Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
UK’s GDPR replacement could wipe out oversight of live facial recognition (theregister.com)
186 points by belter on May 22, 2023 | hide | past | favorite | 150 comments


Well, yes, if UK is passing a law it is absolutely going to reduce privacy and rights.


This kind of thing was always my biggest worry going into Brexit. The country has to reimplement a ton of regulation and you know the government and its various hangers on won’t be able to resist “tweaking” every law and regulation to better favour them.

Workers rights, human rights… it’s all up for negotiation now. By people who aren’t listening to you.


When the UK was in the EU, I was protected from some of the worst excesses of the UK government. The UK didn't leave the EU to make those protections stronger...


No, no, no, you’ve got it all wrong. You were subject to the tyranny of bureaucrats.


What have the R̶o̶m̶a̶n̶s̶ EU ever done for us?


The single market?

What?

The single market.

Oh. Yeah, yeah. They did give us that. Uh, that's true. Yeah.

And the peace funds.

Oh, yeah, the peace funds, Reg. Remember what Northern Ireland used to be like?

Yeah. All right. I'll grant you the single market and the peace funds are two things that the EU have done.

And the Erasmus programme.

Well, yeah. Obviously the Erasmus programme. I mean, that goes without saying, doesn't it? But apart from the peace funds, the single market, and the Erasmus programme--

Food standards.

GDPR.

Huh? Heh? Huh...

Climate policies.

Ohh...

Yeah, yeah. All right. Fair enough.

And the chorizo.

Oh, yes. Yeah...

Yeah. Yeah, that's something we'd really miss, Reg, if we left the EU. Huh.

Cross-border healthcare.

And it's easier to travel to Spain now, Reg.

Yeah, they certainly know how to keep order. Let's face it. They're the only ones who could in a place like this.

All right, but apart from the single market, GDPR, climate policies, chorizo, order, food standards, Erasmus programme, a cross-border healthcare system, and peace funds, what has the EU ever done for us?

Prevented wars?

Oh shut up!


For those not in the know, this is from the movie Life of Brian (1979) which takes place in Roman Judea. A potential rebel tries to rile up his comrades with the rhetorical question “what have the Romans ever done for us?!” Apparently, quite a lot.

https://youtu.be/Qc7HmhrgTuQ



Brillant!


Could have been a great opportunity to try to actually improve things rather than adding loopholes for the benefit of special interests. Maybe with the right people in power that could still be achieved, but seems unlikely.


> Could have been a great opportunity to try to actually improve things rather than adding loopholes for the benefit of special interests.

The reality is that the EU legislation was toxic and loopholed at the behest of the UK and its special interests. The UK was not a moderating influence, but the UK was the one calling for no encryption and spying of the population.

If given a chance to improve or remove legislation the UK government will remove it NOT because its an assault on freedom and liberty, but because they dont think it goes far enough in curtailing freedom and liberty.


Yes, very well explained in Yes Minister https://youtu.be/37iHSwA1SwE


Just started watching the series this weekend; it holds up shockingly well. The only sad thing is it's almost not cynical enough when compared to today's politics.


Well said.

As a UK national, I have to prefer being beaten with relish by genuine sadists (the UK government), rather than by sadists who pretend to have some heart left over.


Mission accomplished! Good luck with, well, everything & looking forward to seeing you in back in the Union within 2 generations! Without the prior exemptions & special treatment, naturally.


Curb your schadenfreude. The way things are going, there may not be a union in two generations.

Most EU countries have an ultra-right wing, nationalist and euroskeptic party in their parliament (I just don't want to say "fascist"). At least three (Italy, Hungary and Poland) have one in government. In France, Mme Le Pen has consistently got to the second round of presidential elections for the last ... three? Four? elections?

Things aren't going well.


Now thanks to Brexit they're all playing 'chicken' in actually leaving. Because they like the money better. (though I'm not betting on Hungary much)

Leaving was their 'controversy of the day', there are other ones they can use to pent up dissent.


> The way things are going, there may not be a union in two generations.

You mean might be a new union? I can agree with that. A fragmented Europe is not stable, if the EU dissolves in the next 10 years, it's almost certain there will be some sort of union in the next 2 generations. Whether there'll be another war in Western Europe between now and then is another question altogether.


Many Brits against Brexit and who want to rejoin EU disagree and believe EU wants UK back so much it'll offer the same terms as before.


I don't have any skin in this particular game but it sure seems to me that the UK is the one who stands to gain the most out of this particular transaction...


That arrangement of incentives seems about as likely as the US agreeing to take the UK on as the fifty-first state.


I mean if you're all about maximising economic gain over sovereignty: joining the much larger (and growing) US makes much more sense than the declining EU


You didn't need Brexit to "improve" this kind of things, countries can already go beyond EU regulations on their own.


