Several recent news items caught my eye.
First, there's been endless drama coming out of Twitter since Elon Musk acquired it for an ungodly sum. One of his latest bombshells is to promise an email drop that "makes public all internal discussions about the decision to censor @NYPost's story on Hunter Biden's laptop" in order to "restore public trust" (link). It's just one example of how corporate executives can weaponize data.
Second, Wired reported that Google handed over the personally identifiable information (PII) and detailed location data of at least 1,500 people to FBI investigators (link), through "geofence warrants", which is a dragnet. Geofencing is a favorite technique also of marketers for finding targets to deliver their marketing messages: the marketer draws an area on the map, and the data providers hand over contact information of every cellphone that is known to have entered the geofenced area. In this case, the FBI requested information on anyone who entered the area around the Capitol with their cellphones on January 6, 2020.
Third, the FCC blocks several leading Chinese technology manufacturers from the U.S. market (link) in the name of protecting national security. This action is taken based on the "possibility" of "espionage, IP theft, blackail, foreign influence campaigns, and other nefarious activities".
***
These stories are all related to our data. What happens to our data. Who has our data. What can people do with our data. What have they done with our data.
Americans have allowed corporations to be custodians of our private data. This was originally cast as a grand bargain, in which corporations get our data for free while they offer us some service of value for free. Think back to the beginnings of Google and Facebook... scratch that, not the humble beginnings when the entrepreneurs lured us in by offering their services for free without a quid quo pro. It was after these companies went public when they realized they must make money, and eventually, every one of these outfits has become a hoarder of private data, which are sold to the highest bidders. Every new digital product now is conceived as a way to augment the profiles of the users. This includes paid services (e.g. Amazon and any number of subscription services) which also collect the same types of data, and trade them in an obscure market... without the grand bargain.
***
Many - most, perhaps - of us have decided to trust Google, Twitter and similar companies with our data. Some of us prefer to trust our corporations rather than our governments. But can we really trust corporations to act in our best interests?
What is our best interest? It depends. If you're one of those people who entered the Capitol on January 6, your best interest is for Google not to send your location data to the FBI. If you happen to be around the Capitol on January 6 but not involved in the election politics, you don't want investigators to be probing you just because you were in the neighborhood.
If you are one of the anti-government protestors in China, Iran, Russia, etc., your best interest is for Google not to send your location data to the investigators. Now, is it any different if you're protesting against a Western democratic government?
Closer to home, if you happen to live in one of those states that have banned abortion, and also encourage your neighbors to report on you to authorities, your best interest is for Google not to sell your location data to the highest bidder. If your neighbors are pro-life activists, their best interest is for Google to release geofenced location data around known abortion clinics so you can fulfil your civic duty to report on people and doctors who skirted the abortion ban.
Do we really believe that corporations are making these decisions based on our individual desires, or based on what their lawyers think is the best course of action for the corporate interest?
If the government entity is collecting our data, there are constitutional rights that govern what this entity can do. There are Freedom of Information Act (FOIA) provisions that citizens can use to discover if laws have been broken. There are no FOIA requirements that regulate corporate behavior. There is no punishment for companies issuing false statements when not under oath.
***
Elon Musk's behavior provides a glimpse at the answer. His threat to release a load of internal emails relating to Twitter's moderation process is a direct threat to weaponize data. He's not the first corporate executive to do this sort of thing: remember how a Uber executive casually told a reporter that she's being tracked during a time when another Uber executive threatened to dig dirt on journalists who wrote critical articles about Uber (link).
If Twitter will release internal emails to make a political point, it certainly has the means to release user data if an executive finds a reason to do so. This is selective, targeted disclosure of potentially private data. Musk is not releasing all emails about all banned accounts, but emails about one particular political figure that happens to belong to a political party he is on the record of opposing.
There is no way to verify that all emails related to that one situation would be released. No one outside of Twitter has access to this data. If there are any emails that could place Twitter in legal jeopardy, what's the chance that the corporate lawyers would allow them to be released? Would these lawyers play government and redact the documents?
Remember, besides the messages that Twitter users post publicly, there is a whole hidden universe of direct messages which are private conversations between people. Activists in authoritarian countries are known to use platforms like Twitter to hide communications from prying eyes.
Musk's announcement is much more than about Hunter Biden's laptop. It is an admission that private messages are not really private. They are in the hands of the companies which own these platforms. It only takes one CEO or executive with a grudge to weaponize someone's data. (Junior staff can also wage their own small-scale vendettas as many people have access to data as part of their work.)
***
The banning of Chinese tech companies is based on the possibility that the Chinese government may get access to private data from Chinese companies, and the possibility that such data would be used to harm people.
In Twitter's story, the CEO articulated a motive and a plan to selectively release data. He just hasn't pushed the button yet.
By contrast, Google pushed the button when they transferred data to the FBI. It's not anonymized data, either. It's personally identifiable information plus detailed maps of these people's locations. (While the Wired article singled out Google, it's likely that other big tech companies, like Microsoft and Apple, and telecoms companies, may have done something similar.)
P.S. [12/4/2022] In the evening of the day I put up this post and the next day, Elon Musk pushed the button and released the data so we now have two instances in which prominent U.S. corporations released data with the express purpose of harming the people who generated the data, plus an allegation that Chinese companies may do similar things.
Recent Comments