PRIVACY, SOCIAL NETWORKS AND

POLICYChris Marsden,

Oxford 16 September 2014

Regulating Privacy

Much updated from my book with Oxford’s Ian Brown: (2013) Regulating Code, MIT Press

Brown (2012) Privacy attitudes, incentives and behaviours https://www.slideshare.net/

blogzilla/privacy-attitudes-incentives-and-behaviours"

Is privacy a rich man’s folly?

Did privacy not exist in primitive villages?

Is privacy a feature of shame? Is the walled garden the physical

manifestation of privacy? Is privacy an Oriental construct based

on patriarchy?

Privacy in pre-digital times

But privacy has western enlightenment history

Not least through its inverse: the Panopticon

Bentham claimed privacy was surrendered by illegality

Entick v. Carrington KBD 1765

Every American law student learns Lord Camden in the first week:

‘there is no law in this country to justify the [police] in what they have done;

if there was, it would destroy all the comforts of society, for papers are often the dearest property any man can have.’

Privacy V. freedom 1773 Benjamin Franklin colonial Postmaster General Leaked letters by Massachusetts Lt. Governor

Thomas Hutchinson to Thomas Whatley, Prime Minister’s

assistant: “For colonists to enjoy the same rights as

English subjects, an abridgement of what are called English liberties might be temporarily necessary.”

Franklin dismissed & censured by Solicitor General

And never heard of again….?

We have modern equivalents

We are all NOW football hooligans,

members of deviant tribes

Friends and

Enemies?

STASI & KGB never as efficient as NSA &

GCHQ

VICTORIAN INTERNET AND

EDWARDIAN SNOWDEN?

Telegraph as Victorian Internet

“The shift from sailing ships to telegraph was far more radical than that from telephone to email”

- Noam Chomsky “The American father is never seen in London. He passes his life entirely in Wall Street and communicates with his family once a month by means of a telegram in cipher” – Oscar Wilde

Social networking & pirates

We used to call our undergrads the ‘Napster generation’

36,000,000 broadband in 2000

Precursor to YouTube/Facebook/ MySpace/Torrent label

‘Napster’ generation are Gen Y, Generation Me or

Millenials Born c.1980-2000 Grew up with Internet (in the US at least)

and computer games Entire university and adult life as

email/IM/Twitter/Skype users Pew Research Center March 2014: "Millennials in adulthood" are "detached

from institutions and networked with friends“ Confirms findings of Wellman (2012) Networked

European Millenials “29th state”?

“29th state of unemployed people, young people who feel side-lined”

. Until this situation has changed, this 29th state must be our number one concern”

How can new Commisioners create policy in 3-6 months?

Andrus Ansip (58), Oettinger (61), Vestager (46) Estonia, Germany, Denmark

New Schleswig-Holstein question? Note the answer of Lord Palmerston to the last? Only 3 people know the answer….

None with much previous Internet knowledge Vestager probably knows most about Internet policy

http://www.nytimes.com/2014/09/11/business/international/eu-antitrust-enforcer-will-be-margrethe-vestager.html?_r=0

Ansip hopefully picked up a lot through Skype etc. Oettinger anti-Google, pro-BigTelcos:

http://www.ft.com/cms/s/0/a97527e2-3903-11e4-9cce-00144feabdc0.html?hpt=ibu_bn4&siteedition=uk#axzz3DNFAFKza

PUBLIC POLICY AND ONLINE SOCIAL NETWORKS:

THE TRILLION DOLLAR ZOMBIE QUESTION

Presented at 26th Human Behaviour and the Evolution of Society conference

Workshop on Internet and Evolution of Society

Prof. Chris MarsdenUniversity of Sussex School of Law

Citizen Prosumers: an introduction

European key policy concept for Internet users: Producer + consumer + citizen Rights to use and protect their data Rights to fair information, goods, services

EU Code of Online Rights (2012) Directive on Consumer Rights 2011/83/EU

http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32011L0083&rid=1

Rights to privacy, property, freedom of speech

Charter of Fundamental Rights (2009) Towards prosumer law?

