Horror Stories

The information society offers many solutions to improve the way the societies work, but it also creates new challenges. Here is a review of some of the problems created by the lack of accountability.

What happened during the last 20 years?

Computers have become personal commodities in the late 1970s and early 1980s. They were used primarily to modernize work performed locally: databases replaced file cabinets, word processing software progressively replaced typewriters, the spreadsheets were a new and exciting tool used for all kinds of business reporting, and presentation software started to replace the slides used for presentation. Then, in the 1990s the World Wide Web emerged and became the network where for all companies, institutions and individuals seeking a public presence converged. E-commerce was born, the media and publishing industry went through radical changes, and social networks were invented and ended up being tools that connect a significant part of the world population. At that time, optimism was prevalent, because the new possibilities were so amazing that most of us embraced them with enthusiasm. We thought then that for sure the world would become a better place.

The success and speed of adoption of the Internet, the explosion of the mass market for electronic devices, supplemented notably by the generalized adoption of smartphones, and the connectivity offered on many physical devices, such as home appliances, cars, etc., have made online access as essential for everybody's daily lives than electricity or running water. The fact that we live in a connected world has many positive aspects and we can't envision returning to a life without it. Some of the innovative companies started by students in a garage have evolved into behemoths that have an influence and power equal or sometimes superior to national governments.

The success of the Internet and its scalability rely on its decentralized architecture, the fact that it is a peer-to-peer network rather than a top-down imposed bureaucratic construction. But the world being what it is, the Internet has also become a magnet for negative endeavors. Specific forms of Internet-based crime have flourished, including stealing into bank accounts and identity theft, human trafficking and other forms of extortion. Terrorists rely on online activities to recruit new members, conspiracy theorists and hostile powers propagandists spread fake news and rumors. Computer systems are under attack continuously by bots. The integrity of the Internet is hard to protect, and the integrity of information content as a consequence is hard to protect.

Here are some scenarios where the lack of accountability proves to be a hindrance.

Attacks against Web sites

The openness of the Internet makes web sites vulnerable. Cybersecurity can be enhanced by implementing several precautions, such as securing firewalls, changing passwords frequently, etc., but many web sites are vulnerable to ever more sophisticated hackers using tools which are constantly renewed. These attacks have disrupted web sites, have tarnished the reputation of businesses, have produced leaks exposing personal and politically-sensitive information1. The grid power, nuclear plants, and other industrial sites are susceptible to be attacked. Airline traffic, and access to certain web sites are interrupted, because of attacks. The vulnerability of the Internet has become a major political and social issue, and threatens wide implementation of new features, such as the Internet of things.

Cybersecurity is however mostly reactive, and many providers of cybersecurity products provide ways to analyze and report attacks when they occur, without necessarily providing ways to prevent them from happening. See the chapter on security for more details.

Automatic tasks performed on the Internet use scripts called robots, or simply "bots". About half of the time, they are used for legitimate purposes. Malicious usages include "spambots", or automatically created pseudo-users, which behave like humans, and are able to connect to many web sites using fake identities. They are used for the sake of political propaganda to produce politically oriented comments, and to artificially swell the popularity of certain web sites, making them appear as having a high traffic volume, and, as a result, propel them on top of the hit results of search engines. In 2016, robots were responsible for 51.8% of the traffic on the Internet, and 28.9% coming from "bad robots", including 24.3% impersonators, 1.7% scrapers, 0.3% spammers and 2.6% hacker tools.2 Some sites use "captchas", or other mechanisms that are meant to guarantee that the originator is not a robot. But they are not sufficient, since low cost labor is massively used to solved captchas.3 There are no ways to prevent humans with bad intentions to fraudulently access web sites.

Trolls are people who behave in a derogatory or insulting way, and disrupt the implicit code of conduct on the Internet. They are using the Internet and especially social networks to dump dirt, harass or humiliate people, and this has resulted in a number of cases in a tragic outcome, including some people have taken their own life. Trolls often appear under different identities to make it appear as it there were many of them. Research based on sentiment analysis is on the way to detect trolls.4

What trolls and bots have in common is that they find a way to circumvent access to web sites and the servers' authentication methods. The traces they leave behind can be used to identify them, but if they use methods to obfuscate their provenance, they make it more difficult.

