It's not about long term vs. short term, it's about scale.
Organising IT infrastructure always incurs some level of overhead, but you can see great economies of scale when you reach a certain size. On the other hand, at a very small scale, you still need to deal with at least the basics, and that still requires a certain level of expertise and incurs a certain drain on your staff's time.
I'm not a huge fan of outsourcing IT infrastructure. I think a lot of services you can outsource to tend to do 75% of the job for 50% of the cost, but you need at least 95% of the job before it's worth anything at all.
Moreover, a lot of them have terms and conditions so one-sided I would describe them as abusive. For example, as far as I could tell without paying my lawyer real money, one prominent back-up service we looked at offers all sorts of ways to retrieve your data under normal circumstances, but they can decide to shut down their service without notice. In the event that they do so, they only guarantee to provide 72 hours' download time via the Internet to get any data you need back. That isn't even close to enough to download the volume of data their plans suggest they want you to trust them with, even assuming you can hold a solid connection to their servers at a time when your systems have crashed enough that you need to retrieve a back-up and every customer they've ever had is hitting their network at the same time. Many of the on-line billing services that are trendy right now have contracts you'd be crazy to sign, providing basically no guarantees of anything, while effectively locking your entire ability to take money from customers into their systems.
That all said, given adequate security safeguards and binding robustness/reliability guarantees, I don't see a problem with off-site backups to third party services, and there are clear advantages to having that happen automatically on a regular schedule rather than relying on one of your staff to run a manual process and physically transport media to some off-site location (which you still need to find, trust, and potentially pay for, just like the on-line back-up services).
All of which just goes to show that the whole PCI-DSS thing is more about legal ass-covering than real security. Leaving aside that some of the standard security policies are dubious anyway, if businesses really complied with the level of control you mentioned... well, most small businesses simply can't (in the sense that either they literally can't or they couldn't operate in any commercially viable way under such constraints).
Given that the constraints on taking card payments in person in a store are vastly easier to game, and that nothing in PCI-DSS is going to stop a fraudster setting up a fake shop and taking whatever card details his "customers" volunteer, and that contrary to what the doom-sayers keep telling us most on-line businesses don't really handle a bazillion times the number of transactions of off-line businesses anyway, the overkill for small companies that want to trade on-line is crazy.
Yes, I agree: open-ended problems are useful for getting a discussion going, but they need to be at least reasonably relevant to the role the candidate is interviewing for or they aren't going to help much with assessing suitability.
Because the entire point of those tests isn't to see if they get the right answer, it's to see if the candidate can work with the people in your office.
The trouble with brain-teaser puzzles and trick questions it that the entire point is usually to make the interviewer feel that they are smarter than the candidate.
If they make hiring decisions based on that kind of test, this is probably not the case.:-)
Please notice that I very carefully didn't say the copyright version was actually working well. I said it was working better than anything we had before, which I think is probably true.
No solution can ever be perfect in this case, precisely because of the dichotomy between wanting to preserve "good" material against even temporary suppression but to remove "bad" material immediately to limit the spread, which are incompatible goals if you have no instant means to determine authoritatively what is "good" and what is "bad".
There are a number of significant problems with the approach to copyright infringement, some of which you've mentioned. I certainly don't dispute that, although I would point out that several of the particular examples you mentioned are due to the broken legal system in the US and would not be a problem for nations with systems that aren't so open to abuse.
Some of the remaining problems could be mitigated by having a system where a preliminary view could be taken by a suitable court within a matter of hours, without necessarily requiring a potentially at-risk party to divulge their identity to anyone but the court first. Legal systems that can take weeks or months to get an issue before a judge simply don't cut it in an era of instant global communication, and the lawyers need to get their act together and keep up or they will become irrelevant to such matters anyway.
I also find the overall US legal system somewhat contradictory here. In the US, free speech is often touted as some sort of self-evident virtue as codified in the First Amendment, and the default position seems to be to permit speaking first and consider the consequences later. This seems paradoxical in a legal system that also admits concepts such as defamation, intellectual property rights, and penalising those who shout "fire" in a crowded theatre. It also seems strange to protect the privacy of an anonymous individual who may be hiding behind that very anonymity shield to unfairly/illegally infringe on the privacy of another.
Anyway, it is an unusual case where holding off on releasing material temporarily will cause serious harm as long as that material is ultimately still released without unreasonable delay following independent scrutiny. Meanwhile, it is common for material released illegitimately to spread quickly if not caught early, and then any damage may be irreparable. I think there are obvious parallels between the spread of copyright-infringing material and the spread of defamatory but gossip-worthy/salacious material here. In either case, there is very rarely a need for someone potentially at risk of very serious retribution to disclose information right there and then via a private channel rather than to law enforcement officers or courts, so I'm sorry but I just can't give much weight to your original, hypothetical example.
The trouble with this issue is that there is genuine merit on boths of the argument. Anonymous posting does have advantages in some contexts and whistleblowing in the public interest is a time-honoured tradition. On the other hand, I'm a great believer that with freedom comes responsibility, and effective anonymity by definition removes all accountability for someone's actions. As others have amusingly noted, without any need to act responsibly, a significant number of people won't, which in everyday life spoils things for everyone else.
