BigTech Must Reassure Us It's Human

Recent issues concerning the purchase of lethal materials online, "fake news" and secure messaging highlight a growing tension between artificial intelligence and human safety. To continue their unbridled growth, the tech giants will have to reassure society that they are human, solving human problems, rather than machines solving their own problems at humans' expense. While innovation necessarily moves ahead of the law and regulation, developments in artificial intelligence should be shaped more by humane and ethical considerations, rather than outsourcing these to government or treating them as secondary considerations.

In the latest demonstration of this concern, Channel 4 researchers were able to assemble a 'shopping basket' of potentially lethal bomb ingredients on Amazon, partly relying on Amazon's own suggestion features or 'algorithms' ("Frequently bought together” and “Customers who bought this item also bought...”), which even suggested adding ball-bearings. This follows the phenomenon that emerged during the Brexit referendum and US Presidential election whereby purveyors of 'fake news' received advertising revenue from Facebook while targeting gullible voters.

Neither business is keen to proactively monitor or police its services for fear of conceding an obligation to do so and rendering itself liable for not doing so where the monitoring fails.

Channel 4 quoted Amazon as merely saying that:

"all products must adhere to their selling guidelines and all UK laws. [We] will work closely with police and law enforcement agencies should they need [us] to assist investigations." [update 20.09.17: Amazon is reported to have responded the next day to say that it is reviewing its website to ensure the products “are presented in an appropriate manner”.]

Amazon makes a valid point. After all, the same products can be bought off-line, yet unlike an offline cash purchase in a walk-in store, if they are bought on Amazon there is likely to be a digital 'audit trail' showing who bought what and where it was delivered. Indeed, it's conceivable that Amazon had alerted the authorities to the nature of the items in Channel 4 researchers' shopping basket and the authorities may have allowed the session to run as part of a potential 'sting' operation. It is perhaps understandable that neither Amazon nor the authorities would want to explain that publicly, but it would be comforting to know this is the case. Channel 4 is also somewhat disingenuous in suggesting this is an Amazon problem, when less well-resourced services or other areas of the Internet (the 'dark web') may well offer easier opportunities to purchase the relevant products with less opportunity for detection.

At any rate, the main difference, of course, is that no one from an offline store is likely to help you find missing ingredients to make a potentially lethal device (unless they're already part of a terror cell or perhaps an undercover operative) - and this is the key to Amazon's enormous success as a retail platform. It's possible, however, that a helpful employee might unwittingly show a terrorist where things are, and Amazon might equally argue that its algorithms don't "know" what they are suggesting. But whether it's because of the 'promise' of the algorithms themselves, there is a sense that the algorithm should not be vulnerable to abuse in this way.

Similarly, in the case of Facebook, the social network service has become a raging success because it is specifically designed to facilitate the exchange of information that generates passionate connections amongst like-minded people far more readily than, say, the owner of a bar or other social hang-out or a newspaper or other form of traditional media. Equally, however, Facebook might argue that the helpful algorithms aren't actually "aware" of the content that is being shared, despite use of key words etc. Meanwhile, WhatsApp seems to have declined to provide a terrorist's final message because it could not 'read' it (although the authorities seem to have magically accessed it anyway...).

Just as we and the online platform owners have derived enormous benefit from the added dimensions to their services, however, we are beginning to consider that those dimensions should bring some additional responsibilities - whether merely moral or legal - possibly on both users and service providers/developers.

In many ways the so-called 'tech giants' - Apple, Amazon, Alphabet (Google), Facebook and others - still seem like challengers who need protection. That's why they received early tax breaks and exemptions from liability similar to those for public telecommunications carriers who can't actually "see" or "hear" the content in the data they carry. 

But while it's right that the law should follow commerce, intervening only when necessary and in a proportionate way to the size and scale of the problem, the size and reach of these platforms and the sheer pace of innovation is making it very hard for policymakers and legislators to catch up - especially as they tend to have wider responsibilities and get distracted by changes in government and issues like Brexit.  The technological waves seem to be coming faster and colliding more and more with the 'real world' through drones and driverless cars, for example. 

The question is whether these innovations are creating consequences that the service providers themselves should actively address, or at least help address, rather than ignore as 'externalities' that government, other service providers or society must simply cope with.

The tech giants are themselves struggling to understand and manage the scale and consequences of their success, and the relentless competition to attract the best talent and the race to push the boundaries of 'artificial intelligence' sometimes presents as a declaration of war on the human race. Even the government/university endowed Alan Turing Institute seems to consider the law and ethics as somehow separate from the practice of data science. Maybe algorithms should be developed and tested further before being released, or be coded to report suspicious activity (to the extent they might not already).  Perhaps more thought and planning should be devoted to retraining commercial van and truck drivers before driverless vehicles do to them what the sudden closure of British coal mines did to the miners and their communities (and what the closure of steel mills has done since!).

In any event, the current approach to governance of algorithms and other technological leaps forward has to change if the 'bigtech' service providers are to retain their mantle as 'facilitators' who help us solve our problems, rather than 'institutions' who just solve their own problems at their customers' expense. They and their data scientists have to remember that they are human, solving human problems, not machines solving their own problems at humans' expense.

[update 20.09.17 - It was very encouraging to see Channel 4 report last night that Amazon had promptly responded more positively to researchers' discovery that automated suggestion features were suggesting potentially lethal combinations of products; and is working to ensure that products are "presented in an appropriate manner". The challenge, however, is to be proactive. After all, they have control over the data and the algorithms. What they might lack is data on why certain combinations of products might be harmful in a wider context or scenario.]

FinTech: BIS Shakes The Banking Snow Globe - Anything Could Happen, Nobody Blamed

At least 17 years too late, the Bank for International Settlements (the central bank for central banks) has become very concerned about the impact of technology on the finance world. So concerned, in fact, that it has... produced a report for comment by the end of October.  Cue another vast exercise in global regulatory group-think...

The scenario is already amusing, but the report is laugh-out-loud material. It argues persuasively for every possible outcome, like some management consulting report on e-commerce from the early days of the Internet. Some banks will survive, others won't, for at least 10 significant reasons. Choose your bank, take your pick. Though in reality every bank is probably subject to all 10 in some way or other. 

Recommended actions are lofty and bland. They do not herald a departure from "same business, same risks, same rules" mantra that got the banking industry (and the broader regulated finance sector) into the current mess, nor any realisation that "fintech" doesn't represent the "same business" in the first place. In fact, we heard all the same stuff from central bankers back in April.

Never mind the obvious overall conclusion that the sector as a whole is doomed to wither for being glacially slow to adapt, brittle, hidebound and herd-like. Even central banks and BIS itself are clearly at risk. Maybe that's why some of them (and securities regulators) have now resorted to banning "initial coin offerings" of digital currencies without even being able to coherently explain why. The lack of self-awareness is hilarious. 

Anything could happen, but rest assured none of the this lot will be blamed.

Pesky EU Wants UK Banks Etc To Cut Cross-border Payment Fees

Not content with getting the Brits a better deal on mobile roaming charges and otherwise standing up to BigBusiness, the EU now wants to cut fees for non-Euro cross-border payments and currency conversion. The European Commission is inviting answers to two questionnaires by 30 October 2017 on awareness of the high fees and potential solutions, including whether consumers are being steered toward more costly currency conversion options at check-out.

Of the non-Euro countries in the EU, only Sweden chose to follow Eurozone countries by ensuring its banks and other payment service providers charge the same for cross-border and domestic funds transfers involving Swedish Krona. The other non-Euro countries have allowed "very high" charges for non-Euro cross-border transfers. 

The Commission wants to cut those charges and help consumers choose the best conversion rate when offered the chance to pay in a different currency at check-out.  

Remittance costs must also come down to less than 3% to meet UN Sustainable Development Goals.

The Commission's first step is collecting the views of consumers and industry experts on awareness of high fees and potential solutions. It also wants to know whether consumers are being steered toward more costly currency conversion options at check-out; and how long it might take for real-time exchange rates and price quotes to be introduced.

"British consumers are very pleased to be ripped off when making payments abroad, and are jolly well thankful that our banks and other financial institutions are free to make as much money as possible at their expense. They can't wait to be rid of all this EU meddling in our affairs," a Tory spokesperson probably said.

"Fee Banking", Not "Free Banking": The Shameful Overdraft Saga Continues

Readers will recall that UK retail banks are self-regulated when it comes to overdrafts. They lost control of deposits, savings and payments in 2009, but kept control of lending (bizarrely, given the over-extension of credit in the lead up to the crash). They continued to battle savagely against the OFT's attempt to assess the 'fairness' of their overdraft charges for many years before finally offering to charge a bit less in late 2009. By 2013, however, the banks felt the heat was off, and were congratulating themselves on having found "no breaches" of their own Lending Code. Yet in 2014, the FCA found that "overdraft prices were high, complex, confusing and poorly understood". Now a new report reveals:

"Not only are unarranged overdrafts expensive, but in many cases they cost significantly more than [payday] loans. Many consumers are also unaware either that they have used an unarranged overdraft or of the cost implications even if they do."

The FCA's latest analysis suggests there are about 42m current accounts, about 27% of which are in arranged overdraft for 1 to 12 months (staying within a pre-set credit limit) while 10% operate as unarranged overdrafts for 1 to 12 months (no right to be overdrawn at all or in breach of the credit limit). The FCA's analysis "shows that a quarter of people that used unarranged overdrafts used them in four or more months during 2016. Nearly 10% of unarranged overdraft consumers used them for 10 or more months."

The banks' Lending Code does not require a creditworthiness assessment, yet the FCA found that "overdraft users typically have lower credit scores than consumers with current accounts... [and] consumers using unarranged overdrafts have noticeably lower credit scores than the overall population of current account and overdraft users." The FCA adds that it is "concerned that consumers who repeatedly using unarranged overdrafts are being given access to a service that seems unsuitable for them, and which may be contributing to potential financial distress."

This sounds like a clarion call to the claims management industry 

to switch from seeking refunds of PPI premiums

to seeking refunds of unagreed overdraft charges.

No doubt the banks will continue to resist interference with their dastardly overdraft arrangements, claiming that it would mean the end of "free-banking" (which industry insiders refer to as "fee banking" because banks rely on fees arising from the mismatch between actual customer needs and poorly aligned/understood products).

Banks claim that overdrafts are a feature of current accounts, so the FCA should wait to see how the recent attack on those by the competition regulator pans out before taking further action.

But, as the figures show, not all current accounts come with an overdraft, although my sense is that overdrafts are actually a side-effect of shortcomings in banks' legacy technology - the systems can't maintain real time balances, so the bank has no way of knowing the actual account balance or whether an overdraft limit will be breached when each transaction comes through. But that's the banks' problem.  Overdrafts do constitute a form of "credit", whether they are "arranged"  or "unarranged" and the fact they are still self-regulated as 'lending' speaks volumes (current accounts are regulated as "payment accounts" under the Payment Services Regulations).

Lloyds has already lost its nerve, however, and moved to a new charging structure that the FCA says "does not allow a consumer to use unarranged facilities and does not charge a daily fee if they do."

The banks certainly have plenty of cause for alarm. 

In 2014, the FCA took over regulation of the comparatively tiny 'payday lending' market - 1.6m customers borrowing £3bn at its peak in 2013 - and imposed rules that reduced volumes by 42%. But in this case, the FCA is sounding the death knell of unarranged overdrafts entirely:

"Based on the evidence we have to date, we believe there is a case to consider fundamental reform of unarranged overdrafts and consider whether they should have a place in any modern banking market."

All Hands On Deck: UK Sailing Close To #PSD2 Deadline

The UK government has just announced its final approach to implementing the new Payment Services Directive (PSD2), along with the final version of the Payment Services Regulations 2017 that will apply from 13 January 2018. So firms don't have long to figure out whether they fall within the definitions and, if so, how to apply and comply. 

The FCA is expected to finalise its guidance and application forms by September, and can only begin accepting applications for authorisation/registration from 13 October 2017. That only leaves 3 months for the FCA to authorise/register firms who offer the newly regulated 'account information services' and 'payment initiation services' or who are losing their exemptions, as briefly explained below.

Payment initiation services

What constitutes a PIS is quite complex, but firms who are broadly in that space (including payment gateway providers) are perhaps more aware of the scope of their activities and the challenge ahead - although those relying on an exemption need to check their assumptions.  

Account information services

The new “account information service” basically involves providing information from one or more payment accounts held by the user with one or more other payment service providers. Initially, the list of services the government said might constitute account information services included some services of a much broader nature:

"• price comparison and product identification services;

• income and expenditure analysis, including affordability and credit rating or credit worthiness assessments...

[and] might include accountancy or legal services, for example”.

The government says it has heard the concerns that its interpretation was too broad and overlooked the requirement that a service must be conducted 'by way of business' in its own right, rather than merely as an ancillary part of a wider service. Examples of services that the government says that respondents were concerned about include:

"banks’ corporate functions; price comparison websites; accountants; financial advisors; legal firms; and Credit Reference Agencies (CRAs). Many of these services are currently provided via a contractual relationship between service providers, users, and ASPSPs, often referred to as Third Party Mandates (TPMs)."

The government now confirms, however, that:

"many uses of these mandates are likely to be outside of the scope of the PSDII. Examples could include power of attorney, where the services are unlikely to be undertaken ‘in the course of business’."

In addition, the FCA has already suggested this narrower view, based on the 'business test' in its own consultation on how it proposes to supervise PSD2.

Some narrower exemptions

Commercial agents can no longer act for both payer and payee. 

Firms operating gift card and other loyalty schemes not only face a stricter test of 'limited network', but must also notify the FCA if the total value of transactions executed over the preceding 12 months exceeds the amount of 1 million euros, and the FCA must then decide whether the exemption criteria. There is no allowance for transition if the service does not meet the exemption.

Technology service providers are no longer exempt if they also offer the newly regulated account information services or payment initiation services.