LePartisan.info À propos Podcasts Fil web
Flux grenoblois
Fr3 Alpes Fr.Bleu Isère Infos épinglées Agendas Ressources Assos Webcams
Écologie Blogs Revues Médias
Pluralistic: Daily links from Cory Doctorow
Souscrire à ce FLUX

PLURALISTIC

Cory DOCTOROW

Science fiction author, activist and journalist.

▸ les 10 dernières parutions

26.07.2024 à 20:33

Pluralistic: Fintech bullies stole your kid's lunch money (26 Jul 2024)

Cory Doctorow

Texte intégral (3913 mots)


Today's links


On the left, a boxer in trunks, fists raised. His head has been replaced with the staring eye of HAL 9000 from Kubrick's '2001: A Space Odyssey.' He wears a top hat. On the right, a squinting child in 19th century ragamuffin garb. Behind the boxer, a cascade of gold coins pours out of a giant sack. Beside the kid, a piggy bank. They stand in a school playground with a tumbledown tenement behind it.

Fintech bullies stole your kid's lunch money (permalink)

Three companies control the market for school lunch payments. They take as much as 60 cents out of every dollar poor kids' parents put into the system to the tune of $100m/year. They're literally stealing poor kids' lunch money.

In its latest report, the Consumer Finance Protection Bureau describes this scam in eye-watering, blood-boiling detail:

https://files.consumerfinance.gov/f/documents/cfpb_costs-of-electronic-payment-in-k-12-schools-issue-spotlight_2024-07.pdf

The report samples 16.7m K-12 students in 25k schools. It finds that schools are racing to go cashless, with 87% contracting with payment processors to handle cafeteria transactions. Three processors dominate the sector: Myschoolbucks, Schoolcafé, and Linq Connect.

These aren't credit card processors (most students don't have credit cards). Instead, they let kids set up an account, like a prison commissary account, that their families load up with cash. And, as with prison commissary accounts, every time a loved one adds cash to the account, the processor takes a giant whack out of them with junk fees:

https://pluralistic.net/2024/02/14/minnesota-nice/#shitty-technology-adoption-curve

If you're the parent of a kid who is eligible for a reduced-price lunch (that is, if you are poor), then about 60% of the money you put into your kid's account is gobbled up by these payment processors in service charges.

It's expensive to be poor, and this is no exception. If your kid doesn't qualify for the lunch subsidy, you're only paying about 8% in service charges (which is still triple the rate charged by credit card companies for payment processing).

The disparity is down to how these charges are calculated. The payment processors charge a flat fee for every top-up, and poor families can't afford to minimize these fees by making a single payment at the start of the year or semester. Instead, they pay small sums every payday, meaning they pay the fee twice per month (or even more frequently).

Not only is the sector concentrated into three companies, neither school districts nor parents have any meaningful way to shop around. For school districts, payment processing is usually bundled in with other school services, like student data management and HR data handling. For parents, there's no way to choose a different payment processor – you have to go with the one the school district has chosen.

This is all illegal. The USDA – which provides and regulates – the reduced cost lunch program, bans schools from charging fees to receive its meals. Under USDA regs, schools must allow kids to pay cash, or to top up their accounts with cash at the school, without any fees. The USDA has repeatedly (2014, 2017) published these rules.

Despite this, many schools refuse to handle cash, citing safety and security, and even when schools do accept cash or checks, they often fail to advertise this fact.

The USDA also requires schools to publish the fees charged by processors, but most of the districts in the study violate this requirement. Where schools do publish fees, we see a per-transaction charge of up to $3.25 for an ACH transfer that costs $0.26-0.50, or 4.58% for a debit/credit-card transaction that costs 1.5%. On top of this, many payment processors charge a one-time fee to enroll a student in the program and "convenience fees" to transfer funds between siblings' accounts. They also set maximum fees that make it hard to avoid paying multiple charges through the year.

These are classic junk fees. As Matt Stoller puts it: "'Convenience fees' that aren't convenient and 'service fees' without any service." Another way in which these fit the definition of junk fees: they are calculated at the end of the transaction, and not advertised up front.

Like all junk fee companies, school payment processors make it extremely hard to cancel an automatic recurring payment, and have innumerable hurdles to getting a refund, which takes an age to arrive.

Now, there are many agencies that could have compiled this report (the USDA, for one), and it could just as easily have come from an academic or a journalist. But it didn't – it came from the CFPB, and that matters, because the CFPB has the means, motive and opportunity to do something about this.

The CFPB has emerged as a powerhouse of a regulator, doing things that materially and profoundly benefit average Americans. During the lockdowns, they were the ones who took on scumbag landlords who violated the ban on evictions:

https://pluralistic.net/2021/04/20/euthanize-rentier-enablers/#cfpb

They went after "Earned Wage Access" programs where your boss colludes with payday lenders to trap you in debt at 300% APR:

https://pluralistic.net/2023/05/01/usury/#tech-exceptionalism

They are forcing the banks to let you move your account (along with all your payment history, stored payees, automatic payments, etc) with one click – and they're standing up a site that will analyze your account data and tell you which bank will give you the best deal:

https://pluralistic.net/2023/10/21/let-my-dollars-go/#personal-financial-data-rights

They're going after "buy now, pay later" companies that flout borrower protection rules, making a rogues' gallery of repeat corporate criminals, banning fine-print gotcha clauses, and they're doing it all in the wake of a 7-2 Supreme Court decision that affirmed their power to do so:

https://pluralistic.net/2024/06/10/getting-things-done/#deliverism

The CFPB can – and will – do something to protect America's poorest parents from having $100m of their kids' lunch money stolen by three giant fintech companies. But whether they'll continue to do so under a Kamala Harris administration is an open question. While Harris has repeatedly talked up the ways that Biden's CFPB, the DOJ Antitrust Division, and FTC have gone after corporate abuses, some of her largest donors are demanding that her administration fire the heads of these agencies and crush their agenda:

https://prospect.org/power/2024-07-26-corporate-wishcasting-attack-lina-khan/

Tens of millions of dollars have been donated to Harris' campaign and PACs that support her by billionaires like Reid Hoffman, who says that FTC Chair Lina Khan is "waging war on American business":

https://prospect.org/power/2024-07-26-corporate-wishcasting-attack-lina-khan/

Some of the richest Democrat donors told the Financial Times that their donations were contingent on Harris firing Khan and that they'd been assured this would happen:

https://archive.is/k7tUY

This would be a disaster – for America, and for Harris's election prospects – and one hopes that Harris and her advisors know it. Writing in his "How Things Work" newsletter today, Hamilton Nolan makes the case that labor unions should publicly declare that they support the FTC, the CFPB and the DOJ's antitrust efforts:

https://www.hamiltonnolan.com/p/unions-and-antitrust-are-peanut-butter

Don’t want huge companies and their idiot billionaire bosses to run the world? Break them up, and unionize them. It’s the best program we have.

Perhaps you've heard that antitrust is anti-worker. It's true that antitrust law has been used to attack labor organizing, but that has always been in spite of the letter of the law. Indeed, the legislative history of US antitrust law is Congress repeatedly passing law after law explaining that antitrust "aims at dollars, not men":

https://pluralistic.net/2023/04/14/aiming-at-dollars/#not-men

The Democrats need to be more than The Party of Not Trump. To succeed – as a party and as a force for a future for Americans – they have to be the party that defends us – workers, parents, kids and retirees alike – from corporate predation.

(Image: Cryteria, CC BY 3.0, modified)

Hey look at this (permalink)


A Wayback Machine banner.

This day in history (permalink)

#20yrsago Woody Guthrie’s copyright used to defile his memory in lawsuit threat https://www.eff.org/deeplinks/2004/07/land-isnt-your-land

#15yrsago New Adrian Mole diary is dark, hopeless and hilarious https://memex.craphound.com/2009/07/26/new-adrian-mole-diary-is-dark-hopeless-and-hilarious/

#5yrsago Claiming your $125 from Equifax is a “moral duty” https://slate.com/technology/2019/07/equifax-settlement-money-how-to-claim.html

#5yrsago Make the internet better by empowering users, not by demanding that platforms implement automated filters https://www.eff.org/deeplinks/2019/07/key-safety-online-user-empowerment-not-censorship

#5yrsago The Airbus 350 needs a hard reboot every 149 hours https://www.theregister.com/2019/07/25/a350_power_cycle_software_bug_149_hours/

#5yrsago Amazon struck secret deals with local cops to get them to push surveillance-camera doorbells https://www.vice.com/en/article/mb88za/amazon-requires-police-to-shill-surveillance-cameras-in-secret-agreement

#5yrsago Siemens contractor hid “logic bomb” in complicated spreadsheet, guaranteeing future maintenance work https://www.zdnet.com/article/siemens-contractor-pleads-guilty-to-planting-logic-bomb-in-company-spreadsheets/

#5yrsago Activist blacksmith teaches gun violence survivors to melt down guns and turn them into farm implements https://billypenn.com/2019/07/25/using-fire-and-force-this-philly-author-turns-guns-into-garden-tools/

#5yrsago Grifty conservative PACs raised millions pushing racist Obama conspiracies to elderly, low-income supporters, then kept almost all of it https://www.propublica.org/article/conservative-majority-fund-political-fundraising-pac-kelley-rogers

#1yrago The surprising truth about data-driven dictatorships https://pluralistic.net/2023/07/26/dictators-dilemma/#garbage-in-garbage-out-garbage-back-in

Upcoming appearances (permalink)

A photo of me onstage, giving a speech, holding a mic.


A screenshot of me at my desk, doing a livecast.

Recent appearances (permalink)


A grid of my books with Will Stahle covers..

Latest books (permalink)


A cardboard book box with the Macmillan logo.

Upcoming books (permalink)

  • Picks and Shovels: a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books, February 2025

  • Unauthorized Bread: a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2025


Colophon (permalink)

Today's top sources: David Dayen (https://prospect.org/).

Currently writing:

  • Enshittification: a nonfiction book about platform decay. Today's progress: 764 words (27508 words total).

  • A Little Brother short story about DIY insulin PLANNING

  • Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. FORTHCOMING TOR BOOKS JAN 2025

  • Vigilant, Little Brother short story about remote invigilation. FORTHCOMING ON TOR.COM

  • Spill, a Little Brother short story about pipeline protests. FORTHCOMING ON TOR.COM

Latest podcast: The reason you can't buy a car is the same reason that your health insurer let hackers dox you https://craphound.com/news/2024/06/30/the-reason-you-cant-buy-a-car-is-the-same-reason-that-your-health-insurer-let-hackers-dox-you/

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Medium (no ads, paywalled):

https://doctorow.medium.com/

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

25.07.2024 à 18:57

Pluralistic: AI's productivity theater (25 Jul 2024)

Cory Doctorow

Texte intégral (5192 mots)


Today's links


A medieval tapestry depicting an overseer gesturing imperiously with his stick at three bent peasants who are grubbing in a field. The image has been altered. Contrasts and colors have been pushed into psychedelic pinks, greens and blues. Part of the tapestry fades into a 'code waterfall' effect as seen in the credit sequences of the Wachowskis' 'Matrix' movies. The overseer's head has been replaced with the hostile red eye of HAL 9000 from Kubrick's '2001: A Space Odyssey.'

AI's productivity theater (permalink)

When I took my kid to New Zealand with me on a book-tour, I was delighted to learn that grocery stores had special aisles where all the kids'-eye-level candy had been removed, to minimize nagging. What a great idea!

