computing – ubisurv

Ambient Government Revisited

A few years ago I was talking around the place about surveillance, security and “ambient government” (or “ambient governance”), but it turned out that so were plenty of other people and no one person really has a claim on this phrase or others like it. It was, somewhat appropriate, in the academic air at the time… and it still should be!

Looking back on it, I don’t think I’ve bettered how I discussed this back then, and I never fully published what I was talking about. So here is the vastly underwatched talk I gave in Victoria back in 2014. If you have 45 minutes to spare, I think it’s worth a watch. Plus, I look so young!

The Unbearable Shallowness of Technology Articles… or, what Facebook Graph Search really means.

Wired has a feature article about Facebook’s new search tool. The big problem with it is that its vomit-inducing fawning over Facebook’s tech staff. In trying to make this some kind of human interest story – well, actually the piece starts off with Mark Zuckerberg’s dog, you see, he is human after all – of heroic tech folk battling with indomitable odds to create something amazing – what in science fiction criticism would be called an Edisonade – it almost completely muffles the impact of what a piece like this should be foregrounding, which is about what this system is, what is has been programmed to do and where it’s going.

And this is what Graph Search does, very simply: it is a search engine that will enable complex, natural language interrogation of data primarily but not limited to Facebook. So instead of trying to second-guess what Google might understand when you want to search for something, you would simply be able tell you what you ask. And because this is primarily ‘social’ – or about connection, and you should have already given up enough information to Facebook to enable it to ‘graph’ you so that it knows you, the results should supposedly be the kind if things you really wanted from your query. Supposedly. An FB developer in the article describes this as “a happiness-inducing experience” and further says, “We’re trying to facilitate good things.” However what this ‘happiness’ means, just like what ‘friendship’ means in the FB context, and what “good” means, just like the use of ‘evil’ in Google’s motto, is rather different than how we might understand such a term outside these contexts.

In the article, one example demonstrated by the developer is as follows:

[He] then tried a dating query — “single women who live near me.” A group of young women appeared onscreen, with snippets of personal information and a way to friend or message them. “You can then add whatever you want, let’s say those who like a certain type of music,” [he] said. The set of results were even age-appropriate for the person posing the query.

So when Mark Zuckerberg is quoted in the article saying that Graph Search is “taking Facebook back to its roots”, he seems to mean creeping on girls, as was, let us not forget, the main intention of the early Harvard version. Doesn’t this generate exactly the concern that the notorious ‘Girls Around Me’ app encountered? As the title of my favourite tumblr site has it, this isn’t happiness. Or it’s the happiness of the predator, the pervert and the psychopath.

But more fundamentally, this isn’t about privacy, or even online stalking. In fact, in many ways, both are side-issues here. This is about control and access: control over my information and how I access other information, not just on Facebook but in general. To me, the plans outlined for Graph Search look worrying, even outside of my idea of what would constitute happiness, because they have nothing to do with how I use Facebook or how I would want to use it. I don’t use Facebook as my gateway to the Web and I am never going to. As Eli Pariser pointed out in The Filter Bubble a couple of years back, that would both be limiting of my experience of the Web (and increasingly therefore of my communications more broadly) and give one organisation way too much power over both that experience and the future of the Web. But this does seem to be how Facebook wants it to be, and further, I suspect that, just like Bill Gates before him with his .NET initiative and other schemes, and just like the walled garden locked-in hardware that Apple produces, Zuckerberg is more interested in Facebook colonizing the entire online experience, or layering itself so entirely, tightly and intimately over the online world that the difference between that world and Facebook would seem all but invisible to the casual user.

These developments are dramatic enough in themselves. Never mind fluffy stories of heroic techies and their canine sidekicks.

Occupy the Internet!

I’ve been writing for several years now about the creeping attempts by nominally democratic governments to control or even close the Internet (see here for example). This week the biggest such step for some time occurs as the world’s most powerful democracy, the USA, begins a new process of introducing such controls. There are two bills before the House of Representatives (the Stop Online Piracy Bill, SOPA) and the Senate (the Protect IP act), which essentially do the same thing (although the House bill goes further): assert a wide-ranging heavy-handed jurisdiction on the Internet even beyond US borders.

Of course, the US bills do not do this as China does, in the name of political and social order, but in the name of commerce. The bills are supposedly about protecting American intellectual property, however their effect is likely to be severely chilling to free expression and the dissemination of ideas and to innovation, social and economic. The bills, amongst many other provisions, will allow corporation to sue website owners and ISPs for even unknowingly hosting or communicating copyrighted materials illicitly.

As Michael Geist has shown, SOPA in particular also asserts US jurisdiction over vast swathes of the Internet on the grounds that any site whose name is registered with a US registrar is considered a ‘US site’ regardless of the location of its server and given that name-registration of top-level (.com, .org, .net etc) names is entirely controlled from within the USA, the provisions mean that every top-level domain is considered to be ‘US’. Further it claims that IP addresses (the numerical address of site) within the whole North American region (ARIN) which includes Canada, Mexico and the Caribbean, are also ‘domestic’ for the purposes of this law. Basically, the USA is asserting a kind of Munro-doctrine for the Internet.

