A Consuming Experience

Some (very selective) notes and quotes from an excellent session on "Private Lives - a thing of the past?"¹ at the Royal Society for the encouragement of Arts, Manufactures and Commerce (RSA) on 19 June 2008, which was sponsored by Reuters Institute and Media Standards Trust, and was on information privacy and data privacy.

The format was very effective, with disciplined timekeeping by the chair (which is very important, I feel). The "witnesses" gave their views, on which a panel of "judges" questioned and commented, then there were comments and questions from the floor followed by the "judges" summarising in one minute each what their thoughts on the subject were after hearing the witnesses.

The only possible improvements would have been for the chairman to read the biographies more slowly so that the audience could hear them properly - talk about rapidfire machinegun rattle - and someone should please give the chairman an actual chair at the side and make him sit down while witnesses/judges are speaking, as he often stood in front of the panel with his back to the audience blocking their view of the speakers, so unfortunately he was more "gerroutawayman" than chairman!

Note that many of the following quotes won't be precisely verbatim or in the exact order said - this is just my attempt to convey their gist, so by all means blame my hasty note-taking if I've paraphrased inaccurately - but at least you'll be able to hear the speakers direct in the MP3 recording of the session, available in about a week or so from the RSA events pages.

The "judges"

• Stephen Whittle, visiting fellow at the Reuters Institute of Journalism at Oxford University and a former BBC Controller.
  
  
• Claire Fox, director of Institute of Ideas and BBC Radio 4's Moral Maze panelist
  
  
• Iain Dale, political commentator and Conservative Party activist (see Iain Dale's own write-up of the event.)
  
  
• Chair: Matthew Taylor, CEO of the RSA.

The "witnesses"

Dominic Campbell of consultancy FutureGov, who lives his life online via Twitter etc - "*My* declarative lifestyle"

Is this the end of multiple identities: public, private, personal, political/professional? He pointed out everyone goes to work and just acts - he doesn't want to do that. He's gained work through living this way, breaking down the barriers between work and private life.

He acknowledged it was a form of micro celebrity but it's very unlikely he'll ever be a politician as a result of what he's put online!

He played to the audience the well known Facebloke spoof video about Facebook, which I've embedded below - if you've not already seen it do, it's a good laugh and makes some telling points:

Quotes/points

"You seem to be replicating village life - and the village idiot." (Claire Fox)

Isn't putting things into the public realm where they're of no interest even to him, somehow insulting to himself? (didn't note who said that)

Tom Ilube, CEO of online identity company Garlik:

We're in a phased transition, ice to water. People don't always understand the digital trails they're leaving. Information the government publishes about people and that people publish about themselves can be searched and joined up to provide insights into their personal information that they don't expect.

He thinks there's a kind of Moore's Law for information - the amount of personal information about us doubles about every 12 months; in 5 years there'll be 10 times the info out there, joined up in ways we don't know about today.

He showed how quick and easy it is to find out about someone and their life just by typing their name into a search engine etc, using Claire Fox as an example - Google, Google Images, ZoomInfo (see my review of an early version of ZoomInfo) and other very well funded people search engines, a Times article, 192.com for her address, a genealogy site for her mother's maiden name, even a photo of her house... he can make up a utility bill with someone's name on it in 5 minutes!

He's been the victim of identity theft because of the info out there about him (luckily being in the industry he knew how to deal with it) but on the other hand through the Net he's also found a sister thousands of miles away he'd not seen for 30 years.

The ease of finding information about others can be empowering for people too, e.g. in a recent survey of about 2000 respondents:

• 16% will search for their neighbours on Google before moving house or flat (notice I carefully don't use "Google" as a verb!)
  
• 20% of parents, on their child's teacher
• 30% of respondents, on doctors, lawyers etc they're thinking of going to

He believes in 10 years it'll be impossible to be totally private in the digital economy. There's info even about his eldest sister, who's never gone online, put out there by others.

He thinks there should be a difference between the private and the public in some ways, but in terms of the technology there isn't. You can't even enforce it through laws - the information could be obtained through a service in another country e.g. Zoominfo is a US corporation.

He'd like stronger data protection laws to help us find out what info organisations hold about us and what decisions they are making based on it. He sends out subject access requests (under the UK Data Protection Act) from time to time, and e.g. the Institute of Directors had not only the date he joined and left and his credit card details, but also a log of every single time he'd been in and out of the building over 10 years ago.

Many organisations may have no idea why they're holding certain information until someone suggests that they sell it - and then they will!

His point is, things are profoundly different now - not necessarily bad or scary, but different - and people need to engage with their own digital identity.