I'm not sure whether the proposals here strike exactly the right balance, but it seems to me that neither absolute free speech/total anonymity nor automatic public naming of everyone is a viable way forward.
The usual argument for the former is something about disproportionate powers to penalise an identifiable critic. In reality, the government/legal system should be protecting those people against unjust retribution in most cases. If the government is itself the target of the criticism and is sufficiently corrupt to try to silence justified criticism through dubious means then you need a lot more than free speech to fix your problem. Consider the events of the past year in Egypt, Libya, Syria and Iran.
The usual argument for the latter is something about taking responsibility, but neglects the important benefits of privacy to free and constructive discussions on difficult subjects, such as those mentioned by the Mumsnet reps in recent BBC coverage of this topic. There is no need to force someone to disclose their identity to the entire world unless they are actually doing something wrong, and there should be due process to discover that just like any other legal action.
If we accept that a middle ground is necessary to strike as fair a balance as possible between competing but incompatible legitimate positions here, then the big question becomes how to deal with actions that can potentially have an immediate impact and spread rapidly causing irreparable damage, but which may be doing so legitimately, before any court action can reach a useful conclusion. Some sort of safe harbour/temporary hold system seems to be working better than anything we had before in the broadly similar context of copyright infringement, so I don't think that's an absurd place to start.
For what it's worth, I think we probably agree on your main point, which seems to be that if there's going to be bad/incomplete data out there that presents the wrong impression, the most effective (only?) way to counter that is to overwhelm it with correct/complete/positive data that sets the record straight.
I'm just going a little further, in that I don't believe it really is inevitable that privacy as we know it is going to die out. The loss of privacy in the past few years has been enabled by a combination of:
new technologies
vast resources based on those technologies accumulating under the control of single organisations, and
a lack of regulation/legislation to control how people with access to personal data can lawfully use it.
You can't wind back technology, and technology is ethically neutral anyway, so we can't do much about #1 even if we wanted to.
We can't do much about #2 either, since governments and large commercial entities are always going to have disproportionate power compared to almost any individual.
We can do something about #3, because at least governments and large entitites tend to follow clear laws with adequate penalties when they are broken. However, right now, I think technology has outpaced the legal/regulatory tools that are supposed to keep our use of it ethical, so the laws need to catch up.
There seem to me to be two major barriers to this. Firstly, the lobbyists also tend to act for the companies with vast resources, and that isn't going to change any time soon. However, the sort of public disclosure of lobbyist funding that is a hot topic this week in the UK might at least help. Secondly, I think a significant proportion of elected officials haven't really thought through (or simply don't understand) the implications of modern technologies. What is the essence of privacy, the value that we really want to protect? What does "privacy" mean in a world where Google has proved that "and then you download the Internet" isn't always a punchline and where many helpful uses of technology inherently collect small amounts of personal data but that information can be and sometimes is collected together to form much broader descriptions of the people it relates to?
These are the kinds of questions that serious thinkers need to work their way through, if we are to avoid the kinds of negative consequences we've been discussing. And the time has come, because Pandora's box is open and if we reach the point where commercial interests really do have a file of just about everything on just about everyone, even hope will have escaped.
Since credit history is asked for (and can be refused, with the result of paying higher insurance or not getting the job), this isn't a social networking issue.
Today, I doubt you would be penalised for/refused something like health or motor insurance just because several of your Facebook friends posted pictures of themselves getting very drunk at a party with you in the background. Do you really believe either that the insurers won't act on that sort of information when they can or that the technology for them to do so isn't a matter of years if not months away?
How do you want people to make decisions regarding your health/employment?
How about objectively based on data I provide them, in context, where all relevant details are asked for and supplied? We've been doing this with health questionnaires and CVs/resumes for years, and it's worked OK.
Well, off the top of my head, when we reach the point that any commercial, professional or government contact you have can effectively dig up as much dirt on you as they feel like from any source they can find:
You will be unable to obtain insurance, or unable to obtain it at a reasonable price, because you fit some negative profile. In some cases, this will be unfairly expensive. In others, it will stop you performing daily activities such as driving where insurance is required by law. In others, it will literally hurt or kill you, because essential medical work will not be available to you.
You will be unable to obtain employment, or will only be able to obtain jobs that are not as good or under less favourable conditions. Sure, everyone has skeletons in the closet and corporate HR drones should realise that. Sure, there are laws protecting employees against unfair discrimination on various grounds. But these simply don't work. Men and women do not hold similar numbers of board positions at major companies or average the same salary for doing the same job. The US made a huge thing because it has a black president for the first time in a few centuries. Networking is already used (reasonably enough) to fill important jobs, but shows how easy it is for personal views to influence such decisions, which is a dangerous situation in a much more incomplete-data-driven recruitment culture.
Your quality of life will suffer because of the increasing numbers of unwanted distractions by advertisers, pollsters, political campaigners, etc. This already happens, of course, and we have things like anti-spam laws and opt-out lists for telesales calls and junk mail. But again, I refer you to the collective harassment that telemarketers continue to impose even on those who have actively opted out of everything they can as evidence of how utterly futile such measures are if you let the data out in the first place. This situation will only get worse until someone makes a serious political/legal attempt to change the entire culture, which seems unlikely in the immediate future given how many politicians and lawyers make an awful lot of money from businesses with at best shady advertising practices.
