The right be forgotten roadshow – and the power of Google.

Screen Shot 2014-09-16 at 20.39.49I read with interest Professor Luciano Floridi’s report from the first two legs of what the Guardian described as ‘Google’s privacy ethics tour of Europe’. Floridi is Professor of Philosophy and Ethics of Information at the Oxford Internet Institute, and one of the experts appointed by Google to its ‘Advisory Council’ on the right to be forgotten.

As would be expected from such an expert, it is a well crafted report and explains very well some of the key ethical questions being addressed through this public consultation. As Floridi puts it:

“The two words most frequently used by all participants in the meetings were “complex” and “balance”, and they describe the situation well. The debate is complex because there are many elements interacting with each other.

The actual ruling, with its pro and contra, including its inconsistency with the advocate-general’s opinion; the role of search engines as intermediaries or data controllers; the difference between availability and accessibility of information online; the so-called rights (to be forgotten, to information), the real rights behind them (privacy and freedom of expression), and the ways in which they are interpreted on the two sides of the Atlantic; the concepts of relevance and of public interest, both very slippery; the procedural uncertainty about who should decide which links are rightfully removed and who should be informed about it.”

There is one element, however, conspicuous by its absence from Floridi’s analysis: a consideration of the power of Google. That power is considerable, and wielded in many different ways. Indeed, it could be said that the power of Google is at the heart of the whole debate over the right to be forgotten, and without taking it properly into account it will be impossible to come to sensible, practical and effective conclusions over how to deal with the right to be forgotten.

Power over what is found – and not found

The reason behind the Google Spain ruling, to start with, was connected with the power that Google wields: ‘Googling’ someone is probably the most important way to find out information about a person. The Spanish man about whom the ruling was concerned felt that when he was Googled the information was misleading and unfair. Google is at the heart of things: how they set their algorithms, how they index the web, what they include and exclude, what they rate highly – and what they rate as insignificant – matters in ways that are often hugely underestimated. And yet, if you read a lot of commentary – even the expert commentary of Professor Floridi – it seems as though Google are a mere conduit, their algorithm organic and their results generated purely in the interests of freedom of expression. If it’s interesting and relevant, those algorithms will find it for you. Google, in this view, are a purely neutral organisation, providing a service to the planet.

That’s a deeply naive assumption. Google is a business – and like all businesses, its bottom line is the bottom line. Google will do what is best for Google as a business. That may often turn out to be what serves freedom of expression best – if we can’t find what we need to find by using Google, we’ll find another way – but sometimes it won’t be. Google takes down masses of links on the basis of copyright claims – because its interests are best served by complying with the law of copyright and by keeping cordial relations with the rights-holders. That’s an infringement of freedom of expression – but in the eyes of the law and the eyes of Google, an acceptable one. Google doesn’t link to child abuse images – and quite rightly so – but that’s also an infringement of freedom of expression. Google complies with local laws and other considerations as and when Google finds it appropriate to do so – and there’s absolutely nothing wrong with that approach. Indeed, it’s an entirely appropriate approach – but it means that casting Google as the great champion of freedom of expression is only telling part of the story.

Power to set the agenda

The second aspect of power that needs to be taken into account is Google’s power to control the process and indeed to set the agenda. This whole roadshow was set up by Google – the advisory council was set up by Google, where they visit and when, who is called to give evidence, what the agenda of their meetings are and so forth is all, directly or indirectly controlled by Google. Again, there’s nothing wrong with this, and in some ways it’s entirely appropriate, but it does mean that it should be viewed in that context. This isn’t some neutral, independent body making an academic analysis of the ethics of the right to be forgotten – it’s a Google appointed body, somewhat akin to a board of trustees, taking soundings on Google’s terms. They wouldn’t have been appointed if they weren’t either predisposed to be on Google’s side, or at least seen to be malleable. It also reflects an apparent tactic that Google has employed in the internet governance and regulation space more generally. By giving individuals with high personal reputation positions of importance, flying them on private jets, and generally treating them like royalty, Google creates powerful external allies. Google’s eight experts are already acting in some ways as though they were more expert than the DPAs and other European organs: it gives Google a chance to blend its choices between the best of a set of alternatives. The DPAs do, at least, appear to have noticed this.

Google seems to have been setting the agenda over the reporting of the right to be forgotten since the day it came out – many (including myself) have wondered whether Google has been deliberately overreacting to the ruling, deleting links to stories when they really didn’t have to, to try to make the ruling look ridiculous. Those stories began very shortly after the ruling, but they continue to this day – the most recent being the story that links to a positive story about an artist being removed seemingly at the artist’s desire. It’s a deeply unconvincing story, and generally couched in terms that misunderstand the ruling. Suggestions that Google was ‘forced’ to remove the link are quite wrong: a request is made, and then Google can decide to delete or not to delete – deletions being if the information is old or irrelevant – and if they choose not to, the requester can either take legal action or ask the data protection authority to adjudicated. Even in the Guardian, which really should know better, it was suggested that “Google was required to enact the court’s decision”. No. Google was not required to do so. They could, and on the face of it they should, have refused to do so. If they were really the guardians of freedom of expression, they would have – but there are wheels within wheels here, and making the ruling look ridiculous seems, again, at least on the face of it, to matter more to them.

