…they just got a Presidential Culture Award.
They were wondering whether to accept it or not, for the mid-October ceremony.
That’s right.
Excellent. Joel, would you be my timekeeper and remind me of the cabinet meeting? OK.
All right. A few things. First of all, when I talked to your DC counterparts, they mentioned that, especially around election seasons and large social movements, they’re actively considering revising the traditional privacy protection for robots. That is, coordinated fake account activities.
Privacy, of course, belongs to natural persons. If you can conclusively prove that these are automated bots, operated in a very coordinated fashion, that no human being can control 200,000 accounts at once – like “Lucy” in the movie – then it is OK or considered a new cyber norm for Twitter to publish not only the tweets those accounts have posted before taking them down, but also the metadata, meaning the user accounts, their online behavior patterns, and things like that.
We did just see the data sets published around Hong Kong.
The Twitter datasets from the portion of the PRC that did not require VPN to access Twitter.
Operated with Assistive Intelligence.
Assistive Intelligence. That’s my usual expansion of the term AI. It doesn’t mean that there’s no human working in collaboration with AI, but they are working at such a speed and precision that it couldn’t just be a human alone.
I went through the CSV files myself.
Yeah.
I think, first, your approach of releasing the hashed identities strikes a good compromise.
We also communicated with Facebook, which responded, I think with a tip from you, to act similarly, but without releasing the hashed metadata, or indeed, any metadata. They just published statistics of how many accounts, and not even which duration or anything like that.
I believe Google also followed Twitter tips, but also disclosed a similar amount of Facebook, which is to say, not very quantitatively investigable. My take is that your action is showing a new direction for a cyber norm that clearly delineates activities such as these and activities that are organically viral.
This distinction is not yet made by the other larger platforms, perhaps because they have different legal views on this matter. I think I would strongly encourage their legal teams to move toward your direction, which is, I think, much more accountable and allows for the social and academic sectors to have the power of interpretation.
The usual trade-off of, for example, the Manila Principle was between the government’s overstepping of a ministerial correction order versus a private sector company over-censorship, as in the case of NetzDG.
These two, I’m not saying that they are not working well. They’re working somewhat well. However, they take more liberties from the public, centralized to one of the first or second – that is to say, public or private – sectors.
Your approach empowers the social sector and the academia. I think that is to be commended.
I know. I wrote quite a few of those. Also, I was working with the Siri team. [laughs]
I worked with one of the earlier cypherpunks communities. I worked on the translation of the Freenet project, as well as being part of a group that translated the word “blog” to Mandarin.
When we did that work, which is in the days of Indymedia and friends, our main philosophy is not of cyberspace independence, but rather cyberspace interdependence. I’m very happy that it’s now an official UN policy, as of this year.
Interdependence means that we have to share reliable data with everybody else so that the checks and balances are not only between state and their citizens, but across the international norms and different practices.
So that we can reliably say that, by the end of this month, I think, when the Singapore model comes online, and the Taiwan model, which came online last month, we can quantitatively show which model works better on which parts of the state-sponsored disruptions, disinformation campaigns, and things like that.
Without such comparable quantitative data, it’s all anecdotes. It’s very difficult for you, actually, because you have to change with every revision of jurisdiction and the jurisdictional administrative orders, for a lack of better term.
I think the norm-first architecture is much better than a law-mandated market that determines the architecture, to use Lawrence Lessig’s theory. Starting with a social norm, but the data powers that norm. I think that is a much better direction.
On a more concrete level, I’ve been talking with telecommunication company representatives, such as, I think, Orange, Vodafone, and a team of researchers. For example, Alex Pentland, “Sandy,” from MIT, as well as the broader UN research system.
They have a design that’s called Open Algorithms. It’s a little bit of technical, so I apologize for speaking Greek.
Well, we will have a transcript.
The idea of open data, as you succinctly put, stops with privacy. Anything that you consider a disclosure of privacy is not to be published as open data. Hashed identities may be your delineation, beyond which there is no access. I applaud this point.
It is true that with only these data and a different format for each jurisdiction, because of jurisdictional orders, it makes it impossible for academics to have a comparable quantitative analysis of any kind, really, on that.
What the open algorithm movement is advocating is the flip of open data. It is the researchers writing, using a mocked or synthesized data, which is purely not reflecting any raw data at all. It could be just random rolling dices that you publish to establish your data storage schema, which is the structure of your data, but not any of the content.
The academics would write some code that do a different analysis that produce statistics, aggregates, or some other output that is impossible to reverse into the identities or any private materials. In the end, what the academics cares about is the result.
It’s not in their interest to peek into their peers’ personal, private tweets. It’s their interest to show that there is a trend growing and what that trend constitutes, and if they publish this code in just academic peer review fashion.
We invite the cyber security community, the mathematics community to inspect the algorithm and show conclusively that it cannot actually compromise privacy. Then the operators, such as the telecom operators take the same code packaged in a container, run it in their data center, and only publish the end result.
This framework is called open algorithms, because it’s not any personal data that’s disclosed. It is actually the statistics algorithm which may be very advanced is published.
That’s right. As you said, the distributed ledger, which is the part of the blockchain that concerns our discussion, because we’re definitely not talking about Telegram ICOs.
Not right now. The ledger part of the blockchain. Because storage gets cheaper as data is produced, so perpetuity is actually maybe a very accurate term to describe that. We wondered if copyright is also for perpetuity, but we are glad to have been proved wrong recently. [laughs]
That’s right. My take is twofold. First, if the ledger is built by the citizens, by the social sector, as in Taiwan, people measure air pollution levels by themselves and water pollution level by themselves.
If they are individual citizen accounts, there’s no accountability as a private citizen to offer anything like that. They just upload their real-time measurements through NB-IoT, LoRa, or any Zero-G network protocols into a distributed ledger.
That has two effects. The first one is that they collectively ensure the accountability of the data they measure. Basically, they cannot go back and change it. The second is that it forces, in Taiwan, the government to adopt a, “We cannot beat them, so we must join them,” approach.
Even with our national high-speed computing center, we cannot modify the numbers of that ledger. We have to commit and say, “Oh, you want to measure industrial parks?” Private property, they cannot enter into.
“Well, we own the lamps, so we will hang your device on the lamps within the industrial parks and join your ledger, rather than building one’s own ourselves.” That has always been our idea of social innovation, which is initiated by the social sector and always for the public good.
When used this way, this is essentially a trust machine that enables bootstrapping from lower-resource communities that set the governance of that ledger, rather than only large, private sector companies, such as the Libra Alliance, setting the rules of that sector.
It’s not to say that their work is not useful. It’s just, as a user, it’s very difficult to participate in that governance system. In our case, it starts with a citizen governance system. To me, it’s again, whether it’s about a norm-first architecture or whether it’s about a market-led one.
The open algorithm work? We have a Presidential Hackathon, which is an annual event. It runs for three months, and anyone from any sector can propose. Every year is 100 or so cases. We coach the 20 of them, as measured by popular vote.
We use a new voting method called Quadratic Voting that ensures a fair and balanced representation of people’s true will, instead of being divisive online, as you put it. Then the 20, which is very diverse, each has to correspond to a specific sustainable development target, one of the 169.
Then those 20 gets coached to be trilingual, meaning that whichever sector they start from, they must have a regulatory expert from the public sector, a technological expert from the private sector, and a domain coordinator and organizer from the social sector.
They all grow to be trisectoral in the last two months of the competition. By the last day, we have a meeting in the presidential office, choose five teams, and give them trophies by the president herself. When she hands out the trophies, because each team now has public servants in it, we cannot hand them cash. It’s prohibited.