Your freedom will suffer if a government body with statutory powers decides to act against you because you appear to be someone like they don't like. This obviously has implications for law enforcement and security services, particularly in a future where perhaps the government and its henchmen are not themselves quite as ethical about crushing political opposition as you might like. But that's not the only problem: something as simple as being flagged up as a risk by your tax authorities (even if you've actually done everything correctly) can lead to months of wasted time and money clearing your name, denial of essential benefits at a time in your life when you rely on them for everyday needs, etc.
So sure, maybe you don't mind a bit of junk mail. You'll be fine as long as you also don't mind crazy people turning up on your door step several times per month asking you to sign up to their political party/donate to their charity/buy their dubiously sourced goods, tax inspectors inviting themselves into your life for six months and wasting dozens or hundreds of hours of your free time to comply with their demands, though at least you'll have a lot more free time in future because you won't be able to get a full-time job as a tax evasion suspect anyway, and even if you did you wouldn't be able to get paid because no bank will give you an account without a credit rating, which you no longer have, even if that account offers no loan or credit facilities anyway, and you can't complain because no phone company will let you sign up for a calling plan without a credit check and photo ID, which in turn you can't get because you couldn't afford the statutory motor insurance after three of your friends got DUI'd last year and so when go
But those rights are limited: you can basically only prevent processing that is actively harmful to you. Which is why I phrased my question as I did. European law *does not* prevent Facebook storing information about you if they want to, as long as they do not use that information in a way that prejudices your legitimate interests.
I don't think that's true in general. For example, you would be on shaky ground if you were storing and processing personal data without the subject's knowledge and consent, such as if data about one subject was provided to you by someone else without the subject's knowledge, which was the example scenario that Kenja described. There are various other conditions under which processing is also allowed, but it's hard to see how Facebook could appeal to any of them in such a case.
Although there are certain EU-wide minimum standards, it's also worth keeping in mind that some nations implement stricter privacy and data protection controls than others. For example, while the UK is relatively easy-going (perhaps too much so IMHO), Germany tends to be very protective of individual rights in such matters (understandably, given their history). Presumably the most relevant jurisdiction in this case is Ireland, but I don't know off the top of my head where on the spectrum they fall.
Well, given that we're talking about an organisation called Europe vs Facebook, Facebook's international HQ is in Ireland, and the laws Facebook are referring to apply in European jurisdictions... everyone here except you, I guess.
If I have a picture of you, and I want to perform some processing of it, and doing so does not adversely effect you, why should I not perform that processing?
Because in Europe, such a picture would be considered personal data pretty much everywhere, and thus it would fall under data protection laws that explicitly provide certain rights to individuals regarding personal data about them and certain limits on what anyone else may do with that data. And no, you can't magically negate all of those rights and responsibilities with a contract of adhesion.
One of the rights typically available to individuals under those laws is the right to inspect any personal data held about them. Wriggling out of that one is going to take a lot of shady legalese, which appears to be what Facebook is engaging in here. Staying wriggled out of it if it turns out that the data processing is inconsistent with any registration Facebook has made with any national data protection authority is going to be very tricky indeed, and if the data in question is beyond what an individual might reasonably have understood and consented to and/or if the use of the data in question is potentially damaging to the individual, that's going to be pretty much game, set and match.
Facebook need to tread carefully here, because privacy is becoming a hot political topic in many places as the backlash against excessive "security" measures and intrusive surveillance by both governments and big business grows. There are basically two ways I can see that Facebook could realistically fail catastrophically within quite a short period of time. One is the obvious: someone else does enough of the same things well enough that Facebook no longer has critical mass and people start to use alternatives routinely again instead of assuming that close enough to all of their friends and family also use Facebook; this is the fate that befell almost every other major social network as Facebook rose to supremacy. The other is to upset one national privacy body too many and find themselves legislated into impotence.
I think Internet meaning-fuzzing is occurring. Are you suggesting that Red Gate are completely insane and no-one sane would want to work with them, or that they are endearingly quirky and it's probably a fun place to work? (Or something else entirely?)
And in fairness, Julian Huppert (my local MP) actually voted as he promised he would on the tuition fees issue, rebelling against the official coalition policy. Perhaps that was enlightened self-interest, since his constituency is Cambridge, where there is a small university you may have heard of (and in fact a second university as well). Still, he's one of the few MPs who has a serious background in science and appears to want to see relevant evidence before forming policies. While I don't agree with him on everything, he does seem to be basically a decent guy so far.
I realise you were joking, but funnily enough my first thought about this wasn't about yet another pseudo-censorship policy that will fail, it was that ISPs have been struggling to provide the bandwidth and they've advertised now that people actually want to use it so they can watch streamling videos a la Netflix/BBC iPlayer, video calling via Skype, etc. Getting rid of most porn downloading probably removes a convenient amount of load on those ISPs' systems and lets them provide other services to customers without having to invest a fortune in serious infrastructure. That in turn means they can try to get the government to fund or partially fund "next generation broadband" or something instead of paying for it entirely themselves, though naturally they will still take all of the profits.
Of course, this whole idea is doomed as soon as the tabloids start looking up which MPs have "porn-enabled" their Internet connections and the smear campaigns start.
