S07E07 of Connection Problem: Who makes the rules?
×
Dear Reader,
I hope this finds you well and in good health.
Using the coronavirus crisis as an opportunity to rethink habits and modes of working, I’m doubling down on a belief/policy I’ve held for a long time but don’t always manage to follow through with: Avoid any avoidable stress factors for others. Just don’t burden anyone with unnecessary deadlines or extra tasks; no artificial pressure. If things happen, they happen. If they don’t, they don’t. You realize you can’t finish the contribution to our publication on time? No problem. Take good care of yourself.
In that same spirit, it delighted me to no end when this morning I saw a man walking down our street — presumably commuting once around the block and back to his home office for a day full of Zoom calls — dressed in spandex cycling shorts and flip flops below the waist, and a crisp white shirt and gray tailored jacket up top. I call him Corona Man, and I tip my hat to him. He seemed like he figured out what works for him. And good for him.
Enjoy this week’s newsletter!
Peter
×
If you'd like to work with me or bounce ideas, let's have a chat.
×
Privacy Shield, begone
Privacy Shield is dead: Max Schrems and his team at European privacy-focused strategic litigation organization NOYB just won a major case at Europe’s highest court: The EU Court of Justice (CJEU) struck down the so-called EU-US Privacy Shield that (nominally) protects European’s privacy, data protection and access to remedy regarding online platforms that share/process data about them with the US, like Facebook.
AccessNow calls it a landmark decision, stating:
“It was irresponsible for the European Commission to adopt the Privacy Shield both from a legal and political perspective. From the get go, the Commission ignored the legal opinion of data protection experts and civil society, who urged against this deal’s adoption.”
NOYB writes:
“The Court was clear that the far-reaching US surveillance laws are in conflict with EU fundamental rights. The US limits most protections to “US persons”, but does not protect the data of foreign customers of US companies from the NSA. As there is no way of finding out if you or your business are under surveillance, people also have no option to go to the courts. The CJEU found that this violates the 'essence' of certain EU fundamental rights.”
(Read NOYB’s first statement here.)
I’m not a legal expert so I’m not going to speculate about the legal implications. That said, I can hear the collective intake of breath across the Atlantic, amplified through Twitter. The next chapter is going to be interesting.
Full disclosure: I’m a (paying, otherwise inactive) member of NOYB.
×
Who’s making the rules?
Speaking of who makes the rules, and speaking of the role of tech companies and governance…
Just a few months ago, governments around the world were scrambling to develop corona tracing apps. Many would be centralized data collection machines with all the data protection issues this involves. Then Google and Apple teamed up to build a platform and API for government apps to tap into that would decentralize and anonymize data collection and prevent governments from collecting anything they’re not supposed to collect.
So far, so good, except… of course it wasn’t really. In fact, two companies simply made major political choices for governments around the globe, with zero democratic legitimacy.
Tom Loosemore (cofounder of UK’s Government Digital Service) analyzes this in his excellent piece on global governance and how during the coronavirus crisis, tech companies are making pretty blatant power grabs: Google and Apple's diktat to governments on coronavirus contact-tracing apps is a troubling display of unaccountable power (Business Insider, via Matt Webb)
Loosemore frames this as a power grab, and I tend to agree (emphasis mine):
“Via a couple of choreographed blog posts, Google and Apple dictated to 197 countries around the world how the world's estimated 3.2 billion smartphones could — and could not — be used to combat the spread of coronavirus.
Their diktat curtailed the ambitions harbored by many governments to place smartphone apps at the front line of the battle to limit the spread of COVID-19.
As political power plays go, it was quietly brutal.”
Loosemore goes on addressing the legitimacy issue this surfaces:
“Who has power? And how is it held to account?
What Google and Apple did on April 10 was to make a huge, global public health policy decision — a decision that I believe should be the preserve of elected governments.
They alone had determined where the balance was between privacy and public health should lie. And they plumped firmly on the side of individual privacy. Governments were not to be trusted. “
The point here is, of course, that even if you agree with Google’s and Apple’s decision, they lack any and all legitimacy. A good king cannot be trusted because otherwise we’d also have to trust a bad king. In political science, this is the long-established argument against benevolent dictatorship: Processes and institutions are key. Elections & oversight as well as the institutions that exert power and provide services based on democratically legitimized representation and mandate. Processes and institutions are inherently much more trustworthy than any one individual with absolute power.
The same goes for tech companies: Not only do I not know if they have my best interest at heart (and I have no reason to believe they do), they have no mandate or legitimacy in making choices of that level of import. The fact that governments around the world just rolled over and played along just shows how dependent they are on tech companies.
So how about we start there, and build better capacity at the local, regional, national levels. Independence and capacity building as a resilience strategy? Now that sounds a lot more likely to succeed in the long run.
See also: The World Economic Forum’s 4 rules to stop governments misusing COVID-19 tech after the crisis. Even the WEF argues that “Technology-driven responses to crises must be underpinned by human rights” and demand that “States recognize international human rights law as the foundation for technology governance”. I couldn’t agree more. (Relying much more heavily on the solid foundation of human rights is an argument we also make at the Berlin Institute for Smart Cities and Civil Rights.)
See also: AI’s Invisible Hand: Why Democratic Institutions Need More Access to Information For Accountability (Marietje Schaake on the Rockefeller Foundation blog). The former European Parliament Member argues that ethics and self-regulation are not enough, which ties right back to questions of global governance:
“Access to information forms the bedrock of many facets of democracies and the rule of law. Facts inform public debate and evidence-based policymaking. Scrutiny by journalists and parliamentarians and oversight by regulators and judges require transparency. But private companies keep crucial information about the inner workings of AI systems under wraps. The resulting information gap paralyzes lawmakers and other watchdogs, including academics and citizens who are unable to know of or respond to any AI impacts or missteps.”
×
The best reviews
I might have mentioned this before: One of my guilty pleasures is reading Wirecutter reviews. It’s like a zen exercise to me. If you’re unfamiliar, Wirecutter is a nerdy review site for all kinds of things from household appliances to gadgets to toys. (They’re now part of the New York Times.)
First of all, their recommendations are usually rock solid, if very US-product centric. (Stuff might just not be available easily in Europe.) But honestly that’s only part of the appeal: Their reviews are so over the top researched and contextualized that some of them are true works of art. I vaguely remember reading something about carry-on suitcases that they had tested — among many other things — by setting up a test track for suitcases and their wheels at an airport and ran in circles for hours. That level of nerdy.
Long story short, they wrote up the Anatomy of a Wirecutter Guide and while I’m perfectly aware this is almost certainly going to be of no interest whatsoever to 99% of you, I love it and maybe a handful of you do, too.
×
Miscellanea
LeakyPick: IoT Audio Spy Detector (PDF, Arxiv.org, via Monique van Dusseldorp). LeakyPick “enables the detection of the smart home devices that stream recorded audio to the Internet without the user’s consent." The prototype runs on a Raspberry Pi.
×
Currently reading: A Memory Called Empire, Arkady Martine. Annabel Scheme and the Adventure of the New Golden Gate, Robin Sloane.
×
If you’d like to work with me or have a chat to explore collaborations, let’s chat!
×
Who writes here? Peter Bihr explores how emerging technologies can have a positive social impact. At the core of his work is the mission to align emerging technologies and citizen empowerment. To do this, he works at the intersection of technology, governance, policy and social impact — with foundations, public and private sector. He is the founder of The Waving Cat, a boutique research and strategic advisory firm. He co-founded ThingsCon, a non-profit that explores fair, responsible, and human-centric technologies for IoT and beyond. Peter was a Mozilla Fellow (2018-19) and an Edgeryders Fellow (2019). He tweets at @peterbihr and blogs at thewavingcat.com. Interested in working together? Let’s have a chat.
Know someone who might enjoy this newsletter? Please feel free to forward your copy or send folks to tinyletter.com/pbihr. If you'd like to support my independent writing directly, the easiest way is to join as a member.
×