Tag Archives: Surveillance

Organizational behavior and reputation

FB foreign policy

There were several items in the news recently about Facebook’s dealings with governments around the world. In keeping with the company’s status as a major MNC, these dealings can be seen to amount to the equivalent of a foreign policy, whose complexities and challenges are becoming ever more apparent.

The first data point has to do with the haemorrage of FB users in Hong Kong. It is interesting to note how this scenario differs from the US one: in both societies we witness massive political polarization, spilling out into confrontation on social media, with duelling requests for adversarial content moderation, banning, and so forth. Hence, gatekeepers such as FB are increasingly, forcefully requested to play a referee role. Yet, while in the US it is still possible (conceivably) to aim for an ‘institutional’ middle ground, in HK the squeeze is on both sides of the political divide: the pro-China contingent is tempted to secede to mainland-owned social media platforms, while the opponents of the regime are wary of Facebook’s data-collecting practices and the company’s porousness to official requests for potentially incriminating information. The type of brinkmanship required in this situation may prove beyond the company’s reach.

The second data point derives from Facebook’s recent spat with Australian authorities over the enactment of a new law on news media royalties. Specifically, it deals with the impact of the short-lived FB news ban on small countries in the South Pacific with telco dependency on Australia. Several chickens coming home to roost on this one: not having national control over cellular and data networks as a key curtailment of sovereignty in today’s world, but also the pernicious, unintended consequences of a lack of net neutrality (citizens of these islands overwhelmingly had access to news through FB because their data plans allowed non-capped surfing on the platform, while imposing onerous extra charges for general internet navigation). In this case the company was able to leverage some of its built-in, systemic advantages to obtain a favorable settlement for the time being, at the cost of alerting the general public as to its vulnerability.

The third data point is an exposé by ProPublica of actions taken by the social media platform against the YPG, a Syrian Kurdish military organization. The geoblocking of the YPG page inside Turkey is not the first time the organization (who were the defenders of Kobane against ISIS) has been sold out: previous instances include (famously) the Trump administration in 2018. What is particularly interesting is the presence within FB of a formal method for evaluating whether groups should be included on a ‘terrorist’ list (a method independent of similar blacklisting by the US and other States and supranational bodies); such certification, however, is subject to the same self-interested and short-term unselfconscious manipulation as that seen in other instances of the genre: while YPG was not so labelled, the ban was approved as being in the best interests of the company, in the face of potential suspension of activities throughout Turkey.

These multiple fronts of Facebook’s diplomatic engagement all point to similar conclusions: as a key component of the geopolitical status quo’s establisment, FB is increasingly subject to multiple pressures not only to its stated company culture and philosophy of libertarian cosmopolitism, but also to its long-term profitability. In this phase of its corporate growth cycle, much like MNCs of comparable scale in other industries, the tools for its continued success begin to shift from pure technological and business savvy to lobbying and international dealmaking.

Surveillance and digital archives

Schools get into the phone-hacking business

A disturbing piece of reporting from Gizmodo (via /.) on the adoption by many US school districts of digital forensic tools to retrieve content from their students’ mobile devices. Of course, such technology was originally developed as a counter-terrorism tool, and then trickled down to regular domestic law enforcement. As we have remarked previously, schools have recently been on the bleeding edge of the social application of intrusive technology, with all the risks and conflicts it engenders; in this instance, however, we see a particularly egregious confluence of technological blowback (from war in the periphery to everyday life in the metropole) and criminal-justice takeover of mass education (of school-to-prison-pipeline fame).

Surveillance and digital archives

Hiding

Given the recent salience of news on surveillance and surveillance capitalism, it is to be expected that there would be rising interest in material, technical countermeasures. Indeed, a cottage industry of surveillance-avoidance gear and gadgetry has sprung up. The reviews of these apparatuses tend to agree that the results they achieve are not great. For one thing, they are typically targeted at one type of surveillance vector at a time, thus requiring a specifically tailored attack model rather than being comprehensive solutions. Moreover, they can really only be fine-tuned properly if they have access to the source code of the algorithm they are trying to beat, or at least can test its response in controlled conditions before facing it in the wild. But of course, uncertainty about the outcomes of surveillance, or indeed about whether it is taking place to begin with, is the heart of the matter.

The creators of these countermeasures themselves, whatever their personal intellectual commitment to privacy and anonymity, hardly follow their own advice in eschewing the visibility the large internet platforms afford. Whether these systems try to beat machine-learning algorithms through data poisoning or adversarial attacks, they tend to be more of a political statement and proof of concept than a workable solution, especially in the long term. In general, even when effective, using these countermeasures is seen as extremely cumbersome and self-penalizing: they can be useful in limited situations for operating in ‘stealth mode’, but cannot be lived in permanently.

If this is the technological state of play, are we destined to a future of much greater personal transparency, or is the notion of hiding undergoing an evolution? Certainly, the momentum behind the diffusion of surveillance techniques such as facial recognition appears massive worldwide. Furthermore, it is no longer merely a question of centralized state agencies: the technology is mature for individual consumers to enact private micro-surveillance. This sea change is certainly prompting shifts in acceptable social behavior. But as to the wider problem of obscurity in our social lives, the strategic response may well lie in a mixture of compartimentalization and hiding in plain sight. And of course systems of any kind are easier to beat when one can target the human agent at the other end.

Comparative and international policy-making

Enforcement as deflection

Technology policy is often characterized as an area in which governments play catch-up, both cognitively and resource-wise, with the private sector. In these two recent cases, otherwise quite far apart both spatially and thematically, law enforcement can be seen to flip this script by attempting to pin responsibility for social externalities on those it can reliably target: the victims and the small fry. Whether it is criminalizing those who pay to be rid of ransomware or rounding up the café owners who failed to participate in the State’s mass surveillance initiatives, the authorities signal the seriousness of their intentions with regards to combating social ills by targeting bystanders rather than the actual perpetrators. Politically, this is a myopic strategy, and I would not be surprised if it generated a significant amount of pushback.

Surveillance and digital archives

Data security and surveillance legitimacy

To no-one’s surprise, the Department of Homeland Security and the Customs and Border Patrol have become victims of successful hacks of the biometric data they mass-collect at the border. The usual neoliberal dance of private subcontracting of public functions further exacerbated the problem. According to the DHS Office of the Inspector General,

[t]his incident may damage the public’s trust in the Government’s ability to safeguard biometric data and may result in travelers’ reluctance to permit DHS to capture and use their biometrics at U.S. ports of entry.

No kidding. Considering the oft-documented invasiveness of data harvesting practices by the immigration-control complex and the serious real-world repercussions in terms of policies and ordinary people’s lives, the problem of data security should be front-and-center in public policy debates. The trade-off between the expected value to be gained from surveillance and the risk of unauthorized access to the accumulated information (which also implies the potential for the corruption of the database) must be considered explicitly: as it is, these leaks and hacks are externalities the public is obliged to absorb because the agencies have scant incentive to monitor their data troves properly.