artificial intelligence, natural rights

“I propose to consider the question. Can machines think?”
– Alan TurnAlan Turin 

For the purpose of this article, we will agree upon the fact that Human Beings are the world’s most intelligent creatures. Or at least that we may be regarded as more intelligent because we are not merely surviving in the world, we are also creating things [ most of us 🙂 ]

And in the spirit of being intelligent enough to create, the humans in computer science have decided to go one step further in technology and create what is popularly known as Artificial Intelligence (AI). Chances are that you know of AI. Apart from its more frequent adoption in the development of technology, it’s also showing up more in everyday lingua.  But what is AI?

AI is essentially a concept that refers to systems/machines created to function intelligently and ‘independently’. In its simplest form, it is machines doing work like humans. And there are levels to this. One of the more basic levels would be speech recognition. Think of when you talk to Siri like it is your friend. Siri is not human, but when you ask a question, it recognizes your speech, converts it to text and can even respond. Also, AI can be observed when Netflix graciously recommends a movie for you as your friend will. Like ‘I know you. I’ve been with you for a while. I understand you. Here’s this amazing movie you’ll love to watch. If you don’t like it, swear for me’ 

On a broader scale, AI encompasses every field that attempts to do what intelligent humans can/will. Fields such as robotics (which is basically machines understanding their environment and getting around physically just as humans do) , image processing (which is machines being able to understand what they see), pattern recognition (which is seeing patterns and being able to make decisions based on these patterns), predictive analysis (which helps to use data to predict the future) and so on.

All of these definitely involves the study of the human brain, how it works and how to infuse these cognitive abilities in machines. However, it might be important to say that scientists are not necessarily trying to copy and paste human reasoning and behaviour (because how practicable is that?). The goal is essentially to model human reasoning and present results in a refined way. Focus is on results. So it’s cool that a machine can spot certain types of people, but how does it make judgment calls or predictions based on that?

Thinking about it practically, AI generally works with data. Even human beings learn with data. We go about the world for decades learning via what we see, sense, hear, experience and so on. And then we make decisions, inferences, classification, predictions and other forms of output based on all the data we’ve stored. It’s the same with AI. Only that decades worth of data is collected and fed into the machines via programming.  The machine is then able to read patterns, study behaviour, recognize visuals, understand speech, classify language and so on to make accurate decisions.

For instance, in order to make my machine intelligent enough not only to diagnose cancer, but also to determine what stage it is and the best medical approach to take, I may feed it with data in pictures of different tumors, medical history of patients, medical solutions adopted or advised to be adopted, development in particular cases and so on. 

This is not really an article about the technical abilities of AI but its human effects. I like to think that when AI and Big Data meet, you’ll find a bunch of excited scientists but not so excited human rights advocates. And the problem is not necessarily that AI uses Data. It is *how* it uses that data – the ethics considered in programming and how the law fosters the observance of such ethics. AI covers a BUNCH of industries. In education, it can be used to score exams or essays. In criminal justice, it can be used to assess risk/guilt to help inform or sway judgment. In medicine, it can be used for diagnostics. It can be used for online content moderation. It can also be used in deciding who you hire or fire.

AI & Privacy

This is the obvious one, right? AI needs data, thrives on it and eventually informs it (tbh). We are both in the era of Big Data and Hasty Agreements. So while there’s a huge collection of information, there’s also reduced attention by data subjects (YOU) to what terms and conditions they agree to. (I have a short piece in my soon-coming book (amen?) on this). Data collection right now is madness. There are cameras every mile, apps in every swipe, websites in every click and computer systems somewhere just collecting all this. I watched a Ted Talk where one guy said that Google has 10 – 15 exabytes of data. Have you ever even heard of the term ‘exabyte’? There are levels to this. 

My concern (and not just for Google) is how are these data protected and what are they used for? What is the breadth of the distribution, reach and use of these information and what should we expect in the future based on this?

AI & Freedom from Discrimination

Just like I earlier said, data is being fed into systems to help in processing and output. The question is what *kind* of data? 

Humans are naturally biased people. A lot of people say data don’t (doesn’t?) lie, and that might be true but data can discriminate. The processes of collecting data in itself may taint the outcome. The range of your dataset may also affect judgment. How inclusive is your data collection mechanism? As I said, I believe that data might be accurate and yet discriminatory. If, for instance, a large percentage of your dataset on terrorists and terrorism points to elements such as Islam as a religion, Hijab or Turbans as form of dressing, Arabic as language, Male as Gender, what you would have is a system that is being programmed to recognize all male Muslims as terrorists. That can be an airport disaster. The data fed is *probably* accurate but still potentially discriminatory.

Another example I can think of is the use of AI in recruitment. What are your data sources and are they inclusive enough to inform the machine accurately about the number of women in higher positions, women remuneration expectations, women productivity in the workplace and so on.

I think that even more important than ensuring that the data sets are not biased is also ensuring that decisions made based on sensitive machine predictions are not taken without added measures.

The same examples apply to black lives, and policing in the US (and perhaps in other parts of the world), low-income earners and racial links to same, and other minority considerations.

Techies and policymakers alike must understand the need for inclusion and diversity in the development of technology.

There are definitely other ways in which AI would influence human rights but these are my focus right now. If I were to propose solutions, I’d say:

  1. Human Rights Impact Assessment: In the development of any AI technology, there must be some human rights consideration. And if you’re an excellent person outside of the tech world, you may think, ‘well I’m sure this is already being done’. But I tell you that it’s rare to see this. Scientists (or programmers) are usually more focused on functionality and optimization and would not necessarily think ethics. These impact assessments have to also be carried out periodically as well.
  2. Education for Techies: Computer scientists need to be enlightened. Simple. Are we teaching these things in classrooms (conventional and otherwise)? Or are we waiting for our bright minds to build the next best thing before we start doing damage control? I believe that ethics and human rights should be *seriously* incorporated into curriculum and syllabus for young scientists.
  3. Test Test and Test: This is also one of those solutions that sound moot. But I’ll say it anyway. Scientists should be mandated and supervised (*cringe*) to test their products. But not just for functionality but for adherence to ethics. Permutate potential rights-infringing situations and test what the machine will do in that event. 
  4. Let us see through you: Essentially, be transparent. This is mostly targeted at the government. If a system is functioning by AI, let your people know.

Cheers!

2019: our year of data protection?


Prior to this year, a handful of civil society organizations and interested individuals have made a public outcry to the Nigerian government to codify a body of laws that would put mechanisms in place to protect the data of its citizens. As at the beginning of this agitation, it was perhaps difficult for the government and common citizens alike to understand what this request meant? What was data and why was everyone talking about keeping it so safe? What harm could possibly be occasioned if this data was not protected? Was it worth government resources and time to invest in data protection?

But it’s the 6th month in the year 2019 and it is looking as though Nigeria has come to terms with the need for the regulation and legislation of data protection for its citizens. In just this year, the National Information and Technology Development Agency (NITDA) has released a Data Protection Regulation and the National Assembly has concurred on and passed a Data Protection Bill which is now waiting for Presidential Assent.

But before the regulation and Bill are discussed, it will be ignorant to assume that the questions concerning what data protection is and why it is so important, have been answered.

Essentially, data protection as used in this context speaks of personal data. Personal data is simply any information about a person. It could be about a person’s family or private life, it could be about your career or profession, it also could be about one’s health such as one’s genes, health status, sex and reproductive information, it could also be your biometric information, financial information, political affiliation or opinion, gender, or even your religious beliefs.

Personal data is a big deal in this age because it’s arguably the lifeblood of the internet and digital technologies. When the information age commenced in the early ’90s and communication and commerce became more fluid by means of digital technology, data became increasingly relevant to the survival of any business or service. Businesses are beginning to profit, not just from properly analyzing data but also just from merely owning data. You probably know someone who offers to sell emails or phone numbers or other personal information. And so you have to think, ‘what is so important about my personal data that it can be sold for value?’

This is why data protection enthusiasts continue to advocate for both technical and legal frameworks to guarantee that in the midst of the data craze, the actual owners of data – you- are protected. Data protection, therefore, refers to the rules, practices, policies and safeguards put in place to ensure that personal information are collected, used, accessed, updated, and even deleted properly, lawfully, fairly and transparently.

It is almost an impossibility for this area of law or policy to be left to cooperation or self-regulation. That is, because of the commercial value of data and the sensitivity of same, it becomes irresponsible to simply demand that data custodians or controllers ‘do their best’ to keep data in their care safe, without backing it up with laws and repercussions. And perhaps this is the mindset that has informed Nigeria’s development of two data protection documents in the space of 5 months.

The Data Protection Regulation 2019 released by NITDA applies to all transactions that intend to or actually process personal information of natural persons (who are called ‘Data Subjects’) in Nigeria. The Regulation mandates that personal data shall only be collected for the lawful purpose consented to by the data subject, will be adequate and accurate information (as given) and will not be to the prejudice of any person, will be stored only for a period within which it is reasonably needed, and will be secured against all foreseeable attacks (digital and physical).

The Regulation also clearly defines what will be regarded as lawful processing of data and from its provisions it is clear that the act of purchasing and processing data from third parties is against the law unless the data subjects are aware at the time of disclosure that their data will be used for such a purpose.That is, data cannot be collected for a particular purpose and used for another. As it says in Reg 2.3 “No data shall be obtained except the specific purpose of collection is made know to the Data Subject”.

One very important provision in the Regulation is that “any medium through which personal data is being collected or processed shall display a simple and conspicuous privacy policy that the class of Data Subjects being targeted can understand.” This, therefore, means that service or product providers must develop clear privacy policies that explain what is being done with the data which would be collected or processed and these policies must be understandable by the data subjects – whether they speak English, or Igbo or Hausa, or Ibibio or any other local or foreign language. This is very important.

The Bill passed by the National Assembly is not accessible on the NASS website but pending its availability, perhaps reference can be made to a Data Protection Bill on the National Identity Management Commission’s website. The Bill also aims at providing rules to govern the collection, use and disclosure of personal information in a manner that recognizes the right of privacy of individuals with respect to their personal information. While it is my genuine hope that the president gives his assent to the Bill, I also eagerly anticipate access to studying the provisions in the Bill.

Perhaps all of the outcries of civil society organizations culminated into prophecies which are now being fulfilled in the enactment and release of Data Protection laws in Nigeria.
Perhaps the government and its agencies have been persuaded of the urgency and importance of data protection laws and regulations.
Or perhaps it is just a response to pressure.
But the year is 2019, it is the 6th month and Nigeria has two documents which hint that the country cares about her citizens’ personal information.
Welcome to our year of Data Protection!

Forward Ever?

Words have the power not only to hurt a person’s emotions but to tarnish their reputation for life or for a time shorter than life… but you get the point. This is why the tort/crime of defamation is a big deal.

Defamation is essentially a communication or an expression of information about a person that is untrue and that is intended to negatively influence the reputation of such a person in the eyes of right-thinking members of the community.

Defamation can be super tricky so you have to carefully adjudge a statement before declaring it as defamation. In the next paragraph, we’re going to have a bit of fun because I will draft a communication and we’ll analyse it together to determine parts of it that count as defamation (in this case, Libel, since it is written) and parts that do not qualify as such.  N.B. The characters in this example are purely fictional and do not refer to anyone living or dead. Any similarities simply reveal the humdrum recycling predictive boring nature of life. Let’s go!

WHAT THE WORLD SHOULD KNOW ABOUT MRS. IJEOMA TALOMOMI KUDIRAT

Where do I begin? I see a lot of people cheer Mrs. Ijeoma Talomomi Kudirat (ITK, going forward). They write lofty things about her; things that when I read, I want to wash my eyes with rain water just to be sure I’m not dreaming. Kind? Benevolent? Gentle and welcoming? Where do people get their information from?

At some point, I decided that I was going to ignore every Facebook post, twitter tweet, newspaper publication and even bus gist about this woman; that I would mind my business and allow the world deceive itself. But I can’t. My passion is ‘liberating people through the truth’ and that is what I intend to do with this post.

Therefore, here are 5 things you must know about ITK:

  1. ITK was recently charged and convicted for Money-laundering. I won’t go into details about this because I know that all these local champion keyboard investigators will come for me and say things like ‘if she was, we’d know yen yen yen’. I have said what I have said.
  2. Last week, ITK attended a gay wedding in Lagos, Nigeria. She even gave a toast. According to her, “I am so happy to see the union of these two men irrespective of the hostility of the nation against such love”
  3. ITK is in serious DEBT! Good Lord! You guys would not understand the level of poverty this woman is in. All those clothes she wears? They are taken on credit. Those houses she flaunts? They are not hers…  Don’t be fooled
  4. ITK’s son is mentally unsound – that’s why she does not put his picture out. He’s locked up in an asylum far away in Katsina state.
  5. ITK has gonorrhoea from her promiscuous lifestyle.

This is where I stop. This, is where I drop my pen in a boat and allow it float on the river of liberation. I hope you’re on that boat too.

Back to reality. Hope you enjoyed my rant.

Now, let us examine each of the points above.

Point ‘a’: If truly, ITK was convicted for the crime as described, then as bad as it for her image, it does not qualify as libel.

Point ‘b’: I made this point to help drive home the point that something that can be libellous in a particular society or to a particular group or class of people, might not be to others. If this communication was published to a more ‘liberal’ group of people (say, most citizens of the United States of America) then it would not be considered libellous. In fact, it would be considered praise-worthy. However, if this statement was made to a more conservative and traditional group (e.g most Nigerians), and if it is not a true statement, it will be damning to her reputation.

Point ‘c’: As you already know, if this is not true, then it’s libellous.

Point ‘d’: is libellous only concerning the son and only if it is untrue

Point ‘e’: If untrue, then libellous.

However, every statement I have noted to be libellous is not until the maker of the statement actually publishes it. If it sits in his drafts and maybe it is leaked, it does not typically count as defamation. If the statements were made about you (say in a person’s diary), you will not have a cause of action against such a person for defamation if you were snooping around.

So you get the point now. Or so I believe.

Now it’s important to note that if you *republish* a defamatory statement, you are as guilty as the original maker of the statement. This holds sway in Nigeria and in many other jurisdictions. That is if someone makes a defamatory statement and you further help convey that, you (in many jurisdictions) will incur the same liability as the original publisher would.

Knowing this, the next question that naturally comes to my mind is: what does this mean in the internet age? What happens when I forward a defamatory message sent to me, to other people? In times like this when publication is as simple as clicking a ‘forward’ button or using a ‘copy and paste’ function, what’s the stance of the law and courts?

Candidly, the answer to this question varies by jurisdiction so I’ll focus on Nigeria.

In Nigeria, defamation can either be treated as a civil wrong or as a crime (see Section 373 of the Criminal Code). There really isn’t any provision specifically addresses republication especially with regard to new age tech and the internet. The stance also varies a lot in different states in the world. For instance, in the USA, Section 230 of the Communication Decency Act actually provides immunity for users and providers of ‘interactive computer service’ from being liable for information provided by others.

While I’m honestly not eager to see Nigeria codify something on this topic (let’s just say I don’t really trust the nation, her policies and practices to do right by netizens in any scenario), I would, however, believe that liability for republication by a computer system or product should depend on whether further affirmation, credence or an overt show of support and endorsement is given to the statement by the republisher. This is because internet infrastructure such as social media platforms have made it so much easier to repost or republish content of all forms. On the part of the state or defamed individuals, it would not be sustainable to seek redress or justice against EVERYONE who republishes defamatory content. It might, however, be easier to do that against anyone who contributes to the content of the already existing publication – adding support to the defamation. This is especially because the mental requirement for the commission of the crime of defamation is ‘knowing’ that what you’re doing is defamatory in itself. Hence, a little bit of support or accord with the defamatory statement will also help to establish this.

