In complex systems run by innovative capitalists, if you create a rule intended to directly solve a problem, you’re likely to create new, maybe worse, problems.
A lot of misinformation and potential 'foreign interference' appears to be groups using these commerically available services to target people in very much the same way that other advertisers do. Because of the huge amount of data gathered, it's surprisingly effective and, more importantly, relatively cheap compared to what used to be available. We're giving private companies access to huge amounts of data, which they are free to 'sell' to whomever. But, keep in mind, the same services are enabling a whole bunch of small businesses who would never have access to potential buyers at this scale and for this price. So, "ban everything" is probably also not the answer.
I think we need a couple of things.
First -- we as individuals need clear language on what data is being collected and how it is being used. We also need an easy option to opt out. That's a LOT harder than it sounds. EU has tried a similar regime and apparently companies are finding ways around it. But, it's what we need to be aiming for. Moreover, the nature of the transaction we are having with data giants needs to be clearer. We are getting services (search, email, social networking, etc) in exchange for our data, but we have no idea if that exchange is a 'good deal' or not. Is my data on its own worth anything? Should I be expecting more -- or am I actually getting fair exchange? Markets function well when players are informed. Right now, the companies have all the information and we -- the users -- have nearly none. Change that equation and people may make different choices (and it may enable better competitive options).
Second -- we need third party researchers to be able to 'audit' what data giants are doing with data. That means allowing academic researchers and others to dive into the data and algorithms and understand what's happening -- something the companies themselves may not even know. That will allow us to assess social benefit and harm and start having better public policy discussions on minimizing harms and maximizing benefits.
Right now, this whole realm is a bit of a black box. I think that trying to regulate something we don't even really fully understand (which is what Canada is doing) can itself create a bunch of harms. Let's make these companies share more about their businesses, inform users and make smarter public policy. The longer we wait to do this, the more problems we're going to have.
It is easier to protect your privacy if you remember nothing is free. Honesty and realistic expectations are vital. We also MUST mandate that terms of service and privacy statements shall be in clear easy to understand English/French etc.
If you are being offered a "Free" service or "discount" then they company is getting something in return. The example in the article is perfect, using your work email, allow the company to more effectively market to you, increasing sales and enabling them to offer you a discounted price. Similarly GMAIL and HOTMAIL are not free. In exchange for using their service, the companies get to read (maybe only meta information) your emails IOT acquire data for marketing purposes. If you are ok with this then no harm done. If not then, there are options. Protonmail is an excellent very secure service.
Complexity almost always leads to side-effects. This applies to economics (price controls lead to shortages) medicine (your allergy medicine makes you sleepy), politics/war (let's take out Ghadaffi, what could go wrong?)
We need some humility and caution. This would normally be "conservative" traits, but who knows these days.
I remember talk about the coming "global village" and how great it was going to be. Well let me tell you, it's not always great to live in a village where everyone knows your business. (It's one of many reasons people move to cities.) Nice article exploring this.
Ok, you'd like a little privacy? No problem. Click this...
First a general comment on privacy and human nature. Many/most (pick your preferred level of quantification here) people don't care about privacy except as a titillating opportunity to violate the privacy of others. There is a very, very old version of this, pre-internet, pre-electricity, it's called 'gossip'. People love it, can't get enough. People love violating the privacy of others. If they can avoid personal consequences, of course. Like being violated themselves. So privacy is a form of asymmetrical warfare, the vast swell of humanity versus me and mine! How can I defend my privacy, you ask, if I'm addicted to violating the privacy of others?
Ok, you'd like to consult the irrational logic of addicts? No problem. Click this...
Historically, privacy has been about physical space and property, assuming you were wealthy enough to have some. Which brings up capitalism, enclosures, the collective rights of the commons, and the production of landless wage earners. By disrupting common physical spaces, capitalism disrupted personal relationships to the land and to each other. Digital capitalism (market or state run) has created virtual datascapes where space and privacy have become thoroughly digitized and abstract. Once again personal relationships have been transformed. Individuals don't actually 'own' anything, as in have meaningful control over it, they simply 'rent' or use services. Digital devices are actually tentacles of the network attaching itself to your neurology. As people move more and more of their activities into digital form on fundamentally insecure networks, they are essentially outsourcing the idea of their privacy and the facts of their neurology to bots built by programmers.
Ok, so you'd like rules to protect your online privacy? No problem. Click this...
