transparency – ubisurv

Negotiating (In)visibilities

There’s an interesting new research network called ‘Negotiating (In)visibilies‘, one of those fascinating interdisciplinary collaborations (or collisions) that spans architcture, urban studies, cultural studies, arts and information (and probably). I’ve been asked to be an advisor and will also be giving one of the keynotes at what looks to be a really great opening confererence in Copenhagen, February 1-2 2012. Should be fun!

Who gets Freedom of Information?

UK transparency campaigner, Heather Brooke, writes a comment piece on The Guardian website today on why she believes that UK university cancer researchers should have to give up information to transnational tobacco giant, Philip Morris. The basis for the argument is that Freedom of Information law should apply regardless of who the applicant is.

I generally admire Heather’s single-minded work on FoI, but single-mindedness is not always a virtue, and can sometimes lead to overly extreme conclusions which lack a broader understanding of the political economics involved. As in this case. As a researcher and analyst rather than a campaigner, I can see that there are three important counter-arguments to her piece:

1. Corporations are not people. There is a serious and ongoing battle here. Although legal incorporation means companies are often considered as legal people, we should not start to think of them as having ‘rights’ like individuals, not should rights that come from citizenship or by being an individual voter apply to them. Recently, the US supreme court rejected the argument of a large telecoms company that it had privacy rights. The worrying thing is that several lower courts had accepted that it could have such rights. Rather than providing corporations with more equivalences to human rights, we need to be holding corporations to account. This brings me to…

2. The really important issue with large private companies and FoI is why those large private companies are not subject to the same kind of transparency. Corporate confidentiality makes no sense even in the context of liberal economic theory, however it makes even less sense if we think about FoI as a method of accountability. Corporations are unable to be held accountable via electoral processes and the markets are too diffuse and diverse (and spread across too many different countries) to work as a mechanism of accountability, so we need law that rebalances the power imbalances between corporations on the one had, and people, individually and collectively, on the other – through transparency. That is, after all, what is its main point when it comes to state transparency and FoI; it’s not really about ‘value for the tax payer’, it’s about power.

3. On that note, FoI is being increasingly used against academics and activists in particular as a form of intimidation by corporate interests. This is not to say that academics and activists should not be accountable, but it is not the case that all parties here of on a level playing field, and further, mechanisms of accountability are themselves not simply neutral or unequivocally always a good thing because of what they are supposed to do. Law has to embed intention, and be interpretable by the courts, in a way that clearly differentiates between legitimate use (for people holding organisations to account), poor excuses (as in the state claiming expense or lack of time as reasons for not releasing information), and blatant misuse of the law for purposes for which it was not intended. If it does not, it can simply become another method the intensification of organisational power against the interests of people.

Will the Global South overtake the North in transparency?

At a time when liberal democracies in the Global North seem increasingly paranoid and cutting down both on personal freedoms and government accountability, could nations from the Global South seize the moment to become the new pace-setters on open government?

There are plenty of good examples from Latin American, but it’s in Africa that the real changes are occurring. Yes, that’s the same Africa often stereotyped as the home of endless war, corruption, military coups and dictators. Kenya, in fact, which the pessimists were portraying as being on the brink of collapse and authoritarianism after election violence a few years ago. But now, Kenya is pushing forward with massive changes in the way its government operates with an increasing tendency towards open information and other accountability initiatives, as a Guardian story is reporting.

Cynics will argue that this is just pandering to a new urban middle class, with only 26% of Kenyans having home Internet access. However, like many countries in Africa, the communications revolution us predominantly mobile and almost 65% of Kenyans have mobile telephones and will be able to access mobile versions of the new sites.

On the Internet, no-one knows you’re a dog

So the (now rather old) joke goes. In fact, this joke is now often seen as an example of how people early on in the history of the Internet misunderstood it. People, the argument goes, are just people on the Net, pretty much the same way they are in real life. No technological determinism here, no siree.

However there is increasing evidence that this new ‘common knowledge’ is dead wrong, but it isn’t necessarily individual ‘dogs’ pretending to be humans online, it is whole organised packs (don’t worry, I won’t take this metaphor any further). Various sources have been reporting the development call by the US military for software development to create artificial posters on Internet forums, chatrooms, and news sites. The US state it seems has woken up to the possibilities of what is often called ‘astroturfing’, the creation of fake grassroots movements, with fake members.

George Monbiot, a leading British investigative journalist with The Guardian newspaper knows about astroturfing more than most. He frequently writes about climate change denialists, and the comments under his stories are always filled with pseudonymous critics who seem to pop up every time the word ‘climate’ is mentioned and their responses often appear to be scripted and organised. He’s been digging deeper, and while his investigations are still ongoing, he has provided a useful summary of recent development here.

As well as the corporate interests (tobacco, oil, pharma etc.) it’s also worth pointing out that other states are far ahead of the US on this. China notoriously has its so-called ’50-Cent Party’, students and others who are recruited by the state and paid by the message to counter any anti-Chinese or pro-Tibetan, pro-Taiwan or pro-Uighur sentiment. Their early efforts were laughably obvious, but are becoming more and more subtle. Israel is open in its backing of such ‘online armies’, and advocates the use of a particular software tool, called Megaphone, which enables its users to respond quickly and widely to any reports or discussion seem as against the interests of the Israeli state.

Anonymity is also used by these organised groups as a form of individual intimidation through other ‘open’ channels, especially of those who lack the resources and sometimes the low cunning to be able to respond effectively. One is Freedom of Information legislation. In the area of climate change denial, we saw this with the systematic and organised petitioning of the University of East Anglia’s Climate Research Unit, in which FoI requests were really a form of harassment. More recently, as I have just heard from Chris Parsons, two professors from Ottawa, Errol Mendes and Amir Attaran, seen as ‘liberal’ and critical of the Canadian government, have similarly found themselves the subject of a huge upsurge in FoI requests, many of which seem to be deliberately requesting very intimate information. This would appear to be Freedom of Information as intimidation.

There are several responses one could have to this. One would be to withdraw from more public and open forms of interaction, to batten down the hatches, retreat into extreme forms of privacy. This would be a mistake: it really would, as some of the more alarmist reports have proposed, mean the death of Web2.0. The other would be to take the Anonymous route, to ferret out the spies and the fakes. This could be done with better forum and comment software, but would mean a lot of hacking effort and knowledge. How is a chatroom supposed to go up against the power of states and corporations? The real risk with this, as with more low-tech forms of ‘exposure’, is that we help create a culture of suspicion in which moles and spies are everywhere, and genuine political interaction is chilled. It may be coincidental, but it is not unrelated, that we are seeing a growing attention being called to this kind of thing just as we have seen the power of social media in the uprisings across the Arab world. In this area at least privacy is not the answer, a more radical political openness and transparency may well be required to facilitate the kind of social trust that can keep Web2.0 growing and changing in a positive direction.

Death to the ICO?

Chris Parsons draws my attention to a blog posting on the very swish and refurbished Privacy International site (nice job BTW – I will check in regularly). Simon Davies argues in this post for the ‘assisted suicide’ of the UK Information Commissioner’s Office (ICO) because it has become a ‘threat to privacy’. The bases for this argument are several, namely that:

“the legislation that underpins the Office is narrow and in places regressive”;
the ICO is “a quasi judicial regulator that sees its role as protecting data rather than people”, which leads to timid decisions;
the ICO is sometimes “ill-informed… and almost always out of step with the more proactive and advanced regulators overseas” especially when it comes to technology;
its complaints procedure is slow and frequently pointless;
there are too many surveillance-related commissioners in the UK (the Surveillance Commissioner, the Interception of Communications Commissioner, the Equality & Human Rights Commission etc.)
it is disconnected from “an information environment dominated by companies which appear to be largely exempt from local protections for citizens.”

Now, I’ve done some work on commission for the ICO, and therefore you might expect me to defend it from these criticisms. But in fact, I find much to agree with here, as well as some points with which I disagree, and much to ponder.

