Information Ethics Roundtable 2015
University of Wisconsin Madison
April 9th & 10th
Theme: Transparency and Secrecy
Information and the CFP here…
Information Ethics Roundtable 2015
University of Wisconsin Madison
April 9th & 10th
Theme: Transparency and Secrecy
Information and the CFP here…
Some people from Radical Reference have put together a zine with anti-surveillance resources for the discerning library worker-slash-activist. (Full title: We Are All Suspects: A Guide for People Navigating the Expanded Powers of Surveillance in the 21st Century.) As I wrote on that site, the zine includes “know your rights” info; suggestions for applications, browser plug-ins, and other tech tools for online privacy; and, of course, a reading list!
Download it from the Rad Ref page, where there’s also contact information if you want to get involved in similar privacy education projects.
Chitra Ganesh and Mariam Ghani are artists, archivists, and activists. Both have been involved in immigration rights activism, especially after 9/11, and they created the shifting exhibition Index of the Disappeared, now in its 10th year, to address the insidious surveillance, false narratives, and criminalization of dissent perpetrated by the U.S. government.
I saw the “Secrets Told” version of the archive at New York University last month. During a tour of the exhibit, Ghani spoke about her and Ganesh’s idea of “exploding the archive” and putting the fragments elsewhere. The information they’ve collected is all in the public domain, but what their project does is make the connections of disparate data more visible.
(If you want to read more, a previous incarnation of Ganesh and Ghani’s work was the subject of the essay Warming up Records: Archives, Memory, Power and Index of the Disappeared. As Alice Royer puts it, “Their project makes visible that which has been rendered invisible, re-politicizes that which has been deemed natural, and names the government as the perpetrator.” [Emphasis in original.])
The Q&A at the “Secrets Told” tour brought up the question of the line between the activist and the archivist, which is something Ganesh and Ghani want us all to grapple with. Today is the start of the two-day Radical Archives conference at NYU. The hashtag is #radarcs—follow along!
NSA Data Center — Bluffdale, Utah
In a recent post to this blog, I outlined how the debate regarding the National Security Administration’s data gathering activities pitted privacy against national security and sought to “balance” the two competing values. I suggested that framing the debate in these terms misses the more important concern that the NSA’s data gathering activities are a significant threat to democracy. In what follows, I will explain my concerns.
Although most reporters suggested that Edward Snowden was primarily concerned about the invasion of privacy when he revealed the NSA’s data gathering activities, Snowden himself made it clear that his primary concern was for democracy itself. In an interview about the reasons for his actions, Snowden worried that through his work for the NSA, he was “extend[ing] the capabilities of … [an] architecture of oppression” and that the government unilaterally was “grant[ing] itself powers to create greater control over American society and global society.” Snowden was calling on us to see the dangers of the NSA’s surveillance programs more broadly. These programs do not simply pose harms to individuals, they have the potential to transform the character of all political life in the country.
But what is this “architecture of oppression” that Snowden mentions, and how will it “create greater control over American society?” The answers lie in understanding the significance of collecting and accessing Big Data which is really the core of the NSA surveillance activities.
Far from merely poking into the privacy of individuals, Big Data potentially provides its owners with the ability to modify the behavior of individuals and entire demographic groups. The most obvious example of this is the data collected by internet companies like facebook and Google. By collecting information about a person via their voluntarily constructed on line profile or through recording their search behavior, facebook, Google, and other such companies are able to craft advertising messages that are increasingly able to direct our behavior on and off line. To be sure, the algorithms used to customize advertising and search results are not perfect, but one need not succeed in every instance to increase the odds that members of a market segment will be persuaded to make a purchase or view a website. Such is Big Data’s role in commerce – a role that is not especially worrying.
We should be concerned more, however, with the political use of Big Data. In the past, political strategists employed data collected by Boards of Elections. One’s voter registration record usually contained one’s name, address, date of birth, political party affiliation (if any), and the elections in which one voted. From this, campaigns tried to identify likely and unlikely voters as well as sympathetic and unsympathetic voters. Door-to-door campaigns could then be run more effectively. Furthermore, the campaign message could be tailored to specific groups to maximize voter turnout in favor of the candidate and suppress turnout for the opposing candidates.
Now, with the availability of Big Data, a campaign can understand the voting population much better. This data often is available freely on government websites, e.g., the US Census Bureau and the Federal Election Commission. These sites can inform a campaign about the socio-economic status of a precinct, the breakdown of renters versus home owners, an individual voter’s history of campaign contributions, and much more. Conceivably, other Big Data repositories could be made available from the private sector. Knowing which voters purchased SUVs, have health insurance, shop at discount stores, take advantage of “back to school” sales, subscribe to specific magazines, purchased home security systems, or visit certain websites can help identify individuals with specific interests that then could be exploited by the campaign. The candidate who has the most extensive access to these data sources and can hire the data analysts capable of mining the data will have an enormous advantage over candidates who do not.