Power in other ways

Google’s immense resources mean that it can wield its power in many more ways. Lobbying, both open and hidden, is a big deal – the amount of effort put into shaping the reform of the data protection regime so it suits Google better has been colossal. Current and ex-Googlers are now in the House of Lords (Joanna Shields, appointed by David Cameron in August, used to run Google’s Europe division) and in the White House (Megan Smith, Google VP for Development is Obama’s new Chief Technology Officer and senior technology advisor, appointed earlier this month). Google provides funding to think tanks, and to academic organisations – indeed, they’re one of the biggest funders in these areas. Though this funding is given without strings attached, it is hard not to feel that there is at least some influence on the subjects that are researched, and the terms on which they are researched. No-one bites the hand that feeds them without at least thinking about it. Google has a critical role to play in how technology functions, how businesses function – and in how the media functions. The media in particular sometimes seems far less critical of Google than it might be – except in terms of its taxation policies.

None of this should detract from the way that Google does provide great products – and that things like its search engine do provide a huge amount of help for freedom of expression and so forth. That, however, should not prevent us from seeing the impact of the power that it wields – and taking that power into account when looking at things like privacy and freedom of expression. When trying, as Professor Floridi says, to find the right balance, with all those complex factors to deal with, that power must be taken into account. If it isn’t, that balance will never be found.

 

 

 

The Resurrection of Privacy?

The video below is the slideshow of my presentation this morning at the Society of Legal Scholars conference in Nottingham – and what follows it are some brief notes to support it. Some of this is speculative and some of it is contentious – particularly in relation to the relative importance of corporate and governmental surveillance – and this is an early stage of this research, though it builds on the work in my book, Internet Privacy Rights. I should also note that this is a development of the paper I gave at BILETA earlier this year: ‘who killed privacy?’

 

The Resurrection of Privacy?

In 1999, Scott McNealy, then CEO of Sun Microsystems, famously said:

“You have zero privacy anyway. Get over it.”

Events and developments since 1999 have hardly improved the prospects for privacy: the growth of social networking, technological developments like smartphones, geo-location, business ideas such as behavioural tracking and, most recently, the revelations from Edward Snowden about the near universal surveillance systems of the NSA, GCHQ and others. If privacy was in trouble in 1999, the argument that it is at least close to death in 2014 is much stronger.

That brings two questions:

  • If privacy is dead, who killed it? Did we kill it ourselves? Is it the activities of government agencies like the NSA and GCHQ, or of businesses like Google and Facebook?
  • If if privacy is in fact dead, is there a possible route towards its resurrection?

Suspect 1: us!

On the face of it, it might appear as though we ourselves have simply given up on privacy. We’ve killed it ourselves by embracing all the privacy-invasive technology that’s offered to us, by failing even to read privacy policies, by allowing the intelligence services to do whatever they want, with barely a murmur of protest. More than a billion of us have joined Facebook, for example, a service based at least in some ways on giving up on privacy, sharing our most intimate information.

That, however, is not the whole story. In many ways it appears that what we have done has been through a lack of awareness rather than by deliberate decisions. The extent to which people understand how systems like Facebook work is hard to gauge – but the surprise that people show when bad things happen suggests that there isn’t a great deal of awareness. It also appears that people are becoming more aware – and as they become more aware, they’re making more privacy-based decisions, taking control of their privacy settings and so forth.

Further, when we’re given the chance to see how intelligence agencies work, we don’t seem to be happy about it – though less, it has to be acknowledged, in the UK than in many other countries. Even so, when the Communications Data Bill was put under full scrutiny, it was rejected – in part because of the public reaction. Further, studies show that people don’t like behavioural advertising – and dislike it more when they learn more about how it works.

All this suggests that we aren’t really the key to the death of privacy: we’re more like unwitting accomplices.

Suspect 2: the NSA and GCHQ

The revelations of Edward Snowden about the surveillance activities sent shockwaves through the internet. Many people had already believed that the NSA, GCHQ and other agencies performed surveillance on the internet – Snowden’s revelations seemed to prove it, and to suggest that the level of surveillance was greater even than that feared by the more extreme of conspiracy theorists. Not just had they been gathering telephony and internet data and building (in the US) massive data centres, but they’d been accessing the servers of the big commercial internet providers, tapping into undersea cables, intercepting traffic between server sites and undermining encryption systems – and much more. The level of privacy invasion is extreme.

However, until Edward Snowden revealed all of this, the agencies were working largely in secret – and while this still constitutes a major invasion of privacy, the impact on people’s behaviour is much smaller. If we don’t know we’re being watched, our actions aren’t chilled – and our beliefs about privacy are not changed. Moreover, the kind of harms done to people by surveillance by the NSA and GCHQ are indirect, at least for most people. Finally, and most importantly, if it were not for the commercial operators’ surveillance, the NSA and GCHQ would have far less to ‘feed’ on.

All this is not to dismiss the role of the intelligence services or indeed the impact of their surveillance activities – they should be resisted with the utmost vigour – but in terms of the death of privacy, they can be seen more as opportunist accomplices, rather than instigators.

Suspect 3: businesses like Facebook and Google

The role of the commercial operators on the internet, on the other hand, is both deeper and more significant either than is often believed or than the role of governments and government agencies on their own. The commercial entities have contributed to the decline of privacy in three kinds of ways:

  • Systematic – commercial entities have undermined privacy both in technological and business model senses, developing technologies to invade privacy and business models that depend on systematic and essentially covert gathering of personal data. Businesses have also lobbied strongly to reduce the effectiveness of legal privacy protection. In Europe they have done their best to undermine and weaken data protection – including the on-going reform process. They continue to do so, for example in relation to the right to be forgotten. In the US, they have contributed to the effective scuppering of the Do Not Track initiative.
  • Cooperative – businesses have been working with governments, sometimes willingly, sometimes unwillingly, sometimes knowingly and sometimes unknowingly. The extent of this cooperation and the extent to which is has been willing is unclear – though recent statements from the NSA have suggested that they did know about it and did cooperate willingly. Further, they kept this cooperation secret – until it was revealed by the Snowden leaks.
  • Normative – businesses have been attempting to undermine the idea that privacy is something to value and something of importance. Mark Zuckerberg’s suggestion that ‘privacy is no longer a social norm’ is reflected not just words but actions, encouraging people to ‘share’ information of all kinds rather than consider the privacy impact. Further, they continue to develop technologies that invade privacy inherently – from geo-technology to wearable health monitoring and things like Google Glass.

All this combines to make the role of the businesses look most significant – if anyone is guilty of killing privacy, it is Facebook and Google rather than the NSA and GCHQ. Moreover, the harms to most people possible from corporate surveillance are both tangible and more likely than harms from the NSA and GCHQ: impact on things like insurance, credit ratings, employability, relationships and so forth are not just theoretical.

As Bruce Schneier put it:

“The NSA didn’t wake up and say, ‘Let’s just spy on everybody.’ They looked up and said, ‘Wow, corporations are spying on everybody. Let’s get ourselves a copy.’”

And as Timothy Garton Ash said when considering the Stasi:

“…the Minister for State Security observed that the results achieved by his ministry ‘would be unthinkable without the energetic help and support of the citizens of our country’. ‘For once,’ I comment, ‘what the Minister says is true.’”

Where the Stasi needs the citizen informers, the new surveillance programmes need the ISPs and the internet giants – the Googles, Facebooks, Microsofts, Yahoo!s, Apples and so forth. That is what makes their role in the reverse so important.

The resurrection of privacy

In the post-Snowden environment, at least on the surface, businesses have started to take a more ‘pro-privacy’ stance. Whether that meaningful, or they are just paying lip service to it, has yet to be seen. Their role, however, is crucial.

Reversing the three roles noted above – systematic, cooperative and normative – could produce a positive impact for privacy, effectively being a part of the ‘resurrection’ of privacy:

  • Systematic – businesses could play a part by building more robust technology and developing more privacy-friendly business models
  • Cooperative – and Resistant. Businesses could cooperate more with civil society and academia in working towards privacy – and could do more to resist being co-opted by governments, not just being more transparent in their dealings with governments but acting as a barrier and protection for their users in their dealings with governments.
  • Normative – businesses could play a part in changing the message so that it becomes clearer that privacy is a social norm.

At the moment it seems unlikely that businesses will do very much of this – but there are a few signs that are positive. Real names policies have been relaxed on Google +, and even Facebook has shown some moves in that direction. All the big companies are doing more to secure their systems – encryption is more common, both in the infrastructure and in user systems. Google does at least seem to be making some attempt to cooperate with the right to be forgotten – though whether these attempts are being done in good faith has yet to be seen.

It will probably take a miracle – resurrections generally do – but miracles do sometimes happen.

Royal Babies…. and human rights!

Screen Shot 2014-09-08 at 13.34.58The news of another Royal Pregnancy – the Duchess of Cambridge is expecting a second child – has as usual provoked a lot of media attention. To say the least. Lots of cooing, lots of cute pictures (like this one of the last little prince to be born), a fair amount of cynicism about the timing of the announcement (in relation to the Scottish Independence referendum in particular) and so on. Flags will be waved, bells will be rung, tears will be shed – but when it comes down to it, will anyone ask the question that comes up so often in other circumstances: ‘won’t anyone think of the children?’ There are many, many reasons to object to the monarchy – but one rarely mentioned is that it’s inherently cruel to the children. Indeed, it might be argued that it breaches their human rights.

The institution of the monarchy brings into play a whole plethora of human rights. Looking at the European Convention on Human Rights (the ECHR), and glossing quickly over Article 4, which prohibits slavery and forced labour (the application of which I will leave to your own imagination), we can move on to Article 8, which covers the right to a private life.

Article 8: Right to respect for private and family life

“Everyone has the right to respect for his private and family life, his home and his correspondence.”

How much privacy does any Royal Prince or Princess get? As a child, their every move is watched – the huge excitement over Prince George’s first steps was just a start of a lifetime of being snooped on, stared at, scrutinised and analysed in every detail. Of course the Prince or Princess will have protection, and the vast wealth of the Royal Family and indeed the powers of the government will be brought into play, but even so, the level of privacy is minimal. What kind of an institution puts that kind of pressure on a child pretty much from the moment it’s conceived – and certainly from the moment the bump is noticed.

Article 9 – freedom of conscience and religion

“Everyone has the right to freedom of thought, conscience and religion; this right includes freedom to change his religion or belief and freedom, either alone or in community with others and in public or private, to manifest his religion or belief, in worship, teaching, practice and observance.”

What freedom does a Royal Prince or Princess have? Their religion is predetermined – after all, they might grow up to be Defender of the Faith. We often look down on religious fanatics who force their children to follow in their footsteps – but Royal Babies are every bit as restricted. No chance to change – even if it’s legally possible, the pressure not to change is so huge as to be almost insurmountable. It could bring about a constitutional crisis.

Article 10 – freedom of expression

“Everyone has the right to freedom of expression. This right shall include freedom to hold opinions and to receive and impart information and ideas without interference by public authority and regardless of frontiers.”

Almost none of that for a Prince or Princess. One word out of place and the media will jump on them from a great height. Prince Charles has tried a bit, and been viciously attacked (yes, sometimes even by me) for doing so – but even he keeps his pronouncements to a pretty narrow range of topics. The expectation is clear – don’t say anything wrong. All statements in writing care carefully edited and vetted. Nothing political. Nothing that might be misconstrued. No real freedom at all….

Article 11 – freedom of association and assembly

“Everyone has the right to freedom of peaceful assembly and to freedom of association with others, including the right to form and to join trade unions for the protection of his interests.”

How can a Prince or Princess exercise freedom of assembly or association? They’re watched and monitored by the Royal Household, by the paparazzi, by a huge number of others. They can’t meet with who they want, when they want, or associate with who they want. Imagine a trade union for Princes and Princesses….

And the rest…

There’s Article 12, covering marriage,  and article 14 covering prohibition from discrimination, but even forgetting them we’re still left with the institution of the monarchy being deeply in breach of the human rights of Royal Babies.

There’s only one solution. The abolition of the monarchy. We must do it, for the sake of the children.

 

Victim-blaming: an all-pervading curse

Something has struck me about a whole range of different recent stories, covering many of the different things that I’m interested in: the tendency for the victims to be blamed. I’ve seen it in tech stories, in legal stories, and above all in political stories. It’s often implicit rather than explicit, and often it seems as though the people doing it don’t even realise that they’re doing it – I’ve been attacked for even suggesting it on some occasions – but it has deeply negative consequences, some of which we don’t even notice.

Stupid celebrities?

When Jennifer Lawrence’s naked photos were hacked and leaked onto the Internet, along with those of a number of other celebrities, there were many reactions, some good, some bad. Two, however, had close connections to victim-blaming. The first was the idea that anyone who takes naked pictures of themselves, or allows those pictures to be taken, only has themself to blame if those pictures are leaked. The second was that anyone who puts unencrypted information onto any cloud-based server only has themself to blame if their data is stolen. In both cases the victim-blaming is pretty direct. It’s your fault for having the photos, and your fault you didn’t upload them securely enough. Serves you right.

‘Sluttish’ girls?

A little earlier was the story about inventors developing ‘rape prevention nail varnish‘, so that girls and women can dip their fingers into drinks to see if their drinks have been spiked with ‘date rape drugs’. For many people this just sounded like a good idea – a piece of innovative technology, another tool in the armoury of ‘sensible’ girls and women. For me (and others) it wasn’t nearly so clear: it rang alarm bells of implicit victim blaming.

The victim-blaming here is much less direct – but it works at a number of levels. Firstly, it’s putting the emphasis on what the victim could do to prevent the crime – and hence, at least in part, holding them responsible for that crime. Secondly, by adding to the armoury of tools for ‘sensible’ girls and women it could be used to suggest that any girl or woman who doesn’t use it is not being ‘sensible’, and hence is in some way contributing to their own downfall. It’s not such a huge step from that to the idea that girls and women who don’t do everything possible are in some way ‘asking for it’. They’re sluts. They deserve what they get – and don’t deserve our respect and support when they get it. It’s an attitude that pervades our media in a hideous way – the front pages of the tabloids over the summer, showing ‘scandalous’ behaviour by British youngsters (mostly girls) in places like Magaluf  are just the tip of the iceberg. From most accounts that’s the kind of attitude that contributed to at least some of the failures of the authorities to deal with the hideous evens in Rotherham. They weren’t the sort of ‘deserving’ victims that the authorities should be putting all their efforts into protecting.

‘Work-shy scroungers’?

Perhaps the most common example of victim-blaming of them all is with the current attitude to people on benefits in this country – the regular suggestion, sometimes direct and sometimes indirect, that people who are poor, people who are on benefits, are essentially responsible for their own fates. The latest manifestation of this is Esther McVey’s newly announced psychological ‘attitude tests’ for unemployed people, to see whether they’re ‘resistant’ to work. This is pretty direct: the suggestion is that the reason for people’s unemployment is their attitude to work. If only they had a better attitude, they wouldn’t be unemployed.

Of course this isn’t a rare attitude in relation to benefits – indeed, it might well be the most common. The ‘striver/scrounger’ agenda has been pushed very strongly by almost all the political parties in the UK for the last few years, with almost no alternative presented let alone supported. It stretched to almost all areas: poor people are poor, according to this analysis, because they’re ‘work-shy’, Their kids are hungry because they’re not good enough at managing their budgets, or because they waste their money on flat screen TVs, junk food and binge drinking (which also makes their girls ‘sluttish’ of course). Their health is poor because of their bad life-style choices. Those who are disabled brought it upon themselves – or they’re lying about their disability to start with, because they’re work-shy and are looking for excuses. For all these reasons, they’re to blame, and they don’t deserve anything. It’s their own fault.

Being sensible – and taking precautions

In each of these cases – and in many others – it all looks very ‘sensible’. Of course we should all use more secure online services. Of course we should understand and use encryption. ‘Of course’ we should think about whether it’s a good idea to take a naked picture of ourselves. Of course tools like ‘rape prevention nail varnish’ are helpful. ‘Of course’ it would be helpful to unemployed people to see if they have psychological issues that make it harder for them to find jobs – but we should also understand the messages here, and think a bit more about what those messages mean.

It’s a very short step from saying ‘please take precautions’ to saying ‘those people who don’t take all precautions necessary only have themselves to blame’. Indeed, the second is often the unspoken part of the first. From that, it’s a small step to saying that anyone who becomes a victim must have themselves to blame. Only stupid people have their photos leaked. Only sluttish girls get raped. Only work-shy people are ever unemployed. The more we emphasise the precautions, the easier it is to fall into this trap – and trap it is, because it’s completely false. Anyone can have their system hacked, their privacy invaded, their intimate information accessed. Anyone can get raped. Anyone can lose their job. It’s not their fault – but it’s all too easy for people to assume that it is. It’s all too easy for the people themselves to believe that it is their own fault.

Letting the real culprits off the hook

…and that has many more consequences. If it’s people’s own fault that things happen to them, then the real culprits get a free pass. The hackers who work so hard to break into private data to find people’s pictures. The people who spread those humiliating and damaging photos around the internet – and the people who seek them out and view them. The men putting the rape drugs into the women’s drinks – and then rape them. The bankers who crashed the economy – and the unscrupulous employers who pay peanuts and sack people at a moment’s notice. All the people who are really responsible – and changing whose behaviour would really make a difference – are given what amounts to a free ride. They may even be encouraged to do more – if those stupid celebrities do those stupid things, we’re doing a public service by exposing them. They deserve it.

…but they really don’t. More than that, who are we to judge what kind of photos people take of themselves, what kind of clothes they wear, what kind of places they go to to enjoy themselves? Jennifer Lawrence should feel free to take whatever photos she likes – and certainly shouldn’t be expected to learn to use what really are hideously user-unfriendly encryption systems. I have huge problems getting them to work myself! Women should feel free to go out and enjoy themselves without feeling that if they don’t behave perfectly, test every drink they’re offered, wear only the most modest clothing etc, then they’re fair game for any sexual predator. People should be able to expect employers to behave responsibly – and to pay a decent wage.

Until we stop putting the blame on the victims, things aren’t going to get better. Indeed, they’re likely to get worse. It’s a vicious circle – and we need to break it.

Who needs privacy? All of us….

A couple of privacy stories have been making big news over the last few days. The first is the ‘celebrity photo’ saga – naked photos of Jennifer Lawrence and others have been ‘leaked’ onto the net. The second is the revelation that the Metropolitan Police obtained the telephone records of Tom Newton Dunn, the political editor of the Sun, in connection with the ‘Plebgate’ saga. Between them, the two stories highlight some of the ways in which privacy matters – and at the same time some of the misunderstandings, some of the hypocrisy, and some of the complexity of privacy.

Celebrities and privacy

The relationship between celebrities and privacy is a complex one. At one level – the level usually argued by the press (including the Sun) – celebrities have less of a right to privacy than the rest of us. After all, they put themselves in the public eye. They open their doors to the likes of Hello magazine – and they make millions from us, from our attention, so doesn’t that mean they have to sacrifice a bit of their privacy to us? The put themselves in the public eye – doesn’t that mean their lives are ‘public’, and drawing attention to them is in the ‘public interest’? This brings into play the classic question of what the difference is between what ‘interests the public’ and what is ‘in the public interest’. They’re certainly not identical – but there is a degree of fuzziness at times.

At another level – the level argued by the celebrities themselves – celebrities need more protection, and if not a stronger right of privacy then a stronger way to enforce that right than the rest of us. After all, celebrities are more likely to have their private lives intruded upon by the press. Paparazzi will point their long lenses into celebrity houses, pursue celebrities down the street, rifle through celebrities’ dustbins, much more than they will for the rest of us. A naked picture of Jennifer Lawrence will get a lot more clicks on the net than a naked picture of a ‘non-celebrity’. The phone hacking saga (of which more later) is just one example – and it’s no coincidence that many of those at the forefront of the campaign to implement the Leveson report are celebrities such as Hugh Grant and Steve Coogan.

There’s strength in both perspectives – and as both are regularly argued by people who are both articulate and very ‘media-savvy’ it is often hard to navigate between them. The courts try – but all too often, whatever they decide is damned by one side or the other.

The Press and Privacy

The Sun are justifiably angry about the revelation that their political editor’s phone records have been accessed by the Metropolitan Police – not least because the story being investigated actually concerned the activities of the police. There are conflicts of interest all over the place here – but also a much bigger point.

For the press to function well, it needs to have privacy. That is, it needs to be possible for the press to keep its sources secret, to protect those people who reveal the key information. If they can’t protect their sources, there’s a very direct chilling effect – people who might come forward with information will be afraid to do so, so that information will never be uncovered, and all kinds of stories that are very much in the public interest will never see the light of day. Members of the press need to have confidentiality – so that they are able to do their job, a critical job in holding the powerful to account. That means the police and the politicians for a start.

Hypocrisy and Privacy

And yet, the stench of hypocrisy is almost overwhelming here. This is the Sun, getting outraged about a breach in privacy. The same Sun who were part of the phone hacking saga, who regularly invade the privacy of all and sundry – celebrities are just one example – often claiming it is in the public interest, but still invading privacy.  The same Sun who were part of an often vicious onslaught on the Guardian in connection with the Snowden revelations. The Sun who often seem to operate as though no-one has any right to privacy – except their own journalists.

This kind of hypocrisy is matched by that of some of the hackers and champions of internet freedom who feel it’s OK to obtain and then release, gleefully, naked pictures of Jennifer Lawrence. Some seem to want their own anonymity and privacy, and think the NSA and GCHQ are nightmarish oppressors – but think that Jennifer Lawrence only has herself to blame for even having those photographs in the first place.

It’s a sadly common set of double standards – privacy doesn’t seem very important, indeed it often seems like something bad (‘privacy is for paedos’, in the words of Paul McMullan, former News of the World journalist) until it has an impact on you. The Sun’s outrage is particularly hypocritical, but at times almost all of us are guilty of it.

We all need privacy

The truth, at least as I see it, is that we all need privacy. We all need our privacy protected – and invasions of privacy should never be done lightly, without a thought for the consequences. Jennifer Lawrence – and all of us – should be able to take whatever photos we want of ourselves, however intimate. Members of the press should be able to communicate safely and securely with their sources. And we, ordinary people, should be able to go on with our ordinary lives without fear of their being exposed. Our lives aren’t any less important than those of celebrities or the press – and though the impact of privacy invasions on our ordinary lives may not be as earth shattering or newsworthy as those of celebrities, politicians and so forth, to us they matter. The revelation that NSA operatives thought looking at nude and sexual photos found by surveillance was fun, and sharing them with colleagues was just a perk of the job should repel us.

There are many other ways that invasions of our privacy have an impact upon us – things like affecting our job prospects, our insurance premiums, our credit ratings, our relationships – but there’s a bigger point here. These are our lives. This is part of our human dignity. Privacy is part of that, and it matters.  We should try to remember that for other people – and celebrities are people too.

Data and politics…

CarswellOne of the less obvious side shows to the defection of Douglas Carswell MP from the Tories to UKIP has been the report that he may be taking his data with him – detailed data about his constituents, it appears, and according to the Daily Mail people at UKIP are ‘purring’ at the prospect of getting hold of the data.

This raises many, many issues – not least data protection issues. The excellent Jon Baines (@bainesy1969 on twitter) has been blogging about political data issues for some time, not least how it appears that political parties ride roughshod over data protection law and yet somehow the Information Commissioner’s Office does not want to get involved. He’s written something today in relation to Douglas Carswell – you can read it here.  As Jon Baines explains, there are many legal issues to deal with, including a possible criminal offence.

Even setting the law to one side, there are some very disturbing aspects to this.

The first is a moral or ethical one – when people gave their data to Carswell, or to the local Conservative Party, they presumably intended (if they thought about it at all) to help the Conservative Party – Carswell was, at the time at least, a representative of the Conservative Party, and made many statements of loyalty. Would they be happy for that data then to be used by UKIP, a rival party? Some might have UKIP sympathies, and might well follow Carswell in his defection – but many others might not, and their data is being taken along with those who might defect, and without the chance to object or consent. Data protection law should require this – but in practice it might well fail to produce the results it should. Can we expect a moral or ethical approach from Douglas Carswell on the matter, recognising these issues? I doubt it very much. Morality and ethics are in very short supply in politics even at the best of times. These are very far from the best of times.

The second is a deeper one – it seems to me that we don’t consider nearly enough the impact of data on politics. The most obvious aspect of the Carswell business is the gathering of the data, but the use of that data is perhaps even more important and could have even more impact. I’ve written about this before – most notably in my book, Internet Privacy Rights – but it bears repeating. The use of data for political purposes is something of increasing importance. Obama knew that, and one of his key strategies for re-election was better use of data. This piece ‘How President Obama’s campaign used big data to rally individual voters‘, gives at least a flavour of what Obama did – and the beginning of a sense of what might be possible in the future. Data such as that gathered by Carswell could be aggregated with other data, much of it commercially gathered, and used for profiling in increasingly sophisticated ways. Here’s a brief extract from my book (chapter 10) that hints at what kind of thing can – and almost certainly will – happen in the future. Indeed, some of it is already happening now.

“Imagine, for example, tailored advertisements created for individual ‘swing voters’ (selected automatically through profiling), pointing out a party’s positive steps in the policy areas that are most likely to interest them (also selected automatically), omitting those areas where party policy doesn’t fit, and couching it in a language appropriate to the individual’s ethnic, educational, cultural and linguistic background, illustrated with a few appropriate news TV clips, and playing background music exactly to the individual’s taste and voiced over by an actor that profiling reveals that individual likes? The reverse, of course, about the political party’s opponents – negative campaigning and personal attacks taken to an extreme level. This could be extended from tailored advertisements to whole ‘news’ pages where the ‘news’ provider has a particular political agenda, and also (and more simply) to individual automated emails.”

Now I don’t imagine for a moment that UKIP’s operation is anywhere near as sophisticated as that – right now, most UK political parties seem to be lagging far behind the US in this field – but the ideas and the possibilities ought to be giving us pause for thought. Recent events like the Facebook Experiment, which I’ve blogged about before, show how the internet can be used to manipulate people. Political manipulation is just one of the possibilities. We need to be very careful here – and pay more attention to how our data can be used to manipulate us.

Wikipedia and the Right to be Forgotten…

…or why Jimmy Wales might want to support a right to delete.

Screen Shot 2014-08-24 at 17.39.48

One of the more strident critics of the Google Spain ruling by the ECJ, bringing into action at least a form of the much derided ‘right to be forgotten’, has been Jimmy Wales, co-founder of Wikipedia. He has spoken and written about it in highly critical terms, calling it ‘one of the most wide-sweeping internet censorship rulings that I’ve ever seen’ and, since Wikipedia itself started receiving notifications, ‘completely insane’. His statements, amplified by the obliging British press, were followed by his appointment to Google’s advisory committee on implementation of the court’s ruling. He has so far stood firmly by Google’s side, and against the ECJ – and yet, if looked at from the perspective of ‘openness’, there are arguments that he should shift his position. The so-called right to be forgotten – in some forms at least – is far from incompatible with the principles of openness that underpin Wikipedia. Indeed, it can be argued to be supportive of those principles – or even necessary to produce more openness in the way the internet operates for most ordinary people.

Wikipedia and ‘openness’

Wikipedia is viewed by many as the epitome of the new(ish) idea of ‘openness’ (e.g. http://www.theguardian.com/technology/2014/aug/10/wikipedia-isnt-perfect-model-channel-4-government) . Crowdsourcing information, allowing edits by anyone. Words like ‘participatory’, ‘collaborative’, even ‘democratic’ are used to describe it – indeed, it’s often used as an example of what those terms mean. These are words that are almost always used positively: participation, collaboration and democracy are seen as fundamentally ‘good’ things. Specifically, they’re seen as good things in relation to the internet: the fight for an ‘open’ and ‘free’ internet, a fight which the Wikimedia Foundation often seems to see itself at the forefront of, is a fight for the sort of internet built around participation, collaboration and openness.

But what does that mean in practice? Take a look at Wikipedia. As a teacher of university students, I often discuss the use of Wikipedia for research. In the old days, universities frowned on the use of Wikipedia – and we generally still disapprove of its use as a primary source (a citation of a Wikipedia page will raise both eyebrows and hackles in any university teacher) – but now it is usually seen as something very useful. You can get a broad brush view of a subject from reading the Wikipedia page – and you can find links to better, more reliable information about the subject. You don’t cite the Wikipedia page, but you can find sources that you can cite by looking at the Wikipedia page.

