Spend a vision with me

Monday, 8 July 2024

Do you want to use AI or be used via AI? (1/2)

This is the first of 2 blog posts on giving some idea of how AI is being used, by who, and the choice each one of us as individuals has to make.

Right up front let me state my position:

Influencing how people behave is nothing new, AI just makes it easier to achieve
AI is being used more and more to influence how people think and therefore behave
AI is neither good nor bad, it is how it is used that matters.
Each one of us has a choice to make, whether to allow the influence or question it.

Influencing how people behave is nothing new, and this comes from everywhere

The ‘father of propaganda’, Edward Burnays (1), in his book Propaganda (2), he started by saying:

“The conscious and intelligent manipulation of the organized habits and opinions of the masses is an important element in democratic society. Those who manipulate this unseen mechanism of society constitute an invisible government which is the true ruling power of our country.”

And he continued by saying

“We are governed, our minds are molded, our tastes formed, and our ideas suggested, largely by men we have never heard of”

Edward Burnays was a psychologist and his book was first published in 1928. Burnays talks about state level molding of minds and suggestion of ideas.

States have always been very active in the field. I was actually very interested to see that Burnays was involved in United Fruit in South America. But that’s another topic. For today, we focus on how state and state agents influence us.

Nation/State-wide propaganda powered by AI/ML, bots

US presidential elections, since 2016

Some people may remember the idea that Russia was accused of spreading ‘selective information’ with a view to influence voters in the US elections in 2016 (3), 2020 (4). Various techniques were used and of course ML and AI were used, in managing bots, microtargeting (after having hacked personal details for example)(5). It was a well executed plan:

Hack into electoral registries especially in states with tight races
Get personal details of voters and how to contact them
Model how they could be influenced and prepare bots with selected information
Take action

In 2016, Mr Trump won the elections, this was supposedly the aim of the 2016 effort.

In 2020, the ‘left wingers’ also started to get active in the bot space, although not as much as the right wing (5)

It is clear that the volume of tweets by ‘left-leaning bots’ was much lower than ‘right-leaning bots’ (and the pattern very different), but still there were efforts to ‘inform’ the electorate from both sides.

Foreign powers too

One of the most interesting aspects of the 2016 presidential elections was the emergence of the Russian interference claims (6) The idea was that Russia intervened to increase the chances of Mr Trump getting elected. The playbook was simple:

Hack electoral register (7)
Gather information about electors
Target them via bots

This also happened in 2020 (8), but prewarned the efforts were less one-sided.

2024 US Presidential elections

Already various sources are warning that Russia will be enhancing its impact by using AI more, and in 2024, China too is getting in on the game (9)(10); with Generative AI (GenAI), the impact is getting potentially stronger.

Interestingly, the aims of the efforts of China and Russia seems to differ. While Russia aims to weaken support for Ukraine in US, China aims at societal polarization (as if that needed a helping hand) (11).

But it is not only foreign national intelligence who are using AI, at least the Republican party is doing it to increase its appeal to specific voting groups (12) and democrats too (13).

Basically, everyone is using AI to fool American voters into doing their bidding.

Now, please do not believe that the USA is only a victim.

USA Military and the drive to hamper Covid19 vaccination in Philippines and Central Asia

A recent piece of research by Reuters uncovered that the Pentagon (USA ‘Ministry of Defence’) was using social media, fake accounts and presumably ML/AI tools, to turn people against taking the Covid19 vaccine from China (14)

In Singapore, the Chinese made vaccine (Sinovac) was made available, as well as Pfizer, Moderna, and is still available until now.

Now, what makes things more interesting is the polar opposite approach between the policies of the USA government (USA first, all vaccines possible to the USA) and China (Covid19 is a worldwide problem so avail vaccines to other countries).

Given the political position taken by the government, the Pentagon decided that they should not allow China to get any goodwill by giving away Covid19 vaccines. That would put the USA in a bad light. Hence, the disinformation campaign.

“Through phony internet accounts meant to impersonate Filipinos, the military’s propaganda efforts morphed into an anti-vax campaign. Social media posts decried the quality of face masks, test kits and the first vaccine that would become available in the Philippines – China’s Sinovac inoculation.”(14) Actually, this quote from the article would even point to more than just anti-China, since it is also about mask wearing. But for now, let’s focus on the pentagon’s anti-China vaccine stance.

