FreshNetworks Blog

Locks (Photo credit: m thierry)

Having attended the Westminster eForum’s keynote seminar recently, which looked at preparing for the new European Data Protection Framework, here’s a quick summary of what the new regulation includes, and what people at the seminar were saying about it.

Summary of the new regulation

• An updated definition of personal data, which now explicitly mentions online identifiers, locational data, and genetic data.
• Consent will have to be explicit.
• Organisations must actively report data breaches.
• Some organisations will be required to appoint a Data Protection Officer (DPO).
• Abolishing the fee (max £10) which organisations can charge for subject access requests.
• New “right to be forgotten”, whereby in some circumstances individuals can request that an organisation erase all the personal data it holds on them.
• In some situations, national supervisory authorities will be able to take action against organisations in other EU Member States.
• Supervisory authorities will potentially be able to fine up to €1m or up to 2% of a company’s annual turnover.

Pros

Largely as expressed at the seminar by David Smith of the ICO

• Necessary modernisation – there was general consensus from all the speakers that the current framework is now out of date, and doesn’t adequately protect people’s privacy rights – especially their online privacy on account of significant technological developments in recent years, including widespread use of social media networks.
• Enhanced rights for individuals.
• Legal obligations for data processors.
• Businesses will be held accountable for having the correct systems and practices in place.
• Improved consistency (as opposed to harmonisation) across the EU.

Cons / challenges

• How to strike the right balance between better protecting people’s online privacy and use of people’s personal data by companies, and not putting overly onerous data protection burdens on businesses (especially SMEs), and potentially stifling technological and business innovation. Certainly, there has been an unprecedented number of suggested amendments made (estimated to be a record 5000!), and these will take some time to be processed and resolved.
• How to strike the right balance between using data for good (e.g. Lord McNally gave the example of helping identify and work with dysfunctional families), and not overstepping the privacy mark.
• Many of the speakers said that the “right to be forgotten” was an overstatement, with the title proving a problem. In reality it will be extremely difficult, if not impossible, to be totally forgotten everywhere online. However, the main point is for individuals to be able to say they object to their data being processed.
• Clive Davenport, of the FSB, was particularly concerned about the potential burden the new regulation would put on SMEs, and in general the feasibility of complete compliance was questioned throughout the seminar.
• Nick Stringer, of the IAB UK, spoke in favour of including the “pseudonymous data” subset to provide a reasonable and legal basis for businesses to process information. He further highlighted the need for striking the right balance between safeguarding online privacy and providing consumer benefits (e.g. data enables more effective marketing), and promoting business (data drives the digital economy, and digital advertising also drives many SMEs and start-ups).
• Mina Mehta of GSK also called for the balance between prescription versus proportionality

One clear message was that the framework is still a work in progress, and therefore people can and should act now in order to try and shape and amend it. Negotiations are expected to commence in June 2013, with results expected by the end of the year and the final version in place for summer 2014. So there is still time to act to try and make changes. However, the ICO also pointed out that there’s also time to get your house in order.

Nobody gets me Bitcoins! (Photo credit: zcopley)

In the current economic climate, many people have been looking into alternative investment opportunities, or safe places to put their money outside of the banking system. Options such as precious gems, or fine wine, are regularly discussed. One of the rising stars in this space is the Bitcoin market.

Bitcoins are a decentralised digital currency which uses open source technology to trade coins between users all over the world. Bitcoins are obtained by completing increasingly difficult mathematical calculations, this system ensuring only that a limited number of Bitcoins are available and that no one organisation controls the flow of coins.

Using social data to predict consumer behaviour, or even the value of goods, is nothing new, and many traders have been looking to include social metrics into their trading algorithms. Various academic studies have also highlighted predictive qualities of social data in the equity markets. However, because there are so many factors involved in pricing most financial instruments, it can be extremely difficult to accurately predict how markets will change.

Bitcoin however has several characteristics which make it an ideal market for social data prediction:

• The value of Bitcoins is determined almost solely on market demand, because the number of coins on the market is predictable and are not tied to any physical goods

• Bitcoin traders tend to be in the same demographic as social media users, and so their attitudes, opinions and sentiment towards Bitcoin are well documented

• Bitcoin is predominately traded by individuals rather than large institutions

• Events that affect Bitcoin value are disseminated first and foremost on social media

We intend to test the hypothesis that Bitcoins could prove an exciting testbed for social prediction, and give us a greater understanding of how publicly expressed sentiment and behaviour actually impacts the value of a commodity.

What do you think? Can social data be used to predict Bitcoin values?

Forget-me-nots (Photo credit: churchofpunk)

After just a few days in the job, the UK’s first youth crime commissioner, Paris Brown, resigned over some of her past Twitter postings. There are no doubt many posts that she wishes could be deleted, forgotten forever, and she is not alone. As we leave more and more behind us in our digital exhaust there will no doubt be Tweets, photos, comments and the like that all of us would like to be forgotten. And not just because they were misjudged in the first place, as was the case with Paris Brown.

Social media will provide a continual record of our lives – of the detail of what we did and what we said at a particular time on a particular day in the past. Some people liken this to a diary, but it is different in two fundamental ways:

1. A diary is always written after the event, reporting something we did in the (near) past; our social media records were composed in the heat of the moment, in real time
2. What we write in a diary is selective, we think about what it is from the day that we want to record; our social media records are less so – our posts and photos often go through fewer filters

So social media is leaving behind us a very different set of records – records that are written in real-time, are less filtered, and tend to discuss the detail of what we were doing or thinking at a particular point in the past. And, in many cases, they can be seen by anybody – without us there to explain where this particular record fitted into our lives at the time; without context.

