Wednesday, May 25, 2016

Cory Doctorow on our movement towards digital alchemy

Cory Doctorow gave a terrific 13 minute talk at a recent O'Reilly conference on how it is time to stop and do something about DRM - a world in which everything [the internet of things] is made of computers is not just one with anti-competitive effects but which is a nightmare for privacy and security.

In ancient times alchemists were a bit like scientists, Cory tells us. They used something like the scientific method to attempt to understand the laws of nature. If they could not reproduce results they blamed it on demons and superstition - the demons changed the rules of nature, the alchemists believed, in order to prevent anyone understanding the universe.  Alchemists also kept what they found secret, rather than sharing and engaging in peer review and efforts to recreate results as scientists do. The result was lots of alchemists finding out for themselves that mercury was poisonous. The enlightenment demonstrated that sharing of knowledge worked in the public good.

O'Reilly have released 3 minutes of the talk freely for sharing via on YouTube



Cory, as ever, has lots of engaging tales to tell. One of the most serious was perhaps that of a security researcher who suffers from diabetes. He discovered a flaw in an insulin pump. The built in wifi would enable a stranger to take control of the pump and kill a diabetic using it from 30 feet away. But he couldn't publish the details because he would be revealing DRM circumvention instructions, a felony in the US, punishable by up to 5 years in jail. He could refuse to use the pump but not tell others why or how it was unsafe.

Other researchers have shown it is possible to take remote control of a Chrysler Jeep via the internet since it has a Sprint network SIM. 1.4 million of these vehicles in the US could be driven from anywhere on the internet, access to acceleration, brakes and steering, all controllable remotely.

MP3 players and smartphones are likely improving long term commercial prospects for hearing aid vendors. But future hearing aids will be computers. General purpose technology in your head but programmed and controlled not by the user but the manufacturer or supplier. They will know what we hear, when we hear it, filter what it doesn't want us to hear or even make us hear things depending on how they are configured. And they will have DRM. As will skyscrapers with seismic dampers that keep them from falling down and smart thermostats that enable power companies to reach into our home and turn the temperature down and stop us turning it up again.

Yet when we make it illegal to crack or circumvent DRM we make it attractive for commercial enterprises to engage in this type of nuisance behaviour, especially if they are making hardware on razor thin margins.

Cory concluded by noting the stuff - DRM - designed in an effort to maximise revenues for the entertainment business, is driving us towards a dystopian future where we will "be Huxleyed into the full Orwell". It's a new age of alchemy, a demon haunted world where we're not allowed to understand the technology and internet of things we live amongst. But do take a small break and listen to the whole talk yourself. It's 13 minutes well spent.

Monday, May 23, 2016

The tyranny of the algorithm yet again...

I was reminded yet again, over the weekend, how easy it is to get branded persona non grata in the age of the judgmental algorithm.

A search for "Isis Close" via any popular search engine throws up a significant collection of such streets, primarily in the Thames Valley region, in places like Long Hanborough, Aylesbury, Oxford, Abingdon and Putney, amongst others.

That these place names exist won't be a surprise to anyone familiar with English limnology - the study of rivers and inland waters. As Wikipedia helpfully tells us, "The Isis is the name given to the part of the River Thames above Iffley Lock which flows through the university city of Oxford". In at least one local primary school I'm familiar with, the classes are called Windrush, Cherwell, Isis and Thames.

Unfortunately for those who live in an Isis Close, Street, Road or other equivalent, the label Isis has been appropriated by or conferred upon (by the media) a bunch of murderous extremists in the Middle East. So the word "Isis" has become somewhat toxic in the West.

Now PayPal has decided that they are not prepared to facilitate payments for goods to be delivered to an address which includes the word "Isis".

An Isis street resident ran into some unexpected difficulties when attempting to purchase a small quantity of haberdashery on the internet with the aid of a PayPal account. The transaction would not process. In puzzlement she eventually got irritated enough to brave the 24/7 customer support telephone tag labyrinth. The short version of the response from the eventual real person she managed to get through to was that PayPal have blacklisted addresses which include the name "Isis". They will not process payments for goods to be delivered to an Isis related address, whatever state of privileged respectability the residents of such properties may have earned or inherited in their lifetimes to this point.

Who knows if the "avoid Isis" algorithm was added by a low level techie, a policy decision within PayPal driven by risk averse lawyers or some other process. Whatever the process, the result is that people with an Isis address have been tagged with a "do not touch" label on the internet.

We rarely understand that the poor, the mentally or physically disabled, ethnic and religious minorities, and every other collective marginalised group that privileged society discriminates against already live in a dystopian world. A world full of legal, environmental, economic and societal strictures and attitudes that make life difficult. We rarely understand, either, how easy it is, in a world full of big data, wielded by commerce and governments alike, to be cast out from our world of privilege to that of the marginalised.

