Open Rights Group Conference 2019

I popped my ORGcon cherry on Saturday – lured by the promise of an Edward Snowden keynote, I popped up to the beautiful Friends House in Euston to hear talks on a range of digital privacy issues.

I was impressed by the range of panelists and speakers – from all ends of the privacy spectrum; Big Brother Watch to GCHQ were represented and met with not with fire and fury, but a mutual respect and a wish to make our digital lives better.

I’ve noted which speakers were at each talk – their bios can be found on the ORGcon website here.

I’ve jotted down a brief summary of my impressions from each talk – hopefully they’ll give a little glimpse into each session I attended. ORG livestreamed all the main stage talks (including the Snowden keynote) – you can find the recording here. I understand that they’ll have more recordings on their YouTube channel soon.

There were also two amazing artists who were sketching a summary of each talk – here’s a sample of a few of them, incredible talent to do this on the fly all day on a hot Saturday!

Snowden Keynote

Speakers: Edward Snowden & Martin Bright

State surveillance which now targets journalists, political minorities and immigrants protects “state security” rather than “public security”. Mass surveillance is not just a failure of privacy, but a failure of democracy.

When asked if his personal politics had shifted from the right while at NSA to the left as he leaked their data, he replied that he had never been about left or right – he was more concerned with the “up and down” of the powers governments held.

We now think so little of politicians that we expect the worst from them in any situation…

Great question from the audience – how do children deal with corporations predating on their personal data? Snowden noted that most younger users don’t really care about giving up privacy in return for convenience.

We should instead be building towards technology that doesn’t require people to read patch notes, tech advisories and pages of user agreements to engage securely

He finished on an upbeat note – there is hope for the future – society will shape the regulations, change can be effected!

The Personal is the Political – How your data defines your personal ads

Panel: Reema Patel, Ravi Nalik, Rose Acton, Steve Wood

Political ads learning from Facebook etc on how to present ads – A/B testing, scaling etc. Very economical to reach large numbers and tweak adverts based on feedback.

Lots of concern about regulation – ads need to be archived and transparency as to who commissioned them. Big issue around third parties putting forward ads without ties to the parent party. Regulation is fining non-compliance, but third parties will be harder to pin down.

One gentleman asked about mind control – the audience getting a dopamine rush from their laptops and smart devices rather than engaging with the talk going on. How will this be regulated? The panel did not have an answer….

Can tech be truly ethical?

Panel: Paul Dourish, Lillian Edwards, Ann Light, Gina Neff

Is this a matter of design or regulation?

Lots of discussion around process vs people. Concerns about biases in algorithms, e.g Amazon tech hiring algorithm prioritising men over women due to the bias of the programmers…

Most of the panel felt change will be a mix of regulation and design. One question from the audience was how to deal with the “charging bulls” (e.g. Facebook). More intense regulation definitely required – but other monolithic companies can “be better”; Microsoft as a good example of a company doing the right thing.

Companies should change from “Move fast and break stuff” to “Move slowly and grow stuff”

“Tech isn’t good, isn’t bad, but it’s not neutral either”

Facial Recognition

Panel: Silkie Carlo, Dr. Suzanne Shale, Sian Berry, Madhumita Murgia

General concern that the Metropolitan Police Service had been running LFR (Live Facial Recognition) trials since 2014 and that match rates were extremely low (80%+ mismatch rate). Officers are supposed to be performing QA on matches, but Big Brother Watch noted examples where people had been stopped regardless of the quality of the match.

Also of concern that LFR struggles with BME/female matching – algorithm bias introduced by engineers?

I was impressed to see MPs/Government attending and engaging on this subject (amongst others)

Solving the encryption dilemma

Interesting choice of speakers – Nate Cardoza (Privacy Policy Manager for Facebook) and Mark Daly (NCSC/GCHQ). Neither got booed! Cori Crider was an excellent moderator, with some penetrating questions.

Facebook Messenger currently not end-to-end encrypted, this is due to change in next 2 years.

Talked about the “Ghost Proposal” where government agencies would have key escrow on end-to-end encrypted communication . Mark Daly stated that the govt wasn’t interested in this currently…

Nate spoke about his shift from EFF to Facebook, wants to ensure that privacy is at forefront of FB policies. If he leaves, be concerned about what they’re up to… Hopefully a shift away from harvesting metadata.

A safeguarding dystopia

Panel: Jim Killock, Josianne Galea Baron, Vinous Ali

How do we go about protecting children online?

Thorough summary of UNICEF’s mission to protect children by Josianne. Children have numerous rights enshrined in law to safeguard them (similar to Human Rights Act)

Technology can empower children, but is it being used in the right way to keep them safe?

Are the age verification measures being put in place suitable, workable? – concerns around privacy of data (breaches, who holds the data). Mindgeek are aiming to be the AgeID gatekeepers – they’re also the owners of one of the biggest porn sites on the Web.

Little thought given to educating parents on how to keep children safe online. Definitely a key issue and one given very little weight by the government!

Legislation- issues with sexting in underage but age-appropriate relationships (although Outcome 21 not mentioned)

Vulnerability – many children in vulnerable situations (care homes etc). Harder to protect them.

Thanks to Owen Blacker, who live tweeted this discussion and reminded me of some of the talking points!

Final Thoughts

This was a really interesting convention – I was genuinely surprised with the breadth of speakers attending. Getting representatives from Parliament and the big data companies is essential if we want to enact the changes discussed and they seemed engaged and receptive to criticisms of policy and law within their respective organisations.

I was slightly disappointed not to be able to get into the Action Space, which was looking at the data held on mobile phones and how companies hide their tracking of users and pull that data out. Obviously a popular topic!

I think the conference was just on the verge of needing a second day – I had to choose between two different talks a couple of times, but it would require a few more main stage talks to fill out a second day (which I’m sure they could have arranged).

All in all, I really enjoyed my first ORGcon, see you there next year!

This entry was posted in Conferences. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.