So online privacy is ultimately a question of data moving around on networks and you believe you own some of it and that that ownership excludes others, an act of exclusion you would like to believe you can control. Ok, sure. That is, you think it's private. But you don't own the network or control any aspect of the network, or the device in your hand, or how it works, for that matter. Why? Because you did not program it and you don't know how to program it. You think you know how to use it. As a user, you are a slave to its capabilities. But a slave who believes it should have privacy rights, right?
Ok, so you'd like the illusion of privacy? No problem. Click this...
To create the illusion of privacy, digital networks provide tasks for users to perform (supply a username, a password) and the network will place an encryption icon in the browser address bar for you, enough to convince you, the user, that sure you are in total control here. There you go, feel better now? Please proceed, all you have to do is believe. Your Beliefs R Our Beliefs! You have entered the little cat and mouse game where the least powerful actor, the average user, becomes the target of unlimited opportunities for digital exploitation by various levels of digital experts animated by various forms of capitalist greed. In other words, addicts chasing addicts.
Ok, so you want a new chair? No problem. Click this...
Look at all the pretty chairs. Can you feel the sensations of your addiction yet? No! Your trusted avatar down the hall says she loves this one. See, here's her emoticon of appreciation! Feel the addiction coursing through your neurology now? Excellent! But wait, you want more!
Ok, you'd like a little fantasy vacation in Paris? No problem. Click this...
Your credit card number please and it all will be yours. Instantaneous gratification guaranteed! Your neurology tingles with excitement. Your mind goes numb with joy. And yet, you want more. No problem.
The outraged public consuming dystopian journalism, robotic "apologies", and the occasional meaningless fine that doesn't bother them, has gone as far as it can.
When your "opponents" are well-resourced and creative, you really need "self-censorship". Have very basic tests, random audits, and absolutely draconian punishments that directly affect the decision-makers. I'm thinking a year in jail for the whole corporate board.
Then, they can get all "creative" about not offending the outraged public, any more.
When we have a government implementing digital ID for travel, and multiple governments implementing temporary digital ID to do anything, that discloses personal medical information to everyone WHY would we expect to have any level of privacy in apps we willingly download? We also have a government that admitted to tracking 33M cellphones during 2020/21.
I agree we should have this expectation BUT it is clear that we do not, and have not for a while now. Our government snuck legislation into the last CRTC update against our knowledge, and all opposition parties were silent. The privacy ship has sailed whether we like it or not.
The government tracking 33M cellphones sounds like a lot more than it is. My understanding is the government bought access to commerically available data, which tracks device MAC addresses or other device identifiers. Without other data from cell companies tying the device to specific people, this data is effectively anonymous -- they don't know who you are. Keep in mind a lot of these are commercial datasets -- nearly anybody can buy them, so legistation that prohibits combining these datasets with other datasets (to start to identify individuals, for example) would be useful. But, there is no evidence I know of that the government attemped to de-anonomyze this data. It was simply to see if pandemic efforts to reduce contact were working.
A digital ID for travel sounds like a big deal, but again, we already need to use travel documents. So, what's the difference here? That a person inputs my doc information into a database rather than scanning? Again, "digital ID" sounds scary, but what's important is how the data is used. Allowing a lot of access to these datasets -- and allowing them to be combined with other datasets -- is a HUGE issue, but that's true no matter how the data is collected (inputted by a customer agent or scanned via a card).
The 'vaccine passports' again simply verified that I had been vaccinated and with what vaccine, which was relevant for use in different jurisdications (e.g. the US). Other than that, what "personal medical information" was I disclosing? How was that sensitive? If I didn't want to disclose that information, obviously I could decide not to go to places requiring that information, but again -- demonstrating vaccinations was already required to attend schools and certain jobs, so the only difference was the scale of the requirement, which -- to me -- was in keeping with the nature of a pandemic.
There are a LOT of very serious issues around data and privacy, but conflating those issues just muddies up the debate (unless you are making a point that escapes me).
Well, I'm about to write the privacy commissioner about my most recent privacy irritation. I am a Canadian living in the US. To cross the border, still, I have to complete the online Arrive Can app (which is an ongoing, unnecessary and irritating time delay). It wants to know your passport and vaccination status which I have previously uploaded. Today it asked me for the address of where in Canada I was going!! Why is it any business of the Government of Canada where I, a Canadian, am going to spend my day today? I have no criminal record, no blemishes on my border crossing record, etc. This is just intrusive.
This is completely off topic for this article but I can’t find an email address. I enjoy your reporting. Can you please do some writing about the climate emergency and the responses (adept, inept or otherwise) of various the governments in Canada?
