Wednesday, February 25, 2015

The post-digital social contract (part 3 of 3)


Restore balance and reclaim personal data

1.       The major actors – digital corporations and governments – need a haystack to find a needle.[i]  
They use a three step process to do this:
(1) Create and adapt models with inference engine and rules;
(2) Apply the model to data and match individuals to groups;
(3) Take actions based on the matching, observe the results and tune the model.[ii] The more data, the better the model.

2.       The old school design approach to controlling this surveillance is to ask questions like: What are the rules? What are the consent points? Where are consents held? What are the defaults (opt-in or opt-out)? What are the obligations to the individual?  How are those obligations met and monitored? How are obligations passed between actors? Can we regulate personal data markets? Should controls be centralized or distributed? What are the incentives? How do we resource enforcement?

3.       This old school design will not work. The solution cannot be designed from within the frame of reference of the problem. Governments and digital corporations are committed to the current operating model – institutions try to preserve the problem to which they are the solution. Accepting the parameters of data surveillance legitimizes the relationship between the surveiller and the surveillee.[iii] 

4.       The global personal data ecosystem must develop homeostatic controls to absorb the variety of the system. Dynamic equilibrium must balance the interests of the different actors using transparency, feedback loops, and intrinsic regulators.[iv]

5.       An effective future for the personal data ecosystem must manage this variety at a global level, cope with complexity and ambiguity, and be simple and easy to understand.  It must be designed for a future world and recognize that the rate of technological change is exponential, which is why it cannot use old school design. In the global village there are only Pulchinella’s secrets[v].

6.       There are no legal, political, economic or social levers that can control the data appetites of governments and corporations in the post-digital world.[vi] Once you eliminate the impossible, whatever remains, no matter how improbable, must be the truth. 

7.       The only option to achieve control is by using the technology to rebalance the asymmetry – similar to the coveillance idea proposed by Kevin Kelly.[vii] The technology must provide a facility for the surveillee to retrieve all information about their personal data including what has been collected, who has accessed the data, what data has been linked, and what inferences have been made.

8.       Personal data must be created with the ability to annotate and transmit information about what has happened to it. The annotations must be embedded in tamper-proof technology within the global personal data ecosystem, and the internet of things will need to manage these annotations.

9.       There are many questions that must be addressed in imagining this future – political economy, policy, leadership, engineering and technology – including:
·       What is the ethical foundation of the post-digital social contract? Why is it important and what are the underlying values?
·       Who has the interest, the insight and the energy to create the post-digital social contract? Where will leadership come from?
·       How can legitimate government espionage activities operate effectively in secret while preserving the values of the post-digital social contract?
·       What is the economic impact of the post-digital social contract? What happens to competitive advantage if there is full transparency of the personal data ecosystem?
·       Is it possible? Can technology attach persistent transmitters to individual items of personal data?

10.   I would like to think it is possible. The technology needs to be network-based and decentralized while maintaining trust and confidence. I have identified two areas where similar concepts are implemented in different domains – the blockchain and Distributed Object Numbering – which gives me some confidence that there is a technology that could achieve the rebalancing of information asymmetry.
·       The blockchain algorithm is currently applied in many digital currencies, of which Bitcoins are the best known. But some consider that the underlying technology could be a disruptive force in many other sectors – by creating a network of trust from untrusted components.[viii]
·       The Digital Object Architecture was designed to  enable all types of information to be managed over very long time frames, and has been defined in ITU standard X.1255 - a framework for discovery of identity.[ix]

11.   The future of the global personal data ecosystem need serious systems thinking, using expertise from a range of disciplines: lawyers & public policy analysts, commercial marketers & financiers, geeks & hackers, intellectuals, international governance specialists, privacy advocates, piracy advocates and data scientists.


[i] The Director of the NSA explained that they intercept all personal data to enable them to find “the needle in the haystack”
[ii] The model for placing people on no-fly lists is described in a 166 page manual analyzed by the Intercept ; more than 40% of the people on the list have no affiliation to a recognized terrorist group.
[iii] The idea that institutions become dedicated to the problem they set out to solve and so perpetuate the problem has been named (the Shirky Principle). As an aside, there are no English words for either of the 2 parties involved in surveillance.
[iv] These terms are taken from cybernetics; information on cybernetics can be found in An Introduction to Cybernetics (1956) by W Ross Ashby where he describes the Law of Requisite Variety, and in Brain of the Firm (1972) and Platform for Change (1975) by Stafford Beer, where he describes the Viable System Model.
[v] The idea that there are no secrets in the village was a central theme of Italian “commedia dell’arte” in the 16th century. Pulchinella Revisited explains how to derive four laws of secrecy in the information society.
[vi] As Evgeny Morozov says at the end of this long article   “the ultimate battle lines are clear. It’s a question of whether all these sensors, filters, profiles and algorithms can be used by citizens and communities for some kind of emancipation from bureaucracies and companies”  He suggests, in my view unrealistically,  that there is an option for social control of the big data stores.
[vii] “How can we have a world in which we are all watching each other, and everybody feels happy?”- a conversation.
[ix] For information on Digital Object Architecture refer to
Corporation for National Research Initiatives (CNRI) and Digital Object Numbering Authority

























Tuesday, February 24, 2015

The post-digital social contract (part 2 of 3).


The personal data ecosystem: Out of Trust, Out of Control

1.       The pre-digital social contract was straightforward:  I chose to disclose my secrets to others based on the level of trust in our relationship. I chose to reveal personal data when the value I got was more than the risk of something bad, based on the integrity of the other party. 

2.       Trust has been reduced by ubiquitous sensors and monitoring (such as mobile phone location sensing, CCTV with face recognition, and embedded systems[i]), people choosing to be “always on”, and the power of big data analytics to bring together data from different sources.  In a post-digital world we have no ability to assess the integrity of those making judgments on our personal data.

3.       Trust can be restored by integrity, reputation, and transparency – qualities that are increasingly absent in public world.[ii] The power and knowledge asymmetry breaks personal trust. So we must think laterally about how to rebalance the asymmetry.

4.        The personal information ecosystem is so complex that it cannot be categorized, controlled or managed.  There are endless articles about the volume of data created by and about people; there is not “too much data”, there is what there is.[iii] There are small patterns in big data (a very low signal to noise ratio), so exponential increases in data create more opportunity for inferences. Control must be embedded in different parts of the ecosystem, and must cover user generated data (name, registration details, email), observed data (location, search behavior, social connections), and inferred data (looking for new home, medical condition). 

5.       Inferred data can be crass, spooky, revealing and sometimes just plain wrong. The data algorithms are programmed and the results interpreted without context, often without any sensitivity or respect for the individual. Correlation does not mean causation.  But, once data has been interpreted, it becomes real, and is reinforced without the subject having any opportunity to correct errors.[iv]  Inferred data is the toxic zone of the personal data ecosystem.  

6.       The boundary between public and private knowledge is rapidly and dramatically changing as the personal data ecosystem expands.  This can be illustrated by using the Johari grid[v] to divide personal data into four categories. 



7.       Two changes relate to public information about the individual: (1) More personal information, previously only known to the individual, and disclosed to trusted others, is becoming “public”; and (2) More personal information previously “blind”, is also being shared, and thereby “public”.  Both these changes relate to the transparent and pervasive nature of digital media (in particular social media). Individuals have some control over the extent to which they share and read personal information online, making these changes relatively benign. 

8.        The third change – to inferred data – is more challenging.  Data from the “unknown” is moving into the “blind” – so that others know more things about me that I do not know - based on inferences from personal data harvested from the personal data ecosystem. This is the honeypot, where a lot of money can be made in a domain with no rules.[vi]    

9.       Personal Data is the new currency of the internet.  Personal data costs half a cent to collect and is worth around $1,200. People are clustered and their data is traded.   Why is this bad?  What is wrong with producing a list of left handed dentists who have visited Disneyland in the last 5 years?  What about selling a list of rape victims at $0.05 per name?  What about selling data on suspected alcoholics, HIV sufferers, or people inquiring about abortion?[vii]

10.   Privacy as a social norm has been replaced by privacy as a political norm, malleable by media and controllable by the powerful.  Polls in many countries report that the majority agree with the statement “it is worth losing some personal privacy in order to keep us safe from terrorist attacks”, but this view is not shared by minorities. The level of support is less about surveillance and more about trust in the organisation that is doing the surveilling.

11.   Many commentators are suggesting mechanisms (such as laws & regulations, or user education) to build a new post-digital social contract based on shared values on how personal data should be used.  This approach is dangerous because intelligent and well-intentioned people who understand the critical issues are diverted from building a robust post-digital social contract, and meanwhile power asymmetry increases.

12.   There are three major reasons that this approach will not work for the global personal data ecosystem: (1) there is no effective jurisdiction to create a regulatory and compliance regime; (2) there is no agreement on shared values across different cultures;[viii] (3) the approach will not control “bad actors”.[ix]

13.   In other domains, money is often used to crystallize the balance between competing claims, but personal data is different – ethically and economically. Ethically, there are generally agreed no-go areas for trading personal assets – kidneys, blood, babies – but for personal data there are no bright lines, only fuzzy edges. Economically, a personal data asset is a non-rival good – it can be shared without losing value. A new calculus is needed.

14.   The strategic risk is homogeneity - homogeneity reduces resilience. The personal data ecosystem needs diversity to be innovative and sustainable. By clustering individuals based on their profile, the profiled become the profile, become predictable and become exploitable.  Diversity has intrinsic value by creating and maintaining the variety of personal data. When patterns tell me who I am, I become what they tell me. The personal data ecosystem is a public good, and its future must not be viewed through a lens of property rights.


[i] Jacob Applebaum and Der Speigel reveal embedded equipment that supports state surveillance
[ii] Adam Curtis summed it up perfectly: “Nobody trusts anyone in authority today. It is one of the main features of our age. Wherever you look there are lying politicians, crooked bankers, corrupt police officers, cheating journalists and double-dealing media barons, sinister children's entertainers, rotten and greedy energy companies and out-of-control security services.” Suspicious Minds .
[iii] See for example The web in 60 seconds
[iv] No-fly lists are one example of this series of Kafkaesque tales
[v] The Johari Window was developed in the 1950s as a framework for understanding interpersonal relationships; its use in the personal data ecosystem was suggested to me by Kaliya Hamlin.
[vi] Examples of inferences include targeted marketing of products (“people who bought this, also bought this”), genome sequencing to identify pre-disposition to health events, and law enforcement (“has a family history of criminal behavior”). John Podesta , who led the Big Data review for the White House, commented that “One significant finding of our review was the potential for big data analytics to lead to discriminatory outcomes and to circumvent longstanding civil rights protections in housing, employment, credit, and the consumer marketplace.”
[vii] Sue Halpern has estimated that the personal data industry is $120 billion and talks about data sales in this video this video. .
[viii] While there could be general agreement to the statement ‘personal data collection is necessary to catch the terrorists’, this statement presents two problems: (1) how to decide who is a terrorist, recognizing that yesterday’s terrorists can become tomorrow’s governments; and (2) how to decide someone is a terrorist without gathering their personal data.
[ix] Bad actors (in both public and private sector) decide to ignore regulations to achieve other goals that they consider more important. If you trust an organisation with your data, you believe they will act in good faith (the good actor) and the personal data ecosystem can make this more efficient and effective. If you do not trust an organisation, any personal data ecosystem will not protect you; for example you can set a policy to require a company to confirm that they have deleted your data, but you cannot verify that your data is deleted.










Monday, February 23, 2015

The post-digital social contract (part 1 of 3).


Part 1 We can't put the genie back, the bottles have gone

1. The pre-digital social contract operated at a community, regional and national level.  It consisted of agreements on acceptable behavior between individuals, governments, companies and communities.  This social contract is broken; broken by the internet and technology, globalization, neo-liberal economics, and “the war on terror”.

2. The post-digital social contract is being created in real time by the actions of governments and digital corporations[i] based on massive asymmetries of power, knowledge and money. The result will be a single post digital social contract for the planet.

3.       The power asymmetry is never going to go away - between government and the individual, and between digital corporations and the individual.  To argue that surveillance by these powerful actors should be controlled and subject to "informed consent" is flawed.

4.       Governments will never give up their addiction[ii] to surveillance - regulations will only drive the surveillance beyond public scrutiny; a continuing succession of Chelsea Mannings and Edward Snowdens will reveal what is happening, the messengers will be shot, hands will be wrung, inquiries will inquire and nothing will change.

5.       Digital corporations complain about their coerced involvement in government surveillance as a diversion.  They argue that using their service is an option and if you don't like the value that they provide by consolidating your data, you can opt out. They will maintain this position and move jurisdictions to continue operations and avoid penalties.

6.       It will not be possible to turn back the surveillance machines, or even control them.

7.       Political leaders look to their law-making powers to establish control within their domain of digital sovereignty; this will not work.   Economically it is not practical – due to the strength of global markets and supply chains. Socially it is not practical – because people are connected across the globe by interactions, conversations and virtual workspaces.

8.       The post digital social contract has three major actors who place different priorities on the critical factors in the personal data ecosystem: privacy, security & public safety, and value creation. Consider the distribution of technical and economic power, and the embedded assumptions about each actor in the global personal data ecosystem.

Governments as actors in the global personal data ecosystem

9.       There are more than 190 national governments, all of whom are regulators as well as significant collectors of personal data.  This dual role creates tensions: many policy makers and political leaders want to establish controls on personal data collection, while at the same time making themselves exempt. In reality, a small number of nation states, those with sufficient political and economic power, will influence the future shape of the personal data ecosystem.

10.   The national security agencies in governments operate outside of any effective legal framework. The concept of the Deep State, a part of government uncontrolled by elected officials, is beginning to be more widely understood.[iii] While there is a legitimate rationale for spies, most state collection of personal data has a tenuous connection to national security. Legislation is not the answer to spying because spies operate beyond the law, and votes in the senate/parliament to cut budgets do not affect the deep state. By extending the ethics of the Deep State beyond the core function of espionage, governments invite scrutiny of broader surveillance activities.[iv] 

Digital corporations as actors in the global personal data ecosystem

11.   Digital corporations will not change for better global outcomes, because their principal motivation is growth and profit. Digital corporations avoid the cost of externalities; while they should fund the damage of their activities, environmental degradation and the global financial crisis have shown that this will not happen.

12.   Regulation of corporations at a national level will not work - bad actors in a global personal data ecosystem will move to data havens, similar to the movement of capital since it went global.[v] Production moves to the lowest cost environment; the long-run costs in the personal data ecosystem are not labor and raw materials, but the cost of regulatory compliance.

People as actors in the global personal data ecosystem

13.   It is not possible to make such clear statements about the third group of actors – the 3 billion people in the global personal data ecosystem.  Are they seduced by the sirens of free services in exchange for the monetization of their personal data? How do they balance the desire for reliable digital interaction with others and access to information against surveillance and monitoring in the name of safety and security? What about the growth of celebrity voyeurism, increased voluntary public disclosure, and reality TV?  Are people happy to be slaves to algorithms?  Are they willing to spend the time to curate their own digital footprints?

14.   In the pre-digital contract, people assumed the right to private communications.  We now know (with a debt of gratitude to brave individuals who have pushed digital disclosures and often paid a high personal price) that governments and corporations are both working to actively erode that presumption.  By keeping everything, governments are better equipped to find Bad Guys, and corporations are better equipped to make profits.

15.   What is the response of thinking activists? They can use social revolution to fight back –securing personal email communications, disconnecting from the net[vi], and creating floods of false positives – but power and critical mass will doom such efforts.

16.   Trust is broken. Can trust be restored as a basis for the post-digital social contract? Can technology and behaviors be adjusted to create a trustworthy foundation for the global personal data ecosystem? 


Notes

[i]Digital Corporations” refers to major personal data collectors and traders of personal data. Google, Microsoft, Apple, Yahoo, Facebook, Twitter, AOL and LinkedIn can be seen as the big 8 of data collection for western consumers. There are also sites like ВКонтакте (VK), 腾讯 (tencent), 新浪微博 (Sina Weibo) that have hundreds of millions of users. Traders in personal data are a growing segment of the personal data ecosystem, with billion dollar companies such as ChoicePoint, Acxiom and Seisint.
[ii] “I am America and I am addicted to data” was the claim in this article, but it is a sentiment that can be applied to most governments.
[iii] The very nature of the Deep State makes it impervious to description: the only people who know its true nature do not reveal what they know. The public get glimpses of the full extent of the Deep State through whistle-blowers, occasional leaks, and by historical reports on the behaviour of agencies such as the KGB and the Stasi. For more on the deep state see:
[iv] Although the National Research Council found in 2008 that “Automated identification of terrorists through data mining (or any other known methodology) is neither feasible .. nor desirable” government surveillance around the world continues to grow in capability and reach.
[v] Tax havens have grown to store more than $21 trillion since capital was globalized in the 1970s