" /> net.wars: June 2016 Archives

« May 2016 | Main | July 2016 »

June 24, 2016

Funny money

keruoacscroll.jpg
Is the blockchain a solution or a technology looking for a problem? At Tomorrow's Transactions Forum a couple of months ago, Michael Salmony argued forcibly that it's the latter. Distributed databases and consensus algorithms have been researched for 30 years, so what's the big whoop?

At last week's Trust in Digital World's blockchain event (PDF), I heard an answer: "What's new is proof of work," said Michael Huth, a computer science professor at Imperial College. Proof of work is the "mining" we talk about when trying to explain where bitcoins come from. Proof of stake sounds recursive and exclusive: you prove you have a stake - that is, money, if it's a financial system - in order to get your block accepted as valid and added to the blockchain.

MichaelHuth.pngFor several years now there's been a lot of suggestion that the blockchain would be widely used in all sorts of ways by legacy systems and players. For that purpose, Huth said, solving proof of stake is vital because, as Alexandra Dmitrienko pointed out, proof of work is wasteful. The bitcoin network today consumes as much energy as 280,000 US households. Not going to scale, and hence the need for alternatives.

Both, according to Vitalik Buterin in Bitcoin Magazine in an analogy I find helpful, are essentially anti-spam measures. Except when you're talking about money the "spam" is fraud and can cost people real money. Last week, an attacker proved the point by draining ether tokens worth about $50 million from an automated blockchain-based investment fund called The DAO.

Bitcoin, Huth said, is trying to be a revolution; but it may wind up with the coexistence of reformation. It sounds abstract until you consider this in the context of last week's attack. The idea, as David Siegel helpfully explains at Medium, was to run a fully automated fund in which software in the form of "smart contracts" made all the decisions based on the rules programmed into it. It's nice, neutral computer code! What could possibly go wrong?

emin-gun-sirer.jpgCornell professor Emin Gun Sirer studied exactly this question and found a number of answers, which he published shortly before the fund opened for 1business with a call for The DAO to stop operating until the flaws were fixed.

The idea behind The DAO, as the the BBC explains, was to create a fully autonomous fund owned by its participants, who put in money that, converted to ether tokens, could be spent to back start-ups that members voted on. Think a venture capital fund with less expense, less regulation, and no managers. It's arguable that what went wrong was really not the thing of setting up the experiment: that's what early adopters and new technologies are for, and there's not much wrong with that. What went wrong, really, is that everyone got a little too excited, and put in too much money: "While the agile approach of "ready, fire, aim" generally works best with new software, it can be dangerous when $150 million gets loaded into the chamber," as Siegel put it.

Meanwhile, the attacker can't actually do much with the funds they've sequestered under an address only they control in a subfund "child DAO". The fund's governing rules enforce a 27-day delay on spending - which gives the Ethereum Foundation and its attendant community plenty of time to fight over what, if anything, should be done. Unlike most other types of software, where real money is involved governance has to grow up fast; Sirer told the BBC that coding things like this is "more similar to writing code for a nuclear power reactor, than to writing loose web code". The two main options are a soft fork, in which the address where the ether tokens are stored is blocked from spending them, or a hard fork, in which the blockchain is rolled back to before the attack and the community proceeds from there, erasing the intervening history. Meantime, in a second attack, carried out by Ethereum developers, the rest of the fund's money was diverted to a safe location (another couple of child DAOs) for its own protection, an effort the attacker intends to block.

Internet history keeps proving that every community has a value threshold above which it's become a significant enough target that abuse becomes a fact of life. In the past, humans have typically reacted by creating institutions and governance: money begat robbers, who begat banks, who begat bankers, who begat the Securities and Exchange Commission. The desire to substitute code for all that mishegoss is understandable. But it is staggeringly easy to screw up - with or without code - if the incentives and opportunities are wrong.

Siegel had what sounded like a sensible idea; he suggested the attacker should buy a bunch of ether, work with The DAO to return the money to the original token holders, and then they should dissolve The DAO. While they debate soft and hard forks, the wider blockchain community is finding itself considering questions like: whom do we bail out, and why? What kind of precedent does that set? How far do we let people proceed at their own risk? Does the coded contract rule supreme even when the code is flawed? These questions have to be answered no matter what kind of -ware is doing the governing.


Wendy M. Grossman is the 2013 winner of the Enigma Award. Her Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.

June 18, 2016

Staying in

UK_location_in_the_EU_2016.svg.png
The talking point going around the conference I'm attending in The Hague this week: no matter how the UK votes in the June 23 EU referendum, in 2017 Britain will nonetheless have to fulfill the following obligation: assume the EU presidency.

"Maybe we can get Scotland to do it," someone said brightly on discovering this. Two years ago, when the British media discovered this, they suggested the predecessor (Malta) or successor (Estonia) could serve a double term. "There is no provision in the treaty for a country leaving," said someone who sounded authoritative, cuing a string of zombie jokes. Philip K. Dick would have appreciated the UK's opportunity to negotiate its departure terms with itself.

Back in the UK, the absurd rhetoric both campaigns have unleashed, evokes the ants in T. H. White's The Once and Future King, whose minds were fully occupied with mindless, endlessly recurring, universally broadcast propaganda. The pound will plummet! Buttinski foreigners are telling us to stay! Property prices will crater! And, my favorite: old people will lose their bus passes!

Until a few days ago, I didn't think I knew anyone who was voting to leave. Here, I'm seeing the sort of well-educated, well-traveled British folks who've actually probably personally benefited from Britain's EU membership shaking their heads and saying the EU is dying, corrupt, aging, outdated...Where's all that "better together" stuff we heard so much of when Scotland was voting?

All that said, this is serious business even though, like so many political events recently, it started as a kind of joke. The question here is the likely impact on net.wars-type topics - computers, freedom, and privacy - if Britain votes to leave.

An arriving Leave campaign leaflet listed among its complaints that EU decisions limit the UK government's anti-terrorism efforts. This is not what Europol says - and although I discovered in conversation earlier this week there are Remain voters whose minds this history would change, it's coincidentally a large part of why I hope Britain votes Remain..

Structurally, Britain's government is an elected dictatorship: given a sufficient Parliamentary majority the government of the day can do what it likes. In constructing the US government (which, unfortunately for my comparison, is currently paralyzed), the Founding Fathers sought to place compensating checks and balances on what the legislative branch could do. As a result, US governments have three legs: executive (the president), legislative (Congress), and judicial (the Supreme Court). Britain's structure places much more power in the hands of the prime minister and their party. That being the case, the EU seems to me to be really important in applying the brakes when you hope *someone* will.

Thumbnail image for 2015_Max_Schrems_(17227117226).jpgIt was the Court of Justice of the European Union (CJEU), for example, that handed down the Schrems decision that up-ended Safe Harbor and threw a wrench into the unimpeded flow of European citizens' data to the US. The CJEU also voided the data retention directive (PDF) in response to Digital Rights Ireland's complaint, ruling that the practice "interferes in a particularly serious manner with the fundamental rights to respect for private life and the protection of personal data."

Similarly, the European Court of Human Rights (ECtHR) ruled in Marper that it was wrong for the UK to keep the DNA samples given by innocent people.

It was only recently that I began to understand the complicated relationship between these two courts. For American readers, CJEU was put in place with the formation of the EU; ECtHR was established in 1959 to ensure the 47 signatories of the European Convention on Human Rights (ECHR) fulfilled their obligations. Britain was one of the leaders of the post-World War II effort to draft and adopt ECHR, which is an important force in ensuring that the citizens of those 47 countries continue to enjoy the fundamental rights they've been promised under the treaty. Even if you love this government and despise those judgments, you can surely imagine a future in which the reverse is true.

Ending its part in the EU collaboration, therefore, would leave Britain still accountable to EctHR. However, this is not much comfort given prime minister David Cameron's stated desire to exit the ECHR as well if the UK can't veto the court's judgments. The May 2016 Queen's Speech announcement that "my government" will legislate a bill of rights is good news in the sense that Britain has never had such a written guarantee - but bad news if it is merely a stepping stone to hobbling the rights citizens have now under the treaty.

Even if the UK votes to leave, the dictates of international trade will mean many EU laws remain behind, laws into which Britain will have no input. One of these is data protection; an alienated UK will be an ignored presence while the EU negotiates with (primarily) the US. The same will be true of other trade laws, even those the tabloids mock.

UK_with_EU_flag_elements_interposed.pngAs part of the EU, Britain is part of a global power - the only one strong enough to police privacy in the US - and a uniquely attractive position as a gateway to a very large market. On its own, especially if Scotland exits as many predict, it will have approximately the world clout score of the state of Texas - with less control over its own future.