I wrote, half-jokingly, some time ago that the US state invented the Internet, but they don’t like how it’s being used and now they want it back: this is the demand in writing. The big problem in opposing this is of course the fact that US citizens have already been thoroughly bombarded with propaganda that has told them that they are ‘under threat’ from pirates and hackers and even cyberwar – and that openness makes them insecure. They’ve been told that the Wikileaks model of accountability through openness and transparency is an attack on the USA. In an age of economic insecurity, no doubt the protection of American jobs will also be wheeled out as an excuse.

But this is quite simply another manifestation of immoral corporate greed. Intellectual Property is in itself a kind of information-age enclosure, a concept that, while it may have some use in limited forms, has become so far-reaching that it is ludicrous, and through which financial and legal strength can simply steamroller traditional or alternative visions of fairness, sharing and openness – even though these things have been shown to be vital in real innovation. If this is an infowar, I know which side I am on, and which side you should be on, and it is not the side of Protect IP and SOPA and the negative politics of closure, it is with Anonymous and the Pirate Party, with open flows, open source and open access. We have to tell them that they can’t have the Internet back, it’s ours now. We have to occupy the Internet, to build around these attempts to stifle innovation and sharing and we have to do it now.

In the meantime, you can express your displeasure here: http://americancensorship.org/

See also: The Internet Must Be Defended! Part 1, Part 2, Part 3, Part 4.

Guess who likes the UK’s proposals to control the Internet?

In the wake of the riots, several British Conservative MPs, and indeed PM David Cameron himself, have suggested a harsher regime of state control of both messenger services and social networks. Their suggestions have attracted widespread derision from almost everybody who either knows something about the Internet and communications more broadly, or who places any value on freedom of speech, assembly and communication and regards these things as foundational to any democratic society.

However, the a yet vague proposals have gained support from one quarter: China. The Chinese state-controlled media have suggested that the Conservative Party’s undemocratic suggestions prove that the Chinese state was right all along about controlling the Internet and that now these events are causing liberal democracies to support the Chinese model of highly regulated provision (via Boing Boing).

This is pretty much what I have been suggesting is happening for the last 2 or 3 years – see here, here, here and here. It is just that now, the pretense of democratic communication is being dropped by western governments. And just in case David Cameron doesn’t get it – and he really does not appear to right now, no, it is not a good thing that the Chinese government likes your ideas: it makes you look undemocratic and authoritarian.

London Riots and Video Surveillance, Pt.2

My last post was about the lack of any apparent deterrence of rioting from CCTV. However that’s not to say that video surveillance is proving of no use to the authorities. However the way it is being used says a lot about both the limits of CCTV and the general problem of analysis of video images.

As part of ‘Operation Withern’, the investigation into the rioting, the Metropolitan Police have set up a special section of their website, London Disorder Images, as well as on Flickr, which is essentially crowdsourcing the identification of suspects. Despite being the most well-resourced police force in the UK, the Met lacks the resources, time and expertise to analyse and identify everyone it wishes to identify itself, and with widespread popular anger about the riots, they are banking on opening up the process of surveillance and identification as being more efficient and effective – and they may well be right.

Of course, with the problems of lighting, angle, distances, and image quality, the images vary in identifiability – and bear in mind that the few posted so far are probably amongst the best ones – and no doubt there will be many misidentifications. And, in addition, hundreds of people are already being processed through magistrates courts without much need to video evidence. But it is a tactic we are seeing more and more in many places (e.g. Toronto, following the G20 disturbances).

Will the Global South overtake the North in transparency?

At a time when liberal democracies in the Global North seem increasingly paranoid and cutting down both on personal freedoms and government accountability, could nations from the Global South seize the moment to become the new pace-setters on open government?

There are plenty of good examples from Latin American, but it’s in Africa that the real changes are occurring. Yes, that’s the same Africa often stereotyped as the home of endless war, corruption, military coups and dictators. Kenya, in fact, which the pessimists were portraying as being on the brink of collapse and authoritarianism after election violence a few years ago. But now, Kenya is pushing forward with massive changes in the way its government operates with an increasing tendency towards open information and other accountability initiatives, as a Guardian story is reporting.

Cynics will argue that this is just pandering to a new urban middle class, with only 26% of Kenyans having home Internet access. However, like many countries in Africa, the communications revolution us predominantly mobile and almost 65% of Kenyans have mobile telephones and will be able to access mobile versions of the new sites.

Facebook learns nothing

Having been strongly criticised over its ‘Places’ feature for its lack of understanding of the concept of ‘consent’ in data protection, and why ‘opt-in’ is better for users than ‘opt-out’ when it comes to new ‘services’ (i.e: ways they can share your data with other organisations), Facebook is doing it again.

