Privacy and Internet Policy at Internet Government Forum Australia

A couple of weeks ago I participated in the Australian Internet Governance Forum, both on a panel about Internet privacy (which also delved into the murky waters of data retention) and I also ran a 90 minute session on Government and Internet Policy. Both were fascinating. Below I’ve briefly wrapped each one up.

Privacy Panel

I sat on the IGF privacy panel as an open government person, and it was a fascinating discussion. Other panelist

You can watch the Privacy Panel video on the auIGF website, but you (quite ironically) have to provide your name and email address. If you just want to get the gist of the panel, check out the IGF session captions. I’ve copied the caption service transcript at the end of this post for my archives. They did a really good job on the day, but we all spoke quite fast, so it’ll give you a good but rough idea of what was said.

Government and Internet Policy session

My personal goal in this space is to have a more nuanced public dialogue on Internet policy such that we make more informed, collaborative and inclusive debate on where we as a society, want from the Internet, and such that we can avoid government policies having unintended results that inhibit the social or economic opportunities we have enjoyed to date.

I thought it would be interesting to get some of our Internet policy and practise luminaries to discuss Internet policy. It was a robust and fascinating discussion resulting in some great insights and ideas. Core ideas that came out where a) the Internet cannot be defined because the moment you do so, the technology changes, but b) there are some core values/principles that underpin the Internet that could be used to assess policy. It was interesting to have some, at times, quite contrary thoughts in the room, but to see that by the end of the session, the different perspectives were largely two sides of the same coin.

What I rapidly realised during the session was that most people in this space are focused on a very narrowly defined patch, and each patch is being dealt with largely in isolation from the rest. For example, the idea that “we don’t need to worry about policies that deal with content (such as Internet filtering) because we are focused on the domain name space”. In my opinion this is somewhat problematic because it makes it too easy to play divide and conquer by policy.

As a result of this session I’m writing a short paper on some core values of the Internet that migh be a good basis for reviewing government policies around the world so we can start to reframe Internet policy in terms of what is good for society, rather than the relatively unhelpful and specialised “open vs closed Internet” debate we have seen completely fill the airwaves recently. I’m going to do some policy analysis on some of the big ones against this list of values to see how the model stacks up.

Check out the wiki page where we captured the ideas contributed to this session.

As part of setting up the wikipage for this session, I also invited other sessions to use the wiki. Two other sessions decided to use the wiki and you can check them out at http://auigf.wikispaces.com/

Below are the outcomes of the session, and below that all the content that led us to this outcome.

Values of the Internet

Potential list of values, perhaps “public good” aspects we take for granted, things “on the net”? Perhaps government should be able to confirm they agree with? Perhaps “please make a commitment”. Perhaps the values could be then compared and contrasted with policy positions:

Coordination not control– committing to protecting coordination efforts and commitment to participate in coordination:
- Social: more collaborative approach which might lead to more citizen centric policy.
- Economic: capacity to tap into other efforts, more effective policy outcomes that align with how the Internet is actually run/managed/governed.
Interoperability– open standards, no undisclosed/forced gated communities
- Social: avoids lock in or out, people can make informed decisions, increased usability, accessibility,
- Economic: fair market competition,
Peer to peer global connectivity– people/devices/all ports/all teh things/any to any – connecting directly to each other
- Social: free expression, non discriminatory
- Economic: freedom to provide and accept and service, facilitates innovation, we don’t know what the next killer protocol is going to be, so freedom for future opportnuities,
Route around damage– capacity to deal with issues
- Social: gete around censorship,
- Economic: resilience, high availability, availability during natural disasters,
Distributed control– no single point of failure or control, eg multi-source networks of trust
- Social: uncapturable, ability for civil disobedience and dissent,
- Economic: no single point of failure, avoiding damage of monopoly rents
Non-discriminatory approach– users, devices, content, jurisdiction, technology neutral/common access, free flowing data
- Social: affordability, accessibility, availability
- Economic: free market

Perhaps some point about public information, gov role in providing public infrastructure/information/emergency information/open data (bushfires)? Maybe this is more a policy recommendation than a core value?

Additional comments and points:

Internet must have the capacity to deliver:
All ports, protocols, content, origins and all destinations.

What is the different between the Internet and public roads?
NBN as a policy example where there is a a purposefully neutral policy approach.
Technology doesn’t limit the application. Public communications. Will a private market service the need and if not, then public investment. What are the parameters for determining a market factor. Is it accessible for everybody? Eg comparison with electricity grid.
Consistent addressing structure
Consistent naming structure
Availability, predictability, stability
Government needs to commit to an Internet that is coordinated and not controlled.

Below is the rest of the content of the wiki from my session (for my archive, from the date of this post):

Session Info

Facilitated by Pia Waugh, this workshop looked at the role of governments in Internet management, policy development and regulation. Participants were invited to exchange views on the pressures and issues that could drive governments to take an increased regulatory role, the areas in which meaningful government engagement would be of benefit, and the areas where the open and multi-stakeholder model should be retained. Topics included current parliamentary deliberations on reforming national security legislation and the potential impact on business and end-user rights.

Session Methodology

We kicked off the session by, as a group, trying to identify the high level categories of problem spaces that the plethora of Internet related policies, legislation, codes and trade agreements are trying to deal with. As part of this we had a first shot at identifying the various mechanisms these approaches adopt in trying to achieve their goals.

Then we dived into a discussion about the technical characteristics of the Internet and their social/economic implications. That discussion had some healthy debate that resulting in some consensus that the technical characteristics of the Internet are constantly changing and shouldn’t be pinned down. However, that there *are* some overriding principles/values that underpin the Internet as it was, is, and should continue to be.

We ran out of time to compare and contrast our key categories and the various mechanisms of enforcement, with the model of how we define the characteristics of the Internet. Hopefully this can be part of an ongoing discussion in this community.
The outcome of the session is captured in this wiki, which forms the basis of a paper that can be fine tuned over the coming month in the lead up to the International IGF meeting in Baku and is a part of the Australian contribution to the international discussions.

Where people identify specific tangible policy recommendations for the Australian Government, please add them below. Feel free to copy and paste from existing working this space so long as you give attribution. This will be presented to the Australian Government along with a copy of the paper above.

Policy & Legislation

Please contribute to the Internet related policy/legislation page as this list is far too long to be on this page. From this rather extensive list of policies, legislation, codes and even trade agreements, we can see a number of categories of problem spaces emerging:

Summary of Issue Categories

Policies tend to have one or a number of theme categories inherent (please add/modify this list as it’ll be basis of discussion):

Individual interests
- personal safety (eg cyberbullying)
- market meeting the needs of the community public vs private?
- privacy
- identity astroturfing
- free expression (and thought, limiting behaviour on the internet?)
  - illegal vs inappropriate behaviour
- rights? access, usability,
- consumer safeguards role of gov? market distortion questions?
- net neutrality
National interests
- skills
- economic growth
- national/economic security (eg cyberwarfare)
- sovereignty
- knowledge
- trust and confidence – transactional confidence as well as who
Culture & democracy
- shifting cultural norms can and often respond to shifting cultural norms
- social inclusion languages, accessibility, access, (need definition)
- use of the internet in democracy evoting, astroturfing
Market challenges
- intellectual property (copyright for copyright sake? international sake, software patents, trademarks domain name policy)
- creative/digital industries in Australia
- innovation (?)
- competition
Legal challenges
- prejudice and justice on trial proceedings
- local jurisdiction vs international scope of the Internet difficulty of local enforcement on an international thing, some people chosing selectively the jurisdictional that suits their purposes

It was suggested the above ideas might boil down to the two categories of Ownership and Accountability. Thoughts?

Summary of Implementation Mechanisms

The tools and mechanisms used in policies range from (please add/modify this list as it’ll be basis of discussion):

Government Mechanisms

Social
- Education/marketing of an idea of information
- Civil remedies
Legal
- Judicial oversight as requirement for legal enforcement mechanisms?
- Tweaking of criminal acts (personal and corporate)
- Media law
- Injunctive takedown orders, suppressions,
- Contract law
Regulation & industry
- Content regulation
- Industry regulation imposed, co-regulation (relegatory framework designed to be administered by industry framework) or self/community regulated
- Codes of conduct
- Private arrangements eg changes to services, filtering
- Standards
- International coordination needs more consideration
- Public/private partnerships collaborating to achieve an outcomes
Gov investment strategies
- Taxes to accelerate or retard particular behaviours
Technology mechanisms
- Copyright protection
Enforcement & Monitoring
- What role should gov play in both/either?
- The scope of intelligence agencies
- Monitoring/management:
- Monitoring is in all directions including sideways
- Monitoring of networks, publicising/disclosing network performances
- Forensics of online information get context on issues
- Evaluation and analysis of policy values and metrics chosen, evidence
- Enforcement and publicity of enforcement related to the capacity for an enforcement agency to do its job it directly related to its visibility

Citizen mechanisms
The tools and mechanisms used by citizens to protect themselves (please add/modify this list as it’ll be basis of discussion):

Countermeasures how easy it is to work around the enforcement, race to the bottom
FOI

Further Policy Recommendations for Australia

Any specific Australian Government policy recommendations you have for the Australian Government, please feel free to link to existing papers, but pragmatic and tangible policy suggestions would be much appreciated.

Have official Australian Government participation and active voice in international Internet policy, representing the best interests of Australians

7) Further Contributions Post Session

Canberra Manifesto (contributed by Bret Treasure after the event)

The Internet is our most powerful communication, business and innovation tool. Although it is disruptive and although it may challenge individual governments, institutions, industries and businesses, its overall benefit to the people of the world is clear. The Internet is a path to a more connected and improved society; we look to governments to plan for that future.

So we make these requests:

That prior to legislating, Governments take into account the self-expression, community, efficiency and innovation that a decentralized collaborative regulatory structure has delivered
That prior to legislating, governments look to existing laws
That governments support a globally focused, multi-stakeholder, open approach to Internet regulation
That governments foster competition in the delivery of Internet services and access
That governments enact principles-based law rather than technology-specific law
That governments facilitate inclusion and accessibility
That governments respect such fundamental human rights as privacy and freedom of expression
That governments address the challenging issues that arise without using them as political tools.

auIGF Privacy Panel Transcript

auIGF 11 October 2012 Session time 2:30pm-3:30pm

[Welcome to Red Bee Media Australia’s Live Remote Captioning Service.]

UNKNOWN SPEAKER: In order to watch it. I think it’s those kinds of copyright restrictions on access to content – it seems cruel to me in an age of digital abundance we have these types of issues for the visually impaired and me as a consumer, if I want to read a book on my iPad, I got a voucher, eBook, which is the only format it’s compatible is kindle fire. These are the digital restrictions, the types attached.
UNKNOWN SPEAKER: I think a lot of us would continue to continue the discussion, but we are eating into the AGM times, the next panel – thank you to all of our panellists and for your questions and contributions. Thank you.
(APPLAUSE)
CHAIR: Can I ask the next panel to come up and those that are staying to stay. If this panel could move t next could come up. We will get going straight away.
The most vehement about openness are the ones who want the strictest rules about privacy, which strikes me as being slightly odd.
For what it’s worth, I’m happy to pay for content. I think I should be allowed to choose the content I watch, rather than have Channel 9 or 10 or 7 decide what they want to import from the UK.
We will do a quick panel switch and move to privacy. Let me read you what we said about privacy. We wrote this three months ago: things have moved on a bit since then. As with the copyright debate, the massive social and commercial changes brought about by the growth of the Internet over the last decade are also forcing law-makers… (reading .).
So they said a lot’s happened in the last three months since I wrote that and we can probably start and finish this discussion with three words – mandatory, data retention. The changes to national security legislation currently delivered by the joint parliamentary committee on changes are a hot topic when it comes to privacy, evidenced by the in excess of 200 submissions. We will come back to it later on.

