WELCOME to Connected Rights, your I in the team of digital rights news and analysis.
Enjoy this newsletter? Forward it to a friend or get them to sign up. I’m David Meyer, aka @superglaze on Twitter and @davidmeyerwrites on Facebook. Don’t forget to check out the Connected Rights website. Tonga soa!
I apologise in advance for the Facebook-heaviness of this issue.
MARK ZUCKERBERG EMITTED A FEW INTERESTING QUOTES in yesterday’s Senate hearing. Let’s start with the one I predict will come back to haunt Facebook bigtime:
Sen. Cornyn: “You agree now that Facebook and other social-media platforms are not neutral platforms, but bear some responsibility for the content?”
Zuckerberg: “I agree that we’re responsible for the content.”
Sen. Coons: “Why do you shift the burden to users to flag inappropriate content and make sure it’s taken down?”
Zuckerberg: “Over time, we’re going to shift increasingly to a method where more of this content is flagged upfront by AI tools we developed.”
Sen. Durbin: “Would you be comfortable sharing with us the name of the hotel you stayed in last night?”
Zuckerberg: [Laughs. Pauses.] “No.”
Sen. Graham: “Who’s your biggest competitor?”
Zuckerberg: “Senator, we have a lot of competitors.”
Last word here goes to Senator John Kennedy: “Your user agreement sucks.”
…Privacy groups have urged Facebook to “adopt the General Data Protection Regulation as a baseline standard for all Facebook services.”
“We urge you to make clear your commitment to comply with the GDPR standards in all jurisdictions for all users,” the groups wrote in an open letter. But wait, hasn’t Zuckerberg already done this?
As I reported last week, Zuck suggested in a Reuters interview that Facebook’s new GDPR-complying controls for European users wouldn’t all be extended worldwide. But then he said in a conference call with reporters that Facebook would indeed “make all the same controls and settings available everywhere, not just in Europe.”
Which is nice, but if Facebook isn’t going to fully comply with the new law in the EU (see above) then it still falls short.
…Here’s one to throw in the GDPR-says-you-have-to-do-this-anyway file: after Facebook was caught letting top execs such as Zuckerberg withdraw private messages sent to other people, the company will now introduce an “unsend” feature for regular people too. Are private messages personal data? Yes they are. Which means people need to be able to pull them.
…One casualty of the Cambridge Analytica scandal is Facebook’s plan to work with US medical organisations on combining patient data with information on the same patients from the social network.
There was a valid point to this scheme, which is now on hold: hospitals might know to provide more care for elderly patients, for example, if they know from Facebook that they don’t have a lot of friends. But a) this is creepy as heck, and b) nobody seems to have discussed consent, which makes this whole thing a HIPAA-trampling minefield.
As Google’s DeepMind could testify based on its experience in the UK, people get jolly upset when their medical data gets shunted over to Big Tech without their knowledge.
…Delightful discoveries resulting from Facebook’s Cambridge-Analytica-got-your-data notifications yesterday include the fact that the political consultancy might have got some users’ private messages. Also, many people (but not me, thankfully) learned that some of their Facebook friends had been dumb enough to take Aleksandr Kogan’s “personality quiz.”
What’s really interesting about the latest revelations is the numbers relating to smaller countries, which make clear how powerful the network effect is. In New Zealand, just 10 people took Kogan’s quiz, but that exposed the data of 63,716 people – the number being the tally of those 10 people’s friends. In Australia, 53 people’s carelessness gave Kogan access to the data of 311,127 Facebook users.
…Facebook is setting up a “committee of academic experts” to lead research into how the platform affect elections. “Looking back, it’s clear we were too slow identifying election interference in 2016, and we need to do better in future elections,” quoth the Zuck. So who’s going to fund this initiative? Among others, the Charles Koch Foundation and the Omidyar Network – certainly a diverse bunch.
A key quote from Facebook’s blog post on this matter: “The focus will be entirely forward looking.” How do you fix the future without looking back?
…Facebook would also like people to report the misuse of data by app developers, for $$$. You’ve heard of bug bounties; now say hello to the data abuse bounty. As Business Insider’s Shona Ghosh put it on Twitter, “In other words: ‘We have no way to catch the bad guys so uh…help?'”
To support my work, please consider visiting my Patreon page or buying my book, Control Shift: How Technology Affects You and Your Rights. Here are the links to the book’s British, American and German Amazon pages.
A US BLOCKCHAIN THINKTANK CALLED COIN CENTER says it is confident that the EU will decide not to apply the GDPR to blockchain businesses after all. “We’re optimistic that our European friends will come to see that their legitimate privacy concerns are best addressed not through law, but through decentralizing technology itself,” they say.
As ace academic Michèle Finck tweeted: “According to this argument Google, Facebook and anyone else could simply do whatever they want with your personal data as long as they use a blockchain.” More wishful thinking from the Disciples of Satoshi, it seems.
IF YOU’RE IN BERLIN AND YOU WANT TO LEARN MORE ABOUT THE GDPR, there’s a promising-looking event taking place on Saturday, April 21 at SoundCloud’s headquarters. It’s cleverly called OMGDPR and it’s an “open space” event, which means “you, the attendees, decide the content on the day, by bringing your own subjects you’d like to talk about with peers, in the context of GDPR.”
(Very annoyingly, I myself won’t be able to make it.)
If you’d like me to write articles for you about digital rights issues, speak at your event or provide privacy advice for your business, drop me an email at firstname.lastname@example.org.
FOR SOME LIGHT RELIEF, WHY NOT read this amusing Washington Post piece about a “techno-Dadaist” startup called Botnik Studios, which “specialises in artificial intelligence-assisted interactive comedy”. Can algorithms be funny? If they can come up with fake band names such as “Here Comes the Death” and “Baddwurds”, I’m inclined to say yes.
SOMEONE IS RUNNING A GDPR ICO. Which is enterprising, certainly.