Tag Archives: privacy

Why Banning Anonymous Comments is Bad for Postmedia and Bad for Society

Last night I discovered that my local newspaper – the Vancouver Sun – was going to require users log in with Facebook to comment. It turns out that this will be true of all Postmedia newspapers.

I’m stunned that a newspaper ownership would make such a move. Even more so that editors and journalists would support it. We should all be disappointed when the fourth estate is unable to recognize it is dis-empowering those who are most marginalized. Especially when there are better alternatives at ones disposal. (For those interested in this I also recommend reading Mathew Ingram’s post, Anonymity Has Value, In Comments and Elsewhere from over a year ago.)

So what’s wrong with forcing users to sign in via Facebook to comment?

First, you have to be pretty privileged to believe that forcing people to use their real names will improve comments. Yes, there are a lot of people who use anonymity to troll or say stupid things, but there are also many people who – for very legitimate reasons – don’t want to use their real name.

What supporters of banning anonymity are saying is not just that they oppose trolls (I do too!) but that, for the sake of “accountability” we must also know the name of recovering sexual abuse victim who wants to share their personal perspective on a story in the comments. Or that we (and thus also their boss) should get to know the name of an employee who wants to share information about illegal or unethical practices they have seen at their work in a comment. It also means that a comment you make, ten years hence, can be saved on a newspapers website, traced back to your Facebook account and so used by a prospective employer to decide if you should get a job.

What ending anonymity is really about is power. Now, those who can comment will (even more so) be disproportionately those who have the income and social security to know they can voice their concern in public, safely. So I’m confident that this move will reduce trolls – but it will also snuff out the voices of those who are most marginalized. And journalists clearly understand the power dynamics of our society and the important role anonymity plays in balancing them this is why they use anonymous sources to get scoops and dig up stories. So how newspapers as an institution, and journalists as a profession see narrowing the opportunity for those most marginalized to challenge power and authority in the comments section as being consistent with their mission, I cannot explain.

There are, of course, far better ways of handling comments. The CBC does a quite decent job of letting people vote up and down comments – this means I rarely see the worst trolls and many thoughtful comments rise to the top. The Globe does an adequate job at this as well. Mechanisms such as these are far less draconian the “outlawing” anonymity and preserve room for those most impacted or marginalized.

But let me go further. Journalists and editors often complain about the comments section as being wild. Well how often to they take even the tiniest bit of energy to engage their commentators? There are plenty of sites that allow anonymous comments with fantastic results – see flickr or reddit – but this is because those sites invested in creating norms and engaging their users. When has a journalist or commentator in this country ever decided to invest themselves in engaging their readers and commenters on a regular and ongoing basis in the comments section? While I’m sure there are important exceptions, by and large the answer is almost never. Indeed, I’m always stunned by the number of journalists and commentators I talk to who more or less hold much of their audience in contempt – seeing them as wild. No wonder the comment section has run amok – we can pretend otherwise but the commenters know you don’t respect them. If newspapers are not happy with their comment sections, they really have no one to blame but themselves. This is after all, the community they created, the norms they fostered, the result of investments that they made. Shluffing it all off to Facebook both runs counter to their mission but is also a shirking of responsibility (and business opportunity) of the highest order.

Of course, handing the problem to Facebook won’t solve it either. It was suggested, at last count, that over 80 million facebook accounts are fake. Expect that number to go up. But of course, the people who will be most happy to create that fake account are going to be the trolls who want to use it regularly, not the lone commentator who has an important perspective about a story but doesn’t want to tell the world who they are out of fear of social stigma or worse.

What’s worse, Postmedia has now essentially farmed its privacy policy out to Facebook. Presently that means that, in theory, you can’t be anonymous. But what will it mean in the future? Postmedia can’t tell you. They can’t even influence it.

For an organization managing discussions as sensitive as newspapers do – that is a pretty shocking stance to take. Who knows what future decisions about privacy Facebook is going to make. But here’s what I do know, I trusted the National Post a hell of a lot more to manage my comments and identity than I do Facebook because their missions are totally different. In the end, this could be bad not just for comments, but for Postmedia. Many people are already pretty uncomfortable with Facebook’s policies. I expect more will become so. Even if they don’t comment, I suspect readers will be drawn to sites that engage them more effectively – a newspapers that has outsourced its engagement to Facebook will probably lose out.

I get that Postmedia believes its job of managing comments will become easier because it has outsourced identity management to Facebook – but it has come at a real cost, one that I think is unacceptable for a newspaper. In the end, I think the quality of engagement and of discussion at Postmedia will suffer. That will be bad for it, but it will also be bad for society in general.

