Issue 46

The benefits and costs of privacy

Economists like to point out, to many people's  disdain, that there's no such thing as a free lunch. Even free things  have a price, regardless of whether it's clearly visible, and every  decision involves trade-offs, i.e. there are benefits and costs.

That's  why well-intentioned regulations that have benefits may actually, on  balance, cause harm. Privacy on the internet (or lack thereof) - often misunderstood by those criticising it - is an area prone to regulatory  miscalculation, with the European Union's General Data Protection  Regulation (GDPR) the most well-known example. It was designed to  protect people's privacy in the wake of a serious of scandals involving  the likes of Facebook and, without a doubt, has some benefits. After  all, as privacy expert Bruce Schneier wrote back in 2018, privacy is important:

"People  change their behavior when they live their lives under surveillance.  They are less likely to speak freely and act individually. They  self-censor. They become conformist. This is obviously true for  government surveillance, but is true for corporate surveillance as well.  We simply aren't as willing to be our individual selves when others are  watching.
If there is no privacy, there will be pressure to  change. Some people will recognize that their morality isn't necessarily  the morality of everyone—and that that's okay. But others will start  demanding legislative change, or using less legal and more violent  means, to force others to match their idea of morality.

It's easy to imagine the  more conservative (in the small-c sense, not in the sense of the named  political party) among us getting enough power to make illegal what they  would otherwise be forced to witness. In this way, privacy helps  protect the rights of the minority from the tyranny of the majority.
Privacy  makes all of this possible. Privacy encourages social progress by  giving the few room to experiment free from the watchful eye of the  many. Even if you are not personally chilled by ubiquitous surveillance,  the society you live in is, and the personal costs are unequivocal."

I'm  all for privacy and exposing firms and governments which try to  undermine it. But I have a problem with large, one-size-fits-all privacy  regulations such as the GDPR, which add enormous compliance costs to  virtually everyone. For while the GDPR helps to protect  people's privacy online, it also has plenty of costs. For example, it  erodes competition as smaller firms - especially those just starting up -  are forced to divert valuable resources away from say engineers towards  lobbyists, accountants and lawyers. Given the compliance costs, the  GDPR tends to help large, established firms secure their place at the top in exchange for less disruptive  competition and innovation. Such costs tend to continue to accumulate  unseen for many years as innovation, and subsequently productivity  growth, are artificially reduced.

Thankfully there are solutions emerging that look to reduce those costs:

"As  privacy regulations like GDPR and the California Consumer Privacy Act  proliferate, more startups are looking to help companies comply. Enter  Preclusio, a member of the Y Combinator Summer 2019 class, which has  developed a machine learning-fueled solution to help companies adhere to  these privacy regulations."

Will companies such  as Preclusio be successful? Perhaps. But much like countries with tax  codes that require a university course to comprehend, everyone would be  better of with a simple set of rules rather than a good tax accountant.  In other words, to fully capture the benefits of privacy that Schneier  outlined above, it needs to be protected but in a far less costly manner  than the likes of the GDPR, which has created an even worse outcome.

Enjoy the rest of this week's issue. Cheers,

— Justin

The bits

Another 90 days

Is  Huawei a national security threat or not? Are American tariffs paid by  American consumers or not? For Trump, logical consistency clearly  doesn't matter, as last week he delayed tariffs leading up to Christmas  (to prevent higher prices for US consumers) and extended the exemption  of sanctions on Huawei by another 90 days. Neither decision fits the  previous rhetoric, which as I have pointed out many times is an absolute  bunch of crock.

Learn more:

Artificial intelligence isn't all that artificial

Behind  every good algorithm is an army of humans. At least Microsoft has  finally admitted as much and changed its privacy policy accordingly.

Learn more:

Other bits of interest

Image of the week

The United States may have extended its "temporary" Huawei exemption for  another 90 days but that doesn't mean Huawei is resting on its laurels.  Last week it announced its new (and very rough around the edges) Harmony operating system, and  this week its founder and CEO Ren Zhengfei announced his plan to create  an "iron army", which is basically an attempt to convince other  countries to allow Huawei to build their 5G mobile networks. As this map  shows he has his work cut out for him, with countries worth about a  third of the world's GDP having already banned Huawei in some form.

This week's data breaches

The  title of the WSJ article (Huawei spying in Africa) is incredibly  misleading. As it admits, the "Journal investigation didn't turn up  evidence of spying by or on behalf of Beijing in Africa. Nor did it find  that Huawei executives in China knew of, directed or approved the  activities described. It also didn’t find that there was something  particular about the technology in Huawei's network that made such  activities possible."

The  real spying was done by the governments of Uganda and Zambia. If you  don't think Huawei's competitors, e.g. Cisco, would do/are doing the  same then I have some magic beans to sell you.

The breaches:

That's all for now. If you enjoyed this issue, feel free to share it via email

Issue 46: The benefits and costs of privacy was compiled by Justin Pyvis and delivered on 26 August 2019. Join the conversation on the fediverse at