Bonum Certa Men Certa

Technology: rights or responsibilities? - Part III

posted by Rianne Schestowitz on Oct 09, 2024

By Dr. Andy Farnell

Back to Part I

Back to Part II

Rights and security

Whereas cybersecurity has traditionally been limited to businesses and organisations, what I call "civic cybersecurity" is concerned with obtaining and keeping a safe and fair digital world for everyone. So let's venture the idea that "digital rights" is something that makes sense when we broaden the purview of cybersecurity to include ordinary and everyday living.

In the media, civic cybersecurity tends to focus on the dramatic, on stopping planes being hacked to fall from the sky and power grids from melting down. The latest offering in the UK is the very entertaining Nightsleeper, a kind of British "Mr. Robot".

Though I teach in an area where we consider nasty and disturbing stuff from drone swarms terrorising stadiums to autonomous vehicles carrying bombs, these sorts of worst-case fantasies rarely happen for pragmatic psychological reasons rather than questions of possibility. Elaborate kinetic violence requires extraordinary levels of organisation, long term commitment and fanatical malice. Most of the civilian horror we see is more spontaneous and makes use of commonplace weapons like knives and vehicles. Stuxnet style terror stunts, like hackjacking the London Eye and centrifuging tourists into low Earth orbit requires Tom and Jerry levels of improbability.

For defenders, constantly worrying about marginal "what-ifs?" is sapping and distracts from the everyday attacks that are already commonplace. Ironically some of these less dramatic attack surfaces are less obvious to those with over-active imaginations.

imaginations

Most of what we deal with in civil cybersecurity is teenagers getting cyberbullied into a suicidal state, or old people who've been robbed of their life savings. These crimes are almost always outside the practical capacity of the police and so are seldom dealt with. Their root lies in awful software and systems designed to put profit, spying and domination ahead of safety and human values. It's not just that code is insecure, but that the design, protocols and features of the applications are hostile to users.

life savings

For a long time a "techlash" has been brewing against the handful of massive companies and unelected power centres that presume to tell us how to live our lives, causing harm to individuals and society in their own self-interest. Head of US Cybersecurity and Infrastructure Security Agency (CISA) Jen Easterly recently called-out BigTech for their criminally defective products and entitled "techno exceptionalism". The reality is that the accumulated negative impact of BigTech in its effects on health, wealth and happiness outweighs anything terrorists ever achieved on US or British soil - except indirectly by creating the money-pit of state surveillance and media circus of fear.

Let's take an seemingly innocuous example of being unable to obtain healthcare because your hospital only accepts Gmail addresses. This is a catastrophic failure of social security that has roots in bad technology and also insane policy. It is evil in it's sheer mundanity.

healthcare

email addresses

Or consider the betrayal of selling patient medical records to research companies (despite repeated opting-out) such that people no longer have confidence in their GP and avoid visits. These actions certainly cause deaths. Yet on the surface they seem inconsequential.

Or attacking the use of cash money and local economies so that small businesses and the rural poor are disadvantaged. This constant low-level technological violence is against the invisible fabric of society, not our visible symbols. It is the subversive craft that Yuri Bezmenov outlined following his defection in the 1970s. The cruel twist is to get our own people doing the dirty work so that Moscow and Beijing don't need to lift a finger. The truly poetic masterstroke is to have us dismantle our own society in the belief we are "building a better, more efficient world". I think our international enemies cheer every time our governments give a little more power to Microsoft, Amazon or Google.

These acts of social sabotage use technology which makes ordinary malice easy and convenient. Ordinary moral weakness, ignorance, greed and neglect, met by "convenient solutions", enable a witless many to have more impact than any dramatic spectacles perpetrated by a militant few. Planes flying into buildings are news, but hundreds of thousands of road deaths due to texting-and-driving is nothing to see or care about. What we confuse are "terror" and "sabotage". Whereas the terrorist likes to put on a show, the saboteur is happy if his corrosive work goes unnoticed.

Whatever uneducated and dishonest rationales might be offered, behind them is a devious policy decision in obvious contempt of basic rights. Surely each citizen has a right to be secure from capricious impositions? But who will champion and enforce such rights?

There is a clear conflict of interests around the idea that Microsoft, Amazon. Oracle or Meta can offer security to people whose very exploitation is their business model. BigTech cannot offer cybersecurity because BigTech is the cybersecurity problem. Who will protect people against the companies that want to take over their lives? Will we see organisations like CISA and the UK NCSC position themselves openly against BigTech? Will we ever see a (much needed) government warning against using Microsoft products?