But most importantly, I believe that ICT platforms – especially pubic content sharing platforms such as social media should be intentional about warning against defamatory acts in their policies. Be responsible enough to educate platform users on the dangers of defamation; be responsible enough to make it a policy stance and community rule for your platform; be responsible enough to create proper protocol for the reporting and redress of same if it occurs. Because the truth remains (and is becoming much more glaring), that social media and virtual platforms are gaining more solidified roles as governors over people (users) than the government is. (*in the voice of Imagine Dragons* WELCOME TO THE NEW AGE!) And so it is probably much easier and more realistic for issues such as this to be sorted by the tech companies than by states ( and think about it: many of the parties to the dispute might even be in completely different jurisdictions). I’m stressed just thinking of arising conflict of laws issues.

It’s an interesting time for international law and internet governance and it’s going to get even more exciting. I’m here for this. I’m here to influence the ebb of policies. So here for this!

Meanwhile, let me know what you think! And kindly share!

Hating Free Speech

The phrase ‘Hate Speech’ is fast becoming as popular as me. The audacity! Such effrontery!

Hehe.

Seriously though, it’s a buzz word! With the increased adoption of technology in communication, the culture of fake news, hate speech and misinformation has now been amplified. What would before have ended as casual bants among friends can now become a sizzling national discussion.

But let’s back up for a bit and talk about freedom of expression a.k.a. Free speech.

Freedom of expression is exactly as it sounds – the freedom to express opinions, thoughts, ideas and information. It is the equal opportunity available to all to hold and to express information through whatever medium. In Nigeria, Section 39 of the Constitution guarantees this right.

And Article 19 of the Universal Declaration of Human and People’s Rights. And Article 5 of the International Convention on the Elimination of all forms of Racial Discrimination. And Article 13 of the Convention on the Rights of the Child. And Article 19 of the International Covenant on Civil and Political Rights…

So we get that free speech is a big deal – it always has been.

Before the internet, it was absolutely frowned at for the government to stifle the circulation or dissemination of information. Journalists were being assassinated and hassled because of information they had or had dug up.  And now that the internet has come to stay, free speech has become even much of a big deal.

Statista states that there are approximately 93 Million Internet Users in Nigeria. Think about it. About 93 Million people in Nigeria are sharing their opinions and views – making jokes, posing questions, proffering answers, rallying belief, presenting independent analysis on several topics as may be touching on diverse demographics and areas.

This is interesting. And like I mentioned earlier, it’s not new. The reality of the existence of diverse opinions in a society which professes to be democratic is only being amplified by the use of Information and Communication Technologies.

(And you know what they say about anything that amplifies an already existing fact? They say such a thing would reveal character.)

This is, therefore, why the government’s treatment of free speech and its reaction to dissident opinions has become a negatively interesting national, regional and international topic constantly being discussed.

If you ask me (which you should), many African governments are increasingly being overwhelmed with the virality that ICTs bring and they are beginning to feel incapacitated and unable to control the narrative and opinions flying around. You must understand that this is sad bad sad for the government. 🙁 Is all hope lost? Do the people really get have an opinion and then express it just like that?  Does the government really lose this battle against the freedom and the exercise of civil liberties by its people?

Cue Audio: Soft music like this one plays for 10 seconds before being suddenly cut off by an action scene soundtrack like this one
Cue Video: (Camera moves at an alarming rate down the road to the government house. Whooshes past unblinking security men in black and eases into the dark underground parking lot. A couple of expensive cars are littered around and it is obvious that all entrances have been cordoned by more stealth ready-to-kill-because-this-is-what-I-am-paid-for looking men and women. We enjoy a brief 1.8 seconds silence in the parking lot and just before we become comfortable, in zooms a black van speeding towards the camera just before swerving to park in a manner that would irk a perfectionist. Van door opens and out steps a figure clad in a black hoodie and black jeans. Suddenly, the doors of the expensive cars begin to open and top government officials troop out and proceed towards said hoodiearian - he has come to save them from this proliferation of opinions all over the internet. As the distinguished officials halt just inches away from hoodiearian, he turns slowly and we can see his smile. 

He said, “Hello guys, I’m Speech, Hate Speech’)

To God Be The Glory

(There will be No Part 2)

Signed. Management Government.

You know, it is almost laughable when the government uses ‘Hate Speech’ as its justification for almost every crackdown on free speech. It’s their joker – and sometimes, a joke.

Now, I’m about to burst the brain of (almost) every government official:

“A PERSON CAN BE WELL WITHIN THEIR RIGHT TO FREE SPEECH AND STILL EXPRESS UNPLEASANT, NON-CONFORMING, DISSIDENT, OFFENSIVE, SHOCKING AND DISTURBING OPINIONS, IDEAS OR INFORMATION.”

Ha!

Yes, too too too too too too too too many reports have come forth of governments in Africa, stifling free speech under the guise of protecting the nation against hate speech whereas it’s just another way to censor or restrain opinions.

This NEEDS to stop. We all need to know that we can hold and share ideas – bright or dull, pleasant or unpleasant, stupid or brilliant, interesting or downright boring, good or bad, with as many people as will listen to us, with as many people as an unbiasedly governed internet will let us.

But Hate Speech though?

Yes. As much as it is my opinion to allow people run free with their thinking and sharing, I don’t think they should run wild. For the purpose of order,  freedom of speech cannot be boundless. Some form of limit, solely for the protection of other individuals and state, must be put in place.

And one of those things which can serve as a person’s limitation to free speech is Hate Speech. As in, the real hate speech not the poser in the underground parking lot of government officials.

So what exactly is Hate Speech?

Hate Speech is an expression of an idea or an opinion which, when adjudged in the right context and language and by a reasonable person in the circumstances, was willfully communicated with the intention and possibility to rouse violence against a specified and identifiable person or group of persons.

(Aside: I’m super proud of this definition I birthed from my laboured study on this matter).

That is what Hate Speech is. It has to be treated in its own context and cannot be judged solely based on it being a stupid or sad or annoying thing to have been said or written or communicated.

Questions that must be asked in determining whether a statement constitutes hate speech:

  1. Given the context, is the speech capable of inciting violence?
  2. If yes, is there a specified group of people against which the intended violence is targeted?
  3. Was it willfully or deliberately expressed?
  4. Is the act of violence even capable of being carried out?

These are, in my opinion, relevant questions to be asked before an expression can be tagged as hate speech.

See also this 5-point test for Hate Speech by Ethical Journalism Network.

To know whether you understand anything I’ve been saying for the last 1123 words, take this test:


[HDquiz quiz = “62”]

Thank you for reading! I hope you found it useful and interesting. I’d love to hear your feedback and I’d love for you to share this article with others.

NiRA dey chop our Naira

My friends know that I cannot walk into a bookshop and still retain the same blood pressure, energy or heart rate as I had before I walked in. Books excite me in an interesting way. I do not even have to read them – just the prospect of thousands of words fellowshipping together on processed wood gets me pumped. In fact, I also love empty notebooks – just give me the processed wood and I’ll be fine. You can propose marriage to me with only a carton of hardcover artsy-looking empty notebooks and I would be speechless at your thoughtfulness.  *looks in the mirror and sighs at self-deprecation*

However, books are only but one of the things that excite me. Another thing that excites me is ‘owning domain names’. I have a superpower for having the brightest ideas and giving them badass names – I MEAN, you’re currently on HTML and we’re not talking programming language here! *kisses self in the mirror*.

Anyway, because I’m an ideas junkie in the 21st century, the first thing that comes to mind when I have a bright idea is not to write it down like a strategic thinker. No. I, instead, convince myself that this is THE idea – THE ONE-  and then proceed to secure the domain name for my soon-to-be giant tech company. (As an aside, I feel like adding a bit of unbalance in the world right now so here we go: |giant| |DWARF| – this is so disturbing haha).

As you can tell, I’m currently having a bit of ADHD so please bear with me. What I have, however, tried to convey in the last three paragraphs is that owning domain names, like seeing books, excites me a lot. Got it? Good.

Now, in the next couple of paragraphs, I’ll try to explain why I believe the Nigerian Internet Registration Association does not rate my excitement and how I am convinced that this somewhat infringes on the human rights of, we the people.

Follow me.

Now, NiRA (which is a beautiful name, by the way), is the neutral self-regulatory body which administers Nigeria’s country code Top Level Domain (the code popularly referred to as .ng)

A domain name is pretty much the name of your website + a TLD (top level domain). So for instance, ‘adeboro.com’ is a domain name. Same as adeboro.ng, adeboro.am, adeboro.co.uk, adeboro.io and so on. ICANN lists all the 1536 TLDs here. Speaking of ICANN, it’s short for the Internet Corporation for Assigned Names and Numbers and it’s responsible for managing and coordinating the Domain Name System to ensure that every web address is unique; it is not in charge of registering domain names as it has accredited registrars for that.

Now, our dear NiRA determines the price for registering a domain using the .ng TLD and for some reason, NiRA has chosen that it’s a big price to pay.

Imagine I had an idea to build an online Forum for Parents who are tired of saying the same things over and again to their child(ren). The parents on my Online Forum would simply write open letters to their Children addressing them in public and begging members of the Nigerian online community to bear them witnesses before man and God that they did their best.

Super amazing idea, right?

Now, I really want my Forum to be popular in Nigeria so I decide that I’ll use the .ng TLD because I know that search priority would be given to me. I go online to register my domain name and here’s my invoice:


I might have exaggerated in the beginning when I said that NiRA’s pricing of domain names (which I’ll maintain is RIDICULOUSLY EXPENSIVE) is somewhat an infringement of human right. I say I might have exaggerated because I know that no one is forced to use the .ng TLD or punished for not using same. Therefore, if you cannot afford to register a .NG domain, you may go ahead and choose from a bunch of other options. Or so it seems.  

It is, however, my belief and in fact, my understanding that all Internet Policies should be formulated in such a way as to drive and encourage the inclusion and participation of the average man. And whilst I know that affordability is relative, N9,500 seems a lot like a gatekeeping mechanism to me. Whether or not NiRA is purposely discouraging the use of our country code TLD, is a question I cannot answer. But what I can say is that its Pricing Policy is more favorable to a class of people than it is to all Nigerians and that can be argued to be a passive indirect tampering with the right of Nigerians to participate in all available opportunities which the internet presents – which includes using their country code TLD and not being strong-armed in a NiRA passive-aggressive manner to have to make other choices. NiRA, why can’t the average Nigerian internet user comfortably purchase a .ng domain name?

This is even worse when you think about the fact that restricting the options of people in the use of internet features, options or infrastructure available to them is as good as messing with other rights like the freedom of expression, of association, of assembly….

I mean, I know I sound like I’m over-reaching but I’m not. I actually believe this. Infringement and restrictions on human rights do not only manifest in violent actions or reactions but also in quiet, indirect, innocent, passive, come-and-beat-me’s.

NiRA needs to fix up and reduce the pricing of the .NG domain suffix so that Nigerians who want to use it, can afford it. And do not say, ‘Well, you have the luxury of other generic TLDs. Stop whining.’  I ask: of what use is a right or privilege if it is given to those who cannot take advantage of it? Again, I ask (for the purpose of making an example): does a man. who cannot afford any shoes, really have the freedom of movement if he is placed in a city tarred with broken glass?

Once again, I am aware that affordability is relative. But look, we live in a country where up to 80% of us live on less than $2 per day.

Think about it.

I’d like to know what your thoughts are on this matter. And I’d appreciate it if you share with others! Thank you. 🙂

What if they ‘off’ the Internet?

On Saturday the 16th of February 2019, two days after lovers have loved, cakers have baked, chocolaters have cashed out and florists have flourished, Nigerians are going to the polls to elect the two top people who are going to lead this nation for the next four years. And if there has ever been a time when we need to make the right decision; it’s now. This is evidenced in the amount of tension surrounding this particular election – there’s also a lot of controversy and drama.

I literally wake up everyday to some interesting politically inspired news and while I try not to allow any of them affect my mental health, one that has definitely utterly completely caught my attention is the rumors of an internet shutdown in this period.

So in case you don’t know, in my real life 9-5 salaried existence, I work on issues of internet and technology policy (I know right? So interesting!). And whilst I manage projects in Anglophone West Africa (Ghana, Gambia, Liberia, Nigeria and Sierra Leone), I am definitely interested in the entirety of Africa.

This year alone (and please note that this article is being written on the 2nd day of February), there have been at least five internet shutdowns in Africa.

Quoting the African Commission on Human and People’s Right:

In Chad, users started experiencing a shutdown of social media platforms such as Twitter, Facebook and WhatsApp on 28 March 2018. Over 300 days later, the government of Chad has still not restored access to the platforms.

In Sudan, the Government shut down social media platforms such as Instagram, Twitter and Facebook on 21 December 2018, amid protests over economic hardships in the country which in due course escalated into demands for the resignation of President Omar al-Bashir. Key telecom companies including MTN Sudan, Zain Sudan, Kanartel and Sudatel were blocked from providing internet services.

In the DRC, the Government blocked the internet and social media on 31 December 2018, following the conduct of polls on 30 December. These services were not restored fully until 20 January 2019 when the Constitutional Court confirmed the win of Felix Tshisekedi as president elect.

In Gabon, the government ordered internet shut down on 07 January 2019, following a military coup attempt.  Connectivity was restored on 08 January 2019.

In Zimbabwe, on 15 January 2019, following a directive by the State Security Minister, internet service providers shut down the internet. While the ban was lifted on Wednesday 16 January 2019, leaving only a ban on social media platforms, another full internet shutdown was ordered on Thursday 17 January 2019, effectively leaving a majority of Zimbabweans without access to the internet.

So when, one day I began to see rumors of an intention of the government to shutdown the internet during the election, I did not calm down. I worried because I do not think of it as an action beyond our government. Remember my article on African Governments copying each other?

And you know, even if no other African country had set a precedent, I would still have taken the rumors seriously because of the dictatorial-authoritarian vibes we’ve been getting from the federal government recently.

Anyway, to see the rumors, check here, here, here but don’t click here.

Today, the 2nd of February,  we however woke up to news by the Office of the National Security Adviser clearly stating that “…the internet and associated communication infrastructure are major components of the Critical National Information Infrastructure, which ONSA is mandated to ensure its security.” and that “…shutting down the internet is akin to shutting down national development and security”

Yo! When I read that last line, I was almost shouting ‘Hallelujah!’. Like, that is a preaching! Don’t you know! Say it for the people at the back! Hmmm! Glory hallelujah! Flesh and blood revealeth not these things unto ye!

SHUTTING DOWN THE INTERNET IS AKIN TO SHUTTING DOWN NATIONAL DEVELOPMENT AND SECURITY!

No truer words, people. And apart from that, shutting down the internet and other means of communication is a gross infringement of the people’s right to freedom of expression, freedom of assembly, freedom to learn, freedom to create knowledge and indirectly every other human right you can think of. Because the internet has somewhat  become the lifeblood of the society.

But our government has assured us that they wouldn’t do that to us. The Office of the National Security Adviser has announced that  it is “committed to protecting the rights of the public to access Information and Communication Technology facilities” (and I love that they recognize it as right; an entitlement; a liberty of the people).

However, while this cute and bold and all that, I don’t want to fluff my pillows and lounge because ONSA boo said we can. I’d like prepare for a alternative eventuality and I’d also like to share my prep kit with you:

  1. Circumvention, Circumvention, Circumvention: Basically, in the event of a shutdown, you would want to be able to bypass this censorship or blockage by using some tools known as circumvention tools. Here is a list of circumvention tools you may use. Psiphon, for instance,  which provides you with uncensored access to Internet content. It will automatically learn about new access points to maximize your chances of bypassing censorship. And you can get it on your iOS, Android stores and as a software on your computer. No better time to download it than now.  Also, check out Lantern which is also super cool and largely free.
  1. Stay private: Here, the Tor browser comes to mind. It’s a browser that helps you remain anonymous while surfing the internet – in fact, you can (and should) use it even without an internet shutdown especially if your work is security-sensitive. Tor,  instead of making a direct connection, will connect you through a series of virtual tunnels so that your privacy is hidden. It also serves as a circumvention tool because it allows you reach otherwise blocked destinations or content. So download it as well.  You may also use a Virtual Private Network (VPN) which help you securely and anonymously connect to the internet.  
  1. Stay Safe: Things can get really weird during an internet shutdown ordered by the government. Because an Order to shut down the internet is in itself a military-esque action by the government, it’s reasonable to expect some surveillance and consequences for those who still go ahead to use the internet or those who are caught. Hence, employ basic digital security tips and be careful of site you use with your circumvention tools. Understand also that digital security also involves physical measures. And in case, you’re like, “I’m super clueless. Help me!” Well, I’m your plug to this very simple, very comprehensive website/booklet/guide/resource published by our very own CcHub. It’s interesting to read and very relatable. Please check it out.

Also, check out this free helpline for digital security assistance.

I wish us all a safe month! A safer election! And an even safer country!

Love.

I Spy With My Digital Eyes – On Domestic Abuse, Protection Orders and Technology

Naomi got married at the age of 22 with many people calling the entire thing crazy. Her parents were happy though. Her marriage meant that they were going to carry their  grandchildren very soon and everyone knows that’s the ultimate hallmark of success for the average African parent. Her siblings and friends, on the other hand, worried that it wasn’t the right time, nor the right person. According to Ire, her friend since secondary school, ‘I’m not saying anything is wrong with Vincent, or with both of you getting married. But I know something is wrong – and I really wish I could place a finger on it.’

Naomi had smiled.

Perhaps she understood the concern almost everyone seemed to communicate, perhaps she did not. Two things were sure for her – she was getting married to Vincent and no one else understood him as she did.

You see, she had met Vincent in the year she turned 21, and in fact, it was the exact day she turned 21. He was having a solo dinner in the same restaurant she was having her birthday dinner and their eyes had met more than three times. But by the time she and her 5 friends had finished dinner, Vincent had left the restaurant without so much as a ‘hello’ acknowledging the connection between them. However, when they called for the bill, the waiter, instead brought a receipt and said, “The gentleman who sat at that table said to tell you ‘happy birthday’”. Naomi was grinning ear-to-ear and the teasing from her friends seemed unending.

Her parents’ house was just a 5 minutes drive from the restaurant, perhaps that was why her Uber driver angrily zoomed off after dropping her at her gate. A card trip that cost only N400! She stood at the gate fumbling with her handbag searching for the key. As she searched, she suddenly felt someone creep up behind her. Turning sharply she could not believe her eyes when she saw the guy at the table at the restaurant with the hugest bouquet of flowers and the widest smile. Creeped out, she pressed her back against the gate and stuttered, ‘Are you not… what do you….how did you…what are you’


“Relax”, Vincent replied. “Did you really think I’d leave without saying hello? I just needed to ensure that my ‘hello’ was substantiated” he winked.

Substantiated. She thought. Who the hell uses that word in everyday talk?

“Okay.” he continued. “Don’t be freaked. I know this is creepy. But I just wanted to tell you Happy Birthday and give you this.” he handed over the bouquet of flowers and a gift bag.

“Umm… Thanks?” she replied, collecting the gift and staring at him, heart still racing.

“Alright, bye,” he said. “And thank you. I’m sorry for freaking you out. My number is in the bag in case you want to communicate with me. Cheers”  And then he left.

Later on, Naomi will realize that this singular behaviour was the first sign she needed to never communicate with him. As earlier said, they went on to date, and then get married. They stayed married for 4 years but everyone who hears Naomi’s story always wonders why she stayed for that long.

Oh well, doesn’t everyone wonder why victims of domestic abuse wait for so long?

Plainly put, Naomi was viciously abused in that marriage. In the last 3 years of their marriage, Vincent took sexual, mental, emotional and psychological advantage of his wife, Naomi. He beat her sometimes to the point where it hurt her to feel the wind on her face. He would wake her in the night by choking her and would yell the most ridiculous things like ‘Why are you laughing in your sleep?! Tell me why?! Or ‘What was the message you deleted from your chat with Ire?!’.

It was insane. Sometimes, he walked from the bathroom with faeces in his hands and put it into the whole pot of stew she was cooking. He stole money from her. He banned her from seeing her parents more than once a month – and she couldn’t even see her friends at all. He twisted and broke her right arm once and then asked her to make him Pounded Yam that afternoon. He never asked for sex, he just took it. And her two miscarriages were his doing. Whenever he smoked weed at home, he would tell her to open her mouth and would puff into it – sometimes, spit into it, sometimes, pee into it. One could go on and on about the messiness that was the mind of Vincent, but that is not necessary.

Last year, Naomi finally spoke out and sought a divorce. In court, one of the reliefs she asked for was gotten from section 30 & 31 of the Violence Against Persons (Prohibition) Act 2015. In that section, it is said that the court may issue a Protection Order (what we sort of know as a restraining order). And according to Section 31, the Order may prohibit the respondent (which in this case is Vincent) from doing a bunch of things including:

  1. Committing any act of domestic violence
  2. Entering a shared household (or a specified part thereof)
  3. Entering the complainant’s residence
  4. Entering the complainant’s place of employment
  5. Or committing any other act as may be specified by the Order.

The judge granted Naomi’s application to issue such an Order. Therefore, coupled with the dissolution of the marriage, Vincent was ordered by the court not to physically, emotionally, mentally, sexually, or psychological cause or attempt to cause harm to Naomi. He was also ordered that he must neither enter her home or place of employment without express invitation. Furthermore, he was ordered that for a period of 2 years, he was to distance himself from her – constantly maintaining at least 500 meters between himself and her.

The night of the judgment, Naomi sat in a living room with her 5 friends and they drank champagne until they were all drunk. They also danced until they slept off one after the other. It was, however, the constant buzzing of her phone that woke her up. She looked at her phone screen and saw 50 messages from a strange number. She had blocked Vincent’s number a long time ago and had registered a new sim card, so she wondered who it was. Opening her message app, she froze. The messages were definitely from Vincent but that was the least of her problem. The texts indicated that he undoubtedly knew where she was. They read something like: “These girls are not your friends”They did not tell you how ugly you look in that pink bum short”You look like a hobo. So dirty and ugly“Gosh, I can even smell you from here”.

This was only the beginning for Naomi. It has been one year since the Protection Order was issued in her favor but that has not stopped her abuse. In fact, she is certain that Vincent has been on an 8-month work trip to The Gambia. But the texts won’t stop. The threats won’t stop pouring in. She constantly gets texts that say, “I know where you are” or “I know what you’re doing” or “I’ll come for you anytime now. And when I do, you won’t live to tell the story”.

Today, just as she was about to leave the house, her phone beeped and it read:  “Are you sure you want to leave right now? Seems like a good day to be run over by a car?” The digital surveillance seems unending. There is no real difference between when she was in the marriage and now that she’s out.

_____________________

I entirely painted this scenario, above, in my head. And although all characters are fictitious and similiarities to any real person (living or dead) is merely coincidental, I’ll daresay that this is the exact reality of many people.

And so I wonder, what’s the proactiveness of the law (in Nigeria) regarding scenarios such as this? Do Protection Orders envision digital surveillance in restraining abusers?

Protection Orders need to issued with the understanding that the definition of distance has now been blurred by technology. If a person is ordered not to be within meters of another person, then consideration must also be given to the fact that proximity can also be digital. And such proximity can be as dangerous as a physical one. Domestic abuse can be carried out effectively both offline and online and our  laws and reliefs have to factor this in.

In the making of this article, I googled ‘spy on my boyfriend’ and I got countless of app suggestions. These apps are apts to let me know that I can know what my boyfriend is doing without touching his phone, I can know where he is, I can read messages on all of his social media platforms and so on. More technology is being developed to enable spying and surveillance.

So I ask, what stops me from having a virtually invisible camera installed in his house if I have a Protection Order against me from entering his house? Aren’t they the same thing?

And what stops me from using GPS tracking if I have a Protection Order against stalking? Aren’t they the same thing?

There are reports upon reports of bitter exes using spyware and other forms of technology to execute abuse on their former partners. Do our Protection Orders cover that?

Well, they need to.

This was a little different kind of gem, but gem all the same. So I’ll need you to:

  1. Kindly give me some feedback in the comment section.
  2. Subscribe so you automagically get my articles in your mailbox.
  3. Share this piece with a friend (or an enemy)

Toll Gates on Virtual Highways

I have a friend, let’s call her ‘Beauty’. She’s a super enterprising human being with a dogged spirit and a bright mind. Just some days ago, we were in a meeting with Media practitioners and she made super sound contributions. When she was done, she backed herself up by saying, ‘I know these things because I run a social media business’. And Beauty was not lying. Almost all her business ventures are conducted on the internet – mostly on Instagram. One of such is a fashion store for female clothing. She displays them, markets them, sells them, and sometimes receives payments over the internet.

In 2012, the Central Bank of Nigeria (CBN) released its cash(less) policy which is basically aimed at reducing the amount of physical cash circulating in the economy and encouraging the use of electronic payment options for transactions. The CBN stated that one of the objectives of this policy is ‘To drive development and modernization of our payment system in line with Nigeria’s vision 2020 goal of being amongst the top 20 economies by the year 2020.’

I don’t want to talk about why the country’s 2020 vision is unachievable (because if I talk about it, then it means I’ll have to think about and if I do that, then I’ll cry about it and I don’t really like to cry. So yeah. But just to know how bad things are, we were recently declared the world’s poverty capital).

Anyway, what I want to say is that amongst many things that would prevent Nigeria from being one of the top 20 economies, one which stands out for me is her failure to adequately capture e-commerce transactions in her tax administration.

N.B. (For the purpose of this article, I would be loosely defining e-commerce to be the buying and selling of goods and services over the internet and the paying for same electronically. Also, most of the businesses that this article would apply to are small informal internet businesses. Furthermore, I understand that payment may be made in cash for such businesses conducted online and so my definition does not extend to such transactions)  

Now taxes are inherently good. Irrespective (and with respect) to the negative sentiments many citizens have against taxation, it is a concept developed to supplement government revenue for the financing of public projects, public service as well as fostering the general growth of the economy.

Therefore, taxes are a major source of income for the government and for the economy. And although there isn’t much data available as to how many transactions / the worth of transactions conducted over the internet in Nigeria, we are well aware that e-commerce is real. People are buying and selling all sorts of things online. And maybe aside from the big names who, most likely, have the government watching them, many Nigerians who engage in e-commerce (like my friend, Beauty) never turn in taxes. And that’s a huge loss for the economy of the country.

So my questions are:

  1. Is it possible to effectively assess, collect and record taxes on e-commerce transactions carried out within Nigeria?
  2. If yes, how can it be done effectively – capturing every sale, and every transaction?

For the first question, I’ll state the obvious: It will be tricky and will require intentionality for e-commerce transactions to be effectively captured in our tax administration. This is because unlike businesses which have brick and mortar offices at which tax officers may visit and inspect, e-commerce businesses/transactions are “somewhere in the air.” Value-added taxes on the goods may never be charged or even remitted because how can these things be tracked?

But I’ve learned ‘never to say never’ ( meanwhile, I hate this saying because it makes you say ‘never’ whilst TELLING YOU NOT TO SAY THE DAMN WORD!). Anyway, so yes, my answer is ‘yes e-commerce transactions can be effectively and appropriately taxed in Nigeria.’

For the second question I have two suggestions which I have grouped into ‘The Cart’ and ‘The Horse’:

  1. The Cart: I call this the ‘Cart’ because it has to be in place before anything else can work out. It’s the proverbial cart before the horse and in my opinion, we’d be building castles in the air without it. It is simply this: Put some more structure in our national system. Our current identity and tax systems in Nigeria will not foster the capturing of informal commerce online. Even in jurisdictions that have some structure in place, taxing e-commerce is not the easiest thing. Therefore, in order to achieve this, here’s what needs to be done:
    1. There has to be good data protection law
    2. The harmonization of data by the National Identity Management Commission has to be effectively and properly carried out such that everyone is identifiable by their National Identification Number(NIN).
    3. Our National Identification Number (or say Bank Verification Number) must be tied to every financial activity carried out. For instance, if I sign up on say, Paystack to help process payments on my website, I’ll have to indicate my NIN.
    4. Tax authorities MUST simplify taxation information and make it superly available by using effective communication strategies.
    5. Tax registration and filing for businesses must be utterly simplified and tailored to suit small online businesses. It must not be a burden (financially or otherwise) for a small business to comply with tax rules.
    6. Tax authorities must then offer reasonable and innovative incentives to small e-commerce businesses who register and file taxes (e.g reduced shipping costs, co-working spaces maintained by the government, government promotion of their brand on a central platform, subsidized online courses on entrepreneurship or management offered by a Public University and so on).
  2. The Horse: This is called the ‘horse’ because it comes after. It looks like the real solution; the pragmatic solution, but it wouldn’t really function well if the cart is not in place. The Horse is E-governance. The market is online – and so the government must increase its proximity to the market. The Federal Inland Revenue Service (FIRS) already has a platform for online tax remittance. I know that Lagos State also has such on its platform.  However, in relation to e-commerce, this is not sufficient. So here’s my suggestion:
    1. A law/regulation released to the effect that every bank payment platform and every independent payment processor must request of its clients to indicate whether their platform/a transaction is one that would engage in commercial transactions involving VATable goods and services.
    2. Tax authorities then develop an API deployed to these payment channels to assess, receive and record the taxes on relevant transactions.

While I believe that this will take care of capturing some transactions done with e-payment channels, I am certain that there is a lacuna for cash payments or payments done with USSD codes. And of course, this might also push vendors to prefer these alternative options. And I’m also considering that some vendors may not disclose the nature of their business or transaction (which leads us back to my answer to the first question on structure). But we’d still be doing a lot better at collecting these taxes.

HOWEVER, if you asked me (and this is based not only on experience but on research), there is really just one thing the government needs to do to get people to voluntarily pay their taxes (whether personal income taxes or transaction taxes; whether on-site businesses or online businesses): The government needs to win the trust of the people. Our taxes have to be used for the purpose for which they are being contributed. The people need to know that if they pay taxes from their meagre income, they are in fact, doing themselves a favour. The people do NOT want their hard earned money to be pocketed by some lazy, self-serving, corrupt and frankly, wicked, government official.

The truth is that as long as citizens do not trust the system; as long as we are forced to become a government unto ourselves; as long as there is no confidence in the integrity of our systems, tax avoidance and evasion will continue and will get worse. And no technological intervention can cure that.

So while I have written this article acting somewhat as a government consultant, my higher purpose is the priority and protection of the citizens.

Merci!

And now that I’ve served so much gem, I need three things from you:

  1. Kindly give me some feedback in the comment section.
  2. Subscribe so you automagically get my articles in your mailbox.
  3. Share this piece with a friend (or an enemy)

The Law of Gravity and the Cloud

What goes up, must come down. But is that perfectly true of cloud computing? Understand data deletion and the use of cloud services.

Philosophers are weird.

I mean, Descartes slept in a traditional oven.

Demonax got old, thought he couldn’t take care of himself anymore and then simply stopped eating until he died.

Rousseau abandoned his 5 children because it was the fashionable thing to do in his social circle.

Diogenes lived in a small barrel in public.

Plato described man as ‘a featherless biped’

And then Diogenes plucked the feathers off a chicken and asked Plato if it was a chicken or a man. (Huh?)

So it is without shock to discover that even Sir Isaac Newton was an interesting character. At his funeral, it was said, ‘[Newton] was never sensible to any passion, was not subject to the common frailties of mankind, nor had any commerce with women—a circumstance which was assured me by the physician and surgeon who attended him in his last moments”. Uhhh… Weird much!

All that said to say that when Newton saw an apple fall from a tree, it was only natural for him not to think as the rest of us would have. Instead, he thought “why should that apple always descend perpendicularly to the ground? why should it not go sideways, or upwards? but constantly to the earth’s centre? Assuredly, the reason is, that the earth draws it. there must be a drawing power in the matter & the sum of the drawing power in the matter of the earth must be in the earth’s centre”

And it was so, that these thoughts formed the beginning of what we now learn as the law of gravity/gravitation.

Thanks to Newton, now we know that there is a force of attraction between two masses; the earth and objects in its vicinity. And that this is why we don’t float when we walk, why things drop if they are thrown, why the moon does not go on a frolic of its own, why it’s harder to walk uphill, why we trip down when we fall; and why aeroplanes are real inventions because they are built in such a way that their lift counters gravitational forces. ( I see you, Wright Brothers. )

In more simple terms “What goes up must come down!”

But I’m here to ask. “Is that really true, especially of the Cloud?” Does anything ever really “come down” from the Cloud. Is anything ever really really deleted?

First, it might be needless to say that the ‘Cloud’ being discussed here isn’t the skies or the cloud above. (this is a law-tech blog people!)

Second, it’s also important to note that the Cloud is strictly speaking, not the Internet – as many might think. The Internet is just a global network of computers that enables connectedness. The Cloud (which is actually short for Cloud Computing) is technology that leverages on the internet. It basically allows us store (and access) data or run programs using someone else’s computer via the internet. So instead of storing files on your hard drive or downloading software to your hard drive in order for it to run, you only need to connect to the internet and do that. So imagine using Google Docs online instead of using Microsoft Word which is domiciled locally (on your computer). Or imagine using DropBox to save your files, instead of your flash drive.

Cloud computing has a bunch of advantages. E.g, you don’t have to worry about viruses or any mishap to your software, or even hardware. Also, you don’t have to spend so much on storage infrastructure or on cost for software licensing (although you may have to give a periodic fee to your cloud provider – like how I pay for more space on my Google Drive and I only just got a mail telling me that my payment was declined because: insufficient funds. Poverty die!) Also, you can access your data or run these programs from anywhere; as long as you can connect to the internet. All in all, it is the make-sense thing for you to do.

But the question remains: How sure am I that data deleted from the cloud are truly deleted?

And this question is important for a number for legal reasons. A lot of privacy and security concerns arise with the advent of the cloud because – think about it – it’s essentially putting your data on someone else’s (albeit a corporate person’s) computer; possibly in an unknown location. Anything can happen and you want to be sure that if you delete any data, it is truly deleted.

On this my beautiful site, I recently talked about the right to be forgotten as contained in the GDPR vis-a-vis blockchain technology (it’s super interesting and you should check it out).

But here’s what you should know (and I’m also using the GDPR as a guide here):

  1. Your personal data is to be deleted or returned to you at the expiration of whatever service is being rendered to you. So in line with Cloud Computing, assuming I stop using my Google Drive account – I close it down. All data stored in my Drive must be deleted or returned to me.
  2. You can place a request for your data in the hand of a Cloud service provider in the event that you no longer want them to have it.

Google, a Cloud service provider, has addressed this issue as it relates to them. According to them, “When you delete your customer data, Google’s deletion pipeline begins by confirming the deletion request and eliminating the data iteratively from application and storage layers, from both active and backup storage systems’

In this explainer video on Youtube, Google further explains that ‘…when you remove information from your account, like a search from your search history or a file on Google Drive, we follow a strict process to delete it. They go further to tell us what this process is. ‘To begin, we remove the information from the product (say, ‘Google Drive’) where it was being used so it’s no longer visible for use in the product. We then immediately begin the process of removing the information from the active systems where it’s been stored. During the time it takes to delete information, our systems stop serving it.’

First, Google has confirmed something apparent, and it is that data is not totally deleted when a user deletes is from his/her own end. It’s still stored on the systems which render the cloud service.

Secondly, there has to be an intentional process dedicated to deleting the so-called ‘deleted file’ from where it is being stored with the Cloud Service provider. So imagine you use an iPhone and your pictures automatically synchronize to the iOS cloud service known as iCloud (because trust Apple to put an eye on everything. Get my joke? Get it?). Anyway, imagine you take a sensitive image (say of a naked body) and then you delete it off your phone, and for due diligence, you go to your iCloud and also delete it. Well, what Google is telling you is that the picture (most likely) still exists on the Apple’s storage computers and they’d have to delete it for it to be really deleted.

But guess what? Google isn’t even done. There’s still something they have to do to get it really really  deleted. Check this out. In continuing their explainer video, they say, “As part of our redundant systems, your information might also be in backup storage which is difficult for us to access but available for use to help our services recover in case of a disaster. Data can remain on this backup systems for up to six months. Sometimes, instead of removing information from our systems, we might anonymize the data so that it’s not associated with you”

Aren’t you just thinking, ‘wow!’.

And maybe you’re also thinking, ‘Nah. I’ll just delete my account’. Well, Google has a response to that. They say, ‘And if you delete your account, no worries, we keep your info in a recoverable state for up to one month’.

So you see that while using cloud services, data deletion is not final with the click of the delete button. The file still exists, the question is simply, ‘where?’ and ‘how accessible or vulnerableis it?‘ and ‘how soon do you also get it off your systems?‘ This is why I’ll totally encourage you as a consumer of these products and services to intentionally lookout for data erasure/retention policies of your service providers. If you’re not comfortable with their policies or they don’t even have one, you don’t have to use it.

You’ve heard where Google stands. For more details, you may check it out here

For Microsoft, theirs is here

Cheers!

And now that I’ve served so much gem, I need three things from you:

  1. Kindly give me some feedback in the comment section.
  2. Subscribe so you automagically get my articles in your mailbox.
  3. Share this piece with a friend (or an enemy)

Does Blockchain Snark at your Right to be Forgotten?

Oh! The number of questions within this question. Like, ‘what is blockchain and why does it sound mean?’ ‘What is my right to be forgotten?’ ‘WHY do I want to be forgotten?’ ‘Do I really have this right to be forgotten? Like the constitution says I do??’And what has blockchain got to do with all of this?

 

I am literally sipping water from a cold flask to calm my nerves because where do we even begin? I guess I’ll have to tell you a couple of stories first to lay some tracks for this article and also because that’s a hospitable thing to do – tell stories. The following stories are true ones:

The Murder of Walter Sedlmayr  – Germany

The above-named man with the surname you can’t pronounce was a German actor who died in 1990. He was found in his bedroom, tied up, stabbed in the stomach with a knife and hit on the head with a hammer. Three years later, his former business associates Wolfgang Werlé and Manfred Lauber, were found guilty of his murder and sentenced to prison time which has now been completed. Obviously, this story made it into Wikipedia (German and English), and it made the two ex-convicts angry. They requested that their names be taken down from both posts as it eroded their right to privacy. Requests were not quite successful because I mean, you can still see their names here.

Porn Unintended – Argentina

Virginia da Cunha is a 37 year old Argentine Singer, Actress and Dancer. In 2012, she took a bunch of sexy pictures (as celebrities are known and opportuned to) and even gave appropriate permission for same pictures to be published online. However, the pictures began to come up when ‘pornography’ or porn related words were searched on the Google and Yahoo! search engines. The celebrity sued both companies to remove these results. They were taken down. She won. (Although, I hear that the case is on appeal)

Melvin v. Reid – The United States

Melvin was just a prostitute in her former life. However, as it is with such a risky profession, she found herself being accused of murder. She went through the court motions but thankfully, the court decided that she wasn’t guilty, so she was acquitted. Melvin got herself rehabilitated and began to lead a peaceful life with a husband. Seven years later, however, a movie called ‘The Red Kimono’ was released and it was based on Melvin’s former life including the murder. The facts in the movie were not misrepresented and in fact, Melvin’s maiden name was used.

She sued the movie makers and finally, she won. The court is recorded to have said: any person living a life of rectitude has that right to happiness which includes a freedom from unnecessary attacks on his character, social standing or reputation.”

Mario Costeja González; Fighter of Google – Spain

A long time ago, Señor Mario was in some social security debts in Spain, and so a property of his was foreclosed by the government. Adverts were made in a print newspaper calling on people to come for the auction of his house, and later on, these adverts were moved to the Newspaper’s website. Because no condition is permanent, all of these money issues were eventually over and Señor Mario could continue living his life but for one problem – if you searched his name on Google forever, you’d see that he was once in debt and his house was up for auction. It was embarrassing to him (because imagine his bank or his employers doing a search on him). He reached out to the Newspaper, to Google in Spain and to the Data Protection Agency in his country, requesting that this content online be taken down. A lot of super interesting legal arguments were made in court and I’m doing everything I can not to go into them because the article is already looking long. So, let’s continue.

THE RIGHT TO BE FORGOTTEN

I believe your train of thought has followed these tracks I have laid and now you might have an understanding of what the right to be forgotten is.

 

The right to be forgotten is simply the right of a person to determine and have some control over the development of their life and of their profile narrative online. It is to be able to control information about yourself such that you’re not being perpetually or periodically stigmatized as a result of something you did or something that happened to you in the past.

It is a person’s right to have certain data deleted so that internet surfers can no longer trace them. The right to be forgotten has been defined as ‘the right to silence on past events in life that are no longer occurring.’ A lot can be said on the definition but just understand it as the power of a person to induce amnesia regarding information s/he would rather not be remembered for.

 

A noticeable trend in the stories I told earlier (and indeed other stories around this) is that the complainant or plaintiff usually refers to this right as ‘the right to privacy’. I’ll believe that that’s poorly couched, but forgivably so because the right to be forgotten is relatively new and its conceptualization is still in the works.

 

While the Right to Privacy generally relates to information which is not already publicly known, the right to be forgotten involves information already in the public domain but which needs to be erased. It’s like a ‘forgive and forget’ scenario, only with the emphasis on ‘forget.’

 

There are arguments for and against this right and of course both sides have their points.

For instance, when you consider repulsive issues such as revenge porn, child crimes, and just the sheer understanding of the frailty of man, one is prone to embrace this right. However, considering (and I speak for Nigeria) crass and dubious politicians who double as our nation’s cancer, and their penchant for literally erasing our memories either by stopping the teaching of History in schools, intimidating the media, influencing the media with fake information and so on, you might be inclined to be anti-RightToBeForgotten.

 

Currently, Argentina and the European Union are championing this right. I hear that Argentina is more of a boss at it but the EU isn’t doing badly at all. Article 17 of the GDPR (have you read my GDPR article?) states  that ‘the data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following  grounds applies:’ It then goes on to list 6 simple grounds:

Picture gotten from http://i-scoop.eu/

 

Also, see this simple chart explaining the non-absoluteness of the right.

Picture gotten from http://i-scoop.eu/

Perhaps you have the same question as I did when I read Article 17 GDPR: Can Search Engines be said to be Data Controllers?

The GDPR basically states that data controllers are those who determine the purposes for which and the manner in which personal data is processed. And the Court of Justice of the European Union (CJEU) states in Señor Mario’s case that an internet search engine operator (e.g. Google, Yahoo! Bing), is responsible for the processing that it carries out of personal data that appear on web pages published by third parties. Cool stuff.

 

So, because the EU is working hard to protect citizens within its jurisdiction,  Google (and some other search engines) have created data erasure forms for EU residents to fill to have their online data wiped if they want (and of course with terms and conditions). It’s called ‘EU Privacy Removal’. It’s here. Google also added ‘Iceland, Liechtenstein, Norway and Switzerland.’ (Sorry, Nigeria and other African countries.) You can see more info on how the form works here.

NOW, BLOCKCHAIN

Well, I believe all your questions about the Right to be Forgotten have been answered. Although there are till appendages of issues on that right, I am confident that you are successfully abreast of the fundamental vibe of it. If I’m right say, “aye!”

(the ‘ayes’ have it!)

Now, blockchain.

If you’re non-technical, let me give you heads-up. EVERY article attempting to explain blockchain usually goes like this: ‘Okay, I understand this, I understand that. Yeah, that’s understood. Oh? Cool. Yeah, that makes sense. This thing is actually pretty relataboksbutwyfduwdcfdyqrsdifwqusjw;qodifiwqyphwoiudiogfwqdcjwqfexhwqdfsglwq;oiudpewqo8ydfwtf’.

 

But I’ll try my best to tell you how I understand it. Blockchain is a technology that can also be called a distributed ledger. You know what a ledger is, right? No? Okay, A ledger is a file that records financial transactions. Now picture a digital ledger that can record every valuable transaction online. That ledger is then spread across several computers and every time it is updated with a new transaction, it updates itself on every computer. (N.B. Blockchain is not bitcoin; it’s just the tech that helps bitcoin be bitcoin.) So the blockchain database is identical on every node (computer) and so it leaves a (generally) publicly accessible data trail. I mean, if you know what to do, you can access the trail.

 

Therefore, if you’ve engaged in transactions relevant to the blockchain, your data is stored in the chain – data like your address, card number, phone number could be represented on a blockchain.

Now, blockchain is like the banner of internet integrity such that the data recorded in a chain is immutable and unerasable. Although it’s mostly encrypted, it can be decoded and therefore identifiable.

But I repeat, data in blockchain is not erasable. You cannot delete the data. You, also, cannot change or edit it – because this will break the chain and make the entire concept of blockchain useless. You can only add more to the chain.

So what is the effect of Article 17 of the GDPR and the general concept of the right to be forgotten & the right to erasure on blockchain technology? I thought I was a genius when I thought of this question but it turns out many other people are thinking of it.

From my research, although there are a couple of things you can do on a private (permissioned) blockchain (like choosing to forget or throw away the encryption key for the data, or setting the transaction to an unsolvable private key thereby locking yourself and everyone else out),  there is not much nothing, you can do on a public, generally accessible blockchain except to NOT store personal data on the chain. You may choose to store the personal details of that data off the chain and then instead, store an encrypted reference to it on the chain. If anyone wants to access that reference, then the person must verify that he has the right to. If he does, he will then be referred to where the data is by a link (which won’t be on the blockchain).

 

This was one person’s suggestion. It was probably the best I saw (and take this with a pinch of salt because I do not code). This paper, however, suggests a solution developed to help temporarily store, summarise or completely remove transactions from blockchain while maintaining the chain’s consistency. I don’t know. I call on techies to read it and summarize it to me.

I’m actually tired – I’ve sat for three hours doing this article.

BUT! I enjoyed every bit of it. I love studying the clash or relation of the two powerful forces called ‘technology’ and ‘law’. Because while the law is a mulish ass demanding that it must be obeyed, technology is a fleet-footed movement with its own inherent laws. They make an interesting couple. And I hope you enjoyed the article as well.

In conclusion, maybe blockchain does NOT snark at your right to be forgotten. But it does dare you to try!

Merci.

____

 

I’ll appreciate your comments below!

Also, if you have any topics you think I should write about, please let me know with this simple form here.