" /> net.wars: March 2013 Archives

« February 2013 | Main | April 2013 »

March 29, 2013

The price

"Geeks with good ideas can do a lot of damage, no matter what their intentions are," Evgeny Morozov said Wednesday morning. He was on a tour promoting his new book, To Save Everything, Click Here (which I'll review separately for ZDNet).

This is of course obviously true. We can say it in a Yes, Minister irregular verb: I do theoretical physics; you discover nuclear fission; he bombs Hiroshima. Or, updating, I wish I didn't have to push a light switch; you write an app to do it; he gets rid of electrical inspections because there's an app.

In The Net Delusion, Morozov argued that despite the Internet pioneers' best intentions, their inventions can be and are smartly used by authoritarian governments to surveille and repress their populations, who, in turn, are more interested in downloading pictures of cats than engaging in political revolt. Now, Morozov extends that "net delusion" into twin, trending obsessions: "solutionism" and "Internet-centrism".

Internet-centrism values the Internet and its well-being above all other interests. You see it in action when network neutrality advocates or copyright reformers complain that some new proposal is "bad for the Internet", or will "break the Internet". As someone written about the Internet and the battles over its freedoms this is not how I feel: the Internet is not a god to me, but, as I suspect it is to many others, an opportunity to be protected. Once upon a time, the Internet seemed special.

On Wednesday, Morozov defined solutionism this way: "the shallow intellectual tendency emerging in the last decade where we identify problems as problems based solely on the idea that we have the means of perfection or solution". In other words, it's the state of mind in which if you have a hammer you believe it can solve all problems whether or not they look like nails. As Morozov did not say, an example might be the British national ID card, which in the last 50 years has been touted as the solution to football hooliganism, benefit fraud, immigration, health tourism, employment fraud, serious and organized crime, terrorism...

Or, as Morozov did say, the state of mind in which Facebook and Google present themselves as more like humanitarian missions than companies. Google wants "to organize the world's information and make it useful"; Mark Zuckerberg said - in his letter in Facebook's IPO prospectus! - that Facebook's social mission is more important to him than its business. Or Amazon, whose founder, Jeff Bezos, Morozov cited, perhaps thinking of this, as seeing getting rid of gatekeepers as an unalloyed good: "His company is the ultimate gatekeeper!"

It's easy to agree when Morozov complains that starting with technology is starting from the wrong end. And yet...what he was saying seems disconnected from the activists I know. Of the familiar authors he cites, most (other than Lessig, who was the inspiring force behind creating Creative Commons and Rootstrikers) are academics light on practical action. When I think of open data, the first to spring to mind are the guys at MySociety, who have sequentially opened up access to local information, Parliamentary records, and the negotiations at the United Nations? Is open data an unalloyed good? Of course not. Is it possible, as Lessig argued in his 2009 essay Against Transparency, that devoid of context people will get the wrong idea? Of course. But isn't that how MPs would have justified refusing to disclose their expenses to Heather Brooke?

In the activist trenches you find the good and bad debated and scrutinized, not ignored. These are not people who revere technology at the expense of "goals and agendas previously held dear"; instead, they are trying to use technology to further those goals - or rein in technology where it threatens them. As Judith Rauhofer memorably said at a conference a few years back, "The world's social norms don't change just because some rich geeks in California say they have." In my neck of the world it's quite hard to find libertarians who think that giving everyone an app so they can check meat products for horsemeat is a better option than a government agency whose job it is to ensure food safety in its many forms. Cue Morozov: "Once there's an app, it's harder to defend institutions."

It is certainly fair to say that those favoring small government - in the UK, the current coalition, in the US the Republications - are eager to deploy technological substitutes such as computer assessment for capability to work. But Morozov went on to draw an interesting but uncertain connection between the self-quantified movement and a longer and larger trend, driven by pharmaceutical companies and doctors: "We are under constant pressure to look for more and more biomarkers, identify more diseases, real and imaginary, and buy more drugs to fix them. If that's the broader logic of how we think about health, self-tracking fills a certain role identifying even more symptoms." It is, he agreed, a grass roots movement - "but partly funded by venture capitalists and pharmaceutical companies". I would argue that funding has only come in because the grass roots movement has become big enough to be of interest to them.

"Solutions come with costs," Morozov said. Doesn't magic always?

Wendy M. Grossman's Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Stories about the border wars between cyberspace and real life are posted throughout the week at the net.wars Pinboard - or follow on Twitter.

March 22, 2013

Facts are scared

There's a principle established in US law by the case Feist vs Rural Telephone Service Company that facts cannot be copyrighted. (Not that people don't try.) More than that, Feist established that a database of facts as basic as names, addresses, and telephone numbers compiled with little "sweat of the brow", cannot claim protection as intellectual property.

I hadn't heard of Feist in 1993, when the late Personal Computer World assigned a piece about the Postcode Address File (PAF)) and the telephone directory database, but the principle that information taxpayers pay to collect should belong to the public was apparently thoroughly embedded. I was shocked to learn that in Britain these databases were not only copyrighted, to the Post Office and British Telecom respectively, but that people had to pay to use them.

Twenty years later, Ofcom has just concluded a consultation to discuss PAF's licensing arrangements. The gist of its recommendations: that the Royal Mail simplify its pricing, but that it continue to "recover its costs" through licensing. The Open Data User Group begs to differ. Its response to the consultation objects to the redaction of costing details and questions the figures; suggests alternatives to PAF itself; ; and argues that PAF should become an open dataset free at the point of use in the public interest. ODUG also objects to Ofcom's "business-as-usual" tone.

ODUG's chair, Heather Savory, told the Guardian a few months ago: "This is data which comes from publicly funded, publicly owned bodies. The Royal Mail is very opaque about the costs and profits of keeping PAF up to date, but we're pretty sure they could afford to make it free."

Other than when you receive postal mail, the most common way you encounter PAF is that you fill out a Web address form by typing a postcode and choosing from a picklist of valid addresses. In the mid-1980s, software companies began licensing it to provide that functionality for over-the-phone sellers and direct marketers; by 1993 they were beginning to link PAF to other databases to create new applications. Jean Lemon, then the value-added resellers manager for the Post Office, told me about 15 licensees were authorized to sell software based on PAF; Ofcom's report says there are now 250 licensed "solution providers" who embed PAF in products from those familiar ecommerce applications to customer relationship management systems.

It's clear no one foresaw the data's many potential uses. Spokespeople for GB Address, one of those 15 1993 companies, told me: "When we started we thought there'd be a good market among mail order companies, but it turns out there's a big market among any companies collecting addresses: charities, travel companies, insurance companies, hospitals."

By 1996, I returned to the subject when a resident of the US state of Oregon paid a modest media charge to buy a copy of the state's vehicle licensing database and put the whole thing online. Cue discussions of privacy, the value of public data, and so on. The feature I wrote about that incident for the Daily Telegraph (TEXT) included an inevitable comparison to the situation in the UK, where getting a single address out of the Driver and Vehicle Licensing Agency requires you to fill out a form justifying why you need it and pay a (small) fee. So one reason something like "couldn't happen here" is that you can't get the data. This is how we get silly situations like requirements to click on data licenses on local council Web sites

At that point, the Royal Mail was barely beginning to think about the Internet. Lemon, revisited, told me that costs were coming down and the adding PAF to Internet application back ends didn't seem particularly difficult. She even raised the question of whether to continue to recover costs by selling licenses or to make the database freely available. Now, 17 years and three-four, Internet generations later, Ofcom is still dubious. .

Ofcom notes that although the £27 million PAF brought the Royal Mail in revenues in 2011/2012 is only 0.4 percent of its overall revenues, it's more than the £23 million the Royal Mail's operating profit that year. (Although: so what? What matters is how significant the roughly £2 million over operating costs PAF earns is to the Royal Mail's overall viability.) If, it argues, the Royal Mail absorbs the cost of maintaining PAF, then either the cost of postage will have to rise or the Royal Mail will have to be less profitable. But as ODUG points out, creating instead an Open National Address Dataset would benefit everyone while vastly lowering the costs the Royal Mail is claiming. The case for retaining "cost recovery" only makes sense if you consider Royal Mail's business in isolation.

If, however, we look at the Royal Mail as an element of the larger national economic system and an essential piece of the national instruacture, then keeping the data closed is absurd. Ofcom estimates the value of PAF to the British economy at £1 billion - 40 times the revenue it brings the Royal Mail. How much greater would the value to all of us if it were free?

Wendy M. Grossman's Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Stories about the border wars between cyberspace and real life are posted throughout the week at the net.wars Pinboard - or follow on Twitter.

