Wednesday, January 22, 2020

Snowden book

I read Edward Snowden's book, Permanent Record, over the Christmas break. It's an accessible, engaging account of how he got to where he is.

His early education was shaped by the anarchic, liberal, open, collegiate internet of the late 20th century, before it began to be reshaped by commerce and states as the mass surveillance machine it is today. His family were supportive or possibly indulgent of his obsession with the computers and networks of the 1990s.

In school, Snowden hacked the system to avoid homework. Quizzes were worth 25%, tests 35%, term papers 15%, homework 15% and class participation 10%. He figured he could skip both the homework and the term papers and still comfortably pass by acing everything else. Then one of his teachers confronted him, asking why he had not handed in any of previous six homework assignments. Innocently Snowden explained his reasoning to the laughter of his classmates. The teacher complimented the young Snowden on his cleverness and, within 24 hours, changed the system to make homework compulsory. He also took Snowden aside and encouraged him to put his fine brain to more constructive use than avoiding work and to be aware of how records follow us around and the impact on his permanent record.

Snowden's parents broke up. He learned to be independent, went to community college and got a job as tech support for a small business, working out of the business owner's home on the south west edge of Fort Meade. Yes that Fort Meade - home to the NSA. Snowden was at work when the 9/11 attacks happened and everything changed.

He bought hook, line and sinker into the Bush/Cheney 'war on terror':
"It was as if whatever individual politics I'd developed had crashed – the anti-institutional hacker ethos instilled in me online and the apolitical patriotism I'd inherited from my parents, both wiped from my system – and I'd been rebooted as a willing vehicle of vengeance. The sharpest part of the humiliation comes from acknowledging how easy this transformation was, and how readily I welcomed it."
And joined the army.

Coming from family generations of which had served in the Coast Guard, Snowden wanted to serve his country through the branch of the armed services considered by that family to be the "crazy uncles of the military". He aced the entrance exam, went into training for special forces, got injured on exercises and was eased out on administrative separation.

So back went Snowden to community college and decided he could best serve his country through his technical prowess. But to do that he'd need to join the CIA, NSA or other intelligence agency. And to do that he would need security clearance - top secret (TS) and top secret with a Sensitive Compartmented Information (SCI) qualifier. This involved filling out some forms and "sitting around with your feet up and trying not to commit too many crimes while the federal government renders its verdict." As a military veteran of sorts and the product of a multi generational service family, most of whom had the equivalent clearances, he was a good prospect and in due course succeeded. By this time Lindsay Mills had also become part of his life and so closes part 1 of the book.

Part 2 opens with 'The System.' Snowden describes a system as "a bunch of parts that function together as a whole". At the Open University we have a slightly longer definition of a system:
  1. A system is an assembly of components connected together in an organised way.
  2. The components are affected by being in the system and the behaviour of the system is changed if they leave it.
  3. This organised assembly of components does something.
  4. This assembly as a whole has been identified by someone who is interested in it.
Given the systems Snowden was thinking about - the professional civil service his family were steeped in and the computer systems he was obsessed by - his working definition satifices. When it came to computers he was most intrigued by their total functioning, not as individual components but as overarching systems. So the natural inclination was to get into systems administration or systems engineering which is what he did. Sysadmins and systems engineers naturally incline to a craft of understanding how computer systems work and fail and develop the diagnostic processes that go into keeping them running and getting them fixed and retrofitted and improved and renewed. It is not unnatural, then, when working within government (albeit for contractors) for techies to apply to same systems analyst skills to the system of government. Which is also what Snowden did.

We know about the five eyes mass surveillance systems and activities from Snowden's disclosures in 2013, from PRISM to TEMPORA, XKEYSCORE to QUANTUM, TURBULENCE and beyond. Yet, in some ways, the most chilling chapter in the book is "Homo contractus". It essentially outlines the private sector infiltration of the US intelligence services.
"I had hoped to serve my country, but instead I went to work for it. This is not a trivial distinction... government had treated a citizen's service like a compact: it would provide for you and your family, in return for your integrity and the prime years of your life.
But I came into the IC during a different age.
...the sincerity of public service had given way to the greed of the private sector, and the scared compact of the soldier, officer, and career civil servant was being replaced by the unholy bargain of Homo contractus, the primary species of US Government 2.0. This creature was not a sworn servant but a transient worker, whose patriotism was incentivized by a better paycheck and for whom the federal government was less the ultimate authority than the ultimate client.
...for third-millennium hyperpower America to rely on privatized forces for the national defense struck me as strange and vaguely sinister."
Snowden goes on to explain the use of contractors is a con to let the agencies circumvent statutory federal caps on hiring. As contractors are not included in the limits, the agencies can hire as many as they have the budget to pay for. Post 9/11 was a time when no congresscritter was going to go on the record as opposing any resources the intelligence and security agencies declared necessary for the 'war on terror'.

Huge resources got poured into the intelligence agencies for technical surveillance infrastructure and the people to create, develop, deploy and operate it. A large proportion of the people working on this mass surveillance were, like Snowden, technically employed by contractors and sub contractors but working directly for and within the agencies, the CIA and NSA in Snowden's case. Many of those nominally employed by the private sector started out as government employees, as the private companies didn't want to pay someone to wait around for a year or more for their TS/SCI security clearance to come through. Once the clearance was secured they could swap a government job for a better paid private sector job, sometimes doing the same work. Snowden's first job was with the state of Maryland partnered with the NSA opening a new institution called CASL, the Center for Advanced Study of Language.

