‘Hard working people’ doesn’t work for me…

There are few expressions that annoy me more than ‘hard working people’ – and few that we hear more in the current political climate. There are so many things wrong with it that it’s hard to know where to start…

What is ‘work’?

That the first question for me. What is ‘work’? What does it mean to work ‘hard’? Is paid work the only work that counts – because that’s the way that it often sounds. Certainly the implication is that housework, caring for kids, caring for relatives, for older people, for people who are sick or disabled, doesn’t ‘count’ – and yet for anyone who’s ever done much of that (and I doubt that many of the people who roll out the trite expression ‘hardworking people’ have ever experienced much of this) it’s every bit as ‘hard’ as any kind of paid work, every bit as stressful, every bit as ‘valuable’ as what is normally considered ‘work’. I’ve had times being a full-time father, and frankly that was far, far tougher in almost every way than any of my conventional work, whether it was in the private, voluntary or public sector (and I’ve worked in all three).

What is ‘hard’?

And then what do we mean by ‘hard’? Are we talking about the number of hours that people put in? How much physical effort they put in? How ‘productive’ they are (whatever ‘productive’ means)? What level of ‘commitment’ they put in? How much money they ‘earn’? How ‘serious’ they are when they work? If you enjoy yourself, if you chat with your workmates, if you relax while you work, does that mean you’re less ‘hard-working’?

Almost all of those ideas have deep flaws. Many, many people work too many hours – whether by choice or not. Too many hours for their health, too many hours for their happiness, too many hours for their families, too many hours for their workmates – because stress, tension and unhappiness are infectious and damaging for everyone. Different jobs require different levels of physical effort – and different kinds of jobs require different kinds of commitment. For a great many jobs, it would be much better if people were more relaxed and happy – and took more breaks, had more fun and so on.

What about people who don’t work?

The thing that annoys me the most is the implication that people who don’t ‘work’ are somehow less ‘valuable’ or less ‘virtuous’ than those who do ‘work’ – and hence less ‘deserving’ than those who do. That is not just wrong, it’s vicious, divisive and thoroughly nasty. Many of those who don’t ‘work’ have no choice about it. Some can’t work because of their health, because of their physical capabilities, because of their family situation – and many would love to work but have no chance to work for reasons completely out of their control. For some people with disabilities or suffering from sickness, it’s incredibly hard work just to stay alive – tasks that might appear simple to those who have no experience of sickness or disability, like getting dressed, preparing food, even getting out of bed, involve huge effort and pain: and yet this kind of ‘work’ seems barely to be considered at all. The idea that older people, people with disabilities, people who care for their families are somehow less virtuous and less valuable than those who follow the ‘traditional’ work path is frankly hideous.

Hard working families….

Worst of all, for me, is the idea of ‘hardworking families’. Whenever I hear it trotted out the idea that comes to me is of small children being sent up chimneys. I may work – I’m lucky that I have a job I like – but I don’t want my daughter to work! Hard-working families? No thank you. I want a happy family, a family that has fun, that is able to enjoy life, that isn’t overwhelmed by stress or tension.

It’s all linked together. We seem to have an obsession with ‘work’, to the exclusion of everything else. It excludes humanity – treating people as though they’re nothing but cogs in some great economic machine. We treat education as though the only point is to prepare children to become workers. We treat adults as though their only function is to become productive ‘economic units’ – helping GB plc to compete in some kind of hideous ‘global race’. Precisely what the ‘prize’ for ‘winning’ that global race might be – and how it could possibly be worth the dehumanisation that the obsession with ‘hard work’ produces – remains unclear. What we see around the world makes me think that I’d much rather we didn’t win that global race. I’d rather we didn’t compete at all.

Life should be about much more than that. I’d rather people were happy than worked hard – and society would benefit more, as far as I’m concerned. So every time I hear the words ‘hard-working people’, or even ‘hard-working families’, I’ll offer up a silent scream. I’ll probably hear them hundreds of times during the Conservative Party Conference – indeed, it’s part of the main slogan of the conference – but I heard them far too many times even at the Labour Party Conference. I wish we could stop thinking in those terms – but I fear we won’t for a long time, if ever.

Supporting the creative economy?

Today sees the publication of the Third Report of Session 2013-14 of the House of Commons Culture, Media and Sport Committee, titled “Supporting the creative economy”. Having read the main part of the report, with a heavy heart at times, it seems to me that a better title for it would be “supporting the copyright lobby”.

The report can be found online here. I must stress that I have only read through the main report, not through the many pages of detailed evidence that accompanies it, and these are just a few initial thoughts, not a detailed academic analysis. I would also like to stress that I am commenting only on the sections on Intellectual Property – not the parts on Olympic and Paralympic legacy, Funding and finance and so forth.

Google as the enemy….

There are a few themes that shine through – and a two particular targets that the report takes significant pot-shots at. The first of these is Google – the report pulls few punches.

“We strongly condemn the failure of Google, notable among technology companies, to provide an adequate response to creative industry requests to prevent its search engine directing consumers to copyright-infringing websites. We are unimpressed by their evident reluctance to block infringing websites on the flimsy grounds that some operate under the cover of hosting some legal content.”

And

“We are deeply concerned that there is an underlying agenda driven at least partly by technology companies (Google foremost among them) which, if pursued uncritically, could cause irreversible damage to the creative sector on which the United Kingdom’s future prosperity will significantly depend.”

Now I’m not often a great fan of Google, but in this case I fall very much on their side of the debate. Regarding the first issue, to suggest that these grounds are ‘flimsy’ is deeply problematic: blocking any site from Google should be regarded as a big step. Access to information is a human right (part of Article 10 of the European Convention), so blocking legal information should never be undertaken lightly. Google knows this – and quite rightly resists the idea that it should block access to websites without due process. The use of the emotive term ‘flimsy’ in a report like this is unfortunate, to say the least.

