Thinking loudly about networked beings. Commonist. Projektionsfläche. License: CC-BY
2010 stories

“Is curing patients a sustainable business model?” Goldman Sachs analysts ask

1 Comment

Enlarge / The Goldman Sachs bank logo is seen reflected on the screen of a mobile phone in this photo illustration on November 15, 2017. (credit: Jaap Arriens/NurPhoto via Getty Images)

One-shot cures for diseases are not great for business—more specifically, they’re bad for longterm profits—Goldman Sachs analysts noted in an April 10 report for biotech clients, first reported by CNBC.

The investment banks’ report, titled “The Genome Revolution,” asks clients the touchy question: “Is curing patients a sustainable business model?” The answer may be “no,” according to follow-up information provided.

Analyst Salveen Richter and colleagues laid it out:

Read 5 remaining paragraphs | Comments

Read the whole story
5 days ago
Goldman Sachs asks if curing patients is a sustainable business model.

I ask if having Goldman Sachs is a sustainable way of human existence.
Share this story

Children’s Crusade

1 Comment and 2 Shares

With last month’s student-led nationwide demonstrations against gun violence following a mass shooting at Marjory Stoneman Douglas High in Parkland, the survivors did something adults had failed time and time again to do: galvanize millions in common cause for meaningful legislative reform. What’s more, organizers from the affluent Florida high school have linked their tragedy to the gun violence experienced daily by students in poor communities which disproportionately affects black and brown people, a situation often overlooked by journalists, celebrities and legislators. Center stage at the Washington, D.C. March for Our Lives rally, the Florida teenagers stood side by side with black and Latinx youth activists from Chicago and Los Angeles. Naomi Wadler, an 11-year-old girl from Alexandria, Virginia, said in her speech that she was there to “represent the African-American women who are victims of gun violence, who are simply statistics instead of vibrant, beautiful girls full of potential.”

The teenage activists have been met with pushback, slurred by politicians and accused by trolls of being “crisis actors.” But mainly the response has been gushing approbation. They’ve been praised for their intelligence, their oratorical gifts, their resilience, determination and courage. Variations of “These kids will save us all,” and “The future is bright” have glutted social media feeds and op-eds. In glowing tributes, young people are painted as the antidote to all that has gone wrong in the world, a crusading force that will put the gross mistakes of grown-ups right. “The kids,” Dana Milbank wrote in the Washington Post, “are going to save us from ourselves.”

These two poles — the kids will save us! and the kids spell our doom! — posit teenagers as other than human

And “the kids” have achieved something remarkable, creating a tightly focused protest movement that cannily understands the power of resonant, iconic images: Emma Gonzalez’s extraordinary speech, in which she stood silent for the exact length of time of the gun attack on her school, was praised by none other than master image-maker Steven Spielberg. But the child savior narrative is a troubling one: When we anoint high schoolers as our heroes and celebrate their sacrifice for the collective good, adults cede responsibility for their own past failings and inaction — children become a scrim for projecting adult anxieties. In this way, the current narrative exists parallel to the equally popular but seemingly contradictory prejudice that “young people” represent a dead-end for mankind — that their “addictions” to technology have left them adrift and socially inept. These two poles — the kids will save us! and the kids spell our doom! — express an incomplete, and inaccurate picture of teenagers. Both narratives posit teenagers as other than human.

Generational dividing lines are not new, but the demarcation between the post-Millennials — Generation Z, or, as psychologist Jean M. Twenge has more pointedly dubbed them, “iGen” — and their predecessors has been particularly sharply drawn. The difference is the internet, of course, and the commonly held notion that those born into an era of Google and email and Facebook are a radically different sort of human than those who came before.

In an 2001 essay, educator Marc Prensky coined the phrases “digital natives” and “digital immigrants” to distinguish between multitasking, tech savvy young people gifted with what he viewed as a preternatural ability to thrive in the digital world, and older folks struggling with its language, culture and infrastructure. Prensky’s theory about this generational split — he referred to it as a “singularity” — held tremendous sway in the popular imagination: Young people were understood to be innate technological whizzes, with brains rewired by their device use. “Today’s students,” Prensky wrote, “think and process information fundamentally differently from their predecessors.” (Emphasis his.)

