CS has moved to its new home here on Substack. Hopefully this will make it easier to post content since I won't need to worry as much about admin and maintenance and I can just focus on writing content. It seems like a good place for CS to live for now but we'll see how it goes.

It's been a while since the last post on CS, which was in March 2021 on the initial proposal from the European Commission for a Digital Services Act (of course that piece of legislation has since been passed).

Also around that time I started my new job working in data rights, and this left me little time for blogging. But I still continued reading/researching some interesting topics that I think are worth writing about on here when I get the chance.

So in the next month or so, I'll start posting on CS again and hopefully on a regular basis (maybe at least once per month). The first few posts will be on the following topics:

• There was a recent story about TikTok's staff in China accessing the data of European users (The Guardian). Elaine Fox, the Head of Privacy for Europe, announced in an update that the Privacy Policy will be amended to include access to data from employees in China as well as other countries. Back in 2020 there were a couple of posts on CS looking at TikTok when the Trump administration was pursuing a policy to ban it from the United States (here and here). This recent story though made me think about the case for the app being considered a national security threat (for the US and maybe even the West in general) as I have not seen anyone articulate this argument in detail and without being too hyperbolic. It could therefore be valuable to publish a new post that looks at this topic again in a more comprehensive manner, which includes topics like the CCP's relationship with the private sector in China and the information warfare operations (including psyops) of the PLA. I will try to publish this before the end of the year.

• I will do a review of Jamie Susskind's latest book, The Digital Republic, which argues that we need a new way for approaching democracy in the 21st century given the modern trends in technology and power. This is based on the premise that, currently, (a) technologies/tech companies exert immense power in society, (b) that power is growing, (c) that power is entrusted in those who write code and build these technologies (or run the companies), (d) that power is exercised outside of the normal political systems and therefore evades the traditional controls and constraints we would except to apply to such exercises of power, and (d) this is a problem for the sustainability of society and democracy. Susskind's proposed solution to this is what he calls 'a digital republic', which has the goal of preventing “the awesome power of digital technology from escaping acceptable bounds of control”, whilst also ensuring that technology does not “undermine the value of a free and democratic society.” It is a fascinating read, and I will try to pick out a few key points from the book to write about in detail.

• As already mentioned, the DSA officially became EU law on 19 October 2022. I have not looked at the Regulation in detail since it passed, and only lightly followed its development during the legislative process. It would therefore be good to revisit this legislation and see what changes have been made from the initial proposal I analysed back in March 2021. One provision that I know has been added that would be interesting to look at concerns advertising on online platforms; Article 26(3) states that "Providers of online platforms shall not present advertisements to recipients of the service based on profiling as defined in Article 4, point (4), of [the GDPR] using special categories of personal data referred to in Article 9(1) of [the GDPR]."

• I have been exploring ways to more accurately measure the impact of law/policy interventions like the DSA on tech companies (or at least in a way that I have not thought of before). Over the past couple years, I have been reading, on and off, about systems thinking and complexity thinking to try to have a better framework for understanding how the world works in general. A few books that I have read on this include Donella Meadow's Thinking in Systems (as well as some of her lectures available on YouTube here and here), Embracing Complexity: Strategic Perspectives for an Age of Turbulence by Jean G. Boulton, Peter M Allen and Cliff Bowman, and Modeling and Simulation by Hartmut Bossel. (Ray Dalio's Principles for Dealing with the Changing World Order: Why Nations Succeed and Fail also applies some of the themes of systems and complexity thinking presented by Meadows, Boulton et al and Bossel). Last year, I started putting a post together on how these modes of thinking could be applied to Zuboff's conception of surveillance capitalism. I'll try to complete it and post it here some time in early 2023.

So there should be some new posts on CS soon. In the meantime, check out some of the other interesting things I have been looking at:

• An interview with John Rust, founder of the Psychometrics Center at the University of Cambridge. He talks about the development of algorithms that predict people's personalities based on their digital footprints, which was used by Cambridge Analytica to help the Trump campaign in the 2016 presidential election. He has also written a book on the topic.

• This paper by Petter Törnberg which shows that social media may not actually exacerbate polarisation by isolating users from opposing views through so-called 'echo chambers'. Rather, there is more evidence that they make users (i) choose a side in a polarised debate, and (ii) interact with those with opposing or different views in an adversarial manner. You can also see the Twitter thread here that simplifies the findings of the paper.

• I've been following the developments around the UK's data adequacy journey for a few years now. In doing so, I have been maintaining a Twitter thread since December 2020 with links to articles and other important events concerning UK adequacy, including the potential impact of the government's latest proposed data protection reforms.