Tuesday 12 December 2017

Another toothless wonder? Why the UK.gov's data ethics centre needs clout • The Register

Another toothless wonder? Why the UK.gov's data ethics centre needs clout • The Register: "Again, aside from the fact it would be refreshing to see the government choose someone who isn't a white man pushing 50 for this kind of role, it would breathe a bit of life into the body, and increase its reputation among those watching, if the government looked outside the usual pool of suspects.

 "There are a lot of examples of similar, private, bodies in the US, many of which are led by female tech execs," said Veale, such as danah boyd's Data & Society. "It would be good to have that kind of fresh person, rather than a senior civil servant or a one-day-a-month academic."

 Because fundamentally, it doesn't matter how well the centre's piece fits into the data reg jigsaw if no one listens to what it says.

If it ends up as just another fusty academic unit lacking the requisite backbone to speak truth to power, it will have been a wasted effort and a wasted opportunity. " 'via Blog this'

Friday 8 December 2017

Electrospaces.net: INCENSER, or how NSA and GCHQ are tapping internet cables

Electrospaces.net: INCENSER, or how NSA and GCHQ are tapping internet cables: "The secret GCHQ documents about these cable tapping operations only refer to the cooperating telecommunications provider with the cover name GERONTIC. The real name is protected by STRAP 2 dissemination restrictions. But nonetheless, German media already revealed that GERONTIC is Cable & Wireless last year.

In july 2012, Cable & Wireless Worldwide was taken over by Vodafone for 1.04 billion pounds, but according to the GCHQ documents, the covername GERONTIC was continued, and was seen active until at least April 2013.

 According to the press reports, GCHQ had access to 63 undersea internet cables, 29 of which with the help of GERONTIC. This accounted for about 70% of the total amount of internet data that GCHQ had access to in 2009.

Cable & Wireless was involved in these 29 cables, either because it had Direct Cable Ownership (DCO), an Indefeasible Right of Use (IRU) or Leased Capacity (LC). Besides that, the GCHQ Cable Master List from 2009 lists GERONTIC also as a landing partner for the following nine cables" 'via Blog this'

Monday 23 October 2017

Not Being Evil: How Law and Computer Science Can Work Together to Improve Society



The Internet – if not all it’s 50,000+ Autonomous Systems - has become a giant surveillance machine, though we can reasonably disagree on causes, motives and whether it is public or private regulators who are the greater risk to individual privacy and liberty [1]. There is no longer any question of whether the Internet is losing its special ‘unregulable’ status, but when and how laws will change the status quo ante. In this column I explore the various means by which lawyers can be helped by computer scientists to stop the (inevitable) collateral damage to innovation when the unstoppable force of legislation hits the irresistible innovation of the Internet. I will explore some current controversies (fake news, net neutrality, platform regulation more generally) from an international perspective. The conclusion is familiar: lawyers and computer scientists need each other to prevent a disastrous retrenchment towards splintered national-regional Intranets. To avoid that, we need to be intellectually pragmatic in pursuing what may be a mutually disagreeable aim: minimal legislative reform to get the politicians off our backs. The alternatives are to allow libertarian advocates to so enrage politicans, that severe over-regulation results.
Regulation should first do no harm. That is easy to state, difficult to achieve, when legislation is the clumsiest version of the engineering principle of the ‘Birmingham Screwdriver’: to a legislator, every problem looks like a new Bill will solve it, and worse, to an international lawyer every problem looks like a new Convention or Treaty is needed. Yet in reality, all that the lumbering Frankenstein’s monster that is law can achieve, is to enforce against a few bad actors to prevent the most egregious over-reaching by companies and users. More negatively, the worst law can do is over-legislate in the interests of monopolies old and new to prevent technological progress (consider the infamous example: a man carrying a red flag in front of the first motor vehicles, which protected stagecoaches and railways from innovative competition[1]) [2].
As an independent policy advisor to governments for the last twenty years, I have spent a great deal of that time advising on how little governments can do effectively in steering towards better self-regulation by the industry, as well as how bad the unintended consequences of more ‘heroic’ policy interventions can be. I have also had to continually advise in favour of independent scientific evidence gathering and against the plaintive cries of corporate and public safety advocates’ claims that the sky is falling in. Twenty years ago, it was ‘porn!’ ‘Napster copytheft!’ ‘telecoms merger monopolies’ ‘free Wifi!’ ‘cybertheft’; now it is more likely ‘revenge porn!’ ‘fake news!’ ‘cyber threats: darknets and Bitcoin’ ‘net neutrality!’ ‘AI and the singularity!’  The time-limited and dynamic ‘truth’ (or at least second-best solution) has always lain in the expert opinion that was not clamouring for attention like so many Chicken Littles – but reaching those experts requires patience and focus on the part of often distracted policymakers. So here’s how to make it easier for them. I will base the methods on current controversies, as these case studies help us see what goes wrong in law enforcement and how to (partially) remedy that bad law-making.
‘Fake news’ is the heartfelt cry of politicians who feel wronged by the online media. The existential threat to those who rely on public acclaim to sell products, buy voters and otherwise advertise their wares is that we do not listen to them. Ad blocking and filter bubbles have made consumers and voters harder to reach. Industrial scale behavioural profiling and viral marketing via Twitter bots are a new method to so do. The expansion of social networking and smartphones means that new methods of communication are necessary, and consumers-voters are filtering out content they don’t like. That is not new – it applied to the tabloid newspapers methods of ‘yellow’ journalism, radio news and telegraph-suppplied newswires a hundred years ago. Unfortunately, the failure to adopt a universal public service model then meant the public was inflamed by irresponsible commercial media into a series of wars for the first time made global by the same communications means (telegraphs, railways, radio, long distance reliable air and maritime transport) that enabled the mass media. Today, the calls for fake news regulation pay no regard to both historians of technology and legal historians who can advise on public service media. Twitter and Facebook offer parallels to Hearst newspapers and Goebbels’ radio broadcasts.
It is high time for an interdisciplinary project exploring how to avoid the same disastrous outcomes. Computer technology is a tool for the powerful; that insight is not new but politicians are ignoring the previous generations of transformative technology and our attempts to marshall them. More obviously, politicians are not using the tools of behavoural insight to explore how best to regulate fake news and social networking: evolutionary economics and behavioural neuroscience tells us how we become addicted to social media, yet legislators do not consult the experts to explore how our ‘Dunbar number’ affects our behaviour in fundamental ways [3].
Net neutrality is a ludicrously simplified slogan for a highly complex engineering task: how to permit sufficient permission-free innovation in the network. The over-politicised doomsayers on both sides fail to mention what is becoming abundantly clear: policy can only partially steer traffic management practices. Net neutrality can do no more than prevent large telecoms companies continuing ‘evil’ policies such as blocking Skype and WhatsApp or throttling back video traffic their subscribers want to see. Net neutrality cannot stop innovation by telecoms companies (whose own corporate histories show a somewhat chequered relationship with IP network deployment). Regulators are simply not that competent, even if they had the resources and will to carry out laws to the letter, which they do not. Hysterical public interest over-reactions and/or paid-economist skyfall predictions have become boring even to those making them. Minimal rules made sensibly by technically proficient people are achieving quietly what millions of emails to regulators and legislators cannot: conduct rules to stop telecoms companies behaving in evil ways while giving them the latitude to experiment where not harmful to the public Internet. Note that common carriage was a rather successful way of delivering public (alongside private andbusiness) communications services in previous technologies. More scientific exploration of the limited effects of such policies would be rather useful. An example of regulators trying to do this in a non-confrontational manner is the extensive work produced by the Body of European Regulators of Electronic Communications.