Wendy M. Grossman is the 2013 winner of the Enigma Award. Her Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.


June 10, 2016

Dinosaur bones

Allosaurus_SDNHM.jpg
In the recent documentary film Democracy: Im Rausch der Daten, Panoptykon founder Katarzyna Szymielewicz comments that it's important not to get tangled up in answering the question, "Where's the harm?" because it reverses the burden of explanation. "The point isn't harm but that it's a fundamental right."

deanna-fei.jpegIt's an important point. Still, anyone who feels an explanation is still needed might have found one at this week's Health Privacy Summit. There, a panel led by Deanna Fei, the author of Girl in Glass: Dispatches from the Edge of Life, featured several women whose lack of data privacy enabled their erstwhile bosses to bully or fire them. Fei herself was the butt of such an exercise in 2014, when AOL CEO Tim Armstrong informed his workforce that their pension benefits would have to be cut partly because of Obamacare and partly because two "distressed babies" born to AOL employees had cost the company $2 million.

Fei has told her own story eloquently and at length; each of the others on her panel had a harrowing tales. For anyone who lives in a non-US industrialized country, their stories are less about medical privacy and more about the iniquity of tying health insurance to employment. One had lost her job when she was diagnosed with cancer for the third time and is living in her car because she can't afford both rent and medical care. "We're not worth much," she said. All of the Europeans present shook their heads and agreed: you would never hear this story in Europe. Nationalized health insurance, living in Britain has taught me, is essential for keeping a reasonable balance of power between employers and employees: otherwise, you create a nation of frightened peasants.

Exacerbating this whole deal, as Fei pointed out, is the fact that many larger American companies now self-insure rather than buying insurance for their staff. Employees are often not fully aware of this because their companies will contract with a known insurer to handle administration. The result, however, is to give employers even more access to employees' data. As if that weren't enough, there's a recent trend toward wellness programs, which sound benign but often require employees to answer extensive quesionnaires and download data-collecting apps. These programs are typically bought in, and if the vendor is not a medical company, the data so collected is not subject to HIPAA, the Health Insurance Portability and Accountability Act, which regulates the use and disclosure of patients' medical information.

Ultimately, the harm in all this is the loss of recognition of the simple fact that being alive is a high-risk proposition. Individuals can certainly weight the odds (becoming a heavy drinker if you had liver failure as a child isn't a great strategy, for example), but catastrophic illness is not just another lifestyle choice. All the talk of data as this era's oil loses sight of the people the data connects to. At Health Data Palooza, Mary Ebeling heard health data referred to as "a natural resource".

Ebeling, a Drexel university sociologist, got intrigued by data-driven marketing practices when she found she kept getting ads targeting the age group her baby would be if she hadn't had a miscarriage. "My marketing baby", she calls the phantom child, who would be kindergarten age now. "I am the dinosaur bones that are being ground up to make that oil," she said. "We all are."

Although in fact oil comes from layers of ancient plankton rather than dinosaurs, Ebeling's phrasing is memorable enough to underline her point.

152_AMM_headshot_2015_BW_with_color.jpgBut this is just the beginning. The week before, at Privacy Law Scholars, Andrea Matwyshin outlined the beginnings of what she's calling "the Internet of Bodies", a development she argues will disrupt our ideas about ourselves and physical spaces, presenting a particularly knotty "legacy code" problem. Some early examples: the Cincinnati company that required a couple of its secure data center employees to have an RFID chip injected into their hands; the potential for data collection from (and security issues surrounding) brain implants; and, as several people tried to tease out, the complexity of who gets to decide what's "normal" and what's "enhanced"? What if - and there was apparently a brain implant case like this - the company that installed the brain implant or the piece of functioning liver wants it back in order to protect its intellectual property? In sports, scientists have been studying whether prosthetic legs give amputees an advantage over original-equipment runners (the most recent study was inconclusive).

All of that is happening much faster than we think and it's going to take us some very weird places, many of which are going to involve the transfer of highly intimate data in ways we're going to have to think hard about As one of the session participants put it, "My pancreas has never reported to the cloud before."


Wendy M. Grossman is the 2013 winner of the Enigma Award. Her Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.

