" /> net.wars: November 2019 Archives

« October 2019 | Main

November 15, 2019

A short history of the future

1990s-books-wg-cropped.jpgThe years between 1995 and 1999 were a time when predicting the future was not a spectator sport. The lucky prognosticators gained luster from having their best predictions quoted and recirculated. The unlucky ones were often still lucky enough to have their worst ideas forgotten. I wince, personally, to recall (I don't dare actually reread) how profoundly I underestimated the impact of electronic commerce, although I can more happily point to predicting that new intermediaries would be the rule, not the disintermediation that everyone else seemed obsessed with.. Two things sparked this outburst: the uncertainty of fast-arriving technological change, and the onrushing new millennium.

Those early books fell into several categories. First was travelogues: the Internet for people who never expected to go there (the joke would be on them except that the Old Net these books explored mostly doesn't exist any more, nor the Middle Net after it). These included John Seabrook's Deeper, Melanie McGrath's Hard, Soft, and Wet, and JC Herz's Surfing on the Internet. Second was futurology and techno-utopianism: Nicholas Negroponte's Being Digital, and Tips for Time Travellers, by Peter Cochrane, then head of BT Research. There were also well-filled categories of now-forgotten how-to books and, as now, computer crime. What interested me, then as now, was the conflict between old and new: hence net.wars-the-book and its sequel, From Anarchy to Power. The conflicts those books cover - cryptography, copyright, privacy, censorship, crime, pornography, bandwidth, money, and consumer protection - are ones were are still wrangling over.

A few were simply contrarian: in 1998, David Brin scandalized privacy advocates with The Transparent Society, in which he proposed that we should embrace surveillance, but ensure that it's fully universal. Privacy, I remember him saying at that year's Computers, Freedom, and Privacy, favors the rich and powerful. Today, instead, privacy is as unequally distributed as money.

Among all these, one book had its own class: Frances Cairncross's The Death of Distance. For one thing, at that time writing about the Internet was almost entirely an American pastime (exceptions above: Cochrane and McGrath). For another, unlike almost everyone else, she didn't seem to have written her book by hanging around either social spaces on the Internet itself or in a technology lab or boardroom where next steps were being plotted out and invented. Most of us wrote about the Internet because we were personally fascinated by it. Cairncross, a journalist with The Economist studied it like a bug pinned to cardboard under a microscope. What was this bug? And what could it *do*? What did it mean for businesses and industries?

To answer those questions she did - oh, think of it - *research*. Not the kind that involves reading Usenet for hours on end, either: real stuff on industries and business models.

"I was interested in the economic impact it was going to have," she said the other day. Cairncross's current interest is the future of local news; early this year she donated her name to the government-commissioned review of that industry. Ironically, both because of her present interest and because of her book's title, she says the key thing she missed in considering the impact of collapsing communications costs and therefore distance was the important of closeness and the complexity of local supply chains. It may seem obvious in hindsight, now that three of the globe's top six largest companies by market capitalization are technology giants located within 15 miles of each other in Silicon Valley (the other two are 800 miles north, in Seattle).

The person who got that right was Michael Porter, who argued in 1998 that clusters mattered. Clusters allow ecosystems to develop to provide services and supplies, as well as attract skills and talent.

Still, Cairncross was right about quite a few things. She correctly predicted that the inequality of wages would grow within countries (and, she thought, narrow between countries); she was certainly right about the ongoing difficulty of enforcing laws restricting the flow of information - copyright, libel, bans on child abuse imagery; the increased value of brands; and the concentration that would occur in industries where networks matter. On the other hand, she suggested people would accept increased levels of surveillance in return for reduced crime; when she was writing, the studies showing cameras were not effective were not well-known. Certainly, we've got the increased surveillance either way.

More important, she wrote about the Internet in a way that those of us entranced with it did not, offering a dispassionate view even where she saw - and missed - the same trends everyone else did. Almost everyone missed how much mobile would take over. It wasn't exactly an age thing; more that if you came onto the Internet with big monitors and real keyboards it was hard to give them up -and if you remember having to wait to do things until you were in the right location your expectations are lower.

I think Cairncross's secret, insofar as she had one, was that she didn't see the Internet, as so many of us did, as a green field she could remake in her own desired image. There's a lesson there for would-be futurologists: don't fall in love with the thing whose future you're predicting, just like they tell journalists not to sleep with the rock stars.

Illustrations: Late 1990s books.

Wendy M. Grossman is the 2013 winner of the Enigma Award. Her Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.

