Today's links
- Federal Wallet Inspectors: Does tech *really* move too fast to regulate?
- Hey look at this: Delights to delectate.
- Object permanence: Soda can Van de Graff; Amazon rents a copy of the web; Boardgame Remix Kit; No furniture photos please we're British; Youtube vs fair use; Carbon offsets are bullshit; Arkham model railroad; Happy Birthday is in the public domain; Ted Cruz hires Cambridge Analytica; The kid who wanted to join the NSA; Daddy Daughter Xmas Podcast 2020.
- Upcoming appearances: Where to find me.
- Recent appearances: Where I've been.
- Latest books: You keep readin' em, I'll keep writin' 'em.
- Upcoming books: Like I said, I'll keep writin' 'em.
- Colophon: All the rest.
Federal Wallet Inspectors (permalink)
Look, I'm not trying to say that new technologies never raise gnarly new legal questions, but what I am saying is that a lot of the time, the "new legal challenges" raised by technology are somewhere between 95-100% bullshit, ginned up by none-too-bright tech bros and their investors, and then swallowed by regulators and lawmakers who are either so credulous they'd lose a game of peek-a-boo, or (likely) in on the scam.
Take "fintech." As Trashfuture's Riley Quinn is fond of saying, "when you hear 'fintech,' think 'unregulated bank'":
https://pluralistic.net/2022/03/02/shadow-banking-2-point-oh/#leverage
I mean, the whole history of banking is: "Bankers think of a way to do reckless things that are wildly profitable (in the short term) and catastrophic (in the long term). They offer bribes and other corrupt incentives to their watchdogs to let them violate the rules, which leads to utter disaster." From the 19th century "panics" to the crash of '29 to the S&L collapse to the 2008 Great Financial Crisis and beyond, this just keeps happening.
Much of the time, the bankers involved have some tissue-thin explanation for why what they're doing isn't really a violation of the rules. Think of the lenders who, in the runup to the Great Financial Crisis, insisted that they weren't engaged in risky lending because they had a fancy equation that proved that the mortgage-backed securities they were issuing were all sound, and it was literally impossible that they'd all default at once.
The fact that regulators were bamboozled by this is enraging. In hindsight (and for many of us at least, at the time), it's obvious that the bankers went to their watchdogs and said, "We'd like to break the law," and the watchdogs said, "Sure, but would you mind coming up with some excuse that I can repeat later when someone asks me why I let you do this crime?"
It's like in the old days of medical marijuana, where you'd get on a call with a dial-a-doc and say, "Please can I have some weed?" and the doc would say, "Tell me about your headaches," and you'd say, "Uh, I have headaches?" and they'd say "Great, here's your weed!"
The alternative is that these regulators are so bafflingly stupid that they can't be trusted to dress themselves. "My stablecoin is a fit financial instrument to integrate into the financial system" is as credible a wheeze as some crypto bro walking up to Cory Booker, flashing a homemade badge, and snapping out, "Federal Wallet Inspector, hand it over."
I mean, at that point, I kind of hope they're corrupt, because the alternative is that they are basically a brainstem and a couple of eyestalks in a suit.
What I'm saying is, "We just can't figure out if crypto is violating finance laws" is a statement that can only be attributed to someone very stupid, or in on the game.
Speaking of "someone very stupid, or in on the game," Congress just killed a rule that would have guaranteed that the US military could repair its own materiel:
https://federalnewsnetwork.com/congress/2025/12/congress-quietly-strips-right-to-repair-provisions-from-2026-ndaa-despite-wide-support/
Military right to repair is the most brainless of all possible no-brainers. When a generator breaks down in the field – even in an active war-zone – the US military has to ship it back to America to be serviced by the manufacturer. That's not because you can't train a Marine to fix a generator – it's because the contractual and technical restrictions that military contractors insist on ban the military from fixing its stuff:
https://www.pogo.org/fact-sheets/fact-sheet-the-right-to-repair-for-the-united-states-military
This violates a very old principle in sound military administration. Abraham Lincoln insisted that the contractors who supplied the Union army had to use standardized tooling and ammo, because it would be very embarrassing for the Commander-in-Chief to have to stand on the field at Gettysburg with a megaphone and shout, "Sorry boys, war's canceled this week, our sole supplier's gone on vacation."
