Just Stop It: Asking for my Date of Birth

Just Stop itIt’s interesting, government departments in many countries cannot ask for any personal information unless it is needed for the services they provide. Why can internet sites get away with this? Your date of birth is a critical piece of identity information, but it’s absolutely not necessary to register for a website.

A number of websites ask you your birth date as part of their registration process, including – as shown in the above example – Yahoo!

Yahoo! in this case tries to soften the blow by promising to provide me with a “better experience”. Let me translate what that means; they will guess based on your age which ads should be served to you. So if you’re in your thirties, and perhaps visit a baby clothes site, you’ll get baby ads, if you’re over forty five it’ll be hair-loss and menopause remedies. Get older and it’s incontinence pads. As if you couldn’t search for such products without their help.

In my case I lie, I have a birth date that I use as my “internet birthday”. Which means I’ll get the incontinence pad ads a little late.

Security is Like Water

A pipe in my kitchen broke this week, water leaked everywhere, seeping into everything, through the smallest gap. This got me thinking about other types of leaks. I think there’s a reason we talk about information and security leaks; you can do everything you want to contain information but it will pass through the smallest gap.

The reason is that there is a natural tension between the measures needed to make a company secure, and the activities people have to perform in the line of their work. Every attempt to lock down security across an organisation pushes employees to find alternative routes to perform their work.

Ars Technica reported earlier this year that when Hillary Clinton, as Secretary of State, had requested a secure Blackberry she had been refused. Blackberry is Clinton’s preferred tool for answering emails, and a secure Blackberry had already been provided to Obama (and to Condoleeza Rice, Clinton’s predecessor).  Now this seems a very odd decision to me, Secretary of State is the third highest office in the US, and a role that would obviously involve a lot of email correspondence with the president, presumably of a similar “top secret” nature.

I’ve heard of the same thing playing out in different ways in companies.

  • Generic USB sticks were banned, the company provided USB sticks that had a nasty habit of corrupting movie files, and it was already impossible to email large files. So employees doing presentations outside the company would use a hotmail account to email the video to themselves so that they could play it at a conference or meeting outside the company.
  • When new board members wanted meeting notes electronically. The security advice was to give them company laptops. But these were people who travelled extensively and sat on the boards of several companies. Password protected pdfs were used as an interim measure, but longer term measures involved a secure site.
  • When security teams became aware of the possibility that social engineering techniques were being used on LinkedIn and specifically targetting company employees they blocked LinkedIn from the company network. Ignoring the fact that this just moved the risk to outside work hours, or via personal mobile phones.

In all these cases employees quickly found a work-around. In some cases the risk was reduced in this process, in others not.

As Tom Seo wrote in a recent Tech Crunch article “security is defined as a largely operational function, which in turn leads to reactive, incohesive decision-making”, and I think that security has been seen as an operational function for a long time with a defensive or reactive mentality.

To keep something perfectly secure we lock it away, put it in a safe, behind a wall, or in a fortress. But for companies there is no way to build an effective wall around a company’s digital information, since using that information is an operational necessity. Sure, we use the term “firewall” for a sort of digital approximation of a wall, but we still send information across a firewall, and use technology outside a firewall.

Years ago a security colleague said to me “we can no longer build a completely secure system; we have to choose which risks to remove and which to manage”. It’s a good start, but I look forward to the day when security teams think in terms of solutions rather than rules.

Image: water via pixabay

 

 

Internet Access as a Human Right

I am constantly connected, both at home and at work, often via multiple devices. And it’s not just my phone and laptop, increasingly service apps are online – I can control my apartment temperature  from the other side of the world via an app. Lots of services are online, I do all my banking online, I’ll do my tax return online soon. I’ll shop online, including for dinner delivered. At work I’m online all the time. My functional life is online – if wifi goes down I’m really stuck. So internet is hugely important. But is it a human right?

The original UN Declaration of Human Rights doesn’t mention the internet, but then it was written in the 1940s so that’s not surprising. However it does list a number of rights that are increasingly accessed via the internet, including the right to;

  • take part in the government of his country,
  • equal access to public service in his country.
  • work, to free choice of employment
  • education.
  • participate freely in the cultural life of the community, to enjoy the arts and to share in scientific advancement and its benefits.