November 8, 2019

Burn rate

One of my favorite moments in the 1996 sitcom 3rd Rock from the Sun was when Dick (John Lithgow), the high commander of the aliens' mission to Earth, marveled at humans' ability to live every day as though they didn't know they were going to die. For everyone but Woody Allen and the terminally ill, that denial is useful: it allows us to get up every day and do things like watch silly sitcoms without being overwhelmed by the sense of doom.

In other contexts, the denial of existential limits is less helpful: being aware of the limits of capital reminds to use it wisely. During those 3rd Rock years, I was baffled by the recklessly rapid adoption of the Internet for serious stuff - banking, hospital systems - apparently without recognizing that the Internet was still a somewhat experimental network and lacked the service level agreements and robust engineering provided by the legacy telephone networks. During Silicon Valley's 2007 to 2009 bout of climate change concern it was an exercise in cognitive dissent to watch CEOs explain the green values they were imposing on themselves and their families while simultaneously touting their companies' products and services, which required greater dependence on electronics, power grids, and always-on connections. At an event on nanotechnology in medicine, it was striking that the presenting researchers never mentioned power use. The mounting consciousness of the climate crisis has proceeded in a separate silo from the one in which the "there's an app for that" industries have gone on designing a lifestyle of total technological dependence, apparently on the basis that electrical power is a constant and the Internet is never interrupted. (Tell that to my broadband during those missing six hours last Thursday.)

The last few weeks of California have shown that we need to completely rethink this dependence. At The Verge, Nicole Westman examines the fragility of American hospital systems. Many do have generators, but few have thought-out plans for managing during a black-out. As she writes, hospitals may be overwhelmed by unexpected influxes of patients from nursing homes that never mentioned the hospital was their fallback plan and local residents searching for somewhere to charge their phones. And, Westman notes, electronic patient records bring hard choices: do you spend your limited amount of power on keeping the medicines cold, or do you keep the computer system running?

Right now, with paper records still so recent, staff may be able to dust off their old habits and revert, but ten years hence that won't be true. British Airways' 2018 holiday weekend IT collapse at Heathrow provides a great example of what happens when there is (apparently) no plan and less experience.

At the Atlantic, Alexis Madrigal warns that California's blackouts and wildfires are samples of our future; the toxic "technical debt" of accumulated underinvestment in American infrastructure is being exposed by the abruptly increased weight of climate change. How does it happen that the fifth largest economy in the world has millions of people with no electric power? The answer, Madrigal (and others) writes is the diversion of capital that should have been spent improving the grid and burying power lines to shareholders' dividends. Add higher temperatures, less rainfall, and exceptional drought, and here's your choice: power outages or fires?

Someone like me, with a relatively simple life, a lot of paper records, sufficient resources, and a support network of friends and shopkeepers, can manage. Someone on a zero-hours contract, whose life and work depend on their phone, who can't cook, and doesn't know how to navigate the world of people if they can't check the website to find out why the water is out...can't. In these crises we always hear about the sick and the elderly, but I also worry about the 20-somethings whose lives are predicated on the Internet always being there because it always has been.

A forgotten aspect is the loss of social infrastructure, as Aditya Chakrabortty writes in the Guardian. Everyone notes that since online retail has bitten great chunks off Britain's high streets, stores have closed and hub businesses like banks have departed. Chakrabortty points out that this is only half of the depredation in those towns: the last ten years of Conservative austerity have sliced away social support systems such as youth clubs and libraries. Those social systems are the caulk that gives resilience in times of stress, and they are vanishing.

Both pieces ought to be taken as a serious warning about the many kinds of capital we are burning through, especially when read in conjunction with Matt Stoller's contention that the "millennial lifestyle" is ending. "If you wake up on a Casper mattress, work out with a Peloton before breakfast, Uber to your desk at a WeWork, order DoorDash for lunch, take a Lyft home, and get dinner through Postmates, you've interacted with seven companies that will collectively lose nearly $14 billion this year," he observes. He could have added Netflix, whose 2019 burn rate is $3 billion. And, he continues, WeWork's travails are making venture capitalists and bond markets remember that losing money, long-term, is not a good bet, particularly when interest rates start to rise.

So: climate crisis, brittle systems, and unsustainable lifestyles. We are burning through every kind of capital at pace.

Illustrations: California wildfire, 2008.

Wendy M. Grossman is the 2013 winner of the Enigma Award. Her Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.

November 1, 2019

Nobody expects the Spanish Inquisition

Monty_Python_Live_02-07-14-sporti-jpgSo can we stop now with the fantasy that data can be anonymized?