As the building in which CASL was to be resident was still under construction, he essentially did the work of a night shift security guard. Whilst there and considering his long term career as a federal employee, he was amazed to find few opportunities to work directly for the government. Most of the sysadmin and systems engineering jobs available in government were through "working for a subcontractor for a private company that contracted with another private company that served my country for profit." Given these positions provide "almost universal access to the employer's digital existence", it's surprising to find these circumstances prevailing in the context of security and intelligence.
"In the context of the US government, however, restructuring your intelligence agencies so that your most sensitive systems were being run by somebody who didn't really work for you was what passed for innovation.
The agencies were hiring tech companies to hire kids and then giving them the keys to the kingdom."
Snowden's first contracting gig was for a company called COMSO, subcontracted to hire him by BAE Systems. He worked at CIA headquarters in McLean, Virginia. He had been earning $30k at CASL and asked COMSO for $50k. His nominal "manager" at COMSO talked him up to $62k. Middlemen contractors charged the government the employee's salary plus 3-5%. The higher the salary, the higher the cut.

The actual job at the CIA was both depressing and enlightening. Depressing on the extent of the cynical restructuring of the agency by the Bush administration and the move to a dependency, particularly in relation to modern technical information systems, on external contractors. Enlightening on the extent of the access Snowden got to highly classified material and the insight that gave him into the reach of the CIA and the importance of intelligence operations. It also gave him a hankering to really serve his country by applying for a role in a CIA field office overseas, preferably in a conflict zone. That meant swapping his contractor badge for a government employee badge, swearing an oath to defend and uphold the US Constitution and going back to school.

The techie in the CIA field office or embassy is responsible for every piece of kit in the building, from computers to heaters, encryption devices to locks. For security reasons no embassy will employ local contractors on even routine maintenance. The tech guy and there are not usually that many of them does everything. That's what the 6 months schooling before deployment was for.

Conditions at the CIA Warrenton Training Center ("the Hill") were less than ideal and whilst there, Snowden got his first taste of what reporting problems up the chain of command led to i.e. no addressing of the problem and a marking of the card of the whistleblower. Instead of getting his preferred deployment to a war zone to actively live out his heart on a sleeve patriotism, he was sent to Geneva for his first overseas tour of duty.

In Geneva, Snowden got a front seat view of the changing intelligence world and the pivot of the CIA from human intelligence (HUMINT) to cyberintelligence (SIGNINT & COMSEC), not that the former was abandoned but became proportionately less prevalent.
" In Geneva... America was busy creating a network that would eventually take on a life and mission of its own and wreak havoc on the lives of its creators – mine very much included.
The CIA station in the American embassy in Geneva was one of the prime laboratories of this decades long experiment. This city... lay at the intersection of EU and international fibre-optic networks, and happened to fall just within the shadow of key communications satellites"
Following Geneva, he moved to Tokyo to work in his "dream job" for the NSA but again, technically, as a better paid contractor in the private sector, an employee of Perot Systems which was then taken over by Dell.

In Tokyo, communications interception was the primary mission. In Toykyo, Snowden's early work was to link the NSA and CIA systems. In Tokyo, he discovered the NSA were vastly technologically superior to the CIA and vastly more laissez faire about security. In Tokyo, he created a much more effective storage system for the NSA, called EPICSHELTER. In Tokyo, his mind boggled at the scale and reach of China's mass surveillance and censorship systems. In Tokyo, he first realised "the power of being the only one in the room with a sense not just of how one system functioned internally, but of how it functioned together with multiple systems—or didn't." In Tokyo, he began to become disturbed at US mass surveillance, even as he was creating, developing and operating elements of the systems involved. In Tokyo, he initially sated his concerns by assuring himself he was working for the good guys.

In Tokyo, he became aware senior intelligence and security community insiders had serious concerns over the Bush administration's unchecked expansion of warrantless mass surveillance. In Tokyo he accidentally got access to the classified version of the Report on the President's Surveillance Program, (PSP) filed in an 'Exceptionally Controlled Information' (ECI) compartment. Full classification TOP SECRET//STLW//HCS/COMINT//ORCON/NOFORN. Through the PSP report he learned of STELLARWIND, the NSA's general and indiscriminate, bulk collection of electronic communications. In Tokyo, he began to understand the political sophistry underpinning mass surveillance, such as the now ubiquitous claim that collected communications could only be considered to be legally "obtained" or "acquired" if a member of the agencies searched for or found them. Collected communications would not be legally acquired but would, nevertheless, be available for search and retrieval, in post hoc fishing expeditions, in perpetuity. In Tokyo, it dawned on him that the Obama administration had no intention seeking reparations for systemic illegalities or undoing any of the deployment of mass surveillance infrastructure undertaken by their predecessors.

By 2011, Snowden was back in the US, still employed by Dell, building cloud systems for the CIA. He was also getting stressed and depressed at the mass surveillance of the state; and not just willing but enthusiastic compliance and buy in of friends and the general public into commercial systems of mass surveillance. The stress led to illness, including epilepsy and he eventually took sick leave to recuperate. His next move, in 2012, was to Hawaii, still with Dell, a step down in terms of responsibilities, to facilitate his ongoing recuperation but now working for the NSA again. He was now the NSA's Microsoft Sharepoint administrator in Hawaii. Lowly in the organisational food chain but, as a manager of document management and "reader in chief", this provided the access privileges to gather comprehensive evidence on his nascent concerns from Tokyo, about US mass surveillance.

Having automated much of his formal work responsibilities he set about his task of surveying the extent of the NSA's surveillance capabilities, running into the standard security services secrecy, obfuscation, compartmentalisation, misdirection, bureaucratic code and all the other institutional processes available for keeping information from the light. He decided to automate this process too, with the approval of his boss, setting up a kind of RSS reader system on steroids. This not only scanned for or linked to documents but copied them. Snowden called it Heartbeat and gave intelligence services staff access to a personalised reader that collected classified intelligence documents (from NSA, CIA, FBI and Deparment of Defense) according to each individual's security clearance.

The volume of documents Heartbeat collected was enormous and although Snowden could see it all, beyond the capacity of a single human being to review. Nevertheless, it was through Heartbeat that he learned about Upstream (direct collection of bulk data live from private sector communications infrastructure) and PRISM (bulk data handed over by private sector actors like Google, Apple, Microsoft, Facebook and Amazon etc. and overseen, theoretically, by the Foreign Intelligence Surveillance Court, FISC). He learned of TURBULENCE, a collection of black servers hard wired into telecommunications companies' infrastructure, running internet traffic through filtering tools like TURMOIL to flag suspicious communications; and TURBINE which routs communications to the NSA, where other algorithms decide which malware to deposit (via QUANTUM) on the source computer, in order that the potential threat can be monitored.

Snowden began to become indignant at the intelligence community's blatant flouting of the US Bill of Rights, particularly the fourth amendment protections against search and seizure and also the White House, the courts' and congress's complicity in this. He was particularly incensed when the US Supreme Court decided to wash their hands of the issues in February 2013, when the Court decided, 5-4, that the American Civil Liberties Union (ACLU) and their client, Amnesty International, did not have standing to challenge the constitutionality of the warrantless wiretapping program. (Substantively, the ACLU and Amnesty were challenging the Foreign Intelligence Surveillance Act Amendments Act 2008 (FISAA). FISAA is the law that makes the act of being a foreigner a sufficient reason to be a target of US law enforcement and intelligence services.)

He had, by then, decided to blow the whistle on the whole shebang. The ACLU case and embryonic mass surveillance enabling laws in the UK (the snoopers' charter which eventually got passed as the Investigatory Powers Act 2016) and Australia (multiple bills) only hardened that resolve.

Chapters 21 and 22 extol the virtues of whistleblowing and Snowden's perspective on the fourth estate but I'll leave the reader to peruse those for themselves.

Before he blew the whistle, however, he wanted one last job, not just administering or reading about mass surveillance tools but actually using them, particularly XKEYSCORE, the NSA's incredibly powerful intelligence search engine. A position opened up at the National Threat Operations Center (NTOC), one "of the few offices in Hawaii with truly unfettered access to XKEYSCORE", through Booz Allen Hamilton. Snowden secured it and so began his education in the coal face abuses of US intelligence systems. The shock was palpable.
"Seeing them made me realize how insulated my position at the systems level had been from the ground zero of immediate damage. I could only imagine the level of insulation of the agency's directorship or, for that matter, the US president."
Snowden had already smuggled the documents he intended to pass to journalists out of the NSA on SD and micro SD cards. The flight to Hong Kong and handing over of those documents to Laura Poitras, Glenn Greenwald and Ewen MacAskill, his escape, aided by Wikileaks's Sarah Harrison, to and entrapment in Russia when the US revoked his passport, has been well documented in the Guardian, the Washington Post and Poitras's documentary, CitizenFour.

The chapter on Moscow in the book is thin on detail and only outlines the discussions Snowden and Harrison had with an intelligence official on the day they arrived, noting also thereafter they spent 40 days and nights at the airport. During that time he applied, unsuccessfully, to 27 countries for political asylum. He concludes the chapter suggesting the Russians gave him asylum because they were fed up with the media scrum at the airport.

The penultimate chapter of the book details extracts from the diary of Snowden's partner, Lindsay Mills, in the aftermath of his disappearance to Hong Kong. She is a powerful presence and positive force in his life and it would have been nice to hear more from her. Mills and Snowden were married in Russia in 2017.

The final chapter is largely a whistlestop tour of the legacy of Snowden's revelations from his perspective - global awareness of mass surveillance, some positive legal developments like ACLU v Clapper in the US and the GDPR in the EU, some important developments in encryption like HTTPS, Secure Drop, Signal and generally more end to end encryption. But if we were concerned to avoid living in a surveillance society, it's too late, we're already there. State and commercial surveillance systems are more powerful and pervasive than ever and getting worse. They will require structural solutions - legal, technical, economic, environmental, individual & societal - pressures brought to bear to bring them under democratic control.

Wednesday, December 04, 2019

Tactics of persuasion

In 2007, I wrote some notes on tactics of persuasion. Given the amount of disinformation at large today, it could doing with another airing, though some of the examples are dated. (Note: The 'DDM' acronym refers to digital decision making - not artificial intelligence but decision making in sociotechnical systems).