Related: countries around the world limit advertising to children, for two reasons:

1) Kids may not be stupid, but they are inexperienced, and that makes them gullible; and

2) Kids don't have money of their own, so their path to getting the stuff they see in ads is nagging their parents, which creates a natural constituency to support limits on kids' advertising (nagged parents).

There's something especially annoying about ads targeted at getting credulous people to coerce or torment other people on behalf of the advertiser. For example, AI companies spent millions targeting your boss in an effort to convince them that you can be replaced with a chatbot that absolutely, positively cannot do your job.

Your boss has no idea what your job entails, and is (not so) secretly convinced that you're a featherbedding parasite who only shows up for work because you fear the breadline, and not because your job is a) challenging, or b) rewarding:

https://pluralistic.net/2024/04/19/make-them-afraid/#fear-is-their-mind-killer

That makes them prime marks for chatbot-peddling AI pitchmen. Your boss would love to fire you and replace you with a chatbot. Chatbots don't unionize, they don't backtalk about stupid orders, and they don't experience any inconvenient moral injury when ordered to enshittify the product:

https://pluralistic.net/2023/11/25/moral-injury/#enshittification

Bosses are Bizarro-world Marxists. Like Marxists, your boss's worldview is organized around the principle that every dollar you take home in wages is a dollar that isn't available for executive bonuses, stock buybacks or dividends. That's why you boss is insatiably horny for firing you and replacing you with software. Software is cheaper, and it doesn't advocate for higher wages.

That makes your boss such an easy mark for AI pitchmen, which explains the vast gap between the valuation of AI companies and the utility of AI to the customers that buy those companies' products. As an investor, buying shares in AI might represent a bet the usefulness of AI – but for many of those investors, backing an AI company is actually a bet on your boss's credulity and contempt for you and your job.

But bosses' resemblance to toddlers doesn't end with their credulity. A toddler's path to getting that eye-height candy-bar goes through their exhausted parents. Your boss's path to realizing the productivity gains promised by an AI salesman runs through you.

A new research report from the Upwork Research Institute offers a look into the bizarre situation unfolding in workplaces where bosses have been conned into buying AI and now face the challenge of getting it to work as advertised:

https://www.upwork.com/research/ai-enhanced-work-models

The headline findings tell the whole story:

  • 96% of bosses expect that AI will make their workers more productive;

  • 85% of companies are either requiring or strongly encouraging workers to use AI;

  • 49% of workers have no idea how AI is supposed to increase their productivity;

  • 77% of workers say using AI decreases their productivity.

Working at an AI-equipped workplaces is like being the parent of a furious toddler who has bought a million Sea Monkey farms off the back page of a comic book, and is now destroying your life with demands that you figure out how to get the brine shrimp he ordered from a notorious Holocaust denier to wear little crowns like they do in the ad:

https://www.splcenter.org/fighting-hate/intelligence-report/2004/hitler-and-sea-monkeys

Bosses spend a lot of time thinking about your productivity. The "productivity paradox" shows a rapid, persistent decline in American worker productivity, starting in the 1970s and continuing to this day:

https://en.wikipedia.org/wiki/Productivity_paradox

The "paradox" refers to the growth of IT, which is sold as a productivity-increasing miracle. There are many theories to explain this paradox. One especially good theory came from the late David Graeber (rest in power), in his 2012 essay, "Of Flying Cars and the Declining Rate of Profit":

https://thebaffler.com/salvos/of-flying-cars-and-the-declining-rate-of-profit

Graeber proposes that the growth of IT was part of a wider shift in research approaches. Research was once dominated by weirdos (e.g. Jack Parsons, Oppenheimer, etc) who operated with relatively little red tape. The rise of IT coincides with the rise of "managerialism," the McKinseyoid drive to monitor, quantify and – above all – discipline the workforce. IT made it easier to generate these records, which also made it normal to expect these records.

Before long, every employee – including the "creatives" whose ideas were credited with the productivity gains of the American century until the 70s – was spending a huge amount of time (sometimes the majority of their working days) filling in forms, documenting their work, and generally producing a legible account of their day's work. All this data gave rise to a ballooning class of managers, who colonized every kind of institution – not just corporations, but also universities and government agencies, which were structured to resemble corporations (down to referring to voters or students as "customers").

Even if you think all that record-keeping might be useful, there's no denying that the more time you spend documenting your work, the less time you have to do your work. The solution to this was inevitably more IT, sold as a way to make the record-keeping easier. But adding IT to a bureaucracy is like adding lanes to a highway: the easier it is to demand fine-grained record-keeping, the more record-keeping will be demanded of you.

But that's not all that IT did for the workplace. There are a couple areas in which IT absolutely increased the profitability of the companies that invested in it.

First, IT allowed corporations to outsource production to low-waged countries in the global south, usually places with worse labor protection, weaker environmental laws, and easily bribed regulators. It's really hard to produce things in factories thousands of miles away, or to oversee remote workers in another country. But IT makes it possible to annihilate distance, time zone gaps, and language barriers. Corporations that figured out how to use IT to fire workers at home and exploit workers and despoil the environment in distant lands thrived. Executives who oversaw these projects rose through the ranks. For example, Tim Cook became the CEO of Apple thanks to his successes in moving production out of the USA and into China.

https://archive.is/M17qq

Outsourcing provided a sugar high that compensated for declining productivity…for a while. But eventually, all the gains to be had from outsourcing were realized, and companies needed a new source of cheap gains. That's where "bossware" came in: the automation of workforce monitoring and discipline. Bossware made it possible to monitor workers at the finest-grained levels, measuring everything from keystrokes to eyeball movements.

What's more, the declining power of the American worker – a nice bonus of the project to fire huge numbers of workers and ship their jobs overseas, which made the remainder terrified of losing their jobs and thus willing to eat a rasher of shit and ask for seconds – meant that bossware could be used to tie wages to metrics. It's not just gig workers who don't score consistent five star ratings from app users whose pay gets docked – it's also creative workers whose Youtube and Tiktok wages are cut for violating rules that they aren't allowed to know, because that might help them break the rules without being detected and punished:

https://pluralistic.net/2024/01/13/solidarity-forever/#tech-unions

Bossware dominates workplaces from public schools to hospitals, restaurants to call centers, and extends to your home and car, if you're working from home (AKA "living at work") or driving for Uber or Amazon:

https://pluralistic.net/2020/10/02/chickenized-by-arise/#arise

In providing a pretense for stealing wages, IT can increase profits, even as it reduces productivity:

https://pluralistic.net/2024/01/11/robots-stole-my-jerb/#computer-says-no

One way to think about how this works is through the automation-theory metaphor of a "centaur" and a "reverse centaur." In automation circles, a "centaur" is someone who is assisted by an automation tool – for example, when your boss uses AI to monitor your eyeballs in order to find excuses to steal your wages, they are a centaur, a human head atop a machine body that does all the hard work, far in excess of any human's capacity.

A "reverse centaur" is a worker who acts as an assistant to an automation system. The worker who is ridden by an AI that monitors their eyeballs, bathroom breaks, and keystrokes is a reverse centaur, being used (and eventually, used up) by a machine to perform the tasks that the machine can't perform unassisted:

https://pluralistic.net/2023/04/12/algorithmic-wage-discrimination/#fishers-of-men

But there's only so much work you can squeeze out of a human in this fashion before they are ruined for the job. Amazon's internal research reveals that the company has calculated that it ruins workers so quickly that it is in danger of using up every able-bodied worker in America:

https://www.vox.com/recode/23170900/leaked-amazon-memo-warehouses-hiring-shortage

Which explains the other major findings from the Upwork study:

  • 81% of bosses have increased the demands they make on their workers over the past year; and

  • 71% of workers are "burned out."

Bosses' answer to "AI making workers feel burned out" is the same as "IT-driven form-filling makes workers unproductive" – do more of the same, but go harder. Cisco has a new product that tries to detect when workers are about to snap after absorbing abuse from furious customers and then gives them a "Zen" moment in which they are showed a "soothing" photo of their family:

https://finance.yahoo.com/news/ai-bringing-zen-first-horizons-192010166.html

This is just the latest in a series of increasingly sweaty and cruel "workplace wellness" technologies that spy on workers and try to help them "manage their stress," all of which have the (totally predictable) effect of increasing workplace stress:

https://pluralistic.net/2024/03/15/wellness-taylorism/#sick-of-spying

The only person who wouldn't predict that being closely monitored by an AI that snitches on you to your boss would increase your stress levels is your boss. Unfortunately for you, AI pitchmen know this, too, and they're more than happy to sell your boss the reverse-centaur automation tool that makes you want to die, and then sell your boss another automation tool that is supposed to restore your will to live.

The "productivity paradox" is being resolved before our eyes. American per-worker productivity fell because it was more profitable to ship American jobs to regulatory free-fire zones and exploit the resulting precarity to abuse the workers left onshore. Workers who resented this arrangement were condemned for having a shitty "work ethic" – even as the number of hours worked by the average US worker rose by 13% between 1976 and 2016:

https://pluralistic.net/2024/01/11/robots-stole-my-jerb/#computer-says-no

AI is just a successor gimmick at the terminal end of 40 years of increasing profits by taking them out of workers' hides rather than improving efficiency. That arrangement didn't come out of nowhere: it was a direct result of a Reagan-era theory of corporate power called "consumer welfare." Under the "consumer welfare" approach to antitrust, monopolies were encouraged, provided that they used their market power to lower wages and screw suppliers, while lowering costs to consumers.

"Consumer welfare" supposed that we could somehow separate our identities as "workers" from our identities as "shoppers" – that our stagnating wages and worsening conditions ceased mattering to us when we clocked out at 5PM (or, you know, 9PM) and bought a $0.99 Meal Deal at McDonald's whose low, low price was only possible because it was cooked by someone sleeping in their car and collecting food-stamps.

https://www.theguardian.com/us-news/article/2024/jul/20/disneyland-workers-anaheim-california-authorize-strike

But we're reaching the end of the road for consumer welfare. Sure, your toddler-boss can be tricked into buying AI and firing half of your co-workers and demanding that the remainder use AI to do their jobs. But if AI can't do their jobs (it can't), no amount of demanding that you figure out how to make the Sea Monkeys act like they did in the comic-book ad is doing to make that work.

As screwing workers and suppliers produces fewer and fewer gains, companies are increasingly turning on their customers. It's not just that you're getting worse service from chatbots or the humans who are reverse-centaured into their workflow. You're also paying more for that, as algorithmic surveillance pricing uses automation to gouge you on prices in realtime:

https://pluralistic.net/2024/07/24/gouging-the-all-seeing-eye/#i-spy

This is – in the memorable phrase of David Dayen and Lindsay Owens, the "age of recoupment," in which companies end their practice of splitting the gains from suppressing labor with their customers:

https://prospect.org/economy/2024-06-03-age-of-recoupment/

It's a bet that the tolerance for monopolies made these companies too big to fail, and that means they're too big to jail, so they can cheat their customers as well as their workers.