Between today and tomorrow, the new Facebook feature called “Instant Personalization” goes into effect. The new setting shares your data with non-Facebook sites and it is automatically set to “Enabled”.

To turn it off: Go to Account>Privacy Settings>Apps & Websites>Instant Personalization>edit settings & uncheck “Enable”.

(Or of course, you can just ‘Turn Off All Platform Apps” too!)

The really important thing is that if your Facebook Friends don’t do this, they will be sharing info about you as well. So, copy this and repost to yours…

(Thanks to Lorna Muir for this alert)

Night of the Surveillance Dead

In one of those curious synchronicities that occasionally emerge out of the chaotic foam of the internet, I came across two stories (of an entirely different nature) featuring surveillance and ‘zombies’ this week.

The first is one that Ars Technica first publicized recently – the creation of new undeletable cookies. Cookies, for the still unaware, are little bits of code that sit on your computer and store information, usually relating to websites you have visited – so, passwords and the like. Originally they were simply a tool to make it easier to handle the proliferation of sites that needed login details from users. And in most cases, they used to be both moderately consensual (i.e. you would be, or could be, asked if you wanted to have you computer download one) and relatively easy to remove. However, in recent years, this has changed. For a start there are so many sites and applications using cookies that it has become inconvenient to ‘consent’ to them or to manage them in any unautomated way. The new development however is a system that uses the database capabilities in HTML5 rather than being a traditional cookie. The major problem with this, and you can read more about the technical details in the story, is that these cannot ever be deleted by the user, as when they are deleted, they respawn themselves, and recreate the data profile of the user by reaching into other areas of your computer (and even stuff you thought was also deleted). The company concerned, Ringleader Digital, which specializes in ‘targeted, trackable advertising’ for ‘real-time visibility’, says users can ‘opt-out’ by using a form on their website, but this so-called ‘opt-out’ is hedged about with terms and conditions.

Now, Ars Technica reports that an open-source developer, Samy Kamkar, has created ‘evercookie‘, a virtually indestructible cookie designed as an educational tool to make users aware of the presence of these new internet zombies that do their master’s bidding. It’s a neat idea but I wonder – and I hope you will excuse my taking the zombie metaphor just a little further here – whether in raising the dead to show that necromancy is bad, good wizards like Samy Kamkar might in the end just be contributing to the problem. It isn’t as if most ordinary users understand these strange powers. Perhaps the people who need to witness the power of these occult rites are the regulators. It’s not clear to me whether these kinds of programs would be considered in any way legal in most places with strong data-protection and privacy laws, like Canada and the EU – as the controversy over the similar British Telecom system, Phorm, showed. So I would be very interested in what the Canadian Privacy Commissioner has to say about it, for example. I will be asking them.

(The second zombie story I will add later…)

Augmented Reality or alternate (un)realities?

There’s an amusing article with a serious point to it by the ever-acerbic Charlie Brooker on The Guardian website, on the potential social transformations of so-called ‘augmented reality’ technologies. The idea that ‘augmented reality’ inevitably will diminish or dehumanise as much as it adds or extends is one that has been made many times before, but usually in regard to the ‘subject’, i.e: the person experiencing the augmented reality. What Brooker’s satirical article is saying is that the humanity that is potenitally diminished in these systems is that of ‘others’ who may be effectively hidden by the information that the person using AR desires, and perhaps even deliberately so. I can see this. I think it’s actually a real possibility and the humour of Brooker’s approach shoudn’t disguise the fact that he’s an incredibly perceptive commentator.

US wiretapping information release

From Chris Parsons:

“Christopher Soghoian, a PhD Candidate at Indiana University, has released the information on US wiretap/pen register information along with documents received through FOIA that are inquiring into the costs that telecommunications carriers demand for the two aforementioned services. He also has full recordings of sessions from (the closed door) ISS World: Intelligence Support Systems for Lawful Interception, Criminal Investigations and Intelligence Gathering. An executive summary of his draft thoughts are below, followed by a link to the full piece he’s written. He has made available his recordings and the responses to his FOIA requests to the public at large, all accessible at the link below.

Executive Summary

Sprint Nextel provided law enforcement agencies with its customers’ (GPS) location information over 8 million times between September 2008 and October 2009. This massive disclosure of sensitive customer information was made possible due to the roll-out by Sprint of a new, special web portal for law enforcement officers.

The evidence documenting this surveillance program comes in the form of an audio recording of Sprint’s Manager of Electronic Surveillance, who described it during a panel discussion at awiretapping and interception industry conference, held in Washington DC in October of 2009.

It is unclear if Federal law enforcement agencies’ extensive collection of geolocation data should have been disclosed to Congress pursuant to a 1999 law that requires the publication of certain surveillance statistics — since the Department of Justice simply ignores the law, and has not provided the legally mandated reports to Congress since 2004.”