Schneier on the NSA, Google, Facebook Connection But What About Phones?

Bruce Schneier argues that we should not be fooled by Google, Facebook, and other companies that decry the recent NSA data grabs, because the nature of the Internet is surveillance; but what about phone companies? The press has jumped on the Obama administration’s forthcoming plan that

would end its systematic collection of data about Americans’ calling habits. The bulk records would stay in the hands of phone companies, which would not be required to retain the data for any longer than they normally would. And the N.S.A. could obtain specific records only with permission from a judge, using a new kind of court order.

The details are to come, but Schneier’s point about the structure of the system applies to phone companies too, “The biggest Internet companies don’t offer real security because the U.S. government won’t permit it.”

There are few things to parse here. OK there are many things to parse, but a blog post has limits. First, Schneier’s point about Internet companies is different than his one about the government. His point is that yes, many companies have stepped up security to prevent some government spying, but because Gooogle, Microsoft, Facebook, Yahoo, Apple and almost any online company needs access to user data to run their businesses and make money, they all have built “massive security vulnerability” “into [their] services by design.” When a company does that, “by extension, the U.S. government, still has access to your communications.” Second, as Schneier points out, even if a company tried to plug the holes, the government won’t let that happen. Microsoft’s Skype service has built in holes. The government has demanded encryption keys. And so it goes. And so we have a line on the phone problems.

The proposed changes may solve little, because so far the government has been able to use procedure and sheer spying outside procedure to grab data. The key will be what procedures are required and what penalties follow for failing to follow procedure. That said, as I argued regarding data security in January 2013, fixing data security (and by extension phone problems) will require several changes:

A key hurdle is identifying when any government may demand data. Transparent policies and possibly treaties could help better identify and govern under what circumstances a country may demand data from another. Countries might work with local industry to create data security and data breach laws with real teeth as a way to signal that poor data security has consequences. Countries should also provide more room for companies to challenge requests and reveal them so the global market has a better sense of what is being sought, which countries respect data protection laws, and which do not. Such changes would allow companies to compete based not only on their security systems but their willingness to defend customer interests. In return companies and computer scientists will likely have to design systems with an eye toward the ability to respond to government requests when those requests are proper. Such solutions may involve ways to tag data as coming from a citizen of a particular country. Here, issues of privacy and freedom arise, because the more one can tag and trace data, the more one can use it for surveillance. This possibility shows why increased transparency is needed, for at the very least it would allow citizens to object to pacts between governments and companies that tread on individual rights.

And here is the crux of Schneier’s ire: companies that are saying your data is safe, are trying to protect their business, but as he sees it:

A more accurate statement might be, “Your data is safe from governments, except for the ways we don’t know about and the ways we cannot tell you about. And, of course, we still have complete access to it all, and can sell it at will to whomever we want.” That’s a lousy marketing pitch, but as long as the NSA is allowed to operate using secret court orders based on secret interpretations of secret law, it’ll never be any different.

In that sense he thinks companies should lean on the government and openly state security is not available for now. Although he knows no company can say that, the idea that we should all acknowledge the problem and go after the government to change the game is correct.

The point is correct for Internet companies and for phone companies. We should not over-focus on phones and forget the other ways we can be watched.

Radio Shack – Will 3D Printing Help It Reach 100? Maybe RS Will Be MakerLabs at Scale

Few companies last more than 50 years. The 100 year mark is even rarer. IBM stands out as a company that has done that. But who knew that Radio Shack is nearing that mark? And some are noting its possible death knell, because of the recent announcement that it is closing about 1,100 stores. The pundits have gone over the mistakes and decried Radio Shack’s inability to play n the modern tech space. I think there is hope and mistake.

Radio Shack appealed to techies. It needs to return to that. My dad made me read the basics of stereos before I could get his old stereo. It was a Radio Shack book. Mobile phones and the like are not for hobbyists. Radio Shack has been at its best helping folks who want to deal with early tech that is tipping consumer. Radios, hi-fi stereos, wires, circuits, transistors, early computers (some might recall when folks took them apart and played with them).

Given my focus on 3D printing I may be biased. Heck. Sure. I am biased. But I am pretty certain RS could re-invigorate itself if it hires relatively savvy people to help with the next wave of home tech. As Nest, 3D printing, and more mean we are automating and tinkering, RS could be a great source for parts and knowledge where no one is competing. (Unlike the mobile market). That is where RS thrives. Of course when I went to one and knew more about speaker wire than the floor person, it was clear RS has lost its way. But there’s a time to reap and sow. Now is the time to sow. RS could be a place for drone, maker, and other tech hobbyists/enthusiasts. The core community is used to online discussions and help. But as the tech goes mainstream there is a gap between I dig it but need help and brainless consumer purchase. RS should embrace that. That is value many consumers who are starting to play with this technology would love. Or at least I would.

Tech Literacy: One more of my end of year, bookmarked to share posts

A few weeks back Juliet Walters wrote an op-ed called the The Code Life. I had read the Eggers excerpt of The Circle and thought it was odd; odd because having worked at Google and been in the Valley, his portrayal was not that creepy. It was just corporate America. Office Space alone captures the be all you can as part of a team which may not value you (cue Lorde to contrast and for irony). Walters goes further. She has tried coding as a way to understand and take some control over her life. She used Code Academy to learn coding and found

Yes, programming is challenging, frustrating and often tedious. But it offers satisfactions that are not unlike those of writing. The elegant loops of logic, the attention to detail, the mission of getting the maximum amount of impact from the fewest possible lines, the feeling of making something engaging from a few wispy, abstract ideas — these challenges were familiar to me as a critic. By my third month, I had internalized a new logic, a different way of looking at information. By the time summer came around, I was learning about good web design by constructing web applications, taking them from simple prototypes to something sophisticated enough to test with users. And by the end of the course, I knew the basic structure of computer operating systems.

For me, even reading computer science papers and theory has given me a better, deeper appreciation for the tech world, how it works, and policy debates (both worthwhile and frivolous). And I was happy to read Walters re-calibrated her life:

The biggest surprise has been the recovery of the feeling that my mind is once again my own. The “always-on” agenda of mobile technology, now visible to me in the very design of the devices, could not manipulate me as easily. Where my devices were interrupting my work or my life in these ways, I’ve had an easier time filtering and controlling them.

It’s also become more obvious to me how to use social media to enrich my life, not unravel it. For one, I don’t waste time trying to “catch up” on a Twitter or Facebook feed, any more than I would waste time ringing the doorbell of every person in my neighborhood every day.

With understanding comes more reasoned responses to technology and how it fits into our life. When Walters write she sympathizes with Eggers and Franzen (another tech critic) but rejected their tribalism and embrace of “techno-illiteracy.” Her example is a call for STEM without being explicit. I hope to add some Code Academy to my learning list this year. I don’t always get to such goals, but Walters, a humanities type, like me, found a world I like too. Coding may not set us free, but it may open the door to new freedoms. Tech literacy should at least help stop the real threat of those who misuse technology by allowing us to offer other options and to call B.S. on tech utopianism, and thus counter the downside of technology more than we suspect.

MOOCs, costs, and Dan Ariely

MOOCs will solve our education problems. No one wants to pay for education. Everyone wants education to be free. MOOCs will at least bring down the costs and bring the best lecturers to all the world. I own some land in Florida, the Glengary project. Perhaps you’d like to buy a tract? I am fascinated by MOOCs but reject the claims being made about them as demonstrating some sort of magical new education system.

Yet, when I think about taking a great class with a master teacher, I get excited. Heck, I already listen to lectures from iTunes U and MIT’s Open Course Ware when I work out. MOOCs seem like a step up. And the reality of the cost problem means that they will likely play a role. Then I saw that Dan Ariely is offering a MOOC. And he wrote about the experience. His thoughts track much of what I think. On costs he says, “I have learned that some students feel that it is their basic human right to get free education (they call it free but of course free in this case is a shorthand for “someone else should pay for it,”) while the majority feels privileged to live in a time when such adventures are possible.” But more important are his ideas about where MOOCs may fit and why live learning has a place. I think he is correct, but he may miss a deeper problem.

On MOOCs’ place in the future, Ariely offers:

I don’t think that the future of the university is doomed for a few reasons. First, having a scheduled class with obligations, deadlines, exams, real consequences and real rewards is incredibly important for human motivation and getting people to spend the necessary time and effort to really understand the material. The second reason is that the model of many universities, in which students study and live together, is a particularly helpful model for creating the environment that people need to take their education seriously. It is not just about the particular classes, but about being immersed in an academic environment for a substantial period of time.