And yet, after mergers of large military contractors resulted in just a handful of "primary" companies serving the Pentagon, private equity vampires snapped up all the subcontractors who were sole-source suppliers of parts to those giants. They slashed the prices of those parts so that the primary contractors used as many as possible in the materiel they provided to the US DoD, and then raised the prices of replacement parts, some with 10,000% margins, which the Pentagon now has to pay for so long as they own those jets and other big-ticket items:
https://pluralistic.net/2021/01/29/fractal-bullshit/#dayenu
This isn't a complicated scam. It's super straightforward, and the right to repair rule that Congress killed addressed it head on. But Congressional enemies of this bill insisted that it would have untold "unintended consequences" and instead passed a complex rule, riddled with loopholes, because there was something unique and subtle about the blunt issue of price-gouging:
https://www.warren.senate.gov/imo/media/doc/final_-_warren_letter_to_dod_re_right_to_repair_consequences_092524.pdf
Either these lawmakers are so stupid that they fell for the ole "Federal Wallet Inspector" gambit, or they're in on the game. I know which explanation my money is on.
Maybe this has already occurred to you, but lately I've come to realize that there's another dimension to this, a way in which critics of tech help this gambit along. After all, it's pretty common for tech critics to preface their critiques with words to the effect of, "Of course, this technology has raced ahead of regulators' ability to keep pace with it. Those dastardly tech-bros have slipped the net once again!"
The unspoken (and sometimes very loudly spoken) corollary of this is, "Only a tech-critic as perspicacious and forward looking as me is capable of matching wits with those slippery tech-bros, and I have formulated a sui generis policy prescription that can head them off at the pass."
Take the problem of deepfakes, including deepfake porn. There's a pretty straightforward policy response to this: a privacy law that allows you to prevent the abuse of your private information (including to create deepfakes) that unlawfully process your personal information for an illegitimate purpose. To make sure that this law can be enforced, include a "private right of action," which means that individual can sue to enforce it (and activist orgs and no-win/no-fee lawyers can sue on their behalf). That way, you can get justice even if the state Attorney General or the federal Department of Justice decides not to take your case.
Privacy law is a great idea. It can navigate nuances, like the fact that privacy is collective, not individual – for example, it can intervene when your family members give their (your) DNA to a scam like 23andme, or when a friend posts photos of you online:
https://jacobin.com/2021/05/cory-doctorow-interview-bill-gates-intellectual-property
But privacy law gets a bad rap. In the EU, they've had the GDPR – a big, muscular privacy law – for nine years, and all it's really done is drown the continent in cookie-consent pop-ups. But that's not because the GDPR is flawed, it's because Ireland is a tax-haven that has lured in the world's worst corporate privacy-violators, and to keep them from moving to another tax haven (like Malta or Cyprus or Luxembourg), it has to turn itself into a crime-haven. So for the entire life of the GDPR, all the important privacy cases in Europe have gone to Ireland, and died there:
https://pluralistic.net/2025/12/01/erin-go-blagged/#big-tech-omerta
Now, again, this isn't a complicated technical question that is hard to resolve through regulation. It's just boring old corruption. I'm not saying that corruption is easy to solve, but I am saying that it's not complicated. Irish politicians made the country's economy dependent on the Irish state facilitating criminal activity by American firms. The EU doesn't want to provoke a constitutional crisis by forcing Ireland (and the EU's other crime-havens) to halt this behavior.
That's a hard thing to do! It's just not a complicated thing to do. The routine violations of EU privacy law by American tech companies isn't the result of "tech racing ahead of the law." It's just corruption. You can't fix corruption by passing more laws; they'll just be corruptly enforced, too.
But thanks to a mix of bad incentives – politicians wanting to be seen to do something without actually upsetting the apple-cart; AI critics wanting to inflate their importance by claiming that they're fighting something novel and complex, as opposed to something that's merely boring and hard – we get policy proposals that will likely worsen the problem.
Take Denmark's decision to fight deepfakes by creating a new copyright over your likeness:
https://www.theguardian.com/technology/2025/jun/27/deepfakes-denmark-copyright-law-artificial-intelligence
Copyright – a property right – is an incredibly bad way to deal with human rights like privacy. For one thing, it makes privacy into a luxury good that only the wealthy can afford (remember, a discount for clicking through a waiver of your privacy right is the same thing as an extra charge for not waiving your privacy rights). For another, property rights are very poorly suited to managing things that have joint ownership, such as private information. As soon as you turn private information into private property, you have to answer questions like, "Which twin owns the right to their face" and "Who owns the right to the fact that your abusive mother is your mother – you, or her? And if it's her, does she get to stop you from publishing a memoir about the abuse?"
Copyright – a state-backed transferable monopoly over expression – is really hard to get right. Legislatures and courts have struggled to balance free expression and copyright for centuries, and there's a complex web of "limitations and exceptions" to copyright. Privacy is also incredibly complex, and has its own limitations and exceptions, and they are very different from copyright's limits. I mean, they have to be: privacy rules defend your human right to a personal zone of autonomy; copyright is intended to create economic incentives to produce new creative works. It would be very weird if the same rules served both ends.