Firstly, I want to set the scene folks, more broadly. What is privacy today? Does it mean the same things as it means to an 18- year-old? I said I was talking with curt and I said earlier on, for me it’s privacy I want to be able to tell you you’re allowed to know nothing about me. For the Facebook generation, privacy is, I want to publish everything about myself where ever I want to but you’re not allowed to do anything with that information. Those are two fundamentally opposed views. Let’s talk about that with the panel. I will briefly run down the introductions. Curt Wimmer you met, he was here. And Cheryl Landon is the director of auDA, and is the former Chair of the ICAANN advisory committee thing.
This is Craig Ng, General Crown sil for APNIC. This is Roger Clarke, the Chair of the Australian Privacy foundation. This is Pia Waugh, Open Government advocate, former ICT policy adviser to Senator Kate Lundy.
And… Adam is not here. Your name is not on my list.
ADAM.. I am here.
CHAIR: Never mind. I was going to do a pirate thing, but I won’t. It wouldn’t be fair. Okay. What do we mean by privacy?
What do we mean by privacy, Cheryl?
CHERYL: everything I will say in no way reflects upon or is to be seen as the views of any of the organisations that I represent.
I’m a member of or have been a director prior or currently to.

Future I will reserve my judgement on. I think privacy is a dream. I think we lost it. I think privacy was something that may all want to and perhaps in a glazed-eyed moment dream that we could have again, but we walk around with these things, w are geo locating ourselves. We have huge amounts of data collected and we do so willingly. So to say that we have a level of privacy, I think, is a pipe dream. What I do have, however, and we can get back to that later, Chris, is very firm views on what happens with it.

CHRIS: good excellent. Craig, you’re a Facebook junkie, you put anything up on Facebook, given the chance. What do you think? CRAIG: That’s true. I think that the Privacy Act in Australia is a misnomer. For us to be comforted by the fact there is a Privacy Act, to think we are protected, our privacy is protected is totally wrong, because our Privacy Act is so limited in its scope that the traditional concept of privacy to people on the street, you know, privacy not to be photographed; you know privacy not to be put up on Facebook and for your picture to appear and tagged immediately, there is no protection against it. So, you know, and I’ll be interested to talk about privacy act in a moment, but our Privacy Act protects us from such a minute scope, that it’s virtually ineffective.

CHRIS: curt, from an American perspective?
KURT: We don’t even have a privacy act. We entirely react. To specific problems. I think privacy is an agreement. It depends upon, you know, what you can work out with whoever you are giving up voluntarily your privacy to and whatever pledges and promises that are made or basically that we enforce through the act, I think.
CHRIS: Okay, Pia?

PIA: all right. Basically, privacy is whatever an individual perceives it to be. The problem is that of course that depends on your technical literacy. With a relatively technical ill literate population, you have no privacy. People want to protect themselves as much as as little as they want but because the IT skills have gone so down, those people are not aware of what privacy they have. A lot of people don’t think about environmental policy. There was a case study where data was published that looked at floa and fauna in the northern seas of Australia and in a couple of weeks a particular species of fish was almost done to extinction. I think there’s a huge amount of optimism that I have, which is…

CHRIS: can you slow down a little bit… These guys are really good, but…
PIA: Sorry, weirdly enough, it’s ten timings as fast in my head. I will try.

CHRIS: I have to stop you – I have the concept on fish privacy, which I think we could spend hours discussing!

(LAUGHTER) PIA: Environmental privacy is what people don’t think about. And there is the panoptic of things going on about the state of being able to see into the lives of the people, one of the cool things is the people can see back into the lives of the state. That’s interesting, though I think there is a lot less privacy than there was simply because there is the capacity to get to data, it creates possibilities for better democracy as well. The final point I will make is that there is a disturbing trend towards looking at inappropriate behaviour as opposed to illegal behaviour. The enormous amount of data available from people who are not technically literate enough to turn it off means that there is a whole judgement call going on inappropriate behaviour, rather than illegal and I’m concerned about that.

CHRIS: Adam?

ADAM: The cyber punk manifesto says that privacy is the right to selectively reveal oneself to the world. It is about saying this is a piece of information about me and this is the audience in which I give authorisation to view that piece of information.

There are lots of talk of the young generation these days putting all this information on Facebook and how they are giving up their privacy and they don’t care and it’s fine. They do care. They care quite a lot. We know that, because when things like Facebook’s timeline update came to and people in France realised there was a discrepancy between the intended audience of some messages that were posted on people’s walls, or in their inboxes, it’s not 100% clear if that was a bug replicating that information. There was certainly people who said that message was private. Now it’s public. That’s not okay. There are heaps of examples of people actually saying there is no way that would have been intended for a public audience, like a young woman who called up Triple J and said: “I wrote a dirty poem to my boyfriend”. His parents were able to read it because it was on her wall. The assumption that we are giving up our rights and saying we don’t care about it is false and we do care.

CHRIS: I’m sure you do, I agree. Roger.

ROGER: where to start. A privacy is the interest individuals have in a private space. We have a fair bit of con sis ten – – consistency. That’s abstract. The only people who are interested in that kind of abstract rubbish are people like me who publish articles on it. Privacy is a specific gut feeling every individual has and each individual has it differently at different times. It is utterly situational and utterly personal. If we have a list running down the screen of a privacy breaches reported in Australia this week, there would be enormous diversity and we would react differently to the examples as they came across the screen. That is how it is. And yes, it would be nice if we could divide it up and tackle just some of the things, the Privacy Foundation is so stretched across that great list. That’s not the reality. Now, the critical thing that you’ve been raising, the assumption that’s built into the wording we were given, has to do with the “privacy is dead” proposition. It’s not dead because people demand it. They don’t walk in the streets saying: “We want a real Privacy Act instead of this rubbish semi-data protection act”. They don’t do that kind of thing. It’s the abstract. People are only interested in the spefpbg. — specific. They will walk against an Australia card and against an access card and they will walk against data protection and a range of specific things. People demand it. Privacy ain’t dead. Privacy pauses in between flurries. One thing I that will hammer, but I won’t give you the explanation because I will get more air time later, won’t I Chris? (LAUGHTER)

The igeneration, the digital natives, that lot, I call them the igeneration for obvious reasons because “i” stands for everything in this conference, the igeneration will be more privacy sensitive than previous generations. I will explain when I get the chance.

PIA: I want to make a comment. I always find it funny, a lot of my peers didn’t get computers until they were in late High School or university. I had a computer since I was four because my mum was a geek. Now when I was a kid there was an active campaign called “stranger danger”. It taught you all the basics and so when I was on, you know, when I was dialling into remote servers and having chats with people in the mid-90s and running up huge STD phone bills for my school, I, you know, you applied those principles t principles applied directly. One of the myths we face is that online privacy is somehow a completely different thing from meet space. I never call it in real life, because I believe online is real life as well, but meet space privacy is not that different. I think part of the problem we have is that we’re trying to treat it like something different, whereas the basics of stranger danger and tech literacy, chose things combined give us the tools to maintain our personal level of privacy to our satisfaction.

CRAIG: A small point. I think privacy is something that moves with time as well, just like copyright. I think it’s a balance. It’s a balance between society that wants to protect privacy verses safety. So you know, those of you in Australia would be familiar with the case of Jill Meagher who recently passed away. CCTV suddenly is acceptable and encouraged and well, I haven’t heard a lot of…

UNKNOWN SPEAKER: I will disagree.

CHRIS: on CCTV – in the UK, where I’m from, it is almost universally loved. Everyone thinks it is fantastic, not everybody, but general people, society, thinks it is great. And it is in fact supported and promoted by all of the great British detective modern detective programs who, which refer constantly to the fact that almost every crime is solved due to CCTV.

CHERYL: What are the statistics on the crime solution, it’s infinitesimally small.

CHRIS: I’m not suggesting being a fan of it, but it can be embraced. In Melbourne it is happening now because of an individual event. You said you violently disagree. Go ahead and violently disagree.

CRAIG: I didn’t say violently. The statistic that was out after the case was that in the UK one in 1,000 cases are solved with the aid of CCTV, and another report that was put out said that the amount of money that gets poured into CCTV could be better spent putting in street lights.

CHRIS: I agree. Still loved though.

PIA: Sorry, I saw a brilliant speech by, can I can’t remember his name, I will remember it, but about the difference between security theatre and security reality. This is part of the problem. There is a lot of theatre going on. The talk is on the Linux website from a couple of years ago. But the, but I think this is a big issue. And data logging is a really good example of theatre verses reality as well. So we will get to that one.

CHRIS: do we have CCTV in the states publicly?

CURT KLS: NOT TO THE EXTEND AS IN — NOT TO THE EXTEPBLT AS IN THE STATES.

CHRIS: do you want to say something, Josh? We will get on to data retention. I know you want to talk about it. Yes, Josh?

JOSH: With regards to the CCTV stats on solving crimes, one may have to ask: does the presence of CCTV prevent or prevent crimes happening in the first place?

I don’t know.

UNKNOWN SPEAKER: Initially there is a lull when people see that there is an increase in surveillance of them. But they get used to it. And that deterrent fades a away and then it gets used for tracking people.

CHRIS: I will get to you.

UNKNOWN SPEAKER: More fine-grained than that. Crimes of passion are uninfluenced. Crimes are maybe briefly deterred, but there are still thieves who do it in front and get photographs taken of them. Mostly it is displaced, almost all of the effect of CCTV that’s been measured in the States is dace placement of behaviour.

CHRIS: you’re all talking about facts.

(LAUGHTER)

UNKNOWN SPEAKER: We’re not talking about data retention.

CHRIS: it makes people feel better.

Paul Evans, you had something in I have a remote comment from Tom.

PAUL: I want to smile for the camera. Hi.

(LAUGHTER)

20 years ago, Roger, you and I were implemented the Privacy Act. Do you agree with Craig that it is almost a piece of relic-try? Do we need to revive it?

CRAIG: The privacy act is distinct from the amendments and was worth having. It’s since been cut away by a myriad of slashes. Obviously every successive act overrides it in many respects. It’s never been adapted to take account of technological change. There’s been many end runs and every loophole has been used and many loopholes have been found that weren’t designed in the first place. It’s become poor. Fit was enforced, if it was enforceable it would help but the limited power that the Privacy Commissioner has got are not used either. I think the Privacy Foundation protects you better than the Comigtser. — Commissioner, I would say that.

CHRIS: Tom, do you have a remote thing?

TOM.. Yes, this is from ‘Dude D’. He says: “If privacy is a dream, why do you have curtains?”

(LAUGHTER)

CHERYL: I’m happy to respond to that. Chris knows I’m happy to respond to that because I’ve given up my right to privacy. There is not a single curtain in house. There are not doors in my house.

UNKNOWN SPEAKER: She lives on top of a mountain.

CHERYL: there are also no neighbours. We’re all wearing curtains right now. I can change that.

CHRIS: all right. Now, back away… Thank you.

All right.

So there’s a wander through the joys of what privacy means or may mean or may not mean.

(Pause). There’s obviously a balance required, right? Between privacy and, let’s just call it security. We could argue about the term. Let’s call it security. We will get on in a minute to data retention. There’s a balance required between security and privacy, some of our information has to be available. How do we, what’s the perfect, is there a way of striking that balance? Who should decide? How should we decide? Yo go ahead. You waved at me.

Slowly.

PIA: I will articulate madly, will do that to slow myself down. You see, it’s funny. I see the balance as not necessarily between – there is a balance between security and privacy, but the balance between openness and privacy is challenging. I think the only way to strike that balance is firstly to not assume that any one group or any group in isolation can make that decision, there needs to be an ongoing dialogue and debate in the society and community and done in a transparent way and it needs to be done in an iterative way. One of the things I’ve thought about and I’ve started to look at ways, have started doing projects to implement is looking at policy from an iterative approach – how can we have, dare I say it, an agile approach to policy development, where rather than the policy developers in isolation with a smaller group of stakeholders, you have open policy development and then in the first instance, so you get more peer review, more transparency and then upon implementation, it’s constantly being monitored, to use the term, and reviewed and recommendations made and fed back to the policy. It’s only through having that ongoing approach to policy can government policy maintain flexibility and be able to respond quickly to new challengers and opportunities. So in a way our entire approach to policy needs to fundamentally shift to answer that specific question. In the question about managing the balance between openness and privacy, the part of that debate ends up being, well, you know, we need to have a certain amount of low, you know, you can’t goo too high res into a lot of data stats because it is very easy, with age location to identify 80 per cent of people from a data set, so you need to make sure it’s low grain enough to protect privacy, but high grain enough to still get policy outcomes, research outcomes, transparency, and to help the society and the different aspects of that society make well-informed decisions.

CHRIS: I have Cheryl and Roger. But I want to check in with Kurt. You said a little while ago you tended to be over reactive in the States. A lot of, it’s hard to go back, once you’ve taken a step forward with legislation.

P9/11 example is a good one.

KURT: There is a balance between privacy and security, but that is your right of privacy as against the state. There is another balance that’s sort of a balance between privacy and maybe free content, which might be your balance as against commercial operators. You know what, as to the first balance, I think you are right. I think once you sort of change that calculus, you never get it back. September 11 I think did that to us as a society, and it’s very hard to get it back. We have the Patriot Act passed in moments after September 11.

CHRIS: Sounds like a demine act that says you should be patriotic to America.

KURT.. We’re great at acronyms.

CHERYL: I read a — made a couple of notes. One thing I want to come back to were Pia’s words that there shouldn’t be this big difference between the digital world and the cloud, our second lives and thirds verses the hard copy one that we’re all used to and historically perhaps have our benchmarks from. But when we make a choice on privacy or what I’m going to expose or not expose to whatever audience in the, inverted commas “non-digital” and, therefore, some people believe “real world”. There are those of us who think that is the opposite. I’m making an informed choice. I decide as suggested whether I put up curtains or not; whether I walk down the street with my credit card number printed on my T-shirt or not. These are things that I would decide I should or should not do. So I know what I’m doing. And who has access to the material I’m exposing or allowing to be collected. So what I would like to also bring into the table for the panel is how we ensure that the individual or perhaps small community or group or state knows what information is connected – is assured of the accuracy of that information. You know what, typos happen; wrong bits get connected to the wrong name. Do we have ability to redress and repeal and write these errors when they occur? It’s basically what’s been used, how it’s being used, why it is being used and that you know about it. It’s informed consent and control.

CHRIS: can I will go to Roger and then I have a comment from over here and then there.

ROGER: Pia joined my board and may be following me as chair. Everything she said a few more things as well. Privacy protection is the process of achieving balance among multiple constituents. It is the APF works with. There is no privacy absolutism, that is nonsense. What is the balance among? Among interests of the individual themselves, you have to trade off multiples. Interests of the group, interests of community, of society, and unfortunately, terribly powerfully, interest of corporations. There is all sorts of balances that have to be done. A further factor is that the four dimensions of privacy I’ve always used are the weakness of the so- called Privacy Act. It’s only a data protection act. The other three are behavioural privacy, privacy of individual communications, and privacy of the physical person. When you go on television on the news straight after the announcement that $3 million of CCTV cameras are going to be strewn across Melbourne because Jill Meagher’s been murdered, you have to think through very carefully the balances. Physical privacy is sufficient that such that about the worst invasion of privacy you can suffer is to be killed, about the second worse is to suffer serious violence to yourself. They are all part of privacy. There’s many different balances. How do we do it? There’s a small set of principles which government agencies, legislators and corporations try hard to avoid. If they would work on these principles x we would get somewhere. The first is justification. Why are you doing this? How is this going to work, what is the problem you’re trying to solve and what is the mechanism whereby the change will occur? It is proportion natural, taking into account the side effects it will have? Is it transparent? Do we have the information to work with, or are you hiding things from us? Are there controls in place, which includes mitigating measures in order to overcome the necessary negative effects on privacy, and is there accountability? Can we clobber the people who play the game badly. If those things would be applied, if privacy impact assessments were forced on organisations, public and private sector, we would address these problems.

CHRIS: that solves the problem, we can all go home. Perfectly fine. Rob.

ROB: One of the balanced points I think is between privacy and free speech and freedom. There’s discussion about the right of the individual to choose how much of them about themselves will be revealed. But three comments made in private comments in recent weeks I think illustrate that there is more than just the choice involved. Mitt Romney and his 47% comment made at a private dinner, Alan Jones’ comments about the Prime Minister’s father, made at possibly, possibly not, a private function. And the former Speaker’s texts clearly intended by him to remain private. Each of those things are things that do have, there is a genuine public interest. People may disagree as to what extent the public interest probably for Romney’s cases, it is clearly relevant to probably the most important election that will happen in the next four years.

CHRIS: that is unfair!

ROG — ROB: in each case there is potential public interests. The balance about not always having the right of individual to choose how much privacy is revealed is important.

CHERYL: I need to respond briefly to Rob. I think what you made is an important point. I think there are times when one knowing what one is doing, and a public person is one of these categories, they should assume that they are giving up certain likelihoods of the right to privacy. I’m not a particularly public person, but I do believe and mostly it happens, that just about everything I say, do, or otherwise, is probably going to be recorded, photographed, taken down, in many cases transcribeed into three or four languages. And and it will be searched on the Internet. Because of that, I would be incredibly stupid and I’m not, to do anything, say anything, or transmit anything that I would not have published on the front page of the following morning’s newspapers. I’m not saying it may not make interesting reading from time to time, but you do it informed. So it’s just dumb to think that if you are public, you should do that.

CHRIS: Now I understand why you often speak in headlines. I will go to this gentleman here.
PAUL: I’m retired, so can say anything I like. This is the fourth session today, and three out of the four I think had the same message that we’re all missing. And that is the education of the young. I’m not talking about High School students. I’m talking about peer, stranger danger, walked past a daycare centre and a little kid said, “Hello stranger”. I thought, there you go, he’s got the message. I didn’t speak to him. I kept going.

(LAUGHTER)

There was a camera there, I didn’t tell you.

The reference to the igeneration and I call them exactly the same is probably right. When you start out in primary school, what are you, five? Six years old, thereabouts, and half the tackers have got telephones already. So why aren’t we teaching them that this telephone is communication device which can get you in a lot of hot water. They’ve all got mum and dad’s computer to play, learning games on, and/or I’m a small bugger I can do all sorts of thing t why are we not teaching them from that age onwards that these are devices that are tools that you can use that have inherent dangers and you need to learn about them? Then you have an informed choice to be an absolute idiot on Facebook, or Twitter or any of those other devices. I, like quite a lot of people in this room, came to computers in the middle of our working careers, so that we were already suspicious of the damn things. You know, we looked at these square boxes and went, “I don’t know about that”. Like most of us, I think we all do our electronic banking and all that sort of stuff and…

CHRIS: what’s your password again?

PPAUL.. I write it on a poet-it note! We’re all fairly bleary about things like that. So we inherently have that privacy attached to us because I don’t know about you, but when I was a kid, I was seen and not heard at the dinner table. Until a certain age. Whereas now the kids probably sit in the dinner table bloody texting somebody. So who knows.

CHERYL — PIA: you’re still carrying your phone around, that’s meta data.

PAUL: Mine is turned off unless the AFP has the triangles on the towers running. We need to educate the young ones, so they are the generation coming forward and they will carry the privacy, they will understand what digital rights are; they will know where to go with copyright, and all of those other ones linked together, that’s where it ought to be.

CHRIS: speaking at a young one, I’m looking forward to being educated. I’m sure that will happen.

Now, Craig wants to say something, hold on.

I’ve got this gentleman here, comments at the back. I had Narell and John, and Geoff and we are still, we still haven’t got to data retention. That is kind of my ultimate goal was that we wouldn’t get there. You want to bring data retention in? I promise we will get to data retention. Narell; you want to deal with this point before we go to data retention? Let me take that off you. Don’t worry guys, I will do it myself. You relax.

NARELL. What was it, 100 or so years ago and this funny electricity thing happened. People were terrified the kiddys would be burned and the adults, the parents, were terrified because they could see how dangerous it was. There were very real dangers. And over time we figured it out and we incorporate that into our parents practising and we rapidly teach children not to stick things in power points and occasionally we miss out the occasional kiddy. (LAUGHTER)

CHRIS: how occasion — how nicely put…

(LAUGHTER)

CRAIG: I agree with the education point, but the erosion of privacy is the function of technology. You know, once upon time when, you know, when I was a younger kid, when you receive a letter it’s private to you. You ep it, you lock it, no-one sees it. You know, today my email is hosted by Google. My, I use Chrome, and I synchronise my website together, and…

CHRIS: what’s your password again!

CRAIG: I trade convenience for having my information in the Cloud. I trust Google to some extent, but do I trust the Government not to access my data at some point? We will talk about data retention. My data is everywhere. Every time I step on a tram, my electronic Miki card tracks it. Every time I use my credit card it’s tracked. And my credit card company keeps it for more than seven years. We’re worried about two years of, you know, it’s a balance. We’re talking about what sort of data we’re talking about, but you know, I used to be a partner in a law firm and you know, record retention policies, everything is kept for seven years, so your interaction with your banks, other commercial entities, those records are kept for seven years. So it’s a bit of a balance.

CHRIS: Quickly, then we will go to data retention. Geoff you’re on.

