Reddit matures, and apologises

The site's general manager has apologised for its conduct during the Boston crisis.

Reddit's general manager , Erik Martin, has apologised for the site's role in creating and spreading misinformation related to the Boston Marathon bombings:

Though started with noble intentions, some of the activity on reddit fueled online witch hunts and dangerous speculation which spiraled into very negative consequences for innocent parties. The reddit staff and the millions of people on reddit around the world deeply regret that this happened. We have apologized privately to the family of missing college student Sunil Tripathi, as have various users and moderators. We want to take this opportunity to apologize publicly for the pain they have had to endure. We hope that this painful event will be channeled into something positive and the increased awareness will lead to Sunil's quick and safe return home. We encourage everyone to join and show your support to the Tripathi family and their search.

The apology is interesting, because it reflects how the rest of the world views Reddit far more than how the community views itself. The decentralised nature of the site means that almost everything that Martin is apologising for is actually the fault of its users, rather than the company which runs Reddit and which Martin is in charge of. The subreddit, r/findbostonbombers, was set up by, and moderated by, normal users; it was Reddit's users who posted personal information, and Reddit's users who led the witch hunts. Viewed from that angle, blaming "Reddit" for this tragedy seems like blaming "Twitter" for naming rape victims; a useful shorthand, but not something we'd expect the head of the company to apologise for.

But the Reddit community is still centralised in a way that Twitter isn't, and that has repercussions. Go to the front page of Reddit without being logged-in, and you'll see the same list of content that everyone else will - and the same that many logged-in users see, as well. Hit up Twitter, on the other hand, and the site doesn't show you a thing until you've told it who you want to follow.

In other words, Twitter is a communications medium through and through, but Reddit – while not a publication in a traditional sense – has elements that we recognise from more conventional news sites. That means the site walks a fine line between trying to enable as much freedom for its users as possible, and having to deal with their mistakes as though someone on a salary made them.

Previously, the administration has been pretty unambiguous in declaring that it is not responsible for its users actions, beyond the site's "park rules":

A small number of cases that we, the admins, reserve for stepping in and taking immediate action against posts, subreddits, and users. We don’t like to have to do it, but we’re also responsible for overseeing the park. Internally, we’ve followed the same set of guidelines for a long time, and none of these should be any surprise to anyone…

  1. Don’t spam
  2. Don’t vote cheat (it doesn’t work, anyway)
  3. Don’t post personal information
  4. Don’t post sexually suggestive content featuring minors
  5. Don’t break the site or interfere with normal usage of the site for anyone else

Those rules are not particularly restrictive, and #4 was only strengthened from the incredibly laissez-faire "no child pornography" last February. Beyond that, the admins have tended to stay silent in the face of what would seem to be noteworthy controversies, like the outing of Violentacrez by Gawker's Adrien Chen and the subsequent widespread banning of Gawker media links from the site.

So it would have been easy for Reddit to respond to this latest problem in much the same way. Blame its users, point out that it has rules to prevent the worst of it and that it is deliberately laissez-faire about the rest, and wash its hands of the whole deal.

That it hasn't is a sign of maturity from the administrative team. But it also means that there's going to be a lot more controversies which they'll be expected to have a view on in future, unless the Reddit community matures at the same time. The chances of that happening soon remain slim.

Photograph: Getty Images

Alex Hern is a technology reporter for the Guardian. He was formerly staff writer at the New Statesman. You should follow Alex on Twitter.

Getty
Show Hide image

“A disaster waiting to happen”: Can you trust the government to digitise your personal data?

Privacy and security experts warn against the lesser-scrutinised Part 5 of the Digital Economy Bill, claiming bulk data sharing could be vulnerable to hacks.

Last week, the government’s Digital Economy Bill hit the news because of a proposed ban on pornographic websites that didn’t comply with its planned age verification rules. The news was just the right amount of shocking and yes, sexy, to grab the nation’s attention, but in the meantime other parts of the Bill remained unscrutinised. A distinctly un-sexy aspect of the Bill – Part 5, “Digital Government” – aims to completely revolutionise the way your personal data is shared.

In essence, Part 5 allows the government to digitise your data and bulk-share it without informing you or asking for your permission. This data includes your birth, death, and marriage certificates, as well as information on your taxes, court appearances, benefits, student loans, and even parking tickets. If the Bill passes, your information will be shared with local councils, charities, and even businesses – initially, gas and electricity companies.

Today, the Bill will undergo its third reading in the House of Commons. Last Friday, 26 privacy experts wrote to the Daily Telegraph to call for Part 5 to be removed from the Bill due to the lack of technical and legal safeguards in place.

“It's horrid and it's complex and it's going to impact all of us,” says Renate Samson, the chief executive of Big Brother Watch, an organisation that scrutinises the government to protect individual privacy. Big Brother Watch was invited by the government to work on the Bill as part of the government’s Open Policy Making, but Samson feels it was ignored when discussing the need for strong safeguards in the Bill. “Holding civil registration documents in bulk and sharing them in bulk is without a doubt a data disaster waiting to happen.”

Samson and her team worry that the Bill does not do enough to protect our personal data. “They tell a little story in one of their documents about mothers being able to click and access their baby’s birth certificate instead of having to go and get a copy, which sounds brilliant except they haven’t defined how they’ll know the mother is who she says she is, and how she will know who she can trust on the other end,” she says. “In a perfect, idyllic utopia, it works, but it doesn’t take hacking into consideration.”

According to the National Audit Office, in 2014-15, there were 9,000 data breaches across government departments. The subsequent inquiries revealed that many officials did not know how to report a breach and there was not enough guidance for the authorities involved. “The government is already failing to look after our data,” says Samson. “Fundamentally [Part 5] will lead to data breaches. People’s data will get lost and we won't ever know how or why.”

Though the government denies it, there are additional fears that this digitisation of data is the beginning of an ID database, a policy that was scrapped in 2011. At the time, then-Home Office minister Damian Green said that ending the proposed National Identity Register demonstrated “the government’s commitment to scale back the power of the state and restore civil liberties”.

Whether or not a register is created, however, Samson and other privacy experts, as well as the British Medical Association, take issue with the fundamental justifications for bulk data sharing. “The reason that they've given for wanting to do all this is ‘wellbeing’, which is crap, frankly,” she says. “In the summer, the Scottish Parliament dropped the Named Person Scheme because the supreme court found that ‘wellbeing’ is simply not a strong enough reason to share people’s personal information. Of course they’re trying to do something great but they’re going about it in a really cack-handed fashion.”

One example of this is that the government intends to share your personal information with the Troubled Families programme to identify people who may be at risk. Although this is ostensibly positive, this information will also be used to determine anti-social behaviour. “On the one hand, they’re saying that they’ll make sure that families who need help will get it, but on the other, if it transpires that you’re noisy or you’re difficult on your estate, they will now share that data so you can have an Asbo.”

Fundamentally, then, although the aims of the Bill seem admirable, there are simply not enough safeguards and rules in place currently for it to safely become law. While this partially might be a simple error on the government’s part, Samson argues that the language of the Bill is “as open and broad and woolly as you can possibly imagine”, causing concern about how it might actually be used in practice. In theory, hundreds or thousands of businesses and authorities could have access to your data without your consent.

“No one is opposing the idea of data sharing,” says Samson, “But a) tell us why, b) keep us informed if you’re using our data, and c) let us control our data. That’s the only way this is all going to move forward.”

Amelia Tait is a technology and digital culture writer at the New Statesman.