The REAL ID.

[WendyDarling]

So in October 2020, the Real ID will be required here in the US to enter government facilities that require ID so to fly on a domestic flight it or a passport will be required. I've heard that this ID is part of the globalist agenda with international implications to make this worldwide via facial recognition everywhere. Supposedly, the idea of this ID was created after 9/11 to make flights more secure, but by 2030 the entire world will be required to have a Real ID. For now the passport can act as the document to enter a plane, but once the world is onboard with this, passports may be retired. Instead of showing a stamped passport, your ID will be scanned and the stamp revealed via tech such as a phone.

Right now international security teams have to work together to accumulate info on someone's identity, but once the Real ID is phased in, all governments will have open access to any person's identity and whereabouts. I find that disconcerting and creepy. Facial recognition is already playing out at larger airports.

[Carleas]

First things first:

by 2030 the entire world will be required to have a Real ID

This is a fairly precise prediction, and one with which I disagree. Care to wager?

[O]nce the Real ID is phased in, all governments will have open access to any person's identity and whereabouts. I find that disconcerting and creepy.

Setting aside the timing, it's not implausible that eventually we'll have a global unique identifier for all people, or at least all people that the law recognizes as 'legitimate' (in some sense). I doubt it will ultimately be a piece of plastic; more likely will be the database behind those piece of plastic, which will authoritatively tie biometric identifiers to an individual. More than that, a more robust form of identity will rely on pervasive tracking, so that the you who was at the store an hour ago and the you who is in front of me now can be connected via your intervening movements.

And it's understandable that you find this "disconcerting and creepy", but I feel like you're implying that that equates to being bad or harmful, and I don't see how. It seems like that intuition derives from earlier forms of society and more mundane social interactions: if someone were actually following you around surreptitiously taking note of everything you do, that would cause for alarm. But those intuitions don't scale to universal and pervasive monitoring, and they don't take into account the way that technology can be used for passive surveillance that doesn't have the same implications as active, targeted surveillance.

I'm also reminded of the common folkloric idea that knowing someone's true name gives you power over them, a belief that occurs in many cultures across many times. This again suggests some primitive cognitive machinery that gets activated by being watched too closely. And that explains the intuitive feeling of creepiness, but it also undermines the idea that that feeling is rational.

[Karpel Tunnel]

if someone were actually following you around surreptitiously taking note of everything you do, that would cause for alarm.

That is happening much more than people realize. I really can't suggest a more interesting book than...

https://www.amazon.com/Age-Surveillance ... 1610395697

Very well documented, huge notes and detailed sourcing. And even for the faintly paranoid utterly surprising. This has gone much further than most people, even privacy activists, realize.

And if smart cities arrive, there will be no avoiding 'someone' surreptitiously following you and taking notes on everything we do. It will happen automatically.

Might not be dystopian, as long as the power this can concentrate and will concentrate never uses it. Of this, I am skeptical.

[Carleas]

I think I did not make the distinction as clearly as I'd intended.

There are important differences between, 1) someone literally following only you around and taking notes about your activities, and 2) someone setting up a system of cameras that tracks the movements of everyone who passes them. The difference is the targeting: the person in case 2 doesn't care about you, and their setting up the cameras gives you no good evidence that they care about you. They aren't watching you, they aren't sneaking around behind you, they very likely don't have a concept of you as a distinct and specific person.

The first case is much greater cause for concern than the second, and Real ID and the surveillance state are examples of the second case.

[Urwrongx1000]

Honestly, most people don't even have anything special or worth hiding in the first place.

People are boring.

[Karpel Tunnel]

I think I did not make the distinction as clearly as I'd intended.

There are important differences between, 1) someone literally following only you around and taking notes about your activities, and 2) someone setting up a system of cameras that tracks the movements of everyone who passes them. The difference is the targeting: the person in case 2 doesn't care about you, and their setting up the cameras gives you no good evidence that they care about you. They aren't watching you, they aren't sneaking around behind you, they very likely don't have a concept of you as a distinct and specific person.

Unless they want to. And with the types of AI systems already in place, they can have heuristics to draw you to the attention of
employers
courts
corporations - for various reasons
governments
law enforcement
insurance companies

Which might be fine if these were all good organizations, and then also if the very power itself cannot corrupt.
Already this is not passive. It is not just that current and planned surveillance waits for law breaking. They are already selling information about you to other companies. and this information is being shared with governments and corporations for whatever reasons these latter organizations want.

Again, I encourage a reading of the linked book above. It is already much further along than people realize and smart cities and other tendencies to use smart devices for everything - iow it is getting harder and harder to opt out - means that people have access to your information and do not need to even have adequate security against illegal third parties. Your robot vaccuum cleaner, yes, if you link it to your phone as instructed, let's third parties know the lay out of your apartment. Televisions are listening to sounds in your apartment.

And so much more.

The first case is much greater cause for concern than the second, and Real ID and the surveillance state are examples of the second case.

The latter allows for the former. And it would be very hard to even track if the companies lost your information to hackers, or to competitor industries to your company, or to whomever. Me, I am much more concerned about the concentration of power these technologies allow already enormously powerful entities. But even if your concern is a more focused interpersonal stalking, these new technologies open many more doors for that.

[Carleas]

I still feel like we're talking past each other.

Take two cases:
In one, someone sits outside a building watching for you to walk by, and when you do she takes a picture of you and notes the time (the "Active Case");
In the other, someone places a camera outside that building that films 24/7, and so captures a time-stamped picture of you walking by (the "Passive Case").

These aren't the same case, and we shouldn't immediately feel about the Passive Case as we do about the Active Case. Even though it looks like the same information is being collected, the conclusions we can derive from the two cases are very different.

It's true that the person looking for you in the Active Case can use the pictures from the Passive Case to accomplish the same thing, and in that sense the Passive Case "allows for" the Active Case. But that's just to say that if we add the distinguishing feature of the Active Case to the Passive Case, what we get presents all the problems of the Active Case. I don't disagree. But there still exists a distinguishable Passive case from which we should draw different conclusions.

You're also right that the information collected can be used nefariously. But it is much more often used to provide services, both specifically through targeting (decreasing search costs), tracking (making identification more robust), and security, and generally by tuning services to better serve users.

And you're right that it shifts power from the subjects to the holders. But note also that every proposed solution to the problem just shifts power differently. Where privacy laws are created, they primarily serve the interests of the wealthy and well-connected who have the wherewithal to take advantage of them to suppress information they don't want others to know or to target people who would challenge their authority. Where they burden data collectors, they tend to centralize data collection, because big players can better afford to bring their operations in line with regulations, often without real reductions in data collection and processing. And governments are regularly excepted from the regulations, so that regulation shifts power from private enterprise to government, a combination of means and motive that leads to a lot of the very hypothetical harms you seem to be worried about.

I'll recommend to you in turn the book, The Transparent Society, by David Brin. He lays out the case that, whatever the downsides of mass surveillance, the best option going forward is to make surveillance as widely available to as many people as possible; that the only way to prevent the harms you're describing is to make it so that everyone can watch everyone, so that any use of surveillance can itself be subject to widespread scrutiny.

[Karpel Tunnel]

I still feel like we're talking past each other.
It's true that the person looking for you in the Active Case can use the pictures from the Passive Case to accomplish the same thing, and in that sense the Passive Case "allows for" the Active Case. But that's just to say that if we add the distinguishing feature of the Active Case to the Passive Case, what we get presents all the problems of the Active Case. I don't disagree. But there still exists a distinguishable Passive case from which we should draw different conclusions.

It seems to me the people who want the active case are using the people performing the passive case. They are collaborating.

You're also right that the information collected can be used nefariously. But it is much more often used to provide services, both specifically through targeting (decreasing search costs), tracking (making identification more robust), and security, and generally by tuning services to better serve users.

Much more often is not a consolating when we are talking about such a consolidation of power. It need only be abused once, if the scale is big enough, to be a catastrophy.

And you're right that it shifts power from the subjects to the holders. But note also that every proposed solution to the problem just shifts power differently. Where privacy laws are created, they primarily serve the interests of the wealthy and well-connected who have the wherewithal to take advantage of them to suppress information they don't want others to know or to target people who would challenge their authority.

There are proposals out there that have facets that are classless. That companies must inform you of every receiver of the data they get about you. This would need strict enforcement and would open up markets for vaccuum cleaners that do not collect data about you and your apartments and open your privacy up to potential hackers and big brother governments (should this last begin to manifest). There are some pretty saavy privacy experts out there on the Left who are not just setting up policies to protect the rich.

Where they burden data collectors, they tend to centralize data collection, because big players can better afford to bring their operations in line with regulations, often without real reductions in data collection and processing. And governments are regularly excepted from the regulations, so that regulation shifts power from private enterprise to government, a combination of means and motive that leads to a lot of the very hypothetical harms you seem to be worried about.

Right but privacy activists, at least the smarter ones, are aware of these kinds of things. They are not impossible to regulate and balance out.

I'll recommend to you in turn the book, The Transparent Society, by David Brin. He lays out the case that, whatever the downsides of mass surveillance, the best option going forward is to make surveillance as widely available to as many people as possible; that the only way to prevent the harms you're describing is to make it so that everyone can watch everyone, so that any use of surveillance can itself be subject to widespread scrutiny.

Me against facebook, google, the NSA. Even we, some large group of interested people? That seems very pollyannish to me. We should be breaking the private giants up, regulating them, taking away their corporate charters when they break laws repeatedly, which some or perhaps all of the giants have done. The public sector is harder and easier. Harder to really know if their powers are being limited by regulation. Easier to assert the right of the citizens to regulate them since both conservatives and lefties are wary of government surveillance.

[Carleas]

It seems to me the people who want the active case are using the people performing the passive case. They are collaborating.

Sure, but the Active Case is often justified, and where it is we want it to use the best available information from the Passive Case.

And either way, the existence of the Active Case, even where it piggybacks on the Passive Case, does not turn all passive data collection into active surveillance.

Much more often is not a consolating when we are talking about such a consolidation of power. It need only be abused once, if the scale is big enough, to be a catastrophy.

Sure, but by the same coin it need only be used well once, if the scale is big enough, to be an absolute bonanza. We need to either compare actual positive use to actual negative use, or hypothetical best case scenario to hypothetical worst case scenario, or some probability-weighted version of both, to evaluate the net impact and expected effect.

There are some pretty saavy privacy experts out there on the Left who are not just setting up policies to protect the rich.

The effects I described are from the very proposals that savvy privacy experts have put forward. I don't mean that these are the intended consequences, but rather they are how the regulations function in the real world. Right To Be Forgotten has been abused by the powerful to cover up crimes and embarrassments; GDPR has burdened small companies to the benefit of the big players that were meant to be brought to heel. Savvy privacy people are very good at coming up with regulations, but they tend to ignore unintended consequences, trade-offs, opportunity costs, and the economics of what they advocate.

It may not be impossible to balance these things out, but it is very, very difficult to make a law that prohibits people from talking about other people and doesn't open itself to abuse. Even now, what seems like very reasonable privacy rights in ones tax returns are being used to shield a probably corrupt president from scrutiny. I'd imagine that is one of the privacy protections with the broadest support, but the unintended consequences are an absolute disaster for the world.

We should be breaking the private giants up, regulating them, taking away their corporate charters when they break laws repeatedly, which some or perhaps all of the giants have done.

These seem like separate questions. We can agree that we should break up companies whose market power distorts the economy in harmful ways, regulate them to forbid selfish and antisocial behavior, and back those regulations up with whatever consequences are most effective (and have the least collateral damage). But that does not tell us about the size at which companies become harmful nor which behaviors need to be regulated (nor, for that matter, whether revoking a corporate charter is a better consequence all told than e.g. criminally prosecuting the human beings making the ostensibly criminal decisions).

[promethean75]

Even now, what seems like very reasonable privacy rights in ones tax returns are being used to shield a probably corrupt president from scrutiny.

yeah what's the deal with that?

dude i haven't done my taxes in like twenty years, and ya know what imma tell em when they send the suits after me? imma be like 'oh hell no. you ain't about to come arrest me over a few thousand dollars when the president of the fuckin' united states of uhmerica ain't payin' his taxes. ya'll niggas better reconize.'

[Karpel Tunnel]

It seems to me the people who want the active case are using the people performing the passive case. They are collaborating.

Sure, but the Active Case is often justified, and where it is we want it to use the best available information from the Passive Case.

If the government is good. One idea in the US is that the laws need to reflect the always present possibility that one day it will not be, that this has tended to happen, and so we hamper even good governments, so that should a bad one come in - not a poor president and majority in the house, say, but an actually shift toward fascism say - that government will be hindered. Private agents are also hindered. I don't think the use of private information is legal as it is currenly practiced by Google, fb, etc.

And either way, the existence of the Active Case, even where it piggybacks on the Passive Case, does not turn all passive data collection into active surveillance.

It gives government and private companies way too much power. And this power is known and this knowing has effects. And it is abused, with regularity. Anything from personal vendettas by staff in private and public positions, to making available data to third parties, without the consent of individuals, with no promise of security on those sharings, to not defending well enough to hacking, to intentionally providing third parties with information that may or even will be used in ways that are not fair to or even are dangerous to the private person's the data relates to.

Sure, but by the same coin it need only be used well once, if the scale is big enough, to be an absolute bonanza. We need to either compare actual positive use to actual negative use, or hypothetical best case scenario to hypothetical worst case scenario, or some probability-weighted version of both, to evaluate the net impact and expected effect.

We have a history of keeping government from having ways to shift easily to the control of the population and leave democracy behind. We tend to risk quite a bit to keept his from happening.

The effects I described are from the very proposals that savvy privacy experts have put forward. I don't mean that these are the intended consequences, but rather they are how the regulations function in the real world. Right To Be Forgotten has been abused by the powerful to cover up crimes and embarrassments; GDPR has burdened small companies to the benefit of the big players that were meant to be brought to heel. Savvy privacy people are very good at coming up with regulations, but they tend to ignore unintended consequences, trade-offs, opportunity costs, and the economics of what they advocate.

It is very hard to control outcomes, which is part of why I am wary of giving governments and enormous corporations this much power. Precisely the argument you are making here, adds to the caution we should feel about, well, it'll work out, survellance will generally be used where it should be. That said, I think there are people making better proposals than you are noticing and the reason they are not being put in is because they will not just benefit the rich.

It may not be impossible to balance these things out, but it is very, very difficult to make a law that prohibits people from talking about other people and doesn't open itself to abuse.

You could demand, at a minimum that the company, for example, must inform out about what kinds of information they are sharing with third parties and who the third parties are. I think if you sell someone an online vaccuum cleaner and that VC is going to measure you apartment, record things, give a customer profile of you to third parties, you should know who these parties are, and then be able to see what the quality of their security of your data is. A lot of the claims these companies make is that the data is anonymous, but studies have shown that in fact hackers,t he companies, governments can figure out who the data belongs to up into the 90% level of accuracy. And these third parties have no obligation right now to take adequate security around that data. We've had tvs that actually record people in their apartments. 40 years ago this kind of thing would have just been assumed to get a warning label on a product. Now they don't even need to inform us, let alone insure that what they are selling will be guarded appropriately.

With the internet of things, which in many ways is already here, we don't even have to be customers of a company to be swept up in monitoring, enough monitoring to be a danger to battered wives, dissidents, people doing things their employers might dislike but which are legal, and that a rogue government can do all sorts of things with. And which the US government has done around political dissidents, minority groups, civil rights advocates and more with regularity but never with tools like there. Now they have AIs culling the data, now you can be followed without court order all day long.

We should be breaking the private giants up, regulating them, taking away their corporate charters when they break laws repeatedly, which some or perhaps all of the giants have done.

These seem like separate questions. We can agree that we should break up companies whose market power distorts the economy in harmful ways, regulate them to forbid selfish and antisocial behavior, and back those regulations up with whatever consequences are most effective (and have the least collateral damage). But that does not tell us about the size at which companies become harmful nor which behaviors need to be regulated (nor, for that matter, whether revoking a corporate charter is a better consequence all told than e.g. criminally prosecuting the human beings making the ostensibly criminal decisions).

[/quote]Of course, but since a corporate charter is a priviledge, I think any company that repeatedly avoids legal regulation or commits crimes, should lose their charter. What we have now is companies like fb and google that weild unbelievalbe power and ignore governments repeatedly. They consider themselves above the law, and even when agreeing to comply, find ways to get around it. Again, I recommend Surveillance Capitalism. I don't think the public, even the well educated public, has any idea what these companies do and do not do. And what is already happening. There is not the slightest informed consent about these issues. Very few people realize how much information is being shared about them, to whom, how little obligation the companies have to protect that information, how it has already been abused, and how much these companies have repeatedly broken laws, ignored legislation and oversight - and given their enormous power, this is attempts at oversight that have gotten past the antidemocratic lobbying practices and campaign finance control these behemoths used to nip enforcement of legislation and oversight in the bud.

At the very least we should know what is happening, where the information goes and what obligations the parties have in relation to it.

But the vast majority of the people do not know, in the least.

And they would care.