So what are residents of "Isis" addresses to do. Interestingly enough, PayPal are not so wedded to their dissociation from "Isis" that they are banning this particular brand of humanity from holding PayPal accounts. The marginalised are still potentially profitable fodder. The organisation is merely concerned with not facilitating transactions which result in goods or services being delivered to those addresses. So Isis addressees could
  • have their orders delivered to an alternative address for collection
  • apply to the local council to have the name of their street changed
  • move house
The first is a serious inconvenience. The latter two options rather extreme and even then, given the tendency of unwelcome labels to hang around people on the internet and in big databases, there's no guarantee that a change of street name or address, drastic as they are, would entirely rid the people concerned of the tyranny of the algorithm.

Being unable to buy a sewing kit on the internet might seem like a minor middle class inconvenience but metadata, like details of someone's address, matters. It's only two years since the former US National Security Agency and CIA chief, General Michael Hayden, went on record with his "We kill people based on metadata" comment. Metadata is used to categorise and discriminate. We have no control over what commercial organisations or government or other economic actors and indeed criminals do with it.

With the UK Investigatory Powers Bill heading for the statute books, and the government taking little or no notice of the serious criticism it has received, this state of affairs is not primed to improve any time soon. Could I remind the reader of this simple engineer's perspective of the meaning of s78 alone in this large and complex law - it looks a bit like this:
I leave you to decide whether the government and its institutions will be able or willing to use this unimaginably gigantic collection of data in the public interest and without doing too much collateral damage to the sifted and categorised populace along the way.

Update: A stark example of where the tyranny of the algorithm does real damage - software used across the US to predict future criminals and it’s biased against black people.

Wednesday, May 11, 2016

Chatham House Cyber Policy Journal launch

I had the privilege of attending the launch of the Journal of Cyber Policy at Chatham House on Monday this week. The keynote speech was given by my old friend, John Naughton, an inveterate storyteller who, as usual, entertained and informed in equal measure.

What follows are some notes I made on the talk.

One of John's favorite books is a volume of Leonard Woolf's autobiography, The journey not the arrival matters. Yet in the case of the internet, he suspects, the reverse is the case - it's the arrival that's important.

In 1999 CEO of Intel, Craig Barrett, suggested that any company that wasn't an internet company within 5 years would not be a company at all. Most mainstream commentators dismissed him as nuts. He wasn't saying every organisation wanted to get into direct competition with the big tech companies but that the network itself was on the way to becoming a utility, a general purpose technology (GTP). We have focused as a society, says John, too much on the information goods and too little on the GTP.

Arthur C. Clarke's 3rd law is that any sufficiently advanced technology is indistinguishable from magic. The internet is the first significant, magic, advanced technology that humans have built that humans don't understand. [When I mentioned this insight to a young colleague here at the Open University earlier, it was one of those light bulb moments - his face lit up and he couldn't believe he hadn't realised this before.]

Think about that for a minute. The internet is a pervasive utility upon which we are hugely dependent but barely understand.

GTPs drastically affect society and often require the wholesale reconstruction of infrastructure, economic, social and cultural norms. Think steam, electricity, the railroads, the automobile. Our society is only at the very beginning of our transformation brought about by the Net. Despite being over half a century old - if we date it back to the packet switching ideas of Paul Baran and Donald Davies, in the 1960s - we have not yet figured out the significance of the internet.

We exist in a state of informed bewilderment, drowning in information and still not understanding. Digital technologies are completely incomprehensible to ordinary mortals. When it came to steam people didn't have to understand Boyle's law to understand steam engines worked. Coal burns. It makes high pressure steam. The steam pushes pistons up and down. The pistons are connected to rods that are connected to wheels that turn. The analogue industrial machine works and we can see how. Digital technologies are orders of magnitude more complex and their workings invisible to the naked eye.

Digital technologies come with key affordances -
  • zero marginal costs
  • powerful network effects 
  • permissionless innovation
  • the dominance of power law distributions 
  • technological lock-in
  • black box workings
  • complexity
  • lack of security
  • material processed not as physical goods but in information, the lifeblood of democracy and social life
The internet, most notably, is a global machine for springing surprises. Some good - the world wide web, voice over internet protocol (which Skype sits on). Some not so good - mass surveillance, information warfare, malware. Some disruptive in other ways - e.g. the impact on the music industry and the challenge of developing laws fit for the information age.

We as a society have been so dazzled by the technology, so sucked in by the true believers in technological determinism in Silicon Valley, that we rarely, if ever, stop to think about it or question the technological architecture of the world in which we live. Passive acceptance is the order of the day - we like free, convenient services and companies like to get big fast, to harness network effects. Yet technology is only one of many factors that drive our history and that technology exists in a social, economic, cultural and political context.

