China’s Plan To Organise Society Using Big Data

Imagine a world where an authoritarian government monitors everything you do, amasses huge amounts of data on almost every interaction you make, and awards you a single score that measures how “trustworthy” you are.

In this world, anything from defaulting on a loan to criticizing the ruling party, from running a red light to failing to care for your parents properly, could cause you to lose points.

And in this world, your score becomes the ultimate truth of who you are — determining whether you can borrow money, get your children into the best schools or travel abroad; whether you get a room in a fancy hotel, a seat in a top restaurant — or even just get a date.

This is not the dystopian super-state of Steven Spielberg’s “Minority Report,” in which all-knowing police stop crime before it happens. But it could be China by 2020.

It is the scenario contained in China’s ambitious plans to develop a far-reaching social credit system, a plan that the Communist Party hopes will build a culture of “sincerity” and a “harmonious socialist society” where “keeping trust is glorious.”

A high-level policy document released in September listed the sanctions that could be imposed on any person or company deemed to have fallen short. The overriding principle: “If trust is broken in one place, restrictions are imposed everywhere.”

A whole range of privileges would be denied, while people and companies breaking social trust would also be subject to expanded daily supervision and random inspections.

The ambition is to collect every scrap of information available online about China’s companies and citizens in a single place — and then assign each of them a score based on their political, commercial, social and legal “credit.”

The government hasn’t announced exactly how the plan will work — for example, how scores will be compiled and different qualities weighted against one another. But the idea is that good behavior will be rewarded and bad behavior punished, with the Communist Party acting as the ultimate judge.

This is what China calls “Internet Plus,” but critics call a 21st-century police state.

A version of Big Brother?

Harnessing the power of big data and the ubiquity of smartphones, e-commerce and social media in a society where 700 million people live large parts of their lives online, the plan will also vacuum up court, police, banking, tax and employment records. Doctors, teachers, local governments and businesses could additionally be scored by citizens for their professionalism and probity.

“China is moving towards a totalitarian society, where the government controls and affects individuals’ private lives,” said Beijing-based novelist and social commentator  Murong Xuecun. “This is like Big Brother, who has all your information and can harm you in any way he wants.”

At the heart of the social credit system is an attempt to control China’s vast, anarchic and poorly regulated market economy, to punish companies selling poisoned food or phony medicine, to expose doctors taking bribes and uncover con men preying on the vulnerable.

“Fraud has become ever more common in society,” Lian Weiliang, vice chairman of the National Development and Reform Commission, the country’s main economic planning agency, said in April. “Swindlers have to pay a price.”

Yet in Communist China, the plans inevitably take on an authoritarian aspect: This is not just about regulating the economy, but also about creating a new socialist utopia under the Communist Party’s benevolent guidance.

“A huge part of Chinese political theater is to claim that there is an idealized future, a utopia to head towards,” said Rogier Creemers, a professor of law and governance at Leiden University in the Netherlands.

“Now after half a century of Leninism, and with technological developments that allow for the vast collection and processing of information, there is much less distance between the loftiness of the party’s ambition and its hypothetical capability of actually doing something,” he said.

But the narrowing of that distance raises expectations, says Creemers, who adds that the party could be biting off more than it can chew.

Assigning all of China’s people a social credit rating that weighs up and scores every aspect of their behavior would not only be a gigantic technological challenge but also thoroughly subjective — and could be extremely unpopular.

“From a technological feasibility question to a political feasibility question, to actually get to a score, to roll this out across a population of 1.3 billion, that would be a huge challenge,” Creemers said.

A target for hackers

The Communist Party may be obsessed with control, but it is also sensitive to public opinion, and authorities were forced to backtrack after a pilot project in southern China in 2010 provoked a backlash.

That project, launched in Jiangsu province’s Suining County in 2010, gave citizens points for good behavior, up to a maximum of 1,000. But a minor violation of traffic rules would cost someone 20 points, and running a red light, driving while drunk or paying a bribe would cost 50.

Some of the penalties showed the party’s desire to regulate its citizens’ private lives — participating in anything deemed to be a cult or failing to care for elderly relatives incurred a 50-point penalty. Other penalties reflected the party’s obsession with maintaining public order and crushing any challenge to its authority — causing a “disturbance” that blocks party or government offices meant 50 points off; using the Internet to falsely accuse others resulted in a 100-point deduction. Winning a “national honor” — such as being classified as a model citizen or worker — added 100 points to someone’s score.

On this basis, citizens were classified into four levels: Those given an “A” grade qualified for government support when starting a business and preferential treatment when applying to join the party, government or army; or applying for a promotion.

People with “D” grades were excluded from official support or employment. The project provoked comparisons with the “good citizen cards” introduced by Japan’s occupying army in China in the 1930s. On social media, residents protested that this was “society turned upside down,” and it was citizens who should be grading government officials “and not the other way around.”

The Suining government later told state media that it had revised the project, still recording social credit scores but abandoning the A-to-D classifications. Officials declined to be interviewed for this article.

Despite the outcry in Suining, the central government seems determined to press ahead with its plans. Part of the reason is economic. With few people in China owning credit cards or borrowing money from banks, credit information is scarce. There is no national equivalent of the FICO score widely used in the United States to evaluate consumer credit risks. At the same time, the central government aims to police the sort of corporate malfeasance that saw tens of thousands of babies hospitalized after consuming adulterated milk and infant formula in 2008, and millions of children given compromised vaccines this year.

