Self driving cars – privacy points to ponder

Cars collect a significant amount of information about our driving. That data will increase dramatically as we move to autonomous vehicles – and with more data comes more ways to use it.

This information can be used now to find fault in an accident or convict us of driving offences. Some insurance companies offer discounts if we share that data with them and they decide we are a safe driver.

Cars increasingly rely on electronic systems for safety features, and self driving cars are coming. They will increasingly collect and store data about not just the car itself but also its surroundings, and will share that with other cars around it.

What might our morning commute look like in a few years?

A driverless car pulls up to your door. You are ready to go because the car sent you a text when it was 2 minutes away. When you get in the car greets you by name, and tells you traffic is light today. As it pulls out it, it asks if you would like to try a new coffee on promo at Starbucks instead of your usual Tim’s stop. You say yes, and it takes you through the Starbucks drive through. Your coffee is ready because the car has already ordered it and told Starbucks when you will arrive. And the car paid for it.

The car tells you your Amazon package should arrive at the pickup point today, and asks if you want to stop there on the way home.

You pass near a restaurant you have gone to before, and the car tells you about an upcoming special. The car makes a reservation for Friday at your request. As you near your office it shows you your schedule for today, and asks if you want to be picked up a few minutes later because of a late meeting.

So what’s going on here?

You may have programed in things like stopping at Tims on the way to work. Or it may have learned your habit after a couple of commutes. Starbucks may have paid for the special to be mentioned. It may have learned about the restaurant and your Amazon order by reading your emails and schedule.

That all sounds very convenient, but the price of convenience is surveillance. And with surveillance comes the ability for others to use that information for good and for evil.

It has been estimated that a self driving car might generate a gigabyte of data per second. It will be tempting to use that data for all sorts of things.

One vehicle data startup CEO says that by 2020, automakers will be able to make more money selling vehicle data than the cars themselves.

It is not far-fetched to imagine a scenario where a self-driving taxi ride could be immensely cheap or even free, because the revenue from advertising and data generated from the ride might be more valuable than the taxi fare.

For example, car cameras and sensors could spot available parking spaces, know how much traffic there is, how many pedestrians are on a block, and how many cars are in line at a drivethrough.

Who owns this information? Who has the right to use it? Car manufacturers will no doubt claim they do. Keep in mind that in the US secondary use of personal information is more acceptable than it is in Canada or Europe.

The privacy implications are enormous. It’s one thing to know that there are two empty parking spaces on a block. Its totally another to know that my car is parked there, or what stops I make on my commute.

Current privacy laws may not be adequate to deal with these issues. And it challenges the notion of meaningful consent.

As interesting as the idea of self driving cars is, we need to be sure that the price is not too high in terms of privacy and surveillance.

Anyone interested in a deeper dive (drive?) on this subject should look at the BC Freedom of Information and Privacy Association study titled The Connected Car: Who is in the Driver’s Seat?

Cross-posted to Slaw

10 things to watch for at the intersection of Tech and Law in 2017

  1. CASL, Canada’s anti-spam legislation, has been with us since July 2014. It’s a terrible piece of legislation for many reasons. In July 2017 a private right of action becomes effective that will allow anyone who receives spam as defined by CASL to sue the sender. CASL sets out statutory damages, so the complainant does not have to prove any damages. Class actions will no doubt be launched. The sad part is that breaches of CASL are to a large extent breaches of the very technical requirements of the statute, rather than the sending of what most people would call spam. At some point in 2017 we may see a court decision that ponders CASL’s legality.
  2. Pipeda, Canada’s general privacy law, has been amended to require mandatory notice to the privacy commissioner and/or possible victims when there is a serious privacy breach. This is on hold pending finalization of the regulations – and may be in effect before the end of 2017.
  3. Privacy in general will continue to be put under pressure by politicians and law enforcement officials who desire to advance the surveillance state. The good news is that there is continuing pressure being put forth by privacy advocates. A UK court, for example, decided that some recent UK surveillance legislation went too far. The Snowden revelations have spurred most IT businesses to use more effective encryption. Unfortunately, I don’t think it is safe to predict that President Obama will pardon Snowden.
  4. Canada’s trademark registration process will undergo substantive change in 2018 – some good, some not so good. In 2017 the regulations and processes should be finalized, giving us more detail about how it will work in practice.
  5. We will hear a lot about security issues around the internet of things, or IOT. IOT devices can be a gateway to mayhem. IOT things include such disparate devices as thermostats, light switches, home appliances, door locks, and baby monitors. The problem is that far too often designers of IOT devices don’t design security into them. That makes it easy for malfeasants to use these devices to break into whatever networks they are connected to.
  6. Artificial Intelligence, or AI, will continue to creep in everywhere. AI is now employed in many things we use – ranging from google translate to semi-autonomous cars. Voice controlled screen and non-screen interactions – which use AI – are on the rise.
  7. AI is starting to be used in tools that lawyers use, and for tools that will replace lawyers in some areas. In 2017, we will start to see some major upheavals in the practice of law, and how people get their legal needs met. At some point every lawyer (and knowledge workers in general) will have a holy cow moment when they realize the impact of AI on their profession. AI will make inroads in things like legal research, and contract generation. It will also foster the provision of legal services online by non-lawyers to a vast underserved market that won’t pay lawyers on the current business model. These services may not be quite as good as those provided by lawyers, but consumers will be happy to pay less for what they perceive as good enough. And the quality, breadth, and sophistication of these services will continue to improve as AI improves.
  8. Another AI issue we will hear about in 2017 is embedded bias and discrimination. AI makes decisions not on hard coded algorithms, but rather learns from real world data and how things react to it. That includes how humans make decisions and respond and react to things. It thus tends to pick up whatever human bias and discrimination exists. That is a useful thing if the purpose is to predict human reactions or outcomes, like an election. But it is a bad thing if the AI makes decisions that directly affect people such as who to hire or promote, who might be criminal suspects, and who belongs on a no-fly list.
  9. The cloud has finally matured and will be adopted by more businesses in 2017. Most major international players now have data centres in Canada, which helps to raise the comfort level for Canadian businesses. Many CIOs now realize that putting everything in the cloud means that life is easier as a result, as it can make business continuity, scalability, mobility, upgrades, and security easier. Care must be taken to make sure that the right solutions are chosen, and it is being done right – but there are compelling reasons why it can be better than doing it yourself.
  10. The youngest generation in the workforce is always online, connected, and communicating, and expects their workplace to fit their lifestyle and not the other way around. Firms that embrace that will get the best and the brightest of the rising stars. It used to be that business tech was ahead of consumer tech, but that trend has been reversing for some time. More workers will get frustrated when they can do more with their own devices and apps than their corporate ones. That can lead to business challenges in areas such as security – but these challenges around rogue tech in the workplace have been around for decades.

Cross posted to Slaw

Emerging tech – potentially awesome and a privacy quagmire

I attended an event last night where Duncan Stewart of Deloitte talked about their TMT predictions for 2016.

It reinforced for me that the future of tech and what it will do for us is potentially awesome.  But also at the same time the amount of information that is being collected and stored about each of us is staggering.  That creates real privacy challenges, and real possibilities for abuse.  And because the information is there, there is a tendency for government and business alike to want to use it.

One scary aspect is that the more we get used to more information being collected about us, the more complacent we get.  Our personal freaky line – the line at which we stop using services because we are concerned about privacy issues – moves a little farther away.  That is in spite of the fact that the more information there is about us, the more ripe for abuse it is, and the more that we temper or alter our behaviour because we know we are being watched.

Think for a moment about all the information that is increasingly being collected about us.

  • Smartphones that know our every move and the most intimate and personal aspects of our lives.
  • Intelligent cars that know where we go and how we drive.
  • The internet of things where the stuff we own collects information about us.
  • Wearable tech that collects information about our fitness, and increasingly our health.
  • The trend for information and services to be performed in the cloud rather than locally, and stored in various motherships.
  • Big data that functions by saving as much information as possible.
  • Artificial intelligence and cognitive learning tools that can turn data into useful information and make inferences based on seemingly unconnected information.
  • Blockchain technology that has the potential to record surprising things about us.

On top of all this, it is becoming increasingly harder to understand when our info is staying on our device, when it goes somewhere else, how long it stays there, who has access to it, when it is encrypted, and who has access to the encryption keys.

It is in this context, and the fact that we just don’t have the time to spend to understand and make all the privacy choices that we need to make, that the Privacy Commissioner of Canada last week released a discussion paper titled Consent and privacy: A discussion paper exploring potential enhancements to consent under the Personal Information Protection and Electronic Documents Act

The introduction states in part:

PIPEDA is based on a technologically neutral framework of ten principles, including consent, that were conceived to be flexible enough to work in a variety of environments. However, there is concern that technology and business models have changed so significantly since PIPEDA was drafted as to affect personal information protections and to call into question the feasibility of obtaining meaningful consent.

Indeed, during the Office of the Privacy Commissioner’s (OPC’s) Privacy Priority Setting discussions in 2015, some stakeholders questioned the continued viability of the consent model in an ecosystem of vast, complex information flows and ubiquitous computing. PIPEDA predates technologies such as smart phones and cloud computing, as well as business models predicated on unlimited access to personal information and automated processes. Stakeholders echoed a larger global debate about the role of consent in privacy protection regimes that has gained momentum as advances in big data analytics and the increasing prominence of data collection through the Internet of Things start to pervade our everyday activities.

Cross-posted to Slaw

A supercomputer on your wrist

smartwatchcray-2-computer-system

 

Sometimes we get so wrapped up in the specs and quirks of our current technology that we forget how far we have come.

To put it in perspective, consider a smartwatch.  There are many ways to measure computer performance – CPU speed, amount of ram, amount of storage memory, network speed, etc.  A common way to compare basic performance, though, is by FLOPS, or floating operations per second.

A smartwatch can do somewhere in the range of 3 to 9 gigaflops.  To put that in perspective, the Cray-2 supercomputer in 1985 could do about 1.9 gigaflops.  You could buy one then for about $17,000,000.  It used 200 kilowatts of power (that’s several times the power a typical home electrical system provides), occupied 16 square feet of floor space (if you ignore its separate cooling system) and weighed 5500 pounds.  (A pdf brochure with the details is here.) I’m sure no one then thought we would ever strap something like that on our wrists, let alone order one online and have it arrive a couple days later.

Makes one wonder what the next few decades will bring.

Cross-posted to Slaw

Privacy Panic Cycle

The Information Technology and Innovation Foundation has released their analysis of how privacy advocates trigger waves of public fear about new technologies in a recurring “privacy panic cycle.”

The report is an interesting read and makes some valid points.  In general, people fear new things more so than things we are familiar with.  Like the person who doesn’t fly much being nervous about the flight when statistically the most dangerous part of the journey is the drive to the airport.

While a privacy panic for emerging tech is indeed common, we can’t summarily dismiss that panic as having no basis.  The key is to look at it from a principled basis, and compare the risks to existing technology.

New tech may very well have privacy issues that need to be looked at objectively, and should be designed into the tech (called privacy by design).

Even if the privacy fears are overblown, purveyors of the technology need to understand the panic and find a way to deflate the concerns.

Cross-posted to Slaw

Will self-driving cars spontaneously reboot?

A common rebuke to self-driving cars are thoughts about cars behaving like computers – like freezing or rebooting while driving. Those make amusing sound bytes or twitter comments, but there is a grain of truth to it. Self driving technology has come a long way, but while computers and software can follow programmed instructions, and can learn over time, humans are still better at many things.

An article in the New York Times entitled Why Robots Will Always Need Us does a good job of putting this in context, in part by the experience of aircraft.

Author Nicholas Carr points out that:

Pilots, physicians and other professionals routinely navigate unexpected dangers with great aplomb but little credit. Even in our daily routines, we perform feats of perception and skill that lie beyond the capacity of the sharpest computers. … Computers are wonderful at following instructions, but they’re terrible at improvisation. Their talents end at the limits of their programming.

and

In 2013, the Federal Aviation Administration noted that overreliance on automation has become a major factor in air disasters and urged airlines to give pilots more opportunities to fly manually.

That’s not to say that we should smugly dismiss automation or technology. Lawyers, for example, who dismiss the ability of software to replace certain things we do are in for a rude awakening.

In general, computer code is never bug free, is never perfect, and is not able to do certain things. (You can say the same for us humans, though.) For example, the aircraft industry spends huge amounts of time and money testing the software that operates aircraft. On the other hand, the types of things computers can do well are increasing, and will increase over time. At some point there may be breakthroughs that make computers more reliable and better at the things us humans are more adept at. But we are not there yet.

Cross-posted to Slaw

Is a self driving car in your future?

Depending on how you define a self driving car – probably sooner than you think.

Sometimes new technology seems to come out of nowhere, but it often creeps up on us.  Legal disruptions that new tech spawns often follows the same path – usually a combination of lagging behind new technology, and getting in the way of new technology.

Current advances that come to mind include smart watches, drones, electric cars, and Tesla’s Powerwall.

Take self driving cars for example.

Its not as if we will go directly from a totally human driven car to a totally autonomous car.  They will creep up on us.  The Google self driving car gets a lot of press, and understandably so, but mainstream auto makers are rolling out these features now. We already have cars with features such as self parking, adaptive cruise control, cross traffic alerts, and lane departure warnings.  Over time these will morph from warning systems to taking control for a brief time to driving for longer period of time.  Self driving will start on highways before it moves to city driving.

Actually, self driving trucks might become prevalent sooner than self driving cars.

truck

Cross-posted to Slaw.

The smartwatch era is here

If you are an Apple fan, April 24 2015 marks the beginning of the smartwatch era – the date the Apple Watch is available. (Preorders start Apr 10th.) Smartwatches have been around for a while, but given the Apple reality distortion field, they will initially sell in large numbers, even though they are the most expensive ones available. The basic Apple watch is functionally the same as the most expensive gold watch edition that starts at $10,000. (Someone said that if you can afford a $10,000 watch, you probably don’t need to know what time it is.)

But there are alternatives, including several Android versions, the Pebble, and the Microsoft Band. Version 2 of several of these are expected soon.

Smartwatches are designed to be an interface to your smartphone. But if you want something that comes at this from a different approach, check out the Neptune – from a Canadian company that takes the intriguing approach of making the device on your wrist the main computer. There are still a few days left to take advantage of their indiegogo campaign.

Personally – as much as I want one – I’m waiting for the upcoming second gen Android versions. But then again that Neptune is rather cool…

Cross posted to Slaw

http://harrisonpensa.com/lawyers/david-canton

CES 2015

The Annual Consumer Electronics Show (CES) is under way in Las Vegas.  Its a mecca for those into the latest and greatest and biggest and fastest and most innovative consumer tech.

For example, the latest in TV’s are 4K (4 times the resolution of HD) that are impossibly thin with tiny bezels.  While the high end models are unaffordable, the improvements eventually become mainstream.

Trends include wearables (fitness still dominates) and the smart home (aka internet of things).  Everything seems to be connected somehow – even teakettles. (Some might say that an internet connected teakettle belongs to the internet of stupid things :))

So what might be useful in the office?  Getting around might be easier with the Rollkers “personal transit accessory” – essentially electric roller skates that attach to your shoes – or with the IO Hawk – which is a cross between a Segway and a skateboard.  Or perhaps a food printer for the lunch room.

The tech press has extensive coverage of the CES – check out coverage by Shelly Palmer,  CNETWired

IO Hawkrollkers

Cross posted to Slaw

Smartphone vs tablet vs phablet vs ???

I recently traded in my iPad for a Nexus 9. It has made me look at the phone/tablet thing a bit differently.

When I had an Android phone and an iPad, they felt like very different devices, each with a different role. But now that my tablet and phone work the same, and seamlessly share information, they don’t seem so different anymore. For example, if I make a note on google keep, it instantly shows up on the other device.

The only real difference is the size of the screen, and that the tablet can’t make phone calls or send texts. (Actually that’s not really true as you can make free calls over WiFi using google hangouts.)

That’s why phablets are growing in popularity. For those who can put up with carrying around a larger device, they are the best of both worlds. I want a phone I can put in my pocket though, and phablets are too big for my taste.

So what we really need is a modest sized phone with a screen that appears to be several times the size of the phone. Or better still, are we that far off from a full-fledged computer the size of a smartphone with a holographic display the size of a monitor, and a virtual keyboard? Would that be a complet? – a comphone?

Cross posted to Slaw