These are all available online

It’s only a matter of time before these are available only via the internet. It’s such a clear trend that in 2011 the UN declared internet access a human right, noting;

The Special Rapporteur underscores the unique and transformative nature of the Internet not only to enable individuals to exercise their right to freedom of opinion and expression, but also a range of other human rights, and to promote the progress of society as a whole.

But what action follows this declaration? How can governments ensure that access is fair? And what happens when fair access does not exist?

There are a lot of government and business initiatives to ensure universal access to the internet, although in many cases the individual would still need to provide the device;

  • Costa Rica, Greece, Spain, France, Finland and Estonia have taken legislative steps to enshrine internet access as a right in law.
  • India plans to roll out wifi to 2500 cities.
  • The UK government aims to turn thousands of public buildings into free wifi zones.
  • In the Netherlands network providers are finding ways to open use of customer hotspots.

But not all governments are doing so well. The Syrian regime seems to shut down the internet for hours or days at various times. China famously has “The Great Firewall“, which uses a range of blocking techniques to filter sites and content. And governments of democratic nations aren’t immune to the temptation to turn off internet access in times of crisis, as UK’s PM David Cameron showed during the London riots in 2011 (in this case it did not happen).

But even outside these extreme examples internet access remains very unequal. Jon Gosier, who has worked on some of the big issues of technology inequality, talks about how our thinking around technology as an improver of lives is flawed and asks the vital question – how do we include everyone?

There are a few organisations around the world working on ensuring full internet access, including A Human Right, which in 2012 campaigned to have a planned undersea cable moved 500km south so that it could serve the isolated island of St Helena. Their site and twitter feed appear somewhat moribund so it’s hard to judge real progress.

Alliance for Affordable Internet is a public-private partnership that works to provide affordable broadband and mobile access to the internet for everyone.

But the most interesting “bet” on securing global, universal access to the internet might come from the private sector. Elon Musk, CEO of SpaceX has a vision of creating a “space internet“. And Google have a mad idea involving balloons, called Project Loon, that might just work.

Image: Human Right | Zack Lee |  CC BY-NC-ND 2.0

Internet is a Human Right

The internet is a human right, and everyone should have access.

Sounds far-fetched, we’re used to thinking of human rights as connected to security, equality, freedom; all the big stuff.

But Article 21 of the UN Declaration of Human Rights states

Everyone has the right of equal access to public service in his country.

A quick search online shows that many countries are putting their public/government services online including;

  • Australia
  • Canada
  • Egypt
  • India
  • Netherlands
  • New Zealand
  • UK
  • USA

The UN has run a survey (latest data 2012) looking at “e-government”, which evaluates how ready a government is to provide information and services online, and how ready a country is to use those services. A lot depends on the political and economic situation of the country, just compare Somalia and Sweden to see this difference.

The Charter also lists “the right to education” and “the right to freely participate in the cultural life of the community”, both of which increasingly have an online dimension. Governments, including local governments, are also seeking citizen participation online for local decision making.

Across Europe internet penetration is high at about 73%. It reaches close to 93% in Netherlands, but that still leaves more than a million people not using the internet. Across the EU it’s a third of the population.

As governments move services online they reduce the offices and physical services at the same time. At what point to governments have a responsibility to make sure online access is available to all? At what point does the drive to rationalise services and put them online start to infringe people’s rights?

I’ve been managing the @i_am_europe twitter account this week, and posting on a digital theme. It’s got me thinking about governments role in digital. A week ago I resisted the idea that governments had a role to play in the digital world – an attitude that probably marks me as one of the “digital elite”. But discussing some of the issues around digital and reading up on the EU plans it makes sense that governments and international bodies take a role in shaping the digital world we live in, making it a fairer place.

You can read more about progress so far on the EU website for the Digital Agenda, from the site it seems that good progress has been made – it’s harder to assess the actions of national governments, which is where citizens might notice a difference.

Of course this doesn’t mean that governments should build and deliver a full suite of online services, but that there is a need for a digital strategy for a country, and a need for international co-operation.

In my digging around the internet I also found out about the World Telecommunication and Information Society Day, which, according to their website

The purpose of  World Telecommunication and Information Society Day (WTISD) is to help raise awareness of the possibilities that the use of the Internet and other information and communication technologies (ICT) can bring to societies and economies, as well as of ways to bridge the digital divide.

There is a call to add your local initiative to celebrate this day to the site – so far there’s just one event from Geneva, but there is time to add yours, the date of celebration is 17 May. I’d give you more detail, but to download the “circular letter from the ITU Secretary-General” I’m required to log-in for no good reason. I recall facing the same thing when I wanted to read some of the documents relating to the EU’s digital agenda – so I logged in using a fake identity out of peevishness.

The role of governments/regulatory bodies is about rules, policies and control. The internet world strives for openness and the technology lets us remove communications barriers. In my world people share ideas in 140 characters, there’s a dialogue across social media, books are co-created. Governments and regulatory bodies miss this mindset,  which begs the question; are they fit to lead a Digital Agenda?

Image: Internet, 5 minutes, $1.00 / CC BY-NC-SA 2.0

That’s a direct quote from Mark D’Arcy, global director of creative solutions, Facebook as he spoke at an event at the New Zealand High Commission in London last week.

It’s true, by using the internet our memory is now effectively infinite. We can record appointments, birthdays, photos, videos of family events, comments, and store them all forever. We can access all these memories on any device, any time , anywhere.

He went on to say that everything that has ever been known is recorded and you can find it online. Which is only partially true; there is no image of my grandmother online, she died before I was born and there are only about four people alive who can confirm I look like her – this knowledge is not online. There is a record of my father’s parents online – but the date of their marriage is wrong by about 50 years (making all their children born out of wedlock).

Not everything known is codified, recorded and online; and not everything online is correct.

It is true that common questions can be answered with a dozen keystrokes. Midnight, wine-fueled debates on which is colder Beijing or Edinburgh or who makes the best wine are shorter and duller – some whizz-kid will pull out his smart phone and google the question; game over. Our perfect infinite memory may be the ultimate conversation killer.

In contrast, also in London, I saw an exhibition at the Victoria and Albert Museum called Memory Palace. The exhibition imagines what it would be like to walk into a book; the book imagines a future London when the internet has been destroyed by a “digital storm” and structured knowledge is lost. A vision in which the book’s hero tries to recreate memory. Words turn out to be a code, knowledge loses it’s value and in the end human memory is lost.

The exhibition ends by giving you the opportunity to contribute the one memory, just one. As if there may not be room for all our memories, no way to hold all that knowledge, and no way to codify the emotion.

Even with the theoretical infinity of the internet recording our memories; the result is imperfect and vulnerable.

.

Post Script; If you’re in London take the time to visit the exhibition – it’s brilliantly done, by a group of artists who were each given one passage from the book to inspire their artwork. You can see some of the artists talking about their work on the exhibition website; here’s one describing one of my favourite pieces in the exhibition.

.

Image; face

Happy Birthday Internet

Today the internet is 20 years old, the first site was launched on 6 August 1991 as part of a research project at CERN.

The first site is still online the content is a fascinating insight into how far-sighted Tim Berners-Lee, intelligent search, caching and collaborative content creation are all mentioned. It also shows a number of similarities to today’s sites;

  • structure, the information is categorised in a defined hierarchy
  • non-linear navigation; links connect you across the information categories
  • spelling mistakes (search for “moe” on this page)

But misses all the fun stuff – graphics, images, interaction, video. Persistent navigation, such an obvious feature of any modern website, is also missing, making the site rather difficult to read.

For all the far-sightedness of the developers the list of the intended omits any mention of business or commercial uses. That may be a function of the mandate of the developers, rather than their vision. Or perhaps the academic background limited their understanding of business interest. And even in their wildest, most optimistic, fantasies they could not have imagined the huge volume of sites existing today, according to NetCraft we’re pretty close to half a billion sites.

I heard about this via a tweet from David Bowen, who asks “has anyone created more jobs than Sir Tim BL?”. My first thought that Jesus might win, but I haven’t calculated that. One thing is certain; my job couldn’t exist with the developments sent in train by the team CERN.

So for me, today’s worth celebrating. I’ll raise a glass to all those pioneers who developed the tool I use every day for banking, shopping, talking to family, catching up with friends… and gave me a job I love. Cheers.