If This Passes, Only Criminals Could Do Speech Technology
Today I’m reminded of what I’ll call Anderson’s Law, formulated by Poul Anderson, a science fiction writer who understood how science is done, as well as how engineers work: “I never saw a problem, however complicated, that when looked at the right way wasn’t still more complicated.”
The Obama administration in March proposed legislation that would affect the Internet and our professional lives in ways we can’t begin to predict. At first glance, the proposal is nothing but trouble; or, perhaps the legislation would open up vast opportunities. Maybe it would do both. Or neither. The more I look at it, the more complicated it becomes. The European Union advocates similar regulations with similarly unclear consequences.
News reports about the legislation have echoed some spokesman’s talking points without thinking through the consequences. Journalists rarely, if ever, give references to primary source materials (see http://www.stinkyjournalism.org/editordetail.php?id=1263), so I dug around for the full story and the government press releases. The paper trail starts at the Commerce Department, which proposed legislation to protect privacy, with enforcement by the Federal Trade Commission. As usual, the FTC would enforce rules through its panoply of coercive measures.
The government would be able to mandate that someone, in this case Internet-based services, abide by the FTC’s Fair Information Practice Rules. This in turn would require:
• precollection disclosure of what data would be collected from you and for what purpose;
• right of review to verify that your data are correct and complete; and
• security of all your personal data.
I know what all you technical people are thinking: What a nightmare! A hundred million Web unique visitors to your site, each one wanting to exercise the right to review and correct whatever background marketing information you’ve collected (“No, I do not prefer the color red”). Entrepreneurs who want to analyze and monetize statistics would be in for some sleepless nights. And the behaviorists are thinking that everyone who visits Web sites regularly would click through the disclosure agreements, rendering the operation pointless.
Security folks would marvel at the cloddish notion that opening 100 million records to the scrutiny of the general public would improve people’s lives (that is, honest people’s lives), and wait with dread to hear what nonsensical security regime the regulators would impose.
Some consequences are easy to foresee. New Web-based services, such as Web APIs, would become harder to create, because of privacy rules and the sheer cost of compliance (e.g., if I use company A’s API in my product, I’d likely be liable if company A breaks the rules). That alone would squash experimental APIs. Eventually, that would result in higher costs through a regime of audits, which would translate into permanently lower start-up activity.
As for speech technology, any API-centric platform would face higher compliance costs. Any service using biometrics would be required not only to secure the biometrics but also to let consumers review that data. Given that the law would require that data be presented in an easily understood format, biometric companies would scramble to explain features to the man on the street.
Even straightforward IVR systems might struggle. Every user of your IVR system would provide grist for the mill as you grind away at your user interface and back-end technology; all the data would offer insights into the performance of your speech technology and user interface.
The point of the legislation, if I read it correctly, is to force data collection practices into a rigid straitjacket. We won’t be able to wave our arms and claim that our data collection operations are so innocuous that we should be exempt. Must you disclose all the uses of this data? How can you accomplish that during a phone call? Do you have a lobbyist with bags of cash to beg for an exemption? Data mining companies, including the ones that sift through corporate data for problems and trends, would have a party on their hands.
As for the hypothetical vast opportunities, I tried for hours to think of them but to no avail. At first I considered that some companies would rather shut down their Web presence and provide telephony services instead, to avoid high compliance costs, but I doubt that would happen. Someone somewhere might sell an extra biometric system to provide secure access; a few people would sell extra IVR systems. As for our industry, the costs of compliance would burn money that might otherwise be spent creating real value.
Moshe Yudkowsky, Ph.D., is president of Disaggregate Consulting and author of The Pebble and the Avalanche: How Taking Things Apart Creates Revolutions. He can be reached at firstname.lastname@example.org.