Nothing to hide? But you may still have something to fear.

This morning’s Observer column:

When Edward Snowden first revealed the extent of government surveillance of our online lives, the then foreign secretary, William (now Lord) Hague, immediately trotted out the old chestnut: “If you have nothing to hide, then you have nothing to fear.” This prompted replies along the lines of: “Well then, foreign secretary, can we have that photograph of you shaving while naked?”, which made us laugh, perhaps, but rather diverted us from pondering the absurdity of Hague’s remark. Most people have nothing to hide, but that doesn’t give the state the right to see them as fair game for intrusive surveillance.

During the hoo-ha, one of the spooks with whom I discussed Snowden’s revelations waxed indignant about our coverage of the story. What bugged him (pardon the pun) was the unfairness of having state agencies pilloried, while firms such as Google and Facebook, which, in his opinion, conducted much more intensive surveillance than the NSA or GCHQ, got off scot free. His argument was that he and his colleagues were at least subject to some degree of democratic oversight, but the companies, whose business model is essentially “surveillance capitalism”, were entirely unregulated.

He was right…

Read on

The privacy vs secrecy question properly framed

This neat formulation from a 2014 essay by Shoshanna Zuboff:

We often hear that our privacy rights have been eroded and secrecy has grown. But that way of framing things obscures what’s really at stake. Privacy hasn’t been eroded. It’s been expropriated. The difference in framing provides new ways to define the problem and consider solutions.

In the conventional telling, privacy and secrecy are treated as opposites. In fact, one is a cause and the other is an effect. Exercising our right to privacy leads to choice. We can choose to keep something secret or to share it, but we only have that choice when we first have privacy. Privacy rights confer decision rights. Privacy lets us decide where we want to be on the spectrum between secrecy and transparency in each situation. Secrecy is the effect; privacy is the cause.

I suggest that privacy rights have not been eroded, if anything they’ve multiplied. The difference now is how these rights are distributed. Instead of many people having some privacy rights, nearly all the rights have been concentrated in the hands of a few. On the one hand, we have lost the ability to choose what we keep secret, and what we share. On the other, Google, the NSA, and others in the new zone have accumulated privacy rights. How? Most of their rights have come from taking ours without asking. But they also manufactured new rights for themselves, the way a forger might print currency. They assert a right to privacy with respect to their surveillance tactics and then exercise their choice to keep those tactics secret.

We need more writing like this. On the phony ‘privacy vs security’ question, for example.

As George Lakoff pointed out many years ago (but only right-wingers listened), creative framing is the way to win both arguments and votes.

Amazon’s Echo seems great, but what does it hear?

Illustration by James Melaugh/Observer

This morning’s Observer column:

I bought it [the Echo] because it seemed to me that it might be a significant product and I have a policy of never writing about kit that I haven’t paid for myself. Having lived with the Echo for a few weeks I can definitely confirm its significance. It is a big deal, which explains why the company invested so much in it. (It’s said that 1,500 people worked on the project for four years, which sounds implausible until you remember that Apple has 800 people working on the iPhone’s camera alone). Amazon’s boss, Jeff Bezos, may not have bet the ranch on it (he has a pretty big ranch, after all) but the product nevertheless represents a significant investment. And the sales so far suggest that it may well pay off.

Once switched on and hooked up to one’s wifi network, the Echo sits there, listening for its trigger word, “Alexa”. So initially one feels like an idiot saying things such as: “Alexa, play Radio 4” or: “Alexa, who is Kim Kardashian?” (A genuine inquiry this, from a visitor who didn’t know the answer, which duly came in the form of Alexa reading the first lines of the relevant Wikipedia entry.)

Read on

Don’t let WhatsApp nudge you into sharing your data with Facebook

This morning’s Observer column:

When WhatsApp, the messaging app, launched in 2009, it struck me as one of the most interesting innovations I’d seen in ages – for two reasons. The first was that it seemed beautifully designed from the outset: it was clean, minimalist and efficient; and, secondly, it had a business model that did not depend on advertising. Instead, users got a year free, after which they paid a modest annual subscription.

Better still, the co-founder Jan Koum, seemed to have a very healthy aversion to the surveillance capitalism that underpins the vast revenues of Google, Facebook and co, in which they extract users’ personal data without paying for it, and then refine and sell it to advertisers…

Ah yes. That was then. But now…

Read on

Privacy is sooo… yesterday: Google’s Chief Economist

“One easy way to forecast the future is to predict that what rich people have now, middle class people will have in five years, and poor people will have in ten years. It worked for radio, TV, dishwashers, mobile phones, flat screen TV, and many other pieces of technology.

