Guilt and Shame

Do you live in a guilt-based or a shame-based society?

Guilt is assigned by law, quantifiably based on right and wrong, and it usually goes away after punishment. Shame, by contrast, is assigned by the community, it is much harder to quantify and only disappears when a person’s honour is restored. It can potentially destroy a person’s standing in the community permanently.

In a recent book by author Steve Bell on explaining the gospel to those from an Eastern context, one of the points he makes is that Western Christians often explain the gospel in terms of guilt: “I was guilty before God, and Christ took the punishment for my sins”. This is true, and gloriously so, but Eastern societies tend to be based on shame, and this does not resonate with people from them. There is, however, also a telling of the gospel based on the concept of shame: “My sin shames me, but Jesus has taken away my shame and given me honour”. In expounding this point, he writes (p.12):

The unfortunate thing is that the Western focus on ‘guilt’ has developed to the exclusion of the eastern focus on ‘shame’…

This got me thinking (as all good books do) about the relative places of guilt and shame in UK society today. As would be expected for a 21st century Western country, I think that we are almost entirely a guilt-based society. Politicians no longer resign if they are caught in moral turpitude. People argue that private lives should have no effect on public status. Few actions which used to lead to shame do any more – in fact, “shaming” someone is in some quarters considered to be a great evil.

What consequences does this have? If people only have the ability to understand the world in guilt-based categories, then I wonder if they will tend to take their ideas of what is right and wrong from what is legal and illegal. “This is legal, so it must be OK.” This then means that people attempting to make something socially acceptable campaign hard for its legalization, because they believe it will then lead to its social normalization and acceptability. And, in a society with little concept of shame, they may well be right.

TEMPORAl Distortion

The UK’s General Communications Headquarters (GCHQ) has a system called TEMPORA. TEMPORA is the signals intelligence community’s first “full-take” Internet buffer that doesn’t care about content type and pays only marginal attention to the Human Rights Act. It snarfs everything, in a rolling buffer to allow retroactive investigation without missing a single bit. Right now the buffer can hold three days of traffic, but that’s being improved. Three days may not sound like much, but remember that that’s not metadata. “Full-take” means it doesn’t miss anything, and ingests the entirety of each circuit’s capacity. If you send a single ICMP packet 5 and it routes through the UK, we get it. If you download something and the CDN (Content Delivery Network) happens to serve from the UK, we get it. If your sick daughter’s medical records get processed at a London call center … well, you get the idea. … As a general rule, so long as you have any choice at all, you should never route through or peer with the UK under any circumstances. Their fibers are radioactive, and even the Queen’s selfies to the pool boy get logged.

Blimey.

European Cybersecurity Strategy and Proposed Network Security Directive

The European Commission recently published 2 documents:

* the Cybersecurity Strategy of the European Union (English version; 20 pages)
* the Proposed Directive on Network and Information Security (English version; 27 pages + 2 annexes)

Mozilla is trying to work out whether we need to have a position on these documents and, if so, what that position should be. How might this affect the open web? Are there any actions we could or should take in response?

This is part of the work of the new Public Policy module. Particularly if you live in the EU, we would appreciate it if you would read one or the other and indicate any parts of it which are particularly of interest to you and to Mozilla.

The first document, the Strategy, sets forth the EU’s vision of cybersecurity. The second one, the proposed NIS Directive, if enacted, would require all Member States, and key “Internet enablers” such as e-commerce platforms, social networks, plus critical infrastructure companies (energy, transport, banking, and healthcare) to take action to ensure “a secure and trustworthy digital environment throughout the EU”. This might mean, for example, requiring them to adopt risk management practices and report major security incidents on their core services.

(I would expect these documents to be available in other EU languages but, although the press release is, I can’t see where the documents are. Pointers gratefully received.)

‘Do Not Track’ and the Role of Government

Following Mitchell’s recent comments on DNT, here’s a riff from me.

There are currently two views of how Do Not Track, the standard for a browser to signal to a website that its user does not want behavioural tracking, should be enabled.

My position (and that, as far as I can tell, of the standardization group, and of many within Mozilla) is that Do Not Track is “no preference” by default (i.e. no header is sent), and must be explicitly enabled or disabled (without specifying an exact user experience). While it may change in the future, Microsoft’s current position is that users will be asked about “Do Not Track” during installation or upgrade, and the checkbox to turn it on (visible only in the non-speedy install) will be checked, and so the feature will be enabled, by default.

This made me think that the two views of “Do Not Track” correspond to some degree to two views of the role of government in innovation and user empowerment.

If you are in favour of market-driven solutions, then the power of Do Not Track comes from the fact that everyone who has it turned on has made a conscious decision to do so. This action speaks with a powerful voice in the market, and is hard to argue against. The idea is that any advertiser which refuses to respect a specific user request will suffer from a poor reputation, and loss of business. Hence, consumer pressure leads to positive change without regulation. But for this to work, it requires that the default be “off” (or “no preference”, which amounts to the same thing).

If you are in favour of regulated solutions, then the power of Do Not Track comes when governments force advertising companies to respect it. So how it gets turned on or not is a secondary question, and your goal is simply to get it enabled on the computers of as many people as possible, and get a law passed that makes website owners pay attention to it. After all, once it’s a government mandate, the advertiser has to respect it, whether the user made a choice to enable it or not. And so having it on by default allows you to make the claim that you are “protecting more users”.

I suggest that history shows us that government regulation of technology is usually written by those who don’t understand it, arrives late, and demonstrates inflexibility in the face of future innovation. The EU cookie law, as implemented in the UK, is a case in point – its net effect is that most UK websites how have to have a click-through dialog before you can continue to use them as before. I doubt that many people’s privacy has been meaningfully enhanced, and website usability has suffered.

Government-mandated DNT would not nearly be as flexible and open to further innovation as market-driven DNT. I hope we get the market-driven sort.

EU is 113% Democratic

You couldn’t make it up. The vote on an amendment to some “orphan works” legislation in the EU’s Legal Affairs committee (which has the responsibility of “safeguarding the integrity and trustworthiness of the legal framework as a whole in Europe”) was lost 14 votes to 12. Nothing wrong with that, except that there were only 23 voting members. In other words, there was a 113% turnout – a figure of which Vladimir Putin or Robert Mugabe would be proud.

When it was pointed out that these 3 phantom votes could have affected the outcome, a re-vote was nevertheless denied.

Front-runner for “understatement of the year” goes to Christian Engström, Member of the European Parliament for the Swedish Pirate Party, who said:

“What can I say? There is a lot of room for improvement when it comes to democracy in the European Union.”

Coalition for Marriage Petition

[Update 2013-10-12: It seems that an anonymous resident of Chicago has added a link to this blog post to my (short) Wikipedia entry, thereby suggesting that my opposition to the redefinition of marriage is one of the most important things that people need to know about my life, work and opinions. I’m not sure why they think that, but I wonder whether their intent was that people would read that sentence and pigeonhole me without further consideration. If you came here from Wikipedia, I hope you will not make that mistake.

In addition, the following quotation from a letter sent out in July 2013 by the Prime Minister’s Office might be of interest:

The position in discrimination law is very clear. The belief that marriage is between a man and a woman is protected under Article 9 of the European Convention on Human Rights, the Human Rights Act 1998 and the Equality Act 2010. Discriminating against someone simply because they hold that belief or express it in a reasonable way would be unlawful discrimination.

I’m sure that anyone who is an opponent of discrimination would not want to do such a thing.

The original blog post follows.]

For my UK readers: if you agree with the following statement:

I support the legal definition of marriage which is the voluntary union for life of one man and one woman to the exclusion of all others. I oppose any attempt to redefine it.

then please sign the petition of the Coalition For Marriage.

Civil partnerships and marriages in the UK give exactly the same legal rights and operate under the same constrictions. This is not a question of “equality”. But because of the way marriage is defined in UK law, it is also not possible to redefine it in this way without changing what it means for heterosexual couples too. The soundbite “if you don’t like it, don’t get one” is an invalid argument.

The government does not have the power or authority to redefine words.

The Impossibility Of SOPA

It has been suggested that if SOPA or PIPA pass, then sites with user-generated content would need to review it all manually for copyright violations.

What would it look like for YouTube, if a reviewer had to watch every minute of video?

  • About 48 hours of video a minute is uploaded to YouTube (that figure is from May 2011, so it’s probably more now, but let’s go with that as a conservative estimate)
  • 48 hours a minute is 483,840 hours a week
  • If the reviewers worked 40-hour weeks, you would need 12,096 of them (plus a thousand or so more for holiday cover) – call it 13,000
  • If you paid them all at the US Federal minimum wage of about $15,000, it would cost $195 million per year.

But, of course, you couldn’t start the reviewers straight out of high school. First, they’d need to watch the 100 years of video which has been submitted to YouTube by content owners, so they knew a copyright violation when they saw one. (They wouldn’t be able to detect copyright violations of the content of independent filmmakers or individuals, but hey, this system isn’t about them, is it?)

The problem is that after watching 100 years of video, those who aren’t dead would have pretty poor eyesight. It would also introduce an unacceptable delay in getting the system up and running. So the job needs to be parallelized. Specialization is the key. One set of reviewers could watch all the musicals, and another could focus on vampire movies. (They might need paying extra.) If we got each trainee reviewer to spend 3 years exclusively watching Hollywood movies, TV network serials and listening to major-label music (drawing parallels with the average college degree is left as an exercise for the reader) then we could get the system up and running faster. However, we’d need 33 times more reviewers – 429,000 in all, making the cost $6.4 billion.

For comparison, 429,000 people is about 1 in 30 of the entire jobless population of the USA, and $6.4 billion is approximately 60% of Google’s annual profits. These resources would be spent entirely on content checking for YouTube, without considering Google’s other sites which take user-generated content, or Facebook, or any other social site.

There is just too much user-generated content to check it all manually, and automatic methods will never be 100% effective. So how do SOPA proponents expect that sites like YouTube can possibly remain open and legal? It’s impossible.

Social Justice or Something Else?

Here’s a quick test to help e.g. those who sympathise with the “we are the 99%” slogan to work out what personal motivation is behind their support of proposals for change in people’s relative incomes.

(Once you’ve read the short article) It’s worth observing that, after the button is pushed, if you have a relative measure of poverty (as we do here in the UK), measured poverty goes up.

A further observation: this test makes no claim that the hypothetical scenario is actually happening or will happen. Notice that there’s a genie involved.

Open Sourcing Local Minimum

I can’t remember who said it (Simon Phipps?), but a while back this idea stuck with me.

If a company tries to open source a project, but gets nervous about it and tries to retain too much control, they can end up at a sort of open sourcing local minimum, where they are getting the disadvantages of open source with none of the advantages. In other words, they incur all the expense and hassle of setting up an open source project, without getting the increased community involvement and eyeballs which are the reward, because potential contributors can see that it’s not a project they can have a real ownership stake in.

Sometimes, half-done can be worse than not done at all.

There’s No Money Left

“I’m afraid to tell you there’s no money left” was what was written on a note left by the previous Chief Secretary to the Treasury for his successor when the UK government changed after the last election in May 2010.

Since then the new government has been attempting to rein in spending, although he hasn’t been doing a great job of it – over this parliament the national debt will still rise by over £500bn, or £19,000 for every household in the country. Interest on this debt – money the Government has to collect in taxes but can’t spend on services – will more than double to almost £67bn, surpassing spending on the defence, transport, home office and justice departments combined.

Even so, some people think the relatively mild spending cuts, which restore government spending to where it was as recently as 2007, are an unbearable travesty which will take us back to the dark ages.

That’s why I’m attending the Rally Against Debt in London this Saturday, and I urge my UK readers to do the same. Here’s my placard slogan: “The Borrower Is Slave To The Lender” — Proverbs 22:7.

Privacy Irony

ReclaimPrivacy.org “provides an independent and open tool for scanning your Facebook privacy settings”…

… by making you run untrusted JavaScript in a Facebook browser context, just like lots of shady “automatically spam all your friends” copy-and-paste-this-code-to-get-a-cookie Facebook pages.

Of course, it’s easier to snipe from the sidelines than to do something myself…