A library of snippets
xxx
Facebook would never put it this way, but algorithms are meant to erode free will, to relieve humans of the burden of choosing, to nudge them in the right direction.
From Facebook’s war on free will | Technology | The Guardian
Extracted from World Without Mind: The Existential Threat of Big Tech by Franklin Foer
xxx
In retail payments, the introduction of a new faster payments system in September 2018 will provide the necessary infrastructure for full person-to-person and person-to-business connectivity… The HKMA is also currently consulting the banking industry to formulate a framework for the development of Open API.
xxx
Now we all know what the bitcoin blockchain is, don’t we? It’s just one particular version of the general class of blockchains, which share the characteristics that data is stored in blocks and because of some cryptographic jiggery-pokery the blocks are chained together, so that you can’t go back and change the contents of a block without having to then change the contents of every subsequent block. And depending on the consensus protocol that is used, you can’t change the blocks without everyone else agreeing to let you do it. Thus it is, as my former colleague Salome Parulava describes it, “mutable by consensus”.
The reason that this kind of structure is called immutable, even though it is mutable by consensus, is that it is computationally infeasible to go back post-consensus and make a change. Even if you obtain consensus and co-ordinate more than half of the “hashing power” in the case of bitcoin, and could in theory go back to the very first block, change it to send the bitcoins in it to yourself, and then go forward rewriting all of the subsequent blocks, it would take years and years of massive computing power. Someone could, in theory, treat all of the bitcoin transactions from the last checkpoint up until now as the wrong side of a fork. (For all we know, secret mining pools are As my good friend Gideon Greenspan pointed out to me, just because you could see that corrupt agents were rewriting history in this way it doesn’t mean that you could stop them. But it’s not a realistic attack. We can live with the description “immutable” to mean “theoretically mutable but not mutable under any practical circumstances that we can envisage”.
Accenture has been awarded a patent tied to its work on an “editable blockchain.”
From Accenture Awarded Patent for ‘Editable Blockchain’ Tech – CoinDesk
If you had a different kind of blockchain, however, you could design it work in a different way. It could be mutable by consensus, or mutable by a dictator, and it could be mutable in a computationally feasible way. This is what some researchers in the US and Italy put forward in the paper “Redactable Blockchain, or Rewriting History in Bitcoin and Friends” (5th August 2016) describing the idea that has now been patented by the outsourcing company Accenture. In this paper, the researchers (Giuseppe Ateniese, Bernado Magri, Daniele Venturi and Ewerton Andrade) said there are several reasons to prefer an editable blockchain, spanning from the necessity to remove improper content and the possibility to support applications requiring re-writable storage, to “the right to be forgotten” but the patent filing was met with widespread derision on social media, and I can understand why. One of the key reasons for considering a blockchain to implement certain kinds of financial services is that the state of the blockchain, the shared world view, is locked down and the end of each block. If the shared world view can be changed, it wouldn’t be useful for these services any more. Now, I can see why some people might want an accounting system that works this way (see, for example, the case of Kingfisher Airlines in India) but I wouldn’t have thought that society wants accounting systems that work this way at all.
Why would you want a ledger that can be edited either by some group or subgroup of the consensus forming stakeholders or by some central authority? I can think of a few reasons, but none of them make any sense. The New York Times reported on this saying that “some things simply need to be struck from the records”. Records maybe. Ledgers? Never. If a bank makes a mistake — let’s say it accidentally opens a couple of million bogus accounts — then it can’t just go back and scrub the backup tapes and pretend it never happened. David Treat, MD in Accenture’s blockchain practice, said that the work “[focused] on the challenge of how to ‘fix things when they go wrong’”. . This issue was also raised by Richard Lumb, global head of financial services at Accenture, told the Financial Times last year that financial institutions and regulators would need a means to quickly correct errors on the blockchain before using it in securities markets. He gave the example of a “fat finger” trading error, or a trade assigned to the wrong counterparty, but that’s not how you correct errors, by just rubbing out mistakes. These are regulated financial institutions, not the mafia. No-one is going to build a financial services market on top of a mutable blockchain. Since the invention of double-entry bookkeeping, the whole point of keeping a ledger has been that you have a record of all of the credits and debits that contribute to the current world view. Companies do not delete old transactions every few months to save space or provide immunity from prosecution. In fact the law requires them to maintain the transaction records for years.
(Here’s one example: in the UK, the “direct debit guarantee” has no time limit at all, so all records relating to direct debits need to be kept forever. If there is something about this use case that I haven’t understood, I would be genuinely interested to be corrected.)
