Pluralistic: 29 Jun 2021


Today's links



EFF's generic 'privacy' image: a padlock on a stylized, hexagonal background.

SCOTUS to wrongfully accused terrorists: "drop dead" (permalink)

When people call the US Supreme Court "corporate-friendly," it's often hard to know what that means in concrete terms. But here's an example of what it means when the highest court in the land is in the tank for big business.

Transunion is a giant credit reporting bureau. These companies have their origin in a company called "Retail Credit" (now Equifax). RC paid people to spy on their neighbors and kept secret files on who was a "race mixer," a homosexual, or a political radical.

These files were sold to employers, financial institutions and landlords to help them discriminate against people for their political, sexual or racial views.

https://www.jacobinmag.com/2017/09/equifax-retail-credit-company-discrimination-loans

Today, these companies continue to maintain massive, nonconsensual, wildly inaccurate databases detailing your finances, your employment, your living arrangements, your run-ins with the criminal justice system and more.

These are sold – again, without your consent – to lenders, employers, landlords, and other entities, who use them to make decisions that affect where you live and work, whether you can adopt, and more.

These companies have been in the news continuously for half a decade, thanks to a series of high-profile, unimaginably massive breaches that compromised the security of virtually every adult in the US and millions abroad.

https://pluralistic.net/2021/04/30/dox-the-world/#experian

Transunion's secret files on you include a tickbox for "suspected terrorist." Transunion wrongly accused 8,000 people of being terrorists. It discovered its error and violated its statutory duty to inform the people it had wronged.

The Supremes just ruled that those wronged people aren't allowed to sue Transunion for accusing them of being terrorists and making that judgment available to its customers, including government agencies, employers and landlords.

https://www.eff.org/deeplinks/2021/06/supreme-court-says-you-cant-sue-corporation-wrongly-marked-you-terrorist

Specifically, the court said that only the 1,800 people whose wrongful accusation was transmitted to third parties could sue Transunion. It likened the untransmitted accusations to "a letter in a drawer that is never sent."

Writing for the majority, Kavanaugh failed to grapple with the collection, analysis and use of private data, which – per EFF's Cindy Cohn – is "an opaque archipelago of databases are linked and used to build and deploy machine learning systems that judge and limit us."

As Cohn points out, Kavanaugh explicitly ignored Congress's intention in passing the Fair Credit Reporting Act, which followed from the ghastly scandals that prompted Retail Credit to hide under its new "Equifax" name.

The whole point of the act is to allow the public to seek justice when credit reporting bureaux are reckless in their dossier-compiling.

Transunion was reckless: "it marked people as potential terrorists simply because they shared the same name as people on a terrorist watch list without checking middle names, birthdays, addresses, or other information that TransUnion itself undoubtedly already had."

This decision is a boon to any company seeking to block litigation over privacy breaches, who will cite it in a bid to force the people they victimize to prove not just that the company leaked their data, but also that someone hurt them using that leak.

This is the standard that Google and Facebook cynically advocated in their amicus briefs, and while the court explicitly recognized that privacy breaches can create "intangible harms," that doesn't mean that corporate lawyers won't try to stretch this ruling.



A screenshot of freefilefillableforms.com, a very bad and inaccessible website.

Intuit sabotages the Child Tax Credit (permalink)

The Child Tax Credit is a seriously good piece of policy, in which America's poorest families are eligible for $2-3k/year in subsidies, a move projected to cut American child poverty in half.

There's one problem: the IRS has no idea how to reach America's poorest families.

Many of the people eligible for CTC don't file tax returns and even if they did, they'd have no contact with the IRS, because the tax-prep monopoly killed all attempts to create a "free file" system where the IRS sends you a prefilled return with the info they already have.

When I say "sabotaged," I'm not speaking hyperbolically. The tax-prep industry, led by Intuit, led the fight for 20 years, with their cultlike leader Brad Smith at the forefront of a bribery and intimidation campaign.

https://www.propublica.org/article/inside-turbotax-20-year-fight-to-stop-americans-from-filing-their-taxes-for-free

Intuit worked with its co-monopolists to develop a private sector "free file" program that was supposed to offer free tax-prep services to the poorest Americans, but it was a con.

The company developed a sophisticated dark-patterns storefront to trick Americans into paying for the service they promised to provide for free. Free file was supposed to cover half of Americans, but only 3% figured out how to use it.

https://www.propublica.org/article/the-irs-tried-to-hide-emails-that-show-tax-industry-influence-over-free-file-program

Free file predated upon poor people, but it especially targeted people with disabilities, students and retirees.

https://www.propublica.org/article/trump-tax-law-threatened-turbotax-profits-started-charging-disabled-unemployed-and-students

Eventually, thanks to Propublica's dogged reporting, the IRS ended its noncompete agreement with Intuit.

https://www.propublica.org/article/irs-reforms-free-file-program-drops-agreement-not-to-compete-with-turbotax

But the IRS has been starved for decades by anti-tax extremists and is seemingly dependent on predatory monopolists – think of how, in the wake of the Equifax breach, the IRS awarded its $7.5m, no-bid antifraud contract…to Equifax.

https://www.cbsnews.com/news/equifax-irs-data-breach-malware-discovered/

The IRS said it had to give its security contract to the company that had just demonstrated an unimaginably terrible capacity for screwing up security because no other company was able to provide anti-fraud services, and the IRS didn't have that capacity itself.

Just as with Intuit, the IRS eventually had to break with Equifax because its behavior became absolutely untenable – in the case of Equifax, the company started serving malware from its fraud-prevention site (no, really).

But despite its dishonor, Equifax remains cozy with the IRS – as does Intuit, never mind the fact that the FTC is investigating it for its fraudulent, predatory behavior.

Intuit is the company the IRS tapped to build the CTC enrolment website.

It is a very bad website.

https://www.freefilefillableforms.com/#/fd/childtaxcredit

The site's failings are detailed in a Michelle Singletary story for the Washington Post.

https://www.washingtonpost.com/business/2021/06/15/irs-child-tax-credit-tool/

Start with that URL: "freefilefillableforms.com" is not a subdomain of irs.gov. It's not even a .gov site. Even before the page loads, it sounds like a phishing site.

But once you load it, hoo-boy does it look like a phishing site. There's nothing to indicate that you're on an official IRS website.

A screenshot of freefilefillableforms.com failing to render on a mobile device.

The site doesn't work on mobile devices. Guess what kind of device a person poor enough to qualify for the CTC is most likely to own?

The site is English only; there's no Spanish version. Guess what linguistic group is disproportionately represented among people poor enough to qualify for the CTC?

The site doesn't work with screen-readers, excluding people with visual disabilities.

The site welcomes you with a giant, unreadable wall of garbage-legalese warnings and a giant CAUTION box.

Intuit is perfectly capable of making usable websites – but more importantly, they are criminally capable of making unusable websites. They are infamous for it.

If Intuit wanted to make a CTC enrolment website that ensured that the parents of children living in poverty could find and use it, they could. Moreover, when Intuit builds websites that deprives people of the service they're entitled to, it's deliberate.

The People's Policy Project's alternative CTC signup site.

To prove how good Intuit is at being bad, Matt Bruenig of the People's Policy Project worked with designers to build an alternative CTC site. It took two days. It's welcoming, it's bilingual, and it was built by a crowdfunded think-tank.

https://www.peoplespolicyproject.org/2021/06/23/it-took-two-days-to-make-a-good-ctc-website/

Mobile view of the People's Policy Project's alternative CTC signup site.

It works on mobile, too (of course). As Bruenig writes, "it's not designed to look like a phishing website, is simple and inviting, and replaces the complicated set of eligibility rules with question prompts."

Alas, all it can do is funnel users into Intuit's terrible site.