What do rich people have now? Chauffeurs? In a few more years, we’ll all have access to
driverless cars. Maids? We will soon be able to get housecleaning robots. Personal assistants? That’s Google Now. This area will be an intensely competitive environment: Apple already has Siri and Microsoft is hard at work at developing their own digital assistant. And don’t forget IBM’s Watson.

Of course there will be challenges. But these digital assistants will be so useful that everyone will want one, and the scare stories you read today about privacy concerns will just seem quaint and old­fashioned.”

Hal Varian, “Beyond Big Data”, NABE Annual Meeting, September 10, 2013, San Francisco.

Why the Apple vs. the FBI case is important

This morning’s Observer column:

No problem, thought the Feds: we’ll just get a court order forcing Apple to write a special version of the operating system that will bypass this security provision and then download it to Farook’s phone. They got the order, but Apple refused point-blank to comply – on several grounds: since computer code is speech, the order violated the first amendment because it would be “compelled speech”; because being obliged to write the code amounted to “forced labour”, it would also violate the fifth amendment; and it was too dangerous because it would create a backdoor that could be exploited by hackers and nation states and potentially put a billion users of Apple devices at risk.

The resulting public furore offers a vivid illustration of how attempting a reasoned public debate about encryption is like trying to discuss philosophy using smoke signals. Leaving aside the purely clueless contributions from clowns like Piers Morgan and Donald Trump, and the sanctimonious platitudes from Obama downwards about “no company being above the law”, there is an alarmingly widespread failure to appreciate what is at stake here. We are building a world that is becoming totally dependent on network technology. Since there is no possibility of total security in such a world, then we have to use any tool that offers at least some measure of protection, for both individual citizens and institutions. In that context, strong encryption along the lines of the stuff that Apple and some other companies are building into their products and services is the only game in town.

Read on

Going Dark? Dream on.

This morning’s Observer column:

The Apple v FBI standoff continues to generate more heat than light, with both sides putting their case to “the court of public opinion” — which, in this case, is at best premature and at worst daft. Apple has just responded to the court injunction obliging it to help the government unlock the iPhone used by one of the San Bernadino killers with a barrage of legal arguments involving the first and fifth amendments to the US constitution. Because the law in the case is unclear (there seems to be only one recent plausible precedent and that dates from 1977), I can see the argument going all the way to the supreme court. Which is where it properly belongs, because what is at issue is a really big question: how much encryption should private companies (and individuals) be allowed to deploy in a networked world?

In the meantime, we are left with posturing by the two camps, both of which are being selective with the actualité, as Alan Clark might have said…

Read on

What the FBI vs Apple contest is really about

Wired nails it

But this isn’t about unlocking a phone; rather, it’s about ordering Apple to create a new software tool to eliminate specific security protections the company built into its phone software to protect customer data. Opponents of the court’s decision say this is no different than the controversial backdoor the FBI has been trying to force Apple and other companies to build into their software—except in this case, it’s an after-market backdoor to be used selectively on phones the government is investigating.

The stakes in the case are high because it draws a target on Apple and other companies embroiled in the ongoing encryption/backdoor debate that has been swirling in Silicon Valley and on Capitol Hill for the last two years. Briefly, the government wants a way to access data on gadgets, even when those devices use secure encryption to keep it private.

Yep. This is backdoor so by another route. It’s also forcing a company to do work for the government that, in this case, the government wants to do but claims it can’t. This will play big in China, Russia, Bahrain, Iran and other places too sinister to mention.

The FBI’s argument that the phone is vital for its investigation Seems weak. They already know everything they need to know, and the idea that the San Bernardino killers were serious ISIS stooges seems the prevalence of mass shootings in the US, and the say they conformed to type. What’s more likely is that the agency is playing politics. They’ve been arguing for yonks that they simply must have back doors. The San Bernardino killers presented them with a heaven-sent opportunity to leverage public outrage to force a tech company into conceding the backdoor principle.

Ad nauseam

Now here’s an interesting idea — a browser plug-in that silently clicks on every ad that appears on a web-page, thereby swamping — and confusing — the trackers, who have to make sense of what they’re getting back.