I can't believe that Denmark's legislators failed to consider privacy as the solution to deepfakes. If they did, they are very, very stupid. Rather, they decided that fighting the corruption that keeps privacy law from being enforced in the EU was too hard, so they just did something performative, creating a raft of new problems, without solving the old one.
Here in the USA, there's lots of lawmakers who are falling into this trap. Take the response to chatbots that give harmful advice to children and teens. The answer that many American politicians (as well as lawmakers abroad, in Australia, Canada, the UK and elsewhere) have come up with is to force AI companies to identify who is and is not a child and treat them differently.
This boils down to a requirement for AI companies to collect much more information on their users (to establish their age), which means that all the AI harms that stem from privacy violations (AI algorithms that steal wages, hike prices, discriminate in hiring and lending and policing, etc) are now even harder to stop.
A simple alternative to this would be updating privacy law to limit how AI companies can gather and use everyone's data – which would mean that you could protect kids from privacy invasions without (paradoxically) requiring them (and you) to disclose all kinds of private information to determine how old they are.
The insistence – by AI critics and AI boosters – that AI is so different from other technologies that you can't address it by limiting the collection, retention and processing of private information is a way in which AI critics and AI hucksters end up colluding to promote a view of AI as an exceptional technology. It's not. AI is a normal technology:
https://www.aisnakeoil.com/p/ai-as-normal-technology
Sometimes this argument descends into grimly hilarious parody. Argue for limits on AI companies' collection, retention and processing of private information and AI boosters will tell you that this would require so much labor-intensive discernment about training data that it would make it impossible to continue training AI until it becomes intelligent enough to solve all our problems. But also, when you press the issue, they'll sometimes say that AI is already so "intelligent" that it can derive (that is, guess) private information about you without needing your data, so a new privacy law won't help.
In other words, applying privacy limitations to AI means we'll never get a "superintelligence,"; and also, we already have a superintelligence so there's no point in applying privacy limitations to AI.
It's true that technology can give rise to novel regulatory challenges, but it's also true that claiming that a technology is so novel that existing regulation can't resolve its problems is just a way of buying time to commit more crimes before the regulators finally realize that your flashy new technology is just a boring old scam.
Hey look at this (permalink)
Object permanence (permalink)
#20yrsago Americans smile, Brits grimace? https://www.nytimes.com/2005/12/11/magazine/national-smiles.html
#20yrsago HOWTO make a soda-can Van de Graaf https://scitoys.com/scitoys/scitoys/electro/electro6.html
#20yrsago Credit-card-sized USB drive https://web.archive.org/web/20051214084824/http://walletex.com/
#20yrsago Homeland Security: Mini-golf courses are terrorist targets https://web.archive.org/web/20060215153821/https://www.kron.com/Global/story.asp?S=4226663
#20yrsago Amazon rents access to a copy of the Web https://battellemedia.com/archives/2005/12/alexa_make_that_amazon_looks_to_change_the_game
#15yrsago Pornoscanners trivially defeated by pancake-shaped explosives https://web.archive.org/web/20101225211840/http://springerlink.com/content/g6620thk08679160/fulltext.pdf
#10yrsago HO fhtagn! Detailed model railroad layout recreates HP Lovecraft’s Arkham https://web.archive.org/web/20131127042302/http://www.ottgallery.com/MRR.html
#10yrsago Suicide rates are highest in spring — not around Christmas https://www.theatlantic.com/health/archive/2015/12/no-suicides-dont-rise-during-the-holidays/419436/
#10yrsago Airbnb hosts consistently discriminate against black people https://www.benedelman.org/publications/airbnb-011014.pdf
#10yrsago What will it take to get MIT to stand up for its own students and researchers? https://www.youtube.com/watch?v=cQdl_JdTars
#10yrsago Experts baffled to learn that 2 years olds are being prescribed psychiatric drugs https://www.nytimes.com/2015/12/11/us/psychiatric-drugs-are-being-prescribed-to-infants.html?_r=0
#10yrsago Happy Birthday’s copyright status is finally, mysteriously settled https://www.nytimes.com/2015/12/10/business/media/happy-birthday-copyright-case-reaches-a-settlement.html?_r=0
#10yrsago Proposal: keep the nuclear launch codes in an innocent volunteer’s chest-cavity https://blog.nuclearsecrecy.com/2012/09/19/the-heart-of-deterrence/