Yet it is also an attempt to use the data to enforce a moral authority as designed by the Communist Party.

The Cyberspace Administration of China wants anyone demonstrating “dishonest” online behavior blacklisted, while a leading academic has argued that a media blacklist of “irresponsible reporting” would encourage greater self-discipline and morality in journalism.

Lester Ross, partner-in-charge of the Beijing office of law firm WilmerHale, says  the rules are designed to stop anyone “stepping out of line” and could intimidate lawyers seeking to put forward an aggressive defense of their clients. He sees echoes of the Cultural Revolution, in which Mao Zedong identified “five black categories” of people considered enemies of the revolution, including landlords, rich farmers and rightists, who were singled out for struggle sessions, persecution and re-education.

Under the social credit plan, the punishments are less severe — prohibitions on riding in “soft sleeper” class on trains or going first class in planes, for example, or on staying at the finer hotels, traveling abroad or sending children to the best schools — but nonetheless far-reaching.

Xuecun’s criticism of the government won him millions of followers on Weibo, China’s equivalent of Twitter, until the censors swung into action. He fears the new social credit plan could bring more problems for those who dare to speak out.

“My social-media account has been canceled many times, so the government can say I am a dishonest person,” he said. “Then I can’t go abroad and can’t take the train.”

Under government-approved pilot projects, eight private companies have set up credit databases that compile a wide range of online, financial and legal information.

One of the most popular is Sesame Credit, part of the giant Alibaba e-commerce company that runs the world’s largest online shopping platform.

Tens of millions of users with high scores have been able to rent cars and bicycles without leaving deposits, company officials say, and can avoid long lines at hospitals by paying fees after leaving with a few taps on a smartphone.

The Baihe online dating site encourages users to display their Sesame Credit scores to attract potential partners; 15 percent of its users do so.

One woman, who works in advertising but declined to be named to protect her privacy, said she had used Baihe for more than two years. Looking for people who display good Sesame Credit scores helps her weed out scammers, she said.

“First I will look at his photo, then I will look at his profile,” she said. “He has to use real-name authentication. But I will trust him and talk to him if he has Sesame Credit.”

But it is far from clear that the system will be safe from scams. William Glass, a threat intelligence analyst at cybersecurity expert FireEye, says a centralized system would be both vulnerable and immensely attractive to hackers.

“There is a big market for this stuff, and as soon as this system sets up, there is great incentive for cybercriminals and even state-backed actors to go in, whether to steal information or even to alter it,” he said. “This system will be the ground truth of who you are. But considering that all this information is stored digitally, it is certainly not immutable, and people can potentially go in and change it.”

WashingtonPost:         The Future of Government Surveillance - Looks Like This:

 

« Google’s Ad Tracking Is Just As Creepy As Facebook's
Who Is Trying To Disrupt The Internet? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Virus Bulletin

Virus Bulletin

Virus Bulletin is an online security information portal and certification body, providing users with independent intelligence about the latest developments in the global threat landscape.

ShmooCon

ShmooCon

ShmooCon is an annual east coast hacker convention offering three days of demonstrations and discussions of critical infosec issues.

Crest International

Crest International

Crest is focused on professionalizing the technical cyber security market whilst driving quality and standards of organizations that operate within it.

V-Key

V-Key

V-Key is a global leader in software based digital security, providing solutions for mobile identity, authentication, authorization, and mobile payments for major banks.

BooleBox

BooleBox

BooleBox is the cloud for business data security that allows to share sensitive files by reducing the risk of external attacks or insider theft.

NETAS

NETAS

Netas offers solutions in information and communication technologies including end-to-end value added solutions, system integration and technology services to providers and corporations.

GuardianKey

GuardianKey

GuardianKey is a solution to protect systems against authentication attacks.

Syskode Technologies

Syskode Technologies

Sykode Technologies is a next-generation global technology company offering an integrated portfolio of advisory services, products and solutions in areas including AI, IoT and Cyber Security.

National Accreditation Authority Hungary (NAH)

National Accreditation Authority Hungary (NAH)

NAH is the national accreditation body for Hungary. The directory of members provides details of organisations offering certification services for ISO 27001.

Securden

Securden

Securden provide an all-in-one Platform for Next-Gen Privileged Access Governance, helping you to prevent identity thefts, malware propagation, cyber attacks, and insider exploitation.

Uptycs

Uptycs

Uptycs combines the open source universal agent, osquery, with a scalable security analytics platform for fleet visibility, intrusion detection, vulnerability monitoring and compliance.

International Cyber Threat Task Force (ICTTF)

International Cyber Threat Task Force (ICTTF)

The International Cyber Threat Task Force is a not-for-profit initiative promoting the ecosystem of an International independent non-partisan cyber security community.

Mondoo

Mondoo

Mondoo is a powerful security, compliance, and asset inventory tool that helps businesses identify vulnerabilities, track lost assets, and ensure policy compliance across their entire infrastructure.

Heyhack

Heyhack

Heyhack is a SOC 2 Type II certified automated penetration testing platform for web apps and APIs.

Vortacity Cyber

Vortacity Cyber

Vortacity is a boutique cybersecurity provider specializing in associations, nonprofits, and mission-based organizations.

Cyberhill Partners

Cyberhill Partners

Cyberhill is a professional engineering services firm solving complex software implementation and integration challenges.