As well as being aware of the agenda of the various stakeholders and their relative power base, it is important to be familiar with the kind of tactics people and organisations use to persuade us of the legitimacy of their point of view.  The following is a list of some of the common tactics to look out for.[27]

Extrapolating opposition argument to the absurd and then refuting the absurd 
This is also known as the ‘straw man’ approach – create a straw man, something which you can pretend represents your opponents’ position, and knock that down. President Bush’s declaration that anyone who opposed his actions in the wake of the attacks of 11th September 2001 was a supporter of terrorism is a classic example:
“Either you are for us or for the terrorists.” 
This has been one of the most important oratorical tricks in the president’s armoury in his time in office. It has enabled him to take a range of actions including invading Iraq, legalising torture[28] and domestic surveillance that would arguably have been more difficult without the aid of painting his opponents as ‘soft on terrorism.’

Appealing to emotion and prejudice 
If someone tells us a story we want to hear, we are more likely to believe it. There are a huge number of ways of using this tactic. One example is appealing to nationalism, as in the following example from Jack Valenti, the President of the Motion Picture Association of America, in his testimony to a congressional sub-committee, on the ‘Home recording of copyrighted works’ (i.e. the use of video cassette recorders) in 1982.
“The US film and television production industry is a huge and valuable American asset. In 1981, it returned to this country almost $1 billion in surplus balance of trade. And I might add, Mr Chairman, it is the single one American-made product that the Japanese, skilled beyond all comparison in their conquest of world trade, are unable to duplicate or to displace or to compete with or to clone. And I might add that this important asset today is in jeopardy. Why?... Now, I have here the profits of Japanese companies, if you want to talk about greed. Here, Hitachi, Matsushita, Sanyo, Sony, TDK, Toshiba, Victor, all of whom make these VCRs. Do you know what their net profits were last year? $2.8 billion net profit.”

Labeling or ghettoisation of interested groups
Group all opponents under one general heading. Once there, they can be labelled, on a spectrum from ‘lunatics’ to ‘nice people who just do not understand.’ Then conclude that their arguments are not worth taking into consideration because they are at best ill-informed.  There is a whole range of ways of using this tactic.  If scientists agree on an inconvenient truth like global warming or evolution they are intellectual snobs who think they know better than the rest of us.  Conservative Christian advocates of the teaching of ‘intelligent design’ in science lessons in the US are very good at this.[29] One of the central themes of this book is the value to be gained from experts and ordinary people working together. The intelligent design debate is good example of ordinary people making what I believe is a bad judgement call, in defiance of contrary scientific evidence and advice.  Their values and beliefs lead them to reject the scientific theory of evolution in an attempt to promote their own model, intelligent design, of how life came into existence.[30]

Balancing act
Modern journalistic practice of reporting that there are two sides to every story,[31] in an apparent effort to appear balanced, can result in all kinds of quacks getting a media platform.  [Yes, I plead guilty here to using a denigrating label]. If someone says the moon is made of cheese on a slow news day, the headlines will say ‘opinion divided on the composition of the moon.’
Deborah Lipstadt [32] provides an especially stark example in the media tendency to legitimise the views of people who deny the holocaust took place, in spite of the overwhelming mass of incontrovertible documented and eye witness evidence of the Nazis’ atrocities. Lipstadt refused all media offers to ‘debate’ the reality of the holocaust with holocaust deniers, since it would just present these people with a public platform in which their point of view would be considered to be of equal value.
Unfortunately an expert backed by solid evidence but with poor communication skills can fail to influence a DDM situation, when faced with someone who has a poor understanding of the evidence but a strong agenda and good communications skills.

Using jargon to confuse
With DDM being such a complex subject, any debate about the design, deployment or regulation of information systems is open to this tactic. For example: ‘You will, of course, understand that the DRM or TPM anti-circumvention measures in the UK implementation of EU directive 2001/29/EC on copyrights and related rights in the information society, the EUCD, were a direct result of our international obligations, rather than something we would have chosen to write into UK law of our own volition.’

Making appeals to 'experts' 
I refer to Bruce Schneier, James Boyle, Kim Cameron and others throughout this book as experts. A reader, who is unfamiliar with these individuals or their areas of expertise, may just be taking my word that they are indeed experts.  Very often media reports quote named and un-named ‘experts’ in support of their assertions, though, and it can be well worth checking the credentials of these people.

Using sarcasm, innuendo, denigration and other forms of humour to belittle opponents
It is easier to get a low opinion of the opposing advocate if you are funny – the humour makes it easy for the audience to like you and diverts attention from the substance of your argument.

The dominant metaphor 
George Lakoff [33] teaches that metaphors are the mental structures that shape the way we see the world.  If someone tells us a story through appealing metaphors and language we are more likely to accept their point of view. By the same token, when Richard Nixon went on TV and said “I’m not a crook,” immediately everyone believed he was a crook.  It is also like telling someone not to think of an elephant. No matter how hard you try after someone has said this, the image of the elephant will come into your mind.

Using rhetorical questions 
If you get your audience to subconsciously supply the answer invited by the question, they become more receptive to the views that follow as a consequence of the answer. To appreciate this, test the effect of taking the opposite answer to the one implied.  The wonderful BBC comedy series Yes Prime Minster gave a classic illustration of this when Sir Humphrey Appleby [34] explained to Bernard Woolley [35] how to fix a survey:
Sir Humphrey: “Well Bernard you know what happens. Nice young lady comes up to you. Obviously you want to create a good impression. You don’t want to look a fool, do you?”
Bernard: “No.”
Sir Humphrey: “No. So she starts asking you some questions. Mr. Woolley, are you worried about the number of young people without jobs?”
Bernard: “Yes”
Sir Humphrey: “Are you worried about the rise in crime among teenagers?”
Bernard: “Yes”
Sir Humphrey: “Do you think there is a lack of discipline in our comprehensive schools?”
Bernard: “Yes”
Sir Humphrey: “Do you think young people welcome some authority and leadership in their lives?”
Bernard: “Yes.”
Sir Humphrey: “Do you think they respond to a challenge?”
Bernard: “Yes.”
Sir Humphrey: “Would you be in favour of re-introducing national service?”
Bernard: “Y… oh, well I suppose I might be.”
Sir Humphrey: “Yes or no?”
Bernard: “Yes”
Sir Humphrey: “Of course you would, Bernard. After all you’ve told her you can’t say no to that. So they don’t mention the first five questions and they publish the last one.”[36]
A variation on the rhetorical question is the use of words and phrases which suggest that the audience should accept without question, e.g. ‘Obviously...’ or ‘It is clear that we all agree...’ 

The sound bite 
It is very hard to find simple responses to counter established rhetoric. “If you’ve got nothing to hide, you’ve got nothing to fear” for example.*  You could try “how much do you earn” or “have you got curtains or a lock on your bathroom door” but they do not have the same effect.  Likewise “If I am not doing anything wrong, then you should not be watching me”; “Everyone has something to hide because everyone is entitled to privacy”; “Those engaged in the surveillance get to decide what's ‘wrong,’ and they keep changing the definition”; “You might misuse my information”; “I don't have anything to hide. But I don't have anything I want you to see, either”; “The government is sticking its nose into my business without a reasonable excuse”; and so on. It is an uneven playing field, rhetorically speaking – the rhetoric is stacked against the nuanced but more complete argument or explanation.  In a world of short attention spans, if you have to explain, you are losing the argument.

Presenting evidence or apparent evidence to make it appear to point to a particular conclusion
This includes using carefully selected evidence, while omitting contrary evidence.  In the UK government consultation on the proposed ‘entitlement card’ in 2003, about 6000 people indicated opposition to the idea and about 2000 were in favour.  The government at that time presented the results by saying that most people were in favour of the scheme by a ratio of 2 to 1. They later justified this by saying they had counted the 5000 or so who had expressed their opposition to the scheme via the Internet as a single vote against the scheme. David Blunkett, Home Secretary at the time, dismissed the people who used the Net to object as a vocal minority of civil liberties activists.  The government then commissioned a survey, the results of which suggested 80% of the population were in favour of ID cards. They have been quoting this survey ever since, in spite of a lot of evidence showing a huge drop off in support for the system.

Taking what someone says out of context
People regularly take quotes from religious texts like the Koran or the Bible out of context to justify their behaviour.  George Bush was vilified by critics for describing ten months of violence following the 2005 elections in Iraq as “just a comma” in history.[37]

Avoiding giving evidence whilst suggesting that evidence is being given
Put out a vague policy statement, saying the details will come later, then when asked about the details at a later date claim all the details were clearly included in the original policy statement and there is nothing further to add.

Non sequitur – ‘It does not follow’
This involves drawing an illogical conclusion from sound data. Since the data are credible the conclusion which follows closely is also accepted. The subtle exponent of the art will embed the illogical conclusion between two logical ones. An example is the government’s stance on the UK national identity system. It will be compulsory for everyone to have an ID card. Yet it is claimed that the card cannot be considered compulsory, since it will not be compulsory to carry it around all the time. 

Repetition of a claim, periodically and frequently, over a long period of time can often lead to general acceptance of the claim as fact, even though it may have been discredited on numerous occasions. This is a tactic used extensively by ‘historical revisionists’ like those who deny the existence of the holocaust. [38] In chapter 8, I look briefly at the repeated efforts to introduce a software patent directive in the European Union.  Those in favour of such a policy merely need to keep re-introducing it periodically over a sustained period.  Those who oppose such a policy need to be alert and mobilise effective opposition to every attempt to implement such a policy. Those with the most stamina get their way in the end.

Corporate, civil society or politically funded think tanks 
These institutions present an alternative to traditional academic and scientific peer review.  Researchers publish the required results.  Ordinary people find it hard to tell the difference between real research and advocacy research and the media rarely make the effort to distinguish or understand the difference between these when reporting on particular findings.  Increasingly, research in universities is commercially sponsored.[39] A simple question which is always worth asking is: who paid for the research?

This is the public relations trick of creating illusory grass roots campaigns.  Public relations companies acting, for example, on behalf of the energy, tobacco and pharmaceutical industries and political parties have been doing this for decades.[40] The idea is to send lots of letters or emails purporting to come from ordinary people to politicians or newspapers in order to make it appear that there is significant feeling about a particular issue.  There is a huge industry engaged in buying and selling personal data for commercial and political exploitation of this sort.  At the simplest level these details can be obtained from the voting register or the register of births and deaths.