On the side of agreement,the ICO, like much of government, is undoubtedly technologically rather backward. When, in the Report on the Surveillance Society, we wrote about the way in which governments were behind the times, this was as much a message for them as for parliament or the executive. Maybe it is down to funding, maybe to institutional inertia, maybe deliberate choice, but the ICO has still has not taken serious steps to remedy this as Simon points out, and relies largely on occasional external reports, many of which are in any case general rather than specialist, to update it.

I also agree with the charge that the ICO has been relatively powerless in the face of the rise of corporate surveillance. This is not surprising given its origins as an arm’s-length regulator of government, and some of the particular issues of concern – like whether it took the Google wireless hacking episode seriously enough or made the correct decisions – are far from obvious. But one can clearly contrast the relatively activist stance of even quite bureaucratic Privacy Commissioners like the federal Canadian body over Facebook, with the ICO. It has in the recent past taken some serious actions against illegal private sector surveillance – for example the bust of a notorious blacklisting firm – but this direction appears to have fizzled out. Not being privy to internal policy discussions, I am not sure why.

Then there are some areas in which the criticisms are valid, but which may not be directed at the right target.

The first of these is the proliferation of Commissioners of various kinds – and incidentally, we have thankfully been spared the birth of yet another one with the cancellation of the ID Cards scheme. I have also been arguing for the merging of all the various surveillance-related quangos for a long time. The reason so many of them exist is partly because of the piecemeal way in which British legislative process occurs. There are rarely comprehensive Acts covering broad areas, instead existing institutions, however inappropriate to the job needed, are often merely supplemented or modified. The other reason is of course the ongoing effort to protect certain parts of the state from serious scrutiny, in particular the intelligence services and political police.

The second is that, fundamentally, it seems clear that British data protection and privacy legislation is generally archaic and not up to the job. Neither is its Freedom of Information legislation, even though it was a massive advance on the culture of secrecy that preceded what in retrospect may have been one of New Labour’s most important measures.

However, I am not sure that either of these points are in themselves a criticism of the ICO but rather of the legislation which created it, and the governance environment in which it has to operate. The way in which the ICO came about, through a rough fusion of old Data Protection and newer Freedom of Information functions produced a lumbering Frankenstein’s monster made of parts and bits, kept going on a drip-feed of limited funding, something that was never going to be capable of what campaigners expected of it. The same could be said partially of the critique of the complaints procedure, itself is a widely shared opinion and one with which I would not take issue. However, how much of this is down to the limited funding and staffing, and once again, the foundational legislation which hampers as much as empowers the ICO to do much of what we outsiders would want them to do?

Then, some of the criticisms are more personal opinion, with which I am sure many in the ICO would disagree, particularly the idea that the ICO does not care about people. Both Simon and I know many people in the ICO personally and whatever our political differences with them, the idea that they are heartless data bureaucrats with no interest in people is a rather unhelpful and hyperbolic caricature, as is the idea that the ICO is an ‘enemy of privacy’. The ICO had a legally mandated job to do first and foremost and it needn’t, legally, go beyond that at all. Yet it has. The interventions that the previous Information Commissioner, Richard Thomas, made on surveillance in particular were absolutely vital in adding a new level to a debate that had previously, despite the best efforts of activists, campaigners and researchers, been of more marginal concern. One could argue that surveillance and privacy would never have become such a topic parliamentary debate, let along an election issue, without his advocacy. Certainly it hasn’t gone far enough, but is has hardly, during this period at least, acted as a stereotypically uncaring bureaucracy.

So what of the solutions?

Simon advocates only one: that the government “scrap the data protection functions of the ICO and building a new Privacy Act that creates a true watchdog with a broad mandate.” It is hardly surprising that Privacy International see the ‘privacy’ element as the most important one here. Simon will also not be surprised to discover that I disagree with him on this. In fact, my argument for a while has been that privacy cannot justifiably be prioritised over other forms of human informational rights. In addition, the concept of ‘human rights’ in general does not deal with everything about information relationships, positive or negative, and the many elements of those information relationships between state, citizen and corporation cannot be so arbitrarily separated.

