The Cyber Effect (38 page)

There it is again: a common code.

The anti–intellectual property movement is popular with the tech industry—and has lots of fans in cyberspace. Shrewdly, the administrators of the Pirate Bay publicized their site by organizing political rallies and circulating petitions about “the practical, moral, and philosophical issues of file sharing.” It claimed it was all about mutuality and reciprocity and brotherhood, not stealing.

In cyberspace, “torrent” refers to any type of file that is shared via the protocol BitTorrent, a peer-to-peer system (in tech-lingo, “p2p”) for sharing big files. Rather than coming from just one server, segments are taken from multiple sources at the same time. The result? Lower
bandwidth, so delivery is faster. This makes the pirating easy and quick, something that is mandatory for success online.

It's a little like fast food: probably best not to think about quality, nutritional value, or place of origin. But at least when you bite into a Big Mac, you have the moral comfort of knowing you paid for it.

Napster was the groundbreaking site that pioneered mass music file-sharing and not-paying. In just two years, between 1999 and 2001, it acquired 60 million registered users until the Recording Industry Association of America (RIAA) took the company to court and forced it into liquidation. Law enforcement caught up with the Pirate Bay eventually too, and its founders were charged with copyright infringement. But the site stayed up, often shifting to new domains until it settled on a secure, cloud-based infrastructure in 2012. By then, it had tens of millions of Internet users.

How big was
the impact of peer-to-peer file-sharing? The recording industry, already grappling with challenges from new technologies in the shift to digital, claims there was a 45 percent drop in music sales in the first decade after Napster was launched. In the first five years that the Pirate Bay was in operation, approximately 30 billion songs were illegally downloaded on file-sharing networks. These financial losses compound once you consider the millions of lost jobs, failed businesses, and uncollected tax revenue—and that's before you factor in the impact on undiscovered creative talent.

But there were other costs, possibly greater. Once it began, the trend of pirating continued to become more popular, more prevalent—and cool. In 2010, an episode of
Game of Thrones
broke a piracy world record when it was shared 1.5 million times on the Pirate Bay within the first twelve hours of its original airing.

Rather than throwing a colossal and very uncool tantrum, Jeff Bewkes, the CEO of Time Warner, took another approach. “
Game of Thrones
is the most pirated show in the world,” he bragged. “Well, you know, that's better than an Emmy.”

Hmmm
. Is it really?

It costs HBO about $6 million to make each episode of
Game of Thrones
, two or three times the budget of a typical network or cable
show. Could the executives at the premium cable channel really have been happy about that much lost revenue?

Or does HBO have to play along, just to stay popular? I guess that's the cost of being cool. Which brings me to another puzzling conundrum of human behavior: Why do people break the law when they know it's wrong?

Justifications for content theft online are plentiful and apparently compelling, according to the many studies that have been done on the behavior. To start with, some do not regard this as theft at all but more like sharing a library book. Next, there's also considerable difference in how people regard the theft of tangible property versus intangible property, even though, from a moral and ethical perspective, there is no difference.

What do I mean? A person who feels nonchalant or ambivalent about downloading pirated material probably would never steal a CD from a record store or a yoga mat from a yoga studio. Tangible theft is commonly regarded as an ethical breach—a crime. But intangible theft seems…well,
less real
.

Everything is intangible in cyberspace. Does this mean that people are more willing to steal there? Some studies argue yes.

Another explanation for the prevalence of online theft (and other crime) may relate to the cyberpsychology construct
minimization of status and authority online
, which I flagged in a 2014 Europol report. There is little apparent governance in cyberspace, and therefore the risks of getting caught are perceived as being minimal. Why pay for an HBO service if there's practically no negative repercussion?

The propensity to engage in online theft could also be fueled by the effects of perceived
anonymity and online disinhibition. Last, the prevalence of online theft itself creates a shift in social outlook. When so many people are talking openly and posting about having pirated the latest
Game of Thrones
, it can change the perception of wrongdoing. It can normalize and socialize the activity. Sooner or later the law can cease to reflect the moral perceptions of the crowd. That's the funny thing about moral perceptions:
If enough people are breaking a law, it stops being regarded as immoral. As in the case of extreme cyberbullying and other problematic behaviors described in previous chapters,
the fact that individuals who are inclined toward online piracy can easily syndicate with large groups of like-minded people means they are much more likely to regard their own behavior as normal.

This kind of cyber-socialization occurs each time an individual visits a pirating site where the index shows uploaded content from thousands of participants around the world.

How could so many generous file-sharers be wrong?

Attempts at deterring the behavior have also been ineffective. People have sought to make examples of piracy with widely publicized arrests,
like the fifteen-year-old boy in Sweden who used his school servers to illegally download twenty-four movies, including
The Social Network, The Mechanic
, and
The Fighter
. Soon afterward, a virus was discovered on the school servers, which was traced to him. Rather than simply calling the boy into the principal's office for a tough chat, and assigning punishment for both introducing the virus and downloading illegal files, the school policy required that a call to the police be made for any actual crimes on campus. While more than eighteen thousand people were sued by the recording industry for illegally sharing music in the mid-2000s, most of those cases were settled out of court. The case of the fifteen-year-old boy in Sweden, though, was not. He faced up to two years in jail.