As far as the second point is concerned, I am even more concerned. Many of those of us who oppose the current model of copyright enforcement don’t do so as a result of any ‘underlying agenda,’ let alone one driven by the likes of Google. We oppose the model because we believe that it isn’t working, that it suggests to many people – and particularly young people – that they are ‘bad’ or even ‘criminal’ without any real understanding of what they do and why. Much more than that, we oppose it precisely because we support the creative economy – we love music, movies and games, and want to find good, appropriate and effective ways to enjoy them. We want a new model – one that balances rights, and actually supports both the creators and consumers of content.

Dismissing Hargreaves

The other depressing theme in the report is the repeated undermining of the Hargreaves report – and indeed Professor Hargreaves himself. It feels almost as though Hargreaves is being dismissed because he produced the ‘wrong’ results – results that didn’t support the copyright lobby’s vision of how the world should work. One point, in paragraph 73, is particularly telling:

“We are not convinced by Hargreaves’ implication that a facility for private copying is factored into the purchase either of music or devices that store, play or copy it.”

Can I suggest that the committee spend a bit more time talking to young people about how they listen to music, play games or watch TV and movies? Perhaps even ask their own children, rather than just listen to the industry? That, indeed, is a depressing feature throughout the report – a seeming failure to understand how people actually consume content.

Is copyright working?

At one point (paragraph 68) the report says:

“We…  …believe that generally the existing law works well.”

Really? And works well for whom? When I ask young people if they ever download music illegally, it’s a rare young person who doesn’t admit to it. When I ask them whether they think downloading music illegally is ‘wrong’, it’s a rare young person who, ultimately, believes that it IS wrong. It’s also very rare indeed for them to have been ‘caught’ for illegal downloading. Can you really say that a law that is regularly broken, is very widely considered appropriate and is rarely effectively enforced is ‘working’?

Supporting the creative economy?

Very often it seems to me that much of the creative economy is thriving despite copyright law, not because of copyright law. By pursuing this path, by almost obsessively believing in a legal system that is deeply flawed, the committee is itself in danger of causing damage to the creative economy.

Perhaps it is the whole way that they are approaching the issue that’s the problem. There is an inappropriate obsession with piracy – missing the increasing evidence that those who download illegally are also downloading legally. The report says:

“…millions of pounds are being lost by the creative industries..”

Why focus on the revenue that they think is lost, rather than the revenue that is being generated? It is a primary negative approach – instead of looking to punish ‘offenders’, shouldn’t the focus be on how to make more money? Find more, better and different revenue streams, rather than clinging onto old, outdated and ineffective ones?

The report is worried about an ‘underlying agenda driven at least partly by technology companies’ but seems to have completely ignored the much greater underlying agenda driven by the copyright lobby. If they really want to support the creative economy, they could do with starting with a good look in the mirror.

Dear Big Energy Suppliers….

Dear Big Energy Suppliers

I realise this is a hard time for you. Ed Miliband’s announcement in yesterday’s speech that he was calling for a price freeze for the first 20 months of a Labour government must have come as a horrible shock to you. A bit like the kind of shocks that many people in the UK have had when they discover that they have had a pay freeze – or even a pay cut, as so many people have.

The thing is, many of us have suffered far more.  Some have been made redundant, or have had to move from a full time to a part time job. Some suffering the stress of unemployment, of their businesses going bust – people, unlike corporations, can suffer sickness, have mental health problems and all kinds of other things that make their lives difficult. Many have had their benefits cut or even removed – and we have also all suffered from price increases of many kinds – power isn’t the only thing that costs money.

So you see, actually you’re much better off than many people – and given the lovely mantra of our dear Prime Minister, that we’re all in it together, isn’t it time that you had to tighten your belts in the way that we have all had to tighten our belts over the last few years? After all, we all know that you’ve got a fair few notches in those belts to be able to tighten – the billions of pounds of profits you’ve made and the billions of pounds you’ve given out in dividends make that very clear. Tightening your belts a little shouldn’t be that hard – it’s not as though you’re going to have to choose between heating your houses or eating, as quite at lot of your customers are going to have to.

Anyway, there is still another solution available to you – and it’s a good, capitalist, market-based solution that good capitalists like yourselves should approve of. If your prices are frozen, and if your profit margins are squeezed, there’s still a way to make money: get new customers. Fortunately for you, it’s nice and easy for people to switch energy suppliers these days – so all you have to do is to persuade people to choose your company rather than others.

There are a couple of ways you could do that. One is to lower your prices even further than the frozen prices Ed Miliband is suggesting. If you did that, and made a big show of it, people should flock to you. Attractive? It might even make you look more like ‘good guys’ rather than the exploitative, money-grabbing villains that you appear to many people today. Wouldn’t that be good? And you’d be helping the economy to recover, helping people to thrive too.

There’s another way too – and that way’s available right now. I can even give you an example of a new customer you could win: me. I’m available right now, and could shift supplier in an instant. I’m ready to do so – and will indeed promise to switch right now to the first of the big suppliers who does one simple thing: promise to stop resisting, campaigning and lobbying against the proposed price freeze, but instead says ‘fair enough, we’ll accept that we need to do our bit for the country and for the people, and embrace the idea.’

It’s good market capitalism – and I’m sure you’ll like the idea of winning customers this way. I’m sure, too, that you won’t all work together to resist it and make sure prices stay high – that would look suspiciously like behaving like a cartel, and I’m sure such an idea would be totally against your nature.

So, I look forward to hearing from you. Just put a nice comment on this blog, saying that you’re willing to make such a pledge, and I’ll switch suppliers to you within the day.

Kind regards

Paul Bernal

The iPhone crack’d from side to side….

The news that the new iPhone 5S’s fingerprinting system has been successfully cracked by German hacker group the Chaos Computer Club should come as no surprise. As I suggested in my initial response to the announcement, hackers would be itching to get their fingers on the technology to find a way around it. It took them about a week.

This is from the Chaos Computer Club’s blog post:

“The biometrics hacking team of the Chaos Computer Club (CCC) has successfully bypassed the biometric security of Apple’s TouchID using easy everyday means. A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID. This demonstrates – again – that fingerprint biometrics is unsuitable as access control method and should be avoided.”

The Chaos Computer Club are what I would call ‘white hat’ hackers: they’re the good guys, working generally to bring into the open things that are of benefit to us all. They’re very good at what they do – but they’re not the only hackers out there. What the Chaos Computer Club could do in about a week will be possible for those others – and that includes those working for the authorities, for organised crime, for the other tech companies and so forth.

The precise details of how they did it are interesting but not really that important: the key is to understand the implications. Any technology, no matter how advanced, will have vulnerabilities. Any data gathered, no matter by whom or how held, will be vulnerable.  That needs to be taken on board when we look at how and whether to embrace that technology – and it needs to be understood when considering how to balance the risks and rewards of that technology. Many people – not least in the technology press when covering the launch of products like the iPhone 5S – tend to gloss over the risks. They take the assurances of the manufacturers that the technology is ‘secure’ at close to face value – and treat the concerns of the odd privacy advocate as tinfoil-hat-wearing paranoia.

Now there IS a good deal of paranoia out there – but to paraphrase Joseph Heller, just because they’re paranoid it doesn’t mean they’re not right. What we’ve learned about the activities of the NSA, GCHQ and others over the summer has gone far beyond many of the nightmares of the most rabid conspiracy theorist. That doesn’t mean that we should all be moving to small islands in the Outer Hebrides – but it should mean that we are a little more cautious, a little more open-minded, and a little less trusting of everything we’re told.

There are a lot of jokes circulating on the internet at the moment. One goes like this:

There’s a point there. By moving from a system of passwords (a deeply flawed system) to one based on biometrics we’re taking on a new level of risk. Is this a risk that we really want to take? What are the benefits? As the Chaos Computer Club have demonstrated, it’s not really for security. Fingerprinting is a deeply insecure system. If someone gets hold of your phone, it will be covered with your fingerprints – getting the data out of it won’t be major problem for any of the people who might want to use that data.

So it’s not really about security – it’s about convenience. It’s about saving the seconds that it takes to put in a few numbers to unlock your screen. That’s not something to be ignored – we give away huge numbers of things just for a little convenience – but we should at least be aware that this is the bargain being made. For many people it may be worth it. I’m not one of them.

The other risks associated with the use of fingerprinting as an identification and authentication method – some of which I outlined here – are too much for me. Still, for me, the way that it helps establish as ‘normal’ the idea of asking for fingerprints is the worst. It’s not normal to me. It still smacks of authoritarianism – it’s worse that the image of the policeman asking ‘your papers please’, as you’ll have no choice. That’s the thing about biometrics. You become your papers…..

No thank you.

10 things I want to hear at the Labour Conference

That time of year is coming when once again I dare to hope that Labour will become I party I can support again. It’s a hope that is pretty forlorn, and has been for many years, but I seem to be unable to stop myself from dreaming of the possibilities. Right now, it seems to me, they have a real opportunity to change, and to be bold in trying to set an agenda for the future. Nick Clegg’s deeply depressing speech to finish the Lib Dem conference should have shaken them up: it was nothing less than appalling, representing the worst kind of self-satisfied ‘career politics’, attempting to suggest that what we all need is ‘more of the same’. No. We don’t. We need something different. Can Labour provide it? I very much doubt it, but I can’t help myself thinking about what they could do to give me more hope – so here, in no particular order, are ten things I’d like to hear, and a few I’d very much like NOT to hear.

1: Civil liberties. The first crucial step would be an admission that Labour got it all wrong about civil liberties under Blair and Brown, that a new way will be forged, embracing civil liberties. Sadiq Khan has already made noises about civil liberties, accurately describing the way that the Lib Dems and Tories have failed dismally on civil liberties, from the Snoopers’ Charter to Secret Courts – but with John Reid, David Blunkett, Charles Clarke and Jack Straw still chuntering away on the sidelines and the memories of ID cards, 42 day detention and collaboration with the excesses of the US can anyone take Labour seriously? Civil liberties should be a Labour issue – but they need to acknowledge the extreme errors of the past if they have any chance to move on.

2: Re-nationalisation. Labour needs to stop being afraid of being portrayed as a party of the past when it comes to nationalisation. That doesn’t mean wholesale renationalisation – but an understanding that some things are better off in public ownership. There are two that stand out right now – the railways and the Royal Mail. An announcement of a policy to renationalise the railways would be both popular and appropriate – and a bold statement that the Royal Mail sell-off would be reversed could, as Owen Jones and others have suggested, undermine the current move and make the re-nationalisation possible in the future.

 3: Education. One of the biggest failures of Labour in opposition has been its failure to oppose Michael Gove’s appalling education policies. We’ve had feeble witterings from Stephen Twigg, abysmal ideas like military schools, and very little else. Education needs much more attention – and a really radical education programme should be possible, one that says boldly that the whole ‘free schools’ idea will be abolished. If it was up to me they’d go a lot further: moving towards the disappearance of state-funded faith schools, and the removal of charitable status of independent schools, but I realise that’s just pipe-dreaming.

4. Disability. For me, the worst part of this hideous coalition’s policies has been how they have treated disabled people. Labour needs to change this – and that means far more than just reversing the horrendous headline stuff, it means fighting actively against the demonisation of disabled people. It means looking at ways to promote disabled people within government too – a few shadow ministers who are actually disabled would be a very good start.

5. Reverse the bedroom tax – frankly, if they don’t do this, they don’t deserve to be elected. This should be a simple, direct and bold statement.

6. Taxes. Labour needs to be brave enough to talk about tax – at the very least there should be more open statements that the rich don’t pay enough tax! This should be accompanied by a proper attempt at putting together a wealth tax, one that really works. Similarly, to look more actively at corporation taxes – and not to engage in the race to the bottom with taxes that George Osborne has made his speciality. A genuine look at the ‘Robin Hood’ tax would also be very welcome.

7. Justice. A restoration of the funding of Legal aid should be the starting point – along with a bold statement about its importance. Labour is supposed to be the party of the ‘little people’: without proper access to justice, how can ordinary people – or rather people with ordinary levels of resources – fight for their corner. That is not to say that legal aid shouldn’t be reformed – it should, but it should be a reform that actually means reform, rather than destruction, and a reform that isn’t simply driven by a desire to drive down costs, rather to improve access to justice.

8. Health. Say straight out that the NHS creeping privatisation will be first blocked then reversed. A new approach to our health service may well be necessary – but driving it along the current path, one which Labour did a great deal to start – is a recipe for disaster. Labour shouldn’t be afraid to say so.  No more PFI.

9. Citizen’s income. The topic of ‘welfare’ or better ‘social security’ is another crucial area – and one upon which Labour should have been fighting far more and far more loudly over the last three years. The way in which the agenda has been shifted to the hideous straw man of ‘scroungers vs strivers’ is sickening: the way that Labour has not only failed to oppose this propaganda but has in many ways embraced it should be deeply shameful to the whole of the Labour Party. That agenda needs to be attacked, boldly and aggressively, right now. It may be too late – too much time has been wasted – but it still needs to be done. Embracing a more radical system such as the citizens income would be good – but the propaganda war needs to be fought too.

10. The internet. It’s my specialist area, but I do think it matters. Labour has got its digital policy horribly wrong in the past – it needs to break from that past. The repeal of the Digital Economy Act should be a first step, along with the promise not to bring back such hugely counterproductive measures as the Snoopers Charter, nor to fall in with the populist but nightmarish plans for default porn-filters. Above all, though, what I’d like from Labour here is a promise to talk to the people who understand the internet, not to the people who write tabloid headlines. A good set of policies for the internet would make the Labour Party more attractive to young people, be good for the economy for the future and for all kinds of other things.

A few things I DON’T want to hear

There are a lot of these – if I never hear the phrase “hard-working families” ever again I will be delighted, for example. Treat people as people, not just as economic units. A vast number of people in the UK work far too hard – in ways that damage their lives, their families and the whole community. That hideous phrase “difficult decisions” will doubtless be trotted out a few times. No, those decisions aren’t difficult for the people making them, they’re difficult for the people who suffer the consequences. I also don’t want to hear anyone say that they’re going to “listen to people’s concerns about immigration”, if that actually means they’re going to pander to the xenophobia spread by the likes of the Daily Mail and Daily Express. The portrayal of immigration as a major problem is another of those things that saddens me about the current political debate – but I fully expect to hear exactly what I don’t want to hear from Labour on this….

In all of this I expect to be disappointed. I’ll probably end up throwing a few things at my television as I watch the conference, and expect to find myself promising never to vote Labour again. I hope I don’t – and I’ll keep hoping – but it’s a hope that I realise is almost certainly forlorn.

Online privacy and identity – and Disney Princesses!

This afternoon I gave a presentation at Gikii, one of the most remarkable of conferences, where law meets technology meets science fiction and popular culture. It wasn’t exactly a serious presentation – the subject matter is Disney Princesses, after all – but there is a bit of a point to it to… I’ve put a video of the presentation below – as well as some notes to accompany it.

What does every princess need? A dress? A tiara? Glass slippers? A palace? A fairy Godmother? A handsome prince?

No. What every princess needs – what we all need – is autonomy. Every one of the Disney Princesses struggles to get the kind of life they want, pushed in ways they don’t want by powerful forces, by established norms, and by systems that seem designed to control them. How can they break free? How can they gain the autonomy they want? One key tool for all of them is to have more control over their privacy and their identity.

Snow White, the first of the Disney Princesses, had a vital need to protect her privacy. She was under surveillance by her stepmother, the Evil Queen. The Queen’s magic mirror was every bit as effective as PRISM in its ability to search out every face and perform a detailed analysis in order to determine who was the fairest of them all, and give the Queen all the details she needed to locate her and then track her down.

Cinderella had a different problem – her identity was stolen by her step-mother, who forced her to take up a false identity, under her stepmother’s control. This false identity had a huge impact on her autonomy, blocking her from finding what she wanted and needed. To solve her problems she had to create a new identity – using the magical assistance of her Fairy Godmother in order to get the life she deserves and wants.

Princess Aurora, the Sleeping Beauty, had problems with both privacy and identity. She needed privacy and had to live under a pseudonym, Briar Rose, to protect herself from the wrath of Maleficent, the bad fairy. It wasn’t until her sixteenth birthday that Maleficent finally caught her – but Maleficent only had all the forces of evil working for her: if she’d had the NSA she’d have caught Princess Aurora before she was out of swaddling clothes.

Belle – the heroine of Beauty and the Beast – is herself struggling with autonomy, wanting find something different from the ‘provincial life’ that she leads, but privacy and identity really come into play in relation to the Beast. Belle wants to protect the Beast’s privacy, but inadvertently lets the evil Gaston see the Beast. The Beast is profiled by Gaston, and given the full torches and pitchforks treatment. It’s not just evil witch-queens that we need to worry about surveillance from – sometime privacy invasions from those we love can end up damaging us.

Jasmine, the daughter of the Sultan in Aladdin, finds her autonomy severely curtailed. In order to try to escape the marriage the norms require of her, has to try to create a new identity for herself. The same, in a different way is true for Aladdin – he needs the false identity of Prince Ali to get into the position to let his real identity shine through. Note that like so many of those on the Dark Side, the evil Vizier Jafar uses surveillance as part of his machinations.

Ariel, the Little Mermaid, creates a new identity for herself (as a human) to get the kind of life she wants. She was always fascinated by humanity – magic allowed her to experience it. Online, the ability to create and use your online identity can give you some of that magic – while policies such as that of Facebook that demands real names and ‘real’ identities take away that magic.

The issues for Pocahontas were all about identity – but a different aspect of identity, the need to be able to assert your identity. Pocahontas needed to say ‘this is me’, that she wasn’t the savage that the English settlers thought she was based on their inaccurate profiling and prejudicial assumptions. Assertion of identity – and overcoming these kinds of presumptions, is crucial to online autonomy.

Mulan’s problems were also about identity, but from a very different perspective. She had to create a new identity – as a boy rather than a girl – in order to protect her father from disgrace, and she needed privacy in order to protect this identity and not have her ‘real’ identity revealed. There can be good reasons to allow pseudonymity – and to protect privacy. It’s worth noting that Mulan’s eventual identity combines elements of both the original the created identities.

Tiana, from the Princess and the Frog, had another identity problem. When she kissed her frog, it wasn’t the frog that became a prince but the ‘princess’ who became a frog. Just like Cinderella, she had a new identity thrust upon her, one that she didn’t like and didn’t want – and it took a great struggle and a good deal of magical assistance to find her way to becoming human again.

Rapunzel, the heroine of Tangled, had a different kind of privacy problem: she had a kind of privacy forced upon her when she was locked away in a tower. She needed to find a way to escape: it is important to understand that privacy is not just about hiding, but about having the ability to decide how and when information about yourself is made available and to whom.

Princess Leia – now a Disney Princess since Disney’s acquisition of the rights to Star Wars – has a desperate need for privacy and for the protection for her identity, though she herself is not even aware of it. She needs the kind of privacy that many children need – privacy from her parents, and in particular from her father, Darth Vader! The way that children need privacy from their parents – indeed, that they have a right to privacy from their parents – is often missed or misunderstood. Not all parents are benign, and even if they are, children often need privacy from them.

Last, but by no means least is Merida, the heroine of Brave. Merida’s whole story is about autonomy and identity – she wants to forge her own identity, one very different from the identity chosen for her by her mother. She wants to claim her own kind of life, one in which she has autonomy. Merida is able to do this partly through the use of magic, partly through sheer force of will, and partly, in the end, through changing the law…

But they’re only fictional princesses…

Yes, they are, and yes, to a great extent they’re clichéd, they’re sexist and so on – though given the dates that many of them were created (Snow White dates back to 1937) some of that can be overstated, but even so they still resonate with many people. They hint at things we all need – particularly those of us who don’t feel in control of our lives, which ultimately is most of us! We all need privacy, we all need control over our identity – sometimes to conceal it temporarily, sometimes to forge new identities. We may not face evil magicians, dragons or worse, but even so we do face challenges that privacy and protection and control over identity can help to solve.

The analogies between what the princesses face and the online world are fairly direct. The way in which many face surveillance. The ways in which they often need magical assistance to gain control over their identities is analogous to the way that the technology of the internet can allow people to create and control their online identities. The forces that oppose the princesses are analogous to the forces that face many of us online – authorities wanting to get information about us and control our activities, commercial forces wanting to make us follow a particular line in order to buy their products or use their services, friends, relations (or even enemies) wanting to know more about us and so forth. The risks are analogous too.

It’s worth noting that as shown above, there are privacy or identity issues with all of the Disney Princesses. Every single one. It’s also worth noting that not only do the films come from a great span of time, but the stories from which the films are taken come from all over the world, and from many different times. Mulan, for example, was inspired by what is believed to be a true story from as long ago as the 4th century AD. These are perennial issues, and perennial problems. The need for privacy and the protection of identity really is a tale as old as time.

Porn filters, politics and liberalism….

This afternoon the Lib Dems conference rejected a call for ‘default-on’ porn filters – an idea being pushed strongly by David Cameron – and rejected it decisively. A great deal has been written about this before – including by me (e.g. ’10 questions for David Cameron’ and the ‘porn-filter Venn diagram’) – so I won’t rehash the all of the old discussions, except to say that it seems to me that the decision to reject the plan is a victory for intelligence, understanding and liberalism. The plan would not do what it intended to do, it would produce deeply counterproductive censorship, and could both encourage complacency and discourage the crucial kind of engagement between parents and children that could really help in this area.

A revealing debate….

What does interest me, however, is the nature of the discussions that happened at the conference. The divide between those pushing the motion and those opposing it was very stark: it was primarily a divide of understanding, but it was also one of liberalism. The difference in understanding was the most direct: those in favour of the filters seemed to have very little comprehension of how the internet worked – or even how young people think and behave. In technical terms, their arguments were close to meaningless and the solutions they proposed were unworkable – while in terms of understanding the needs of young people, they seemed to be even further from the mark. The contributors on the other side, however, were remarkably good. I’m not a Lib Dem, but I couldn’t help but be very impressed by many of them. Three stood out: Julian Huppert, who is my MP and may well be the MP who understands the internet the best, Sarah Brown (@auntysarah on twitter, and councillor and noted LGBT activist), and Jezz Palmer (@LoyaulteMeLie on Twitter).

Jezz Palmer was particularly impressive, setting out exactly why this kind of thing would be disastrous for kids.

“Implementing these filters punishes children who are otherwise completely alone,” she said. “I know there are still kids growing up who feel how I did and there will be for generations to come. Don’t take away their only research, don’t leave them alone in the dark.”

Ultimately that’s the point. This kind of filter over-blocks – indeed, the blog post I first wrote on the subject a few months ago was itself blocked by a porn filter – and over-blocks precisely the sort of material that young people need to be able to find if they are to grow up in the kind of healthy and positive way that anyone with any sense of liberalism should promote. They need to explore, to learn, to find ways to understand – much more than they need to be controlled and nannied, or even ‘protected’.

The role of liberalism…

Is it a coincidence that those who understood the issues – both the technical issues and those concerning young people – were also those with the most liberal ideas about filtering and censorship? I don’t know, but I suspect that often there is a connection. The people that I know who work with the internet insofar as it relates to privacy and free expression come from a wide variety of political backgrounds – from the extremes of both right and left – but the one thing they tend to have in common is a sense of liberalism (with a very small ‘l’) in that they believe in individual freedom and individual rights. An understanding of or belief in the importance of autonomy, at a personal level, doesn’t fit neatly in the ‘left-right’ spectrum…

Whether the decision of the Lib Dem conference really matters has yet to be seen. The Lib Dem conference often makes fairly radical decisions – supporting the legalisation of cannabis is one of the more notable ones – but its leadership (and Nick Clegg in particular) doesn’t always follow them. They (and he) have, however, taken the advice of Julian Huppert seriously, particularly in the crucial decision not to back the Communications Data Bill (the Snoopers’ Charter). I hope they listen to Dr Huppert again, and come out as firmly against these filters as their conference has – because it could be a significant and positive move politically.

How will the other parties react?

The other parties will have been watching the debate – and both the Tories and the Labour Party are in many ways deeply untrustworthy where the internet is concerned, leaning in distinctly authoritarian directions in relation to surveillance, hard-line enforcement of copyright and the idea of censorship. I hope they noticed the key aspect of today’s debate: that the people who knew and understood the internet were all firmly against filters. I  suspect that fear of the likely headlines in the tabloids will stop them being as strongly against porn-filters as the Lib Dem conference has shown itself, but they might at least decide not to push so strongly in favour of those filters, and perhaps let the idea melt away like so many other unworkable political ideas. I hope so – but I will be watching the other conferences very closely to find out.

iPhones, fingerprints and privacy

The latest iPhone, the iPhone 5S, launched last night with the usual ceremony. Slick, clever, sexy technology at its best. One feature stood out from the rest: ‘Touch ID’. As the Apple website puts it:

“[Y]our iPhone reads your fingerprint and knows who you are.”

Sounds great, doesn’t it? Perhaps…. but to people who work in privacy, particularly people who have been paying attention to the revelations of Edward Snowden, it should be ringing a lot of alarm bells too. This is a big step, and associated with it are a lot of risks, not just with the technology itself, but more importantly with the implications of this kind of technology. This isn’t just a new generation of iPhone, it’s a new generation of risk. There’s a long way to go before we really understand these risks – but we need to start thinking now, right from the outset.

Keeping our fingerprint data secure?

Apple have said that the biometric information (presumably some kind of distillation or sampling of a print rather than an image of the print itself) is stored ‘securely’ on the phone itself rather than sent to Apple or even stored on the cloud. That is certainly much better than the other way around, which would raise enormous and immediate security and privacy issues, but in the light of the Snowden revelations, and in particular the PRISM programme in which Apple was implicated, these assurances can only be taken with a pretty huge pinch of salt. The possibilities of backdoors into this data, or of hacking of this data cannot be easily dismissed – and there are those within the hacker community that just love to crack iPhones. Some will be itching to get their hands on the new iPhone and see how quickly they can get this data out.

Apple have also said that they won’t give App developers access to this data – and they haven’t so far – but they didn’t add the crucial word ‘yet’. Once this system is in common use, won’t App developers be clamouring to use it? Apple themselves understand that this could lead to a whole new raft of possibilities. “Your fingerprint can also approve purchases from iTunes Store, the App Store and the iBooks Store, so you don’t have to enter your password” Would that be the end of it? Hardly. As I shall expand below, this kind of system helps ‘normalise’ the use of fingerprints as an authentication system – of course it has already begun to be normalised, but building it into the iPhone takes that normalisation to a new level.

Why would they want your fingerprints?

Fingerprints have been used as a way of identifying people for a very long time – since the 19th Century at least – and it is that ability to identify people that is the key to both the strengths and the weaknesses of the system. Ostensibly, the idea of ‘Touch ID’ is that it helps you, the user, to control who has access to your phone, by checking anyone who tries to use the phone against a list of authorised users – you and those you’ve said can use it. Others, however, can use your fingerprints for many other reasons – the well known use of fingerprints for crime detection is just part of it. When dealing with data, though, the key point about a fingerprint is that it links the data to you in the real world. If someone gets your iPhone but doesn’t know that it’s yours, and they then check your print on that phone’s database, they can be ‘sure’ it’s yours, no matter how much you deny it. That in itself raises privacy issues (and no doubt begins the ‘if you’ve got nothing to hide’ argument again) but also raises possibilities of misuse.

Linking with other data

Once they know that a phone is yours, the possibilities to link to other information are immense, and growing all the time. Think how much data you have on your smartphone. You use it for your email. You use it to make calls, to send texts, to social network, to tweet – – so all of your communications are opened up. You have your photos on it – so add in a little facial recognition and another vast number of connections are opened up. You keep your music on it – so you can be profiled in a detailed way in terms of preferences. You probably access your bank account, perhaps have travel tickets in your Passbook. You may well do work on your phone – keep notes or voice memos. The possibilities are endless – and the fingerprint can form an anchor point, linking all this information together and attaching it to the ‘real’ you.

That’s part of the rub. Many people have already said ‘but the government already have this data, haven’t you ever entered the US?’ Yes, the US government have a database of fingerprints of all those of us who’ve entered the US in recent years – but this creates a link between that government database and pretty much all the data there is out there about you. It’s true, the authorities may well have already made that link – but why make it easier, and almost as importantly why make it normal and acceptable for that link to be made?

Normalising fingerprinting

This, to me, is the most important issue of all. Even if Apple’s security system works, even if there is no ‘function creep’ into greater uses within the Apple system, even if the fears over the NSA and other intelligence agencies are overblown (and they might be), the ‘normalisation’ of using fingerprints as a standard method of authentication matters. In the UK there was a huge amount of resistance to the introduction of a compulsory, biometric ID card – resistance that ultimately defeated the bill intended to introduce the card, and that played at least a small part in the defeat of the Labour government in 2010. We don’t like the idea that the authorities can say ‘your papers please’ whenever they like, and demand that we prove who we are. It smacks of police states – and denies individual freedom. We shouldn’t need to ‘prove’ who we are unless that proof is absolutely necessary – and in the vast, vast majority of cases it isn’t.

And yet, with systems like this, we seem to be accepting something very similar without even thinking about it. The normalisation of fingerprinting is already happening – the border-check fingerprinting is just one part of it. In many UK schools, kids are required to give their fingerprints in order to get food from the canteen – essentially for convenience, so they don’t have to carry cash around – and there has been barely a murmur of complaint. Indeed, it may be too late to stop this normalisation – but we should at least be aware of what we’re sleepwalking into.

Each little step makes the idea of fingerprinting more acceptable – and brings on the next step. If Apple’s Touch ID is successful, we can pretty much guarantee that other smartphone developers will introduce their own systems, and the idea will become universal. The idea has been there for a few years already – on laptops and on other devices. As is often the case, Apple aren’t the first, but they may be the first to bring it full-scale to the mainstream.

Just because it’s cool…

As I’ve written before – most directly concerning Google Glass (see here) – there’s a strong tendency to develop and build technology ‘because it’s cool’, without fully thinking through the consequences. ‘Touch ID’ in some ways is very cool – but I do have the same feelings of concern as I have about Google Glass. Do we really know what we’re opening up here? I’ve outlined some of my immediate concerns here – but these are just part of the possibilities. As Bruce Schneier said:

“It’s bad civic hygiene to build technologies that could someday be used to facilitate a police state”

I’m concerned that what Apple are doing here is part of that bad civic hygiene.  I hope I’m wrong. I am a fan of Apple – I have been since the 80s, when I bought my first Mac. I wrote this blog on an Apple computer, and have had iPhones since the first generation. My instinct is to like Apple, and to trust them. PRISM shook that trust – and this fingerprinting system is shaking that trust even more.

The biggest point, however, is the normalisation one. It may well be that we’re beyond the point of no return, and fingerprinting and other biometrics are now part of the environment. I hope not – but at the very least we should be talking about the risks and taking appropriate precautions. It may also be that this is just a storm in a teacup, and that I’m being overly concerned about something that really doesn’t matter much. I hope so. Time will tell.

If privacy is dead, we need to resurrect it!

Back in 1999, Scott McNealy, then CEO of Sun Microsystems, told journalists that privacy was dead.

“You have zero privacy anyway,” he said, “Get over it.”

In internet terms, 1999 was a very long time ago. It was before Facebook even existed. Before the iPhone was even a glint in Steve Jobs’ eye. Google was barely a year old. And yet even then, serious people in the computer industry had already given up on privacy.

The reactions of many politicians around the world – and particularly in the US – to the revelations of the activities of the NSA, GCHQ and others has echoed this sentiment. Privacy was already dead, many of them seem to be assuming, the only problem here is transparency. ‘We should have told you what we were doing’ seems to be one of the most common lines, ‘and we’ll find a way to be more open about it in the future’. The big companies echo that line, wanting to be allowed to say more about when they’ve given over information, about how many requests for data there have been and so forth – rather than calling for anything stronger, rather than saying that they in any way resisted the authorities desire for surveillance. Indeed, the suspicion of many observers from outside the industry is that rather than resisting government agencies’ surveillance plans, some of these companies were actively cooperative or even complicit.

It’s not just about transparency

For me, that’s not enough. This shouldn’t be an issue of transparency – because it’s not just transparency over surveillance and privacy that matters, it’s the surveillance itself. At the Society of Legal Scholars conference in Edinburgh yesterday, I listened to Neil Richards talk about the dangers of surveillance (his written paper can be found here) and found myself in total agreement. Surveillance in itself is harmful to people, in a number of ways – it can chill action and even thought, it creates and exacerbates power imbalances, it allows for sorting and discrimination, and it can and often is misused for personal or inappropriate reasons.

There are benefits to surveillance too – and reasons that surveillance is sometimes necessary – but the kind of total and generally secret surveillance that seems to be being performed by both government agencies (and the NSA in particular) and corporations seems to be totally out of balance – and it seems to be based, to some degree, on the assumption that privacy is dead anyway. For many, the only question seems to be how they can convince people to ‘get over it’. That is not enough. Yes, privacy may be dead – but if it is, we need to resurrect it. It may take a miracle – but it still needs to be done.

Can privacy be resurrected?

In an excellent article in the Guardian, Bruce Schneier talks about the role of engineers in the process. As he puts it:

“By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical internet stewards.

This is not the internet the world needs, or the internet its creators envisioned. We need to take it back.

And by we, I mean the engineering community.”

Schneier knows what he is talking about – he is one of the real experts in the subject – and his piece is both compelling and surprisingly hopeful. Effectively he suggests – and I think he’s right – that there could be a way to re-engineer the internet, to take out the back doors, to rebuild the infrastructure of the internet so that surveillance is no longer the paradigm.

Schneier’s piece outlines what might be a technical route to the resurrection of privacy – but that resurrection needs more than just the technical possibility. It needs action from more than just the engineering community – it needs a political will, and that means that it needs action from a whole lot of us. It needs lawyers, advocates and academics to continue to challenge the legal justification for this kind of surveillance – the defeat last year of the Communications Data Bill (the UK’s ‘Snoopers’ Charter’) demonstrates that this kind of thing is possible. It needs journalists and bloggers to keep on writing about the subject – to make sure that surveillance and privacy isn’t just of passing interest, forgotten after a few weeks.

It needs ordinary people to keep taking an interest – because, ordinary people can and do make a difference. They make a difference to the companies who operate on the internet – Microsoft’s recent advertising campaign’s strap-line was ‘your privacy is out priority’, demonstrating that they at least thought that the idea of privacy could be a selling point, even if their complicity in the PRISM programme has made the words seem pretty hollow. Ordinary people matter to politicians, at least when election time comes around – and it’s worth noting that in the presidential debate in the German elections happening right now, the candidates were asked specifically about NSA surveillance. There IS public and political interest in this subject. The more there is, the more chance there is of action.

Ultimately, we need to challenge the very assumptions that underlie the surveillance. We need to challenge the idea that the threat of ‘International Terrorism’ is so great that almost anything that can be done to fight it should be done without question or fetter. That’s necessary for more than just privacy, of course, as a vast array of our civil liberties have been curtailed in the name of counter-terrorism – but it is still necessary.

Is it all doomed to failure?

It might be that privacy really is dead. It might be that resurrecting it is effectively impossible – and it will certainly be incredibly difficult. The strength of the security lobby, the power of those in whose interests the surveillance is carried out, from the commercial to the governmental, is more than intimidating. The whole thing may be doomed to failure – but even if it is, it’s a fight worth fighting. There’s a huge amount at stake. And miracles do happen.

A Defence of Responsible Tweeting…

I presented a paper at the Society of Legal Scholars conference in Edinburgh with the title ‘Twitter Defamation: A Defence of Responsible Tweeting”. I’ve put a little movie version of the slides of my presentation at the bottom of this blog post.

The primary idea behind the paper was to develop a little further an idea that I had soon after the Sally Bercow/Lord McAlpine business, and which I blogged about for The Justice Gap at the time. At a detailed level, the question I am asking is whether there should be a specific form of defence against defamation available for tweeters – a ‘defence of responsible tweeting’ – when tweeters have behaved ‘responsibly’ in terms that make sense for twitter, rather than for conventional journalism. As Alex Andreou asked in the New Statesman at the time, ‘Can every Twitter user be expected to fact check Newsnight?’

I think not – and in my paper (see the slides below) I set out a broad-brush, first draft idea of the kind of level of fact checking and verification that I think would be reasonable and suit the nature of Twitter, as well as how this might fit with the law. As I said, this is very much a work in progress…

More research is needed, and some of the ideas are still rudimentary – but the more I have looked into the subject the clearer it has seemed to me that our defamation law, even after the reforms in the Defamation Act 2013, has not taken on board the changes that have come about as a result of the development of the social media, and of Twitter in particular. It is still law based in the ‘old’ world, designed to deal with conventional journalism – and the reforms have been designed to shift the balance more in favour of freedom of expression also in the old sense, to help conventional journalists. The defences provided also seem to suit conventional journalists rather than bloggers – and in particular Tweeters.

I hope this can change – and that a way can be found to help Tweeters more – because, as well as outlining a legal defence of ‘responsible tweeting’, in the end my paper is intended as a ‘real’ defence of responsible tweeting. For me, tweeting is important, and makes a valuable contribution to freedom of expression – it does things that conventional journalism in particular fails to do. It is a two way process – and though people often seem to forget it, freedom of expression, as set out in the various human rights documents (and in particular the European Convention on Human Rights, which celebrated 60 years of existence yesterday) includes the right to both impart and receive information. Twitter, and other forms of social media, allow that two-way process in a way that has never been possible before. It is also a process that is available to ordinary people, not just professional journalists – and freedom of expression is a human right, not a journalists’ right.

This is not just a theoretical right – Twitter has a practical and real impact on freedom of speech. It’s pretty much impossible to list all the ways in which Twitter enables freedom of speech, but one particular set of ways relate to its interaction with conventional media. It allows people to comment on things in the conventional media, to correct for errors, to criticise and highlight bias or prejudices, to add value by adding links to more information. It can take programmes or stories that have small audiences and disseminate them to much, much wider audiences. It can spread stories from one part of the world to another – so we can see make comparisons and see things in perspective. It provides a voice for people who aren’t professional journalists, politicians or celebrities – people who find it very hard to have a voice through the conventional media.

All of this matters – and all of this is worth defending. Of course there are some hideous problems with Twitter, and some thoroughly irresponsible uses, from the horrendous threats and abuse we’ve seen recently, to hate speech, to rumour-mongering and defamation – but we shouldn’t forget the great benefits and throw the baby out with the bathwater. Responsible tweeting matters.

These are the slides – I hope that there will be a proper written paper in the reasonably near future.