I would therefore argue that a comprehensive Information Act, which covered citizens’ rights to information (their own, and that generated by government and corporations), their rights of privacy and the more general parameters of what the state and companies may know of those who information this is and how they are allowed to do so (i.e the limits of surveillance). I agree that ‘data protection’ is an out-of-date concept. But ‘privacy’ does not, and cannot, replace it, at least not alone. Privacy Commissioners, where they exist, find themselves dealing with a lot more than privacy and end up becoming ‘surveillance’ or ‘information commissioners’ in practice or by stealth, and in some cases an emphasis on privacy over all else can hamper legitimate needs to know (as has been true in the case of family members of elderly patients with dementia in Canada for example).

My conclusion about what a new Information Act would contain in terms of the regulatory bodies has something in common with Simon’s view, but I have two options. One is the creation of a single mega-regulator – a real Information Commissioner that covered all the areas of our information relationships with the state and corporations that would be able to go after corporations, local and national government over issues of their secrecy, transparency and accountability, and our privacy and informational needs. It wouldn’t just merge the existing ICO, Surveillance Commissioner, Interception of Communications Commissioner and so on), but start with new legislation and a new structure.

The other option would be a merge all the existing bodies but create two new ones to replace them: a Surveillance and Privacy Commissioner, to cover all of the areas of state and corporate intrusion into the lives of citizens, but also a Freedom of Information Commissioner, to cover the equally vital areas of state and corporate transparency and accountability. Privacy without FoI, whether together in one organisation or separate, is altogether too defensive an approach to what we can expect from the state.

And whichever route one took, the organisation(s) should have a wider range of powers built in and required – research (including technological foresight), advocacy, assessment, response and enforcement functions – with protected funding and legally binding decision-making capability. I think we would all be in agreement on that…

Doping, Surveillance and Radical Transparency in Sport

Surveillance studies people tend not to look at sport very much. Sure, sports mega-events and the kinds of security crackdowns and surveillance surges that occur around them are an object of research, but sport itself, less so.

This is interesting because the bodies of athletes are amongst the most closely monitored and at the same time, contested sites that one could imagine, none more so than professional cycling. Professional cycling may be the most difficult sport on the planet and not surprisingly it has acquired a bad reputation for the prevalence of cheating, particularly in the area of doping. The reputation is in some ways unfair as cycling also has some of the most onerous regulations governing everything from the movements of the riders – the so-called ‘whereabouts rule’, where riders must be available for testing at all times, so must tell doping testers where they are going to be and be there – to bodily function, with top level cyclists now required to have a ‘biological passport’ which establishes baseline values for levels of various aspects of blood and so on, so that anything which alters these values in an unusual way can be taken as prima facie evidence of doping.

However, there has been a reaction from many cyclists against the increasingly intrusive surveillance regime. Privacy has been cited (see for example the challenge by Kazahk rider, Andrey Kashechkin to be his positive test for an illegal blood transfusion), as well as the riders’ right to a good night’s sleep (testers now often arrive in the early hours of the morning). Critics have been less sympathetic with accusations of a code of ‘omerta’ towards anyone who tells the truth about doping in cycling, and riders generally failing to understand the seriousness of cheating.

In opposition to the complaints, a growing number of top teams and riders have been taking the initiative and arguing not against the surveillance regime but embracing it even more fully than the UCI, the sport’s governing body or WADA, the World Anti-Doping Agency. One example is British rider, Bradley Wiggins. He’s an ex-Olympic track cycling champion who has previously finished 4th in the Tour de France, generally acknowledged as the pinnacle of the sport. That result was a surprise to everyone as Wiggins had never really shown such prowess on the road, and there were mutterings about doping. What Wiggins did was radical and even more startling: a rider who has always insisted that he has ridden clean, he published his biological passport readings for the whole period of the Tour and more.

Now he is taking this ‘radical transparency’ stance further and arguing that all biological passport data for all riders should be made available on the Internet. He argues that this would give both individual riders and the sport, credibility, and stop the rumour mill and the often unfounded allegations around particular performances, as well as shaming those who really are trying to get away with doping. Of course it does damage privacy, but in this case, the virtues of privacy and very much less clear than they might be in other domains. Of course there is also a big difference between such transparency being a voluntary gesture and a requirement.