Online social networks Not a new phenomenon

Pen friending via email from 1980s (+ spam) MUDs playing online games 1990 Rise of GeoCities and blogging late 1990s World of Warcraft + MMORPGs 2000 Web2.0 rise of MySpace, SecondLife, Orkut Broadband: Facebook, Skype, Twitter, Google+

See work of Barry Wellman from 1980s But what is different –

Ubiquity, big money, wider public policy interest Obama the Facebook President Twitterati?

All but 2 products

in smartphone: $3300 in 1991

2.5 Billion people on Internet

Facebook (FBK) a billion users Baidu 800,000,000 Skype 600,000,000 Google 2,000,000,000 Mergers:

FBK-Instagram FBK-WhatsApp MSFT-Skype Google-many

How can FBK maintain dominance?

Avoid AOL, News Corp, Microsoft, Yahoo! decline

Tricky task –buying emerging market leaders ‘Curse of AOL’ – eWorld, Netscape, Bebo Yahoo! – GeoCities, Flickr News Corp – MySpace Microsoft – Hotmail, cable firms

FBK – Instagram, WhatsApp, 3rd party games Teenage reaction: “I used those apps because they

weren’t Stalkbook!” That’s why they move to SnapChat etc…

FBK agreed to buy WhatsApp 2014: $19,000,000,000

Why? WhatsApp is ‘free’ 500m users 50bilion daily messages Facebook IM client specific to mobile

1. So why are FBK buying WhatsApp?2. Is there a market for free messages?3. Is Facebook a monopoly? Answers: No, No, No – say “experts”

Who owns the experts?

Valuation is right

$$$$$$trillion

Facebook Google Twitter Baidu Vkontakte Skype

Whose privacy rules? US companies

Facebook Google Microsoft

US privacy policy – no generic law Unlike European Directive(s)

European regulation – Ireland, Luxembourg Dublin location – sales tax, regulation, corp. tax Lux – eBay + Skype

World’s least competent privacy regulators? Portarlington 30 people, Lux 13

Online behaviour matters

To NSA To advertisers To employers To friends To your future

Surveillance existential threat to social networks?

Not so much…ironically required by https encryption default

Who do they target? Those using encryption esp. TOR

‘If you have nothing to hide, you have nothing to fear’

‘Metadata isn’t real data’ Be quiet, peasants!

So we are silk worms

We are not oil!

Personal data is NOT metaphorical oil in digital economy unless bodies have seeped into the sediment.

Personal data accumulate with our treks into cyberspace

Better metaphor is silk, woven into tapestry of online personality.

Potential to move beyond a caterpillar-like role as a producer of raw silk

Ability to regenerate into a butterfly or moth?

Silkworms that turned

Billions weaving of prosumer-created sites

Silk created tapestries: Wikipedia, FBK and MySpace Arguably loss of ownership led MySpace

decline Prosumer boycott led by those preferring

control of own data cocooned in own personal form: chrysalis or

pupae

Concluding thoughts: more privacy

regulation Widespread regulation of social networking

Including in US – Federal Trade Commission European Court cases – both data retention and

deletion European Parliament pressure on PRISM post-

Snowden National regulators on cloud, Streetview and others European Data Protection Supervisor pressure on

merger cases – competition law – conference 2 June

Zombie Accounts

MySpace accounts Hotmail accounts Friendster Bebo SecondLife Orkut?

Individuals stop use – accounts are zombies?

50 ways to leave Facebook

Not sufficient to permit data deletion as that only covers the user’s tracks.

Interconnection and interoperability, more than transparency and theoretical possibility to switch.

Prosumers interoperate to permit social exit Lower entry barriers -> increased consumer

welfare

Your right to speak on your terms

Human rights concerns become more critical,

reflecting the mass adoption of the Internet in countries with serious democratic deficits, notably in the Middle East and North Africa concerns far predate the Arab Spring of 2011

Regulatory debate well rehearsed in US & Europe since birth of the commercial Internet.

Freedom of expression a fundamental human right

Balances against other fundamental rights, privacy freedom from racial discrimination or violence

threats, rights to private property including copyright torts such as defamation and trespass in private law

Boyle (2001) condemned Chinese censorship And US 1st Amendment promiscuous hate speech

“new efforts to establish codes of conduct about harmful content on . . . this marvellous medium.”

Not a new

topic: trolls old

news

Information giants cooperate with government to share our data• Legal procedures in

place• Snowden &

Greenwald told us:• Informal cooperation• UK took 1 day to

pass:• DRIP Act 2014!

Bombshells for social networks

September 10: DG COMP: Almunia refers proposed Google

settlement back for refinement October:

DG COMP: Phase 2 investigation into Facebook/WhatsApp merger?

October: VP Digital: persuading Council of Ministers to

adopt new Data Protection Regulation? January-March 2015:

VP Digital must produce investment plan and new Digital Single Market proposal

$trillion policy question How does this affect competition

policy? Are there 50 ways to leave your online

lover? Network effects Silk roads of privacy & anonymity

Competition law FBK + Google permanent

monopolies? Privacy rules as social exit barriers?

Research questions1. Why do social networks decline?

1. MySpace/Bebo/Orkut/Friends Reunited

2. Is the visceral nature of offline social networking responsible for success online 1. dating sites approximate strong human contact

better: Grindr, Tindr – Twitter?

3. Bad coding, European data protection and a more aspirational demographic 1. Facebook v. MySpace/Bebo

4. ASmallWorld was Eurotrash Facebook and failed?

Weinstein’s brush with social networking failure: http://gawker.com/5381040/harvey-weinstein-finally-sells-myspace-for-millionaires

We need new competition analysis

Economics and law are not enoughComputer science also needs helpHow do we assess zombie networks?Visceral durablity and/or temporary elements of human sociality online

Economics of visceral?Social psychology of visceral?Evolutionary neuroscience of visceral?

We need to learn how to swim in a river of big data

Research ethics topics

1. Personally identifiable data EU Data Protection Directive EC/95/46 Ethics of personal data collection User informed consent and reuse

2. Proprietary data The unknown unknowns

Networks not shy about leaking: Infamous Cornell study

Cornell Media Statement “Prof. Hancock and Guillory did not

participate in data collection [nor] have access to user data.

“Their work was limited to: initial discussions, analyzing the research results and working with Facebook to prepare paper “Experimental Evidence of Massive-Scale

Emotional Contagion through Social Networks,” Proceedings of National Academy of Science-Social Science.

Cornell: no problem

“Because the research was conducted independently by Facebook and

Professor Hancock had access only to results not to any individual, identifiable data at any

time CU Institutional Review Board concluded that he was not directly engaged in human research

and that no review by the Cornell Human Research Protection Program was required.” http://mediarelations.cornell.edu/2014/06/30/media-

statement-on-cornell-universitys-role-in-facebook-emotional-contagion-research/

‘Privacy Enhancing Technologies’ symposia 2008, 2010, 2012

“Computer scientists are simply not equipped to evaluate the legality of research they perform,

“It is important that researchers seek the assistance of qualified legal experts as they design studies.

“Program committees should require that the researchers identify the legal expert, and independently contact the named legal expert in order to verify that they do indeed believe that the

researchers' study did not violate the law.” EU law often involved – US lawyers competent?

Soghoian, C (2012) Enforced Community Standards For Research on Users of the Tor Anonymity Network,

Lecture Notes in Computer Science Volume 7126, pp 146-153

Internet access declared a human right

Report to UN General Assembly (La Rue 2011) regional HR bodies (Council of Europe) best

practices: filtering but no harming free expression

Viviane Reding, European Commission vice president: “Copyright protection can never be a

justification for eliminating freedom of expression or information Art.17 (2) v. Art.11(1) EU Charter of Fundamental

Rights Blocking the Internet is never an option”