Turing Lecture 2015: The Internet Paradox

Following a move, I’m no longer close enough to London to easily attend the BCS and IET’s prestige Turing lecture in person. So this year, for the first time, I will be attending online.

Robert Pepper is VP Global Technology Policy at Cisco. His topic: The Internet Paradox: How bottom-up beat(s) command and control. The publicity promises “a lively discussion on how the dynamics of technology policy and largely obscure decisions significantly shaped the Internet as the bottom-up driver of innovation we know today … Dr. Pepper will cover the next market transition to the Internet of Everything and the interplay between policy and technology and highlighting early indicators of what the future may hold for the Internet.

I’m expecting a good objective discussion. As I learned many years ago, listening to Peter Cochrane when he was head of BT’s research centre, those who provide technical infrastructure don’t have a reason to hype up the different services which will run on it. Quite the opposite: they need to assess investment to satisfy demand, but not exceed it. Let’s see what we see. I’ll update this blog as we go, and probably abbreviate it tomorrow.

Starting on time: Liz Bacon, BCS President, is on stage. An unexpected extra: Daniel Turing, Alan Turing’s nephew, is introducing the Turing Trust with a mention of The Imitation Game, the Turing film, and of The BCS’s role in rebuilding Turing’s codebreaking machine (“the bomb”). The Trust recycles first-used computers to less well off countries. In our move last year, I passed quite a lot of old equipment to Recycle-IT who ethically re-use or dispose of un-reusable kit.

Now the main speaker (bio online). He describes himself as a “recovering regulator”; regulation is the intersection of policy and technology. Big iron to nano-compute, and we haven’t even seen the Apple Watch yet! This (and the cost/power changes) drives decentralisation of computing. Alongside, 1969: 4 “internet” locations (packet switched) on the west coast. By 1973, extended outside continental USA (London, Hawaii). 1993: global.

1994-5 the US Government outsourced (privatised) the network. NSF had been created. Restrictions were dropped to permit commercial use; and other governance was created. In the diagram, the biggest nodes (most traffic) are Google and Facebook; but China is coming up fast!

An alternative view: in stages. 1: connectivity (email, search). 2: networked economy; 3, Immersive. 99% of the world, though, is still unconnected. 1000 devices with IP addresses in 1984; forecast 20 bn by 2020. 50bn if you include non-IP such as RFID chips. Internet of Everything will encompass people, processes, data and things. Such as, by 2018, four IP modules on each of 256million connected cars. Such as, sensor clothing for athletes. I have a 1986 news clip from MIT Media Lab about the prototypes for exactly this. The quote was: “Your shoes may know more about you than your doctor does“.

Things create data which, through process, can positively affect people. But only 0.5% of data is being analysed for insights! There’s an example from nutrition. Take a photo of a product in the supermarket, and see if it’s appropriate (for example, no alcohol with your prescription). Or the “Proteus pill” to help with older people’s medication, which the FDA has already approved. Or the Uber cab app.

So that’s the technology. Now, on to policy and governance.

Internet governance developed bottom-up and is not centralised; it’s a multi-stakeholder global ecosystem of private, governments (lots of them!) and intergovernmental, providers, researchers, academics and others. There’s a diagram of those actually involved, which will be quite useful when I can retrieve it readably. First RFC was from ARPAnet in 1969. The first IETF met in 1986. ITU’s World Conference in 2012 saw proposals from some member states to regulate the Internet, and these were rejected. In 2014 the (US Dept of Commerce) proposal is to transition IANA to become a multi-stakeholder global body, so that the US finally cedes control of the network it inaugurated.

Now: as many of us know, the international standards process we currently have is done by consensus and can take years. Contrariwise, the IETF works by “Rough consensus and run code” (everlasting beta). Much faster. Based on RFCs that come in, and with a combination of online and face-to-face meetings. There are NO VOTES (Quakerism works in a similar way); “rough consensus” in IETF is assessed by hum!