It could have been, but realistically only if the goal is "find problems in current legislation and improve". They started from "repeal current legislation and replace". It's like a developer deciding to just rewrite the legacy system, it won't lead you to your desired outcome.


It won't lead to desirable outcomes for the country, but it will lead to desirable outcomes for the Tory's increasingly fascist oligarchy, presumably.

Johnson was asked directly about workers rights prior to Brexit and said that we would improve them and that it was so totally wrong of Remainers to assume any rights would be eroded... and no-one paying attention is surprised to find that was a lie. But it probably worked for a small margin of voters in the referendum.


Yes, but this is the UK government. They are not benevolent. At every opportunity presented: they erode our rights, unless it has significant public support and costs absolutely nothing. (like gay marriage).

As soon as anything impedes special interests even slightly, be sure it will be legislated out of existence if possible.

One argument brexiteers trot out commonly is that EU regulations make it hard to be competitive. But human rights should impede "competition" otherwise it's a race to the bottom.


To be completely honest, I was surprised and disappointed at the amount of resources and time spent by the UK's government to infringe on the free-speech rights of pacifist anti-monarchists protesters.

This contrasted with the weak response from the government after the sordid London bridge attacks, with the mayor even stating that "Terror attacks are 'part and parcel of living in a big city'". Is this what people in the UK want?


The actual quote is:

"Part and parcel of living in a great global city is you have to be prepared for these things. You have to be vigilant."

The context was talking about working with other big cities, specifically New York as it was just before a meeting with Bill de Blasio to talk about cross-training and information exchange.


The British system (parliamentary sovereignty) means your rights are ONLY what the current government decides. There is no way to establish fundamental rights the way the US can with an Amendment. So any improvement you get post brexit is only worth a damn until the next change of whim of parliament.

Personally, I would take a guaranteed "90% right" system (aka the EU) over a random number generator (aka Brexit)...


Although most countries end up rewriting their constitutions every now again, just look at Chile now, or even France since WW2. Very few, maybe no countries have a constitution as set and inflexible as the US.


I don't mind changing constitutions. None should be permanent. Weirdly the UK is one of the few unchangeable ones however, that is sort of the only rule: there are no (other) rules. It's super weird...


I don’t know, you’re talking about a surveillance-crazy culture, I don’t see them shying away from facial recognition.


We love it. When we can't afford real CCTV, we hang fake cameras up practically as decorations. Asda even shows you a picture of your own face with a little green box around it to show they've got you and then allegedly just discards the data from it: https://fullfact.org/online/Asda-facial-recognition/

Even when it's legally dubious we'll do our damnedest to look like we're surveilling the ** out of you.


While I enjoy the candor and tone to your post, the content makes me a little uneasy. It just can’t be good for society.

That said, I didn’t think London was nearly as bad a Singapore for number of cameras. And their aren’t closed, I have no doubt that’s all to a central store, facial, and AI all rolling now.


If anything, the UK take on surveillance was (for me as a visiting American) hugely de-stressing.

In the US, I worry that some anonymous fellow citizen packing heat is going to snap and decide to execute a lifestyle change on me I didn't ask for and then melt away, unaccountable. The US unsolved murder rate is at a record high. Between the lack of firearm rights and the ubiquitous surveillance, I never had that fear in the UK.


In the UK it'll just be a knife instead of a gun.


That's much preferable. The odds of a person catching a stray knife from a conflict a block away, or being one of a dozen knifing victims in a mass knifing incident because someone had a bad day and decided to take it out on a shopping mall, are far lower than with the other weapon. I haven't heard, but I'm pretty sure elementary school students in Bristol aren't holding knifing drills where they learn how to hide under their desks and pretend they've already been knifed.

They say a fish isn't really aware of the water they're swimming in. Visiting Europe was like having a weight lifted off me, a tension released, that I'd been carrying my whole life and didn't know was there. Americans just live with the spectre of death due to random gun violence perched on their shoulder these days.


The US has even higher rates/incidence of knife violence than the UK. Knife crime just gets more air time in the UK presumably because gun crime isn't drowning it out.


Yeah, as with the US people will accept or even demand almost any authoritarian measure in the UK so long as it's used against people they don't like. But with some special UK pathologies.


> Could have been a great opportunity to try to actually improve things rather than adding loopholes for the benefit of special interests.

But the kind of people who want the policy that Brexit is - i.e. xenophobic nationalists - are not the kind of people you'd want to take such an opportunity.

Membership of the EU was a great opportunity. Brexit is an opportunity for fascists.


> Brexit is an opportunity for fascists.

I'd be curious to hear how exiting the European Union relates to the doctrines of Benito Mussolini.


Good news, Mussolini is dead so there aren't fascists anymore! They entire ethos was strictly and solely related to that specific time and place and is now a historical curiosity only!

Phew, that was a close one!


Again, I asked how the wish of 1/2 of your countrymen to leave the EU relates to 'fascism'. Yes, I was slightly in jest because there are many reasons why one might be sceptical of the EU. One could even compare the EU to pan-European movements of the 1940s like Fascism, but that wouldn't be productive.

I need propositions, not further slander.


"By people who aren’t listening to you."

This is the part everyone wants to say but isn't right. They are usually listening to people, just not people who agree with you :)

One of the grand follies is to assume politicians are not doing what their constituents support.

They almost always are, and often enjoy incredibly high local support/satisfaction ratings, even when the national ones are in the toilet.

They spend significant amounts of time polling and understanding how their constituents will react to issues and votes.

Now, you may want to argue those constituents are ignorant, or don't know what the vote really means, or whatever, but it's a sideshow.

I often see people say "well 70% of people in the country support X so politicians aren't listening". But when you break it down, they are usually voting in alignment with constituent support, and it's just a variant of Simpson's paradox in action (overall population vs subgroups).


Well, for example, our national politicans have delayed a plan to clean our waters (that are almost all polluted to a level illegal under EU law) until 2063. They are clearly not representing the people even on non partisan issues.


Regional constituencies allow politicians to select the voters they want in many respects. The UK might look very different if they had a party list or some other form of PR.


Sure, i have no doubt the system is broken in lots of ways. I'm just saying that one way in which it's not particularly broken is whether they listen.

They do nothing but listen, have dedicated staffers and help that do nothing but analyze constituent opinion/views/etc.

You will rarely find them doing anything that is going to go against that. The exception is the small number of places where they are forced to deal with multiple constituencies for real.


Exactly.

The nice thing about being part of the EU was that we had a second level of sanity involved in our jurisdiction .. especially important when we have inept dangerous parties in control.


Well, no, it doesn’t _have_ to. There’s little stopping the UK from holding onto what it has. Brexit provided an amount of political cover to remake the law if it _wanted_ to, though.


The good news is UK is democracy, so no need to worry.


/s presumably.

We're so democratic we lock up people who look like they might be going to protest against us having rulers selected by accident of birth, rulers we are forced to spend £10s of £Millions 'celebrating' despite them being some of the richest people in the World. You can't get more democratic than that! Good job everyone here has more than enough, so it's not at all immoral. /s


the regulation is a joke anyway, so why pretend? same with gdpr and the so called online privacy. it’s all smoke and mirrors with an added serving of mixed anti-americanism and european protectionism. they should remove everything from the books until these things have heft. and if they can’t come up with something serious, why legislate in the first place? just for populism’s sake? (eg UK’s online safety bill)


What you call a joke does work albeit slowly. Most of pages have a 'reject all' button now. It didn't get there in the first iteration, but the effect is nice now. As a bonus, you quickly see who works in bad faith, by how it's implemented.


It's a joke because it demonizes a specific technology which is only tangentially related to the goal. Imagine if we wanted to make drive-by shootings illegal and rather than passing a murder law your politicians criminalized having windows in cars.

Cookies are the least offensive tracking technology. They're visible to users and the interactions with them can be seen. The EU should have mandated that all tracking has to be implemented as a cookie so that users could see it and block it themselves. Instead they added a lot of cruft and legal risk to every website and it doesn't make anyone "safer".

> you quickly see who works in bad faith

No, and that's the ultimate fail. You click the button and feel safe but you can't see the server-side logs so it's entirely a false sense of security.

If you want to stop tracking, make the law about tracking not about the current methods.


The law is about tracking, in fact it's about data protection which is a step removed from tracking, tracking is just a principal route to PII acquisition.

The acquisition needs to be through informed consent and the data retention needs to be for the reasons consented to and not extend for periods beyond that (unless you need to keep data to comply with other laws, eg tax).


Sadly the reject all became widespread as companies switched over to negating it by hiding "legitimate interest" toggles in multiple sublevels of expandables.


That used to work when it was just the cookie law, it doesn't work any longer. It must be "as easy" to opt in as it is to opt out, because of this dark pattern specifically.


Sure, there's the rules as written, and there's the actual behaviour of companies, and I think it's clear there's still a need for fines (and more of them) until companies start to comply and stop coming up with wishful workarounds to opt users in by default and then complain the law is unclear when they get smacked for an action that was clearly against the spirit of the law.


What is heft in this context?


But it's clear GDPR isn't working as intended. The compliance costs are absolutely enormous and EU member state national courts are leading to rule virtually every tech product being in noncompliance with it, as it so broad.

It's likely to lead to the quasi-ban of LLMs sooner rather than later in the EU. This is going to be an enormous challenge to the EUs tech industry if UK and US firms can use LLMs but EU companies can't.