This all comes from both the strength and the weakness of Wikipedia. It is generally reliable – because crowdsourcing works, and because people with an intimate knowledge of all the various subjects contribute to it – but it is also, and just as importantly, ever-changing. It changes as events develop – new information appears, new views come in and, crucially, errors are corrected, biases revealed and changes made. Inaccurate and out of date information – and irrelevant information – is corrected or deleted from Wikipedia pages.

Deletion of information…

Let me repeat that.

Inaccurate, out of date and irrelevant information is corrected or deleted from Wikipedia pages.

That’s the strength of Wikipedia. Indeed, it is a key virtue of digital publishing – it is dynamic, not static. When errors creep in – whether by accident, by error, by biased editing, by malice (and cases of falsification of Wikipedia pages are well known, as are the strong and consistent critiques of both Wales and Wikipedia) the openness of the Wikipedia platform means that those errors, those biases, and so forth are open to being corrected. Information is deleted. That’s what makes Wikipedia great – and also what shapes the way we use it. We know Wikipedia isn’t set in stone, and that at any particular moment it may include errors or misunderstandings. We know that, so we don’t treat it with undue reverence. We check what we see against other sources. We look for alternative views and compare them to what we see on Wikipedia. We sometimes even help to edit Wikipedia. We treat Wikipedia as ‘organic’, growing and changing all the time.

Treating the internet as ‘organic’

Isn’t it appropriate – and desirable – to treat the whole internet in the same, open way? As organic, growing and changing all the time? Why should other material in the free floating internet be treated as inviolable; privileged by virtue of their form, if we are happy to see it otherwise with Wikipedia? In many ways we know that this is how the internet really is anyway – we know that when we look at a page we need to consider who created it, what sort of people they are, what biases they might have and so on. We know that new material is appearing all the time – every blog post, every newspaper article, every uploaded photo – and we should also understand that other material is being deleted or edited every day. Old, irrelevant or inaccurate information disappears every day. That’s part of the process – life and death are part of the same cycle.

What the internet isn’t, is a perfect archive of truth, set in stone as a record of perfect accuracy. To evoke otherwise, as Wales and the Wikimedia foundation have done, is simply false. It isn’t Asimov’s vision (deliberately misleading) of an Encyclopaedia Galactica in his seminal ‘Foundation’ books, designed to preserve and maintain humanity’s store of knowledge against barbarians and the decline of civilisation. It’s much closer to the reality of Wikipedia. Somewhere were things are being deleted all the time. Somewhere where routes to things are being corrected all the time. Somewhere that should be treated with respect but not reverence.

The right to delete – or the right to be forgotten

That’s where a right to delete – and yes, sometimes, a right to be forgotten fits in. It’s not such a big deal, really – things get deleted and forgotten all the time on the internet. Eric Schmidt and Jimmy Wales’ things, too. The right to be forgotten is just one of many mechanisms through which such deletions might take place. Almost completely overlooked in the media coverage, and the runaway notion that this is a ‘right for the rich and famous’ is the fact that already people with resources and knowledge use ‘reputation management’ services to hunt down and remove uncomplimentary things about them. Already ‘rights holders’ use copyright law to have things that breach their rights removed from the net – and routes to them removed, obscured or deleted. Already companies choose to cleanse old websites, to rebrand themselves and so forth. The right to be forgotten – both in its ‘Google Spain’ form and in a purer deletion of data form – would be just one of many tools through which the internet changes form. That constant changing should be understood and celebrated – and refined not fought and feared. It’s part of what makes the internet so great.

That doesn’t, of course, mean that it shouldn’t be treated critically. It should, very much so. It doesn’t mean that the Google Spain ruling is without fault – it isn’t, and the way that Google has implemented it to date has highlighted many of those faults. And yes, it’s a tool that could well be misused – most tools are, but we don’t outlaw kitchen knives because they could be used to stab people. For ordinary people, in extraordinary circumstances, it could be a real boon. Ordinary people need to be given a chance to contribute, to participate, to be part of that great community that so many of us hope the internet can become. Of course we need to find a way to make it work better. We need to set out more appropriate rules and good, solid guidelines as to how it should be operated – and to reduce the possibility of its misuse. We need all of this, both to help Google and to keep the internet open….

…because that’s the bottom line. Having ways to delete information isn’t the enemy of the internet of the people, so much as an enemy of the big players of the internet. In terms of the ordinary people, it’s very much the internet’s friend. Wikipedia demonstrates the need to have deletion and correction as well as addition as part of its toolkit. Jimmy Wales knows this, I suspect, though I’m not sure he’s applied this knowledge to the internet as a whole. He may not like the way that this particular tool has been developed – for judges and courts are often seen as the enemies of openness, and from an America perspective, European judges and courts may be the worst of all. Nobody wants to be told what to do – and often they’re quite right to resist what they’re told to do.

However, an excessive faith in the ‘record’ of the internet, and an excessive reverence for the way that the internet (and Google in particular) currently works are also enemies of real openness. We need to be open to changes – and yes, even changes in all of these.

—————-

This blog post was inspired in part by reading Nathaniel Tkacz’s work on Openness.