Embrace your inner geek: speech to launch QUT OSS community

This was a speech I gave in Brisbane to launch the QUT OSS group. It talks about FOSS, hacker culture, open government/data, and why we all need to embrace our inner geek 🙂

Welcome to the beginning of something magnificent. I have had the luck, privilege and honour to be involved in some pretty awesome things over the 15 or so years I’ve been in the tech sector, and I can honestly say it has been my involvement in the free and Open Source software community that has been one of the biggest contributors.

It has connected me to amazing and inspiring geeks and communities nationally and internationally, it has given me an appreciation of the fact that we are exactly as free as the tools we use and the skills we possess, it has given me a sense of great responsibility as part of the pioneer warrior class of our age, and it has given me the instincts and tools to do great things and route around issues that get in the way of awesomeness.

As such it is really excited to be part of launching this new student focused Open Source group at QUT, especially one with academic and industry backing so congratulations to QUT, Red Hat, Microsoft and Tech One.

It’s also worth mentioning that Open Source skills are in high demand, both nationally and internationally, and something like 2/3 of Open Source developers are doing so in some professional capacity.

So thanks in advance for having me, and I should say up front that I am here in a voluntary capacity and not to represent my employer or any other organisation.

Who am I? Many things: martial artist, musician, public servant, recently recovered ministerial adviser, but most of all, I am a proud and reasonably successful geek.

Geek Culture

So firstly, why does being a geek make me so proud? Because technology underpins everything we do in modern society. It underpins industry, progress, government, democracy, a more empowered, equitable and meritocratic society. Basically technology supports and enhances everything I care about, so being part of that sector means I can play some small part in making the world a better place.

It is the geeks of this world that create and forge the world we live in today. I like to go to non-geek events and tell people who usually take us completely for granted, “we made the Internet, you’re welcome”, just to try to embed a broader appreciation for tech literacy and creativity.

Geeks are the pioneers of the modern age. We are carving out the future one bit at a time, and leading the charge for mainstream culture. As such we have, I believe, a great responsibility to ensure our powers are used to improve life for all people, but that is another lecture entirely.

Geek culture is one of the driving forces of innovation and progress today, and it is organisations that embrace technology as an enabler and strategic benefit that are able to rapidly adapt to emerging opportunities and challenges.

FOSS culture is drawn very strongly from the hacker culture of the 60’s and 70’s. Unfortunately the term hacker has been stolen by the media and spooks to imply bad or illegal behaviours, which we would refer to as black hat hacking or cracking. But true hacker culture is all about being creative and clever with technology, building cool stuff, showing off one’s skills, scratching an itch.

Hacker culture led to free software culture in the 80’s and 90’s, also known as Open Source in business speak, which also led to a broader free culture movement in the 90’s and 00’s with Creative Commons, Wikipedia and other online cultural commons. And now we are seeing a strong emergence of open government and open science movements which is very exciting.

Open Source

A lot of people are aware of the enormity of Wikipedia. Even though Open Source well predates Wikipedia, it ends up being a good tool to articulate to the general population the importance of Open Source.

Wikipedia is a globally crowdsourced phenomenon than, love it or hate it, has made knowledge more accessible than every before. I personally believe that the greatest success of Wikipedia is in demonstrating that truth is perception, and the “truth” held in the pages of Wikipedia ends up, ideally anyway, being the most credible middle ground of perspectives available. The discussion pages of any page give a wonderful insight to any contradicting perspectives or controversies and it teaches us the importance of taking everything with a grain of salt.

Open Source is the software equivalent of Wikipedia. There are literally hundreds of thousands if not millions of Open Source software projects in the world, and you would used thousands of the most mature and useful ones every day, without even knowing it. Open Source operating systems like Linux or MINIX powers your cars, devices, phones, telephone exchanges and the majority of servers and super computers in the world. Open Source web tools like WordPress, Drupal or indeed WikiMedia (the software behind Wikipedia) power an enormous amount of websites you go to everyday. Even Google heavily uses Open Source software to build the worlds most reliable infrastructure. If Google.com doesn’t work, you generally check your own network reliability first.

Open Source is all about people working together to scratch a mutual itch, sharing in the development and maintenance of software that is developed in an open and collaborative way. You can build on the top of existing Open Source software platforms as a technical foundation for innovation, or employ Open Source development methodologies to better innovate internally. I’m still terrified by the number of organisations I see that don’t use base code revision systems and email around zip files!

Open Source means you can leverage expertise far beyond what you could ever hope to hire, and you build your business around services. The IT sector used to be all about services before the proprietary lowest common denominator approach to software emerged in the 80s.

But we have seen the IT sector largely swing heavily back to services, except in the case on niche software markets, and companies compete on quality of services and whole solution delivery rather than specific products. Services companies that leverage Open Source often find their cost of delivery lower, particularly in the age of “cloud” software as a service, where customers want to access software functionality as a utility based on usage.

Open Source can help improve quality and cost effectiveness of technology solutions as it creates greater competition at the services level.

The Open Source movement has given us an enormous collective repository of stable, useful, innovative, responsive and secure software solutions. I must emphasise secure because many eyes reviewing code means a better chance of identifying and fixing issues. Security through obscurity is a myth and it always frustrates me when people buy into the line that Open Source is somehow less secure than proprietary solutions because you can see the code.

If you want to know about government use of Open Source, check out the Open Source policy on the Department of Finance and Deregulation website. It’s a pretty good policy not only because it encourages procurement processes to consider Open Source equally, but because it encourages government agencies to contribute to and get involved in the Open Source community.

Open Government

It has been fascinating to see a lot of Open Source geeks taking their instincts and skills with them into other avenues. And to see non-technical and non-Open Source people converging on the same basic principles of openness and collaboration for mutual gain from completely different avenues.

For me, the most exciting recent evolution of hacker ethos is the Open Government movement.

Open Government has always been associated with parliamentary and bureacratic transparency bureaucratic, such as Freedom of Information and Hansard.

I currently work primarily on the nexus where open government meets technology. Where we start to look at what government means in a digital age where citizens are more empowered than ever before, where globalisation challenges sovereignty, where the need to adapt and evolve in the public service is vital to provide iterative, personalised and timely responses to new challenges and opportunities both locally and globally.

There are three key pillars of what we like to call “Government 2.0”. A stupid term I know, but bear with me:

  1. Participatory governance – this is about engaging the broader public in the decision making processes of government to both leverage the skills, expertise and knowledge of the population for better policy outcomes, and to give citizens a way to engage directly with decisions and programs that affect their every day lives. Many people think about democratic engagement as political engagement, but I content that the public service has a big role to play in engaging citizens directly in co-developing the future together.
  2. Citizen centricity – this is about designing government services with the citizen at the centre of the design. Imagine if you will, and I know many in the room are somewhat technical, imagine government as an API, where you can easily aggregate information and services thematically or in a deeply personalised way for citizens, regardless of the structure or machinery of government changes. Imagine being able to change your address in one location, and have one place to ask questions or get the services you need. This is the vision of my.gov.au and indeed there are several initiatives that delivery on this vision including the Canberra Connect service in the ACT, which is worth looking at. In the ACT you can go into any Canberra Connect location for all your Territory/Local government needs, and they then interface with all the systems of that government behind the scenes in a way that is seamless to a citizen. It is vital that governments and agencies start to realise that citizens don’t care about the structures of government, and neither should they have to. It is up to us all to start thinking about how we do government in a whole of government way to best serve the public.
  3. Open and transparent government – this translates as both parliamentary transparency, but also opening up government data and APIs. Open data also opens up opportunities for greater analysis, policy development, mobile service delivery, public transaprency and trust, economic development through new services and products being developed in the private sector, and much more.

Open Data

Open data is very much my personal focus at the moment. I’m now in charge of data.gov.au, which we are in the process of migrating to an excellent Open Source data repository called CKAN which will be up soon. There is currently a beta up for people to play with.

I also am the head cat herder for a volunteer run project called GovHack which ran only just a week ago, where we had 1000 participants from 8 cities, including here in Brisbane, all working with government data to build 130 new hacks including mashups, data visualisations, mobile and other applications, interactive websites and more. GovHack shows clearly the benefits to society when you open up government data for public use, particularly if it is available in a machine readable way and is available under a very permissive copyright such as Creative Commons.

I would highly recommend you check out my blog posts about open data around the world from when I went to a conference in Helsinki last year and got to meet luminaries in this space including Hans Rosling, Dr Tim Hubbard and Rufus Pollock. I also did some work with the New Zealand Government looking at NZ open data practice and policy which might be useful, where we were also able to identify some major imperatives for changing how governments work.

The exciting thing is how keen government agencies in Federal, State, Territory and Local governments are to open up their data! To engage meaningfully with citizens. And to evolve their service delivery to be more personalised and effective for everyone. We are truly living in a very exciting time for technologists, democracy and the broader society.

Though to be fair, governments don’t really have much choice. Citizens are more empowered than ever before and governments have to adapt, delivery responsive, iterative and personalised services and policy, or risk losing relevance. We have seen the massive distribution now of every traditional bastion of power, from publishing, communications, monitoring, enforcement, and even property is about to dramatically shift, with the leaps in 3D printing and nano technologies. Ultimately governments are under a lot of pressure to adapt the way we do things, and it is a wonderful thing.

The Federal Australian Government already has in place several policies that directly support opening up government data:

Australia has also recently signed up to the Open Government Partnership, an international consortia of over 65 governments which will be a very exciting step for open data and other aspects of open government.

At the State and Territory level, there is also a lot of movement around open data. Queensland and the ACT launched your new open data platform late last year with some good success. NSW and South Australia have launched new platforms in the last few weeks with hundreds of new data sets. Western Australia and Victoria have been publishing some great data for some time and everyone is looking at how they can do so better!

Many local governments have been very active in trying to open up data, and a huge shout out to the Gold Coast City Council here in Queensland who have been working very hard and doing great things in this space!

It is worth noting that the NSW government currently have a big open data policy consultation happening which closes on the 17th June and is well worth looking into and contributing to.

Embracing geekiness

One of my biggest bug bears is when people say “I’m sorry the software can’t do that”. It is the learned helplessness of the tech illiterate that is our biggest challenge for innovating and being globally competitive, and as countries like Australia are overwhelming well off, with the vast majority of our citizens living high quality lives, it is this learned helplessness that is becoming the difference between the haves and have nots. The empowered and the disempowered.

Teaching everyone to embrace their inner geek isn’t just about improving productivity, efficiency, innovation and competitiveness, it is about empowering our people to be safer, smarter, more collaborative and more empowered citizens in a digital world.

If everyone learnt and experienced even the tiniest amount of programming, we would all have embedded that wonderful instinct that says “the software can do whatever we can imagine”.

Open Source communities and ethos gives us a clear vision as to how we can overcome every traditional barrier to collaboration to make awesome stuff in a sustainable way. It teaches us that enlightened self interest in the age of the Internet translates directly to open and mutually beneficial collaboration.

We can all stand on the shoulders of giants that have come before, and become the giants that support the next generation of pioneers. We can all contribute to making this world just a bit more awesome.