OK, perhaps I should have written "for a generation" instead, but I think my point still stands.
In 1974, there was a hung parliament after the general election, which resulted in a minority Labour government after the Tories and Liberals failed to reach a coalition agreement that would keep Heath in power. The government that formed was not itself a coalition.
Then there was a brief agreement to form a Lib-Lab pact in 1977, when Labour wound up without an absolute majority in Parliament, but it was hardly what we'd call a coalition government today, more an agreement not to bring down the government in a motion of no-confidence in exchange for some limited policy influence.
While not every government since the Second World War era has achieved an absolute majority in Parliament, even when there have been minorities, they haven't resulted in a formal coalition where the third party wields the kind of power the Liberal Democracts hold today. The last time we had today's kind of power-sharing between two major parties is just about still in living memory, but most voters have never previously experiened it. So, I think it's still fair to say that our political system has been seriously disrupted as a result of last year's general election result, and things will feel very different in 2015.
Our last coalition government prior to the current administration was around the time of the Second World War. Since then, we have alternated between Conservative and Labour running the show, until last year's general election. That was the first time in most of our lifetimes that neither of those parties achieved an absolute majority and formed an administration unilaterally.
I think everything I wrote before is consistent with those facts, so what's your point?
Keep the faith. Here in the UK, we have only had two parties who were credibly able to win a General Election and form the national government for several decades, because with our first-past-the-post electoral system none of the smaller parties had even a fighting chance.
Until, that is, both major parties screwed up to the point that neither quite got an absolute majority in Parliament (which is in practice the benchmark for being allowed to form the government) even with our mathematically nonsensical voting system.
Now we have a coalition, where none of the big parties really gets to call the shots on its own. All three of the biggest parties in England are currently looking fairly incompetent, but whatever the outcome of the coalition by the time their five years are up, our politics is not going to be the same next time around. People will know that minor parties can punch above their weight, not least because it isn't really above their weight but now everyone realises that the distortions of the voting system really can be overcome. Previously irrelevant subjects will start to carry more weight as smaller parties or single-issue candidates start to stand up for them and gain enough votes to at least keep their deposits and upset the balance between the major parties.
This would have been as unthinkable five years ago as a US senator being elected without the backing of the Republicans or the Democrats probably is today. But we got rid of a substantial proportion of the incumbents at the last election after the expenses scandal publicly showed many MPs for the self-serving abusers of authority that they were. On a more dramatic scale, the Arab Spring has shown us (and Greece will probably show us again next year) that, sooner or later, entire political systems can be brought down when those in power cross a line too many and the ordinary citizens decide a new system is required.
The US is not immune from similar phenomena, but I suspect their Republican and Democrat politicians are probably shrewd enough to start acting more responsibly when there is a genuine threat to their cosy little arrangement. I think they will do so rather than face a popular revolt that shakes the entire political system, which, given all the fundamental problems bubbling below the surface in the US today that are obvious to outsiders, is probably the alternative within a generation.
I've openly questioned whether Mozilla will last more than another year or two at this rate, never mind another decade. I think the jump to a rapid release schedule and the PR damage caused by Asa Dotzler shortly afterwards were the beginning of the end for them, and they're probably about one rung above HP and RIM in the credibility of their management team right now.
The only thing I wouldn't bet on yet is whether:
a team of geeks will fork Firefox, take it back to its roots, and eat Mozilla's breakfast that way,
Chrome and a resurgent IE will simply render Firefox irrelevant in the desktop consumer and business markets respectively first, or
the market will evolve beyond today's software ideas, driven by changing user expectations and more diverse hardware platforms, leaving the traditional Web browser obsolete and only big players like Google, Apple and Microsoft with the resources to build whatever comes next fast enough.
One thing we can be fairly sure of is that an organisation that makes almost all of its money via a deal with a natural competitor is not in a strong position in any of those cases...
You may not, but the Firefox developers do, and they care because Firefox is a free product and they're the ones who will be sued by MPEG-LA.
Sure, but if they want to compete with the other browsers, that's their problem. IE can do it. Chrome can do it (though they pretended they were going to stop for a while). Browsers on mobile devices can do it. Firefox can't do it. One of these is losing to all of the others.
Let's all pretend you can notice the difference between H.264 and WebM at the resolutions and bitrates employed for streaming on the Internet.
I do notice, because one of my jobs is working on a site that provides custom high quality videos. In our experience, H.264 also takes significantly less bandwidth than the open(ish) video formats for the same quality, and that means reduced operating costs for us.
As a user, the same applies when I'm visiting someone else's site. I guess that's why the trend for serving H.264 only, via either HTML5 video or Flash, has been so noticeable over the past few weeks.
Exactly. Speed is always nice, but I would rather Firefox fixed the basic usability/functionality gaps:
Give us independent tabs, so the browser doesn't freeze every time I open half a dozen bookmarks at once.
Fix the basic drawing bugs: poor kerning for text, embedded content not redrawing properly any time you scroll the window...
Sort out H.264 support. (I don't care if it's not free-as-in-whatever, it's a much better format, and it seems like it's starting to win with an increasing number of sites I visit offering only that format via either HTML5 video or Flash).