Does that seem fair? Probably not to the boy in Sweden. And probably not to millions of others who argue that piracy is a victimless act that causes no real harm to artists and the recording industry, both of which could afford the financial loss. It doesn't seem to matter to them that it is still stealing. I enjoy the discussion of ethics and morals online, but it's troubling to me that nobody else seems to care. What it says to me:
A new norm has effectively been created.

In real life, a new norm can be created quickly, in a generation. But as I have discussed in previous chapters, due to cyber effects, norms evolve online at the speed of light. How long did it take before we were all taking selfies—or before the
Oxford English Dictionary
had anointed the word? Changes occur so quickly online that it is hard to keep up. We may be raising a generation of what I call
virtual shoplifters
who have a different sense of beliefs about property rights, privacy, national security, and authority.

Does that sound cool?

Coolness is just another aspect of peer pressure that serves the creation of new norms. Coolness is a way to win approval for cleverness, for knowingness, and for being an early adopter of new technology, new behaviors, and apparently new ethics. Coolness can also win you a free one-way slide down the moral slippery slope.

The cyber environment, whether we're talking about the Surface Web or the Deep Web, makes the slope even steeper and slipperier. Even with the popularity of streaming sites like Spotify and Pandora, which offer better sound quality and custom channels—a business model that was essentially designed to combat piracy—the robbing of songs and movies and TV shows goes on.

A move to decriminalize piracy in the U.K. is a further indication that society's norms, impacted by technology, are beginning to dictate the law. After four years of discussion, and despite pressure from the entertainment industry—which asked for Internet service providers (ISPs) to keep a database of suspected illegal downloaders and to threaten prosecution—the government has decided to send persistent file-sharers “educational” warning letters. A maximum of four letters, which will escalate in severity, will be sent. But there will be no threats of legal action. Why? “We found that many people are not necessarily aware that what they are doing is illegal,” said a spokesperson for the U.K. Department for Business, Innovation and Skills. “The new alerts make users aware of the impact of illegal downloading and will help promote the use of legal digital content.” This amounts to little more than a slap on the wrist.

In other words, on the high seas of cyberspace,
it appears the pirates have won.

Not long ago, I was invited to join the Steed Symposium panel on cyber-security at the Los Angeles Film Festival and found myself sitting on a stage with blinding lights, awkwardly perched on a very tall director's chair. I don't want to go on too long about this chair, but it was really cool-looking and probably the most uncomfortable thing ever to
sit on—a narrow seat, rigid back, unnaturally and uncomfortably high off the ground, with a tiny band of wood for a footrest, only an inch wide, which seemed to be the only thing keeping me from tumbling down to the floor in front of several hundred people.

Next to me, perched on his own precarious chair, was a famous ethical hacker, Ralph Echemendia, a brilliant self-taught tech expert who had recently served as the subject-matter expert on
Snowden
, the Oliver Stone movie.

Ralph was radiating swagger, and had a unique, ineffable vibe—like a cross between a Mexican gunslinger and the lead singer in a heavy metal band. Based on our differences—I am definitely not cool, am not self-taught, and am pro-governance—and based on what I knew about hacker culture, I suspected that Ralph and I would have nothing in common and very little to say to each other.

I looked out into the audience. Their faces were like those of the participants of all the other cyber-security conferences I've attended—they had that look of grim determination and
endurance
. The same issues and problems would probably be discussed. And no one was likely to come away any wiser. And meanwhile, it wasn't going to be much fun, either.

At cyber-security conferences and summits, while the participants are talking about vulnerability or privacy for the one-millionth time, I am always thinking,
So what is the motive behind this behavior? What is the cyberpsychology?
One way or another, everything that involves human beings must come back to human behavior—and to motives—no matter where they are, including cyberspace. Which brings me to an interesting question.

What is the motive behind hacking?

The common definition of a
hacker
is a person who secretly gets into a computer system intending to do damage. Since the earliest days of computer networks, the most highly skilled technicians, programmers, and coders at the world's foremost university computer-science departments have enjoyed swapping stories of hacking, sometimes done as a practical joke, sometimes done more maliciously. There are lots of examples of how a clever hacker has exploited social convention to gain entry by using private information, such as finding out someone's
birthday and sending them an email with a masked and malicious link. This kind of socio-technical approach runs through the whole phenomenon of malware and other cybercrime tools such as worms, Trojans, spyware, keyloggers, ransomware, and rootkits, to name a few. Because hackers understand both tech and human behavior, they have an advantage over those who don't, which only makes a stronger case for all of us becoming more savvy about human behavior online, in order to properly protect ourselves.

As with pirates, there are folkloric aspects to hackerdom, as well as a David-and-Goliath story line that appeals to young people. Hackers seem magical, almost superhuman. And like superheroes, they are often individuals who are regarded as weak-bodied nerds in the real world. That's until they deploy their special powers—the brains and the tech skills to upset an entire corporation, a bank, a health insurance provider, or an entire nation. Like Superman's nemesis, Lex Luthor, some claim they can bring down a power grid and turn the lights off in a vast metropolis with a click of their index finger. They are swashbuckling in their way, inventive and courageous, as well as defiant.

And, yes, pretty smart.

Motives for hacking? There's an array of them: boredom, emotional release, monetary gain, curiosity, political or religious or philosophical beliefs, sexual impulses. Before we get to that last one, let's look at hacker culture.

Hackers also have a famous code, or something like a code, “The Hacker's Manifesto,” an essay written by “The Mentor” (a.k.a. Loyd Blankenship) that has been shared for three decades now, since 1986—and still has relevance today: