Monday, January 8, 2018

The post-digital social contract (part 3 of 3)


Restore balance and reclaim personal data

1.       The major actors – digital corporations and governments – need a haystack to find a needle.[i]  
They use a three step process to do this:
(1) Create and adapt models with inference engine and rules;
(2) Apply the model to data and match individuals to groups;
(3) Take actions based on the matching, observe the results and tune the model.[ii] The more data, the better the model.

2.       The old school design approach to controlling this surveillance is to ask questions like: What are the rules? What are the consent points? Where are consents held? What are the defaults (opt-in or opt-out)? What are the obligations to the individual?  How are those obligations met and monitored? How are obligations passed between actors? Can we regulate personal data markets? Should controls be centralized or distributed? What are the incentives? How do we resource enforcement?

3.       This old school design will not work. The solution cannot be designed from within the frame of reference of the problem. Governments and digital corporations are committed to the current operating model – institutions try to preserve the problem to which they are the solution. Accepting the parameters of data surveillance legitimizes the relationship between the surveiller and the surveillee.[iii] 

4.       The global personal data ecosystem must develop homeostatic controls to absorb the variety of the system. Dynamic equilibrium must balance the interests of the different actors using transparency, feedback loops, and intrinsic regulators.[iv]

5.       An effective future for the personal data ecosystem must manage this variety at a global level, cope with complexity and ambiguity, and be simple and easy to understand.  It must be designed for a future world and recognize that the rate of technological change is exponential, which is why it cannot use old school design. In the global village there are only Pulchinella’s secrets[v].

6.       There are no legal, political, economic or social levers that can control the data appetites of governments and corporations in the post-digital world.[vi] Once you eliminate the impossible, whatever remains, no matter how improbable, must be the truth. 

7.       The only option to achieve control is by using the technology to rebalance the asymmetry – similar to the coveillance idea proposed by Kevin Kelly.[vii] The technology must provide a facility for the surveillee to retrieve all information about their personal data including what has been collected, who has accessed the data, what data has been linked, and what inferences have been made.

8.       Personal data must be created with the ability to annotate and transmit information about what has happened to it. The annotations must be embedded in tamper-proof technology within the global personal data ecosystem, and the internet of things will need to manage these annotations.

9.       There are many questions that must be addressed in imagining this future – political economy, policy, leadership, engineering and technology – including:
·       What is the ethical foundation of the post-digital social contract? Why is it important and what are the underlying values?
·       Who has the interest, the insight and the energy to create the post-digital social contract? Where will leadership come from?
·       How can legitimate government espionage activities operate effectively in secret while preserving the values of the post-digital social contract?
·       What is the economic impact of the post-digital social contract? What happens to competitive advantage if there is full transparency of the personal data ecosystem?
·       Is it possible? Can technology attach persistent transmitters to individual items of personal data?

10.   I would like to think it is possible. The technology needs to be network-based and decentralized while maintaining trust and confidence. I have identified two areas where similar concepts are implemented in different domains – the blockchain and Distributed Object Numbering – which gives me some confidence that there is a technology that could achieve the rebalancing of information asymmetry.
·       The blockchain algorithm is currently applied in many digital currencies, of which Bitcoins are the best known. But some consider that the underlying technology could be a disruptive force in many other sectors – by creating a network of trust from untrusted components.[viii]
·       The Digital Object Architecture was designed to  enable all types of information to be managed over very long time frames, and has been defined in ITU standard X.1255 - a framework for discovery of identity.[ix]

11.   The future of the global personal data ecosystem need serious systems thinking, using expertise from a range of disciplines: lawyers & public policy analysts, commercial marketers & financiers, geeks & hackers, intellectuals, international governance specialists, privacy advocates, piracy advocates and data scientists. 

Series first published March 2015


[i] The Director of the NSA explained that they intercept all personal data to enable them to find “the needle in the haystack”
[ii] The model for placing people on no-fly lists is described in a 166 page manual analyzed by the Intercept ; more than 40% of the people on the list have no affiliation to a recognized terrorist group.
[iii] The idea that institutions become dedicated to the problem they set out to solve and so perpetuate the problem has been named (the Shirky Principle). As an aside, there are no English words for either of the 2 parties involved in surveillance.
[iv] These terms are taken from cybernetics; information on cybernetics can be found in An Introduction to Cybernetics (1956) by W Ross Ashby where he describes the Law of Requisite Variety, and in Brain of the Firm (1972) and Platform for Change (1975) by Stafford Beer, where he describes the Viable System Model.
[v] The idea that there are no secrets in the village was a central theme of Italian “commedia dell’arte” in the 16th century. Pulchinella Revisited explains how to derive four laws of secrecy in the information society.
[vi] As Evgeny Morozov says at the end of this long article   “the ultimate battle lines are clear. It’s a question of whether all these sensors, filters, profiles and algorithms can be used by citizens and communities for some kind of emancipation from bureaucracies and companies”  He suggests, in my view unrealistically,  that there is an option for social control of the big data stores.
[vii] “How can we have a world in which we are all watching each other, and everybody feels happy?”- a conversation.
[ix] For information on Digital Object Architecture refer to
Corporation for National Research Initiatives (CNRI) and Digital Object Numbering Authority

























The post-digital social contract (part 2 of 3).


The personal data ecosystem: Out of Trust, Out of Control

1.       The pre-digital social contract was straightforward:  I chose to disclose my secrets to others based on the level of trust in our relationship. I chose to reveal personal data when the value I got was more than the risk of something bad, based on the integrity of the other party. 

2.       Trust has been reduced by ubiquitous sensors and monitoring (such as mobile phone location sensing, CCTV with face recognition, and embedded systems[i]), people choosing to be “always on”, and the power of big data analytics to bring together data from different sources.  In a post-digital world we have no ability to assess the integrity of those making judgments on our personal data.

3.       Trust can be restored by integrity, reputation, and transparency – qualities that are increasingly absent in public world.[ii] The power and knowledge asymmetry breaks personal trust. So we must think laterally about how to rebalance the asymmetry.

4.        The personal information ecosystem is so complex that it cannot be categorized, controlled or managed.  There are endless articles about the volume of data created by and about people; there is not “too much data”, there is what there is.[iii] There are small patterns in big data (a very low signal to noise ratio), so exponential increases in data create more opportunity for inferences. Control must be embedded in different parts of the ecosystem, and must cover user generated data (name, registration details, email), observed data (location, search behavior, social connections), and inferred data (looking for new home, medical condition). 

5.       Inferred data can be crass, spooky, revealing and sometimes just plain wrong. The data algorithms are programmed and the results interpreted without context, often without any sensitivity or respect for the individual. Correlation does not mean causation.  But, once data has been interpreted, it becomes real, and is reinforced without the subject having any opportunity to correct errors.[iv]  Inferred data is the toxic zone of the personal data ecosystem.  

6.       The boundary between public and private knowledge is rapidly and dramatically changing as the personal data ecosystem expands.  This can be illustrated by using the Johari grid[v] to divide personal data into four categories. 



7.       Two changes relate to public information about the individual: (1) More personal information, previously only known to the individual, and disclosed to trusted others, is becoming “public”; and (2) More personal information previously “blind”, is also being shared, and thereby “public”.  Both these changes relate to the transparent and pervasive nature of digital media (in particular social media). Individuals have some control over the extent to which they share and read personal information online, making these changes relatively benign. 

8.        The third change – to inferred data – is more challenging.  Data from the “unknown” is moving into the “blind” – so that others know more things about me that I do not know - based on inferences from personal data harvested from the personal data ecosystem. This is the honeypot, where a lot of money can be made in a domain with no rules.[vi]    

9.       Personal Data is the new currency of the internet.  Personal data costs half a cent to collect and is worth around $1,200. People are clustered and their data is traded.   Why is this bad?  What is wrong with producing a list of left handed dentists who have visited Disneyland in the last 5 years?  What about selling a list of rape victims at $0.05 per name?  What about selling data on suspected alcoholics, HIV sufferers, or people inquiring about abortion?[vii]

10.   Privacy as a social norm has been replaced by privacy as a political norm, malleable by media and controllable by the powerful.  Polls in many countries report that the majority agree with the statement “it is worth losing some personal privacy in order to keep us safe from terrorist attacks”, but this view is not shared by minorities. The level of support is less about surveillance and more about trust in the organisation that is doing the surveilling.

11.   Many commentators are suggesting mechanisms (such as laws & regulations, or user education) to build a new post-digital social contract based on shared values on how personal data should be used.  This approach is dangerous because intelligent and well-intentioned people who understand the critical issues are diverted from building a robust post-digital social contract, and meanwhile power asymmetry increases.

12.   There are three major reasons that this approach will not work for the global personal data ecosystem: (1) there is no effective jurisdiction to create a regulatory and compliance regime; (2) there is no agreement on shared values across different cultures;[viii] (3) the approach will not control “bad actors”.[ix]

13.   In other domains, money is often used to crystallize the balance between competing claims, but personal data is different – ethically and economically. Ethically, there are generally agreed no-go areas for trading personal assets – kidneys, blood, babies – but for personal data there are no bright lines, only fuzzy edges. Economically, a personal data asset is a non-rival good – it can be shared without losing value. A new calculus is needed.

14.   The strategic risk is homogeneity - homogeneity reduces resilience. The personal data ecosystem needs diversity to be innovative and sustainable. By clustering individuals based on their profile, the profiled become the profile, become predictable and become exploitable.  Diversity has intrinsic value by creating and maintaining the variety of personal data. When patterns tell me who I am, I become what they tell me. The personal data ecosystem is a public good, and its future must not be viewed through a lens of property rights.


[i] Jacob Applebaum and Der Speigel reveal embedded equipment that supports state surveillance
[ii] Adam Curtis summed it up perfectly: “Nobody trusts anyone in authority today. It is one of the main features of our age. Wherever you look there are lying politicians, crooked bankers, corrupt police officers, cheating journalists and double-dealing media barons, sinister children's entertainers, rotten and greedy energy companies and out-of-control security services.” Suspicious Minds .
[iii] See for example The web in 60 seconds
[iv] No-fly lists are one example of this series of Kafkaesque tales
[v] The Johari Window was developed in the 1950s as a framework for understanding interpersonal relationships; its use in the personal data ecosystem was suggested to me by Kaliya Hamlin.
[vi] Examples of inferences include targeted marketing of products (“people who bought this, also bought this”), genome sequencing to identify pre-disposition to health events, and law enforcement (“has a family history of criminal behavior”). John Podesta , who led the Big Data review for the White House, commented that “One significant finding of our review was the potential for big data analytics to lead to discriminatory outcomes and to circumvent longstanding civil rights protections in housing, employment, credit, and the consumer marketplace.”
[vii] Sue Halpern has estimated that the personal data industry is $120 billion and talks about data sales in this video this video. .
[viii] While there could be general agreement to the statement ‘personal data collection is necessary to catch the terrorists’, this statement presents two problems: (1) how to decide who is a terrorist, recognizing that yesterday’s terrorists can become tomorrow’s governments; and (2) how to decide someone is a terrorist without gathering their personal data.
[ix] Bad actors (in both public and private sector) decide to ignore regulations to achieve other goals that they consider more important. If you trust an organisation with your data, you believe they will act in good faith (the good actor) and the personal data ecosystem can make this more efficient and effective. If you do not trust an organisation, any personal data ecosystem will not protect you; for example you can set a policy to require a company to confirm that they have deleted your data, but you cannot verify that your data is deleted.










The post-digital social contract (part 1 of 3).


Part 1 We can't put the genie back, the bottles have gone

1. The pre-digital social contract operated at a community, regional and national level.  It consisted of agreements on acceptable behavior between individuals, governments, companies and communities.  This social contract is broken; broken by the internet and technology, globalization, neo-liberal economics, and “the war on terror”.

2. The post-digital social contract is being created in real time by the actions of governments and digital corporations[i] based on massive asymmetries of power, knowledge and money. The result will be a single post digital social contract for the planet.

3.       The power asymmetry is never going to go away - between government and the individual, and between digital corporations and the individual.  To argue that surveillance by these powerful actors should be controlled and subject to "informed consent" is flawed.

4.       Governments will never give up their addiction[ii] to surveillance - regulations will only drive the surveillance beyond public scrutiny; a continuing succession of Chelsea Mannings and Edward Snowdens will reveal what is happening, the messengers will be shot, hands will be wrung, inquiries will inquire and nothing will change.

5.       Digital corporations complain about their coerced involvement in government surveillance as a diversion.  They argue that using their service is an option and if you don't like the value that they provide by consolidating your data, you can opt out. They will maintain this position and move jurisdictions to continue operations and avoid penalties.

6.       It will not be possible to turn back the surveillance machines, or even control them.

7.       Political leaders look to their law-making powers to establish control within their domain of digital sovereignty; this will not work.   Economically it is not practical – due to the strength of global markets and supply chains. Socially it is not practical – because people are connected across the globe by interactions, conversations and virtual workspaces.

8.       The post digital social contract has three major actors who place different priorities on the critical factors in the personal data ecosystem: privacy, security & public safety, and value creation. Consider the distribution of technical and economic power, and the embedded assumptions about each actor in the global personal data ecosystem.

Governments as actors in the global personal data ecosystem

9.       There are more than 190 national governments, all of whom are regulators as well as significant collectors of personal data.  This dual role creates tensions: many policy makers and political leaders want to establish controls on personal data collection, while at the same time making themselves exempt. In reality, a small number of nation states, those with sufficient political and economic power, will influence the future shape of the personal data ecosystem.

10.   The national security agencies in governments operate outside of any effective legal framework. The concept of the Deep State, a part of government uncontrolled by elected officials, is beginning to be more widely understood.[iii] While there is a legitimate rationale for spies, most state collection of personal data has a tenuous connection to national security. Legislation is not the answer to spying because spies operate beyond the law, and votes in the senate/parliament to cut budgets do not affect the deep state. By extending the ethics of the Deep State beyond the core function of espionage, governments invite scrutiny of broader surveillance activities.[iv] 

Digital corporations as actors in the global personal data ecosystem

11.   Digital corporations will not change for better global outcomes, because their principal motivation is growth and profit. Digital corporations avoid the cost of externalities; while they should fund the damage of their activities, environmental degradation and the global financial crisis have shown that this will not happen.

12.   Regulation of corporations at a national level will not work - bad actors in a global personal data ecosystem will move to data havens, similar to the movement of capital since it went global.[v] Production moves to the lowest cost environment; the long-run costs in the personal data ecosystem are not labor and raw materials, but the cost of regulatory compliance.

People as actors in the global personal data ecosystem

13.   It is not possible to make such clear statements about the third group of actors – the 3 billion people in the global personal data ecosystem.  Are they seduced by the sirens of free services in exchange for the monetization of their personal data? How do they balance the desire for reliable digital interaction with others and access to information against surveillance and monitoring in the name of safety and security? What about the growth of celebrity voyeurism, increased voluntary public disclosure, and reality TV?  Are people happy to be slaves to algorithms?  Are they willing to spend the time to curate their own digital footprints?

14.   In the pre-digital contract, people assumed the right to private communications.  We now know (with a debt of gratitude to brave individuals who have pushed digital disclosures and often paid a high personal price) that governments and corporations are both working to actively erode that presumption.  By keeping everything, governments are better equipped to find Bad Guys, and corporations are better equipped to make profits.

15.   What is the response of thinking activists? They can use social revolution to fight back –securing personal email communications, disconnecting from the net[vi], and creating floods of false positives – but power and critical mass will doom such efforts.

16.   Trust is broken. Can trust be restored as a basis for the post-digital social contract? Can technology and behaviors be adjusted to create a trustworthy foundation for the global personal data ecosystem? 


Notes

[i]Digital Corporations” refers to major personal data collectors and traders of personal data. Google, Microsoft, Apple, Yahoo, Facebook, Twitter, AOL and LinkedIn can be seen as the big 8 of data collection for western consumers. There are also sites like ВКонтакте (VK), 腾讯 (tencent), 新浪微博 (Sina Weibo) that have hundreds of millions of users. Traders in personal data are a growing segment of the personal data ecosystem, with billion dollar companies such as ChoicePoint, Acxiom and Seisint.
[ii] “I am America and I am addicted to data” was the claim in this article, but it is a sentiment that can be applied to most governments.
[iii] The very nature of the Deep State makes it impervious to description: the only people who know its true nature do not reveal what they know. The public get glimpses of the full extent of the Deep State through whistle-blowers, occasional leaks, and by historical reports on the behaviour of agencies such as the KGB and the Stasi. For more on the deep state see:
[iv] Although the National Research Council found in 2008 that “Automated identification of terrorists through data mining (or any other known methodology) is neither feasible .. nor desirable” government surveillance around the world continues to grow in capability and reach.
[v] Tax havens have grown to store more than $21 trillion since capital was globalized in the 1970s  
 






























Friday, December 15, 2017

Declaration of Independence for the Internet


Corporations of the Information Industries, you weary giants of silicon and cables, I am from the Internet where we belong to many countries and to no countries. On behalf of the future, I ask you to treat our communities with respect. Your financial values are not welcome among us. You have no voice where we gather.

We have no elected governance, so I address you with no greater authority than that with which liberty itself always speaks. We declare the Internet to be naturally independent of the monopolies you seek to impose. You have no moral right to control our information or our discourse.

We have previously declared our independence from government control. We now declare that corporations do not govern the Internet. We will not rest in protecting what we have created.

Governance derives its just powers from the consent of the governed. You have neither solicited nor received ours. Your terms and conditions do not bind us. You do not know the richness and diversity of our world. Do not think that you can dominate it – you cannot. Our world has strength through diversity. We will resist homogenisation and colonisation of individuals, cultures and indigenous peoples. Surplus, not scarcity, will be the foundation for the Internet that we grow, using our collective actions.

You seek to control our great and gathering conversations, but  you have done nothing but plunder the wealth of our meeting places. You cannot accommodate our diversity, our desire to be both consumers and creators, or our instant sharing of information everywhere. We have created an uncaptureable Internet built on interactions and relationships between people, a world that is both everywhere and nowhere. We have no need of gatekeepers.

We want to live with an Internet that all may enter without privilege or prejudice accorded by race, gender, location, economic power, military force, language or station of birth. We reject differentiation between the digital bits that carry the sentiments and expressions of humanity, from the debasing to the angelic, all parts of a seamless global conversation.

We want to live with an Internet where anyone anywhere may express their beliefs, no matter how singular, without fear of being coerced into silence or conformity.  We reserve a special place for the creators and makers, who draw from their human experience to create and share meaning.

We believe that from ethics, enlightened self-interest, and the commonweal, collective governance will emerge. We are citizens of different countries and also citizens of the Internet. Our identities are distributed across your walled gardens. The only law that all our constituent cultures generally recognize is the Golden Rule. We hoped that you would build solutions on that basis. But we cannot accept the solutions you are attempting to impose. We reject your financial models that venerate advertising and trade personal information, riding roughshod over personal privacy.

Apple, Google/Alphabet, Amazon, Facebook, Microsoft, TenCent, AliBaba and a myriad of other corporate actors are erecting tollbooths across the Internet. You control what we access with your biased algorithms, designed from your perches of privilege, over which we have no recourse.  We demand transparency of your methods to filter and present our information. We demand that you provide redress to those adversely affected by your algorithms. We demand that you take accountability for your actions, and ensure that they do not create discriminatory bias.

Your increasingly obsolete information models perpetuate themselves by concentrating wealth and controlling speech throughout the world. These algorithms declare ideas, and the people that create them, to be another industrial product no more noble than pig iron. We believe that these ideas are the very heart and soul of the Internet, and must be treated with respect.

The Internet is not a single global community, but a vast collection of distributed communities.  This decentralisation of identities, values and data is threatened by your actions.  Your increasing colonisation places us in the same position as previous lovers of freedom and self-determination who rejected the authorities of distant, uninformed powers. We declare our virtual selves immune to your control, and do not consent to your rule over our lives.

We are the makers; we have the skills, the ethos, and the determination to create a better world built on the values of freedom and trust.  We will make the Internet as the digital commune of the future, built on surplus not scarcity. May it be more humane and fair than the world your corporations have made.

Laurence Millar, with thanks to John Perry Barlow

Wellington, New Zealand

15 December 2017

Monday, November 20, 2017

Digital Goverment? Sort of.



I regained my sense of excitement about digital technologies during my two days at the NetHui2017. Maybe it was the unusual gender balance at the front of the room: three keynote speakers - all female, a female MC, one all-female panel and 50-50 split on the other panel I attended. Maybe it was the agenda* set by the new Minister with a portfolio of all things digital, which seem to embrace the values and priorities of the Internet community in New Zealand (*start video at 27:00). Maybe it was reconnecting with the community after several years mostly working outside New Zealand. Whatever the reason I came away rejuvenated and motivated to resume this blog.

This post is about my recent application for New Zealand superannuation (“National Super”) with scores for digital on a scale from A+ and F at the different stages.

It started with an A+: the government knew that I would turn 65 in December and wrote me a letter telling me how to apply - a return on investment for all the time I spent completing my date of birth on government forms. Proactive notification of entitlements to citizens shows how government can use information that it has collected, rather than placing it in write-only storage. Some may require a digital notification for an A+, but I see proactive service delivery as transformational.

 
The letter explained that I should call an 0800 number to get a client reference number, After 20 minutes wait time, I explained what I needed and was transferred to the National Super call centre. Why not give the correct number in the proactive notification letter?

Armed with my client reference number I started the online application process. I used the option of logging in with RealMe, no need for another password to access a government service.

 
My wife had applied for superannuation earlier in the year with all of her details and many of mine. Some of the information she had provided was already prefilled in my online application; some was not and I needed to re-enter the same data. The date she arrived in New Zealand was incorrect – had the data from her application been manually re-keyed into another system?

I was told I needed to visit an MSD office with my wife to present evidence of my identity, was offered an appointment the next day and received immediate confirmation.

I needed to bring documentary evidence of my identity and address. Asking my computer screen why I needed to do this, when Government had already provided me with a RealMe verified identity provided some release of my frustration but no answer. 


The meeting started at the scheduled time and was moderately efficient, although there did seem to be some work involved in copying information from one computer screen to another.

I provided my passport, driving license, and the letter the government sent me to start this process. The officer made photocopies of these documents (which had all been produced from data in government computers). It was only later I realised that I had taken my expired rather than my current passport. The officer asked whether I had signed the online application; I said that I had ticked the box and submitted the form online. She printed the form for me to sign physically, and the meeting was over. The officer explained that the physical interview was not needed for applicants born in New Zealand and this might be extended to people born overseas in the future. It was not clear why my wife needed to be there.

Some may consider a “Fail” to be a bit harsh. I appreciate the need to verify identity before setting someone up with a regular government payment for the rest of their life. However, I already have a verified digital identity issued by the government, the interview itself added no value, my wife did not need to be there, and government is now storing photocopies of my passport and driving license for no reason; this is clear evidence of unnecessary “make work”.

I score the overall process as a B; there were some very good aspects, such as proactive notification and confirmed timely appointments. However as a digital experience it fell well short of what is possible. A citizen who has lived at the same address in New Zealand for more than 30 years and holds a verified digital identity issued by the government should be able to complete the whole application online. 

The government target is that 80% of the transactions for the twenty most common public services will be completed digitally by 2021. Application for National Super was not included in the original list of common public services, but has recently been added.  It could be an “quick win”  for online uptake, but process redesign is needed to achieve the full potential of digital government.