Source: Pixabay

I like the philosophy stating that writing is thinking and that to write clearly, one must think clearly. I do neither. I’m neither a good writer nor a good thinker. What I do, though, is think about the big picture and piece together seemingly unrelated threads into a reasonably cohesive structure that holds up to a bit of scrutiny. Maybe not a peer review, but that’s not why I write here. I write to process my thoughts and flesh those out, sometimes in real-time as I’m writing. It’s not the most scientific of methods, but it favours my type of neurological quirkiness, and, to be fair, the email newsletter format is not the best forum for that type of research. Without this outlet to write about the topics that frustrate me so much, I’d be pretty bored. Consequently, I try to make complex topics seem a little simpler without shying away from the details, with as many supporting links and examples as necessary. For the other stuff I like to write about, this year saw me start (restart?) a new personal blog where I can express other personal thoughts on things that are not on topic here.

On to this newsletter edition. It’s one about regulation (don’t run away yet —it might be interesting 😉), specifically regulation that affects the internet and the coming wave of regulation that we haven’t quite got to grips with yet. The Internet is about to change radically. For better or for worse, I have no idea, and I wish I had a crystal ball and a bit of spare cash to make a huge bet. But I don’t. However, what seems patently clear is that the Internet is about to be regulated by the world’s largest economies. Some have already done so. States like China and Russia have, in all but name, created a walled-off, splintered Internet for themselves and their citizens. The EU has regulated several major issues that have, again in all but name, forced the entire world to fall into line. The United States has continued to shy away from regulation, thereby creating an environment for innovation (or so it tells us). I wanted to discuss some real-world leanings and the aftermath of the GDPR, trying to provide some context and the basis of a discussion topic if you’d like to discuss it. Disclaimer: I’m not a GDPR expert nor legally trained. I’m piecing together various facts and observations from the work I’ve been doing in Internet Governance and my on-the-ground experience with MSMEs.

I hope you enjoy the read. Ping me @virek@mastodon.socail.

The GDPR is dead. Long live the GDPR

They said GDPR was the end for small businesses, at least those that used and dealt with personal information in the EU. They said it would overly burden them and make it difficult for them to function. They said it would further entrench the monopolies. It was bad, bad, bad, as far as the eye could see.

Some wrote about how the “moats” of the big companies would protect them, and hence, regulation would only ensure that those businesses would thrive, having been helped by the regulation from the path-clearing and summary executions of small businesses thanks to the EU. They still write this stuff. They still believe it.

The thing is, they were right, but for all the wrong reasons. So what actually happened?

From my perspective, observing MSMEs in an admittedly small economy, virtually nothing changed. Rien. Nada. Nichts. Zilch. Nothing. Small businesses carried on as before, with no discernable change. There wasn’t a sudden decline in the number of MSMEs worldwide, especially in the EU. It has been pretty constant, with the usual ups and downs since the legislation was implemented. Though not a source, Statista has a visualisation that shows this. There is some discussion on the adverse effects of innovation in the EU as a result of the legislation, but these papers are finding it challenging to determine if any observed fluctuations are a direct result of the legislation or other external factors. From an anecdotal perspective, Europe doesn’t appear to be any less “innovative” than before.

It’s evident that small businesses didn’t sweat it. They knew full well they’d carry on as before, changing things progressively over time. No rush. No panic. There was no immediate rush to entirely change their businesses at the operational level, aside from a bit of thinking about this new risk and what it might mean to them over the coming months and years. Basically, It was business as usual.

How do I know this? For one, I am on the ground next to these small businesses and have been for most of my working life. I’ve seen them shrug at this legislation and tell me point-blank, “… we’ll wait and see”. And I’ve seen them do absolutely nothing. Not even a small audit to attempt to reveal exposure to the risks the regulation inevitably brings. And I know why. They cannot afford it as a capital outlay and don’t have the time to waste. You think large enterprise bosses are busy. Spend some time with MSMEs, and you’ll understand what busy is.

