Polisis AI Developed to Help People Understand Privacy Policies

It looks as though this AI development could be quite useful in helping people avoid the exploitation of their personal information. Someone reading this may also want to look into a resource called Terms of Service; Didn’t Read, which “aims at creating a transparent and peer-reviewed process to rate and analyse Terms of Service and Privacy Policies in order to create a rating from Class A to Class E.”

But one group of academics has proposed a way to make those virtually illegible privacy policies into the actual tool of consumer protection they pretend to be: an artificial intelligence that’s fluent in fine print. Today, researchers at Switzerland’s Federal Institute of Technology at Lausanne (EPFL), the University of Wisconsin and the University of Michigan announced the release of Polisis—short for “privacy policy analysis”—a new website and browser extension that uses their machine-learning-trained app to automatically read and make sense of any online service’s privacy policy, so you don’t have to.

In about 30 seconds, Polisis can read a privacy policy it’s never seen before and extract a readable summary, displayed in a graphic flow chart, of what kind of data a service collects, where that data could be sent, and whether a user can opt out of that collection or sharing. Polisis’ creators have also built a chat interface they call Pribot that’s designed to answer questions about any privacy policy, intended as a sort of privacy-focused paralegal advisor. Together, the researchers hope those tools can unlock the secrets of how tech firms use your data that have long been hidden in plain sight.

[…]

Polisis isn’t actually the first attempt to use machine learning to pull human-readable information out of privacy policies. Both Carnegie Mellon University and Columbia have made their own attempts at similar projects in recent years, points out NYU Law Professor Florencia Marotta-Wurgler, who has focused her own research on user interactions with terms of service contracts online. (One of her own studies showed that only .07 percent of users actually click on a terms of service link before clicking “agree.”) The Usable Privacy Policy Project, a collaboration that includes both Columbia and CMU, released its own automated tool to annotate privacy policies just last month. But Marotta-Wurgler notes that Polisis’ visual and chat-bot interfaces haven’t been tried before, and says the latest project is also more detailed in how it defines different kinds of data. “The granularity is really nice,” Marotta-Wurgler says. “It’s a way of communicating this information that’s more interactive.”

[…]

The researchers’ legalese-interpretation apps do still have some kinks to work out. Their conversational bot, in particular, seemed to misinterpret plenty of questions in WIRED’s testing. And for the moment, that bot still answers queries by flagging an intimidatingly large chunk of the original privacy policy; a feature to automatically simplify that excerpt into a short sentence or two remains “experimental,” the researchers warn.

But the researchers see their AI engine in part as the groundwork for future tools. They suggest that future apps could use their trained AI to automatically flag data practices that a user asks to be warned about, or to automate comparisons between different services’ policies that rank how aggressively each one siphons up and share your sensitive data.

“Caring about your privacy shouldn’t mean you have to read paragraphs and paragraphs of text,” says Michigan’s Schaub. But with more eyes on companies’ privacy practices—even automated ones—perhaps those information stewards will think twice before trying to bury their data collection bad habits under a mountain of legal minutiae.

Tax Cuts and Growth Revisited

If the U.S. economy does now have a year of GDP growth considerably higher than what it was in the past decade, it will probably lead into some political lies of the future related to tax cuts and growth. If government officials actually care about better economic growth, they’ll implement policies that invest in technological advancements and employment programs that increase capacity utilization. This growth should then go to the general public instead of the minor faction of the population that’s already wealthy.

The Democrats were virtually unanimous in opposition to the tax cuts that Republicans pushed through Congress last year. They had good cause. The overwhelming majority of the tax cuts go to the richest 1 percent of the population, the same group that has gotten the bulk of the gains from economic growth over the last four decades. For those who don’t think making the rich richer is an important priority of government, the tax cuts were a really bad idea.

[…]

While there is little reason to believe that the tax cuts would lead to the sort of boost in growth claimed by proponents, it is actually very plausible that GDP growth could average 3 percent over the next decade.

There are two factors that determine GDP growth: the rate of growth of the labor force and the rate of growth of productivity. The rate of labor force growth is almost certain to be slower going forward simply because the massive baby boom cohort will be retiring over the next decade.

[…]

This matters hugely because there is some reason to believe that productivity is picking up for reasons having nothing to do with the tax cut. Productivity growth averaged 2.1 percent in the second and third quarter of last year. It then fell slightly in the fourth quarter due to quirks in the data, specifically a surge in the number of people reported as self-employed. But with early reports indicating first quarter GDP growth will be well over 3 percent, we are likely to see another quarter of strong productivity growth.

While this uptick cannot be plausibly explained by the tax cut, there is an alternative explanation: It may simply be the result of a tighter labor market. The tighter labor market has led to increased wage growth at the bottom end of the pay ladder.

[…]

This all matters from a political standpoint because it would be unfortunate if the Republicans were to get credit for a pickup in growth which has nothing to do with them. Some of us did try to warn of this possibility last year, but the leading Democratic economists were not interested in our assessment.

Just to repeat what we said then, it is very possible that we will see something like the 3 percent GDP growth promised by the Republicans, but not because we gave more money to rich people. Because so many denied this possibility, Democratic economists may end up helping to convince people that giving money to the rich is the key to a strong economy.

NSA Violates Court Order by Deleting Data It Was Supposed to Preserve

The NSA shows once again why it’s such a trustworthy agency.

The National Security Agency destroyed surveillance data it pledged to preserve in connection with pending lawsuits and apparently never took some of the steps it told a federal court it had taken to make sure the information wasn’t destroyed, according to recent court filings.

Word of the NSA’s foul-up is emerging just as Congress has extended for six years the legal authority the agency uses for much of its surveillance work conducted through U.S. internet providers and tech firms. President Donald Trump signed that measure into law Friday.

Since 2007, the NSA has been under court orders to preserve data about certain of its surveillance efforts that came under legal attack following disclosures that President George W. Bush ordered warrantless wiretapping of international communications after the 2001 terrorist attacks on the U.S. In addition, the agency has made a series of representations in court over the years about how it is complying with its duties.

However, the NSA told U.S. District Court Judge Jeffrey White in a filing on Thursday night and another little-noticed submission last year that the agency did not preserve the content of internet communications intercepted between 2001 and 2007 under the program Bush ordered. To make matters worse, backup tapes that might have mitigated the failure were erased in 2009, 2011 and 2016, the NSA said.

EU Privacy Shield Standard Should be Adopted by More Countries

Online privacy isn’t as appreciated as it should be, but that may change as exponentially more devices are connected to the Internet over the next several years.

If you’re ever expecting a child, Target wants to be one of the first to know. The company has invested in research to identify pregnant customers early on, based upon their purchasing behavior. Then, it targets them with ads for baby gear.

While companies such as Target mine data about products their customers purchase from them (like prenatal vitamins) to send them personalized ads, many also rely on information gathered about us on the web — like what we search for on Google or email our friends. That lets them realize we’re planning a vacation to the Grand Canyon, for instance, and send us ads for local hotels.

 Many people think that it’s an invasion of privacy for companies to gather sensitive data — such as information about our relationships and medical history — and exploit it for commercial purposes. It could also widen social divisions. For example, Facebook determines our political beliefs based upon the pages we like and preferences we list on our profiles. If algorithms peg us as conservative or liberal and we’re targeted with ads accordingly, we may end up never understanding what people of other political persuasions think. Internet activist and author Eli Pariser has argued that America is so politically polarized in part because social media sites leave us in “filter bubbles.” Targeted political advertising could have the same effect.

That’s part of the reason why, in May, a new regulation will go into effect into the European Union giving citizens the “right to object” to “processing of personal data” about them for marketing and other purposes. As Andrus Ansip, the European Commission vice president for the digital single market, tweeted, “Should I not be asked before my emails are accessed and used? Don’t you think the same?” The new law overcame serious opposition from the advertising industry, whose representatives argue that it will disrupt ad revenues needed by the media. Experts say that websites will have to provide more valuable content to users as an incentive for readers to allow them to use their data.

Here in the U.S., most ads are bought through exchanges that allow advertisers to target people based upon data about them. Companies can choose to buy ads that will be seen, for example, by women who live in a particular ZIP code and graduated from a certain school. But according to guidance established by the Digital Advertising Alliance — a consortium of industry trade associations including the American Association of Advertising Agencies, the Association of National Advertisers, and the Better Business Bureau — consumers should have “the ability to exercise choice with respect to the collection and use of data.” Two members of the alliance accept consumer complaints and do their own research to identify violations of the rule. They work with companies to help them fix problems and report violations to regulators. 1  

While the principle behind the new EU law could justify wide-ranging new regulations and restrictions on how companies throughout the world do business, James Ryseff, a former Google engineer, says it’s likely that initially it will simply allow users to opt out of the “cookies” that track internet users as they surf the web. Although this will reduce the amount of data that tech companies can collect, it doesn’t truly allow users to opt out of targeted advertising, since businesses can still use the information they gather through other techniques — such as in-store purchases — to classify and reach customers. That’s why, Ryseff says, Americans should have more sophisticated ways to determine exactly what advertisers learn about us.

First, for example, we should be able to decide whether companies are able to gather generic data about who we are (such as our age, gender and location) or information about what we’re doing (such as researching a medical condition) — or neither, or both. “In general, I think ‘What I do’ information has a greater ability to freak people out,” Ryseff says. “Used incorrectly, it makes you feel like Google is stalking you.”

Second, Americans should get to decide where and when our data is tracked. For example, some people might be more comfortable being tracked on a search engine that knows their buying behavior and can make recommendations accordingly, but less so on personal email which can identify private facts about their lives — or work email which might contain proprietary information. (Google previously used data from the content of users’ emails to target them with ads, but pledged in June to stop the practice.) And we might want to temporarily stop allowing search engines to track our activities when we’re looking up something private, like medical symptoms. 2

Third, we should get to decide whether we’re willing to be targeted with ads based upon our own behaviors or people algorithms have decided are like us.

Big Tech as the New Predatory Capitalism

Big Tech has become corrupted with the immense power it wields, and there is growing awareness of the side effects of this phenomenon. I am personally a little too pedantic to agree with all of the article here, but it is definitely the type of analysis worth linking to in an era where corporations such as Google and Facebook are largely unregulated monopolies.

The five largest global corporations by market value are the five tech firms named above. Google has near-total dominance of the search market. Facebook welcomes two billion monthly users and manages six of the top ten social media apps globally. Amazon controls nearly half of e-commerce and over two-thirds of the emerging voice-activated digital assistant market. Apple and Google share control of the operating systems for mobile phones and tablet gadgets; add Microsoft and Amazon and you’ve covered virtually all electronic computing devices. Facebook and Google dominate digital advertising. Amazon is increasingly the only player for cloud services.

[…]

The effects of tech monopolization have been detailed, at book length, over the past year (see companion book review essay by K. Sabeel Rahman, page 104). We already know these firms have crippled entrepreneurship, by either buying out competitors or copying their features and using overwhelming market share to destroy them—tactics that would be familiar to the authors of the Sherman and Clayton antitrust acts. We already know they’ve concentrated economic gains in a few small enclaves, leaving large swathes of the country behind. We already know they religiously avoid taxes and cut special deals with intimidated public officials, burdening the rest of society. We already know their surveillance capabilities rival any in history, handing over a comprehensive profile of your every waking moment for advertisers and behaviorists to exploit. We already know the addictive qualities of their products have undermined social relationships, expanded divisiveness, and transformed what it means to be human. We already know their drive for profits ignores how their platforms can be weaponized, scarring millions and undermining democracy.

Enacting a Tax on Companies Using Valuable Personal Information

Societies should first tax what they dislike most, and the exploitation of personal user information by corporations is definitely an aspect of society to be disliked.

Our data is valuable. Each year, it generates hundreds of billions of dollars’ worth of economic activity, mostly between and within corporations — all on the back of information about each of us.

It’s this transaction — between you, the user, giving up details of yourself to a company in exchange for a product like a photo app or email, or a whole ecosystem like Facebook — that’s worth by some estimates $1,000 per person per year, a number that is quickly rising.

The value of our personal data is primarily locked up in the revenues of large corporations. Some, like data brokerages, exist solely to buy and sell sets of that data.

Why should companies be the major, and often the only, beneficiaries of this largess? They shouldn’t. Those financial benefits need to be shared, and the best way to do it is to impose a small tax on this revenue and use the proceeds to build a better, more equitable internet and society that benefit us all.

The data tax could be a minor cost, less than 1 percent of the revenue companies earn from selling our personal data, spread out over an entire industry. Individually, no company’s bottom line would substantially suffer; collectively, the tax would pull money back to the public, from an industry profiting from material and labor that is, at its very core, our own.

[…]

Our data is ours, but it also is not ours. We trade it away for so much of our experience on the internet. Money from a data tax could begin to counter this trade imbalance.

The money should go toward improving privacy of our information on the internet, countering identity theft, improving connectivity and internet literacy, all causes that would help create a more equitable internet for all.