I was summoned for jury duty this week but we were all let out after just a few hours. While I admit I didn’t want to be stuck in a trial for up to a few weeks, I had hoped for a little more time to get through a massive backlog of reading that’s built up over the past 3-4 months. Still, I managed to read, annotate, and close over 100 Safari tabs so I’ll call it a win!
Category: Aside
Categories
Incoming Leica Q2
For the past several years I’ve kept looking at the Leica Q2 as the next step in the camera I want to use. To be clear, I think I’m pretty proficient with the Fuji X100F but I’ve also been in situations where it hasn’t been able to perform, either due to weather or extreme low light. And as much as I like it there are things I find less than ideal about the Fuji, including the zone focusing system.
When I was in Quebec, recently, I held the Q2 for the first time, and got to play with it bit, and it convinced me that this was the next device I wanted to use to make photos. I don’t know that I’ll actually use it to make 28mm images and suspect I’ll crop to 35mm (equiv), but regardless I’m looking forward to using it when it arrives in the next week or so!
The Treasury Board Secretariat has released, “Privacy Implementation Notice 2023-03: Guidance pertaining to the collection, use, retention and disclosure of personal information that is publicly available online.”
This is an important document, insofar as it clarifies a legal grey space in Canadian federal government policies. Some of the Notice’s highlights include:
- Clarifies (some may assert expand) how government agencies can collect, use, retain, or disclose publicly available online information (PAOI). This includes from commercial data brokers or online social networking services
- PAOI can be collected for administrative or non-administrative purposes, including for communications and outreach, research purposes, or facilitating law enforcement or intelligence operations
- Overcollection is an acknowledged problem that organizations should address. Notably, “[a]s a general rule, [PAOI] disclosed online by inadvertence, leak, hack or theft should not be considered [PAOI] as the disclosure, by its very nature, would have occurred without the knowledge or consent of the individual to whom the personal information pertains; thereby intruding upon a reasonable expectation of privacy.”
- Notice of collection should be undertaken, though this may not occur due to some investigations or uses of PAOI
- Third-parties collecting PAOI on the behalf of organizations should be assessed. Organizations should ensure PAOI is being legitimately and legally obtained
- “[I]nstitutions can no longer, without the consent of the individual to whom the information relates, use the [PAOI] except for the purpose for which the information was originally obtained or for a use consistent with that purpose”
- Organizations are encouraged to assess their confidence in PAOI’s accuracy and potentially evaluate collected information against several data sources to confidence
- Combinations of PAOI can be used to create an expanded profile that may amplify the privacy equities associated with the PAOI or profile
- Retained PAOI should be denoted with “publicly available information” to assist individuals in determining whether it is useful for an initial, or continuing, use or disclosure
- Government legal officers should be consulted prior to organizations collecting PAOI from websites or services that explicitly bar either data scraping or governments obtaining information from them
- There are number pieces of advice concerning the privacy protections that should be applied to PAOI. These include: ensuring there is authorization to collect PAOI, assessing the privacy implications of the collection, adopting privacy preserving techniques (e.g., de-identification or data minimization), adopting internal policies, as well as advice around using attributable versus non-attributable accounts to obtain publicly available information
- Organizations should not use profile information from real persons. Doing otherwise runs the risk of an organization violating s. 366 (Forgery) or s.403 (Fraudulently impersonate another person) of the Criminal Code
Rolling Stone has an excellent article that profiles the women who have been at the forefront of warning how contemporary AI systems can be, and are being, used to (re)inscribe bias, discrimination, sexism, and racism into contemporary and emerging digital tools and systems. An important read that is well worth your time.
Categories
Warning Shots From The FTC On AI
The FTC has a very direct and to the point post about things that businesses should consider ahead of integrating generative A.I. into business offerings:
- Should you even be making or selling it?
- Are you effectively mitigating the risks?
- Are you over-relying on post-release detection?
- Are you misleading people about what they’re seeing, hearing, or reading?
The FTC is not, of course, saying that they oppose the integration of A.I. into products. But they are being very clear that companies should do their due diligence ahead of such integrations or else run the risk of government investigations driven to protect consumers’ interests.
Look, if you think the fact that my Internet of Shit door-lock failed because the company that designed it made no plan to let me into my house if they went out of business would make me sympathetic to that company, you are out of your fucking mind.
Cory Doctorow, “Learning from Silicon Valley Bank’s apologists”
The Internet-of-shit is real and we can only hope that the threats associated with their bank collapsing will teach a generalizable lesson.
I’m…..not optimistic.
Cory Doctorow has a great analysis of Netflix and it’s efforts to define (and delimit) what constitutes a family. The real kicker, though, is the final paragraph:
When [Netflix] used adversarial interoperability to build a multi-billion-dollar global company using the movie studios’ products in ways the studios hated, that was progress. When you define “family” in ways that makes Netflix less money, that’s felony contempt of business model.
Netflix: a company the whole family can appreciate. Just perhaps not together.
Black Tap Magazine has a helpful article that distinguishes between photojournalism, documentary photography, and street photography. I found it particularly helpful to see the author grapple with the differences (and commonalities) between documentary and street photography, with the former focusing more on projects and potentially posed/non-urban photography, and the latter being cast as more spontaneous and less project-driven. While I think good street photography should be emotive and tell a story over time, I appreciate that the core assertion is that documentary photography must tell (or try to tell) some story, often as a photo set, whereas street photography is not similarly bound by these conditions.
Categories
Which Three Terms Describe Yourself?
I can see my life by way of several extended moments and, over time, how I’d describe myself has changed and expanded—from perhaps just one term to two—and deepened insofar as the descriptions arguably better articulate who I am.
For the past several months I’ve been reflecting on the terms that likely best briefly describe me. As it stands, I think that the current stage of my life is best captured as: policy wonk, street photographer, and Torontonian. And not necessarily in that order!
Each term speaks to less what I aspire to be—there are lots of terms I could use there!!—and more to who I am, by way of the actions I undertake on a daily or at least highly regular basis.
What three terms best describe you, today?
There’s a whole lot happening all over social media and this is giving me a chance to really assess what I use, for what reason, and what I want to publish into the future. I’ve walked away from enough social media services to recognize it might be time for another heavy adjustment in my life.
Twitter has long been key to my work and valuable in developing a professional profile. I don’t know that this kind of engagement will be quite the same moving forward. And, if I’m honest, a lot of my Twitter usage for the past several years has been to surface and circulate interesting (often cyber- or privacy-related) links or public conversations, or to do short-form analysis of important government documents ahead of writing about them on my professional website.
The issue is that the links on Twitter then fade into the digital ether. While I’ve been using Raindrop.io for a while and really love the service, it doesn’t have the same kind of broadcast quality as Twitter.1
So what to do going forward? In theory I’d like to get back into the habit of publishing more link blogs, here, about my personal interests because I really appreciate the ones that bloggers I follow and respect produce. I’m trying to figure out the format, frequency, and topics that makes sense; I suspect I might try to bundle 4-6 thematic links and publish them as a set, but time will tell. This would mean that sometimes there might be slightly busier and slower periods, depending on my ability to ‘see’ a theme.
The challenge is going to be creating a workflow that is fast, easy, and imposes minimal friction. Here, I’m hoping that a shortcut that takes the title and URL of an article, formats it into Markdown using Text Case, and then provides a bit of space to write will do the trick. This is the format I used to rely on to create my Roundup posts, though I don’t really expect I’ll be able to return to such length link blogs.
Update Nov 2023: I have really just leaned into sharing notable links using my through Raindrop.io RSS feed, especially as social media services have fragmented all around us.
- I have, nonetheless, created an RSS feed with mostly links to privacy, cyber, and national security articles. ↩︎
Excited Pixels 