I have done web-design for large government clients. I understand that there are constraints that can reduce the quality of the final product. But Intuit isn't your average IRS contractor – they're a company that was caught bribing, intimidating and poaching IRS employees.

Specifically, they bribed, intimidated and poached IRS employees to turn a blind eye to the company's deliberately terrible web design, which was in service to denying poor people access to financial services they were entitled to.

Bond's Law applies here: "Once is happenstance. Twice is coincidence. Three times is enemy action." This isn't incompetence, it's deadly competence – a skilful act of sabotage that will doom millions of children to continued poverty.



This day in history (permalink)

#20yrsago Andrew Leonard on the Microsoft antitrust appeal https://web.archive.org/web/20010813124040/https://www.salon.com/audio/col/tech/2001/06/29/tech/index.html

#20yrsago Lessig, O'Reilly, Moglen, ESR and Jamie Love on the Microsoft antitrust appeal https://web.archive.org/web/20010630215558/http://www.salon.com/tech/feature/2001/06/28/appeals_reaction/index.html

#15yrsago Vernor Vinge on computers, freedom and privacy https://www.theguardian.com/technology/2006/jun/29/guardianweeklytechnologysection5

#10yrsago Copyright troll’s biggest fan commits terminal irony https://www.eff.org/deeplinks/2011/06/righthaven-cheerleader-wanted-irony-police

#10yrsago Publishing in the Internet era: connecting audiences and works https://www.theguardian.com/technology/2011/jun/30/publishers-internet-changing-role

#10yrsago Why writers should have their own domains https://whatever.scalzi.com/2011/06/29/mastering-ones-own-domain-an-no-this-is-not-a-seinfeld-reference/

#5yrsago How to Break Open the Web: a report on the first Decentralized Web Summit https://www.fastcompany.com/3061357/the-web-decentralized-distributed-open

#5yrsago The Perdition Score: Sandman Slim vs the One Percent https://memex.craphound.com/2016/06/29/the-perdition-score-sandman-slim-vs-the-one-percent/

#5yrsago Rules for undercover cops, UK edition https://web.archive.org/web/20160629064817/https://www.college.police.uk/News/College-news/Documents/Undercover_policing_guidance-for_consultation.pdf

#5yrsago Californians will get to vote on legal recreational weed https://web.archive.org/web/20160702090503/https://abcnews.go.com/US/wireStory/voters-decide-legalize-recreational-marijuana-40206739

#1yrago Facebook and Trump collaborate on rule-rigging https://pluralistic.net/2020/06/29/female-furies/#fb-hearts-dt

#1yrago How to break up Google https://pluralistic.net/2020/06/29/female-furies/#braygoog

#1yrago Female Furies https://pluralistic.net/2020/06/29/female-furies/#apokolips-now



Colophon (permalink)

Today's top sources: Naked Capitalism (https://www.nakedcapitalism.com/).

Currently writing:

  • Spill, a Little Brother short story about pipeline protests. Yesterday's progress: 275 words (7331 words total).

  • A Little Brother short story about remote invigilation. PLANNING

  • A nonfiction book about excessive buyer-power in the arts, co-written with Rebecca Giblin, "The Shakedown." FINAL EDITS

  • A post-GND utopian novel, "The Lost Cause." FINISHED

  • A cyberpunk noir thriller novel, "Red Team Blues." FINISHED

Currently reading: Analogia by George Dyson.

Latest podcast: Inside The Clock Tower https://craphound.com/news/2021/06/21/inside-the-clock-tower/
Upcoming appearances:

Recent appearances:

Latest book:

Upcoming books:

  • The Shakedown, with Rebecca Giblin, nonfiction/business/politics, Beacon Press 2022

This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.


How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/web/accounts/303320

Medium (no ads, paywalled):

https://doctorow.medium.com/

(Latest Medium column: "Moral hazard and monopoly," on the need to break up big tech platforms https://doctorow.medium.com/moral-hazard-and-monopoly-42e30eb159a8)

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla