Infowar! Huh! What is it good for?


This is disturbing, to say the least. As the Cambridge Analytica scandal rumbles on, here’s Adam Ramsay’s view of “what happens when you privatise military propaganda”:

If you privatise war, don’t be surprised if military firms start using the tools of war on ‘their own’ side. When Eisenhower warned of the Military Industrial Complex, he was thinking about physical weapons. But, just as unregulated semi-automatics invented for soldiers end up going off in American schools, it shouldn’t be any kind of surprise that the weapons of information war are going off in Anglo-American votes.

Facebook is rotten from the head down

I’m not the best person to opine on Facebook: during its original meteoric rise I believed its momentum would slow and it would be overtaken by something less obviously dismissive of its users. After all, this was a business built on the belief that its users were “dumb fucks”, as Mark Zuckerberg famously said.

So you can probably ignore my feeling that Facebook’s current privacy scandal may actually do serious damage to the company.

But you might want to pay attention to Jean-Louis Gassée, because he is someone worth paying attention to: his career has encompassed important roles in Hewlett-Packard, Apple and Be. His Monday Note newsletters are always worth reading. and this week’s one is about Facebook.

From the headline – Mark Zuckerberg thinks we’re idiots – on, it doesn’t pull any punches.

“Your privacy is important to us”. Yes, of course, our privacy is important to you; you made billions by surveilling and mining our private lives.

He’s writing amid yet more revelations about Facebook’s cavalier approach to privacy. For example, we now know that Facebook has been logging details of every phone call and SMS message made or received by many Android phone users. And we know that Facebook’s incorporation as a system-level app on some devices means it’s been able to avoid privacy protections built into system software.

A company’s culture emanates from the top and it starts early. In 2004, the man who was in the process of creating Facebook allegedly called Harvard people who entrusted him with their emails, text messages, pictures, and addresses “dumb fucks”. Should we charitably assume he was joking, or ponder the revelatory power of such cracks?

It’s important to understand what’s going on here. Facebook isn’t sorry that it invaded people’s privacy and made it incredibly easy for people’s personal data to be abused. It’s sorry that we’ve found out about it.

We don’t know what the fallout of all of this will mean just yet. But it’s much more than just a technology story. Facebook is part of our lives, and as we’re beginning to discover, a very important part of politics. Facebook data wasn’t just weaponised by the Trump campaign but by the Leave.EU campaign too (with some really dodgy money moving around: Private Eye has done some excellent reporting on the links between Conservatives, the DUP and Leave.EU funding). We’re only just beginning to appreciate how deep this particular rabbit hole goes.

And that’s why I’m probably wrong that we’ll see a big effect on Facebook, let alone a rethink of the value of privacy and personal data in the digital world. There are some very powerful vested interests who really don’t want us to know what they’ve been using our personal data for.

Put it this way: on the Monday immediately after the Cambridge Analytica story broke, the its London offices were visited by a team of specialist digital forensics experts who came to audit its servers.

Not from the Information Commissioner’s office. They had to wait another four days to get a warrant, an extraordinarily long delay when we’re talking about a company storing digital information.

The forensic experts were from an organisation you don’t want anywhere near servers that might contain damning evidence about Facebook.



The best democracy money can buy

This is superb journalism, very frightening and quite clearly the tip of an iceberg.

Observer: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach.

The short version: one company surreptitiously and unethically gathered data on 1/3 of US Facebook users and used it to precision-target them with political messages on behalf of the Trump campaign.

The algorithm at the heart of the Facebook data breach sounds almost too dystopian to be real. It trawls through the most apparently trivial, throwaway postings –the “likes” users dole out as they browse the site – to gather sensitive personal information about sexual orientation, race, gender, even intelligence and childhood trauma.

A few dozen “likes” can give a strong prediction of which party a user will vote for, reveal their gender and whether their partner is likely to be a man or woman, provide powerful clues about whether their parents stayed together throughout their childhood and predict their vulnerability to substance abuse. And it can do all this without an need for delving into personal messages, posts, status updates, photos or all the other information Facebook holds.

Meet the data whistleblower.

How Likes became a weapon.

The same company was used by the Leave side during the run-up to the Brexit referendum.

The data in this scandal is a tiny proportion of the data Facebook has on everybody.

Here’s your regular reminder that Mark Zuckerberg, Facebook CEO, plans to run for President of the USA.

Return of the son of ID Cards

It turns out that the national political parties don’t have a monopoly on bad ideas: ID cards, something the SNP were very much against when they were planned for the UK, may appear in Scotland as a result of a minor NHS amendment. Jim Killock of the Open Rights Group:

in Scotland, the idea is alive and well, and the idea of giving everyone a unique identifier – and placing every citizens’ name and address into a single database – has not been given up by civil servants.

There’s a detailed analysis of it here (thanks to Heather at Idea15 Web Design for the heads-up):

The intention is to transform the current NHS Central Register (“NHSCR”) so it can be accessed by more bodies, to increase the number of individuals recorded in the Register, and to use a Unique Citizen Reference Number (“UCRN”) for each citizen.

The NHSCR can then be accessed by well over 120 Scottish public authorities (including police, prison, national security, visas and immigration) and certain publically owned companies.

It’s well worth a read. There’s a public meeting about it in Glasgow next week, too.

If it looks like a slippery slope, and sounds like a slippery slope…

In 2011, BT was ordered to block access to Newzbin2, a Usenet archive. “It’s the first time BT has been ordered to use its Cleanfeed porn-blocking system to block non-pornographic content,” I wrote at the time. “It won’t be the last… [this] turns ISPs into censors, and of course copyright infringement isn’t the only kind of content people would like to block. We’ve had calls to ban sites that espouse extreme political views, sites that promote anorexia, sites that discuss ways to commit suicide. If BT can block Usenet archives, why can’t it block everything that anybody thinks is unpleasant or undesirable – like WikiLeaks, or anti-Scientology sites, or anything that isn’t appropriate for under-fives?”

Inevitably, more blocks followed. The Pirate Bay is (in)effectively banned by UK ISPs. There are blocks on 1337x, Abmp3, BeeMP3, BitSnoop, Bomb-Mp3, eMp3World, ExtraTorrent, FileCrop, FilesTube, Monova, Mp3Juices, Mp3lemon, Mp3Raid, Mp3skull, NewAlbumReleases, Rapidlibrary, TorrentCrazy, TorrentDownloads, TorrentHound, Torrentreactor, and Torrentz, and many more.

And now, we’re going to start blocking things that the government thinks are unpleasant or undesirable. Today, The Guardian reports that “the government is to order broadband companies to block extremist websites” and identify content “deemed too dangerous for online publication.”

The proposed blocking will follow the same model as the blocking of illegal pornography – a model whose aims are obviously laudable but whose processes have attracted criticism over false positives (where legal content is wrongly identified and blocked) and secrecy. In effect, we’ll have a secret, unaccountable organisation looking at the internet and silently blocking “extremist” content.

What does “extremist” mean? Well, it means pretty much anything you want it to mean. Over the years, our governments’ definitions of extremist have included climate change protesters, the Campaign for Nuclear Disarmament, the anti-apartheid movement, animal rights activists, environmental activists and the Occupy movement. The word terrorism appears equally flexible, so for example it can be a synonym for journalism and used to detain the partners of journalists who embarrass the government, and it can be used to arrest students too.

I know it’s cliched to talk about slippery slopes, but when you can feel the ice underneath you and you’re shooting downwards, the phrase seems pretty accurate.

Who’s afraid of Google Glass?

glass2I’m fascinated by Google Glass, which is either a game-changer or one of those products that crashes and burns spectacularly. What interests me the most isn’t the tech, though. It’s how we’ll react to it. My gut feeling is that there’s a massive difference between people carrying around cameraphones and people actually having cameras strapped to their heads. I wrote about it for Techradar:

Imagine you’re in a playpark with your child and you see a funny-looking man wearing Glass, looking over. Would you feel comfortable? How about if the Glass owner is looking at you in the gym, or in a communal changing room, or is behind you on the escalator on a day you’re wearing a short skirt?

“I’d always assumed that my mobile operator’s filter was there to block donkey porn and midget wrestling, but it’s wider than that”

Me, on Techradar:

There is a big difference between blocking pornography and blocking speech, no matter how odious it may be, but filters brought in to block the former inevitably end up blocking the latter. Today it’s the BNP, and extremism, and The Pirate Bay. What will we have to protect our children from tomorrow?

One of the things that depresses me about my job is that dire predictions often come true, so for example when filters for illegal porn were introduced, many of us warned that other things would end up filtered too — and as the linked piece says, that’s exactly what’s happening now. It’s a similar story with the authorities’ use of personal data. Zack Whittaker at ZDNet:

The U.K. government is haemorrhaging data — private and confidential citizen data — from medical records to social security details, and even criminal records, according to figures obtained through Freedom of Information requests.

Just shy of 1,000 civil servants working at the Department for Work and Pensions (DWP), were disciplined for accessing personal social security records. The Department for Health (DoH), which operates the U.K.’s National Health Service and more importantly all U.K. medical records, saw more than 150 breaches occur over a 13-month period.

“Gun hats? What a brilliant idea!”

Another week, another faintly frightening bit of proposed state surveillance. Me, on Techradar:

What’s happening here is a classic bit of political manoeuvring. What’s supposed to happen is this: the security services ask for the power to do anything they like, plus some satellites with giant lasers and hats that can be used as guns, because that’s what the security services are supposed to do.

The government then tells the security services to get stuffed because we can’t afford gun hats, and because privacy is a fundamental human right.

Like Labour before them, the Tories have forgotten to do their bit. Instead of saying “get stuffed, you power-crazed doom-mongers!” they’ve said “Gun hats? What a brilliant idea!”

“One, we are not doing the right things. And two, the things we are doing are wrong”

Bruce Schneier talks about post-9/11 airport security.

Airports are effectively rights-free zones. Security officers have enormous power over you as a passenger. You have limited rights to refuse a search. Your possessions can be confiscated. You cannot make jokes, or wear clothing, that airport security does not approve of. You cannot travel anonymously. (Remember when we would mock Soviet-style “show me your papers” societies? That we’ve become inured to the very practice is a harm.) And if you’re on a certain secret list, you cannot fly, and you enter a Kafkaesque world where you cannot face your accuser, protest your innocence, clear your name, or even get confirmation from the government that someone, somewhere, has judged you guilty. These police powers would be illegal anywhere but in an airport, and we are all harmed—individually and collectively—by their existence.

The other side of SOPA and anti-piracy legislation

I like Michael Marshall, and his blog post about the other side of the piracy debate is worth your time. Not all anti-piracy sentiment comes from swivel-eyed loons or Disney.

The government is supposed to be on the side of laws, isn’t it? Copyright is a law too. If they don’t defend that law in the new kind of social space that the internet represents, where will the laxity end? What other laws will be let slide on the grounds that they might impede the rights of Internet users to do what the heck they feel like? What about your right to privacy? You care a lot about that one, don’t you? What makes it so desperately important for the government to defend your rights there, but not defend others’ rights to be paid for their intellectual property?