Try the National Observer; they do little else. If you find them depressing, try "volts.wtf" by David Roberts, who blogs on nuts-and-bolts solutions that are here, or coming, or in development. He always cheers me up for the longer run, after the Observer has gotten me down with another tale of Endless Corporate Perfidy.
I won't call The Line "right wing" again, people got shirty. But I just scrolled back through a year of their 'archive' page, and couldn't see any obvious titles for articles all about climate or energy/industrial transition efforts. Here's what I did manage:
Jen Gerson, Jan 5, "The Case for Optimism" did include the sentence "Our reliance on oil is a technical problem in need of resolution." (but then the topic moved on, that was it)
Matt Gurney, Dec 3, on "Your expectations are a problem", did wonder "Take a gander at B.C. Can we expect the same weather patterns we’ve built our infrastructure around, there and elsewhere?" ...but then moved on to inflation.
Matt Gurney, Nov 18, was inspired by the rescues necessary when flooding downed bridges in BC...but the column was about how we need a bigger military to improve our rescue capability.
Jen Gerson, Oct 22, about how Alberta was "beaten" by ordinary environmentalists we knew about, not a conspiracy.
Ken Boessenkool, Oct 12, that Conservatives do need a climate policy if they want to win.
The big climate article was Nov 5, on COP26 - it was all about how that was about making announcements and grandstanding, i.e. again, the political value of climate discussions.
...that was it, for a year. Corrections welcomed.
Climate's just not an interest area for The Line. They mostly cover politics. They don't cover developments in oncology or new computer chips, either. It's a direction they may grow in, but I think it'll depend on how much you need to know about the issue to win political arguments, as with journalists who study up on economics, guns, immunology - as much as they need to, to cover politics and perhaps be able to spot bullshit.
"...now Wal-Mart thinks I'm a 75-year-old pensioner,
but Sony thinks I'm a Mexican mother of 10..."
as YouTube commenters note, there aren't many songs about the Internet that grew more accurate and relevant since 2002, but this is at the top of the list.
This is a solid take on a really difficult topic!
A lot of misinformation and potential 'foreign interference' appears to be groups using these commerically available services to target people in very much the same way that other advertisers do. Because of the huge amount of data gathered, it's surprisingly effective and, more importantly, relatively cheap compared to what used to be available. We're giving private companies access to huge amounts of data, which they are free to 'sell' to whomever. But, keep in mind, the same services are enabling a whole bunch of small businesses who would never have access to potential buyers at this scale and for this price. So, "ban everything" is probably also not the answer.
I think we need a couple of things.
First -- we as individuals need clear language on what data is being collected and how it is being used. We also need an easy option to opt out. That's a LOT harder than it sounds. EU has tried a similar regime and apparently companies are finding ways around it. But, it's what we need to be aiming for. Moreover, the nature of the transaction we are having with data giants needs to be clearer. We are getting services (search, email, social networking, etc) in exchange for our data, but we have no idea if that exchange is a 'good deal' or not. Is my data on its own worth anything? Should I be expecting more -- or am I actually getting fair exchange? Markets function well when players are informed. Right now, the companies have all the information and we -- the users -- have nearly none. Change that equation and people may make different choices (and it may enable better competitive options).
Second -- we need third party researchers to be able to 'audit' what data giants are doing with data. That means allowing academic researchers and others to dive into the data and algorithms and understand what's happening -- something the companies themselves may not even know. That will allow us to assess social benefit and harm and start having better public policy discussions on minimizing harms and maximizing benefits.
Right now, this whole realm is a bit of a black box. I think that trying to regulate something we don't even really fully understand (which is what Canada is doing) can itself create a bunch of harms. Let's make these companies share more about their businesses, inform users and make smarter public policy. The longer we wait to do this, the more problems we're going to have.
That last para would be a useful piece of legislation for the nonce. The regs that would go with it would have quite a lot of effect, I think.
Thank you James for that article.
It is easier to protect your privacy if you remember nothing is free. Honesty and realistic expectations are vital. We also MUST mandate that terms of service and privacy statements shall be in clear easy to understand English/French etc.
If you are being offered a "Free" service or "discount" then they company is getting something in return. The example in the article is perfect, using your work email, allow the company to more effectively market to you, increasing sales and enabling them to offer you a discounted price. Similarly GMAIL and HOTMAIL are not free. In exchange for using their service, the companies get to read (maybe only meta information) your emails IOT acquire data for marketing purposes. If you are ok with this then no harm done. If not then, there are options. Protonmail is an excellent very secure service.