I write web stuff for a living, and now spend a significant fraction of my paid time working around bugs (not errors or non-standard behaviour on our part, clear "it does the wrong thing and it used to work" bugs) that Chrome and Firefox have pushed to users. Then you have to revisit things again a few weeks later, to figure out what to do about the fix/half-fix/replacement bug they put in the next update. And of course, that only works if you're operating a live web site, and these days a significant amount of web stuff is actually running on embedded web servers on devices that aren't going to get updated remotely and will simply break in response to these browser bugs. In short, the grass isn't always as green over there as it looks from this side of the street.
In any case, the point here isn't Chrome auto-updating itself, which while not necessarily my preferred policy is at least well-documented and public knowledge. The point here is that Chrome (or something associated with it) appears to be messing with the operation of another browser, in this case, Firefox. I fail to see how such behaviour is ever appropriate.
But still they have given me no solid reasons NOT to trust them yet.
Really? Google provide useful services, of course, but they also push the boundaries and have frequently crossed the line of acceptable behaviour regarding issues like privacy and intellectual property, to the point of having to cancel entire services in some countries. Wikipedia has a long article about criticism of Google that summarises most common concerns.
In any case, any organisation that has that much personal information about people is a danger to individuals, and any organisation that controls so much of how people see the web is a danger to commerce, so until there are robust legal constraints preventing them from abusing their position, I think it is prudent to treat them as shady when they do things that look shady.
Cheaper in the short run or long run?
It's not about long term vs. short term, it's about scale.
Organising IT infrastructure always incurs some level of overhead, but you can see great economies of scale when you reach a certain size. On the other hand, at a very small scale, you still need to deal with at least the basics, and that still requires a certain level of expertise and incurs a certain drain on your staff's time.
I'm not a huge fan of outsourcing IT infrastructure. I think a lot of services you can outsource to tend to do 75% of the job for 50% of the cost, but you need at least 95% of the job before it's worth anything at all.
Moreover, a lot of them have terms and conditions so one-sided I would describe them as abusive. For example, as far as I could tell without paying my lawyer real money, one prominent back-up service we looked at offers all sorts of ways to retrieve your data under normal circumstances, but they can decide to shut down their service without notice. In the event that they do so, they only guarantee to provide 72 hours' download time via the Internet to get any data you need back. That isn't even close to enough to download the volume of data their plans suggest they want you to trust them with, even assuming you can hold a solid connection to their servers at a time when your systems have crashed enough that you need to retrieve a back-up and every customer they've ever had is hitting their network at the same time. Many of the on-line billing services that are trendy right now have contracts you'd be crazy to sign, providing basically no guarantees of anything, while effectively locking your entire ability to take money from customers into their systems.
That all said, given adequate security safeguards and binding robustness/reliability guarantees, I don't see a problem with off-site backups to third party services, and there are clear advantages to having that happen automatically on a regular schedule rather than relying on one of your staff to run a manual process and physically transport media to some off-site location (which you still need to find, trust, and potentially pay for, just like the on-line back-up services).
All of which just goes to show that the whole PCI-DSS thing is more about legal ass-covering than real security. Leaving aside that some of the standard security policies are dubious anyway, if businesses really complied with the level of control you mentioned... well, most small businesses simply can't (in the sense that either they literally can't or they couldn't operate in any commercially viable way under such constraints).
Given that the constraints on taking card payments in person in a store are vastly easier to game, and that nothing in PCI-DSS is going to stop a fraudster setting up a fake shop and taking whatever card details his "customers" volunteer, and that contrary to what the doom-sayers keep telling us most on-line businesses don't really handle a bazillion times the number of transactions of off-line businesses anyway, the overkill for small companies that want to trade on-line is crazy.
Yes, I agree: open-ended problems are useful for getting a discussion going, but they need to be at least reasonably relevant to the role the candidate is interviewing for or they aren't going to help much with assessing suitability.
Because the entire point of those tests isn't to see if they get the right answer, it's to see if the candidate can work with the people in your office.
The trouble with brain-teaser puzzles and trick questions it that the entire point is usually to make the interviewer feel that they are smarter than the candidate.
If they make hiring decisions based on that kind of test, this is probably not the case. :-)
Please notice that I very carefully didn't say the copyright version was actually working well. I said it was working better than anything we had before, which I think is probably true.
No solution can ever be perfect in this case, precisely because of the dichotomy between wanting to preserve "good" material against even temporary suppression but to remove "bad" material immediately to limit the spread, which are incompatible goals if you have no instant means to determine authoritatively what is "good" and what is "bad".
There are a number of significant problems with the approach to copyright infringement, some of which you've mentioned. I certainly don't dispute that, although I would point out that several of the particular examples you mentioned are due to the broken legal system in the US and would not be a problem for nations with systems that aren't so open to abuse.
Some of the remaining problems could be mitigated by having a system where a preliminary view could be taken by a suitable court within a matter of hours, without necessarily requiring a potentially at-risk party to divulge their identity to anyone but the court first. Legal systems that can take weeks or months to get an issue before a judge simply don't cut it in an era of instant global communication, and the lawyers need to get their act together and keep up or they will become irrelevant to such matters anyway.
