The biggest fallacy in the online privacy is that there is a difference between "state surveillance" and "commercial surveillance." Bizarrely, it's a fallacy that is widely held by both government snoops and Big Tech snoops. 1/ 
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
pluralistic.net/2022/08/12/reg… 2/
pluralistic.net/2022/08/12/reg… 2/
Many's the time I've spoken to a DC audience about privacy, only to have an audience member say, "I'm OK with Uncle Sam spying on me - after all, I handed every sensitive scrap of personal information to the Office of Personnel Management when I applied for security clearance. 3/
"But I don't want my money going to *Google* - those bastards would sell their mothers out for a nickle."
Meanwhile, in Silicon Valley, I hear, "I don't care if Google has my data - they just want to show me better ads. But the US government? Hell no! 4/
Meanwhile, in Silicon Valley, I hear, "I don't care if Google has my data - they just want to show me better ads. But the US government? Hell no! 4/
"Those govies and their profiteering private contractor pals are all too stupid to get jobs at *real* tech companies and who knows what they're going to do with my data?" 5/
Both groups are gripped by the delusion that state surveillance can be disentangled from commercial surveillance. In a just world, companies would be barred from undertaking mass-scale surveillance for their private gain. 6/
After all, it's a practice that imposes vast risks on the public - humiliation, identity theft, extortion, more - and is only profitable because the companies that create this risk can privatize the benefits of spying and socialize the costs of leaks:
locusmag.com/2018/07/cory-d… 7/
locusmag.com/2018/07/cory-d… 7/
How is it that the government hasn't stepped in to force companies to end the practice of spying? 8/
Worse, how is it that the government *abets* spying - for example, by reinforcing the risible fiction that clicking "I agree" on a meandering, multi-thousand word garbage legalese novella constitutes "consent"?
pluralistic.net/2022/08/10/be-… 9/
pluralistic.net/2022/08/10/be-… 9/
It's because mass state surveillance *depends* on mass commercial surveillance. Remember the @Snowden revelations, how they started with #Prism, a program whereby Big Tech had secretly colluded with the NSA to conduct illegal, mass surveillance?
theguardian.com/world/2013/jun… 10/
theguardian.com/world/2013/jun… 10/
The companies denied it at first, but they changed their tunes - and squealed like stuck pigs - when another NSA program called "Upstream" was revealed. "Upstream" was the NSA's practice of wiretapping the fiber lines between Big Tech's data-centers.
washingtonpost.com/world/national… 11/
washingtonpost.com/world/national… 11/
Prism turned out to be a way to trick the tech giants into thinking that they were in control of the NSA's harvesting of their users' data. 12/
But what was really going on was that the NSA was capturing *everything*, picking out the stuff they wanted, and requesting it via Prism (this is called "parallel construction" and it's used when an agency does not want to reveal its methods to its partners or adversaries). 13/
The NSA *depended* on Big Tech collecting and retaining everything, and it *depended* on the companies recklessly transmitting data between their data-centers without encrypting it. 14/
The NSA is also the agency charged with defending Americans from foreign surveillance, the risk of which *also* increased thanks to Big Tech's overcollection and sloppy storage. 15/
If the NSA took its defensive mission seriously, it would have been screaming its head off, demanding an end to commercial surveillance and hardening of internal communications. Instead, it exploited both. 16/
The public-private surveillance partnership is very old, and it's key to monopolists' strategy. 17/
It took 69 years to break up AT&T, because every time trustbusters came close, America's cops and spies and military would spring into action, insisting that the Bell System was America's "national champion," needed to defend it from foreign enemies. 18/
The Pentagon rescued Ma Bell from breakup in the 50s by claiming that the Korean War couldn't be won without AT&T's help:
onezero.medium.com/jam-to-day-46b… 19/
onezero.medium.com/jam-to-day-46b… 19/
But it's not just powerful federal agencies that rely on commercial surveillance - and who aggressively cape for the tech surveillance industry. Local cops rely on Amazon's Ring doorbells to conduct off-the-books, mass scale street surveillance. 20/
Despite Amazon's repeated false claims, police can do this without Ring owners' knowledge or consent:
politico.com/news/2022/07/1…
Hard to overstate how sleazy this is, even leaving aside the creepy public surveillance part. 21/
politico.com/news/2022/07/1…
Hard to overstate how sleazy this is, even leaving aside the creepy public surveillance part. 21/
Amazon sells you networked surveillance cameras, encourages you to put them inside and outside of your house, promises that you will have control over the footage they capture, then secretly hands it out to cops. 22/
In a just world, Amazon would face stiff penalties for lying to its customers about a matter this sensitive. In our world, nothing happens - because local cops across America go to bat for Amazon every time the issue comes up. 23/
Google deceptively captures your location data. It is effectively impossible to opt out of Google location collection. You have to uncheck a dozen or so boxes in different places. 24/
Even the senior Googlers who ran Google Maps couldn't figure it out - they thought they'd opted out, but hadn't.
pluralistic.net/2021/06/01/you… 25/
pluralistic.net/2021/06/01/you… 25/
In a just world, Google would face stiff penalties for deceiving billions of people who thought they had explicitly told the company *not* to track their location - but in our world, Google is left alone to do so. I mean, of course - why not? 26/
Without Google's mass harvesting and indefinite storage of surveillance data, cops wouldn't be able to use "reverse warrants" to go after Black Lives Matter protesters:
theguardian.com/us-news/2021/s… 27/
theguardian.com/us-news/2021/s… 27/
(If you think that reverse warrants are good because they were used to prosecute the 1/6 insurrectionists, please consider that the vast majority of reverse warrants are used against progressive protesters). 28/
Facebook deceptively captures your personal communications. You may think your private messages are private, but actually Facebook collects this data and retains it forever. In a just world, Facebook would be punished for this. 29/
In our world, Facebook turns over teens' private chats about procuring a medication abortion to cops seeking to charge an underaged girl as an adult with multiple felonies:
vice.com/en/article/n7z… 30/
vice.com/en/article/n7z… 30/
Republicans talk a big game about tech companies being too powerful - but they mean that tech companies shouldn't be able to do content moderation.
eff.org/deeplinks/2021… 31/
eff.org/deeplinks/2021… 31/
They *don't* mean that tech companies should stop collaborating with latter-day Witchfinders General in their hunt for formerly pregnant children to imprison on behalf of the forced birth movement. 32/
A federal privacy bill has been working its way through Congress all year, but it keeps getting watered down to the point of uselessness - or worse, because the bill will preempt *good* state privacy laws and replace them with a weak federal rule. 33/
But that might be moot, because I hear there's no chance of the bill passing.
This isn't regulatory capture - it's *legislative* capture. 34/
This isn't regulatory capture - it's *legislative* capture. 34/
Congress and the Senate are thoroughly dependent on the big tech companies, as well as other surveillance giants like the credit reporting bureaux and the military contractors who build and maintain government surveillance systems.
doctorow.medium.com/regulatory-cap… 35/
doctorow.medium.com/regulatory-cap… 35/
All that should piss you off. But here's good news. *Great* news. When it comes to digital surveillance, the US no longer has a regulatory capture problem, because personnel are policy, and the brilliant, fearless @linakhanFTC is running the @FTC.
pluralistic.net/2022/05/09/res… 36/
pluralistic.net/2022/05/09/res… 36/
Khan rose to prominence just five years ago, when, as a law student, she published the earth-shaking law review article "Amazon's Antitrust Paradox." 37/
Khan, then a student, demolished 40 years of right-wing orthodoxy that insisted that monopolies were efficient and beneficial and should be *encouraged* by governments:
yalelawjournal.org/note/amazons-a… 38/
yalelawjournal.org/note/amazons-a… 38/
Today, she is chair of the FTC, and she's taking no prisoners. Instead, she's instituting new stringent merger guidelines, aggressively pursuing monopolies, and proposing sweeping new regulation that would allow the FTC to step in on privacy where Congress has failed us. 39/
The FTC's just given notice of a future rulemaking on digital privacy, called the "Commercial Surveillance and Data Security Rulemaking":
ftc.gov/legal-library/… 40/
ftc.gov/legal-library/… 40/
They want to hear from you on a series of hard-hitting questions, including
* Are there some harms that consumers may not easily discern or identify? Which are they?
* How should the Commission identify and evaluate these commercial surveillance harms or potential harms? 41/
* Are there some harms that consumers may not easily discern or identify? Which are they?
* How should the Commission identify and evaluate these commercial surveillance harms or potential harms? 41/
* On which evidence or measures should the Commission rely to substantiate its claims of harm or risk of harm?
* Which areas or kinds of harm, if any, has the Commission failed to address through its enforcement actions? 42/
* Which areas or kinds of harm, if any, has the Commission failed to address through its enforcement actions? 42/
* Has the Commission adequately addressed indirect pecuniary harms, including potential physical harms, psychological harms, reputational injuries, and unwanted intrusions?
* Which kinds of data should be subject to a potential trade regulation rule? 43/
* Which kinds of data should be subject to a potential trade regulation rule? 43/
* Which, if any, commercial incentives and business models lead to lax data security measures or harmful commercial surveillance practices? Are some commercial incentives and business models more likely to protect consumers than others? 44/
* How, if at all, should potential new trade regulation rules address harms to different consumers across different sectors? 45/
* Which commercial surveillance practices, if any, are unlawful such that new trade regulation rules should set out clear limitations or prohibitions on them? To what extent, if any, is a comprehensive regulatory approach better than a sectoral one for any given harm? 46/
As @ThomasClaburn writes for @TheRegister, "the agency's decision to use the word 'surveillance' rather than a euphemism like 'data gathering' or 'personalization' suggests the FTC is already inclined to change the status quo."
theregister.com/2022/08/11/ftc… 47/
theregister.com/2022/08/11/ftc… 47/
You know the Supreme Court's ruling in *West Virginia v EPA*, where Trump's illegitimate judges used their stolen seats to say that the EPA was not allowed to take action on climate change unless Congress specifically mandated them to do so?
npr.org/2022/06/30/110… 48/
npr.org/2022/06/30/110… 48/
Commentators have focused - rightly - on the environmental consequences of this decision. As Justice Kagan wrote in her dissent: "The subject matter of the regulation here makes the Court’s intervention all the more troubling. 49/
"Whatever else this Court may know about, it does not have a clue about how to address climate change. And let’s say the obvious: The stakes here are high. Yet the Court today prevents congressionally authorized agency action to curb power plants’ carbon dioxide emissions. 50/
"The Court appoints itself—instead of Congress or the expert agency—the decision-maker on climate policy. I cannot think of many things more frightening. Respectfully, I dissent."
But the impact of this decision goes much farther. 51/
But the impact of this decision goes much farther. 51/
Expect the commercial surveillance industry to go after Khan and the FTC here, arguing that since the Federal Trade Commission Act of 1914 didn't mention the possibility of mass internet surveillance, the FTC can't do anything about it. 52/
By that reasoning, of course, the FTC should limit itself to policing the business practices of 1914 and previous. Look forward to a future Republican FTC chair opening an investigation into the build-quality of the Packard Six Phaeton. 53/
The fusion of commercial and state surveillance is baked into the companies' business models, which rely on the state's dependence on commercial surveillance data, which, in turn, makes the state unwilling to regulate commercial surveillance. 54/
As my @EFF colleague @cmcsherr said, "The best way to protect your users is to minimize the data you collect, delete what you do collect whenever possible, and encrypt private messages end-to-end as a default. Don't build it, don't keep it, and the cops won't come for it." 55/
The corollary: if you build it, if you keep it, the cops will defend your right to do so. Chairperson Khan needs all our support. We need to flood that docket - and our reps' ears - with rejections of commercial surveillance. 56/
Because there is no mass state surveillance without mass commercial surveillance - and vice-versa. 57/
Image:
Cryteria (modified)
commons.wikimedia.org/wiki/File:HAL9…
CC BY 3.0:
creativecommons.org/licenses/by/3.… 58/
Cryteria (modified)
commons.wikimedia.org/wiki/File:HAL9…
CC BY 3.0:
creativecommons.org/licenses/by/3.… 58/
• • •
Missing some Tweet in this thread? You can try to
force a refresh