Only latterly (the past couple of decades) has the network being taken over by dominant corporate economic actors. The rather large elephant in the room is that the Net was mostly created by US organisations, military, civilian and corporate - publicly and privately funded. US stewardship of the Net was largely benign in its early history. [For a terrific account of the characters, the technology and the story I recommend John's first book, A Brief History of the Future: The Origins of the Internet. For anyone without easy access to a library or the funds to get themselves a copy, I have half a dozen paperback copies of the book on the shelves in my Open University office which I'm happy to dispatch to good homes. Just drop me an email]

There are a number of ingredients that make it hard for many people to understand the internet, its underlying technologies and its significance.

Firstly, we have a tendency to view our modern world with the 20/20 vision of hindsight - technology evolved step by step, one great idea to the next and it had to be this way. We perceive a smooth path to the current reality and neglect developments that could have and possibly even should have happened.

Packet switching - the fundamental technology of the Net developed independently by Paul Baran and Donald Davies on opposite sides of the pond in the 1960s - seems obvious, with hindsight. Yet Baran had to abandon his original designs in the face of vehement opposition, not least from the incumbent US telecommunications monopoly, AT&T.

[AT&T executive, Jack Osterman said at the time: "First it can't possibly work, and if it did, damned if we are going to allow the creation of a competitor to ourselves." Baran's employer, the RAND Corporation believed in the ideas enough to try and encourage the US Air Force to build and test a prototype network. The Air Force were really enthusiastic but the whole thing got strangled in military and Washingon DC bureaucracy and politics. In the public-private sector revolving door that is DC politics, the crew that would have been tasked with the project included ex AT&T employees. They just did not understand the technologies and would not have been up to the job. So Baran reluctantly dropped the project knowing it was bound to fail in those circumstances and with those with a vested interest in ensuring it failed running the project. All completely crazy but a nice indicator that meritorious technology will not necessarily emerge without the right support and conditions in so many contexts]

So there is nothing inevitable about the shape and form of the internet we have today. It has been designed, built and evolved that way by technical decisions, relative power dynamics, chance, legal, economic, social, cultural and environmental factors.

The fact that surveillance capitalism has become the dominant business model of the Net was not inevitable - it could not have happened without user consent - e.g. our addiction to "free" services and convenience - and the legal and regulatory and economic forces not just facilitating but actively encouraging such a state, ironically through passively allowing the surveillance capitalists to act without public interest shaped restraints or controls.

The second ingredient making it difficult for us to get a handle on the internet is the Net's (or humanity on the Net's) pathological obsession with the last 5 minutes - the short (some would say minuscule) term perspective of most of the public debate about it - or as John described it, the sociology of the last 5 minutes. Seismic shifts go largely unnoticed as the mass media indulge in feeding frenzies over new new things.

So when Craigslist - a free localised advertising service - launched the newspaper industry were blissfully unaware of the threat it posed to their business for a long time. The value chain of newspapers matched loss making journalism with profit making advertising. The net dissolved this and Craigslist was the early warning.

If the peace of God surpasses all understanding, as it says in the bible, so too - an accute manifestation of the sociology of the last five minutes - did the valuation of internet companies in the dot-com boom. The core business model was to collect as many consumers as possible, with a view to harnessing the network effects - get big enough and the revenues would flow. Companies would get wildly inflated stock market valuations just by adding an"e-" prefix or ".com" to the end of their names. Less than half of these outfits survived the dot-com crash.

But during this period the communications infrastructure to sustain the modern internet developed apace. In the California gold rush, it largely wasn't the miners that made their fortunes but the guys that sold them pickaxes and shovels.  The fibre optic networks built in the thick of the dot-com hype - though some of these network builders survived and some didn't - became the physical infrastructure we still rely on today. Unnoticed, unworthy of frenzied media and speculator hype, it nevertheless was the significant development of the dot-com era. A ubiquitous public utility. A GTP. Enterprises unthinkable before this GPT - Uber, Facebook etc - became unremarkable after it.

There John concluded before a lively Q&A, chaired ably by the Journal of Cyber Policy's editor, Emily Taylor. She opened the questions with one of her own - given the state of surveillance capitalism, extractive corporations and personal data being treated as the new oil, is there any end in sight? Will people get fed up and push back?

John was not encouraged that there is sufficient public interest in such a push back yet to think it likely.  The problem, as he said, is that a large chunk of our fellow human beings seem to think ubiquitous surveillance is an acceptable state of affairs. Mass surveillance seems here to stay with who knows what long term consequences for privacy and human rights more generally.