I also find the overall US legal system somewhat contradictory here. In the US, free speech is often touted as some sort of self-evident virtue as codified in the First Amendment, and the default position seems to be to permit speaking first and consider the consequences later. This seems paradoxical in a legal system that also admits concepts such as defamation, intellectual property rights, and penalising those who shout "fire" in a crowded theatre. It also seems strange to protect the privacy of an anonymous individual who may be hiding behind that very anonymity shield to unfairly/illegally infringe on the privacy of another.
Anyway, it is an unusual case where holding off on releasing material temporarily will cause serious harm as long as that material is ultimately still released without unreasonable delay following independent scrutiny. Meanwhile, it is common for material released illegitimately to spread quickly if not caught early, and then any damage may be irreparable. I think there are obvious parallels between the spread of copyright-infringing material and the spread of defamatory but gossip-worthy/salacious material here. In either case, there is very rarely a need for someone potentially at risk of very serious retribution to disclose information right there and then via a private channel rather than to law enforcement officers or courts, so I'm sorry but I just can't give much weight to your original, hypothetical example.
The trouble with this issue is that there is genuine merit on boths of the argument. Anonymous posting does have advantages in some contexts and whistleblowing in the public interest is a time-honoured tradition. On the other hand, I'm a great believer that with freedom comes responsibility, and effective anonymity by definition removes all accountability for someone's actions. As others have amusingly noted, without any need to act responsibly, a significant number of people won't, which in everyday life spoils things for everyone else.
I'm not sure whether the proposals here strike exactly the right balance, but it seems to me that neither absolute free speech/total anonymity nor automatic public naming of everyone is a viable way forward.
The usual argument for the former is something about disproportionate powers to penalise an identifiable critic. In reality, the government/legal system should be protecting those people against unjust retribution in most cases. If the government is itself the target of the criticism and is sufficiently corrupt to try to silence justified criticism through dubious means then you need a lot more than free speech to fix your problem. Consider the events of the past year in Egypt, Libya, Syria and Iran.
The usual argument for the latter is something about taking responsibility, but neglects the important benefits of privacy to free and constructive discussions on difficult subjects, such as those mentioned by the Mumsnet reps in recent BBC coverage of this topic. There is no need to force someone to disclose their identity to the entire world unless they are actually doing something wrong, and there should be due process to discover that just like any other legal action.
If we accept that a middle ground is necessary to strike as fair a balance as possible between competing but incompatible legitimate positions here, then the big question becomes how to deal with actions that can potentially have an immediate impact and spread rapidly causing irreparable damage, but which may be doing so legitimately, before any court action can reach a useful conclusion. Some sort of safe harbour/temporary hold system seems to be working better than anything we had before in the broadly similar context of copyright infringement, so I don't think that's an absurd place to start.
For what it's worth, I think we probably agree on your main point, which seems to be that if there's going to be bad/incomplete data out there that presents the wrong impression, the most effective (only?) way to counter that is to overwhelm it with correct/complete/positive data that sets the record straight.
I'm just going a little further, in that I don't believe it really is inevitable that privacy as we know it is going to die out. The loss of privacy in the past few years has been enabled by a combination of:
You can't wind back technology, and technology is ethically neutral anyway, so we can't do much about #1 even if we wanted to.
We can't do much about #2 either, since governments and large commercial entities are always going to have disproportionate power compared to almost any individual.
We can do something about #3, because at least governments and large entitites tend to follow clear laws with adequate penalties when they are broken. However, right now, I think technology has outpaced the legal/regulatory tools that are supposed to keep our use of it ethical, so the laws need to catch up.
There seem to me to be two major barriers to this. Firstly, the lobbyists also tend to act for the companies with vast resources, and that isn't going to change any time soon. However, the sort of public disclosure of lobbyist funding that is a hot topic this week in the UK might at least help. Secondly, I think a significant proportion of elected officials haven't really thought through (or simply don't understand) the implications of modern technologies. What is the essence of privacy, the value that we really want to protect? What does "privacy" mean in a world where Google has proved that "and then you download the Internet" isn't always a punchline and where many helpful uses of technology inherently collect small amounts of personal data but that information can be and sometimes is collected together to form much broader descriptions of the people it relates to?
These are the kinds of questions that serious thinkers need to work their way through, if we are to avoid the kinds of negative consequences we've been discussing. And the time has come, because Pandora's box is open and if we reach the point where commercial interests really do have a file of just about everything on just about everyone, even hope will have escaped.
Since credit history is asked for (and can be refused, with the result of paying higher insurance or not getting the job), this isn't a social networking issue.
Today, I doubt you would be penalised for/refused something like health or motor insurance just because several of your Facebook friends posted pictures of themselves getting very drunk at a party with you in the background. Do you really believe either that the insurers won't act on that sort of information when they can or that the technology for them to do so isn't a matter of years if not months away?
How do you want people to make decisions regarding your health/employment?
How about objectively based on data I provide them, in context, where all relevant details are asked for and supplied? We've been doing this with health questionnaires and CVs/resumes for years, and it's worked OK.
So, really, what bad thing will happen?