Dr Tanya Byron - child psychologist and author of the UK government commissioned Byron Review on children's use of the internet and videogames:

Technology is great, her daughter can visit the US Library of Congress from her bedroom, but there's a digital generation divide (or perhaps generational digital divide). Kids are web 2.0 content creators, but their parents, most people over 35, are web 1.0: email, surfing.

Kids socialise via technology. Our culture is now so risk averse we don't let kids out into the streets - the radius for children has reduced by 80% since 1977. They can't go outside so they go online.

They're tech savvy but haven't got the skills of critical evaluation to keep themselves safe, e.g. posting photos on social networking pages not understanding the consequences, that once it's out there it's out there forever. 1 in 10 children meet someone they first encountered online.

The safety of children is paramount and privacy should be constructed on that basis.

Policing is pointless: Australia tried to set up blocking at ISP level, and within 24 hours a 14 year old boy had got round it by guessing his mother's password! It's not about prying, or even warning kids about predators online (in fact cyberbullying is their biggest fear); it's about supervision and thought.

Parenting is an online not just offline task. Parents need to talk to their children, make sure that they think, that they know who they're talking to: prepare their children to understand the risks, give them the tools and critical evaluation skills to check the reliability of sources and that people are who they say they are.

Jean Seaton, Professor of Media History at the University of Westminster and the BBC's Official Historian

Mores and sensibilities change. She favours opacity because some things can't be said, particularly in front of children. There are things you'd say to your spouse you wouldn't say to anyone else, because you're testing them out, just like governments may test some things in the JS Mill's way that they would not wish to get out.

Robespierre wanted transparency of souls, and he was not exactly a nice man!

She thinks we need more negotiated wrenching back of things that are or should be secret.

We can't reverse what's been happening but it's important to work out and define what it is we still don't know, what we know more or less of. In Britain today we know less of what's happening in India than we did in the 19th century.

Parents have to let their children go. Suffering one minor beating up is a learning experience!

Other people and other cultures should be treated properly, with concerned engaged respect.

Camilla Wright, co-founder of popular celeb and music site Popbitch

Once, only carefully controlled information was let out by celebrities. Popbitch was started to show the pop world in a more human light, with trivia about their pets, "celebrity urinal" etc.

Celebrity gossip is one way of putting info out there that people can share as social currency - talk about it on the bus the next day etc.

Now there's a tsunami of information deliberately released by celebrities, it's even considered legitimate to make and market your own sex tape in order to become famous - public and private life have become confused. What's private on Monday can be public on Tuesday etc.

Yet anyone who has enough money can invoke the Human Rights Act e.g. a husband was even stopped from telling anyone about his wife's affair.

Even serious public figures want to reveal all now too - Cherie Blair, John Prescott. It's a confessional world now, perhaps it's the influence of US talk shows etc, perhaps they think it makes them seem more authentic. But it seems people only want to reveal information when they're getting paid for it!

Popbitch will consider it public domain when people choose to make their own lives public, but they steer clear of children, "unfunny" things like cancer or mental illness.

Other points

"Governments often want more information about people than a good man should want or a bad man should have." (A paraphrase of this quote about power, I believe.)

Iain Dale's 10 points from the session (I didn't get them all!):

6. If he didn't consider ID cards bad before he would now!
5. He's moving to the remote mountains of West Virginia..
1. There's no such thing as privacy.

Claire Fox:

Intellectually we've lost sight of how to defend privacy as a society. The focus seems to be on the risks, e.g. paedophiles, or calling for more regulation, which holds back journalism.

We should be able to test out ideas without everything being minutely scrutinised.

Part of being free is being able to experiment away from prying eyes, of the state or other people. If we give up privacy we give up freedom and the right to be treated as adults.

Stephen Whittle:

It's important to have the ability to develop some of your life in private. A society that does not value and protect privacy runs the risk of being one without intimacy, honesty, trust.

That's our challenge. Our own dignity requires some degree of self-restraint, our own liberty requires some degree of civic engagement. We'll lose a lot if we don't care about privacy and engagement.

Note

1. I've linked to the Google cache of the events page only - I'll update this post to link properly to the events page ASAP, but they've inexplicably deleted it from their Forthcoming events page without adding it to their Past Events, it's currently an inaccessible password-protected page.