Optimists marveled at the possibilities held by this rapidly evolving cohort and the amazing things their special brains might accomplish, while alarmists fretted that “digital natives” had lost their humanity and soul. Twenge, in her Atlantic story “Have Smartphones Destroyed a Generation?” argued that teenagers were on the brink of a mass mental-health crisis. “The twin rise of the smartphone and social media has caused an earthquake of a magnitude we’ve not seen in a very long time, if ever,” she writes. “There is compelling evidence that the devices we’ve placed in young people’s hands are having profound effects on their lives — and making them seriously unhappy.” Today’s teens, she says, are risk-averse and socially isolated. They lack self-sufficiency and a sense of independence. In other words, they are incapable of adulting.

Prensky’s thesis has since come under increasing criticism. For one, a wealth of research indicates that Millennials and post-Millennials do not, in fact, possess inborn digital intelligence and faculties — their brains work essentially the same way other generation’s brains have. And mythologizing any one generation (the narcissistic Boomers, the slacker Gen Xers) homogenizes an enormous demographic group with considerable internal diversity, of personal temperament and interest, as well as race, gender, class, geography and so on. Often, one generational group’s tendency to generalize about another is the result of resentment or nostalgia — a longing for what we think older people used up or ruined; or for the freer, easier, more interesting life we imagine younger people are enjoying.  

Most troubling are the racial biases embedded in Prensky’s term “digital natives.” The usage suggests a mystical, innate affinity for the digital environment, much in the same way European colonizers simplistically regarded indigenous peoples’ relationship to their environments. This framing dismissively viewed complex bodies of knowledge — traditions and histories of governance, arts and culture, medicine, navigation, infrastructure, ethics and religion, mathematics and language — as intrinsic or as folk wisdom. This belief in “natural” affinities erases millennia of trial and error, and of research, practice and mastery, as well as the sophisticated channels used to transmit this accrued knowledge. Characterizing young people’s capacity for technology in a similar fashion, the “digital natives” theory trades on these dangerous assumptions about biology and intelligence, the idea that certain groups have different sets of natural abilities than others.

The “digital natives” theory trades on the idea that certain groups have different sets of natural abilities than others

As for Twenge’s work, technology writer Alexandra Samuel scrutinized the data Twenge used to conclude that smartphone use is leading to epic levels of unhappiness and argues, persuasively, that the figures don’t back up Twenge’s analysis. Samuels goes on to say that if young people are struggling with independence, it might be the result of their parents’ reliance on technology, rather than their own. “Fostering independence takes work,” she writes. “We may parody the work of parenting as a set of rules and consequences, but the work of encouraging positive behavior is just as (if not more important) than sanctioning the negative. [But] when parents are distracted — as today’s parents are, perpetually, by our online lives — it’s the encouragement that suffers, more than the control.” The habits parents fret about in children — they’ve lost their ability to focus and to have face-to-face interactions, they’re too readily suckered by what they consume online — may well be habits those parents have inadvertently modelled for their kids.

It may be adults’ own dissatisfaction with their digital habits and competencies that is leading them to project those feelings onto children. Adults, already insecure and confused about a world in which their capabilities and knowledge increasingly seem obsolete, are now feeling even more impotent as they face global pressing threats such as climate change, gun violence and the rise of racist populism. In response, they’ve offloaded their particular fixations onto kids, whether it’s worry (they are device-hooked drones) or aspiration (they are warriors who will rescue us). These projections hold just enough truth to give them traction. But they really aren’t about young people at all. They’re about adults.

On the second day of May, 1963, a few weeks after Martin Luther King, Jr. was arrested and held in jail in Birmingham, Alabama, more than a thousand black school children abandoned school en masse to protest racial discrimination. The city was then one of the most segregated in the South as well as the most dangerous — it was called Bombingham due the routine dynamite attacks on black homes; that September four girls would be killed in a Ku Klux Klan bombing of the 16th Street Baptist Church. With many adults reluctant to engage in protests for fear of being beaten, arrested and facing other repercussions such as losing their jobs, James L. Bevel, a Baptist minister and advisor to King, convinced the civil rights leader to let him train young people in civil disobedience.

Walking in groups of 50 or so, those children, some as young as six and seven, marched through downtown Birmingham where dozens of them were arrested. The next day, even more children showed up. This time, Bull Connor, the notoriously racist public safety commissioner, directed police to use force. They sicced dogs on the children, beat them with clubs, and sprayed them with water cannons so powerful they tore the clothes from their bodies. Undeterred, on the third day, the children marched again, many against the wishes of their worried parents, their ranks continuing to swell with hundreds of young people who travelled from other towns and cities to join them. Once more, the children were beaten and arrested. Soon the jails were so full of kids that a temporary holding facility was set up at a local fairground.

The current glorification of the youth activist fortifies the idea that being daring and politically engaged is a young person’s game

At the time, Bevel and King were criticized by some, including Malcolm X, for recruiting children and putting them in harm’s way. But the series of marches, which came to be called the Children’s Crusade, marked a turning point in the nascent civil rights movement. News of the children’s protests went national. Reading about them in the papers, seeing images of young black children being set upon by white adults, pushed President John F. Kennedy to finally consider comprehensive civil rights legislation. The crusade ended on May 10, when local officials agreed to desegregate downtown stores, lunch counters, fitting rooms and drinking fountains. Historians have said the success of the Children’s Crusade gave momentum to the movement, leading to the March on Washington for Jobs and Freedom and the passage of the 1964 Civil Rights Act. King would later write, “Looking back, it is clear that the introduction of Birmingham’s children into the campaign was one of the wisest moves we made. It brought a new impact to the crusade, and the impetus that we needed to win the struggle.”

As tempting as it might be to see in these young demonstrators an animating boldness and forbearance unique to youth, their resistance and fight was the result of organization and labor. They were trained in nonviolent protest by some of the smartest, most strategic political organizers of the 20th century. Their bravery was fostered by their parents and grandparents’ tradition of social activism and supported by a network of adult organizers and civil rights lawyers. They were not alone in their crusade.

Fifty-five years later, the teenage organizers from Parkland are demonstrating for a different cause, with different stakes and with far less personal risk and far more ready support from the mainstream media and the broader public. But their movement draws heavily on the model set by the Children’s Crusade. There are experiences and touchstones unique to this moment: Social media has made organizing more efficient, art and popular culture have become more politicized and socially conscious, and, as others have pointed out, today’s teenagers were raised on hugely popular myths and narratives, such as the Harry Potter and Hunger Games series, in which young people play central roles in fighting oppressive systems and vanquishing evil villains. But young people are no more naturally empathetic, no more inherently capable of sacrifice than the rest of us. As participants in every other movement before them have done, including contemporary ones such as Black Lives Matter, Standing Rock, and the fight for LGBTQ rights, the anti-gun-violence activists have stepped up to fashion a new movement out of their concerns. They deserve respect, not romanticization. To imagine young people as idealists and credit the sui generis magic of childhood for their success does them a disservice.

What’s more, the current glorification of the youth activist fortifies the idea that being daring, politically engaged and passionate is a young person’s game. As such, teenagers represent an effort-free do-over for adults. In them, we wistfully imagine our own (best) past selves and enjoy a vicarious thrill in our ability to recognize their heroism, while absolving ourselves of the responsibility to participate. Close to half of Americans don’t show up to vote: the bare minimum of political engagement in a democracy and an action that could have a profound effect on everything from environmental protections to gun control.

It’s no slight on the genuinely laudable work and commitment of young activists to point out that actions for which they are being breathlessly praised are not novel; they don’t require a unique set of skills or an inherent talent. Educating yourself on legislation, creating a clever media strategy, mobilizing people to contact political representatives and to participate in demonstrations, registering voters and making connections across race and class to ensure a plurality of opinion and expertise have always been options for adults. Contemporary young people did not invent these things. If adults have been, by contrast, apathetic and inert, or have indulged in divisive ranting or mindless distraction, or comforted themselves with the fiction that striving for social change is too difficult or frightening, then let’s be blunt: That was a matter of choice, not capacity. The difference between kids and adults isn’t age, but the willingness to put in the effort.

This essay is part of a collection on the theme of ADULTHOOD. Also from this week, Tiana Reid on black taboo, and Hanif Abdurraqib on the aesthetics of being old

Read the whole story
17 days ago
"It’s just as unfair to see teens as activist angels than smartphone zombies"
Share this story

A critical reflection on #GDPR

1 Comment and 3 Shares

Given the activities of Cambridge Analytica as well as Facebook’s obvious inability to even comprehend what the hell people are pissed off about there is a reinvigorated push for regulating Facebook.

And it makes sense to look at regulation of supranational entities such a Facebook, Google, Amazon and whoever else is the target of the week. Because – aside from some existing fragments on some national levels – nobody seems to have figured out a way to effectively get a handle on what these tech-giants cook up in their labs and release into the wild: Tech iterates extremely quickly making all too focused or all to specific regulation irrelevant or ineffective quicker than it can be passed by any authority or government.

In the US I do often see a push to adopt #GDPR style regulation. The GDPR (General Data Protection Regulation) is the newest approach of the European Union to regulate and structure privacy and the processing of personal data. It will become active May 25th of 2018 and forms probably the first and most modern kind of privacy regulation of its scale on this planet. Many privacy activists celebrate(d) the regulation and some were even very involved in its creation so we should have something good here, right?

But things are usually less shiny when looking closer. Which I did in 2014 in a small tumbleblog that became a German book on the subject matter. But with it all being written in this niche language I was born into and with the texts having changed somewhat I thought it would be useful to summarize some of the biggest issues I have with the GDPR. Just to provide a little bit of added context to all the voices proposing GDPR as the silver bullet for “fixing” the Internet. Also David and Yasha asked for a short summary so here it goes.

Why should you listen to this, to me? Good question. I am a computer scientist and have been dealing with regulation of IT aspects/privacy for … damn … about a decade now. I am also a certified data protection officer for the GDPR and serve in that capacity for my employer. I’ve also been invited to the German Ministry of the Interior in the time leading up to the GDPR as an expert providing context about the regulation to the government.

This text will just look at the GDPR as it is, as regulation. I don’t really want to go into whether it would have protected people against an actor such as Cambridge Analytica (because it wouldn’t have). I also don’t really want to get into whether a data protection regulation will solve the “problems with Facebook” because a) that would require me to get into those which is a whole different ballgame and b) (as it will become clearer when looking at the regulation) the focus on the 800 pound gorilla in the room hasn’t helped the regulation to become better.

With all that being said, let’s look at the GDPR.

The GDPR is a regulation that – as already mentioned above – will go live throughout all of the European Union in May 25th. While there are ways for the EU member states to amend the regulation in specific places, it supersedes all existing privacy/data protection regulation within those member states. Starting May 25th the whole EU will have a very homogenous data protection regulation.

This was also one of the driving forces of the GDPR: To make it simpler to transfer personal data between EU member states. Because that used to be a big problem with for example Germany having very different laws and regulations as say France. This is very important and often overlooked: GDPR is not supposed to make data stay where it was gathered. Its job is to guaratee a level of protection/regulation attached to data, no matter where it goes. Even if the data leaves the EU.

If you have never read the regulation (and it is actually quite readable compared to other legal texts) you can find a very convenient directory here. But don’t worry, you don’t need to read all of it for this. I’ll point out the articles I see as key issues later in detail.

The Good parts

I want to start out with some of the good parts. Because obviously not everything about this is bad, it does have (very) good aspects as well.

Many of the “Rights of the Data Subject” (as in: The person the data at hand refers to) make sense and it’s great to have them written down and formalized.

I especially find Article 15 not a bad idea in general. It outlines that a data subject has the right to ask whether someone stores data about them and if yes what kind of data and where it comes from. We can argue about specifics a lot but the general idea is solid.

Especially when it comes to scoring or other data that can have discriminatory effects Article 16 is important giving every data subject the right to have data concerning it rectified. Good approach.

