[Plura-list] At long last, a meaningful step to protect Americans' privacy

Cory Doctorow doctorow at craphound.com
Wed Aug 16 12:39:05 EDT 2023


Read today's issue online at: https://pluralistic.net/2023/08/16/the-second-best-time-is-now/

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

This Saturday (19 Aug), I'm appearing at the San Diego Union-Tribune Festival of Books. I'm on a 2:30PM panel called "Return From Retirement," followed by a signing:

https://www.sandiegouniontribune.com/festivalofbooks

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

I'm kickstarting the audiobook for "The Internet Con: How To Seize the Means of Computation," a Big Tech disassembly manual to disenshittify the web and make a new, good internet to succeed the old, good internet. It's a DRM-free book, which means Audible won't carry it, so this crowdfunder is essential. Back now to get the audio, Verso hardcover and ebook:

http://seizethemeansofcomputation.org

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

Today's links

* At long last, a meaningful step to protect Americans' privacy: The CFPB rejects the learned helplessness of generations of regulators.

* Hey look at this: Delights to delectate.

* This day in history: 2003, 2008, 2013, 2018, 2022

* Colophon: Recent publications, upcoming/recent appearances, current writing projects, current reading

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

🫷🏽 At long last, a meaningful step to protect Americans' privacy

Privacy raises some thorny, subtle and complex issues. It also raises some stupid-simple ones. The American surveillance industry's shell-game is founded on the deliberate confusion of the two, so that the most modest and sensible actions are posed as reductive, simplistic and unworkable.

Two pillars of the American surveillance industry are credit reporting bureaux and data brokers. Both are *unbelievably* sleazy, reckless and dangerous, and neither faces any real accountability, let alone regulation.

Remember Equifax, the company that doxed *every adult in America* and was given a mere wrist-slap, and now continues to assemble nonconsensual dossiers on every one of us, without any material oversight improvements?

https://memex.craphound.com/2019/07/20/equifax-settles-with-ftc-cfpb-states-and-consumer-class-actions-for-700m/

Equifax's competitors are no better. Experian doxed the nation again, in 2021:

https://pluralistic.net/2021/04/30/dox-the-world/#experian

It's hard to overstate how fucking scummy the credit reporting world is. Equifax invented the business in 1899, when, as the Retail Credit Company, it used private spies to track queers, political dissidents and "race mixers" so that banks and merchants could discriminate against them:

https://jacobin.com/2017/09/equifax-retail-credit-company-discrimination-loans

As awful as credit reporting is, the data broker industry makes it look like a paragon of virtue. If you want to target an ad to "Rural and Barely Making It" consumers, the brokers have you covered:

https://pluralistic.net/2021/04/13/public-interest-pharma/#axciom

More than 650,000 of these categories exist, allowing advertisers to target substance abusers, depressed teens, and people on the brink of bankruptcy:

https://themarkup.org/privacy/2023/06/08/from-heavy-purchasers-of-pregnancy-tests-to-the-depression-prone-we-found-650000-ways-advertisers-label-you

These companies follow you everywhere, including to abortion clinics, and sell the data to just about anyone:

https://pluralistic.net/2022/05/07/safegraph-spies-and-lies/#theres-no-i-in-uterus

There are zillions of these data brokers, operating in an unregulated wild west industry. Many of them have been rolled up into tech giants (Oracle owns more than 80 brokers), while others merely do business with ad-tech giants like Google and Meta, who are some of their best customers.

As bad as these two sectors are, they're even worse in combination - the harms data brokers (sloppy, invasive) inflict on us when they supply credit bureaux (consequential, secretive, intransigent) are far worse than the sum of the harms of each.

And now for some good news. The Consumer Finance Protection Bureau, under the leadership of Rohit Chopra, has declared war on this alliance:

https://www.techdirt.com/2023/08/16/cfpb-looks-to-restrict-the-sleazy-link-between-credit-reporting-agencies-and-data-brokers/

They've proposed new rules limiting the trade between brokers and bureaux, under the Fair Credit Reporting Act, putting strict restrictions on the transfer of information between the two:

https://www.cnn.com/2023/08/15/tech/privacy-rules-data-brokers/index.html

As Karl Bode writes for Techdirt, this is long overdue and meaningful. Remember all the handwriting and chest-thumping about Tiktok stealthing Americans' data to the Chinese military? China doesn't need Tiktok to get that data - it can buy it from data-brokers. For *peanuts*.

The CFPB action is part of a muscular style of governance that is characteristic of the best Biden appointees, who are some of the most principled and competent in living memory. These regulators have scoured the legislation that gives them the power to act on behalf of the American people and discovered an *arsenal* of action they can take:

https://pluralistic.net/2022/10/18/administrative-competence/#i-know-stuff

Alas, not all the Biden appointees have the will or the skill to pull this trick off. The corporate Dems' darlings are mired in #LearnedHelplessness, convinced that they can't - or shouldn't - use their prodigious powers to step in to curb corporate power:

https://pluralistic.net/2023/01/10/the-courage-to-govern/#whos-in-charge

And it's true that privacy regulation faces stiff headwinds. Surveillance is a public-private partnership from hell. Cops and spies love to raid the surveillance industries' dossiers, treating them as an off-the-books, warrantless source of unconstitutional personal data on their targets:

https://pluralistic.net/2021/02/16/ring-ring-lapd-calling/#ring

These powerful state actors reliably intervene to hamstring attempts at privacy law, defending the massive profits raked in by data brokers and credit bureaux. These profits, meanwhile, can be mobilized as lobbying dollars that work lawmakers and regulators from the private sector side. Caught in the squeeze between powerful government actors (the true "Deep State") and a cartel of filthy rich private spies, lawmakers and regulators are frozen in place.

Or, at least, they *were*. The CFPB's discovery that it had the power all along to curb commercial surveillance follows on from the FTC's similar realization last summer:

https://pluralistic.net/2022/08/12/regulatory-uncapture/#conscious-uncoupling

I don't want to pretend that all privacy questions can be resolved with simple, bright-line rules. It's not clear who "owns" many classes of private data - does your mother own the fact that she gave birth to you, or do you? What if you disagree about such a disclosure - say, if you want to identify your mother as an abusive parent and she objects?

But there are *so many* stupid-simple privacy questions. Credit bureaux and data-brokers don't inhabit any kind of grey area. They simply *should not exist*. Getting rid of them is a project of years, but it starts with hacking away at their sources of profits, stripping them of defenses so we can finally annihilate them.


_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

🫷🏽 Hey look at this

* mojo dojo casa house https://mcmansionhell.com/post/725564236607176704/mojo-dojo-casa-house

* Teachable Moments Require... Teaching https://billmckibben.substack.com/p/teachable-moments-require-teaching

* Sensor Watch, a replacement board for the legendary Casio F-91W wristwatch https://boingboing.net/2023/08/14/sensor-watch-a-replacement-board-for-the-legendary-casio-f-91w-wristwatch.html

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

🫷🏽 This day in history

#20yrsago Trademark-holders don’t have to be bullies https://web.archive.org/web/20030826225802/http://www.openp2p.com/pub/a/p2p/2003/08/14/trademarks.html

#15yrsago Stop Writing Young Adult Science Fiction https://gizmodo.com/stop-writing-young-adult-science-fiction-5037686

#15yrsago Young Adult Books Will Save Science Fiction https://gizmodo.com/young-adult-books-will-save-science-fiction-5036820

#15yrsago RIAA has to pay $107,951 for court costs in failed suit against disabled single mom https://yro.slashdot.org/story/08/08/15/1145236/riaa-pays-tanya-andersen-107951

#15yrsago Scamorama: book explains how to get into scambaiting as a hobby https://memex.craphound.com/2008/08/15/scamorama-book-explains-how-to-get-into-scambaiting-as-a-hobby/

#10yrsago NSA leaks trigger steep rise in ad/third-party-cookie blocking https://www.adweek.com/performance-marketing/study-nsa-scandal-still-setting-privacy-alarm-bells-among-consumers-151835/

#10yrsago On slagging off other writers’ books https://floggingbabel.blogspot.com/2013/08/on-my-refusal-to-mock-my-brothers-and.html

#10yrsago Decoding NSA doublespeak https://www.eff.org/deeplinks/2013/08/guide-deceptions-word-games-obfuscations-officials-use-mislead-public-about-nsa

#10yrsago Dear airline execs: crowing about new fees and price hikes before your merger makes the DoJ mad https://consumerist.com/2013/08/14/past-statements-about-moneymaking-mergers-returning-to-bite-airline-execs-in-the-behind/

#10yrsago Copyright troll’s lawyer wants record sealed so we won’t make fun of him https://www.techdirt.com/2013/08/14/prenda-lawyer-would-like-future-documents-sealed-because-techdirt-commenters-said-mean-stuff-about-him/

#10yrsago Horse Association must accept clones on registry https://www.reuters.com/article/us-usa-cloning-horses/u-s-horse-association-will-be-ordered-to-allow-clones-on-registry-idUSBRE97C01V20130813
#10yrsago Which Congresscritters want to sell out the America’s laws to offshore copyright giants? https://www.eff.org/deeplinks/2013/08/stop-fast-track

#10yrsago Lavabit’s owner threatened with arrest for shutting down rather than spying on customers https://www.nbcnews.com/news/world/lavabit-com-owner-i-could-be-arrested-resisting-surveillance-order-flna6c10908072

#10yrsago Little Brother inspired Google to encrypt its users’ traffic https://www.youtube.com/watch?v=icQtM64ah3g&t=2808s

#10yrsago Dutch ebook sellers promise to spy on everyone’s reading habits, share them with “anti-piracy” group https://torrentfreak.com/down-torrent-pirates-130813/

#10yrsago WalMart’s trove of decade-old, massive, low-capacity hard-drives https://consumerist.com/2013/08/14/decade-old-hard-drives-launguish-on-walmart-store-shelves-make-us-sad/

#10yrsago Why terrorist bosses are micro-managing dicks https://www.foreignaffairs.com/middle-east/business-habits-highly-effective-terrorists

#10yrsago Audio memoir of original Disney Imagineer, with free sex-and-drugs excerpt! https://memex.craphound.com/2013/08/16/audio-memoir-of-original-disney-imagineer-with-free-sex-and-drugs-excerpt/

#5yrsago 1,000 Googlers sign petition opposing Google’s plan to launch a censored Chinese search engine https://www.nytimes.com/2018/08/16/technology/google-employees-protest-search-censored-china.html

#5yrsago Chicago police data reveals how dirty cops spread corruption like a disease https://theintercept.com/2018/08/16/chicago-police-misconduct-social-network/

#5yrsago Billionaire making a bid for Democratic Florida Governor nomination invested millions in Puerto Rican debt https://theintercept.com/2018/08/16/jeff-greene-florida-puerto-rico-debt/

#5yrsago Excellent advice for new law students https://www.popehat.com/2018/08/16/some-friendly-advice-to-new-law-students/

#5yrsago Award-winning security research reveals a host of never-seen, currently unblockable web-tracking techniques https://wholeftopenthecookiejar.com/static/tpc-paper.pdf

#5yrsago How a civic hacker used open data to halve tickets at Chicago’s most confusing parking spot https://mchap.io/using-foia-data-and-unix-to-halve-major-source-of-parking-tickets.html

#5yrsago Truthful security disclosures should always be legal. Period. https://www.eff.org/deeplinks/2018/08/telling-truth-about-defects-technology-should-never-ever-ever-be-illegal-ever

#5yrsago Talking surveillance, elections, monopolies, and Facebook on the Bots and Ballots podcast https://www.yahoo.com/news/facebook-surveillance-system-sci-fi-author-cory-doctorow-says-090028574.html

#5yrsago Insecure medical equipment protocols let attackers spoof diagnostic information https://www.bleepingcomputer.com/news/security/hackers-can-falsify-patient-vitals/

#5yrsago Majority of young Americans distrust capitalism, embrace socialism https://www.cnbc.com/2018/08/14/fewer-than-half-of-young-americans-are-positive-about-capitalism.html

#5yrsago New Zealand bans most offshore residential real-estate ownership https://money.cnn.com/2018/08/15/investing/new-zealand-property-foreigners/index.html

#1yrago This weekend, I watched a hacker jailbreak a John Deere tractor live on stage https://pluralistic.net/2022/08/15/deere-in-headlights/#doh-a-deere

#1yrago How Democrats could win more elections: Do stuff. Make it timely. Tell people about it. https://pluralistic.net/2022/08/16/do-stuff-talk-about-it/#under-a-bushel

_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_

🫷🏽 Colophon

Today's top sources:

Currently writing:

* A Little Brother short story about DIY insulin PLANNING

* Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. FORTHCOMING TOR BOOKS JAN 2025

* The Bezzle, a Martin Hench noir thriller novel about the prison-tech industry. FORTHCOMING TOR BOOKS FEB 2024

* Vigilant, Little Brother short story about remote invigilation. FORTHCOMING ON TOR.COM

* Moral Hazard, a short story for MIT Tech Review's 12 Tomorrows. FIRST DRAFT COMPLETE, ACCEPTED FOR PUBLICATION

* Spill, a Little Brother short story about pipeline protests. FORTHCOMING ON TOR.COM

Latest podcast: The Internet Con: How to Seize the Means of Computation (audiobook outtake) https://craphound.com/news/2023/08/01/the-internet-con-how-to-seize-the-means-of-computation-audiobook-outtake/

Upcoming appearances:

* San Diego Union Tribune Festival of Books, Aug 19
https://www.sandiegouniontribune.com/festivalofbooks

* Burning Man Center Camp, 1430h, Aug 29
https://playaevents.burningman.org/2023/playa_events/03/

* EFF Awards (San Francisco), Sept 14
https://www.eff.org/awards/effawards/2023

* An Evening with VE Schwab (Des Moines), Oct 2
https://www.thecabinidaho.org/all-events/ve-schwab

* 26th ACM Conference On Computer-Supported Cooperative Work and Social Computing keynote (Minneapolis), Oct 16
https://cscw.acm.org/2023/index.php/keynotes/

Recent appearances:

* New Books Network
https://newbooksnetwork.com/the-internet-con

* Haunted Mansion Ghost Post Panel Live From Midsummer Scream
https://dizneycoasttocoast.libsyn.com/haunted-mansion-ghost-post-panel-live-from-midsummer-scream-disney-podcast-episode-1027

* how big tech makes the internet worse (What's Gonna Happen)
https://www.stitcher.com/show/what-s-gonna-happen/episode/how-big-tech-makes-the-internet-worse-with-cory-doctorow-305645071

Latest books:

* "Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com. Signed copies at Dark Delicacies (US): and Forbidden Planet (UK): https://forbiddenplanet.com/385004-red-team-blues-signed-edition-hardcover/.

* "Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com

* "Attack Surface": The third Little Brother novel, a standalone technothriller for adults. The *Washington Post* called it "a political cyberthriller, vigorous, bold and savvy about the limits of revolution and resistance." Order signed, personalized copies from Dark Delicacies https://www.darkdel.com/store/p1840/Available_Now%3A_Attack_Surface.html

* "How to Destroy Surveillance Capitalism": an anti-monopoly pamphlet analyzing the true harms of surveillance capitalism and proposing a solution. https://onezero.medium.com/how-to-destroy-surveillance-capitalism-8135e6744d59 (print edition: https://bookshop.org/books/how-to-destroy-surveillance-capitalism/9781736205907) (signed copies: https://www.darkdel.com/store/p2024/Available_Now%3A__How_to_Destroy_Surveillance_Capitalism.html)

* "Little Brother/Homeland": A reissue omnibus edition with a new introduction by Edward Snowden: https://us.macmillan.com/books/9781250774583; personalized/signed copies here: https://www.darkdel.com/store/p1750/July%3A__Little_Brother_%26_Homeland.html

* "Poesy the Monster Slayer" a picture book about monsters, bedtime, gender, and kicking ass. Order here: https://us.macmillan.com/books/9781626723627. Get a personalized, signed copy here: https://www.darkdel.com/store/p2682/Corey_Doctorow%3A_Poesy_the_Monster_Slayer_HB.html#/.

Upcoming books:

* The Internet Con: A nonfiction book about interoperability and Big Tech, Verso, September 2023

* The Lost Cause: a post-Green New Deal eco-topian novel about truth and reconciliation with white nationalist militias, Tor Books, November 2023

This work - excluding any serialized fiction - is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/@pluralistic

Medium (no ads, paywalled):

https://doctorow.medium.com/

(Latest Medium column: "Enshitternet: The old, good internet deserves a new, good internet" https://doctorow.medium.com/enshitternet-c1d4252e5c6b)

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xBF3D9110957E5F4C.asc
Type: application/pgp-keys
Size: 4820 bytes
Desc: OpenPGP public key
URL: <http://mail.flarn.com/pipermail/plura-list/attachments/20230816/0eb9dbe4/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://mail.flarn.com/pipermail/plura-list/attachments/20230816/0eb9dbe4/attachment.sig>


More information about the Plura-list mailing list