Not only Philippines, but also in Central Asia, using religion

“Tailoring the propaganda campaign to local audiences across Central Asia and the Middle East, the Pentagon used a combination of fake social media accounts on multiple platforms to spread fear of China’s vaccines among Muslims at a time when the virus was killing tens of thousands of people each day. A key part of the strategy: amplify the disputed contention that, because vaccines sometimes contain pork gelatin, China’s shots could be considered forbidden under Islamic law.” By whatever means possible, the Pentagon discouraged adoption of Sinovac in Central Asia using rumours about religious taboos.

To me the key difference is that this campaign is real, and has probably cost people their lives: “When he addressed the vaccination issue, the Philippines had among the worst inoculation rates in Southeast Asia. Only 2.1 million of its 114 million citizens were fully vaccinated – far short of the government’s target of 70 million. By the time Duterte spoke, COVID cases exceeded 1.3 million, and almost 24,000 Filipinos had died from the virus. The difficulty in vaccinating the population contributed to the worst death rate in the region.”

‘“We weren’t looking at this from a public health perspective,” said a senior military officer involved in the program. “We were looking at how we could drag China through the mud.”’

In sum, chances are many Filipinos (and Central Asians) died because they chose not to take Sinovac that was available to them at the time because they were influenced by the Pentagon’s propaganda campaign using social media and bots. But don’t blame the tools. The aim of the campaign was achieved, the tools worked.

‘Deep Fake’, for a cause, the case of Pakistan

I used ’Deep Fake’ because in this case, AI was used to have an the voice of Mr Imran Khan make a speech, but the key is that Mr Khan was in prison and had passed his speech to his supporters to create the movies for the purpose of campaigning; an approved deep fake in a way(15).

This novel campaign strategy (16) was effective enough for Mr Khan and his allies to become the largest single block in Pakistan, although they did not manage to form the government (17)

This is a case where AI was used very effectively to bridge a gap between a politician and his electorate.

And to me, the key is that the electors knew exactly that this was an AI generated image of Mr Khan, but saying the words Mr Khan wants to say.

It worked.

What's next, an AI candidate/elected representative?

As far fetched as it may seem, it is quite a possibility, especially where candidates need not prove they are real humans, that you will get an AI aided or generated candidate near you. A recent case, in the 2024 UK Elections, Reform UK has been accused of fielding 'fake' candidates (18)

What does this mean?

It’s very simple, not only are private companies trying to influence our decisions, usually to buy/consume their products/services by using tools like AI, governments and the political class are also quickly adopting these tools.

The reason is that your brain is the hottest real estate, and everyone wants to plant a flag.

You may be ok with that or you may not.

The second part of this blog will show a couple of ways how each one of us could preserve this real estate.

Sunday, 30 June 2024

(A)ML: is it worth it?

I worked in banks for a while, as an employee and as a consultant, and one thing the banks make sure you are aware of is Money Laundering. Money Laundering is something all banking employees are tested and reminded of.

But for what?

A little piece of interesting news, most of the people involved in the multi-million money laundering case in Singapore surrendered 95.5% of their assets and got sentences of under 2 years in Singapore jails (1), no financial penalty (assuming assets were ‘illegally obtained’), short jail term. So, it doesn’t seem it’s a big deal, right?

What actually is the problem with money laundering?

First, let’s take a step back. This blogpost was motivated by the recent multi billion money laundering case in Singapore.

A recent article entitled “the banks that hold most money in Singapore’s largest Money Laundering Scandal“ (2) shows the extent that banks in Singapore, not only the big 3 local banks (UOB, DBS, OCBC) manage bank accounts of the people found guilty of money laundering (49.6M, 29M, 22.4M), but also large international banks such as Credit Suisse, CitiGroup, (79.6M, 79.3M).

Credit Suisse is not a stranger to money laundering (3), the case of Bulgarian cocaine with the judge commenting that “the company could have prevented the infringement if it had fulfilled its organizational obligations” and yes, Credit Suisse is now owned by UBS, but UBS is not that vigilant regarding money laundering either (4). As for CitiGroup, this again would not be the first time (5).

The local banks were involved in the 1MDB and wirecard scandals (6)(7).

So, banks have been involved in Money Laundering, again and again.

