Today's links

• Privacy first: A powerful principle with a vast constituency.
• Hey look at this: Delights to delectate.
• This day in history: 2003, 2008, 2013, 2018
• Colophon: Recent publications, upcoming/recent appearances, current writing projects, current reading

---

Privacy first (permalink)

The internet is embroiled in a vicious polycrisis: child safety, surveillance, discrimination, disinformation, polarization, monopoly, journalism collapse – not only have we failed to agree on what to do about these, there's not even a consensus that all of these are problems.

But in a new whitepaper, my EFF colleagues Corynne McSherry, Mario Trujillo, Cindy Cohn and Thorin Klosowski advance an exciting proposal that slices cleanly through this Gordian knot, which they call "Privacy First":

https://www.eff.org/wp/privacy-first-better-way-address-online-harms

Here's the "Privacy First" pitch: whatever is going on with all of the problems of the internet, all of these problems are made worse by commercial surveillance.

• Worried your kid is being made miserable through targeted ads? No surveillance, no targeting.

• Worried your uncle was turned into a Qanon by targeted disinformation? No surveillance, no targeting. Worried that racialized people are being targeted for discriminatory hiring or lending by algorithms? No surveillance, no targeting.

• Worried that nation-state actors are exploiting surveillance data to attack elections, politicians, or civil servants? No surveillance, no surveillance data.

• Worried that AI is being trained on your personal data? No surveillance, no training data.

• Worried that the news is being killed by monopolists who exploit the advantage conferred by surveillance ads to cream 51% off every ad-dollar? No surveillance, no surveillance ads.

• Worried that social media giants maintain their monopolies by filling up commercial moats with surveillance data? No surveillance, no surveillance moat.

The fact that commercial surveillance hurts so many groups of people in so many ways is terrible, of course, but it's also an amazing opportunity. Thus far, the individual constituencies for, say, saving the news or protecting kids have not been sufficient to change the way these big platforms work. But when you add up all the groups whose most urgent cause would be significantly improved by comprehensive federal privacy law, vigorously enforced, you get an unstoppable coalition.

America is decades behind on privacy. The last really big, broadly applicable privacy law we passed was a law banning video-store clerks from leaking your porn-rental habits to the press (Congress was worried about their own rental histories after a Supreme Court nominee's movie habits were published in the Washington City Paper):

https://en.wikipedia.org/wiki/Video_Privacy_Protection_Act

In the decades since, we've gotten laws that poke around the edges of privacy, like HIPAA (for health) and COPPA (data on under-13s). Both laws are riddled with loopholes and neither is vigorously enforced:

https://pluralistic.net/2023/04/09/how-to-make-a-child-safe-tiktok/

Privacy First starts with the idea of passing a fit-for-purpose, 21st century privacy law with real enforcement teeth (a private right of action, which lets contingency lawyers sue on your behalf for a share of the winnings):

https://www.eff.org/deeplinks/2022/07/americans-deserve-more-current-american-data-privacy-protection-act

Here's what should be in that law:

• A ban on surveillance advertising:

https://www.eff.org/deeplinks/2022/03/ban-online-behavioral-advertising

• Data minimization: a prohibition on collecting or processing your data beyond what is strictly necessary to deliver the service you're seeking.

• Strong opt-in: None of the consent theater click-throughs we suffer through today. If you don't give informed, voluntary, specific opt-in consent, the service can't collect your data. Ignoring a cookie click-through is not consent, so you can just bypass popups and know you won't be spied on.

• No preemption. The commercial surveillance industry hates strong state privacy laws like the Illinois biometrics law, and they are hoping that a federal law will pre-empt all those state laws. Federal privacy law should be the floor on privacy nationwide – not the ceiling:

https://www.eff.org/deeplinks/2022/07/federal-preemption-state-privacy-law-hurts-everyone

• No arbitration. Your right to sue for violations of your privacy shouldn't be waivable in a clickthrough agreement:

https://www.eff.org/deeplinks/2022/04/stop-forced-arbitration-data-privacy-legislation

• No "pay for privacy." Privacy is not a luxury good. Everyone deserves privacy, and the people who can least afford to buy private alternatives are most vulnerable to privacy abuses:

https://www.eff.org/deeplinks/2020/10/why-getting-paid-your-data-bad-deal

• No tricks. Getting "consent" with confusing UIs and tiny fine print doesn't count:

https://www.eff.org/deeplinks/2019/02/designing-welcome-mats-invite-user-privacy-0

A Privacy First approach doesn't merely help all the people harmed by surveillance, it also prevents the collateral damage that today's leading proposals create. For example, laws requiring services to force their users to prove their age ("to protect the kids") are a privacy nightmare. They're also unconstitutional and keep getting struck down.

A better way to improve the kid safety of the internet is to ban surveillance. A surveillance ban doesn't have the foreseeable abuses of a law like KOSA (the Kids Online Safety Act), like bans on information about trans healthcare, medication abortions, or banned books:

https://www.eff.org/deeplinks/2023/05/kids-online-safety-act-still-huge-danger-our-rights-online

When it comes to the news, banning surveillance advertising would pave the way for a shift to contextual ads (ads based on what you're looking at, not who you are). That switch would change the balance of power between news organizations and tech platforms – no media company will ever know as much about their readers as Google or Facebook do, but no tech company will ever know as much about a news outlet's content as the publisher does:

https://www.eff.org/deeplinks/2023/05/save-news-we-must-ban-surveillance-advertising

This is a much better approach than the profit-sharing arrangements that are being trialed in Australia, Canada and France (these are sometimes called "News Bargaining Codes" or "Link Taxes"). Funding the news by guaranteeing it a share of Big Tech's profits makes the news into partisans for that profit – not the Big Tech watchdogs we need them to be. When Torstar, Canada's largest news publisher, struck a profit-sharing deal with Google, they killed their longrunning, excellent investigative "Defanging Big Tech" series.

A privacy law would also protect access to healthcare, especially in the post-Roe era, when Big Tech surveillance data is being used to target people who visit abortion clinics or secure medication abortions. It would end the practice of employers forcing workers to wear health-monitoring gadgets. This is characterized as a "voluntary" way to get a "discount" on health insurance – but in practice, it's a way of punishing workers who refuse to let their bosses know about their sleep, fertility, and movements.

A privacy law would protect marginalized people from all kinds of digital discrimination, from unfair hiring to unfair lending to unfair renting. The commercial surveillance industry shovels endless quantities of our personal information into the furnaces that fuel these practices. A privacy law shuts off the fuel supply:

https://www.eff.org/deeplinks/2023/04/digital-privacy-legislation-civil-rights-legislation

There are plenty of ways that AI will make our lives worse, but copyright won't fix it. For issues of labor exploitation (especially of creative workers), the answer lies in labor law:

https://pluralistic.net/2023/10/01/how-the-writers-guild-sunk-ais-ship/

And for many of AI's other harms, a muscular privacy law would starve AI of some of its most potentially toxic training data:

https://www.businessinsider.com/tech-updated-terms-to-use-customer-data-to-train-ai-2023-9

Meanwhile, if you're worried about foreign governments targeting Americans – officials, military, or just plain folks – a privacy law would cut off one of their most prolific and damaging source of information. All those lawmakers trying to ban Tiktok because it's a surveillance tool? What about banning surveillance, instead?

Monopolies and surveillance go together like peanut butter and chocolate. Some of the biggest tech empires were built on mountains of nonconsensually harvested private data – and they use that data to defend their monopolies. Legal privacy guarantees are a necessary precursor to data portability and interoperability:

https://www.eff.org/wp/interoperability-and-privacy

Once we are guaranteed a right to privacy, lawmakers and regulators can order tech giants to tear down their walled gardens, rather than relying on tech companies to (selectively) defend our privacy:

https://pluralistic.net/2022/11/14/luxury-surveillance/#liar-liar

The point here isn't that privacy fixes all the internet's woes. The policy is "privacy first," not "just privacy." When it comes to making a new, good internet, there's plenty of room for labor law, civil rights legislation, antitrust, and other legal regimes. But privacy has the biggest constituency, gets us the most bang for the buck, and has the fewest harmful side-effects. It's a policy we can all agree on, even if we don't agree on much else. It's a coalition in potentia that would be unstoppable in reality. Privacy first! Then – everything else!

(Image: Cryteria, CC BY 3.0, modified)

---

Hey look at this (permalink)

• After $500m Zuckerberg donation, Harvard university gutted its disinfo team studying Facebook https://boingboing.net/2023/12/04/after-500m-zuckerberg-donation-harvard-university-gutted-its-disinfo-team-studying-facebook.html

• Silicon Valley vs. teenage girls https://www.garbageday.email/p/silicon-valley-vs-teenage-girls

• Writing Documentation for Your House https://luke.hsiao.dev/blog/housing-documentation/ (h/t Jessamyn West)

---

This day in history (permalink)

#20yrsago Walt Disney’s FBI files https://memex.craphound.com/2003/12/06/walt-disneys-fbi-files/

#20yrsago Ska-anthem about duct tape https://web.archive.org/web/20031209020640/http://www.ducktapeclub.com/contests/roll/lyrics.asp?entryid=131

#15yrsago Britain’s “Great Firewall” set to restrict access to Wikipedia https://en.wikinews.org/wiki/British_ISPs_restrict_access_to_Wikipedia_amid_child_pornography_allegations

#15yrsago Workers in Argentina taking over dead factories and running them democratically https://www.newstatesman.com/long-reads/2007/08/argentina-workers-movement

#10yrsago rWhat Nelson Mandela’s life tells us about the legitimacy of “democratic nations” https://memex.craphound.com/2013/12/06/what-nelson-mandelas-life-tells-us-about-the-legitimacy-of-democratic-nations/