Secondly, as the legislation was being debated and passed from discussion to vote to implementation, there were many thousands of consultants with no experience (and limited knowledge) rubbing their hands together, hoping to make a killing off consultancy fees to help businesses comply with this legislation. Twenty million Euros or 4 per cent of global turnover was a sweet, sweet incentive, or so they thought. Small consultancies, too, thought they’d get in on the gravy train before it left the station. I myself was tempted, but I decided against it, feeling that it would be a hard sell to the tiny enterprises that constitute the French West Indies (who were directly in the firing line) and those in the wider Caribbean caught in the net, so to speak. Something felt off for me, so I didn’t pursue it seriously. Hindsight proves I was right not to invest too much time and energy, and businesses didn’t employ the consultants.

This all begs the question, “Where are we today with regard to GDPR?”

Status Quo. Nothing has substantially changed. The consultants and consultancies specialised have largely crawled back under their rocks, awaiting the next grift cycle, and the small businesses have all magically become compliant (mostly) without doing much.

“Magically” is doing a lot of heavy lifting in that phrase.

Gradually and then suddenly¹, all the software, the tools, and the processes that businesses rely on to operate all got updates, patches, and replacements and became compliant. Businesses updated, patched, and replaced software through natural attrition and good governance cycles. The whole value chain became compliant, and therefore, so did MSMEs.

And then everyone carried on as though nothing had happened.

It’s just like the Year 2000 Bug. It was the literal end of the world for some commentators. The banks would collapse, there’d be food shortages, riots, and all sorts of apocalyptic scenarios were being described and subscribed to. I know I was there. I personally certified all the software we used in the company I was working with at the time and worked with the developers to amend any inconsistencies and errors during a six-month test and implementation project. (TLDR: it all worked fine). But just like GDPR, nothing happened. It all just sort of fell into place without issue.

So how did big business entrench its holding on the market? If the legislation’s critics were right but for the wrong reasons, what conclusion can we get from the GPDR since its introduction in 2016?

Some consider GDPR to be a failure, agreeing with the above, but it is because of non-enforcement, not because of a failure of policy.

One can argue on the merits or not of the specifics, but to do so is to ignore the spirit and the overarching aim of the GDPR, thereby completely misunderstanding why the GDPR was introduced. There are two elements to understand when discussing the GDPR and the EU. The GDPR is a blunt instrument to coax businesses into doing the right thing concerning personally identifiable data on individuals. It is explicit in the types of data it covers, but it is a set of principles to guide businesses that collect, process, store, and share that data. Encouraging them to do those things reasonably. “Reasonable”, defined as “don’t abuse the person concerned with your access to that data”. The second element is that the EU is more concerned about defending individual EU citizen liberties than it is in defending state or business liberties. It is often mischaracterised as the middle ground between the free-for-all of the US regulatory environment and the all-controlling of the Chinese model. That’s just too reductive. The EU was set up post-WWII with the explicit aim of regional economic integration that would promote, protect and ensure peace in Europe. Peace through deeply integrated trade. In Europe. Not elsewhere.²

But back to enforcement.

For as long as the GDPR has been in force, companies like Meta, Google, and many others have been abusing our trust and ignoring the GDPR, and to boot (paraphrasing William Gibson), enforcement is already here —it’s just not evenly distributed yet. These companies have set themselves up in European jurisdictions that are not motivated to press for full enforcement for many reasons (Hint: Economic). This has allowed them to continue doing business on the backs of our data, freedoms, and privacy without regard to the idea of the GDPR. And what a lucrative business it has been. Occasionally, the odd slap on the wrist happens, but this is brushed off as the “cost of doing business”.

As I was writing this, the EU announced a 1.8B€ fine for Apple’s anticompetitive practices in the EU’s music streaming business. If I remember rightly, this is a result of an investigation that started in 2019 and has nothing to do with the highly discussed Digital Markets Act (DMA). Apple made 1.05B$ per day in the year ended 31/12/2023.

The Digital Markets Act and the Digital Services Act enforced this week will likely be enforced differently and more aggressively. Apple’s insistence on removing PWAs (Progressive Web Apps) and bleating about having to comply with the regulation, its subsequent U-turn and the 404 I get when trying to open the Apple Newsroom page that shamelessly tried to defend their indefensible position are signs of the way the wind is blowing.

To paraphrase Game of Thrones (shamelessly): Enforcement is coming.

And, to be clear, I’m not championing any and all regulation as a good thing, and I do think there are aspects of the way the EU regulates that could be a bit more inclusive and less subject to the (literally) thousands of lobbyists employed by states, organisations and businesses, to have a chance at creating better legislation.

Monetisation and the death of the Internet (as we know it)

This is a bit of a rant. My apologies upfront.

Rampant monetisation has completely trashed the internet and been a driving force for a divided, divisive, and less interesting Internet. Just look at how the homogenisation of the design language of all the “social” apps has made them all look the same, ensuring that monetisation mechanisms are simplified and broken down into base elements. If their branding weren’t so visible, most would be hard-pressed to identify if it was Instagram, Bluesky or Twitter (X if you’re that way inclined, but the URL is twitter.com).

When I think of monetisation of the internet, I’m talking about how we, as humans, have been reduced to functional blocks of content creation and content consumption. Nothing more. There is little room on “big-Internet” for the small weird projects of social good, the oddball things that used to exist, and the life-changing discoveries that were easily found previously. And, of course, when I say no room, I mean there is no attention available because attention is being sucked away by the 30-second video clips of abject nonsense and awful or outright dangerous “content”.

This dehumanising of the internet visitor is one of the factors that help explain why the internet has become so polarised and so violent. If we’re not human any more, then we’re not hurting anyone when we’re violently threatening each other. But it’s not reality, and we know it. We feel it. But we cannot control it. Tech, as currently deployed, is dehumanising us, making unpaid productivity modules slotted into the platform’s impossible endless growth targets. These modules have broken us down so much into the basic elements of creation/consumption that they (we) are as expendable as toilet paper.

This is not the Internet I want. This is why I’m getting involved in Internet governance. I’ll keep you up to date.

I’m not the only one thinking about this. Watch this video from Taylor Lorenz, a journalist who recently released a book called Extremely Online.

Generative AI (again!)

I wanted to write about generative AI again, but at over two thousand words once more, I think I’ll bump it to the next newsletter. I’ll give you a little teaser, though. The following was the working premise for discussion:

Generative AI is simultaneously the most significant opportunity for small businesses to get a helping hand and the biggest shit-show we’ve seen since the invention of the Internet (arguably equalling Social Media’s continued destruction).

Until next time.

The Future is Digital Newsletter is an ongoing discussion. Please feel free to share it with others who may be interested.

Thanks for being a supporter. I wish you an excellent day.

/committedtodisk

With Carnaval over, it was back to some serious work. I had a fairly eclectic week with some training, presentations, writing, and relaxation.

I ran one of my AI courses this week to a small public of managers and business owners. These are interesting moments where I evaluate how the public perceives this technology. It doesn’t take long for the existential questions to creep into the discussion, as well as the whole debate about job loss. Remember, these are business owners looking for ways to optimise productivity and reduce overheads. I tend to calm those thoughts down by showing the limitations and outright crappy outputs generated by these calculators on steroids.

The other training session I ran was with a multinational company in the Caribbean looking to use some of the latest generation of these tools built into everyday productivity applications. It was a really interesting experience and one that I hope to repeat in the future. Like the example above, there were several big think questions, but we managed to stay close to the objective of discussing what these tools can bring day-to-day and for the end user. I’ll finish by saying that they will not take away most jobs. They’ll change jobs, that’s for sure, but they will not replace them. The reason I say this is that when you actually look into what is required for the simplest of tasks like writing an email to a client, the required cognitive input is much more significant than we credit ourselves for; thus, we and they underestimate what is needed to get a result comparable to a human. We do it naturally because we’ve always done it that way. Computers are only just taking the baby steps. Will this situation last? I have no idea, but I’m not too worried for the foreseeable future. However, I will say one thing: these tools risk creating even more significant digital divides between those who can afford access and those who cannot. I’m not sure I’m entirely comfortable with that.

Reading

I’ve been reading up on a lot of technical documentation for all sorts of systems, like cloud services, DNSSEC, and many other policy-related documents. Some of this is related to the work I’m doing with a couple of clients, and some is for the training course I’m still following.

Books-wise, it’s probably best for me to lay off trying to find new books for the moment. The reading and wanting-to-read queue is already too long.

There is one paper I wanted to call out. It’s titled Finding the path to a more open internet. A new European approach toward internet standards. I was lucky enough to participate (as an attendee) in the round table discussion of the paper and its general theme. It was an early start as I had to connect to the Zoom meeting at 6:30 am, but it was well worth it. I learned an enormous amount, and I’ve pretty much understood what it is I want to concentrate some of my time on going forward. My ARIN Fellowship kicked off and encouraged this, which you can read about here.

I think Internet governance is going to become even more critical to maintaining democracy around the world. I want to be there early in my understanding, perhaps even participate in discussions that help reduce the risks of a fractured and walled-gardened Internet.

Of note

I went to see Bob Marley: One Love at the local cinema. I chose one of the couple of VOST showings. VOST means Version Originale Sous Titré, i.e., original language subtitled in French. I’m used to this format, so the subtitles don’t really bother me, particularly as I don’t generally need them.

I don’t do reviews, so this is not that. Suffice it to say that the film is a love letter to Nesta and Jamaica. And I don’t mean that in a negative sense; quite the opposite. It is a story that is well worth telling, as well as promoting Jamaica itself. I was pleased with the dialogue being as authentic as possible, as I think it would have been tragic to anglicise the dialogue too much.

I’d say go and watch it if you can.

Have a great week.

Carnaval, productivity and AI 🥴

Source: https://www.moderntiki.com/velvet-ti-punch/

Where I live, the week was dominated by Carnaval. It is one of two events that puts the entire island into a state of slowed-down activity. Most shops are closed from Sunday to Wednesday. A few essentials are open but generally limited to the mornings only. I’ve been a regular visitor to Carnaval over the years I’ve been living here, and I’ve documented through photography several times; however, this year, I decided to take advantage of the slow down by concentrating on some of the administrative work I needed to do … and a sneaky ti’punch now and again. 😉

I had a relatively stressful personal situation to deal with on Monday that ended on Tuesday that kind of blew out the day and prevented me from being able to concentrate on some of the more cognitive heavy work I had scheduled to do. Speaking of schedules, I decided to completely redo the task management process I had put in place many years ago. Firstly, the old process was not fit for purpose, and secondly, I read a nice blog post about a similar situation that gave me some ideas to implement my own system. Without getting into the weeds, I had recently decided to note down the time I’m assigning to different tasks. I’ve limited this primarily to work-related tasks, but there are a couple of personal tasks in there that I log. For example, this one is being logged as I write this. As a result, my planning and task management process was pretty much out of alignment with the timing system. So I spent a little time matching them both as closely as possible to make more sense to me and to help me —which is the overall aim of my decision to log the time I’m taking on various projects, tasks, etc.— get a better appreciation of how I’m spending my time and to see if there are any things that I can rethink, modify. I’m mindful not to fall into the cult of the ‘productivity optimisation’ trap, but believe me, it is very easy to do so if you let your guard down. To avoid that, I have limited and generalised how I’m doing the timing. I wrote about it before here if you’re interested in the things I’ve been logging.

I’m working on a proposal for a consulting project in Saint Lucia, and I spent a little time writing the required document during the week, but it was hard to sum up the motivation gods to get too deep into it. I still have a few days before the submission deadline, and I have actually progressed quite well when I look at it now. I’ll likely finish it and submit it today at the latest.

I went out one of the evenings to watch a film called La Tresse (The Braid). It’s a story of three women on three different continents who are eventually linked through various trials and tribulations of life. It was a good story and a well-made film (some of the cinematography is stunning), despite being a little too contrived for my liking, but I thoroughly enjoyed the film.

Lastly, we had some family over for an evening snack and drink on the last official day of Carnaval (Wednesday). It’s nice to have people over now and again to share a couple of hours chatting and having a glass together.

Oh, before I forget, I made obligatory pancakes (crêpes) on Tuesday morning. I’ve never made them myself, and they turned out lovely if I say so myself. Before you ask, sugar and lime. I’m not a monster.

Reading

I continued reading the learning materials for the Internet governance course I’m currently studying. There’s a lot to read, and many suggested documents that I have been amassing to read in the future or at least reference for upcoming projects.

I started to read in earnest The Eye of The Master: A Social History of Artificial Intelligence by Matteo Pasquinelli. It is not light reading, but I feel it is necessary for me to get a deeper understanding of the topic and gain insight from different perspectives. The eBook is about £8, so well worth it.

I caved and bought the third book in the iRobot series, The Naked Sun. It’s light reading and enjoyable to close off the day by reading a few pages each evening before sleeping.

I have got a lot of other papers and documents on the go. I’ll try to list some of the notable ones in another post.

Of note

I stumped up to pay for one year of Microsoft’s Copilot integrated into the Microsoft 365 subscription. I have resisted paying for this technology for a good while as I haven’t placed much confidence in it or had the results from the free versions that have made the value proposition of paid-for access clear to me. This is essentially a test, and I’m not endorsing it yet. I have had some interesting results and some, frankly, dreadful results that even the most inexperienced intern would have bested without breaking a sweat. It’s a young technology being sold as a breakthrough product. I can tell you it is far from that, and you can rest assured your jobs are safe for the foreseeable future. I’m testing it further and doing the necessary research to understand better how it integrates and how you must structure and set up your data policies. I’ve already had (local) anecdotal evidence of a user being proposed information from documents they should never have had access to. The technology is not at fault here; it’s the data access policies of the organisation concerned. Security by obscurity is completely blown apart when you enable these tools on your data stores. However, what struck me is that there are literally thousands and thousands of organisations in the region precisely in that situation that risk finding out the hard way. There will be a lot of incidents and repercussions for small businesses if they willy-nilly buy Copilot and activate it in their Microsoft 365 tenants. Let’s talk, I can help.

It’s ti’punch time. Have a great week.

A new contract

My week was a little more stressful than I would have liked or anticipated. I teach at three different institutions, and at one of them, I had a difficult situation to manage with one of the students. This put a lot of stress on me and affected me to the point where I was unhappy with the situation that evening. I didn’t sleep well that night, and it took a few days to wind down fully. However, there was a positive outcome that will help going forward. As a teacher, I’m just trying to make a small positive difference in the lives of those I teach genuinely and sincerely. I strive to do that whenever I’m in front of a class or a group of professionals I train. Perhaps I’m a bit naïve.

I walked my dog on one of the afternoons so that I could free myself and decided to get some air. I always enjoy the time-out, but I don’t make the effort to do it regularly enough. I should make a pact and walk my dog more often. To be fair, she has plenty of space in our garden to wander around, and she has found or made a few holes in the fence to go for solo walkies all by herself, but that’s no excuse not to walk her when I can. Note to self: Walk the dog more often.

One of the positive things to happen this week was signing a new contract with a new client to provide my consulting services. I’m looking forward to working with digging deeper and providing value for money with my expertise in various topics. For the interests of confidentiality, I will not go into detail. However, I will say that I structure my contracts to make them affordable and manageable for those I work with. I set up a recurring monthly subscription rather than a quote and a one-off lump sum payment for work being done. This allows a lot more flexibility for the client and me regarding scope. One of the big problems in consulting and project management is scope creep. If we’d agreed on a fixed scope of work, it would get us into a difficult situation when we needed to negotiate the inevitable changes in the scope of the course of the project. With this method, we’re both open to change, and the project can change scope as and when the reality of the market changes without incurring further costs. I’m currently looking for more clients to work with, so if you’re interested, please reach out.

I spent a good five to six hours in technical training hosted by Microsoft on its new product, Copilot. It is definitely interesting how Microsoft has integrated the basic LLM functions into its core products, allowing users to save a little time here and there throughout their day. It will not completely revolutionise productivity, but it will give it a little boost here and there. Funny enough, during one of the demonstrations, the prompt given to Copilot didn’t end up with the desired result, and the trainer continued to try to manipulate the model into giving the answer he was looking for. After a while, it was clear that he should have given up and manually done the task, as it would have been quicker. I think this is a lesson we’ll all learn over the coming years when using these tools. Sometimes, doing it yourself without the aid of a Stochastic Parrot will be quicker, more efficient, and more accurate.

I caught up with someone I had worked with briefly over the last couple of years, but due to ‘circumstances’, we hadn’t really spoken or exchanged ideas, thoughts, and analysis on that. I think it merits a little more thought on whether there’s opportunity to work together in the future. 🤔

Reading

Where do I start? Honestly, this is one of the most challenging parts of this blog to write about, as I tend to read a lot of different things throughout the week using an RSS reader. I typically see over one thousand articles a day. What I have been reading has already been documented here previously, as I’m trying to finish Doppelgänger, which is taking a bit more time than I would have liked. It’s not that I don’t enjoy the book; quite the opposite. I have just had an excessive amount of work and reading to do for other topics that I hadn’t been in the right headspace to read more. That has changed, and I am nearly at the end of the book, having made time to read most evenings.

Other reading space has been taken over by the learning materials for the Internet Governance training I’m currently doing. There is so much to read and so much to look at and delve into. I’ve probably added about 30 or so papers to the reading queue.

Of note

Reviews of the Apple Vision Pro have come out, and there are certainly differing opinions. Some people feel this is the ultimate productivity device, and others the ultimate consumption device. I still don’t know where I stand on this, as I can see the glimmer of something that could be very useful. However, something keeps niggling me about the dystopian nature of extracting ourselves from the real world just to type or produce a few banal and ultimately useless emails, videos, podcasts, etc. It is probably why, despite loving listening to music, I much prefer listening through speakers rather than headphones. I do it, but I wouldn’t say I like cutting myself off from the world too much. There comes a point where I feel too removed and want to return to the space I occupy with others.

Have a lovely week.

I got a bonus day… because I forgot something

I had a full week and week that brought some surprises and a great opportunity. We submitted our proposal to Stanford on time and just have to wait now. I started blogging about the project and how we came around to our question, the process and how we’re working together. You can read about it and follow along as (if) the project progresses here. This will be the central repository for any research work I do in the future, too.

I spent a few days in the week teaching. I love it, but it is tiring, and by the end of a full day of teaching, I feel a little tired and in need of a good rest. As anyone who knows me, I don’t do things by half. I’m pretty binary. It’s either full-on or full-off.

I spent quite a bit of time preparing for a class I thought I would be teaching on Friday and was behind in my planning, so I needed to catch up. I worked late, at lunch at times, and then I decided to recheck the planning. To my surprise and delight, I was not teaching, so I got a bonus day to catch up on other stuff. And I finished the lessons, so I can get ahead of the planning if I play my cards right.

Reading

My reading list doesn’t stop getting longer and longer. I’ve added many papers and reports to read for the learning I’m doing in the Virtual School of Internet Governance (VSIG). I’ve completed two of the modules so far. The questions on the test are not that difficult. However, you must spend a lot of time reading the materials. There are videos to watch, but I find I don’t learn well through videos. I prefer to read. It seems to work for my brain type.

I still haven’t finished Naomi Klein’s Doppelgänger as I have been busy reading other things, particularly documentation around the courses I teach. I try to get as much knowledge as I can and share as much as possible with my students.

Of note

There were two big stories last week.

Apple released the Vision Pro to the public, and the reviewers had theirs a few days earlier so they could write their appreciation and opinions on the device. It will be an interesting product, but I remain sceptical about its real use case as the product currently stands. I get the draw for the ultimate productivity device, but I think it is too separating from reality —only to bring you back to reality— to have any significant impact. Some have complained about the price, but honestly, it doesn’t shock me one bit based on how it is marketed. It is sold as a “Spatial Computer”. If you take a MacBook Air and add a Studio Display, you’d need to spend just over 3000€ in France for an entry-level device and screen. Apple Vision Pro goes much further in some respects, so it could even be seen as a bargain… until, that is, you realise you need a Mac to use the Mac desktop screen feature. Ouch!

The other big story was Congress’s circus around Social Media platforms. I’ll be first in line to help destroy Facebook if I ever get the chance, but even I could see this was nothing more than YouTube and TikTok fodder for politicians to boost their political campaigns. These events are tiring because it doesn’t they don’t produce anything. There are no next steps, no final report, and no nuance to the various arguments. It is gladiatorial and, frankly, resembles a pissing contest. All of the problems associated with all social media platforms can be solved (or appreciably solved) by banning individually targeted surveillance advertising. We know they don’t perform as well as they’re supposed to, so the question remains. Why are they allowed when we see so much harm done by them through the unintended consequences of allowing them, especially as they are necessary?

Have a great week.