So get out there, embrace your inner geek and join the open movement. Be it Open Source, open government or open knowledge, and whatever your particular skills, you can help shape the future for us all.

Thank you for coming today, thank you to Jim for inviting me to be a part of this launch, and good luck to you all in your endeavours with this new project. I look forward to working with you to create the future of our society, together.

So you want to change the world?

Recently I spoke at BarCamp Canberra about my tips and tricks to changing the world. I thought it might be useful to get people thinking about how they can best contribute to the world, according to their skills and passions.

Completely coincidentally, my most excellent boss did a talk a few sessions ahead of me which was the American Civil War version of the same thing 🙂 I highly recommend it. John Sheridan – Lincoln, Lee and ICT: Lessons from the Civil War.

So you want to change the world?

Here are the tactics I use to some success. I heartily recommend you find what works for you. Then you will have no excuse but to join me in implementing Operation World Awesomeness.

The Short Version:

No wasted movement.

The Long Version:

1) Pick your battles: there are a million things you could do. What do you most care about? What can you maintain constructive and positive energy about even in the face of towering adverseries and significant challenges? What do you think you can make a difference in? There is a subtle difference between choosing to knock down a mountain with your forehead, and renting a bulldozer. If you find yourself expending enormous energy on something, but not making a difference, you need to be comfortable to change tactics.

2) Work to your strengths: everyone is good at something. If you choose to contribute to your battle in a way that doesn’t work to your strengths, whatever they are, then you are wasting energy. You are not contributing in the best way you can. You need to really know yourself, understand what you can and can’t do, then do what you can do well, and supplement your army with the skills of others. Everyone has a part to play and a meaningful way to contribute. FWIW, I work to know myself through my martial arts training, which provides a useful cognitive and physical toolkit to engage in the world with clarity. Find what works for you. As Sun Tzu said: know yourself.

3) Identify success: Figure out what success actually looks like, otherwise you don’t have either a measurement of progress, nor a measurement of completion. I’ve seen too many activists get caught up on a battle and continued fighting well beyond the battle being won, or indeed keep hitting their heads against a battle that can’t be won. It’s important to continually be monitoring and measuring, holding yourself to account, and ensuring you are making progress. If not, change tactics.

4) Reconnaissance: do your research. Whatever your area of interest there is likely a body of work that has come before you that you can build upon. Learn about the environment you are working in, the politics, the various motivations and interests at play, the history and structure of your particular battlefield. Find levers in the system that you can press for maximum effect, rather than just straining against the weight of a mountain. Identify the various moving parts of the system and you have the best chance to have a constructive and positive influence.

5) Networks & Mentors: identify all the players in your field. Who is involved, influential, constructive, destructive, effective, etc. It is important to understand the motivations at play so you can engage meaningfully, collaboratively and build a mutually beneficial network in the persuit of awesomeness. Strong mentors are a vital asset and they will teach you how to navigate the rapids and make things happen. A strong network of allies is also vital to keep you on track, and accountable, and true to your own purpose. People usually strive to meet the expectations of those around them, so surround yourself with high expectations. Knowing your network also helps you identify issues and opportunities early.

6) Sustainability: have you put in place a succession plan? How will your legacy continue on without you? It’s important if your work is to continue on that it not be utterly reliant upon one individual. You need to share your vision, passion and success. Glory shared is glory sustained, so bring others on board, encourage and support them to succeed. Always give recognition and thanks to people who do great stuff.

7) Patience: remember the long game. Nothing changes overnight. It always take a lot of work and persistence, and remembering the long game will help during those times when it doesn’t feel like you are making progress. Again, your network is vital as it will help you maintain your strength, confidence and patience 🙂 Speaking of which, a huge thanks to Geoff Mason for reminding me of this one on the day.

8) Shifting power: it is worth noting that we are living in the most exciting of times. Truly. Individuals are more empowered than ever before to do great things. The Internet has created a mechanism for the mass distribution of power, but putting into the hands of all people (all those online anyway), the tools to:

  1. publish and access knowledge;
  2. communicate and collaborate with people all around the world;
  3. monitor and hold others to account including companies, governments and individuals;
  4. act as enforcers for whatever code or law they uphold. This is of course quite controversial but fascinating nonetheless; and
  5. finally, with the advances in 3D printing and nanotechnology, we are on the cusp of all people having unprecedented access to property.

Side note: Poverty and hunger, we shall overcome you yet! Then we just urgently need to prioritise education of all the people. But that is a post for another day 🙂 Check out my blog post on Unicorns and Doom, which goes into my thoughts on how online culture is fundamentally changing society.

This last aspect is particularly fascinating as it changes the game from one between the haves and the have nots, to one between those with and those without skills and knowledge. We are moving from a material wealth differentiation in society towards an intellectual wealth differentiation. Arguable we always had the latter, but the former has long been a bastion for law, structures, power and hierarchies. And it is all changing.

“What better place than here, what better time than now?” — RATM

My talk on Data Liberation at Ignite Sydney

Ignite Sydney is like an evening version of TEDx with 5 min talks, 20 slides automatically progressed every 15 seconds. A lot of pressure I can tell you, but I think I did ok 🙂 Talking at a millions miles an hour, as usual. Rough transcript (with a few edits) below.

Hello

I’m here to speak to you about the legend of data liberation. It’s an important story, it’s a story about society, about people, about geeks, and it’s a story about government. Of course I am not here representing any of the government people that I work for here tonight.

So I do think I believe I represent a new generation of public servant that will transform things, but by the by.

Most people when they think of government think of garbage. They think about what is it this entity does for us? They take out our garbage, they build our roads, they build our education. But what’s happening is that the Internet is leading us to a period of discontentment. People are more empowered than we’ve ever been before and we’re seeing government make mistakes, like the NSW Transport issue (2011 issue mentioned by earlier speaker) and we’re just going “come on! We can do this better”.

So what’s starting to happen is people want the data, we’re seeing a new thing called Gov 2.0 (I know, “2.0” is stupid) but it’s around transparency, participation and citizen-based approach to government. I’m going to run through these three things very quickly.

Transparency in the first instance is about raw data. You need access to the raw materials to make new and interesting things. It’s one thing to have someone say to you “the water is rising” but it’s another thing to actually have information over the last 200 years about how much it’s rising and be able to do your own analysis.

Having access to the raw data means we can better trust the outcomes. I mean how would it be if we got the outcome of elections, but didn’t have the capacity to have scrutineers and have people look at the raw information. We need raw data to be able to trust outcomes and to be able to provide our own analysis.

Analysis is a really important part when we get access to raw data. We need access to economic data, environmental data, biological data, demographic, government. The Human Genome project, who has heard of that? Come on, I met the guy who runs that project very recently, I also got to meet Hans Rosling, was very cool.

Another type of transparency is parliamentary transparency. So the Italian Government has this huge glass room to let the sun shine in. Cool idea. then they covered it up. Not so cool.

Really good metaphor for the fact though that people want access to the information so that they can participate in the democracy, they can participate in the policy, they can participate in the process. If people aren’t able to get information, then they aren’t able to get educated, then they aren’t able to get an informed view, then they aren’t able to participate effectively.

So basically where we’re going is a period of time where how government operates is it actually starts to co-develop the policy with the people. Because you know there are a lot of skills out there, there’s a lot of us that know stuff that can contribute to making government do things better. So why wouldn’t they talk to us?

Well, it’s not because they’re bad or evil or nefarious, generally speaking, it’s usually just because it’s not the way things are done. Things are starting to be done differently now.

Open data and raw data also gives us new opportunities to innovation. I actually ran a thing called GovHack which was really awesome. Raw data, competition, people making heaps of projects over 48 hours.

You also have the opportunity to crowdsource. So this was the spike when the floods hit Queensland of the number of people who liked the Queensland Police Facebook page. And what the police found, and this is fascinating, was that not only were they able to get information out, but people were able to get information to the police. Because of course they took over trying to coordinate emergency responses.

So when people were able to take “oh, 10 people have said this bridge has gone down”, well that gives you a fairly good indication how to deploy your resources so crowdsourcing gives a new type of raw data that can help government do things better and help people work with government better.

So: iterative, collaborate government. That’s what Gov 2.0 is about. Transparency, Participation and a Citizen Focus in how we do things.

The Government of the future is something we have to do collaboratively. If we can’t create the blueprint for the future as a whole society then we’re going to end up running into troubles and we do run into troubles. We can’t respond in a quick manner, we can’t respond in an effective manner. And then we end up just becoming – government itself – ends up becoming out of date, irrelevant, and not able to respond to the changing needs of society and of it’s citizens.

So basically, we need to change or we’re gonna die. Woo.

A couple of things in Australia. There’s a bunch of raw data things happening. There’s dataACT which I’m actually working on which is the first actual open data platform. It does transcoding, it does APIs, it does all the cool technical stuff. data.gov.au and dataVIC and some of the other ones are mostly just content management systems but they’re starting to change and this weekend I think is a hackfest on the NSW transport data as well.

A couple of considerations, people thing about privacy but people don’t think about fish privacy. If you release the data about all the flora and fauna above the ocean, and then someone  goes in and fishes a particular fish to extinction, then what does that mean about privacy.

Geek culture and tech skills give us the capacity for privacy, for analysis, for doing all the cool stuff that leads to education and empowerment which leads to digital democracy.

And frankly, everyone here sees themselves as a geek right? Those who don’t should because geeks are the future.

So, thank you for coming with me on my little journey on data liberation. I will continue to fight the war and please, come with me, embrace your geek if you haven’t yet already, free the data and let’s get a better society together.

Thank you very much.

Privacy and Internet Policy at Internet Government Forum Australia

A couple of weeks ago I participated in the Australian Internet Governance Forum, both on a panel about Internet privacy (which also delved into the murky waters of data retention) and I also ran a 90 minute session on Government and Internet Policy. Both were fascinating. Below I’ve briefly wrapped each one up.

Privacy Panel

I sat on the IGF privacy panel as an open government person, and it was a fascinating discussion. Other panelist

You can watch the Privacy Panel video on the auIGF website, but you (quite ironically) have to provide your name and email address. If you just want to get the gist of the panel, check out the IGF session captions. I’ve copied the caption service transcript at the end of this post for my archives. They did a really good job on the day, but we all spoke quite fast, so it’ll give you a good but rough idea of what was said.

Government and Internet Policy session

My personal goal in this space is to have a more nuanced public dialogue on Internet policy such that we make more informed, collaborative and inclusive debate on where we as a society, want from the Internet, and such that we can avoid government policies having unintended results that inhibit the social or economic opportunities we have enjoyed to date.

I thought it would be interesting to get some of our Internet policy and practise luminaries to discuss Internet policy. It was a robust and fascinating discussion resulting in some great insights and ideas. Core ideas that came out where a) the Internet cannot be defined because the moment you do so, the technology changes, but b) there are some core values/principles that underpin the Internet that could be used to assess policy. It was interesting to have some, at times, quite contrary thoughts in the room, but to see that by the end of the session, the different perspectives were largely two sides of the same coin.

What I rapidly realised during the session was that most people in this space are focused on a very narrowly defined patch, and each patch is being dealt with largely in isolation from the rest. For example, the idea that “we don’t need to worry about policies that deal with content (such as Internet filtering) because we are focused on the domain name space”. In my opinion this is somewhat problematic because it makes it too easy to play divide and conquer by policy.