Robert shows a slide of a “Technology Hourglass” (citing Steve Deering, 2001; Deering is also a Cisco person. I can’t find the actual reference). IP, at the centre, is in essence the controlling/enabling standard. Above (applications) and below (infrastructure) there can be innovation and differentiation. (My comment: in the same way, both 19th century rolling stock and modern trains can run on today’s network.) The suggestion: it’s a martini glass because at the top there’s a party going on!

There’s no need to ask permission to innovate! This is the Common Law approach: you can do anything that’s not prohibited. The UK has almost 1.5 million people working in this area. They are here because of Common Law: European countries have the reverse (you need permission). The information economy now dominates the previous waves of service, industry and agriculture.

Internet is a General Purpose Technology, like printing and transport and the telephone. Other things are built on it. Increasing broadband provision links to growth: this is not correlational, it is causal. Digital-technology innovation drives GDP growth in mature economies (McKinsey); the impact is on traditional sectors enabled by the digital.

Third: the paradox. There’s decentralisation of compute, to individuals, to nanodevices, and to stakeholders. But right now, governments want to reverse this approach and take control; to re-create silos, have forced localisation of standards, content and devices. This is already the case with some classes of data in some countries.

The issues: (1) extending connectivity to those who are not connected. (2) safety, security and privacy – where there clearly is a role for government, but be clear that these are not just internet issues. Others on a slide about Internet of Everything. Some governments are well-intentioned but not well informed; others, more dangerously, were the reverse. And old-tech assumptions (how you charge for phone service, for example) doesn’t match the new realities; the product is connectivity (not voice).

Swedish study: if you can’t transfer data, you can’t trade (nor have global companies). Localisation of data will impact severely on the global economy. Note: Economist Intelligence Unit looked at some proposals; 90% of the authoritarian regimes voted for new internet regulations on a multilateral basis, 90% of democracies against. Enough! We are at a crossroads where the Net could take either direction, and they are not equal.

Final quote: Neils Bohr. How wonderful we have met with a paradox. Now we have some hope of making progress!

I’m not going to try and capture Q&A. Heading over to Twitter. Watch the webcast; I’ll post the URL in an amendment when it’s up on the IET website.

Has it been an objective discussion? In one sense yes. But in another, Robert Pepper clearly has a passionate belief in the model of governance which he is promoting. What’s been shared is experience, insight and vision. Well worth a review.

Links:
• BCS/IET Turing Lecture 2015 (replay link to be added when available)
Proteus Digital Health including a video on their ingestible sensor
Watching the Waist of the Protocol Hourglass, Steve Deering, seminar 18 Jan 1998 at Carnegie-Mellon University (abstract only)
Turing Trust
Recycle-it (don’t be confused; other organisations with similar names exist on the web)

How complex can it be to open a new savings account ?

We’ve recently gone through the exercise of opening online access saving accounts, looking for online instant access accounts with something more than a derisory rate of interest. The exercise has been instructive and at some times extraordinarily frustrating. Terms and Conditions varied from a couple of pages to around forty. It’s worth sharing a few observations which relate, it seems to me, to pseudo-security and to not thinking from the customer’s perspective.

There was one genuine complication. We have recently moved house. Online identity confirmation uses electoral registers, so we don’t show up: and most providers therefore asked for some form of additional confirmation. I don’t have a problem with that, but some make it easy and some don’t!

I’ll name one provider: Virgin Money. Their online process ran like clockwork, their checks were easily completed, and we were up and running in better than even time. The documentation was brief and a model of clarity. And, since they provide the account with an “ordinary” sort code and account number, the initial deposit could be made easily by the third party who was holding our funds.

It’s a pity the others couldn’t take a leaf out of Virgin’s book.

Most of them asked for paper documentation, which is fair enough: typically a certified copy of a passport and a driving licence would do. Certification, like a passport photo, could be done by pretty much any professional: but our first attempt, asking our own bank to do it, met with a refusal. They will only do it for their own products – not even their own customers. The Post Office will do it, for a fee, which is a good solution if you’re new to an area and haven’t yet acquired a wide circle of professional friends. One provider, linked to a major supermarket (one which is somewhat in the news at the moment) wouldn’t even tell us what documents they would ask for until the account had been opened and the initial deposit made. Some were quite quick to send postal correspondence, others much slower. Access codes of course also arrived in the post: fair enough, I count that as good practice.

Then there’s the “linked account” issue. Many savings providers, especially the ones that aren’t clearing banks, require that you nominate a “linked” bank account which must already exist in your name. Some insist that you sign a direct debit in their favour from this account, so you’re not transferring money to them; they’re claiming it off you and you’re subject to their processes. I guess this may avoid the limit which most banks quite properly put on online transfers.

And the rules vary. Some will only accept deposits from this linked account. Some will only pay out to it. Some will only pay interest into it, and some will only add interest to the deposit. All these arcane rules get in the way of what you actually want to do, which is to deposit a sum of money and earn interest.

Third, one account had persistent problems trying to get through the login sequence using Internet Explorer on Windows 8 – hardly an uncommon platform. Firefox on Mac was fine! For another attempt, we persistently failed to get to the starting gate on the online system at all, even after three separate interactions with their tech helpdesk; guess what, they didn’t get the business.

So don’t ever believe a deposit account which says it only takes half an hour to set up. For a start, do make sure you read the T&Cs, and that you can live with how you will be able to deposit money and get it back (including on account closure). Expect to spend up to an hour reading the T&Cs, and another hour working through the setup process. Expect the security checks, other confirmations and postal correspondence to take at least a week and possibly two.

But here’s the key question. If Virgin can make it quick, easy and efficient – and yet, presumably, secure and compliant – why does any other organisation have to make it so complex and frustrating? IT people: don’t let your organisation swamp your interface work with un-necessary complexity!

Links (just one this week)
• Virgin Money: Instant Access e-Saver. See how simple it is!

LinkedIn in the news (and its hidden resources)

Two media notes from LinkedIn this week: an enterprise which I always take an interest in because, as well as being a user, I visited them in Silicon Valley some years ago.

Through Outsell, which is a media analyst and (among other things) monitors analyst firms, I was connected to an article on VB which covers a LinkedIn tool called Gobblin. It’s been developed to gobble up, and improve LinkedIn’s use of, the wide range of sources which it uses. With many different inputs to reconcile (a task I’ve done bits of, on a much smaller scale, in the past), the development is clearly driven by necessity.

VB calls it “data ingestion software”. The interesting thing is that LinkedIn doesn’t treat these kinds of developments as proprietary. So the announcement explains that the software will be released, available to all kinds of other enterprises with similar needs, under an open-source licence.

Almost the same day, Outsell also flagged a report that LinkedIn is expanding its reach to embrace younger members (high-school students, in US terms) and will provide a specific capability for higher education institutions to promote themselves. This will, of course, increase the data ingestion requirement.

Interestingly, I had to use Google to find LinkedIn’s press release archive; there’s no link to corporate information on the regular user page so far as I can see. And there are no press releases showing at the moment related to either of these news items. However, via Twitter, I found a discussion of Gobblin from analyst GigaOM with, in turn, a link to another “hidden” section of the LinkedIn website: LinkedIn Engineering. That’s the primary source and it has diagrams and a useful discussion of the analysis and absorption of unstructured “big data”. Interesting to me, because I cut my database teeth on text databases when I moved from University computing to enterprise IT.

When I visited LinkedIn, on a Leading Edge Forum study tour, they were still a start-up and it wasn’t clear whether they had a viable business model or met a real need. It was their presentation then which decided me to sign up. Well, a good ten years on the company is still not in profit although revenue, in the last quarterly results, had increased by almost half year-on-year. The business model is still standing, at least.

MLinks:
• LinkedIn
• LinkedIn details Gobblin …, VB News, 25 Nov 2014
• LinkedIn expands for high school students, universities, Monterey Herald Business, 19 Nov 2014
• LinkedIn explains its complex Gobblin big data framework, GigaOM, 26 Nov 2014
• Gobblin’ Big Data With Ease, Lin Qiao (Engineering Manager), LinkedIn Engineering, 25 Nov 2014<
• LinkedIn Announces Third Quarter 2014 Results, LinkedIn press release, 20 Oct 2014
• Look for LinkedIn information here: Press Center; and Engineering

Dark Web: good, bad, or amoral?

Last night I watched BBC’s Horizon programme reviewing the history and impact of what’s become known as the Dark Web. Here seems to be the scenario.

In the beginning, was the Internet. In the early days of the Web I wrote a strategic report for my company which triggered the adoption of web technology and internet email. One of the things I pointed out was that, in the precursors such as newsgroups, no-one was anonymous. Traffic has identifiers or, at least, IP addresses attached to it. People know who you are, and your company’s reputation hinges on your behaviour online. As the Internet of Things expands, the amount of information about individuals that can be analysed out of internet traffic expands exponentially with it.

Governments, particularly the US, recognised the potential for compromising security and the response was TOR (The Onion Router network) which passed traffic through a number of nodes to disguise its origin. The project moved to Open Source and has become widely used in response to the growing levels of surveillance of internet traffic, revealed most notably of course by Edward Snowden. Wikileaks uses TOR to facilitate anonymous contributions: it wasn’t tracking which identified Snowden, or Manning. It has been used extensively in recent events in the Middle East.

So at this point, governments are trying to put the genie back in the bottle: they invented TOR, but they don’t like it being used to hide information from them. Moreover, it is being used for criminal transactions on a substantial scale: and at this point Bitcoin becomes part of the picture, because (unlike conventionally banked money) it too is not inherently traceable.

There’s no firm conclusion drawn in the programme, and surely that’s right. Technology of this kind isn’t inherently good or bad: it is, in the strict sense of the word, amoral. But the uses people make of it, as with almost any technology, are not amoral. And the programme raises strong issues about the balance of privacy and security, both in their widest senses. The sources used are strong and reputable: Oxford University’s Internet Institute; Julia Angwin, an established technology researcher and writer, key individuals in the development of these technologies, Julian Assange of WikiLeaks, and not least Tim Berners-Lee who admits to having been perhaps naive in his early assessment of these issues.

While it’s still on iPlayer, it’s worth a watch.

Links:
• Inside the Dark Web, BBC Horizon, 3 Sep 2014 (available on iPlayer in the UK until 15 Sep)
• Tor Project online, and Wikipedia article
• Oxford Internet Institute
• Julia Angwin

It’s so easy to get drawn in …

A friend recently posted on Facebook an observation that several friends had “Liked” a posting relating to the case of the war veteran who went missing from his Hove care home in order to attend the D-Day celebrations. What concerned my friend wasn’t the underlying story; it was that that the posting in question had been placed by an organisation which is an offshoot of the BNP. No, I’m not going to add to their publicity by naming it, but you can find some discussion by following the Costa Connected link below.

My friend has a strong antipathy to the message of spurious British-ness, not least because of having a marriage partner whose family were recent immigrants – from what used to be referred to with pride as a Commonwealth country. Having lived in east London for over twenty years, and enjoyed the variety and splendour of a multi-cultural society, so do I. But that’s not the point of this post.

The point is one I’ve made before: when one assesses a piece of content, especially online, be careful. Especially especially [read that carefully, it’s not a mistake] if one proposes to share or Like it. It’s important in serious or academic reporting, which is why ITasITis postings always look behind the news reports. Media often do little more than repeat the press release, or they contain unintentional inaccuracies. Go back to the original source, look for other independent reports of the work.

But this highlights that it’s equally important in the easy world of social media.

It’s so easy to Like a Facebook posting, especially now that FB drops a lot of things into your stream that have nothing to do with your friends. It’s easy to re-tweet something without really looking. But the organisation that made the initial post, in this case, gets to count those Likes and give itself an air of unwanted respectability.

Oh and incidentally: the media reports were way over hyped. It was made out that Bernard Jordan had had to “escape” from his care home. Yes, there are people who are diagnosed as EMI (Elderly and Mentally Incompetent) who have to be protected by not being told the code for the door to the outside world. But not in this case. What actually went on was that Mr Jordan was too late to join any of the organised travel parties. So he decided to make his own way. He simply forgot to tell the home he was going and, quite rightly, they got worried when they realised he’d disappeared. Thanks to media (social and conventional) he was quickly located, but there was no suggestion that he wasn’t then safe. BBC reporting, especially locally here, was more balanced: see the links. Escapade, yes: escape, no. Another case of going behind the high-profile headlines.

But to return to the main theme: Look carefully at what you’re Liking, and equally carefully at who.

Links:
• What It Really Means When You Like or Share Content from [name deleted], Costa Connected, 7 Jun 2014 (thanks to my Facebook friend for this link)
• Disappeared D-Day veteran back in UK, BBC News, 7 Jun 2014, featuring an interview with the Chief Exec of the care home
• Bernard Jordan: City honour for veteran’s ‘heroic escapade’, BBC News Sussex, 10 Jun 2014

Privacy is a three-way relationship … or is it four+?

I’ve been reading, and I recommend, Eben Moglen’s two-part essay in The Guardian about Edward Snowden. Not the first comment but probably one of the most extensive and authoritative. Moglen is professor of law and legal history at Columbia University, and is the founder and leader of the Software Freedom Law Center (SFLC). He’s entitled to say “I told you so” since his Guardian bio lists an earlier article for the paper some three years ago. The SFLC itself is approaching its tenth birthday; it was founded by Moglen and others in February 2005.

This extended essay covers three full pages in each of two days’ papers so it’s not short reading. The consensus among those who broadly support Snowden’s action is that he has revealed a security industry operating beyond democratic control and subverting the very nature of democratic government. It exposes a supposed elite group who believe that the population at large is, or shelters, “the enemy” (terrorists is the current hate-word) and therefore, in a world where universal surveillance and analysis is possible, such surveillance is to be fully deployed. It’s a bit like The Section in Stieg Larsson’s Millennium trilogy, but at a much higher level and operating with the full power of the subverted state.

And it’s not just the American NSA, though that’s Snowden’s origin. It’s not even just the major western allies of the US. China takes the same attitude: and though politically on the opposite side to the US, on this issue it lines up behind the same attitudes.

Moglen makes a powerful point which ought to be obvious but isn’t. Privacy is not a two-way relationship (between me and Facebook, or me and Gmail, or me and Twitter, or whoever).

If I send or receive email via Google (as an example only, but they are probably the biggest) then the person to whom I send, or from whom I receive mail also falls within Google’s all-encompassing range. They have not signed an agreement with Google, but Google knows about them. Facebook knows who I post to, whose postings I read, which non-friends I look up from time to time. Twitter knows … and so on. What does WordPress know about this blog and you, my readers?

Which is ok so far as these and other providers are trustable. But Snowden avers that, with or without their consent, they are not.

There is much more analysis in the article, but let’s stick just to this one point. The privacy relationship inherent in email is at least three way: myself, my service provider and my correspondent. But there is no relationship of explicit trust or consent between my correspondent and my provider.

Moglen asserts that we have been diverted into believing that privacy is a two way relationship. It’s not.

And of course where governments step in, either by court order or by extra-legal surveillance, this relationship becomes at least four way with the fourth partner, in all probability, unrecognised and unknown.