Platform regulation is the canard thrown into the net neutrality debate by those telcos. If you regulate us, they say, you should also regulate the giant monopolies of Google, Amazon – and even their sometime friends at Apple and Facebook. Politicians get very confused by this, and ask: what is the difference between platforms and networks? Journalists  confuse their readers by referring to all those companies as ISPs – even though access networks perform fundamental and entirely different functions than social networks or search engines. The very high public profiles of Twitter and Snap cause issues, as they are by no means monopolies. Google was eventually fined in July 2017 for antitrust violations because of the links between its search engine and shooping platform – though it took a new more technologically literate European Competition Commissioner to understand the problem first investigated in 2009, and how it influenced unfair competition. Google avoided an adverse outcome for eight years – kudos to the company’s lawyers for delaying even longer than Microsoft under European investigation (that saga began in 1998 with enforcement in 2004: Case T-201/04).
You might wonder how legislators can even begin to discuss complex laws when they don’t know the difference between an IAP and ISP? Well, here’s some news for you – in Europe all these terms have ‘society’ attached to them. An access provider (telco) is an ‘Electronic Communications Service Provider’ (ECSP), distinct from an Information Society Service Provider (ISSP). Lawyers often fail to master these terms. If you were wondering: ‘Information Society’ was Europe’s rhetorical counterpoint to Al Gore’s ‘Information Superhighway’ (ask your parents).
The ‘singularity’ is another chaotic non-problem demanding a legislative non-solution. If lawyers and politicians do not know what a platform is, imagine how little they understand Artificial Intelligence (AI). What they do understand is that platforms such as Amazon, Uber and AirBnB are displacing many manual workers into zero-hours non-contract non-union jobs. Creative destruction sounds theoretical until it happens to you, the ‘roadkill on the Information Superhighway’. I tell my cyberlaw students that they will be the last lawyers employed, programmnig ethics into our future robot overlords right before they become self-aware. The legislative inquiries into AI – as previously with drones, Internet of Things, blockchains, smart power meters and so on – are actually inquiries into the changing nature of employment and thus voting blocs. This concentrates the legislative mind almost as fast as fake news. It also poses a fundamental challenge to computer scientists: politicians are no longer panicked by Internet disruption, but to contagion of offline industries.
E-commerce runs the risk of becoming a dirty word especially in Europe, where mass youth unemployment and an ageing workforce means IT skills are in short supply, especially in Parliaments. Google- or Uber-sponsored promising untold riches from driverless vehicles fall on deaf ears: autonomous robots do not vote. Venture capitalists suporting libertarian business plans based on usurping heavily regulated public transport systems and short-term rental accomodation are poisoning the well for more legitimate businesses, not just in liberal New York and Berlin but in many places. The idea that blockchain can support smart self-enforcing self-auditing contracts, and thus displace lawyers and accountants, sends shudders through the professions. This is a red flag to those advising governments as well as those legislating [4].
If AI, platform regulation, blockchains et al signal a desire to slow down the pace of innovation by government, what rational answer can be sold to government? The first essential is to prevent platforms becoming liable as publishers, by whatever legitimate means necessary. If that means accepting fines for failure to take down fake content or revenge porn, so be it. If that means accepting a user ombudsman as suggested in new proposed English legislation, so be it. If that means recruiting more content checkers to remove content faster, that may be overdue. If it means accepting that global platforms need to conform to European rules on hate speech (for instance Nazi content), that legal battle was lost by Yahoo! in the French Tribunal de Grand Instance 17 years ago[2] (as discussed by previous columns in this series, including Geist and Reidenberg).
What more can be done? For US companies, an existential crisis awaits. Europe sets the global standards for regulation of content, notably in data protection and hate speech. The United Kingdom government, formerly the ‘unsinkable aircraft carrier’ lobbying in Brussels for US Internet companies, is ‘Brexiting’ the European Union by March 2019. Already, the decisive power relationship in European law has swung to Germany and France. Regulation will increase, and Anglo-American companies increasinlgy recognise that and are embracing a French term: co-regulation. What that means is diluting government control of the Internet by ensuring a compromise based on industry self-regulation, but with oversight by users and by government regulators [5].
If that sounds messy and unprincipled, it is. Examples include domain name oversight by ICANN. Governments have sponsored industry standards not only in Europe but globally via hosting and supporting the World Wide Web Consortium with industry. Crudely, it is the compromise computer scientists have to live with. Totalitarian regimes want to use the threat of terrorism and cyber-crime to replace self-regulation with direct and often draconian control. Co-regulation is the best alternative. Areas for cooperation between law and computer science can actually flourish in co-regulatory institutions, because the best of them engineer a deliberative evidence-driven expert-friendly process [6]. It can curb the worst excesses of both corporate and government control. If we cooperate to make these processes work, it’s the best chance we have of preventing a much worse system of control emerging.
Chris Marsden (c.marsden@sussex.ac.uk) is Professor of Law at the University of Sussex, Brighton, UK.
The argument in this column is further explored in the final chapters of author’s recent book Network Neutrality: From Policy to Law to Regulation (Manchester University Press, 2017).
[1] Brown, I. and Marsden, C. Regulating Code: Good Governance and Better Regulation in the Information Age (2013) MIT Press, Cambridge MA.
[2] Marsden, C. ‘Technology and the Law’ in ‘International Encyclopedia of Digital Communication & Society’ (2015) Wiley-Blackwell, DOI: 10.1002/9781118767771.wbiedcs138
[3] Pollett, T. V., Roberts, S., and Dunbar, R.I.M. Use of social network sites and instant messaging does not lead to increased offline social network size, or to emotionally closer relationships with offline network members (2011) Cyberpsychology, Behavior and Social Networking 14: 253-258.
[4] Guadamuz A. and Marsden, C. Blockchains not Bitcoin: Distributed Ledger Technology, Computers and Law, Issue 2 (2016) http://www.scl.org/site.aspx?i=ed46568
[5] Marsden, C. Internet Co-regulation: European Law, Regulatory Governance and Legitimacy in Cyberspace (2011) Cambridge University Press, Cambridge, UK
 [6] Marsden, C. Zevenbergen, B., Marzouki, M., Bygrave, L., Morando, F., Powell, A., Turk, Z., and Salamatian, K. Deliverable 4.3: Final Report on Regulation, Governance and Standards (2015) European Internet Science Consortium at http://www.internet-science.eu/groups/governance-regulation-and-standards


