WELCOME to Connected Rights, your pilot in the mecha of digital rights news and analysis.
Enjoy this newsletter? Forward it to a friend or get them to sign up. I’m David Meyer, aka @superglaze on Twitter and @davidmeyerwrites on Facebook. Don’t forget to check out the Connected Rights website and download a copy of my book, Control Shift: How Technology Affects You and Your Rights. Mauya!
SAN FRANCISCO HAS BANNED FACIAL RECOGNITION’S USE by cops and other city agencies, in what could turn out to be a precedent-setting move – similar bans are being mulled in Oakland and Somerville, Massachusetts. In SF’s case, it’s part of a wider clampdown on surveillance by the authorities. The ban won’t affect private companies, but it is pretty ironic, given the role played by Silicon Valley in developing such tech.
ACLU attorney Matt Cagle, who helped write the new rule: “The central motivator here is public safety, while making sure police can do their jobs. We’ve learned a lot about facial recognition and seen how it’s been used in places like China to track and control populations. The public increasingly understands the threat this technology can pose and that isn’t what they want.”
THE PHOTO STORAGE APP CALLED EVER HAS “PIVOTED” to being an AI company, without telling its users. What AI? Facial recognition of course – surveillance technology for law enforcement, the military and private companies, all trained on the photos that people uploaded to the “storage” service.
From NBC News’s scoop: “NBC News spoke to seven Ever users, and most said they were unaware their photos were being used to develop face-recognition technology. Sarah Puchinsky-Roxey, 22, from Lemoore, California, used an expletive when told by phone of the company’s facial recognition business. ‘I was not aware of any facial recognition in the Ever app,’ Roxey, a photographer, later emailed, noting that she had used the app for several years. ‘Which is kind of creepy since I have pictures of both my children on there as well as friends that have never consented to this type of thing.'”
FACEBOOK HAS BEEN FINED IN TURKEY OVER THE PHOTO data breach that it revealed last December – a bug in Facebook’s API allowed third-party apps to get at users’ photos.
Around 300,000 users in Turkey were apparently affected. The fine, levied by the country’s Personal Data Protection Authority, totalled 1.65 million lira, or a shade over $270,000. Or, to look at it another way, seven minutes’ worth of Facebook profits.
HOW DOES THE EUROPEAN COMMISSIONER’S COMPETITION directorate feel about taking on a Facebook privacy case, in the style of Germany’s national antitrust authority? Not so keen, it turns out.
“The Commission took note of the decision of the German Federal Cartel Office,” said Margrethe Vestager’s office in an official response to a question on the subject. “The German Federal Cartel Office’s concerns are based on German competition law. The European legislator has made sure that the type of conduct in question is addressed by the General Data Protection Regulation.”
That’s in line with the opinion of antitrust expert Falk Schöning, who recently told me for an IAPP piece that the Bundeskartellamt’s Facebook privacy-terms crackdown may prove influential in some countries, but not in the EU, because of the GDPR.
FACEBOOK CO-FOUNDER CHRIS HUGHES IS CALLING for the company to be split up (something Elizabeth Warren has also been suggesting) in order to tackle various ills. As Techdirt’s Mike Masnick points out, Hughes is fine at identifying the problems, but his solution doesn’t make an awful lot of sense.
Masnick writes: “If the policy is to stop large internet companies from acquiring small ones to increase competition, it might actually decrease competition by shutting off the market for capital funds to make those companies viable in the first place. None of this is to say that we should just let Facebook continue on its merry way. I get that the company is quite powerful and in a position to f*** up lots of stuff (which it regularly seems to do). But a remedy for the sake of a remedy, without any understanding of the wider impact, is bound to cause problems.”
Masnick sees the solution as lying in protocols, allowing people to move away from Facebook while still retaining the ability to communicate with those who remain. “It removes the lock-in that is the true issue of dominance,” he writes. “And, unless antitrust somehow forces that to happen, a separate Instagram doesn’t solve any of these issues.”
WHEN FACEBOOK ET AL TAKE DOWN “EXTREMIST” CONTENT, as most people strongly urge them to do, they sometimes destroy evidence that citizen journalists are using to identify the perpetrators of war crimes.
From The Atlantic‘s piece on the subject: “Some of what governments ask tech companies to do, such as suppressing violent content, cuts against other legitimate goals, such as bringing warlords and dictators to justice. Balancing these priorities is hard enough when humans are making judgments in accordance with established legal norms. In contrast, tech giants operate largely in the dark. They are governed by opaque terms-of-service policies that, more and more, are enforced by artificial-intelligence tools developed in-house with little to no input from the public.”
RUSSIA PITCHED A CRYPTOGRAPHIC ALGORITHM to the International Organization for Standardization (ISO), and a researcher found a flaw in it that could be used to aid an attack. The Russian cryptographers said it was a coincidence; others were not convinced.
From Vice’s coverage: “Although the security implications are only potential and not immediate or even fully understood, the dialogue around the algorithm’s implementation still highlights the concerns, worries, and paranoia around cryptography, and comes shortly after a much more serious episode in which the US National Security Agency tried to bully the ISO into approving its own encryption.”
A WHOPPING 10 MILLION PEOPLE IN AUSTRALIA (population: 25.4 million) were hit by a single data breach, according to the country’s information commissioner. The watchdog didn’t say whose breach it was, but some suggest the Marriott customer data breach might be it.