Losing one’s way

Over the last few days, the Guardian has broken the story of the illegal use of personal data in the US 2016 general election. We are now waiting for the trail to come back to UK politics, in particular, the use of Cambridge Analytica (or one of its associates) by the alliance of Leave organisations. The data was stolen, well acquired, from Facebook, but it seems they knew for two years and there is some argument as to their corporate complicity. Their Chief Information Security Officer has been on the way out since the end of last year and some stories suggest it’s because he argued for greater openness in co-operating with the enquiries into Russian state sourced fake news.

Citizens, their representatives and law makers have been arguing that IT companies should have a duty to report security breaches to law enforcement and the EU is introducing such a law now; such Laws exist in California which is where Facebook is headquartered. We should also note that their duty to protect their users personal data is governed by the US privacy laws, the now defunct EU Safe Harbour agreement and its successor, the Privacy Shield. In addition, the US signed up to the 7 Principles of Data Potection when first declared by the OECD.  It is a fact however, that many US business executives (and their employees) consider the European Data Protection laws as non-tariff import barriers, not that this should matter but I have no doubt that considerable time has been spent in determining where the line between legality and illegal activity stands.

There are several factors in the US political culture which often makes it hard for the US to obey foreign laws (and their own), one of them being, that they often have difficulty in legitimising their own laws and law enforcement.

This is, to me, summarised in the 10th Amendment, one of the Bill of Rights amendments to the US Constitution.

The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.

There is a beauty to the sentiment and an economy to the words, but they are a fundamental challenge to the rule of law. (Is this a bit extreme?) The Citizen’s United ruling, which upheld the citizen’s free speech rights for an association, can be taken to mean that corporations have citizenship rights. US Laws are hard to make and often Laws re challenged in court often to the Supreme Court asking for laws to be struck down as unconstitutional. The upshot of all this is that politicaly citizens can take a view on whether a law is legal in the knowledge that if they win, unlike in Europe & the Antipodes where the Government’s have majorities in their legislatures and will rewrite the laws, they get to do what they want.

The US tradition of a people’s access to justice, showcased by the Judge Judy show is also admirable, if a bit bizarre to UK eyes but it is another dimension of the US commitment to rights and the rule of law; they’e just a bit weaker in understanding collective and inalienable rights, such as privacy (except from Government).

We also have the growing dichotomy between companies Legal and Compliance teams, with Legal advising under the protection of client/attorney privilege in the best interests of their clients and Compliance having a duty to the public advising how not to break the Law.

One can see how US Companies might lose their way. It’s nothing to be proud of though, the UK route to corruption is just shorter as currently viewing the C4 news program on Cambridge Analytica will show.

Do politicians understand? They may not understand the details of the tech., but they do understand Human Rights law and the rule of law, although some of the House of Commons are to quote the shadow chancellor “Fucking Useless”, and the select committees could do with better advisors;  the purpose of the witnesses is to deliver this advice and knowledge, but you need to know the questions and understand the answers. You need a nose for a cover up and to know the 2nd question.

The subversion of democracy by big data

The subversion of democracy by big data

The fabulous Carol Cadwalladyr brings us the next instalment of undoing the surveillance states control over our democracies.

In an article “The Great British Brexit Robbery”, she and the Guardian showed how the Tories and the Brexit Leave Campaigns had used US Data Aanlytics companies to influence the Brexit referendum. It is alleged that the personal data was obtained illegally, its processing was illegal and that it was an undeclared election/referendum expense. The evidence was sufficient for the Information Commissioner’s Office and the Electoral Commission to launch investigations.

Over the last two days, Facebook have suspended Cambridge Analytica & one other company and the latter’s Principal for breaking their terms and conditions and in one case a breach of contract not to pass data on. The story is reported in the Guardian in a story called, “‘I made Steve Bannon’s psychological warfare tool’: meet the data war whistleblower” , which documents the contractual paper trial. This happened two years ago and it is alleged that Facebook knew of it then. It is a crime in many jurisdictions, including California to not notify either the regulators or the data subjects of a breach/leak of personal data.

Sadly 🤔 they have been accused of misleading the House of Commons, select committee inquiry into Fake News. It has been denied that Cambridge Analytica had Facebook data in a verbal submission. Its Chair, Damian Collins, is quite forthright, accusing Facebook of sending under informed representatives to answer the committee’s questions. The word wilful ignorance comes to mind.

As Brits, we need to see if crimes were committed during the 2015 & 2017 General Elections and/or the Brexit Refrendum but this can’t be good for Facebook’s reputation.

ooOOOoo

I wish we still had Storify, this is one for them.

The image is from the Guardian on the story on Parliament’s reaction.