#10yrsago Obama promises statement on encryption before Xmas (maybe) https://web.archive.org/web/20151211042128/https://www.dailydot.com/politics/white-house-encryption-policy-response-petition/
#10yrsago Harlem Cryptoparty: Crypto matters for #blacklivesmatter https://web.archive.org/web/20151218183924/https://motherboard.vice.com/read/the-black-community-needs-encryption
#10yrsago Backslash: a toolkit for protesters facing hyper-militarized, surveillance-heavy police https://arstechnica.com/tech-policy/2015/12/backslash-anti-surveillance-gadgets-for-protesters/
#10yrsago Ted Cruz campaign hires dirty data-miners who slurped up millions of Facebook users’ data https://www.theguardian.com/us-news/2015/dec/11/senator-ted-cruz-president-campaign-facebook-user-data
#10yrsago The Tor Project has a new executive director: former EFF director Shari Steele! https://blog.torproject.org/greetings-tors-new-executive-director/
#10yrsago What I told the kid who wanted to join the NSA https://www.theguardian.com/us-news/2015/dec/11/west-point-cybersecurity-nsa-privacy-edward-snowden
#10yrsago Copyfraud: Disney’s bogus complaint over toy photo gets a fan kicked off Facebook https://arstechnica.com/tech-policy/2015/12/disney-initially-drops-then-doubles-down-on-dmca-claim-over-star-wars-figure-pic/
#15yrsago Sales pitch from an ATM-skimmer vendor https://krebsonsecurity.com/2010/12/why-gsm-based-atm-skimmers-rule/
#15yrsago Boardgame Remix Kit makes inspired new games out of old Monopoly, Clue, Trivial Pursuit and Scrabble sets https://web.archive.org/web/20101214210548/http://www.boardgame-remix-kit.com/sample/boardgame-remix-kit-sample.pdf
#10yrsago Britons will need copyright licenses to post photos of their own furniture https://arstechnica.com/tech-policy/2015/12/you-may-soon-need-a-licence-to-take-photos-of-that-classic-designer-chair-you-bought/
#5yrsago Outgoing Facebookers blast the company https://pluralistic.net/2020/12/12/fairy-use-tale/#badge-posts
#5yrsago Carbon offsets are bullshit https://pluralistic.net/2020/12/12/fairy-use-tale/#greenwashing
#5yrsago Youtube, fair use, competition, and the death of the artist https://pluralistic.net/2020/12/12/fairy-use-tale/#content-id
#5yrsago A lethally boring story https://pluralistic.net/2020/12/11/number-eight/#erisa
#5yrsago Daddy Daughter Xmas Podcast 2020 https://pluralistic.net/2020/12/11/number-eight/#youll-go-down-in-mystery
#5yrsago Antitrust and Facebook's paid disinformation https://pluralistic.net/2020/12/11/number-eight/#curse-of-bigness
#1yrago The housing emergency and the second Trump term https://pluralistic.net/2024/12/11/nimby-yimby-fimby/#home-team-advantage
#1yrago A Democratic media strategy to save journalism and the nation https://pluralistic.net/2024/12/12/the-view-from-somewhere/#abolish-rogan
Upcoming appearances (permalink)
Recent appearances (permalink)
- "Canny Valley": A limited edition collection of the collages I create for Pluralistic, self-published, September 2025
-
"Enshittification: Why Everything Suddenly Got Worse and What to Do About It," Farrar, Straus, Giroux, October 7 2025
https://us.macmillan.com/books/9780374619329/enshittification/
-
"Picks and Shovels": a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books (US), Head of Zeus (UK), February 2025 (https://us.macmillan.com/books/9781250865908/picksandshovels).
-
"The Bezzle": a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books (US), Head of Zeus (UK), February 2024 (thebezzle.org).
-
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org).
-
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
-
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com.
-
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
- "Unauthorized Bread": a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2026
-
"Enshittification, Why Everything Suddenly Got Worse and What to Do About It" (the graphic novel), Firstsecond, 2026
-
"The Memex Method," Farrar, Straus, Giroux, 2026
-
"The Reverse-Centaur's Guide to AI," a short book about being a better AI critic, Farrar, Straus and Giroux, June 2026
Today's top sources:
Currently writing:
- "The Reverse Centaur's Guide to AI," a short book for Farrar, Straus and Giroux about being an effective AI critic. LEGAL REVIEW AND COPYEDIT COMPLETE.
-
"The Post-American Internet," a short book about internet policy in the age of Trumpism. PLANNING.
-
A Little Brother short story about DIY insulin PLANNING
This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Pluralistic.net
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
https://mamot.fr/@pluralistic
Medium (no ads, paywalled):
https://doctorow.medium.com/
Twitter (mass-scale, unrestricted, third-party surveillance and advertising):
https://twitter.com/doctorow
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Log in