Complexity almost always leads to side-effects. This applies to economics (price controls lead to shortages) medicine (your allergy medicine makes you sleepy), politics/war (let's take out Ghadaffi, what could go wrong?)
We need some humility and caution. This would normally be "conservative" traits, but who knows these days.
I remember talk about the coming "global village" and how great it was going to be. Well let me tell you, it's not always great to live in a village where everyone knows your business. (It's one of many reasons people move to cities.) Nice article exploring this.
Ok, you'd like a little privacy? No problem. Click this...
First a general comment on privacy and human nature. Many/most (pick your preferred level of quantification here) people don't care about privacy except as a titillating opportunity to violate the privacy of others. There is a very, very old version of this, pre-internet, pre-electricity, it's called 'gossip'. People love it, can't get enough. People love violating the privacy of others. If they can avoid personal consequences, of course. Like being violated themselves. So privacy is a form of asymmetrical warfare, the vast swell of humanity versus me and mine! How can I defend my privacy, you ask, if I'm addicted to violating the privacy of others?
Ok, you'd like to consult the irrational logic of addicts? No problem. Click this...
Historically, privacy has been about physical space and property, assuming you were wealthy enough to have some. Which brings up capitalism, enclosures, the collective rights of the commons, and the production of landless wage earners. By disrupting common physical spaces, capitalism disrupted personal relationships to the land and to each other. Digital capitalism (market or state run) has created virtual datascapes where space and privacy have become thoroughly digitized and abstract. Once again personal relationships have been transformed. Individuals don't actually 'own' anything, as in have meaningful control over it, they simply 'rent' or use services. Digital devices are actually tentacles of the network attaching itself to your neurology. As people move more and more of their activities into digital form on fundamentally insecure networks, they are essentially outsourcing the idea of their privacy and the facts of their neurology to bots built by programmers.
Ok, so you'd like rules to protect your online privacy? No problem. Click this...
So online privacy is ultimately a question of data moving around on networks and you believe you own some of it and that that ownership excludes others, an act of exclusion you would like to believe you can control. Ok, sure. That is, you think it's private. But you don't own the network or control any aspect of the network, or the device in your hand, or how it works, for that matter. Why? Because you did not program it and you don't know how to program it. You think you know how to use it. As a user, you are a slave to its capabilities. But a slave who believes it should have privacy rights, right?
Ok, so you'd like the illusion of privacy? No problem. Click this...
To create the illusion of privacy, digital networks provide tasks for users to perform (supply a username, a password) and the network will place an encryption icon in the browser address bar for you, enough to convince you, the user, that sure you are in total control here. There you go, feel better now? Please proceed, all you have to do is believe. Your Beliefs R Our Beliefs! You have entered the little cat and mouse game where the least powerful actor, the average user, becomes the target of unlimited opportunities for digital exploitation by various levels of digital experts animated by various forms of capitalist greed. In other words, addicts chasing addicts.
Ok, so you want a new chair? No problem. Click this...
Look at all the pretty chairs. Can you feel the sensations of your addiction yet? No! Your trusted avatar down the hall says she loves this one. See, here's her emoticon of appreciation! Feel the addiction coursing through your neurology now? Excellent! But wait, you want more!
Ok, you'd like a little fantasy vacation in Paris? No problem. Click this...
Your credit card number please and it all will be yours. Instantaneous gratification guaranteed! Your neurology tingles with excitement. Your mind goes numb with joy. And yet, you want more. No problem.
Just click this...
The outraged public consuming dystopian journalism, robotic "apologies", and the occasional meaningless fine that doesn't bother them, has gone as far as it can.
When your "opponents" are well-resourced and creative, you really need "self-censorship". Have very basic tests, random audits, and absolutely draconian punishments that directly affect the decision-makers. I'm thinking a year in jail for the whole corporate board.
Then, they can get all "creative" about not offending the outraged public, any more.
When we have a government implementing digital ID for travel, and multiple governments implementing temporary digital ID to do anything, that discloses personal medical information to everyone WHY would we expect to have any level of privacy in apps we willingly download? We also have a government that admitted to tracking 33M cellphones during 2020/21.
I agree we should have this expectation BUT it is clear that we do not, and have not for a while now. Our government snuck legislation into the last CRTC update against our knowledge, and all opposition parties were silent. The privacy ship has sailed whether we like it or not.
The government tracking 33M cellphones sounds like a lot more than it is. My understanding is the government bought access to commerically available data, which tracks device MAC addresses or other device identifiers. Without other data from cell companies tying the device to specific people, this data is effectively anonymous -- they don't know who you are. Keep in mind a lot of these are commercial datasets -- nearly anybody can buy them, so legistation that prohibits combining these datasets with other datasets (to start to identify individuals, for example) would be useful. But, there is no evidence I know of that the government attemped to de-anonomyze this data. It was simply to see if pandemic efforts to reduce contact were working.
A digital ID for travel sounds like a big deal, but again, we already need to use travel documents. So, what's the difference here? That a person inputs my doc information into a database rather than scanning? Again, "digital ID" sounds scary, but what's important is how the data is used. Allowing a lot of access to these datasets -- and allowing them to be combined with other datasets -- is a HUGE issue, but that's true no matter how the data is collected (inputted by a customer agent or scanned via a card).
The 'vaccine passports' again simply verified that I had been vaccinated and with what vaccine, which was relevant for use in different jurisdications (e.g. the US). Other than that, what "personal medical information" was I disclosing? How was that sensitive? If I didn't want to disclose that information, obviously I could decide not to go to places requiring that information, but again -- demonstrating vaccinations was already required to attend schools and certain jobs, so the only difference was the scale of the requirement, which -- to me -- was in keeping with the nature of a pandemic.
There are a LOT of very serious issues around data and privacy, but conflating those issues just muddies up the debate (unless you are making a point that escapes me).
Time limits on how long data can be held should be mandatory.
Well, I'm about to write the privacy commissioner about my most recent privacy irritation. I am a Canadian living in the US. To cross the border, still, I have to complete the online Arrive Can app (which is an ongoing, unnecessary and irritating time delay). It wants to know your passport and vaccination status which I have previously uploaded. Today it asked me for the address of where in Canada I was going!! Why is it any business of the Government of Canada where I, a Canadian, am going to spend my day today? I have no criminal record, no blemishes on my border crossing record, etc. This is just intrusive.
This is completely off topic for this article but I can’t find an email address. I enjoy your reporting. Can you please do some writing about the climate emergency and the responses (adept, inept or otherwise) of various the governments in Canada?
Try the National Observer; they do little else. If you find them depressing, try "volts.wtf" by David Roberts, who blogs on nuts-and-bolts solutions that are here, or coming, or in development. He always cheers me up for the longer run, after the Observer has gotten me down with another tale of Endless Corporate Perfidy.
I won't call The Line "right wing" again, people got shirty. But I just scrolled back through a year of their 'archive' page, and couldn't see any obvious titles for articles all about climate or energy/industrial transition efforts. Here's what I did manage:
Jen Gerson, Jan 5, "The Case for Optimism" did include the sentence "Our reliance on oil is a technical problem in need of resolution." (but then the topic moved on, that was it)
Matt Gurney, Dec 3, on "Your expectations are a problem", did wonder "Take a gander at B.C. Can we expect the same weather patterns we’ve built our infrastructure around, there and elsewhere?" ...but then moved on to inflation.
Matt Gurney, Nov 18, was inspired by the rescues necessary when flooding downed bridges in BC...but the column was about how we need a bigger military to improve our rescue capability.
Jen Gerson, Oct 22, about how Alberta was "beaten" by ordinary environmentalists we knew about, not a conspiracy.
Ken Boessenkool, Oct 12, that Conservatives do need a climate policy if they want to win.
The big climate article was Nov 5, on COP26 - it was all about how that was about making announcements and grandstanding, i.e. again, the political value of climate discussions.
...that was it, for a year. Corrections welcomed.
Climate's just not an interest area for The Line. They mostly cover politics. They don't cover developments in oncology or new computer chips, either. It's a direction they may grow in, but I think it'll depend on how much you need to know about the issue to win political arguments, as with journalists who study up on economics, guns, immunology - as much as they need to, to cover politics and perhaps be able to spot bullshit.
Edmonton Comedy Group "Three Dead Trolls in a Baggie" had this nailed with "The Privacy Song" back in 2002:
https://www.youtube.com/watch?v=7eIUOUfhoJ8
"...now Wal-Mart thinks I'm a 75-year-old pensioner,
but Sony thinks I'm a Mexican mother of 10..."
as YouTube commenters note, there aren't many songs about the Internet that grew more accurate and relevant since 2002, but this is at the top of the list.
lie lie lie lie