If I have misunderstood the benefits of this new technology then I apologise and I would genuinely curious to hear about viable use cases.
xxx
A consortium of banks, led by Mizuho Financial Group and Japan Post Bank, has won support from the country’s central bank and financial regulator to launch the J Coin, an electronic currency to pay for goods and transfer money using smartphones.
A better name might have been J-PESA (or perhaps even J-Dex) but no matter. The point is that a couple of weeks ago I gave a speech to a group of payments people saying that why I thought central bank digital currencies were unlikely (because of the impact on commercial banks) and that a central bank digital currency managed by commercial banks was more likely.
(I joked, of course, that we’d done that two decades ago with Mondex.)
xxx
As e-commerce merchants continue to invest in fraud prevention, those efforts cost, on average, 8 percent of their annual revenue, up from 7.6 percent last year, according to a new report… undertaken by Javelin Strategy & Research
From Fraud Prevention Costs Merchants 8% of Annual Revenue: Report – CardNotPresent.com
It’s actually nearer 10% for online-only merchants. This seems unsustainable to me, but remember I don’t understand the dynamics in the retail sector. If a lot of those online-only merchants are (just as an example) adult services then they may consider that losing a tenth of the revenue is perfectly acceptable. Nevertheless, you do have to wonder just how long the cost of fraud can continue to rise, considering that the report also says the merchants are already devoting a fifth of their budgets to fraud prevention.
xxx
“You are lured into giving away all this information,” says Luke Stark, a digital technology sociologist at Dartmouth University. “Apps such as Tinder are taking advantage of a simple emotional phenomenon; we can’t feel data
xxx
There’s a nostalgia around the world “cyberpunk” for me. A quarter of a century ago, I co-wrote an article called “What is cyberspace?” for the “Computer Law and Security Report” (Volume 8, Issue 2, March–April 1992, Pages 74-76) [PDF]. In this article I asked whether it was possible that, much like Arthur C. Clarke’s much vaunted prediction of the communication satellite, the Canadian author William Gibson had produced works which were not so much science fiction as informed predictions?
Gibson had, after all, coined the term “the matrix”, and his books were core to the cyberpunk canon.
The point of the article was to explain the idea of cyberspace to a legal audience (this was before Netscape, the year zero of the modern age, so most lawyers had never been online) and it turned out to be rather popular. I like to think that one of the reasons was the conviction back then that we were exploring the actual future, not some hypothetical future. I can’t remember where the idea of the paper came from, but I do remember that it was the extracts from Gibson’s brilliant writing that so effectively illustrated the key concepts and I still get a thrill from reading them now. We bandy around the word genius all too lightly, but Gibson certainly is one. As my good friend the futurologist Ross Dawson wrote…
It’s worth noting that Gibson has never claimed to predict the future [but he] has an unmatched knack for analyzing trends and behaviors inherent to modern life and extrapolating them into vivid themes that reveal a kind of raw truth about humanity—much of which centers on our relationship with technology.
From Best futurists ever: How William Gibson’s Neuromancer shaped our vision of technology – Ross Dawson.
Vivid is the word. I can still remember the shock of reading Gibson’s “Neuromancer” for the first time. Gibson himself called that novel an “optimistic” view of the near future, since it involves only limited nuclear exchanges between countries. Let’s hope he’s right.
Why was it a shock? Well, since leaving university I’d found myself specialising in secure data communications. I worked on one of the first secure LANs for the UK government, on secure satellite communications for banking, on secure military networks for NATO, that sort of thing. For the first part of my career I was immersed in networking, but I didn’t grok it. I didn’t see what the spreading networks were doing and at that time I’d never heard of McLuhan’s global village. I didn’t have any sort of vision as to what was going on.
Reading Gibson was like lifting a veil from parts of my own brain. It took an artist to give me that vision and a vocabulary to discuss it and enrich it and use it. And what a vocabulary it was! Cyberspace, the Matrix, Black Ice and console jockeys!
My very favourite William Gibson quote, right after “the future is already here, it’s just unevenly distributed” is about money. It comes from his novel “Count Zero” and it’s about the cashless society…
“He had his cash money, but you couldn’t pay for food with that. It wasn’t actually illegal to have the stuff, it was just that nobody ever did anything legitimate with it.”
I’ve written before that we are heading toward a society that is cashless in this sense, a society where cash will still be around but will disappear from the daily lives of most people. It’s not a society where there is no cash but a society where cash is irrelevant. It may have seemed outlandish twenty five years ago, but it’s a pretty accurate description of Sweden now (where only a tiny fraction of retail payments are cash) and China soon.
xxx
“Research being done at the MIT Media Lab is working on ‘swappable identities’ for AI bots, based on data taken from a person’s digital identity, as detailed by VentureBeat. Personal information is culled from emails, transcribed videos and any other published statements, allowing the system to give expert advice based on human opinions.”
xxx
xxx
“‘There were a lot of people who came and clicked photos (of the sign) but apart from that no transactions,’”
Bitcoin accepted here: The tiny family restaurant in India that’s embraced virtual currency — Quartz
xxx
One of my all time favourite television shows is “Greg the Bunny”, which ran for only one season in the Unites States many years ago. One of my favourite jokes is when a female character called Dottie tells the eponymous lead that she has been caught on camera in an adult situation. “Sexual situation?” he asks. “No,” she replies sarcastically, “it’s a picture of me voting”.
You’ll see why I started with that joke a little later on, but first I must tell you why my home town of Woking is in the news. It is at the forefront of the UK’s non-existent identity non-strategy to not introduce digital identity, because it is one of the five areas in England where voters will be asked to take identification to polling stations at local elections next year as part of a pilot scheme. The BBC report on the pilot scheme that I saw didn’t mention just how the entitlement to vote is to be established but we already know what array of high technology machine-learning AI super-robot world-brain systems are to be deployed since, when the pilot was originally announced, we were told that local authorities would be invited to apply to trial different types of identification, including forms of photo ID such as driving licences and passports, or formal correspondence such as a utilities bill
Wait, what? A utilities bill? It’s pointless enough showing a trivially counterfeitable physical identity document like a driving license to someone who can’t verify it anyway, such as a volunteer at a polling station, but come on… a utilities bill? That’s where we are in 2017 in the fifth richest country in the world? Shouldn’t we be just a little more ambitious and set the bar just a little bit higher?
In Scott Corfe’s recent report for the Social Market Foundation (called A Verifiable Success—The future of identity in the UK) he highlights what he calls the “democratic opportunity” for electronic identity verification to facilitate internet voting thereby increasing civic engagement. I am very much in favour of electronic voting of some kind, although I must say that I’m very much against internet voting, because I think that in a functioning democracy voting must remain a public act. If voting is allowed in certain remote conditions then we cannot be sure that a voter’s ballot is either secret or uncoerced. I think it is possible to imagine services where trusted third parties or electoral observers of some kind use mobile phones to go out and allow the infirm or otherwise housebound to vote, but that’s not the same thing as just allowing people to vote using mobile phones.
While I think internet voting is therefore a bad idea, I take Scott’s point about the need for electronic identity. However, since we don’t have one and I don’t see any prospect of Government producing a robust one in the foreseeable future, we’re stuck with gas bills until someone gets to grip with issue. I should explain here for any baffled overseas readers that the United Kingdom has no national identification scheme or identity card or any other such symbol of continental tyranny, so our gold standard identity document is the gas bill. The gas bill is a uniquely trusted document, and the obvious choice for a government concerned about fraud. As an aside, if for some reason you do not have a gas bill to attest to your suitability for some purpose or other, you can buy one here for theatrical or novelty use only.
Why is it that the government never ask me about this sort of thing? Since they don’t have an identity infrastructure (local authorities were invited to use the national “Gov.UK Verify” scheme but didn’t) why don’t they use other people’s? I would have thought that for a great majority of the population, especially the more transient and younger portion of the electorate (e.g., my sons) social media would provide a far better means to manage this entitlement. I judge it to be far harder to forge a plausible Facebook profile than a plausible gas bill so if I turn up at the polling station and log in to the Facebook profile for David Birch (if there is a Facebook profile for a David Birch, incidentally, I can assure you that it isn’t me) then they may as well let me vote.
None of this will make the slightest different to the central problem, of course, because the main source of electoral fraud in the UK is not personation at the polling station but fraudulently-completed postal ballots, a situation that led one British judge to call it “a system that would disgrace a banana republic”. Indeed, this is precisely what has been going on in my own dear Woking, where four people were jailed recently for electoral fraud. As far as I can understand it from reading the various reports, including the source reports on electoral fraud in the UK, the main problem is that postal votes are being completed by third parties, sometimes in bulk. No proof of identity is going to make any difference to this and so long as we allow people to continue voting by post I can’t see how the situation will improve because while it is not beyond the wit of man to come up with alternatives to the postal vote, that’s not what is being proposed in the pilot schemes. The government is not currently proposing an app or any other kind of electronic voting here, it is merely proposing to add a rudimentary test of entitlement at the polling station.
When this scheme was originally announced, the minister in charge of voting (Chris Skidmore) was quoted by the BBC as saying that “in many transactions you need a proof of ID” which is not, strictly speaking, true. In almost all transactions that we take part in on a daily basis we are not proving our identity, we are proving that we are authorised to do something whether it is to charge money to a line of credit in a shop, ride a bus or open the door to an office. In these cases we are using ID as a proxy because we don’t have a proper infrastructure in place for allowing us to keep our identities safely under lock and key while we go about our business by presenting credentials where necessary.
What you should really be presenting at the polling station is an anonymised entitlement to vote that you can authenticate to demonstrate your right to use it. It is nobody at the polling station’s business who you are and, in common with many other circumstances, if you are required to present your identity to enable a transaction then we have created another place where identity can be stolen from. So: you turn up in the polling polling station with your smartphone and scan a QR code, an app pops up and asks you for your fingerprint, PIN, face or whatever. Sorted. A list of candidates appears on your screen and you choose and hit “Vote Now”. Your vote is then cast in a cryptographically secure form and you go home happy. You can come back and vote again later on if you change your mind, by the way, because only the last choice will count.
The real solution is not about using gas bills or indeed special-purpose election ID cards, but about introducing a general-purpose National Entitlement Scheme (NES), which I wrote about before (“A Better Class of ID Card” in Prospect, 17th March 2005), but that requires some knowledge of technology and some vision for the future, both of which seem in short supply. We need to obtain some parasitic vitality for such a vital improvement to our national infrastructure and I don’t think voting (or doing taxes, the other usual case study) will cut it. What we need to do is to find some mass market, everyday application of credentials and use that to get the NES underway.
We need to find something that people want to do, where privacy is important, where we need good authentication of individuals, where people will willingly sign up for something that we can then use for other purposes (such as improving the quality of our democracy). The answer is staring us in the face, hence the joke at the beginning: adult services. If we can fix the identity problem for adult services we are simultaneously fixing it for voting and many other things. Now is the time, because the government has passed a law requiring age verification for access to adult services (which I’m sure we would all agree is a good idea) without any idea of how this might happen.
Ofcom’s guidance on age checks for online video content suggest a range of options including confirmation of credit card ownership and cross-checking a user’s details with information on the electoral register, both of which a terrible ideas that will inevitably lead to disaster because both of them require the adult service provider to know who you are. This means that when they get hacked, as they inevitably will be, the personal details of the customers will be available to all. And, as actually happened in the case of the Ashley Madison hack, people will die. It’s not funny. Whether it is adult web sites, or counselling services, or gay dating, or drug addiction helplines or whatever, where I go online is my business. We need a better solution than some dumb mandate to accelerate identity theft and foist its consequences on everybody.
Now, we already know what to do (that is, to have a functional identity privacy-enhancing infrastructure implemented as a NES) but as yet there’s no sign of it coming into being. Therefore in the shorter term we have to come up with some workable alternative. It seems to me that a rather obvious way forward would be for banks, who have invested zillions in tokenisation services, to issue “John Doe” tokens to customers over 18. So, I can load my Barclays debit card into my Apple / Samsung / Android (* delete where applicable) wallet for free, but for £5 per annum I get an additional Privacy-Enhancing Token (a PET name). This stealth token would have the name of “John Barleycorn” and the address (for AVS purposes) of “Nowhere”.
Now, I can go online to the UK Adult Gateway Service or whatever it ends up being called and use the PET name to obtain an adult passport and pay for services. Suppose I can use this adult passport to go and log in to “Lovelies in Leather Trousers” (which I only read for the gardening tips). Now:
Simple. Incidentally, there’s another aspect to all which means that the networks and the banks might want to invest in this kind of infrastructure. Since adult payments are lucrative, and since an effective privacy-enhancing age check would increase the use of such services, and since a tokenised approach would also reduce fraud and chargebacks, there are real incentives for the stakeholders to get out their and put something in place.
I really don’t like the idea of using the payment system as a policeman, but it makes sense as an interim solution until such time as we actually have a working identity infrastructure with pseudonymous virtual identities that can be used for adult transactions, just as they will be used for all other transactions. Once there are a few million people using the NES for adult services, then it becomes much easier to begin using the NES for other purposes, such as voting. I can go to the UK Adult Gateway to obtain a porn identity, a gambling identity, a Dungeons & Dragons identity, a comments in the MaiL Online identity and, of course, a voting identity.
Snippings