Make Pluto A Planet Again

In the midst of a global pandemic, data-driven solutions have become vital in tracking and controlling the spread of the virus. Several countries, including China, South Korea and Singapore have effectively used app-based contract tracing to contain the virus and curb the rate of infection.

The UK Government and the NHS are also preparing to launch an app following the example of TraceTogether, a Bluetooth-powered app created in Singapore, which was used over 800,000 times and proved to be highly successful in managing the outbreak.

How will the NHS app work?

The smartphone app that the NHSX (NHS unit for data and technology) is working on will rely on the citizens of the UK to download and self-report regularly. If you start to have the symptoms of Covid-19, you report them to the app, which then sends anonymous alerts to other app users that you have been in close contact with. These alerts are meant to notify people that they might be infected too and asks them to follow relevant guidelines even before they get any symptoms. Subsequently, if someone tests positive for coronavirus, they must update the app again and the users who had been in close proximity will get a notification to self-isolate for 14 days.

Currently, two versions of the app are being negotiated:

Technical Challenges

For the app to function properly, it will require over 50% of the population to start using it. Yet, it is unclear how the government will deal with the large number people who do not own smart phones. According to OFCOM “22% of UK adults do not have a smartphone, rising to 45% of adults over 55, and figures on device ownership for young children vary wildly.” Relying on this data will not only give misleading understanding of the situation, but will also increase inequalities, especially if such data can be used for a person to be detained. It will be equally hard to deal with those living in shared accommodations, as it might be ineffective to differentiate between people who live in a single block of flats.

 Privacy Risks

Technology-enabled solutions are extremely important in disseminating useful information and increasing citizen awareness on how to fight the pandemic, but we should not ignore the risks that this app might pose towards fundamental human rights such as privacy and data protection.

A group of “responsible technologists” recently published an open letter to the CEO of NHSX and the Secretary of State for Health and Social Care outlining the risks, as well as what considerations must be made in the process of launching the contact tracing program. The authors of the open letter talk about the need for more openness about who will build the app, how it will be monitored, what safeguards will be put in place for privacy as well as more clarity on how this data will be collected and processed later.

GCHQ's National Cyber Security Centre (NCSC) names a few specific risks coming from the app. For example, if unencrypted data is stored on centralized servers, it can potentially be used by law enforcement agencies to determine when people met. Furthermore, generating new ID code once a day, instead of once every 15 minutes can make it possible to determine how much time individuals spent together or what the nature of their relationship is, which can eventually be used for “social control”.

The app will collect large sets of medical data, which can, in many cases become patient-identifiable information. In the presence of current legal framework, it is unclear how the app will collect or process this data, who will have access to it now or in the future or when it will be deleted. Unlike Australia, where the legislation strictly mandates deleting the data after the crisis, such data in the UK can be stored for a disproportionate amount of time or used for irrelevant purposes. Therefore, strong legal safeguards are required to prevent officials using the data for purposes other than identifying those at risk of being infected.

Apart from the legislation, the NCSC also suggests shifting from the “centralized” model, where contacts are matched on a computer server, to a decentralized model, where matching instead happens on individual phones.

Article: How to keep our feet on the ground Video: How we got our heads in the cloud

We all want an easy life and quite often, we will happily accept things that will make it so, even if we have to compromise our security and privacy. The IoT invasion of our lives is practically unstoppable, with the Business Insider predicting more than 64 billion IoT devices by 2025. 

Many of these devices will be designed with the ability to process data, others will be  limited to gathering information and transferring it to another place for processing purposes. 

With data being our Achilles' heel of the digital age, how do we deal with such a huge volume (Cisco estimates the data to exceed  800 zettabytes) of unstructured IoT Generated data? 

Is internet actually free, or are we paying for it through the data we choose to share or negligently end up sharing on online platforms? The largest portion of the revenue of Google, Facebook and Instagram come from advertising, which is designed based on the user data and their behaviour.

“It’s free and will always be” has been a well-known Facebook slogan for over a decade, until August 2018 when it was taken down and replaced by “It’s quick and easy”. Meaning that even Facebook is no longer trying to make it look like our data has not been monetized, or used as a new form of currency.  

In 2010 Mark Zuckerberg In his interview with Washington Post said that one of the key aspects of Facebook is giving people easier control over what they share. “There needs to be a simpler way to control your information. In the coming weeks, we will add privacy controls that are much simpler to use. We will also give you an easy way to turn off all third-party services.”

Cambridge Analytica scandal demonstrated the emptiness of these promises. Facebook allowed the third party (CA) to harvest the data of not only those users who took the poll, but of their Facebook friends as well. This information was later used to profile thousands of people and target them with tailored political ads, which ended up affecting their electoral decisions. 

While talking about using someone’s personal data, the most important thing to consider is the consent, which as defined by Article 7 of the General Data Protection Regulation (GDPR)  has  to be clear, informed, specific, unambiguous and withdrawable. Not only these people did not provide consent for their data to be processed for particular purposes, they were completely unaware of the processing itself, hence it’s reasoning and possible consequences. 