*I would just note that the "nothing to hide" sound bite is particularly poisonous and should be refuted at every conceivable opportunity. It is based on two gigantic false assumptions -  
1. that privacy is exclusively sought or needed by evil people wanting to hide nefarious deeds and intentions. It is not. 
2. that destroying privacy will solve the complex socio-technical-economic-environmental-justice-immigration-terrorism-[choose your issue] problem/mess of the day. It has not and will not.
Never, ever accept "nothing to hide..." as the basis for framing a debate.

These tactics of persuasion are an extract from Chapter 6 of my book Digital Decision Making: Back to the Future, Springer Verlag [2007].

27 This list is adapted, with the kind permission of the Open University, from my Open University course, T182 Law the Internet and Society: technology and the future of ideas, which is fairly heavily focused on intellectual property and digital technologies.  The course is based on Larry Lessig’s book The Future of Ideas (Random House, 2001).  Both Jessica Litman in chapter 5 of Digital Copyright and Peter Drahos and John Braithwaite in chapter 3 of Information Feudalism: Who Owns the Knowledge Economy do a terrific job of outlining the long term process of changing public perception of what intellectual property is about.

28 See The Torture Debate in America Edited by Karen Greenberg (Cambridge University Press, 2005) and the Balkanization blog at
29 For a particularly good collection of essays dissecting their position see Intelligent Thought : Science versus the Intelligent Design Movement Edited by John Brockman (Vintage, 2006)
30 Incidentally, whether or not you believe in God, is it seriously beyond the bounds of possibility that He might understand enough science to work with evolutionary processes?
31 And usually only two sides.
32 See Denying the Holocaust: The Growing Assault on Truth and Memory by Deborah Lipstadt for an especially stark example of the media tendency to legitimise the views of people who deny the holocaust took place, in spite of the overwhelming mass of incontrovertible documented and eye witness evidence of the atrocity. Lipstadt refused all media offers to ‘debate’ the reality of the holocaust with holocaust deniers since it would just present these people with a public platform in which their ‘point of view’ would be considered to be of equal value.
33 Don't Think of an Elephant: Progressive Values and the Framing Wars a Progressive Guide to Action by George Lakoff (Chelsea Green Publishing Company, 2004); Metaphors We Live By by George Lakoff & Mark Johnson (University of Chicago Press, 1989)
34 Played by Nigel Hawthorne.
35 Played by Derek Fowlds.
36 The episode in question was The Grand Design, which first aired on the BBC on the 9th of January 1986.
37 Just a Comma’ Becomes Part of the Iraq Debate by Peter Baker Washington Post 5 October, 2006 at
38 David Irving, for example, went to prison in Austria for this. 
39 See, for example, Deterring Democracy by Noam Chomsky (Vintage, 1992) p.303. Chomsky says: “One fundamental goal of any well-crafted indoctrination program is to direct attention elsewhere, away from effective power, its roots, and the disguises it assumes.”
40 Toxic Sludge is Good For You: Lies, Damn Lies and the Public Relations Industry by John Stauber, Sheldon Rampton (Common Courage Press, September 1995) has some excellent examples.

Tuesday, October 29, 2019

Blanket recording of tutorials is unlawful

I'm going to repost the essence of an old Twitter thread from June 2018 here for posterity because the issue is live and ongoing.

Some @OpenUniversity folks have been discussing recording of tutorials. 1/
Dr Liz Hartnett @eLizHartnett · Jun 18, 2018 Yes. @OpenUniversity students are in a different situation, and recorded lectures, recorded discussions between academics and recorded lab demos are a must. Remember that tutorials are not lectures and they do not introduce material from outside the module.
We have to remember the importance of dialogue for learning. Dialogues and personal support are critical for learning and what tutorials are all about 2/

- putting people in touch with people, students in touch with informed, dedicated, caring educators, as well as their peers, as @OpenUniversity did so well for so many years 3/

Is it appropriate to record tutorials? In most instances, no. However, it depends on context, informed & willing consent of participants, andragogy, pedagogy, the purpose of the tutorial and of the recording, the careful management & #security of those recordings 4/

Tutorials are private spaces for students to learn and test boundaries, with the aid of their tutor and peers, through activity and discussion of sometimes complex, difficult, controversial and unconventional ideas. 5/

Students will feel far less able to express themselves freely when they know they are being recorded. You don't need to be an expert in the #chilling effect to understand this. 6/

Mission creep associated with retaining large banks of tutorial recordings is unavoidable 7/

The blanket mandatory/default recording of online tutorials is likely unlawful on multiple fronts, the most telling being a breach of fundamental #privacy rights of students and tutors 8/

European Court of Human Rights in November 2017, in Antović and Mirković v. Montenegro decided that routine recording of educators in the classroom constitutes a direct breach of their rights under Article 8 of the European Convention on Human Rights.

That case specifically related to the blanket recording of lectures. Tutorials are a more private learning environment. Compulsory recording of online tutorials is an order of magnitude more intrusive than the recording of lectures, from an Article 8 perspective 10/

Whatever about the legalities, from an ethical perspective, routine mass #surveillance of tutors and students in the classroom is simply wrong 11/

Can recordings facilitate post hoc passive student engagement/learning from others’ tutorial experience? To a variable degree, yes. Recordings are popular with students but represent more of a comfort blanket than a facilitation of effective learning 12/

Is the provision of that comfort blanket a proportionate justification for routine blanket recording of all online tutorials? No. 13/

Is the facilitation of accessibility a legitimate aim? Yes. Is the stated provision of accessibility a proportionate justification for blanket recording of all online tutorials? No. Not when there are less #privacy intrusive means available to meet that aim. 14/

Should the @OpenUniversity be producing appropriate, tailored, tutorial-like multimedia recordings and recordings of selected online tutorials to facilitate learning and access for those unable to access tutorials? Yes. 15/

Should the learning design thinking underpinning these recordings be somewhat more sophisticated than “we have a record button, so let’s use it on everything”? Yes. 16/

A mix of professionally produced module team recorded lectures and selected recordings of online tutorials plus recordings of discussions between academics and students might be a pragmatic way forward 17/

Recordings could be much more professionally, effectively, efficiently & cheaply produced once, then be re-used; whilst simultaneously avoiding all of the serious legal, ethical, pedagogic, logistical and resource sapping issues with default recording 18/

 One size fits all policies in education are invariably a straitjacket, restraining educators ability to meet individual student needs 19/

A policy mandating routine compulsory/default recording of all online tutorials is
•Unlawful: a clear breach of privacy of students & tutors
•Disproportionately intrusive
•Immeasurably & boundlessly defective on pedagogic & accessibility grounds

Friday, October 04, 2019

Planet49 cookies

I've been reading the judgment of the European Court of Justice (CJEU) in Case C‑673/17, Bundesverband der Verbraucherzentralen und Verbraucherverbände — Verbraucherzentrale Bundesverband eV v Planet49 GmbH.

The case relates to the use of cookies by gaming company, Planet49, in the course of a promotional lottery they organised in 2013. To participate users had to go through the usual rigmarole of agreeing to conditions, subscribers' offering their names and addresses. There were a couple of checkboxes, relating to this.

The first checkbox had to be ticked, as a minimum requirement, to participate but by default was empty, so the user had to select it. The second checkbox came pre-ticked and related to cookies. Missing or leaving the box ticked committed users to:
‘I agree to the web analytics service Remintrex being used for me. This has the consequence that, following registration for the lottery, the lottery organiser, [Planet49], sets cookies, which enables Planet49 to evaluate my surfing and use behaviour on websites of advertising partners and thus enables advertising by Remintrex that is based on my interests. I can delete the cookies at any time. You can read more about this here.’ 
The here was hyperlinked to some text (321 words) on how Remintrex and Planet49 would use cookies. Hyperlinks from the conditions attached to the first checkbox linked to a list of 57 companies. The underlined word 'Unsubscribe' was contained after the name of each company.

We've all seen this kind of stuff, thousands of times.

Germany's Federation of consumer organisations decided to challenge the company, saying the consent requirements of the checkboxes did not satisfy German law. It made its way up through the courts and eventually the German Federal Court of Justice referred it to the Court of Justice of the EU for a preliminary ruling. They asked the Court four questions, which the CJEU, in its wisdom, designated two questions, the first of which was a three-parter (though, on second thoughts, it is possible the German court are responsible for the numbering):

Q1(a) When setting and using cookies, do pre-ticked checkboxes, which a user must deselect to refuse consent, constitute valid consent under EU e-privacy and data protection laws?

Q1(b) Does it make a difference if the data stored on or accessed from a user's computer is technically considered 'personal data' in EU law, under the e-privacy (2002) and data protection directives (1995)? (The data protection directive was still in force at the time of the referral of these questions by the German court.)

Q1(c) Does a valid consent under the GDPR Article 6(1)(a) exist?

Q2 What information does a service provider have to give to meet their obligations under the e-privacy directive of 2002.

In kicking off its analysis the CJEU notes the GDPR has been passed and come into force in the time this case has been in play. However, the referring court knew the GDPR was coming and it was likely it would need to be taken into account. So it was appropriate to include the GDPR in the analysis. If the consumer group decided it needed to take further action e.g. asking for a court order to prevent Planet49 using pre-ticked boxes in future the GDPR would be the relevant law. Anyway the data protection heavy lifting is now done by the GDPR which makes references to the earlier data protection directive through the e-privacy directive.

Or as the Court so eloquently put it, 'ratione temporis'.

Sometimes judges can't help themselves. The ancient language is in the blood.

The analysis of the four questions, appropriately enough, starts at paragraph 44, considering questions 1(a) and (c) together - is a pre-ticked checkbox adequate consent and does valid consent exist under the GDPR?

By paragraph 47 the Court points out that the provisions of the e-privacy directive under scrutiny  "must normally be given autonomous and uniform interpretation throughout the EU". Maybe we shouldn't draw the attention of the Brexit/Tory party extremists, aka the Cabinet, to this one.

Moving on, they come to a natural conclusion based on the clear wording of the eprivacy and data protection directives, that consent requires active consent i.e. action of the part of the user. And the use of pre-ticked checkboxes does not constitute active consent on the part of the user.

One of my favourite lines in the whole judgment is the last sentence of paragraph 55:
"It is not inconceivable that a user would not have read the information accompanying the preselected checkbox, or even would not have noticed that checkbox, before continuing with his or her activity on the website visited."
Nobody reads the T&Cs other than the privacy geeks.