But expensive open conflict is not a long-term solution. These problems need sorting out in law. So as a basis it seems much clearer if we re-frame such violations as a failure of responsibility. In the above case of a health provider it is a failure to ensure equality and universal healthcare. Unless of course their claim is that everybody is equally abused by technology and anyone who objects is free to choose dignity rather than life.

long-term solution

Shaming the NHS - who we cheered in weekly rituals banging pots and pans through the pandemic - for its betrayal of patient confidentiality, dignity and ancient Hippocratic Oaths suddenly doesn't feel so wrong or ungrateful. They should not be magically above the data protection laws that everybody else must observe. Now, instead of arguing over rights we should be able invoke the law. Can't deal with my email address? …get fined, go to jail and be forced to fix your system! Surely that's fairer than leaving the outliers to die?

So, framing problems around "responsibility" weighs heavier than any talk about "rights". Consider our responsibility to use cash money for the sake of societal bonds, to switch-off our phones when driving to protect pedestrians and other drivers, have the patience and social skills to speak to a human rather than a machine, take the stairs instead of the lift, use a stronger password, use paper and pencil instead of an "app"… these are all little things that add up to a better technological society with more long term security and resilience.

resilience

But not everybody can…

An objection sometimes levelled against a philosophy of humane responsibility is that it is "ableist". We hear; What about people who have discalcula and can't use money? What about those without legs to climb the stairs? Or people who have social anxiety and prefer robots to other people? What about folks who cannot remember a six digit number and were never taught to write with a pen?

Against this objection is the rather cruel and cavalier retort that society should not design itself around the needs of the lowest common factor. I won't make that, but what I personally hear from less-abled people is surprising agreement, that they experience being used as proxy justification insulting. Indeed I've heard anger when impositions ostensibly about accessibility are made in their name. This was identified many decades ago by disabilities groups as the "Does he take sugar?" phenomenon, and is now subject to a backlash against patronising UX in design. Technology that's inclusive must attend to both least and most able users, and put neither group in conflict with the other.

But perhaps more concerning is the irony that "convenient" technology causes debilitating human conditions. Technologically mediated isolation is a cause of social anxiety. Inactivity and easy motor transport is a cause of poor mobility. Calculators cause discalcula, etc. Being waited on hand and foot by computers and robots makes us scatterbrained and helpless. In its worst formulation this becomes an argument that; yes, technology is a crutch with which we must "limp before the lame", so as to become lame too.

Calculators

In reality almost the complete opposite is true. Digital technology harms the least able disproportionately more. I am exhausted hearing from older people how they cannot use their banking apps and just want to see a real human - but they shut the branch down and now it's a 10 mile drive in to the next town. People with poor education and learning difficulties are bewildered by the inhuman impositions of techno-bureaucracy. Sometimes they require a full-time helper/mentor just to navigate life and the social care system. People with poor eyesight and attention who are forced to use phone apps just give up. Systems are designed with dark patterns to confuse folks so they don't collect benefits or pay more for services than they should. These disproportionately harm poorer people with less education or additional needs.

poor education

Algorithms tuned for "efficiency" make this happen even if there is no direct human malice. Therefore the malice is deploying these algorithms in the first place. As coders we must question deeply what we are working on and refuse to participate in projects that raise controversial ethical questions.

And I say this coming from the UK where we actually have one of the best government web presences in the world, with high accessibility, bullet-proof availability, and plain English content. It is heartbreaking to see so much dedicated engineering go into something that underneath rests on a morally bankrupt ideology of gushing neophilia.

Our injury can often be traced to a failure of Law. The legal world has never really understood or kept pace with technology - which is praise not a criticism since Laws should be stable, steady and throughtful. However, most "cyberlaw" seems to have been written to protect those who are now the aggressors. For example the UK Computer Misuse Act 1990 (that now seems so naive and woolly as to be a crime in itself) defines misuse only in terms of "authorisation". Computers are misused in thousands of insidious ways to visit harms on peaceful, law-abiding citizens who just want to mind their own business.

failure of Law

As zero trust becomes the vogue security fad, explicit authorisation is practically dead as a concept in 2024. When was the last time you "authorised" BigTech to steal your personal information from your phone? As written, the 1990 Act is a charter for the powerful to abuse the helpless. It remains in place because of course there is a need to prevent violations of computing perimeters, but it now looks woefully inadequate, a speck in the landscape of digital harms that have evolved since that time. If reformed it will likely add nothing to redress the victims of daily corporate intrusion.