As a lawyer, Moglen analyses two broad threads to bring the situation under control.

First: user action. This does include community development of encryption software, for example, to which governments have not either sub-poena’d or stolen the keys, or built-in back doors. But it also include major commercial interests: the security (privacy) of their online commercial transactions is a fig-leaf. They must have people who realise this; it’s been pointed out often enough in the press. But it will probably take a disaster to galvanise enough pressure to force action.

Second: legal action. The US, in particular, is prone to expensive litigation and extensive damages settlements. Let’s open up one or two of these based on breach of trust. I hope I’m not misrepresenting Moglen’s argument here, but certainly he – as a lawyer – sees scope for lawyerly involvement.

I’ve scratched the surface. If these are issues that concern you, read Moglen’s essay in the Guardian online. Then go, as I myself have not yet done, to Moglen’s own SFLC archive where the longer version is held: four presentations given last autumn at Columbia and given their own URL. Read and think and, if you’re in a position to do so, act.

And yes, this blog post will be flagged on both Facebook and Twitter …

Links:
• Privacy under attack: the NSA files revealed new threats to democracy, Guardian, 27 May 2014
• Eben Moglen: Guardian contributor bio, with links to the 2011 article<
• Snowden and the Future, Eben Moglen, Columbia, Oct-Dec 2013
• Software Freedom Law Center
• Stieg Larsson’s Millennium trilogy (Wikipedia)

Lego as social media

Yes you did read that correctly.

I caught up, a day or two ago, on a programme put out on the BBC Culture Show on 4th March about Lego.

The programme comments on the characteristics of Lego. It charts its evolution from a very simple kit of highly standard basic blocks. Today’s typical box contains the parts for a specific model, which are no way generic: many of the individual parts are of use for that model and that one only.

But what caught my attention towards the end of the programme was the description of how Lego has been used to enable communities to contribute to their own architectural evolution.

Bjarke Ingels, a contemporary leading architect, has used Lego to design architecture from a standard kit of parts: but far more imaginatively than the square tower blocks of the 1960s.

More striking still was Icelandic artist Olafur Eliasson whose Collectivity project took three tonnes of Lego to the citizens of Tirana, Albania in 2005. The bricks were just dumped in a heap in the town square and, within a short time, groups of people were creating, building, and re-imagining their city. The Lego acted as a medium through which they could express their ideas – not individually, but together. Not mentioned in the programme is that this is one of a range of similar projects; I’ve found others in Oslo (2011) and Copenhagen (2008).

At the end of the programme, there’s a move into actual social media and a look at Minecraft which, if you haven’t heard of it (I hadn’t!) is a cult computer game. Minecraft may be set to transform the cities of the future: like Tirana’s Lego, but in the virtual online world. It’s worth a look at the video on Minecraft’s home page. As Minecraft’s website says: “At first, people built structures to protect against nocturnal monsters, but as the game grew players worked together to create wonderful, imaginative things”.

Isn’t that what our social media, at their best, aim to do? Not for people to create individually, for their own gratification, but to share and create together. And like early Lego, the best social platforms are the ones which offer a simple kit of parts from which sophisticated collaborative spaces can be created.

Links:
• Lego – The Building Blocks of Architecture: BBC, 4 Mar 2014. The programme itself is not available here; this is just a short outline. It is available on YouTube: I don’t know if this is a legit copy!
• Lego Towers project from the Bjarke Ingels Group (BIG), which showcases many projects on its website. Ingels comes into the programme about 15 minutes in.
• Collectivity Project from Olafur Eliasson. The Tirana project is covered in the programme from about 19 minutes.
The Collectivity Project (Olafur Eliasson), OpenIDEO (contribution by Anne Kjaer Riechert), 17 Nov 2011.
• Olafur Eliasson’s LEGO for public tower building 2008
, YouTube, 13 Oct 2008 (Copenhagen: linked from a comment to the OpenIDEO posting)
• Minecraft