Businesses use our personal information

Unbeknownst to us, many activities we perform on a computer are recorded. If we happen to have been looking for sunglasses online, we will receive tons of advertising for sunglasses for a while. Companies create individual profiles based on search queries that they sell for targeted advertising. For us, simple mortals, this is not only annoying, it is counterproductive, because if we just bought a pair of sunglasses, the likelihood that we would need to buy a second one is close to zero.

At the same time that companies spy on us, they consider that they should not been held accountable to their customers. With the generalization of e-commerce and automated customer services, it has become hard to be able to reach customer service representatives. We are losing our ability to communicate with the product company about any issue we may have, and are limited to the types of interactions allowed by the software they have installed. Moreover, if we are lucky enough to succeed in reaching a human being, their standard answer is that most problems are due to a computer glitch, and they can't do anything about it, besides saying they are "sorry for any inconvenience" and wishing us "a wonderful day". E-commerce has therefore the effect of diminishing the accountability of product companies towards their customers. Computerization of the exchange may have opened the market to more customers, but has diminished the quality of the exchange. Although these two aspects are understood as being intricately connected, there is no obvious reason why it should be the case, except for excusing the company to not be able to set up a satisfactory software platform. This can be accepted as long as a quid-pro-quo exists. On the customer side, it can be expressed as "there are so many things I can do now that I couldn't do before". But this novelty effect will fade out with time, and new generations of customers are going to be less forgiving to the product providers. If companies are not able to improve this aspect of their customer relationship, they will likely go belly up after a sudden and hard awakening due to a lack of awareness about the underlying deficiencies of their e-commerce codes of conduct.

Using an online service requires us to accept the terms and conditions on the site. These documents are usually written in legal jargon and contain boilerplate text that is not directly relevant to the specifics of the situation. Their length is used to discourage us to read them. But even if we take the time and effort to read them, there is nothing there for us: there is no way to discuss one specific provision, in case it makes us uncomfortable. Since nobody on the other end is ready to discuss with us about the pros and cons of a particular clause, no negotiation is possible. Therefore, the only choice we have is to accept all conditions altogether or none. It doesn't give us any sense of empowerment. The benefit for the companies providing the services are obvious. They are free to use our information they way they want, in an environment which remains for the most part still unregulated. This situation favors the concentration of capital in the hands of huge, quasi-monopolistic, corporations.5 Again, this will last as long as the customers don't care about how their personal information is used. The main reason they don't care is that they have no idea how valuable their personal information is. On the other side, all professionals in sale and marketing know that fact and the monetization of customer data is an essential part of the online industry in particular for advertising. The disconnect between these two sides of the exchange is not going to last forever. It's a situation which is comparable to one where consumers were paying in cash without knowing how to read the numbers on bills and coins. They will have to rely on the good faith of the merchants, whose raison d'être is to maximize their profit with every exchange. The number of hidden layers in e-commerce may backfire, as soon as literate users will be able to have their say. Sustainable commerce works at its best when all parties know what they are exchanging.

The absence of net neutrality is another of this hidden gotchas. Net neutrality is a regulatory mechanism which aims at preventing Internet broadband access to be differentiated according to the size of the company and the price they pay. This protection is under threat at the moment of this writing.6 But the Internet is fighting back: on July 12, 2017, 1.6 million comments in support of net neutrality were sent to the FCC.7 As long as big companies dictate their will on the way commerce should be done, and as long as they find customers agreeing to be part of that scheme, this system will survive. But again, it's fragile. In the history of capitalism, when railroad barons and utility giants have shown they were abusing the system because their logic of development went against the public interest, they were eventually reined in, and regulations came into place. We need a national conversation today about what society needs as a whole. For example, broadband coverage of rural areas could be described as a public necessity, rather than being neglected because the profit generated is too low for private companies.

Governments monitor online usage

Not only companies, but also governments are interested by our online activities.

Once upon a time, there were no cameras in the streets. The letters sent by mail were not opened—with the possible exception of inmates—, we could give a phone call without being recorded—wiretapping was reserved to a minority of persons under active surveillance—, we could read a book in a library without letting no one know what we read8, we could purchase a plane, a bus or a train ticket or fill the tank of our car, without leaving breadcrumbs of our travel. That era is over. Edward Snowden revealed in 2013 how wide the scope of the global surveillance program of the National Security Agency was.9 However, privacy is an essential right: One of its components is the "right to be let alone" and, according to Warren and Brandeis who wrote an influential article on the right of privacy in 1890, the right of property provides the foundation for the right to prevent publication."10. Nowadays, people who want to preserve their anonymity have to use very sophisticated ways to hide from view, and by doing so are raising suspicion that they have something to hide.11

Social networks, when originally designed12, were promoted as a way to keep in touch with friends and close relatives. Created in 2008, Facebook had, as of the first quarter of 2017, 1.94 billion active users13, which represents one quarter of the world population! The value of these data is invaluable. It's possible to see with whom every one of us is connected, not only through family relations or professional relations—which can be found on records—but also personally. Not only we expose who we know, but what we talked to them about. This free platform comes with gotchas that very few of us read, and we basically offer most of our private life to the people who enable us the convenience of easy and free connections that we enjoy on a daily basis.

All this trove of information is accessible to intelligence and authority enforcement agencies that use them when they feel entitled to, within the limits of the laws in effect in various countries. Sometimes, for good reasons, such as to discover that a group of people is plotting a criminal activity of some sort.

In addition to hackers who try to fraudulently use our information, governments and intelligence agencies are collecting it using the sources available on the Internet. It is difficult to keep a low profile while being online, as intelligence services throughout the world use countless new opportunities to learn about people's activities and connections.

The word "netizen" is a contraction of "citizen" and "net" and expresses the new reality of being able to exert our rights of citizens in a space such as the Internet. The term was coined by Michael Hauben14 in the 1990s. Michael Hauben died in 2001, seven years before the creation of Facebook. Today, as information has become at stake as one major asset to be protected, vulnerabilities have become so pervasive that we need urgently to rethink how we are present online, what it means in terms of individual, corporate or national threats, and cyberwarfare is not anymore a toolkit for science-fiction writers, it has become part of the challenges we are confronted with.

...But government is taken over by computers.

Governments, and intelligence agencies, are also vulnerable to information stealing. Leaks have occurred, sometimes by whistleblowers motivated to share shocking discoveries with the public to draw the attention on something that they consider worth sharing. Intelligence services routinely steal information from other countries, and sometimes dump the information to the public, in the purpose of influence the political process in the targeted country. These acts are now considered part of cyberwarfare, for which we unfortunately seem to have witnessed only the beginning, during the 2016 electoral campaign. Without a strong political will to protect a country from attacks from other countries, and a close cooperation between national security and intelligence agencies, not much progress will be possible. If on the contrary there is a will to accept penetrations from hostile powers, such as Russia, the situation will become intricately complex and work needed for disentanglement will be very hard, and may have some negative impact on the inner workings of an open democracy. The more we wait, the more difficult it will be.

Passivity disguised into Activity

Spending time online is usually considered "active", while watching TV is "passive". But the fact that we click and type on our laptops, tablets or phones, hides the inherent passivity of what online sites have to offer. We accept, most of the times unknowingly, to disclose personal information, including our tastes, sentiments, political opinions, relationship status, sexual orientation, résumé, our networks of friends, colleagues and family members, our daily schedule, appointments, our purchases, our travels, the time we go to sleep, our current working drafts, finances, projects, medical conditions, etc., for the sake of convenience. We rely so much on technologies that it creates and entertains the dependency between technology and our daily activities. If we are working "in the cloud", the lack of connection to the Internet can prevent us from working altogether.

The most astonishing thing about it is that for most people it doesn't seem to matter. And social pressure encourages us to join popular social networks, because we may not be able to afford the luxury to stay out of them. The only times it does matter is when something catastrophic happens: when cyberbullying leads to annoying or sometimes tragic outcome, when data are being stolen and sometimes are proposed back against ransom, when countries interfere in others' electoral process. But still, the general feeling seems to be that the advantages of living online are so overwhelmingly gratifying that it is sufficient to take some precautions, such as changing often passwords, to feel safe. But feeling safe doesn't mean being safe. The symptoms that many people express about it resemble those of an addiction: we vaguely know it has some bad side effects, but it feels so good that we can't stop doing it.

Of course, kids get addicted first, and it is very hard for their parents to try to limit the time they spend online. In previous generations, children were spending a lot of time watching TV, and it was not considered any better. But the interesting part of it is that the addiction afflicts everyone, including at work. It's part of the work to be available at any time to respond to emails sent across a division in a company. Before, people were supposed to be ready to answer their phone. Nowadays, it has become hard, albeit impossible, to reach people directly by calling them on the phone, because they don't have this kind of availability any more. Unlimited calling is offered by most phone companies because most people don't use the phone so much.

Hidden gotchas

The "do not track" feature doesn't apply to search engines, it only applies to web sites that are on the receiving end. But it is not constraining. Web sites have no legal obligation to honor it, even if they say so. The prevalent business model for companies providing online services is their ability to monetize their customers' data and derive statistical analyses from them. Naturally, the ability to track is also used by national administrations and intelligence to monitor their citizens' activities online, and since the Internet has no national borders, the activities of non-citizens as well. Being online is similar to walking on the street. You can't do that without being recognized. In fact, it's almost the same: The deployment of surveillance cameras in the city streets, and the advent of connected appliances, including cars, through the "Internet of Things" make it impossible to hide and preserve and kind of anonymity.

Blind faith

When we rely on an enormous amount of data that we don't master in order to take decisions, we have to believe what the computers tell us after they have processed the data and given us a result. The process operated by the computers is driven by code that contains instructions and algorithms. We don't really have access to these algorithms, nor do we think we are knowledgeable enough to master them. The result is that we have no other choice than to blindly trust the machine. If the algorithm used is erroneous, or misleading, we have no way to know.

Our dependency increases because of the intricacies of the system, too hard to comprehend, which adds to the fact that companies don't offer us any room to negotiate the terms of their agreements. We end up being submitted to a unidirectional, top-down, procedure. The question is how much we have to abdicate our ability to understand how things work. If we understand the context, we don't need to dig into all the details. If we don't understand the fundamentals, that's a bigger problem.

Propaganda use tracking tools developed by businesses

The powerful tools tracking user information, preferences, tastes, and sentiments, have been designed primarily for the consumer market. For those of us who are aware of it, that is at worst irritating. But overall, it remains largely innocuous, even if we feel the pressure, because we are not forced to buy any of the things we are being proposed. When these tools are used instead by political propaganda agencies, things can spiral out of control quickly. It becomes possible to address some fake stories that are susceptible to appeal to certain constituents, especially those who are hesitant to make sure to swing the balance towards a candidate chosen by the campaign responsible for these messages. Intimate knowledge of the constituents, precinct by precinct, enables political campaigns to target users and to have maximum impact.

Social networks reinforce the homogeneity within groups. Propaganda targets them according to their beliefs, and instillates false information, or, worse, slightly distorted information that will be palatable for a particular group sharing values. The scalability of such operations made this strategy very attractive to people who are spreading unvetted rumors, conspiracy theories, and the like, and the result is that many people genuinely believe that these stories are true, or, worse, as believable as the other stories reported by the mainstream media, as if facts didn't exist. Subrepticely parallel words are created with people stopping sharing values with others, and destroying the fabric of what constitutes a country. When truth is blurred, this is how dictatorships establish their rule over their people.

Elections are driven by software.

The voting systems use proprietary software and the accountability is, once again, left to the technicians. This means that voters have no way to know whether their vote will be counted, and if counted, if it will be counted properly. Innocent errors may come from undetected software bugs, but it is conceivable that hackers can attack voting systems and slightly modify the results, in ways which are difficult to detect, and swing a given election in another direction than what the voters are expressed.

Because of numerous problems that have been reported, voting machines have been removed in various states, for lack of accountability: There was no way to establish whether any reliable results could be established by using them.15

Denise Lamb, former Director of Elections for the State of New Mexico, describes the auditing process, and mentions, interestingly enough, that auditing is performed by certified public accountants. Darryl R. Wold, former chairman of the Federal Election Commission, explains that paper records simply consisting of ballots printed by the computer after the closing of the polls are never seen by the voters and cannot reliably indicate that the data stored in the computer are accurate.16

The only way out seems to be a constant monitoring of everything that happens within the software that is used to record the votes, and conduct extensive tests by different parties, including - and especially by - those which are not members of the company producing the software. Therefore the software used for recording votes must be modular, extremely clear to read, and of course the source code should be made public so as to allow a community of hackers and citizens to examine the software in all its components and so opening the possibility of detecting any flaw. As long as the software for vendor machines remains proprietary and is only accessible to the company that produces it, democracy is in serious jeopardy. The only way forward seems to be not enable use of voting machines unless the process is open enough to be considered reliable.

Public interest groups almost universally supported the move to optical scanning, which is now thought more reliable than touch-screen voting, if only because it leaves a paper trail.17

The Digital Divide

Some people are still not connected. Some neighborhoods in big cities are not well connected either. In the early 2010s, it was difficult to get fast connection in downtown Washington DC!

How global is information access?

Countries are able to limit access to information available globally on the Internet. The Great Chinese Wall for example is now an Internet wall.18

USSR failed because it was eventually not able to prevent communication using new technologies, such as fax messages in the 1980s19. USA may fail because it is not able to contain damages made to its information by foreign countries, including Russia.

At the same time as the world economy becomes global, other phenomena become global, and the desire for world domination based on one single school of thought, Islamic fundamentalism, seems to be the common ground for those who have adopted terrorism as one of their means. Terrorists are also propagandists, they use the same technologies as everybody else to achieve their goals. The ability to browse information online is useful therefore not only to extend the span of democratic powers, but also to those forces which want to destroy them. The need for protecting information, the efficiency of what is called "firewalls", is therefore essential. At the same time, the ability for citizens to access information which may prove to be crucial for them is also essential. The challenge is to find the limits between what can be displayed and what can be considered a public threat. For example, preparedness to disasters is essential to ensure that citizens will know how to cope if they are confronted with an actual disaster. But by displaying disaster scenarios, is also showing where the Achille heels of a society are.

Border Security

Heavy reliance on technology for border security helps, but it does not replace adequate training of the personnel responsible for ensuring security. Connecting information about individuals so that every immigration officer in the airports can immediately see whether an individual is mentioned in a list of suspected persons maybe a good thing, but it is not error-prone. Some people have got into trouble because their name is identical or similar to the name of a person who is on the list of suspected individuals. The limitations of the technologies used to find information need to be further investigated, to ensure that the proper information is returned when needed.

It is likely, although no information is for obvious reasons publicly available to prove it, that use of high technology equipment has helped to detect terrorists trying to cross borders. But this can not be the only solution. Israeli security, which is considered to be among the best in the world, relies on other factors than simply technological. It relies in the ability for the security personnel to detect suspect behavior by asking questions that may lead to contradictions, or destabilization, and may indicate that the person being questioned may be hiding some crucial information.

Healthcare

The digital mess appears in all its crudeness in the healthcare industry. The part of medical information which is digitized is still small. Increasing its scale would have big advantages, providing more reliable, centralized, information about the medical history of each of us. Even if we forget to tell our physician that we are taking such a pill, this information will be recorded. However, the difficulties abound. Nothing is more private than personal medical information. There are good reasons for not wanting to share such information, including with our closed friends and relatives. Even less so with employers and insurance companies, who we may not want to tell about our medical problems. There is a fundamental right to privacy, which is in principle protected by the Fourth Amendment of the US constitution. If the physicians record the medicines they prescribe to us, it doesn't necessarily mean that we have taken them. There is a chance that we would be regarded as having taken that drug, but really all what is possible to know is that this drug had been prescribed. We may even have bought them, but still not taking them. This situation may be extreme, or judged absurd – what is the point of throwing money out through the window? – but it can happen, and sure enough, it actually happened more than once.