Well, off the top of my head, when we reach the point that any commercial, professional or government contact you have can effectively dig up as much dirt on you as they feel like from any source they can find:
So sure, maybe you don't mind a bit of junk mail. You'll be fine as long as you also don't mind crazy people turning up on your door step several times per month asking you to sign up to their political party/donate to their charity/buy their dubiously sourced goods, tax inspectors inviting themselves into your life for six months and wasting dozens or hundreds of hours of your free time to comply with their demands, though at least you'll have a lot more free time in future because you won't be able to get a full-time job as a tax evasion suspect anyway, and even if you did you wouldn't be able to get paid because no bank will give you an account without a credit rating, which you no longer have, even if that account offers no loan or credit facilities anyway, and you can't complain because no phone company will let you sign up for a calling plan without a credit check and photo ID, which in turn you can't get because you couldn't afford the statutory motor insurance after three of your friends got DUI'd last year and so when go
But those rights are limited: you can basically only prevent processing that is actively harmful to you. Which is why I phrased my question as I did. European law *does not* prevent Facebook storing information about you if they want to, as long as they do not use that information in a way that prejudices your legitimate interests.
I don't think that's true in general. For example, you would be on shaky ground if you were storing and processing personal data without the subject's knowledge and consent, such as if data about one subject was provided to you by someone else without the subject's knowledge, which was the example scenario that Kenja described. There are various other conditions under which processing is also allowed, but it's hard to see how Facebook could appeal to any of them in such a case.
Although there are certain EU-wide minimum standards, it's also worth keeping in mind that some nations implement stricter privacy and data protection controls than others. For example, while the UK is relatively easy-going (perhaps too much so IMHO), Germany tends to be very protective of individual rights in such matters (understandably, given their history). Presumably the most relevant jurisdiction in this case is Ireland, but I don't know off the top of my head where on the spectrum they fall.
Well, given that we're talking about an organisation called Europe vs Facebook, Facebook's international HQ is in Ireland, and the laws Facebook are referring to apply in European jurisdictions... everyone here except you, I guess.
If I have a picture of you, and I want to perform some processing of it, and doing so does not adversely effect you, why should I not perform that processing?
Because in Europe, such a picture would be considered personal data pretty much everywhere, and thus it would fall under data protection laws that explicitly provide certain rights to individuals regarding personal data about them and certain limits on what anyone else may do with that data. And no, you can't magically negate all of those rights and responsibilities with a contract of adhesion.
One of the rights typically available to individuals under those laws is the right to inspect any personal data held about them. Wriggling out of that one is going to take a lot of shady legalese, which appears to be what Facebook is engaging in here. Staying wriggled out of it if it turns out that the data processing is inconsistent with any registration Facebook has made with any national data protection authority is going to be very tricky indeed, and if the data in question is beyond what an individual might reasonably have understood and consented to and/or if the use of the data in question is potentially damaging to the individual, that's going to be pretty much game, set and match.
Facebook need to tread carefully here, because privacy is becoming a hot political topic in many places as the backlash against excessive "security" measures and intrusive surveillance by both governments and big business grows. There are basically two ways I can see that Facebook could realistically fail catastrophically within quite a short period of time. One is the obvious: someone else does enough of the same things well enough that Facebook no longer has critical mass and people start to use alternatives routinely again instead of assuming that close enough to all of their friends and family also use Facebook; this is the fate that befell almost every other major social network as Facebook rose to supremacy. The other is to upset one national privacy body too many and find themselves legislated into impotence.
In that case, if the ones I know are anything to go by, I agree entirely. :-)
I think Internet meaning-fuzzing is occurring. Are you suggesting that Red Gate are completely insane and no-one sane would want to work with them, or that they are endearingly quirky and it's probably a fun place to work? (Or something else entirely?)
And in fairness, Julian Huppert (my local MP) actually voted as he promised he would on the tuition fees issue, rebelling against the official coalition policy. Perhaps that was enlightened self-interest, since his constituency is Cambridge, where there is a small university you may have heard of (and in fact a second university as well). Still, he's one of the few MPs who has a serious background in science and appears to want to see relevant evidence before forming policies. While I don't agree with him on everything, he does seem to be basically a decent guy so far.
Just out of interest, do you think the average legally-untrained US citizen would be able to understand what you just wrote?
I realise you were joking, but funnily enough my first thought about this wasn't about yet another pseudo-censorship policy that will fail, it was that ISPs have been struggling to provide the bandwidth and they've advertised now that people actually want to use it so they can watch streamling videos a la Netflix/BBC iPlayer, video calling via Skype, etc. Getting rid of most porn downloading probably removes a convenient amount of load on those ISPs' systems and lets them provide other services to customers without having to invest a fortune in serious infrastructure. That in turn means they can try to get the government to fund or partially fund "next generation broadband" or something instead of paying for it entirely themselves, though naturally they will still take all of the profits.
Of course, this whole idea is doomed as soon as the tabloids start looking up which MPs have "porn-enabled" their Internet connections and the smear campaigns start.
OK, perhaps I should have written "for a generation" instead, but I think my point still stands.
In 1974, there was a hung parliament after the general election, which resulted in a minority Labour government after the Tories and Liberals failed to reach a coalition agreement that would keep Heath in power. The government that formed was not itself a coalition.
Then there was a brief agreement to form a Lib-Lab pact in 1977, when Labour wound up without an absolute majority in Parliament, but it was hardly what we'd call a coalition government today, more an agreement not to bring down the government in a motion of no-confidence in exchange for some limited policy influence.
