Preposterous postings

Most of the time, Robert Harris writes great speculative fiction — I'm mostly a fan, and have hugely enjoyed several of his novels. However, I'm afraid that Fear Index isn't a book I can recommend.

In Fear Index, a genius computational particle physicist turned rich and successful algorithmic hedge fund manager in beautiful Geneva has a spectacularly bad day: Is the world going mad? Is a mysterious adversary trying to drive him mad? Is past depression coming back to haunt him? Is he falling victim to a brain tumor? And what is going on in his company whose computers are placing incredibly risky, but eventually hugely successful bids in the market?

Set before the background of the Dow Jones Flash Crash in May 2010, Fear Index has many of the ingredients of a great thriller, and is often well written. However, half way through the novel, Harris runs out of ideas: It's blindingly obvious that the AI has gone both conscious and mad, and is plotting a massive assault on the market, leading to the 2010 flash crash. Also, the AI (which is predicated on predicting fear in the markets) has set out to kill its inventor, who in turn tries to kill the AI — only to predictably realize at the novel's climax that it is now beyond his powers to do so.

In the end, this novel is yet another knock-off of the sorcerer's apprentice theme, set in the age of the computation, communication, and algorithmic trading, complete with the depressed genius, yet another quick visit to CERN and yet another cameo appearance by Tim's old NeXT workstation — and, even worse, yet another conscious-by-accident AI as the main antagonist that (when it isn't highly profitable on the stock market) rents computing centers, buys old books, hacks the psychiatrist's laptop, and manipulates the building's elevator. The characters are mostly clichés, and while the AI's machinations are quite creative, Harris lacks the imagination to give the reader any motivation why that would be the case. I'll take 2001's HAL over Harris' VIXAL-4 any time.

I know I'm late to the party: I finally got hold of Neal Stephenson's Anathem. Still, the book is worth a quick review, and a whole-hearted "go read it."

The first quarter or so is a fun, but somewhat slow read: Some ideas and the academic world of Arbre that serves as the backdrop for so much of the story are gently introduced. Those of us who deal with computer science in any shape or form get to chuckle at the phrase "syntactic devices" for Turing machines, and at discussions whether human thought knows meaning beyond what an AI can comprehend. We learn that Arbre was devastated by the Terrible Events (whose details the world has forgotten in the mist of time) that led the worldly society to seclude its all too resourceful and perhaps irresponsible academics in space and time, and itself on a stage of technical development that feels roughly contemporary to the reader, but must look like a plunge into the dark ages to those on Arbre who might remember what had been known and put to both good and terrible use before — and now seems almost forgotten.

But then, the story's hero (a young academic, only ten years removed from the sæcular world) begins to encounter the unexpected, and the carefully structured world of Arbre comes apart on a scale that few would even think of, and that requires the best brains on the planet to address.

That's when Anathem's story picks up its pattern, and when it becomes virtually impossible to put the book down: Stephenson has wrought a first-rate thriller out of an improbable set of ingredients all across philosophy, cosmology, physics — and Socratic dialogue. On another level, Anathem can be read as asking some inconvenient questions about the responsibility of those who develop and build technology that is deployed on a global scale, and their relationship to traditional social and governance systems. 

If you haven't read it yet, you're missing out!

All sorts of cloud services want to get their hands on all sorts of private data these days.

Case in point today, Funambol — looks like a nice combination of cross-platform synchronization software, a bunch of open source software to build applications on top, and a probably useful web service. Now, do I trust this service with my address book?

Conveniently, the fail begins early enough that I don't even get to the point where I look at the privacy policy: Not just are password choices that I can make when signing up constrained in all the wrong ways — all the interaction with the web portal is, of course, through plain HTTP.

Why, exactly, dear Funambol, do you think that I'd trust you with others' home addresses and private phone numbers when you don't even bother to take the elementary steps to keep my password and those data out of the hands of the attacker who's probably sniffing the wireless network I'm using at the airport?

Come back when you've built a secure site. Right now, you're not even getting past the smell test.

So, I've made the jump.  Initial impressions:

(download)

Click here to download:

macos-x-lion-first-impressions-mail-app-and-lots-of-incremental-changes-5YIifJk4Kr7wKfPnlFzk.zip (703 KB)

This item also appears on the W3C blog.

The fine people at the UC Berkeley law school have pulled together an amazing two-day workshop about Web Tracking in Brussels. The conversation kicked off today with European Commissioner Neelie Kroes talking about privacy, self-regulation and do not track, and with Director General Robert Madelin and FTC Commissioner Julie Brill on the subsequent panel. Together, the three handed a sizable challenge to the Web standards community: Standardize Do Not Track within a year (or less), be transparent, be inclusive.

Neelie Kroes' key points: While the advertising industry’s self-regulatory efforts are important and welcome, they aren’t enough. Tracking protection cannot be limited to just cookies (and cannot ignore other ways to create client state); it cannot be limited to just advertising or other specific sectors; and it cannot be limited to just the use of the data; instead, tracking protection needs to apply to data collection as well. Also, industry needs to address both Web and mobile tracking, and soon. Kroes’ challenge to industry: Standardize Do Not Track by June 2012. Come to the standards table.

FTC Commissioner Julie Brill spoke about the FTC’s efforts in the space over the last several years. She reminded us of the FTC’s staff paper and the five principles for an effective Do Not Track technology: 1. It must be easy to use (in fact, asked Brill, wouldn’t it be nice if the advertising industry was making opt-outs as easy to use as ads); 2. It must be effective; 3. It must be universal; 4. It must deal with collection as well as with use of information; 5. It must be persistent (and not go away after 5 days, or when you delete your cookies). As a significant footnote, Brill pointed out the special sensitivity of geolocation information, and the need for minimization there.

On standardization, Brill’s worry is that industry standardization might be too slow a process, and could possibly take beyond mid 2012.

Finally, Robert Madelin (Director General for the European Commission DG Information Society and Media) put the tracking conversation into the context of Internet regulation overall ("it can't be a random walk between individual jurisdictions") and the eG8, and into broader thinking about effective self-regulatory approaches. The sweet spot, according to Madelin, is somewhere in the middle between strongly mandated co-regulation and purely industry-led self-regulation: industry-led, yes – but inclusive, with a clear process, and with clear accountability and transparency to the public, and with a preference for shipping over the sort of perfection that can hold up agreement forever.

Nick Doty blogged about our plans with Do Not Track earlier today. We believe that the standards process provides an appropriate framework for conversations about not just the bits on the wire, but also the broader meaning of do not track.

This item also appears on the W3C blog.

Last October, the European Commission invited to an unlikely unconference: What ideas did the larger community have that would help to drive the Digital Agenda for Europe forward?

One idea that came out of that meeting (backed, at the time, by W3C and our colleagues down the road at ETSI): Government Data Done Well. Could we join forces between the Digital Agenda's focus on the use of public sector information as an economic driver on the one hand, and between the Open Data movement's interests in openness and transparency on the other? And how would all of that translate into technology and standards? Can we drive Europe's vision of Government data towards the full five stars?

Over the past few months, an impressive set of partners has come together within the Share-PSI initiative, and we're now on the final stretch toward the Digital Agenda Assembly:

• We have a Call for Participation out for a workshop on 10/11 May 2011. The workshop will be hosted by the European Commission in Brussels. We're going to look at the interoperability story for Public Sector Information, broadly: What are the use cases? What are the obstacles that get into the way as public administrations try to put data online? We're asking that question both from a technical perspective and a legal angle. Position papers due 15 April!
• As of today, the Open Data Challenge is on. The panel of judges includes W3C Director Tim Berners-Lee and EU Commissioner Neelie Kroes. Prices and awards of a total of EUR 20,000 are sponsored by various partners across industry: For ideas, for apps, for visualizations, and for public sector data sets. Of particular note, the Talis award for best use of Linked Data. Get your submissions ready!

All of this will feed into the Commission-organized Digital Agenda Assembly in June. We hope that we'll have a great story to tell there, about the value of standards and the Web, about open data, and about the great applications that will come out of the Open Data Challenge.

This item also appears on the W3C blog.

There's a lot of movement about Web Tracking and User Privacy lately, and it's been almost two weeks since the last update.

We've since announced the W3C workshop on Web Tracking and User Privacy for 28/29 April 2011. The good people at the Center for Internet Technology Policy at Princeton have agreed to host us for this workshop. As always with W3C workshops, we'll seek position papers from a broad community. We've lined up a great program committee (thanks all!) that will help us pull together the agenda of the workshop based on those position papers. Position papers are due by 25 March.

Earlier this week (see Alex Fowler's announcement over at Mozilla), the IETF has published two relevant Internet-Drafts. Both are individual submissions, i.e., starting points for a broader community discussion. In the Overview of Universal Opt-Out Mechanisms for Web Tracking, Alissa Cooper and Hannes Tschofenig paint the larger landscape of available opt-out mechanisms -- required reading for the April workshop. In Do Not Track: A Universal Third-Party Web Tracking Opt Out (also known as draft-mayer), Jonathan Mayer, Arvind Narayanan (both at Standford), and Sid Stamm (Mozilla) propose a technical specification for a Do Not Track header.

How does their proposal compare to Microsoft's Web Tracking Protection Member Submission? A few observations. Most importantly, draft-mayer focuses on the opt-out header; it doesn't cover either the tracking list idea or the DOM property defined in the submission. Further, the draft distinguishes between three (not two) states: DNT: 1 ("I don't want to be tracked"), DNT: 0 ("it's ok to track me"), and no header -- the latter case is called out explicitly as "no preference." Another interesting addition is the use of DNT as an HTTP response header: The protocol proposed here is that Web sites that support "do not track" play the header back when they send a page, and that clients (and others) can use that to keep statistics about who's respecting an opt-out.

Also worth comparing: The two statements on what "do not track" actually means. At first glance, they're quite different in scope and in level of detail; Mozilla's version has a long initial set of exceptions. Drilling down on what direction the definition of "do not track" should take will be an important agenda item for April.

Meanwhile, on the political stage: As the BBC reports, EU Member States aren't prepared to actually enforce a European Directive about cookies and user tracking. Instead, we can expect the debate about behavioral advertising, opt-outs, and tracking protection lists to take center stage in Europe as well.

All of this suggests some interesting discussions in the Web Tracking space at the April workshop: Which of the tracking protection mechanisms are a good idea? What are the merits of the various design options? How do they interact with different cultural and legal expectations around the globe? Which ones should we take up for standards work at the W3C? What's the right coordination story for this work?

I'm at the PrimeLife workshop on Open Data and Privacy. We've been trying to even frame the discussion all morning.

Here's my framing of the interesting space of the discussion:

• Let's posit that public datasets are likely to include personally identified or identifiable information.
• Let's posit that the datasets are available for re-use, and that there are overwhelming public policy and economic incentives for that to happen.
• Let's posit that the data is actually re-used in a way that involves identifying the individuals the data are about.

Put differently, let's assume that we have a hard clash between privacy principles and open data principles. What does a meaningful privacy conversation look like in this space?

In the context of the latest protest in the Middle East, we hear of governments launching man in the middle attacks against social network services -- for example, we hear of JavaScript code injection on Facebook in Tunisia.

Many of us are quick to point at SSL as the defense of choice.

Alas, SSL is only as secure as the CAs you trust, and so this is the right time to recall Chris Soghoian's and Sid Stamm's work on certified lies (according to Soghoian and Stamm, Tunisia was (is?) one of the governments implicitly trusted by IE!), and the EFF's SSL observatory.

Many -- too many! -- parties are trusted by today's browsers, and the assumption that any particular government isn't able to intercept your traffic just because the browser's SSL indicators show up is, unfortunately, not always warranted.

If you're following TechCrunch at all, then you'll have seen its coverage of the Viber iPhone app: Another VOIP solution, reputedly with extremely good voice quality, using phone numbers as identifiers. 

But, of course, there are a few questions to be asked here: What does Viber do with those data?  Am I signing up my colleagues and friends for free telephone harrassment? What if I change my mind and move on? What's the business model? (apparently, spending VC money and coming up with value added services later)

Cue the viber privacy policy.  It's pleasantly short, doesn't come in unreadable gray small print, and sounds fairly reasonable as far as the use of the address book data is concerned.  That's all very good.

But then there's this: "Viber also maintains call and connection logs to the system. These logs contain your internal Viber identification which is a combination of your account identification (i.e., your phone number) and Apple Unique Device Identification ("UDID") or Android Device ID. All call and connection logs are maintained indefinitely."  Traffic data retention, here we come.

The lessons?

At least two come to mind.  The first one is that, as network applications offer useful services based on highly private data (like my address book), they need to be extremely clear about the implications. When I first tried Viber, it didn't tell me anything about the way in which those data would be used. While Viber's privacy policy is fairly reasonable as far as the contact data are concerned, I needed to search for it online. I shouldn't have to, the app should be clear right away about what it promises (or doesn't promise).

The second one relatest to data retention. NGOs like EDRI are rightly upset at EU plans at long-term and broad telecommuniations data retention. But what does this particular game look like with VOIP companies? Some players, like Google Voice, give users a lot of control, and (beyond that) make sure they anonymize call data that they keep for their own purposes. Some players (like Skype, or Apple with FaceTime) are less than clear on what happens to call histories.  Yet others, like Viber, retain your communication behavior indefinitely, without any anonymization, but at least tell their users, if they know where to look.

It's a shame that, as users of these services, we can't just assume that call histories will be treated as the highly sensitive data they are.  It's also a shame that we apparently can't even expect to be told up front (and outside a policy document -- even a well-written one) what the VoIP service providers will do with those data.  That needs to change.