These new records present a number of potential challenges to us in the future, not least to how we remember and think about our past.

• We tend to forget detail – except for the most special of memories. Rather we remember events at a macro-level – we know broadly speaking where we were and when, what we were doing at different stages in our lives, and the things that happened to us. Our social media records are only the detail – they provide no context and no structure to our memories. Just a set of detailed comments that we will not be able to escape from.
• We think of the past through the lens of today – we interpret what we did and said based on our current experiences, beliefs and moral compass. This is why even reading diaries from your childhood can be cringe-worthy. Our social media records will come with no interpretation; there will be no escaping what we said or thought in the past.

So, our social media records will provide a different view of our own pasts (for ourselves and for others) than we might currently want to portray. And this is why we might want to explore a right to be forgotten online, a right for our posts to be removed or replaced and for us to curate our own pasts. Not for that odd ill thought-through Tweet, but because social risks changing the way we make and store memories of our lives.

Cosmonaut Memorial (Photo credit: bigglesmith)

Last week I went to a talk by Evgeny Morozov at the Royal Society of Arts on the limits and problems with what he terms ‘technological solutionism’, the subject of his new book To Save Everything, Click Here. It was a brilliant talk, available here, and which I would highly recommend that you listen in full if you have the time.

‘Technological solutionism’ is the idea that many of society’s problems can and should be solved with technological fixes. Take, for example, the obesity epidemic that has swept the developed world. With Nike+ fuel band, a person can now precisely track how much exercise they are doing, and they can count all the calories they eat with nice smartphone apps. This information, shared with their friends and uploaded to online leaderboards and social profiles, will then spur them to keep fit and eat more healthily through gamified incentives.

Whilst this is just one small example, you only need to browse Tech Crunch or Wired (most recently with Brain scans predict which criminals are most likely to reoffend) to see the plethora of apps, initiatives and claims that technology and the internet will lead us to a better, cleaner future. As Eric Schmidt, Google’s executive chairman, said: “in the future… if we get this right, I believe we can fix all the world’s problems.”

There are, however, a few problems with this ideology:

1. An excuse to push away responsibility for society’s problems: If you take this ideology to its logical conclusions, then proper political and societal discussion of serious issues is side-lined, and the onus for solving them is either outsourced to Silicon Valley or onto individual people. To take the obesity example, questions about advertising of junk food, the proliferation of high fructose corn syrup, or the lack of free sport facilities, are all pushed aside in favour of placing the responsibility solely on individuals. Because now they know exactly how many calories they eat, miles they walk, and can see how much better their friends are doing. So if they’re still fat, well, it’s all their fault.
2. That it makes people overlook the slow erosion of their privacy: What a great deal of these technological solutions have in common is their use of data, either on an individual basis or in aggregate, in ways that many people do not fully realise or understand. Whilst there has been some public debate about this, such as court cases in Germany over Google Street View, much more slips under the radar. Lending companies, such as Lenddo in Hong Kong, base some of their criteria for giving a loan on the applicant’s social profiles, including who they are friends with. Anecdotally, it can be difficult to rent an apartment in parts of New York without a Facebook profile to prove you’re not the wrong kind of person.

These are just a few examples, and can be seen as the thin end of a wedge. In the future the hidden financial and social costs to not sharing your data, and the amount of your data that is used without your knowledge or consent, is likely to continue to grow. More of society’s problems could be pushed superficially either onto individuals or out to tech and data companies rather than being deeply discussed.

One of the main reasons that these quite serious changes in society are being glossed over is that most people implicitly accept the technological utopianism of companies like Google. They are viewed as somehow benevolent, rather than just a business. A business that does not necessarily want to help you, but wants, first of all, to make money from your data.

23andMe (Photo credit: brendanlim)

I’ve been agonising about whether to send my DNA ‘spit kit’ to 23andMe, a personal genetic testing company (founded by the wife of Google co-founder Sergey Brin). For $99, they will give me information about my ancestry (how much Neanderthal is there in the Trim family?) and help me to learn more about my health. But what are the risks in doing this and am I opening myself up to unwanted scrutiny from third party companies by doing so?

23andMe is an interesting example of the convergence of three trends: quantified-self, Big Data and crowdsourcing.

I track my runs and cycles on RunKeeper and I’ve become sadly addicted to the Heart Rate app – taking pride in how low my heart rate is, even in the most stressful meetings! The quantified-self movement believes that data and metrics helps us perform better. So getting to know more about my health risks could provide vital data for managing my life better in the future. One example cited by 23andMe is that

…one person in five people develops diabetes by the age of 79. Variations in your DNA tested for by 23andMe might raise your risk to one in three, making your lifestyle choices on factors like exercise and weight control even more critical.

But there are questions over how much the tests that 23andMe currently performs can actually tell us beyond what we already know: to eat healthily, give up smoking and exercise regularly. And if you know you are high risk for a particular disease, does that just create unnecessary anxiety for you and your family? That knowledge isn’t going to stop you from developing the disease and the resulting stress may contribute to a whole host of other health-related complications. Finally if I submit this test, will I have to declare this to my health insurance company and will they penalise me if I turn out to be high risk for say breast cancer? The FAQs on the 23andMe website make the answer to this far from clear.

Last year 180,000 people added their DNA samples to the 23andMe database and this year the company is pushing to take that to over 1 million. What has struck me about the early discoveries that the company has made (for example with Parkinson’s disease) is that this is actually one huge crowdsourcing effort. By analysing a ton of Big Genetic Data, we could all contribute to finding new research breakthroughs and potentially make health improvements for millions of people. So I’m going to forget the personal and think more about how my little piece of DNA could help the crowds. It’s the ultimate use of social data and understanding the connections between us to help us design better health care systems.