There followed a question on the balkanisation or fragmentation of the Net which the questioner suggested might facilitate localised innovation. John thought that an interesting perspective though it flew in the face of prevailing wisdom about network effects. There was always likely to be pressures driving in the direction of fragmentation but a few years ago he'd have bet against it. Now, post Snowden revelations he considers balkanisation a racing certainty. The questioner came back suggesting that wasn't necessarily a catastrophe, was it? John felt it was.

Next came a question from someone working on machine learning project at the Royal Society and the revelation of Google's DeepMind access to NHS patient data (1.6 million people's records). Is this a sign there will be more social innovation?

John's response raised the biggest (of many) laughs of the evening. Big data, he hypothesised, was like the Justin Bieber of the intellectual world. It's falsely believed if you collect enough data you can understand anything but big data has a crippled epistemology and too often correlation patterns in the data are interpreted as identifying causation. So in 2008 Google published a paper in Nature claiming success at predicting flu outbreaks substantially earlier than medical experts at centres for disease control. 2 years later they failed to repeat that success. Why? John figures you don't need to be a genius to realise that Google knows nothing about flu. It is not where there expertise lies and correlation does not prove causation.

Next came a question about the French Minetel service, a popular but limited online pre world wide web service accessed via the telephone network.

John was happy to talk about Minitel which in his opinion may have slowed the public engagement with the internet in France for a time. But more importantly it gave him the opportunity to articulate two wonderfully wise ideas embedded deep in the architecture of the internet by the original architects [of which I'm sure John would credit Baran and Davies already mentioned but also Vanevaar Bush, Claude Shannon, JCR Lickider, Bob Taylor, Charles Herzfeld, Larry Roberts, Leonard Kleinrock, bob Kahn and Vint Cerf, Jon Postel, David Clark amongst others] -
  1. Firstly that the [original] network was designed in a way that no one entity could control
  2. Secondly that [original] network had to be future proof i.e. it was not optimised for any particular need (e.g. telephony) and would be agnostic as to what it was being used for
The network would be dumb and the intelligence reside in the devices at the ends, something that became known later as the end to end principle, articulated in Saltzer, Clark and Reed's seminal paper in the early 1980s. The network took in data packets and did the best it could to deliver those packets to the destination address on the label. It did not care what was in the packets as long as they complied with TCP/IP protocols. The result was that if you could do something with data packets you could use the Net and didn't need anyone's permission, unlike the situation Paul Baran found himself in when AT&T opposed his innovative networking ideas. We had reached an era of permissionless digital innovation.

So in 1989 a scientist at CERN, Tim Berners Lee came up with an idea for sharing documents based on earlier ideas of Vanevaar Bush before World War II. Berners Lee convinced his boss to give him a budget and in the space of a year had created the world wide web on the internet, arguably the biggest transformation in communications since the Gutenberg printing press. Some people now even think the world wide web is the internet. (More depressingly, many seem to think Facebook is the internet).

The Net is no longer a sandpit for permissionless innovation. Now what's built is done in silos and walled gardens and no one can build anything on Facebook. The blockchain is a very interesting development which may prove disruptive but surveillance [and enclosure] capitalism has a powerful foothold.

Inevitably someone raised the internet of things which John described as a runaway train, mostly run by people who don't know what they are doing. They certainly have no understanding of security. A Cabinet office report, co-authored by the government's chief technology officer, warned, some years ago, that there were serious security flaws in their muli-billion pound plan to get smart meters installed nationwide. Just one of the problems was that every smart meter used the same encryption key - a single point of failure - and GCHQ reportedly "intervened" recently to help out with the security issues.

How can we improve the security situation around the internet of things?

John: Legal liability would help. [That raised the second biggest laugh of the evening]. Seriously though, if Ford make something dangerous they can be held liable under consumer protection, contract, health and safety laws. Software companies are rarely held liable for holes in their software and they have being protecting themselves from liability by end user licences agreements that are an affront to unfair contract terms regulations, health & safety and human rights for generations. But somehow because they are high tech companies it it an accepted state of affairs. The imposition of liability may also inhibit innovation, so it is a complex calculus but we're a long way from a satisfactory socially beneficial and stable state of affairs on this.

Final question: you seem to be a pessimist. Don't you think the 50% of humanity not yet on the internet will benefit from it.

John: Yes and the main agency for that will be smart phones. As to being a pessimist, he is sometimes accused of that but he doesn't see himself as such. The world is as it is but we have to be better at understanding and shaping it and its technologies in the public interest. He closed with his own version of Kranzberg's first law - technology is neither good nor bad but it sure as hell is not neutral.