Vulnerability

The Internet of Things, which is presented as the future of everything, has some deep vulnerabilities built-in. If malfeasant people take control of devices, such as self-driving cars, or home utilities, they can divert its usages to something that is not intended, and the potential for catastrophic outcomes becomes a real threat, unless efficient protection is provided to prevent these attacks for happening. We are not there yet.

Aaron Swartz’s Legacy

Private theft of public culture20.
Guerilla Open Access Manifesto21

Conclusion

Survival of democracy is at stake. We need to free ourselves from any type of slavery to the machines. We must not forget that machines are designed to help us live better, not worse. We shouldn't let distopia take over utopia. It's a moral and political commitment.

  1. The US-CERT (United States Computer Emergency Readiness Team) Current Activity web page records the most frequent and high impact security incidents. 

  2. Bot Traffic Report, 2016 

  3. Christopher Mims, How Spammers Use Low-cost Labor to Solve CAPTCHAS, August 11, 2010. 

  4. See for example this paper published by three persons working at the DSO Laboratories in Singapore: Chun Wei Seah, Hai Leong Chieu, Kian Ming A. Chai, Troll detection by domain-adapting sentiment analysis, 2015 18th International Conference on Information Fusion (Fusion), and Oskar Casselryd, Filip Jansson, Troll detection with sentiment analysis and nearest neighbour search, EXAMENSARBETE INOM TEKNIK, GRUNDNIVÅ, STOCKHOLM, Sweden, 2017. 

  5. See Susan Crawford, Captive Audience: The Telecom Industry and Monopoly Power in the New Gilded Age, Yale University Press, 2013. 

  6. Corynne McSherry, An Attack on Net Neutrality Is an Attack on Free Speech, Electronic Frontier Foundation, June 22, 2017. 

  7. Elliot Harmon, Historic Day of Action: Net Neutrality Allies Send 1.6 Million Comments to FCC, July 12, 2017. 

  8. Theresa Chmara, Privacy and Confidentiality Issues: A Guide for Libraries and Their Lawyers, ALA Editions, 2011. 

  9. Glenn Greenwald, Edward Snowden: the whistleblower behind the NSA surveillance revelations, The Guardian, June 11, 2013. 

  10. Samuel Warren and Louis Brandeis, “The Right to Privacy”, Harvard Law Review, Vol. IV, December 15, 1890, No. 5. This article is commented in the Wikipedia article: The Right to Privacy (article) 

  11. Micah Sifry writes in The Big Disconnect: Why the Internet hasn't transformed politics (yet), 2014, OR Books, New York and London: "People who choose to lock their digital secrets are, in effect, painting a target on their doors for would-be snoops". (Kindle Location: 2694) 

  12. "Friends of a Friend" was created around 2000, by members of the emerging Semantic Web Community, and especially Dan Brickley and Libby Miller. See http://www.foaf-project.org/original-intro for a description of the original intent. 

  13. According to this source: https://www.statista.com/statistics/264810/number-of-monthly-active-facebook-users-worldwide/ 

  14. Michael Hauben, "THE NET AND NETIZENS: The Impact the Net has on People's Lives", first chapter in Netizens: An Anthology 

  15. The web site http://www.votingmachinesprocon.org compares opinions for and against using voting machines. 

  16. See http://www.votingmachinesprocon.org/questions/audit.htm

  17. Abby Goodnough, "Vote Giving Florida New Headache", New York Times, October 13, 2007. 

  18. China Toughens Its Restrictions on Use of the Internet, New York Times, December 29, 2012 

  19. Dismantling Utopia: How Information Ended the Soviet Union, by Scott Shane, Chicago: Ivan R. Dee, 1994, 324 pp. 

  20. Rebecca Gould, Aaron Swartz’s Legacy, American Association of University Professors, January-February 2014. 

  21. Guerilla Open Access Manifesto