Feed techdirt Techdirt

Favorite IconTechdirt

Link https://www.techdirt.com/
Feed https://www.techdirt.com/techdirt_rss.xml
Updated 2026-07-07 17:00
Facebook's Oversight Board Can't Intervene, So Stop Asking
As Facebook employees stage a digital walk-out and make their thoughts known about the social media giant’s choice to not intervene in any way on “political posts”, especially those of President Donald Trump, some have called for the newly-created Oversight Board to step up and force a change in Facebook. While the official answer is that they can’t start (because supposedly they haven’t given out laptops yet), the real and very simple reason why the Facebook Oversight Board won’t get involved is because it can’t. It’s not created to function that way, it’s not staffed for something like this, and ultimately, due to its relationship with Facebook, anything it would say on this matter right now would be taken in an advisory capacity at best. Facebook, understandably not wanting to actually give any of its power away, played confidence games with the idea of external, independent oversight, and it’s clear that they fooled a lot of people. Let me explain.In three-card-monte, the huckster keeps shuffling three playing cards until the victim is likely to guess wrong on where the “money card” may be hiding, and proceeds to flop the cards one by one. For Facebook’s prestidigitation on content moderation, last month’s announcement of the initial 20 highly-regarded experts tapped as members for its independent oversight board is the second card flop, and predictably, the money card is not there.The ongoing sleight of hand performed by Facebook is subtle but fundamental. The board was set up as truly independent, in every way, from member to case selection and to the board’s internal governance. In terms of its scope and structure, it is guided by previously-released bylaws to primarily handle a small set of content removal cases (which come up to the board after exhausting the regular appeals process), and dictate Facebook to change its decisions in those cases. To a much lesser extent, the Board can, although time and resources are not allocated for this, provide input, or recommendations about Facebook’s content moderation policies, however, Facebook is not obligated in any way to follow those policy recommendations, but to simply respond in 30 days and talk about any action it may take.In the pages of the San Francisco Chronicle’s Open Forum, and elsewhere, I and others have called attention to this empty action as far back as September 2019, at the first card flop, the public release of the Board’s charter and bylaws. The project continued unabated and unchanged as friendly experts extolled the hard work of the team and preached optimism. Glaring concerns over the Board’s advisory-at best, non-binding overall power, not only weren’t addressed, but actually dismissed by cautioning that board member selection, last month’s flop, would be where the money card is. Can you spot the inconsistency? It doesn’t matter if you have the smartest independent advisors if you’re not giving them the opportunity to actually impact what you do. Of course, the money card wasn’t there.In early May, the Menlo Park-based company released the list of its Oversight Board membership, with impressive names (former heads of state, Nobel Prize laureates and subject matter experts from around the world). Because the Board is truly independent, Facebook’s role was minimal, beyond coming up with said structure and bylaws with the consultation of experts from around the world (full disclosure: the author was also involved in one round of consultations in mid 2019), it only directly chose the 4 co-chairs who then were heavily involved in the choice of the other 16 members. A lot of chatter around this announcement focused, predictably, on who the people are; is the board diverse; is it experienced enough, etc, while some, have even focused on how independent the board truly is. As the current crisis is showing, none of that matters.As we witness the Board’s institutionalized, structural and political inability to perform oversight it is becoming entirely clear that Facebook is not, at all, committed to fixing its content moderation problems in any meaningful way, and that political favor is more important than consistently applied policies. There is no best case scenario anymore as the Board can only fail or infect the rest of the industry. And what is a lose-lose for all of us will likely still be a win-win for Facebook.The bad case scenario is the likeliest: the Board is destined to fail. While Zuckerberg’s original ideas of transparency and openness were great on paper, the Board quickly turned into just a potential shield against loud government voices (such as Big Tech antagonist Sen. Hawley). Not only is that not working, Sen. Hawley responded to the membership list with even harsher rhetoric, but the importance placed on the optics versus the reality of solving this problem is even more obvious now. Giving the Board few, if any, real leverage mechanisms over the company can at most build a shiny Potemkin village and not an oversight body. If we dispense with all the readily-available evidence to the contrary, and give Facebook the benefit of the doubt that it tried, the alternative reasons for this rickety and impotent construction are not much better. It may be because giving a final say over difficult cases, the Board’s main job, is not something Facebook was comfortable with doing by itself anyway (and who can blame them given the pushback the platform gets with any high-profile decision). Or it may be because of a bizarre allegiance to the flawed constitutional law perspective that Facebook can build itself a Supreme Court, which makes the Board act as an appellate court of sorts, with a vague potential for creating precedent rather than truly providing oversight.If the Board’s failure doesn’t tarnish the perspective of a legitimate private governance model for content moderation, there’s a lot to learn on how to avoid unforced errors. First, we can safely say that while corporations may be people, they are definitely not states. Creating a pseudo judiciary without any of the accouterments of a liberal-democratic state, such as a hard-to-change constitution, co-equal branches and some sort of social contract is a recipe for disaster. Second is a fact that theory, literature and practice have long argued: structure fundamentally dictates how this type of private governance institution will run. And with an impotent Board left to mostly bloviate after the fact, without any real means to make changes to the policies themselves, this structure clearly points to a powerless but potentially loud “oversight” mechanism, pushed to the front, as a PR stunt, but unequipped to deal with the real problems of the platform. Finally, we see that even under intense pressure from numerous and transpartisan groups, and a potential openness to fixing a wicked problem, platforms are very unwilling to actually give up, even partly, their role and control in moderating content, but will gladly externalize their worst headaches. If their worst headaches were aligned with the concerns of their users, that would be great, but creating “case law” for content moderation is an exercise in futility, as the company struggles to reverse-engineer Trump-friendly positions with its long-standing processes. We don’t have lower court judges who get to dutifully decide whether something is inscribed in the board’s previous actions. We have either underworked, underpaid and scarred people making snap decisions every minute, or irony and nuance illiterate algorithms who are poised to interpret these decisions mechanically. And more to the point, we have executives deciding to provide political cover to powerful players rather than enforce their own policies, knowing full well they’re not beholden to any oversight, since even if already up and running, by the time the Board ruled on this particular case, if ever, the situation would have since no longer been of national importance.As always, there still is a solution. The Oversight Board may be beyond salvaging, but the idea of a private governance institution, where members of the public, civil society, industry and even government officials, can come together and try to reach a common ground for what the issues are and what the solutions might be, should still flourish, and should not be thrown away simply because Facebook’s initial attempt was highly flawed. Through continued vigilance and genuine, honest critiques of its structure and real role in the Facebook ecosystem, the Oversight Board can, at best, register as just one experiment of many, not a defining one, and we can soldier on with more diverse, inclusive, transparent, and flexible, industry-wide dialogues and initiatives.The worst case scenario is if the Board magically coasts through without any strong challenge to its shaky legitimacy, or its impotent role. The potential for this to happen is there, since there are more important things in the world to worry about than whether Facebook’s independent advisory body has any teeth. In that case Facebook intends to, one way or another, franchise it to the rest of the industry. And that would be the third, and final flop. However, as I hope you figured it out by now, the money card wouldn't be there either. The money card, the card that Facebook never actually intended on giving away or even showing us, the power over content moderation policies, was never embedded in the structure of the board, its membership or any potential industry copycats that could legitimize it. This unexpected event allowed us to take a peek at the cards, the money card is still where it was all along, in Facebook’s back pocket.David Morar is Associate Researcher at the Big Data Science Lab at the West University of Timisoara, Romania
Daily Deal: The Ultimate Learn To Play Piano Bundle
The Ultimate Learn To Play Piano Bundle has 10 courses designed to take your music skills from beginner to advanced. You'll learn Music Theory, how to read and write music, how to play chords and chord progressions. You'll also learn about how to compose melodies, how to train your ears to recognize different types of chords and keys, and much more. It's on sale for $35.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.
New Study Finds No Evidence Of Anti-Conservative Bias In Facebook Moderation (If Anything, It's The Opposite)
Over the last few months, it's been weird to watch how any time we point out that there's no actual evidence of anti-conservative bias in the content moderation practices of social media, some in our comments absolutely lose their shit. One commenter, has been on a rampage in just the last week to declare me an evil liar for refusing to admit the "obvious" fact that there's anti-conservative bias in moderation. However when I and others ask these people for that evidence, it never seems to show up.I imagine they are not going to like this story either. A new study from CrowdTangle, a data analytics firm that is owned by Facebook, and has access to Facebook data, seems to suggest that if there's any bias, it goes the other way:
AT&T's Streaming Headaches Continue As Contract Feuds Keep New TV Service Off Amazon, Roku
So we've noted repeatedly how AT&T's entry into the video space hasn't gone according to plan. First, the company spent so much money on mergers ($150 billion for Time Warner and DirecTV) in recent years, it effectively crippled itself with debt. Second, the company passed that merger debt on to most of its customers in the form of price hikes, which defeated the whole point of "cutting the TV cord." Third, AT&T launched so damn many confusing streaming brands simultaneously, it even confused the company's own employees.Collectively, this resulted in AT&T losing 3.43 million TV subscribers last year alone, which certainly wasn't the kind of sector domination executives originally envisioned.And there's every indication that things might get worse.As noted, AT&T already offers a very confusing array of TV services: HBO Go, HBO Now, AT&T Now, AT&T TV, AT&T WatchTV, AT&T U-verse (IPTV) and DirecTV (satellite). Last week the company launched yet another streaming platform, HBO Max. But there's trouble in paradise: because of contractual standoffs with Amazon and Roku, the service apparently won't be appearing on either platform at launch. Given Roku is the most popular streaming hardware in America by a pretty wide margin (39% market share in 2019), that's kind of a problem for AT&T:
Bangladeshi Government Decides There's No Time Like The Present To Censor/Arrest More Journalists
We can't have nice things. We can't even have mediocre things. And, in the midst of a global pandemic, we can't even have basic things. The Bangladesh government hasn't exactly discovered the power of censorship. The government and this power are already acquainted. But with a novel virus in the air, the government has discovered it can silence speech more effectively.
