Truth, Justice, and the Sysadmin Way

by Hal Miller
<halm@usenix.org>

Hal Miller is president of the SAGE STG Executive Committee.




The Australian Senate recently passed a bill that legislates liability onto ISPs for the content of data in use by their customers. SAGE-AU, among other computing (and other) societies in Australia, has taken a stand against this. Not all that long ago, they needed to do the same thing on another bill. Their official submission was quoted extensively in Parliament and their position accepted.

A couple of years ago here in the U.S., we faced a similar problem with the Communications Decency Act. SAGE is organized differently from our Australian cousins. Our laws (tax laws in particular) are different, and our ability to mobilize and act was "confused" at best. We were fortunate in that a court stopped enforcement of that act, but we actually could still face the problem — the law remains on the books. Another court could still decide against our interest, with great potential harm to our members.

It is probably safe to say that most legislators know little about computing technology. It is probably safe to say that most legislators (at state as well as national levels) would love to be able to report to their voters that they have "solved" the various pornography, gun control, or other social problems by passing a law forbidding the effects of these issues on the Internet. It seems safe to say that we will see a continuing spate of misguided although probably well-intentioned efforts to do this. The implication is that unless someone guides these efforts, sysadmins are going to find themselves in court, if not in jail, as scapegoats for various social problems.

The question I bring to you now is: What ought SAGE to be doing in this regard?

Obviously, there are a lot of sub-questions here, such as: What are we allowed to do? What organizational changes might we need to consider to widen our scope if we wished to do so? Where do the resources come from? Why would anyone want to listen to us? These questions are certainly important, but unless we have some idea of what we want to do, knowing what we "can" do, or how we go about it, doesn't seem important. While some may argue "cart before horse," especially in the "what we can do" area, I claim that the fact that we cannot bring Rembrandt back to life isn't relevant if we as an organization aren't worried about Dutch artists. First issue is: What do we want to do here?

Many things quickly spring to mind: congressional liaison, either as registered lobbyists or as recognized experts that legislators come to know and call upon for their subcommittee hearings; newspaper editorials and/or columns; radio talk shows (in the form of Internet-based communications, e.g., USENET news, email lists, Mbone); public education (PBS shows?, community-college courses), including for legislators and judges. But first again, what are we after? These are "implementation" ideas — what is the goal?

I believe that there is nobody out there who can (or will) act to protect us, the sysadmins, other than SAGE. I believe that it is unlikely anyone else can or will step forward with the knowledge level required to protect the innocent (e.g., ISPs for content-monitoring of customer users, recipients of spam pornography, etc.) from well-intentioned (or not) laws that have significant, negative, unintended results. (Where is Jack Webb when you need him?) SAGE needs to brush down its white charger, shine its armor and sword, and start searching for dragons to slay in this field. We do, of course, need to ensure we don't start jousting with windmills or becoming the Sir Rodney (character in the newspaper comic "The Wizard of Id" who loses every jousting match) of the computing world, but there are issues out there that cannot be left to inertia, and which nobody else is suited to address.

The goal should be, therefore, to commit ourselves to playing Zorro from time to time, rather than ignoring these ever-increasing problems of the maturation of the Internet. I would like to hear your reactions to this statement. Please email me with thoughts and comments. (<sage-members> is available should you prefer public discussion.) "How-To"s are also solicited, both for the new series and for this!

If we accept this goal as a direction for SAGE, it becomes appropriate to begin with the other questions. I will touch briefly here on a few of them and would like to charter a group to tackle this in earnest.

What can we do? Clearly legislative lobbying makes sense. Problems abound with this, though, and if we choose it as a course of action, we will need to do a fair bit of preparatory work. SAGE is a piece, without independent legal standing, of a not-for-profit corporation (USENIX). Tax (and other) laws limit the kind and amount of lobbying USENIX can do as things stand now. There are ways to do some "lobbying," as we found during the CDA discussions, but we would need additional legal work and organizational "definition" (meaning addressing some hard internal questions we have successfully avoided thus far) in order to take more significant action. Maybe we can manage to get a few of our number elected to the various legislatures? (No, I'm not running!)

Another direction we could potentially work in is expanding our educational goals to a wider horizon. All along I have been thinking of educating sysadmins, but maybe we also need to find ways to educate the general public (or at least judges and legislative staffers) on the impact and fallout of the things they're doing in trying to achieve social goals.

In any event, for us to be effective in this arena (as with others) we need to significantly expand our market penetration. We need to add a couple of zeros to our membership numbers. This we can tackle without running afoul of tax laws, so I declare open season for recruiting. Join a local group if you're not in one, form one if there isn't one in your area, and start drawing individuals, companies/institutions, and vendors into your meetings!