Emerging Legislation

The increasing monetary value of our data has also been acknowledged on the legislative level, with new EU Directive article Recognising transfer of personal data as a form of payment for the provision of service.

How much can they find out?

A study conducted by Cambridge’s Psychometrics Centre, in collaboration with Microsoft Research Cambridge demonstrated that statistical models are able to predict personal details using Facebook Likes alone. These models demonstrated high accuracy in determining details such as male sexuality 88%, differentiating Republicans from Democrats 85%, Christians from Muslims 82%.

Hence, it is no surprise that social media companies view its users as a potential income source. You, as an internet user, can check what your value is for different companies. E.g Your are worth 182$ for Google, 158$ for Facebook and 733$ for Amazon.

So how do we make sure that by using these “seemingly” free online services we don’t  turn into a digital product? Especially in an environment, where you can not even check the weather forecast without having the ads chasing you.

Internet is often a home for defamatory, copyright infringing, violent, criminal or otherwise harmful material. This is made possible by the easiness to upload and spread such content without disclosing your identity, hence avoid being tracked and held liable for your actions. 

Shall Information Society Service Providers (ISSPs), including social media websites, internet service providers, search engines etc be responsible to monitor and remove infringing or violent content? 

Currently, they don’t have such obligation and they probably should not.

Under the E-commerce Directive  the service providers enjoy the Safe Harbor exeption. Under articles 12,13,14,15 of the directive, they will not be liable for the infringing/illegal content on those platforms, as long as they were not aware of its infringing nature.  So yes, Knowledge is the key.  

Although they are not responsible to actively monitor the existence of such content,(positive obligation) they do have the responsibility to take it down,(negative obligation) if they were made aware or if they should have known of the potential infringing nature/consequences. See case: Delfi AS v. Estonia 

Why should ISSPs NOT be liable for content monitoring?

Because there’s not a single effective way of doing so?!  

There are, however, two potential options for them actively engage in content filtering: 

 Doing so by automated means, such as Youtube’s content ID system; 

 Hiring actual people to do it for them manually.

Let’s have a look at these options now...

1. Software has no capacity to determine purpose, proportion or social impact of the material, hence by enforcing automated filtering, we are supporting the highest level of censorship, inherently killing the Fair Use principle by taking down the content without considering its suitability for the copyright exemption.

2. Hiring people for doing this job requires a significant financial commitment, as large ISSPs are dealing with the immense quantity of online material. At the same time, the process could be really slow, and, as the recent studies show, a job of a content moderator might be one of the toughest, resulting in stress and anxiety. (see trailer for the Cleaners: social media content moderators)

The Lesser Evil?

Notice and Take down is a system put forward by the E-commerce directive in Europe and  Digital Millennium Copyright Act (see summary of the text) in the United States. Unlike previously discussed measures, it provides a post factum legal measure for the online platforms to receive and expeditiously react upon the notices. In most cases though, this expeditious requirement may result in the removal of content without thorough consideration of its nature as a preventive step from the ISSPs to avoid possible liability.

Is internet piracy morally wrong?

We know that Internet Piracy is illegal, but is it also morally unacceptable?

This article highlights some of the most common approaches to the issue (Fundamentalist Libertarian vs Fundamentalist protectors) to illustrate why both extremes are almost equally wrong.

At the same time, it explains why Internet privacy is different from the actual theft in terms of the damage that the rights holders suffer in both cases and talks about how illegal downloading can both: increase social interest towards certain creations/good and in some cases cause significant financial damage to the industry. 

Memes have become one of the most common sources of informing and educating public on what is going on in the world. Quite often, they convey important societal values, interests and points of discussion. 

In a world, where average person’s attention span is gradually decreasing, memes are the ultimate ways of distributing information in a short, humorous and easily digestible manner. 

I recently read an article explaining how Jennifer Lopez was sued for $150,000 by paparazzi for posting photo of herself on her own Instagram account. According to court documents,  the picture agency claimed to be the sole owner and exclusive copyright holder of the photo - and that Lopez shared it without authorisation or permission from the plaintiff.

The Ancient Greeks had a tradition of placing gold coins on the dead person’s eyes before the burial, which served as a bribe for the ferryman who transported souls across the river to the world of the dead.  

Those coins had a very pragmatic application and were intended to help the dead person in the next life, but can the same be said about the intellectual property rights that last after the death of the creator?

Copyright protection, which is the most applicable form of protection for the software programs covers the life of the author plus 70 years, (According to Article 7 of Berne Convention it is life plus 50 years, however, most of the countries have extended the term in their national legislations) and the corporate works with no living author as such have 120 years of protection. This brings us to the big question: Are not intellectual property rights supposed to strike a balance between encouraging creativity, rewarding the author and the public enjoyment of the creation?

This reminds me of the recent popular art campaign: “Buy art from a living artists, the dead one’s don’t need the bills.”

Would individuals be discouraged to create something if they knew the protection would cease to exist after their death? – Unlikely so. Are the creators these selfish beings who would wish to deprive other people from the fruit of their labour even after their death? And why should law put the interests of family or other heirs over the public enjoyment of the creation?