Labels: culture, digital rights, internet, privacy, society

Recording of talk by Prof Lawrence Lessig at the Institution of Engineering & Technology, London for the Society for Computers & Law (free download under a Creative Commons licence, of course!) - just click the arrow to play it online:
Prof. Lessig on Corruption 2.0 (see the main page with links to the intro speech etc):

"In this lecture, Professor Lessig builds upon the work of Oxford Professor Jonathan Zittrain to identify a critical dynamic in policy making affecting the Internet, and how technologists have become central to that dynamic. The threats to privacy, security, and the proper protection for copyright are not technical, but political. The remedies to those threats will not just be political, but in an important sense, also technological. Professor Lessig describes this dynamic, and describes the emerging movement in the United States to address it."

"The essence of what he concludes is that the Internet is under threat from those with special interests to protect or those, especially in government, who seek increased control... One of the elements that underpins the argument is the considerable evidence that supports the view that government decision makers are either stupid or corrupt. Not blatantly corrupt in a Third World bribe way but ready to do what one US politician was advised to do - ‘lean to the green’, ie towards the source of campaign funds. Subtle corruption arises too from the acknowledged effectiveness of lobbying – Mickey Mouse has better funded lobbyists than open source and it shows. With the odd exception, one tends to concede that politicians are not stupid so how does one explain the worldwide trend towards retrospective extension of copyright terms when there can be no conceivable advantage to the wider public interest – it won’t, as Professor Lessig observed, persuade George Gershwin to write more music nor will it turn Cliff into Elvis. Or how to explain the US’s Federal Nutrition Board embrace of 25% sugar as being consistent with a balanced diet?.." (from Eastham writeup)

See also Laurence Eastham's report of the lecture. I'm still listening through it myself, but it sounds excellent.

You can buy or download Prof. Zittrain's book "The Future of the Internet - And How to Stop It" book which sets out the ideas referred to in the quote above and in the talk.

Labels: digital rights, internet, speech, vision

Social networking website Facebook has been described by many as a "Hotel California", after the famous Eagles' song of the same name ("You can check out anytime you like, but you can never leave...") - because, once you joined Facebook, you weren't able to delete your account - you could only "deactivate" your profile (via the "account" link top right, Settings tab, if you want to know). They could hang on to your personal information forever even after you tried to leave them and weren't using their services anymore, it seemed. You couldn't just automatically wipe out, permanently, all the information they held about you. So you'd be unclear about the extent to which they could still continue to make use of your data indefinitely, or for what purposes.

As The Independent recently put it, "They only agree to cancel your account if you manually delete, one by one, every event, message, Mini-Feed entry and so on that's on your profile – and, as regular users will know, that might take several hours."

Not surprisingly, this drew a lot of flak, and last year Channel 4 even quizzed Facebook about their data protection policies and use of retained data, after one of their viewers complained to the UK Information Commissioner's Office about his inability to remove his Facebook account.

As a BBC blog reported, the ICO were to meet with Facebook to discuss the issues in January. And (The Register seems to have beaten me to the punch on this) I'm pleased to report that Facebook have now agreed to change their policies. A spokesperson for the ICO told A Consuming Experience:

"Many people are posting content on social networking sites without thinking about the electronic footprint they leave behind. It is important that individuals consider this when putting information online. However, it is equally important that websites also take some responsibility. In particular they should ensure that personal information is not retained for longer than necessary especially when the information relates to a person who no longer uses the site.

"Following a complaint about Facebook's retention policy, the ICO contacted Facebook. We discussed a number of changes to their policy which they are currently implementing. Facebook is in the process of notifying with the ICO and continues to work with us to ensure compliance with the Data Protection Act. If we receive any further complaints about Facebook or any other social networking site we will consider the appropriate next steps. Organisations can ensure personal information is effectively protected by complying with the principles of the Data Protection Act."

On asking for clarification as to what sorts of changes Facebook are implementing, I was told by an ICO representative that, to accompany the infamous "Deactivate", Facebook has agreed to add the ability for users to completely delete their Facebook account for good, and all their information on Facebook. So - you'll have the choice of either deactivating, or deleting. Result! Let's see how long it will take for this feature to be available (it wasn't when I looked today, see the pic above). And I wonder if Facebook will let non-UK users delete their accounts too, or if they're only doing it in the UK because of the complaint?

If you have concerns about not being allowed to delete your account or erase other personal details from particular websites or web services, or you have any other personal data privacy issues, you can always complain to the ICO - they clearly do listen and take action where appropriate, e.g. they successfully wrought the same change in relation to deleting accounts from eBay, last year.

The eBay complaint, filed by Privacy International in 2006, was widely reported, but its resolution doesn't seem to have been: eBay were very co-operative, within days of the complaint eBay got in touch with Privacy International, and within weeks they showed them how they were going to change their services and practices to permit customer closure and account deletion (within the limits of the law of course). Facebook also changed their position due to Privacy International raising concerns with them.

The ICO are now officially my favourite regulator!

Labels: digital rights, Facebook, privacy

Here's a video of the lively discussion on data portability at the London Geek Dinner of 27 February 2008, the main speakers being DataPortability WorkGroup members Ian Forrester of BBC Backstage and Paul Jones of Faraday Media, the company behind Particls - with lots of views on privacy, data protection, etc as well as technology. The event was organised by Cristiano Betta, thanks Cristiano! (UPDATE: embedded Flash version instead, much better, thanks again Cristiano)

Anyone who wants to can join the public DataPortability Action Groups - just sign up for those Google Groups and add yourself to the list.

Personally I think it's necessary to work on both policy and technology issues at the same time, as they have to inform each other. It's early days yet but lots of people seem to be coming on board, so let's hope the momentum is kept up and that there will be positive, concrete results soon from all this.

For those interested there's a previous video of Ian talking about data portability at BarCampLondon3 in November 2007 (more videos from BarCampLondon3) and this popular short video on dataportability.

For your diaries: the next London Geek Dinner will be on Thursday 13 March 2008, and will feature a speaker from the Participatory Culture Foundation, who will talk about internet TV/video application Miro.

Labels: digital rights, social geek, video

The video below from BarCampLondon3 back in November 2007 is, at its broadest, about technology and your rights, with e.g. a fascinating story (on e-voting) which brings home just how scarily little government and others in power appear to understand technology or the internet, and yet they're making laws affecting our digital rights, they're trying to use technology in ways it shouldn't be used - despite the serious implications for security, privacy and democracy.

The session was led by Glyn Wintle of the (mainly UK) organisation Openrightsgroup.org (given my views e.g. my Copyfighter posts, it won't surprise you to know that I'm an ORG member, and indeed I joined when it was first formed).

More on the electronic voting example, where the ORG were e-voting election observers last year. It seemed the SNP had won no seats. On challenging the result, fortunately just before it was officially declared, it was found that votes for the SNP hadn't been counted - probably because the results had been entered onto an Excel spreadsheet, and the person responsible hadn't scrolled across horizontally enough to see all the parties' votes! See page 51-52 of the ORG's May 2007 Election Report (executive summary), which I'm surprised hasn't received more publicity.

Incidentally, on e-voting, it's interesting that as Bob Wyman reported German hacker group, the Chaos Computer Club, in January 2008 went to the courts to try to stop the use of electronic voting machines. They'd previously submitted an expert opinion to the German courts reporting serious defects in the voting computers. Why governments insist on ignoring technology experts, I don't know. Maybe because they don't really understand technology themselves, but won't believe that they don't. Which is where this post began...

Click To Play

Labels: BarCamp, digital rights, technology, video

For the Christmas season Out-Law, one of my favourite sites for digital rights news, have come out with a number of excellent funnies, written totally straight-faced as "news" articles, about some of the legal risks that face poor Santa Claus in this age of increasing red tape and regulations:

Santa putting children's information at risk, warn experts - "Santa Claus could be breaking privacy laws in his collection and use of data about British children... Yuletide cheer-bringer Claus could be putting the personal data of millions of children at risk... Children across Britain who write letters to Claus with a list of gift requests are not told for how long that data is kept, or if it will be used for other purposes such as marketing by third parties... What about the naughty/nice database?.. Are children given notice that behavioural data is being collected about them throughout the year? And does it qualify as covert monitoring, which would breach Article 8 of the European Convention on Human Rights?..."

Santa ignores children's refund rights, warn experts - "Santa Claus's failure to alert children to their rights to full refunds within seven working days under the Distance Selling Regulations is in breach of those rules... All they have to do is cancel their contract, and I imagine a follow-up letter up the chimney should do it. He must also tell children that they have this right, which he plainly doesn't... Claus is likely to be in breach of one company's trade mark with his gift distribution enterprise. 'Santa Claus of Greenland' has a trade mark over that term in relation to games, playthings, sports goods, decorations for Christmas trees and the regulation and control of electricity, amongst other things..."

Reckless Santa could cause yuletide chaos, warn experts - "Santa Claus has been accused of putting his life and the lives of others at risk through breaches of health and safety laws. Brandy-loving present-giver Claus behaves recklessly and in direct contravention of UK legislation... Santa should at least make sure his sleigh has guardrails to prevent a fall and a fall arrest system installed so that if he does fall he is protected... Make sure your roof is safe and that the chimney is clear so that he doesn't injure himself on the way down... The alcohol restrictions are the same for every pilot whether you are flying a light aircraft or a 747... It is 20 milligrams per 100 millilitres of blood, which is nothing, basically, a trace. One brandy probably would put you over that limit... There are also flying height restrictions which Claus is in clear breach of..."