The right to data portability as outlined in Article 20 is a good idea in general but given the legal framework it is embedded in and the way it is phrased it’s largely useless in its current form. But I like the idea and would have loved to see it strengthened but it stands in conflict with much of the rest of the regulation.

Artilces 24 to 40 also include many good ideas about enforcing certain standards for data processors (as in entities using data). Enforcing processors to ensure a certain level of security within the chain of data processing, clearly specifying the kind of information a data processor has to provide their data subjects are all very reasonable ideas, most of them being phrased in a generally OK way (you can always argue about details with these kinds of things).

General criticism

So while there are good things I wouldn’t have written this post if everything was fine and dandy. Let’s start looking at some problematic aspects that are hard to pin at one specific article but that keep repeating or that are underlying assumptions about the structure of the (digital) world that don’t really hold up.

Basic systematic

While the basic legal systematic (processing of personal data is illegal unless certain conditions are met) could probably be worked with, it does create sort of an uncomfortable lever for governments to declare information about natural people illegal. Processing of personal data (and that includes storing in a CMS for publication) is illegal in general. That means that the press and everybody writing about people now has to make sure that they have a strong case for publishing said data (see the part about Article 6 a few paragraphs down). If someone powerful wants to get rid of something uncomfortable, say reports about them meeting people they shouldn’t have met carrying suitcases full of we don’t know what, they could argue that they don’t consent to their location being processed and force the article to be removed. Of course press can fight this and argue for public interest or something but every article will be a potentially expensive fight.

The government Exception

Most key articles dealing with restricting the processing of personal data include exceptions for government entities. This means that instead of being a strong protection against the government (you know, the people with the guns and the prisons and the secret services) this regulation mostly targets the private sector. And that is an important area to regulate. But it’s really not enough at all. It’s basically the government pointing over your shoulder yelling “look there’s a three-headed monkey behind you” and doing whatever it wants while you are distracted. That is – especially if you follow German traditions that constituted data protection specifically as a way for people to defend against government overreach – at least surprising.

The Anti-Faceboogle Law backfiring

The law is very obviously written to target the big tech companies and the way they do business. That is obvious while reading the articles as well as while reading the reasoning for the articles. That is also how the whole legislation is read outside of the EU (which is why people want to use it to destroy Facebook or something).

So the law creates very strong requirements to be allowed to process data and if you break the law there’s going to be immense punishment. Eat this Faceboogle!

The problem is: Facebook, Google and all the other companies do have the skills, the person-power and the resources to implement the regulation. They have the money to do all the data bookkeeping and pay data protection officers and all that. Especially with consent being the key mechanism within the regulation (we’ll come to that later) the big platforms are in a perfect position to funnel people through a consent acquisition process and get everything they need. How well to you think a new startup of 10 people will do in that regard? Do you think that some open source project running a bunch of servers to have people use a free and open social networking thing outside of Facebook have the skills and resources to comply with the regulation?

The immense effort necessary to comply and to be safe from the data protection agencies as well as lawyers affiliated with a competitor is only really manageable for the big players. Smaller startups and specifically decentralized free/open source projects will always be out of compliance. The law that was supposed to reign the US tech giants in (to allow European alternatives to flourish) does only strengthen the position of those already almost being monopolies.

What is data?

The GDPR has a very simplistic idea of what personal data is. If it refers to one identified (or identifiable) natural person, it is personal data that that person (the data subject) can control. Great.

So what is with the data connecting people? Say I am friends with X on Facebook. Is that information about me? About X? Who’s allowed to control it? Is X allowed to have a post removed (Right to be forgotten, we’ll get to that soon) that I wrote containing my opinion on X?

There is a lot of data that is clearly about one person. My bank statements are about me and my financial situation. Or are they? If I had kids they would also say a lot about their potential situation. Even my genetic code does not only say things about me but about my sister, my parents and potential offspring.

The understanding of data that the regulation is build on is so simple, so naive that for many real-world use cases the model simply doesn’t work.

Specific problematic articles

Ok. So after we’ve seen that some general ideas that GDPR is based on might be … not as well thought through as we’d like them to be, let’s look at just a handful somewhat problematic articles. There are more but I don’t want to let this thing get too long.

Article 3: Territorial scope

The GDPR is supposed to govern:

  • Every processor (company, project, etc) within EU borders
  • Every processor that also targets users/customers who reside within EU borders

While the first part is somewhat simple to figure out (if your headquarter is in Berlin, renting servers in the US won’t allow you to evade the regulation) the second part is problematic for a bunch of reasons, mostly practicality and you know national sovereignty.

What does it mean to target EU users? Is it enough to add a checkbox to the signup form making people state “I am not within the EU”? Say you are a startup in South Africa, you don’t care about the EU, you don’t think about the EU and suddenly some dude from Europe wants to fine you because a few people in Germany complained. That is a weird construct. Why should the EU parliament be allowed to decide how to regulate companies or entities it’s not legitimized to? Why does the EU parliament assume that it is allowed to override every law in the world if it feels like it?

Yes you could see my reading as overly dramatic (I am a passionate person) but I feel like Europe with its history of imperialism should maybe find better ways of dealing with international law that just saying “we know best”. The problem of conflicting legislation colliding on the Internet is neither new nor easily handled. But those questions need to be solved and not by saying “because we say so”.

Article 6: Lawfulness of processing

Article 6 is one of the absolute key articles of the regulation, it defines the reasons that can make the processing of personal data legal.

Basically: If you can point at one of the reasons you’re mostly good to go.

Some of them are kinda boring: You can process data if you are legally required to or to fulfill a contract with the data subject. Also there is saving lives (mostly hard to argue) and “public interest” (also hard to argue unless your interest is security and you want to profile your population).

The two reasons a) and f) are more interesting though. Let’s start with f) (like fuck yeah!).

f) allows you to process personal data if you have a “legitimate interest” that’s not overridden by other interests. This is the reason most ad agencies and people spamming you will fall back onto at first. Their “legitimate interest” is “informing potential customers” so they are allowed to crunch data to find these potential customers. Of course we’ll have to see the courts rolling the dice on this one but it already is quite a big door to even push profiling through.

a) fall back to consent meaning the data subject has freely consented to the data processing. You know how these things work. You want to do something, a service asks you to sign up or check a box. Boom. You just consented. Consent is specifically what the big platforms will fall back to and which is easy to acquire for them. (Unless they find a way to make processing user data part of the contract they have with the user, I do have a few ideas of how to pull that off and I am not even a lawyer).

The law wants to play hardball but in the end the ways of allowing things are so vague that it’ll end up mostly just adding a few check boxes everywhere. I don’t see a huge benefit in this to be honest. But consent has other issues as well, let’s look at it specifically.

Article 7: Conditions for consent

GDPR specifies a few criteria for legal consent to data processing. So you cannot just add a check box that’s maybe hidden and says “I allow everything, Facebook, use meeee!”.

The language is supposed to be clear and specific and consent into one thing cannot be tied to other things that are independent. That is not a stupid idea as such. But consent requires understanding.

Can I really consent into what for example Facebook or Google do with the data about me? Am I really able to fully understand what Facebook really wants to do? What the consequences can and will be?

Say Facebook (I keep using them as an example) asks me to “process my interests in order to adapt the Newsfeed to my personal preferences”. That sounds clear and specific. But is it? Not even Facebook engineers can easily say what their AI will do with my data, what kind of model of me it will create.

More and more data is processed by at least partially opaque systems (such as AI/machine learning systems) even if it’s not about profiling. And who can really understand what is being done with that data? Is consent even meaningful? Or will it stay within abstract phrases such as the one I outlined above? I fear it will.

Consent is a powerful tool in human interactions. But for digital spaces it’s not as meaningful as many people – especially privacy experts – believe it to be because the level of technical, legal and organizational competence required is really not something we can expect every person to have. Especially with companies maybe wanting users to consent into more than might be in their interest.

Consent as phrased here individualizes the data protection issue. The smart, the educated, the tech people will get their privacy and the rest won’t. Because they either don’t have the skills necessary to understand what’s going on or because they might value participation in something (and the access it provides) more. This keeps the current model of privacy as a bourgeois fantasy alive and I am not a fan to be honest.

