Author: Christopher Parsons

Policy wonk. Torontonian. Photographer. Not necessarily in that order.

Categories
Links Writing

Social Networks, Social Media, and Design Affordances

Ian Bogost has a good piece in The Atlantic that recalls the trajectory of social networking services and their transformation into social media services. He distinguishes between the two thusly:

The terms social network and social media are used interchangeably now, but they shouldn’t be. A social network is an idle, inactive system—a Rolodex of contacts, a notebook of sales targets, a yearbook of possible soul mates. But social media is active—hyperactive, really—spewing material across those networks instead of leaving them alone until needed.

I’m someone who obtains a vast amount of very valuable information from my social networks. People are always softly pushing information that is relevant to my specific interests, such as by RSS or through private email groups, with just enough extra stuff that I can learn about novel topics or issues. In all of these cases however I make the choice to interact with the content and in a pretty focused way. This approach is perhaps a bit more active than how Bogost frames social networks but is much closer to the earliest days of Web 2.0, prior to the advent of microblogging and image sharing becoming major things in my neck the Internet. Much of this information comes from people I have either strong or intermediate connections with.

Professionally, I have historically found Twitter to be a useful social media platform. I and other experts have used it to surface media and/or opinions that were meant to be helpful in better understandings parts of the world I engage with. This, of course, has changed for the worse in the past 2 months. Broadly, I and other experts have benefitted from the design affordances of the ‘megascale’ of Twitter.

Most social media, however, holds little or no value to me.1 And perhaps most dangerously even Twitter has the effect of sharpening language (gotta keep within those character or thread limits!) while also making it much harder, if not impossible, to find useful contributions at a later date in time. As experts have moved to Twitter and away from long-term content storage repositories (e.g., blogs, opinion articles, etc) their expertise has the effect of appearing briefly and then being lost to themselves as well as future audiences. Broadly, then, one question is what is the role of social media for professionals and experts who have a public communication role to their careers?

There is also some real value in social media platforms that move content quite quickly. I know for a fact that Twitter, as an example, is regularly useful for foreign policy observers who are trying to determine what is happening around the world. These observers are taking advantage of weak ties to obtain otherwise difficult to find information. Twitter is, also, helpful for crowdsourcing in the case of disasters. At the same time these networks can be, and have been, and are being used for harmful purposes. This includes targeted harassment, government abuse, and more. We often hear about these latter ills and, in response, some wish that very different or slower social media platforms existed on the presumption that they would reduce the harm while still enabling the good platforms. This is perhaps best captured by Bogost’s earlier article, “People Aren’t Meant to Talk This Much,” where he writes:

Imagine if access and reach were limited too: mechanically rather than juridically, by default? What if, for example, you could post to Facebook only once a day, or week, or month? Or only to a certain number of people? Or what if, after an hour or a day, the post expired, Snapchat style? Or, after a certain number of views, or when it reached a certain geographic distance from its origins, it self-destructed? That wouldn’t stop bad actors from being bad, but it would reduce their ability to exude that badness into the public sphere.

However, in assessing the properties of networks/media systems designers should consider the respective technologies’ affordances and what they, and their users, really want or need. I don’t subscribe to the position that Twitter is Evil™ or that a ‘new Twitter’ needs to do away with all the affordances of the current platform.

Real good has come from the ability of different parties to exploit or benefit from virality. But that virality is not something that all persons should have to deal with if they don’t want to, and users of viral-enabled platforms should be protected by rigorous trust and safety policies and teams. (Twitter is clearly moving away from their already-insufficient efforts to protect their users and, so, any replacement virality-platform should start with trust and safety as a top priority ahead of almost anything else.)

The ‘solution’ to the ills of social media shouldn’t be to wistfully look back to the earliest era of Web 2.0, or the last breaths of Web 1.0, and say that we should be restricted to tool and service equivalents of those times. Social technologies should not be permanently halted in the time and template of Livejournal, Orkut, Google+, or Blogger.

First, because we enjoy a lot of modern affordances in our technology and likely won’t want to abandon them!