As a result of this session I’m writing a short paper on some core values of the Internet that migh be a good basis for reviewing government policies around the world so we can start to reframe Internet policy in terms of what is good for society, rather than the relatively unhelpful and specialised “open vs closed Internet” debate we have seen completely fill the airwaves recently. I’m going to do some policy analysis on some of the big ones against this list of values to see how the model stacks up.

Check out the wiki page where we captured the ideas contributed to this session.

As part of setting up the wikipage for this session, I also invited other sessions to use the wiki. Two other sessions decided to use the wiki and you can check them out at http://auigf.wikispaces.com/

Below are the outcomes of the session, and below that all the content that led us to this outcome.

Values of the Internet

Potential list of values, perhaps “public good” aspects we take for granted, things “on the net”? Perhaps government should be able to confirm they agree with? Perhaps “please make a commitment”. Perhaps the values could be then compared and contrasted with policy positions:

  • Coordination not control– committing to protecting coordination efforts and commitment to participate in coordination:
    • Social: more collaborative approach which might lead to more citizen centric policy.
    • Economic: capacity to tap into other efforts, more effective policy outcomes that align with how the Internet is actually run/managed/governed.
  • Interoperability– open standards, no undisclosed/forced gated communities
    • Social: avoids lock in or out, people can make informed decisions, increased usability, accessibility,
    • Economic: fair market competition,
  • Peer to peer global connectivity– people/devices/all ports/all teh things/any to any – connecting directly to each other
    • Social: free expression, non discriminatory
    • Economic: freedom to provide and accept and service, facilitates innovation, we don’t know what the next killer protocol is going to be, so freedom for future opportnuities,
  • Route around damage– capacity to deal with issues
    • Social: gete around censorship,
    • Economic: resilience, high availability, availability during natural disasters,
  • Distributed control– no single point of failure or control, eg multi-source networks of trust
    • Social: uncapturable, ability for civil disobedience and dissent,
    • Economic: no single point of failure, avoiding damage of monopoly rents
  • Non-discriminatory approach– users, devices, content, jurisdiction, technology neutral/common access, free flowing data
    • Social: affordability, accessibility, availability
    • Economic: free market

Perhaps some point about public information, gov role in providing public infrastructure/information/emergency information/open data (bushfires)? Maybe this is more a policy recommendation than a core value?

Additional comments and points:

Internet must have the capacity to deliver:
All ports, protocols, content, origins and all destinations.

What is the different between the Internet and public roads?
NBN as a policy example where there is a a purposefully neutral policy approach.
Technology doesn’t limit the application. Public communications. Will a private market service the need and if not, then public investment. What are the parameters for determining a market factor. Is it accessible for everybody? Eg comparison with electricity grid.
Consistent addressing structure
Consistent naming structure
Availability, predictability, stability
Government needs to commit to an Internet that is coordinated and not controlled.

Below is the rest of the content of the wiki from my session (for my archive, from the date of this post):

Session Info

Facilitated by Pia Waugh, this workshop looked at the role of governments in Internet management, policy development and regulation. Participants were invited to exchange views on the pressures and issues that could drive governments to take an increased regulatory role, the areas in which meaningful government engagement would be of benefit, and the areas where the open and multi-stakeholder model should be retained. Topics included current parliamentary deliberations on reforming national security legislation and the potential impact on business and end-user rights.

Session Methodology

We kicked off the session by, as a group, trying to identify the high level categories of problem spaces that the plethora of Internet related policies, legislation, codes and trade agreements are trying to deal with. As part of this we had a first shot at identifying the various mechanisms these approaches adopt in trying to achieve their goals.

Then we dived into a discussion about the technical characteristics of the Internet and their social/economic implications. That discussion had some healthy debate that resulting in some consensus that the technical characteristics of the Internet are constantly changing and shouldn’t be pinned down. However, that there *are* some overriding principles/values that underpin the Internet as it was, is, and should continue to be.

We ran out of time to compare and contrast our key categories and the various mechanisms of enforcement, with the model of how we define the characteristics of the Internet. Hopefully this can be part of an ongoing discussion in this community.
The outcome of the session is captured in this wiki, which forms the basis of a paper that can be fine tuned over the coming month in the lead up to the International IGF meeting in Baku and is a part of the Australian contribution to the international discussions.

Where people identify specific tangible policy recommendations for the Australian Government, please add them below. Feel free to copy and paste from existing working this space so long as you give attribution. This will be presented to the Australian Government along with a copy of the paper above.

Policy & Legislation

Please contribute to the Internet related policy/legislation page as this list is far too long to be on this page. From this rather extensive list of policies, legislation, codes and even trade agreements, we can see a number of categories of problem spaces emerging:

Summary of Issue Categories

Policies tend to have one or a number of theme categories inherent (please add/modify this list as it’ll be basis of discussion):

  • Individual interests
    • personal safety (eg cyberbullying)
    • market meeting the needs of the community public vs private?
    • privacy
    • identity astroturfing
    • free expression (and thought, limiting behaviour on the internet?)
      • illegal vs inappropriate behaviour
    • rights? access, usability,
    • consumer safeguards role of gov? market distortion questions?
    • net neutrality
  • National interests
    • skills
    • economic growth
    • national/economic security (eg cyberwarfare)
    • sovereignty
    • knowledge
    • trust and confidence – transactional confidence as well as who
  • Culture & democracy
    • shifting cultural norms can and often respond to shifting cultural norms
    • social inclusion languages, accessibility, access, (need definition)
    • use of the internet in democracy evoting, astroturfing
  • Market challenges
    • intellectual property (copyright for copyright sake? international sake, software patents, trademarks domain name policy)
    • creative/digital industries in Australia
    • innovation (?)
    • competition
  • Legal challenges
    • prejudice and justice on trial proceedings
    • local jurisdiction vs international scope of the Internet difficulty of local enforcement on an international thing, some people chosing selectively the jurisdictional that suits their purposes

It was suggested the above ideas might boil down to the two categories of Ownership and Accountability. Thoughts?

Summary of Implementation Mechanisms

The tools and mechanisms used in policies range from (please add/modify this list as it’ll be basis of discussion):

Government Mechanisms

  • Social
    • Education/marketing of an idea of information
    • Civil remedies
  • Legal
    • Judicial oversight as requirement for legal enforcement mechanisms?
    • Tweaking of criminal acts (personal and corporate)
    • Media law
    • Injunctive takedown orders, suppressions,
    • Contract law
  • Regulation & industry
    • Content regulation
    • Industry regulation imposed, co-regulation (relegatory framework designed to be administered by industry framework) or self/community regulated
    • Codes of conduct
    • Private arrangements eg changes to services, filtering
    • Standards
    • International coordination needs more consideration
    • Public/private partnerships collaborating to achieve an outcomes
  • Gov investment strategies
    • Taxes to accelerate or retard particular behaviours
  • Technology mechanisms
    • Copyright protection
  • Enforcement & Monitoring
    • What role should gov play in both/either?
    • The scope of intelligence agencies
    • Monitoring/management:
    • Monitoring is in all directions including sideways
    • Monitoring of networks, publicising/disclosing network performances
    • Forensics of online information get context on issues
    • Evaluation and analysis of policy values and metrics chosen, evidence
    • Enforcement and publicity of enforcement related to the capacity for an enforcement agency to do its job it directly related to its visibility

Citizen mechanisms
The tools and mechanisms used by citizens to protect themselves (please add/modify this list as it’ll be basis of discussion):

  • Countermeasures how easy it is to work around the enforcement, race to the bottom
  • FOI

Further Policy Recommendations for Australia

Any specific Australian Government policy recommendations you have for the Australian Government, please feel free to link to existing papers, but pragmatic and tangible policy suggestions would be much appreciated.

  • Have official Australian Government participation and active voice in international Internet policy, representing the best interests of Australians

7) Further Contributions Post Session

Canberra Manifesto (contributed by Bret Treasure after the event)

The Internet is our most powerful communication, business and innovation tool. Although it is disruptive and although it may challenge individual governments, institutions, industries and businesses, its overall benefit to the people of the world is clear. The Internet is a path to a more connected and improved society; we look to governments to plan for that future.

So we make these requests:

  • That prior to legislating, Governments take into account the self-expression, community, efficiency and innovation that a decentralized collaborative regulatory structure has delivered
  • That prior to legislating, governments look to existing laws
  • That governments support a globally focused, multi-stakeholder, open approach to Internet regulation
  • That governments foster competition in the delivery of Internet services and access
  • That governments enact principles-based law rather than technology-specific law
  • That governments facilitate inclusion and accessibility
  • That governments respect such fundamental human rights as privacy and freedom of expression
  • That governments address the challenging issues that arise without using them as political tools.

auIGF Privacy Panel Transcript

auIGF 11 October 2012 Session time 2:30pm-3:30pm

[Welcome to Red Bee Media Australia’s Live Remote Captioning Service.]

UNKNOWN SPEAKER: In order to watch it. I think it’s those kinds of copyright restrictions on access to content – it seems cruel to me in an age of digital abundance we have these types of issues for the visually impaired and me as a consumer, if I want to read a book on my iPad, I got a voucher, eBook, which is the only format it’s compatible is kindle fire. These are the digital restrictions, the types attached.
UNKNOWN SPEAKER: I think a lot of us would continue to continue the discussion, but we are eating into the AGM times, the next panel – thank you to all of our panellists and for your questions and contributions. Thank you.
(APPLAUSE)
CHAIR: Can I ask the next panel to come up and those that are staying to stay. If this panel could move t next could come up. We will get going straight away.
The most vehement about openness are the ones who want the strictest rules about privacy, which strikes me as being slightly odd.
For what it’s worth, I’m happy to pay for content. I think I should be allowed to choose the content I watch, rather than have Channel 9 or 10 or 7 decide what they want to import from the UK.
We will do a quick panel switch and move to privacy. Let me read you what we said about privacy. We wrote this three months ago: things have moved on a bit since then. As with the copyright debate, the massive social and commercial changes brought about by the growth of the Internet over the last decade are also forcing law-makers… (reading .).
So they said a lot’s happened in the last three months since I wrote that and we can probably start and finish this discussion with three words – mandatory, data retention. The changes to national security legislation currently delivered by the joint parliamentary committee on changes are a hot topic when it comes to privacy, evidenced by the in excess of 200 submissions. We will come back to it later on.

Firstly, I want to set the scene folks, more broadly. What is privacy today? Does it mean the same things as it means to an 18- year-old? I said I was talking with curt and I said earlier on, for me it’s privacy I want to be able to tell you you’re allowed to know nothing about me. For the Facebook generation, privacy is, I want to publish everything about myself where ever I want to but you’re not allowed to do anything with that information. Those are two fundamentally opposed views. Let’s talk about that with the panel. I will briefly run down the introductions. Curt Wimmer you met, he was here. And Cheryl Landon is the director of auDA, and is the former Chair of the ICAANN advisory committee thing.
This is Craig Ng, General Crown sil for APNIC. This is Roger Clarke, the Chair of the Australian Privacy foundation. This is Pia Waugh, Open Government advocate, former ICT policy adviser to Senator Kate Lundy.
And… Adam is not here. Your name is not on my list.
ADAM.. I am here.
CHAIR: Never mind. I was going to do a pirate thing, but I won’t. It wouldn’t be fair. Okay. What do we mean by privacy?
What do we mean by privacy, Cheryl?
CHERYL: everything I will say in no way reflects upon or is to be seen as the views of any of the organisations that I represent.
I’m a member of or have been a director prior or currently to.

