Banning TikTok Will Blow Up in US Politicians’ Faces

Leaving aside the various reasons why Trump would want to ban TikTok, which are almost entirely self serving, we need to take a step back and look at how banning an app from China could negatively impact US companies and if that’s a good thing or a bad thing.

First, TikTok is a short video app that allows people to make both simple and sophisticated videos. Some are edited to present an entire scene others are just short videos of live action. They can be used for political commentary or just for humor. This isn’t the first App like this, Vine was the original TikTok and was widely popular, but Twitter was unable to monetize it, so they shut it down. Instagram has Instagram Live, Facebook has an app like this too.

However, the big difference between those apps and TikTok is that TikTok may have influenced the Tulsa rally and made Tump look back. The OTHER difference is that it’s owned by a Chinese company. There some fears that this means it will be used by China to collect information on American citizens and shared with the Chinese Government to do something back to our citizens. There’s “fear” that TikTok will influence the election in some fashion and will be, ultimately, influenced by the Chinese government.

To be clear, just about every social media company has to share information with their government. There’s currently an ongoing law suit in the EU about US social media companies and if they properly shield EU data. With that ruling, there are serious question if social media companies can send any data back to the US, since the US government routinely gets access to the data. That the US Government is a huge problem when it comes to social media companies.

Given that the US is looking to ban TikTok for something very much like what the EU just ruled that the US is doing, should give lawmakers pause before banning any other country’s social media platforms. If the US does something like this unilaterally, without going through any third party organization, like the WTO, then other countries may take that the opportunity to do the same for any company from a country they don’t like. If it’s good enough for the US, it’s good enough for us!

Furthermore, this flies in the face of the Neo-liberal economic framework the conservative movement in the US purports to support. Rather than government regulation, they should be pushing for Facebook, Twitter, and other platforms, to compete against TikTok and defeat it in the market place. Given that they are instead resorting to regulations, indicates the fact that they are being opportunist here and simply doing this for political reasons. As it is something of a political platform for young people.

Additionally, since there are at least two known cases of Facebook actually influencing elections through external meddling, the US 2016 election and Brexit vote, it is likely that Facebook represents more of a threat to any given government than TikTok. Though, all platforms can be turned into a disinformation platform if enough actors decide it should be turned into a disinformation platform.

It should be viewed as likely that other governments would move to ban US based social media companies and services, like Google and Amazon because of their closeness with the US government. Amazon provides an AWS platform for the CIA and other three letter organizations.

Of course, this might all be moot, because it’s not obvious that the US government can even ban TikTok, as it IS such a huge platform for free speech. Regardless, keep an eye out for other countries taking a lead from the US government after TikTok is banned. It is likely that dictatorships will leap at this chance.

We should not ban TikTok. We should create laws and a framework that requires businesses to strongly protect user data on any social media platform regardless of if it is US based or foreign. We should expect to see more innovation from othe countries over the next few years and that Facebook, Amazon, Google, Twitter, and Microsoft will all experience strong competition.

Big Data is Coming to Get You

Big data is what high tech companies are calling collecting massive amounts of data about their users. For Google, this includes all the trips you’ve taken, the places you’ve driven, where you’ve driven, your email (if you use Gmail), your searches, Google Now preferences, articles you’e posted to Google+, your pictures, and the list goes on. The idea is to use algorithms to mine this data for useful tidbits about user habits so products and services can be recommended just as you need it. These data can tell companies a great deal about the user including who their friends are.

However, what isn’t clear is who owns the data. Companies assume they own the data, which because you agreed to their terms of service, is true, even though you didn’t read them. However, with the recent re-categorization of fitness apps and trackers at medical devices a wrench has been thrown in the works. Data associated with Medical Devices is typically assumed to be Personal Health Information, which is protected under HIPAA. Which means that companies can’t really sell them AND that you are able to control what happens with the data. It’s the reason why doctors are required to share information with other healthcare professionals.

I believe that this is just the first step towards making our data more portable. In Europe you can already request a transcript of all the data Facebook collects of you, however they do not say you have control over what FB does with that data. Obama, is pushing to help increase privacy of personal information, but will only work if the companies feel like they have a stake or a penalty if they do not adequately protect data. Whenever they are an effective monopoly such as Apple or Google is of your data (through lock-in effects) their incentives to fully respective privacy is reduced because of the cost of switching to another monopoly.

Privacy and Public Places

Privacy is a tricky thing, there’s privacy of your home, expectations of privacy around mail, privacy related to digital devices, privacy in your car, and privacy in even more public places – each one of them we have different understood or assumed levels of privacy. These maybe different from person to person, but generally we assume in certain places that we’re pretty safe from being eavesdropped on. Furthermore, even though we often talk or talk on our phones in public we expect them to be relatively safe from being overheard, because most people simply don’t care about what we’re saying.

In the public there are some clear rules about what is free for police to inspect and what is not public. For example a police officer can listen to your conversations if they have the right equipment. It is possible for the police to photograph you as well whenever you’re walking around in public. Another place that is mostly a public place is actually your car. If anything is clearly visible on the seats through the windows it’s considered public. However, if something would be in your trunk or glove box the police officer cannot search it unless you give them permission, they have probable cause, or they have some sort of a warrant.

Recently the police and FBI have been using something called a “sting ray” which is effectively a middle man attack between your cell phone and the cell phone provider. The FBI believe, according to recent filings, that a stingray is something that they should be able to use in public without requiring a warrant. They argue that since the person on the cell phone is speaking in public they should have no expectation of privacy.

I think that this raises a lot of concerns. First, even if the sting ray is deployed in a “public” place there are definitely places that you can expect privacy. For instance if you live above a series of bars the bulk of the people that would be hit by the sting ray would likely be in a public place. Even areas that are mostly park still have areas that are private or might even be residential. For this to be even close to realistic the FBI would have to 100% certain that ever person possibly impacted this is in a public place.

Personally, I don’t think that this argument will fly. I believe that this is very similar in terms of technology used and methodology as GPS trackers on cars or more similarly is the GPS information from cell phones. Even if you are using a third party application or technology you still have the expectation of privacy. I believe that this should hold in this instance as well. You’re expecting your communication to be secure between your phone and the cell phone provider without anyone listening in.

I seriously hope that the FBI loses this, because I find the fact that using a technology like this to intercept my cell phone calls from going to the cell provider to be terrifying and if a similar technology was used by any one other than the authorities, they would be on charges for computer fraud and likely put in jail for a very very long time.

Uber might be crashing back to Earth

Last Friday Uber decided to start operating in Portland. I know, it’s a little surprising that Uber or any of the other rideshare Taxi apps aren’t already in the city. Portland had told Uber they could not operate in the city, but Uber decided to thumb their nose at that similarly to what they have done in other cities. Even though Uber was recently valued at $40 Billion they have had some serious issues lately, like rape of a woman in Delhi while illegally operating in the city. Furthermore, as I mentioned in my last article, they have smeared women journalists with the data Uber collects.

Portland has decided to sue Uber over their illegal operation within the city. The city is following Nevada in suing the company rather than trying to fine their drivers. Uber has since ceased operations in the state due to an injunction against the company operating in the state. This appears to be the only route that will work effectively as Uber is still operating in Delhi despite the citywide ban of the service. Uber has also been banned in Spain, Thailand, and parts of the Netherlands. I think the biggest blow, however, is the fact that both San Francisco and LA are suing the company for false advertising related to their fees and background check.

These responses should not come as much of a surprise to anyone that has been watching the company over the past few years. The company is part of the Silicon Valley culture of going fast and trying to break things. The problem is that, incumbents are incumbents for a reason and they do have the ear of government. It’s not to say that they should be incumbents or that it makes them something worthy of respect, but you need to understand the cards are stacked against you. In cases where you want to go in and intentionally ruffle feathers, you must have strong safe guards in place to protect your customers and be public about how you protect them. Uber should welcome background check audits, privacy audits, and driver safety audits whenever they go into a new market. These should all be huge features that they brag about and let people under the hood to actually see.

I think it’s time that companies like Uber start treating our data as if it’s Personal Health Information, which is protected by Health Information Portability and Accountability Act (aka that HIPAA agreement you sign at the doctors’ office). The default is to not share personal information about a patient, that if someone is caught looking at the data without just cause, it typically results in a firing and a fine for the organization. Similar action must be taken at Uber to show they are a steward of our data. Now the government won’t be taking that money, but instead they should be donating the funds to a good cause at a similar rate to a HIPAA violation.

In some respect Uber is exhibiting the effects of a company that is growing too large too fast without designing processes to enable their business activities properly. For Uber to be a successful long term company they need to figure out how to both appease city governments through over protecting their users and breaking existing rules. If the company can be trusted then governments will be more willing to accept pushing boundaries.

FBI double downing on encryption horrors

Last week I wrote about how the Washington Post was being irresponsible by arguing that phone encryption was a greater risk than a benefit for citizens. Because the BAD GUYS or evil people would take advantage of it. Only a few days ago the director of the FBI doubled down on these statements saying that “phone encryption will take us to a very dark place.” Furthermore, the scare mongering examples he provides, cell phone data provided no help nor would have encryption been any sort of hindrance in the investigation.

Phone encryption will more likely force governments and the police to actually get warrants to search phones. As with Passwords courts can order a suspect to hand over encryption keys, in cases where the police don’t have enough evidence to earn a court order they are expected to crack it on their own with their own computer experts. This will likely lead to something of an arms race between police and encryption writers, but that’s already been happening for years.

I think that this is about something bigger than phones though. Once your average computer user has been educated in encryption for phones and loses their fear of encryption, they will likely look into encrypting or expecting their computers to come encrypted. Since phones are fairly easy to hack it makes sense to start with those spaces. However, with the massive amounts of computer leaks at companies lately, it’s likely that Microsoft will begin to encrypt their operating system, eventually consumers will expect it on their personal computers. Laptops and tablets are extremely easy to steal. With encryption it makes the theft a lot less valuable as they have to completely wipe the computer and will be unable to extract any data that might be used for identity theft.

The final end effect might be that users will have true end to end encryption. Which will make it much more difficult for the FBI, CIA, and NSA to spy on ordinary Americans. The end result of phone encryption might actually be that overall Americans have dramatically improved privacy from other Americans, businesses, and governments (not just the American government).

This is why the FBI is terrified.