As we look around the world today we see that the unilateral imposition of digital technology on terms dictated by corporations and governments has led to a significant loss of basic rights, freedoms and psychological safety for the majority. That is not to say digital technology hasn't brought immense benefits, but one is not excused from inflicting injury by bundling it a priori with compensation (especially where there is no mutuality and the harms were unnecessary in the first place if you'd just been a little bit smarter).

inflicting injury

Much discussion of technology and security today is about balancing the needs of governments and business. Conspicuously missing from that discussion is any talk of "the people", the public, the hoi polloi. So "digital rights" might be a way of talking about the huge gap in that landscape, where ordinary folk are victims of " Police and thieves in the street", and whose voices are ignored.

ignored

So we must accept that not everyone can join in the "technological society". Not everybody should. Not everybody wants to even if they could, therefore any system that does not recognise those voices neither has nor deserves a future. "Responsibility" then is a much more complex tool than it first appears and does not easily fall to the ableist objection.

Responsibility

Other Recent Techrights' Posts

Throwing Away "Old" Computers (Mozilla and Other Climate Deniers)
Mozilla is not leftist
Further Media Cut-downs
media reporting about the media being cut
Gemini Links 09/09/2025: Moon Eclipse and ROOPHLOCH Reports
Links for the day
Official SUSE Blog Still Uses LLM Slop (Bots) to Make Fake Articles (Marketing)
The company is all about sound bites
Companies Realise That Slop Doesn't Work as Advertised, Accordingly Dump It
"Hype dims as a country-wide survey of US corporations shows a sudden drop-off in AI use among firms with more than 250 employees."
Microsoft-Funded Lawsuits Against Critics of UEFI 'Secure Boot'
Remember that no company (or law firm) ever survives collaborations with Microsoft
 
Blaming Everything on China
TikTok works for China. GAFAM works for fascists.
People Get Tired of "Hey Hi" (AI), Unlike the Subservient Money-Obsessed Media That Gets Paid to Pretend This Bubble Still Matters
"crash will be way bigger than dot.com burst in 90s. and that was Internet, actually transformative technology, not this expensive AI toy with direct dependency on the energy input which is not scalable"
Brett Wilson LLP Accepts That the Serial Strangler From Microsoft Filed a Case That Also Implicates My Wife (Everything is Connected)
They used to pretend that there were two separate cases
10 Reasons to Disable (or Enable) UEFI Secure Boot
Tomorrow the "trusted corporation" Microsoft will see a certificate expire
Gemini Links 10/09/2025: Hospital and Large Feeds
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, September 09, 2025
IRC logs for Tuesday, September 09, 2025
The Bluewashing of Red Hat is Being Completed, Many Staff Understand They'll be Made Redundant
Jim AllowHurst (Whitehurst) is meanwhile promoting Microsoft's agenda from within other companies
statCounter Sees GNU/Linux Exceeding 10% in Bulgaria This Month
What can Microsoft still do to stop GNU/Linux?
Dark Patterns
Microsoft saying "security" is like a Convicted Felon in the White House saying "law and order".
It's Almost Fall (Autumn)
To "Facebook prison" you are bound
Bruce Schneier About "Secure Boot"
Bruce Schneier isn't a fan of "Secure Boot"
Links 09/09/2025: Microsoft Mass Layoffs Again and "RTO" (Timed Like It Serves as a Distraction From the Mass Layoffs)
Links for the day
RMS Told Microsoft to Stop 'Secure Boot' (He Even Went There to Say That), But They Didn't Listen
Dr. Stallman (RMS) assumed that speaking to sociopaths would work
What Richard Stallman Told Me About 'Secure' Boot in 2012
"if the user doesn't control the keys, then it's a kind of shackle"
Those Who Helped Microsoft Weaponise "Secure Boot" Against GNU/Linux and BSDs Are Fleeing
Microsofters doing what they do best: they evade accountability
Simple is Better, Simplicity is Power
That is "the advantage of having commodity GNU/Linux systems," an associate notes
Much Ado About Nonsense
Microsoft Lunduke is still all dramatisation and sensationalism
Current Events in France
It needs to dump Microsoft and other GAFAM (US) giants, move to Free software
Links 09/09/2025: US-Korea Tensions and Meta Whistleblowers
Links for the day
Links 09/09/2025: “Torrents of Hate” and Political Crisis in France
Links for the day
Gemini Links 09/09/2025: "Dedigitizing" and Forgejo on FreeBSD
Links for the day
Google News (Not Just Google Search) Lets Itself by Gamed by One Slopfarm - to the Point Almost Half of "Linux" News is Bot-Produced Plagiarism (LLM Slop With Slop Images)
That says a lot about what Google thinks of quality, even in Google News
Bill Gates-Funded Media Inadvertently Refutes the Microsoft Lie That in 2025 Microsoft Had Just Two Waves of Layoffs
There were about 12 rounds of layoffs so far in 2025
From theregister.co.uk to theregister.com (US) to The Register MS (Run by Microsoft Operatives) and theregister.ai
The best way to break this racket (or cycle of hype and harm) is to break the chains of funding
Open Source Initiative (OSI) Culture of Censorship Necessitates More Speech
The OSI bans dissent or people who merely point out that the OSI is abusive
How to Reach Us Discreetly (Other Than Encrypted E-mail)
We're still managing to maintain a 100% source protection record. We soon turn 19.
LLMs Are Vastly Worse Than a Waste of Energy and the Externalities Are Huge
Worse than just higher power bills for everybody
LLMs Versus Search (Not Replacing Search But Engaging in DDoS Attacks Against Web Sites That Permit Searching)
The state of the Web isn't just bad; it's utterly terrible
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, September 08, 2025
IRC logs for Monday, September 08, 2025
It's Only the Second Week of September and Already Two Waves of Layoffs at Microsoft, Slopfarms and Microsoft-Funded Sites Spin It as "AI Investments" Rather Than Commercial Failure
A very large third one expected next week
The UEFI 9/11 - Part IX - Shunning Old Computers (in 2023 the Certificate Was Updated/Overridden, Underlying Aim May Be Herding/Forcing People to Get TPM and Other 'Novel' Restrictions)
the "upgrade treadmill"
Rumour: Second Wave of Microsoft Mass Layoffs in September to Commence Third Week of September
That basically answers questions like, "Any specific date or time of the month?"
If Your Machine Still Has "Secure Boot" Enabled, Then Microsoft Has a de Facto Kill Switch (Even If Your Machine Doesn't Have Windows and Never Had Windows)
It is not incorrect to call UEFI 'secure boot' a "kill switch"
Gemini Links 08/09/2025: Reality, ROOPHLOCH 2025, and Writing Another Gemini Client
Links for the day
Updating Firmware is Not the Solution But Only Additional Risk, Disable "Secure Boot" Today
firmware blobs are buggy, secret, impossible to audit, and barely tested
Microsoft Tim's DevClass (Part of The Register MS/Situation Publishing) is Full of Slop
Looking at many sites that are full of slop images is becoming an eye sore and hallmark of text too likely generated by LLMs or 'assisted' (tainted) by them
Microsoft Trying to Fake Demand for Slop. At What Cost?
That's a giant demotion and broken promises
Reddit is Corporate Propaganda
To make matters worse, Reddit ousted many original moderators
Jeff Geerling Shocked to Discover Many Metrics in YouTube Are Fake (His Audience Turns Out to be Much Smaller)
Maybe self-host all videos, don't rely on Google's "FOMO" cheating (addiction based on false assumptions)
Sunlight is the Best Disinfectant and Kryptonite/Garlic to Vampires
Transparency (sometimes described by words like "Sunlight" or "Truth") is paramount
The Register MS Uses Slop in Articles About Slop
we are fairly certain it's slop or CG based on other people's work
Visiting a Web Page or a Public URL Should be Safe, Predictable, and Benign
It's probably too late to "fix" the Web
The Register MS (Situation Publishing) is Paid to Spread Mindless Hype for the "Hey Hi" Ponzi Scheme and That's a Serious Problem
"Sponsored by Zoom."
Links 08/09/2025: Burger King Cracked, Cox v. Sony Analysed
Links for the day
Gemini Links 08/09/2025: Socialist Computer Museum and GAFAM/ByteDance/TikTok-Dominated Net
Links for the day
Links 08/09/2025: Tim Crook Disappoints Apple Faithfuls and Zuckerberg Lies (Financial Fraud) for Cheeto King
Links for the day
EPO Workers Point Out that the EPO is Destroying the Planet Under the Guise of "Hey Hi" (It Also Grants Many Invalid Patents Illegally
On 12 March and 16 June 2025, staff representation met with the administration in the Local Occupational Health, Safety and Ergonomics Committee (LOHSEC) in Munich
Turn Off Microsoft's Restricted Boot ("Secure Boot")
We're still running a series on this issue
Social Control Media Sites Have Become Bot Farms (Not Limited to LLMs and Automation)
linkedin.com was nothing but trouble and losses for Microsoft
Deep in Debt With the Magnitude of Losses Quickly Growing, Microsoft "Open" "Hey Hi" Now Uses Broadcom for Vapourware, Pretending It'll Do OK Next Year
At some stage it'll collapse
You Can Tell Microsoft is in Trouble When Its Own Fans and Staff Blast it
"Microsoft sinks billions into chasing artificial intelligence fads to hype up its share price."
Multiple Undersea Cable Cuts and We're Still OK
Microsoft customers experience problems
Lawyers Who Think They Are Online Assassins Don't Deserve a Licence to Operate
they've become a laughing stock in their "sector"
Microsoft Windows Fell to 3.9% "Market Share" in Bahamas
Based on statCounter
How the European Union (EU) Fell Out of Love With Free/Libre Software
Lots of bribery
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, September 07, 2025
IRC logs for Sunday, September 07, 2025