Future I will reserve my judgement on. I think privacy is a dream. I think we lost it. I think privacy was something that may all want to and perhaps in a glazed-eyed moment dream that we could have again, but we walk around with these things, w are geo locating ourselves. We have huge amounts of data collected and we do so willingly. So to say that we have a level of privacy, I think, is a pipe dream. What I do have, however, and we can get back to that later, Chris, is very firm views on what happens with it.

CHRIS: good excellent. Craig, you’re a Facebook junkie, you put anything up on Facebook, given the chance. What do you think? CRAIG: That’s true. I think that the Privacy Act in Australia is a misnomer. For us to be comforted by the fact there is a Privacy Act, to think we are protected, our privacy is protected is totally wrong, because our Privacy Act is so limited in its scope that the traditional concept of privacy to people on the street, you know, privacy not to be photographed; you know privacy not to be put up on Facebook and for your picture to appear and tagged immediately, there is no protection against it. So, you know, and I’ll be interested to talk about privacy act in a moment, but our Privacy Act protects us from such a minute scope, that it’s virtually ineffective.

CHRIS: curt, from an American perspective?
KURT: We don’t even have a privacy act. We entirely react. To specific problems. I think privacy is an agreement. It depends upon, you know, what you can work out with whoever you are giving up voluntarily your privacy to and whatever pledges and promises that are made or basically that we enforce through the act, I think.
CHRIS: Okay, Pia?

PIA: all right. Basically, privacy is whatever an individual perceives it to be. The problem is that of course that depends on your technical literacy. With a relatively technical ill literate population, you have no privacy. People want to protect themselves as much as as little as they want but because the IT skills have gone so down, those people are not aware of what privacy they have. A lot of people don’t think about environmental policy. There was a case study where data was published that looked at floa and fauna in the northern seas of Australia and in a couple of weeks a particular species of fish was almost done to extinction. I think there’s a huge amount of optimism that I have, which is…

CHRIS: can you slow down a little bit… These guys are really good, but…
PIA: Sorry, weirdly enough, it’s ten timings as fast in my head. I will try.

CHRIS: I have to stop you – I have the concept on fish privacy, which I think we could spend hours discussing!

(LAUGHTER) PIA: Environmental privacy is what people don’t think about. And there is the panoptic of things going on about the state of being able to see into the lives of the people, one of the cool things is the people can see back into the lives of the state. That’s interesting, though I think there is a lot less privacy than there was simply because there is the capacity to get to data, it creates possibilities for better democracy as well. The final point I will make is that there is a disturbing trend towards looking at inappropriate behaviour as opposed to illegal behaviour. The enormous amount of data available from people who are not technically literate enough to turn it off means that there is a whole judgement call going on inappropriate behaviour, rather than illegal and I’m concerned about that.

CHRIS: Adam?

ADAM: The cyber punk manifesto says that privacy is the right to selectively reveal oneself to the world. It is about saying this is a piece of information about me and this is the audience in which I give authorisation to view that piece of information.

There are lots of talk of the young generation these days putting all this information on Facebook and how they are giving up their privacy and they don’t care and it’s fine. They do care. They care quite a lot. We know that, because when things like Facebook’s timeline update came to and people in France realised there was a discrepancy between the intended audience of some messages that were posted on people’s walls, or in their inboxes, it’s not 100% clear if that was a bug replicating that information. There was certainly people who said that message was private. Now it’s public. That’s not okay. There are heaps of examples of people actually saying there is no way that would have been intended for a public audience, like a young woman who called up Triple J and said: “I wrote a dirty poem to my boyfriend”. His parents were able to read it because it was on her wall. The assumption that we are giving up our rights and saying we don’t care about it is false and we do care.

CHRIS: I’m sure you do, I agree. Roger.

ROGER: where to start. A privacy is the interest individuals have in a private space. We have a fair bit of con sis ten – – consistency. That’s abstract. The only people who are interested in that kind of abstract rubbish are people like me who publish articles on it. Privacy is a specific gut feeling every individual has and each individual has it differently at different times. It is utterly situational and utterly personal. If we have a list running down the screen of a privacy breaches reported in Australia this week, there would be enormous diversity and we would react differently to the examples as they came across the screen. That is how it is. And yes, it would be nice if we could divide it up and tackle just some of the things, the Privacy Foundation is so stretched across that great list. That’s not the reality. Now, the critical thing that you’ve been raising, the assumption that’s built into the wording we were given, has to do with the “privacy is dead” proposition. It’s not dead because people demand it. They don’t walk in the streets saying: “We want a real Privacy Act instead of this rubbish semi-data protection act”. They don’t do that kind of thing. It’s the abstract. People are only interested in the spefpbg. — specific. They will walk against an Australia card and against an access card and they will walk against data protection and a range of specific things. People demand it. Privacy ain’t dead. Privacy pauses in between flurries. One thing I that will hammer, but I won’t give you the explanation because I will get more air time later, won’t I Chris? (LAUGHTER)

The igeneration, the digital natives, that lot, I call them the igeneration for obvious reasons because “i” stands for everything in this conference, the igeneration will be more privacy sensitive than previous generations. I will explain when I get the chance.

PIA: I want to make a comment. I always find it funny, a lot of my peers didn’t get computers until they were in late High School or university. I had a computer since I was four because my mum was a geek. Now when I was a kid there was an active campaign called “stranger danger”. It taught you all the basics and so when I was on, you know, when I was dialling into remote servers and having chats with people in the mid-90s and running up huge STD phone bills for my school, I, you know, you applied those principles t principles applied directly. One of the myths we face is that online privacy is somehow a completely different thing from meet space. I never call it in real life, because I believe online is real life as well, but meet space privacy is not that different. I think part of the problem we have is that we’re trying to treat it like something different, whereas the basics of stranger danger and tech literacy, chose things combined give us the tools to maintain our personal level of privacy to our satisfaction.

CRAIG: A small point. I think privacy is something that moves with time as well, just like copyright. I think it’s a balance. It’s a balance between society that wants to protect privacy verses safety. So you know, those of you in Australia would be familiar with the case of Jill Meagher who recently passed away. CCTV suddenly is acceptable and encouraged and well, I haven’t heard a lot of…

UNKNOWN SPEAKER: I will disagree.

CHRIS: on CCTV – in the UK, where I’m from, it is almost universally loved. Everyone thinks it is fantastic, not everybody, but general people, society, thinks it is great. And it is in fact supported and promoted by all of the great British detective modern detective programs who, which refer constantly to the fact that almost every crime is solved due to CCTV.

CHERYL: What are the statistics on the crime solution, it’s infinitesimally small.

CHRIS: I’m not suggesting being a fan of it, but it can be embraced. In Melbourne it is happening now because of an individual event. You said you violently disagree. Go ahead and violently disagree.

CRAIG: I didn’t say violently. The statistic that was out after the case was that in the UK one in 1,000 cases are solved with the aid of CCTV, and another report that was put out said that the amount of money that gets poured into CCTV could be better spent putting in street lights.

CHRIS: I agree. Still loved though.

PIA: Sorry, I saw a brilliant speech by, can I can’t remember his name, I will remember it, but about the difference between security theatre and security reality. This is part of the problem. There is a lot of theatre going on. The talk is on the Linux website from a couple of years ago. But the, but I think this is a big issue. And data logging is a really good example of theatre verses reality as well. So we will get to that one.

CHRIS: do we have CCTV in the states publicly?

CURT KLS: NOT TO THE EXTEND AS IN — NOT TO THE EXTEPBLT AS IN THE STATES.

CHRIS: do you want to say something, Josh? We will get on to data retention. I know you want to talk about it. Yes, Josh?

JOSH: With regards to the CCTV stats on solving crimes, one may have to ask: does the presence of CCTV prevent or prevent crimes happening in the first place?

I don’t know.

UNKNOWN SPEAKER: Initially there is a lull when people see that there is an increase in surveillance of them. But they get used to it. And that deterrent fades a away and then it gets used for tracking people.

CHRIS: I will get to you.

UNKNOWN SPEAKER: More fine-grained than that. Crimes of passion are uninfluenced. Crimes are maybe briefly deterred, but there are still thieves who do it in front and get photographs taken of them. Mostly it is displaced, almost all of the effect of CCTV that’s been measured in the States is dace placement of behaviour.

CHRIS: you’re all talking about facts.

(LAUGHTER)

UNKNOWN SPEAKER: We’re not talking about data retention.

CHRIS: it makes people feel better.

Paul Evans, you had something in I have a remote comment from Tom.

PAUL: I want to smile for the camera. Hi.

(LAUGHTER)

20 years ago, Roger, you and I were implemented the Privacy Act. Do you agree with Craig that it is almost a piece of relic-try? Do we need to revive it?

CRAIG: The privacy act is distinct from the amendments and was worth having. It’s since been cut away by a myriad of slashes. Obviously every successive act overrides it in many respects. It’s never been adapted to take account of technological change. There’s been many end runs and every loophole has been used and many loopholes have been found that weren’t designed in the first place. It’s become poor. Fit was enforced, if it was enforceable it would help but the limited power that the Privacy Commissioner has got are not used either. I think the Privacy Foundation protects you better than the Comigtser. — Commissioner, I would say that.

CHRIS: Tom, do you have a remote thing?

TOM.. Yes, this is from ‘Dude D’. He says: “If privacy is a dream, why do you have curtains?”

(LAUGHTER)

CHERYL: I’m happy to respond to that. Chris knows I’m happy to respond to that because I’ve given up my right to privacy. There is not a single curtain in house. There are not doors in my house.

UNKNOWN SPEAKER: She lives on top of a mountain.

CHERYL: there are also no neighbours. We’re all wearing curtains right now. I can change that.

CHRIS: all right. Now, back away… Thank you.

All right.

So there’s a wander through the joys of what privacy means or may mean or may not mean.

(Pause). There’s obviously a balance required, right? Between privacy and, let’s just call it security. We could argue about the term. Let’s call it security. We will get on in a minute to data retention. There’s a balance required between security and privacy, some of our information has to be available. How do we, what’s the perfect, is there a way of striking that balance? Who should decide? How should we decide? Yo go ahead. You waved at me.

Slowly.