At paragraph 61 they note that conlusion becomes even stronger now the GDPR is in force and active user consent is demanded under that law. 

By paragraph 65, they conclude the e-privacy directive [2002/58] in conjunction with the data protection directive [95/46] and the GDPR [2016/679] nix pre-ticked checkboxes.
"In the light of the foregoing considerations, the answer to Question 1(a) and (c) is that Article 2(f) and Article 5(3) of Directive 2002/58, read in conjunction with Article 2(h) of Directive 95/46 and Article 4(11) and Article 6(1)(a) of Regulation 2016/679, must be interpreted as meaning that the consent referred to in those provisions is not validly constituted if, in the form of cookies, the storage of information or access to information already stored in a website user’s terminal equipment is permitted by way of a pre-checked checkbox which the user must deselect to refuse his or her consent."
Onwards again to Q1(b). This one is not hard either. In the Planet49 lottery the storing of cookies amounts to the processing of personal data. The e-privacy directive aims to protect us from interference with our private sphere, whether it involves personal data or not. So the e-privacy directive [2002/58] in conjunction with the data protection directive [95/46] and the GDPR [2016/679] bar outsiders from invading our private electronic space - protections apply whether the data is personal or not.
"In the light of the foregoing considerations, the answer to Question 1(a) and (c) is that Article 2(f) and Article 5(3) of Directive 2002/58, read in conjunction with Article 2(h) of Directive 95/46 and Article 4(11) and Article 6(1)(a) of Regulation 2016/679, must be interpreted as meaning that the consent referred to in those provisions is not validly constituted if, in the form of cookies, the storage of information or access to information already stored in a website user’s terminal equipment is permitted by way of a pre-checked checkbox which the user must deselect to refuse his or her consent."
Last but not least Q2 analysis begins at paragraph 72. What information does a service provider have to give to meet their obligations under the e-privacy directive of 2002.
"By Question 2, the referring court asks, in essence, whether Article 5(3) of Directive 2002/58 must be interpreted as meaning that the information that the service provider must give to a website user includes the duration of the operation of cookies and whether or not third parties may have access to those cookies."
Well, consent requires clear, comprehensive and sufficiently detailed information to enable the user to understand the use of the cookies. In the promotional lottery case the Court concludes the duration of the operation of the cookies and whether or not third parties may have access to them should be part of the "clear and comprehensive information which must be provided to users", (as designated by article 5(3) of the e-privacy directive and article 10 of the data protection directive. Provisions in the GDPR (Article 13(2)(1) then reinforce this conclusion.)
81  In the light of the foregoing considerations, the answer to Question 2 is that Article 5(3) of Directive 2002/58 must be interpreted as meaning that the information that the service provider must give to a website user includes the duration of the operation of cookies and whether or not third parties may have access to those cookies."
And that's the ballgame.

Consumers organisations 4    Cookie exploiting economic actors 0.

EU law on Q1(a) & (c)
"must be interpreted as meaning that the consent referred to in those provisions is not validly constituted if, in the form of cookies, the storage of information or access to information already stored in a website user’s terminal equipment is permitted by way of a pre-checked checkbox which the user must deselect to refuse his or her consent."
EU law on Q1(b) is
"not to be interpreted differently according to whether or not the information stored or accessed on a website user’s terminal equipment is personal data within the meaning of Directive 95/46 and Regulation 2016/679." (the data protection directive and the GDPR)
EU law on Q2
"must be interpreted as meaning that the information that the service provider must give to a website user includes the duration of the operation of cookies and whether or not third parties may have access to those cookies."
The thing is, that might be the ballgame in terms of the judgment of the Court but we don't know what it will mean in practice. This decision technically means that most if not all websites, including Blogger, are now in breach of EU law. But as the original cookie law was so blatantly circumvented with the pop up 'accept'/'I agree' buttons, there will be a route to technical compliance, worked out as a new norm which doesn't unduly burden commerce on the Net. Commercial organisations have been abusing our privacy for decades now, through this giant surveillance infrastructure panopticon we call the Internet. There have been few or no negative consequences bouncing down on the heads of the rapacious economic actors mining the private lives of the dominant species of the planet. 

Do not be taken in by the "data ownership" or equivalent propositions which is are delusional and/or deceptive slight of hand, peddled by those on a spectrum from true believers to those with vested interests in expanding, ever further, our surveillance society. The solutions have to be structural -
Legal infrastructure to protect privacy adequately enforced. The real effect of the GDPR will be a massive case study in this regard and may take years to evaluate.

The retrofitting and rebuilding and deployment of better privacy respecting technical infrastructure and networks. The Internet is an entirely artificially created entity. It did not have to be built as a giant surveillance machine.

There have to be structural economic incentives with real consequences for the most powerful players - states and global corporations. Economic externalities enable the worst offenders to grab all of the benefits and none of the costs. Let's get the economic feedback loops landing the negative consequences of mass privacy invasive practices right back in the lap of the invaders.

And finally, for now, social. That means you and I, dear reader, have to step back from being a dazzled, addicted and willing participant in the global madness. As a starter for 10, next time you are faced with a 'click this to get at our stuff blah blah, we value your privacy' message, remind yourself, of course they value your privacy, they are making a fortune out of it. How about instead we get them to respect our privacy?