Marissa Tomei came to mind saying, from her role in My Cousin Vinny, “It’s a trick question!” All three are appropriate.

If we could go back, what would we do differently? For general policy, attack those tax laws that have allowed the extreme wealthy to deeply enhance their pockets at the expense of everyone else and the health of this country. Also, we should have created retraining programs for people displaced by the shift from an industrial to an information economy. That policy remains the biggest mistake in the Democrats presidential platform. Hand in hand with that effort would have been to expand the internet geographically, make service affordable, and insist on digital and information literacy at every level of education.  In other words, to use the full potential of the internet. Finally, we should have aligned the law with technology in ways that would have extended our country’s time-honored tradition of fairness. I have written much on this topic over the years, so will not repeat specifics; go here if you want a list. It is appalling that Congress has yet to address these points.

 We should have pushed forward an achievable agenda that might have pre-empted Trump. I sincerely believe that if we kept momentum going from the turn of this century, he would not be in office. The quality of that change might have made a difference to the 77,000 people in key states who voted for him.  His appeal would have revealed itself as opportunistic cant.  In the lacuna of his narcissism-as-governance social instability foments. More malevolent forms of government lie in wait. If the society had been moving in a more positive direction, he might not have forged this fateful moment. 

Here is where David Brooks, who chose Gerald Ford, missed a beat. That approach assumes that our democratic structures will quietly stay in place until this moment passes and that we will re-emerge robust. A historian Mr. Brooks is not. We and our institutions are very much affected by this moment, from the silent license that xenophobia gives mentally ill people to shoot immigrants to the patently ridiculous notion that a society as complex is ours can function without an administrative apparatus. We resist, but not just for nostalgia’s sake. It is time to take the gloves off and fight for what was right before the politician Trump.

Show on Jobs site: 


From time to time, either in comments or in conversation, I am asked how it is that in a blog themed “Law, Policy and IT” I discuss politics. Easy answer: Because it is all connected. As time after time I noted throughout the campaign season the greatest fault that the presidential election exhibited was the absence of discourse about the internet and its impact on almost every aspect of American society, from jobs to the economy, fake news and cybersecurity.  Both major parties faulted on that line, and we have now something of the result: an election influenced by the Russian government, a slow-to-the-take major internet companies, including Google and especially Facebook, and young adults from Macedonia to West Asia acting in the good-old American way of doing whatever it takes to make a buck.

Now, as we descend into the deeper and darker corners of an unhealthy president’s personality, a Congress no more efficient that the previous house divided, and a Supreme Court still not at full strength for the failure of both parties to obey the Constitution, it is time to take stock.  To be sure, since its colonial beginnings, the United States has never been a homogenous society.  Historically, if one were to plot they cycles of relative union and disunion, World War II and its immediate aftermath registers as the high-water mark of putting our crazy quilt society together in a recognizable pattern. The fault lines of that pattern emerged quickly, however, first in paranoid extreme conformity of Joseph McCarthy’s communist witch hunt, then with the civil rights movement, anti-Vietnam War protests and generational divides.  In the last quarter of the twentieth-century, myriad influences began to rock the country, some obvious – stagflation, fossil fuel dependence on the Middle East, some less so – and in this category I would put new immigration patterns and policy as well as the economic influences of a transition from an industrial to an information economy, accelerated powerfully by information technologies.

We have been at extreme junctures before. The Civil War, of course, is principal example.  But viewed from a developmental perspective, the unification of two different political economies, one ancient and withered, the other contemporary and emerging, set the United States on its course of tremendous nation-state ascendency. The divides we have in the United States today do not reflect that same kind of positive trajectory. The Old South at least had a coherent political ideology. The new administration and its alt-right supporters are incoherent and chaotic. To some, the fascist true believers – including some of the extreme religious right – that is consistent with the quality of disruption they believe will become the ground for the new society … however they choose to define it as both sacred and profane. Historically, such tendencies bespeak only instability, the kind that brings down civilizations. The kind of opportunity that moved 77,000 people in key districts to vote for Trump that turned the election don’t want that kind. The narcissists and the fascists won’t make that clear. They prefer to take advantage of the bait and switch they hope to bring about in American society. 

In three paragraphs, I hope I have at least touched the surface of how internet culture, law and politics intersect.  Therefore, if I, or anyone else for that matter – including you – want to understand contemporary internet issues, you and I must view all other aspects of U.S. and global society.  Do you think, for example, that China is holding off on economic development in technology and energy fields until Trump makes up his mind about foreign policy?  Here is one small example I noted recently while in Tanzania.  Guess what country is both funding and constructing the major highways in East Africa?  Not the U.S., China.  Back home, Congress is poised to withdraw its humanitarian support from Africa, lately brought to you by a Republican president, by the way.  And guess what continent almost all the consumer electronics come from in Africa?  Right, it’s Asia, not North America.

In last week’s post, I alluded to the new administration’s F.C.C. policy.  I respect the personal journey of the new chairman, Ajit Varadaraj Pai, but not his policies which are all pro-telecomm and have the potential to undermine “net neutrality,” or what the previous chairman, Tom Wheeler, termed “open internet.”  It may be that this administration will re-categorize the internet back to an information service, and then propose net neutrality rules, as Wheeler once proposed. But I doubt it. Trump shows no clear policy on anything (except himself).  His administration is riddled with instability, I would not make that assumption nor would I support a switch now.

Where is the leadership in this country to provide the vision of relatively unity that we need to go forward?  With policy that transcends Democratic and Republican divides?  With an authenticity and integrity that we can believe in?  I know it is out there somewhere.  My only fear is that we all become so bound by our own divides that we won’t recognize it.  It’s intermission time.  The next act is for us all to open our ears, our hearts and our eyes.

Show on Jobs site: 

May 1 Law Day

May 1 is a United States holiday known as Law Day. Declared in 1958 and formally established in 1961, it was the brainchild of an advisor to President Eisenhower, who designed it to counteract the Soviet Union’s celebration of Worker’s Day. Not elevated to the same level as Memorial or Martin Luther King Jr. Day, May 1 nonetheless enjoys fanfare among lawyers. In Washington, it is often the occasion of American Bar Association talks, presentations and panel discussions.   

This year, let’s celebrate May 1 in grand style! Because higher education plays such an important role explaining and exploring, training and tutoring people in the law, let’s mark the day in our colleges and universities with an old-fashioned “teach in.” Here are some topic ideas. What is the rule of law exactly, and why is everyone talking about it so much lately? What does the doctrine of separation of powers mean? What is a tri-partite political system? What is a republic, and how does it differ from theocracies, aristocracies or autocracies? Historically, how did the Constitution arise after the American Revolution? What is the Bill of Rights, why is it separate from the Constitution? Some table top exercises might be used to explore concepts such as “due process,” equal protection,” and “free speech.”  For those institutions that specialize in legal doctrines, “stare decisis” might be particularly useful, along with “judicial review.” Every campus with a law school might do well to hold a special section on, perhaps even a dramatic reading of, Marbury v. Madison, the seminal 1803 case in which Justice John Marshall states “It is emphatically the province and duty of the Judicial Department to say what the law is.”

Most readers will get the associations from these topics to contemporary news quickly. I can reach longer and deeper than the instruction-by-contrast President Trump and his fascist-loving advisor Steve Bannon currently offer, however. Having been teaching these basic concepts in virtually every course I have taught for the past 29 -years – including and especially courses on internet law and policy -- I can attest that an understanding of these essential concepts is sadly in short supply, even among college students, and even in some of the most select colleges in the United States today. 

To some degree I hold the bar association responsible for having professionalized a legal education in this country. The effect of that professionalization is to denude a good, liberal arts education of these basic concepts.  Only those willing to jump through the hoops of college, L.S.A.T., and law school admissions get to know what these concepts mean. That is not enough instruction for the voting public to internalize the ideas or have them take on practical and sustained meaning.  And here is something else I know that I don’t think President Trump or Steve Bannon believe:  the students I have are hungry for this information. They appreciate knowing it, and quickly apply the concepts to very contemporary internet-related issues of communications and intellectual property law, online harassment, privacy and free speech. 

 Students come alive when given the intellectual tools of our society.  Isn’t that they way to counteract those forces that would prefer to mock and abuse those tools?  Colleges and universities could tie this exercise to our outreach missions.  Higher education, open the doors and invite the public in for the day.  Opportunists such as Putin and Trump cynically take advantage of ignorance. Bannon is practically a self-professed fascist, adopting none other than the Italian fascist Julius Evola’s theories that should have ended with Mussolini hanging by his toes. Here is a test to determine whether we need such a day. Answer the following question: What is the doctrine of stare decisis and how does it related to Ajit Pai’s agenda for the Federal Communication’s Commission?  Even if you know the answer, ask your students this week.  Played out politically, that answer may have an impact on their use of the internet for some time.

 On May 1, college and universities should cancel classes, get students to be guides, set out a coffee and teas service and bring the public in to learn about essential American political ideas and values. Administrators, academics and young instructors can lead discussion sections on what U.S. law means, why it has sustained this country from Revolution to Civil War, from an agricultural to an industrial to an information economy, slavery to freedom, and through successive waves of immigration.  People still want to come to this country.  Notwithstanding our flaws, the United States embraced law as the foundation to freedom and liberty, to encourage both incentive and innovation, to offer spiritual and material expression to our humanity.  That is a tradition worth remembering, one we should celebrate, and share deeply its meaning for contemporary challenges to its principles in today’s society.

Show on Jobs site: 

The Veneer of Civilization

The three most important issues for education this past week, at least to me, were: the status of the DeVos nomination; the incident at UC Berkeley; and Trump’s tweet about that incident.

Readers of this blog will not be surprised by my positions. The DeVos nomination should fail. On the merits, she is an embarrassingly unprepared candidate with little more than the Billionaire’s Club membership to recommend her. Politically, she is an extremist, someone who has used her wealth to privatize American education – an entrepreneur’s dream – at the expense of the public. A vote against her need not be political, however; someone of such astoundingly limited experience or credentials in one of the most vital roles for the future of our country is disqualified before we even get to the political discussion. Anyone who cares about education as a fundamental value to American society, no matter what his or her politics, should reject her appointment to this vital position. Only a cynical entrepreneur who cares more about making money than educating today’s youth for tomorrow’s America could rationalize a vote her way.

The Berkeley incident is serious. Chancellor Dirks canceled a talk by the notoriously controversial Milo Yiannopoulos only after a bunch of off-campus thugs created violence among peaceful mostly campus protesters. Notwithstanding claims to the contrary, the chancellor did so for health and safety reasons, not in violation of free speech. The real issue lies, however, in the intention of the thug actors to frame the peaceful protestors. Both campus and local law enforcement should be bringing considerable resources to bear on an investigation. Good money can be put on either Milo Yiannopoulos or his supporters. If it is true that Breitbart is an anti-Semitic, racist journal – I don’t read it so I don’t know for sure, but extracted quotes sure do make it sound that way – than all I can add is that if those connected with the journal or Yiannopoulos personally were involved in any of these disruptive activities, they are very unoriginal in their tactics. Purposeful disruptions designed to frame peaceful protestors was a favorite of twentieth-century fascists. 

 Let’s reflect on that observation.  The late history professor Eugene Genovese caught my attention so many years ago when I was an undergraduate taking his Western Civilization II course with a statement about genocide. It occurs repeatedly in history, he observed, but noted that part of what shocked people about Nazi Germany was that the Nazi party and German people, who passively or actively went along with the criminal acts of vandalism, violence, forced appropriations, trumped up arrests, forced kidnapping and mass murder, did so not against some tribe of people half way around the globe who looked and acted very differently from them but against the very people who had largely assimilated to the cultural norms, professions and everyday life of other Germans. How and why inhumane horrors were possible is the stuff of volumes of important sociological, ethical, and historical studies; I will not reproduce that literature here. I will draw from it to make one point. In some significant measure, it was possible because most people couldn’t believe that a civilized society and its government would behave in such shocking and brutal ways.  Indeed, 20th-century Western history teaches us that, in the words of a consummate conservative, Margaret Thatcher, “the veneer of civilization is very thin.” 

 And now what is that quote about those who fail to learn from history? Let us not be so ignorant as to think that just because someone has an education or speaks at colleges or writes for a journal or somehow gets public recognition is beyond acting like a thug. Or that a society, while for all intents and purposes appearing to be rational, is without malevolent forces. One of Freud’s last books, as he fled Austria in the wake of the Anschluss, “Civilization and Its Discontents,” speaks to these social-psychological aspects. No one should take civilization for granted, or assume that its very structures are an insurance against irrational hatred and violence, oppression and power for its own sake. Nothing about our Constitution or rule of law preternaturally guarantees a democratic future. Citizenship is not a given. It must be achieved every day.

 Higher education is a keeper of memories’ flame, but, it too, is not immune to self-destructive social forces. With notable individual exceptions – but more often not – university administrators and professors went along with twentieth-century fascistic movements in their home countries. Colleagues, let the scales fall from your eyes, cast the illusions awy. As keepers of memories’ flame, we shed light on what history teaches.  “You can’t believe how fast it can all fall,” was the wisdom on Thomas Africa, esteemed professor of Ancient Rome.  He referred to the Republic, and then later the Empire, but he spoke to a universal truth about change over time.  Consciously or unconsciously, as participants in our drama, we make decisions about our fate every day. It is now time that we become more conscious of what is going on around us. There are plenty of warning signs.
The last of the three most important issues about education this week appeared as a tweet. “If UC Berkeley does not allow free speech and practices violence on innocent people with a different point of view – NO FEDERAL FUNDS.” From the President of the United States. Everyone in higher education should be outraged by this act. No rationalization will suffice. “He doesn’t understand how the law works in this area.”  “It is just Trump.” This perversion of the truth of what transpired in Berkeley, this delusion of grandiose authority and power, this threat, in fact, to free speech is the single most menacing statement I have ever heard in United States history about higher education especially given the office and personal reputation of the author.

Association and campus leaders must take it seriously, organize to confront this threat to our missions and remain vigilant about the integrity of our institutions.  DeVos is incapable of being a leader in this kind of effort. But the concern is far greater than her nomination: it goes right to the heart of who we are, what we think we are doing in higher education and why it matters.


Show on Jobs site: 

It’s Not a Lie

All last week, The New York Times, journal of record for the United States together with The Washington Post, focused on Trump’s propensity to utter mistruths.  A headline that used the word “lie” became its own media sensation.  At least four or five articles in the top ten riff off this theme.  And then, in the midst of the purposeful chaos that Trump creates, we experienced Executive Order “Protecting the Nation from Foreign Terrorist Entry into the United States.” 

Given what the Times and other journals have to work with in the new president, it is not a wonder.  Everyone would agree, especially Trump, that he has upended aspects of reality.  He revels in being the exploder of the status quo and seeks the far end of controversy as a matter of course.  Had he lost the election, mainstream press would have likely reverted to its pattern of point-counterpoint.  Because he won, political discourse has drifted from policy and is being reduced to debates on perception. Epistemology, ordinarily an obscure topic in a philosophy curriculum, has come front and center of news.  Journalists traditionally trained in fact-gathering and objective analysis are understandably besides themselves. Politeness be gone, the gloves are off, call a spade a spade, he “lies.”

I don’t think that this term gets Trump exactly right.  Delusional goes deeper.  At first impression, I do not mean it negatively. It lets Trump off the hook about “lies;” he lacks the requisite intent.  Where my interpretation might not be so complimentary is in what it suggests about the man’s personality.  Delusional goes hand in hand with the narcissistic diagnoses frequently mentioned throughout the campaign.  Reality bends in the direction of his abiding, intense need to hyperbolically flatter himself.

The distinction is important.  If the press believes that they can topple this president by calling out his lies, they are going down the wrong path. That tack worked with Nixon, not because Nixon was without psychological blemish – many armchair analysts noted his life-long tendency to paranoia, but because what Nixon lied about was so clearly a criminal act: his knowledge and complicity in the breaking and entering of National Democratic Committee (DNC) Watergate Office.   With Trump, taking note of his anxious insistence on the inauguration numbers or immigrant voter fraud claims is necessary commentary but it will not be sufficient evidence to get him to quit.  To the contrary, his handlers fly into action with creative responses such as Kellyanne Conway’s “alternative facts,” or Steve Bannon’s “opposition party” euphemism for mainstream press.  We need evidence that he either had knowledge of, or colluded with Putin or his agents, in the Democratic National Committee hack.  That would, or least it should, warrant Congressional indictment.  

Having cleverly created the chaos that is effectively on par with the Reichstag fire, Trump lobbed his immigration executive order bomb. Clearly a violation of Constitutional law as both a matter of de jure substantive equal protection and of procedural due process, those federal employees designated to implement this order should organize to resist.  Nullification – a political notion contoured to U.S. antebellum history – might be resurrected and refitted for those seeking a concept that incorporates invalidating a federal law as unconstitutional.  Higher education officials, many of whom have demonstrated courage in a timely manner, might consider adding their voices to such an effort.  More than any other action that Trump has taken, at least to me, this one draws the line in the sand. What so many of us have feared is coming to pass, and it is time to resist.

In the end, whether it is a “lie” or “delusion” matters little when the effect goes so clearly against what this country traditionally represents: regulated but open borders, open hearts to immigrants and the spirit of innovation and progress that refresh our economy and culture, and open minds as how to appropriately – and not discriminatorily – address terrorism and threats to national security.  The eye cannot leave the prize.  If there is any truth left to be found in these unsettling epistemological and political moments, it is that no leader, no matter how compelling his or her narcissism, is worth forsaking this great American experiment in citizenship.

Show on Jobs site: 


Subscribe to RSS - Tracy Mitrano's blog
Back to Top