Singularity U Hub piece: Regs on Tech and why
The world’s first stop sign appeared in Michigan around 1915, decades after the first privately owned passenger car came into being. Ever since, laws and regulations have piled up concerning everything from insurance requirements to vehicle safety, road safety, and driver education.
Such is the natural order of things. First come the transformative technologies—in this case, the car—then public debates about safety, ethics, and the need for laws or restrictions. These conversations can continue for years or even decades.
Today, however, the breakneck speed of digital transformation leaves the public and governments behind so quickly that they often never catch up before the next iteration takes hold. The result is unbridled advances in technology that have dazzled the world, bringing benefits but simultaneously trampling some business models, neglecting to always consider what’s best for consumers, and even affecting the outcomes of elections.
And it isn’t just the speed of digital technologies that makes them difficult to regulate. A further complication is that the technologies and platforms are global and at the same time governed by many jurisdictions and polities.
Of greatest urgency are tech issues involving law enforcement and human rights. This year, governments took major steps to address the problems that have arisen in these fields.
On May 25, the European Union introduced laws to protect people’s privacy and rights by launching its General Data Protection Regulation. This legislation applies to all 28 European member states and shifts control of data to customers and away from technology companies who have sold it to the highest bidders. The Europeans are also proposing laws to crack down on the proliferation of libel, hate, fraud, and propaganda across the internet.
Besides these initiatives on privacy, governments are beginning to catch up on security matters in a wired, globalized world.
On March 23, the US signed into law the Clarifying Lawful Overseas Use of Data Act, or Cloud Act. This allows federal law enforcement officials to compel US-based tech companies (via warrant or subpoena) to provide requested data stored on servers regardless of whether the data is stored in the US or on foreign soil.
The Cloud Act came about following law enforcement difficulties the FBI had with obtaining remote data as part of a 2013 drug trafficking investigation involving a US citizen’s emails that were stored in one of Microsoft’s remote servers in Ireland. Microsoft legitimately argued that existing laws did not cover data stored outside the US and the case was to be adjudicated in April before the Supreme Court. But after the Cloud Act became law, the case was withdrawn, and the new law obligates Microsoft and any other tech companies to hand over pertinent data.
Complications could arise when requests for e-evidence contravene the privacy laws of the countries where the servers operate. But the American and European initiatives are aimed at the tech companies themselves, which will behoove them to cooperate or to move their servers to jurisdictions where there they can provide access.
That’s why it is significant that just one month later, in April, the European Commission proposed laws giving its members the power to order companies in their jurisdictions to hand over “e-evidence” they own even if held in remote servers anywhere in the world..
When Is It OK to Violate Privacy?
Another thorny law enforcement issue was dramatically illustrated in 2016, when Apple refused to comply with an FBI request to unlock a terrorist’s cryptographically protected iPhone after a mass murder in San Bernardino. The phone was locked with a four-digit password and was programmed to eliminate all its data after ten failed password attempts.
Apple had promised these special security protections for its customers, and argued in court that this was why it must refuse to write new software to breach them. The matter was never legally resolved, but the phone was hacked into successfully after the government found a third party able and willing to unlock the phone.
This case and others have led to a proposal in the Senate that has sweeping implications for tech companies, the Internet of Things, and cryptocurrencies like Bitcoin. The bill proposes to criminalize the intentional concealing information. There is little doubt that encryption and anonymity can be abused, and in many cases the trail runs cold for police when criminals are able to launder money or engage in other forms of financial terrorism.
This issue casts a long shadow over the use of sensors and cryptocurrencies like Bitcoin.
The regulation of digital currency proposal was tabled in December and hearings followed. Testifying was John Cassara, an anti-money laundering expert and former law enforcement officer. “Trying to follow money when it comes to digital currencies…[is] extremely challenging. Digital currencies are a small fraction of the threat that we face. That’s not going to be the case 5-10 years from now. We’re right at a crossroads,” he said.
Faces in Databases
Another hot-button looming concern is facial recognition technology, which is increasingly being used in law enforcement and even in some workplaces. The latest facial recognition service, sold by Amazon, has recently drawn criticism from the American Civil Liberties Union.
In China, facial recognition software is converging with artificial intelligence—predictive algorithms are applied to anticipate criminal behavior in public places.
Facial recognition firm Cloud Walk is working on an AI system to predict crimes before they happen, giving law enforcement a chance to step in before it’s too late.
The system can identify people even if they’re in a different location wearing different clothing, and it can trace people’s paths across a wide geographic range.
Bill Gates joined the debate about tech and law enforcement in a recent interview, when he warned that tech companies may be “inviting government intervention” by not working closely to adhere to public and government concerns.
Gates alluded to giants like Facebook, Google, and Apple for having an “enthusiasm about making financial transactions anonymous and invisible, and their view that even a clear mass-murdering criminal’s communication should never be available to the government.”
As Gates pointed out, no one can be above the law, and that includes tech giants.
Cars were as novel and exciting an invention in the 18th century as artificial intelligence and the Internet of Things are now—but today’s tech is proving harder for regulators to keep a handle on. As technology continues to infuse our lives, the race to make sure it’s as safe and fair as possible will continue.
First published Singularity Hub June 6, 2018