AI may be a bet that your boss can be suckered into buying a chatbot that can't do your job, but investors are souring on that bet. Goldman Sachs, who once trumpeted AI as a multi-trillion dollar sector with unlimited growth, is now publishing reports describing how companies who buy AI can't figure out what to do with it:

https://www.goldmansachs.com/intelligence/pages/gs-research/gen-ai-too-much-spend-too-little-benefit/report.pdf

Fine, investment banks are supposed to be a little conservative. But VCs? They're the ones with all the appetite for risk, right? Well, maybe so, but Sequoia Capital, a top-tier Silicon Valley VC, is also publicly questioning whether anyone will make AI investments pay off:

https://www.sequoiacap.com/article/ais-600b-question/

I can't tell you how great it was to take my kid down a grocery checkout aisle from which all the eye-level candy had been removed. Alas, I can't figure out how we keep the nation's executive toddlers from being dazzled by shiny AI pitches that leave us stuck with the consequences of their impulse purchases.

(Image: Cryteria, CC BY 3.0, modified)

Hey look at this (permalink)


A Wayback Machine banner.

This day in history (permalink)

#20yrsago Kalashnikov: US gov’t is pirating my AK-47 design https://www.nytimes.com/2004/07/26/world/who-s-a-pirate-russia-points-back-at-the-us.html

#20yrsago Real ships guerrilla DRM for the iPod https://www.nytimes.com/2004/07/26/business/media-realnetworks-plans-to-sell-songs-to-be-played-on-ipod.html

#20yrsago 30,000 anti-Induce Act letters sent to Congress https://web.archive.org/web/20040723084653/https://action.eff.org/action/index.asp?step=2&item=2918

#10yrsago Journalist believes his phone was hacked by spooks at HOPE X, will upload image for forensics https://thecryptosphere.com/2014/07/23/report-from-hope-x-surveillance-snowden-stratfor-and-surprises/

#10yrsago What’s original? Cloning games versus making games https://www.raphkoster.com/2014/07/23/when-is-a-clone/

#10yrsago Great video explainer: Vint Cerf on ICANN and NTIA https://www.youtube.com/watch?v=vd3dH90tdhk

#5yrsago Trade war: Hasbro is shifting manufacturing to Vietnam and India, drawing down production in China https://www.bloomberg.com/news/articles/2019-07-24/world-s-top-toymaker-joins-companies-leaving-china-s-factories

#5yrsago #Rickyrenuncia: Bowing to popular pressure, Puerto Rican governor Ricardo Rossello has resigned https://www.bloomberg.com/news/articles/2019-07-24/puerto-rico-lawmakers-push-to-impeach-crisis-beset-governor

#5yrsago #29leaks: someone leaked 15 years’ worth of data from London’s most notorious shell-company factory https://www.counterpunch.org/2019/07/24/this-london-firm-helps-the-wealthy-hide-assets-or-steal-them-luckily-we-have-15-years-of-their-client-communications/

#5yrsago E-scooter companies are desperate for repo men to stop impounding their vehicles https://www.theverge.com/2019/7/24/20696405/dockless-scooters-share-repo-men-repossessor-lawsuit-tow-yard-lime-bird-lyft-uber-razor

#5yrsago Adblocking: How about nah? https://www.eff.org/deeplinks/2019/07/adblocking-how-about-nah

#5yrsago Countries with higher levels of unionization have lower per-capita carbon footprints https://www.researchgate.net/publication/331445998_Is_Labor_Green

#5yrsago Analyzing 800 daily tweets that say “Today was the day that Donald Trump became president” https://twitter.com/waxpancake/status/1154098035183329280

Upcoming appearances (permalink)

A photo of me onstage, giving a speech, holding a mic.


A screenshot of me at my desk, doing a livecast.

Recent appearances (permalink)


A grid of my books with Will Stahle covers..

Latest books (permalink)


A cardboard book box with the Macmillan logo.

Upcoming books (permalink)

  • Picks and Shovels: a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books, February 2025

  • Unauthorized Bread: a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2025


Colophon (permalink)

Today's top sources: Baldur Bjarnason (https://toot.cafe/@baldur).

Currently writing:

  • Enshittification: a nonfiction book about platform decay. Today's progress: 772 words (26520 words total).

  • A Little Brother short story about DIY insulin PLANNING

  • Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. FORTHCOMING TOR BOOKS JAN 2025

  • Vigilant, Little Brother short story about remote invigilation. FORTHCOMING ON TOR.COM

  • Spill, a Little Brother short story about pipeline protests. FORTHCOMING ON TOR.COM

Latest podcast: The reason you can't buy a car is the same reason that your health insurer let hackers dox you https://craphound.com/news/2024/06/30/the-reason-you-cant-buy-a-car-is-the-same-reason-that-your-health-insurer-let-hackers-dox-you/

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Medium (no ads, paywalled):

https://doctorow.medium.com/

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

24.07.2024 à 19:54

Pluralistic: FTC vs surveillance pricing (24 Jul 2024)

Cory Doctorow

Texte intégral (5390 mots)


Today's links


A WWII-era photo of a five-story tall prop cash register in front of an apartment block on a busy street. The image has been altered: it has been colorized, and three psychedelic staring eyes have been added to the cash register.

FTC vs surveillance pricing (permalink)

In the mystical cosmology of economics, "prices" are of transcendental significance, the means by which the living market knows and adapts itself, giving rise to "efficient" production and consumption.

At its most basic level, the metaphysics of pricing goes like this: if there is less of something for sale than people want to buy, the seller will raise the price until enough buyers drop out and demand equals supply. If the disappointed would-be buyers are sufficiently vocal about their plight, other sellers will enter the market (bankrolled by investors who sense an opportunity), causing supplies to increase and prices to fall until the system is in "equilibrium" – producing things as cheaply as possible in precisely the right quantities to meet demand. In the parlance of neoclassical economists, prices aren't "set": they are discovered.

In antitrust law, there are many sins, but they often boil down to "price setting." That is, if a company has enough "market power" that they can dictate prices to their customers, they are committing a crime and should be punished. This is such a bedrock of neoclassical economics that it's a tautology "market power" exists where companies can "set prices"; and to "set prices," you need "market power."

Prices are the blood cells of the market, shuttling nutrients (in the form of "information") around the sprawling colony organism composed of all the buyers, sellers, producers, consumers, intermediaries and other actors. Together, the components of this colony organism all act on the information contained in the "price signals" to pursue their own self-interest. Each self-interested action puts more information into the system, triggering more action. Together, price signals and the actions they evince eventually "discover" the price, an abstraction that is yanked out of the immaterial plane of pure ideas and into our grubby, physical world, causing mines to re-open, shipping containers and pipelines to spark to life, factories to retool, trucks to fan out across the nation, retailers to place ads and hoist SALE banners over their premises, and consumers to race to those displays and open their wallets.

When prices are "distorted," all of this comes to naught. During the notorious "socialist calculation debate" of 1920s Austria, right-wing archdukes of religious market fundamentalism, like Von Hayek and Von Mises, trounced their leftist opponents, arguing that the market was the only computational system capable of calculating how much of each thing should be made, where it should be sent, and how much it should be sold for.

Attempts to "plan" the economy – say, by subsidizing industries or limiting prices – may be well-intentioned, but they broke the market's computations and produced haywire swings of both over- and underproduction. Later, the USSR's planned economy did encounter these swings. These were sometimes very grave (famines that killed millions) and sometimes silly (periods when the only goods available in regional shops were forks, say, creating local bubbles in folk art made from forks).

Unplanned markets do this too. Most notoriously, capitalism has produced a vast oversupply of carbon-intensive goods and processes, and a huge undersupply of low-carbon alternatives, bringing the human civilization to the brink of collapse. Not only have capitalism's price signals failed to address this existential crisis to humans, it has also sown the seeds of its own ruin – the market computer's not going to be getting any "price signals" from people as they drown in floods or roast to death on sidewalks that deliver second-degree burns to anyone who touches them:

https://www.fastcompany.com/91151209/extreme-heat-southwest-phoenix-surface-burns-scorching-pavement-sidewalks-pets

For market true believers, these failures are just evidence that regulation is distorting markets, and that the answer is more unregulated markets to infuse the computer with more price signals. When it comes to carbon, the problem is that producers are "producing negative externalities" (that is, polluting and sticking us with the bill). If we can just get them to "internalize" those costs, they will become "economically rational" and switch to low-carbon alternatives.

That's the theory behind the creation and sale of carbon credits. Rather than ordering companies to stop risking civilizational collapse and mass extinction, we can incentivize them to do so by creating markets that reward clean tech and punish dirty practices. The buying and selling of carbon credits is supposed to create price signals reflecting the existential risk to the human race and the only habitable planet known to our species, which the market will then "bring into equilibrium."

Unfortunately, reality has a distinct and unfair leftist bias. Carbon credits are a market for lemons. The carbon credits you buy to "offset" your car or flight are apt to come from a forest that has already burned down, or that had already been put in a perpetual trust as a wildlife preserve and could never be logged:

https://pluralistic.net/2022/03/18/greshams-carbon-law/#papal-indulgences

Carbon credits produce the most perverse outcomes imaginable. For example, much of Tesla's profitability has been derived from the sale of carbon credits to the manufacturers of the dirtiest, most polluting SUVs on Earth; without those Tesla credits, those SUVs would have been too expensive to sell, and would not have existed:

https://pluralistic.net/2021/11/24/no-puedo-pagar-no-pagara/#Rat

What's more, carbon credits aren't part of an "all of the above" strategy that incorporates direct action to prevent our species downfall. These market solutions are incompatible with muscular direct action, and if we do credits, we can't do other stuff that would actually work:

https://pluralistic.net/2023/10/31/carbon-upsets/#big-tradeoff

Even though price signals have repeatedly proven themselves to be an insufficient mechanism for producing "efficient" or even "survivable," they remain the uppermost spiritual value in the capitalist pantheon. Even through the last 40 years of unrelenting assaults on antitrust and competition law, the one form of corporate power that has remained both formally and practically prohibited is "pricing power."

That's why the DoJ was able to block tech companies and major movie studios from secretly colluding to suppress their employees' wages, and why those employees were able to get huge sums out of their employers:

https://en.wikipedia.org/wiki/High-Tech_Employee_Antitrust_Litigation

It's also why the Big Six (now Big Five) publishers and Apple got into so much trouble for colluding to set a floor on the price of ebooks:

https://en.wikipedia.org/wiki/United_States_v._Apple_(2012)

When it comes to monopoly, even the most Bork-pilled, Manne-poisoned federal judges and agencies have taken a hard line on price-fixing, because "distortions" of prices make the market computer crash.

But despite this horror of price distortions, America's monopolists have found so many ways to manipulate prices. Last month, The American Prospect devoted an entire issue to the many ways that monopolies and cartels have rigged the prices we pay, pushing them higher and higher, even as our wages stagnated and credit became more expensive:

https://prospect.org/pricing

For example, there's the plague of junk fees (AKA "drip pricing," or, if you're competing to be first up against the wall come the revolution, "ancillary revenue"), everything from baggage fees from airlines to resort fees at hotels to the fee your landlord charges if you pay your rent by check, or by card, or in cash:

https://pluralistic.net/2024/06/07/drip-drip-drip/#drip-off

There's the fake transparency gambit, so beloved of America's hospitals:

https://pluralistic.net/2024/06/13/a-punch-in-the-guts/#hayek-pilled

The "greedflation" that saw grocery prices skyrocketing, which billionaire grocery plutes blamed on covid stimulus checks, even as they boasted to their shareholders about their pricing power:

https://prospect.org/economy/2024-06-12-war-in-the-aisles/

There's the the tens of billions the banks rake in with usurious interest rates, far in excess of the hikes to the central banks' prime rates (which are, in turn, justified in light of the supposed excesses of covid relief checks):

https://prospect.org/economy/2024-06-11-what-we-owe/

There are the scams that companies like Amazon pull with their user interfaces, tricking you into signing up for subscriptions or upsells, which they grandiosely term "dark patterns," but which are really just open fraud:

https://prospect.org/economy/2024-06-10-one-click-economy/

There are "surge fees," which are supposed to tempt more producers (e.g. Uber drivers) into the market when demand is high, but which are really just an excuse to gouge you – like when Wendy's threatens to surge-price its hamburgers:

https://prospect.org/economy/2024-06-07-urge-to-surge/

And then there's surveillance pricing, the most insidious and profitable way to jack up prices. At its core, surveillance pricing uses nonconsensually harvested private information to inform an algorithm that reprices the things you buy – from lattes to rent – in real-time:

https://pluralistic.net/2024/06/05/your-price-named/#privacy-first-again

Companies like Plexure – partially owned by McDonald's – boasts that it can use surveillance data to figure out what your payday is and then hike the price of the breakfast sandwich or after-work soda you buy every day.

Like every bad pricing practice, surveillance pricing has its origins in the aviation industry, which invested early on and heavily in spying on fliers to figure out how much they could each afford for their plane tickets and jacking up prices accordingly. Architects of these systems then went on to found companies like Realpage, a data-brokerage that helps landlords illegally collude to rig rent prices.

Algorithmic middlemen like Realpage and ATPCO – which coordinates price-fixing among the airlines – are what Dan Davies calls "accountability sinks." A cartel sends all its data to a separate third party, which then compares those prices and tells everyone how much to jack them up in order to screw us all:

https://profilebooks.com/work/the-unaccountability-machine/

These price-fixing middlemen are everywhere, and they predate the boom in commercial surveillance. For example, Agri-Stats has been helping meatpackers rig the price of meat for 40 years:

https://pluralistic.net/2023/10/04/dont-let-your-meat-loaf/#meaty-beaty-big-and-bouncy

But when you add commercial surveillance to algorithmic pricing, you get a hybrid more terrifying than any cocaine-sharks (or, indeed, meth-gators):

https://www.nbcnews.com/news/us-news/tennessee-police-warn-locals-not-flush-drugs-fear-meth-gators-n1030291

Apologists for these meth-gators insist that surveillance pricing's true purpose is to let companies offer discounts. A streaming service can't afford to offer $0.99 subscriptions to the poor because then all the rich people would stop paying $19.99. But with surveillance pricing, every customer gets a different price, titrated to their capacity to pay, and everyone wins.

But that's not how it cashes out in the real world. In the real world, rich people who get ripped off have the wherewithal to shop around, complain effectively to a state AG, or punish companies by taking their business elsewhere. Meanwhile, poor people aren't just cash-poor, they're also time-poor and political influence-poor.

When the dollar store duopoly forces all the mom-and-pop grocers in your town out of business with predatory pricing, and creating food deserts that only they serve, no one cares, because state AGs and politicians don't care about people who shop at dollar stores. Then, the dollar stores can collude with manufacturers to get shrunken "cheater sized" products that sell for a dollar, but cost double or triple the grocery store price by weight or quantity:

https://pluralistic.net/2023/03/27/walmarts-jackals/#cheater-sizes

Yes, fliers who seem to be flying on business (last-minute purchasers who don't have a Saturday stay) get charged more than people whose purchase makes them seem to be someone flying away for a vacation. But that's only because aviation prices haven't yet fully transitioned to surveillance pricing. If an airline can correctly calculate that you are taking a trip because you're a grad student who must attend a conference in order to secure a job, and if they know precisely how much room you have left on your credit card, they can charge you everything you can afford, to the cent.

Your ability to resist pricing power isn't merely a function of a company's market power – it's also a function of your political power. Poor people may have less to steal, but no one cares when they get robbed:

https://pluralistic.net/2024/07/19/martha-wright-reed/#capitalists-hate-capitalism

So surveillance pricing, supercharged by algorithms, represent a serious threat to "prices," which is the one thing that the econo-religious fundamentalists of the capitalist class value above all else. That makes surveillance pricing low-hanging fruit for regulatory enforcement: a bipartisan crime that has few champions on either side of the aisle.

Cannily, the FTC has just declared war on surveillance pricing, ordering eight key players in the industry (including capitalism's arch-villains, McKinsey and Jpmorgan Chase) to turn over data that can be used to prosecute them for price-fixing within 45 days:

https://www.ftc.gov/news-events/news/press-releases/2024/07/ftc-issues-orders-eight-companies-seeking-information-surveillance-pricing

As American Prospect editor-in-chief David Dayen notes in his article on the order, the FTC is doing what he and his journalistic partners couldn't: forcing these companies to cough up internal data:

https://prospect.org/economy/2024-07-24-ftc-opens-surveillance-pricing-inquiry/

This is important, and not just because of the wriggly critters the FTC will reveal as they use their powers to turn over this rock. Administrative agencies can't just do whatever they want. Long before the agencies were neutered by the Supreme Court, they had strict rules requiring them to gather evidence, solicit comment and counter-comment, and so on, before enacting any rules:

https://pluralistic.net/2022/10/18/administrative-competence/#i-know-stuff

Doubtless, the Supreme Court's Loper decision (which overturned "Chevron deference" and cut off the agencies' power to take actions that they don't have detailed, specific authorization to take) will embolden the surveillance pricing industry to take the FTC to court on this. It's hard to say whether the courts will find in the FTC's favor. Section 6(b) of the FTC Act clearly lets the FTC compel these disclosures as part of an enforcement action, but they can't start an enforcement action until they have evidence, and through the whole history of the FTC, these kinds of orders have been a common prelude to enforcement.

One thing this has going for it is that it is bipartisan: all five FTC commissioners, including both Republicans (including the Republican who votes against everything) voted in favor of it. Price gouging is the kind of easy-to-grasp corporate crime that everyone hates, irrespective of political tendency.

In the Prospect piece on Ticketmaster's pricing scam, Dayen and Groundwork's Lindsay Owens called this the "Age of Recoupment":

https://pluralistic.net/2024/06/03/aoi-aoi-oh/#concentrated-gains-vast-diffused-losses

For 40 years, neoclassical economics' focus on "consumer welfare" meant that companies could cheat and squeeze their workers and suppliers as hard as they wanted, so long as prices didn't go up. But after 40 years, there's nothing more to squeeze out of workers or suppliers, so it's time for the cartels to recoup by turning on us, their customers.

They believe – perhaps correctly – that they have amassed so much market power through mergers and lobbying that they can cross the single bright line in neoliberal economics' theory of antitrust: price-gouging. No matter how sincere the economics profession's worship of prices might be, it still might not trump companies that are too big to fail and thus too big to jail.

The FTC just took an important step in defense of all of our economic wellbeing, and it's a step that even the most right-wing economist should applaud. They're calling the question: "Do you really think that price-distortion is a cardinal sin? If so, you must back our play."

Hey look at this (permalink)


A Wayback Machine banner.

This day in history (permalink)

#15yrsago Ask Google to guarantee privacy for the future of reading https://web.archive.org/web/20100703132925/https://secure.eff.org/site/Advocacy?cmd=display&page=UserAction&id=433

#15yrsago Kadrey’s SANDMAN SLIM: a hard-boiled revenge novel from Hell https://memex.craphound.com/2009/07/24/kadreys-sandman-slim-a-hard-boiled-revenge-novel-from-hell/

#10yrsago Michigan sheriff issues inmates black-and-white striped uniforms https://www.washingtonpost.com/news/morning-mix/wp/2014/07/22/michigan-inmates-to-get-black-and-white-striped-uniforms-orange-is-now-too-cool-sheriff-says/

#10yrsago Back pain: Acetaminophen no better than placebos https://www.thelancet.com/journals/lancet/article/PIIS0140-6736(14)60805-9/abstract

#10yrsago Report from America’s militarized, constitution-free border-zone https://www.salon.com/2014/07/20/bring_the_battlefield_to_the_border_how_americas_immigration_wars_were_poisoned_by_the_military_industrial_complex/

#10yrsago Family kicked off Denver Southwest flight because Dad tweeted about the rude gate-agent https://www.cbsnews.com/minnesota/news/family-asked-to-leave-sw-plane-after-tweet/

#10yrsago Pirate Bay traffic doubles over three years https://torrentfreak.com/pirate-bay-traffic-doubles-despite-isp-blockades-140717/

#10yrsago Comixology adds DRM-free option! Excelsior! https://memex.craphound.com/2014/07/24/comixology-adds-drm-free-option-excelsior/

#5yrsago Share prices slide as DOJ announces sweeping antitrust investigations of Big Tech https://www.cnbc.com/2019/07/23/doj-reportedly-to-open-broad-antitrust-review-of-big-tech-tech-stocks-dip.html

#5yrsago AP: the mob who attacked Hong Kong protesters were rural thugs hired by gangsters https://apnews.com/article/4867ea5aafbd45b78eb1747b8b84c04f

#5yrsago A generalized method for re-identifying people in “anonymized” data-sets https://www.nytimes.com/2019/07/23/health/data-privacy-protection.html

#5yrsago William Barr’s terrible, stupid idea to ban working crypto is slightly less terrible and stupid than earlier ideas https://memex.craphound.com/2019/07/24/william-barrs-terrible-stupid-idea-to-ban-working-crypto-is-slightly-less-terrible-and-stupid-than-earlier-ideas/

#5yrsago Because Internet: the new linguistics of informal English https://memex.craphound.com/2019/07/24/because-internet-the-new-linguistics-of-informal-english/

#1yrago Autoenshittification https://pluralistic.net/2023/07/24/rent-to-pwn/#kitt-is-a-demon

Upcoming appearances (permalink)

A photo of me onstage, giving a speech, holding a mic.


A screenshot of me at my desk, doing a livecast.

Recent appearances (permalink)


A grid of my books with Will Stahle covers..

Latest books (permalink)


A cardboard book box with the Macmillan logo.

Upcoming books (permalink)

  • Picks and Shovels: a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books, February 2025

  • Unauthorized Bread: a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2025


Colophon (permalink)

Today's top sources:

Currently writing:

  • Enshittification: a nonfiction book about platform decay. Today's progress: 751 words (25741 words total).

  • A Little Brother short story about DIY insulin PLANNING

  • Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. FORTHCOMING TOR BOOKS JAN 2025

  • Vigilant, Little Brother short story about remote invigilation. FORTHCOMING ON TOR.COM

  • Spill, a Little Brother short story about pipeline protests. FORTHCOMING ON TOR.COM

Latest podcast: The reason you can't buy a car is the same reason that your health insurer let hackers dox you https://craphound.com/news/2024/06/30/the-reason-you-cant-buy-a-car-is-the-same-reason-that-your-health-insurer-let-hackers-dox-you/

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Medium (no ads, paywalled):

https://doctorow.medium.com/

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

ftc, surveillance p

23.07.2024 à 13:16

Pluralistic: Holy CRAP the UN Cybercrime Treaty is a nightmare (23 Jul 2024)

Cory Doctorow

Texte intégral (4056 mots)


Today's links


EFF's graphic for the UN Cybercrime Convention; it features a stylized mercator map of Earth with an iris in its center; it sits on a background of computer code and overlapping rectangles.