This style of campaigning is not merely a prospect for the future. During the 2012 presidential campaign, the Obama reelection committee employed Big Data (or at very least a lot of data and very sophisticated data analysis) to contact voters with messages that brought them to the polls in numbers far greater than anyone expected. According to Jonathan Alter the analyses were sophisticated enough to tell the campaign “why placing ads on reruns of The Andy Griffith Show made sense on some cable systems but not on others.” Furthermore, data was collected to test campaign messages and to measure the persuasiveness of particular door-to-door volunteers. The data analysis used by the Obama campaign, however, mostly focused on creating a nation-wide database that linked likely voters, volunteers, and donors in order to make donors of volunteers and volunteers of donors. So in this sense, it was not as sophisticated as it could have been. Still, it was really only the first concerted attempt to run a Big Data campaign. It often has been credited for winning the election, and so it likely will become the model for future political campaigns that will make greater and greater use of data analysis. (For an illuminating account of the Obama campaign’s use of data in 2012, see Jonathan Alter’s recent book The Center Holds.)
But where is the danger to democracy in this? After all, it is still the voters who are deciding the outcomes. Well, the danger arises long before the voters have anything to say about the election.
As campaign data analysis becomes more sophisticated, voters will only be presented with candidates who have access to the largest data sets about the voting population and who have the resources to analyze these sets. All others will be screened out of the electoral process long before any serious campaigning begins. For a campaign to be successful, it will need to have supporters who own important data sets and can provide the technical expertise to exploit them. Such friends cannot come from the working or underprivileged classes. Obama’s digital campaign had a budget of over $25 million dollars and costs for future campaigns surely will be higher. Consequently, the only entities capable of amassing the financial and digital resources will be extremely rich individuals, major corporations, internet companies, and broad industry groups. The ability to affect an election will not be based on the democratic principle of one person – one vote. It will be proportional to the donor’s wealth. Even more so than today, these groups will have effective veto power over who will be a “viable” candidate for state and federal office. If the Supreme Court’s decision in Citizens United advanced the cause of plutocracy, then the private ownership of Big Data and its use in elections will ensure that plutocrats will be unchallenged in perpetuity.
George Orwell’s 1984 warned that video surveillance might ensure that a political party would one day establish unassailable control over a society. He wrote, “If you want a picture of the future, imagine a boot stamping on a human face – forever. There is no way the Party can be overthrown. The rule of the Party is forever. Make that the starting point of your thoughts.” Today’s surveillance technology is not just Orwell’s simple video cameras. It is also the ubiquitous data and metadata harvesting by public and private entities. The NSA is merely one institution that is amassing this data, though it is doing so on an unimaginable scale and with an enormous budget. It currently is constructing a data center in Bluffdale, Utah, containing four 25,000-square-foot halls, filled with servers that will be able to handle yottabytes of information. (A yottabyte is equally to approximately 500 quintillion or 500 x 1018 pages of text.) Meanwhile, the NSA has only the slightest democratic oversight and ominously, it is working in support of a bloated National Security State that defends a plutocratic government. One might be tempted to call it an “architecture of oppression.”
I suspect (hope) that Orwell’s image of the future as a boot stamping on a human face is too extreme, at least for US domestic politics. More likely, if you want a picture of the future, it will not be much different from the present, but it will be less corrigible. We will see a wide disparity of wealth with a large, struggling underclass that is alienated from the benefits of economic progress. These condidtions will be guaranteed by governments that first of all serve the owners and managers of society. The pretense of democracy will survive only in the carefully manipulated elections contested by competing elements within the ruling class, and one of their most important tools for social control will be Big Data.
The recent revelations that the National Security Administration has been collecting metadata for the phone calls of American citizens and that they have been acquiring data from Google, Yahoo!, facebook, and other internet companies comes as no big surprise to many. Sen. Frank Church’s investigation in the 1970s into government surveillance revealed a long history of surveillance. The Foreign Intelligence Surveillance Act of 1978, its subsequent amendments, and the PATRIOT Act left enough clues to create a disturbing picture of what the government might be doing. Furthermore, there have been plenty of past news reports providing evidence of surveillance; but with the revelations from Edward Snowden, any room for willful ignorance is now over. The surveillance programs are out in the open and have sparked a media debate. Even Congress took up the issue.
According to news reports, the debate is about “balancing” national security against privacy. Numerous news sources and blogs have published (verbatim) the sentence, “The revelations have reopened the post-Sept. 11 debate about individual privacy concerns versus heightened measures to protect against terrorist attacks.” Obama put the question this way: “How are we striking this balance between the need to keep the American people safe and our concerns about privacy?” House Minority Leader Nancy Pelosi put it most succinctly, “We have to have a balance between security and privacy.” Even critics of the surveillance policies have adopted this framework. American Library Association President Barbara Stripling writes, “We need to restore the balance between individual rights and terrorism prevention.”
The problem with framing of the debate in this way is that it tends to overestimate the benefits and underestimate the harms. Worse yet, the most important harms are overlooked entirely. Our attention is directed to benefits that accrue to the whole of society (national security) and to harms posed only to individuals (the invasion of privacy). We are led to think that the NSA surveillance programs protect us from terrorism, while the only down side is that certain individual’s rights to privacy might be underweighted in the “balance.” Framing the debate this way seems to ask: should the government be prevented from setting up an anti-terrorist database on the grounds that some security analyst might – as a side effect – discover that someone is secretly visiting internet porn sites or dialing 1-900-SEX-CHAT? Framed in this way, personal privacy amounts to a dispensable luxury, particularly when Obama assures us that the surveillance programs pose only “modest encroachments on privacy,” and that “nobody is listening to your phone calls” – they’re just collecting metadata.
Of course, embarrassing publicity can have important political consequences, particularly as it might be used against politicians, but the public is likely to conclude that a sexting politician is too stupid to deserve much sympathy. Beyond damaging particular high-profile political careers, there are more serious concerns. FBI agents might be led to discover who is organizing climate change rallies or Tea Party meetings and then obstruct these movements by causing trouble for perfectly law-abiding citizens. But even in these cases, the public is likely to conclude that targeting peaceful political groups will be limited by the FISA court and that covert interference with fringe political movements will be a criminal aberration made rare by the integrity of intelligence agents and the threat of prosecution. So much for privacy concerns.
In contrast to this, we are asked to consider national security, specifically, “terrorism.” The Director of the National Security Administration, Gen. Keith Alexander, tells us that the controversial surveillance programs “help[ed] prevent” fifty-four “potential terrorist events” – whatever that means. The terrorism threat, however, has been enlarged well out of proportion. The number of Americans killed or harmed by terrorists pales in comparison with the number harmed by the most routine dangers we face every day. Moreover, the harms that might come from “terrorist events” are largely speculative and vague enough that a scenario can be concocted that is so grim as to put any civil libertarian on the defensive. Think of Condoleezza Rice’s remark, “We don’t want the smoking gun to be a mushroom cloud.” Even our ostensibly liberal president assures us that these programs “help us prevent terrorist attacks.” It is no wonder that many Americans are unconcerned about (even welcome) these surveillance programs.
What is seldom mentioned is that these massive surveillance programs do not just pose a threat to individual privacy. They pose a profound threat to democracy. When the threat to democracy is mentioned, it tends to be a rhetorical addendum. For example, Barbara Stripling writes, “the surveillance law erodes our basic First Amendment rights, all while undermining the very fabric of our democracy.” Stripling deserves great praise for her remarks on this issue, but we are left to figure out for ourselves how the fabric of democracy is undermined. I will explore this danger in a future post to this blog.
Journalism students at the University of Missouri have published a very important report on book censorship in Missouri. It makes for chilling, but necessary reading. Take a look here.
We have often pointed out here that privacy in Facebook is not primarily a matter of controlling what you share with your friends, as Facebook likes to say it is, but what data Facebook has about you that it can sell or otherwise make available to its business partners.
Here is a great link that was just sent my way, to an inventory of all of that data, Facebook’s Data Pool. It is possible to gather this information in Europe, because in the EU they have a wonderful law that requires companies to disclose to citizens what information they have about them.
There is not too much that is surprising in what they have found by doing this, but it is interesting to see the way the data is organized and how it looks from the Facebook side.
Serious case of law envy here.
MiT7 was a great conference – intimate, warm, stimulating, interdisciplinary, and cutting-edge. There were some brilliant minds at work. I plan to post a few comments on the conference later. For now, here are links to podcasts from the three topical plenary sessions:
Media in Transition 7 (MiT 7), a small conference at MIT, is starting Friday and running ’till Sunday. I will be there; if you will be there too please say hello.
Anyone wanting to follow the Twitter hash tag can look for #mit7.
Here is a scary if unsurprising bit of news: a report in PC world on a recent study by Christopher Soghoian: “US Police Increasingly Peeping at E-mail, Instant Messages.” Soghoian’s paper is linked in the article, which begins:
Law enforcement organizations are making tens of thousands of requests for private electronic information from companies such as Sprint, Facebook and AOL, but few detailed statistics are available, according to a privacy researcher.
Police and other agencies have “enthusiastically embraced” asking for e-mail, instant messages and mobile-phone location data, but there’s no U.S. federal law that requires the reporting of requests for stored communications data, wrote Christopher Soghoian, a doctoral candidate at the School of Informatics and Computing at Indiana University, in a newly published paper.
“Unfortunately, there are no reporting requirements for the modern surveillance methods that make up the majority of law enforcement requests to service providers and telephone companies,” Soghoian wrote. “As such, this surveillance largely occurs off the books, with no way for Congress or the general public to know the true scale of such activities.”
No comment about this or predictions about where the case may be headed or whether there will be broader implications for privacy down the road, except to say to anyone out there who uses an email account set up by a public university: Best to keep as much as possible on your own private email accounts.
I blog about tech stuff only very rarely, but this is something I really want to share. If you’re at all concerned about online privacy, you will want to know about the Network Advertising Initiative’s “Behavioral Advertising Opt Out Tool.” Go to it, and it will show you which advertising networks have installed tracking cookies on your computer. You can check the boxes and click through at the bottom to instruct all of those networks to opt you out of their spying, which they are legally obligated to do. Now, it is also possible to block specific sites from setting cookies on your computer using complicated settings in your browser, but this tool is easier, and lets you opt out of networks that have not found you yet.
To say something general, I would say that it is a good thing that so far we have been able to get national policies set up that allow us to opt out of privacy-compromising systems, and we have to keep doing that, but our right to opt out is meaningless unless we are actually able to figure out how to do the opting-out process, and then go and do it.
Personally, I find it hard to take seriously the claim of some that they “want to see more relevant advertising served up on [their] browsers [or wherever else].” Advertisers never know us as well as they think they do, and when they do hit close to home, it’s just spooky. I am not comfortable when the opaque networked computer that is everywhere with the soft synthetic voice knows what I had for breakfast. There is too much of a potential for power without accountability when we lose our privacy in that way.
There are other useful tech tools for privacy that readers might tell us about in the comments. This is one I like because it is so quick and easy and doesn’t require me to go through ten proxy servers, etc. Some readers may also be able to provide information about the limitations of this tool.
(Be sure to read the comments below if this interests you – Commenters have some important things to add here.)
I just bought a Motorola Droid, which is Verizon’s Android-based smart phone, Android being Google’s OS for mobile devices. Its integration with Google gives me a lot of “power” to integrate my online tools with my mobile device, which is very satisfying. I experience it as empowering, and my attention is focused on learning what it can do and then on using it. My attention is not focused on Google itself and what its growing ubiquity may mean.
I am paranoid by nature, but I don’t have a vision of what Google’s growing power is going to mean decades from now. I know, however, that power corrupts. So I think I should be more scared than I am about the fact that:
As I said, I don’t have a vision of the shape that all of this power will take. But it unquestionably adds up to power. Technologically, there is an economy to data integration that lends itself to Google growing larger and making competition more difficult. It is not like a dot com that can disappear when the fickle public notices a different one, because its strength lies in its huge database of user information. It is not so easy to migrate away from Google at this point.
Something to notice when Facebook, Myspace, and other social networking sites address concerns about privacy is the way they focus on users’ ability to control other users’ access to their information, but neglect to mention their own use of that information. When they enable users to set up different levels of access to parts of profiles and sets of photos for different groups of friends, categories of users, and the like, this is supposed to mean that they are progressive in terms of privacy issues, and that we should view them as our friends and see them as concerned about our interest in privacy.
It reminds me of something I overheard when I was temping at a software company in the Silicon Valley during library school. I was in the marketing department of a major software company that had just started adding a web services component to their main product. One of their tasks as marketing people was to make their customers feel secure about the privacy of their data (financial data). The inside joke was, “Oh, don’t worry! We will keep your private data safe; we won’t share it with anyone!” The joke being that they had a lot of uses for it themselves, but didn’t exactly want to highlight it. They laughed about this.
So if Facebook eventually allows users to set up concentric circles of friends with different privacy settings for each circle, remember that Facebook (meaning Facebook employees and perhaps key investors) is everyone’s most intimate confidante, and is open about “monetizing” user’s information, but not about how they go about doing it. (We don’t get to know any of its secrets – it’s not a reciprocal “friendship.”)
I would say that it’s worth pointing out this smoke-and-mirrors game whenever there is new PR from social networking companies about their privacy features….