The Internet Must Be Defended (2): a Transparency (R)evolution?

(A few more random rabble-rousing thoughts: Part 1 here)

For a few years now there has been a tendency (and no, it’s not an organised conspiracy – most of the time), to try to contain the uncontrolled development of the Internet by many different states and non-state organisations. Here’s some examples:

1. China has basically created its own island system, that could potentially be entirely disconnected from the rest of the Net and still function. Within this system it can censor sites, control the flow of information and so on. This is not a case of an isolated authoritarian state: the system has been created largely by western hardware and software developers.

2. The development of new ways of accessing information – through Web apps, branded social networking software and so on – means that increasingly users are experiencing the Net (and more specifically the Web) through controlled corporate channels. The Web is in many ways the most immediately vulnerable feature of the Net.

3. There is a worldwide movement by states, pressured by the USA and others, to put into law restrictive new measures that redefine all information as intellectual property, introduce digital locks, and more widespread end-user licensing etc. (i.e. moving the software model of property rights to all information objects). This is equivalent perhaps to the ‘enclosure’ of the commons in C17th Britain, which underlay the rise of private capital.

4. Under the guise of counter-terrorism or fighting organised crime, states, again pressured by the USA but some entirely of their own volition, are introducing comprehensive surveillance measures of online communications – it started with traffic analysis and is moving increasingly to content too. This also leverages the trend identified in 2. Relationship modelling is where it’s at now. Basically, it isn’t so much that your digital doubles sitting in multiple databases, but they are walking and talking on their own to others, whether you like it or not, and it is the nature and quality of their interactions that is being monitored.

Wikileaks is a thread because it represents the opposite of these trends to closure and the retaking of control of the Internet. It’s not because Wikileaks is itself particularly threatening, it’s the fact that it is making visible these underlying trends and may cause more people to question them.

The character of Julian Assange has nothing really to do with this – except insofar as his prominence has only made Wikileaks, and the nascent opposition to this retaking control of the Internet, vulnerable because people in general can’t tell the difference between a person and an idea and will often think an idea is discredited if a person is – and individuals are very easy to discredit, not least because of the amount of information now available to intelligence services about people means that their vulnerabilities and proclivities can be easily exploited. A lot of people who are genuinely interested in openness and transparency were already questioning the need for this supposed ‘leader’ and I suspect that we will soon see (multiple) other alternatives to Wikileaks emerging.

I would suggest that people who think this is melodramatic are usually speaking either from a position of ignorance of the broad range of trends that are coalescing around the Wikileaks issue, or are simply baffled by the redefinition of politics that is occuring around information and are seeking certainty in the old institutions of nation-state and corporations – institutions that ironically were once themselves so threatening to what was seen as a natural order.

But why should we care? I have heard some people argue that the Wikileaks issue is someway down their list of political priorities. But it shouldn’t be. This issue underlies most other attempts to have any kind of progressive politics in an information age. We already have an economically globalized world. Political power is also increasingly globalized. Yet, what we have in terms of systems of accountability and transparency are tied to archaic systems of nation-states with their secrecy and corporations with their confidentiality. Yet for almost all the founders of the enlightenment, free information was crucial – whether it was for the operation of free markets or the success of politics. In other words, without transparency, there can never be a real global polity to hold the new global institutions to account. And then all your other political concerns will remain limited, local and without significant impact.

If you want a world where your political influence is limited to a level which no longer matters, then sure, don’t support Wikileaks.

But if you actually care about being able to have some degree of accountability and control at a level that does, then you absolutely should support Wikileaks against the measures being taken to destroy it. At least sign the Avvaaz petition. Sure, we don’t know what form any emergent global polity can or will take – and maybe one of the fascinating things about such an open, ‘Wiki-world’ is that no one person or group will be able to determine this – but we certainly know what the alternative looks like, and whilst it may not be ‘a boot stamping on human face forever’, it is most certainly a firm paternal hand on our shoulder.