Corporate Sovereignty Lawyers Prepare To Sue Governments For Bringing In Measures To Tackle COVID-19 And Save Lives
Regular readers of Techdirt will be all too familiar with the problem of corporate sovereignty -- the ability of companies to sue entire countries for alleged loss of profits caused by government action. Also known as investor-state dispute settlement (ISDS), there have been indications that some countries are starting to drop ISDS from trade and investment treaties, for various reasons. But a worrying report from Corporate Europe Observatory suggests that we are about to witness a new wave of corporate sovereignty litigation. Hard though it may be to believe, these cases will be claiming that governments around the world should be reimbursing companies for the loss of profits caused by tackling COVID-19:
Cops -- Newly Wary Of Looking Like Authoritarian Assholes -- Open Fire On, Arrest Journalists
There was a window of opportunity for cops following the George Floyd killing. Floyd, suspected of nothing more than passing a fake $20 bill, was killed by Officer Derek Chauvin of the Minneapolis PD. Chauvin placed his knee on Floyd's neck until he was dead. This act lasted for nearly nine minutes -- and for nearly three minutes after Chauvin checked for a pulse and found nothing. Yet he persisted, and none of the three cops around him stopped him.Chauvin has been criminally charged and is under arrest. We'll see where that takes us. But the opportunity was there for the rest of the nation's cops to separate themselves from this "bad apple." Cop defenders ignore what bad apples do to barrels, but we won't. Chauvin is a symptom. He is not the disease.As protests broke out around the nation, law enforcement agencies responded. While a small number attempted to find middle ground with aggrieved citizens, most acted as though they were a law unto themselves in these troubled times.One site got it completely right -- a site that so often offers up hot takes that it is the source of its own meme. Slate, of all places, nailed this call:
Securus Quietly Settles Lawsuit Over Illegally Spying On Inmate Attorney Conversations
We've noted repeatedly how interstate inmate calling service (ICS) companies have a disturbingly cozy relationship with government, striking (technically buying) monopoly deals that let them charge inmate families $14 per minute. Worse, some ICS companies like Securus Technologies have been under fire for helping the government spy on privileged inmate attorney communications, information that was only revealed in 2015 after Securus was hacked. Given the apathy for prison inmates and their families ("Iff'n ya don't like high prices, don't go to prison, son!") reform on this front has been glacial at best.The 2015 Hacker-obtained data featured 70 million records of phone calls (and recordings of the phone calls themselves), placed by prisoners in at least 37 different states over a two-and-a-half year period. Of particular note were the estimated 14,000 recordings of privileged conversations between inmates and their lawyers:
Clearview Says Section 230 Immunizes It From Vermont's Lawsuit Over Alleged Privacy Violations
Clearview is currently being sued by the attorney general of Vermont for violating the privacy rights of the state's residents. As the AG's office pointed out in its lawsuit, users of social media services agree to many things when signing up, but the use of their photos and personal information as fodder for facial recognition software sold to government agencies and a variety of private companies isn't one of them.
Giving People Property Rights In Data Will Not Solve Privacy, But...
Online privacy can’t be solved bygiving people new property rights in personal data. That idea isbased on a raft of conceptual errors. But consumers are alreadyexercising property rights, using them to negotiate the trade-offsinvolved in using online commercial products.People meana lot of different things when they say “privacy.”Let’s stipulate that the subject here is control of personalinformation. There are equal or more salient interests and concernssometimes lumped in with privacy. These include the fairness andaccuracy of big institutions’ algorithmic decision-making,concerns with commodification or commercialization of online life,and personal and financial security.Consumers’ use of online serviceswill always have privacy costs and risks. That tension is acompetitive dimension of consumer Internet services that should neverbe “solved.” Why should it be? Some consumers areentirely rational to recognize the commercial and social benefitsthey get from sharing information. Many others don’t want theirinformation out there. The costs and risks are too great in theirpersonal calculi. Services will change over time, of course, andconsumers’ interests will, too. Long live the privacy tension.Online privacy is not an all-or-nothingproposition. People adjust their use of social media and onlineservices based on perceived risks. They select among options, useservices pseudonymously, and curtail and shade what they share. So,to the extent online media and services appear unsafe orirresponsible, they lose business and thus revenue. There is nomarket failure, in the sense usedin economics.Of course, there are failures of thecommon sort all around. People say they care about privacy, but don’tdo much to protect it. Network effects and other economies of scalemake for fewer options in online services and social media, so thereare fewer privacy options, much less bespoke privacy policies. Andcompanies sometimes fail to understand or abide by their privacypolicies.Those privacy policies are contracts.They divide up property rights in personal information very subtly—sosubtly, indeed, that it might be worth reviewing whatproperty is: a bundle of rights to possess, use,subdivide, trade or sell, abandon, destroy, profit, and excludeothers from the things in the world.The typical privacy policy vests theright to possess data with the service provider—a bailment, inlegal terminology. The service provider gets certain rights to usethe data, the right to generate and use non-personal information fromthe data, and so on. But the consumer maintains most rights toexclude others from data about them, which is all-important privacyprotection. That’s subject to certain exceptions, such asresponding to emergencies, protecting the network or service, andcomplying with valid legal processes.When companies violate their privacypromises, they’re at risk from public enforcement actions—fromAttorneys General and the Federal Trade Commission in the UnitedStates, for example—and lawsuits, including class actions.Payouts to consumers aren’t typically great becauseindividualized damages aren’t great. But there are economies ofscale here, too. Paying a little bit to a lot of people is expensive.A solution? Hardly. It’s morelike an ongoing conversation, administered collectively andepisodically through consumption trends, news reporting, publicawareness, consumer advocacy, lawsuits, legislative pressure, andmore. It’s not a satisfactory conversation, but it probablybeats politics and elections for discovering what consumers reallywant in the multi-dimensional tug-of-war among privacy, convenience,low prices, social interaction, security, and more.There is appeal in declaring privacy ahuman right and determining to give people more of it, but privacyitself fits poorly into a fundamental-rights framework. Peopleprotect privacy in the shelter of other rights—common law andconstitutional rights in the United States. They routinely dispensewith privacy in favor of other interests. Privacy is better thoughtof as an economic good. Some people want a lot of it. Some peoplewant less. There are endless varieties and flavors.In contrast to what’s alreadyhappening, most of the discussion about property rights in personaldata assumes that such rights must come from legislative action—aproperty-rights system designed by legal and sociological experts.But experts, advocates, and energetic lawmakers lack the capacity todiscern how things are supposed to come out, especially given ongoingchanges in both technology and consumers’ information wants andneeds.An interesting objection to creatingnew property rights in personal data is that people might continue totrade personal data, as they do now, for other goods such as low- orno-cost services. That complaint—that consumers might get whatthey want—reveals that most proposals to bestow new propertyrights from above are really information regulations in disguise.Were any such proposal implemented, it would contend strongly in themetaphysical contest to be the most intrusive yet impotent regulatoryregime yet devised. Just look at the planned property-rights systemin intellectual property legislation. Highly arguable net benefitscome with a congeries of dangers to many values the Internet holdsdear.The better property rights system isthe one we’ve got. Through it, real consumers are roughly andunsatisfactorily pursuing privacy as they will. They often—butnot always—cede privacy in favor of other things they wantmore, learning the ideal mix of privacy and other goods through trialand error. In the end, the “privacy problem” will no morebe solved than the “price problem,” the “qualityproblem,” or the “features problem.” Consumers willalways want more and better stuff at a lower cost, whether costs aredenominated in dollars, effort, time, or privacy.Jim Harper is a visiting fellow at the American Enterprise Institute and a senior research fellow at the University of Arizona James E. Rogers College of Law.
Let. The Motherfucker. Burn.
Warning: this post will contain what we in the business like to call strong language, invective, and violent content. Govern yourself accordingly.Content warning 2: possibly exceedingly long.ONCE UPON A TIME, A MAN GOT FUCKEDLet's start with a story:(Those of you who'd like to read a transcript, rather than watch this powerful performance by Orlando Jones [possibly for "Dear God, I'm still at work" reasons], can do so here.)This is the history of black Americans. For a few hundred years, they weren't even Americans. And even after that -- even after the Civil War -- black Americans spent a hundred years being shunted to different schools, different neighborhoods, different restrooms, different bus seating, different water fountains. They are not us, this land of opportunity repeatedly stated.Integration was forced. It was rarely welcomed. Being black still means being an outsider. Four hundred years of subjugation doesn't just end. This is how the story continues:
Joe Biden Wastes A Huge Opportunity To Support Free Speech; Still Wants To 'Revoke' Section 230
Joe Biden had a golden opportunity to actually look Presidential, and stand up for free speech and the 1st Amendment at a moment when our current President is seeking to undermine it with his Executive order that is designed to intimidate social media companies into hosting speech they'd rather not, and scare others off from fact checking his lies. And he blew it. He doubled down on the ridiculous claim that we should "revoke" Section 230.
Daily Deal: The 2020 All-in-One Data Scientist Mega Bundle
Businesses, small to big enterprises, depend on data science. It's a field responsible for evaluating and interpreting data, statistics, and trends to help businesses arrive at better decisions and actions. The 2020 All-in-One Data Scientist Mega Bundle will help you learn and master different data processes such as visualization, computing, analysis, and more. Over 12 courses, you will also learn how to use data across different platforms and languages including Python, Apache, Hadoop, R, and more. It's on sale for $40.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.
In The Midst Of A Pandemic And Widespread Unrest, Senate Republicans Think It's Time To Use Copyright To Make The Richest Musicians Richer
There's kind of a lot going on in America right now -- what with widespread protests about police violence (leading to more police violence), and we're still in the middle of the largest pandemic in a century. You'd think some of those things would be priorities for Congress, but instead, Senate Republicans have decided that now is the time to pushing ahead with helping Hollywood by examining how to make copyright worse. Even the Washington Post is completely perplexed as to how this could possibly be a priority right now.
Arizona AG Sues Google For Location Data Failures, After Telecom Got A Wrist Slap For Far Worse Behavior
Two years ago, an investigation by the Associated Press and Princeton computer scientists found that Google services on both Android and Apple routinely continued to track user location data, even when users opted out of such tracking. Even if users paused "Location History," the researchers found that some Google apps still automatically stored time-stamped location data without asking the consumer's consent.Fast forward two years later, and Arizona Attorney General Mark Brnovich has sued Google for violating the Arizona Consumer Fraud Act over the practice. The lawsuit (pdf), filed in Maricopa County Superior Court, is based off of an investigation begun by Brnovich's office back in 2018. Like the aforementioned AP report, the AG found that Google's settings didn't actually do what they claimed they did in regards to ceasing location data tracking:
California Anti-SLAPP Law Gives Rachel Maddow An Early Exit From Conservative News Network's Bogus Libel Lawsuit
The only news network further to the right than Fox News has just seen its baseless libel lawsuit against MSNBC host Rachel Maddow dismissed under California's anti-SLAPP law. While Fox occasionally has to acknowledge the real world and employs a few newscasters critical of the President and his policies, One American News Network (OAN/OANN) apparently feels no compunction to address any issues honestly, preferring to curl up in the lap of the leader of the free world.OAN sued after Maddow offered her commentary on a Daily Beast article that said the news network employed a "Kremlin-paid journalist." The journalist, Kristian Rouz, had been working for both OAN and the Kremlin-owned Sputnik, the latter of which was determined to be a participant in Russia's 2016 election interference effort.Maddow's commentary was somewhat hyperbolic, and very critical of OAN and its double-agent journalist. But OAN took particular issue with a single phrase Maddow said during her broadcast. From the decision [PDF]:
Funniest/Most Insightful Comments Of The Week At Techdirt
We've got a double winner this week, with That One Guy taking first place for both insightful and funny with some thoughts on Trump's social media executive order:
Sale Ends Tomorrow! Last Chance To Get CIA: Collect It All for 25% Off
Get 25% off your copy of CIA: Collect It All with
Professional Race Car Driver Hires Expert Gamer To Race His Video Game Car
The esports momentum due to the COVID-19 pandemic isn't slowing down. And one of things many people are learning now that they're either spectating or participating in esports for the first time is just how hard it is to be really, really good in these competitions. The days that bore the cliches about unskilled gamers slothing in their parent's basement are long gone, replaced by corporate sponsorships for sold out events in full-scale arenas. In the absence of traditional IRL sports at the moment, many professional athletes are now getting into esports as well, with autoracing having led the way.And now, in an occurrence that basically had to happen, we have our first instance of a professional racer getting caught having a gamer stand in for him during a race.
