Ethical Issues in the Online World
Welcome to the blog of the Internet Ethics program at the Markkula Center for Applied Ethics, Santa Clara University. Program Director Irina Raicu will be joined by various guests in discussing the ethical issues that arise continuously on the Internet; we hope to host a robust conversation about them, and we look forward to your comments.
Thursday, May. 14, 2015
Happy Birthday, Right-to-Have-Certain-Results-De-Listed-from-Searches-on-Your-Own-Name-,-Depending-on-the-Circumstances!
It’s now been a year since the European Court of Justice shocked (some) people with a decision that has mistakenly been described as announcing a “right to be forgotten.”
Today, 80 Internet scholars sent an open letter to Google asking the company to release additional aggregate data about the company’s implementation of the court decision. As they explain,
The undersigned have a range of views about the merits of the ruling. Some think it rightfully vindicates individual data protection/privacy interests. Others think it unduly burdens freedom of expression and information retrieval. Many think it depends on the facts.
We all believe that implementation of the ruling should be much more transparent for at least two reasons: (1) the public should be able to find out how digital platforms exercise their tremendous power over readily accessible information; and (2) implementation of the ruling will affect the future of the [“right to be forgotten”] in Europe and elsewhere, and will more generally inform global efforts to accommodate privacy rights with other interests in data flows.
Although Google has released a Transparency Report with some aggregate data and some examples of the delinking decisions reached so far, the signatories find that effort insufficient. “Beyond anecdote,” they write,
we know very little about what kind and quantity of information is being delisted from search results, what sources are being delisted and on what scale, what kinds of requests fail and in what proportion, and what are Google’s guidelines in striking the balance between individual privacy and freedom of expression interests.
For now, they add, the participants in the delisting debate “do battle in a data vacuum, with little understanding of the facts.”
More detailed data is certainly much needed. What remains striking, in the meantime, is how little understanding of the facts many people continue to have about what the decision itself mandates. A year after the decision was issued, an associate editor for Engadget, for example, still writes that, as a result of it, “if Google or Microsoft hides a news story, there may be no way to get it back.”
To “get it back”?! Into the results of a search on a particular person’s name? Because that is the entire scope of the delinking involved here—when the delinking does happen.
In response to a request for comment on the Internet scholars’ open letter, a Google spokesman told The Guardian that “it’s helpful to have feedback like this so we can know what information the public would find useful.” In that spirit of helpful feedback, may I make one more suggestion?
Google’s RTBF Transparency Report (updated on May 14) opens with the line, “In a May 2014 ruling, … the Court of Justice of the European Union found that individuals have the right to ask search engines like Google to remove certain results about them.” Dear Googlers, could you please add a line or two explaining that “removing certain results” does not mean “removing certain stories from the Internet, or even from the Google search engine”?
Given the anniversary of the decision, many reporters are turning to the Transparency Report for information for their articles. This is a great educational opportunity. With a line or two, while it weighs its response to the important request for more detailed reporting on its actions, Google could already improve the chances of a more informed debate.
[I’ve written about the “right to be forgotten” a number of times: chronologically, see “The Right to Be Forgotten, Or the Right to Edit?” “Revisiting the ‘Right to Be Forgotten,’” “The Right to Be Forgotten, The Privilege to Be Remembered” (that one published in Re/code), “On Remembering, Forgetting, and Delisting,” “Luciano Floridi’s Talk at Santa Clara University,” and, most recently, “Removing a Search Result: An Ethics Case Study.”]
(Photo by Robert Scoble, used without modification under a Creative Commons license.)
Friday, May. 8, 2015
Last weekend, Santa Clara University hosted BroncoHack 2015—a hackathon organized by the OMIS Student Network, with the goal of creating “a project that is innovative in the arenas of business and technology” while also reflecting the theme of “social justice.” The Markkula Center for Applied Ethics was proud to be one of the co-sponsors of the event.
The winning project was “PrivaSee”—a suite of applications that helps prevent the leakage of sensitive and personally identifiable student information from schools’ networks. In the words of its creators, “PrivaSee offers a web dashboard that allows schools to monitor their network activity, as well as a mobile application that allows parents to stay updated about their kids’ digital privacy. A network application that sits behind the router of a school's network continuously monitors the network packets, classifies threat levels, and notifies the school administration (web) and parents (mobile) if it discovers student data being leaked out of the network, or if there are any unauthorized apps or services being used in the classrooms that could potentially syphon private data. For schools, it offers features like single dashboard monitoring of all kids and apps. For parents, it provides the power of on-the-move monitoring of all their kids’ privacy and the ability to chat with school administration in the event of any issues. Planned extensions like 'privacy bots' will crawl the Internet to detect leaked data of students who might have found ways to bypass a school's secure networks. The creators of PrivaSee believe that cybersecurity issues in connected learning environments are a major threat to kids' safety, and they strive to create a safer ecosystem.”
From the winning team:
"Hackathons are always fun and engaging. Personally, I put this one at the top of my list. I feel lucky to have been part of this energetic, multi-talented team, and I will never forget the fun we had. Our preparations started a week ago, brainstorming various ideas. We kick-started the event with analysis of our final idea and the impact it can create, rather than worrying about any technical challenges that might hit us. We divided our work, planned our approach, and enjoyed every moment while shaping our idea to a product. Looking back, I am proud to attribute our success to my highly motivated and fearless team with an unending thirst to bring a vision to reality. We are looking forward to testing our idea in real life and helping to create a safer community." - Venkata Sai Kishore Modalavalasa, Computer Science & Engineering Graduate Student, Santa Clara University
"My very first hackathon, and an amazing experience indeed! The intellectually charged atmosphere, the intense coding, and the serious competition kept us on our toes throughout the 24 hours. Kudos to ‘Cap'n Sai,’ who guided us and helped take the product to near perfection. Kudos to the rest of my teammates, who coded diligently through the night. And finally, thank you to the organizers and sponsors of BroncoHack 2015, for having provided us with a platform to turn an idea into a functional security solution that can help us make a difference." - Ashish Nair, Computer Science & Engineering Graduate Student, Santa Clara University
"Bronco-hack was the first hackathon I ever attended, and it turned to be an amazing experience. After pondering over many ideas, we finally decided to stick with our app: 'PrivaSee'. The idea was to come up with a way to protect kids from sending sensitive digital information that can potentially be compromised over the school’s network. Our objective was to build a basic working model (minimum viable product) of the app. It was a challenge to me because I was not experienced in the particular technical skill-set that was required to build my part of the app. This experience has most definitely strengthened my ability to perform and learn in high pressure situations. I would definitely like to thank the organizers for supporting us throughout the event. They provided us with whatever our team needed and were very friendly about it. I plan to focus on resolving more complicated issues that still plague our society and carry forward and use what I learnt from this event." - Manish Kaushik, Computer Science & Engineering Graduate Student, Santa Clara University
"Bronco Hack 2015 was my first Hackathon experience. I picked up working with Android App development. Something that I found challenging and fun to do was working with parse cloud and Android Interaction. I am really happy that I was able to learn and complete the hackathon. I also find that I'm learning how to work and communicate effectively in teams and within time bounds. Everyone in the team comes in with different skill levels and you really have to adapt quickly in order to be productive as a team and make your idea successful within 24hrs." - Prajakta Patil, Computer Science & Engineering Graduate Student, Santa Clara University
"I am extremely glad I had this opportunity to participate in Bronco Hack 2015. It was my first ever hackathon, and an eye-opening event for me. It is simply amazing how groups of individuals can come up with such unique and extremely effective solutions for current issues in a matter of just 24 hours. This event helped me realize that I am capable of much more than I expected. It was great working with the team we had, and special thanks to Captain Sai for leading the team to victory. " - Tanmay Kuruvilla, Computer Science & Engineering Graduate Student, Santa Clara University
Congratulations to all of the BroncoHack participants—and yes, BroncoHack will return next Spring!
Thursday, Apr. 30, 2015
Good friends understand boundaries and keep your secrets. You can’t be good friends with someone you don’t trust.
Facebook, the company that made “friend” a verb and invited you to mix together your bosom buddies, relatives, acquaintances, classmates, lovers, co-workers, exes, teachers, and who-knows-who-else into one group it called “friends,” and has been helping you stay in touch with all of them and prompting you to reveal lots of things to all them, is taking some steps to become more trustworthy.
Specifically, as TechCrunch and others recently reported, as of April 30 Facebook’s modified APIs will no longer allow apps to collect data both from their users and from their users’ Facebook “friends”—something they often did until now, often without the users (or their friends) realizing it.*
As TechCrunch’s Josh Constine puts it, “Some users will see [this] as a positive move that returns control of personal data to its rightful owners. Just because you’re friends with someone, doesn’t mean you necessarily trust their judgment about what developers are safe to deal with. Now, each user will control their own data destiny.” Moreover, with Facebook’s new APIs, each user will have more “granular control” over what permissions he or she grants to an app in terms of data collection or other actions—such as permission to post to his or her Newsfeed. Constine writes that
Facebook has now instituted Login Review, where a team of its employees audit any app that requires more than the basic data of someone’s public profile, list of friends, and email address. The Login Review team has now checked over 40,000 apps, and from the experience, created new, more specific permissions so developers don’t have to ask for more than they need. Facebook revealed that apps now ask an average of 50 percent fewer permissions than before.
These are important changes, specifically intended by Facebook to increase user trust in the platform. They are certainly welcome steps. However, Facebook might ponder the first line of Constine’s TechCrunch article, which reads, “It was always kind of shady that Facebook let you volunteer your friends’ status updates, check-ins, location, interests and more to third-party apps.” Yes, it was. It should have been obvious all along that users should “control their own data destiny.” Facebook’s policies and lack of clarity about what they made possible turned many of us who used it into somewhat inconsiderate “friends.”
Are there other policies that continue to have that effect? So many of our friendship-related actions are now prompted and shaped by the design of the social platforms on which we perform them—and controlled even more by algorithms such as the Facebook one that determines which of our friends’ posts we see in our Newsfeed (no, they don’t all scroll by in chronological order; what you see is a curated feed, in which the parameters for curation are not fully disclosed and keep changing).
Facebook might be becoming a better, more trustworthy friend (though a “friend” that, according to The Atlantic, made $5 billion last year by showing you ads, “more than [doubling] digital ad revenue over the course of two years”). Are we becoming better friends, though, too? Or should we be clamoring for even more transparency and more changes that would empower us to be that?
* We warned about this practice in our Center’s module about online privacy: “Increasingly, you may… be allowing some entities to collect a lot of personal information about all of your online ‘friends’ by simply clicking ‘allow’ when downloading applications that siphon your friends' information through your account. On the flip side, your ‘friends’ can similarly allow third parties to collect key information about you, even if you never gave that third party permission to do so.” Happily, we’ll have to update that page now…
Friday, Apr. 24, 2015
In October 2014, Google inaugurated a Transparency Report detailing its implementation of the European court decision generally (though mistakenly) described as being about “the right to be forgotten.” To date, according to the report, Google has received more than 244,000 requests for removals of URLs from certain searches involvijng names of EU residents. Aside from such numbers, the Transparency Report includes examples of requests received--noting, in each case, whether or not Google complied with the request.
The “right to be forgotten” decision and its implementation have raised a number of ethical issues. Given that, we thought it would be useful to draw up an ethics case study that would flesh out those issues; we published that yesterday: see “Removing a Search Result: An Ethics Case Study.”
What would you decide, if you were part of the decision-making team tasked with evaluating the request described in the case study?
Thursday, Apr. 9, 2015
Wednesday, Apr. 1, 2015
Certain eighth graders I know have been reading “Harrison Bergeron
,” so I decided to re-read it, too. The short story, by Kurt Vonnegut, describes a dystopian world in which, in an effort to make all people equal, a government imposes countervailing handicaps on all citizens who are somehow naturally gifted: beautiful people are forced to wear ugly masks; strong people have to carry around weights in proportion to their strength; graceful people are hobbled; etc. In order to make everybody equal, in other words, all people are brought to the lowest common denominator. The title character, Harrison Bergeron, is particularly gifted and therefore particularly impaired. As Vonnegut describes him,
… Harrison's appearance was Halloween and hardware. Nobody had ever born heavier handicaps. He had outgrown hindrances faster than the H-G men could think them up. Instead of a little ear radio for a mental handicap, he wore a tremendous pair of earphones, and spectacles with thick wavy lenses. The spectacles were intended to make him not only half blind, but to give him whanging headaches besides.
Scrap metal was hung all over him. Ordinarily, there was a certain symmetry, a military neatness to the handicaps issued to strong people, but Harrison looked like a walking junkyard. In the race of life, Harrison carried three hundred pounds.
And to offset his good looks, the H-G men required that he wear at all times a red rubber ball for a nose, keep his eyebrows shaved off, and cover his even white teeth with black caps at snaggle-tooth random.
In classroom discussions, the story is usually presented as a critique of affirmative action. Such discussions miss the fact that affirmative action aims to level the playing field, not the players.
In the heart of Silicon Valley, in a land that claims to value meritocracy but ignores the ever more sharply tilted playing field, “Harrison Bergeron” seems particularly inapt. But maybe it’s not. Maybe it should be read, only in conjunction with stories like CNN’s recent interactive piece titled “The Poor Kids of Silicon Valley.” Or the piece by KQED’s Rachel Myrow, published last month, which notes that 30% of Silicon Valley’s population lives “below self-sufficiency standards,” and that “the income gap is wider than ever, and wider in Silicon Valley than elsewhere in the San Francisco Bay Area or California.”
What such (nonfiction, current) stories make clear is that we are, in fact, already hanging weights and otherwise hampering people in our society. It’s just that we don’t do it to those particularly gifted; we do it to the most vulnerable ones. The kids who have to wake up earlier because they live far from their high-school and have to take two buses since their parents can’t drive them to school, and who end up sleep deprived and less able to learn—the burden is on them. The kids who live in homeless shelters and whose brains might be impacted, long-term, by the stress of poverty—the burden is on them. The people who work as contractors with limited or no benefits—the burden is on them. The parents who have to work multiple jobs, can’t afford to live close to work, and have no time to read to their kids—the burden is on all of them.
In a Wired article about a growing number of Silicon Valley “techie” parents who are opting to home-school their kids, Jason Tanz expresses some misgivings about the subject but adds,
My son is in kindergarten, and I fear that his natural curiosity won’t withstand 12 years of standardized tests, underfunded and overcrowded classrooms, and constant performance anxiety. The Internet has already overturned the way we connect with friends, meet potential paramours, buy and sell products, produce and consume media, and manufacture and deliver goods. Every one of those processes has become more intimate, more personal, and more meaningful. Maybe education can work the same way.
Set aside the question of whether those processes have indeed become more intimate and meaningful; let’s concentrate on a different question about the possibility that, with the help of the Internet, education might “work the same way”: For whom?
Are naturally curious and creative kids being hampered by standardized tests and underfunded and overcrowded classrooms? Well then, in Silicon Valley, some of those kids will be homeschooled. The Wired article quotes a homeschooling parent who optimistically foresees a day “when you can hire a teacher by the hour, just as you would hire a TaskRabbit to assemble your Ikea furniture.” As to what happens to the kids of the TaskRabbited teacher? If Harrison Bergeron happens to be one of those, he will be further hampered, and nobody will check whether the weight of the burden will be proportional to anything.
Meritocracy is a myth when social inequality becomes as vast as it has become in Silicon Valley. Teaching “Harrison Bergeron” to eighth graders in this environment is a cruel joke.
Friday, Mar. 27, 2015
Exciting news! A new course now being developed at Santa Clara University, funded by a $25,000 grant from Intel Corporation's Privacy Curriculum Initiative, will bring together engineering, business, and law students to address topics such as privacy by design, effective and accurate privacy policies, best‐practice cybersecurity procedures, and more. Ethics will be an important part of the discussion, and the curriculum will be developed by the High Tech Law Institute in conjunction with Santa Clara University’s School of Engineering, the Leavey School of Business, and the Markkula Center for Applied Ethics.
More details here!
Tuesday, Mar. 17, 2015
Last November, the director of the NSA came to Silicon Valley and spoke about the need for increased collaboration among governmental agencies and private companies in the battle for cybersecurity. Last month, President Obama came to Silicon Valley as well, and signed an executive order aimed at promoting information sharing about cyberthreats. In his remarks ahead of that signing, he noted that the government “has its own significant capabilities in the cyber world” and added that when it comes to safeguards against governmental intrusions on privacy, “the technology so often outstrips whatever rules and structures and standards have been put in place, which means the government has to be constantly self-critical and we have to be able to have an open debate about it.”
Five days later, on February 19, The Intercept reported that back in 2010 “American and British spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe….” A few days after that, on February 23, at a cybersecurity conference, the director of the NSA was confronted by the chief information security officer of Yahoo in an exchange which, according to the managing editor of the Just Security blog, “illustrated the chasm between some leading technology companies and the intelligence community.”
Then, on March 10th, The Intercept reported that in 2012 security researchers working with the CIA “claimed they had created a modified version of Apple’s proprietary software development tool, Xcode, which could sneak surveillance backdoors into any apps or programs created using the tool. Xcode, which is distributed by Apple to hundreds of thousands of developers, is used to create apps that are sold through Apple’s App Store.” Xcode’s product manager reacted on Twitter: “So. F-----g. Angry.”
Needless to say, it hasn’t been a good month for the push toward increased cooperation. However, to put those recent reactions in a bit more historical context, in October 2013, it was Google’s chief legal officer, David Drummond, who reacted to reports that Google’s data links had been hacked by the NSA: "We are outraged at the lengths to which the government seems to have gone to intercept data from our private fibre networks,” he said, “and it underscores the need for urgent reform." In May 2014, following reports that some Cisco products had been altered by the NSA, Mark Chandler, Cisco’s general counsel, wrote that the “failure to have rules [that restrict what the intelligence agencies may do] does not enhance national security ….”
If the goal is increased collaboration between the public and private sector on issues related to cybersecurity, many commentators have observed that the issue most hampering that is a lack of trust. Things are not likely to get better as long as the anger and lack of trust are left unaddressed. If President Obama is right in noting that, in a world in which technology routinely outstrips rules and standards, the government must be “constantly self-critical,” then high-level visits to Silicon Valley should include that element, much more openly than they have until now.
Tuesday, Mar. 10, 2015
Last month, after the advisory council released its much-anticipated report
, Professor Floridi spoke at Santa Clara University (his lecture was part of our ongoing “IT, Ethics, and Law” lecture series
). In his talk, titled “Recording, Recalling, Retrieving, Remembering: Memory in the Information Age,” Floridi embedded his analysis of the European court decision into a broader exploration of the nature of memory itself; the role of memory in the European philosophical tradition; and the relationship among memory, identity, forgiveness, and closure. As Floridi explained, the misnamed “right to be forgotten” is really about closure, which is in turn not about forgetting but about “rightly managing your past memory.”
If you would like to be added to our “IT, Ethics, and Law” mailing list in order to be notified of future events in the lecture series, please email firstname.lastname@example.org
Wednesday, Feb. 25, 2015
One of the programs organized by the Markkula Center for Applied Ethics is a Business and Organizational Ethics Partnership
that brings together Silicon Valley executives and scholars. Earlier this month, the partnership’s meeting included a panel discussion on the ethics of encryption. The panelists were David J. Johnson, Special Agent in Charge of the San Francisco Division of the FBI; Marshall Erwin
, a senior staff analyst at Mozilla and fellow at Stanford’s Center for Internet and Society; and Jonathan Mayer
, Cybersecurity Fellow at the Center for International Security and Cooperation and Junior Affiliate Scholar at the Center for Internet and Society
Of course, since then, the conversation about encryption has continued: President Obama discussed it, for example, in an interview that he gave
when he came to Silicon Valley to advocate for increased cooperation between tech companies and the government; NSA Director Mike Rogers was challenged on that topic
at a recent cybersecurity conference; and Hilary Clinton and others continued to hope for a middle ground solution
. However, as the Washington Post
recently put it, “political leaders appear to be re-hashing the same debate in search of a compromise solution that technical experts say does not exist.”
(In the photo, L-R: Irina Raicu, Jonathan Mayer, Marshall Erwin, and David J. Johnson)