However, I bet the US government gets you first! As the newspapers (Guardian 07/06/13) reproduce slides for training US security and FBI officials in the use of the data feeds they get from Google, Verizon, AOL, Apple, Facebook et al who under the FAA enactment can now download usage data and user content, the German Federation of Consumer Organizations (VZBV) brought an action against Apple – and won in the Regional Court of Berlin. One of Apple’s crimes was sharing data with subsidiaries, and another was re-using data not directly gathered in the trading activity (for instance, the recipient’s details on a gift certificate sale). If I worked in Apple’s legal department, dedicated to taking no prisoners in any legal wrangle, I would be getting fairly schizoid by now. As indeed I am, whenever I use terms like Open Access, Open Data, Open Society, Open Sesame… and then reflect on the attempt by everyone in the networked society and the network economy to suborn and subvert every data instance into own-able IP.

And now, a word of explanation. My silence here in the last 10 days reflects my listening elsewhere. And speaking – to two Future of Publishing sessions, in London and New York, sponsored by IXXUS (, and at a seminar organized by the University of Southampton’s Web Sciences Doctoral students group (slides are available here). At each of these sessions we discussed the networked society and its implications. And Big Data reared its ugly head, strengthening my resolution never to mention the apparently undefinable term again, but to talk instead of massive data components and the strengthening business of data analytics. But nowhere did we discuss data protection – or revelation – and I regret that, especially now that the brilliant latest issue of DataIQ, the journal of DQM Group ( has come to hand. On page after page it nails the issues that every data holder should have in mind, and which our networked content industry grievously neglects at its peril. If the FBI don’t get you, the German courts will!

But I am less surprized, on reflection, by the US revelations than I thought I would be, bearing in mind the huge amounts of high level analytics and search software that agencies of the US government have bought over the years. On the one hand we should be grateful that a degree of paranoia has spawned an industry. This is where Seisint (Lexis Risk) came from, here is where Palantir and other software developers have flourished. These software developments were always intended for more than calculating the Presidential expenses or searching the library. The Military/Intelligence complex has been a rich patron for developing many of the tools that the networked society depends upon. On the other side we should reflect that mass observation on this scale is the Orwellian manifestation of a police state, and that those who battle for the liberty of the individual are betrayed if it becomes necessary to infringe that liberty in the cause of protecting it. In saying this, I should also say that I am sure that the UK government would be equally intrusive if they could afford it, and in times like these the natural tendencies of governments to use National Security as the cloak for the erosion of civil liberties is global. But after the emergency, do you ever remember government giving privacy rights back?

Which brings me to the network protection of user data in non-security contexts. Here there can be no doubt about who owns what: the problem is getting people to admit to the obvious. Thus, it seems to me axiomatic that when I use a networked service, then the transactional data that I input remains mine, unless or until I have accepted conditions of service that say otherwise. And even those conditions cannot rob me of my ownership: all they can do is define agreed conditions or re-use for the people I am dealing with at the time. Eventually, in the network, we will each of us be able to isolate every data entry that we make anywhere and store it in a personal DropBox in the Cloud. We will then sell or gift rights of re-use to designated parts to Apple, to market researchers, to the US government as part of a visa waiver application. But we shall at least be in control, and have pushed back on the arrogance of data players who seem to believe that every sign-on is their property. It is this type on “unthinking”, I am sure, that lies behind Bloomberg’s huge intrusion into user rights when they allowed their news team to examine the access records of their clients. I know we do not like Bankers in our society now (Don’t worry, Doctors and Lawyers and Journalists and Politicians – we shall be back for you again just as soon as we have finished off these financiers), but surely no one at Goldman Sachs deserves a call from a news reporter saying “I see you have not used your terminal this week, so are you still employed?”

Here in Europe we pride ourselves on ordering things differently. Our secret weapon is Germany, where, for fairly obvious historical reasons, privacy is now a fetish and data protection has become a goal pursued on behalf of citizens by a lobby of what can only be described as, well, privacy fundamentalists. The current revision of the European Data Protection Directive (95/46/EC) into European law will effectively turn the current opt-out regime in the EU into an opt-in world. Not necessarily a bad thing, says Mark Roy, CEO of the Data Agency in an article in DataIQ. I agree, and I also agree that the right of erasure (the right to be forgotten) is pretty difficult to manage. But the real horror story is the bureaucracy, the checking, the courts and the fines that all of this entails. Somewhere here there has to be a balance between German fanaticism and US laissez faire regarding the rights of individuals to the ownership of their own information. We have never seemed further apart from creating this essential building block of a networked society.

“Although we have long made limited
customer relationship data available to
our journalists, we realize this was a
mistake.” Doctoroff went on to note
that Bloomberg terminals are also
equipped with cameras that can see
through the clothing of female
subscribers, but he stressed that
images collected by the cameras are
not shared with ‘those nerds in the
News division.’

I much enjoyed the ChartGirl ( take on the Bloomberg story, and as is very often the case, Hilary Sargent got more sense into a chart than I can get into a thousand words. But we are now two days into the story, and already I note the appearance of stories saying we are giving Bloomberg too hard a time, that this could have happened anywhere, and that using online services is courting insecurity so we really should not be so very surprized. I am sorry, but this part of the development loses me completely. Is there any difference between Bloomberg allowing its news staff to access customer sign-on and usage data and News Corp tolerating a culture of news snooping that led to widespread phone-hacking? In principle, No. In degree, there may be differences, but if you aspire to be a trusted service provider then you simply cannot allow this to go on. I have no doubt that Thomson Reuters have spent the day checking their security, and Dow Jones have been explaining their policies at length. But neither so far has been revealed in the Bloomberg light, and it may say something about the cultures of these various players that this is the case.

The principle at stake here was taught me by the head of a London law practice in 1981. He was an early Eurolex user when I was running that early online service for lawyers, and he burst into my office at 8 am one morning bearing yards of printout. “Have you been watching the questions my staff have been asking”, he demanded, and when I said No, and explained we had confidentiality undertakings in our employment contracts, he calmed down and explained that the questions and search routines asked by his staff indicated exactly how he was going to defend a client insurer resisting a claim for damages to the wonderfully fragile legs of a famous actress who had fallen over at the film studios. As he departed he said “What I put into your machine is mine, and when and how I use it is mine also. You can use it, in anonymized form, to improve the service, but beyond that you may not go”.

It seems to me an important principle. As we as a society prepare to defend ownership of our supermarket bills, protect our phone usage from all comers, dream of building ePassports and eWallets to repatriate our own information to us, so that, if we wish, we can sell it to the highest bidder, we shall all of us call upon such principles, invoking them as property laws in our increasingly user-centric networked society. So how come that Bloomberg got things so shockingly wrong? Bloomberg, that secret cavern of a private company, whose whole culture is omerta and whose staff are sworn to secrecy beyond mortality? It comes down to an identifiable trait in private companies. It is about an omniscient esprit de corps. It reflects a certain arrogance that says that if you have grown fast enough and with enough certainty then you can make your own rules. In the pre BusinessWeek days Bloomberg was renowned for never buying anything, but instead for emulating what it wanted by “doing it again – better”. This admirable and industrial culture clearly also has a downside. It breeds people who can walk on water where confidentiality is concerned. The result will perhaps be a sobering ducking.

And hopefully the shock of cold water will touch the rest of the industry as well. Often, even in the financial services sector, users will want to put their content together to create a resource that the market needs. DataMonitor as a service combining anonymized information from banks and hedge funds on shorting contracts and equity leasing is a case in point. But it does not just indicate data that could be used to help create better markets. It comprises data that belonged to the traders and was theirs to sell, regardless of the ownership of terminals or networks which created that data. Unless we adhere to this idea we shall not have a networked society in any real sense, since all players will feel obligated to work one on one to prevent the data leakage.

We got this right 30 years ago: we cannot afford to sell the pass now, as we move into the Age of data analytics and the semantic web.

« go backkeep looking »