And that is sad news for all of us.

Added @ 9:27am PST. Note: Some Postmedia journalists want to make clear that this decision was a corporate one, not theirs.

Attack of the Drones – How Surveillance May Change our Culture

14 Replies

I’ve been following the rise of do it yourself (DIY) drones for a few years now, ever since Chris Anderson, the editor of Wired magazine, introduced me to the topic in a podcast. And yes, I’m talking about flying drones… Like those the US Air Force uses to monitor – and attack – enemy forces in Afghanistan. Except, in the case of DIY drones, they are smaller, cheaper, and are being built by a growing legion of hobbyists, companies and enthusiasts all around the world, many of whom are sharing open source UAV plans that can be downloaded off the internet.

You many not know it, but there could be drones in your neighborhood. And this has real implications.

Take, for example, a story that really grabbed my attention a few weeks ago. An animal rights group called SHARK chose to deploy a drone to monitor a live pigeon shoot taking place on private land. It turns out the mere presence of their drone caused the shoot to be cancelled. To begin with, that says a lot of drone’s effectiveness. But what was really interesting was how, in frustration, one or some of the shooters then hid and shot the drone out of the sky.

Think about this.

Here you have a group using what is essentially a mini-helicopter to monitor an activity taking place on what is private property. Then, in response, the other party fires live rounds at the drone and causes it to crash. And all of playing out near a US highway (not a major one, but still, a public road). This is a privacy, legal, and public safety nightmare. The policy and societal implications are significant.

And this is not an isolated use. As the Economist pointed out in its excellent write up on civilian drones in this week’s Quarterly Technology Review, drones are already being used by an environmental group to locate and track Japanese whalers. In the US several police forces already operate drones – including one in Texas which, frighteningly, has the capacity to launch grenades. George Clooney funds a non-profit that uses satellites to monitor Sudan in an effort to prevent atrocities through transparency. Can drones be far behind?

I share all this because, these days, people are often most frightened by the state’s growing interest to monitor what we do online. Here in Canada for example, the government has proposed a law that would require telecommunications firm have the ability to record, and save, everyone’s online activities. But technology to monitor people offline, in the physical world, is also evolving. More importantly, it is becoming available to ordinary citizens. This will have real impacts.

As my friend Luke C. pointed out the other day, it is entirely conceivable that, in 5-7 years, there could be drones that would follow your child as he walks to school. You can of course, already choose to monitor your child by giving them a cell phone and tracking the GPS device within it, but a drone would have several advantages. It would be harder for someone to destroy or “disconnect” from your child. It could also record and save remotely everything that is going on – in order to prevent anyone from harassing or bullying them. It might even remind them to look both ways before crossing the street, in case they forget. Or, because of its high vantage point, it could pick out and warn your child of cyclists and cars they failed to observe. Once your kid is safely at school the drone could whiz home and recharge in time to walk them home at the end of the day. This may all seem creepy to you, but if such a drone cost $100 dollars, how many parents do you think would feel like it was “the responsible thing to do.” I suspect a great deal. Even if it was only 5% of parents… that would be a lot of drones.

And of course there are thousands of other uses. Protestors might want a drone observing them, just so that any police brutality could be carefully recorded for later. Cautious adults may want one hovering over them, especially when going into an unfamiliar or unsafe neighborhoods. Or maybe you’ll want one for your elderly parents… just in case something happens to them? It’s be good to be able to pull them up on a live feed, from anywhere.

If you think back 20 years ago and told someone you were going to give them a device that would enable their government to locate them within a few feet at any given moment, they would likely have imagined some Orwellian future. But this is, functionally, what any smart phone can do. Looking forward 20 years, I ask myself: would my child feel monitored if he has a drone helping him get to school? Or maybe he will he feel unsafe without it? Or maybe it will feel like his Hogwart’s owl, a digital pet? Or maybe all of these outcomes? I’m not sure the answer is obvious.

My larger point is that the pressure to create the surveillance society isn’t going to come exclusively from the state. Indeed, we may find ourselves in a surveillance society not because the state demands it, but because we want the tools for our own useful and/or selfish ends. Some people may argue that this may level the playing field between citizens and the state or powerful organizations. I hope that is true. But maybe the mass adoption of such tools will simply normalize surveillance in our society and culture. That might, in turn, make it easier for the state, or other organizations, or just everyone else, to monitor us.

What I do know is that our government, our police forces, our neighborhoods are wholly unprepared for this. That’s okay, they have some time. But it is coming. At some point we will be living in a society where the technology will exist to enable anyone to deploy a drone that can observe anyone else in a public space, and maybe even in a private space. The challenges and complexities for policy makers are significant, and the implications for our communities, probably even more so. Either way it’s going to make many people’s lives a lot more complicated.