[1] United Kingdom: Locomotives Act 1865 s.3 (An Act for farther regulating the use of Locomotives on Turnpike and other roads for Agricultural and other purposes: 28 & 29 Vic. Chapter lxxxiii)
[2] Confirmed in Yahoo! Inc. v. La Ligue Contre Le Racisme et L’antisemitisme. L’Union Des Etudiants Juifs De France, 433 F.3d 1199 (9th Cir. 2006); http://bit.ly/2f8Oi59

Sunday 4 June 2017

May's statement on the London Bridge terror attack

READ Theresa May's FULL statement on the London Bridge terror attack | PoliticsHome.com: "Second we cannot allow this ideology the safe space it needs to breed. Yet that is precisely what the internet and the big companies that provide internet-based services provide. We need to work with allied democratic governments to reach international agreements that regulate cyberspace to prevent the spread of extremist and terrorism planning and we need to do everything we can at home to reduce the risk of extremism online." 'via Blog this'

Wednesday 19 April 2017

Facebook and the Cost of Monopoly – Stratechery by Ben Thompson

Facebook and the Cost of Monopoly – Stratechery by Ben Thompson: "The problem is that Facebook isn’t simply a social network: the service is a three-sided market — users, content providers, and advertisers — and while the basis of Facebook’s dominance is in the network effects that come from connecting all of those users, said dominance has seeped to those other sides.

 Content providers are an obvious example: Facebook passed Google as the top traffic driver back in 2015, and as of last fall drove over 40% of traffic for the average site, even after an algorithm change that reduced publisher reach.

So is that a monopoly when it comes to the content provider market? I would argue yes, thanks to the monopoly framework above.

 Note that once again we are in a situation where there is not a clear price: no content provider pays Facebook to post a link (although they can obviously make said link into an advertisement). However, Facebook does, at least indirectly, make money from that content: the more users find said content engaging, the more time they will spend on Facebook, which means the more ads they will see." 'via Blog this'

Thursday 12 January 2017

UK fails to gag press over ID of ex-spy at centre of Trump dossier claims

UK fails to gag press over ID of ex-spy at centre of Trump dossier claims | Ars Technica UK: "The D-notice first came into play in 1912, two years before World War I broke out, when Whitehall mandarins decided that an organisation should be created that addressed matters of national interest. Members of the press were included on the advisory panel, and they remain so to do this day.

However, the makeup has changed a little: the likes of Google representatives have sat on the committee, for example. Though, the US ad giant withdrew its voluntary support in light of Edward Snowden's damning disclosures about the NSA.

Historically, publishers and editors have largely responded in kind to the frightfully polite requests from the MoD. Members of the committee have long argued that it doesn't amount to censorship from the British government, instead insisting that they are simply exercising restraint with stories that may, on reflection, damage national security. But Vallance and his predecessors can only gently nudge the press to consider the sensitive material they have in their possession before publishing it." 'via Blog this'