March 15, 2013

Can money compete with free?

Steffan Aquarone bounds to the podium and dares us to hate him. His prediction: in five years, people will prefer to buy where there is no "payment step"; in ten years payments will be free. To paraphrase, he's saying banks and credit card companies are about to face their "Napster moment". After all, cyberspace is where your money is precisely because payments transfer digits rather than gold.

Aquarone is telling this story to this year's Digital Money Forum, now renamed the Tomorrow's Transactions Forum. "I have a passion for things with a small chance of success," he says. He produced the 2012 film Tortoise in Love, made by a village in Oxfordshire. Yes, "by", not "in". His current "thing" is the mobile payments app Droplet, launching on iPhones, and soon on Android, dreamed up over pints in a Birmingham pub. With no marketing, he says the system already has 1,500 users. The company is closing its first round of funding; a recent hire came from Visa Europe.

How it works: download app, add money using the conduit of your choice, and thereafter you can send anyone money for free. I like that the phone isn't storing account information, limiting the risk. It sounds like early Paypal pitches that that you could send money to anyone with an email address. The disruptive bit is that incoming payments to merchants are also free, unlike every other type of payment known so far. Mobile money - transmit a few numbers in a couple of seconds - ought indeed to be a whole lot cheaper than cash or credit cards. But free?

Apparently the pub cocktail napkin is Britain's Silicon Valley garage. Aquarone was instantly mobbed. I heard "£2 million".

In 2013 doesn't everyone have a mobile payment scheme in their back pocket? There's the mobile wallet crowd - Google, Paypal, Square. Electronic bank transfers. The weird little underground economy of Amazon gift cards. Credit card companies and phone manufacturers bet heavily that contactless (NFC) is the Next Big Thing, but so far NFC's big winner is Transport for London. Cue Yandex's Jane Zavalishina, explaining that in her country, Russia, mobile wallets are being embraced, but, "NFC is the hard way to solve problems that don't exist." (Ouch.) Mobile should be the native home of purely digital currencies - Bitcoin, e-gold, but who accepts them? You'd have better luck with stuff we barely think of as currency: loyalty points. LoyLogic's Dominic Hofer calls frequent flyer miles "the biggest currency in the world": all the miles in all the programs add up to more than US dollars.

For small transactions, all these things are way too expensive or limited; micropayments are still a mirage. So everyone is scrambling; legacy players know they must reinvent themselves. Like the Royal Canadian Mint and Mintchip: "Our goal is to deliver a cash-like product that costs less to transact than other electronic payment solutions," explains Mint CFO Mark Brule. Essentially, the Mint mints the chips just as it would money; once embedded in devices they move money from one to another by sending date, time, and amount - "instantaneous, non-revocable, simple". A challenge last year created example apps. The Mint's survival as a business that makes money from making money - and even pays taxes - is at stake. As it, and at least some other legacy players understand, the economics and incentives are changing. The percentage charged to merchants in credit card fees, for example, was probably a better deal at the beginning, when they were competing with paper cheques and cash and the fees bought lowered risk and less hassle. But now? If they sue you when you report a problem? If the alternative is a secure, instantaneous transfer of a few electronic digits? And free?

At this point, the suspicious person asks: are we talking free as in speech, free as in beer, or free as in puppies?

A few hours earlier, Zavalishina had said (while expressing skepticism that banks and payment companies could ever muster *enough* data for it to be called "big"), "The only value is in big data". Speed-reading through Aquarone's slides behind his head, there it was, "data analytics". Free puppy!

What data are they going to analyze? Aquarone says that the system will give anonymized data to merchants, only with users' consent. Quizzed, he knows that "anonymized" is more or less impossible; what he means is that within their system your "know your customer" identity information is permanently separated from your behavioral profile, which users must opt in to make available to merchants. For him, the heart is the merchant-customer relationship; Droplet's next stage is a loyalty platform on which to build transactions from which the company can take a small cut.

And this is where the story gets so, so familiar. If Aquarone is right, what we'll see is the Web's business model - basic services free at point of use and advertising-supported, charges for value-added services - moving into payment structures. Aquarone and, if he is successful, his imitators will leverage the thousands of people working to improve the existing Web infrastructure. There will be a pitched battle over business models and key players.

"Once you wean people off legacy systems, all sorts of things become possible."

Wendy M. Grossman's Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Stories about the border wars between cyberspace and real life are posted sporadically at the net.wars Pinboard - or follow on Twitter.

March 8, 2013

Cyberwhere?

Last month, Michael Lind ordered us to Stop pretending cyberspace exists, calling the concept of cyberspace an idea that makes you dumber the moment you learn of it. The security consultant Alec Muffett has also complained about "cyberspace" for more practical reasons: that thinking of the Internet as a "space" leads to wrong-headed policies about security in specific and the Internet in general. In his presentation on thinking about securityMuffett illustrates this by replacing "cyberspace" in recent government statements with "TelephoneWorld"

I thought about these arguments several times last week during Eva Pascoe's Cybersalon, which asked, "has social media lived up to its original libertarian and communitarian promise of the Net?"

Eva Pascoe! Few under-30s happily asking Google to find the answers to pub quizzes on their phones will have any idea who she is, but in 1994 she opened London's first Internet café, Cyberia, in Whitfield Street. It was quickly followed by many more, and for a time in the late 1990s you could hardly walk ten yards in central London without passing a huge, computer-filled space (often owned by Selios Haji-Ioannou's EasyGroup) where £1 got you online long enough to check your email.

The idea of a café you had to go to in order to get online perfectly encapsulates why cyberspace *felt* like a different place. Now that you can casually dip your brain into the stream-of-online-consciousness any time, we've lost how different it felt when you had to dial up and wait while computers booted, modems mated, and pages loaded; in 1990 you could read each letter as it appeared on your screen. And every day a new technology or site to investigate, watching the Net being built. Eventually, of course, the need for cybercafés died off, killed by widespread computer ownership, free wifi, and mobile phones. I can remember when Cyberia opened, I have no idea when it closed.

As I said last week, the key element in making cyberspace feel like a separate place was that hardly anyone you knew was online. Today, you join Facebook to join your real-world friends and family. Twenty years ago, you went online and made friends with strangers, though many of them already knew each other. People described themselves as WELLperns, CIXen, and even Netizens and wrote books about virtual communities. Who today considers using Google an important part of their identity?

For many, what defined the Internet as a different "place" was the lack of what the ACLU's Jay Stanley calls "reverberations" in their daily lives - their "real" lives. Your boss didn't know about your evenings on the Usenet newsgroup alt.tasteless plotting the invasion of rec.pets.cats, and those cat-loving targets didn't know where you worked (though they might know where you went to school). Stanley argues that it's these reverberations that are really at the heart of many privacy debates. Certainly, the Net's increasing commercialization set off a series of shocks as material they people thought was ephemeral when they posted it resurfaced in newly public archives. Usenet was a prime example: in the late 1980s people knew their postings would expire after a couple of weeks; in 1995 those same people were stunned when Deja News revived them on the Web, and angry when the Google bought it. Today, Google's historical "Groups" archive is thought to be near-complete, minus some postings people have asked to be deleted.

It was predictable even in 1997, when I was writing net.wars-the-book that online and offline would gradually become less distinct from one another. Over time, our online relationships spilled offline and our offline contacts moved online. Government regulators argued that what was illegal offline should be illegal online (child porn, defamation, hate speech, copyright infringement); digital rights activists argued back that what was legal offline should be legal online (loaning friends copies of media, free association, freedom of expression). Nonetheless, smaller online social groupings - the WELL, some Web boards, IRC channels, anywhere that the same people persistently visit day after day rather than comment-and-run - still have a sense of community and place. In this sense, it was right to think in 1997 that the future of the Internet was to be many Nets.

The convergence between offline and online has accelerated rapidly since. Is it meaningful to say that the group you meet in the pub every Friday night is offline when each of you carries a mobile phone, pays by credit card, and geolocates your tweets? Soon, lampposts will have sensors, even human-driven cars will network traffic data, and any public encounter is likely to be recorded from all angles, while home-based 3D printing based on transmitted designs promises to complete the digital invasion of physical space. No wonder the US's data-driven companies are lobbying so hard to derail the EU's data protection review.

Some people definitely took "cyberspace" too seriously, but it's not a dumb concept; as a metaphor it conveyed something about the strangeness of change when pundits said in the early 1990s that "cyberspace is where your money is". Today it's where your personal data of all types lives. Tomorrow, it will be where the backup copy of your home lives. Don't blame the word for how it's been misused.

