Preliminary Findings on the Effects of Meta’s News Ban in Canada mediaecosystemobservatory.com

Following the passage of the Online News Act, the Media Ecosystem Observatory studied the behaviour of Canadian Facebook and Instagram users. The resulting report (PDF) is a brief but useful read.

Sara Parker, et al. summarizing two of its findings:

The Facebook Pages of national news outlets lost approximately 64% of their Facebook engagement following the end of news availability for Canadian users. Local news outlets lost approximately 85%. Almost half of all local news outlets stopped posting on Facebook entirely in the four months following the ban. 

Engagement with politically relevant pages and groups has remained unchanged since the ban, suggesting politically-oriented users have not reduced their Facebook usage.

Surprised? Me neither.

According to these researchers’ findings, many users simply posted screenshots of news articles without a direct link, thereby depriving media outlets of even meagre ad revenue. Interestingly, among a set of known misinformation sources catalogued by the Global Disinformation Index, sharing of news-like nonsense also dropped following Meta’s policy change.

Special Characters in MacOS leancrew.com

Dr. Drang:

I have a feeling many longtime Mac users are like me: some special characters are typed directly, some are done through expansion, and the rest — never used before and never expected to be used again — come through the Character Viewer.

When the Mac turned forty earlier this year, I made an effort to mention the “ability to type special characters by using the option key” as one of my favourite MacOS features. But I neglected to mention text replacement — which I use to transform, for example, cmdkey into ⌘, and xtimes into × — and Character Viewer. You may know the latter as the emoji picker, but you can click the icon in the upper-right of the panel to display the full Character Viewer. Oh, and another way of inserting special characters is to simply hold down a key on the keyboard, just like on iOS.

All of these seem like pretty intuitive ways to insert characters which do not appear on the keyboard, and do not require you to memorize Unicode values. I use all the entry methods available in MacOS and they, collectively, are among my favourite system features.

Sponsor: Magic Lasso Adblock: 2.0× Faster Web Browsing in Safari magiclasso.co

Want to experience twice as fast load times in Safari on your iPhone, iPad, and Mac?

Then download Magic Lasso Adblock — the ad blocker designed for you. It’s easy to setup, blocks all ads, and doubles the speed at which Safari loads.

Screenshot of Magic Lasso Adblock

Magic Lasso Adblock is an efficient and high performance ad blocker for your iPhone, iPad, and Mac. It simply and easily blocks all intrusive ads, trackers and annoyances in Safari. Just enable to browse in bliss.

By cutting down on ads and trackers, common news websites load 2x faster and use less data.

Over 300,000+ users rely on Magic Lasso Adblock to:

  • Improve their privacy and security by removing ad trackers

  • Block annoying cookie notices and privacy prompts

  • Double battery life during heavy web browsing

  • Lower data usage when on the go

And unlike some other ad blockers, Magic Lasso Adblock respects your privacy, doesn’t accept payment from advertisers, and is 100% supported by its community of users.

With over 5,000 five star reviews; it’s simply the best ad blocker for your iPhone, iPad and Mac.

Download today via the Magic Lasso website.

My thanks to Magic Lasso Adblock for sponsoring Pixel Envy this week.

China Orders Apple to Remove Popular Messaging Apps From App Store wsj.com

Aaron Tilley, Liza Lin, and Jeff Horwitz, Wall Street Journal:

Meta Platforms’ WhatsApp and Threads as well as messaging platforms Signal and Telegram were taken off the Chinese App Store Friday. Apple said it was told to remove certain apps because of national security concerns, without specifying which.

“We are obligated to follow the laws in the countries where we operate, even when we disagree,” an Apple spokesperson said.

A good argument for supporting protocols over platforms. Threads may have been ejected but it seems impossibly difficult to prohibit ActivityPub entirely. It is not as though HTTP or SMTP are banned in China.

U.S. Senate Votes to Reauthorize, Expand, FISA Surveillance Powers nbcnews.com

Frank Thorp V, Sahil Kapur and Ryan Nobles, NBC News:

The Senate voted to reauthorize a powerful surveillance tool the U.S. government describes as critical to combating terrorism, after defeating efforts by civil liberties advocates on the left and right to rein it in.

The vote of 60-34 sends the bill to President Joe Biden, who has championed it. The legislation extends Section 702 of the Foreign Intelligence Surveillance Act, or FISA, for two more years.

Contrary to the New York Times’ framing last year, the nay votes were hardly a picture of the “far-right”. Dissenters were almost a 50–50 split between Republicans and Democrats, with slightly more of the latter. Sadly, even with some long-overdue Republican support, the nay votes did not “imperil” this capability.