While I lean remain; some people seem to have serious blind spots that a _lot_ of EU legislation is poorly thought out and given the slow pace of change extremely hard to revoke once it is in force (cf the ridiculous cookie banners; which were implemented in law in 2002 and _still_ haven't been changed, despite 10+ years of efforts to do so in the EU institutions). It's going to be even worse with the EU Digital Services Act, where being in compliance with GDPR and the DSA is a lawyers dream, as from what I understand it directly contradicts each other.


> The compliance costs are absolutely enormous and EU member state national courts are leading to rule virtually every tech product being in noncompliance with it, as it so broad.

Isn't that intended?


Not really. The ideal is to have companies that are delivering functionality while still respecting user's data rights. Apple's products are probably the closest to this ideal, given their incentives aren't about harvesting user data to sell ads. I'm sure there are some techno-alarmists that would like to either shut everything or significantly slow the pace of innovation - but the broader vision is one of delivering both value and safety without unreasonable overhead.


Lets face it, an above average number of people commenting here work in covertly monetizing our personal data, as there seems to be quite a few of them rubbed the wrong way by the GDPR I can only conclude it's working rather well.


That's a significant group of people for sure, but I'd add two more groups:

- A group that think GDPR = cookie law and there's nothing more written in it. Never any discussion about, say, forcing companies to report a data breach within 72h of detection. Or about being able to download your data, or forcing a company to remove your data, or...

- A group that think passing a new law = everyone is going to comply immediately and one random website that they know of that doesn't comply but wasn't sued yet into submission = GDPR was a mistake.


"There's no way to rule honest men..."


Right, it isn't working. Facebook/Meta was fined a billion today, but still will not respect user's privacy.


Sounds like it needs stronger teeth. Not to be neutered.


I feel like "it doesn't work as intended so it never will, do not try" - an argument very frequently said by cynics, is the antithesis of the indomitable human spirit and human achievement. It's very harmful to anyone trying to do anything challenging.

Imagine if this was one of the principal virtues in human civilizations. Where would humanity be? Would we know the Earth is round and not the centre of the universe? Would we have vaccines or antibiotics? Would we have most of our art and literature? Would simple technologies like irrigation even exist? We would probably not have any advancements past about middle ages.

I don't understand why so many cynics tell this to others these days. Do they genuinely have a mindset that nothing is worth trying if it failed the first time?


> Do they genuinely have a mindset that nothing is worth trying if it failed the first time?

No. But the way you first picked to do the thing is very likely impossible to make work. Don't decide on a mechanism, like cookies, and fixate on it without regard for practicality or effectiveness.

Preventing invisible tracking is probably a good goal that's worth iterating on but making sites pop up a list of good and bad tracking and being allowed to track the people who accidentally don't click "No!" seems like an entirely failed way to go about this.

If tracking is bad then stop it for everyone, not just people who clicked the correct thing. If some tracking is generally bad but allowable for certain functionality then mandate that tracking is only applied once the user had opted in, etc. Don't make users mark "Don't steal my organs while I sleep" on the hotel paperwork.


> No. But the way you first picked to do the thing is very likely impossible to make work. Don't decide on a mechanism, like cookies, and fixate on it without regard for practicality or effectiveness.

GDPR is not about cookies. Cookies are mentioned only once in the entire legal text as an example of a technology that can be used to associate users with personally identifiable data. If there is no risk for this association, GDPR does not care about cookies.

GDPR is about ethically acquiring and handling personal data.


I hoped it was clear that I was referencing the previous post, where compliance costs where said to be too high, by countering that fines are too low.

Yes, we need more effective GDPR, not less.


The GDPR allows for a bunch more escalations. Both in fines (that isn't 4% of global revenue yet) and in consequences (e.g. being all but expelled from the EU single market)


I’m in the EU this week and I had no idea that the cookie banners were so obnoxious, every site has a huge page blocking banner, and plenty of US news sites seem to block EU traffic entirely. I had to use a VPN to access some sites.


Funnily enough the ones that block are usually "State/City local news" website, which have a tiny, if not null EU audience already (meaning in practice nobody would care)

Now if the popups are obnoxious whose fault is it? (To answer that just notice how many other obnoxious popups/overlays/etc the same site has about other stuff)


All sites not run by shit-heads have a "reject all non-essential cookies and close button" clearly displayed.

They could just choose to honour "do not track", but I realise they want the money. Most large sites seem to have added the "reject all" button when it appeared that this was necessary for compliance. Those that did not don't care if they comply.

Obnoxious banners are a choice. If we didn't have them the choices of site -owner's wouldn't be less obnoxious, they would just be hidden.

It's like the warning your car makes 'put your seatbelt on'; sucks, but better than it not existing.


> While I lean remain; some people seem to have serious blind spots that a _lot_ of EU legislation is poorly thought

Oh, I'm not blind to it. My calculation is a simple one: looking at where we were and where are now, where would I prefer to be? For me it's not a difficult conclusion.

> This is going to be an enormous challenge to the EUs tech industry if UK and US firms can use LLMs but EU companies can't

Sure, but your argument completely disregards the privacy concerns which is the reason the EU has done what it's done. It's possible for Europe to decide that it's worth the cost in potential business to protect the privacy of its citizens. That's essentially what GDPR decided, after all.

(FWIW I've worked on GDPR implementations, I'm not so convinced it's a failure. It lead to a very meaningful drop in the amount of personal information the company was storing. The compliance costs were not particularly huge ongoing costs, just upfront implementation ones)


The EU isn't really protecting the privacy of its citizens with the GDPR as much as people think for at least two reasons.

First there is the practical implementation. As we've seen the current stand-off between US government security laws and EU government privacy laws is still being decided in favour of transferring personal data for processing in the US. That might even be the preferable way to break the deadlock for the immediate future because the cost to the European economy and particularly the tech sector of suddenly cutting off all US-based services when the EU has no native competitors would be enormous and as things stand that appears to be the only safe way to guarantee legal compliance on both sides of the Atlantic.

There is also the hypocrisy angle. The GDPR allows for EU government access to personal data under their own security laws that is not so different to what the US laws allow the US government to have. There are definitely some double standards in the typical arguments about how the GDPR protects personal data from unwarranted government intrusion and overly broad security laws.

I'm also firmly in the pro-privacy camp on principle but the rules do still need to be workable or everyone is just going to ignore them anyway. It's not clear to me that the way the GDPR is currently being used against big US tech companies is a good way to go.


> cutting off all US-based services when the EU has no native competitors would be enormous

I think you have it wrong way round - EU business was late, and 5he market was sevured by US corps. I dont think EU will ban US business, but if they did, that would create opportunity for homegrown co petition to emerge. By now, cloud services are not rocket science.


I dont think EU will ban US business, but if they did, that would create opportunity for homegrown co petition to emerge.

That's one theory. The problem is the several years of lag time between the opportunity being created and anyone actually exploiting it at scale. In the meantime countless SMEs that depend on modern online services for their day to day operations would probably have failed.

By now, cloud services are not rocket science.

And yet the US keeps producing them at a far higher rate than we do over here. Much of that has been due to the VCs almost casually giving away millions in funding in the hope of backing the next unicorn among all the failures, which is an investment culture you don't see so much in Europe. But there are also reasons investors tend to favour some countries over others and the regulatory environment is usually second on that list (after taxes/subsidies) if it's not first.

And in their regulatory environments the EU and US are almost polar opposites. The US is very lightly regulated (apart from the problems of regulatory capture, where the US seems to do much worse when it does happen) but that means tech firms engage in practices we might not like. The EU is very heavily regulated but that means added overheads even for well-behaved businesses that can eventually add up to being less competitive in a global market. Maybe there is a sweet spot in between but certainly neither the US nor the EU have found it yet.


What does "working as intended" means?

Some sibling comments challenge that it doesn't help reduce the amount of private data stored.

I would argue that GDPR is working as intended on the economic war front. The US weaponized their extraterritorial anti-corruption laws, China is also building similar legal weapons, GDPR is part of the european answer to that: a framework to catch up with other super powers who can pressure foreign companies whenever it pleases them.


I did quite a bit of work implementing GDPR compliance not long before it became enforceable and it was quite easy? Basically we had to make sure we knew where data was kept and how to delete/retrieve it. The biggest piece of work was making sure our logs didn't have personal info in them (sensible anyway imo) and adding proper log rotation.

Like every company will be different, but you really should know where your data is kept.


How _do_ you make an LLM trained on people's personal information comply with privacy law?


Depends on how you define privacy. If definitely accessing the data to train it was illegal/wrong, then you can't. But if that is ok, then the question is to what application will the LLM be applied? A generalized chat interface probably would be able to regurgitate private information. But things like reasoning engine, or recommendation system plugged into other downstream systems where the raw output isn't expose very much could work. There are a hundred new startups everyday it seems that are some kind of wrapper on top of an LLM applied to a niche use case. Many of these should be able to preserve privacy.


> It's likely to lead to the quasi-ban of LLMs sooner rather than later in the EU

It won't be GDPR but newer regs

> This is going to be an enormous challenge to the EUs tech industry if UK and US firms can use LLMs but EU companies can't

I'm sure they'll find a way

> a _lot_ of EU legislation is poorly thought out and given the slow pace of change extremely hard to revoke once it is in force

Kinda, but things don't change only by the original legislative process, but by subsequent regulations, agency reviews (like data protection organisms), judicial reviews, etc

> which were implemented in law in 2002 and _still_ haven't been changed, despite 10+ years of efforts to do so in the EU institutions

I'd love to know what kind of discussions went in regards to the cookie law and GDPR in legislative reviews. I'm sure it's all logged in a very verbose way in multiple websites and it would be some effort to get it all together

And the AI act worries me, but we know that actual enforcement and definitions and wiggle rooms exists (and as with GDPR, enforcement is kinda patchy)


Right. But I don't think the EU is better!

I mean, everytime I go to a new site, what cookies am I going to accept...? What ridiculous yet boring puzzle is going to try to trick me into giving this or that info over? Thanks EU!


That's not EU, that's actually illegal under EU law. EU law requires that the "reject all" option is as easy to identify and click than the other ones.


You may be surprised by how this plays out. UK has a golden opportunity, as Paul Graham recently wrote:

I knew EU regulators would be freaking out about AI. I didn't anticipate that this freaking out would take the form of unbelievably stupid draft regulations, though in retrospect it's obvious. Regulators gonna regulate.

At this point if I were a European founder planning to do an AI startup, I might just pre-emptively move elsewhere. The chance that the EU will botch regulation is just too high. Even if they noticed and corrected the error (datum: cookie warnings), it would take years.

Now that I think about it, this could be a huge opportunity for the UK. If the UK avoided making the same mistakes, they could be a haven from EU AI regulations that was just a short flight away.

It would be fascinating if the most important thing about Brexit, historically, turned out to be its interaction with the AI revolution. But history often surprises you like that.


Uk is not a powerhouse for anything outside finance, thinking they can start up a cluster in whatever sector from the city + Oxbridge is delusional


The UK has the third largest tech industry, only after the continental-scale megastates of the US and China.


I want my own private live facial recognition in the form of a social secretary that reminds me the names of people that I have met before. That would be a killer app for AR for me.


Honestly, as a person with prosopagnosia, I would kill for a google glass style AR that could just tell me names after someone gets a haircut


The surveillance dystopia is a topic and minor theme running through a game I've been building. [SB: see below]

I believe we need to strengthen laws against it. As well as start practicing a broader set of personal security & privacy techniques.

For example, a few of the easy ones I apply by default: I try hard to never use someone else's WiFi: and pay cash everywhere I can; and when say a fast food place asks for my name, unnecessarily, I give them a throwaway alias name (like Joe or Bob), so at worst thats the name they enter in their system. Hundreds more techniques exist obviously, some much stronger, and I recommend folks tailor theirs to taste.

Trade-offs always, and no silver bullet. But wise to take SOME action to fight back and protect yourself. Don't be paranoid, but don't be a fool.

----

[SB] - https://synystrongames.itch.io/slartboz


Can't say I'm surprised - london is famously cctv heavy


No, it is CCTV heavy, but most cameras are private, not public and not part of the single network.


For all the good it does....


It does lots of good. What's your point?

---

Edit: I presume drive-by downvoters supported the conviction of Wayne Couzens?


For the elites who backed it - as opposed to the people who voted for it - Brexit was always a project about Americanising the UK. They're the same people forcing mayors on us, the same ones who wanted chlorinated chicken, the same ones who think american style private health insurance is a good way to run a healthcare system, and all the rest.

So I'm not surprised that they think invasive surveillance capitalism is also a good thing.


I’m a Hongkonger. The only thing I know about UK before moving to there is the Queen, and Manchester United.

I’m curious of what British politics like in general. Like, I’m absolutely against invasive surveillance, but I associate it more with communist China and its authoritarian bullshit.


Funny you say that because I know someone who picked Manchester after moving to UK from HK because he and his dad support Manchester United. He moved along with his brother, sister and retired parents, all under the HK visa. They are looking to buy two homes in Manc with their in savings.

The newspapers are suggesting the new migrant stats to be published soon by Home Office for past 12 months will show extremely high numbers from both Hong Kong and Ukraine. To be honest I'm surprised people from Hong Kong didn't pick Australia instead of UK given it's better weather and bigger homes/roads compared to cramped England.


You could apply for a British National Overseas (BNO) passport if you were born before 1997, and since 2021 one could stay in UK with BNO. For many people it is the easiest way to leave Hong Kong. Most places are much stricter, my friends going to Australia are going back to studying to apply for a student visa.

The policy is not without flaws though, the youngest BNO holders are now 26, immigration policy that focus on older generation is much harder to work. The 12-18 year olds are having a hard time as well, a 6 year stay is required before you could go to university with home fee, and no home fee basically means no university for many families.


My undersntanding is that a BNO holder can bring their dependent family members with them which might help a bit. But yeah, it must be sucky to be a young pro-democracy camp Hongkonger with parents either explicitly pro-Beijing or at least uninterested in leaving.


> I'm surprised people from Hong Kong didn't pick Australia instead of UK

My understanding is that the UK has the pretty generous BNO visa with immediate working rights and a path to citizenship, while Australia has an enhanced post-graduation pathway.

THe first is much easier and more flexible.


It is deeply authoritarian from Labour and the Conservatives. During the Troubles (eg, the Irish Republican Army bombing the UK and their opposite numbers in Northern Ireland doing the same) we practiced internment - eg mass incarceration without charge:

https://en.wikipedia.org/wiki/Operation_Demetrius

We also routinely convicted people on flimsy charges, this being the most notorious case:

https://en.m.wikipedia.org/wiki/Birmingham_Six

A notoriously brutal policing operation split along ethnic lines:

https://en.m.wikipedia.org/wiki/Royal_Ulster_Constabulary

Infiltration of various groups by police with the sole purpose of surveilling and disrupting their activities:

https://www.theguardian.com/uk-news/2018/oct/15/undercover-p...

Mass surveillance by GCHQ as documented by Snowden:

https://en.wikipedia.org/wiki/Global_surveillance_disclosure...

Rendition without trial (aka kidnapping) and torture:

https://www.theguardian.com/world/2013/may/22/uk-support-cia...

https://en.wikipedia.org/wiki/Abu_Ghraib_torture_and_prisone...

London is the most surveiled city outside China:

https://www.verdict.co.uk/most-surveilled-city/

And last but not least, the Metropolitan Police is full of creeps, rapists and murderers:

https://www.bbc.co.uk/news/uk-england-london-58747614

https://www.theguardian.com/uk-news/2022/jun/28/met-police-p...

https://www.theguardian.com/uk-news/2021/apr/22/fourth-offic...

...

OK, one more, I give you.. indefinite prison sentences:

https://www.theguardian.com/society/2022/sep/28/call-to-rese...

Edit: The pattern I'd identify throughout 200 years of our history is that we regularly "clamp down" on groups that are no threat (eg, Catholics, Irish people, and today Muslims) and radicals of any kind who wanted stuff like the vote, or socialised healthcare, or a decent environment. The pattern may well span longer, but I can definitely pick it up during that time.

I don't think it is even a matter of national character, either: it is a function of how our politics works. We have two viable parties of government, and they don't contest certain things, including authoritarian policymaking.


I don’t really have a problem checking faces against a known police database - provided there’s good laws about how people end up on that list. But people not on that list should not be tracked


I have strong doubts that any company will care much about a British version of the GPDR. Even with the record fines, the GDPR is routinely disregarded. I can only assume that most companies will not care about applying special rules for the UK.


Roll on next GE.


As if Auth-Left Labour wouldn't also love this.


I wouldn't be so sure that Labour will win


[flagged]


Eh… https://www.europarl.europa.eu/unitedkingdom/en/news-and-pre...

So this is only a classification effort to help with inter-border trade, nothing else, nothing is banned…


The UK isn't even scrapping the "bendy banana" law https://www.standard.co.uk/news/uk/bendy-bananas-brexit-uk-e...


The EU never banned bananas based on shape. It’s a myth


Oh, I thought they made it, but it was something the banana industry requested to have standards for trade.

https://www.theguardian.com/politics/2016/may/11/boris-johns...

I always thought "journalists" whipping up outage over something the regulated industry requested(!) should be absolutely ashamed of themselves. This kind of "reporting" was probably a contributing factor in anti-EU sentiment and ultimately Brexit.


** lie



> blue passports

Which are made in Poland. What a magnificent Brexit win!


By a French company from what I heard.


The wonder of the single market, innit.


>single market, innit

Why do you need to initialize the single market method?


And they’re hardly blue. Closer to black.


And very tacky.

Literally. Tacky. Like 20 year old rubberised plastic going rotten.

I felt compelled to buy a passport cover so I wasn't grossed out by the cover.


Meanwhile, Sunak is celebrating himself with a nauseating propaganda video:

https://twitter.com/RishiSunak/status/1660560546465193984

Look how clean and groomed our dear leaders are while they are surveilling the population and ruin the economy. Whatever it takes!


Returning back to the OT of surveillance and oversight, and as you're making this into a partisan issue, what would Labour do differently?

"Authoritarian" concerns were expressed last time Labour was in government [1], and they're "seriously considering" resurrecting their policy of mandatory id cards if they get in power again [2].

And, before I get smeared as a "Tory"/"Brexiteer", I am not - I'm someone who remembers what happened last time Labour was in power and see neither party offers an alternative to increasing surveillance in the UK.

[1] https://www.theguardian.com/commentisfree/2006/apr/24/commen...

[2] https://labourlist.org/2022/11/mandatory-id-card-policy-shou...


> as you're making this into a partisan issue

Criticising the current PM doesn't automatically make it a partisan issue IMHO.

Personally I don't actually care what party they're in. I care how {badly} the {party who are currently in power} are running the country.

> neither party offers an alternative to increasing surveillance in the UK

I agree. They're all worthy of criticsm at the moment. And particularly the ones currently in power.


> Criticising the current PM doesn't automatically make it a partisan issue IMHO.

In hindsight I was wrong to say that; it was a bad choice of words. I agree with you. Thanks.


Authoritarianism is very much so bi-partisan in UK politics.

That said I do think the Tories have taken it to the n-th degree recently, though. It's unlikely that Labour would introduce new bills that are quite as heavy handed as the Police, Crime, Sentencing and Courts Act 2022 but I imagine they're unlikely to unwind what is currently there now.


Lots of EU countries have ID cards, this is not something enabled by Brexit. I don't really get the dystopian angle to it either. Do countries with ID cards see them as authoritarian?


The UK's aversion to ID cards is weird as they are perfectly happy with HMRC having a database entry for them for example, so the government already has a record of everyone.


Those are two different things. HMRC may have numbers, but you're not required to get them tattooed on your arm. Which is the ID card scheme in fact is.


It's not an arm tattoo, it's an ID card.

The sad thing is that the UK has inflicted all the negative aspects of ID requirements on people without the consolation prize of a universal free ID.

If you have a job, rent a house, or have a bank account in the UK, you must have a government ID at the moment. Because people wanted that requirement barrier built so it could be used against immigrants.


If you’re required to have it on you at all times outside of your own property then it is effectively no different to an arm tattoo.


You would not though, so it's not.

You might as well say we should not have police because if they're required to beat you up if they saw you commit a crime then that would be bad. It would, but they're not, and it's the people who would intend that who you should oppose.


> You would not though

In several European countries, you absolutely do.


It's sad that you have to post that comment. Should it surprise me that advocates of this do not know how ID cards are actually implemented, even in countries nearby?


How is having an ID card a requirement to tattoo a number on your arm? Nobody is advocating for mandatory "ID please" checkpoints everywhere, merely providing a standardized way to pass through existing checkpoints (AML/KYC in the bank, etc).


> Nobody is advocating for mandatory "ID please" checkpoints everywhere

Why would anyone who wanted mandatory "ID please" checkpoints advocate for them before introducing ID cards when:

a) it makes no sense to advocate for them prior, there’s a natural sequence of dependencies.

b) it would hinder the introduction of ID cards and hence, mandatory "ID please" checkpoints.


> a) it makes no sense to advocate for them prior, there’s a natural sequence of dependencies.

We had that back when the government made it mandatory to have ID to be employed or have a bank account or rent a house. Not having an ID scheme didn't prevent it being made a requirement.


Then what is the need for an ID card?


We had a trial run of "papers please" just a couple of years ago. You were forbidden from traveling more than 1km from your house lest you get fined 1500 euros.


Defending democracy in Ukraine is one of the few instances where I agree with the current UK government.


100% agree.

For all the things I can think of to complain about our current government, this is not one of them.


This doesn't seem like a productive comment.


A prompt to do it yourself:

> GPT-4, make a generic 90-second UK political ad script about a G7 meeting in Japan. We don't have much footage, so slow it down and fill it with B-roll. Focus on nonspecific virtues, like freedom and peace. Include quotes from the main politician, and even though it's a video about G7, do a section on Zelensky and Ukrainian conflict.

It keeps writing much better scripts though.


i find that video to be pretty well made. what exactly is the problem here?


Writing a law that says it is illegal to do facial recognition with a computer, but okay do use humans to recognise other humans is stupid.

The end result is you'll just have sweatshops of people watching CCTV streams clicking matching face images because it's illegal to get a computer to do it automatically.


You'll never be able to do with people what computer vision systems do today, no matter how many people you hire. We're way past that.


The East Germans tried manual total surveillance. It didn’t work. Like, it was a horrifically oppressive police state, but it fell short of the full potential of horrific police-state-ness largely due to practicalities.

Automating mass surveillance is dangerous; it makes _possible_ levels of societal control which simply weren’t possible for even the most aggressively dedicated police states of the past. It’s a bit of a Pandora’s box, and probably best left closed.


> The end result is you'll just have sweatshops of people watching CCTV streams clicking matching face images because it's illegal to get a computer to do it automatically.

Good luck explaining how that isn't "data processing".


The end result is that it isn't economical or practical to do it. Which is a resoundingly good thing.


Precisely. Which is also why we need strong E2EE assurances. I heard the argument that physical phone lines have already been prone to interception so banning E2EE (or mandating backdoors) would be similar. The difference is that wiretapping requires a lot of work and is expensive and as such has to be done only for specific cases. Backdooring E2EE means cheap population-level surveillance.


Think of all the new jobs this will create! (/s if it’s not obvious)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: