[Plura-list] Pornhub and payment processors; Asset forfeiture is just theft; EU competition rules have real teeth; Blockchain voting is bullshit
Cory Doctorow
doctorow at craphound.com
Tue Dec 15 12:44:34 EST 2020
Today's links
* Pornhub and payment processors: No one elected Visa and Mastercard.
* Asset forfeiture is just theft: Cops steal more than robbers.
* EU competition rules have real teeth: The DSA and DMA are unveiled.
* Blockchain voting is bullshit: Yet another problem blockchain doesn't,
can't and won't solve.
* This day in history: 2005, 2010, 2015
* Colophon: Recent publications, upcoming/recent appearances, current
writing projects, current reading
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🥵 Pornhub and payment processors
Today, Pornhub took down all videos from unverified accounts after a New
York Times report documented instances of nonconsensual pornography and
child sexual abuse material on the service.
But the Times editorial isn't what spurred the shutdown: rather, it was
the decision by Visa and Mastercard to withdrawn Pornhub's payment
processing that prompted Pornhub to take action.
You may count that as a win. No one with any kind of moral center
endorses nonconsensual pornography, especially when it involves
children, and the less there is out there, the better the world is. I agree.
But we should also be worried about the growing monopolization of
payment processing, and the role that payment processors are coming to
play as gatekeepers for all kinds of activities.
https://www.eff.org/deeplinks/2020/12/visa-and-mastercard-are-trying-dictate-what-you-can-watch-pornhub
Mastercard and Visa are not qualified to make those calls. More
importantly, no one elected them to make those calls. No law requires
them to make those calls, and any law that tried would likely be
unconstitutional.
If you want a sex industry based on consent and dignity, this should
doubly worry you. After all, the first group of people shut down by
payment processors' arbitrary judgements about what speech should and
should exist were independent sex-workers.
https://newrepublic.com/article/160488/nick-kristof-holy-war-pornhub
It took years for the payment processors to work their way up to the
monopolistic, sprawling porn empire behind Pornhub - a Canadian company
called Mindgeek that maintains the pretense that it is headquartered in
Lichtenstein,a notorious tax-evasion jurisdiction.
There's an old saw that the sex industry are early tech adopters. That's
not quite true - rather, people with disfavored views are the first
people for whom it's worth figuring out new technologies, since the old
ones are unavailable to them.
Porn got into home films because most big cinemas wouldn't screen
pornography. They got into VHS because it was easier to duplicate than
film. They got into the net because it offered access without social
costs of being seen in the adult section of the video rental place.
But while pornographers aren't early adopters, they ARE leading
indicators. Pornographers' fights with novel censorship tactics are also
trial-runs for using those tactics against OTHER people - and payment
processors have already been pressed into service.
Visa and Mastercard threats have been used to block or shut down
journalism, self-published books, dating services.
Mindgeek and Pornhub don't need our sympathy, but hard cases make bad law.
With only a few payment processors online, our ability to engage in
legal conduct will always be at the mercy of Visa, Mastercard and a
handful of others.
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🥵 Asset forfeiture is just theft
If you're charged with a crime, the prosecutor has to prove you did it
beyond a reasonable doubt; when it's a civil case, it's up to YOU to
prove based on "preponderance of evidence" that you are innocent. A real
difference, especially when the accused is an inanimate object.
In civil asset forfeiture, police seize the goods of people they suspect
of criminal activity - without the need for a charge or conviction - and
sue that property (i.e. "State of Iowa v Six Tons of Bricks") and you
pay a lawyer to prove your property's innocence.
If your lawyer loses (or if you can't afford a lawyer), you lose your
stuff, and the cops get to keep it or sell it and keep the money as an
off-the-books black budget. Cops love this money - it lets them buy
military surveillance gear.
https://revealnews.org/article/chicago-and-los-angeles-have-used-dirt-box-surveillance-for-a-decade/
But not just that: one sheriff stole $70k from his townspeople and used
the money to buy a muscle car that he only drove to and from work.
https://www.ajc.com/news/local-govt--politics/feds-want-reimbursement-for-gwinnett-sheriff-70k-muscle-car/zkOidGb5oRfCHGO5RlZGsL/
City attorneys have worked with cops in the past to draw up "wish lists"
of stuff they'd like to steal. The cops then nose around the owners of
that stuff, looking for a pretence to seize it.
https://www.nytimes.com/2014/11/10/us/police-use-department-wish-list-when-deciding-which-assets-to-seize.html
Indeed, police departments future budgets projected their forfeiture
revenues for years to come, effectively setting a quota for how much
they had to steal from people each year:
https://www.washingtonpost.com/investigations/dc-police-plan-for-future-seizure-proceeds-years-in-advance-in-city-budget-documents/2014/11/15/7025edd2-6b76-11e4-b053-65cea7903f2e_story.html
By 2014, US police were stealing more from the people they were sworn to
protect than all the nation's burglars combined.
https://www.armstrongeconomics.com/international-news/north_america/americas-current-economy/police-civil-asset-forfeitures-exceed-all-burglaries-in-2014/
No wonder that by 2015 Congress ended the program (don't worry, Trump
reinstated and expanded it):
https://www.washingtonpost.com/news/wonk/wp/2015/12/23/the-feds-just-shut-down-a-huge-program-that-lets-cops-take-your-stuff-and-keep-it/
Long after the program was ended, cops insisted that without forfeiture,
they lacked the "incentive" to fight crime:
https://www.greenvilleonline.com/story/news/taken/2019/02/03/sc-civil-forfeiture-police-defend-practice-say-funds-essential-law-enforcement/2746412002/
They predicted that without forfeiture, police budgets would be too
strained to fight crime, while criminals' coffers would swell. That was
the scare-story New Mexico's legislature heard in 2015 when the state
ended civil forfeiture.
https://www.propublica.org/article/police-say-seizing-property-without-trial-helps-keep-crime-down-a-new-study-shows-theyre-wrong
Five years later, the verdict is in, and the cops' predictions were
wrong. A new report from The Institute for Justice shows that NM
experienced no rise in crime, no drop in arrests, and "arrest/offense
rates consistent with trends in two neighboring states, CO and TX."
https://ij.org/report/policing-for-profit-3/
The study shows that far from being an instrument to return stolen goods
or make restitution to crime victims, forfeiture is a way to fatten
police budgets and personally enrich police officials. The seizures are
mostly small-dollar amounts (not drug dealer money).
The larger seizures tell an even worse story: they include numerous
instances in which a family home was seized because an underage offender
sold small quantities of drugs from the premises - leaving families to
spend fortunes defending their homes, often unsuccessfully.
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🥵 EU competition rules have real teeth
Back in September, we got a glimpse of upcoming EU tech competition
rules, courtesy of a leak from the European Commission; they set out an
ambitious set of rules on mergers, self-dealing, surveillance, and
interoperability.
https://pluralistic.net/2020/09/30/death-to-all-monopoly/#whither-structural-separation
The proposal wasn't perfect, but it was still exciting and encouraging,
especially the interoperability proposals. Interop, after all, is the
judo that every one of today's tech giants used to beat the companies
that came before them.
https://www.eff.org/deeplinks/2019/07/samba-versus-smb-adversarial-interoperability-judo-network-effects
Today, the Commission published the first public draft of its rules
(these need to get through the EU Parliament and the Council of national
governments):
https://ec.europa.eu/info/strategy/priorities-2019-2024/europe-fit-digital-age/digital-markets-act-ensuring-fair-and-open-digital-markets_en
The Digital Markets Act and its companion, the Digital Services Act, are
the first major update to EU e-commerce rules in nearly two decades. A
LOT has changed since the E-Commerce Directive!
For a quick overview, I recommend my EFF colleagues Christoph Schmon and
Karen Gullo's analysis:
https://www.eff.org/deeplinks/2020/12/european-commissions-proposed-regulations-require-platforms-let-users-appeal
The good news: the proposal requires due process for content removal -
not a system where filters remove your content in an eyeblink and then
you spend months or years in autoresponder hell trying to get it back up.
It doesn't require giant companies to police their users' speech, a rule
that has led to mass-scale censorship, especially targeted against
marginalized people who lack the platform and resources to complain when
they get blocked.
It includes *very* steep penalties for companies that don't comply (up
to 6% of annual global revenue), and a means to reach beyond EU borders
to sanction companies that do business in the EU - both measures are
powerful and potentially dangerous, and both need more specifics.
One disappointment: the interoperability measures have been weakened
since September's leaks, though Article 6 of the Digital Markets Act is
still a strict and far-reaching set of pro-competition rules with some
look-in for interop.
Here's some A6 highlights, rules for the largest tech companies
("gatekeeper companies"):
* A ban on combining platform data with data from third parties and on
automatically logging users from one service on a platform to other ones
* A requirement to let businesses on the platform offer services and
pricing that directly competes with the platform owner
* A requirement to let businesses on the platform do subscription and
payment with users on their own terms, without having to use the platform
* A ban on blocking businesses on the platform from complaining about
abuses to regulators
* A ban on requiring that businesses on the platform use the platform's
single sign-on method
* A ban on requiring businesses on the platform from using unrelated
platform services
* A requirement on platforms to reveal how their ad services work,
exposing how much advertisers paid and how much publishers received for ads
This is a solid starting point but there will be a lot of work in the
years to come in the Parliament and Council.
Here's the Commission's press-release on the Acts:
https://ec.europa.eu/commission/presscorner/detail/en/ip_20_2347
and here's its plain-language(ish) explainer:
https://ec.europa.eu/info/strategy/priorities-2019-2024/europe-fit-digital-age/digital-markets-act-ensuring-fair-and-open-digital-markets_en
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🥵 Blockchain voting is bullshit
The 2020 US elections were a reality check for how fragile the
legitimacy of elections really is. This is something that paper ballot
advocates have been beating the drum on for decades, even before Bush v
Gore.
In much of the world, elections are carried out by voters hand-marking
paper ballots that they place in ballot boxes whose chain of custody and
tallying are observed by representatives from political parties. This
works in rural, urban, dense and remote places.
The US, however, has a bizarre love-affair with glitchy and poorly
secured voting machines, despite the fact a) we shouldn't use voting
machines *at all*, and b) we *really* shouldn't use *these* voting machines.
https://media.defcon.org/DEF%20CON%2027/voting-village-report-defcon27.pdf
The manufactured controversy over Dominion is only possible because all
voting machines are flaming garbage piles. Yes, there's no Dominion hack
that would have changed the outcome, but the deserved disrepute of the
whole sector is the only reason we're talking about it.
In a move that's totally on-brand for 2020, cryptocurrency advocates are
now promoting the idea that rather than moving to hand-marked paper
ballots, we should just put it all on the blockchain. This is a terrible
idea.
As Matt Blaze says:
* It doesn't solve any problems civil elections actually have.
* It's basically incompatible with "software independence", considered
an essential property
* It can make ballot secrecy difficult or impossible.
https://twitter.com/mattblaze/status/1034486679925678080?lang=en
If that's too terse for you, try this MIT paper on the inability of
blockchain to make voting more secure (co-authored by Ron Rivest, the
"R" in RSA): "Going from Bad to Worse: From Internet Voting to
Blockchain Voting."
https://people.csail.mit.edu/rivest/pubs/PSNR20.pdf
They recap the five criteria for an "evidence-based election":
I. Ballot secrecy
II. Software independence
III. Voter-verifiable ballots
IV. Contestability
V. Auditability
From there, they discuss how blockchain either fails to satisfy these
requirements or actually worsens the problems of existing touchscreen
and internet voting systems.
One thing to understand about internet-based voting is that it is
subject to attacks that are both *scalable* (one attacker can change a
*lot* of votes) and *undetectable* (you can't be sure if the attack has
taken place).
This is true of all internet-based voting, including blockchain voting.
Attackers can compromise users' devices, vote tallying software, "or any
other systems that the device relies upon to cast the vote."
There have been numerous theoretical attempts to address this in
internet voting, like zero-knowledge systems and coercion resistance -
but all of these are complex, with extensive attack surfaces, and all
rely on users' devices not being compromised.
Blockchain voting introduces new problems over the baseline problems of
all internet voting systems: the fact that a lost key means a lost vote,
for example. And permissioned blockchains just make the problem worse,
by making it harder for voters to validate their votes.
The authors point out that all existing blockchain-based voting systems
do not require ballot secrecy, an ironclad requirement of electoral
voting, and that nonsecret voting challenges are completely different to
those in a secret ballot.
But in case you're not convinced by all of that, the authors finish the
paper with an appendix of questions that any blockchain-based electoral
voting system should be able to answer. It's a good check against the
wishful thinking of internet *or* blockchain voting.
Right after last month's elections, a number of smart people who aren't
technologists said, "This uncertainty and chaos is unacceptable! We have
to put all of this on the internet!" They were and are very, very wrong
(sorry, my dudes).
The US voting system is a clusterfuck *because* of technology. The way
to fix it is to replace all that tech with paper, pencils, and
scrutineers - not to add more tech. As we say in computing circles,
"Then you'd have *two* problems."
Everything you've heard about internet voting is BS. It doesn't increase
turnout (not even in Estonia). It doesn't increase reliability. It
doesn't reduce chaos. It is a quagmire that no democracy can afford to
get lost in.
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🥵 This day in history
#15yrsago HOWTO make a DRM CD
https://freedom-to-tinker.com/2005/12/15/make-your-own-copy-protected-cd-passive-protection/
#10yrsago DanKam: mobile app to correct color blindness
https://dankaminsky.com/2010/12/15/dankam/
#10yrsago UBS’s 43-page dress code requires tie-knots that match your
facial morphology
https://www.wsj.com/articles/SB10001424052748704694004576019783931381042
#5yrsago Sometimes, starting the Y-axis at zero is the BEST way to lie
with statistics https://waxy.org/2015/12/lying_with_a_zero_axis/
#5yrsago Do Androids Dream of Electric Victim-Blamers?
https://neverbeenmad.tumblr.com/post/134528463529/voight-kampff-empathy-test-2015
#5yrsago Neil Gaiman reads “A Christmas Carol”
https://www.nypl.org/blog/2014/12/19/podcast-neil-gaiman-christmas
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🥵 Colophon
Today's top sources: Bruce Schneier (schneier.com/), Naked Capitalism
(https://www.nakedcapitalism.com/).
Currently writing: My next novel, "The Lost Cause," a post-GND novel
about truth and reconciliation. Yesterday's progress: 539 words (93636
total).
Currently reading: The City We Became, NK Jemisin
Latest podcast: Someone Comes to Town, Someone Leaves Town (part 26)
https://craphound.com/news/2020/12/14/someone-comes-to-town-someone-leaves-town-part-26/
Upcoming appearances:
* Colloquium on Information Security, Dec 14
https://www.eventbrite.co.uk/e/the-31st-hphpe-virtual-colloquium-on-information-security-tickets-128859336745
* Keynote, NISO Plus, Feb 22-25,
https://niso.plus/cory-doctorow-to-keynote-at-niso-plus-2021/
Recent appearances:
* Worldshapers
https://theworldshapers.com/2020/12/06/episode-72-cory-doctorow/
* A More Competitive Web (Techdirt Podcast):
https://www.techdirt.com/articles/20201201/10183045801/techdirt-podcast-episode-264-more-competitive-web-with-cory-doctorow-daphne-keller.shtml
* Big Tech Podcast:
https://www.cigionline.org/big-tech/cory-doctorow-true-dangers-surveillance-capitalism
Latest book:
* "Attack Surface": The third Little Brother novel, a standalone
technothriller for adults. The *Washington Post* called it "a political
cyberthriller, vigorous, bold and savvy about the limits of revolution
and resistance." Order signed, personalized copies from Dark Delicacies
https://www.darkdel.com/store/p1840/Available_Now%3A_Attack_Surface.html
* "How to Destroy Surveillance Capitalism": an anti-monopoly pamphlet
analyzing the true harms of surveillance capitalism and proposing a
solution.
https://onezero.medium.com/how-to-destroy-surveillance-capitalism-8135e6744d59
* "Little Brother/Homeland": A reissue omnibus edition with a new
introduction by Edward Snowden:
https://us.macmillan.com/books/9781250774583; personalized/signed copies
here:
https://www.darkdel.com/store/p1750/July%3A__Little_Brother_%26_Homeland.html
* "Poesy the Monster Slayer" a picture book about monsters, bedtime,
gender, and kicking ass. Order here:
https://us.macmillan.com/books/9781626723627. Get a personalized, signed
copy here:
https://www.darkdel.com/store/p1562/_Poesy_the_Monster_Slayer.html.
This work licensed under a Creative Commons Attribution 4.0 license.
That means you can use it any way you like, including commercially,
provided that you attribute it to me, Cory Doctorow, and include a link
to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are
included either under a limitation or exception to copyright, or on the
basis of a separate license. Please exercise caution.
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🥵 How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Pluralistic.net
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
https://mamot.fr/web/accounts/303320
Twitter (mass-scale, unrestricted, third-party surveillance and
advertising):
https://twitter.com/doctorow
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
*When life gives you SARS, you make sarsaparilla* -Joey "Accordion Guy"
DeVilla
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://mail.flarn.com/pipermail/plura-list/attachments/20201215/00136127/attachment.sig>
More information about the Plura-list
mailing list