Last Minute Addition To Louisiana Bill Hamstrings Community Broadband
We've long noted that roughly twenty states have passed laws either outright banning community broadband, or tightly restricting such efforts. The vast majority of the time these bills are literally written by telecom lobbyists and lawyers for companies like AT&T and Comcast. While the bills are usually presented by lawmakers as an earnest concern about taxpayer boondoggles, the real motivation usually is the prevention of any disruption of their cozy geographical monopolies/duopolies.In some states, community broadband is being offered via the local power utility. That's the case in Tennessee, where Chattanooga-based EPB has been prohibited from expanding despite the overall lack of competitive options in the state -- and despite EPB having been rated one of the best ISPs in America. When ISPs can't get straight out bans passed via state legislature, they'll usually trying to bury such restrictions in unrelated bills, such as when AT&T tried to include community broadband restrictions in an unrelated Missouri traffic ordinance.Hugely frustrated by substandard service and a lack of broadband competition, more than 750 communities around the country have built some sort of community broadband network. But even when legislation intended to help them is proposed, it's an uphill battle to try and keep entrenched telecom lobbyists from making the bills worse. Case in point: Louisiana is considering Senate Bill 407, which would let utilities expand broadband to their rural customers. But provisions buried in the bill at the last second restrict utilities from offering broadband anywhere an incumbent already offers service:
District Court Mostly Refuses To Terminate The Litigation Testing The Copyright Termination Provision
The decision this post discusses, Waite v. Universal Music Group, came out at the end of March, but, as one of the leading cases litigating the termination provision of the copyright statute, it's still worth the attention. Maybe even especially now, as the Copyright Office overtly goes to bat for rightsholders. Because the termination provision speaks to who the rightsholders actually are. Without it, it's likely to not actually be the artists behind the creation of the works.The decision does a good job at least partially explaining why the termination provision is important:
No, Twitter Fact Checking The President Is Not Evidence Of Anti-Conservative Bias
I know we've gone through this a bunch already, but there remains no evidence to support the claims of "anti-conservative bias" at major social media platforms. Some people (usually self-claiming conservatives, though they rarely seem to represent actual conservative principles) get really angry about this. But, oddly, none ever seem to present any actual evidence.Of course, the very underpinnings of the White House's silly and nonsensical executive order regarding social media is that of course there's is anti-conservative bias in the moderation, and it even points to the action that kicked off this entire temper tantrum from the thin-skinned President: they provided a link under his debunked conspiracy theory tweet about mail-in ballots. Many Trump supporters and the executive order itself argue that this kind of fact checking is only done to conservatives:
Can You Protect Privacy If There's No Real Enforcement Mechanism?
Privacy laws can have a lot of moving pieces from notices anddisclosures, opt-in and opt-out consent requirements to privacydefaults and user controls. Over the past few years, there has beensignificantprogresson these issues because privacy advocates, consumer groups, industryvoices, and even lawmakers have been willing to dive intodefinitional weeds, put options on the table, and find middle ground.But this sort of thoughtful debate has not happened when it comes tohow privacy laws should be enforced and what should happen whencompanies screw up, families are hurt, and individuals’ privacyis invaded.Instead, when it comes to discussingprivate rights of action and agency enforcement, rigid red lines havebeen drawn. Consumer groups and privacy advocates say letindividuals sue in court -- and callit a day. Business interests, when they talk about“strongenforcement,” often mean letting an underfundedFederal Trade Commission and equally-taxed state Attorneys Generalhandle everything. Unfortunately, this binary,absolutist dispute over policing privacy rightsthreatens to sink any progress on privacy legislation.It happened in Washington state, whichfailed to enact a comprehensive privacy framework in March becauseof a single sentence that could have let someconsumers sue to enforce their rights under the state’s generalConsumer Protection Act. Private rights of action have stymied stateprivacy task forces, and the issue is consuming efforts by theUniformLaw Commission to craft a model privacy bill. This isbut a microcosm of what we’ve seen at the federal level, wherelawmakers are at “loggerheads”over private rights of action.This impasse is ridiculous. Advocacygroups share some blame here, but industry voices have failed to putany creativity into putting an alternative path forward. Companyafter companyand tradeassociation after tradeassociation have come out in favor of privacy rules,but the response to any concern about how to ensure those rules arefollowed has been crickets. Few seem to have given much thought intowhat enforcement could look like beyond driving a Brinks truck fullof money up to the FTC. That is not good enough. If industry isserious about working toward clear privacy rules, business interestshave two obligations: (1) they should offer up some new ideas toboost enforcement and address legitimate concerns about regulatorylimitations and capture; and (2) they need to explain why privaterights of action should be a non-starter in areas where businessesalready are misbehaving.First, while we can acknowledge thegood work that the FTC (and state Attorney Generals) has done, weshould also concede that agencies cannot address every privacyproblem and have competing consumer protection priorities.Commentators laudthe FTC’s privacy work but have not suggested how an FTC withmore resources will not just do more of what it’salready doing. There are outstanding considerations animating effortsto create an entirelynew federal privacy agency (and that’s on top ofa proposal in California to set up its own entirely new “PrivacyProtection Agency”). Improving the FTC’s privacy posturewill require more than more money and personnel.Part of this will be creatingmechanisms that ensure individuals can get redress. One idea would beto require the FTC to help facilitate complaint resolutions. TheConsumer Financial Protection Bureau alreadydoes this to some extent with respect to financialproducts and services. The CFPB welcomes consumer complaints -- andthen works with financial companies to get consumers a directresponse about problems. These complaints also help the CFPB identifyproblems and prioritize work, and then CFPB publishes (privacyfriendly) complaint data. This stands in contrast to the FTC’sConsumerSentinel Network, which is a black box to the public.Indeed, the FTC’s complaintsystem is opaque even to complainants themselves. The black boxnature of the FTC is, fairly or not, a constant criticism by privacyadvocates. A group of advocates began the Trump administration bycallingfor more transparency from the Commission about how ithandles complaints and responds to public input. I can speak to thisissue, submitting myown complaint to the FTC about the privacy andsecurity practices of VPNs in 2017. Months later, the FTC put out abriefblog post on the issue, which I took to be the end ofthe matter on their end. Some sort of dualtrackinformal and formal complaint process like the FederalCommunications Commission could be one way to ensure the FTC bettercommunicates with outsiders raising privacy concerns.These are mostly tweaks to FTC process,however, and while they address some specific complaints aboutprivacy enforcement, they don’t address concerns thatregulators have been missing -- or avoiding -- some of the biggestprivacy problems we face. This is where the rigid opposition toprivate rights of action and failure to acknowledge the largerconcern is so frustrating.Sensitive data types present a goodexample. Unrestrained collection and use of biometricsand geolocationdata have become two of the biggest privacy fights ofthe moment. There has been a shocking lack of transparency orcorporate accountability around how companies collect and use thisinformation. Their use could be the key to combating the ongoingpandemic; their misuse a tool for discrimination, embarassment, andsurveillance. If ever there were data practices where more oversightis needed, these would be it.Yet, the rapid creep of facialrecognition gives us a real-world test case for how agencyenforcement can be lacking. While companies have been calling fordiscussions about responsible deployment of facial recognition evenas they pitch this technology to every school, hospital, and retailerin the world, Clearview AI just up and ignored existing FTCguidance and state law. Washington state has anexisting biometric privacy law, which the state Attorney Generaladmitted has never been the basis of an enforcement action. To myknowledge, the Texas Attorney General also has never brought a caseunder that state’s law. Meanwhile, the Illinois BiometricPrivacy Act (BIPA) maybe theone legal tool that can be used to go after companieslike Clearview.BIPA’s private right of actionhas been a recurring thorn in the sides of major social mediacompanies and theme parks rolling out biometrics technologies, but noone has really cogently argued that companies aren’t flagrantlyviolating the law. Let’s not forget that facial recognitionsettings were anunderappreciated part of the FTC’s most recentsettlement with Facebook, too. However, no one can actually discusshow to tweak or modernize BIPA because industry groups have had asingle-minded focus on stripping the law of all its privateenforcement components.Industry has acted in lockstep toinsist it is unfair for companies to be subject to limitlessliability by the omnipresent plaintiffs bar for every minor ortechnical violation of the law. And that’s the rub!There is no rule that says a privateright of action must encompass the entirety of a privacy law. One ofthe compromises that led to the California Consumer Privacy Act wasthe inclusion of a private right of action for certain unreasonabledata breaches. Lawmakers can take heed and go provision-by-provisionand specify exactly what sorts of activities could be subject toprivate litigation, what the costs of the litigation might be, andwhat remedies can ultimately be obtained.The U.S. Chamber of Commerce has beenat the forefront of insistingthat private rights of action are poor tools for addressing privacyissues, because they can “undermine appropriate agencyenforcement” and hamper the ability of “expert regulatorsto shape and balance policy and protections.” But what’sthe objection then in areas where that’s not true?The sharing and selling of geolocationinformation has become especially pernicious, letting companies infersensitive health conditions and facilitating stalking. Can anyindustry voice argue that companies have been well-behaved when itcomes to how they use location information? The FTC clearly stated in2012 that precise geolocation data was sensitive informationwarranting extra protections. Flash forward to 2018and 2019,where The New York Times is engaged in annual exposéson the wild west of apps and services buying and selling “anonymous”location data. Meanwhile, the Communications Act requires carriers toprotect geolocation data, and yet the FCC finedall four major wireless carriers a combined $200million for sharing their subscribers’ geolocation data withbounty hunters and stalkers in February of this year.Businesses do not need regulatoryclarity when it comes to location data -- companies need to put in apenalty box for an extended timeout. Giving individuals the abilityfor private injunctive relief seems hardly objectionable given thistrack record. Permitting class actions for intentional violations ofindividuals’ geolocation privacy should be on the table, aswell.There should be more to discuss than auniverse where trial attorneys sue every company for every privacyviolation or a world where lawmakers hand the FTC a blank check.Unfortunately, no one has yet put forward a vision for what theoptimum level of privacy enforcement should be. Privacy researchers,advocates, and vulnerable communities have forcefully said the statusquo is not sufficient. If industry claims it understands theimportance of protecting privacy but just needs more clarity aboutwhat the rules are, companies should begin by putting forward someplans for how they will help individuals, families, and communitieswhen they fall short.Joseph Jerome, CIPP/US, is a privacy and cybersecurity attorney based in Washington, D.C. He currently is the Director of Multistate Policy for Common Sense Media.
Two Cheers For Unfiltered Information
Inthe early hours of December 31,2019 weeks before the coronavirus was recognized as a buddingpandemic, Taiwanese Centers for Disease Control Deputy Director LuoYijun was awake, browsingthe PTT Bulletin Board.A relic of 90s-era hacker culture, PTTis an open source internet forumoriginally created by Taiwanese university students. On the site'sgossip board, hidden behind a warning of adult content, Yijun found adiscussion about the pneumonia outbreak in Wuhan.However, the screenshots from WeChat posted to PTT described aSARS-like coronavirus, not the flu or pneumonia. The threadidentified a wet market as the likely source of the outbreak,indicating that the disease could be passed from one species toanother. Alarmed, Luo Yijun warned his colleagues and forwarded hisfindings to China and the World Health Organization (WHO). Thatevening, Taiwan began screening travelers from Wuhan, acting on theinformation posted to PTT.Aniche Internet forum, not the WHO or Chinese Communist Party (CCP),notified Taiwan, and the world more broadly, of the seriousness ofCOVID-19 – the disease caused by the new coronavirus. The sameday, Wuhan’sMunicipal Health Commission describedthe disease as pneumoniaand cautioned against assumptions of human-to-human transmission.While Chinese health authorities downplayed the seriousness of theoutbreak, a lightly governed websitehelped information about the disease to escape China’s GreatFirewall. As viral misinformation inspires skepticism of free speechin the west and conservativelegal scholars express admiration for China’s system ofinformation control,this episode illustrates the value of unfiltered speech.PTT’sgossip board is not fact checked by experts, and while the board hassome rules, it is a place for gossip rather than verified informationor news. The forum is governed far more liberally than contemporarysocial media platforms with extensive community standards and tens ofthousands of paid moderators. While bulletin boards have largelyfallen out of favor with western Internet users, PTT probably is mostcomparable to 4chan, the Something Awful forums, or Hackernews. Inthe past, it has hostedleaked government surveillance proposals,and Chinese officials have recently complainedabout the siteas a source of abusive speech about the WHO.Thereis a real difference between lightly governed or unmoderated spaces,essentially ruled by the First Amendment (which inevitably play hostto the good, the bad, and the ugly) and platforms that arespecifically curated to highlight vulgar or illiberal content. 4chancontains image boards dedicated to fashion, travel, umpteen forms ofJapanese animation, and /pol, a board for politically incorrectconversation that receives an outsized amount of attention inmainstream media. The Daily Stormer is a blog for white nationalists.We must resist the urge to condemn ungoverned fora alongside badlygoverned forums simply because both provide platforms for noxiousspeech.Because the Daily Stormer is specifically curatedto highlight neo-Nazi speech, we can safely assume that it won’thost valuable information. Its gatekeepers explicitly selectfascistic speech for publication before the content goes live and areunlikely to grant a platform to anything else. It certainly isn’ta hangout for anonymous epidemiologists. 4chan, on the other hand,contains its fair share of extremist speech but the platform is notmoderated by fascists, nor, for the most part, anyone at all. 4chanhosts almost any sort of speech; despite being unverified, usefulinformation may still be posted there. Due to its lack of formalgatekeeping, users’ comments are not screened for eitheraccuracy or good taste. As a result of 4chan’s norm ofanonymous participation, prominence, and popularity with particularlyactive internet trolling communities in the mid-aughts, the sitegained a reputation as an informational free-for-all, rendering it auseful dumping ground for both leaks of authentic nonpublicinformationand unhinged conspiracy.Evenas its prominence has diminished, 4chan’s reputation ensuresthat it remains a popular space to share privileged information,often in concert with other essentially unmoderated publicationservices such as Pastebin. Last year, Newsof Jeffrey Epstein’s deathwas first leaked on the site. While it can be difficult to prove theveracity of any one claim, the existence of such a place--anungoverned information clearinghouse--has undeniable value.Ungoverned fora allow arguments, assertions, and media to be freelyshared and considered without giving undue authority to unprovenassertions.Becauseusers participate anonymously or pseudonymously, they cannot relyupon, and subsequently do not risk, their permanent personalreputations and credentials. Likewise, it is the very popularity ofthese message boards as information clearinghouses that makes themattractive to bad actors. If you want to publish a sensitive message,for good or for ill, lightly moderated platforms are good tools forthe job.Althoughthese platforms may spread disinformation, if read with a healthydose of skepticism the content they carry is not per-se dangerous.Crucially, they fail differently than, in this case, Chinese statehealth authorities, which had political reasons to downplay theseriousness of the outbreak. Rather than providing filtered,authoritative information that can cause widespread harm ifincorrect, such as the WHOrecommendations against mask use published throughout March,open fora host many unfiltered claims that, without supportingevidence, carry little authority whatsoever. A healthy informationecosystem will contain both trustworthy authorities, and bottom upinformation distribution networks that can correct institutionalfailures. In a world in which seemingly authoritative sources are nottrustworthy, unfiltered platforms will gain credence, for good andill.However,as Luo Yijun’s late night discovery on PTT demonstrates,unverified information can inform and illuminate, especially in theabsence of trustworthy authoritative information. Furthermore, ifused effectively, open-source information hosted on ungovernedplatforms can enhance the capability and legitimacy of traditionalinstitutions, such as the Taiwanese CDC. Liberally governed platformsare often blamed for their role in transmitting falsity and hate butseldom lauded when they facilitate the spread of life-savinginformation.WillDuffield is a Policy Analyst at the Cato Institute
Daily Deal: The Hands-On Game Development Bundle
The Hands-On Game Development Bundle has 10 courses of instruction on using various platforms and languages to develop your own games. You'll learn C++, Node.js, Godot, and others. You will build a turn-based, micro-strategy game, develop a 2D platformer level using tiles, develop an AR spaceship-shooting game, and more. It's on sale for $35.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.
Trump's Final Executive Order On Social Media Deliberately Removed Reference To Importance Of Newspapers To Democracy
We wrote a detailed breakdown of the President's silly, nonsensical, legally wrong Executive Order regarding social media yesterday. A few hours later the official version came out, and it was somewhat different than the draft (though, in no ways better). If you want to see the differences between the draft and the final version, here's a handy dandy redline version put together by Professor Eric Goldman.The new version inserted a bunch more nutty ramblings that have no legal meaning, but should the executive order ever need to be challenged in court, more or less made it clear that this was done vindictively. It honestly reads like Trump read the draft and whined that there wasn't enough about how unfair everyone is to him and what a meanie Rep. Adam Schiff has been in investigating the President. Separately, the very fact that the draft changed so drastically from the night before to the moment of release shows that it was drafted hastily, which provides even more evidence that it was done directly in retaliation for Twitter fact checking his false claims.The biggest change in the final version is that beyond setting up a "working group," the final version instructs the Attorney General to "develop model legislation for consideration in States where existing statutes do not protect Americans from such unfair and deceptive practices." Theoretically, this might become a nuisance, but (1) Barr already put together such a working group last year, and (2) had already been working on various legislative proposals to undermine Section 230, including the EARN IT Act that we've discussed at great length.One other notable change is in the instructions given to the FCC, which (despite having literally no legal authority over websites) is to come up with an interpretation of Section 230 (also, the FCC has no reason or basis to interpret Section 230, as that's a job for the courts). The difference from the draft is that it instructs this analysis to look at "the interaction" between the two clauses of the Good Samaritan clause:
Fighting The Free Speech Digital Divide Requires Interoperability and Privacy Protection
When people mention the digital divide, often they’re referring to the divide between people who have access to the internet and those who do not. However, we can also visualize it as the divide between those who benefit from free expression on social media and other digital platforms—and those who don’t.In order to get ahead of this burgeoning digital divide, policymakers will need to preserve the values of privacy and consumer choice in a way that one does not undermine the other.This past February, the New York Times profiled Jalaiah Harmon, the creator of the viral TikTok dance, “The Renegade.” But Harmon didn’t create the dance on TikTok; she used a smaller app, Funimate, and crossed-posted her video to Instagram. Instagram is where other popular TikTok creators first learned of the dance. TikTok, like many platforms, doesn’t encourage posters to give credit to creators.Instead of Jalaiah benefiting from the virality of her own dance, other TikTok users did. Those benefits include brand deals, media opportunities, and the chance to connect with the professional dance world. If Jalaiah had been able to easily cross-post from Funimate to TikTok, she may have been able to benefit from “The Renegade” right from the start.Apps like Funimate, Dubsmash, and Likee offer smaller, vibrant communities, often popular with users of color and other marginalized communities. These smaller platforms may provide functionality that other apps don’t, or they may just foster community in a way that appeals more to users that are not considered mainstream who want to preserve their unique culture. Apps like TikTok may not provide that opportunity, and that is okay when consumers have choices in the marketplace.However, because these communities are smaller, users have fewer opportunities to monetize their creativity. These smaller applications also have a harder time benefiting from the creativity of their users. In the case of Jalaiah, instead of new users flocking to Funimate to check out Jalaiah’s other videos, TikTok benefited from the dance and probably grew its user base because of it.In Washington, conversations about interoperability (the technical capability of different platforms to communicate with each other and work together) have become one of several pro-competition, pro-consumer choice policy solutions to gain notice.In the TikTok/Funimate case, interoperability would allow users to create videos on Funimate but have them viewable on TikTok. This functionality would also make it easier for TikTok users to leave TikTok if they thought another video sharing app would provide them with better content, better usability, or just a better community.One of the most common excuses by tech companies to avoid engaging in interoperability, or even basic data sharing at the user’s request, is that doing so may violate concerns about preserving users’ privacy. This excuse is meant to force policymakers to give platforms a reprieve from either more stringent privacy protections, or, if Congress must pass comprehensive privacy rules, to lock in existing platforms and online companies with a competitive advantage. That is a false choice.Most platforms get a lot of data from their users. Whether it’s for personalizing the user experience, targeting ads, or both, internet companies collect so much personal information that they know a lot about what the user wants, who their user is, what the user does, whom the user connects with, what the user likes, and where the user moves.As a result, it is often hard to stop using a platform or leave for its competition. We call this concept the cost of exclusion. If leaving a platform equals leaving memories, artistic works, or friends behind, or even abandoning a digital-self that represents us in ways that we can’t offline, then very few people are going to do it. The social cost is too high.Without a growing user base, newer platforms often can’t compete with older, dominant players. This is especially problematic for platforms that cater to marginalized groups like people of color, queer people, or people with disabilities.Interoperability can help new platforms build up a store of data they can use to improve their services, because when they gain a new user, that user can also bring access to their data and portions of their social graph from the old service. This can increase the power of users “voting with their feet” by leaving one service to switch to another. If users’ data becomes shared across services, then the new service they’ve chosen can doubly benefit: It gets a new user and a new source of data.But while sharing data can be useful to both users and platforms alike, how do we preserve users’ privacy? And how can we prevent the data from being exploited?First, we need a comprehensive privacy law. A comprehensive law would set a baseline expectation for preserving user privacy, regardless of the size of an online service or platform. Baseline expectations between platforms give all users, regardless of what platform they choose, protection against data discrimination or other privacy violations.Second, we need interoperability rules that govern internet platforms to be a part of the privacy conversation. These rules wouldn’t just govern how platforms are made interoperable, but would also give users additional privacy protections. As a baseline, interoperability rules could limit how platforms use the data they get from interoperable systems. The rules could also prevent platforms from using that data for advertising or any other purpose not explicitly requested by the user.With combined privacy and interoperability protections, an individual user will remain protected and as their data moves from one platform to the next, with the freedom to share and benefit from their creativity without accepting weaker privacy or giving into the cost of exclusion from a dominant platform. If a user does decide to use an interoperable system, then that user’s friends’ or followers’ data could be available to the new platform if the consent is given by the users friends for interoperable sharing.The internet is a powerful tool for free expression and, as such, we must preserve spaces where marginalized groups congregate, create, and interact as a community. Niche communities may not represent your individual viewpoint, and some may be outright hateful, but if we are to preserve consumer choices for free expression for some communities, we cannot deny it for others.If larger platforms are essentially stealing the content, work, and ideas of users on smaller platforms, then that harms not only the individual who created the content, but the original platform that housed the content. Privacy-preserving interoperability could be the solution to preserving spaces for marginalized communities, while still allowing them to benefit from their work.
DC Appeals Court Dumps Lawsuit Claiming Multiple Tech Companies Are Engaged In An Anti-Conservative Conspiracy
Early last year, a federal court dumped a lawsuit filed by alt-right figureheads Laura Loomer and Freedom Watch (Larry Klayman's organization) alleging multiple online platforms were engaging in a government-enabled conspiracy to silence them. Mixing and matching liberally from precedent that didn't say what the plaintiffs thought it said, the lawsuit tried to skirt around things like Section 230 immunity by pretending this was about being unconstitutionally blocked from entering public spaces.The lawsuit has now been rejected twice. The DC Circuit Appeals Court decision [PDF] sums up the action at the lower level, noting that it's affirming the call made by the district court.
New Zealand Government Seeking To Expand Its Internet Censorship Powers
New Zealand has been in the censorship business for years, but the government appears to believe it's still not doing enough censoring. Legislation stemming from the government's reaction to the live-streamed Christchurch shooting seeks to expand its ability to block content it deems to be objectionable. In most cases, this means content related to terrorism or violent extremism. But the livestreaming of a mass shooting has created an open-ended definition for the government to work with in conjunction with its criminalization of this act.Newsroom has written up a very thorough examination of the proposed law, with this chilling bit found all the way at the end of its article.
Denuvo's Anti-Cheat Software Now Getting Ripped From Games At Record Speed Too
Remember Denuvo? Back in the far simpler times of 2016-2018, which somehow seem light years better than 2020 despite being veritable dumpster fires in and of themselves, we wrote a series of posts about Denuvo's DRM and how it went from nigh-uncrackable to totally crackable upon games being released with it. Did we take a bit too much pleasure in this precipitous fall? Sure, though our general anti-DRM stance sort of mandated dunking on a company that once touted itself as invincible. Either way, it started to get comical watching publishers release a game with Denuvo, have the game cracked in a matter of days, if not hours, and then release a patch to remove Denuvo entirely from the game.Due in part to this, Denuvo eventually announced it would be shifting its focus away from producing DRM that didn't work to making anti-cheat software. So, how is that going? Well, let's take a look at Doom Eternal, a game which only a week ago added to Denuvo's anti-cheat software via an update.
SmileDirectClub Sues NBC For $2.85 Billion, Claims Factual Statements And Quotes From Customers Are Defamatory
SmileDirectClub -- maker of in-home dental appliances -- is back in the lawsuit business. A couple of years ago, the company sued Lifehacker over an article originally titled "You Could Fuck Up Your Mouth With SmileDirectClub." The company claimed any criticism of its products and techniques was defamatory. Despite the original inflammatory headline, the Lifehacker piece was even-handed, warning potential customers that semi-DIY dental work has some downsides. SmileDirect voluntarily dismissed the lawsuit a week later, perhaps sensing a judge -- even one in bogus lawsuit-friendly Tennessee -- might not agree that critical opinions, however harsh, were libelous.Apparently hoping to undermine the "defamation" market, SmileDirectClub began tying refunds to gag orders, refusing to give unhappy customers back their money unless they signed a non-disparagement agreement. Now, SmileDirect is headed back to court to take on NBC for its critical news report. This time, SmileDirect has to talk its way past a revamped state anti-SLAPP law to get the $2.85 billion it's seeking in this lawsuit. (h/t Daniel Horwitz)The lawsuit [PDF] appears to have been filed by lawyers being paid by the word. It's over 200 pages long and comes with a comprehensive table of contents. Longer does not mean better-developed. And it also doesn't mean the legal arguments are stronger than those found in more sensibly-sized filings.SmileDirect says NBC's report did an incredible amount of damage to its business.
Moderation v. Discretion v. Censorship: They're Not The Same
Moderation is a platform operator saying "we don't do that here". Discretion is you saying "I won't do that there". Censorship is someone saying "you can't do that anywhere" before or after threats of either violence or government intervention.Regular Techdirt commenters have seen that paragraph show up often in recent months. But what does it really mean? Well, as the person who crafted that bit (and who uses it on a regular basis), I'mma do you an explain.ModerationModeration is a platform operator saying "we don't do that here". When I use that phrase, I may cite a column from a blog called Thagomizer. (That column helped me start crafting my bit in the first place.) In the column, writer Aja Hammerly refers to it as a "magic" phrase:
'Big Tech' Blinders Let Other Privacy Violators Off The Hook
After over a decade of largely uncritical admiration from journalists, policymakers, and the public, the United States' biggest tech companies have experienced a swift fall from grace.Facebook, Google, and Amazon are the subject of long overdue scrutiny, investigations, and legal proceedings in jurisdictions around the world for their widespread and repeated violations of people's privacy, while their executives no longer enjoy the glowing reputations they once did. After Cambridge Analytica, YouTube’s record-breaking COPPA fine for illegally tracking children, and a nearly endless list of other privacy transgressions, the Silicon Valley companies deserve all the scrutiny they're getting and then some.But Silicon Valley tech companies aren't the only ones violating our privacy with impunity, and focusing on them as the sole villains allows a whole host of co-conspirators to get off scot-free. These other companies aren't doing less objectionable things with your data, and they haven't demonstrated that they're more worthy of consumer trust, or less likely to be breaking the law.Policymakers and tech journalists need to take off their "big tech" blinders and focus more energy on the lesser-known privacy violators benefiting from Facebook and Google's absorption of the critical oxygen. When we're talking about powerful companies surreptitiously creating information about you and using it to make important decisions about your life, threaten your safety, or violate your privacy, Facebook and Google shouldn't be the only companies we're talking about—because they're far from being the only source of the problem.Take the telecom industry, for example. All of the biggest telecommunications companies have been caught violating their customers' privacy, often at the same scale and to the same degree of flagrancy as their Silicon Valley peers.In 2016, Verizon was fined $1.35 million by the FCC for tracking the browsing history of users on its mobile network without their knowledge and consent. Two years later, a Verizon-owned ad tech company paid the then-highest COPPA fine to the New York state Attorney General for illegally tracking children. AT&T was fined $25 million by the FCC for failing to protect consumer data after AT&T employees stole the names and full or partial Social Security numbers of around 280,000 customers, then sold them to third parties.More recently, an investigation by the Norwegian Consumer Protection Council found that an AT&T-owned ad tech company was among those receiving granular location information and information on users’ sexual orientation from dating apps like Grindr and Tinder. All the biggest carriers—Verizon, AT&T, T-Mobile and Sprint—were found to be illegally selling customers’ real-time location data to anyone who wanted to buy it.Not only do the telecoms violate the privacy protections we have, they tirelessly lobby to make them weaker and worse. They fought the FCC's broadband privacy rules in 2016, then (successfully) convinced Congress to negate them in 2017, lied about the privacy implications of encrypting DNS queries, and are trying to pass a Trojan horse privacy law that would calcify an exploitative status quo. Criticisms of "big tech's" exploitation of people's privacy that ignore big telecom miss the forest for the ISPs.Then there's the ad tech industry. Behavioral advertising, which targets people with ads based on information about their browsing history or offline behavior rather than their current online activity, is in many ways the internet’s original privacy sin. The profit motive it supplies for companies to track our every move and keep us scrolling and clicking for as long as possible is responsible for much of the toxicity, disinformation, and privacy violations that we've become inured to.Behavioral advertisers have done everything they can to link the viability of innovative web services to highly profitable surveillance of users, while claiming that any attempts to weaken or sever that link will break the internet. Their business model is what makes so many online services inherently and unavoidably privacy-invasive when they don’t have to be.Given their reversal of fortunes, one could say that Facebook, Google, and the other Silicon Valley giants have taken the whipping boy role in privacy policy discussions that data brokers used to occupy. Data brokers were a heavy focus of consumer protection-minded policymakers at the FTC and the White House for a number of years, and while the attention previously paid to them has shifted, the venality of their business model hasn’t. The core business of these companies is to collect and infer sensitive information about as many people as possible, and to share and sell those assessments to any company that wants to buy them, like advertisers, health insurance companies, educational institutions, hedge funds, and others.These companies traffic in lists of sexual assault survivors, which students are undocumented or are using birth control, and which of us is most likely to be a vulnerable target for predatory loans, all while remaining staunchly contemptuous of the prerogative of legislators to reign them in. Nothing about data brokers’ exploitation of our data is less objectionable or malignant than what Facebook and Google are doing with it, but #DeleteLiveramp won’t get anyone’s attention.This list of companies that rake in enormous profits for violating your privacy and deserve more notoriety for it isn’t short. There’s the app developers, location aggregators, the credit reporting agencies, and insurance companies. There’s also the brick-and-mortar companies that are falling all over themselves to build exactly the same kinds of tracking and analytic capabilities that Facebook and Google have weaponized, or contract out for them when they can’t. All of these companies actively, eagerly take part in the kinds of privacy violations that the Silicon Valley companies have grown notorious for, and a focus on the Silicon Valley companies alone minimizes the threat, and distorts the real problem.There are some ways in which Facebook, Google, and Amazon present uniquely severe concerns by virtue of their size and ubiquity: it’s not as though their widespread notoriety wasn’t repeatedly earned. Moreover, examples cited here of transgressions by non-Silicon-Valley companies only exist because tech journalists or policymakers decided to focus on that not-Facebook and not-Google issue.Nor does expanding the focus of tech critics to lesser-known privacy violators mean that regulators should exclusively focus on small companies at the expense of big ones, as the FTC has correctly been criticized for. Neither policymakers nor journalists should ignore the 400 pound gorillas in the room or the havoc they wreak. But there are other actors in the data collection ecosystem that deserve to be just as notorious as the Silicon Valley giants, and whose conduct deserves just as much attention.For all the investigation and criticism that Amazon’s Rekognition deserves, policymakers and journalists shouldn’t ignore lesser-known facial recognition technology vendors like NEC or Idemia. As Clearview AI has demonstrated in dramatic fashion, a hitherto-unknown company can turn out to be engaged in practices as bleakly dystopian as you can imagine, as soon as it receives the kind of scrutiny that the biggest tech companies have been experiencing for years.Don't let Mark or Sundar shrink into the shadows—just make Hans (Vestberg, Verizon), Brian (Cassin, Experian), and Scott (Howe, LiveRamp) household names alongside them. Conversations about privacy policy, investigations into violators, and blame for the exploitative wretchedness of the current ecosystem shouldn’t solely focus on Mountain View and Menlo Park at the expense of ignoring Dallas, Atlanta, and Bentonville.At the end of the day, "big tech" means nothing if it excuses the identical privacy transgressions of big telecom, big ad tech, big data broker, and big, well, everything else.
Mark Zuckerberg's Ridiculously Wrong, Misleading, And Self-Serving Statements Regarding Twitter Fact-Checking The President
As we continue to deal with the fallout of our thin-skinned President throwing a hissy fit over Twitter daring to provide more context to conspiracy theory nonsense that Trump himself tweeted, Facebook founder and CEO, Mark Zuckerberg, has apparently decided that it's more important to stomp on Twitter while it's down, rather than protect the wider internet. In a shameful display of opportunistic nonsense, Zuckerberg went on Fox News and pretended that Facebook was somehow not interested in moderating content the way Twitter did:
Daily Deal: The Accredited Agile Project Management Bundle by SPOCE
The Accredited Agile Project Management Bundle by SPOCE is designed to equip users with the know-how they need to master Agile project management, PRINCE2 Project Management, and PRINCE2 Agile Project Management. You'll learn the skills needed for managing and delivering successful projects. You'll also gain an understanding of risk management, planning, handling change, and more. It's on sale for $99.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.
The Two Things To Understand About Trump's Executive Order On Social Media: (1) It's A Distraction (2) It's Legally Meaningless
We've officially reached pure silly season when it comes to internet regulations. For the past two years now, every so often, reports have come out that the White House was exploring issuing an executive order trying to attack Section 230 and punish companies for the administration's belief in the myth that content moderation practices at large social media firms are "biased" against conservatives.However, it apparently took Twitter literally doing nothing more than linking to people arguing that Trump's tweets were misleading, to cause our President to throw a total shit fit and finally break out the executive order. This one is somewhat different than drafts that have been floated in the past, though it has the same origins (and, according to a few people I spoke to, this new executive order was "hastily drafted" to appease an angry President who can't stand the idea that someone might correct his nonsense). You can read the draft that get sent around to everyone last night. The final version is expected to be at least somewhat close to this.To be clear: the executive order is nonsense. You can't overrule the law by executive order, nor can you ignore the Constitution. This executive order attempts to do both. It's also blatantly anti-free speech, anti-private property, pro-big government -- which is only mildly amusing, given that Trump and his sycophantic followers like to insist they're the opposite of all of those things. But also, because the executive order only has limited power, there's a lot of huffing and puffing in there for very little actual things that the administration can do. It's very much written in a way to make Trump's fans think he's done something to attack social media companies, but the deeper you dig, the more nothingness you find.Let's dig into this clusterfuck of nonsense. It starts out with what might sounds like a sensible argument, if you don't understand the ins-and-outs of Section 230, by saying that because Section 230's "good samaritan" clause requires good faith, that "pretextual actions restricting online content or actions inconsistent with an online platform's terms of service" are somehow not covered by 230:
Ron Wyden: It's Time Congress Helped Americans Protect Their Privacy
Americans today are faced with a dilemma – there is a vast universe of products to let us control everything in our lives with a voice command or touch of a button. We can unlock our doors, turn on the heat, track our exercise routines and our baby monitors and perform a million other tasks in ways that make life easier or more efficient.But these conveniences carry with them the danger that the data generated will be used against us.Far too often, information that a government or company can collect and retain, is being collected and retained, and then shared or sold with other companies, marketers or agencies in ways that Americans never consider when they decide to buy a new thermostat. When the government or private corporations can tap into the stacks of information, these smart devices that make our lives easier also amount to spies working against our interests.There is no good reason that Americans should have to compromise on privacy to benefit from the digital age. Consumers want smart devices, but we also want companies and the government to mind their own business when it comes to our personal information.Over the past decade, I’ve made protecting Americans’ privacy against unnecessary government surveillance one of my top priorities. And following the Cambridge Analytica scandal, I’ve spent a lot of time thinking about how to create a commonsense plan to secure our privacy from corporations that haven’t been good stewards of private information.That’s why I wrote a draft privacy bill, and, after a year of soliciting feedback from experts, introduced the Mind Your Own Business Act last fall.It’s based on three core principles: First, corporations should be required to provide full transparency, in easy-to-understand language, about how they collect, use and share their customers’ data — and they should be held to those commitments. There should never be another scandal like we saw with wireless carriers, when phone companies shared real-time location data with bounty hunters, scammers and creepy exes without their customers’ knowledge.Second, users need far more control over how their data is shared. The Mind Your Own Business Act would put teeth back into the Do Not Track option that has become essentially useless today. Under my bill there would be a single website where consumers could click a button to say no company could share your information with a third party without your express permission.Under my bill consumers can choose whether to allow sharing data with third parties and targeted ads, and companies would have to offer tracking-free versions of their products that don’t cost more than the average revenue generated from a user’s data. And it makes sure low-income families can get free privacy protection, so privacy isn’t a luxury good.Third, there need to be real consequences for corporations that break the rules. My bill follows the European privacy law and California’s Consumer Privacy Act to add fines up to 4 percent of annual revenue and even the possibility of jail time for executives who lie to the Federal Trade Commission (FTC) about protecting users’ privacy.Those are some key points, but my plan does a lot more as well. Because privacy is also about making sure companies protect the data they have, my bill directs the FTC to set baseline privacy and cybersecurity standards and beefs up the number of people and resources the agency enforce those rules. It requires companies to assess their algorithms to detect whether they result in biased results and to fix problems they find.My bill will create a healthier internet economy in two separate ways: First, consumers can directly choose to pay for ironclad privacy, instead of data-scooping free services. But even users who don’t opt out will see major improvements in privacy from the baseline rules and new transparency requirements. Companies often have no choice but to terminate their shady deals with third party data dealers, once they become public. With my bill, companies will be forced to disclose exactly who sees your data, and they will face steep penalties for lying about it.Americans are sick of being faced with a feeling of vague unease after clicking through pages of fine print. Congress needs to step up, add guardrails for our privacy and stop the endless series of Sophie’s choices between technological advances and personal privacy. We must also reform the legal treatment of “business records” so that information created to make technology work better for you and your family is treated like private, personal effects, not subject to government prying without a warrant.It's time to level the playing field between consumers and the corporations who profit from our data, and force companies to finally take Americans’ privacy seriously.
Local Broadcasters Forget Journalism Ethics, Air Amazon PR Fluff Instead
While US journalism is certainly in crisis mode, it's particularly bad on the local level, where most local newspapers and broadcasters have been either killed off or consolidated into large corporations, often resulting in something that's less news, and more homogenized dreck (see: that Deadspin Sinclair video from a few years back). Data suggests this shift has a profoundly negative impact on the culture, resulting in fewer investigations of corruption, a more divided and less informed populace, and even swayed political outcomes as nuanced local coverage is replaced with more partisan, national news.The latest case in point: as Amazon has faced questions about warehouse worker safety during the pandemic, the company has been pushing local news outlets to carry a gushing piece of fluff PR loosely disguised as journalism. More than 11 local broadcasters agreed to do so, and the result is... well, see for yourself:
German Constitutional Court Says Unjustified Surveillance Of Foreign Citizens Is Illegal
The German government pretended to be bothered by the NSA's spying when the Snowden leaks began, claiming surveillance of overseas allies was somehow a bit too much. It had nothing to say about its own spying, which was roughly aligned with the NSA's "collect it all" attitude. This could be chalked up to "Five Eyes" envy, perhaps. The NSA works with four other countries to hoover up massive amounts of data directly from internet fire hoses located around the world, but Germany has never made the cut.While the German PM made a lot of noise about being surveilled, Germany's intelligence agencies continued to perform both domestic and foreign surveillance, resulting in legal challenges to the country's surveillance programs. The German Constitution restricts domestic surveillance but doesn't have nearly as much to say about subjecting foreigners to intrusive snooping. Foreigners are usually considered fair game -- non-recipients of protections given to citizens of whatever country does the spying.One legal challenge dead-ended when a German court decided a service provider couldn't sue on behalf of its spied-upon users. But others continued, and there's good news to report.
With Theaters Closed, The Trailer For Christopher Nolan's 'Tenet' Debuts In Fortnite Instead
With the explosion of the video game industry and the technology that has come along with it, it's starting to get really fun to see what creative minds can do inside of the gaming realm. It's turning games into something much more than they would have been 20 years ago. Back then, games were singular in purpose: play the video game. Today they can be so much more when done right. They can be a social ecosystem. They can be economies onto themselves.Or they can be a place to premier top tier movie trailers, in the case of Fortnite.
When The Problem Isn't Twitter But President Trump
President Trump is not happy with Twitter. But a lot of other people were already unhappy with Twitter. As his tweets have grown more abusive by the day, and the non-insane public has naturally grown more outraged by them, there has been an increase in calls for Twitter to delete his tweets, if not his account outright. But what's worse is the increase in calls that sound just like what Trump now demands: that Section 230 must be changed if Twitter is unwilling to take those steps. Both are bad ideas, however, for separate, although related, reasons.The basic problem is that there is no easy answer for what to do with Trump's tweets, also for many reasons. One fundamental reason is that content moderation is essentially an impossible task. As we've discussed many, many times before, it is extremely difficult for any platform to establish an editorial policy that will accurately catch 100% of the posts that everyone agrees are awful and no posts that are fine. And part of the reason for that difficulty is that there is no editorial policy that everyone will ever be able to agree on. It's unlikely that one could be drawn up that even most people would agree on, yet platforms regularly attempt to give it their best shot anyway. But even then, with some sort of policy in place, it is still extremely difficult, if not impossible, to quickly and accurately ascertain whether any particular social media post amidst the enormous deluge of social media posts being made every minute, truly runs afoul of it. As we have said umpteen times, content moderation at scale is hard. Plenty is likely to go wrong for even the most well-intentioned and well-resourced platform.Furthermore, Trump is no ordinary tweeter whose tweets may run afoul of Twitter's moderation policies. Trump happens to be the President of the United States, which is a fact that is going to strain any content moderation policy primarily set up to deal with the tweets by people who are not the President of the United States. It is possible, of course, to decide to treat him like any other tweeter, and many have called for Twitter to do exactly that. But it's not clear that doing so would be a good idea. For better or for worse, his tweets are the tweets of the American Head of State and inherently newsworthy. While one could argue that they should be suppressed because their impact is so prone to being so destructive, it would not be a costless decision. While having the President of the United States tweeting awful things does cause harm, not knowing that the President of the United States is trying to tweet awful things presents its own harm. This is the person we have occupying the highest political office in the land. It would not do the voting public much good if they could not know who he is and what he is trying to do.The arguments for suppressing his tweets largely are based on the idea that taking away his power to tweet would take away his power to do harm. But the problem is that his power comes from his office, not from Twitter. Taking Twitter away from him doesn't ultimately defang him. It just defangs the public's ability to know what is being done by him in their name.Twitter's recent decision to add contextualization to his tweets might present a middle ground, although it is unlikely to be a panacea. It puts Twitter in the position of having to make more explicit editorial decisions, which, as discussed above, is an exercise that is difficult to do in a way that will satisfy everyone. It also may not be sustainable: how many tweets will need this treatment? And how many public officials will similarly require it? Still, it certainly seems like a reasonable tack for Twitter to try – one that tries to mitigate the costs of Trump's unfettered tweeting without inflicting the costs that would result from their suppression.Which leads to why Section 230 is so important, and why it is a bad idea to call for changing it in response to Trump. Because Section 230 is what gives Twitter the freedom to try to figure out the best way to handle the situation. There are no easy answers, just best guesses, but were it not for Section 230 Twitter would not be able to give it the best shot it can to get it right. Instead it would be pressured to take certain actions, regardless of whether those actions were remotely in the public interest. Without Section 230 platforms like Twitter will only be able to make decisions in their own interest, and that won't help them try to meet the public call to do more.Changing Section 230 also won't solve anything, because the problem isn't with Twitter at all. The problem is that the President of the United States is of such poisoned character that he uses his time in office to spread corrosive garbage. The problem is that the President of the United States is using his power to menace citizens. The problem is that the President of the United States is using his role as the chief executive of the country to dissolve confidence in our laws and democratic norms.The problem is that the President of the United States is doing all these things, and would be doing all these things, regardless of whether he was on Twitter. But what would change if there were no Twitter is our ability to know that this is what he is doing. It is no idle slogan to say that democracy dies in the darkness; it is an essential truth. And it's why we need to hold fast to our laws that enable the transparency we need to be able to know when our leaders are up to no good if we are to have any hope of keeping them in check.Because that's the problem we're having right now. Not that Twitter isn't keeping Trump in check, but that nothing else is. That's the problem that we need to fix. And killing Twitter, or the laws that enable it to exist, will not help us get there. It will only make it much, much harder to bring about that needed change.
Doctor With Rare Disease Crowdsourced His Own Cure, And Is Now Using That Network To Work On COVID-19
A recent episode of NPR's Fresh Air ran an amazing interview with Dr. David Fajgenbaum, who was diagnosed years ago with the rare Castleman's Disease, about which very little information was known (and the general prognosis was grim). Fajgenbaum talks about how he ended up in hospitals believing that he was about to die five separate times (he even had his last rites read to him), but then set up his own organization to try to crowdsource a cure. He details the full story in his book that was published last fall, called Chasing My Cure.The good news is through that crowdsourcing effort, called the Castleman Disease Collaborative Network (CDCN), they at least found a treatment that (for now...) appears to work for Fajgenbaum himself:
Former NSO Employees Says The Company Impersonated Facebook To Deploy Malware
As Facebook's lawsuit against Israeli malware purveyor, NSO Group, continues, more facts are coming to light that undercut the spyware vendor's claims that it's just a simple software developer that can't be blamed for the malicious acts of its customers.NSO Group argued in court that the sovereign immunity that insulates the governments it sells to (including such abusive regimes as the United Arab Emirates and Saudi Arabia) similarly shields it from Facebook's desire to prevent it from using WhatsApp to deploy malware. Facebook has since pointed out NSO uses US servers that it owns or rents to deploy the malware it claims it has no involvement in deploying.More information has come to light, thanks to a whistleblower of sorts who spoke to Joseph Cox of Motherboard. The statements made by a former NSO employee further implicate the company in the dirty doings of its customers (who have targeted journalists, activists, and lawyers).
In Search Of A Grand Unified Theory Of Free Expression And Privacy
Everytime I ask anyone associated with Facebook’s new OversightBoardwhether the nominally independent, separately endowed tribunal isgoing address misuse of private information, I get the sameanswer—that’s not the Board’s job. This means thatthe Oversight Board, in addition to having such an on-the-nose propername, falls short in a more important way—its architectsimagined that content issues can be tackled substantively withoutaddressing privacy issues. Yet surely the recent scandals that haveplagued Facebook and some other tech companies in recent years haveshown us that private information issues and harmful-content problemshave become intimately connected.Wecan’t turn a blind eye to this connection anymore. We need thecompanies, and the governments of the world, and the communities ofusers, and the technologists, and the advocates, to unite behind aframework that emphasizes the deeper-than-ever connection betweenprivacy problems and free-speech problems.Whatwe need most now, as we grapple more fiercely with the public-policyquestions arising from digital tools and internet platforms, is aunifiedfield theory—or,more properly—a “GrandUnified Theory”(a.k.a. “GUT”)—of free expression and privacy.Butthe road to that theory is going to be hard. From the beginningthree decades ago when digital civil-liberties emerged as a distinctset of issues that needed public-policy attention, the relationshipbetween freedom of expression and personal privacy in the digitalworld has been a bit strained. Even the name of the first bigconference to bring all the policy people, technologists, governmentofficials, hackers, and computer cops reflected the tension. Thefirst Computers, Freedom and Privacy conference was held inBurlingame California, in 1991, made sure that attendees knew that“Privacy” was not just a kind of “Freedom”but its own thing that deserved its own special attention.Thetensions emerged early on. It seemed self-evident to most of us backthen that the relationship between freedom of expression (and freedomof assembly and freedom of inquiry) had to have some limits—includinglimits on what any of us could do with the private information aboutother people. But while it’s conceptually easy to define infairly clear terms what counts as “freedom of expression,”the consensus about what counts as a privacy interest is murkier.Because I started out as a free-speech guy, I liked thelaw-school-endorsed framework of “privacy torts,” whichcarved out some fairly narrow privacy exceptions to the broadguarantees of expressive freedom. That “privacy torts”setup meant that, at least when we talked about “invasion ofprivacy,” I could say what counted as such an invasion and whatdidn’t. Privacy in the American system was narrow and easy tograsp.Butthis wasn’t the universal view in the 1990s, and it’scertainly not the universal view in 2020. In the developed world,including the developed democracies of the European Union, thebalance between privacy and free expression has been struck in adifferent way. The presumptions in the EU favor greater protection ofpersonal information (and related interests like reputation) andsomewhat less protection of what freedom of expression. Sure, theinternational human-rights source texts like the UniversalDeclaration of Human Rights (in Article 19) may protect “freedomto hold opinions without interference and to seek, receive and impartinformation and ideas through any media regardless of frontiers.”But ranked above those informational rights (in both the UniversalDeclaration of Human Rights and the International Covenant on Civiland Political Rights) is the protection of private information,correspondence, “honor,” and reputation. This differencebalance is reflected in European rules like the General DataProtection Regulation.Theemerging international balance, driven by the GDPR, has created newtensions between freedom of expression and what we loosely call“privacy.” (I use quotation marks because the GDPRregulates not just the use of private information but also the use of“personal” information that may not be private—likeold newspaper reports of government actions to recoversocial-security debts. This was the issue in theleading “right to be forgotten” caseprior to the GDPR.) Standing by themselves, the emerginginternational consensus doesn’t provide clear rules forresolving those tensions.Don’tget me wrong: I think the idea of using international human rightsinstruments as guidance for content approaches on social-mediaplatforms has its virtues. The advantage is that in internationalforums and tribunals it gives the companies as strong a defense asone might wish in the international environment for allowing some(presumptively protected) speech to stay up in the face of criticismand removing some (arguably illegal) speech. The disadvantages areharder to grapple with. Countries will differ on what kind of speechis protected, but the internet does not quite honor borders the waysome governments would like. (Thailand'slèse-majesté isa good example.) In addition, some social-media platforms may want tocreate environments that are more civil, or child-friendly, orwhatever, which will entail more content-moderation choices andpolicies than human-rights frameworks would normally allow. Do wewant to say that Facebook or Google *can't* do this? That Twittershould simply be forbidden to taga presidential tweet as “unsubstantiated”?Some governments and other stakeholders would disapprove.Ifa human-rights framework doesn’t resolve thefree-speech/privacy tensions, what could? Ultimately, I believe thatthe best remedial frameworks will involve multistakeholderism, but Ithink they also need to begin with a shared (consensus) ethicalframework. I present the argument in condensed form here: "It’sTime to Reframe Our Relationship With Facebook.”(I also publisheda book last yearthat presents this argument in greater depth.)Cana code of ethics be a GUT of free speech and privacy? I don’tthink it can, but I do think it can be the seed of one. But it has tobe bigger than a single company’s initiative—which moreor less is the best we can reasonably hope Facebook’s OversightBoard (assuming it sets out ethical principles as a product of itswork on content cases) will ever be. I try not to be cynical aboutFacebook, which has plenty of people working on these issues whogenuinely mean well, and who are willing to forgo short-term profitsto put better rules in place. While it's true at some sufficientlyhigh level that the companies privilege profits over public interest,the fact is that once a company is market-dominant (as Facebook is),it may well trade off short-term profits as part of a grand bargainwith governments and regulators. Facebook is rich enough to absorbthe costs of compliance with whatever regimes the democraticgovernments come up with. (A more cynical read of Zuckerberg's publicwritings in the aftermath of the company’s various publicwritings, is that he wants the governments to get the rules inplace, and then FB will comply, as it can afford to do better thanmost other companies, and then FB's compliance will be a defenseagainst subsequent criticism.)Butthe main reason I think reform has to come in part at the industrylevel rather than at the company level, is that company-levelreforms, even if well-intended, tend to instantiate a public-policyversion of Wittgenstein's "privatelanguage" problem.Put simply, if the ethical rules are internal to a company, thecompany can always change them. If they're external to a company,then there's a shared ethical framework we can use to criticize acompany that transgresses the standards.Butwe can’t stop at the industry level either—we needgovernments and users and other stakeholders to be able to step inand say to the tech industries that, hey, your industry-widestandards are still insufficient. You know that industry standardsare more likely to be adequate and comprehensive when they’rebuttressed both by public approval and by law. That’s whathappened with medical ethics and legal ethics—the frameworkswere crafted by the professions but then recognized as codes thatdeserve to be integrated into our legal system. There’s aninternational consensus that doctors have duties to patients (“First,do no harm”) and that lawyers and other professions have“fiduciary duties” to their clients. I outline howfiduciary approaches might address Big Tech’s consumer-trustproblems in a series of Techdirt articles that begins here.The“fiduciary” code-of-ethics approach to free-speech andprivacy problems for Big Tech is the only way I see of harmonizingdigital privacy and free-speech interests in a way that will leavemost stakeholders satisfied (as most stakeholders are now satisfiedwith medical-ethics frameworks and with lawyers’ obligations toprotect and serve their clients). Because lawyers and doctors aregenerally obligated to tell their clients the truth (or, if for somereason they can’t, end the relationship and refer the clientsto other practitioners), and because they’re also obligated to“do no harm” (e.g., by allowing companies to use personalinformation in a manipulative way or to violate clients’privacy or autonomy), these professions already have a Grand UnifiedTheory that protects both speech and privacy in the context ofclients relationships with practitioners.BigTech has a better shot at resolving the contradictory demands on itsspeech and privacy practices if it aspires to do the same, and if itembraces an industry-wide code of ethics that is acceptable to users(who deserve client protections even if they’re not paying forthe services in question). Ultimately, if the ethics code is backedby legislators and written into the law, you have something muchcloser to a Grand Unified Theory that harmonizes privacy, autonomy,and freedom of expression.I’ma big booster of this GUT, and I’ve been making versions ofthis argument before now. (Please don’t call it “Godwin-UnifiedTheory”—having one “law”named after me is enough.) But here in 2020 we need to do more thanargue about this approach—we need to convene and begin tohammer out a consensus about a systematic, harmonized approach thatprotects human needs for freedom of expression, for privacy, and forautonomy that’s reasonably free of psychological-warfaretacticsof informational manipulation. The issue is not just false content,and it’s not just personal information—opensocietieshave to incorporate a fairly high degree of tolerance forunintentionally false expression and for non-malicious ornon-manipulative disclosure or use of personal information. But anopen society also needs to promote supporting an ecosystem—apublic sphere of discourse—in which neither the manipulativecrafting of deceptive and destructive content nor the manipulativetargeting of it based on our personal data is the norm. That’san ecosystem that will require commitment from all stakeholders tobuild—a GUT based not on gut instincts but on critical rationalism, colloquy, and consensus.
Hell Hath No Fury Like A Federal Law Enforcement Agency That Keeps Finding Some Way To Break Into IPhones
Nothing has made the FBI more irritated than its ability to break into phones it swears (often in court!) it cannot possibly get into without the device maker's assistance. The agency doesn't want third-party vendors to offer solutions and it doesn't seem to want its own technical staff to find ways to get stuff from encrypted devices. It wants the government to tell companies like Apple to do what they're told. It will accept any solution that involves a mandate, whether it's from a federal court or our nation's legislators. It will accept nothing else.The FBI and DOJ's foul mood over its phone-cracking success and its courtroom failures came to a head recently. A joint press conference announcing not-so-breaking news about the contents of the Pensacola air base shooter's phones contained a whole lot of off-target griping about a company whose only crime was selling consumer products. Here's Rianna Pfefferkorn for TechCruch:
Our First Greenhouse Topic: Privacy
For decades the internet has flourished on the back of innovation, creativity, adaptation, and hard work. But while this technological revolution spurred no limit of incredible inventions, services, and profit, a drumbeat of scandals have highlighted how privacy and security were often a distant afterthought — if they were thought about at all.Years later and the real cost of this apathy has become clear. We now face a daily parade of deeply entrenched privacy headaches impacting a web of interconnected industries and institutions — for which there are no quick fixes or easy answers.Enter the Tech Policy Greenhouse: a new policy forum we’re hopeful will bring more nuance, collaboration, and understanding to a privacy conversation frequently dominated by simplistic partisan bickering, bad faith arguments, and the kind of ideological ruts that can result in bad solutions, no solutions, or missing the forest for the trees entirely.When it comes to privacy and security, the penalty for our collective failure couldn’t be more obvious.The global internet of things sector routinely fails to adhere to even the most basic security and privacy standards, resulting in hackable internet-connected Barbies, refrigerators, and tea kettles. Experts note these devices collectively create a form of "invisible pollution" that is easily ignored, but that routinely puts consumers, businesses, and the health of the internet at risk.Corporations and governments alike repeatedly leave sensitive data unencrypted and openly exposed in the cloud, often failing to implement basic security measures despite ample warning. Avoidable hacks, breaches, and leaks are now a weekly affair, as are "historic" but performative government penalties that neither compensate victims nor seriously deter further malpractice.The monetization of every last shred of location, behavior, and data has become a multi-billion dollar industry where safeguards or meaningful oversight are often lacking. As a result, sensitive behavioral data is routinely abused by everyone from law enforcement,to those pretending to be law enforcement, with the first casualties often the most vulnerable among us.All of these problems require intelligent, multi-stakeholder collaboration built on the understanding that every solution has immense ramifications, there is no shortage of bad actors eager to derail effective consensus, and each and every action routinely results in unforeseen consequences.The country’s privacy issues are also inextricably linked to other problems that the United States has failed to address, from the rampant monopolization and consolidation caused by mindless merger mania, to the slow but steady erosion of meaningful antitrust oversight. The rise of one of the biggest global health threats in a century has only complicated the debate further, shining an even brighter spotlight on existing problems, while creating entirely new challenges in balancing public health and public privacy in the mass surveillance era.As we stumble collectively in the right direction, the Tech Policy Greenhouse hopes to reboot a conversation in dire need of a constructive fresh start. Over the next few weeks, you'll be hearing from a diverse chorus of activists, scholars, executives, and experts who will be tackling what they deem the most essential issues of the day. Kicking things off tomorrow will be Oregon Senator Ron Wyden, historically and repeatedly one of the leading DC voices for meaningful privacy reform.Intelligent privacy policies and solutions won’t be easy to come by, and perfect proposals are likely impossible. But we’re eager to create a platform that can help drive policy makers toward better decision making, and we’re hopeful you’ll be part of the conversation.
Trump, Twitter, And Free Speech
Content moderation at scale is impossible to do well. But, also content moderation of a world leader spewing blatant conspiracy theories may be just as difficult, and that's not even at scale.We're only partway through this week, and Donald Trump has already created a textbook's worth of content moderation questions to explore. It started with Trump going nuts with a bunch of tweets about a blatantly disproved conspiracy theory regarding a young staffer of TV host Joe Scarborough from back when he was in Congress. That staffer, Lori Klausutis, died from an undiagnosed heart condition years ago. The police and coroner found no evidence of foul play. And suddenly Trump, who used to appear on Scarborough's show back in the day, decided to spew a bunch of utter nonsense hinting strongly at the blatantly false idea that Scarborough had something to do with Klausutis' death.This is straight out of the Trump playbook. It is blatant false news (the accusation he likes to make about anyone who reports accurately on his activities). It is insane conspiracy mongering. It is hurtful. It is hateful. It is potentially dangerous. And it serves Trump in two distinct ways: as a distraction from his ongoing cataclysmic handling of the COVID-19 pandemic, and as part of his never-ending intimidation campaign against anyone in the media who dares to point out that the emperor has no clothes. As the Atlantic noted, this is malignant cruelty. It is disgusting.Many people have been arguing that Twitter should shut down Trump's account or, at the very least, delete the tweets in question. Indeed, Klausutis' husband sent a deeply moving letter to Jack Dorsey begging him to remove the President's tweets:
Daily Deal: ChronoWatch Multi-Function Smart Watch
ChronoWatch has all the features you need. It has 16 main functions including activity tracking, sleep monitor, message and call notification, alarm, and more. It's waterproof so you can go all out with your workout routines. It comes with a 1.4" colorful display and full capacitive touch supporting taps and swipes. Simply download the Da Fit app on your phone and pair it via Bluetooth. With 3 hours of charge, this watch lasts up to 7 days of use. It's on sale for $37.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.
Introducing The Tech Policy Greenhouse: Let's Have Thoughtful Conversations About The Biggest Tech Policy Challenges
Today we're introducing something very new: the Tech Policy Greenhouse. This is a project that I've been working on for about two years now, and I'm both thrilled and relieved to finally be getting it out the door. It starts from this basic premise: many of the biggest issues facing technology and innovation today are significant challenges that have no easy answer. Every possible approach or solution (including doing nothing at all) has tradeoffs. And yet very few people seem willing to admit that, as admitting to tradeoffs in policy proposals is seen as a sign of weakness or giving in. But the issues facing innovation policy today are too big and too important to not have a truly open discussion.And having a truly open discussion about difficult policy questions means a lot more than the way the media has traditionally held these conversations: pitting two sides against one another and letting them argue it out. That rarely brings enlightenment, and mostly seems to just involve everyone digging in to their previously held beliefs. Having an open discussion about big challenges with no easy answers means being willing to dive deep into details, exploring ideas that might make you uncomfortable, and testing hypotheses that sometimes seem absurd on first glance -- but then being open to the feedback, ideas, improvements, and critiques raised about the ideas.The Tech Policy Greenhouse is an attempt to have those discussions. Think of it as something of an online symposium, where we will be bringing in a variety of experts to give their thoughts on these issues, but hopefully with the humility to recognize that what is being discussed is difficult, and understanding all of the variables at play is an impossibility. Part of this means that we'll be publishing stories that challenge us -- including some arguments that I personally disagree with -- but which we believe are being presented in good faith and for the purpose of open discussion and debate, in the hopes that whatever future policy proposals and decisions are made, they are better informed by understanding a variety of points of view, a variety of proposals, and a variety of ideas about what might work.This does not mean that the Tech Policy Greenhouse will or should be a clearing house for nonsense or half-baked ideas. There are certainly plenty of those. Instead, the goal is to get the best minds out there, willing to discuss difficult-to-impossible problems in a way that allows for greater understanding and greater humility about the eventual policy choices that are made.To help with this project, we are pleased that we have help from two excellent editors, whose names should be well recognized around here: Karl Bode and Mike Godwin. Karl, of course, has long been a writer for Techdirt, as well as a number of other tech, telco, and policy publications -- and has agreed to take on a more involved editorial role for Greenhouse. Godwin, of course, is so internet-famous that he has an entire "law" named after him. He was also the first lawyer EFF hired, as well as the General Counsel for the Wikimedia Foundation. His insights into all things related to tech policy are unmatched and always thought-provoking.For readers of Techdirt, you will see the new Greenhouse posts directly in the main feed, though they will be visually distinct (you may notice they look a bit... greener). We will continue to post regular Techdirt posts and content in the regular format, but the green posts will be from various experts and will be based around a theme that we are exploring at the time. Our plan is to roll out a few themes each year (the exact pace we'll figure out along the way). There is also now a Greenhouse tab at the top, if you want to see only the Greenhouse posts.There is one other change regarding the Greenhouse posts. While they will have our regular comment area, there will also be a separate "Featured Discussion" area, in which those who are participating in the Techdirt Greenhouse project will be encouraged to comment and discuss the other posts in the series. This is very much an experiment that might not work, but we're excited to test it out. If the panelist discussion is happening, you will see it between the post and the regular comment section.Our inaugural topic is digital privacy, because we decided to jump right into the deep end of extremely important, but controversial, problems with no easy solutions. Karl will introduce the overall topic in another introductory post, followed by Godwin's introduction regarding his thoughts on why the privacy debate needs to be reframed. And then, starting tomorrow and over the next few weeks, you'll see a variety of Greenhouse posts from experts interspersed among the regular Techdirt content. We are also open to more such posts, so if you have expertise and would like to contribute, please feel free to contact us.Also, I should address the elephant in the greenhouse: this project is currently sponsored by Google, Twitter, and Protocol Labs. For some, this will discredit the entire project. We set out to try to launch this project with only grants from foundations and without corporate sponsorship, but so far have not been able to find foundations willing to support it (if you know of any who might be interested, or if you happen to work for one, please also reach out and let us know). Given that unfortunate lack of interest from foundations so far, we were happy that these three companies were willing to step up and sponsor the launch of this effort which, again, is a few years in the making. From the beginning, we were upfront that the whole point of this project is to discuss challenging tech policy questions, and that if any company sponsored this project, they would probably disagree heavily with some of the content, but that we felt that enabling those open and thoughtful discussions was good for the future of innovation itself -- and all three sponsors seemed to recognize the value of the conversations, even when some of the content might go against the company's own interests (indeed, the interests of the three sponsors are not aligned with one another in many cases, and sometimes diametrically opposed).Still, if this concerns you, I only ask that you judge the content on its own merits. The whole point of this project is to take us all out of our comfort zone. I hope that people everywhere, no matter how they feel about various tech policy questions, can at least recognize that thoughtful conversation and debate are important to coming up with better policy overall. I look forward to this inaugural discussion on privacy -- and I hope everyone here will welcome it.
AT&T Won't Stop Lying About 'Fake 5G'
Big wireless carriers haven't been exactly honest when it comes to the looming fifth-generation wireless standard (5G). Eager to use the improvements to charge higher rates and sell new gear, carriers and network vendors are dramatically over-hyping where the service is actually available, and what it can actually do. Some, like AT&T, have gone so far as to actively mislead customers by pretending that its existing 4G networks are actually 5G. AT&T took this to the next level last year by issuing phone updates that changed the 4G icon to "5GE" on customer phones, despite the fact that actual 5G isn't really available.Sprint sued AT&T last year for being misleading, but the suit was settled (likely so Sprint could focus on its merger with T-Mobile) without much coming of it. AT&T's competitors also complained via the Better Business Bureau's National Advertising Division (NAD), which is a "self-regulatory" system designed to help companies settle disputes without the involvement of regulators. After a year of bickering and appeals, NARB (the enforcement arm of NAD) finally ruled last week that the practice was misleading and the ads should be discontinued:
...238239240241242243244245246247...