Journalists have been asking me whether the revulsion against the abuse of Facebook data could be a turning point for the campaign to recover privacy. That could happen, if the public makes its campaign broader and deeper.
Broader, meaning extending to all surveillance systems, not just Facebook. Deeper, meaning to advance from regulating the use of data to regulating the accumulation of data.
Due to surveillance being so pervasive, restoring privacy would necessarily be a big change, and would require powerful measures.
The surveillance imposed on us today far exceeds that of the Soviet Union.
For freedom and democracy’s sake, we need to eliminate most of it. There are so many ways to use data to hurt people that the only safe database is the one that was never collected.
Thus, instead of the EU’s approach of mainly regulating how personal data might be used in its General Data Protection Regulation (GDPR), I propose a law to stop systems from collecting personal data.
The robust way to do that, the way that cannot be set aside at the whim of a government, is to require systems to be built so as not to collect data about a person. The basic principle is that a system must be designed not to collect certain data, if its basic function can be carried out without that data.
Data about who travels where is particularly sensitive, because it is an ideal basis for repressing any chosen target.
The London trains and buses are a case in point.
The Transport for London digital payment card system centrally records the trips any given Oyster “smart” card or bank card has paid for. When a passenger feeds the card digitally, the system associates the card with the passenger’s identity. This adds up to complete surveillance.
I expect the transport system can justify this practice under the GDPR’s rules. My proposal, by contrast, would require the system to stop tracking who goes where.
The card’s basic function is to pay for transport. That can be done without centralizing that data, so the transport system would have to stop doing so. When it accepts digital payments, it should do so through an anonymous payment system.
Frills on the system, such as the feature of letting a passenger review the list of past journeys, are not part of the basic function, so they cannot justify incorporating any additional surveillance.
These additional services could be offered separately to users who request them. Even better, users could use their own personal systems to privately track their own journeys.
Black cabs demonstrate that a system for hiring cars with drivers does not need to identify passengers. Therefore such systems should not be allowed to identify passengers; they should be required to accept privacy-respecting cash from passengers without ever trying to identify them.
However, convenient digital payment systems can also protect passengers’ anonymity and privacy.
A team and myself have already developed one: GNU Taler. It is designed to be anonymous for the payer, but payees are always identified. We designed it that way so as not to facilitate tax dodging.
All digital payment systems should be required to defend anonymity using this or a similar method.
What about security? Such systems in areas where the public are admitted must be designed so they cannot track people.
Video cameras should make a local recording that can be checked for the next few weeks if a crime occurs, but should not allow remote viewing without physical collection of the recording.
Biometric systems should be designed so they only recognize people on a court-ordered list of suspects, to respect the privacy of the rest of us.
An unjust state is more dangerous than terrorism, and too much security encourages an unjust state.
The EU’s GDPR regulations are well-meaning, but do not go very far. It cannot deliver much privacy, because its rules are too lax. They permit collecting any data if it is somehow useful to the system, and it is easy to come up with a way to make any particular data useful for something.
The GDPR makes much of requiring users — in some cases — to give consent for the collection of their data, but that does not do much good.
System designers have become expert at manufacturing consent, to repurpose Noam Chomsky’s phrase. Most users consent to a site’s terms without reading them; a company that required users to trade their first-born child got consent from plenty of users.
Then again, when a system is crucial for modern life, like buses and trains, users ignore the terms because refusal of consent is too painful to consider.
To restore privacy, we must stop surveillance before it even asks for consent.
Finally, do not forget the software in your own computer. If it is the non-free software of Apple, Google or Microsoft, it spies on you regularly. That is because it is controlled by a company that would not hesitate to spy on you.
Companies tend to lose their scruples when anything becomes profitable.
By contrast, free or libre software is controlled by its users. That user community keeps the software honest.
Richard Stallman is president of the Free Software Foundation, which launched the development of a free/libre operating system GNU.
Recently, China launched another diplomatic offensive against Taiwan, improperly linking its “one China principle” with UN General Assembly Resolution 2758 to constrain Taiwan’s diplomatic space. After Taiwan’s presidential election on Jan. 13, China persuaded Nauru to sever diplomatic ties with Taiwan. Nauru cited Resolution 2758 in its declaration of the diplomatic break. Subsequently, during the WHO Executive Board meeting that month, Beijing rallied countries including Venezuela, Zimbabwe, Belarus, Egypt, Nicaragua, Sri Lanka, Laos, Russia, Syria and Pakistan to reiterate the “one China principle” in their statements, and assert that “Resolution 2758 has settled the status of Taiwan” to hinder Taiwan’s
Singaporean Prime Minister Lee Hsien Loong’s (李顯龍) decision to step down after 19 years and hand power to his deputy, Lawrence Wong (黃循財), on May 15 was expected — though, perhaps, not so soon. Most political analysts had been eyeing an end-of-year handover, to ensure more time for Wong to study and shadow the role, ahead of general elections that must be called by November next year. Wong — who is currently both deputy prime minister and minister of finance — would need a combination of fresh ideas, wisdom and experience as he writes the nation’s next chapter. The world that
The past few months have seen tremendous strides in India’s journey to develop a vibrant semiconductor and electronics ecosystem. The nation’s established prowess in information technology (IT) has earned it much-needed revenue and prestige across the globe. Now, through the convergence of engineering talent, supportive government policies, an expanding market and technologically adaptive entrepreneurship, India is striving to become part of global electronics and semiconductor supply chains. Indian Prime Minister Narendra Modi’s Vision of “Make in India” and “Design in India” has been the guiding force behind the government’s incentive schemes that span skilling, design, fabrication, assembly, testing and packaging, and
As former president Ma Ying-jeou (馬英九) wrapped up his visit to the People’s Republic of China, he received his share of attention. Certainly, the trip must be seen within the full context of Ma’s life, that is, his eight-year presidency, the Sunflower movement and his failed Economic Cooperation Framework Agreement, as well as his eight years as Taipei mayor with its posturing, accusations of money laundering, and ups and downs. Through all that, basic questions stand out: “What drives Ma? What is his end game?” Having observed and commented on Ma for decades, it is all ironically reminiscent of former US president Harry