GEOFF. I thought we lived in a society that believed in redemption. I did something wrong, I went to court and got tried by a jury of my peers, I served the time and then I was erased, I could start again. Even the jurists who tried me are not meant to have knowledge of my previous heinous misdemeanours before this particular one. Privacy is about time as much as it is about now. What we’re seeing now is the data logged is never, ever, erased. The person I was when I was 16 is not the person I am now. I’m a different person. There are things I did then that I really rather no- one would know about. Oddly enough, I it was pre-Google. You guys don’t know about it. But my children can’t do that. I think that’s really sad. I think that’s incredibly bad. I think it’s bad that we’re trying to impose standards on our children that we as children never had. I’m not sure they’re capable of doing that. I would like to understand your views. I’m not concerned about privacy. I have nothing I’m ashamed about. When you think about yourself, when you were 13, and does that still apply to you now?

CHERYL: I didn’t have nothing I’m ashamed about. Education has been pointed out and a number of our users. And when we put things out on Google, to be fair, that you know, it’s going to be there forever.
CHRIS: I’m going to go to certain people desperate to speak. I want you to please be crisp.

PIA.. We’ve had a period of tile. I will say00 years, of pretending to be something we’re not. We’ve all drunk the Machiavelli Cool Aid, we pretend we’re pristine and norm Mall. I think that is a big opportunity for us to become more mature as a society and realise that we aren’t, you know, pristine little Stepford lives and that’s a good thing. Though in the short term there will be pain and there will be pain, I think in the long- term it is good for us. That’s it.

ADAM.. One of the problems with that is that there are still regimes in the world who like to kill people. For dissenting views. And when you start saying that privacy in the West is something that we don’t really care about, that much, and we should be a little bit more open and we should be allowing a little bit more access to we can grow as a society, it’s dangerous, because we start allowing companies like Fin fisher and CISCO to build devices that get placed into Syria and end up being very damaging.

CHRIS: you end up being killed precisely because you’re not private. You say stuff you’re not…Should you be saying it? I wasn’t being literal, I was, but it doesn’t mean it’s my view. Roger?

ROGER.. I say that the identification would be more privacy sensitive. No-one — the indie case would be more privacy sensitive — the igeneration would be more privacy sensitive. Young kids are risk-takers. It’s a function of age. It becomes more risk-adverse as it gets older.

They accumulate more things to hide. They had some when they were young, but not many, they get a lot more as time goes by. The current generation habit ten much earlier and bit ten more often than our generations were bit ten. Their indiscretions, carrying on from Cheryl, we can see they’re record which yours and mine weren’t. And they’re seen by more people again later than ever was the case in the past. Guess what? Each generation each generation is becoming more savvy. We need them to teach that way around, not that way around. And each, the igeneration will, as a result, be much more sensitive…

UNKNOWN SPEAKER: This is why groups like the crypto party has been a success. After the cyber Crime Bill was passed recently, there was no party like a crypto-app install party. So someone started the hashtag and said let’s get people together, drink beer and teach each other how to increase your communications so that data logging is difficult.

PIA: There was a case study of people who had kids. We’re very security conscious. Maybe bad people could take them and you know take our children. Here is this story on the front page of the Sydney Morning Herald with the parents, holding the children in swim suits and talking about how much they care about their privacy. Come on.

CHRIS.. What do we have from the ether? What will the wireless tell us? If you can get a microphone that works?

Technology is fantastic.

A question from Liam Comford from the Pirate Party Australia. He asked: are consumers making informed trade-offs. Do consumers have proper appreciation for how far-reaching the risks of their information of self- disclosure are. If not, what can be done about this?”

CHRIS: they’re not. I have basically no clue what the apps, what information the apps I use on my phone are giving to whoever it is, I don’t have a clue. I mean, I believe that if I use, if I get my apps through iTunes, there’s more of a chance I have protection than on android. I read that somewhere I and I don’t know if it’s true. That’s, and I consider myself to be reasonably okay about this stuff, I have no idea. I am going to move on to data retention.

Data retention: what do we think, good or bad?
Can we start with, can we start with you, Kurt. So, you know the prose – Data retention, two years, mega data, pretty much everything.

KURT: When this came up, I was practising in London and we wrote a paper for the House of Lords saying what the human rights and data protection records are with data protection. It’s the same as you see today. You have to look at it from two lenses. One is human rights law is a proportion natural, is it necessary in a democratic society, all the usual tests. And it’s questionable, it seems to me, to sort of gather information on everyone in the society, in case you lailter need to — later need to use it. But even from a data protection/ privacy act perspective, it is clearly an incursion of existing data protection/ privacy rights. I think it is a serious problem. I think it’s one that, you know t Europeans have already gone down that road and then there is, we’re starting to get pushback from the constitutional courts, but it’s tough. I have trouble seeing the notion that 23 million people need to be surveyed and — surveiled and capture whatever small percentage of criminals it is have to be captured.

CHRIS: it’s Australia, there’s a higher percentage here.

(LAUGHTER)

CHRIS: I will go to to this pirate gentleman here and then come back to the panel. While the microphone is coming, you’ve heard the argument: if you have nothing to hide, you’ve got nothing to worry about. We will talk about that in a minute.

GLENN: Glenn from Pirate Party.

CHRIS: speak up, slow down.

GLENN: if data protection is implemented currently to the report if in the process, we can’t verify the proposal because the Attorney General refuses to release the information on the draft legislation, what chilling effect do you think this will have on the way people use the Internet?

PIA: You guys are awesome as loaded questions.

CHRIS: as a lawyer, that’s referred to as a leading question! We will go to Cheryl and then Craig next.

UNKNOWN SPEAKER: (Inaudible) in not providing the information needed on proper public debate and it’s to the Parliament they should fling the thing back in their face. Leaving process aside. What’s different about the proposition? An organisation could come and say that they need data retention and here’s that justification and we would need to argue it through. What is different? Why does this matter so much? It matters because hitherto our ephemeral conversations were that and didn’t end up tracked into files, we used to read things in libraries, we used to read things in our homes. It’s now trapped into protocols, trapped into logs. Every book your download is trapped into logs, it is behavioural privacy, not just our privacy. It is a’s — that is the chilling effect. Narell was trying to get it through to the committee. It’s hard to get basics through let alone the more subtle points. This audience is different, of course.

GLENN: You’re saying that mega data in a grey gate is content?

UNKNOWN SPEAKER: It is massive content. In the past suspicion had to exist about a person before the big guns could be rolled out and interception achieved. We all support that. A PF policy supports appropriate powers for law enforcement agencies. Ipso facto suspicions based on anything that turns out in the future to be a bad thing.

GLENN: that’s with the assumption that people who have access are good people.

UNKNOWN SPEAKER: We don’t have — we don’t believe that in the APF. We say there will always be another bigotry. If you’re in Cambodia for a long time, a degree from a university is one you didn’t realise you will run into. There will always be new nasty things that turn up with ipso facto suspicion generation. They can mine for it because of the richness of what’s available and the power of the things we have. If we don’t teach our technology to forget, going back to Geoff’s point, we’re in deep trouble. Then I would worry about us having lost privacy. I haven’t, by the way, I don’t believe we have lost it, we will lose it, unless we act and beat off stupid things like the proposal.

CHRIS: who wants the next crack? Cheryl?

CHERYL: You said me. Hear, hear to the speakers. I agree if there is a like or dislike, it gets a big dislike from me. The thing that really worries me about this potential huge net dragging through the waters of everything we do digitally, and keeping it for the length of time that it is, is proposed to, is exactly the same rational as we think there might be a disease, and so we’re going to treat you with absolutely everything. We don’t know what the consequences of this is going to be. The unpredictabilities are not worth the risk of taking it. There is more than adequate, as has been discussed on this panel and earlier ones, ways of tracking the real bad guys when you have due process, and proper suspicion. But there is no transparency, there is no accountability, there is no ability for the individual to have what we’ve been talking about, informed consent, or knowledge of its use, how can you give away for a whole community, the right that they should have to know where their data is or isn’t being collected and stored? What worries me most is that it’s the purpose behind it. Because I’m already admitting to huge digital footprints being left in my wake, we’re all leaving them. They are so disorganised and so disparate, that it’s a huge effort.

Every one of the Twitter people or feeds I follow is analysed. You will learn a lot about me. It may not be a bad thing, but what, as Roger said, is huge change in the future?

PIA: I didn’t make it explicit, but I’m not speaking on behalf of any employers. I need to be clear about that. I have three problems with the data retention issue: the first one is it’s based on a faulty legal precedent. Apparently the European legal precedent has been overturned in European Courts and there is information today or tomorrow about that from the NSW Cyber Laws space centre thing, so that’s the first one. And that keeps getting references, you know, part of the precedents and you know, that’s a good thing it’s been overturned. The second thing is it’s not based on a good logical precedent. The quote, and I did a blog post about this issue and I quoted and there was a good story about it quite recently that was well researched and there was a quote there from the AFP saying that if we, I guarantee you if we don’t have access to this data, we can’t possibly catch anonymous. Now, there’s so many things wrong with that sentence, not least at all any geek worth their salt misbehaving knows how to encrypt, how to use proxies, how to do touring. The data retention won’t help catch these people. The premise is illogical. There is no evidence about how this will help people catch the bad guys. The third thing; the biggest one, whenever I explain this in normal words to normal people, they get enraged, but what happens is that the entire issue is part of the whole suite of issues which is geeks verses spooks playing out in gladiator war games in tiny dark corners and it is not a society-wide conversation about the Internet and society and what we are and are not happy to compromise on. We need to reframe this entire debate to be about what do we want, what do we not want and I’m running a workshop tomorrow, where I will do exactly that.

CHRIS: thank you. We are coming to the close. I think Pia had a —
UNKNOWN SPEAKER: Pia had a car analogy.

PIA: I won’t advertise any more. If we went to the Australian society and said: we will put a tracker in your car. Everywhere that you, where you begin the trip, end the trip, everyone that gets in the car, but we won’t record what they say, we could, but we won’t. And people would go nuts. We all know we have the technology with phones, but if we actually proposed that, people would go crazy, yet that is meta data effectively.

CHRIS: I will take a couple of comments from the floor and close up with the panel. So, yes? Brief. And crisp. To the point.

JOHN: Current hat would be electronic function in Australia. The Attorney-General’s apartment will be appearing before the joint committee on intelligence and security at 3.45 tomorrow at Parliament House. Please come, unless there is something on here, of course.

I just wanted to follow up on Pia’s point about the European experience and just give a little bit of detail about those countries that have actually declared data retention to be unconstitutional. They are Germany, everyone’s heard of Nastazi and Bulgaria, which had an oppressive regime, they are Romania which had one of the most oppressive mass surveillance schemes; they are Czech Republic, which had similar experiences as well. If you look at these countries, these communities, these are societies that have genuine experience of what mass surveillance does to its society. They have said this stuff is not acceptable.

I think that is the way we need to look at this. We’re lucky in this country. We don’t experience this. We have no experience of what mass surveillance can do in terms of the corrosive effect on society and we’ve all talked about the issues. I could go on at length and I won’t.

You know, we need to learn from the experience of these societies and say this is not acceptable in this liberal democracy that we apparently live in.
CHRIS: good point. Thank you. (APPLAUSE)
JOHN: hopefully we don’t have to learn that through a world war or revolution.
PIA: We are in a revolution, man.

CHRIS: You’ll be first off – oh, never mind! (LAUGHTER).

Very quickly, please.