Marc Zwillinger, Steve Lane, and Jacob Sommer, of the ZwillGen law firm, on an amendment which will compel more providers to turn over records:

The new amendment is a marginal improvement over the last go-around, but it is still problematic. It is not a change that “narrowly updates the definition of electronic communication service provider under Section 702.” Like the FRRA, it: (1) drops the qualifier “communication” from the class of covered “service providers;” (2) makes access to communications-carrying equipment enough to establish eligibility; and (3) adds “custodian” to the list of individuals who can be forced to provide assistance. But unlike the FRRA, it then enumerates a list of business types that cannot be considered ECSPs, including public accommodations, dwellings, restaurants, and community facilities.

The White House is thrilled.

American readers, if you need cheering up, do note the House of Representatives passed the Fourth Amendment is Not For Sale Act.

Informed Consent and Privacy daringfireball.net

John Gruber, in 2020:

Just because there is now a multi-billion-dollar industry based on the abject betrayal of our privacy doesn’t mean the sociopaths who built it have any right whatsoever to continue getting away with it. They talk in circles but their argument boils down to entitlement: they think our privacy is theirs for the taking because they’ve been getting away with taking it without our knowledge, and it is valuable. No action Apple can take against the tracking industry is too strong.

Ian Betteridge contrasted this view against one of Gruber’s recent articles, in which his stance appears to have softened on the seriousness of tracking:

I wonder what happened to turn John’s attitude from “no action Apple can take against the tracking industry is too strong” to defending Facebook’s “right” to choose how it invades people’s privacy? Or is he suggesting that a private company is entitled to defend people’s privacy, but governments are not?

To put it another way, should people have an expectation of how private information is used and collected, or should that be wildly different depending on which companies they interact with? Is the status quo of handling private data in the U.S. the optimal legal balance?

John Gruber, responding:

I’ve seen a bit of pushback along this line recently, more or less asking: How come I was against Meta’s tracking but now seem for it? I don’t see any contradiction or change in my position though. The only thing I’d change in the 2020 piece Betteridge quotes is this sentence, which Betteridge emphasizes: “No action Apple can take against the tracking industry is too strong.” I should have inserted an adjective before “tracking” — it’s non-consensual tracking I object to, especially tracking that’s downright surreptitious. Not tracking in and of itself.

Given my review of Byron Tau’s new book, you might expect me to wholly disagree with the idea that anyone can provide consent. I do not — in theory. But in practice and in most circumstances right now, it probably is impossible for users to provide meaningful consent to all of the digital products and services they use.

Consider what full informed consent looks like for Facebook — and just Facebook. One would need to indicate they have read and understood each section of its simplified privacy policy, not just tick the blanket “I Agree” box, or permit it using the App Tracking Transparency dialog. Facebook should show exactly what it is collecting and how it is using this information. Every time a policy changes, Facebook should get an affirmative agreement, too, from each user; none of this by continuing to use the product, you indicate your agreement nonsense.

And this is just Facebook. Imagine that across all your accounts everywhere. We have a taste of that on the web with cookie consent panels, and on iOS with the myriad dialogs thrown by app features like accessing your contacts. A typical camera app will likely ask you for four different permissions out of the gate: camera, microphone, photo library, and location access. Adding yet more consents and dialog boxes is hardly an effective solution.

Meta is probably one of the more agreeable players in this racket, too. It hoards data; it does not share much of it. And it has a brand to protect. Data brokers are far worse because nobody knows who they are or what they collect, share, and merge. Scale the informed consent model above across all data brokers you interact with, in each app or website you use. As an example, Het Laatste Nieuws, a popular Dutch-language news site in Belgium, shows in its cookie consent dialog it has over one hundred advertising partners, among the lowest numbers I have seen. (For comparison, Le Monde has over five hundred.) True consent requires you to understand those privacy policies, too. What does Nexxen collect? Which other websites, apps, or products do you use which also partner with Nexxen? Can you find Nexxen in HLN’s partner list? (Probably not — the privacy policies for the first three advertisers I was going to use as an example in that sentence returned 404 errors, and I only found Nexxen because I clicked on the policy for Unruly, which rebranded last year.)

This is a mess from the perspective of users and site operators. A core principle of informed consent is an understanding of risk. Are people presented with adequate information about the risks of accepting tracking? No, not really. Meanwhile, website owners do not want to interrupt visitors with cookie consent forms; they want to interrupt them with email newsletter sign-up forms. Nobody wants to manage a vast database of specific consent agreements.

Gruber is reacting to a draft decision (PDF) by the European Data Protection Board — specifically:

It has to be concluded that, in most cases, it will not be possible for large online platforms to comply with the requirements for valid consent if they confront users only with a binary choice between consenting to processing of personal data for behavioural advertising purposes and paying a fee.

The EDPB’s justification for this is based largely on similar arguments to those I have made above, though it limits the scope of this decision to platforms of gatekeeper scale for similar interconnected rationales as it has used to define those platforms’ unique responsibilities. Interestingly, the EDPB says the mere existence of a fee at all is enough to question whether there is a truly free choice when a no-cost option is also available. It seems to want a third way: no behaviourally informed advertising, at no financial cost to users.

I am not sure there is a good reason to limit to gatekeepers restrictions regarding the use of behavioural advertising. There need to be stricter controls around tracking so that users may have informed consent, regardless of whether it is a corporate behemoth, a news publisher, or a weather app. If we want informed consent, we should have it, but the status quo is a poor excuse for truly informed, truly free consent.

A.I., Lost in Translation theverge.com

Victoria Song, the Verge:

I became the family Chewbacca. Family would speak to me in Korean, I’d reply back in English — and vice versa. Later, I started learning Japanese because that’s what public school offered and my grandparents were fluent. Eventually, my family became adept at speaking a pidgin of English, Korean, and Japanese.

This arrangement was less than ideal but workable. That is until both of my parents were diagnosed with incurable, degenerative neurological diseases. My father had Parkinson’s disease and Alzheimer’s disease. My mom had bulbar amyotrophic lateral sclerosis (ALS) and frontotemporal dementia (FTD). Their English, a language they studied for decades, evaporated.

This is one of those heartbreaking essays that will sit with me for a long time. It is nominally about how Humane’s wearable gadget struggled with translation features, but it is so much greater, as you can surmise from the quote.

Mother Earth Mother Board wired.com

After I linked to Josh Dzieza’s long report about subsea cable repair, I got an email from Joshua Ochs who pointed me to Neal Stephenson’s 1996 essay, published in Wired, about the laying of the FLAG cable.

There is some poetry here. The only way I read that original article, published it, and then received that email is because of all of this infrastructure. I may be writing this on a laptop with no wires coming out of it, but that is not really how I am connected to the internet. Instead, one cable after another has carried my bytes.

If you have not read it before, I think you should set aside some time for it. But do note: it is over forty thousand words. You should still read it. Also, there are parts of it which have not aged well — from predictable cultural perspectives, to a comparison made of the demise of the Library of Alexandria which will make you double-take the dateline. And I recommend spending time with the whole thing because it is amazing.

Tim Maly, writing for Nieman fifteen years after its publication:

The dot-com world’s dangerously myopic narcissism was visible to those with the right kind of eyes, and “Mother Earth Mother Board” is 42,535 words of emergency optical surgery. Stephenson wants to show you that everything’s been done before, only crazier.

The essay is apparently a legendary work but, as with so many critically lauded things, it escaped my field of view. If you have time this weekend, do not let it escape yours.

Tim Cook’s Southeast Asia Tour Is Taking Him Through Vietnam, Indonesia, Singapore, and Maybe Malaysia kompas.id

Mediana, Benediktus Krisna Yogatama, Mawar Kusuma Wulan, Kompas (as translated by Safari):

Indonesia is a destination country visited by the boss of the technology giant company Tim Cook, CEO of Apple, and Satya Nadella, CEO of Microsoft. The second visit has been announced by the Minister of Communication and Information Budi Arie Setiadi since mid-March 2024.

[…]

Apple has an obligation to build four [developer] academies, namely in Bali, Batam, Surabaya, and South Tangerang. The total investment value reaches Rp 1.6 trillion.

[…]

Regarding the construction of the factory, Agus said that his party would encourage it because Indonesia already has a factory of cell phone components such as batteries or cables, so that Apple can use domestic products.

I saw a few conspicuous cars waiting at the VIP terminal of Jakarta’s smaller airport yesterday. Turns out the private jet carrying the Apple entourage arrived just a few minutes after my discount flight took off. Practically rubbing shoulders over here.

Anyway, that tipped me off to the plane’s tail number and, based on its path this evening — local time — Cook and company have just landed in Singapore. It seems plausible to me Cook could also visit Malaysia to open the country’s first Apple Store, which looked close to finished last month. Thanks to Just Another Rakyat for that tip.

Meanwhile, Apple and Epic Games are fighting again, this time in a court in Melbourne. Perhaps Cook is also on his way to participate in that. There sure is a lot going on in Southeast Asia and Australia right now.

Update: Well my guesses were completely wrong about Cook’s schedule. After Singapore, he went back to California.

The Humanity Of It

The new A.I. Pin from Humane is, according to those who have used one, bad. Even if you accept the premise of wearing a smart speaker and use it to do a bunch of the stuff for which you used to rely on your phone, it is not good at those things — again, according to those who have used one, and I have not. Why is it apparently controversial to say that with intention?

Cherlynn Low, of Engadget, “cannot recommend anyone spend this much money for the one or two things it does adequately”. David Pierce, of the Verge, says it is “so thoroughly unfinished and so totally broken in so many unacceptable ways”. Arun Maini said the “total amount of effort required to perform any given action is just higher with the Pin”. Raymond Wong, of Inverse, wrote the most optimistic review of all those I saw but, after needing a factory reset of his review unit and then a wind gust blowing it off his shirt, it sounds like he is only convinced by the prospect of future versions, not the “textbook […] first-generation product” he is actually using.

It was Marques Brownlee’s blunt review title — “The Worst Product I’ve Ever Reviewed… For Now” — which caught the attention of a moderately popular Twitter user. The review itself was more like Wong’s, seeing some promise in the concept while dismissing this implementation, but the tweet itself courted controversy. Is the role of a reviewer to be kind to businesses even if their products suck, or is it to be honest?

I do not think it makes sense to dwell on an individual tweet. What is more interesting to me is how generous all of the reviewers have been so far, even while reaching such bleak conclusions. Despite having a list of cons including “unreliable”, and “slow”, and Low saying she burned herself “several times” because it was so hot, Engadget still gave it a score of 50 out of 100. The Verge gave it a 4 out of 10, and compared the product’s reception to that of the “dumpster fire” Nexus Q of 2012, which it gave a score of 5 out of 10.

That last review is a relevant historic artifact. The Nexus Q was a $300 audio and video receiver which users would, in theory, connect to a television or a Hi-Fi speaker system. It was controlled through software on an Android phone, and its standout feature was collaborative playlists. But the Verge found it had “connectivity problems” with different phones and different Nexus Q review units, videos looked “noticeably poor”, it was under-featured, and different friends adding music to the playback queue worked badly. Aside from the pretty hardware, there simply was no there there, and it was canned before a wide release.

But that was from Google, an established global corporation. Humane may have plenty of ex-Apple staff and lots of venture capital money, but it is still a new company. I have no problem grading on a reasonable curve. But how in the world is the Humane getting 40% or 50% of a perfect grade when every reviewer seems to think this product is bad and advises people not to buy one?

Even so, all of them seem compelled to give it the kind of tepid score you would expect for something that is flawed, but not a disaster. Some of the problems do not seem to be a direct fault of Humane; they are a consequence of the technological order. But that does not justify spending $700 plus a $24 per month subscription which you will need to keep paying in perpetuity to prevent your A.I. Pin from becoming a fridge magnet.

Maybe this is just a problem with trying to assign numerical scores. I have repeatedly complained about this because I think it gives mixed messages. What people need to know is whether something is worth buying, which consists of two factors: whether it addresses an actual problem, and whether it is effective at solving that problem. It appears the answer to the first is “maybe”, and the answer to the second is “hell no”. It does not matter how nice the hardware may be, or how interesting the laser projecting screen is. It apparently burns you while you barely use it.

In that light, giving this product an even tepid score is misleading. It is not respectful of potential buyers nor of the team which helped make it. It seems there are many smart people at Humane who thought they had a very good idea, and many people were intrigued. If a reviewer’s experience was poor, it is not cruel for them to be honest and say that it is, in a word, bad.

‘I Love My Phone So Much I Wish I Could Stare at It More’ businessinsider.com

Katie Notopoulos, Business Insider:

But then there’s the other, more existential argument against phones: We are spending all our free moments with a screen shoved in our faces, mindlessly scrolling for dopamine and ignoring the world around us. Time spent on your phone is bad; time spent doing anything else is good.

This argument I just can’t get on board with. I love mindless scrolling; I find it immensely enjoyable. I love flipping through TikTok, browsing tweets, poking around Reddit. I’ll pop into the group chat. Maybe if I have some extra time, I’ll go to my happy place and watch some movie trailers on YouTube.

I thought this was a good rebuttal to the seemingly constant moral panic over how much we use screens. Notopoulos is careful to disclaim she is writing as an adult “with a fully formed frontal lobe” and this advice probably does not apply in the same way to children.

I do not think we should consider this kind of debate settled one way or another. I think it is reasonable to ask whether it is a good idea for everybody to carry everywhere a slot machine for their feelings. Social media platforms are incentivized to increase time spent and user retention, which they can juice by making nicer products and through sneaky design patterns. It seems like grounds to worry about phone use if it is impacting other aspects of one’s life, like if they are forgetting to take care of themselves or do household tasks because they spend so much time on their phone.

But if you reading on your phone instead of reading a newspaper, or watching a YouTube video instead of watching a show on TV, what are you actually doing differently? Those seem like interchangeable activities.

Government Spyware Is Another Reason to Use an Ad Blocker techcrunch.com

Omer Benjakob and Eliza Triantafillou, Haaretz:

According to the documents, in 2022 Intellexa presented a proof of concept for a system called Aladdin that enables the remote infection of a specific mobile telephone device through online advertisements. This is the first time it has been revealed that a company outside of Israel has developed such a spyware tool – which was considered the cutting edge of Israel’s offensive cyber. At that time, in Israel, the Defense Ministry was actively working to prevent Israeli companies from marketing identical spyware tools abroad.

[…]

It is not known what happened to Aladdin. It is possible it was never developed or if it was, if it was ever actually sold. Adint systems are considered extremely complicated to develop and maintain over time, and it is not clear if Intellexa moved ahead with trying to develop it into a working product and if they ever pitched it or sold it.

This was described by Intellexa as a near zero-click solution, in that it only requires someone to be using a web browser for their device to be affected; it does not require someone to tap on an ad. iPhones were apparently not affected by this zero-click ad infection capability, and required at least one tap, but that is barely comforting considering how frequently I accidentally tap on ads in third-party apps on my iPhone.1

Via Zack Whittaker, TechCrunch:

Online ads help website owners, including this one, generate revenue. But online ad exchanges can be abused to push malicious code to a target’s device.

[…]

While no phone or computer can ever be completely unhackable, ad blockers can be effective in stopping malvertising and ad-based malware before it ever hits the browser.

The technology described by Haaretz is clearly among the most cutting edge and it seems unlikely any random person would be caught in its net. The whole point, after all, is specific and targeted malware delivery — something which, as with surveillance, is possible thanks to the way online advertising works. While there are many ad blockers available for browsers, including site sponsor Magic Lasso, there are no user-friendly answers for in-app ads on iOS, many of which use the same networks and technologies as those in browsers. This is an unfortunate limitation of the way iOS works.

  1. This is not really the point of this post, but it seems like something changed a few major iOS versions ago and I now find myself accidentally tapping way more often. This is especially noticeable when I am just trying to stop an in-progress scroll. ↥︎

Deep Sea Cable Repair Technicians Keep the World’s Communications Afloat theverge.com

Josh Dzieza, the Verge:

[…] It’s a truism that people don’t think about infrastructure until it breaks, but they tend not to think about the fixing of it, either. In his 2014 essay, “Rethinking Repair,” professor of information science Steven Jackson argued that contemporary thinking about technology romanticizes moments of invention over the ongoing work of maintenance, though it is equally important to the deployment of functional technology in the world. There are few better examples than the subsea cable industry, which, for over a century, has been so effective at quickly fixing faults that the public has rarely had a chance to notice. Or as one industry veteran put it, “We are one of the best-kept secrets in the world, because things just work.”

I bet this essay appears on a good many best of lists at the end of the year. It is tremendous. Necessary reporting well-told and richly illustrated. Normally, I find these kinds of high production value presentations more distracting than they are helpful, but this is exactly the opposite. A wonderful exploration of the kind of quiet profession that makes core parts of life possible for everybody else.

Microsoft’s ‘Enviable Advantages’ Cover Up Its Security Failures wired.com

Eric Geller, Wired:

Microsoft’s almost untouchable position is the result of several intermingling factors. It is by far the US government’s most important technology supplier, powering computers, document drafting, and email conversations everywhere from the Pentagon to the State Department to the FBI. It is a critical partner in the government’s cyberdefense initiatives, with almost unparalleled insights about hackers’ activities and sweeping capabilities to disrupt their operations. And its executives and lobbyists have relentlessly marketed the company as a leading force for a digitally safer world.

While one part of Microsoft is busy creating headlines for imminent A.I.-powered election propaganda on behalf of the Chinese government, another is failing to protect its own systems from breaches allegedly by Chinese state groups. This is not solely a U.S. problem, either; lots of governments worldwide rely on Microsoft’s products and services.

Music Discovery Begins to Stagnate When We Turn Thirty statsignificant.com

Daniel Parris:

Reading these studies proved an existential body blow because I am 31, apparently on the precipice of becoming a musical dinosaur. I like to think I’m special — that my high-minded dedication to culture makes me an exceptionally unique snowflake — but apparently I’m just like everybody else. I turned 30, and now I’m in a musical rut, content to have an AI bot DJ pacify me with the songs of my youth.

Patterns like these seem to be everywhere. Our learning capabilities fossilize, and everything from music to food to society begins to feel uncomfortable. It seems important, I think, for us to fight that tendency for ourselves and be willing to embrace new and different things. Music seems like as good a place as any to start. Keep trying new stuff.

Update: Only slightly related but just read, Lydia Davis’ “How He Changed Over Time”.

‘Means of Control’

In the 1970s and 1980s, in-house researchers at Exxon began to understand how crude oil and its derivatives were leading to environmental devestation. They were among the first to comprehensively connect the use of their company’s core products to the warming of the Earth, and they predicted some of the harms which would result. But their research was treated as mere suggestion by Exxon because the effects of obvious legislation would “alter profoundly the strategic direction of the energy industry”. It would be a business nightmare.

Forty years later, the world has concluded its warmest year in recorded history by starting another. Perhaps we would have been more able to act if businesses like Exxon equivocated less all these years. Instead, they publicly created confusion and minimized lawmakers’ knowledge. The continued success of their industry lay in keeping these secrets.

“The success lies in the secrecy” is a shibboleth of the private surveillance industry, as described in Byron Tau’s new book, “Means of Control”. It is easy to find parallels to my opening anecdote throughout though, to be clear, a direct comparison to human-led ecological destruction is a knowingly exaggerated metaphor. The erosion of privacy and civil liberties is horrifying in its own right, and shares key attributes: those in the industry knew what they were doing and allowed it to persist because it was lucrative and, in a post-9/11 landscape, ostensibly justified.

Tau’s byline is likely familiar to anyone interested in online privacy. For several years at the Wall Street Journal, he produced dozens of deeply reported articles about the intertwined businesses of online advertising, smartphone software, data brokers, and intelligence agencies. Tau no longer writes for the Journal, but “Means of Control” is an expansion of that earlier work and carefully arranged into a coherent set of stories.

Tau’s book, like so many others describing the current state of surveillance, begins with the terrorists attacks of September 11 2001. This was the early days, when Acxiom realized it could connect its consumer data set to flight and passport records. The U.S. government ate it up and its appetite proved insatiable. Tau documents the growth of an industry that did not exist — could not exist — before the invention of electronic transactions, targeted advertising, virtually limitless digital storage, and near-universal smartphone use. This rapid transformation occurred not only with little regulatory oversight, but with government encouragement, including through investments in startups like Dataminr, GeoIQ, PlaceIQ, and PlanetRisk.

In near-chronological order, Tau tells the stories which have defined this era. Remember when documentation released by Edward Snowden showed how data created by mobile ad networks was being used by intelligence services? Or how a group of Colorado Catholics bought up location data for outing priests who used gay-targeted dating apps? Or how a defence contractor quietly operates nContext, an adtech firm, which permits the U.S. intelligence apparatus to effectively wiretap the global digital ad market? Regarding the latter, Tau writes of a meeting he had with a source who showed him a “list of all of the advertising exchanges that America’s intelligence agencies had access to”, and who told him American adversaries were doing the exact same thing.

What impresses most about this book is not the volume of specific incidents — though it certainly delivers on that front — but the way they are all woven together into a broader narrative perhaps best summarized by Tau himself: “classified does not mean better”. That can be true for volume and variety, and it is also true for the relative ease with which it is available. Tracking someone halfway around the world no longer requires flying people in or even paying off people on the ground. Someone in a Virginia office park can just make that happen and likely so, too, can other someones in Moscow and Sydney and Pyongyang and Ottawa, all powered by data from companies based in friendly and hostile nations alike.

The tension running through Tau’s book is in the compromise I feel he attempts to strike between acknowledging the national security utility of a surveillance state while describing how the U.S. has abdicated the standards of privacy and freedom it has long claimed are foundational rights. His reporting often reads as an understandable combination of awe and disgust. The U.S. has, it seems, slid in the direction of the kinds of authoritarian states its administration routinely criticizes. But Tau is right to clarify in the book’s epilogue that the U.S. is not, for example, China, separated from the standards of the latter by “a thin membrane of laws, norms, social capital, and — perhaps most of all — a lingering culture of discomfort” with concentrated state power. However, the preceding chapters of the book show questions about power do not fully extend into the private sector, where there has long been pride in the scale and global reach of U.S. businesses but concern about their influence. Tau’s reporting shows how U.S. privacy standards have been exported worldwide. For a more pedestrian example, consider the frequent praise–complaint sandwiches of Amazon, Meta, Starbucks, and Walmart, to throw a few names out there.

Corporate self-governance is an entirely inadequate response. Just about every data broker and intermediary from Tau’s writing which I looked up promised it was “privacy-first” or used similar language. Every business insists in marketing literature it is concerned about privacy and says they ensure they are careful about how they collect and use information, and they have been doing so for decades — yet here we are. Entire industries have been built on the backs of tissue-thin user consent and a flexible definition of “privacy”.

When polled, people say they are concerned about how corporations and the government collect and use data. Still, when lawmakers mandate choices for users about their data collection preferences, the results do not appear to show a society that cares about personal privacy.

In response to the E.U.’s General Data Privacy Regulation, websites decided they wanted to continue collecting and sharing loads of data with advertisers, so they created the now-ubiquitous cookie consent sheet. The GPDR does not explicitly mandate this mechanism and many remain non-compliant with the rules and intention of the law, but they are a particularly common form of user consent. However, if you arrive at a website and it asks you whether you are okay with it sharing your personal data with hundreds of ad tech firms, are you providing meaningful consent with a single button click? Hardly.

Similarly, something like 10–40% of iOS users agree to allow apps to track them. In the E.U., the cost of opting out of Meta’s tracking will be €6–10 per month which, I assume, few people will pay.

All of these examples illustrate how inadequately we assess cost, utility, and risk. It is tempting to think of this as a personal responsibility issue akin to cigarette smoking but, as we are so often reminded, none of this data is particularly valuable in isolation — it must be aggregated in vast amounts. It is therefore much more like an environmental problem.

As with global warming, exposé after exposé after exposé is written about how our failure to act has produced extraordinary consequences. All of the technologies powering targeted advertising have enabled grotesque and pervasive surveillance as Tau documents so thoroughly. Yet these are abstract concerns compared to a fee to use Instagram, or the prospect of reading hundreds of privacy policies with a lawyer and negotiating each of them so that one may have a smidge of control over their private information.

There are technical answers to many of these concerns, and there are also policy answers. There is no reason both should not be used.

I have become increasingly convinced the best legal solution is one which creates a framework limiting the scope of data collection, restricting it to only that which is necessary to perform user-selected tasks, and preventing mass retention of bulk data. Above all, users should not be able to choose a model that puts them in obvious future peril. Many of you probably live in a society where so much is subject to consumer choice. What I wrote sounds pretty drastic, but it is not. If anything, it is substantially less radical than the status quo that permits such expansive surveillance on the basis that we “agreed” to it.

Any such policy should also be paired with something like the Fourth Amendment is Not For Sale Act in the U.S. — similar legislation is desperately needed in Canada as well — to prevent sneaky exclusions from longstanding legal principles.

Last month, Wired reported that Near Intelligence — a data broker you can read more about in Tau’s book — was able to trace dozens of individual trips to Jeffrey Epstein’s island. That could be a powerful investigative tool. It is also very strange and pretty creepy all that information was held by some random company you probably have not heard of or thought about outside stories like these. I am obviously not defending the horrendous shit Epstein and his friends did. But it is really, really weird that Near is capable of producing this data set. When interviewed by Wired, Eva Galperin, of the Electronic Frontier Foundation, said “I just don’t know how many more of these stories we need to have in order to get strong privacy regulations.”

Exactly. Yet I have long been convinced an effective privacy bill could not be implemented in either the United States nor European Union, and certainly not with any degree of urgency. And, no, Matt Stoller: de facto rules on the backs of specific FTC decisions do not count. Real laws are needed. But the products and services which would be affected are too popular and too powerful. The E.U. is home to dozens of ad tech firms that promise full identity resolution. The U.S. would not want to destroy such an important economic sector, either.

Imagine my surprise when, while I was in middle of writing this review, U.S. lawmakers announced the American Privacy Rights Act (PDF). If passed, it would give individuals more control over how their information — including biological identifiers — may be collected, used, and retained. Importantly, it requires data minimization by default. It would be the most comprehensive federal privacy legislation in the U.S., and it also promises various security protections and remedies, though I think lawmakers’ promise to “prevent data from being hacked or stolen” might be a smidge unrealistic.

Such rules would more-or-less match the GDPR in setting a global privacy regime that other countries would be expected to meet, since so much of the world’s data is processed in the U.S. or otherwise under U.S. legal jurisdiction. The proposed law borrows heavily from the state-level California Consumer Privacy Act, too. My worry is that it will be treated by corporations similarly to the GDPR and CCPA by continuing to offload decision-making to users while taking advantage of a deliberate imbalance of power. Still, any progress on this front is necessary.

So, too, is it useful for anyone to help us understand how corporations and governments have jointly benefitted from privacy-hostile technologies. Tau’s “Means of Control” is one such example. You should read it. It is a deep exploration of one specific angle of how data flows from consumer software to surprising recipients. You may think you know this story, but I bet you will learn something. Even if you are not a government target — I cannot imagine I am — it is a reminder that the global private surveillance industry only functions because we all participate, however unwillingly. People get tracked based on their own devices, but also those around them. That is perhaps among the most offensive conclusions of Tau’s reporting. We have all been conscripted for any government buying this data. It only works because it is everywhere and used by everybody.

For all they have erred, democracies are not authoritarian societies. Without reporting like Tau’s, we would be unable to see what our own governments are doing and — just as important — how that differs from actual police states. As Tau writes, “in China, the state wants you to know you’re being watched. In America, the success lies in the secrecy“. Well, the secret is out. We now know what is happening despite the best efforts of an industry to keep it quiet, just like we know the Earth is heating up. Both problems massively affect our lived environment. Nobody — least of all me — would seriously compare the two. But we can say the same about each of them: now we know. We have the information. Now comes the hard part: regaining control.

Humane A.I. Pin Reviews mjtsai.com

I was perhaps a little optimistic about Humane’s A.I. Pin. It seems like an interesting attempt at doing something a little different and outside the mainstream device space. But the early reviews have dampened any of intrigue I may have had.

In its current guise, it is a solution in search of problems. It does not even have a timer function — the one thing I can count on Siri to deliver. For someone with a disability, something like this could make a lot of sense if it worked reliably and quickly, but it seems like it is too finicky.

Facebook Did Not Censor a Critical Column, but It Still Erred kansasreflector.com

Sherman Smith, Kansas Reflector:

Facebook’s unrefined artificial intelligence misclassified a Kansas Reflector article about climate change as a security risk, and in a cascade of failures blocked the domains of news sites that published the article, according to technology experts interviewed for this story and Facebook’s public statements.

Blake E. Reid:

The punchline of this story was, is, and remains not that Meta maliciously censored a journalist for criticizing them, but that it built a fundamentally broken service for ubiquitously intermediating global discourse at such a large scale that it can’t even cogently explain how the service works.

This was always a sufficient explanation for the Reflector situation, and one that does not require any level of deliberate censorship or conspiracy for such a small target. Yet, it seems as though many of those who boosted the narrative that Facebook blocks critical reporting cannot seem to shake that. I got the above link from Marisa Kabas, who commented:

They’re allowing shitty AI to run their multi-billion dollar platforms, which somehow knows to block content critical of them as a cybersecurity threat.

That is not an accurate summary of what has transpired, especially if you read it with the wink-and-nod tone I imply from its phrasing. There is plenty to criticize about the control Meta exercises and the way in which it moderates its platforms without resorting to nonsense.

The World of Shein nplusonemag.com

Nicole Lipman, N+1 magazine:

But both things can be true. SHEIN might be singled out as the worst fast-fashion retailer because the United States fears and envies China and has a particular interest in denigrating its successes, and it might be singled out because it is, in fact, the worst: the greatest polluter, the most flagrant IP thief, the largest violator of human rights, and — arguably worst of all — the most profitable. SHEIN has shown the world that unsustainability pays. Together with the companies that will follow its example of ultra-fast fashion, SHEIN will accelerate the already-rapid acceleration toward global catastrophe.

Consider the volume of critical press coverage, for decades, documenting outrageous practices in any number of consumer industries — fashion, technology, whatever — and then consider how those same industries, and even the same businesses, continue to grow and thrive. We now live in a world of Shein, Temu, and Amazon, all of which are the exact opposite of the values we claim to hold, yet are hugely popular and growing. The worse they are, the more they are rewarded.

See Also: Michael Hobbes’ deep 2016 investigation, for the Huffington Post, about the “myth of the ethical shopper”.