While not every government since the Second World War era has achieved an absolute majority in Parliament, even when there have been minorities, they haven't resulted in a formal coalition where the third party wields the kind of power the Liberal Democracts hold today. The last time we had today's kind of power-sharing between two major parties is just about still in living memory, but most voters have never previously experiened it. So, I think it's still fair to say that our political system has been seriously disrupted as a result of last year's general election result, and things will feel very different in 2015.
Our last coalition government prior to the current administration was around the time of the Second World War. Since then, we have alternated between Conservative and Labour running the show, until last year's general election. That was the first time in most of our lifetimes that neither of those parties achieved an absolute majority and formed an administration unilaterally.
I think everything I wrote before is consistent with those facts, so what's your point?
Keep the faith. Here in the UK, we have only had two parties who were credibly able to win a General Election and form the national government for several decades, because with our first-past-the-post electoral system none of the smaller parties had even a fighting chance.
Until, that is, both major parties screwed up to the point that neither quite got an absolute majority in Parliament (which is in practice the benchmark for being allowed to form the government) even with our mathematically nonsensical voting system.
Now we have a coalition, where none of the big parties really gets to call the shots on its own. All three of the biggest parties in England are currently looking fairly incompetent, but whatever the outcome of the coalition by the time their five years are up, our politics is not going to be the same next time around. People will know that minor parties can punch above their weight, not least because it isn't really above their weight but now everyone realises that the distortions of the voting system really can be overcome. Previously irrelevant subjects will start to carry more weight as smaller parties or single-issue candidates start to stand up for them and gain enough votes to at least keep their deposits and upset the balance between the major parties.
This would have been as unthinkable five years ago as a US senator being elected without the backing of the Republicans or the Democrats probably is today. But we got rid of a substantial proportion of the incumbents at the last election after the expenses scandal publicly showed many MPs for the self-serving abusers of authority that they were. On a more dramatic scale, the Arab Spring has shown us (and Greece will probably show us again next year) that, sooner or later, entire political systems can be brought down when those in power cross a line too many and the ordinary citizens decide a new system is required.
The US is not immune from similar phenomena, but I suspect their Republican and Democrat politicians are probably shrewd enough to start acting more responsibly when there is a genuine threat to their cosy little arrangement. I think they will do so rather than face a popular revolt that shakes the entire political system, which, given all the fundamental problems bubbling below the surface in the US today that are obvious to outsiders, is probably the alternative within a generation.
I've openly questioned whether Mozilla will last more than another year or two at this rate, never mind another decade. I think the jump to a rapid release schedule and the PR damage caused by Asa Dotzler shortly afterwards were the beginning of the end for them, and they're probably about one rung above HP and RIM in the credibility of their management team right now.
The only thing I wouldn't bet on yet is whether:
One thing we can be fairly sure of is that an organisation that makes almost all of its money via a deal with a natural competitor is not in a strong position in any of those cases...
You may not, but the Firefox developers do, and they care because Firefox is a free product and they're the ones who will be sued by MPEG-LA.
Sure, but if they want to compete with the other browsers, that's their problem. IE can do it. Chrome can do it (though they pretended they were going to stop for a while). Browsers on mobile devices can do it. Firefox can't do it. One of these is losing to all of the others.
Let's all pretend you can notice the difference between H.264 and WebM at the resolutions and bitrates employed for streaming on the Internet.
I do notice, because one of my jobs is working on a site that provides custom high quality videos. In our experience, H.264 also takes significantly less bandwidth than the open(ish) video formats for the same quality, and that means reduced operating costs for us.
As a user, the same applies when I'm visiting someone else's site. I guess that's why the trend for serving H.264 only, via either HTML5 video or Flash, has been so noticeable over the past few weeks.
Exactly. Speed is always nice, but I would rather Firefox fixed the basic usability/functionality gaps:
I write web stuff for a living, and now spend a significant fraction of my paid time working around bugs (not errors or non-standard behaviour on our part, clear "it does the wrong thing and it used to work" bugs) that Chrome and Firefox have pushed to users. Then you have to revisit things again a few weeks later, to figure out what to do about the fix/half-fix/replacement bug they put in the next update. And of course, that only works if you're operating a live web site, and these days a significant amount of web stuff is actually running on embedded web servers on devices that aren't going to get updated remotely and will simply break in response to these browser bugs. In short, the grass isn't always as green over there as it looks from this side of the street.
In any case, the point here isn't Chrome auto-updating itself, which while not necessarily my preferred policy is at least well-documented and public knowledge. The point here is that Chrome (or something associated with it) appears to be messing with the operation of another browser, in this case, Firefox. I fail to see how such behaviour is ever appropriate.
But still they have given me no solid reasons NOT to trust them yet.
Really? Google provide useful services, of course, but they also push the boundaries and have frequently crossed the line of acceptable behaviour regarding issues like privacy and intellectual property, to the point of having to cancel entire services in some countries. Wikipedia has a long article about criticism of Google that summarises most common concerns.
In any case, any organisation that has that much personal information about people is a danger to individuals, and any organisation that controls so much of how people see the web is a danger to commerce, so until there are robust legal constraints preventing them from abusing their position, I think it is prudent to treat them as shady when they do things that look shady.