UNKNOWN SPEAKER: I think there are two sides today ta retention. There’s the public domain and then there’s the governmental one. I don’t know how many of you are aware unless you’ve just download your Medicare statement for your tax, but the Australia card has arrived, we haven’t looked in the mail. You cannot download a Medicare statement from Medicare unless you join Australia online, which links you to Centrelink and human services and the ATO. The four main services that the Federal fraudulent policing societies gather data from when they will prosecute you. So there you go. It’s already happening.

CHRIS: encouraging news. Very quickly, Geoff? Quick one from Geoff. I want 30 seconds to a minute of closing comments from panel.

GEOFF. I want to remind people when they consider data retention in the coming years. Two facts: we’ve run out of V4 addresses, right. And two, what that means for data retention. Because we’ve run out of the four addresses, carriers now have to put in carrier-grade nats. When you talk about the data gathered by ISPs, it is no longer the fact that you were online on this day and used that address. No, no, no. Many folk are using the same address. The data that will be created is which TPC sessions you opened to which address. Let me translate that. Every site you visit, every ad that gets delivered, every email is then logged. Everything. That’s the way carrier grade logs. It’s an enormous amount of data. But this is data that Google would kill for. This is you, in all of its gory detail. This is part of data retention. That’s a very spooky concept.

CHRIS: minute at the moment going down the line. Kurt.

KURT: I think what this shows is that this group which cares about Internet governance, the future of the Internet, has a huge stake in privacy. This isn’t just an issue we happen to care about because we care about a lot of issues that surround online activity. It goes to the trust that people put in the Internet, your ability, a medium for the future and core Internet governance issue, not just data retention, but privacy generally.

CHERYL: When I started off saying that privacy is a dream and a myth from the past, it’s also hugely important and something has to be on the current agenda. It’s all about informed and personal choice and control over data and its use.

CRAIG: While we should be concerned about data retention, we not be distracted by the data retention debate, and lose sight of the fact that data access is a more important issue. There’s data everywhere already. The question is who has access to that data and when. And I’m worried that this debate about data retention takes the focus away from access which I think is the bigger issue.

ROGER.. That merger of the larger control agencies in the VHS cluster has been brought to you by the perpetrators of the access card who were promoted to be the team that developed that process. Does that tell you something about the persistence of senior executives in government? Second point is that the John Lawrence down here, who produced himself from being from the FA is also a director of the Internet…

(LAUGHTER)

PIA.. I didn’t want to go into it. Briefly, I want to make one point to final Liz, but on that particular thing, the goal I think of privacy in terms of how government relates to citizens and I believe part of the goal of australia. gov.au, is to give people more permission about, not permission, but the ability to say, yes, I do, or don’t want to share particular types of data. I think that is a laudable thing that needs to be encouraged. I don’t think the goals of that website are about the goal. And the big thing is, the Internet, we’re limited by the fact that governments themselves are jurisdictional and geo-spatially jurisdictionally defined entities all trying to, from their tiny area, you know, putting limitation from how the Internet works, but the Internet is a global thing. And ultimately it’s not legislation that is going to protect people, people can protect people. We need to be better skilling our people and stopping the getting in the way of the Internet being the awesome thing it can be, has been and certainly will be.

Chris: FINALLY?
UNKNOWN SPEAKER: We can’t educate our children saying that privacy matters when the Government says it doesn’t.

CHRIS: Please join me in thanking the panel. (APPLAUSE)
Now, it’s afternoon tea time. It’s also ISOC AGM time. It doesn’t get much more exciting than this. We will reconvene here at 3.50. Ten to four for our final panel of the afternoon.
Please be on time. Thank you.

Thank you for using Red Bee Media Australia’s Live Remote Captioning Service.

OKFestival 2012: Open Data, Open Gov & Open Science in Helsinki

A couple of weeks ago I went to Helsinki, Finland to attend OKFestival 2012. It was a suggestion from someone two months ago that planted the seed to go, and I felt it would be really useful. So I saved my pennies and booked the tickets. It was an incredible trip with some incredible learnings.

Check out my “storify” stories which collate my experiences from the two days from my live Tweeting.

Hanging out with Hans Rosling, Rufus Pollock and Dr Tim Hubbard 🙂

Basically I’ve been working on open government and open data policy and projects for a while now and I realised I had a good opportunity to connect with practitioners and policy makers around the world. I really wanted to pick the brains of these people and also share what is happening locally to share, and to get some context on how we are going in a global context.

I found many surprising things, not least of all that we are actually comparatively quite well in Australia when you look around the world. Obviously we have a lot to learn and do but we are lucky in many respects, such as we have a relatively open democracy already. For instance, Hansard for Federal and State parliamentary reporting is far from perfect but many countries have abysmal parliamentary openness and transparency. It was quite a shock to realise how little the accountability some jurisdictions operate under. More on that later.

It was also very interesting to hear from over 20 countries on their open data initiatives, to attend technical sessions on publishing data, to hear about the European Commission investment in open data (substantial!), and to talk to people from over 15 countries involved in “apps contests” and other hackfests. There was a lot of interest in our GovHack model so there might be some grounds for collaboration there too.

I should also note that upon careful consideration, I thought it might be useful to bootstrap an OKFN Au local chapter in order to pull together all the open knowledge communities across Australia. Some network mechanism is needed as we have growing communities that are completely disconnected from one another. We could all benefit from some cross-disciplinary community development that includes cross promotion, discussions, aggregated events and news, tools for collaboration, support mechanisms (financial, insurance, legal, etc) and perhaps some events that bring us all together for mutual benefit.

So, this is my mother-of-all-posts report from the week. I will be blogging on some of the thoughts that have coalesced as a result later, but check out some of my highlights from the week below along with some really useful links. I’m also going to be working with the open government community people at OKFN to do an expanded open data census that looks at specific details of open data initiatives around the world to identify some good practice, policy commonalities and general information for people trying to do open data in government.

Open Government

The Open Government Partnership

Hanging out with Richard Akerman from Canada (@scilib)

The Open Government Partnership was a key theme for the conference, with over 55 countries now signed up in its first year. Signing up is not only a statement of commitment to this area, but countries have a series of targets on openness and transparency to meet. Apparently OGP has been slower to take off in Asia and Oceania, with only a few countries in this region getting involved to date.

Australia is unfortunately not yet signed up, and I hope that is rectified soon so Australia can more legitimately take our place in this space as something of an emerging leader. I had a lot of people interested in what Australia is doing at the conference from jurisdictions all around the world, and yet whenever we got to OGP discussions, there was not official Australian voice or commitment, which was disappointing. I hope this can be rectified soon, especially as the OGP commitments are already in line with so many existing policies in Australia.

Check out the infographic on the first year of progress of the OGP, and the draft strategic plan which is currently open for public comment.

There were several sessions on the OGP talking about standards, implementation challenges, and many representatives from supporting organisations like the World Bank who are investing in open government initiatives around the world.

Declaration of Parliamentary Openness

Afternoon tea with @anked & @kate_Braybrooke — Afternoon tea with @anked & @kat_Braybrooke

The Declaration of Parliamentary Openness was launched quite recently as an outcome of a global meeting of parliamentary monitoring organisations (PMOs). It is quite an interesting document and again, possibly something Australia should consider signing up to.

NSW Member of Parliament the Hon. Penny Sharpe did a great speech on the Declaration of Parliamentary Openness for International Day of Democracy (September 15th) which happened to be whilst I was in Helsinki. Several people there were very excited about the speech and I was quite honoured to be cited in it 🙂 Nice work Penny!

Check out some of the work from open parliaments around the world.

Open Data around the world

Gorgeous model in the basement of the uni

I managed to have a long sit down with the technical lead on data.gov.uk which was fantastic! It was great to get an idea of the model they use for publishing, the development work they have done, what resources they have an more.

My notes on the data.gov.uk discussion, with permission from their technical lead:

Human resources for data.gov.uk – 3 full time resources only
Uses CKAN – very happy with it, especially as they can easily develop additional functionality they need
Every department and local authority has at least one data champion that does data publishing as part of their normal job, ~765 publishers
Total cost of data.gov.uk only about 460k pound per year. 40k pound hosting and staff = most of the rest
Primarily focused on publishing data in the best way possible. Not focused on datavis, but considering looking at drupal front end with ckan backend
Departments are entirely responsibility for publishing their data. The full time staff look after the platform, do development where necessary (have created several plugins specific to their needs and open sourced them), provide technical support to publishers, but onus is on publishers
data.gov.uk folk have built functionality to handle the structure of government, creating lists of “Publishers” which are individual agencies (etc), users have a list of what Publishers they have access to publish to. You can have hierarchies of Publishers to reflect interrelationships between Publishers
An account API which could be the corporate API. Only publishers get API keys
No token required for apps
Antonio gave us a demonstration of uploading datasets, uploading had an option to choose whether a dataset is part of a time set
All datasets are appended, content is not changed at all, “if you get into data changing you are dead”
5 star rating is helping improve quality of data publishing
With a multiple data file time series, the API interrogates the entire set
Contact details are available by dataset
data.gov.uk do thematic theming, they have over 8000 tags in the system atm, and they created 6 themes: health, environment, education, finance (other things apart from spending), society, defence, transportation, spending data (where they spend money), government
Automatic updates for some files via JSON but largely manual. Publishers felt more comfortable with manual publishing than aautomation for perceived control
Tend to point to WMS servers for spatial data rather than host directly
UK folk suggest a geoserver to host geospatial data and use open data platform to point to data rather than host it directly. A metadata harvester gets data from spatial sets and points to data. Needed to comply with the INSPIRE directive
They don’t apply 5 star to mapped data (or other purely linked information) as it doesn’t exactly map to downloadable data star rating
You can search on geospatial datasets by postcode or by drawing an area
Found that within a minute and 15 seconds (the record) a user could go from not having used the site before to publishing data, very low transition from newbie to publisher which was important
All statistics are automated which is due to being within the one dept and they are motivated to automated
INSPIRE (Infrastructure for Spatial Information in the European Community) Directive was a major driver, as was “digital by default”
They generate monthly reports that counts the openness (stars) of data, the amount per Publisher, publishers with broken links, datasets with broken links. Helps publishers keep their data up to date
data.gov.uk is building a dashboard to report by the hierarchy of government
Public Roles and Salaries linked data tool – http://data.gov.uk/organogram/cabinet-office
Blog post about plugins data.gov.uk have built, all freely available on github – http://data.gov.uk/blog/the-code-behind-datagovuk
Indemnification from the Crown so public servants not at personal legal risk
Started with the knowledge management people, then expanded. Basically all parts of the public service were told that this is what they must do, so they did it
data.gov.uk is hosted by the government, Ubuntu servers
data.gov.uk – metadata, almost a petabyte of data now
US is running three open data platforms, including Socrata, CKAN and another bespoke one
No inferred metadata – up to data publishers to provide metadata
Real time data – can deal with real time, new functionality being also built
The value of cloud service to scale with API requirements

For some technical details and the code behind data.gov.uk, check out http://data.gov.uk/blog/the-code-behind-datagovuk

Thanks Toni for your time!