Article 17: Right to erasure (‘right to be forgotten’)

Article 17 allows people the right to have data about them deleted. Ok, sounds fair. But there is a problem for anything journalistic and in the following to the public itself.

If this article would just be used to force a company to really delete data about me after I deleted my account or force them to really really delete the naked picture of my junk I accidentally posted we wouldn’t have a lot to discuss here. But this thing ties into the question “What is data?” that I presented earlier. If I can get anything that talks about me deleted because it’s data about me how can others express their right to voice an opinion (even about me!)?

As my dear readers know I am not a Free Speech absolutionist like so so many tech libertarians but I do see free expression as a fundamental value (within certain bounds). This article can be used to repress anything negative about anyone.

And even if there was a question whether specific information (say “X is a serial scam artist, don’t invest into his schemes”) should stay for the public good or free speech, given the potential harsh penalties for non-compliance with the GDPR (up to 4% total worldwide annual turnover of the preceding financial year, Art. 83, Sec 5) when in doubt companies will delete. Because the risks are very high and the benefit is marginal.

The article is so broad, so powerful and fighting it so against every incentive that it is a big danger for free press and specifically those who write but might not have the legal staff of a big newspaper or publisher at hand. You like blogs? The GDPR doesn’t.

Article 20: Data portability

“Now wait tante, you scheming … schemer”, you might say, “you said Article 20 was cool! Now it’s not?” Well dear reader – who I super did not just make up – the issue is that the regulation presents a right that is pointless for most of the use cases it is supposed to address.

So I have the right to take my data out of one service in electronic form to be able to easily migrate to a different service with similar functionality. That is a great idea. Really. But what does that mean?

It’s nice that I don’t have to complete my profile writing all kinds of facts about monkeys. Awesome, saves me a lot of time. But that’s hardly what I want to do.

If I want to leave for example Facebook for some other, better, more data protecty competitor. What use is the data I get out of Facebook? Sure, I have my posts. But only those that didn’t reference some of my friends. My network graph? Is basically just data about other people I can’t just get out because it’s not just “my” data. That kind of export is pointless for migrating to other services. The social graph, the network more often that not is the value proposition.

So that is a nice right that I get. I just can’t use it for anything meaningful. Thanks.


These are some of the problems I see with the GDPR regulation as it will go live soon. Personally I can’t complain, I now can’t be fired for at least a year being data protection officer for my employer, but I hope I could show that some of the articles and ideas that the GDPR is based on are either not doing what they are supposed to do (see consent for example) or enforce existing monopolies and monocultures.

The GDPR was an important step to harmonize the law in the EU and I hope that with the people involved having changed and reality kicking the GDPR around a little bit, some of the worst issues will be fixed or at least amended in the next years. But if your plan is to regulate Facebook the GDPR won’t do too much for you. It actually does strengthen the big platform providers.

And if you look at the GDPR as a template for your own privacy laws do what you’d do with new tech: Let others experiment with the beta and wait till it’s reached version 1.1 or 1.2. Because this current version is a beta and there’s gonna be crashes and patches.

(This article is free and creative commons licensed so you can do mostly what you want with it. If you still want to support me or this work you can buy me a beverage [Paypal link to donate]. But of course you don’t have to, I appreciate you reading this)

Photo by dennis_convert

Read the whole story
17 days ago
The #gdpr privacy regulation is probably not as useful to #regulatefacebook as you think. Here are some issues
14 days ago
17 days ago
Dublin, Ireland
Share this story

Easter Fun

1 Comment
Read the whole story
21 days ago
Easter fun!
Share this story

Saturday Morning Breakfast Cereal - Magical Realism

1 Comment and 7 Shares

Click here to go see the bonus panel!

Later, the job is outsourced to The Eastlands.

New comic!
Today's News:
Read the whole story
39 days ago
"The Real World but with Magic"
Share this story

Jenga and the Meaning of Life

1 Comment and 6 Shares

As renoun philosopher Al Davis said, the meaning life is to just win, baby.
Read the whole story
50 days ago
Jenga and the meaning of life
33 days ago
Share this story
Next Page of Stories