Holy CRAP the UN Cybercrime Treaty is a nightmare (permalink)

If there's one thing I learned from all my years as an NGO delegate to UN specialized agencies, it's that UN treaties are dangerous, liable to capture by unholy alliances of authoritarian states and rapacious global capitalists.

Most of my UN work was on copyright and "paracopyright," and my track record was 2:0; I helped kill a terrible treaty (the WIPO Broadcast Treaty) and helped pass a great one (the Marrakesh Treaty on the rights of people with disabilities to access copyrighted works):

https://www.wipo.int/treaties/en/ip/marrakesh/

It's been many years since I had to shave and stuff myself into a suit and tie and go to Geneva, and I don't miss it – and thankfully, I have colleagues who do that work, better than I ever did. Yesterday, I heard from one such EFF colleague, Katitza Rodriguez, about the Cybercrime Treaty, which is about to pass, and which is, to put it mildly, terrifying:

https://www.eff.org/deeplinks/2024/07/un-cybercrime-draft-convention-dangerously-expands-state-surveillance-powers

Look, cybercrime is a real thing, from pig butchering to ransomware, and there's real, global harms that can be attributed to it. Cybercrime is transnational, making it hard for cops in any one jurisdiction to handle it. So there's a reason to think about formal international standards for fighting cybercrime.

But that's not what's in the Cybercrime Treaty.

Here's a quick sketch of the significant defects in the Cybercrime Treaty.

The treaty has an extremely loose definition of cybercrime, and that looseness is deliberate. In authoritarian states like China and Russia (whose delegations are the driving force behind this treaty), "cybercrime" has come to mean "anything the government disfavors, if you do it with a computer." "Cybercrime" can mean online criticism of the government, or professions of religious belief, or material supporting LGBTQ rights.

Nations that sign up to the Cybercrime Treaty will be obliged to help other nations fight "cybercrime" – however those nations define it. They'll be required to provide surveillance data – for example, by forcing online services within their borders to cough up their users' private data, or even to pressure employees to install back-doors in their systems for ongoing monitoring.

These obligations to aid in surveillance are mandatory, but much of the Cybercrime Treaty is optional. What's optional? The human rights safeguards. Member states "should" or "may" create standards for legality, necessity, proportionality, non-discrimination, and legitimate purpose. But even if they do, the treaty can oblige them to assist in surveillance orders that originate with other states that decided not to create these standards.

When that happens, the citizens of the affected states may never find out about it. There are eight articles in the treaty that establish obligations for indefinite secrecy regarding surveillance undertaken on behalf of other signatories. That means that your government may be asked to spy on you and the people you love, they may order employees of tech companies to backdoor your account and devices, and that fact will remain secret forever. Forget challenging these sneak-and-peek orders in court – you won't even know about them:

https://www.eff.org/deeplinks/2024/06/un-cybercrime-draft-convention-blank-check-unchecked-surveillance-abuses

Now here's the kicker: while this treaty creates broad powers to fight things governments dislike, simply by branding them "cybercrime," it actually undermines the fight against cybercrime itself. Most cybercrime involves exploiting security defects in devices and services – think of ransomware attacks – and the Cybercrime Treaty endangers the security researchers who point out these defects, creating grave criminal liability for the people we rely on to warn us when the tech vendors we rely upon have put us at risk.

This is the granddaddy of tech free speech fights. Since the paper tape days, researchers who discovered defects in critical systems have been intimidated, threatened, sued and even imprisoned for blowing the whistle. Tech giants insist that they should have a veto over who can publish true facts about the defects in their products, and dress up this demand as concern over security. "If you tell bad guys about the mistakes we made, they will exploit those bugs and harm our users. You should tell us about those bugs, sure, but only we can decide when it's the right time for our users and customers to find out about them."

When it comes to warnings about the defects in their own products, corporations have an irreconcilable conflict of interest. Time and again, we've seen corporations rationalize their way into suppressing or ignoring bug reports. Sometimes, they simply delay the warning until they've concluded a merger or secured a board vote on executive compensation.

Sometimes, they decide that a bug is really a feature – like when Facebook decided not to do anything about the fact that anyone could enumerate the full membership of any Facebook group (including, for example, members of a support group for people with cancer). This group enumeration bug was actually a part of the company's advertising targeting system, so they decided to let it stand, rather than re-engineer their surveillance advertising business.

The idea that users are safer when bugs are kept secret is called "security through obscurity" and no one believes in it – except corporate executives. As Bruce Schneier says, "Anyone can design a system that is so secure that they themselves can't break it. That doesn't mean it's secure – it just means that it's secure against people stupider than the system's designer":

The history of massive, brutal cybersecurity breaches is an unbroken string of heartbreakingly naive confidence in security through obscurity:

https://pluralistic.net/2023/02/05/battery-vampire/#drained

But despite this, the idea that some bugs should be kept secret and allowed to fester has powerful champions: a public-private partnership of corporate execs, government spy agencies and cyber-arms dealers. Agencies like the NSA and CIA have huge teams toiling away to discover defects in widely used products. These defects put the populations of their home countries in grave danger, but rather than reporting them, the spy agencies hoard these defects.

The spy agencies have an official doctrine defending this reckless practice: they call it "NOBUS," which stands for "No One But Us." As in: "No one but us is smart enough to find these bugs, so we can keep them secret and use them attack our adversaries, without worrying about those adversaries using them to attack the people we are sworn to protect."

NOBUS is empirically wrong. In the 2010s, we saw a string of leaked NSA and CIA cyberweapons. One of these, "Eternalblue" was incorporated into off-the-shelf ransomware, leading to the ransomware epidemic that rages even today. You can thank the NSA's decision to hoard – rather than disclose and patch – the Eternalblue exploit for the ransoming of cities like Baltimore, hospitals up and down the country, and an oil pipeline:

https://en.wikipedia.org/wiki/EternalBlue

The leak of these cyberweapons didn't just provide raw material for the world's cybercriminals, it also provided data for researchers. A study of CIA and NSA NOBUS defects found that there was a one-in-five chance of a bug that had been hoarded by a spy agency being independently discovered by a criminal, weaponized, and released into the wild.

Not every government has the wherewithal to staff its own defect-mining operation, but that's where the private sector steps in. Cyber-arms dealers like the NSO Group find or buy security defects in widely used products and services and turn them into products – military-grade cyberweapons that are used to attack human rights groups, opposition figures, and journalists:

https://pluralistic.net/2021/10/24/breaking-the-news/#kingdom

A good Cybercrime Treaty would recognize the perverse incentives that create the coalition to keep us from knowing which products we can trust and which ones we should avoid. It would shut down companies like the NSO Group, ban spy agencies from hoarding defects, and establish an absolute defense for security researchers who reveal true facts about defects.

Instead, the Cybercrime Treaty creates new obligations on signatories to help other countries' cops and courts silence and punish security researchers who make these true disclosures, ensuring that spies and criminals will know which products aren't safe to use, but we won't (until it's too late):

https://www.eff.org/deeplinks/2024/06/if-not-amended-states-must-reject-flawed-draft-un-cybercrime-convention

A Cybercrime Treaty is a good idea, and even this Cybercrime Treaty could be salvaged. The member-states have it in their power to accept proposed revisions that would protect human rights and security researchers, narrow the definition of "cybercrime," and mandate transparency. They could establish member states' powers to refuse illegitimate requests from other countries:

https://www.eff.org/press/releases/media-briefing-eff-partners-warn-un-member-states-are-poised-approve-dangerou

(Image: EFF, CC BY 3.0)

Hey look at this (permalink)


A Wayback Machine banner.

This day in history (permalink)

#15yrsago Teach kids to be safe on the net by getting them to think critically about censorware https://web.archive.org/web/20090728034546/http://www.internetevolution.com/document.asp?doc_id=179505&

#10yrsago The apology letter Google SHOULD have used to announce the end of G+ “Real Names” https://web.archive.org/web/20140716222946/https://infotrope.net/2014/07/16/meanwhile-in-an-alternate-universe/

#10yrsago White House caught secretly tracking Web visitors with sneaky spyware https://www.eff.org/deeplinks/2014/07/white-house-website-includes-unique-non-cookie-tracker-despite-privacy-policy

#10yrsago Fewer than 10% of UK families opt into “parental” filters https://web.archive.org/web/20140724004309/www.pcpro.co.uk/news/broadband/389926/those-parental-control-filters-as-few-as-4-are-signing-up

#10yrsago Profile of a NYC pickpocket https://www.nytimes.com/2014/07/20/nyregion/the-pickpockets-tale.html

#10yrsago EFF unveils secure, sharing-friendly, privacy-minded router OS https://www.eff.org/deeplinks/2014/07/building-open-wireless-router

#5yrsago Clever hack that will end badly: playing copyrighted music during Nazis rallies so they can’t be posted to Youtube https://memex.craphound.com/2019/07/23/clever-hack-that-will-end-badly-playing-copyrighted-music-during-nazis-rallies-so-they-cant-be-posted-to-youtube/

#5yrsago J Michael Straczynski’s “Becoming Superman”: a memoir of horrific abuse, war crimes, perseverance, trauma, triumph and doing what’s right https://memex.craphound.com/2019/07/23/j-michael-straczynskis-becoming-superman-a-memoir-of-horrific-abuse-war-crimes-perseverance-trauma-triumph-and-doing-whats-right/

#5yrsago Steve Bannon used nonconsensually harvested location data to advertise to people who’d been to a Catholic church https://www.techdirt.com/2019/07/23/steve-bannon-latest-to-abuse-consumer-location-data/

#5yrsago Women are much more likely to be injured in car crashes, probably because crash-test dummies are mostly male-shaped https://www.bloomberg.com/news/articles/2019-07-18/why-women-are-likelier-to-be-hurt-in-a-car-crash

#5yrsago A deep dive into Elizabeth Warren’s plan to tame private equity https://www.nakedcapitalism.com/2019/07/elizabeth-warren-seeks-to-cut-private-equity-down-to-size.html

#5yrsago Facebook’s alleged growth is largely coming from countries where Facebook says it has a fake account problem https://www.nakedcapitalism.com/2019/07/facebook-mark-zuckerbergs-fake-accounts-ponzi-scheme.html

#5yrsago From #TelegramGate to #RickyLeaks: Puerto Rico is on fire https://web.archive.org/web/20190719213344/https://www.thenation.com/article/puerto-rico-protests-scandal-rossello/

#1yrago When the Town Square Shatters https://pluralistic.net/2023/07/23/when-the-town-square-shatters/

Upcoming appearances (permalink)

A photo of me onstage, giving a speech, holding a mic.


A screenshot of me at my desk, doing a livecast.

Recent appearances (permalink)


A grid of my books with Will Stahle covers..

Latest books (permalink)


A cardboard book box with the Macmillan logo.

Upcoming books (permalink)

  • Picks and Shovels: a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books, February 2025

  • Unauthorized Bread: a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2025


Colophon (permalink)

Today's top sources:

Currently writing:

  • Enshittification: a nonfiction book about platform decay. Today's progress: 751 words (25741 words total).

