The pledges in the Queen’s Speech to use the proposed Digital Economy Bill to empower consumers and protect citizens (and their children) in the on-line world need to be looked at in the context of a growing gulf between voters (whether as consumers or parents) and the lobbyists of the Internet industry. The latter are still hung up about the Snowden revelation that subsets of the data they hoover up might be made available to the NSA and GCHQ. The former are getting increasingly angry at the lack of attention being paid to protecting them against on-line abuse and fraud. Meanwhile Government and Business continue to conspire to drive us all on-line, like sheep to be fleeced. The main change in the five years since I wrote that blog is that on-line criminals now “trouser” over four times, estimates range from $450 billion to $1 trillion, the global spend on information security, around $100 billion. The long-standing vulnerabilities (some over 20 years old) that enable them to do so have not yet been addressed. It is 15 years since I predicted (paper for the 2001 conference to celebrate the 50 Anniversary of LEO, the first business computer) a period when confidence in the veracity of anything on-line would collapse. We are now entering that period.
A US Government survey indicates that nearly half of all Americans have not carried out a normal on-line task because of fears over privacy and security . Meanwhile the Belgian police have just issued advice to users not to use Facebook reactions if they value their privacy. It appears that Americans share the fears of European indicated by the Vodafone survey on the trust gap between consumers and the globally and nationally dominant ISPs and Telcos on which I blogged yesterday. Hence the value of a Mayoral initiative to make London the safest place to do on-line business and the most dangerous place to attack: by taking the policing of the on-line world seriously and not just repeating awareness platitudes.
The battle for control over the Internet has as many dimensions as “net neutrality” has meanings but most public debate in the UK focuses on what are non-issues to most users. Meanwhile those (a mix of convenience and confidence in authenticity, accuracy, reliability, resilience, security and privacy) which will make or break the survival of current on-line business models are rarely debated.
I will give a few examples:
The debate over broadband speeds, alias response times and usability, is moving from nominal transmission speeds to the need for lobbyists and advertisers to use numbers that reflect the experience of most users: e.g. the mean or average speeds delivered at peak times – not the top decile based on 24 hour performance, including when almost everyone is asleep. We are seeing guidance on how users can speed up the transmission speeds between their domestic router and the laptops or smart phones that have replaced PCs – e.g. use cables or wireline to avoid interference from other electrical equipment, including that next door. The most potent way of speeding up response time is, however to stop using cloud based services and remove/block the advertising bloatware (often also cloud based) that makes systems stop dead while waiting for unwanted (by the user) monitoring services to send information on transactions and patterns of behaviour to the 700 or so services that may have been installed as a result of using mainstream search engines, social networking or media services, let alone from consciously downloading “free” apps.
Alex Kidman recently summarised what is at stake for journalists in the ad-blocking war that no-one is winning in an excellent article in the Drum. Meanwhile those fighting that war rarely allow customers to chose which side they wish to fight, let alone how much they are willing to pay, which site, in order not have their machine infected with bloatware.
The problem is acute with regard to mobile users, who are paying for the extra time taken and therefore wanting to install blocking at a time when advertisers are wishing to use ever more intrusive and detailed bloatware to track location and usage and target their messages.
In consequence Google is seeking to work with leading ad-blockers to create “acceptable use” policies in order to head off a backlash that could seriously dent its revenues – but that raises the question of “acceptable to who”.
Then come the questions over the security or otherwise of the data collected by all those monitoring services and the responsibility of those collecting when, not just if, it is used to enable fraud and impersonation. Yesterday I attended an excellent briefing sessions on the current and emerging threats to on-line retail. I had not before realised how much more profitable (to criminals) it is to install ransomware than to to go to the effort of stealing pass words or credit card data which may changed as soon as the compromise is reported. Will the adware installers be held liable for the ransomware piggybacking on their services? Would clearer liability cause them to rethink their policies. One of my fears with regard to the Digital Economy Bill and other measures in the Queen’s Speach is that they will, in practice, water down, rather than strengthen consumer protection.