The Worst Technology Laws
Given how much technology affects all parts of our lives these days, it's scary to think about how often Congress gets regulation of tech issues wrong. Sometimes it passes laws, like the Digital Millennium Copyright Act (DMCA), that make things worse. Other times it ignores vital issues such as online privacy, leaving us at the mercy of companies and whatever their privacy policies say this week.
Here's my list of the five technology laws most in need of an overhaul, along with five areas in which, well, there ought to be a law.
1. Copyright Killjoys
Few people argue that copyright shouldn't exist--after all, the creators of the music, art, video, and other content we enjoy should be able to profit from their work and control its distribution. But 1998's Digital Millennium Copyright Act (as well as that same year's Copyright Term Extension Act, which protects copyrights virtually indefinitely) goes too far.
By making it illegal to break the encryption that may protect a work, the DMCA takes away the ability that we used to have before the digital age to freely move around our own content for personal purposes. The law also hinders research into new technologies and prohibits accepted software practices like reverse engineering. Court rulings have mitigated some of these issues, but researchers and consumer advocacy groups both say they can still feel the chilling effect.
There's another problem: The complex copyright system best serves big corporations, which can hire experts to navigate its myriad rules. But average Joes are creating lots of new content--YouTube videos, podcasts, blogs, and more. Mashups allow people to easily take content created by others, mix it up, and produce something new. Copyright rules are too complex for most amateur creators to apply to their own works, or even to follow as they borrow and remix existing products.
2. National ID Nightmare
You can argue that the goals--increase security and get a better handle on immigration by instituting a national identity card--are good. The card is supposed to replace your driver's license and would be issued only after a stringent check of your identity and residency status. And data from the cards would be used to create a national database of identity information easily shared across state lines. But 2005's Real ID Act--enacted without debate--has a number of significant flaws.
It mandates that all the identity cards include some technology to make them machine readable so that companies and agencies can easily get at the information they contain. But the act gives only a bare set of guidelines for this technology and doesn't require that all states use the same system. It also neglects to specify even a minimum standard for the security of this highly sensitive information. Each state can choose its own level of security, but since everything is linked, the data is only as safe as the flimsiest system. Nothing in the law specifies how the data will be shared in practice--it may be reasonable, for example, for your bank or employer to have access to your Social Security number and residency status, but should the liquor store clerk who's checking your age have it too?
The IDs are supposed to debut next year, though there are some moves in Congress now to delay the implementation or repeal the act entirely.