Tuesday, April 26, 2016

Liberty confront people directly with implications Investigatory Powers Bill

Liberty, with an aggressive confrontational 2 minute video opposing the provisions of the Investigatory Powers Bill, have been demonstrating that when people are accosted directly and immediately with the reality of personal data collection and intrusive privacy invasion, we do not like it.



"Would you let a stranger into your phone? The snoopers' charter won't give you a choice" reads their tag line. Posted earlier today it's only got 89 viewers so far.

Why, then, is it somehow acceptable if mass privacy invasion or bulk data collection/retention/ interception happens silently or invisibly or unobtrusively in the background whilst we don't pay attention? Might Liberty actually be suggesting that we have been a passively tolerant society for too long?

Friday, April 22, 2016

Monday, April 11, 2016

Privacy International & CassetteBoy v The Snoopers' Charter

CassetteBoy has made an amusing 2 minute video for Privacy International on the Investigatory Powers Bill.



Bill documents and the written evidence (that submitted by original 23 March 2016 deadline) to the Public Bill Committee examining the Bill are available here.

Speech by President Michael D Higgins at EUA Annual Conference

President of Ireland, Michael D Higgins, gave a wonderful speech at the European Universities Association Annual Conference last week. The official transcript of the speech doesn't have the section he delivered in Irish at the beginning but if you have the odd 42 minutes to spare and have any connection in any context with higher education, then take the time to watch and listen -



Succinct Irish Times report on the speech here.