#10yrsago Medieval kids’ birch-bark doodles https://erikkwakkel.tumblr.com/post/67681966023/medieval-kids-doodles-on-birch-bark-heres

#10yrsago Botnet of 20,000 point-of-sale machines https://arstechnica.com/information-technology/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/

#5yrsago Jamie Dimon is getting fed up with the protesters who “occupy” him everywhere he goes https://www.bloomberg.com/news/articles/2018-12-03/wherever-dimon-goes-activists-turn-his-speeches-into-spectacles

#5yrsago Wells Fargo blames “computer glitch” for its improper foreclosure on 545 homes https://www.cbsnews.com/news/wells-fargo-loan-modification-error-homeowners-who-went-into-foreclosure-seek-answers/

#5yrsago The third annual AI Now report: 10 more ways to make AI safe for human flourishing https://web.archive.org/web/20181206184028/https://ainowinstitute.org/AI_Now_2018_Report.pdf

#5yrsago Europe’s biggest sports leagues and movie studios disavow #Article13, say it will give #BigTech even more control https://www.eff.org/deeplinks/2018/12/letter-eu-european-film-companies-and-sports-leagues-disavow-article-13-say-it

#5yrsago On January 1, America gets its public domain back: join us at the Internet Archive on Jan 25 to celebrate https://creativecommons.org/2018/12/05/join-us-for-a-grand-re-opening-of-the-public-domain/

---

Colophon (permalink)

Today's top sources: Slashdot (https://slashdot.org/).

Currently writing:

• A Little Brother short story about DIY insulin PLANNING

• Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. FORTHCOMING TOR BOOKS JAN 2025

• The Bezzle, a Martin Hench noir thriller novel about the prison-tech industry. FORTHCOMING TOR BOOKS FEB 2024

• Vigilant, Little Brother short story about remote invigilation. FORTHCOMING ON TOR.COM

• Spill, a Little Brother short story about pipeline protests. FORTHCOMING ON TOR.COM

Latest podcast: Don’t Be Evil https://craphound.com/articles/2023/12/03/dont-be-evil/
Upcoming appearances:

• The Geneva Dialog (Dec 7)
  https://genevadialogue.ch/event/geneva-manual-event/

Recent appearances:

• AI needs to work with humans — not replace us (CBC IDEAS)
  https://www.cbc.ca/radio/ideas/artificial-intelligence-provocation-ideas-festival-1.7046841

• Explore the Future of the 🔥 Climate and Information Climate (Andrew Revkin)
  https://www.youtube.com/watch?v=-OGT-cvs4_Q

• Digital Markets Act; Interoperability; Entrenchment; Copyright; "What-About-Ism" (Digital Markets Research Hub)
  https://www.youtube.com/watch?v=Xm23pO5_WKM

Latest books:

• "The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org). Signed, personalized copies at Dark Delicacies (https://www.darkdel.com/store/p3007/Pre-Order_Signed_Copies%3A_The_Lost_Cause_HB.html#/)

• "The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).

• "Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com. Signed copies at Dark Delicacies (US): and Forbidden Planet (UK): https://forbiddenplanet.com/385004-red-team-blues-signed-edition-hardcover/.

• "Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com

• "Attack Surface": The third Little Brother novel, a standalone technothriller for adults. The Washington Post called it "a political cyberthriller, vigorous, bold and savvy about the limits of revolution and resistance." Order signed, personalized copies from Dark Delicacies https://www.darkdel.com/store/p1840/Available_Now%3A_Attack_Surface.html

• "How to Destroy Surveillance Capitalism": an anti-monopoly pamphlet analyzing the true harms of surveillance capitalism and proposing a solution. https://onezero.medium.com/how-to-destroy-surveillance-capitalism-8135e6744d59?sk=f6cd10e54e20a07d4c6d0f3ac011af6b) (signed copies: https://www.darkdel.com/store/p2024/Available_Now%3A__How_to_Destroy_Surveillance_Capitalism.html)

• "Little Brother/Homeland": A reissue omnibus edition with a new introduction by Edward Snowden: https://us.macmillan.com/books/9781250774583; personalized/signed copies here: https://www.darkdel.com/store/p1750/July%3A__Little_Brother_%26_Homeland.html

• "Poesy the Monster Slayer" a picture book about monsters, bedtime, gender, and kicking ass. Order here: https://us.macmillan.com/books/9781626723627. Get a personalized, signed copy here: https://www.darkdel.com/store/p2682/Corey_Doctorow%3A_Poesy_the_Monster_Slayer_HB.html#/.

Upcoming books:

• The Bezzle: a sequel to "Red Team Blues," about prison-tech and other grifts, Tor Books, February 2024

• Picks and Shovels: a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books, February 2025

• Unauthorized Bread: a graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2025

---

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

---

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Medium (no ads, paywalled):

https://doctorow.medium.com/

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla