Source Code: Your daily look at what matters in tech.
To give you the best possible experience, this site uses cookies. If you continue browsing. you accept our use of cookies. You can review our privacy policy to find out more about the cookies we use.
yesJohn AckerlyNone
April 12, 2020
As fast as we've gone from patient zero to pandemic in this country, so have we sped from the mere suggestion of "sentinel surveillance" to our leaders demanding what some call a Patriot Act for health care. Having served as lead White House technology adviser on Sept. 11, 2001, I've been down this path, and I know its peril far too well. But before I go there, let's first take stock of where we are.
While there are some early indications that social distancing is working, the American acceptance of isolation — and the economic uncertainty attached to it — is wearing thin. Any positive signs will likely ignite anxious anticipation of going back to life as we knew it. But when we do open the economy back up, we must do so without trading in our values.
Plans such as the "National Coronavirus Response: A Roadmap to Reopening" lay out comprehensive phased approaches to containing the pandemic and ultimately opening society back up. In order to move out of this necessarily first isolation phase, they also argue for the creation of "new national surveillance infrastructure" and the widespread use of individual contact tracing.
Indeed, a system that tracks individual movements and health conditions in real time would accelerate the removal of physical distancing requirements. South Korea used this kind of tracing to successfully slow the spread of coronavirus there, and China's more draconian version also appears to have worked.
However, such surveillance systems clearly conflict with American values and the right to privacy. In the U.S., numerous "smart" tracking efforts have popped up to inform the public, such as Unacast's Social Distancing Scoreboard or Kinsa's fever heat map, with new apps released almost daily. The information is valuable, but much of it is powered by our private data, which lacks critical protections and which we have no ability to control.
The question is: How do we serve the critical need while preserving the inalienable right?
In my time at the White House, I bore witness to a number of the early decisions that had significant, unintended negative consequences. For example, new FISA court processes allowed domestic wiretapping, and Patriot Act provisions enabled mass data capture of citizens who were not under any criminal investigation. The lessons many of us learned were that the benefits in the fight against terrorism were marginal, while the privacy and data security consequences were large and lasting. Further, we learned that because there was little transparency in the deliberations, people lost trust in public institutions.
Today, we have an opportunity to learn from the past and make smart decisions that can both accelerate "reopening" society and also enhance our civil liberties and the public trust. Surveillance sentinel systems and contact tracing will be mission-critical for a sustainable solution to COVID-19, but they must not evoke fears of "1984" or "The Minority Report," much less "Citizenfour."
Data privacy must be a foundational and transparent component of our response to COVID-19. We must lead the world in innovative strategies that enhance both safety and trust. The solution demands giving the American public actual technical control over their data so that people don't have to rely on the promises of technology companies or the government for how they will use (and reuse) personal data.
The good news is that recent technology advances make possible near-instant contact tracing in a way that protects privacy and enhances actionable intelligence. We have the capability today to create an open, interoperable and encrypted data-sharing and surveillance platform that empowers each of us to be a sentinel — to share our most sensitive data for both individual and societal benefit, while at the same time knowing that we can ultimately control the scope and timespan of usage of our own data. I know this because I run a company that makes such a platform, but our tools are open-source and they and other open-source offerings can be used for free by governments and any of the emerging contact tracing efforts (e.g., the World Health Organization, MIT and scores of regional initiatives).
In February, Secretary of Health and Human Services Alex Azar called for "a completely different kind of health care system: where you, as the patient, are at the center and in control, with seamless access to the data you need to make decisions." This vision could not be more urgent, and I call on the White House immediately to convene the CDC, CMS and our country's leading epidemiologists, technologists and privacy experts to develop an open, secure data-sharing and surveillance framework that actually puts the public at the center of control.
In so doing, we can regain the moral authority lost after 9/11 and help lead the world out of this crisis and prevent the next. Privacy is a human right, grounded in trust, and there is no sustainable solution to COVID-19 without it. Today, only 35% of Americans are comfortable with sharing data with government to fight the virus. This makes sense, particularly given the continuing, daily examples of corporate and government data leaks, misuse and abuse.
That's why we must move quickly and aggressively to adopt open and interoperable surveillance platforms that verifiably demonstrate that data is used only for its intended purpose and that give individuals the power to approve or revoke access to their sensitive information at any time. With smart technology and policy decisions now, we will have the confidence to freely share our most sensitive data for the common good, reopen our economy more quickly, and get back to the life and freedoms that make us Americans.
John Ackerly
John Ackerly is the CEO and co-founder of Virtru, a digital privacy company based in Washington, D.C. Prior to founding Virtru in 2012, John was responsible for technology policy at the White House National Economic Council and was the director of policy and strategic planning at the U.S. Department of Commerce.
People
Beeper built the universal messaging app the world needed
It's an app for all your social apps. And part of an entirely new way to think about chat.
Beeper is an app for all your messaging apps, including the hard-to-access ones.
Image: Beeper
January 22, 2021
David Pierce ( @pierce) is Protocol's editor at large. Prior to joining Protocol, he was a columnist at The Wall Street Journal, a senior writer with Wired, and deputy editor at The Verge. He owns all the phones.
January 22, 2021
Eric Migicovsky likes to tinker. And the former CEO of Pebble — he's now a partner at Y Combinator — knows a thing or two about messaging. "You remember on the Pebble," he asked me, "how we had this microphone, and on Android you could reply to all kinds of messages?" Migicovsky liked that feature, and he especially liked that it didn't care which app you used. Android-using Pebble wearers could speak their replies to texts, Messenger chats, almost any notification that popped up.
