You knew this was coming…
My fear, noted in my previous rant, has been realized. In short, the choir was in attendance at the 2004 Computers, Freedom and Privacy Conference and was summarily preached at. Not even Slashdot, stalwart of (libertarian?) technology news, had a story on CFP. I suppose conferences are not the proper venue to invite the general public to learn more about these issues.
A friend of mine would quickly add that the troops need time to discuss strategy among themselves, to be made aware of the goings-on in their individual camps. While I agree, this raises the question of when should the focus change from rallying the troops to stirring passion on the home front.
The realization that my fears had come true occurred as I was having a conversation with a non-technical non-lawyer after the conference proceedings. He noted the lack of a primer for people interested in these issues such as himself; even if you’re interested in the issues, most of the conference will go over your head if you don’t understand the vocabulary we use or if you’re not aware of the current events or if you don’t know the laws and policies involved.
So several of us will take it upon ourselves to find a solution to this problem. This gets back to that previous rant, namely coming up with ways to get other people to care. Education is a necessary part of that. The lack of pedagogy is alarming to me, and (of course) I defer voicing my opinion on pedagogy until some future rant.
But here are the major themes as I saw them that were presented at the conference as well as questions I was left with, including extra cynicism (cynicism you’ve all grown to love and cherish by now I hope…).
- The lack of coordination between law, policy, and technological efforts
I think someone at every session suggested or outright said that we need more interaction between the different camps (lawyers, policy makers, technologists, industry, etc) to reach better solutions. But wasn’t this the point of CFP in the first place — to foster exactly this communication? If so, then why is this communication not happening? My guess is that we’re too busy in our own little worlds to find time to do this large scale coordination… Maybe they’ll fix this by the next CFP (yeah, right).
- “National security” as the new Catch-22
Any time that something seemed questionable, like collecting databases with info about you and using them together to determine if you’re exhibiting terrorist behavior, the “national security” exception was invoked. You can’t question this without being unpatriotic, and no patriotic person would question the need for greater national security, right? “National security” is also like that newsgroup law about Hitler — as soon as you mention Hitler, the conversation is over because there’s nothing you can say to come back against Hitler (just like from Office Space — “You know, the Nazis had pieces of flair that they made the Jews wear”). Once someone cites “national security” as the justification for action, all other arguments lose merit.
- Lack of research funding, interest in pursuing such research, and research in the wrong areas
Doug Tygar, U.C. Berkeley professor, hit the nail on the head with this one. Nearly all of the problems presented at CFP would benefit from deeper research. Not only do we need to find money and people to pursue these topics, that also implies we should trim other less fruitful but related areas of research (trusted computing comes to mind).
- “Clarifying” versus “disagree”
The conference was remarkably civil, despite the very brave representatives from Microsoft, DirecTV, the Bush Administration (the Department of Justice), and more willing to play in the lions’ den. Rarely the civility broke down and people got a little angry. But the essence of this comes down to one word: “clarify.” If I disagree with you, I start a comment with “I want you to clarify…” rather than “I don’t agree…” because I assume some people have to try really hard not to start a Jerry Springer-like moment while on a conference panel, no matter how funny such an event would be.
- Definitions
For a conference called “Computers, Freedom, and Privacy,” I only know what computers are. Freedom and privacy are too broad and relative to discuss without having definitions for them. This is especially important as those definitions change in different contexts — privacy in email is much different than privacy in web surfing habits. I’ve got a rant around here somewhere that deals with the definition of freedom — I’ll get around to it some other time…
- Unsophisticated users, sophisticated systems and laws
Users are stupid. Technologies are too complicated and arrive too rapidly for individuals to learn to use them successfully with respect to laws and privacy and the like. Also, most users don’t understand laws, licenses, copyrights, and legal issues surrounding these technologies. Are we somehow responsible for teaching people these issues? Or should we aim for the lowest common denominator and dumb down technologies and laws? I am truly dumbfounded for how to solve this, but get me a bottle of whiskey and a computer and I’ll gladly provide words on the subject… or just wait a few more weeks until I formulate a legitimate opinion and put it up here.
- The Internet and computers have a long and deep memory
Exemplified by Gmail (1 GB of email storage) and the Internet Archive (storing the web since 1997), people don’t realize that pretty much everything that we do on the Internet or computer networks is stored somewhere. Even if this is mostly limited to the web now, it will very quickly expand (if not there already) to email, instant messaging, voice-over-IP (Internet telephony), and all other present and future net communications, and even things we don’t usually associate with computers like your purchasing records, travel plans, health information, financial statements, and so on. The scariest example of how information like this can be used against you at the conference was how your credit information can be used to deny you insurance or even jack up your rates if your credit history makes you seem like an at-risk individual or how that credit info can be used to discriminate against groups. Even though nobody explicitly stated the problem as I did here, this is the sleeper issue that worries me most from the conference. Information can be used against us just as it can be used to help, but what if information is permanent and can be collected from disparate sources? Think if Orkut and Gmail shared information and fear Google. I think I’ll revisit the information permanence problem later…
- Can or should digital technologies reflect analog systems?
This is the big question I left with after the conference. Many of the presentations implied that while we want the benefit of digital systems, we also want all the capabilities of physical world systems. For example, electronic voting systems should have some human verifiable or auditing method for performing recounts just like recounting paper ballots. Can we really have it both ways in every case? If we can do it, that doesn’t mean we must do it…
- The philosophers, social scientists, economists, average joes, etc…
Much of the conference focused on three things: law, policy, and technology. This ignored many important other parts like social repercussions of technology, law, and policy change, economic aspects that affect the development of such things or measurable results of changes, philosophies that underlie our beliefs, or even the beliefs of everyday people (not in attendance at the conference). Many important opinions and points of view were missing from the conference as a result. Hopefully future CFPs will take this into account when inviting panel participants. On a similar note, I don’t think I heard the word “ethics” mentioned once, even if that was the subject of nearly every discussion.
I leave you with the eternal question that plagues my mind: If nobody cares about these issues, should we do anything about them? Most people scoff at the question — “Well of course we should do something” in the kind of way that implies we know what’s better for them than they do for themselves. The deeper implication of the question is whether or not everyone should care about these issues. If so, what can we do to achieve that?
Answers, of course, are left as an exercise to the reader.