It’s no surprise that the major traditional publishers are afraid of e-books. Like record labels and movie studios before them, publishers have seen the spectre of disruptive technology on the horizon and have dug in their heels. Where they’ve accepted e-books they’ve done so half-heartedly, neutralizing the benefits of the new medium with opaque DRM schemes that emulate the limitations of print books as closely as possible. As Clay Shirky puts it:
The original promise of the e-book was not a promise to the reader, it was a promise to the publisher: “We will design something that appears on a screen, but it will be as inconvenient as if it were a physical object.”
How could inconvenience be a selling point to a publisher? It’s because they fear bundle failure. Publishers have always been able to bundle the text of a book (the “content”) with a physical volume (the “container”). When that’s the case, selling books is almost like selling any other physical object, with infrastructure in place for designing, manufacturing, distributing, and selling at retail. Convenient e-books threaten to unsettle that arrangement — they make attractive the idea of consuming just the publisher’s content, and not its container.
The unanswered question that is driving publisher e-book strategy is about the perceived value breakdown of that bundle. How much have people been paying for just the content, and how much were they paying for the nice container? When publishers talk about the need to avoid “devaluing” books with low e-book prices, they’re talking about this question.
One shortsighted answer presumes that the value of an e-book is the value of a hardcover minus the perceived cost of printing. This premise, in fact, informs the e-book pricing strategy of most publishers. But it’s both incorrect and dangerous. It leads to the strategic error of situating e-books as substitute goods, instead of complementary goods, for a publisher’s other offerings.
When there’s a substitute good for something you sell, you’ve got to either work against it or make it as profitable as the good it’s displacing. DRM comes from an effort to do both. It diminishes the advantages of e-books over their printed counterparts and strives to limit their distribution to full-price retail sales. ((Going, of course, one step further than printed books. Publishers haven’t historically been able to control secondary sales or sharing.))
If instead publishers recognized the text as a complementary good, they’d be in the much more comfortable position of trying to increase the demand for it. After all, the actual publication and distribution of volumes is already just one step on the end of a long workflow, each step of which is supposed to make the text better and increase demand. It’s crazy to subvert that whole chain to preserve the last link, just because it’s the one at which the actual revenue comes in.
So what are the goods and services for which the text of a book can be a complement? That’s where publishers earn their paycheck. It could be events with authors, merchandise, film rights, beautiful print editions — the point is that it is easier to monetize a popular book than an obscure one, even if you’re not making most of the profits on sales of the book.
I wrote much of the April Fool’s Day edition of EFF’s EFFector newsletter, which we sent out to our subscribers yesterday. (Some of the stories there were submitted by my colleagues, and the brilliant lead story in particular is nearly entirely Maira‘s creation.) As far as I can recall, it’s the first intentionally funny writing I’ve done since Buckley’s Student Voice backpage in 2005-2006.
The reactions online were pretty good, and I’m proud of some of the jokes. I’m also not proud of some of them, but there they all are, one way or another.
A year and a half ago, Eric Butler released a widely-discussed Firefox extension called “Firesheep“, which exploited a known weakness in many popular websites. The effect was that users could get one-click access to the accounts of other users making unencrypted connections to popular sites like Facebook or Twitter on public networks.
Firesheep worked so spectacularly because the problem it exploited was well-known among experts but poorly understood among the general public. That is to say, the problem was low-hanging fruit: even though the technology needed to hijack user sessions using cookies transmitted in the clear was universally available to the geeks with the expertise to use it, even popular sites had felt little pressure from their userbase to address the underlying problem. All Firesheep had to do was put a more usable interface on the well-understood tools, and it could catch the attention of people who weren’t previously interested in understanding the issue.
The problem that Girls Around Me has identified has the same combination of near-universal recognition in expert circles and general confusion outside of them. Most users cannot understand the privacy settings on most social networks. Worse, social network operators have a commercial incentive to make their settings deliberately confusing, and even to induce user “over-sharing”.
But once you understand the two problems, the difference between them is clear. The solution to the Firesheep problem — that sites were not using, or not using by default, encrypted connections after initial log-ins — is simple: use established encryption by default.2 Put another way, addressing the issue just required a bit of attention, expertise, and resources.
By contrast, the Girls Around Me problem is part of a fundamental trade-off in the way centralized corporate social networks work today. And the cost of addressing it is correspondingly high. It comes down to users controlling how their data is collected and used, a premise antithetical to the business of advertising companies like Facebook and Google.
But until it happens, and until default settings are protective of user privacy, nothing can prevent creepy situations like Girls Around Me from popping up. As long as these situations look like Girls Around Me — a publicly available application that depends on consistent API access, creeps everybody out, and gets written up in major publications — Facebook, Foursquare, et al, can address it with after-the-fact API cut-offs. But nothing prevents, say, individuals with the know-how from rolling their own stalker apps and flying under the radar.
Not only did they make an extremely compelling hour of radio about something that is really an internal affair, but they were also unusually symmetrical in their retraction; that is, they’ve given it as much space and prominence as the original story, which is admirable.
One aspect that makes the episode so interesting is the amount of silence they’ve left in the interview. When lies come to light, it’s an uncomfortable experience for everybody involved. This American Life did a great job of capturing that discomfort, and left more awkward silence than I’ve ever heard on a radio show. To get back to that jazz saying, it was the words they weren’t saying, the rests and pauses, that really told the story.
In that spirit, I’ve made a supercut of some of the longest expanses of silence on the show. I recommend listening to the full program. If you’ve already done that, you may find this interesting.
It’s sometimes attributed to Miles Davis, but who knows. ↩
I’m sort of a QR code anti-hipster: I was into them before they were uncool. I actually think they’re a really nifty encoding that’s easy to read and write with the right tools, and useful for a handful of situations. But they’re so widely misused in marketing that most people never get to see one used properly.
But there is a way to use them properly! It’s just not the way marketers have been doing it. When is a QR code the right tool for the job? Well, it’s helpful to think about the limitations of the codes in the first place, instead of just wedging it in to every ad and package design.
The limitations
They look like robot barf. It’s true. So don’t count on it being a positive addition to packaging or ad design. If it’s useful that’s great, but it’s not a design element.
They’re almost impossible to memorize. It seems to me like a pretty bad idea to put a company or personal URL in a form that human beings can’t read. If people are already taking out their phones to scan, it’s a missed opportunity for them to write out the domain.
They are only scannable in limited circumstances. Like when people have a scanner app installed, data signal, are stationary relative to the code, and have time to take out and futz with their phone.
Almost nobody uses them. Even I know this.
Other properties
They use robust error correction. So there won’t be any typos or misread messages.
They add an extra requirement to decoding text. For marketing purposes, this is terrible. But in some circumstances, it can be useful to know that the decoder can choose not to read the message.
They’re easy to generate and scan. It doesn’t require much processing to encode or decode QR, and they can be made and read locally, without server access.
It’s easy to scan a lot of codes in a row. Scanning the first code involves taking the phone out of your pocket, selecting the app, and focusing the camera. But from there, the marginal cost is very low on additional codes.
Now, if the people using these codes thought about these qualities and picked them only when appropriate, there’d be no problem and no backlash. But alas. When might these be a good tool?
Nice uses
Cryptographic fingerprint checking. I use a great open source Android app called TextSecure, which allows you to exchange encrypted SMS with other users. But because it’s public key encryption, you have to verify the other person’s fingerprint. Fortunately, you can each just generate and scan QR codes to do so: in this case the alternative isn’t typing in a URL, but manually verifying 64 or so characters.
Sending links directly to your phone.Chrome to Phone has provided a nice alternative to this usage, but it doesn’t always do the job. Sometimes a QR code is the best way to get a URL, usually a long one, right over to the phone.
Selecting some items from a list of many. In South Korea, Tesco allows shoppers to scan codes on items in a subway ad in order to purchase them. Here the low marginal cost of code scanning comes in handy. Once the phone’s out, it makes sense to quickly scan each of them.
When “voluntary security” is an element. Weakly protecting secrets like the answers to quiz questions or hints/spoilers for a game calls for encoding that is easy to decode when wanted, and difficult until then. As long as the user isn’t accessing the content from her smartphone itself, a QR code could useful.
Accessing data which requires many dynamic URL parameters. Because it’s easy to generate QR codes for any length of URL, it could be really nifty to generate them on the spot for URLs that wouldn’t be easy to type in but that wouldn’t make sense to shorten in advance, as with URLs with many parameters. That could happen if, say, a person has selected and scanned a bunch of objects and she wants to see them in a virtual cart, or has filled out a form at an offline kiosk and needs to send the data up through their phone.
The point is, as maligned as QR codes have been recently, there are some jobs for which they’re just right. But as Jaron Lanier is quoted on the back of The Information Diet, “There is no such thing as a tool that is good even if used without conscious consideration.” The marketing guys have spoken, and they’re not ready to provide a counter-example.