Second, because such call-backs are often to times when the social networks were far less diverse than the social media platforms today. We should be wary of seeking the civility of the past on the basis that much of that same perceived civility was premised on the exclusive and privileged nature of the social networks.

Third, it’s important for any and all who look for different social networks or social media platforms to recognize that the affordances they are seeking may not be the affordances that everyone is seeking. To use Twitter as just one example we regularly hear about how the platform is used by its Western users but comparatively little about how it’s used by Japanese users, who have prolifically adopted the platform. We should not over generalise our own experiences (or issues with) platforms and should instead adopt a more inclusive approach to understanding the benefits and drawbacks of a given platform’s affordances and capabilities.

I think that when imagining the ‘next’ iteration of social networks and social media it’s helpful to recognize that different kinds of networks will serve different functions. Not everything needs to operate at megascale. Also, though, we should learn lessons from the current social media platforms and design affordances that provide individuals and groups with the ability to express control over how their networks and media can be used. Tim Bray offers some of those suggestions in his proposals for updating Mastodon. Key, to my eye, are that content-licensing should be a default thing that is considered with code (and, unstated, law) being used to reinforce how individuals and communities permit their information to be accessed, used, collected, or disclosed.

We’re in the middle of yet another reflection period about what role(s) should social networks and social media play in Western society, as well as more generally around the world. Regulatory efforts are moving along and laws are being passed to rein in perceived issues linked with the companies operating the various networks. But there’s also real appetite to assess what should, and shouldn’t, be possible writ large on the contemporary and future social networks and social media platforms. We should lean into this in inclusive ways to develop the best possible policy. Doing anything else means we’ll just keep having the same debate ad infinitum.

  1. There’s lots of broader value: it can be useful economically for some individuals, enable speech outlets that are otherwise denied to individuals who are historically discriminated against, and serve as a medium for creative expression. ↩︎
Categories
Photo Essay Photography Writing

January 1st Graffiti Photowalk

I routinely try and take a bit of a longer photowalk at the start of each year. It’s an opportunity to stretch my legs some and a great way to start of the year while, also, getting a chance to document the city while it’s still recovering from New Years celebrations.

This year was no different, save that I ended up leaving for my walk later than intended and was drawn to a number of Toronto’s alleys throughout the evening.

While I did the majority of my shooting through the late afternoon and evening in monochrome, I couldn’t help by see how the positive film simulation in my Ricoh GRs would showcase the vibrant colours of graffiti under artificial lighting situations.

It was only once I’d brought the images home and looked at them that it became apparent that the majority of the photos were made from the same angle. I had no idea I was doing this at the time but, in hindsight, I definitely wish that I’d made images from wider variety of angles.

When I was wandering through some of the alleys I wished that there had been more people about to include in some of the images. Even a wisp of a figure would, I think, have added a bit of a haunting character to many of the photographs.

In their absence, however, I largely (though not completely) tried to channel Tatianna Hopper. She sometimes engages in a kind of street photography that simultaneously showcases the existence and absence of humans. Graffiti and human trash, or waste, expresses this concept to my mind.

In a number of alleys there were quasi-monstrous or demonic imagery. I see more and more of it around the city and have met the artists of some of it. The effort they’re putting in is amazing with really interesting effects; when shooting with humans in the frame and in monochrome, I find the graffiti adds an interesting graphic element and juxtaposition. Even on its own, however, the juxtaposition between colour and monochrome graffiti causes its own novel contrast.

Almost the entirety of 2022, and the tail end of 2021, saw me shoot 99% of my images in monochrome. I’m happy with the progress I’ve made on the street and can see the very real improvements in composition and ability to ‘see’ in monochrome. However I’m inspired by Alex Webb and Gustavo Minas’ ‘Maximum Shadow Minimal Light’. Both use shadow in colour photography and I’d like to develop similar skills . Maybe that means I’ll experiment some through the year in trying to translate what I’ve learned about light and shadows in monochrome images into colour photos!

Categories
Solved

Solved: Ricoh GR Not Using Auto-Hi ISO

I spent a few frustrating evenings shooting on aperture priority with the original Ricoh GR. It held my shutter speed at 1/40s and varied the ISO so that it was always at 1/40s.

I’ve finally sat down to figure out what the heck was going on as I’d never previously experienced this issue. For some reason each time I tried to set the ISO to Auto-High (with a 5000 ISO maximum and shutter minimum at 1/160s) it kept defaulting to Auto, instead.

The Problem

My Ricoh GR was stuck at 1/40s when shooting aperture priority (i.e., ‘Av’) with the ISO varying to ensure it could hit that shutter speed. My work-around solution was to take manual control of the ISO. When I manually raised the ISO I could get a much faster shutter speed.

The Solution

I had previously disabled ‘Continuous Mode’ when I had been experimenting with an external flash. In doing so I had, unknowingly, simultaneously disabled the camera’s ability to use ‘Auto-High.’1 Auto-High is used to set a maximum ISO and minimum shutter speed.2

To enable Auto-High on the Ricoh GR:

  1. Open the menu
  2. Enter the Shooting Menu (Camera symbol)
  3. Scroll down to ‘Continuous Mode’
  4. Press the right button on the control dial
  5. Scroll to ‘Continuous Mode’
  6. Press ‘OK’

You may, also, need to set the maximum ISO and minimum shutter speed for Auto-High. To set these values:

  1. Open the menu
  2. Enter the Setup Menu (Screwdriver and Wrench symbol)
  3. Scroll down to ‘ISO Auto-High Settings’
  4. Press the right button on the control dial
  5. Set the Maximum ISO and Change Shutter Speed to preferred values
  6. Press ‘OK’

At the conclusion of this you should hopefully have (re)enabled Auto-High ISO.

Note: My solution to this problem differs from some on the Internet. A post in the DP Review forums, as an example, suggests that you must disable ‘dynamic range compensation’ to solve the problem. This is not the case in my experience as I have dynamic range compensation set to ‘Medium’ on my Ricoh GR.

  1. This is not clearly explained in the Ricoh GR manual when when doing a search for ‘Auto-Hi’. ↩︎
  2. If shooting conditions are such that the camera cannot expose properly at a given aperture and maximum ISO setting, it may reduce the shutter speed below the minimum shutter speed set under Auto-High to get a correct exposure. ↩︎
Categories
Links

Cybersecurity and White Labelled Android Devices

Trend Micro has a nice short piece on the challenges of assessing the security properties of various components of Android devices. In short, white labelling incentivizes device manufacturers to invest the least amount possible in what they’re building for the brands that will sell devices to consumers. Trend Micro included this very nice little mention on the shenanigans that firmware developers can get up to:

Firmware developers supplying the OEM might agree to provide the software at a lower cost because they can compensate the lost profit through questionable means, for example by discreetly pre-installing apps from other app developers for a fee. There is a whole market built around this bundling service with prices ranging from 1 to 10 Chinese yuan (approximately US$0.14 to US$1.37 as of this writing) per application per device. This is where the risk is: As long as the firmware, packaged apps, and update mechanisms of the device are not owned, controlled, or audited by the smartphone brand itself, a rogue supplier can hide unauthorized code therein.1

While the authors suggest a range of policy options, from SBOMs to placing requirements on device transparency before administrators ‘trust’ devices, I’m not confident of these suggestions’ efficacy when taking a broader look at who principally uses white labelled devices. There are economics at play: should all devices have increased input costs associated with greater traceability and accountability then it will place financial pressures on the individuals in society who are most likely to be purchasing these devices. I doubt that upper-middle class individuals will be particularly affected by restricting the availability of many white labelled Android devices but such restrictions would almost certainly have disproportionate impacts on less affluent members of society or those who are, by necessity, price conscious. Should these individuals have to pay more for the computing power that they may depend on for a wide range of tasks—and in excess of how more affluent members of society use their devices?

Security has long been a property that individuals with more money can more easily ‘acquire’, and those who are less affluent have been less able to possess similar quantities or qualities of security in the services and products that they own. I understand and appreciate (and want to agree with) the Trend Micro analysts on how to alleviate some of the worse security properties associated with white labelled devices but it seems as though any such calculation needs to undertake a broader intersectional analysis. It’s possible that at the conclusion of such an analysis you still arrive at similar security-related concerns but would, also, include a number of structural social change policy prescriptions as preconditions that must be met before heightened security can be made more equitably available to more members of society.

  1. Emphasis added. ↩︎
Categories
Writing

Why Is(n’t) TikTok A National Security Risk?

Photo by Ron Lach on Pexels.com

There have been grumblings about TikTok being a national security risk for many years and they’re getting louder with each passing month. Indeed, in the United States a bill has been presented to ban TikTok (“The ANTI-SOCIAL CCP ACT“) and a separate bill (“No TikTok on Government Devices Act“) has passed the Senate and would bar the application from being used on government devices. In Canada, the Prime Minister noted that the country’s signals intelligence agency, the Communications Security Establishment, is “watching very carefully.”

I recently provided commentary where I outlined some of the potential risks associated with TikTok and where it likely should fit into Canada’s national security priorities (spoiler: probably pretty low). Here I just want to expand on my comments a bit to provide some deeper context and reflections.

As with all things security-related you need to think through what assets you are attempting to protect, the sensitivity of what you’re trying to protect, and what measures are more or less likely to protect those assets. Further, in developing a protection strategy you need to think through how many resources you’re willing to invest to achieve the sought-after protection. This applies as much to national security policy makers as it does to individuals trying to secure devices or networks.

What Is Being Protected

Most public figures who talk about TikTok and national security are presently focused on one or two assets.

First, they worry that a large volume of data may be collected and used by Chinese government agencies, after these agencies receive it either voluntarily from TikTok or after compelling its disclosure. Commentators argue that Chinese companies are bound to obey the national security laws of China and, as such, may be forced to disclose data without any notice to users or non-Chinese government agencies. This information could be used to obtain information about specific individuals or communities, inclusive of what people are searching on the platform (e.g., medical information, financial information, sexual preference information), what they are themselves posting and could be embarrassing, or metadata which could be used for subsequent targeting.

Second, commentators are adopting a somewhat odious language of ‘cognitive warfare’ in talking about TikTok.1 The argument is that the Chinese government might compel the company to modify its algorithms so as to influence what people are seeing on the platform. The intent of this modification would be to influence political preferences or social and cultural perceptions. Some worry this kind of influence could guide whom individuals are more likely to vote for (e.g., you see a number of videos that directly or indirectly encourage you to support particular political parties), cause generalised apathy (e.g., you see videos that suggest that all parties are bad and none worth voting for), or enhance societal tensions (e.g., work to inflame partisanship and impair the functioning of otherwise moderate democracies). Or, as likely, a combination of each of these kinds of influence operations. Moreover, the TikTok algorithm could be modified by government compulsion to prioritise videos that praise some countries or that suppress videos which negatively portray other countries.

What Is the Sensitivity of the Assets?

When we consider the sensitivity of the information and data which is collected by TikTok it can be potentially high but, in practice, possesses differing sensitivities based on the person(s) in question. Research conducted by the University of Toronto’s Citizen Lab found that while TikTok does collect a significant volume of information, that volume largely parallels what Facebook or other Western companies collect. To put this slightly differently, a lot of information is collected and the sensitivity is associated with whom it belongs to, who may have access to it, and what those parties do with it.

When we consider who is using TikTok and having their information uploaded to the company’s servers, then, the question becomes whether there is a particular national security risk linked with this activity. While some individuals may potentially be targets based on their political, business, or civil society bonafides this will not be the case with all (or most) users. However, in even assessing the national security risks linked to individuals (or associated groups) it’s helpful to do a little more thinking.

First, the amount of information that is collected by TikTok, when merged with other data which could theoretically be collected using other signals intelligence methods (e.g., extracting metadata and select content from middle-boxes, Internet platforms, open-source locations, etc) could be very revealing. Five Eyes countries (i.e., Australia, Canada, New Zealand, the United Kingdom, and the United States of America) collect large volumes of metadata on vast swathes of the world’s populations in order to develop patterns of life which, when added together, can be deeply revelatory. When and how those countries’ intelligence agencies actually use the collected information varies and is kept very secretive. Generally, however, only a small subset of individuals whose information is collected and retained for any period of time have actions taken towards them. Nonetheless, we know that there is a genuine concern about information from private companies being obtained by intelligence services in the Five Eyes and it’s reasonable to be concerned that similar activities might be undertaken by Chinese intelligence services.

Second, the kinds of content information which are retained by TikTok could be embarrassing at a future time, or used by state agencies in ways that users would not expect or prefer. Imagine a situation where a young person says or does something on TikTok which is deeply offensive. Fast forward 3-4 years and their parents are diplomats or significant members of the business community, and that offensive content is used by Chinese security services to embarrass or otherwise inconvenience the parents. Such influence operations might impede Canada’s ability to conduct its diplomacy abroad or undermine the a business’s ability to prosper.

Third, the TikTok algorithm is not well understood. There is a risk that the Chinese government might compel ByteDance, and through them the TikTok platform, to modify algorithms to amplify some content and not others. It is hard to assess how ‘sensitive’ a population’s general sense of the world is but, broadly, if a surreptitious foreign influence operation occurred it might potentially affect how a population behaves or sees the world. To be clear this kind of shift in behaviour would not follow from a single video but from a concerted effort over time that shifted social perceptions amongst at least some distinct social communities. The sensitivity of the information used to identify videos to play, then, could be quite high across a substantial swathe of the population using the platform.

It’s important to recognise that in the aforementioned examples there is no evidence that ByteDance, which owns TikTok, has been compelled by the Chinese government to perform these activities. But these are the kinds of sensitivities that are linked to using TikTok and are popularly discussed.

What Should Be Done To Protect Assets?

The threats which are posed by TikTok are, at the moment, specious: it could be used for any number of things. Why people are concerned are linked less to the algorithm or data that is collected but, instead, to ByteDance being a Chinese company that might be influenced by the Chinese government to share data or undertake activities which are deleterious to Western countries’ interests.

Bluntly: the issue raised by TikTok is not necessarily linked to the platform itself but to the geopolitical struggles between China and other advanced economies throughout the world. We don’t have a TikTok problem per se but, instead, have a Chinese national security and foreign policy problem. TikTok is just a very narrow lens through which concerns and fears are being channelled.

So in the absence of obvious and deliberate harmful activities being undertaken by ByteDance and TikTok at the behest of the Chinese government what should be done? At the outset it’s worth recognising that many of the concerns expressed by politicians–and especially those linked to surreptitious influence operations–would already run afoul of Canadian law. The CSIS Act bars clandestine foreign intelligence operations which are regarded as threatening the security of Canada. Specifically, threats to the security of Canada means:

(a) espionage or sabotage that is against Canada or is detrimental to the interests of Canada or activities directed toward or in support of such espionage or sabotage,

(b) foreign influenced activities within or relating to Canada that are detrimental to the interests of Canada and are clandestine or deceptive or involve a threat to any person,

(c) activities within or relating to Canada directed toward or in support of the threat or use of acts of serious violence against persons or property for the purpose of achieving a political, religious or ideological objective within Canada or a foreign state, and

(d) activities directed toward undermining by covert unlawful acts, or directed toward or intended ultimately to lead to the destruction or overthrow by violence of, the constitutionally established system of government in Canada,

CSIS is authorised to undertake measures which would reduce the threats to the security of Canada, perhaps in partnership with the Communications Security Establishment, should such a threat be identified and a warrant obtained from the federal court.

On the whole a general ban on TikTok is almost certainly disproportionate and unreasonable at this point in time. There is no evidence of harm. There is no evidence of influence by the Chinese government. Rather than banning the platform generally I think that more focused legislation or policy could make sense.

First, I think that legislation or (preferably) policies precluding at least some members of government and senior civil servants from using TikTok has some merit. In these cases a risk analysis should be conducted to determine if collected information would undermine the Government of Canada’s ability to secure confidential information or if the collected information could be used for intelligence operations against the government officials. Advice might, also, be issued by the Canadian Security Intelligence Service so that private organisations are aware of their risks. In exceptional situations some kind of security requirements might also be imposed on private organisations and individuals, such as those who are involved in especially sensitive roles managing critical infrastructure systems. Ultimately, I suspect the number of people who should fall under this ban would, and should, be pretty small.

Second, what makes sense is legislation that requires social media companies writ large–not just TikTok–to make their algorithms and data flows legible to regulators. Moreover, individual users should be able to learn, and understand, why certain content is being prioritised or shown to them. Should platforms decline to comply with such a the law then sanctions may be merited. Similarly, should algorithmic legibility showcase that platforms are being manipulated or developed in ways that deliberately undermine social cohesion then some sanctions might be merited, though with the caveat that “social cohesion” should be understood as referring to platforms being deliberately designed to incite rage or other strong emotions with the effect of continually, and artificially, weakening social cohesion and amplifying social cleavages. The term should not, however, be seen as a kind of code for creating exclusionary social environments where underprivileged groups continue to be treated in discriminatory ways.

So Is TikTok ‘Dangerous’ From A National Security Perspective?

Based on open source information2 there is no reason to think that TikTok is currently a national security threat. Are there any risks associated with the platform? Sure, but they need to be juxtaposed against equivalent or more serious threats and priorities. We only have so many resources to direct towards the growing legion of legitimate national security risks and issues; funnelling a limited set of resources towards TikTok may not be the best kind of prioritisation.

Consider that while the Chinese government could compel TikTok to disclose information about its users to intelligence and security services…the same government could also use business cutouts and purchase much of the same information from data brokers operating in the United States and other jurisdictions. There would be no need to secretly force a company to do something when, instead, it could just lawfully acquire equivalent (or more extensive!) information. This is a pressing and real national security (and privacy!) issue and is deserving of legislative scrutiny and attention.

Further, while there is a risk that TikTok could be used to manipulate social values…the same is true of other social networking services. Indeed, academic and journalistic research over the past 5-7 years has drawn attention to how popular social media services are designed to deliver dopamine hits and keep us on them. We know that various private companies and public organisations around the world work tirelessly to ‘hack’ those algorithms and manipulate social values. Of course this broader manipulation doesn’t mean that we shouldn’t care but, also, makes clear that TikTok isn’t the sole vector of these efforts. Moreover, there are real questions about the how well social influence campaigns work: do they influence behaviour–are they supplying change?–or is the efficaciousness of any campaign representative of an attentive and interested pre-existing audience–is demand for the content the problem?

The nice thing about banning, blocking, or censoring material, or undertaking some other kind of binary decision, is that you feel like you’ve done something. Bans, blocks, and censors are typically designed for a black and white world. We, however, live in a world that is actually shrouded in greys. We only have so much legislative time, so much policy capacity, so much enforcement ability: it should all be directed efficiently to understanding, appreciating, and addressing the fulness of the challenges facing states and society. This time and effort should not be spent on performative politics that is great for providing a dopamine hit but which fails to address the real underlying issues.

  1. I have previously talked about the broader risks of correlating national security and information security. ↩︎
  2. Open source information means information which you or I can find, and read, without requiring a security clearance. ↩︎
Categories
Videos

Is Street Photography Legal In Canada?

The answer, in almost all cases, is a resounding “yes.” David Fraser, a privacy and technology lawyer from Halifax, does an exceptional job in running curious (Canadian) street photographers through what the law allows and the rare exceptions when making street photos could have legal consequences.

Categories
Links

Postal Interception Coming to Canada?

The Canadian Senate is debating Bill S-256, ‌An Act to amend the Canada Post Corporation Act (seizure) and to make related amendments to other Acts. The relevant elements of the speech include:

Under the amendment to the Customs Act, a shipment entering Canada may be subject to inspection by border services officers if they have reason to suspect that its contents are prohibited from being imported into Canada. If this is the case, the shipment, whether a package or an envelope, may be seized. However, an envelope mailed in Canada to someone who resides at a Canadian address cannot be opened by the police or even by a postal inspector.

To summarize, nothing in the course of the post in Canada is liable to demand, seizure, detention or retention, except if a specific legal exception exists in the Canada Post Corporation Act or in one of the three laws I referenced. However, items in the mail can be inspected by a postal inspector, but if it is a letter, the inspector cannot open it to complete the inspection.

Thus, a police officer who has reasonable grounds to suspect that an item in the mail contains an illegal drug or a handgun cannot be authorized, pursuant to a warrant issued by a judge, to intercept and seize an item until it is delivered to the addressee or returned to the sender. I am told that letters containing drugs have no return address.

The Canadian Association of Chiefs of Police, in 2015, raised this very issue (.pdf). They recognised “that search and seizure authorities granted to law enforcement personnel under the Criminal Code of Canada or other criminal law authorities are overridden by the [Canada Post Corporation Act], giving law enforcement no authority to seize, detain or retain parcels or letters while they are in the course of mail and under Canada Post’s control.” The result was the Association was resolved:

that the Canadian Association of Chiefs of Police requests the Government of Canada to amend the Canada Post Corporation Act to provide police, for the purpose of intercepting contraband, with the ability to obtain judicial authorization to seize, detain or retain parcels or letters while they are in the course of mail and under Canada Post’s control.

It would seem as though, should Bill S-256 pass into law, that seven or eight years later some fairly impressive new powers that contrast with decades of mail privacy precedent may come undone.

Categories
Quotations

On The Principles of Fundamental Justice

Section 7 protects against the deprivation of an individual’s life, liberty and security of the person unless done in accordance with the principles of fundamental justice. These include the principles against arbitrariness, overbreadth and gross disproportionality. An arbitrary law is one that impacts section 7 rights in a way that is not rationally connected to the law’s purpose. An overbroad law is one that impacts section 7 rights in a way that, while generally rational, goes too far by capturing some conduct that bears no relation to the law’s purpose. A grossly disproportionate law is one whose effects on section 7 rights are so severe as to be “completely out of sync” with the law’s purpose.

Government of Canada, Bill C-27 Charter Statement

I like how tight and punchy the Government of Canada frames the principles of fundamental justice in its Charter statements. I’m familiar with each concept though, admittedly, through a different (academic) lens. I suspect that this framing will help me to have more fulsome and productive interactions with legislative drafters in the future.

Categories
Photo Essay Photography Writing

Which Photo (Or Three…) Best Represents 2022?

‘Til Pandemic Does Us Part | Excluded Audience | Amour by Christopher Parsons

Neale James, host of the Photowalk, challenged the ‘Extra Milers’ to look through our pictures and find one (or three…) which really spoke to our 2022. It could be a best photograph, or one that captures some memory or another, or really anything…the question was deliberately left pretty open to interpretation.

It served as a good experience for me. I went back through the past 11 months of images and, in the process, was reminded of numerous photos and experiences I’d forgotten about.

The first image (“‘til Pandemic Does Us Part”) speaks to how seriously some were still taking the pandemic much earlier in the year.

‘Til Pandemic Does Us Part by Christopher Parsons

The second (“Excluded Audience”) is very similar to an image I made in early 2020 which defined that stage of the pandemic in Toronto for me. “Excluded Audience” is meant to call back to that image and showcase that while things were going back to normal as the year progressed, that normal isn’t necessarily positive for everyone in the city. I’ve also included that reference image (“Down But Not Out”) below, after the set, just to indicate what I was trying to call back to.

Excluded Audience by Christopher Parsons

The final image of the year in this set (“Amour”) is meant to document how things are, today, with those in love able to see and hold one another amongst crowds once more. As a set, I think they have a symmetry in story and composition across them.

Amour by Christopher Parsons

And, finally, the reference image really just captures what Toronto was like in the early days of the pandemic when the entire downtown core had just shut down in its entirety.

Down But Not Out by Christopher Parsons

In terms of process for selecting photos, most years I start by reviewing images that I posted to social media that year, which in 2022 has been Glass. From the 300-365 images I work down to 30 images or so that best tell the story of the year. However, using this process I miss some photos that I really like but haven’t uploaded and, at the same time, include some images in the sort that I’ve somewhat fallen out of favour with since posting them.

All of which is to say: I think that going through and taking the time to review/re-examine all the images we’ve taken over a year is a splendid exercise, and especially because there’s a bit of time between when an image was captured and now. For me, at least, this helped to surface work that resonates more today than I think that it did when I first made it.

How do you go through and review your photos annually? What’s your best photo or photo set of the year, and what’s the story behind them?

Categories
Writing

Apple To More Widely Encrypt iCloud Data

Photo by Kartikey Das on Pexels.com

Apple has announced it will begin rolling out new data security protections for Americans by end of 2022, and the rest of the world in 2023. This is a big deal.

One of the biggest, and most serious, gaping holes in the protections that Apple has provided to its users is linked to iCloud. Specifically, while a subset of information has been encrypted such that Apple couldn’t access or disclose the plaintext of communications or content (e.g., Health information, encrypted Apple Notes, etc) the company did not encrypt device backups, message backups, notes generally, iCloud contents, Photos, and more. The result is that third-parties could either compel Apple to disclose information (e.g., by way of warrant) or otherwise subvert Apple’s protections to access stored data (e.g., targeted attacks). Apple’s new security protections will expand the categories of protected data from 141 to 23.

I am very supportive of Apple’s decision and frankly congratulate them on the very real courage that it takes to implement something like this. It is:

  • courageous technically, insofar as this is a challenging thing to pull off at the scale at which Apple operates
  • courageous from a business perspective, insofar as it raises the prospect of unhappy customers should they lose access to their data and Apple unable to assist them
  • courageous legally, insofar as it’s going to inspire a lot of frustration and upset by law enforcement and government agencies around the world

It’ll be absolutely critical to observe how quickly, and how broadly, Apple extends its new security capacities and whether countries are able to pressure Apple to either not deploy them for their residents or roll them back in certain situations. Either way, Apple routinely sets the standard on consumer privacy protections; others in the industry will now be inevitably compared to Apple as either meeting the new standard or failing their own customers in one way or another.

From a Canadian, Australia, or British government point of view, I suspect that Apple’s decision will infuriate law enforcement and security agencies who had placed their hopes on CLOUD Act bilateral agreements to get access to corporate data, such as that held by Apple. Under a CLOUD bilateral British authorities could, as an example, directly serve a judicially authorised order to Apple about a British resident, to get Apple to disclose information back to the British authorities without having to deal with American authorities. It promised to substantially improve the speed at which countries with bilateral agreements could obtain electronic evidence. Now, it would seem, Apple will largely be unable to assist law enforcement and security agencies when it comes to Apple users who have voluntarily enabled heightened data protections. Apple’s decision will, almost certainly, further inspire governments around the world to double down on their efforts to advance anti-encryption legislation and pass such legislation into law.

Notwithstanding the inevitable government gnashing of teeth, Apple’s approach will represent one of the biggest (voluntary) increases in privacy protection for global users since WhatsApp adopted Signal’s underlying encryption protocols. Tens if not hundreds of millions of people who enable the new data protection will be much safer and more secure in how their data is stored while simultaneously restricting who can access that data without individuals’ own knowledge.

In a world where ‘high-profile’ targets are just people who are social influencers on social media, there are a lot of people who stand to benefit from Apple’s courageous move. I only hope that other companies, such as Google, are courageous enough to follow Apple at some point in the near future.

  1. really, 13, given the issue of iMessage backups being accessible to Apple ↩︎