June 3, 2016

The rift

Oculus Rift - 2016.jpg
It strikes me thatt the Oculus Rift is an apt metaphor for the rest of Facebook's business (as well as other large data-driven companies). I understand that the experience is meant to be immersive, but I hadn't appreciated how thoroughly the headset cuts you off from the world around you. In a demonstration mounted for attendees at last Tuesday's Privacy@Scale, only the demonstrator's' voice and guiding hand penetrated from the real world. In eventual gaming and entertainment deployments, presumably users won't have even that. There's little to contrast with the rest of Facebook's business, which would prefer us to stay within its enclave generating data and viewing ads.

Tuesday's event was a general discussion on current issues in technology and privacy. In a conversation about communicating with users, one of the company's representative said matter-of-factly that the company wants the ads it shows to be as valuable to users as the content. "We don't want ads wasting people's time."

Manoa Falls - 2011-12-17.jpgIt was one of those surreal moments. On the one hand, her statement was perfectly rational: of course they want ads people value - ads that result in clickthroughs and sales generate much greater revenue. On the other...does she inhabit the same world as the rest of us? Did she really mean to say that correctly targeted ads are as meaningful to us as cat videos or pictures of new grandchildren? It's like those airport officials who talk enthusiastically about making their airports destinations in and of themselves. You can have just as much fun at Heathrow as in Hawaii!

I don't want to pick specifically on either her or Facebook - which is why I haven't named her. I recount the incident as an example of why it's so hard to get through to those on the other side of the tracking-and-advertising divide. The rise of ad blockers, which has so many so concerned, is a reflection of that divide - and although most people have multiple motives for using blockers, the escalating size of the installed base tells us that when you give people tools they can actually use they will do so.

The ads-as-engaging-as-content idea of course requires - and for a business justifies - an enormous amount of data collection. This gap is equally hard to bridge. What we want: fair data practices. What they hear: more accessible corporate policies.

It's been obvious for a long time - I wrote about it for the Guardian in 2008 - that privacy policies aren't written to aid consumers but to cover corporate asses and assert control. The same is even more true of terms and conditions, which are spiraling out of control..

The week before last, the Norwegian Consumer Council staged a live-streamed reading of all of the terms and conditions that apply to an average smartphone, which their research showed contains 33 apps. The reading took a shade under 32 hours.

Their point, of course, was to highlight the complete unreasonability of expecting consumers to read all that. Research at Carnegie-Mellon has estimated that reading the privacy policies applying to all the software and services consumers use would cost each of us 76 days a year.

Lorrie Cranor - 2016.jpgStatements of corporate policy do have their uses, as the lead of that research, Lorrie Cranor<, pointed out on Tuesday. Even if consumers don't read them, journalists, activists, lawyers, and regulators do; therefore, these documents provide a mechanism for holding companies to account. Creating standards for privacy policies that would make them machine-readable, a strategy Cranor favors, would help make it possible to comparison-shop. The FTC's standardized model contract for financial privacy, for example, enabled Cranor's lab to build a demonstration search service for US banks.

Improving the policies' readability and standardizing the format at least would help expose how awful they really are - but do little to effect fundamental change. In many cases there is no meaningful choice users can make because the service's very few competitors all behave the same way. They can't negotiate terms, and the binary choice of not using it isn't always an option. Taking the privacy policy and improving the language, shortening it, and layering the formatting doesn't change the underlying power imbalance; it remains a one-way mirror. What difference does it make if you move the sign saying "Beware of the leopard" out of the basement with no lights or stairs in the council offices in Betelgeuse to the front door of your house on Earth if the planet is still destroyed by the Vogons?

At Civicist, mySociety founder Tom Steinberg has a post, The rise of the Internet mitigators, in which he argues that promoters - a category in which he puts those creating technologies and services - will be overshadowed in the coming years by mitigators seeking to regulate in the interests of undoing damage. I'm less sure that's true. On Tuesday, Michelle de Mooy, deputy director of the privacy and data project at the Center for Democracy and Technology suggested that CDT needs to change toward being innovators. "Advocates have to get ahead of the issues," she said. Organizations such as Mydex (ObDisclosure: I do some writing for them) are trying to effect real change by providing the technology infrastructure to up-end the power imbalance inherent in today's data practices. The future may, in other words, be neither mitigators nor promoters but a blend of the two.


Wendy M. Grossman is the 2013 winner of the Enigma Award. Her Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.