That kind of universal, non-siloed approach to messaging appealed to Migicovsky, and it didn't really exist anywhere else. "Remember Trillian from back in the day?" he asked, somewhat wistfully. "Or Adium?" They were the gold-standard of universal messaging apps; users could log in to their AIM, MSN, GChat and Yahoo accounts, and chat with everyone in one place.
<p>Migicovsky has spent the last two years building a modern equivalent. It's called Beeper, and it pulls 15 different messaging services — including WhatsApp, Slack, Instagram and iMessage — into a single app. The app launched this week, and will cost $10 a month for anyone who wants to use it. Migicovsky said roughly 40 people have been using the app for the last few months, and that he's come to rely on it completely. "Beeper went down for me a couple of weeks ago, and I had to fix it," he said. "And for the hours I was fixing it, I had to open up Slack, Telegram, Signal, everything. It was like going back to the Stone Ages." </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="1">
</div>
</div></p><p>To explain how Beeper works, and why Migicovsky thinks it's valuable, you have to understand the protocols. In the early days of online messaging (otherwise known as The Adium Era), many messaging services were based on a protocol called Extensible Messaging and Presence Protocol, or XMPP. When it was designed, XMPP intended to make all kinds of communication on the internet, from text to video to file transfers, into decentralized systems. For a while, it worked: From AIM to Google Talk to the early days of Facebook Chat, some of the biggest messaging services used XMPP. </p><p>A few years later, Google and Facebook — and soon others — decided to stop supporting XMPP. Some argued XMPP was too complicated a protocol and simply didn't work; others said they could develop features more quickly by keeping everything in-house. "Today, group conversations, sharing your day with stickers or emojis and messaging across multiple devices have become second nature to many of us," Google product manager Mayur Kamat <a href="https://web.archive.org/web/20150704141805if_/https://plus.google.com/+MayurKamat/posts/ETBvtp9VYav" rel="noopener noreferrer" target="_blank">wrote in 2015</a> announcing the switch from Google Talk (which supported XMPP) to Hangouts (which didn't). Whatever the reason, messaging apps soon became walled gardens, with everything run — and stored — in one place.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="2">
</div>
</div></p><p>In the last few years, though, a group of developers has been building a new protocol, one they hope can offer all the openness and decentralization of XMPP but with all the modern features people need now: encryption, voice and video, integrations with other apps and the like. It's called Matrix. "Matrix is our effort to right the balance" after decades of great tech being turned into walled gardens, said Matthew Hodgson, Matrix's technical co-founder. "If you were going to build the holy grail of messaging," the team asked themselves several years ago — a service where anyone can participate, where everything is encrypted, where nothing is locked off from the ecosystem — "what would it look like?" Some of this tech has been built in the past, but always inside a single company or service. They wanted to build it and give it to the internet.</p><p>Ultimately, Hodgson said, Matrix is more than a messaging protocol. "It's a real-time database for any kind of information," he said, from financial tickers to drone flights to VR streams. "Matrix just gives you the building blocks to synchronize it between different deployments." Messaging just happens to be something with which Hodgson and his team have plenty of experience. Not to mention, it's kind of a killer app. Matrix-based messaging can support a whole ecosystem of apps, the way email protocols do. It's all end-to-end encrypted, and it's resilient by virtue of not being housed in a single data center. </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="3">
</div>
</div></p><p>"When Slack goes down for six hours," Hodgson said, "or Signal goes down for 24 hours, people realize, 'hang on, all my eggs are in one basket.'" There are already decentralized, harder-to-kill apps like Slack or Signal running on Matrix, where there's less security risk or possibility of downtime. He added: "The narrative is swinging in our direction." Millions of users use Matrix messaging tools already, he said, including the entire French government, which uses a Slack-like tool called Element that is built by the Matrix team.</p><p class="shortcode-media shortcode-media-rebelmouse-image">
<img type="lazy-image" data-runner-src="https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTUxMjQ3Mi9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTY3MDIzNzU0NX0.NPrsWaIEy9RUG90_cIsyZMFW7foaGyiuP_vHdD2T-Ok/img.png?width=980" id="ce4ab" class="rm-shortcode" data-rm-shortcode-id="37ea800dd363bb5c0c588b2727990131" data-rm-shortcode-name="rebelmouse-image" alt="Beeper chats">
<small class="image-media media-caption" placeholder="Add Photo Caption...">Beeper tries to wrangle lots of messaging apps into one. Eventually, that might not be necessary.</small><small class="image-media media-photo-credit" placeholder="Add Photo Credit...">Image: Beeper</small></p><p>Matrix is key to Beeper, but in a slightly different way. Migicovsky isn't trying to build a brand-new chat service to compete with WhatsApp; he's trying to wrangle all the services people use into a system that feels more open. So he's taking advantage of a Matrix feature called Bridges, which pulls other apps into the Matrix ecosystem. Sometimes this is easy: Migicovsky said IRC and Telegram have great APIs, making it easy to send and read messages from other apps. Most others are a bit hackier, though Migicovsky said it's rarely impossible: "If you can open something in a browser, we can get to it."<br></p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="4">
</div>
</div></p><p>One of Beeper's most enticing integrations is with iMessage, which would mean users could access their iMessages on Android or Windows through the Beeper app. This one is stupendously hacky. If a Beeper user has a Mac that's always on and connected to the internet, it's easy; Beeper just connects to the same relay that delivers messages to all your Apple devices, and sends them to Beeper. But if you don't have a Mac that fits the description, there's only one way in. "We wrote an app for jailbroken iPhones that acts as a relay," Migicovsky said. "There's a database on the iPhone called sms.db. And so we just read and write to that." </p><p>But wait, it gets hackier! There's no way to get everyone to jailbreak their iPhones, so Migicovsky found a workaround. "I buy used old cracked-screen iPhones for cheap," he said. "I jailbreak them, and send them to people with the app installed. And they just set it up and leave it somewhere connected to Wi-Fi." There's a box full of semi-busted iPhones, all the way back to the iPhone 4, on his desk right now. The plan works, though it doesn't exactly scale. "We tried a lot of different things," Migicovsky said. "It might not be like this forever." </p><p>There's one part of this setup that Migicovsky actually quite likes. "You control the phone," he said. All the code is open source, and Beeper encrypts all messages; only users have their passwords to access them. But if you really don't want Beeper getting your texts anymore, just unplug that jailbroken iPhone, and you're done.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="5">
</div>
</div></p><p>Migicovsky has lots of ideas for how to improve Beeper as a product, and messaging in general. "No one has really innovated in chat in the last 10 years," he said, before allowing that maybe Slack and Discord get a little credit. But that's it. He's not sure what better looks like, though. He's intrigued by new ways to sort and organize messages, even how threads could look. "I'm really just excited about having this ... not a blank canvas, a malleable canvas," he said.</p><p>The list of places people message seems to get longer every day, and Migicovsky wants Beeper to support them all. "I want to build LinkedIn and Snapchat, and I'm not dating but a lot of people want Tinder messages on this," he said. He's not trying to replace those apps entirely, though. "Discord's amazing," he said, by way of example. "It has cool animations, you have the audio chat that's really good, it's got this social element." For Discord things, people should use Discord. But texting with friends or sharing photos shouldn't be a Discord thing. Or an Instagram thing, or a WhatsApp thing, or a Signal thing, or a Slack thing. It definitely shouldn't be all of those, separately.</p>"It would be wonderful if we didn't have to build what we built," Migicovsky said. "And you could just look me up, like in a phone book or something, and say, 'I want to talk to Eric.'" In the long run, Matrix might help make that possible — already, it appears some of Twitter's decentralization work through Project Bluesky is <a href="https://twitter.com/bluesky/status/1352302821140549632" rel="noopener noreferrer" target="_blank">being done on Matrix</a>, and Hodgson said he's had conversations with a number of big players in the tech world about build a more open and interoperable messaging ecosystem. For now, the best anyone can do is put everything in one place. It's hacky, but it's progress.
Keep Reading
Show less
David Pierce ( @pierce) is Protocol's editor at large. Prior to joining Protocol, he was a columnist at The Wall Street Journal, a senior writer with Wired, and deputy editor at The Verge. He owns all the phones.
People
Amazon’s head of Alexa Trust on how Big Tech should talk about data
Anne Toth, Amazon's director of Alexa Trust, explains what it takes to get people to feel comfortable using your product — and why that is work worth doing.
Anne Toth, Amazon's director of Alexa Trust, has been working on tech privacy for decades.
Photo: Amazon
January 18, 2021
David Pierce ( @pierce) is Protocol's editor at large. Prior to joining Protocol, he was a columnist at The Wall Street Journal, a senior writer with Wired, and deputy editor at The Verge. He owns all the phones.
January 18, 2021
Anne Toth has had a long career in the tech industry, thinking about privacy and security at companies like Yahoo, Google and Slack, working with the World Economic Forum and advising companies around Silicon Valley.
Last August she took on a new job as the director of Alexa Trust, leading a big team tackling a big question: How do you make people feel good using a product like Alexa, which is designed to be deeply ingrained in their lives? "Alexa in your home is probably the closest sort of consumer experience or manifestation of AI in your life," she said. That comes with data questions, privacy questions, ethical questions and lots more.
<p>During CES week, when Toth was also on a popular panel about the future of privacy, she hopped on a Chime call to talk about her team, her career and what it takes to get users to trust Big Tech. </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="1">
</div>
</div></p><p><em>This interview has been edited and condensed for clarity.</em></p><p><strong>How does the Trust team work? That's what it's called, right?</strong></p><p>Yeah. I work on the Alexa Trust org, it's part of the Alexa organization overall. The team that I work on is responsible for building all the privacy features, all the privacy controls and settings, and thinking about privacy across Alexa, as well as accessibility. So the aging teams, the accessibility teams, Alexa for Everyone, all reside within this organization. And we're thinking about content issues and the whole gamut. So really all of the all of the policy dimensions and how they manifest in consumer-accessible controls and features is what this team thinks about.</p><p><strong>Why is that one team? You just named a bunch of different, equally important things. What is the tie that binds all of those things?</strong></p><p>Well … I think it's trust, right? It's, how do we develop trustworthy experiences? We are very much a horizontal organization that works throughout the Alexa org. </p><p>And the Alexa org actually is much larger than I even anticipated. When I first was interviewing with the organization, I was really surprised at how big and how quickly it's grown. So it's truly a horizontal effort to think about the customer experience, and all of these areas where there are potential trust issues, and try to deal with them very proactively. </p><p><strong>That's a much bigger definition of trust than I would have guessed. I feel like we talk about trust a lot as sort of synonymous with privacy, and so "what do you do with my data" is the core question. But then when you put things like accessibility and ethics in there, it broadens the definition of what you're looking at in this really interesting way.</strong></p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="2">
</div>
</div></p><p>Yeah, it's a very expansive view. I have worked on privacy for most of my career. It often presents as a defensive issue for companies, right? And even the word "privacy" brings up a sort of connotation that makes you think about all the things you don't want people to know. </p><p>But I think of it really as an opportunity to innovate and to try to create more positive experiences, rather than to think of it as a defensive posture. How are we enabling the usage of data to help create better experiences for customers? Because that's really, ultimately what customers want: for you to use data to make this better for me. And I'm totally good with that. The concern is when I'm not sure what I'm getting out of you using my data, and you have it, and why do you have it? That's the area that's problematic. And what I see, and what we're trying to do, is to be very transparent, and to demonstrate time and again how your data is actually benefiting you in this product experience.</p><p><strong>That's actually one of the things I wanted to talk about. You said in another interview that so much of privacy and security is basically just, like, don't screw up. There's no positive experience, it's just there until you ruin it. It's interesting to think about it the other way: to say, "What does it look like to be more proactive about privacy and data security?" What does that look like for you, in terms of how to actually put it in front of people in a way that feels useful, instead of just having pop-ups that say, "Don't worry, we're not using your data for bad things?"</strong><br></p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="3">
</div>
</div></p><p>Designing for privacy, or designing for trust more specifically, is about baby steps. It's like developing a relationship with a person, right? You have to earn the trust. And you have to do things in the beginning that over time become less important. So the wake word: We rely very heavily on the wake word. You have to invoke Alexa. But the use of the wake word, and the training around that, is in order to make people comfortable with the fact that we are only streaming your requests to the cloud once the wake word has been invoked. </p><p>That is about interjecting some conscious friction, to create a trusted experience so that later when we have more advanced features, more advanced conversational-type elements, you'll be in a place where you're comfortable with that experience. It moved you along that learning curve, and got to that place where you trust us to do that for you effectively. </p><p>I think it was on Twitter or on LinkedIn, I saw that there was an article that had gone viral. There was a security organization that did a breakdown of an Echo device because there was a theory the mic-off button was in fact just cosmetic. So they did a whole breakdown and sort of mapped out the electronics to prove, in fact, if the red light is on, the wiring to the mic is disabled. The red light and the mic cannot both be on at the same time and vice versa. That was a design choice. There are a lot of choices that are about getting people comfortable with the device, and feeling that degree of trust so that later down the road, we can introduce more features that people will be more likely to use. </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="4">
</div>
</div></p><p><strong>But it's telling even that those sort of conspiracy theories exist, right? People think the same thing about Facebook turning on their microphone. Does it feel like there is this perception hole that every big tech company is in right now? That you, as Alexa, have to go out of your way to convince people that you're doing the right thing, as opposed to even starting in a neutral place? It just feels like we're in this place where people are learning to be suspicious about things that they don't understand.</strong></p><p>I'm kind of a hardened cynic. That's just my natural disposition on things. So yes, I think we are in a period of time right now where skepticism is at an all-time high. And I think deservedly so, in the world we're living in at the present moment.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="5">
</div>
</div></p><p>But what I'm often heartened by is that people have put this device into their homes, into their most sacred private spaces with their families with their loved ones. To do that is a big leap of faith and trust in Amazon and Alexa. So the mere fact that we're there is already a sign that people have extended to us the benefit of the doubt and have said "we trust you." </p><p>So it's not even so much about having to earn that trust in the first place as it is having to be worthy of that trust, right? Or be worthy of that privilege of being in that space. That's the goal for me: to make sure that we continue to be worthy of the trust they've already placed in us, which is not a hurdle everyone gets over. </p><p><strong>What about as you think about things like default settings versus giving people choice? You can give people all the options in the world, but we know for a fact that most people are never going to change anything. So I'm suspicious of the idea that that's a solution to these problems, but it's definitely part of the solution. How do you think about making good decisions for people versus letting people make decisions?</strong> </p><p>First of all, no two people have the exact same notions of privacy. It's different generations, different cultures, different backgrounds, different experiences, all driving different expectations. No matter where you set a default, it's not going to be right for everybody. So there has to be the ability to change it. And you have to make that easy to find. <br></p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="6">
</div>
</div></p><p>So in the Alexa context, voice-forward commands to try to make it as easy as possible to be able to say, "why did you do that," or "delete what I just said," or "delete everything I have ever said" — those kinds of interactions help reduce the friction in privacy, they make it easier for people to exercise those those options. </p><p>Your default settings generally represent your organizational bias, in one way or the other. And in this case, the default settings that we have reflect our ability to use data in a way that's going to improve the product and make it better for the customer. So that's where they are. And that's how they've been determined. But they're not immovable. And that's the most important part. </p><p><strong>Well, that education piece seems hard, though. We've seen Facebook, for instance, try to explain why it collects a lot of data. And it doesn't necessarily track for a lot of people. There was this big dustup with WhatsApp, people lost their minds. Is it harder than you're making it sound to help people understand what you're doing with their data?</strong></p><p>In some ways, I think that this product gives you a more immediate example of that data benefit than other products. I mean, I spent a lot of my career talking about the benefits of targeted advertising, and how if you're going to get an ad, better to get a targeted ad than one that's irrelevant. But the relative benefit to you as a customer, as an individual, for that use of your data doesn't really feel as meaningful as the types of experiences or improvements we're able to make. </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="7">
</div>
</div></p><p>And there's lots of data, particularly looking at introducing Alexa into new countries and languages and dialects, where the ability to use that voice data to dramatically improve our responses and our accuracy is something that is noticeable by people over time. I think people would recognize that, that trajectory.</p><p><strong>That's fair. And it does seem like most people, when you explain it to them, will understand pieces of it like that.</strong> </p><p>This is why I love "Alexa, why did you do that?" Because Alexa doesn't always get it right the first time, and to be able to actually ask and get a response about what that reasoning was, and you can see it in real time — you can't do that with a lot of other experiences. That's a cool one that I hope more people use. </p><p>But we are faced with some real challenges under regulation about explainable AI. These technologies are getting more and more sophisticated, and when they work really well, sometimes we're delighted, and sometimes we're creeped out. It's that balancing act of like, "Wait a minute, that was really useful … should I be worried?" Which is why trust is so important to develop, so that when you get to that moment, you can offer a customer benefit without it being intrusive, or invasive or feeling somehow uncomfortable. Devices should learn!</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="8">
</div>
</div></p><p><strong>You're a privacy person, so I have a current events question for you: We're in the middle right now of this privacy versus transparency debate, where it's either better to let people use encrypted services because they can't be watched or becomes a problem because bad people can do bad stuff in those encrypted services and nobody can find them. And obviously, this shows up in lots of scary ways recently. Where do you fall on the debate?</strong></p><p>I will have to speak to this on a personal level, but all the messaging apps I use are end-to-end encrypted for primary messaging. I think it's important, and I think that there's a role that they play that is important. There are lots of people who think that people aren't really concerned about privacy in the world, and we've passed that moment where privacy is an issue. Just based on the number of people that I've seen crop up on Signal and Telegram in the last week, I can tell you that people really are paying attention. So I think that if that's the indicator that we should be looking at, then I would say privacy is not dead. People really do care. And it's something everybody should be paying attention to.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="9">
</div>
</div></p>
Keep Reading
Show less
David Pierce ( @pierce) is Protocol's editor at large. Prior to joining Protocol, he was a columnist at The Wall Street Journal, a senior writer with Wired, and deputy editor at The Verge. He owns all the phones.
Why Biden needs a National Technology Council
The U.S. government needs a more tightly coordinated approach to technology, argues Jonathan Spalter.
A coordinated effort to approach tech could help the White House navigate the future more easily.
Photo: Gage Skidmore/Flickr
January 15, 2021
Jonathan Spalter is the president and CEO of USTelecom – The Broadband Association.
January 15, 2021
The White House has a National Security Council and a National Economic Council. President-elect Joe Biden should move quickly to establish a National Technology Council.
Consumers are looking to the government to set a coherent and consistent 21st century digital policy that works for them. Millions of Americans still await public investments that will help connect their remote communities to broadband, while millions more — including many families with school-age children — still struggle to afford access.
<p>America's leadership in many new technologies is vital, but not a given: The enormous benefits of 5G, AI, cloud and quantum computing lay ahead, but other nations are threatening U.S. dominance. Meanwhile, our largest digital platforms are facing criticism over misinformation, algorithmic bias and concerns about anticompetitive market dominance, while foreign enemies are invading our government at the highest levels through sophisticated cyber warfare.</p><p>From all sides, the status quo leaves too many opportunities untapped and vulnerabilities exposed. This has significant implications for our nation, from jobs and modern health care to national security and global competition. Without greater coordination and leadership from the top, a fast-proliferating warren of competing federal agencies — all with a rightful claim of technology's importance to their work — has no hope of uniting to help our digital economy "build back better."</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="1">
</div>
</div></p><p>The National Security Council was created by President Harry Truman in the aftermath of World War II. The National Economic Council was established by President Bill Clinton a mere five days after he first took the oath of office. Both serve essentially the same purpose: They exist to pull together the disparate efforts of a vast federal apparatus and ensure every oar is not just in the water, but pulling vigorously in the same direction on complex, interrelated issues that have far-reaching implications for the nation.</p><p>We need this more tightly-coordinated approach in the technology arena. From smart transportation to remote education and health care to the nation's defense, commerce and trade, every agency rightly views technology as central to their work. Equally true: Every American has a rightful claim to a coordinated, ambitious and effective effort from their government.</p><p>We don't have that today in the multi-headed, overlapping and often competing technology policy coordination processes, legacy functions like the Office of Science and Technology Policy and a host of more recently created 'C-level' offices (CTO, CIO, CISO, etc.) at work in the White House today.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="2">
</div>
</div></p><p>To offer one example, there are currently 20 federal initiatives relating to 5G network security alone — each with its own set of objectives, its own circle of leaders and partners and its own set of tasks and requests for information and collaboration from industry. </p><p>Rather than a growing multiverse of agencies scrambling for the soccer ball, we need a coordinated effort to better ensure the U.S. government's technology leadership can turn on a dime, whether in response to imminent cyber threats, marshaling federal resources to close the digital divide or creating more incentives for private sector innovation and investment.</p><p>We need one referee supported by a more streamlined and diverse team that can see the entire field and ensure the best ideas get the time, space and fair attention they require at the highest levels of the White House.</p><p>We've done it before. It's been more than two decades since the White House launched an all-out coordination effort on a hugely important technology issue: standing up the Y2K Task Force. Its role was to prevent a global meltdown of digital systems that threatened to imperil everything from air travel and nuclear reactors to credit card expiration dates and social security payments.</p><p>From the public's point of view, the turning of the digital calendar to a new millennium was a "non-event." To those of us who did the work — from coordination to coding — it was millions of hours of effort. Every designated representative was at the White House weekly coordinating U.S. preparedness.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="3">
</div>
</div></p><p>It was a Herculean effort. It was also "one and done." In the 20 years since, technology has grown exponentially more central to virtually every part of our nation's success. A permanent National Technology Council would offer President-elect Biden — and all who follow him into the Oval Office — a central and more cohesive coordinating mechanism with the stature to steer the massive ship that is the U.S. government according to a shared vision, common objectives and aggressive but achievable goals.</p><p>We have serious issues before our country. Technology innovation and network evolution are central to our path forward: from our health and wellbeing as a society and a democracy to our delivery away from this pandemic, and for sustaining growth, creating jobs and leading on the global stage.</p><p>The presidential transition offers a precedential moment. With a clear mandate to close the digital divide and in the aftermath of a massive, state-sponsored act of cyber warfare, President-elect Biden should seize the moment. President Truman famously declared: "The buck stops here." President-elect Biden should act now to definitively answer the question left to linger far too long over the nation's technology policy: "The buck stops where?"</p>
Keep Reading
Show less
Jonathan Spalter is the president and CEO of USTelecom – The Broadband Association.
We need Section 230 now more than ever
For those who want to see less of the kind of content that led to the storming of the Capitol, Section 230 may be unsatisfying, but it's the most the Constitution will permit.
Even if certain forms of awful speech could be made unlawful, requiring tech sites to clean it up would be even more constitutionally difficult.
Photo: Angel Xavier Viera-Vargas
January 11, 2021
Berin Szóka (@BerinSzoka) is president of TechFreedom (@TechFreedom), a technology policy think tank in Washington, DC.
January 11, 2021
Many conservatives are outraged that Twitter has banned President Trump, calling it "censorship" and solemnly invoking the First Amendment. In fact, the First Amendment gives Twitter an absolute right to ban Trump — just as it protects Simon & Schuster's right not to publish Sen. Josh Hawley's planned book, "The Tyranny of Big Tech."
The law here is clear. In 1974, the Supreme Court said newspapers can't be forced to carry specific content in the name of "fairness," despite the alleged consolidation of "the power to inform the American people and shape public opinion." The Court had upheld such Fairness Doctrine mandates for broadcasters in 1969 only because the government licenses use of publicly owned airwaves. But since 1997, the Court has held that digital media enjoys the same complete protection of the First Amendment as newspapers. "And whatever the challenges of applying the Constitution to ever-advancing technology," wrote Justice Antonin Scalia in 2011, "'the basic principles of freedom of speech and the press, like the First Amendment's command, do not vary' when a new and different medium for communication appears."
<p><div class="ad-tag"><div class="ad-place-holder" data-pos="1">
</div>
</div></p><p>Republicans battled the Fairness Doctrine for decades, and for good reason: The Kennedy and Johnson administrations really <em>did </em><a href="https://www.cato.org/policy-report/march/april-2020/how-jfk-censored-right-wing-radio" rel="noopener noreferrer" target="_blank">weaponize</a> the FCC to keep conservatives off the airwaves. Republicans' <a href="https://prod-cdn-static.gop.com/media/documents/DRAFT_12_FINAL%5B1%5D-ben_1468872234.pdf" rel="noopener noreferrer" target="_blank">2016 platform</a> (recycled for 2020) blasted the (by then, long-dead) Fairness Doctrine, demanding "free-market approaches to free speech unregulated by government." </p><p>Sadly, most elected Republicans have since abandoned those free market principles as they have increasingly come to see themselves as the victims of censorship by Big Tech. Even the removal of outright bigots like Richard Spencer and other neo-Nazis has been <a href="https://www.wsj.com/articles/dont-let-google-get-away-with-censorship-11565132175" rel="noopener noreferrer" target="_blank">cited</a> in august outlets like The Wall Street Journal without <a href="https://twitter.com/BerinSzoka/status/1159114731258568704" rel="noopener noreferrer" target="_blank">considering</a> exactly <em>who</em> was banned and <em>why</em>. The storming of the Capitol should make clear once and for all <em>why</em> all major tech services ban hate speech, misinformation and talk of violence: Words can have serious consequences — in this case, five deaths (plus a Capitol officer's suicide days later).</p><p>MAGA Republicans initially struggled to reconcile their "Fairness Doctrine for the Internet" with conservatives' past hardline defense of the First Amendment. They quickly learned how to obfuscate their hypocrisy. </p><p>First, they've posed as the "real defenders of free speech" — as if the First Amendment gave every American the right to an audience on someone else's property. In reality, the First Amendment prohibits compelled speech and forced association — a point conservatives trumpeted when it was bakers refusing to make cakes for same-sex weddings.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="2">
</div>
</div></p><p>Second, they claim that websites have no First Amendment right to block speech they find abhorrent because their centrality to public discourse makes them "public fora" just like town squares, where the First Amendment guarantees everyone a right to speak. But the Supreme Court, led by Justice Brett Kavanaugh, emphatically <a href="https://casetext.com/case/manhattan-community-access-corp-v-halleck?tab=keyword&jxs=us,1cirapp,2cirapp,3cirapp,4cirapp,5cirapp,6cirapp,7cirapp,8cirapp,9cirapp,10cirapp,11cirapp,dccirapp,fedcir&sort=relevance&type=case&resultsNav=false" rel="noopener noreferrer" target="_blank">rejected</a> an equivalent argument (in a case about public access cable channels) in 2019: "Merely hosting speech by others is not a traditional, exclusive public function and does not alone transform private entities into state actors subject to First Amendment constraints." In other words, the First Amendment remains a shield against government meddling in online speech, not a sword for the government to ensure "fairness."</p><p>Third, they blame Section 230 for online "censorship." Trump even cited Congress' refusal to repeal the 1996 law in his veto of defense spending (<a href="https://www.protocol.com/bulletins/house-overrides-trumps-section-230" target="_self">which Congress overrode</a>). But when sites are sued for banning users or removing content, Section 230 merely ensures that courts will quickly dismiss lawsuits that would have been dismissed anyway on First Amendment grounds — but with far less hassle, stress and expense. Multiply all those across the huge volume of online content, and websites could be deterred from trying to moderate content altogether. It's not just website operators that would suffer, it's their most <a href="https://www.vox.com/culture/21432987/trans-twitter-reddit-online-anonymity" rel="noopener noreferrer" target="_blank">vulnerable users</a> — and our overall discourse.</p><p>And that's <em>exactly </em>what MAGA Republicans are trying to do: force websites to broadcast their speech, no matter how noxious. That's why they've <a href="https://techfreedom.org/wp-content/uploads/2020/10/Letter-Big-Tech-Hearing-on-230-10.28.20.pdf" rel="noopener noreferrer" target="_blank">proposed ending</a> 230's liability shield for moderation of hate speech, misinformation, conspiracy theories, voter suppression and most foreign election interference — all real threats to our democracy that the First Amendment bars the government from doing much, if anything, about. </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="3">
</div>
</div></p><p>In 2012, the Supreme Court <a href="https://casetext.com/case/united-states-v-alvarez" rel="noopener noreferrer" target="_blank">ruled</a> that the First Amendment protects false speech, with only narrow exceptions. The Court hinted that it might be possible to curtail false claims about election procedures and results. But the Court isn't likely to reconsider the line it <a href="https://casetext.com/case/brandenburg-v-ohio" rel="noopener noreferrer" target="_blank">drew</a> in 1969: The <em>government </em>can punish a call for violence only when it "is directed to inciting or producing imminent lawless action and is likely to incite or produce such action." It's unclear whether Trump's speech encouraging his supporters to go to the Capitol actually met that very high bar. But, again, social media sites have a First Amendment right to take down such speech and ban him for it.</p><p>Even if certain forms of awful speech could be made unlawful, <em>requiring</em> tech sites to clean it up would be even more constitutionally difficult. It's one thing to do that with child sexual exploitation material, which is generally readily identifiable. It's quite another to make a website both judge and jury in cleaning up the speech of others. As an appeals court <a href="https://casetext.com/case/midwest-video-corp-v-f-c-c" rel="noopener noreferrer" target="_blank">said</a> in 1978, an FCC regulation holding cable operators responsible for obscenity created by public access channel users would have "subjected the cable user's First Amendment rights to decision by an unqualified private citizen, whose personal interest in satisfying the Commission enlists him on the 'safe' side — the side of suppression." </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="4">
</div>
</div></p><p>That's why Section 230 is so vital. It enables private website operators to do what the First Amendment says the government may not: at least <em>try</em> to clean up the internet. For those who want to see less of the kind of content that led to the storming of the Capitol, Section 230 may be unsatisfying, but it's the most the Constitution will permit. Yes, we should pressure websites to do more, but without Section 230, that won't work. Simply put, we need the law more than ever.</p>
Keep Reading
Show less
Berin Szóka (@BerinSzoka) is president of TechFreedom (@TechFreedom), a technology policy think tank in Washington, DC.
Politics
In 2020, COVID-19 derailed the privacy debate
From biometric monitoring to unregulated contact tracing, the crisis opened up new privacy vulnerabilities that regulators did little to address.
Albert Fox Cahn, executive director of the Surveillance Technology Oversight Project, says the COVID-19 pandemic has become a "cash grab" for surveillance tech companies.
Photo: Lianhao Qu/Unsplash
December 30, 2020
Issie Lapowsky (@issielapowsky) is a senior reporter at Protocol, covering the intersection of technology, politics, and national affairs. Previously, she was a senior writer at Wired, where she covered the 2016 election and the Facebook beat in its aftermath. Prior to that, Issie worked as a staff writer for Inc. magazine, writing about small business and entrepreneurship. She has also worked as an on-air contributor for CBS News and taught a graduate-level course at New York University’s Center for Publishing on how tech giants have affected publishing. Email Issie.
December 29, 2020
As the coronavirus began its inexorable spread across the United States last spring, Adam Schwartz, senior staff attorney at the Electronic Frontier Foundation, worried the virus would bring with it another scourge: mass surveillance.
"A lot of really bad ideas were being advanced here in the U.S. and a lot of really bad ideas were being actually implemented in foreign countries," Schwartz said.
<p>In China, where the virus first took hold, the country had already begun using draconian smartphone-based tools to <a href="https://www.bbc.com/news/technology-51439401" rel="noopener noreferrer" target="_blank">track sick people's whereabouts</a> and effectively force them to stay home. In Israel, lawmakers rushed through a proposal to give government officials <a href="https://www.bbc.co.uk/news/technology-51930681" rel="noopener noreferrer" target="_blank">access to Israelis' location data</a>. As the White House met with tech giants including Facebook and Google to discuss ways they could help, Schwartz and others feared the U.S. might be next in allowing fear of the virus to subvert basic civil liberties.</p><p>Nine months into the crisis, Schwartz said, the "worst ideas" being deployed internationally have yet to take hold in the U.S. But that doesn't mean COVID-19 hasn't created a slew of smaller, but still insidious privacy setbacks for Americans who, in recent years, have become increasingly wary of all the intrusive ways that governments and private companies use their personal data. Since March, corporate offices and college campuses have been flooded with biometric scanners, employers have deployed software that lets them remotely monitor workers' keystrokes and giant corporations like Ticketmaster have <a href="https://help.ticketmaster.com/s/article/What-are-your-COVID-screening-requirements?language=en_US" rel="noopener noreferrer" target="_blank">contemplated</a> linking people's negative COVID-19 tests to their tickets to gain entry to future events. </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="1">
</div>
</div></p><p>While many of these precautions are well-meaning attempts to preserve public safety and to use technology to get the economy up and running again, they can come at a cost to personal privacy. And yet, the crisis has once again relegated privacy legislation to the back burner in Congress as lawmakers battle over how to handle dueling health and economic disasters.</p><p>Albert Fox Cahn, executive director of the Surveillance Technology Oversight Project, says the COVID-19 pandemic has become a "cash grab" for surveillance tech companies. "I think this has been the most dangerous moment for civil rights since 9/11," he said. "When you're faced with impossible choices like whether or not to keep schools open and deprive kids of an education or put them at risk, it's so easy to be taken in by the allure of magical thinking and startups that say if you just install this tracking device you'll somehow be able to avoid doing the impossible."</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="2">
</div>
</div></p><p>Contact tracing has been a source of concern, as governments across the country work with a slew of private firms to manage manual contact tracing with no real guardrails in place. "People by the thousands are telling contact tracers where they've been, who they're with, and we don't think there are sufficient ways to secure that data, especially when private contractors or for-profit corporations are helping," Schwartz said.</p><p>In New York, Cahn's organization supported legislation that would have protected New Yorkers from having their contact tracing data used against them in court or administrative proceedings. That bill passed over the summer, but Governor Andrew Cuomo has yet to sign it into law, leaving that information vulnerable. "In most states, police or ICE can get contact tracing data with a subpoena," Cahn said. "This not only creates a privacy threat, but it's a public health nightmare. There are millions of Americans who would second guess whether to fully disclose their potential contacts."</p><p>Apple and Google partnered on a contact-tracing tool that went to extremes to ensure people's data wouldn't be centrally stored or shared with either company or with the government. But health officials, at least early on, <a href="https://www.washingtonpost.com/technology/2020/05/15/app-apple-google-virus/" rel="noopener noreferrer" target="_blank">scoffed</a> at the limitations. "Digital apps and technology have struggled in the in-between space of wanting to track the path of this disease, this virus, while at the same time really struggling with very real privacy concerns," said Malkia Devich-Cyril, founding director and senior fellow at the advocacy group MediaJustice.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="3">
</div>
</div></p><p>The imminent rollout of a vaccine presents even trickier questions, like what happens if businesses or governments begin requiring people to prove they've been vaccinated in order to access certain spaces. California's legislature already defeated a bill that would have created a blockchain-based system to create what Schwartz calls "immunity passports." EFF argued that requiring people to hand over their smartphones to prove their immunity would open them up to other privacy invasions and would require people to have a smartphone in the first place. "We view this as a horrible, horrible idea," Schwartz said, noting that EFF will be "in the trenches" if any similar proposals arise.</p><p>Over the course of 2020, there have been other, subtler attitudinal shifts too. In the spring, news outlets that, in the past, criticized apps for surreptitiously tracking and selling people's location data, suddenly began tapping that same data to track where people were actually <a href="https://www.nytimes.com/interactive/2020/04/02/us/coronavirus-social-distancing.html" rel="noopener noreferrer" target="_blank">staying at home</a> or whether anti-shutdown protesters might be <a href="https://www.theguardian.com/us-news/2020/may/18/lockdown-protests-spread-coronavirus-cellphone-data" rel="noopener noreferrer" target="_blank">spreading the virus</a>. "We think there's a lot of COVID-washing going on," Schwartz said.</p><p>That COVID-washing hasn't been uniform though, Devich-Cyril said, noting that Black and brown communities with a long history of being surveilled remain wary of that kind of intrusion. "The simple fact of a medical disaster is not enough to turn people away from their desire for basic freedoms and rights," Devich-Cyril said.</p><p>Still, despite these setbacks, privacy advocates did score some wins in the midst of the chaos. On Election Day, Portland, Maine succeeded in banning facial recognition technology. Michigan voted to require police to seek search warrants before accessing electronic data. And California passed Proposition 24, a measure that rewrites the California Consumer Privacy Act and gives Californians new rights over protecting their data. </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="4">
</div>
</div></p><p>"That is the story of privacy in 2020," said Jim Steyer, CEO of Common Sense Media, which backed Prop. 24. "That was a significant step forward." It's worth noting that not all privacy groups celebrated the passage of Prop. 24. Some, like the American Civil Liberties Union, opposed it over concerns that it created new privacy loopholes for businesses.</p><p>Schwartz is at least relieved that so many of the "bad ideas" that emerged at the beginning of 2020 have not been adopted in the U.S. But as the pandemic rages on through 2021, the fight for privacy in the face of a global health crisis will undoubtedly continue.</p>
From Your Site Articles
Keep Reading
Show less
Issie Lapowsky (@issielapowsky) is a senior reporter at Protocol, covering the intersection of technology, politics, and national affairs. Previously, she was a senior writer at Wired, where she covered the 2016 election and the Facebook beat in its aftermath. Prior to that, Issie worked as a staff writer for Inc. magazine, writing about small business and entrepreneurship. She has also worked as an on-air contributor for CBS News and taught a graduate-level course at New York University’s Center for Publishing on how tech giants have affected publishing. Email Issie.
Latest Stories
See more
Most Popular
Bulletins
January 22, 2021 11:32 EST
Get Source Code in your inbox
David Pierce's daily analysis of the tech news that matters.