Cory Doctorow @pluralistic@mamot.fr Profile picture
Apr 21, 2021 16 tweets 5 min read Read on X
"Wanting it badly is not enough" could be the title of a postmortem on the century's tech-policy battles. Think of the crypto wars: yeah, it would be super cool if we had ciphers that worked perfectly except when "bad guys" used them, but that's not ever going to happen.

1/ A haystack with a magnifica...
Another area is anonymization of large data-sets. There are undeniably cool implications for a system that allows us to gather and analyze lots of data on how people interact with each other and their environments without compromising their privacy.

2/
But "cool" isn't the same as "possible" because wanting it badly is not enough. In the mid-2010s, privacy legislation started to gain real momentum, and privacy regulators found themselves called upon to craft compromises to pass important new privacy laws.

3/
Those compromises took the form of "anonymized data" carve-outs, leading to the passage of laws like the #GDPR, which strictly regulated processing "personally identifying information" but was a virtual free-for-all for "de-identified" data that had been "anonymized."

4/
There was just one teensy problem with this compromise: de-identifying data is REALLY hard, and it only gets harder over time. Say the NHS releases prescribing data: date, doctor, prescription, and a random identifier. That's a super-useful data-set for medical research.

5/
And say the next year, Addison-Lee or another large minicab company suffers a breach (no human language contains the phrase "as secure as minicab IT") that contains many of the patients' journeys that resulted in that prescription-writing.

6/
Merge those two data-sets and you re-identify many of the patients in the data. Subsequent releases and breaches compound the problem, and there's nothing the NHS can do to either predict or prevent a breach by a minicab company.

7/
Even if the NHS is confident in its anonymization, it can never be confident in the sturdiness of that anonymity over time.

Worse: the NHS really CAN'T be confident in its anonymization. Time and again, academics have shown that anonymized data from the start.

8/
Re-identification attacks are subtle, varied, and very, very hard to defend against:

cs.princeton.edu/~arvindn/publi…

Worse, they're highly automatable:

nature.com/articles/s4146…

And it's true in practice as well as in theory:

nytimes.com/interactive/20…

9/
When this pointed out to the (admittedly hard-working and torn) privacy regulators, they largely shrugged their shoulders and expressed a groundless faith that somehow this would be fixed in the future. Privacy should not be a faith-based initiative.

memex.craphound.com/2014/07/09/big…

10/
Today, we continue to see the planned releases of large datasets with assurances that they have been anonymized. It's common for terms of service to include your "consent" to have your data shared once it has been de-identified. This is a meaningless proposition.

11/
To show just how easy re-identification can be, researchers at Imperial College and the Université catholique de Louvain have released The Observatory of Anonymity, a web-app that shows you how easily you can be identified in a data-set.

cpg.doc.ic.ac.uk/observatory/

12/
Feed the app your country and region, birthdate, gender, employment and education status and it tells you how many people share those characteristics. For example, my identifiers boil down to a 1-in-3 chance of being identified.

13/
(Don't worry: all these calculations are done in your browser and the Observatory doesn't send any of your data to a server)

If anything, The Observatory is generous to anonymization proponents. "Anonymized" data often include identifiers like the first half of a post-code.

14/
You can read more about The Observatory's methods in the accompanying @nature paper, "Estimating the success of re-identifications in incomplete datasets using generative models."

nature.com/articles/s4146…

eof/
ETA - If you'd like an unrolled version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

pluralistic.net/2021/04/21/re-…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Cory Doctorow @pluralistic@mamot.fr

Cory Doctorow @pluralistic@mamot.fr Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @doctorow

Mar 26
"Enshittification" isn't just a way of describing the *symptoms* of platform decay: it's also a theory of the *mechanism* of decay - the means by which platforms get shittier and shittier until they are a giant pile of shit.

1/  comic-book panel illustrating the final stage of the shell game, in which the con artist lifts the shell to reveal nothing beneath it. I have inserted a banana, making it appear as though that was what was hidden under the shell. The background of the panel has been altered to insert the 'code waterfall' effect from the Wachowskis' Matrix movies. The code waterfall fades out halfway down the image.
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on , my surveillance-free, ad-free, tracker-free blog:



2/pluralistic.net
pluralistic.net/2024/03/26/gli…
I call that mechanism "twiddling": this is the ability of digital services to alter their business-logic - the prices they charge, the payouts they offer, the particulars of the deal - from instant to instant, for each user, continuously:



3/pluralistic.net/2023/02/19/twi…
Read 44 tweets
Mar 25
Last year, Ed Pierson was supposed to fly from Seattle to New Jersey on Alaska Airlines. He boarded his flight.

1/ A grand paneled hearing room, seen from the back of the room, looking at a dais over the heads of an audience of smartly turned out, attentive people. On the dais itself is a gargantuan, badly damaged cardboard box bearing a FRAGILE sticker. The saturation of the audience has been tuned down, while the saturation of the box has been cranked up.   Image: Nuclear Regulatory Commission (modified) https://www.flickr.com/photos/nrcgov/15993154185/  meanwell-packaging.co.uk https://www.flickr.com/photos/195311218@N08/52159853896  CC BY 2.0 https://creativecommons.org/licenses/by/2.0/
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on , my surveillance-free, ad-free, tracker-free blog:



2/pluralistic.net
pluralistic.net/2024/03/25/bla…
But then he had an urgent discussion with the flight attendant, explaining that as a former senior Boeing engineer, he'd specifically requested that flight because the aircraft wasn't a 737 Max:



3/cnn.com/travel/boeing-…
Read 110 tweets
Mar 22
The foundational tenet of "the Cult of Mac" is that buying products from a $3t company makes you a member of an oppressed ethnic minority and therefore every criticism of that corporation is an ethnic slur:



1/ pluralistic.net/2024/01/12/you…
An early 20th century trustbusting cartoon from Punch depicting the Standard Oil company as a world-girding, fanged octopus, its tentacles gripping the US Capitol, a generic statehouse, the White House, and a cluster of screaming, tuxedoed politicians. The Apple 'Think Different' wordmark has been placed in the background above the octopus. The top of the octopus's head bears an original Apple '6-color' logo.
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on , my surveillance-free, ad-free, tracker-free blog:



2/pluralistic.net
pluralistic.net/2024/03/22/rea…
Call it "Apple exceptionalism" - the idea that Apple, alone among the Big Tech firms, is virtuous, and therefore its conduct should be interpreted through that lens of virtue.

3/
Read 73 tweets
Mar 21
The news that Gen Z users have abandoned Tiktok in such numbers that the median Tiktoker is a Millennial (or someone even older) prompted commentators to dunk on Tiktok as uncool by dint of having lost its youthful sheen:



1/ garbageday.email/p/tiktok-mille…
A scythe-wielding, crook-backed Father Time bends low to stare into the face of a cherubic Baby New Year. Father Time wears a backwards baseball-cap with the Tiktok logo. Baby New Year is waving goodbye and holding a satchel decorated with the 'code waterfall' from the credit sequences of the Wachowskis' 'Matrix' movies. The background is a stormy sky, with a forked lightning striking between the two figures.
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on , my surveillance-free, ad-free, tracker-free blog:



2/pluralistic.net
pluralistic.net/2024/03/21/inv…
But "why are Gen Z kids leaving Tiktok?" is the wrong question. The right question is, why *aren't* Millennials leaving Tiktok?

3/
Read 82 tweets
Mar 14
A key requirement for being a science fiction writer without losing your mind is the ability to distinguish between science fiction (futuristic thought experiments) and *predictions*. SF writers who lack this trait come to fancy themselves fortune-tellers who SEE! THE! FUTURE!

1 A Mobius strip made of shiny metal posed on a 'code waterfall' background as seen in the credit sequences of the Wachowskis' 'Matrix' movies.   Image: Plamenart (modified) https://commons.wikimedia.org/wiki/File:Double_Mobius_Strip.JPG  CC BY-SA 4.0 https://creativecommons.org/licenses/by-sa/4.0/deed.en
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on , my surveillance-free, ad-free, tracker-free blog:



2/pluralistic.net
pluralistic.net/2024/03/14/14/…
The thing is, sf writers cheat. We palm cards in order to set up pulp adventure stories that let us indulge our thought experiments. These palmed cards - say, faster-than-light drives or time-machines - are *narrative devices*, not scientifically grounded proposals.

3/
Read 28 tweets
Mar 13
Bruce Schneier coined the term "feudal security" to describe Big Tech's offer: "move into my fortress - lock yourself into my technology - and I will keep you safe from all the marauders roaming the land":



1/ pluralistic.net/2023/02/05/bat…
A fortress with a drawbridge. On the drawbridge stands a beckoning military figure with a demon's head. Through the portcullis gate we see a mousetrap against a backdrop of books.   Image: Skelanard (modified) https://commons.wikimedia.org/wiki/File:Entrance_to_the_Belgrade_Fortress.jpg  CC BY-SA 4.0 https://creativecommons.org/licenses/by-sa/4.0/deed.en
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on , my surveillance-free, ad-free, tracker-free blog:



2/pluralistic.net
pluralistic.net/2024/03/13/hey…
But here's the thing about trusting a warlord when he tells you that the fortress's walls are there to keep the bad guys *out*: those walls also keep you *in*.

3/
Read 53 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(