Wendy M. Grossman's Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Stories about the border wars between cyberspace and real life are posted throughout the week at the net.wars Pinboard - or follow on Twitter.

March 1, 2013

Information wants to be freed

Twelve years after the passage of Britain's Freedom of Information Act (2000), the government is reviewing its practice. This country is famously secretive; read Heather Brooke's books The Silent State and Your Right to Know or sample the requests at What Do They Know? to feel the blank-wall resistance.

The basics: last July, the Justice Committee reported the results of its post-legislative scrutiny of the act: its report; oral and written evidence; and additional written evidence. In November, the government published its response (PDF). The Information Commissioner, which oversees the Act and handles complaints, was cautiously optimistic. More worried about the potential for weakening the Act is the Campaign for Freedom of Information, which was founded in 1984. Last week, CFOI held a briefing to outline its analysis (PDF) and concerns.

It is, I suppose, inevitable that any time a country passes a new freedom of information act the authorities who are now required to answer the public's requests for information get grumpy. Who are these people demanding information, and why won't they leave us alone to get on with governing them in peace? And why are there so many of them? Reading through some of the written submissions is a Yes, Minister moment: unlike most government policies, the more successful this one is the more people complain about it.

From the start, politicians seem to have worried that government authorities would be plagued by the information request equivalent of a denial-of-service attack: obsessive individuals buying ink by the barrelful seeking to satisfy some private, unworthy agenda. They call these "vexatious" requests, which seems a hilariously poor choice of language: how many of the various authorities Brooke pestered for information to which she was reasonably entitled regarded her as "vexatious"? While it's a small point, I'd like to see this changed to "abusive", to make it clear that the pejorative applies to the requests and not the requester.

The people answering the requests are not always good judges. In the evidence, several institutions of higher education complain that journalists send "round-robin" requests to a dozen or two universities but use only the three or four responses to illustrate their stories. This is actually good news: instead of picking three in advance and calling them a trend, these journalists are responsibly surveying the landscape to get an accurate view. FOI is not PR; you don't judge the success of your efforts by whether you get a nice write-up.

CFOI is concerned about the suggestions for reducing the (vexatious) burden on public authorities by either adding cost for requesters or reducing the time and resources authorities must allocate to answering. One recurring idea is to introduce a charge for making FOI requests - perhaps the £10 charged for subject access requests under data protection law. Alternatively, authorities may to reject requests that cost more than £600 (at a standard rate of £25 an hour) to answer, not including time for consideration or necessary redaction. So lower the cost limit, raise the rate per hour, or include consideration and redaction. Other proposals CFOI's director, Maurice Frankel, listed are charging fees for tribunal appeals or aggregating all of an individual or organization's requests to a single authority, related or not, and blocking further requests for a set period.

Frankel is hoping none of these happen. Aggregating unrelated requests from a single individual or organization would most hurt local press. Bloggers and journalists already call tribunals intimidating and user-unfriendly; Frankel notes that charging only about 25 percent of appeals are struck out, so charging fees would likely deter many valid appeals.

I also think it's not valid to compare subject access requests with FOI requests. Subject access requests are more straightforward, based on your individual relationship with a particular organization, and you are the beneficiary. FOI requests are more complicated, often requiring follow-ups and more research; the information they're designed to elicit has been gathered at taxpayer expense; and the beneficiary is the public interest.

It remains to ask how significant a problem abusive requests are; they should not be an excuse to penalize an entire population. In its response to the task force grappling with the same problem in Canada, the Information Commissioner of Canada commented (PDF) that the evidence for the "abusive" claim was anecdotal and poorly identified and that even the government's task force agreed that most requesters were responsible. It estimated the cost across Canada at $1 per capita and falling, and called solutions similar to those above a hammer to kill a fly (thanks to Tamir Israel for the link).

It's hard to be too sympathetic to public bodies wanting FOI cut back; the power of secrecy has been theirs for too long. Over time, the waste of resources they're fretting about should diminish as their culture changes, systems are reconfigured to speed common requests and open data by default. Proactive disclosure will go a long way toward reducing the burden. More important is ensuring that private companies fulfilling public contracts don't escape.

Wendy M. Grossman's Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Stories about the border wars between cyberspace and real life are posted throughout the week at the net.wars Pinboard - or follow on Twitter.