Below are my live tweets on the open data country updates – each person had about 5 minutes to wrap up their country. I’ve put them in alphabetical order and the results were a fascinating snapshot. I wish I’d had more time to talk to each and every contributor:

Argentina – created Ministry of Modernisation inc Buenos Aires Data, 3 hackathons, datavis, app comp, digital city event coming
Australia – @piawaugh giving Australia report http://twitpic.com/avwd85
Australia – What’s going on in#opendata in #australia ? Psi needs to be cc by default. http://instagr.am/p/Ptj4FUodS9/ by Lucy Chambers
Australia – Not OGP members, national picture mixed, neat local efforts #okfest http://pic.twitter.com/l9u1JK1l by Tariq Khokar
Belgium – some progress, inconsistent across region. Estonia: need to transform data that is published to use as hard atm.
Brasil – have also done information asset catalogue to help facilitate future opendata.
Brasil – new law created to get important datasets published, also have proactive publishing of source code. Cost seen as blocker
Canada – over 12k datasets this year. Next gen platform deployed next year. Toronto building a city that thinks like the web 🙂
Canada – lots of municipal level work, national level is participant in OGP with three pillars of opendata openinfo & opendialogue
Chile – regulation around #opendata created but not implemented yet.
Czech – working on apps&services based on opendata, OKFN local chapter, data catalogue & opendata.cz, 1st gov data blog. No money
France – France presentation a reminder that open standards can actually be a blocker to first steps in opening data. #okfest
France – talk from NosDeputes.fr, lots of cities putting data up, national now commit to open licence, formats an issue/blocker
Germany case study of getting gov to open up some data, but really just getting stated.
Ireland – new real time passenger info API coming this year, need national portal, still low priority for many but relatively cheap
Ireland – 8-9 public bodies in Dublin regional opendata portal. Interested in biz models, datavis, 40% participants entrepreneurs
Israel – black whole of legislation, printing protocols were hid in boxes. Volunteers went in to scan and digitise. Now gov opened
Italy – National data portal, people need gov to open data, 3000 datasets liberati 🙂 increase in data quality. Mostly in north
Kenya – had one year birthday for Kenya opendata portal, focus on open standards, lots happening. No FOI leg yet, community devel
Netherlands – parliamentary data opened, 1st budget open data tmrw, issues: budget cuts hard, slow grow, gov benefit realisation
Netherlands – launched open data portal, gov stopped charging for geospatial data, $4m spent to free up satellite images…
Nigeria – update data hard to get, oil companies & gov corruption high, have digitised & visualised budget -> public engagement
Open Corporates – has info on 44,470,772 companies in the world. Open database of the corporate world. Interesting. Launched API
Slovakia – bad news is a lot of new laws but the working group works are slow and projects at risk.
Slovakia – launched open data portal, has preliminary support, worried about new gov not supporting but did, slow but building up
South Africa – not so much, Kenya is ahead of us Gov have removed new order mining rights info from website & water quality data
South Africa – info commissioner an important part to getting more transparency
South Africa – 1st hackathon in Aug 2012, secrecy bill attempting to shut down access to data, civil society active, OGP work too
Spain – lot of open data portals (~20), diverse, some good, some not. National portal is good but not much data. Big community tho
UK – 8661 datasets on new site, good stats, worked with openspending ppl to do reporting & better tools. Increase in public trust
Uruguay – Fascinating, gov working on data but dropping ball on other opengov #okfest
US – several initiatives out of date and not detailed enough
US – lots of stuff proposed, data laws, most of the work is overshadowed by Presidential election, OGP commitments being worked on.

Open Data Census – expand to capture information about individual initiatives?

OKFN have done a great job trying to get a useful comparative analysis of open data in countries around the world. I suggested it might be worthwhile to consider individual initiatives to get some understanding of exactly what is being done around the world, find commonalities and get some ideas around good practice in this space, especially as it is such a new area for so many people.

I put up some draft questions for the next Open Data Census and it’d be great to get feedback.

Outstanding talks I heard

There were many, many, outstanding talks at OKFestival. I’ll just briefly wrap up a few outstanding ones that I really enjoyed 🙂

Dr. Nagy-Rothengass from the European Commission

Dr Nagy-Rothengass gave a fascinating talk about the European Commission commitment to Open Data. They have committed substantial funding for this, around 100 million Euro and their core rationale for supporting open data are as follows:

Untapped business and economic opportunities: data is the new gold; possible direct and indirect gains of 140b Euro across the EU27
Better Governance and citizen empowerment: open data increases transparency, citizen participation and administrative efficiency and accountability.
Addressing societal challenges: data can enhance sustainability of health care systems, essential for tackling environmental challenges.
Accelerating scientific progress: e-science essential for meeting the challenges of the 21st century in scientific discovery and learning.

Hans Rosling

Hans Rosling was a brilliant keynote.

My favourite quotes from the talk:

If you want to communicate with people you need to learn from tabloids. They are good at connecting with people.
The problem is not that people don’t know anything about the world, the problem is they have a completely incorrect view. evidence & statistics show world population growing to about 10b after which it normalises.
The western world has a toxic combination of arrogance and ignorance. Also gender equality doesn’t just happen. It requires work.
D3 d3js.org as a great tool for #datavis
We can’t rely on the leaders to deal with the money. We need to get involved and see for ourselves.
Life has never been so good as today. That the world is bad today doesn’t mean it hasn’t become enormously better.
We need to seriously invest in renewable energies & isn’t about polar bears. We are up against something much bigger.
You have to demand access to the data. Countries should report & need to release big data so we can do better.
OECD *sell* their data! We need to have it liberated so we can understand and learn.
Don’t talk about what you should do, just mock up and prototype.

He went a little through his normal developing countries vs developed countries spiel which clearly demonstrates the world is a lot closer statistically than many people believe. He spoke about world population growth and showed that it is one of very few things that statisticians have been consistently correct about (with only a 6ish% deviation from projections over 50 years), and yet there is still a lot of fear and misinformation about population growth. He said based on projections and the massive slowdown of population growth, that the world population would peak at around 10 billion and then that number would largely be sustained, unless there was an enormous disaster.

He showed the importance of not dividing the world up into “developing” and “developed” and that people’s understanding of the world is typically quite out of date, based on figures and perspectives taught in school but not updated throughout adult life. This leads to a community making decisions based on outdated information which leads to bad decisions. It was humbling to see actual statistics and realise that we don’t really have embedded societal mechanisms to update what is taught at school, and how this creates a perception of other countries and cultures that may fall completely out of date within just a few years.

Personally I believe strongly that it is through global collaboration that we can leapfrog issues and many of the attendees from what are traditionally call “developing” nations had great stories to tell of citizen empowerment and leapfrogging “developed” countries.

Hans core messages so far as I understood them included the importance of open data to make good decisions, the importance of recognisiing that our understanding of the world is usually out of date, and the importance of the active engagement of civil society in international and national matters to balance out the imbalance of power.

This last point he demonstrated very effectively by showing a picture of world leaders at the Summit on Financial Markets and the World Economy, with some information about which countries were loaning/giving money to others. It was fascinating. Aid money being given from one country to a “developing” country, which was in turn was loaning $30b to the US (when George Bush was in), who was in turn supporting them to get a seat on a UN council. It goes round and round.

Hans made a strong point that people should demand the data and transparency so they can make more informed decisions as a community and not just leave things up to world leaders.

Click through on the following thumbnails to see larger versions.

Rufus Pollock

Rufus is the Director and co-founder of OKFN, and quite an impressive figure. He is passionate about open data and is credited by Sir Tim Berners-Lee as being behind the “Raw Data Now” agenda. Rufus gave a great opening keynote where he spoke about the importance of open data combined with analysis and action. He said we have now started to see more and more data being opened up but if we don’t combine this with good analysis and then action in response to the analysis, then we will not see the benefits of open data.

His speech was largely a spoken version of his blog post called Managing Expectations II: Open Data, Technology and Government 2.0 – What Should We, And Should We Not Expect so I recommend you check it out 🙂

Diagram from Rufus Pollock on a theory of change

My contributions to OKFestival

Just a couple of notes for people I met there on my contributions.

I hosted a panel on open government, I contributed to several forums and I spoke on the closing panel with Philip Thigo (Program Associate at SODNET & Co-Founder of INFONET, Nairobi, Kenya) & Antti Poikola (OKF Finland Incubating Chapter, Helsinki) which gave me a good opportunity to further discuss the role of the public service in open government. This was received really well and I have a load of public service colleagues now from all around the world in this space.

On a panel about open data and culture at OKFest 2012 with Philip Thigo, Program Associate at SODNET & Co-Founder of INFONET, Nairobi, Kenya & Antti Poikola, OKF Finland Incubating Chapter, Helsinki. Photo from http://www.flickr.com/photos/tuija/8008433837/

I spoke a little bit about public engagement on public policy and mentioned the Public Sphere methodology that I developed with Senator Kate Lundy. The most recent consultation was one on Digital Culture which was a major contribution to the impending National Cultural Policy. A lot of people asked about analysis, so I spoke a little about the importance for both data analysis and “network” analysis of a consultation to ensure the outcomes have the appropriate context. See the Analysing the community of a public sphere blog post on Senator Lundy’s site.

I also mentioned my Distributed Democracy idea which a few people liked 🙂

GovHack and App4Country discussion

I was involved in a wonderful discussion with people from over 17 countries who do “apps” competitions and hackfests. It was great to hear about their initiatives and to share the lessons learnt from GovHack. Many of them expressed a lot of interest in our model which is a little broader than the “Apps4Country” model which has been quite popular in Europe. Most of them had the same problems with sustainability, longevity of outcomes from the hackfests, getting the government actively engaged. It was fascinating.

There are some good notes from the global hackfest/apps events collated here and there is a global mailing list (not very active atm) at http://lists.okfn.org/mailman/listinfo/appsforx.

The notes I made for my presentation about GovHack:

Narrative, design *and* hacks
Not focused on apps, but rather hacks (apps, mashups & datavis) – often applications emerge but “apps development” creates confusion with mobile vs web vs devel vs datavis
GovHack was part of a trilogy of events – GovCamp to set the narrative and vision, GovUX/Jam to apply design thinking to service delivery challenges in the public service, GovHack for open hacking and to make some service delivey design outcomes real
Open Government, Science & Digital Humanities – to add Data Journalism
– Amazing how much of an impact it made, has really fired the imagination of the public and sector.
Enormous enthusiasm from the gov involved, 7 departments and agencies from federal and state governments were deeply engaged.
People flew from all over Australia to the two locations that we were simultaneously running the hackfest to participate.
Mentors from data owners and technologists to support teams along with sessions.
Made the documentation and presentation of the hack part of the judging criteria, which compelled teams to nicely capture content about their hacks which meant a good archive of the event.

Motivations:

Bring community together
Demonstrate value of open data
Raise the bar for the narrative in Aus, focus efforts on constructive efforts
Open the data, give depts buy in, connect their tech with community and leaders with success
Create new ways to do service delivery that can be integrated into gov, fundamentally disrupt gov expectations around “innovation”
Volunteer run which gave it extra credibility, buy in, and public engagement
A lot of bad expectations of “apps competitions” because of events that have done it badly, in Aus and internationally
Open Sourced hacks for people/companies/students/gov to build upon

Lessons learnt:

Hackers are motivated so long as you create some importance, and engage in conversation to manage tone and deal constructively with trolls
Prize money is helpful, but need to be careful to ensure good community, tone, “spirit of govhack” award
Scaling to go national – hackfest for two days, 3 days to vote, awards ceremony, followup 6 months later.
More funding would be useful
Ensure non tech elements encouraged, some great non “app” outcomes, eg the jewellery hack
Engage with the startup and VC sector, open sourcing outcomes means govhack can be yearly incubator for spin offs as well as input to gov. Startups love it as it is the best form of publicity
Non geeky hacks are the most reportable – History in ACTION
Technologists have a lot to contribute to policy, and there is a lot of work now to bring these groups together. Data visualisation and other uses of data can massively contribute to policy development and better policy outcomes.
Ongoing community engagement could be achieved through launching OKFN Au chapter to bring together communities across the gov, data journalists, hacker/geek communities and academia/research.

Interesting thoughts from “apps” conversation:

Need to strongly socialise – Finland
Apps for Europe, Spain, lessons from @aabella: 1) Civil society not politicians. Pollies have a role but it needs to be civil society driven. 2) Need to target general population not just tech community, get broader community involved.

Some additional links collected from the week of interest

Some random Open Science links sent:

Thanks

For the first time I tried couch surfing on this trip and stayed with a lovely Helsinki resident called Tarmo. A huge thanks to Tarmo for having me for the week, it was great to meet and I have to say, the couchsurfing culture is really friendly and lovely 🙂

Also, a huge thanks to Rufus for encouraging me to come, to Daniel Dietrich for his dedication to the open government space, and all the lovely people I met. I look forward to next year 🙂

Creating Open Government (for a Digital Society)

Recently I spoke on a panel at the NSW Information Commissioner’s “Creating Open Government” forum about my thoughts on blue sky ideas in this space. I decided to work on the assumption of the importance and need for creating open government for a digital society. In the 10 mins I had, I spoke on the pillars of public engagement, citizen centric services and open data, where we need to go in the open government movement, and a few other areas that I believe are vital in creating open government.

Below are some of the thoughts presented (in extended form), some cursory notes, and some promises to write more in the coming months 🙂

I should say up front that I am a person who believes government has an important role to play in society, even in a highly connected, digitally engaged and empowered society. Government, done right, gives us the capacity to support a reasonable quality of life across the entire society, reduce suffering and provide infrastructure and tools to all people so we can, dare I say it, live long and prosper. All people are not equal, there is a lot of diversity in the perspectives, skills, education, motivation and general capability throughout society. But all people deserve the opportunities in their life to persue dignity, happiness and liberty. I believe government, done right, facilitates that.

In my mind government provides a way to scale infrastructure and services to support individuals to thrive, whatever the circumstancecs of their birth, and facilitate a reasonably egalitarian society – as much as can be realistically achieved anyway. I’m very glad to live in a country where we broadly accept the value of public infrastructure and services.

So below are some thoughts on next steps in creating open government, with additional references and reading available 🙂

1) Online Public Engagement

There is generally a lot of movement to engage online by the public sector across all spheres of government in Australia. However, this tends to be the domain of media and comms teams, which means the engagement is often more about messaging and trying to represent/push the official narrative. There are a lot of people working in this space who say they are not senior enough to have a public profile or to engage publicly without approval and yet, we have many people in government customer support roles who engage with the public every day as part of their job.

I contend that we need to start thinking about social media and “public engagement” also as a form of customer support, and not just media and communications. In this way, public servants can engage online within their professional capacities and not have to have every tweet or comment vetted, in the same way that every statement uttered by a customer service officer is not pre-approved. In this way interactions with citizens become of higher value to the citizen, and social media becomes another service delivery mechanism.

For example, consider how many ISPs are on social media, monitoring mentions of them, responding with actual customer support and service that often positively impacts that persons experience (and by extension community perception) of the organisation. Government needs to be out there, where people are, engaged in the public narrative and responsive to the needs of our community. We need our finger on the pulse so we can better respond to new challenges and opportunities facing government and the broader community.

One of the main challenges we face is the perception from many people that there is little be gained through public engagement. If a department or agency embarks upon a public consultation without genuinely being interested in the outcomes, this is blindingly obvious to participants, and is met with disdain. It is vital that government invest in online community development skills and empower individuals throughout the public service to engage online in the context of their professional roles.

This online engagement development skillset can be deployed for specific consultations or initiatives, but it also vital on an ongoing basis to maintain a constructive narrative, tone and community that contributes on an ongoing basis.

Fake geeks prey on us poor lonely “true geeks” – 4 realz yo

Note: apparently it hasn’t been completely obvious to a few people so just saying up front, this is a mock blog 🙂

Don’t you hate it when you go to a geeky event, and you see a guy dressed up as Mal or Ironman or Wolverine (swoon) and it turns out they are just a booth babe, or worse, a sales guy. It’s like, the biggest let down! OMG! They are obviously purposefully poaching on us poor lonely and desperate geeks and frankly we’ve had enough! If you aren’t a true geek, then pretending to be one is worse than poaching, it is maliciously playing with the hearts and minds of the people who run your networks, and read your email, and could, with very little effort, utterly destroy your life and reputation online.

Do you feel me?

Even worse, I hate when you meet a cute guy who does turn out to own a computer, but also turns out to be a total Windows fanboi. Raving on and on about his 1337 VB skills, or how everyone that picks on Windows 8 totally sucks because no one has even seen it yet but it is totally “awesum”. He despises “freetards” because they are all so unrealistic about the industry and “it’s not like Linux has even made it on the desktop anyway, so who cares?”. Yeah, Windows fanbois are totally fake and should stop pretending.

Then you get the Apple banbois. The ones who wear berets because they think it is fashionable, maintain a pretentious sense of (secretly self) loathing about geeks and pretend to be passionate about design and typefaces because it helps them get laid given the demographic of the vast majority of Mac users. An Apple fanboi will lament about how Steve Jobs was Gandhi, Einstein and Jesus in one man, and wear turtlenecks because they think it makes them just like Steve. Apple fanbois are fakers who should stop pretending and learn how to be a true geek!

Then you get the device geeks. You know the ones, who always have the latest gadget regardless of the brand, who like to show off their immensely huge collection of apps, and who think installing an upgrade to Angry Birds somehow makes them technically competent. I got news for you chum, you are a fake geek! Stop it!

You know when you meet guys who talk about being a sysadmin ninja, or a gun at games development? FAKE! I have studied martial arts for 21 years and you sir, are no ninja. You couldn’t hit a wet towel and you couldn’t fire a gun to save yourself. Your limp wrist and shoulder muscles would buckle from the kick back so just stop. We won’t be tormented like this!

Finally you might get lucky enough to meet a guy who can program in a real language, can run his own infrastructure, is into gaming and loves to throw around Star Wars and Evil Dead III quotes. But then he expects you to stay in the kitchen, or give up work entirely to look after the kids by yourself, or he wants you to not beat him in Tekken or Call of Duty ‘cos his friends might laugh at him being “beaten by a girl” and frankly he doesn’t want the competition at home. Geek guys who turn out to be misogynists are the most annoying kind of fake geeks, because they have forgotten that true geekiness has nothing to do with gender, and they encourage geek girls to reject either their geekiness or their girliness. You guys need to be put down, you are the worst kind of fake geeks. No rly.

So, I guess it’s too much for a geek girl to find a real geek guy, one who looks like Wolverine or Mal, who can talk my language, use the same tech, play the same games, treat me like a human being and not disagree with my particular flavour of geekiness in any way shape or form.

Or perhaps we should all just chill out and let Bartlet be Bartlet.

No one has a monopoly on geekiness, and there are many flavours of geeks out there. It is actually really awesome that being geeky is becoming popular because we need more people to get on the path of tech literacy, whatever their incentive. Otherwise when the machines come our army will be very small 😉

For another fantastic and better written blog post about this is John Scalzi’s “Who Gets To Be a Geek? Anyone Who Wants to Be“. Read it, now! 🙂

Note: This mockblog post is inspired by a good article by Daniel Griffiths (‘Fake Geek Girls’: How Geek Gatekeeping Is Bad For Business) which responds to the growing number of articles berating “fake geek girls”.

It’s incredible to me how idiotic some people can be, how short sighted they are in their own quest for self importance. Personally I love the fact that being geeky has become trendy, has become something people aspire to. As a geek I want to encourage our society to embrace and be empowered by technology, not shut down a person because they “aren’t a true geek”. What does that even mean anyway? So I hope you enjoyed my trollish response to the quite pretentious “Booth babes need not apply” article by Joe Peacock. Hey Joe, the article didn’t start too bad, but by the end it just got stupid. But well done for bringing an important discussion to the fore.

Online Culture – Part 1: Unicorns and Doom

There is a lot of commentating, hypothesising and general navel-gazing around the topic of “online culture” and how the Internet is changing society. Some believe we are ascending into a euphoric utopia where we will all be free and ride unicorns over double rainbows! Some bemoan our descent into ego driven fickleness that is undermining the very foundations of a civil society!

The reality is far simpler.

It is also, though it seems odd for many to hear, rooted in the actual technology of the Internet and history of geek culture.

I was originally going to do four blog posts looking at:

Unicorns and doom: online culture and the impact on mainstream society
Live free or dial: public vs private, some new challenges for our society online
The geek will inherit the earth: the history and lessons of online culture
Who is responsible: some thoughts on the relationship between citizens, corporates and governments

I will continue this series mid 2013 as my contribution to an important discussion we are starting to have as a society, as well as useful in providing some context for those unaware of geek culture (and their own inevitable geeky metamorphasis).

Unicorns and doom: online culture and the impact on mainstream society

It is certainly true that we are seeing a shift in society that is profound, but it is a shift that really boils down to two key aspects:

a change in mainstream society expectations, &
a transfer in power (and increased capacity for greatness) to the individual and thus the community.

Great Expectations

When you use the Internet, it changes you. I don’t mean sending emails and the occasional Google search. I mean when you spend many hours every week or day going online, engaging in discussions, cross-checking official statements with on the ground bloggers, actively seeking out people you like (or dislike) online to see what they are up to, and clicking through interesting links until you inevitably find yourself rickrolled.

Using the Internet changes your expectations of the world around you, and importantly your expectations of how you can interact with the world.

There are four expectations that we develop, consciously or not, by engaging online:

1) Route around damage

At a technical level the Internet was designed so that there was always a way around a problem in the communications. Any damage or blockage becomes just something to work around. Internet users naturally adopt this idea of assumed access and expect to be able to find and do whatever they want online.

This becomes an extraordinary and profound expectation when “damage” is interpreted at a social level, and individuals assume they can “route around” any form of artificial interference such as censorship or manipulation. The expectation develops in individuals that they can work around obstacles in their life, and they are less likely to put up with ideas thrust upon them or agendas they do not subscribe to.

2) Healthy skepticism

Anyone can publish their thoughts online and there are many cases where the official media reporting of an issue does not gel with the online accounts of people on the ground. Projects like Wikipedia demonstrate clearly that for many issues there is more than one “truth”.

Wikipedia, to its credit, manages to present the most generally accepted version of issues whilst also archiving edits and discussion pages to present to the inquisitive reader some of the conflicting ideas around the topic.

Contrast both of these situations to the past where the local newspaper was the only news and Encyclopedia Brittanica or an equivalent was the authoritative source for students and casual research. The variety and ease of access to different opinions and knowledge is an easy trap in the first instance, but rapidly teaches us the importance of cross referencing, of looking for why someone might think or say something, of being skeptical of official information.

3) Transparency and accountability

When we want to know about something, we automatically look it up online. We expect to be able to get information on any subject we choose and when information is not forthcoming we ask why. Anyone is accessible online and we can follow (and in some cases get responses) from our leaders, music stars, favourite authors, peers, pretty much anybody.

This experience fuels an expectation of access and engagement which is a challenge for many, particularly in older established institutions. It is the accountability with which we can hold people, organisations and institutions to account that is making it easier for us to make informed choices.

Of course the flip side of this is that individual privacy has become far more public and people are sharing more and more of their lives online and then dealing with the consequences. Such as sharing that you are going away for the weekend along with your address through geocoded tweets and then finding your house broken into.

We are currently going through a transition period where the old and the new are caught in a frenetic push and pull of negotiating expectations, and we have not yet really defined our expectations of online privacy. See part two of this blog where I go into the ramifications of public vs private online.

4) Do-ocracy

When we meet people in the physical world, we engage in a complex dance of communication. There are protocols (in every culture), we use a number of mechanisms such as voice and body language to establish rapport, there is a negotiation of expectations and limitations and often an interesting conversation will result.

By comparison, when we meet someone online, we can immediately compare what they are saying to us to what they are saying to others, or what they’ve said before and importantly, what they’ve done. We can google their name/nick and get an indication of what they are like and their contributions to the world. We have an immediate capacity to establish for ourselves at least a small amount of context around this person, far more so than we could hope to establish in person over a significant period of time.

Even without a person’s real name you can establish a trusted, constructive dialogue and collaborate online. Establishing networks of trust is obviously not new, but the ease with which we can do so online with people from all across the world, even with pseudonyms or anonymously, creates an expectation that we can achieve great things in great numbers, very rapidly, without necessarily having to know exactly who they are.

It also creates an expectation that fits very well with Australian culture. That is, we start to treat people according to their actions, their efforts, their contributions, as opposed to their status, relatives or finances. Even famous people become judged by their actions as opposed to their past.

All of these changes in societal expectations has a profound impact on how people engage with the world around them, with governments and organisations, and interestingly with power constructs.

People Power

Like every other significant shift in society, we will see most people adopt the new tools as a matter of convenience, but we will also see some people embrace the opportunity for their personal beliefs or freedoms.

The opportunities for personal and community empowerment are enormous online.

The Internet has democratised both access to and “publishing” of knowledge. The control of knowledge has always been a power mechanism, and we are now seeing a significant struggle as traditional knowledge and power brokers find themselves continually flanked by individuals and communities.

Technology gives us an immediate, global reach both for information dissemination, but also significantly for distributed grassroots coordination. And we can engage with other people under our own names, psuedonyms or indeed anonymously, all of which are important in different ways. Also, as most people are online in some capacity (and certainly every power broker), anyone is able to be engaged with or affected online.

So armed with information from many sources, a virtual megaphone, the ability to connect with like minded people anywhere and coordinate, and the ability to do so from the relative safety of a psuedonym or anonymity, we really can achieve anything. Sometimes this power is used constructive, sometimes just for the lulz, but the Internet has changed all of us fundamentally.

In Conclusion

There will always be people being fickle, thoughtful, noble, underhanded, overreaching, argumentative, complacent and all the rest. The Internet has not changed any of this but it has acted as an amplifier. People will always be people (and we don’t have a plan ;)).

To assume social media (for example) is changing society because people are putting random tidbits about their life and thoughts in the public domain is a shift is not only a mistake, but a gross underestimation of what is actually transpiring. People have always used the tools they have to hand to express themselves, it just so happens the current tool of choice is quite public.

However, the Internet has had a profound impact on mainstream society. It has changed our expectations, how we engage with the world around us, and has created new opportunities for power for all people (and organisations). It has become an extension of our everyday life and mind, a meritocratic demonstrator of community empowerment and hyperconnectivity, and yet we are only just getting started.

My next post will look at some of the new challenges we are facing online, such as our definition of freedom, rights, and the interesting dynamic between private and “public” spaces online.

Air traffic control and Somalia

I was moved to blog this evening by two inspiring conversations I had whilst travelling to Melbourne. Both fascinating for very different reasons!

Firstly, on the plane from Canberra to Melbourne I sat next to a guy who works in the air traffic control systems industry. It was fascinating because it is an industry with only a few major players (about 4 or 5) who over the years have absorbed most of the small players. As a result most people in the industry know each other and because as he put it “a lot of the crap tech was discarded”. There is a lot of standing on the shoulders of giants, of building upon existing awesomeness rather than reinventing the wheel. It was interesting to hear as a person who has been in the tech industry for years to observe the consequences of less, large, quality players in a niche industry.

He also talked about the tech. It was interesting to learn that pretty much all air traffic control systems have become Linux based over the last few years (usually a forked and heavily modified Red Hat distro apparently), and that they take the Battlestar Galactica approach to security whereby they don’t have the systems networked or easily accessible and hence massively reduce the risks of cracking. Simple, low tech and extremely effective 🙂 A nice reminder that security doesn’t have to be overly complex, just well considered and thought through.

The second conversation was with a cab driver in Melbourne, a lovely guy from Somalia with whom I got into a conversation about what is happening in Egypt and throughout the Middle East and Africa. He was happy for Egypt, but he was concerned because he thought the people’s uprising in Somalia didn’t result in a system that represented the needs of Somalians but rather split the country and rendered the government less capable. It was an interesting personal insight and I’m going to go and do some more research of the political histories of African countries. We also chatted about aid vs investment, and the challenge of generating wealth in a country vs just bringing external wealth in.

Lots of food for thought. I’m going to try to start blogging more again, even if it is just short pieces every week or two. It’s been far too long and I know I owe a few blogs I promised to do months ago! 🙂 I’ll be doing a blog about data vis later this week, and a long overdue one about linux.conf.au 2011 next week.

Cloud computing: finding the silver lining

Working in a political office means I am privy to the sorts of sales pitches that lobbyists, industry and community groups are constantly pushing on politicians. It can be weird, informative, amusing and at times plain scary, and I’m really valuing the critical thinking subject I took at University to help me better assess everything that comes my way 🙂

Anyway, seeing my passion and expertise is around technology, I do try to keep across what is happening as much as I can. Most of the big ICT companies are pushing the cloud computing pitch extremely hard, but I’ve found the moment you ask many of them questions about privacy, data portability, data export & archival, open standards, interoperability and issues of jurisdiction, just to name a few, they seem to baulk.

I think there are certainly a lot of opportunities in ‘the cloud’, but I think there is a lot of hype around this topic and I wanted to jot down a few thoughts that I think people should take into consideration when looking into cloud computing strategies. This is not a highly technical overview, but rather a bit of a mythbuster for those without a technical background to help in navigating the hype.

Sam Johnston pointed out to me earlier tonight a useful basic approach to ensuring you get an open cloud service which provides for the interoperability, portability and strategic control you want to maintain when moving to the cloud. If you have any good resources about cloud computing, please add it to the comments 🙂

I also strongly recommend you read the Open Cloud Manifesto which talks about this issue in greater depth, and touches upon other elements to consider when moving to the cloud.

Where is the cloud?

The term cloud computing came from the idea of services being delivered over the Internet, because the Internet has traditionally been represented on network diagrams as, you guessed it, a cloud. Some people use the term as the new SOA (and for all those who had to deal with the onslaught of SOA hype, you may enjoy http://soafacts.com/) and cloud can mean pretty much anything, which is why it is important to clarify what your vendor is trying to sell you. After all, services running in the cloud are still running on servers somewhere, so moving stuff to the cloud is moving stuff to someone else’s infrastructure and hoping they do a better, cheaper job.

I’m not saying you shouldn’t use cloud computing, but you should be very careful to understand exactly what you are getting, and you should be strategic. Charles Stross fans will already be familiar with the idea of the separation of data and processing power, and the cloud can provide enormous processing power without you having to necessarily hand over the reins to your data or your technology strategy. Cloud computing is not an all or nothing option.

Personally I believe you should always choose the best of breed tool for the job, committing to open standards and interoperability, and then you can mash tech together for your exact best needs rather than shifting to and away from cumbersome large solutions that try to be everything, and end up doing nothing particularly well, but I’ll leave that for another blog post 🙂

Saving the environment?

Whilst there is certainly an argument to consolidating old and largely unused hardware to reduce your carbon footprint and electricity bills, moving things into the cloud does not magically reduce your carbon footprint to zero. As mentioned, there are still servers out there, so the environmental benefits can be calculated by how much better the vendor is at efficiently using their infrastructure, than you. Again, it is just worth investigating the detail to understand the actual environmental impact, if this is important to you. Remember, refrigeration is a big contributor to carbon emissions, so it isn’t just about the hardware 🙂

How much money can I save?

There are certainly some great opportunities to save money by using cloud computing for some of your systems. Often you can get online services that can be cheaper than the cost of maintaining and running your own systems. It might be worthwhile to consider the cost against that of shared services under your control though rather than looking straight to the “cloud”. For instance, in Australia there is a large amount of projects around government data centre consolidation, where some costs savings can be found but the data, software, infrastructure and strategy stays under their control.

It is also worth considering the exit cost of any new solutions. Can you get access to export your data at any time, is it safely archived somewhere you can access in the unlikely but possible case of your cloud provider folding, or a contract disagreement? Can you migrate your data/service from the cloud vendor to another vendor/solution relatively easily? These are all important considerations when faced with “the cloud will save you money”.

What about my data?

What format is your data stored in within the cloud? Physically where is the data and what are you legal obligations in relation to data? This is an important concern for government where you shouldn’t store particular data sets outside of your legal jurisdiction, and government departments and agencies often have quite stringent privacy and other obligations.

Can you get immediate access to the most recent data if the “cloud” dissipates (had to make a joke like this sometime, sorry)? Where is the data archived? If you can export your data, is it available in a format that other applications can use?

All these are important considerations, because if your data is being updated in the cloud, but is not truly retrievable, you have a real problem.

The silver lining

There are a lot of opportunities to be found in cloud computing and you will find many, many blogs and presentations espousing the benefits of cloud computing. I wanted to write a short blog post to help people consider some of the issues. If you choose to move some stuff into the cloud, you are choosing to hand over the keys to your most treasured possession, so you need to make sure you aren’t locking yourself out.

You aren’t powerless in this transaction. You need to know what you want, know your exit strategy, be sure that your cloud solution is open enough to be flexible and interoperable, be comfortable with how much control you are giving up, and be sure you retain enough control to meet your obligations.

If you are comfortable with all of this, you can engage confidently with cloud vendors and demand what you need rather than being content with what you are offered 🙂

US Air Force Web Posting Response Assessment

This is pretty interesting. The US Air Force have a methodology to deal with online responses like comments. I like it how trolls and “ragers” require HQ be notified 🙂

I think it helps people not used to communicating online think about different sorts of negative feedback, and how it is important to engage with some, and possibly not with others. Also the “response considerations” were quite good too to encourage transparency and accountability in online communications.

Click on the image for the larger more readable version.