Two things sparked this train of thought. The first was seeing that researchers at the Mayo Clinic have shown that commercial facial recognition software accurately identified 70 of a sample set of 84 (that's 83%) MRI brain scans. For ten additional subjects, the software placed the correct identification in its top five choices. Yes, on reflection, it's obvious that you can't scan a brain without including its container, and that bone structure defines a face. It's still a fine example of data that is far more revealing than you expect.

The second was when Phil Booth, the executive director of medConfidential, on Twitter called out the National Health Service for weakening the legal definition of "anonymous" in its report on artificial intelligence (PDF).

In writing the MRI story for the Wall Street Journal (paywall), Melanie Evans notes that people have also been reidentified from activity patterns captured by wearables, a cautionary tale now that Google's owner, Alphabet, seeks to buy Fitbit. Cautionary, because the biggest contributor to reidentifying any particular dataset is other datasets to which it can be matched.

The earliest scientific research on reidentification I know of was Latanya Sweeney's 1997 success in identifying then-governor William Weld's medical record by matching the "anonymized" dataset of records of visits to Massachusetts hospitals against the voter database for Cambridge, which anyone could buy for $20. Sweeney has since found that 87% of Americans can be matched from just their gender, date of birth, and zip code. More recently, scientists at Louvain and Imperial College found that just 15 attributes can identify 99.8% of Americans. Scientists have reidentified individuals from anonymized shopping data, and by matching mobile phone logs against transit trips. Combining those two datasets identified 95% of the Singaporean population in 11 weeks; add GPS records and you can do it in under a week.

This sort of thing shouldn't be surprising any more.

The legal definition that Booth cited is Recital 26 of the General Data Protection Regulation, which specifies in a lot more detail about how to assess the odds ("all the means likely to be used", "account should be taken of all objective factors") of successful reidentification.

Instead, here's the passage he highlighted from the NHS report as defining "anonymized" data (page 23 of the PDF, 44 of the report): "Data in a form that does not identify individuals and where identification through its combination with other data is not likely to take place."

I love the "not likely". It sounds like one of the excuses that's so standard that Matt Blaze put them on a bingo card. If you asked someone in 2004 whether it was likely that their children's photos would be used to train AI facial recognition systems that in 2019 would be used to surveil Chinese Muslims and out pornography actors in Russia. And yet here we are. You can never reliably predict what data will be of what value or to whom.

At this point, until proven otherwise it is safer to assume that that there really is no way to anonymize personal data and make it stick for any length of time. It's certainly true that in some cases the sensitivity of any individual piece of data - say your location on Friday at 11:48 - vanishes quickly, but the same is not true of those data points when aggregated over time. More important, patient data is not among those types and never will be. Health data and patient information are sensitive and personal not just for the life of the patient but for the lives of their close relatives on into the indefinite future. Many illnesses, both mental and physical, have genetic factors; many others may be traceable to conditions prevailing where you live or grew up. Either way, your medical record is highly revealing - particularly to insurance companies interested in minimizing their risk of payouts or an employer wishing to hire only robustly healthy people - about the rest of your family members.

Thirty years ago, when I was first encountering large databases and what happens when you match them together, I came up with a simple privacy-protecting rule: if you do not want the data to leak, do not put it in the database. This still seems to me definitive - but much of the time we have no choice.

I suggest the following principles and assumptions.

One: Databases that can be linked, will be. The product manager's comment Ellen Ullman reported in 1997 still pertains: "I've never seen anyone with two systems who didn't want us to hook them together."

Two: Data that can be matched, will be.

Three: Data that can be exploited for a purpose you never thought of, will be.

Four: Stop calling it "sharing" when the entities "sharing" your personal data are organizations, especially governments or commercial companies, not your personal friends. What they're doing is *disclosing* your information.

Five: Think collectively. The worst privacy damage may not be to *you*.

The bottom line: we have now seen so many examples of "anonymized" data that can be reidentified that the claim that any dataset is anonymized should be considered as extraordinary a claim as saying you've solved Brexit. Extraordinary claims require extraordinary proof, as the skeptics say.

Addendum: if you're wondering why net.wars skipped the 50th anniversary of the first ARPAnet connection: first of all, we noted it last week; second of all, whatever headline writers think, it's not the 50th anniversary of the Internet, whose beginnings, as we wrote in 2004, are multiple. If you feel inadequately served, I recommend this from 2013, in which some of the Internet's fathers talk about all the rules they broke to get the network started.

Illustrations: Monty Python performing the Spanish Inquisition sketch in 2014 (via Eduardo Unda-Sanzana at Wikimedia.

Wendy M. Grossman is the 2013 winner of the Enigma Award. Her Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.