The latent problems of MOOCs flow from the benefits of physical place-based teaching; they are expensive and will be for the few; not the many. Assume Ariely is correct. The advantages of the scheduled classes etc. matters. That can be mimicked online. That kills the claim that schedules will require the university. Studying and living together is important. Think of The Social Life of Information by John Seely Brown and Paul Duguid. Drawing on Xerox PARC, (and the California “Virtual University”) they show that social context is vital for technology and information to help society going forward. But again that physical structure costs money. My concern then is how do we leverage MOOCs and other technology to improve the way education is delivered while not offering only the virtual world, one that may lack social context, to the poorer parts of society.

If we run to replace classrooms at state schools, only the rich will have the benefits I had. That is a mistake. I was lucky. I went to private schools, UC Berkeley, and Yale Law. I have gained social capital. I know some of the language, manners, styles, and more that are part of getting into the game and playing it. That aspect of life is possibly undercut unless everyone in the future works only on social networks and online culture. To date, it still matters to be in Silicon Valley, Wall Street, Hollywood, etc. so that one can have the day-to-day chance to leverage connections and be part of the so-called conversation. Put differently, back room deals are about who you know. Interviews, for now, may be on videochat, but they still reveal diction, ideas, and manners that influence hiring. Plus, I prefer to read, explore, and solve things on my own. Those who may not be so motivated are precisely those for whom a more disconnected teaching system will not work. So far the drop-out rate for online courses is high. Now, I think there are ways to address these issues. I have believed and continue to believe that technology coupled with social reality can be powerful and beneficial. I stand by that belief.

The danger is to think that because certain facets of universities cannot be duplicated, universities will survive and all is well. Only certain versions of the university will survive. Duke and other elite schools will survive. At those schools students will be part of all the benefits, on and offline, education can offer. For others, access to the benefits Ariely sets out will be even less than today.

Education is a public good with many dimensions beyond the obvious mastery of a subject. It is better thought of as liberal, as in freeing, one to address the myriad problems and changes one encounters in work and life. MOOCs and other advances in technology can and should help that process. Relying on them alone may increase the problems of an education system that delivers a meal, proves that person ate the meal, but the customer has no idea how to fish for herself when on her own.

Netflix, Facebook, and Social Sharing

Just as Neil Richards’s The Perils of Social Reading (101 Georgetown Law Journal 689 (2013)) is out in final form, Netflix released its new social sharing features in partnership with that privacy protector, Facebook. Not that working with Google, Apple, or Microsoft would be much better. There may be things I am missing. But I don’t see how turning on this feature is wise given that it seems to require you to remember not to share in ways that make sharing a bit leakier than you may want.

Apparently one has to connect your Netflix account to Facebook to get the feature to work. The way it works after that link is made poses problems.

According to SlashGear two rows appear. One is called Friends’ Favorites tells you just that. Now, consider that the algorithm works in part by you rating movies. So if you want to signal that odd documentaries, disturbing art movies, guilty pleasures (this one may range from The Hangover to Twilight), are of interest, you should rate them highly. If you turn this on, are all old ratings shared? And cool! Now everyone knows that you think March of the Penguins and Die Hard are 5 stars. The other button:

is called “Watched By Your Friends,” and it consists of movies and shows that your friends have recently watched. It provides a list of all your Facebook friends who are on Netflix, and you can cycle through individual friends to see what they recently watched. This is an unfiltered list, meaning that it shows all the movies and TV shows that your friends have agreed to share.

Of course, you can control what you share and what you don’t want to share, so if there’s a movie or TV show that you watch, but you don’t want to share it with your friends, you can simply click on the “Don’t Share This” button under each item. Netflix is rolling out the feature over the next couple of days, and the company says that all US members will have access to Netflix social by the end of the week.

Right. So imagine you forget that your viewing habits are broadcast. And what about Roku or other streaming devices? How does one ensure that the “Don’t Share” button is used before the word goes out that you watched one, two, or three movies on drugs, sex, gay culture, how great guns are, etc.?

As Richards puts it, “the ways in which we set up the defaults for sharing matter a great deal. Our reader records implicate
our intellectual privacy—the protection of reading from surveillance and interference so that we can read freely, widely, and without inhibition.” So too for video and really any information consumption.