PIA: I will articulate madly, will do that to slow myself down. You see, it’s funny. I see the balance as not necessarily between – there is a balance between security and privacy, but the balance between openness and privacy is challenging. I think the only way to strike that balance is firstly to not assume that any one group or any group in isolation can make that decision, there needs to be an ongoing dialogue and debate in the society and community and done in a transparent way and it needs to be done in an iterative way. One of the things I’ve thought about and I’ve started to look at ways, have started doing projects to implement is looking at policy from an iterative approach – how can we have, dare I say it, an agile approach to policy development, where rather than the policy developers in isolation with a smaller group of stakeholders, you have open policy development and then in the first instance, so you get more peer review, more transparency and then upon implementation, it’s constantly being monitored, to use the term, and reviewed and recommendations made and fed back to the policy. It’s only through having that ongoing approach to policy can government policy maintain flexibility and be able to respond quickly to new challengers and opportunities. So in a way our entire approach to policy needs to fundamentally shift to answer that specific question. In the question about managing the balance between openness and privacy, the part of that debate ends up being, well, you know, we need to have a certain amount of low, you know, you can’t goo too high res into a lot of data stats because it is very easy, with age location to identify 80 per cent of people from a data set, so you need to make sure it’s low grain enough to protect privacy, but high grain enough to still get policy outcomes, research outcomes, transparency, and to help the society and the different aspects of that society make well-informed decisions.

CHRIS: I have Cheryl and Roger. But I want to check in with Kurt. You said a little while ago you tended to be over reactive in the States. A lot of, it’s hard to go back, once you’ve taken a step forward with legislation.

P9/11 example is a good one.

KURT: There is a balance between privacy and security, but that is your right of privacy as against the state. There is another balance that’s sort of a balance between privacy and maybe free content, which might be your balance as against commercial operators. You know what, as to the first balance, I think you are right. I think once you sort of change that calculus, you never get it back. September 11 I think did that to us as a society, and it’s very hard to get it back. We have the Patriot Act passed in moments after September 11.

CHRIS: Sounds like a demine act that says you should be patriotic to America.

KURT.. We’re great at acronyms.

CHERYL: I read a — made a couple of notes. One thing I want to come back to were Pia’s words that there shouldn’t be this big difference between the digital world and the cloud, our second lives and thirds verses the hard copy one that we’re all used to and historically perhaps have our benchmarks from. But when we make a choice on privacy or what I’m going to expose or not expose to whatever audience in the, inverted commas “non-digital” and, therefore, some people believe “real world”. There are those of us who think that is the opposite. I’m making an informed choice. I decide as suggested whether I put up curtains or not; whether I walk down the street with my credit card number printed on my T-shirt or not. These are things that I would decide I should or should not do. So I know what I’m doing. And who has access to the material I’m exposing or allowing to be collected. So what I would like to also bring into the table for the panel is how we ensure that the individual or perhaps small community or group or state knows what information is connected – is assured of the accuracy of that information. You know what, typos happen; wrong bits get connected to the wrong name. Do we have ability to redress and repeal and write these errors when they occur? It’s basically what’s been used, how it’s being used, why it is being used and that you know about it. It’s informed consent and control.

CHRIS: can I will go to Roger and then I have a comment from over here and then there.

ROGER: Pia joined my board and may be following me as chair. Everything she said a few more things as well. Privacy protection is the process of achieving balance among multiple constituents. It is the APF works with. There is no privacy absolutism, that is nonsense. What is the balance among? Among interests of the individual themselves, you have to trade off multiples. Interests of the group, interests of community, of society, and unfortunately, terribly powerfully, interest of corporations. There is all sorts of balances that have to be done. A further factor is that the four dimensions of privacy I’ve always used are the weakness of the so- called Privacy Act. It’s only a data protection act. The other three are behavioural privacy, privacy of individual communications, and privacy of the physical person. When you go on television on the news straight after the announcement that $3 million of CCTV cameras are going to be strewn across Melbourne because Jill Meagher’s been murdered, you have to think through very carefully the balances. Physical privacy is sufficient that such that about the worst invasion of privacy you can suffer is to be killed, about the second worse is to suffer serious violence to yourself. They are all part of privacy. There’s many different balances. How do we do it? There’s a small set of principles which government agencies, legislators and corporations try hard to avoid. If they would work on these principles x we would get somewhere. The first is justification. Why are you doing this? How is this going to work, what is the problem you’re trying to solve and what is the mechanism whereby the change will occur? It is proportion natural, taking into account the side effects it will have? Is it transparent? Do we have the information to work with, or are you hiding things from us? Are there controls in place, which includes mitigating measures in order to overcome the necessary negative effects on privacy, and is there accountability? Can we clobber the people who play the game badly. If those things would be applied, if privacy impact assessments were forced on organisations, public and private sector, we would address these problems.

CHRIS: that solves the problem, we can all go home. Perfectly fine. Rob.

ROB: One of the balanced points I think is between privacy and free speech and freedom. There’s discussion about the right of the individual to choose how much of them about themselves will be revealed. But three comments made in private comments in recent weeks I think illustrate that there is more than just the choice involved. Mitt Romney and his 47% comment made at a private dinner, Alan Jones’ comments about the Prime Minister’s father, made at possibly, possibly not, a private function. And the former Speaker’s texts clearly intended by him to remain private. Each of those things are things that do have, there is a genuine public interest. People may disagree as to what extent the public interest probably for Romney’s cases, it is clearly relevant to probably the most important election that will happen in the next four years.

CHRIS: that is unfair!

ROG — ROB: in each case there is potential public interests. The balance about not always having the right of individual to choose how much privacy is revealed is important.

CHERYL: I need to respond briefly to Rob. I think what you made is an important point. I think there are times when one knowing what one is doing, and a public person is one of these categories, they should assume that they are giving up certain likelihoods of the right to privacy. I’m not a particularly public person, but I do believe and mostly it happens, that just about everything I say, do, or otherwise, is probably going to be recorded, photographed, taken down, in many cases transcribeed into three or four languages. And and it will be searched on the Internet. Because of that, I would be incredibly stupid and I’m not, to do anything, say anything, or transmit anything that I would not have published on the front page of the following morning’s newspapers. I’m not saying it may not make interesting reading from time to time, but you do it informed. So it’s just dumb to think that if you are public, you should do that.

CHRIS: Now I understand why you often speak in headlines. I will go to this gentleman here.
PAUL: I’m retired, so can say anything I like. This is the fourth session today, and three out of the four I think had the same message that we’re all missing. And that is the education of the young. I’m not talking about High School students. I’m talking about peer, stranger danger, walked past a daycare centre and a little kid said, “Hello stranger”. I thought, there you go, he’s got the message. I didn’t speak to him. I kept going.

(LAUGHTER)

There was a camera there, I didn’t tell you.

The reference to the igeneration and I call them exactly the same is probably right. When you start out in primary school, what are you, five? Six years old, thereabouts, and half the tackers have got telephones already. So why aren’t we teaching them that this telephone is communication device which can get you in a lot of hot water. They’ve all got mum and dad’s computer to play, learning games on, and/or I’m a small bugger I can do all sorts of thing t why are we not teaching them from that age onwards that these are devices that are tools that you can use that have inherent dangers and you need to learn about them? Then you have an informed choice to be an absolute idiot on Facebook, or Twitter or any of those other devices. I, like quite a lot of people in this room, came to computers in the middle of our working careers, so that we were already suspicious of the damn things. You know, we looked at these square boxes and went, “I don’t know about that”. Like most of us, I think we all do our electronic banking and all that sort of stuff and…

CHRIS: what’s your password again?

PPAUL.. I write it on a poet-it note! We’re all fairly bleary about things like that. So we inherently have that privacy attached to us because I don’t know about you, but when I was a kid, I was seen and not heard at the dinner table. Until a certain age. Whereas now the kids probably sit in the dinner table bloody texting somebody. So who knows.

CHERYL — PIA: you’re still carrying your phone around, that’s meta data.

PAUL: Mine is turned off unless the AFP has the triangles on the towers running. We need to educate the young ones, so they are the generation coming forward and they will carry the privacy, they will understand what digital rights are; they will know where to go with copyright, and all of those other ones linked together, that’s where it ought to be.

CHRIS: speaking at a young one, I’m looking forward to being educated. I’m sure that will happen.

Now, Craig wants to say something, hold on.

I’ve got this gentleman here, comments at the back. I had Narell and John, and Geoff and we are still, we still haven’t got to data retention. That is kind of my ultimate goal was that we wouldn’t get there. You want to bring data retention in? I promise we will get to data retention. Narell; you want to deal with this point before we go to data retention? Let me take that off you. Don’t worry guys, I will do it myself. You relax.

NARELL. What was it, 100 or so years ago and this funny electricity thing happened. People were terrified the kiddys would be burned and the adults, the parents, were terrified because they could see how dangerous it was. There were very real dangers. And over time we figured it out and we incorporate that into our parents practising and we rapidly teach children not to stick things in power points and occasionally we miss out the occasional kiddy. (LAUGHTER)

CHRIS: how occasion — how nicely put…

(LAUGHTER)

CRAIG: I agree with the education point, but the erosion of privacy is the function of technology. You know, once upon time when, you know, when I was a younger kid, when you receive a letter it’s private to you. You ep it, you lock it, no-one sees it. You know, today my email is hosted by Google. My, I use Chrome, and I synchronise my website together, and…

CHRIS: what’s your password again!

CRAIG: I trade convenience for having my information in the Cloud. I trust Google to some extent, but do I trust the Government not to access my data at some point? We will talk about data retention. My data is everywhere. Every time I step on a tram, my electronic Miki card tracks it. Every time I use my credit card it’s tracked. And my credit card company keeps it for more than seven years. We’re worried about two years of, you know, it’s a balance. We’re talking about what sort of data we’re talking about, but you know, I used to be a partner in a law firm and you know, record retention policies, everything is kept for seven years, so your interaction with your banks, other commercial entities, those records are kept for seven years. So it’s a bit of a balance.

CHRIS: Quickly, then we will go to data retention. Geoff you’re on.

GEOFF. I thought we lived in a society that believed in redemption. I did something wrong, I went to court and got tried by a jury of my peers, I served the time and then I was erased, I could start again. Even the jurists who tried me are not meant to have knowledge of my previous heinous misdemeanours before this particular one. Privacy is about time as much as it is about now. What we’re seeing now is the data logged is never, ever, erased. The person I was when I was 16 is not the person I am now. I’m a different person. There are things I did then that I really rather no- one would know about. Oddly enough, I it was pre-Google. You guys don’t know about it. But my children can’t do that. I think that’s really sad. I think that’s incredibly bad. I think it’s bad that we’re trying to impose standards on our children that we as children never had. I’m not sure they’re capable of doing that. I would like to understand your views. I’m not concerned about privacy. I have nothing I’m ashamed about. When you think about yourself, when you were 13, and does that still apply to you now?

CHERYL: I didn’t have nothing I’m ashamed about. Education has been pointed out and a number of our users. And when we put things out on Google, to be fair, that you know, it’s going to be there forever.
CHRIS: I’m going to go to certain people desperate to speak. I want you to please be crisp.

PIA.. We’ve had a period of tile. I will say00 years, of pretending to be something we’re not. We’ve all drunk the Machiavelli Cool Aid, we pretend we’re pristine and norm Mall. I think that is a big opportunity for us to become more mature as a society and realise that we aren’t, you know, pristine little Stepford lives and that’s a good thing. Though in the short term there will be pain and there will be pain, I think in the long- term it is good for us. That’s it.

ADAM.. One of the problems with that is that there are still regimes in the world who like to kill people. For dissenting views. And when you start saying that privacy in the West is something that we don’t really care about, that much, and we should be a little bit more open and we should be allowing a little bit more access to we can grow as a society, it’s dangerous, because we start allowing companies like Fin fisher and CISCO to build devices that get placed into Syria and end up being very damaging.

CHRIS: you end up being killed precisely because you’re not private. You say stuff you’re not…Should you be saying it? I wasn’t being literal, I was, but it doesn’t mean it’s my view. Roger?

ROGER.. I say that the identification would be more privacy sensitive. No-one — the indie case would be more privacy sensitive — the igeneration would be more privacy sensitive. Young kids are risk-takers. It’s a function of age. It becomes more risk-adverse as it gets older.

They accumulate more things to hide. They had some when they were young, but not many, they get a lot more as time goes by. The current generation habit ten much earlier and bit ten more often than our generations were bit ten. Their indiscretions, carrying on from Cheryl, we can see they’re record which yours and mine weren’t. And they’re seen by more people again later than ever was the case in the past. Guess what? Each generation each generation is becoming more savvy. We need them to teach that way around, not that way around. And each, the igeneration will, as a result, be much more sensitive…

UNKNOWN SPEAKER: This is why groups like the crypto party has been a success. After the cyber Crime Bill was passed recently, there was no party like a crypto-app install party. So someone started the hashtag and said let’s get people together, drink beer and teach each other how to increase your communications so that data logging is difficult.

PIA: There was a case study of people who had kids. We’re very security conscious. Maybe bad people could take them and you know take our children. Here is this story on the front page of the Sydney Morning Herald with the parents, holding the children in swim suits and talking about how much they care about their privacy. Come on.

CHRIS.. What do we have from the ether? What will the wireless tell us? If you can get a microphone that works?

Technology is fantastic.

A question from Liam Comford from the Pirate Party Australia. He asked: are consumers making informed trade-offs. Do consumers have proper appreciation for how far-reaching the risks of their information of self- disclosure are. If not, what can be done about this?”

CHRIS: they’re not. I have basically no clue what the apps, what information the apps I use on my phone are giving to whoever it is, I don’t have a clue. I mean, I believe that if I use, if I get my apps through iTunes, there’s more of a chance I have protection than on android. I read that somewhere I and I don’t know if it’s true. That’s, and I consider myself to be reasonably okay about this stuff, I have no idea. I am going to move on to data retention.

Data retention: what do we think, good or bad?
Can we start with, can we start with you, Kurt. So, you know the prose – Data retention, two years, mega data, pretty much everything.

KURT: When this came up, I was practising in London and we wrote a paper for the House of Lords saying what the human rights and data protection records are with data protection. It’s the same as you see today. You have to look at it from two lenses. One is human rights law is a proportion natural, is it necessary in a democratic society, all the usual tests. And it’s questionable, it seems to me, to sort of gather information on everyone in the society, in case you lailter need to — later need to use it. But even from a data protection/ privacy act perspective, it is clearly an incursion of existing data protection/ privacy rights. I think it is a serious problem. I think it’s one that, you know t Europeans have already gone down that road and then there is, we’re starting to get pushback from the constitutional courts, but it’s tough. I have trouble seeing the notion that 23 million people need to be surveyed and — surveiled and capture whatever small percentage of criminals it is have to be captured.

CHRIS: it’s Australia, there’s a higher percentage here.

(LAUGHTER)

CHRIS: I will go to to this pirate gentleman here and then come back to the panel. While the microphone is coming, you’ve heard the argument: if you have nothing to hide, you’ve got nothing to worry about. We will talk about that in a minute.

GLENN: Glenn from Pirate Party.

CHRIS: speak up, slow down.

GLENN: if data protection is implemented currently to the report if in the process, we can’t verify the proposal because the Attorney General refuses to release the information on the draft legislation, what chilling effect do you think this will have on the way people use the Internet?

PIA: You guys are awesome as loaded questions.

CHRIS: as a lawyer, that’s referred to as a leading question! We will go to Cheryl and then Craig next.

UNKNOWN SPEAKER: (Inaudible) in not providing the information needed on proper public debate and it’s to the Parliament they should fling the thing back in their face. Leaving process aside. What’s different about the proposition? An organisation could come and say that they need data retention and here’s that justification and we would need to argue it through. What is different? Why does this matter so much? It matters because hitherto our ephemeral conversations were that and didn’t end up tracked into files, we used to read things in libraries, we used to read things in our homes. It’s now trapped into protocols, trapped into logs. Every book your download is trapped into logs, it is behavioural privacy, not just our privacy. It is a’s — that is the chilling effect. Narell was trying to get it through to the committee. It’s hard to get basics through let alone the more subtle points. This audience is different, of course.

GLENN: You’re saying that mega data in a grey gate is content?

UNKNOWN SPEAKER: It is massive content. In the past suspicion had to exist about a person before the big guns could be rolled out and interception achieved. We all support that. A PF policy supports appropriate powers for law enforcement agencies. Ipso facto suspicions based on anything that turns out in the future to be a bad thing.

GLENN: that’s with the assumption that people who have access are good people.

UNKNOWN SPEAKER: We don’t have — we don’t believe that in the APF. We say there will always be another bigotry. If you’re in Cambodia for a long time, a degree from a university is one you didn’t realise you will run into. There will always be new nasty things that turn up with ipso facto suspicion generation. They can mine for it because of the richness of what’s available and the power of the things we have. If we don’t teach our technology to forget, going back to Geoff’s point, we’re in deep trouble. Then I would worry about us having lost privacy. I haven’t, by the way, I don’t believe we have lost it, we will lose it, unless we act and beat off stupid things like the proposal.

CHRIS: who wants the next crack? Cheryl?

CHERYL: You said me. Hear, hear to the speakers. I agree if there is a like or dislike, it gets a big dislike from me. The thing that really worries me about this potential huge net dragging through the waters of everything we do digitally, and keeping it for the length of time that it is, is proposed to, is exactly the same rational as we think there might be a disease, and so we’re going to treat you with absolutely everything. We don’t know what the consequences of this is going to be. The unpredictabilities are not worth the risk of taking it. There is more than adequate, as has been discussed on this panel and earlier ones, ways of tracking the real bad guys when you have due process, and proper suspicion. But there is no transparency, there is no accountability, there is no ability for the individual to have what we’ve been talking about, informed consent, or knowledge of its use, how can you give away for a whole community, the right that they should have to know where their data is or isn’t being collected and stored? What worries me most is that it’s the purpose behind it. Because I’m already admitting to huge digital footprints being left in my wake, we’re all leaving them. They are so disorganised and so disparate, that it’s a huge effort.

Every one of the Twitter people or feeds I follow is analysed. You will learn a lot about me. It may not be a bad thing, but what, as Roger said, is huge change in the future?

PIA: I didn’t make it explicit, but I’m not speaking on behalf of any employers. I need to be clear about that. I have three problems with the data retention issue: the first one is it’s based on a faulty legal precedent. Apparently the European legal precedent has been overturned in European Courts and there is information today or tomorrow about that from the NSW Cyber Laws space centre thing, so that’s the first one. And that keeps getting references, you know, part of the precedents and you know, that’s a good thing it’s been overturned. The second thing is it’s not based on a good logical precedent. The quote, and I did a blog post about this issue and I quoted and there was a good story about it quite recently that was well researched and there was a quote there from the AFP saying that if we, I guarantee you if we don’t have access to this data, we can’t possibly catch anonymous. Now, there’s so many things wrong with that sentence, not least at all any geek worth their salt misbehaving knows how to encrypt, how to use proxies, how to do touring. The data retention won’t help catch these people. The premise is illogical. There is no evidence about how this will help people catch the bad guys. The third thing; the biggest one, whenever I explain this in normal words to normal people, they get enraged, but what happens is that the entire issue is part of the whole suite of issues which is geeks verses spooks playing out in gladiator war games in tiny dark corners and it is not a society-wide conversation about the Internet and society and what we are and are not happy to compromise on. We need to reframe this entire debate to be about what do we want, what do we not want and I’m running a workshop tomorrow, where I will do exactly that.

CHRIS: thank you. We are coming to the close. I think Pia had a —
UNKNOWN SPEAKER: Pia had a car analogy.

PIA: I won’t advertise any more. If we went to the Australian society and said: we will put a tracker in your car. Everywhere that you, where you begin the trip, end the trip, everyone that gets in the car, but we won’t record what they say, we could, but we won’t. And people would go nuts. We all know we have the technology with phones, but if we actually proposed that, people would go crazy, yet that is meta data effectively.

CHRIS: I will take a couple of comments from the floor and close up with the panel. So, yes? Brief. And crisp. To the point.

JOHN: Current hat would be electronic function in Australia. The Attorney-General’s apartment will be appearing before the joint committee on intelligence and security at 3.45 tomorrow at Parliament House. Please come, unless there is something on here, of course.

I just wanted to follow up on Pia’s point about the European experience and just give a little bit of detail about those countries that have actually declared data retention to be unconstitutional. They are Germany, everyone’s heard of Nastazi and Bulgaria, which had an oppressive regime, they are Romania which had one of the most oppressive mass surveillance schemes; they are Czech Republic, which had similar experiences as well. If you look at these countries, these communities, these are societies that have genuine experience of what mass surveillance does to its society. They have said this stuff is not acceptable.

I think that is the way we need to look at this. We’re lucky in this country. We don’t experience this. We have no experience of what mass surveillance can do in terms of the corrosive effect on society and we’ve all talked about the issues. I could go on at length and I won’t.

You know, we need to learn from the experience of these societies and say this is not acceptable in this liberal democracy that we apparently live in.
CHRIS: good point. Thank you. (APPLAUSE)
JOHN: hopefully we don’t have to learn that through a world war or revolution.
PIA: We are in a revolution, man.

CHRIS: You’ll be first off – oh, never mind! (LAUGHTER).

Very quickly, please.

UNKNOWN SPEAKER: I think there are two sides today ta retention. There’s the public domain and then there’s the governmental one. I don’t know how many of you are aware unless you’ve just download your Medicare statement for your tax, but the Australia card has arrived, we haven’t looked in the mail. You cannot download a Medicare statement from Medicare unless you join Australia online, which links you to Centrelink and human services and the ATO. The four main services that the Federal fraudulent policing societies gather data from when they will prosecute you. So there you go. It’s already happening.

CHRIS: encouraging news. Very quickly, Geoff? Quick one from Geoff. I want 30 seconds to a minute of closing comments from panel.

GEOFF. I want to remind people when they consider data retention in the coming years. Two facts: we’ve run out of V4 addresses, right. And two, what that means for data retention. Because we’ve run out of the four addresses, carriers now have to put in carrier-grade nats. When you talk about the data gathered by ISPs, it is no longer the fact that you were online on this day and used that address. No, no, no. Many folk are using the same address. The data that will be created is which TPC sessions you opened to which address. Let me translate that. Every site you visit, every ad that gets delivered, every email is then logged. Everything. That’s the way carrier grade logs. It’s an enormous amount of data. But this is data that Google would kill for. This is you, in all of its gory detail. This is part of data retention. That’s a very spooky concept.

CHRIS: minute at the moment going down the line. Kurt.

KURT: I think what this shows is that this group which cares about Internet governance, the future of the Internet, has a huge stake in privacy. This isn’t just an issue we happen to care about because we care about a lot of issues that surround online activity. It goes to the trust that people put in the Internet, your ability, a medium for the future and core Internet governance issue, not just data retention, but privacy generally.

CHERYL: When I started off saying that privacy is a dream and a myth from the past, it’s also hugely important and something has to be on the current agenda. It’s all about informed and personal choice and control over data and its use.

CRAIG: While we should be concerned about data retention, we not be distracted by the data retention debate, and lose sight of the fact that data access is a more important issue. There’s data everywhere already. The question is who has access to that data and when. And I’m worried that this debate about data retention takes the focus away from access which I think is the bigger issue.

ROGER.. That merger of the larger control agencies in the VHS cluster has been brought to you by the perpetrators of the access card who were promoted to be the team that developed that process. Does that tell you something about the persistence of senior executives in government? Second point is that the John Lawrence down here, who produced himself from being from the FA is also a director of the Internet…

(LAUGHTER)

PIA.. I didn’t want to go into it. Briefly, I want to make one point to final Liz, but on that particular thing, the goal I think of privacy in terms of how government relates to citizens and I believe part of the goal of australia. gov.au, is to give people more permission about, not permission, but the ability to say, yes, I do, or don’t want to share particular types of data. I think that is a laudable thing that needs to be encouraged. I don’t think the goals of that website are about the goal. And the big thing is, the Internet, we’re limited by the fact that governments themselves are jurisdictional and geo-spatially jurisdictionally defined entities all trying to, from their tiny area, you know, putting limitation from how the Internet works, but the Internet is a global thing. And ultimately it’s not legislation that is going to protect people, people can protect people. We need to be better skilling our people and stopping the getting in the way of the Internet being the awesome thing it can be, has been and certainly will be.

Chris: FINALLY?
UNKNOWN SPEAKER: We can’t educate our children saying that privacy matters when the Government says it doesn’t.

CHRIS: Please join me in thanking the panel. (APPLAUSE)
Now, it’s afternoon tea time. It’s also ISOC AGM time. It doesn’t get much more exciting than this. We will reconvene here at 3.50. Ten to four for our final panel of the afternoon.
Please be on time. Thank you.

Thank you for using Red Bee Media Australia’s Live Remote Captioning Service.

Creating Open Government (for a Digital Society)

Recently I spoke on a panel at the NSW Information Commissioner’s “Creating Open Government” forum about my thoughts on blue sky ideas in this space. I decided to work on the assumption of the importance and need for creating open government for a digital society. In the 10 mins I had, I spoke on the pillars of public engagement, citizen centric services and open data, where we need to go in the open government movement, and a few other areas that I believe are vital in creating open government.

Below are some of the thoughts presented (in extended form), some cursory notes, and some promises to write more in the coming months 🙂

I should say up front that I am a person who believes government has an important role to play in society, even in a highly connected, digitally engaged and empowered society. Government, done right, gives us the capacity to support a reasonable quality of life across the entire society, reduce suffering and provide infrastructure and tools to all people so we can, dare I say it, live long and prosper. All people are not equal, there is a lot of diversity in the perspectives, skills, education, motivation and general capability throughout society. But all people deserve the opportunities in their life to persue dignity, happiness and liberty. I believe government, done right, facilitates that.

In my mind government provides a way to scale infrastructure and services to support individuals to thrive, whatever the circumstancecs of their birth, and facilitate a reasonably egalitarian society – as much as can be realistically achieved anyway. I’m very glad to live in a country where we broadly accept the value of public infrastructure and services.

So below are some thoughts on next steps in creating open government, with additional references and reading available 🙂

1) Online Public Engagement

There is generally a lot of movement to engage online by the public sector across all spheres of government in Australia. However, this tends to be the domain of media and comms teams, which means the engagement is often more about messaging and trying to represent/push the official narrative. There are a lot of people working in this space who say they are not senior enough to have a public profile or to engage publicly without approval and yet, we have many people in government customer support roles who engage with the public every day as part of their job.

I contend that we need to start thinking about social media and “public engagement” also as a form of customer support, and not just media and communications. In this way, public servants can engage online within their professional capacities and not have to have every tweet or comment vetted, in the same way that every statement uttered by a customer service officer is not pre-approved. In this way interactions with citizens become of higher value to the citizen, and social media becomes another service delivery mechanism.

For example, consider how many ISPs are on social media, monitoring mentions of them, responding with actual customer support and service that often positively impacts that persons experience (and by extension community perception) of the organisation. Government needs to be out there, where people are, engaged in the public narrative and responsive to the needs of our community. We need our finger on the pulse so we can better respond to new challenges and opportunities facing government and the broader community.

One of the main challenges we face is the perception from many people that there is little be gained through public engagement. If a department or agency embarks upon a public consultation without genuinely being interested in the outcomes, this is blindingly obvious to participants, and is met with disdain. It is vital that government invest in online community development skills and empower individuals throughout the public service to engage online in the context of their professional roles.

This online engagement development skillset can be deployed for specific consultations or initiatives, but it also vital on an ongoing basis to maintain a constructive narrative, tone and community that contributes on an ongoing basis.

Further reading:

2) Citizen Centric Services

Citizens don’t care about the complexities of government, and yet we continue to do service delivery along departmental lines and spheres of government. The public service structure is continually changing to match the priorities of the government of the day, so not only is it confusing, but it is everchanging and we end up spending a lot of effort changing websites, stationery and frontline branding each portfolio shuffle. The service delivery itself (usually) continues seamlessly regardless of shifts in structure, but it is hard for citizens to keep up, and nor should they be expected to.

Citizen centric services is about having a thematic and personalised approach to service and information delivery. Done well, this enables a large number of our population to self service, in the manner and at the time that is convenient to them. It is no small task to achieve as it requires a way to integrate (or perhaps sit in between) systems and data sources throughout all of government, but we have some established case studies in Australia that we can learn from. Rather than trying to get consistent systems across government – which leads to always being only as strong as your weakest link – it is feasible to have integration tools to “front end” government.

By enabling many citizens to effectively self service, this approach also frees up government resources for supporting our most vulnerable and complex cases.

It is worth also noting that a truly citizen centric approach would be both cross departmental *and* cross jurisdictional. We need to start asking and addressing the challenges around how can we collaborate across the three spheres of government to give citizens a seamless experience?

A more eloquent description of this concept is from a speech from my former boss, Minister Kate Lundy, from a speech entitled Citizen-centric services: A necessary principle for achieving genuine open government/

3) Proactive data disclosure – open data and APIs

The public service holds and creates a lot of data in the process of doing our job. By making data appropriately publicly available there are better opportunies for public scrutiny and engagement in democracy and with government in a way that is focused on actual policy outcomes, rather than through the narrow aperture of politics or the media. This also builds trust, leads to a better informed public, and gives the public service an opportunity to leverage the skills, knowledge and efforts of the broader community like never before.

Whether it be a consultation on service planning or a GovHack, an open and contextualised approach to data and indeed the co-production of policy and planning ends up being a mechanism to achieve the most evidence based, “peer reviewed” and concensus driven outcomes for government and the community. It gets citizens directly engaged in actual policy and planning, and although the last word is always ultimately with the relevant Minister, it means that where political goals don’t align with the evidence based policy recommendations, an important discussion can be had and questions asked from an engaged and informed public.

This, to me, is a real and practical form democracy. I feel that party politics actually gets in the way to some degree, as it turns people off engaging in the most important institute in their lives. Like a high stakes team sport, the players are focused on scoring goals against their opponents and forget about what is happening off field.

As a person who is working in the public service, I truly believe that transparency is our best defence in fulfilling our duty to serve the public.

With major changes to legislation in recent years making FOI more seamless and accessible to citizens, departments are struggling to allocate necessary resources to comply in an extremely fiscally conservative environment.

In the meantime, although there is a general concensus on the value (with admittedly sometimes quite different interpretations of value) of opening up more public sector information publicly, the fact is that it is largely seen as a “good” thing to do, a nice to have, and as such has been challenging for departments to justify the not-insignificant resources required to move to a proactive data disclosure status quo.

There is a decent argument to say that proactively publishing data (and indeed, reports) would help mitigate the rising costs of FOI as departments could point requests to where the information is already online. But realistically, unless the department had in place the systems to automate proactive publishing, then it will remain something done after the fact, not integrated into business as usual, ad hoc and an ongoing expense that is too easily dropped when the budget belt tightens.

I have people say to me all the time “just publish the data, it’s easy”. The funny thing is the vast majority of people have little to no experience actually doing open data in government. It is quite a new area and though the expertise is growing, we are in infancy stages in jurisdictions around the world. Even some jurisdictions with very large numbers of data sets are doing much of that work manually, the data becoming out of date quickly, and quite often the pressure to be seen to do open data overrides the quality and usefulness of the implementation, as we see datasets being broken down into multiple uploads to meet quantitative KPIs.

The truth is, although putting up some datasets here or there is relatively easy – there is a lot of low hanging fruit – to move to a sustainable, effective, automated and systematic approach to open data is much harder, but is the necessary step if we are to see real value from open data, and if we are to see the goals of open data and mitigating FOI cost compliance merge.

Interestingly, another major benefit of the proactive public publishing of government data, is that the process of ensuring a dataset complies with privacy and other obligations is quite similar between making something public and sharing across departments at all. By making more government data openly available, particularly when combined with some analysis and visualisation tools, we will be able to share data across departments in an appropriate way that helps us all have better information to inform policy and planning.

The good news is, in Australia we have the policies (OAIC, AG Principles of IP, Ahead of the Game, Gov 2.0 Taskforce Report, etc), legislative (FOI changes),and political cover (Declaration of Open Government, though more would be useful) to move on this.

I will be doing a follow up blog post about this topic specifically in the coming week after I attend a global open data conference where I intend on researching exactly how other jurisdictions are doing it, their processes, resourcing, automation and procurement requirements. I will also give some insights to what the dataACT team have learnt in implementing Australia’s first actual open data platform, which is an important next step for Australia building on the good work of AGIMO with the data.gov.au pilot.

Additional notes:

  • more effective and efficient government – shared across departments, capacity to have whole of gov business intelligence and strategic planning, capacity to identify trends, opportunities and challenges within public service
  • internal measuring, monitoring, reporting and analysis – government dashboards – both internal and public reporting on projects
  • innovation – public and private innovation through access to data, service APIs – gov can build on public innovation for better service delivery – eg GovHack
  • transparency – need to build trust, what is the value to gov? – eg of minister vs doctor example

4) Agile iterative policy

There is a whole discussion to have about next generation approaches to policy which would be iterative, agile, include actual governance to keep the policy live and responsive to changing circumstances, and the value of live measuring, monitoring and analysis tools around projects and policies to help with more effective implementation on an ongoing basis and to applying the learning from implementation back into the policy.