  • A Little Brother short story about DIY insulin PLANNING

  • Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. FORTHCOMING TOR BOOKS JAN 2025

  • Vigilant, Little Brother short story about remote invigilation. FORTHCOMING ON TOR.COM

  • Spill, a Little Brother short story about pipeline protests. FORTHCOMING ON TOR.COM

Latest podcast: The reason you can't buy a car is the same reason that your health insurer let hackers dox you https://craphound.com/news/2024/06/30/the-reason-you-cant-buy-a-car-is-the-same-reason-that-your-health-insurer-let-hackers-dox-you/

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Medium (no ads, paywalled):

https://doctorow.medium.com/

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

22.07.2024 à 17:40

Pluralistic: Unpersoned (22 Jul 2024)

Cory Doctorow

Texte intégral (5783 mots)


Today's links


An editorial cartoon depicting the Standard Oil company as a word-girdling kraken, choking the statehouse, legislature and White House in its tentacles. It has been modified. The kraken's head is now surmounted by the hostile red eye of HAL 9000 from Kubrick's '2001: A Space Odyssey.' The sky behind the world has been replaced with a 'code waterfall' effect as seen in the credit sequences of the Wachowskis' 'Matrix' movies.

Unpersoned (permalink)

My latest Locus Magazine column is "Unpersoned." It's about the implications of putting critical infrastructure into the private, unaccountable hands of tech giants:

https://locusmag.com/2024/07/cory-doctorow-unpersoned/

The column opens with the story of romance writer K Renee, as reported by Madeline Ashby for Wired:

https://www.wired.com/story/what-happens-when-a-romance-author-gets-locked-out-of-google-docs/

Renee is a prolific writer who used Google Docs to compose her books, and share them among early readers for feedback and revisions. Last March, Renee's Google account was locked, and she was no longer able to access ten manuscripts for her unfinished books, totaling over 220,000 words. Google's famously opaque customer service – a mix of indifferently monitored forums, AI chatbots, and buck-passing subcontractors – would not explain to her what rule she had violated, merely that her work had been deemed "inappropriate."

Renee discovered that she wasn't being singled out. Many of her peers had also seen their accounts frozen and their documents locked, and none of them were able to get an explanation out of Google. Renee and her similarly situated victims of Google lockouts were reduced to developing folk-theories of what they had done to be expelled from Google's walled garden; Renee came to believe that she had tripped an anti-spam system by inviting her community of early readers to access the books she was working on.

There's a normal way that these stories resolve themselves: a reporter like Ashby, writing for a widely read publication like Wired, contacts the company and triggers a review by one of the vanishingly small number of people with the authority to undo the determinations of the Kafka-as-a-service systems that underpin the big platforms. The system's victim gets their data back and the company mouths a few empty phrases about how they take something-or-other "very seriously" and so forth.

But in this case, Google broke the script. When Ashby contacted Google about Renee's situation, Google spokesperson Jenny Thomson insisted that the policies for Google accounts were "clear": "we may review and take action on any content that violates our policies." If Renee believed that she'd been wrongly flagged, she could "request an appeal."

But Renee didn't even know what policy she was meant to have broken, and the "appeals" went nowhere.

This is an underappreciated aspect of "software as a service" and "the cloud." As companies from Microsoft to Adobe to Google withdraw the option to use software that runs on your own computer to create files that live on that computer, control over our own lives is quietly slipping away. Sure, it's great to have all your legal documents scanned, encrypted and hosted on GDrive, where they can't be burned up in a house-fire. But if a Google subcontractor decides you've broken some unwritten rule, you can lose access to those docs forever, without appeal or recourse.

That's what happened to "Mark," a San Francisco tech workers whose toddler developed a UTI during the early covid lockdowns. The pediatrician's office told Mark to take a picture of his son's infected penis and transmit it to the practice using a secure medical app. However, Mark's phone was also set up to synch all his pictures to Google Photos (this is a default setting), and when the picture of Mark's son's penis hit Google's cloud, it was automatically scanned and flagged as Child Sex Abuse Material (CSAM, better known as "child porn"):

https://pluralistic.net/2022/08/22/allopathic-risk/#snitches-get-stitches

Without contacting Mark, Google sent a copy of all of his data – searches, emails, photos, cloud files, location history and more – to the SFPD, and then terminated his account. Mark lost his phone number (he was a Google Fi customer), his email archives, all the household and professional files he kept on GDrive, his stored passwords, his two-factor authentication via Google Authenticator, and every photo he'd ever taken of his young son.

The SFPD concluded that Mark hadn't done anything wrong, but it was too late. Google had permanently deleted all of Mark's data. The SFPD had to mail a physical letter to Mark telling him he wasn't in trouble, because he had no email and no phone.

Mark's not the only person this happened to. Writing about Mark for the New York Times, Kashmir Hill described other parents, like a Houston father identified as "Cassio," who also lost their accounts and found themselves blocked from fundamental participation in modern life:

https://www.nytimes.com/2022/08/21/technology/google-surveillance-toddler-photo.html

Note that in none of these cases did the problem arise from the fact that Google services are advertising-supported, and because these people weren't paying for the product, they were the product. Buying a $800 Pixel phone or paying more than $100/year for a Google Drive account means that you're definitely paying for the product, and you're still the product.

What do we do about this? One answer would be to force the platforms to provide service to users who, in their judgment, might be engaged in fraud, or trafficking in CSAM, or arranging terrorist attacks. This is not my preferred solution, for reasons that I hope are obvious!

We can try to improve the decision-making processes at these giant platforms so that they catch fewer dolphins in their tuna-nets. The "first wave" of content moderation appeals focused on the establishment of oversight and review boards that wronged users could appeal their cases to. The idea was to establish these "paradigm cases" that would clarify the tricky aspects of content moderation decisions, like whether uploading a Nazi atrocity video in order to criticize it violated a rule against showing gore, Nazi paraphernalia, etc.

This hasn't worked very well. A proposal for "second wave" moderation oversight based on arms-length semi-employees at the platforms who gather and report statistics on moderation calls and complaints hasn't gelled either:

https://pluralistic.net/2022/03/12/move-slow-and-fix-things/#second-wave

Both the EU and California have privacy rules that allow users to demand their data back from platforms, but neither has proven very useful (yet) in situations where users have their accounts terminated because they are accused of committing gross violations of platform policy. You can see why this would be: if someone is accused of trafficking in child porn or running a pig-butchering scam, it would be perverse to shut down their account but give them all the data they need to go one committing these crimes elsewhere.

But even where you can invoke the EU's GDPR or California's CCPA to get your data, the platforms deliver that data in the most useless, complex blobs imaginable. For example, I recently used the CCPA to force Mailchimp to give me all the data they held on me. Mailchimp – a division of the monopolist and serial fraudster Intuit – is a favored platform for spammers, and I have been added to thousands of Mailchimp lists that bombard me with unsolicited press pitches and come-ons for scam products.

Mailchimp has spent a decade ignoring calls to allow users to see what mailing lists they've been added to, as a prelude to mass unsubscribing from those lists (for Mailchimp, the fact that spammers can pay it to send spam that users can't easily opt out of is a feature, not a bug). I thought that the CCPA might finally let me see the lists I'm on, but instead, Mailchimp sent me more than 5900 files, scattered through which were the internal serial numbers of the lists my name had been added to – but without the names of those lists any contact information for their owners. I can see that I'm on more than 1,000 mailing lists, but I can't do anything about it.

Mailchimp shows how a rule requiring platforms to furnish data-dumps can be easily subverted, and its conduct goes a long way to explaining why a decade of EU policy requiring these dumps has failed to make a dent in the market power of the Big Tech platforms.

The EU has a new solution to this problem. With its 2024 Digital Markets Act, the EU is requiring platforms to furnish APIs – programmatic ways for rivals to connect to their services. With the DMA, we might finally get something parallel to the cellular industry's "number portability" for other kinds of platforms.

If you've ever changed cellular platforms, you know how smooth this can be. When you get sick of your carrier, you set up an account with a new one and get a one-time code. Then you call your old carrier, endure their pathetic begging not to switch, give them that number and within a short time (sometimes only minutes), your phone is now on the new carrier's network, with your old phone-number intact.

This is a much better answer than forcing platforms to provide service to users whom they judge to be criminals or otherwise undesirable, but the platforms hate it. They say they hate it because it makes them complicit in crimes ("if we have to let an accused fraudster transfer their address book to a rival service, we abet the fraud"), but it's obvious that their objection is really about being forced to reduce the pain of switching to a rival.

There's a superficial reasonableness to the platforms' position, but only until you think about Mark, or K Renee, or the other people who've been "unpersonned" by the platforms with no explanation or appeal.

The platforms have rigged things so that you must have an account with them in order to function, but they also want to have the unilateral right to kick people off their systems. The combination of these demands represents more power than any company should have, and Big Tech has repeatedly demonstrated its unfitness to wield this kind of power.

This week, I lost an argument with my accountants about this. They provide me with my tax forms as links to a Microsoft Cloud file, and I need to have a Microsoft login in order to retrieve these files. This policy – and a prohibition on sending customer files as email attachments – came from their IT team, and it was in response to a requirement imposed by their insurer.

The problem here isn't merely that I must now enter into a contractual arrangement with Microsoft in order to do my taxes. It isn't just that Microsoft's terms of service are ghastly. It's not even that they could change those terms at any time, for example, to ingest my sensitive tax documents in order to train a large language model.

It's that Microsoft – like Google, Apple, Facebook and the other giants – routinely disconnects users for reasons it refuses to explain, and offers no meaningful appeal. Microsoft tells its business customers, "force your clients to get a Microsoft account in order to maintain communications security" but also reserves the right to unilaterally ban those clients from having a Microsoft account.

There are examples of this all over. Google recently flipped a switch so that you can't complete a Google Form without being logged into a Google account. Now, my ability to purse all kinds of matters both consequential and trivial turn on Google's good graces, which can change suddenly and arbitrarily. If I was like Mark, permanently banned from Google, I wouldn't have been able to complete Google Forms this week telling a conference organizer what sized t-shirt I wear, but also telling a friend that I could attend their wedding.

Now, perhaps some people really should be locked out of digital life. Maybe people who traffick in CSAM should be locked out of the cloud. But the entity that should make that determination is a court, not a Big Tech content moderator. It's fine for a platform to decide it doesn't want your business – but it shouldn't be up to the platform to decide that no one should be able to provide you with service.

This is especially salient in light of the chaos caused by Crowdstrike's catastrophic software update last week. Crowdstrike demonstrated what happens to users when a cloud provider accidentally terminates their account, but while we're thinking about reducing the likelihood of such accidents, we should really be thinking about what happens when you get Crowdstruck on purpose.

The wholesale chaos that Windows users and their clients, employees, users and stakeholders underwent last week could have been pieced out retail. It could have come as a court order (either by a US court or a foreign court) to disconnect a user and/or brick their computer. It could have come as an insider attack, undertaken by a vengeful employee, or one who was on the take from criminals or a foreign government. The ability to give anyone in the world a Blue Screen of Death could be a feature and not a bug.

It's not that companies are sadistic. When they mistreat us, it's nothing personal. They've just calculated that it would cost them more to run a good process than our business is worth to them. If they know we can't leave for a competitor, if they know we can't sue them, if they know that a tech rival can't give us a tool to get our data out of their silos, then the expected cost of mistreating us goes down. That makes it economically rational to seek out ever-more trivial sources of income that impose ever-more miserable conditions on us. When we can't leave without paying a very steep price, there's practically a fiduciary duty to find ways to upcharge, downgrade, scam, screw and enshittify us, right up to the point where we're so pissed that we quit.

Google could pay competent decision-makers to review every complaint about an account disconnection, but the cost of employing that large, skilled workforce vastly exceeds their expected lifetime revenue from a user like Mark. The fact that this results in the ruination of Mark's life isn't Google's problem – it's Mark's problem.

The cloud is many things, but most of all, it's a trap. When software is delivered as a service, when your data and the programs you use to read and write it live on computers that you don't control, your switching costs skyrocket. Think of Adobe, which no longer lets you buy programs at all, but instead insists that you run its software via the cloud. Adobe used the fact that you no longer own the tools you rely upon to cancel its Pantone color-matching license. One day, every Adobe customer in the world woke up to discover that the colors in their career-spanning file collections had all turned black, and would remain black until they paid an upcharge:

https://pluralistic.net/2022/10/28/fade-to-black/#trust-the-process

The cloud allows the companies whose products you rely on to alter the functioning and cost of those products unilaterally. Like mobile apps – which can't be reverse-engineered and modified without risking legal liability – cloud apps are built for enshittification. They are designed to shift power away from users to software companies. An app is just a web-page wrapped in enough IP to make it a felony to add an ad-blocker to it. A cloud app is some Javascript wrapped in enough terms of service clickthroughs to make it a felony to restore old features that the company now wants to upcharge you for.

Google's defenstration of K Renee, Mark and Cassio may have been accidental, but Google's capacity to defenstrate all of us, and the enormous cost we all bear if Google does so, has been carefully engineered into the system. Same goes for Apple, Microsoft, Adobe and anyone else who traps us in their silos. The lesson of the Crowdstrike catastrophe isn't merely that our IT systems are brittle and riddled with single points of failure: it's that these failure-points can be tripped deliberately, and that doing so could be in a company's best interests, no matter how devastating it would be to you or me.

(Image: Cryteria, CC BY 3.0, modified)

Hey look at this (permalink)


A Wayback Machine banner.

This day in history (permalink)

#20yrsago Doonesbury to be dropped for being “too controversial” https://web.archive.org/web/20040723071326/https://www.editorandpublisher.com/eandp/news/article_display.jsp?vnu_content_id=1000581723

#20yrsago Secret Swing visit report https://web.archive.org/web/20040725050428/http://candycritic.bravejournal.com/entry/4178

#20yrsago Game developer: the real pirates are my publishers http://draginol.joeuser.com/article/21895

#20yrsago Imagineering head on Tiki Room rehab https://web.archive.org/web/20040806155355/http://www.laughingplace.com/default.asp?WCI=MsgBoard&WCE=T-51032-P-1&Refresh=0721171722

#20yrsago In-game product placement’s dystopian future https://terranova.blogs.com/terra_nova/2004/07/oh_great.html

#20yrsago Downloading isn’t killing music https://web.archive.org/web/20040724060140/http://www.guardian.co.uk/online/story/0,3605,1265840,00.html

#15yrsago Last Galapagos Pinta turtle finally knocks up a mate’s eggs https://web.archive.org/web/20090725192130/http://scienceray.com/earth-sciences/paleontology/lonesome-george-to-finally-be-a-father/

#15yrsago Photographer who shot demolition of flyover arrested for terrorism https://web.archive.org/web/20090713000304/http://monaxle.com/2009/07/08/section-44-in-chatham-high-street/

#15yrsago New ebook publisher from publishing veterans with novel ideas https://web.archive.org/web/20090715095849/http://www.crainsnewyork.com/article/20090712/SMALLBIZ/307129981

#15yrsago Sussex cops try to suppress publication of damning traffic-cam photos by claiming copyright http://www.thenewspaper.com/news/28/2845.asp

#15yrsago Giant database of English medieval soldiers online https://news.bbc.co.uk/2/hi/uk_news/8160081.stm

#15yrsago Why we should(n’t) go to space — Kim Stanley Robinson https://www.washingtonpost.com/wp-dyn/content/article/2009/07/17/AR2009071702018.html

#15yrsago PowerPoint considered militarily harmful https://web.archive.org/web/20090715072249/http://www.afji.com/2009/07/4061641

#15yrsago Secrets of the injection moulder https://web.archive.org/web/20090724143647/https://idsamp.wordpress.com/2009/07/20/ejection-mark-on-angled-surface/

#10yrsago Snowden will develop pro-privacy crypto tools https://www.reuters.com/article/2014/07/19/us-usa-snowden-hackers-idUSKBN0FO0ZB20140719/

#10yrsago Ocala, FL criminalizes sagging pants https://web.archive.org/web/20140723182151/https://www.wftv.com/news/news/local/ocala-bans-sagging-pants-city-owned-property/nghFj/

#10yrsago Infamous SF “eviction” lawfirm abuses DMCA to censor video of protest https://web.archive.org/web/20140723193431/http://sfappeal.com/2014/07/infamous-sf-eviction-lawyers-use-dmca-claim-to-silence-protest-video/

#10yrsago UOregon police kept a “Eat a Bowl of Dicks List” for their enemies https://www.techdirt.com/2014/07/21/cops-wrong-firing-lawsuit-leads-to-public-release-vulgarly-titled-enemies-list/

#10yrsago California Highway Patrol seize medical records of woman beaten by cop https://www.techdirt.com/2014/07/21/california-highway-patrol-seizes-medical-records-woman-officer-was-caught-tape-beating/

#10yrsago Florida principal broke rules by cancelling summer read of Little Brother https://www.pnj.com/story/news/education/2014/07/21/thomas-policy-followed-little-brother-dispute/12957445/

#5yrsago Podcast: Adversarial Interoperability is Judo for Network Effects https://ia903006.us.archive.org/6/items/Cory_Doctorow_Podcast_304/Cory_Doctorow_Podcast_304_-_Adversarial_Interoperability_is_Judo_for_Network_Effects.mp3

#5yrsago Violent mobs of alleged Triad gangsters dole out savage beatings to Hong Kong democracy protesters, cops nowhere to be found https://globalvoices.org/2019/07/22/armed-mobs-attack-anti-extradition-protesters-in-a-suburban-hong-kong-subway-station/

#5yrsago FBI agent describes finding “Frankensteins” and a “cooler full of penises” at an unregulated Arizona body-donation center https://www.azcentral.com/story/news/local/arizona-health/2019/07/19/cooler-penises-frankenstein-head-found-phoenix-body-donation-company/1720254001/

#5yrsago Nebraska Weather Service commemorates climate emergency by baking biscuits inside a hot car https://twitter.com/NWSOmaha/status/1151879325257535488

#5yrsago Louvre purges every mention of the Sackler opioid family after artist’s protest https://www.france24.com/en/20190721-sackler-name-removed-louvre-opioid-crisis-france?ref=tw_i

#5yrsago Elizabeth Warren’s banking proposals are designed to demolish the private equity sector and force finance to serve the people https://thereformedbroker.com/2019/07/21/elizabeth-warrens-banking-sector-napalm/

#5yrsago A 3D papercraft Haunted Mansion board game to print and assemble https://www.disneyexperience.com/activities/crafts/hm_game.php

#5yrsago Massive trove of Russian spy-agency docs hacked from private sector contractor and passed onto media https://www.bleepingcomputer.com/news/security/russian-fsb-intel-agency-contractor-hacked-secret-projects-exposed/

Upcoming appearances (permalink)

A photo of me onstage, giving a speech, holding a mic.


A screenshot of me at my desk, doing a livecast.

Recent appearances (permalink)


A grid of my books with Will Stahle covers..

Latest books (permalink)


A cardboard book box with the Macmillan logo.

Upcoming books (permalink)

  • Picks and Shovels: a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books, February 2025

  • Unauthorized Bread: a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2025


Colophon (permalink)

Today's top sources:

Currently writing:

  • Enshittification: a nonfiction book about platform decay. Today's progress: words ( words total).

  • A Little Brother short story about DIY insulin PLANNING

  • Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. FORTHCOMING TOR BOOKS JAN 2025

  • Vigilant, Little Brother short story about remote invigilation. FORTHCOMING ON TOR.COM

  • Spill, a Little Brother short story about pipeline protests. FORTHCOMING ON TOR.COM

Latest podcast: The reason you can't buy a car is the same reason that your health insurer let hackers dox you https://craphound.com/news/2024/06/30/the-reason-you-cant-buy-a-car-is-the-same-reason-that-your-health-insurer-let-hackers-dox-you/

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Medium (no ads, paywalled):

https://doctorow.medium.com/

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

20.07.2024 à 14:11

Pluralistic: AI art has no anti-cooption immune system (20 Jul 2024)

Cory Doctorow

Texte intégral (4313 mots)


Today's links


A collection of punk zines with the glaring eye of HAL 9000 from Kubrick's '2001: A Space Odyssey' in the center of the image.

AI art has no anti-cooption immune system (permalink)

One thing Myspace had going for it: it was exuberantly ugly. The decision to let users with no design training loose on a highly customizable user-interface led to a proliferation of Myspace pages that vibrated with personality.

The ugliness of Myspace wasn't just exciting in a kind of outsider/folk-art way (though it was that). Myspace's ugliness was an anti-cooption force-field, because corporate designers and art-directors would, by and large, rather break their fingers and gouge out their eyes than produce pages that looked like that.

In this regard, Myspace was the heir to successive generations of "design democratization" that gave amateur communities, especially countercultural ones, a space to operate in where authentic community members could be easily distinguished between parasitic commercializers.

The immediate predecessors to Myspace's ugliness-as-a-feature were the web, and desktop publishing. Between the img tag, imagemaps, the blink tag, animated GIFs, and the million ways that you could weird a page with tables and padding, the early web was positively bursting with individual personality. The early web balanced in an equilibrium between the plunder-friendliness of "view source" and the topsy-turvy design imperatives of web-based layout, which confounded both print designers (no fixed fonts! RGB colorspaces! dithering!) and even multimedia designers who'd cut their teeth on Hypercard and CD ROMs (no fixed layout!).

Before the web came desktop publishing, the million tractor-feed ransom notes combining Broderbund Print Shop fonts, joystick-edited pixel-art, and a cohort of enthusiasts ranging from punk zinesters to community newsletter publishers. As this work proliferated on coffee-shop counters and telephone poles, it was visibly, obviously distinct from the work produced by "real" designers – that is, designers who'd been a) trained and b) paid by a corporation to employ that training.

All of this matters, and not just for aesthetic reasons. Communities – especially countercultural ones – are where our society's creative ferment starts. Getting your start in the trenches of the counterculture wars is no proof against being co-opted later (indeed, many of the designers who cut their teeth desktop publishing weird zines went on to pull their hair and roll their eyes at the incredible fuggliness of the web). But without that zone of noncommercial, antiestablishment, communitarian low weirdness, design and culture would stagnate.

I started thinking about this 25 years ago, the first time I met William Gibson. I'd been assigned by the Globe and Mail to interview him for the launch of All Tomorrow's Parties:

https://craphound.com/nonfic/transcript.html

One of the questions I asked was about his famous aphorism, "The street finds its own use for things." Given how quickly each post-punk tendency had been absorbed by commercial culture, couldn't we say that "Madison Avenue finds its own use for the street"? His answer started me down a quarter-century of thinking and writing about this subject:

I worry about what we'll do in the future, [about the instantaneous co-opting of pop culture]. Where is our new stuff going to come from? What we're doing pop culturally is like burning the rain forest. The biodiversity of pop culture is really, really in danger. I didn't see it coming until a few years ago, but looking back it's very apparent.

I watch a sort of primitive form of the recommodification machine around my friends and myself in sixties, and it took about two years for this clumsy mechanism to get and try to sell us The Monkees.

In 1977, it took about eight months for a slightly faster more refined mechanism to put punk in the window of Holt Renfrew. It's gotten faster ever since. The scene in Seattle that Nirvana came from: as soon as it had a label, it was on the runways of Paris.

Ugliness, transgressiveness and shock all represent an incoherent, grasping attempt to keep the world out of your demimonde – not just normies and squares, but also and especially enthusiastic marketers who want to figure out how to sell stuff to you, and use you to sell stuff to normies and squares.

I think this is what drove a lot of people to 4chan (remember, before 4chan was famous for incubating neofascism, it was the birthplace of Anonymous): its shock culture, combined with a strong cultural norm of anonymity, made for a difficult-to-digest, thoroughly spiky morsel that resisted recommodification (for a while).

All of this brings me to AI art (or AI "art"). In his essay on the "eerieness" of AI art, Henry Farrell quotes Mark Fisher's "The Weird and the Eerie":

https://www.programmablemutter.com/p/large-language-models-are-uncanny

"Eeriness" here is defined as "when there is something present where there should be nothing, or is there is nothing present when there should be something." AI is eerie because it produces the seeming of intent, without any intender:

https://pluralistic.net/2024/05/13/spooky-action-at-a-close-up/#invisible-hand

When we contemplate "authentic" countercultural work – ransom-note DTP, the weird old web, seizure-inducing Myspace GIFs – it is arresting because the personality of the human entity responsible for it shines through. We might be able to recognize where that person ganked their source-viewed HTML or pixel-optimized GIF, but we can also make inferences about the emotional meaning of those choices. To see that work is to connect to a mind. That mind might not necessarily belong to someone you want to be friends with or ever meet in person, but it is unmistakably another person, and you can't help but learn something about yourself from the way that their work makes you feel.

This is why corporate work is so often called "soulless." The point of corporate art is to dress the artificial person of the corporation in the stolen skins of the humans it uses as its substrate. Corporations are potentially immortal, artificial colony organisms. They maintain the pretense of personality, but they have no mind, only action that is the crescendo of an orchestra of improvised instruments played by hundreds or thousands of employees and a handful of executives who are often working directly against one another:

https://locusmag.com/2022/03/cory-doctorow-vertically-challenged/

The corporation is – as Charlie Stross has it – the "slow AI" that is slowly converting our planet to the long-prophesied grey goo (or, more prosaically, wildfire ashes and boiled oceans). The real thing that is signified by CEOs' professed fears of runaway AI is runaway corporations. As Ted Chiang says, the experience of being nominally in charge of a corporation that refuses to do what you tell it to is the kind of thing that will give you nightmares about autonomous AI turning on its masters:

https://pluralistic.net/2023/03/09/autocomplete-worshippers/#the-real-ai-was-the-corporations-that-we-fought-along-the-way

The job of corporate designers is to find the signifiers of authenticity and dress up the corporate entity's robotic imperatives in this stolen flesh. Everything about AI is done in service to this goal: the chatbots that replace customer service reps are meant to both perfectly mimic a real, competent corporate representative while also hewing perfectly to corporate policy, without ever betraying the real human frailties that none of us can escape.

In the same way, the shillbots that pretend to be corporate superfans online are supposed to perfectly amplify the corporate message, the slow AI's conception of its own virtues, without injecting their own off-script, potentially cringey enthusiasms.

The Hollywood writers' strike was, at root, about the studio execs' dream that they could convert the "insights" of focus groups and audience research into a perfect script, without having to go through a phalanx of lippy screenwriters who insisted on explaining why they think your idea is stupid. "Hey, nerd, make me another ET, except make the hero a dog, and set it on Mars" is exactly how you prompt an AI:

https://pluralistic.net/2023/08/20/everything-made-by-an-ai-is-in-the-public-domain/

Corporate design's job is to produce the seeming of intention without any intender. The "personality" we're meant to sense when we encounter corporate design isn't the designer's, nor the art director's, nor even the CEO's. The "personality" is meant to be the slow AI's, but a corporation doesn't have a personality.

In his 2018 short story "Noon in the antilibrary," Karl Schroeder describes an "antilibrary" as an endlessly deep anaerobic lagoon of generative botshit:

https://www.technologyreview.com/2018/08/18/104097/noon-in-the-antilibrary/

The antilibrary is a generative AI system that can produce entire librarys’-worth of fake books with fake authors, fake citations by other fake experts with their own fake books and biographies and fake social media accounts, on-demand and instantly. It was speculation in 2018; it’s possible now. Creating an antilibrary is just a matter of investing in a sufficient number of graphics cards and electricity.

https://kschroeder.substack.com/p/after-the-internet

Reading Karl's reflections on the antilibrary crystallized something for me that I've been thinking about for a quarter-century, since I interviewed Gibson at the Penguin offices in north Toronto. It snapped something into place that I've trying to fit since encountering Henry's thoughts on the "eeriness" of AI work and the intent without an intender.

It made me realize why I dislike AI art so much, on a deep, aesthetic level. The point of an image generator is to buffer the intention of the prompter (which might be genuinely creative and bursting with personality) in layers of automated decision-making that flense the final product of any hint of the mind that caused its creation.

The most febrile, deeply weird and authentic prompts of the most excluded outsiders produce images that feel the same as the corporate AI illustrations that project the illusion of personality from the immortal, transhuman colony organism that is the limited liability corporation.

AI art is born coopted. Even the 4chan equivalent of AI – the deeply transgressive and immoral nonconsensual pornography – feels no different from the "official" AI porn churned out by "real" pornographers. "Shrimp Jesus" and other SEO-optimized Facebook slop is so uncanny because it is simultaneously "weird" ("that which does not belong") and yet it belongs in the same aesthetic bucket of the most anodyne Corporate Memphis ephemera:

https://en.wikipedia.org/wiki/Corporate_Memphis

We call it "generative" but AI art can't generate the kind of turnover that aerates the aesthetic soil. An artform that can't be transgressive is sterile, stillborn, a dead end.

(Image: Cryteria, CC BY 3.0; Jake, CC BY 2.0; modified)

Hey look at this (permalink)


A Wayback Machine banner.

This day in history (permalink)

#20yrsago Militant wing of the accessibility movement https://web.archive.org/web/20040722063824/http://www.wired.com/news/print/0,1294,64253,00.html

#15yrsago UK National Portrait Gallery threatens Wikipedia over scans of its public domain art https://news.bbc.co.uk/2/hi/technology/8156268.stm

#15yrsago Publishers’ shibboleths vs the future of publishing https://publishingperspectives.com/2009/07/why-publishing-cannot-be-saved-as-it-is/

#15yrsago Amazon’s Orwellian deletion of Kindle books https://memex.craphound.com/2009/07/20/amazons-orwellian-deletion-of-kindle-books/

#10yrsago Anti-NSA messages projected on US embassy in Berlin https://www.theverge.com/2014/7/19/5918473/german-artist-protests-nsa-with-light-graffiti-on-us-embassy-in-berlin

#10yrsago US “suspected terrorist” database had 1.5M names added to it in past 5 years https://www.sandiegouniontribune.com/2014/07/18/terrorist-database-continues-to-grow-at-rapid-rate/

#10yrsago Audio from Snowden/Ellsberg panel at HOPEX https://www.mediafire.com/download/mu7yqb1b1y7jty5/Ellsberg-Snowden-at-HopeX.mp3

#5yrsago Three California Nazis sentenced to prison for their participation in the Charlottesville “Unite the Right” rally https://www.justice.gov/usao-wdva/pr/three-members-california-based-white-supremacist-group-sentenced-riots-charges-related

#5yrsago A free, accessible, hyperlinked version of the Mueller Report https://blog.archive.org/2019/07/19/the-mueller-report-now-with-linked-footnotes-and-accessible/

#5yrsago Eminent psychologists condemn “emotion detection” systems as being grounded in junk science https://www.psychologicalscience.org/publications/emotional-expressions-reconsidered-challenges-to-inferring-emotion-from-human-facial-movements.html

#5yrsago Equifax settles with FTC, CFPB, states, and consumer class actions for $700m https://nypost.com/2019/07/19/equifax-agrees-to-pay-700m-after-massive-data-breach/

#5yrsago Chrome is patching a bug that lets sites detect and block private browsing mode, declares war on incognito-blocking https://arstechnica.com/information-technology/2019/07/chrome-76-prevents-nyt-and-other-news-sites-from-detecting-incognito-mode/

#1yrago Private equity ghouls have a new way to steal from their investors https://pluralistic.net/2023/07/20/continuation-fraud/#buyout-groups

Upcoming appearances (permalink)

A photo of me onstage, giving a speech, holding a mic.


A screenshot of me at my desk, doing a livecast.

Recent appearances (permalink)


A grid of my books with Will Stahle covers..

Latest books (permalink)


A cardboard book box with the Macmillan logo.

Upcoming books (permalink)

  • Picks and Shovels: a sequel to "Red Team Blues," about the heroic era of the PC, Tor Books, February 2025

  • Unauthorized Bread: a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2025


Colophon (permalink)

Today's top sources:

Currently writing:

  • Enshittification: a nonfiction book about platform decay. Friday's progress: 810 words (24183 words total).

  • A Little Brother short story about DIY insulin PLANNING

  • Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. FORTHCOMING TOR BOOKS JAN 2025

  • Vigilant, Little Brother short story about remote invigilation. FORTHCOMING ON TOR.COM

  • Spill, a Little Brother short story about pipeline protests. FORTHCOMING ON TOR.COM

Latest podcast: The reason you can't buy a car is the same reason that your health insurer let hackers dox you https://craphound.com/news/2024/06/30/the-reason-you-cant-buy-a-car-is-the-same-reason-that-your-health-insurer-let-hackers-dox-you/

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Medium (no ads, paywalled):

https://doctorow.medium.com/

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

6 / 10
 Persos A à L
Mona CHOLLET
Anna COLIN-LEBEDEV
Julien DEVAUREIX
Cory DOCTOROW
EDUC.POP.FR
Michel GOYA
Hubert GUILLAUD
Gérard FILOCHE
Alain GRANDJEAN
Hacking-Social
Samuel HAYAT
Dana HILLIOT
François HOUSTE
Tagrawla INEQQIQI
Infiltrés (les)
Clément JEANNEAU
Paul JORION
Michel LEPESANT
Frédéric LORDON
LePartisan.info
 
 Persos M à Z
Henri MALER
Christophe MASUTTI
Romain MIELCAREK
Richard MONVOISIN
Corinne MOREL-DARLEUX
Timothée PARRIQUE
Emmanuel PONT
Nicos SMYRNAIOS
VisionsCarto
Yannis YOULOUNTAS
Michaël ZEMMOUR
 
  Numérique
Binaire [Blogs Le Monde]
Christophe DESCHAMPS
Louis DERRAC
Olivier ERTZSCHEID
Olivier EZRATY
Framablog
Francis PISANI
Pixel de Tracking
Irénée RÉGNAULD
Nicolas VIVANT
 
  Collectifs
Arguments
Bondy Blog
Dérivation
Dissidences
Mr Mondialisation
Palim Psao
Paris-Luttes.info
ROJAVA Info
 
  Créatifs / Art / Fiction
Nicole ESTEROLLE
Julien HERVIEUX
Alessandro PIGNOCCHI
XKCD
🌓