Note, I suspect there are typos in this, but it is 2 am and wordpress already deleted the first draft of this post killing a couple hours of work… so my capacity and patience is low. I hope you’ll forgive me a little.

The Surveillance State – No Warrant Required

9 Replies

Yesterday a number of police organizations came out in support of bill C-30 – the online surveillance bill proposed by Minister Vic Toews. You can read the Vancouver Police Department’s full press release here – I’m referencing theirs not because it is particularly good or bad, but simply because it is my home town.

For those short on time, the very last statement, at the bottom of the post, is by far the worst and is something every Canadian should know. The authors of these press releases would have been wise to read Michael Geist’s blog posts from yesterday before publishing. Geist’s analysis shows that, at best, the police are misinformed, at worst, they are misleading the public.

So let’s look at some of the details of the press release that are misleading:

Today I speak to you as the Deputy Chief of the VPD’s Investigation Division, but also as a member of the Canadian Association of Chiefs of Police, and I’m pleased to be joined by Tom Stamatakis, President of both the Vancouver Police Union and Canadian Police Association.

The Canadian Association of Chiefs of Police (CACP) is asking Canadians to consider the views of law enforcement as they debate what we refer to as “lawful access,” or Bill C-30 – “An Act to enact the Investigating and Preventing Criminal Electronic Communications Act and to amend the Criminal Code and other Acts.”

This Bill was introduced by government last week and it has generated much controversy. There is no doubt that the Bill is complex and the technology it refers to can be complex as well.
I would, however, like to try to provide some understanding of the Bill from a police perspective. We believe new legislation will:

assist police with the necessary tools to investigate crimes while balancing, if not strengthening, the privacy rights for Canadians through the addition of oversight not currently in place

So first bullet point, first problem. While it is true the bill brings in some new process, to say it strengthens privacy rights is misleading. It has become easier, not harder, to gain access to people’s personal data. Before, when the police requested personal information from internet service providers (ISPs) the ISPs could say no. Now, we don’t even have that. Worse, the bill apparently puts a gag on order on these warrantless demands, so you can’t even find out if a government agency has requested information about you.

help law enforcement investigate and apprehend those who are involved in criminal activity while using new technologies to avoid apprehension due to outdated laws and technology

allow for timely and consistent access to basic information to assist in investigations of criminal activity and other police duties in serving the public (i.e. suicide prevention, notifying next of kin, etc.)

This, sadly, is a misleading statement. As Michael Geist notes in his blog post today “The mandatory disclosure of subscriber information without a warrant has been the hot button issue in Bill C-30, yet it too is subject to unknown regulations. These regulations include the time or deadline for providing the subscriber information (Bill C-30 does not set a time limit)…”

In other words, for the police to say the bill will get timely access to basic information – particularly timely enough to prevent a suicide, which would have to be virtually real time access – is flat out wrong. The bill makes no such promise.

Moreover, this underlying justification is itself fairly ridiculous while the opportunities for abuse are not trivial. It is interesting that none of the examples have anything to do with preventing crime. Suicides are tragic, but do not pose a risk to society. And speedily notifying next of kin is hardly such an urgent issue that it justifies warrantless access to Canadians private information. These examples speak volumes about the strength of their case.

Finally, it is worth noting that while the Police (and the Minister) refer to this as “basic” information, the judiciary disagrees. Earlier this month the Saskatchewan Court of Appeal concluded in R v Trapp, 2011 SKCA 143 that an individual has a reasonable expectation of privacy in the IP address assigned to him or her by an internet service provider, a point which appeared not to have been considered previously by an appellate court in Canada

The global internet, cellular phones and social media have all been widely adopted and enjoyed by Canadians, young and old. Many of us have been affected by computer viruses, spam and increasingly, bank or credit card fraud.

This is just ridiculous and is designed to do nothing more than play on Canadians fears. I mean spam? Really? Google Mail has virtually eliminated spam for its users. No government surveillance infrastructure was required. Moreover, it is very, very hard to see how the surveillance bill will help with any of the problems cited about – viruses, spam or bank fraud.

Okay skipping ahead (again you can read the full press release here)

2. Secondly, the matter of basic subscriber information is particularly sensitive.

The information which companies would be compelled to release would be: name, address, phone number, email address, internet protocol address, and the name of the service provider to police who are in the lawful execution of their duties.

Actually to claim that these are going to police who are in the lawful execution of their duties is also misleading. This data would be made available to police who, at best, believe they are in the lawful execution of their duties. This is precisely why we have warrants so that an independent judiciary can assess whether or not the police are actually engaged in the lawful execution of their duties. Strip away that check and there will be abuses. Indeed, the Sun Newspaper phone hacking scandal in the UK serves as a perfect example of the type of abuse that is possible. In this case police officers were able to access “under extraordinary circumstances” without a warrant or oversight, the names and phone numbers of people whose phones they wanted to, or had already, hacked.

While this information is important to police in all types of investigations, it can be critical in cases where it is urgent that police locate a caller or originator of information that reasonably causes the police to suspect that someone’s safety is at risk.

Without this information the police may not be able to quickly locate and help the person who was in trouble or being victimized.

An example would be a message over the internet indicating someone was contemplating suicide where all we had was an email address.

Again, see above. The bill does not stipulate any timelines around sharing this data. This statement is designed to lead readers to believe readers that the bill will grant necessary and instant access so that a situation could be defused in the moment. The bill does nothing of the sort.

Currently, there is no audited process for law enforcement to gain access to basic subscriber information. In some cases, internet service providers (ISPs) provide the information to police voluntarily — others will not, or often there are lengthy delays. The problem is that there is no consistency in providing this information to police nationally.

This, thankfully is a sensible statement.

3. Lastly, and one of the most important things to remember, this bill does NOT allow the police to monitor emails, phone calls or internet surfing at will without a warrant, as has been implied or explicitly stated.

There is no doubt that those who are against the legislation want you to believe that it does. I have read the Bill and I cannot find that anywhere in it. There are no changes in this area from the current legislation.

This is the worst part of the press release as it is definitely not true. See Michael Geist’s – the Ottawa professor most on top of this story – blog post from yesterday, which was written before this press release went out. According to Geist, there is a provision in the law that “…opens the door to police approaching ISPs and asking them to retain data on specified subscribers or to turn over any subscriber information – including emails or web surfing activities – without a warrant. ISPs can refuse, but this provision is designed to remove any legal concerns the ISP might have in doing so, since it grants full criminal and civil immunity for the disclosures.” In other words the Police can conduct warantless surveillance. It just requires the permission of the ISPs. This flat out contradicts the press release.

I Stand for My Rights & Privacy: The Coming Online Police State

6 Replies

“He can either stand with us or with the child pornographers.”

This was Mr. Toews’s, the Minister of Justice, counterattack to a question in the house regarding concerns of letting the police monitor citizens internet use without a warrant.

Apparently this is our choice: a big brother state or child pornography.

This is, of course, ridiculous. Not to mention frightening. But this is the world Canadians will be entering in a few short weeks once the new Conservative Crime bill passes. The provisions that require a warrant, are interesting: the bill forces internet service providers to record and make available, to both police and governments, their customers internet activity such as the websites they visit. Citizen, understand, this now means that Bell, Rogers or anyone else that provides you with internet on your phone or at your home will now be recording every website you visit. Disturbed about that invasion of privacy? It gets worse.

Most disconcerting is that police would be allowed to obtain your email address, your IP addresses (which often identifies you on the Internet – your home, for example, likely has an IP address), or your mobile phone number and other information without a warrant. They just have to demand it. Suddenly a lot of what you can do online can be monitored by the police – again, without a warrant.

It isn’t just opposition members who are concerned. The Federal Privacy Commissioner and provincial counterparts are deeply concerned. They understand what this means. As Jennifer Stoddart, the federal Privacy Commissioner wrote to Minister Toews:

I am also concerned about the adoption of lower thresholds for obtaining personal information from commercial enterprises. The new powers envisaged are not limited to specific, serious offences or urgent or exceptional situations. In the case of access to subscriber data, there is not even a requirement for the commission of a crime to justify access to personal information – real names, home address, unlisted numbers, email addresses, IP addresses and much more – without a warrant.

In a few short weeks, this will be our reality: we will live in a country where the government can gain access to information that enables them to monitor its citizens online without a warrant. Obviously, the opportunities for abuse are astounding. If you are a ~~radical element~~ non-profit advocacy group that disagrees with the government, you’re probably doubly concerned. Of course, if you are an regular citizen I hope you haven’t written any anonymous comments in opposition to the Gateway Pipelines, since this legislation, combined with the government’s new focus on eco-terrorists (they are as much a threat as neo-nazi groups apparently) could make you a “vulnerable individual” and so an obvious target for security forces.

Of course the real irony of all this is that while the government seeks to increase its powers to monitor Canadians online it has used the opposite argument – the fear of government intrusion into citizens lives – to end the long gun registry. Not 6 days ago, Conservative Larry Miller (Bruce–Grey–Owen Sound) expressed his concern about how the gun registry would help foster a police state:

[…] Before I discuss the bill I would like to review how we arrived at where we are today. I would like to share with the House a quote from former Liberal justice minister Allan Rock: “I came to Ottawa last year, with a firm belief that the only people in Canada who should have firearms are police officers and the military.”

Does that sound familiar? Adolf Hitler, 1939.

You know what really reminds me of Adolf Hitler, 1939? A government that seeks to monitor the actions of all its citizens. That ask companies to record their activities in their homes and their places of work and that gives the police the right to access their personal information without a warrant. As a father I agree we need to fight child pornography, but I’m not willing to sign away my – or my children’s – civil rights and online privacy. I suspect most Canadians, as they learn more about this bill, will feel the same way. They don’t want any government, Conservative, Liberal or NDP, recording what they do, or accessing information about them without a warrant from an independent judiciary.

Why the Internet Will Shape Social Values (and not the other way around)

The biggest problem in predicting the future isn’t envisaging what technologies will emerge – it is forecasting how individuals and communities will respond to these technologies. In other words I often find people treat technology as a variable, but social values as a constant. Consequently, as they peer into tomorrow, technology is examined only in terms of how it will change (and make easier) tasks – and not on how it will cause social values and relationships to shift. By treating social values as a constant we assume that technology will conform to today’s values. In truth, it is often the reverse that is the case – social values change and come to reflect the technology we use.

For example, I find people ask me if I’m nervous about blogging since, 20 years hence, someone may dig up a post and use to demonstrate how my thinking or values were flawed. Conversely, a friend suggested that social networks will eventually “auto-delete” photos so that any embarrassing pictures that might have ended up online will not be searchable. (Let’s put aside the fact that a truly embarrassing picture will likely get copied to several places.) In short, these friends cannot imagine a future where your past is accessible and visible to a wider group of people. In their view an archived personal history is anathema as it violates some basic expectations of anonymity (not to be confused with privacy) they are accustomed to. In their minds our mistakes, misadventures or even poor fashion choices need to be forgotten (or hidden in the vast grayness of history) in order for us to be successful. If not, we will somehow become social pariahs or certain doors may forever be closed to us.

To put it another way, it presumes that our future employers, social circles and even society in general will punish people who’ve ever had a thought others disagree with or will refuse to hire someone who’s ever had a embarrassing photo of themselves posted to the internet.

Really? If this is the case then the jobs of tomorrow are going to be filled by either the most conservative and/or timid people or (more troubling, but less surprising) by those best able to cover their tracks. I’m not sure either of these traits are what I’m want in a prospective employee. Should I hire someone who is afraid to publicly share independent thoughts? Do I want to work with someone too risk-averse to push a boundary or have fun? Or worse, should I contract someone who is highly adept at covering up their mistakes? If the jobs of the future are going to require creativity, originality and integrity why would I hire for the opposite traits?

Perhaps those whose lives are more visible online will be discriminated against. But it is also possible the inverse could be true. Those who have no online history have no discernible, verifiable track record, no narrative about how their values and thinking has evolved over time. While such a history will be filled with flaws and mistakes, it will at least be open and visible, whereas those who have lived offline will have a history that is opaque and verifiable only by their own handpicked references.

If anything, I suspect the internet is going to create a society that is more honest and forgiving. We will be returning to a world of thin anonymity – a world where it is difficult to escape from the choices you’ve made in the past. But the result won’t be a world where fewer people take risks, it will be a world that recognizes those risks were necessary and expected.

What would such a world look like? Well naturally it is going to be hard to imagine, because it is a world that would likely make you deeply uncomfortable (think of how hard it would have been 25 years ago to imagine a large swath of the population being comfortable with online dating). But there are perhaps microcosm we can look at. While dysfunctional in many ways the culture of Silicon Valley – in how it treats failure – may be a good example. While I’ve not lived in the valley, everything I’ve read about it suggests that it is hard to be taken seriously unless you’ve taken risks and have failed – it demonstrates your willingness to try and learn. It is a community where it is easy to look into everyone else’s past – either by searching online or simply asking around. In this regard Silicon Valley is deeply honest – people own their successes and their failures – and it is a place that, in regards to business, is forgiving. Compared to many places on the planet, past failures (depending of course on the nature of depth of the error) are forgivable and even seen as a necessary right of passage.

All this isn’t to say that we should be limiting people’s ability for anonymity or privacy online. If someone wants their photos auto-deleted after 5 years, please let them do it. But let us at least always preserve choice – let us not architect our technology to solely conform to today’s social norms as we may discover we will be willing to make different choices in a few years.

eaves.ca

if writing is a muscle, this is my gym