There is an abiding dream in the tech world that when all the planet’s people and data are connected it will be a better place. That might prove true- but getting there is turning into a nightmare- a world where billions of people are connected but without sufficient legal structures security protections or moral muscles among companies and users to handles all these connections without abuse. If only Twitter, Facebook and Google could keep their stories straight. They thrive by mining the private information of the billions of people who use them, many of whom are naïve about the value of what they are giving up with each post or click. But the companies are grudging at best when it comes to being open about themselves. The willingness of those who make daily use of Google and social media sites to offer up their likes and dislikes, not to mention the details of their spending habits and internet wonderings, provides Mr. Zuckerberg and his fellows with the personal data that is the Holy Grail of modern advertising and worth billions of dollar. It also gives them an endless stream of free content to put those ads beside. Their users’ endless posts, spats and vacation pictures make for the ultimate reality show.
One thing that’s becoming very clear to me as I like to report on the digital economy is that a rethink of the legal framework in which business has been conducted for many decades is going to be required-the sooner, the better. Many of the key laws that govern digital commerce were crafted in the 1980s or 1990s, when the internet was an entirely different place.
Consider, for example, the US Computer Fraud and abuse Act. This 1886 law made it a federal crime to engage in “unauthorized access” to a computer connected to the internet. It was designed to prevent hackers from breaking into government or corporate systems. The mythology is that the law was inspired by “War Games”, the 1983 movie starring Matthew Broderick.
While few hackers seem to have been deterred by it, the law is being used in fort battles between companies looking to monetize the most valuable commodity on the planet- your personal data.
Lately, it feels like we are all connected but no one’s in charge. Equifax, the credit reporting bureau, became brilliant at vacuuming up all your personal credit card-without your permission and knowledge- and selling it to companies that wanted to lend you money. But it was so lax in securing that data that it failed to install simple software security fixes, leaving a hole for hackers to get the Social Security numbers and other personal information of some 146 million Americans, or nearly half of the US population.
But don’t worry; Equifax ousted its CEO, Richard Smith, with “a payday worth as much as 90 million US Dollar or roughly 63 cents for every customer whose data was potentially exposed in its recent security breach.”
In my opinion Smith and his board should be in jail. But Senator Elizabeth Warren, who told CNBC, “ So long as there is no personal responsibility where these big companies breach consumers’ trust, let their personal data get stolen, cheat their consumers…then nothing is going to change.”
Facebook, Google and Twitter are different animals in my mind. Twitter has enabled more people than ever to participate in the global conversation; Facebook has enabled more people than ever to connect and build communities; Google has enabled everyone to find things like never before. Those are all good things. But the three companies are also a business, and the last election suggests they have all connected more people than they can manage and they have been naïve about how many bad guys were abusing their platforms. As Mark Warner, the top Democrat on the Senate Intelligence Committee put it, “Up to now these companies have not taken the threat that Russia and other foreign agents pose to our system seriously enough or invested enough or to really reveal what happened in 2016- or what is still happening now.”
These companies are just too busy to protect and enlarge their billion dollars commercial activities as the following example shows us.
LinkedIn is the dominant professional networking platform, a Facebook for corporate types. HiQ is a “data-scraping” company, one that access publicly available data form LinkedIn profiles and then mixes it up in its own quantitative black box to create two products-Keeper, which tells employers which of their employees are greatest risk of being recruited away, and Skill Mapper, which provides a summary of the skills possessed by individual workers.
LinkedIn allowed HiQ to do this for five years, before developing a very similar product to Skill Mapper, at which point LinkedIn sent the company a “cease and desist” letter, and threatened do invoke the CFAA if HiQ did not stop tapping its user data. LinkedIn’s lawyers argued not only that this was a violation of users’ trust, but that its client was a “private entity with a right to control access to its private property”- meaning not only its servers, but the consumer data on them, too your corporate data’s.
None of this is uncommon in the Valley. Data scraping companies, which can seem a bit creepy, are rife-as are big companies that watch little firms experiment with new ideas, and then try to steal/or crash them once they reach critical mass-either with a cease and desist letter, or Sy acquisition.
I have been inundated recently with calls from small tech firms complaining about anti competitive practices on the part of the larger platform companies. Most will not go public for fear of never getting another round of funding or a job (Silicon Valley has quite the omerta code, as I’m discovering) but I strongly believe in the fact that the ultimate measure of a man is not where he stands in a moment of comfort and convenience, but where he stands at times of challenge and controversy.
But also HiQ figured it had nothing to lose, because if it could not get LinkedIn data it would be out of business. The US District Court in Northern California, which hearing the case, agreed and gave it an injunction to continue to scraping while the legal battle moves forward- LinkedIn filed its opening brief in beginning of October.
The surprising good news is, that in a meanwhile, in a case that might have been significant mainly do digital insiders like us is being given a huge publicity boost by Harvard professor Laurence Tribe, the country’s pre-eminent constitutional law scholar. He has joined the HiQ defense team (a fact that I love) because as he told me, he believes the case is “tremendously important”, not only in terms of setting competitive rules for the digital economy, but in the realm of free speech. According to Prof. Tribe, if you accept that the internet is the new town square, and “data is a central type capital”, then it must be freely available to everyone-and LinkedIn, as a private company, cannot suddenly decide that publicly accessible, Google-searchable data is their private property. The worry is that if private companies are granted the authority to decide who gets to participate in the digital market place of ideas, then they could shun whoever they like, however they like.
For its part, LinkedIn argues that its position is the speech-maximizing one. It believes that if users knew data were freely available to unrestricted collection and access by third parties, they would be less likely to put it online. This is a good point, and perhaps one that consumers and users of the internet in general should think more carefully about.
Whatever your concern is anti- competitive business practices or the persecution of free speech, one thing that we all have to grapple with is that we are both the raw material and the end consumer of what is being sold online. We are the product.
Given that, we might want all to think much more carefully about three things: First, the extent of information that we reveal and all the myriad ways in which it can be used.
Second, whether the products and services we receive in exchange for our data are worth it, or whether the terms of the exchanges for our data should be reconsidered.
And Third, how governments may shift the rules of the new digital playing field, and what it will mean for capitalism in the 21st century.