The basic problem we have in achieving this approach is that, structurally, there is generally no one looking at policy from an end to end perspective. The policy makers are motivated to complete and hand over a policy. The policy implementers are motivated to do what they are handed. We need to bridge this gap between policy makers and doers in government to have a more holistic approach that can apply the lessons learnt from doers into strategic planning and development on an ongoing basis.

I’ll further address this in a followup blog post next month as I’m pulling together some schools of thought on this at the moment.

Check out the APS Policy Visualisation Network which is meeting for the first time next week if this space interests you. It will be fascinating to have people across the APS discussing new and interesting approaches to policy, and hopefully we will see the build up of new skills and approaches in this area.

Notes:

  • iterative and adaptive policy – gone are the days of a static 10 year policy, we need to be feeding recommendations from testing, monitoring, measuring back into improving the policy on an ongoing basis.
  • datavis for policy “load testing”, gleaning new knowledge, better communication of ideas, visualisation networks for contextualisation, etc
  • co-production, co-design
  • evidence based, peer reviewed policy that draws on the diverse strengths throoughout our community and public service

5) Supporting Digital industries

There are many reasons why, as a society we need to have strong digital industries including IT, creative, cultural, games development, media, music, film and much more. Fundamentally these industries and skills underpin our success in all other industries to some extent, but also, we have seen many Australian digital companies have to go overseas to survive, and we need to look at the local market and environment and ask how we can support these companies to thrive in Australia.

I ran two major consultations about this over the past couple of years, and the outcomes and contributions are still very relevant:

  • The ICT and Creative Industries Public Sphere – included an excellent contribution paper from Silicon Beach, a group of Australian tech entrepreneurs who have exceptional insights to the sectors here and overseas.
  • The Digital Culture Public Sphere – included excellent contributions from the games development industry, digital arts, the digital culture (GLAM) sector and much more.

Notes:

  • Open government can contribute to our digital sector through:
    • open data – esp cultural content for which we are custodians and esp the large quantity of data which is out of copyright
    • being great users of and contributers to digital technologies and the Australian sector
    • focused industry development strategies and funding for digital sectors

6) Emerging Technologies

I finished my panel comments by reflecting on some emerging technologies that governments need to be aware of in our planning for the future.

These are just some new technologies that will present new opportunities for government and society:

  • 3D printing and nanotechnology – already we have seen the first 3D printed heart which was successfully transplanted.
  • Augmented Reality
  • Wearable computing and “body hacking”

On the topic of 3D printing, I would like to make a bold statement. You see, at the moment people are already trying to lobby against 3D printing on the basis that it would disrupt current business models. Many on the technology side of the argument try to soften the debate by saying it is early days, you don’t get perfect copies, and myriad other placations. So here it is.

3D printing will disrupt the copyright industry, but it will also disrupt poverty and hunger. As a society, we need to decide which we care about more.

There is no softly softly beating around the bush. There are some hard decisions and premises that need to be challenged, otherwise we will maintain the status quo without having even been aware of an alternative.

With advancements in nanotechnology also looming, we could see perfect copies of pretty much anything, constructed atom by atom out of waste for instance.

But there are also many existing technologies that can be better utilised:

  • games development – we have some of the most highly skilled games developers in the world and we can apply these skills to serious issues for highly citizen centric and engaging outcomes.
  • cloud – current buzzword – presents some good opportunities but also a jurisdictional nightmare so tread very carefully. You need to assume anything in the “cloud” can disappear or be read by anyone in the world
  • social media – see point 1

7) Final comment on government, power and society

Finally, just a couple of words about the most important element in creating open governments that can service the needs of an increasingly digital society.

We need to dramatically shift out thinking about technology and what it means to government. An no I don’t mean just getting a social media strategy.

For anything we think, plan, strategise, hypothesise or talk about to become real, we inevitably use a number of technologies.

Most people treat technology like a magic wand that can materialise whatever we dream up, and the nicely workshopped visions of our grand leaders are generally just handballed to the bowels of the organisation, otherwise known as the IT department, to unquestionably implement as best they can.

Technology, and technologists, are seen to be extremely important in the rhetoric, but treated like a cost centre in practise with ever increasing pressure to do more with less, “but could you just support my new iPad please?” IT Managers are forced to make technology procurement decisions based on which side of the ledger the organisation can support today, and the fiscal pressures translate to time pressures which leaves no space for meaningful innovation or collaboration.

We need the leaders of government, especially throughout the public service to be comfortable with and indeed well informed about technology.

We need collaborative technologists in the strategic development process, as we are the best people positioned to identify new opportunities and to help make a strategic vision that has a chance of seeing daylight.

We need to stop using the excuse that innovation or open government “isn’t about technology”, and recognise that as a government, and as a society, need to engage a healthy balance of skills across our entire community to co-design the future of government together. And we need to recognise that if we don’t have technologists in that mix, then all our best intentions and visions will simply not translate into reality.

Monitor, measure, analyse, collaborate, co-design, and be transparent.

The future is here, it simply isn’t widely distributed yet – William Gibson

Notes from after my speech from the event

The NSW AG speech was excellent – he spoke about the primary difference between the NSW Government Information (Public Access) Act 2009 and the old approach is that the current approach pushes for proactive disclosure.

He mentioned three significant aspects of GIPA:

  • Accessibility
  • Manner in which is enables participation
  • Public right to know is paramount

There was an important comment from the day that we need to address sustainable power if we are to build a vision for the future.

There was comment on public interest – public consultation, get best inputs, peer review, chose most evidence based approach.

Questions about cloud:

  • Cloud attributes – jurisdiction, privacy, ownership, enforcability of contract, data transportability
  • Functional categorisation – private data? criticality of data/service delivery?
  • PATRIOT Act implications

AGIMO have some good policy advice in this area worth looking at on their Cloud computing page.

I wrote a hopefully useful post on this a while back called Cloud computing: finding the silver lining. I will be following that up with some work I’m doing in gov atm around this topic a little later, looking at the specific attributes of cloud services, how they map to different things gov want to do, and the fact that government jurisdictions around the world are pretty much universally using what I call “jurisdictional cloud” services, which means they are hosted by gov, or by gov owned entities within their legal jurisdiction. The broad calls for government to “just go cloud” suggest a binary approach of ‘to cloud or not to cloud’ which is simply not reality, not a reasonable thing to expect when government has obligations around privacy, security, sovereignty, ensuring SLAs for service delivery to citizens, and much more.

I also did an interview with Vivek Kundra (prior CTO for US Federal Gov) a while back which will be useful to a lot of people.

I loved the five verbs of Open Gov by Allison Hornery: Start, Share, Solve, Sync, Shout. Her speech was great!

Also, Martin Stewart-Weeks talked about three principles of open government:

  1. partly in cathedrals and partly in bazaars
  2. new relationships between institutions and communities, and
  3. knowledge has become the network. Great presentation and interesting how open source ideas are so prolific in this space.

Internet, government and society: reframing #ozlog & #openinternet

Having followed the data logging issue peripherally, and the filtering issue quite closely for a number of years, I am seeing the same old tug of war between geeks and spooks, and am increasingly frustrated at how hard it is to make headway in these battles.

On one hand, the tech/geek community are the most motivated to fight these fights, because it is close to our hearts. We understand the tech, we can make strong technical arguments but the moment we mention “data” or “http”, people tune out and it becomes a niche argument, easily sidelined. It is almost ironic that is it on these issues the Federal government have been the most effective on (mainstream) messaging.

The fact is, these issues affect all Australians. When explained in non tech terms, I find all my non-geek friends get quite furious, and yet the debates simply haven’t made it into the mainstream, apart from a few glib catch phrases here or there which usually err on the side of “well if it helps keep children safe…”.

I think what is needed is a huge reframing of the issue. It isn’t just about the filter, or data logging, or any of the myriad technical policies and legislation proposals that are being fought out by the technical and security elite.

This is about the big picture. The role of the Internet in the lives of Australians, the role of government in a digital age, and what we – as people, as a society – want and what we will compromise on.

I would like to see this reframing through our media, our messaging, our advocacy, and our outreach to non-tech communities (ie – MOST of the community). I challenge you all to stop trying to tell your friends about “the perils of data logging on our freedoms”, and start engaging friends and colleagues on how they use the Internet, what they expect, whether they think privacy is important online in the same way as they expect privacy with their snail mail, and what they want to see in the Internet of the future.

I had a short chat to my flatmate about #ozlog, staying well away from the tech, and here is what she had to say:

What annoys me is how the powers that be are making decisions that can or will affect our lives considerably without any public consultation. The general public should be educated on the implications of these kinds of laws and have a say. To me, this is effectively tampering with the mail, which has all the same arguments. If we start just cutting corners to “catch the bad guys” then we start losing our rights and compromising without consideration, potentially to no effect on crime. It’s a slippery slope.

Pamela Martin – flatmate and non-geek, she still has a VCR

It’d be great to see a series on TV about the Internet and society, something that gets normal people to talk about how they use the Internet, what they expect from the Internet, from government, and to work through some of the considerations and implications of tampering with how the Internet works. Some experts on security, networking, online behaviours and sociology would also be interesting, and let’s take this debate to the mainstream. The tech, security and politically elite too often disregard the thought that “normal” people will get it or care, but this is in fact, possibly the most important public debate we need to have right now.

I’ve written a little more on these ideas at:

Would love to hear your thoughts.

It is worth noting that during the big filter discussions in 2009/10 I was working for Senator Kate Lundy. Most of our correspondence up till that date were, to be frank, pro filter letters that argued that people wanted less porn to protect the children. IE – the arguments were generally idealogically based and little to do with the actual proposed policy, but supporting letters just the same. The Senator blogged about her thoughts on the issue which caused (over a few posts) several thousand comments, largely considered and technical comments against the policy which were really helpful both in building a case and in demonstrating that this is a contentious issue. I was and remain very proud to have worked for a politician with such integrity.

At the same time I saw a lot of people fighting against the filter using nastiness, personal attacks, conspiracy theories and threats. I would like to implore to all those who want to fight the good fight: take a little time to consider what you do, the impact of your actions and words, and whether in fact, what you do contributes to the outcome you are seeking. It is too easy to say “well it’s gonna happen anyway” and get all fatalistic, but I assure you, constructive, diligent and overall well constructed advocacy and democratic engagement does win the day. At the end of the day, they work for us, we just sometimes need to remind them, and the broader “us” of the fact.

UPDATE: This post was initially inspired by a well written SMH article which reported that the data logging issue had been put deftly back on the table (after it being shelved for being too contentious) with questionable claims:

Her apparent change of mind may be a result of conversations with the Australian Federal Police, who have long pushed for mandatory online data retention. Neil Gaughan heads the AFP’s High Tech Crime Centre and is a vocal advocate for the policy.

”Without data retention laws I can guarantee you that the AFP won’t be able to investigate groups such as Anonymous over data breaches because we won’t be able to enforce the law,” he told a cyber security conference recently.

Now, I’m not involved in Anonymous but I’m going to make an educated guess that there is probably a reasonably high rate of tech literate people who understand and use encryption and other tools for privacy and anonymity. Data logging is ineffective with these in place so the argument is misleading at best.

I was pleased and heartened to see the SMH article get a lot of attention and good comments.

This is only the beginning.