Millions are spent by banks yearly to buy, maintain, upgrade their Anti Money Laundering (AML) systems. It is a very very lucrative market to be in. Free Money once you get in, since in most cases, banks are forced to show their AML capabilities to regulators, and having a shiny AML system is something most regulators would not question.

The Singapore case

The first thing that came to my mind when I read about the case was, how on earth did the great AML systems not pick these as possible money laundering cases. Do you see a pattern among the cases? And more importantly, even before knowing some of these people are involved in “interesting” activities, don’t you find it a bit weird and worth a second look? One early article focused on this aspect “”(8)

“Ten people of Cypriot, Turkish, Chinese, Cambodian and Ni-Vanuatu nationalities were charged on Wednesday (Aug 16) night after police conducted simultaneous raids across Singapore as part of a probe into money laundering and forgery offences.”

And to add to this, another piece of news from Singapore about someone also belonging to the same very specific demographic group, this time about someone who created malware that infected many computers and caused large losses (9)

“The DOJ said that Wang, who also holds a St Kitts and Nevis citizenship, allegedly received US$99 million from cyber criminals who tapped his network from 2018 to July 2022.”

Now you can say that the world is now so open, having multiple nationalities, even for Chinese citizens is not a big deal, but is it?

China does not recognise dual nationality, according to the Nationality Law of the People’s Republic of China (10) which clearly states:

Article 3: The People’s Republic of China does not recognize dual nationality for any Chinese national

Everyone in Singapore knows of rich Chinese nationals who took up Singaporean nationality such as the bosses of Hai Di Lao (11), TsingShan Holdings (12), SEA holdings (Shopee is a subsidiary) (13) and their families. However, with all due respect, having Singapore as Nationality and say Vanuatu (14) are 2 very different things.

Why don’t sophisticated AML models used by these large banks fail to flag rich Chinese nationals having multi million dollars in assets but with ‘exotic’ passports.

Even if this may be a relatively recent phenomenon, and AML models, being trained on past data may take a while to pick up this characteristic (ahum…), you would have thought humans would take a deeper look into the sources of income of these people during the Know Your Customer (KYC) that is compulsory when accepting new customers, and their transactions. But, in the case of the Singapore based money launderers, they were allowed to purchase many properties easily, avoiding all AML models and human oversight (if any).

AML Models as a shield

And that’s the second thing, do banks use AML models as a shield? so they only get into minor trouble when money laundering is discovered? “Hey, check out my shiny AML model Regulator, it cost me millions, I am doing what I can in terms of AML”. After all, these money launderers must have paid hefty fees to banks while moving their millions, and buying their properties.

As far as I have seen, the only person who got into trouble related to transactions of the Money Launderers are the property agents, with one fined $4000 (15) which is likely a minor portion of what that agent earned on these cases. But there is noise about the rot going further into private banking sector, although no action has been taken yet (16). The only agent who faced the law seriously, was found to have behaved above board in the real estate transaction although her issues were unrelated (17).

To reiterate, getting involved in Money Laundering is no biggie, jail terms and financial wise

So, not only do the perpetrators of money laundering get minor jail sentences, for reference, 4 Vietnamese nationals who shoplifted items of 60,000 times less value, including a pregnant woman, were jailed more than 20 months each (more than the longest jail term for the money laundering) (18), and I am pretty sure the clothes shoplifted were restituted since these foreigners were caught while still in Singapore.

Should you be surprised?

No. Actually I didn’t think about it before, but money laundering is not something that serious, as the sentences showed.

I will go further… My brother told me “you think like a criminal” when I told him this, but, it is a risk worth taking. Imagine, even 1pct of SGD3b is still SGD30m... if I have this stashed somewhere, I will go there and enjoy cold sakes in summer and warm sakes in winter until my sunset.

To add to this, please note that at least 1 of the men sentenced went to Japan after release from jail in Singapore(19), it is highly unlikely they are wanted for anything in Japan.

Think about it.

Who were the victims of the money laundering?

- The previous owners of the properties/assets purchased got to keep their funds from laundered money

- Real estate and other agents who facilitated transactions usually got small fines (for reference a real estate agent may be charges 2% commission; for a SGD4,000 fine that would break even at a property worth SGD200,000.

- Banks get to sell the assets mortgaged and recoup their loans and do not have to return their transaction fees

- Bankers keep their bonuses

- Even the government made via duties, fees, and taxes (whether directly or indirectly)

I don’t see anyone in Singapore worse off.

So we are back full circle.

What is the problem with money laundering?

Referring to the Singapore multi billion dollar case, presumably, the issue is the source of the funds these people brought into Singapore. The people somehow made Singaporean entities believe (ahum…) these were from legitimate means, but they were not.

Money Laundering is a possible symptom of non legal activities having taken place. A possible tail-end part of a chain of transactions, one of which was possibly illegal.

The real problem is the presumably illegal transaction that generated the money to be laundered. Money laundering basically means taking money that is not registered in the legal economy and making it legally registered so that it can be used. The trick is that the amounts are huge; we could easily launder a few thousand dollars by living our normal life in a year, but if it was a million it would be harder, hence the need for large transactions, property, investments…

But the fact is, the laundering itself, doesn’t seem to harm many. It is the failure to detect and stop the illegal transaction themselves (that possibly cause harm such as adulterated drug dealing, scamming( Around 45,000 Singapore scam victims lost $600m last year(20)), gun and weapons dealing (ahum…interestingly Singapore has managed to cut trade of weapons to Myanmar (banned) by 90% recently (21))) that are the issue. The failure to stop these demonises money laundry, it is an easy way out.

What to do regarding money laundering then?

Radically, allow all transactions 😊, then there will be no need to launder, all transactions can be taxed appropriately (ahum… there really seems to be something lodged in my throat…) and nobody worse off. However, this is quite impractical.

The key is to first decide whether money laundering is really such a big deal.

From the example above, it seems that money laundering is not as bad as shoplifting. If that is the case, then there should be less focus in banks and financial institutions around money laundering, and money should be spent elsewhere. Since many banks getting involved in money laundering, and even more than once and/or over a period of time, and their business does not seem to suffer much, there is no incentive for them to do something about it, and spending on ‘state of the art’ AML systems is just a waste of money, especially when humans are kept out of the loop, whether willfully or not.

If money laundering is seen as worse than shoplifting, then the whole penalty set should be increased accordingly for people who actively launder money, and people and organisations that enable them such as real estate companies, private banks… A slap on the wrist of the people on the ground is obviously not sufficient.

A few days ago, the Monetary Authority of Singapore updated AML guidelines (22). Personally, sorry for being cynical, I do not think that this incentivises financial institutions to really do something, it is more of an advisory nature, neither carrot, and especially not a stick to change behaviour. At most there are more areas for AML software companies to sell their wares.

As a rough guide, in 12 months of 2022-23, Singapore financial institutions spent more than SGD7.5B 'to fight crime and meet regulatory obligations' (23)

Update:

The people found guilty of the SGD3B money laundering case used Family Offices (Offices that basically only manage a family's financial affairs, these do not fall under financial regulator (MAS) purview), and they even got tax breaks. (24) These tax breaks will not be clawed back.

Thursday, 13 June 2024

Data Culture: why NCS servers being accessed by fired employee multiple times over 3 months is scary

If you had a place where you kept your barang-barang/bric-a-brac/bits-n-pieces, even detached, would you keep it unlocked/unlatched while latching and locking the rest of your home?

I was actually planning a blog on the multi-billion-dollar money laundering case in Singapore, when this piece of news came out in the open, the case of the disgruntled NCS employee. Laundry can wait.

Some facts as they have been released (1)

Background

1 NCS (2) is owned by Singtel group

2 NCS focuses on applications, cybersecurity, infrastructure and engineering

3 NCS serves corporates, Telco (since is owned by Singtel) and more pertinently Government. In fact, up to 66% of NCS $2.7B revenue was from government (3) and as recently as this year NCS was still focused on government (4)

4 Singtel is also a major player in GXS bank, together with Grab.

Mr Nagaraju

5 Mr Nagaraju was employed by NCS from November 2021

6 Mr Nagaraju was fired by NCS in October 2022, with an effective last day of Nov 16 2022.

7 Mr Nagaraju went back to India

8 Between Jan 6 2023 and Jan 17 2023, Mr Nagaraju accessed NCS servers using Administrator privileges 6 times.

9 Mr Nagaraju found a new job in Singapore in February 2023 and came back to Singapore, living with an ex NCS colleague

10 He used the “wifi” and accessed NCS systems again in February 2023

11 In March 2023, a full 3 months after he had been fired, Mr Nagaraju accessed the NCS systems 13 times and deleted some virtual servers.

12 Mr Nagaraju was arrested in April 2023

13 He was sentenced to 2 years and 8 months jail

14 NCS apparently made a loss of SGD918,000.

The press reaction

Mainstream media is portraying this case as a disgruntled ex-employee causing almost SGD1m damage to the ex-employer. This misses the point.

Assuming 66% of NCS revenue came from government, that’s $1.7B that the government has paid NCS in 2023 for services. Hence a lot of data that pertains to Singapore residents, likely including Personally Identifiable Information, is kept in systems possibly built (infrastructure and engineering), managed (applications) and secured (cybersecurity) by NCS. This should be the story.

I am sure some people will argue that the systems that Mr Nagaraju had access to were not government systems but systems internal to NCS. Yes, but so what? If you cannot keep your own house in order, how can you help keep someone else’s? What type of governance does NCS have on it systems?

Think about it:

1 Mr Nagaraju accessed systems after he was fired, the HR system is likely not to be properly integrated with the other systems. Also note, he was fired, he did not resign voluntarily. This is really weird because in a previous project I was involved in, we did have to integrate with an HR system to control accesses systematically.

2 He accessed systems from India even. Hence there is no geographical restriction as to who can access NCS systems. While this is a good thing to allow employees to work from home or take care of emergencies, there should be some monitoring taking place, not a half-yearly review after the horses have bolted.

3 It is not mentioned whether he used an NCS device or his own personal device from India to access the systems; personal devices can be secured and 3 months is past most cases for reviewing accessed for personal devices. If he had an NCS laptop, again, the processes to secure the devices failed, and the device access was not cut.

4 He had admin powers and admin credentials. Either, again, his ID’s access to systems was not terminated, not something new. You would have thought lessons would have been learnt. Or it was a shared ID and password, a major no-no in the IT world. Basically NCS controls and governance on IDs and passwords and accesses were severely lacking. Not that I am saying NCS was the IT vendor, but even in 2017 the AG reviewed 2 critical government services (Ministry of Defence MINDEF, and Ministry of Manpower MOM, and Singapore Customs) and found similar lapses in IDs (5)

In brief, this case shows how bad the controls of NCS were. And I think it is legitimate to ask how likely this culture has affected the projects for which they earned around SGD1.7B in 2023 from the government.

I am sure nobody in SG has forgotten about the IHIS/SingHealth issues where even the then PM’s data was searched (6).

To me, focusing on close to SGD1M ‘losses’ to NCS is a red herring. And I would like to ask, isn’t NCS aware of back-ups? Apparently NCS only discovered the servers missing when someone tried to log into one of them the day after Mr Nagaraju deleted it. SGD1M worth of damage, I would find it hard to believe unless there are no back-ups. That would be another horror story on how NCS managed its servers.

Conclusion

I think it is important to understand that the real story is not the SGD1M NCS supposedly lost, but the fact that their governance, processes and security practices leave much to be desired.

It's all about culture: is securing your company's assets in your blood?

Data is crucial, especially when more and more government services are moving online. We trust certain organisations to keep our data safe, and they choose vendors who, we hope, will do so. Personally, when I see a major vendor for these government organisations having a loose data culture, I fear for my data.

Sunday, 9 June 2024

Thinking Analytically: the case of Mr Shariff Uddin

I mentioned to someone recently that I believed analytics is an application using tools of a way of thinking. To think analytically is something that can be learnt/taught, and once you have that, tools don’t matter that much; hey you still need to know what questions to ask GenAI, no?

To give an example, I look at the case of Mr Shariff Uddin, a Bangladeshi author who was living and working in Singapore and recently left Singapore under less than clear circumstances.

Who is Mr Shariff Uddin?

Did you know that someone on a work permit authored (1) a book about his experiences as a work permit holder in Singapore, and won the prize for non-fiction in Singapore (2)

A fascinating, challenging and truly important book. Not only do we now at long last have access to the most sustained and authentic narrative and record of life and work as a Bengali migrant in 21st century Singapore, but also a genuine work of art in its own right. Sharif is an unprecedented and crucial voice in Singapore writing: perceptive, joyful, critical, constructive. With his characteristic modesty, he has something of moment to tell us and he does so from the heart beautifully.

– Richard Angus Whitehead, Lecturer, English Language and Literature Department, National Institute of Education

Mr Uddin has left Singapore. The aim of this blog is to explore his case using data-driven lens, and see what you think is the issue.

Background on the case

Things started falling apart early this year while Mr Uddin has been working in Singapore for 16 years. His employer started receiving threats from loansharks alleging Mr Uddin had borrowed money from them and failed to repay the debts.

From threats at the work place, things escalated to informing the other tenants of the work place, and eventually also to the home of the business owner and even to the business owner’s sister. (3)

There have been a few controversies in this case. The most interesting one was that Mr Uddin argued that the police and/or the Ministry of Manpower advised his employer to terminate his employment, as stated in his termination letter

“under police and MOM officer advice ... because of the troublesome bring along from your loan shark issue for us”(4)

Something the authorities vigorously denied (4). It turned out, something that is not contested, that the police officer whom the business owners talked to at Geylang Police Post as per this official Facebook post (5) “The officer, out of concern for her family’s and her well-being, also advised her generally that harassment would usually stop after the work pass of a foreign worker being harassed had been cancelled, and the worker no longer worked for the employer.”.

There has been some confusion whether the lady involved was the sister or daughter of the business owner was the person involved, as you can see the MoM refers to daughter (5) but the business owner says sister (3).

And importantly, the Police investigation found no evidence that Mr Uddin borrowed anything from loan sharks, hence the harassment was totally unfounded as Mr Uddin had been saying all along - Investigations eventually concluded with the authorities finding no evidence that Mr Sharif had borrowed money from unlicensed lenders. -(3)

I am not a social crusader so what does this case have to do with data?

What data?

Data does not mean just things on a spreadsheet, but pieces of information

Mr Uddin’s details (presumably including his work permit number and employer) were used to obtain a loan from a loanshark
the loan shark decided, as per usual practice, to harass the debtor where he/she can be damaged, here the place of employment
they went further by informing other tenants
they went even further and obtained information on where the sister of the employer lives, and caused harassment there. This is important, it is not the employer’s home but the sister’s.
Mr Uddin was terminated by his employer
Mr Uddin found a new employer who also received threats and as per the reports (3) only the first employer and MoM were aware of this new job offer
Mr Uddin found no other suitable alternative employment
At the expiry of his extended pass, he left Singapore.

Who dunnit?

This is kind of the information we have, so now the question is what is likely to be the most likely interpretation?

Mr Uddin took a loan from a loanshark and fed the him/her information, he is responsible
Mr Uddin took a loan from a loanshark with long arms and was hell bent chasing Mr Uddin out.
One or more people with access to government systems leaked information
Mr Uddin’s employer wanted Mr Uddin to leave Singapore

Actually…

Actually, I have no idea which is the correct interpretation, but I have a fairly good idea how this can be resolved. Since it is common for loansharks to obtain photocopies of NRIC/FIN/WP in order to give a loan, all parties have some reason to have access to the data.

The keys are

- Address of the sister of the employer; the employer claims it is via her car plate number (LTA system)
- Details of new employer of Mr Uddin

I have no clue who has access to what data in the government systems. In a nutshell:

MoM databases should hold data related to employees and people on various passes in Singapore, and data on the change in the passes.
ACRA should have access to directorships, including directors’ addresses, but not family members details.
LTA should have access to car owners’ data, and that includes vehicles owned by both individuals and corporations and as such some information on company directorships, but not comprehensively.
The Police force database should have access to multiple databases, or even copies of their data such as ICA who controls identity of everyone in Singapore

I assume that information is siloed, but even if it is not, access to information should be on need to now basis. And since this is considered PII, should fall under PDPA (although the government if exempted (6)), and at the very least all data requests for PII information should be logged and thus traceable.

Hence, to resolve the issue and find some justice for Mr Uddin, all that is required is the logs for say April onwards for the agencies above and understand who made requests for

New employer of Mr Uddin
Address of the sister of Mr Uddin’s previous employer

These 2 pieces of information should suffice in resolving the issues.

It is not rocket science, it is basic analysis.

Conclusion

There are 2 conclusions:

The case is closed, but to me some grey areas remain. They may not be of help to Mr Uddin, but intrinsically I believe it would be important to know what data in the various agencies has not been misused without detection.

It’s not very difficult to think of simple things analytically, is it?

Sunday, 28 April 2024

Songs about AI: Have we been listening or mindlessly humming/headbanging...?

Many people still believe AI is a21st Century thing. It is not, it has been around since the 1950s (1), but current advances in storage and compute have given it new breath and started democratizing it.

Therefore it should come as no surprise that 20^th Century troubadour-philosophers have been informing us about what such technology could mean for us.

Have we been listening? These troubadour-philosophers do not communicate to us like the works of Plato/Aristotle that are unfortunately being pushed into colder storage to save costs. I came across one of these works on the radio recently, and got inspired to write this blog post. How many of you are familiar with these philosophical pieces?

Every Breath you take (Synchronicity) – The Police (1983)

Let’s start by something easy, and a song that many of us have heard, hummed, or even sung at a karaoke…

“Oh, can't you see
You belong to me?
How my poor heart aches
With every step you take”

The chorus of the song is probably what makes many people believe this is a love song, the singer is heart broken.

However, it is worth looking at the lyrics in more detail.

“Every breath you take
And every move you make
Every bond you break
Every step you take
I'll be watching you”

The first verse shows watching basically every waking moment.

“Every single day
And every word you say
Every game you play
Every night you stay
I'll be watching you”

And the second verse shows it goes on day and night.

There is no escape.

Nowadays it’s not so difficult to achieve this given the digital traces we leave everywhere, and the scary thing is that this has been happening, even in Singapore; true to the song someone searched his girlfriend in the police databases (2) However this is not an isolated incident, for example searching for details of his mistress (well the song could be about a mistress too, right?)(3) and there are many other, less romantic reasons for searching databases for individuals’ data (4)(5).

You will notice that these issues have occurred in different years.

I am not picking on the SPF, it’s just that

The cases regarding the Singapore Police Force on jealousy, surveillance, even ownership causing abuse of powers regarding data are

Not limited to the police force, it’s ironical (or prescient) because of the name of the band (6)(7)
not the only ones that have occurred, just a sample of those that made it to court and mainstream papers

My main point is that our data exists in so many places that the lyrics of the song can be taken literally.

Another thing to bear in mind is that in all these cases, the people who accessed the data actually had the privilege to do so, and they abused that privilege.

As a side not, I always tend to ask for all identifying information to be stripped off or the data anonymised before I work on any analysis/model. I think it is good practice.

The real question is whether enough is being done to prevent such abuses. And given that they keep occurring, the answer is no.

As more and more data is being captured about us, with more and more cameras being placed all over and technologies like facial recognition make it easy to identify and track individuals.

The singer, Sting in 1983 mentioned “I think it’s a nasty little song, really rather evil. It’s about jealousy and surveillance and ownership,”(8).

I wonder what he’d say nowadays. He did warn us about surveillance and ownership.

While The Police warned about what can happen at an individual level, someone else was already singing about a system designed to work at a larger scale.

Eye in the Sky (Eye in the Sky) – The Alan Parsons Project (1982)

This is another song many of us have hummed, “Eye in the sky, looking at you, I can read your mind…”

Casinos were some of the 1^st people to really look into analytics and human behaviour, going as far as designing the whole outlay of casinos, not only with FengShui (9) but also human minds in place. And that was what Alan Parsons project had written about.

But it is worth going into more details of the lyrics.

Many of us are familiar with the chorus (10) that starts:
“I am the eye in the sky
Looking at you
I can read your mind”

The idea is that surveillance is not just watching but has a predictive element “I can read your mind”. That was in 1982. And it goes even deeper:

“I am the maker of rules
Dealing with fools
I can cheat you blind”

Those who conduct the surveillance and the predictive analysis also make rules we have to obey, as fools. And since they are in control, they can cheat us if they choose to, so we better behave accordingly.

And the third part of the chorus:

“And I don't need to see any more to know that
I can read your mind (looking at you)
I can read your mind (looking at you)
I can read your mind (looking at you)
I can read your mind”

The information gathered is sufficient to predict what we do, what we are…

And they make it very clear in the 3^rd verse that the system is not something you can easily beat, it is futile to resist:

“Don't leave false illusions behind
…

Cause I ain't gonna live anymore believing
Some of the lies while all of the signs are deceiving”

Although the song goes quite dark, it also, earlier tried to use the carrot rather than the stick:

“Don't say words you're gonna regret
Don't let the fire rush to your head
I've heard the accusation before
And I ain't gonna take any more
Believe me
The sun in your eyes
Made some of the lies worth believing”

This is very true today where whatever we publish (this included) is captured ‘forever’ and can come to bite you in your behind, “Don’t say words you’re gonna regret”. But the ending of this verse is an encouragement to believe the lie “The sun on your eyes made some of the lies worth believing”, if we choose to, we can live contentedly.

Recently I was at a neighbourhood shop queuing for soya bean curd. A boy came in with his father and was looking around the shop. He was pointing out the cameras and counting them. I will ashamedly admit I had not paid attention.

Quick question, which city do you think has the most cctv cameras per sq km?

If you guessed Beijing or any city in China, you’d be wrong.

Chennai in India has the highest number of cctv cameras per sqkm, 657 (11), more than twice that of Beijing.

Anyway, back to the song… I feel that the song is a warning about surveillance and all that goes with it. That applies ot the whole album. Don’t take my word for it, their website says so too (12)

“The concept behind this album was related to belief systems, whether they be religious beliefs, political beliefs or belief in luck (as in gambling). Generally the concept is related to the universal idea that there is someone looking down on us all. The expression is also used in military and surveillance contexts.”

The Alan Parsons Project was direct about surveillance and hinted at how we probably could live an easier life if we complied to the rules.

But in true metal fantasy fashion, Ronnie James Dio sang about not bowing to the system while describing it very aptly, in 1992.

Computer God (Dehumanizer) – Black Sabbath (1992)

In 1992, Black Sabbath came up with the album dehumanizer, and the most relevant song for today’s theme is “Computer God”(13). You can find the full lyrics here (14).

The first verse itself contains the lyrics:

“Waiting for the revolution
New clear vision - genocide
Computerize god - it's the new religion
Program the brain - not the heartbeat”

The first verse, in a nutshell warns about the unstoppable march of technology. We have seen how technology is being used today (2024) to choose targets and ‘help’ decide their fate (15). The song eventually pushes to the risk of genocide of the human race.

Black Sabbath foresaw the unstoppable influence of technology, almost becoming a religion, and plead that the computers should help the brain, not the heart, because the heart is what makes us human. Perfect fit for the theme ‘Dehumanizer’.

The bridge (by the way illustrates the amazing talent of RJD) seems to hint at our addiction to social media and the effects it can have on us:

“Midnight confessions
Never heal the soul
What you believe is fantasy”

Many of us are attached to our devices at midnight, but is what is portrayed on social media real or fantasy? Is is just a way to learn about us to control us? Social media behaviour is also being used to identify people with certain traits and action is being taken (16)

“Your past is your future
Left behind
Lost in time
Will you surrender”

The next 4 lines hint at prediction, where your actions in the past, all of them, including those on social media (midnight confessions and the fantasy) are used to control your future since everything is calculated. Planned, and you just follow the recommendations that are fed to you while on social media (literally what your feed is calculated to be) or the ads, recommendations based on your profile that are shown to you. The question is “will you surrender”?

I, of course, am guilty of helping people surrender. When a ‘data scientist’, or ‘AI’ decides what offer to make you, and you pick it up, it counts as a success and reinforces the machine and directs what you will see next, you are being learned, your brain is being ‘programmed’ in a way. Are you being helped, or controlled? There is a thin line there, has it been crossed? Remember, this warning came more than 30 years ago.

The song ends on a grim note, warning us to think about what it is that makes us human (again, the album’s theme), and whether this is at risk:

“Virtual existence
With a superhuman mind
The ultimate creation
Destroyer of mankind”

It sounds a lot like “The Matrix” trilogy (17) but preceded it by 7 years.

Would you prefer the blue pill or the red pill?

Conclusion

The nice thing is that people have been thinking of and anticipating changes that advancing technology could bring to our society and the way we live. We are at a stage where the works of these people are all around us, we have been exposed to them. Have we been listening or just hearing?

Like many things in life, it is up to each individual to decide. Hopefully each of us first of all is aware of the choice, and at some point makes it.