Santa's hiring policies may discriminate, warn experts - "Santa Claus could be breaking a raft of employment laws designed to protect exploited and discriminated-against workers... Employers are governed by the European Working Time Directive, which restricts the number of hours anyone can work. That law could land Claus in hot water, said Doherty. 'In my mind the elves work full time all year round, and probably work more than 48 hours per week for the majority of the year,' he said... If Santa had to reduce his workforce as a result of the downturn [in toy demand due to a higher than normal level of bad children] and the elves were employees, they would be entitled to a redundancy payment. If they were not employees they would get nothing... What about the elf who wants to work flexibly so that they can look after their kids but Santa won't agree because he needs everybody working hard at this time of year?... It may be possible that if he only recruits elves to manufacturer his toys he will risk claims from other race types..."

Santa: environmental catastrophe?- "Santa Claus is ignoring his environmental obligations and could be putting the lives of thousands of livestock and agricultural livelihoods at risk... in his haste he may be ignoring his obligations to recycle and dispose of goods he has previously delivered... All producers, irrespective of size, were to register with an approved PCS by 15th March 2007, so Santa and the elves may be in breach if they have not registered and so they may face prosecution... His use of hooved animals in areas blighted by transmittable diseases is potentially his most serious safety breach. Outbreaks of foot and mouth and bluetongue diseases this autumn have put the future of the already-battered UK farming industry in jeaopardy once again. Claus's bringing of reindeer in and out of restriction zones could be a serious threat to the industry..."

Who'd be Father Christmas in the UK, eh?

Labels: digital rights, humour

If you write, run or host a blog or social network, or online message board or bulletin board, or plan to, you may be interested in a free event in January on your risks and liabilities to do with legal issues such as:

• Are you responsible for clearing your contributor’s content?
• Can you be responsible if other people take your comments out of context?
• If you work for a company can your views affect them?
• Can you remain anonymous?
• What are you agreeing to when you join a blogging website and which countries' law do you have to adhere to?
• What you need to be aware of when sourcing other peoples content?

The event is "Log in, Blog to, Log out", run by Own-It, from 6-9 pm including networking drinks on Wed 23 Jan 2008 in Clerkenwell, London. The speakers will be:

• Robert Lands, Head of IP Media at UK lawyers Finers Stephens Innocent LLP
• Dan Hon, who qualified as a technology / intellectual property lawyer and is now CEO of alternate reality gaming (ARG) site sixtostart - I briefly met Dan's co-founder Adrian Hon of Perplex City fame at the 2006 BBC Backstage X'mas party last year, when he was still with MindCandy.

It's free to sign up for Own-It events if you're a registered member (and it's free to register - use a free disposable email address service like Spamgourmet or a Gmail alias if you prefer).

As you can tell from the questions listed above to be discussed, the talk should be relevant to those who host or run blogs or social networking sites too - not just bloggers or those who comment on blogs or post on internet forums or social network sites like Facebook, Twitter etc, in terms of the risks we face that we ought to be aware of.

I've signed up and do hope I'll be able to make it to this one - while there is an EFF legal guide for bloggers it's US-centric, and so is the legal guide to podcasting, as well as various developments in the USA on censorship / libel and defamation.

The EFF are very strong on promoting bloggers' rights in the US: the rights of journalists; bloggers' rights to free speech including political speech, without the abuse of copyright or libel laws to censor us; the right to stay anonymous; and the right to not be liable for hosting speech in the same way other web hosts are. I'm a big fan of the EFF, see my sidebar. The Open Rights Group are a similar group in the UK focusing on digital rights and civil liberties and also deserve support (I'm a member, as you won't be surprised to hear after my Copyfighters posts from May 2005, Aug 2005 and Mar 2006 plus Creative Commons song, if you were with me from that far back!).

The US is of course still very relevant to us here because content we create or upload could be hosted on servers located in the USA, or owned by a US company. For instance, this blog was directly affected when the BBC issued a take-down notice under the US DMCA against the YouTube screencasts in my BBC iPlayer review (though they later apologised).

But it's about time there was a legal guide for bloggers in the UK and Europe - I still have no idea about the risks of hyperlinking to other sites! Hopefully this will be an informative talk. And maybe someone - the ORG? - will produce a legal guide for bloggers here in the not too distant future?

In fact I may well draw up a list of the many questions I have on the subject and see if I can send it to the speakers / Own-It in advance in the hope that they'll address them.

Labels: blogs,