My favorite extracts (quite a large chunk):
"There is a grave danger that debates about the role of the university are taking place in a narrow political and ideological space...
I suggest that at the present moment in Europe and far beyond it, insofar as policy makers focus attention on education policy, they tend to view universities in a rather utilitarian way, as foundations of new knowledge and innovative thinking, within the confines of existing trade, commercial and economic paradigms, paradigms that are fading but not without damage to social cohesion. 
They pursue, perhaps with their own best of intentions, their own project, rather than any change as a means of advancing social justice and mobility. They seek contributors to social and cultural dynamism irrespective of the distribution of the benefits. This is an approach wherein short-term concerns prevail over long-term developmental objectives.  
My purpose this morning, then, is to suggest a recall of some first principles of the necessary role of the university in society; ...
In doing so, we must first recognise that we live at a time when the language and rhetoric of the speculative market has become embedded in the educational culture and has brought some university practices down a precarious road. That reductive view has brought us, I believe, to a time of great questioning about the purpose of the university – much of which has been corrosive - and perhaps even to a moment of intellectual crisis.
It is in its extreme form a view that is based on an erroneous perception that the necessary focus of higher education must be on that which is utilitarian and immediately applicable. Such a view sees the primary objective of the university, and those who study within it, as being in preparation for a specific role within the labour market, often at the cost of the development of life-enhancing skills such as creativity, analytical thinking, and clarity in written and spoken expression. 
We have now reached, I believe, a juncture which sees intellectuals challenged to recover the moral purpose of original thought and emancipatory scholarship; a time when we must seek to recapture the human and unifying capacity of scholarship. 
Max Weber, the great 19th century social theorist, responded to the events of his time in the second half of the nineteenth century asa public task of an intellectual, accepting the requirement not only of radical thought but of the duty to communciate as part of a public discourse.  
Weber... prophesied an iron cage of bureaucracy, a dehumanised landscape within which conformity would be demanded to that which no longer recognised its original moral or reasonable purpose."
A bit like our modern education sector and beyond, says Michael D ...
" While Weber’s view might be seen as dystopian, we can certainly recognise some of the features he predicted in our contemporary situtaion, in which rationality has led less to what is productive or inclusive but at so many times to what is a speculative gambling that has consequences in so much global misery.
Our European crisis is at least as profound as that faced by previous generations of political and social theorists at the end of the 19th century, but our response seems to be so slow, even as so many European citizens sense, inadequate. That is among those who care. The crafting of a response to this crisis is, I believe, a widespread challenge and one which the Irish and European universities must embrace, insisting on remaining open to originality in theory and research, and committed to humanistic values in teaching. It is through the encouragement of creative and free thinking that our universities acquired their status in the past, and correctly claim it today, as unique institutions that accept the responsibiity of enabling and empowering citizens to to participate fully and effectively at all levels of society. This creative function must be cherished, nurtured and encouraged.
Too many, perhaps unknowingly, have accepted an ‘under labourer’ view of the university, indeed of intellectual work more broadly, as we seek to belong in a form of society/economy relationship where we have lost the capacity to critically evaluate... We cannot allow ourselves to sleepwalk through the crisis that an unaccountable, but reformable, form of globalisation presents.
In this context, the role of the university in enabling citizens to develop the intellectual tools to address the great challenges of our time, which include include questions of development and global poverty, of climate change and sustainability, and of conflict and displacement, is one which is vital. Indeed, that we have heard the call to be responsible in relation to climate change or to sustainable development, that it has been endorsed by world leaders, is due to responsible scholars, thoughtful scientists who have made the intellectual case for political action at the global level – who have combined scholarship with citizenship and activism.
In this wider social understanding of the university, its relationship with its students cannot in my view, without great loss, be reduced, then, to that of provider of any narrow professional training, guided towards a specific and limited objective and essentially disengaged from the academic experience which is fundamental to independent thought and scholarly engagement. Theirs must be a much broader rapport, one which introduces students to an intellectual life and allows them to develop a critical turn of mind as well as informing an ethical concern with their community and their planet.
At the pedagogical level... Learning from those who are passionate about their subject, face to face collaboration and regular engagement in organic debate and discussion, journeying into the false avenues as well as the fruitful ones, is central to a rich and fulfilling educational experience.
We see great challenges in contemporary research practice too ... we have witnessed in recent decades the marginalisation of political philosophy and social theory to rather narrow issues of administration and, under pressure of publication and peer competition, to that which can be easily measured. More and more pressure has come on universities and scholars to prove their relevance within a hegemonic version of the connection between society and economy that is destructive to social cohesion – one that has demanded a consensus on the desirability, not merely of economic growth, but of a singular, limited versions of economics. Scholarship requires the breadth and breath of culture for paradigm shift to happen.  
As a research subject, the role of the State as innovator or generator of social cohesion has to be recovered...
We have been living through a period of extreme individualism, a period where, in its early extreme version, the concept of society itself has been questioned. The public space has been presented as a competitive space of consumers rather than citizens...
Neither can there be any doubt that one of the contributing factors of our recent economic crisis was a failure of capacity and intention on the part of our citizens, as well as our institutions, to question, to scrutinise and to interrogate the concepts of individualism to which they were invited to aspire, and the insatiable consumption to which they were invited and which, over recent decades, were accented and prompted as alternatives to the models of public good and welfare. Our existence is assumed to be, is defined as, competing individual actors, at times neurotic in our insatiable anxieties for consumption...
The will to create bridges and to listen to each other with respect remains as critical in the academic sphere as it is in all areas of life. When scholars are prepared, in their pursuit of knowledge and solutions, to engage in inclusive and interdisciplinaryscholarsip, to take a broader perspective, and to learn from the viewpoint of others we can, as a society, only benefit from such an approach. 
If we wish to develop independent thinkers and questioning, engaged citizens, our universities must, while providing excellence in professional training, avoid an emphasis that is solely or exclusivity on that which is measurable and is demanded by short term outcomes. They must allow for the patience and the peace that is required for memorable university teaching and research."
Gold star.
"Fostering the capacity to dissent is another core function of the university. Third level scholarship has always had, and must retain, a crucial role in creating a society in which the critical exploration of alternatives to any prevailing hegemony is encouraged. "
Another gold star Mr President.
"Universities must surely be facilitated and supported, made free and funded, so that they may preserve their role as special places for the generation of alternatives in science, culture and philosophy. They must be allowed to flourish as spaces which develop that intellectual courage which allows the rejection of exclusive or excluding ideologies, and encourages the seeking of truth from fact and the production of alternative solutions and action. Universities must be places where minds are emancipated and citizens enabled to live fully conscious lives in which suggested inevitabilities are constantly questioned..." 
... it is the duty of the university to engage in shaping, and not simply reacting to, the fourth industrial revolution. Neither technology, nor its potential to disrupt, are remote extrinsic forces over which we as humans have no control. All of us, as members of a global society, must play our role in guiding the pathway of new technology into our society in a way that is ethical and moral. It is essential also, that public citizen support for the necessary public investment in universities is secured – and that the benefits from this investment are retained within the universities themselves and demonstrated to a supporting public.
The university must not be reduced to a component of the market place as it cannot exist, in its fullest sense, in an exclusively market world. The intellectual dimension of higher education is not one that can easily be measured, and universities must not be called on to perform solely in ways which lend themselves to metric measures of performanace. Digitisation has great possibilities for the effecting of positive transformation within our society. However, as with all tools of power, the ethical test is its use.
In our current circumstances in Europe and the world, it is here, in our universities, that we can begin to enact such transformative thinking as is necessary to create the foundations of a society that is more inclusive, participatory and equal. That transformative thinking will require a real change in consciousness. It is through critical and engaged pedagogy that we can be assured that we are engaging the educators of a generation that will have the capacity to understand and question the assumptions of any status quo, and to understand when that status quo must be challenged and how; a generation who will have the confidence and the wisdom to engage in alternative visions of what a society can be, and bring it into being.
I suggest that the universities and those who work within them are crucial in that struggle for the recovery of the public world, for the emergence of truly emancipatory paradigms of policy and research. It is not merely a case of connecting the currency, the economy and the people, it is about recovering the right to pose such important questions as Immanuel Kant did in his time – what might we know, what should we do, what may we hope?" 
Go raibh maith agat A Uachtaráin do chiall ag labhairt i gcónaí deacair.

Wednesday, April 06, 2016

Investigatory Powers Bill 2nd Reading Part 3: Joanna Cherry

The SNP's Joanna Cherry QC's speech in the debate on the day of the 2nd reading of the Investigatory Powers Bill in the House of Commons on 15 March 2016 began at 3.04pm. The SNP are substantively opposed to the Bill in its current form but abstained the vote later in the day.

Ms Cherry opened by expressing grave concerns about the Bill whilst noting the law in this area needs a thorough overhaul and that the police and security services need appropriate powers to fight terrorism and serious crime. These powers have to be necessary, proportionate and compatible with the rule of law and the right to privacy. The IPBill is seriously deficient on all these fronts and hence the SNP could not support it.

She went on to note the SNP feel the IP Bill is a "rush job" being pressed forward with insufficient time for scrutiny, when the ink was barely dry on the three parliamentary reports criticising the draft Bill. Just the previous week, the UN's special rapporteur on the right to privacy published a report seriously and specifically questioning the IP Bill (paragraphs 39 to 42) and its failure to meet standards set out in judgments of both the European Court of Human Rights and The Court of Justice of the European Union. The Tory jeering squad got lively at this point and Ms Cherry cheerily admonished them suggesting they might like to read the special rapporteur's report. It contains a careful explanation of recent case law and can't simply be dismissed lightly.

Good practice suggests surveillance should be targeted and facilitating warrants should be focused, specific and rooted (nearly said "rotted" there which would have been an unfortunate slip) in reasonable suspicion. Yet the so-called targeted interception warrants enable spying on groups of people or multiple organisations or premises. Bulk interception warrants require neither specificity nor reasonable suspicion. We're not talking merely about mass surveillance with this Bill but suspicionless surveillance. The national security test in the Bill doesn't actually even require a national security threat.

The powers to retain internet connection records and other bulk powers in the IP Bill go way beyond what other western democracies do and will set a very bad precedent likely to be copied elsewhere. Denmark's equivalent of ICRs didn't work and were abandoned. The US found bulk data collection unconstitutional and ineffective for counter terrorism. The government have to justify - and have failed to do so - why it alone should be allowed powers way beyond those available to other western governments.

The SNP, Ms Cherry continued, did not believe the government were providing sufficient time for consideration of the Bill. The Home Office published about 1200 pages of documents relating to the IPBill on 1 March. The suspicion was they were dumping large tranches of documents and rushing the parliamentary process to avoid proper parliamentary scrutiny.

The Home Secretary interrupted, rather irritated, complaining that she had made an effort to publish all necessary documents because opposition parties are always moaning the government fails to do so when publishing Bills. Ms Cherry responded that Mrs May misunderstood her concern - not that the documents had been published but that insufficient time was being given to scrutinise them. The SNP would not be bullied into supporting a mass surveillance Bill of dubious legality just to avoid being labelled soft on terror. They would not tolerate bogus charges of this nature for the crime of requiring proper parliamentary scrutiny of and justification for expansive surveillance powers.

The SNP's concerns, Ms Cherry said, were widely shared by many MPs on all sides, parliamentary committees, industry and the UN special rapporteur and 200+ lawyers that wrote to the Guardian. Another interruption came at this point from the government benches declaring the lawyers wrong. Ms Cherry suggested a look at the distinguished list of signatories, experts whose opinion deserves some respect.

That letter to the Guardian highlighted the problem of bulk interception. Generalised initial interception is the issue - this generality, lack of focus and specificity is what the lawyers are worried about.

Dominic Grieve intervened to agree if what was happening was the kind of generalised interception of electronic communications in bulk, outlined in the Guardian letter, it would be "a very serious matter indeed". He does not believe that this is what the IP Bill facilitates.

Ms Cherry accepted his sincere belief to that effect but disagreed with his interpretation of the Bill as do the 200+ lawyers and many others. And if she and many respected lawyers can have varied interpretations of such critical laws it highlights the importance of having clear and focused language on the face of the Bill. Vague language poorly understood can be twisted to the desires of those in authority in future and has been in this area in the past.

If the government want "world beating" legislation they can't simply go around violating international standards. The UK is still bound by the European Court of Justice and the European Court of Human Rights and the IP Act as it will become will likely be challenged and possibly struck down in those arenas. The government and their supporters may choose to follow Russia's approach from December 2015 and pass a law to avoid complying with international human rights standards but Ms Cherry wouldn't recommend it.

Ms Cherry challenged the oft repeated notion that we gain more security by sacrificing privacy. It is simply not backed up by any evidence. The government responded to the Intelligence and Security Committee call for privacy to form the backbone of the Bill by adding the word privacy to the title of part 1. That comes across as somewhat cynical. And mass data collection is ineffective and counter-productive. Swamping electronic haystacks with more hay makes it harder for analysts to find the needles. We need to do security more intelligently not blanket data collection and suspicionless surveillance.

The SNP have many problems with the IP Bill in its current form but she wanted to focus on four of these given her limited time.
  1. the legal thresholds for surveillance
  2. the authorisation process
  3. the provision for the collection of internet connection records
  4. bulk powers
Regarding legal thresholds for surveillance, the Government essentially want to subsume RIPA’s three broad, vague and "dangerously undefined" grounds for surveillance into the IP Bill. She welcomed the move in the direction of some judicial oversight but want the commissioners to have substantive oversight, not just judicial review, powers - not a double lock but an equal lock process. In technical legal terms she is concerned a less intensive standard of judicial review will be applied—more Wednesbury reasonableness than strict necessity and proportionality. Why not go as far as other countries like Australia, Canada and the US on judicial oversight? This would additionally help solicit cooperation from the big US technology firms.

There is a false assertion made repeatedly that ministers are accountable to parliament in the issuing of warrants. That is not the case and won't be here because warrants are generalised and will not be disclosed. Besides, disclosing the existence of a warrant is and will be a criminal offence under the IPBill. And requests in the House of Commons for information on warrants are brushed off with the national security excuse. Ministers are not accountable to the parliament for warrants, practically politically or democratically. So she doubts the IP Bill authorisation of warrants processes meet European court standards requiring independent judicial supervision.

On internet connection records, the case made for their collection and retention in bulk is fatally flawed. ICRs cannot be equated to itemised phone bills. ICRs are quite fantastically intrusive and David Anderson has pointed out they would not be countenanced in Germany, Canada or the US.
"What the internet connection records will show is a detailed record of all of the internet connections of every person in the United Kingdom. There would be a 12-month log of websites visited, communication software used, system updates downloaded, desktop widgets, every mobile app used and logs of any other devices connected to the internet. I am advised that that includes baby monitors, games consoles, digital cameras and e-book readers. That is fantastically intrusive. As has been said, many public authorities will have access to these internet connection records, including Her Majesty’s Revenue and Customs, and the Department for Work and Pensions, and it will be access without a warrant. Do we really want to go that far? There is no other “Five Eyes” country that has gone as far. David Anderson QC said: 

“Such obligations were not considered politically conceivable by my interlocutors in Germany, Canada or the US”
and therefore, he said, “a high degree of caution” should be in order."
Finally she turned to bulk power, suggesting they are a radical departure from both common law and human rights law. Parliament has never before been asked to vote on or approve bulk powers of this nature. They have been deployed in secret, something we only became aware of because of Edward Snowden. Whatever you think of Snowden, she shares the serious concerns of the UN Special Rapporteur on Privacy that these bulk powers are probably the most worrying part of the IP Bill. She quotes from paragraph 39 of his report:
"It would appear that the serious and possibly unintended consequences of legitimising bulk interception and bulk hacking are not being fully appreciated by the UK Government. Bearing in mind the huge influence that UK legislation still has in over 25% of the UN’s members states that still form part of the Commonwealth, as well as its proud tradition as a democracy which was one of the founders of leading regional human rights bodies such as the Council of Europe, the SRP encourages the UK Government to take this golden opportunity to set a good example and step back from taking disproportionate measures which may have negative ramifications far beyond the shores of the United Kingdom.  More specifically, the SRP invites the UK Government to show greater commitment to protecting the fundamental right to privacy of its own citizens and those of others and also to desist from setting a bad example to other states by continuing to propose measures, especially bulk interception and bulk hacking, which prima facie fail the standards of several UK Parliamentary Committees, run counter to the most recent judgements of the European Court of Justice and the European Court of Human Rights, and undermine the spirit of the very right to privacy."
She then concluded:
"The SNP is in favour of targeted surveillance. We welcome the double lock on judicial authorisation as an improvement, but it does not go far enough. Our concern is, quite clearly, that many of the powers sought in this Bill are of dubious legality and go further than other western democracies without sufficient justification. It is for that reason that we cannot give this Bill, in its current form, our full support. We will work with others to attempt to amend it extensively. Today, we shall abstain, but if the Bill is not amended to our satisfaction, we reserve the right to vote it down at a later stage."