Category Privacy

Permission to know what is going on, sir?

Google have released a new thingy, which allows people to save web content to their Google Drive (Google’s cloud-based storage thing), and do various things to it like add comments and annotations.

Nothing much unusual about that, and there are lots of similar things out there like the formerly discussed bo.lt. Not to mention every computer in the world, which copies and stores all the web content which comes its way.

The fact that is is so ordinary highlights one of the challenges of the internet for the future. The idea that keeping and changing copies of content you happen to come across should be controversial. It’s not allowed by the law, after all. To the extent that it happens as a consequence of browsing, it is the result of a technical design decision decades ago rather than a natural and inevitable consequence of digitisation.

In fact, digitisation could just as easily do the opposite. Rather than requiring multiple copies to exist, digitisation holds out the possibility of a single copy of something being accessible to everyone. To read a book, for example, you don’t need to hold your own copy in your hand any more. Everyone can read the same copy.

Of course, if we imagine the internet without the constant, prolific and uncontrolled copying which is embedded within its technical protocols, it’s a very different place. Fundamentally, creators would know what was happening to their content, because they would have some control over the master copy. Creative success would be better rewarded and so the internet economy would truly be a creative economy. The protocols and marketplaces of the internet would have sprung up around the idea of permission rather than presumption, and huge new opportunities would have arisen as a consequence.

Contrast that with what we have. Google’s product, and many others, work on the assumption that permission is entirely unnecessary. Making copies, changing work, sharing it with others is all just fine.

The usual circular justification for this (“it’s fine because everyone does it, it’s how the internet works, if it wasn’t fine the internet wouldn’t work”), itself absurd, doesn’t really cover it. After all, copyright hasn’t been abolished yet, and this activity isn’t embedded in the bandwidth-compensating early internet protocols which still underpin things like web browsing (and subsequently protected by various laws, new and old, or generous interpretations of them).

Permission is still, in law, required to make a copy of something. Permission can be denied, perhaps because the proposed copying is damaging, or insufficiently rewarding, or just because someone decides to say “no”.

That concept doesn’t seem to feature in Google’s product. It doesn’t say how a site owner can prevent people copying their content in this way, and I’m guessing that is because they can’t. Doubtless a tortuous DMCA takedown process can be used by anyone who discovers a copy they don’t like (complete with intimidating – and copyright infringing – report to Chilling Effects if the complaint goes to Google) but no ability to prevent it happening in the first place.

The idea of permission seems to just be absent from increasing parts of the internet.

Permission for search engines to create massive, permanent and complete databases of all the content they come across isn’t needed, they say. Part of their justification is that while they might keep huge databases, they only show “snippets” to users, which makes it OK. Oh, but the content owner can’t decide on what snippet is shown either.

The need for permission to be obtained before content is copied for things like bo.lt and this new Drive thingy isn’t needed either. Well, it is in law, but not in practice. Finding and removing copies, wildly impractical and expensive, also requires considerable formalities and the promise of punishment by publishing your complaint, as if exercising your legal rights is somehow wrong.

And now the cloud is creating a new category of permissiveness, things done in private or for small audiences. It’s OK to create a service which facilitates illegal copying because it’s the equivalent of something which would otherwise have happened behind closed doors. As if the law stops at your front door.

This is all a bit scary, it means control is getting ever looser at the same time as the ability of technology to tame the chaos is increasing.

Why shouldn’t a creator want to know who has made copies of their work and why? Is it unreasonable to want to make sure corrections, changes or withdrawal of content actually takes effect? Why shouldn’t someone be able to refuse permission for a use they don’t like or which conflicts with something else they’re doing? Or keep something exclusive to themselves?

And, obviously, what’s wrong with wanting to make money from your work and wanting to stop people stealing it or other people making money.

It’s notable, as I have observed before, that the companies making the most money from content on the internet are those who invest the least in its creation. This seems to be getting worse, not better, even as the technical capabilities to reverse it increase.

The creation of new services, which are entirely detached from the technical baggage of the past, which actually and actively exacerbate this catastrophic trend shows, not for the first time, the contempt with which technology companies view content and creators. Offering users a convenience, without any consideration for reasonableness or the law, isn’t “disruptive” or “user-focussed”, regardless of whether users would be doing it anyway without your help. It’s amoral, self-interested and just wrong.

The internet’s potential to elevate creativity and creative success to the very pinnacle of our culture and economy is still there, but it is still under sustained attack constantly. A permission-driven internet is an opportunity, not a threat.

How much longer we’ll be able to cling to the idea that it can happen, though, is questionable.

The internet wants to be open, but some internets are more open than others

Sergey Brin of Google had a discussion with The Guardian and talked about his vision for the future of the internet, alongside his concerns about threats to that vision.

It’s an incredible insight into his (and Google’s) world view, which seems to be from a truly unique perspective. There is nobody else who sits astride the internet like Google and it seems that from the top, the sense of entitlement to be the masters of all they survey is strong.

Take this quote, from towards the end of the piece:

If we could wave a magic wand and not be subject to US law, that would be great. If we could be in some magical jurisdiction that everyone in the world trusted, that would be great … We’re doing it as well as can be done

I’m not sure what this “magical jurisdiction” would be but it doesn’t sound like Sergey wants it to be based on US law, and there’s no sign that Google has any greater love for any other existing jurisdiction. I wonder if he’s thinking that perhaps it should be a Google-defined jurisdiction? After all, Google is fond of saying that the trust of users is their key asset – they presumably consider themselves to be highly trusted. I wonder if the magic wand is in development somewhere deep in their bowels? Perhaps one of their robotic cars can wave it when the time comes! Google can declare independence from the world…

But why should we trust them? There’s almost nothing they do which you can’t find fierce critics to match their army of adoring fans. Without deconstructing them all, surely the point is this: whenever a single entity (be it a government, company or individual) has complete control over any marketplace, territory or network, bad things tend to happen. Accountability, checks-and-balances, the rule of law, democratically enacted, are all ways of trying to ensure that power does not achieve its natural tendency to corrupt.

Google asks us to just trust it. And many people do.

Another quote:

There’s a lot to be lost,” he said. “For example, all the information in apps – that data is not crawlable by web crawlers. You can’t search it.

The phrasing is interesting. Is is really true that because data in apps is not crawlable it is “lost”? I use apps all the time, and the data appears to be available to me. I don’t think the fact that it’s not available to Google means it’s “lost” (except I suppose to Google). Defining something that is not visible to Google as “lost” suggests not just that Google considers that it should be able to see and keep everything that exists online, but also that they have an omniscient role that should not be subject to the normal rules of business or law. Like people being able to choose who they deal with and on what terms. Or being able to choose who copies and keeps their copyright works.

The “lost” app data could, of course, easily be made available to Google if the owner chose. Brin’s complaint seems to be that Google can’t access it without the owner deciding it’s OK – there is a technical obstacle which can’t simply be ignored. Yet all they have to do, surely, is persuade the owners to willingly open the door: hardly a controversial challenge in the world of business. It’s called doing a deal, isn’t it?

Here’s what he had to say in relation to Facebook

You have to play by their rules, which are really restrictive.. The kind of environment that we developed Google in, the reason that we were able to develop a search engine, is the web was so open. Once you get too many rules, that will stifle innovation.

Another telling insight. Too many rules stifle innovation. Rules are bad.

Hard to agree with even as a utopian ideal (utopia isn’t usually synonymous with anarchy), but even less so when you consider the reality of dealing with Google. I have visited various Google offices at various times and have always been asked to sign in using their “NDA machine” at reception. Everyone has to do it. You have to sign an NDA simply to walk into their offices. The first rule of Google is you can’t talk about Google. Hardly the most open environment – they are the only company I have ever visited which insists on this.

Of course, Google is no stranger to rules either. They set their own rules and don’t offer room for discussion or adjustment. When they crawl websites, for example, they copy and keep everything they find, indefinitely. They have an ambition to copy and keep all the information on the internet, and eventually the world. Their own private, closed, internet. This is a rule you have to play by.

Even if you ban crawling on some or all of your site using robots.txt, they crawl it anyway but just exclude the content from search results (this was explained to me by a senior Google engineer a few years ago and as far as I know it has not changed). If you want to set some of your own rules, using something like ACAP or just by negotiating with them, good luck: they refuse to implement things like ACAP and rarely negotiate.

“You have to play by their rules, which are really restrictive”

Here’s an interesting story. A while ago, Google refused to include content in their search results if clicking on the link would lead a user to a paywall. They said it was damaging to the user experience if they couldn’t read the content they had found with Google (another Google rule: users must be able to click on links they find and see the content without any barriers or restrictions). However it also meant users couldn’t find content they knew they wanted, for example from some high-profile newspapers like the FT and Wall Street Journal.

So Google introduced a programme called “First Click Free“. It set some rules (more rules!) for content owners to get their content included in Google search even if it was “restricted” behind a paywall. It doesn’t just set rules for how to allow Google’s crawlers to access the content without filling in a registration form, but also the conditions you have to fulfill – primarily that anybody clicking a link to “restricted” content from Google search needs to be allowed to view it immediately, without registration or payment.

This is a Google rule which you have to play by, unless you are willing to be excluded from all their search results. Not only is it technically demanding, it also fails to take account of different business models and the need for businesses to be flexible.

Unfortunately it was also wide open to abuse. Many people quickly realised they could read anything on paid sites just by typing the headline into a Google search.

Eventually Google made some changes. Here’s how they announced them:

we’ve decided to allow publishers to limit the number of accesses under the First Click Free policy to five free accesses per user each day 

They have “decided to allow” publishers to have a slightly amended business model. Publishers need permission from Google to implement a Google-defined business model (or suffer the huge impact of being excluded from search), and now they are allowed to vary it slightly.

For a company which objects to the idea of having to play by someone else’s rules, they’re not too bothered about imposing some of their own.

Which brings me back to trust. If Google want a world in which they have access to scan, store and use all “data” from everywhere, where they don’t have to play by the “restrictive” rules or laws (like copyright) set by others – even their own government – don’t they need to start thinking about their demand for openness both ways round? Rather than rejecting rules which don’t suit them (such as “US law”) shouldn’t they try to get them changed; argue and win their case or accept defeat graciously? Shouldn’t they stop imposing rules on those whose rules they reject, ignore or decry?

Google is a very closed company. Little they do internally is regarded by them as being “open”, and they build huge and onerous barriers to protect their IP, secrets and data. Even finding out what Google know about you, or what copies of your content they have, is virtually impossible; changing or deleting it even harder.

They ask us to trust them. We would be unwise to do so, any more than we trust any monopolies or closed regimes which define their own rules. It wouldn’t matter so much but for their huge dominance, influence and reach. They have, it is said, personal data on more than a billion people all of whom are expected to trust them unquestioningly.

Surely the first step to earning, rather than simply assuming, that trust is that they need to start behaving towards others in the way they demand others treat them.

Openness cuts both ways, Sergey. How about starting by practicing what you preach and opening Google up fully?

Lets play a word game

Consider this quote from The Guardian:

A cross-party committee of MPs and peers has urged the government to consider introducing legislation that would force Google to censor its search results to block material that a court has found to be in breach of someone’s *********.

Or these ones, from the parliamentary committee itself:

Where an individual has obtained a clear court order that certain material infringes their ********* and so should not be published we do not find it acceptable that he or she should have to return to court repeatedly in order to remove the same material from internet searches.

and

Google acknowledged that it was possible to develop the technology proactively to monitor websites for such material in order that the material does not appear in the results of searches. We find their objections in principle to developing such technology totally unconvincing. Google and other search engines should take steps to ensure that their websites are not used as vehicles to breach the law and should actively develop and use such technology. We recommend that if legislation is necessary to require them to do so it should be introduced.

not to mention

Whilst damages for breaches of ********* are never as good as preventing the breach in the first place, the maximum level of damages that has been awarded is too low to act as a real deterrent. We recommend that the courts should have the power to award exemplary damages in ********* cases, if necessary by giving the courts that power through legislation. In deciding whether to award exemplary damages the courts should take into account the financial situation of the media organisation concerned.

How about this one from Tim Berners-Lee

It’s mine – you can’t have it. If you want to use it for something, then you have to negotiate with me. I have to agree, I have to understand what I’m getting in return.

What do you think they’re all talking about? What word have I asterisked-out?

If you’re guessing “copyright” you are, sadly, wrong. However it fits, doesn’t it?

They are, as you probably guessed, talking about “privacy” or personal data in one form or another.

The reason they can so easily substitute for each other is because they’re so similar. Copyright, like “privacy” or personal data belongs to someone. They choose how much of it to put in public and on what terms. They choose how it can be exploited by others and they have the right to prevent it. They are both protected by laws which are intended to protect the personal, commercial and moral rights of the owners.

Yet despite the obvious parallels between copyright and “privacy” they seem to often be regarded in almost opposite ways. While preserving the sanctity of “privacy” (whatever that actually means) is uncontroversial – even the normally shrill Cory Doctorow says “I like the idea of strong privacy legislation” – the idea that copyright should apply to the internet in anything other than the most rudimentary fashion creates a huge and impassioned outcry.

Perhaps this is to do with the fact the copyright is so often associated with big companies, who are easily and casually reviled – sometimes just for their big-ness. Anti-copyright activists often take aim at Disney or Newscorp and accuse them of trying to prop up an outdated and unfair media monopoly.

It’s harder to be so absolutist at the other end of the scale. Everything I have ever written, every photograph I have ever taken is covered by copyright. The same applies to you. It could also be my living. But protecting it online is virtually impossible. Anyone who has tried to get a picture or video removed from websites, sometimes many websites, knows the impossibility of the task. Getting compensation is a virtual impossibility. The idea that someone might ask before using my stuff is almost comically naive. Getting paid by even a tiny minority just a fantasy.

So where do my privacy rights (good) end and my copyrights (bad) begin? Is it when I publish something? Is it when I try to make money from it? Is it when I do a deal with a media company to use my work? Is it when I get successful enough that I collaborate with other creators, work together to be more successful and become, as if by magic, a company rather than just a person (media companies, after all, are just ways that creative people organise themselves to create more success).

For me, what is good for one is good for the other. Copyright is personal, just as much as it is corporate, and it’s the engine of so much economic and cultural good. The polarised attitudes highlight how dishonest and unsophisticated the debate has become.

Copyright is property. Someone created it, invested time, intelligence, creativity and probably money in it. It belongs to that person, and they have the right to choose whether or not to share it.

If they do, it’s a good thing: it advances our culture and our knowledge, it inspires others to create more things, it moves us forward as well as entertaining and delighting people. We should want to encourage more things to be created and shared and copyright does this.

Those who create and share should be able to expect a reward just as those who seek to protect their privacy expect to be able to prevent it being invaded.

Copyright needs to be better protected, and that means having practical means to do so as well as the laws to base them on.

%d bloggers like this: