Next up on the political agenda: Cybersecurity

Video in TIB AV-Portal: Next up on the political agenda: Cybersecurity

Formal Metadata

Next up on the political agenda: Cybersecurity
Title of Series
Part Number
Number of Parts
CC Attribution - ShareAlike 3.0 Germany:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this license.
Release Date
Production Place

Content Metadata

Subject Area
This panel will address the main challenges for digital policies and notably cybersecurity in 2015. Recent developments have highlighted the shaky balance on which the call for freedom and human rights online are currently based. While the creation of a Special Rapporteur for the Right to Privacy may certainly be seen as a positive sign, other measures and changes in legislation are less promising. Featuring four speakers, two American, two German, the panel will outline the main challenges and explore why it is vital to include a broad range of voices and perspectives to shape the debate and influence security-inspired rhetorics in a positive manner.
Dynamical system Statistics Information management State of matter Digitizing Virtual machine Multilateration Wave packet Revision control Computer animation Strategy game Software Meeting/Interview Internetworking Right angle Information security
Group action Algorithm Game controller State of matter Decision theory Expression Gradient Total S.A. Cyberspace Heat transfer Open set Information privacy Field (computer science) Revision control Lecture/Conference Hypermedia Personal digital assistant Different (Kate Ryan album) Universe (mathematics) Phase transition Self-organization Whiteboard Office suite Spacetime
Point (geometry) Decision theory Electronic Government Information security Twitter Spacetime
Point (geometry) Mobile Web Mathematics Different (Kate Ryan album) View (database) Representation (politics) Price index Pressure Form (programming)
Context awareness Group action Different (Kate Ryan album) Civil engineering Multiplication sign Decision theory Order (biology) Self-organization Right angle Bit Online help Information security
Computer animation Term (mathematics) Digitizing Multiplication sign Right angle Data conversion Pressure Measurement Information security Twitter
Cybersex Point (geometry) Addition Word Process (computing) Digitizing Shared memory Energy level Mereology Information security
Cybersex Information Real number Content (media) Cyberspace Theory Metadata Meeting/Interview Term (mathematics) Authorization Information security Spacetime Social class
Cybersex Bit rate Meeting/Interview Multiplication sign Energy level Quicksort Information security
Cybersex Point (geometry) Information MiniDisc Cyberspace Measurement Spacetime Power (physics)
Multiplication sign Physical law Nominal number Cyberspace Sphere Twitter Strategy game Internetworking Term (mathematics) Computer crime Universe (mathematics) Encryption Spacetime
Game controller Context awareness Group action Standard deviation Multiplication sign Projective plane Physicalism Sound effect Cyberspace Formal language Workload Arithmetic mean Process (computing) Strategy game Different (Kate Ryan album) Encryption Video game System identification Right angle Information security Identity management Form (programming) Vulnerability (computing)
Revision control Arithmetic mean Spyware Internetworking Internet service provider String (computer science) Multiplication sign
Satellite Adventure game Context awareness Message passing Link (knot theory) Lecture/Conference Internetworking Interior (topology) Sound effect Right angle Information security
Latent heat Meeting/Interview Encryption Right angle Flow separation Information security Form (programming)
Point (geometry) Context awareness State of matter Direction (geometry) Sound effect Basis <Mathematik> Field (computer science) Wave packet Twitter Power (physics) Inclusion map Different (Kate Ryan album) Term (mathematics) Internetworking Resultant Form (programming)
Context awareness Strategy game Different (Kate Ryan album) Multiplication sign Blog Digitizing Software testing Right angle Information privacy Information security Formal language
Cybersex Point (geometry) Dependent and independent variables Context awareness Causality Right angle Mereology Information security System call Local ring
Context awareness Process (computing) State of matter Direction (geometry) Self-organization Bit Surface of revolution Information security Leak Theory Mathematical optimization
Group action Integrated development environment Internetworking Multiplication sign Virtual machine Sound effect
Type theory Different (Kate Ryan album) Form (programming)
Different (Kate Ryan album) Hypermedia State of matter Translation (relic) Bit Right angle Information privacy
Category of being Lecture/Conference Hypermedia Information privacy Spacetime
Context awareness Euler angles Multiplication sign Information privacy Mereology Number Inference Goodness of fit Hypermedia Term (mathematics) Different (Kate Ryan album) Internetworking Boundary value problem Energy level Information security Position operator Mathematical optimization Focus (optics) Theory of relativity Information Regulator gene Expression Expert system Shared memory Process (computing) Right angle Resultant Abstraction Spacetime
Process (computing) Meeting/Interview Expression Encryption Online help Dichotomy Right angle Wave packet
Enterprise architecture Algorithm Multiplication sign Expression Physical law Information privacy Mereology Power (physics) Process (computing) Hypermedia Encryption Self-organization Office suite Information security
Building Group action Multiplication sign Image resolution 1 (number) Insertion loss Information privacy Event horizon Wave packet Strategy game Feasibility study Encryption Energy level Series (mathematics) Office suite Data structure Information security Traffic reporting Dependent and independent variables Arm Information Prisoner's dilemma Bit Limit (category theory) Personal computer Process (computing) Integrated development environment Telecommunication Order (biology) Right angle Resultant
Inference Dependent and independent variables Message passing Angle Encryption Energy level Quicksort Information privacy Information security
Word Service (economics) Regulator gene Lecture/Conference Civil engineering Digitizing Encryption Representation (politics) Information security
Message passing Bit rate Information Range (statistics) Encryption Right angle Office suite
Lecture/Conference Different (Kate Ryan album) Hypermedia Moment (mathematics) Square number Cyberspace Insertion loss Lattice (order) Information security Power (physics)
Area Collaborationism Googol Internetworking Moment (mathematics) Right angle Information security Spacetime
Link (knot theory) Euler angles State of matter 1 (number) Insertion loss Mereology Formal language Process (computing) Causality Meeting/Interview Internetworking Term (mathematics) Different (Kate Ryan album) Average Encryption Business model Energy level Communications protocol Information security Error message Physical system
Revision control Type theory Software Meeting/Interview Different (Kate Ryan album) Cellular automaton Electronic mailing list Mereology Field (computer science)
Area Medical imaging Game controller Arm Software Meeting/Interview Pattern language Field (computer science) Vector potential
Ocean current Category of being Goodness of fit Term (mathematics) State of matter Twitter Spacetime
Game controller Coalition Physical law Sound effect Flow separation Arithmetic mean Goodness of fit Software Term (mathematics) Different (Kate Ryan album) Personal digital assistant Energy level Whiteboard Traffic reporting Communications protocol
Addition Tap (transformer) Physical law Basis <Mathematik> Facebook Process (computing) Meeting/Interview Forest Duality (mathematics) Encryption Quicksort Information security Social class
Group action Dependent and independent variables Software Term (mathematics) Physical law Line (geometry) System call
Point (geometry) Cybersex Dependent and independent variables Existential quantification Rational number Key (cryptography) Artificial neural network Interior (topology) Multiplication sign Digitizing Workstation <Musikinstrument> Expert system Parameter (computer programming) Heat transfer Perspective (visual) Wave packet Word Hypermedia Order (biology) Right angle Information security Arithmetic progression
Area Building Computer animation Channel capacity Meeting/Interview Rule of inference
the move and
thank you and yeah I have to is gonna so up any machines I'm very happy to
have these wonderful ladies with me on states from others introduce them very quickly to those of you who don't know them yet so we haven't eaten we use a postdoctoral researcher at the University of Mannheim and her research is among other things on on the dynamics of state repression in she and human rights like a they inflect on human rights and she uses statistical methods to the estimated political and hidden friends of violence there consilience and hope and then that she she really like if you wanna beat research that's really method that's why these sounds then look into what she's doing and she's also having a talk later on on state city of had 5 days so go check that out because it's really amazing where I just have an idea of what she's doing she asks questions like what's the influence of network disruptions friends of on the conflict in Syria and she also published and the op-ed in the Washington Post on which was entirely when Internet access becomes a weapon so let's is an idea of what she does and then we have the Becky works for tactical tax and research is digital security information management strategies main is she also does a lot of workshops and trainings on the issue and she's been researching lightly armed with human right lexicon working with human rights defenders and trying to find out how to improve training in how to engage them not to actually make these things sustainable she's gonna talk more about that later it's amazing work like really really curious to hear about
this and zillion whose super busy with great talks today exactly and group just that atmosphere already know where I'm you exciting fancy they in headache on this session of why I want to have these 3 people on top is on board is because you have some free expression a
lot and she speaks out of surveillance and censorship and she working on the role of social media and the ethics and algorithms lazy what I think is super fascinating so we do have like the research on conflict and we do have the practical side and we do have the free expression which I think to the topic we're talking about which is like the next issue on the
political agenda cybersecurity is a fascinating take case to me working in the Foreign Office I
felt like the debate has caving changing into 713 after their 1st Snowden revelations it was all about governance like you had so it can be seen as a political decision makers were like the world there is this thing the space that we don't really know what to do with enough done handout control so what we do we how do we regulate this had to be governed the space and how do we can gain control the thing was that for me in 2014 it was more about community involvement in trying to have different states different parties different grades trespassers apace so we have places like that Jul conference and we start at the end a transition phase is in there was the yeah I can kept accountability in all these kind of things that kind of like trying to get away from state and intelligence Control spaces to more inclusive matters a patient but right now it feels like this is changing and the debate is more focusing on cybersecurity so the transfer to 15 these cybersecurity I wonder why that is and that the question I want to ask the house as well like is it because the places like met Mandela failed or is it more eye that on the contrary traditionally more intergovernmental fields are actually now becoming more inclusive in different stakeholders given a safe and I will just give Jillian the look this way because she came in last so that the punishment they go to the think you're not my apologies for running like that of the good so I think you know took to get to that question i'm just gonna use a brief but recent stories metaphor as I went to the Global Conference on Cyberspace in The Hague last month and and you we joked that were cyberspace is actually spelled s e c u r i t y of and I arrived on the 1st day the went to taken out and I woke up to find my door was wide open and then the police going up and on the hallway and they had just left my door open and it assuming that wasn't there or whatever total invasion of privacy and uh when I spoke to the hotel and spoke to the conference about this and the organizers of the commons are actually quite nice don't blame the dutch government necessarily for this 1 and 1 is not to the hotel universe another very important people staying
here we have to check the rooms for security and I said I'm I'm speaking at this conference and saying so tell them what you mean by important people clearly not me and and I said the story as metaphor because that was really the tone of the entire conference it was an us versus them where they are governments were people it was cybersecurity 4 and 4 police for governments but not to the people and then I think that that's really the trend were facing a lot of the way that the Internet governance space has shifted is toward the
use government conferences were only respectable civil society is invited allowed to participate and I'm sure I will be invited back next year I and II not I've seen other people get decimated to for being a little too outspoken and I think that that's that's what the government's at this point a kind of trying to do is push us out make these decisions for us but the wouldn't have the might change any 2 because she actually has a
different state on from the ingeniosité looking at little different because before I answer as a government representative to this critique literary and thank you I'm really happy to be on the panel and so the the main research that on the repression what which basically
try to find out is how governments use different forms of repression against their own citizens and this traditionally includes things such as torture and disappearances and and um and killings extrajudicial killings and but also includes things such as and censorship and unmanned surveillance no more and more and so am what do just um describes horrifying but it's
not surprising from a form of repressed repression the each point of view because I'm having 1 of the few things that and research repression is shown us this and that and 1 of the best indicators for when governments will start acting like that is when they feel threatened arm and that can have lots of different different reasons but then the main reason why Governments will start from using such tactics and they they vary those tactics we talk of repertoire the pressure that and I think and it's really interesting to see how the Cybersecurity debate is change these repertoires of repression and and but but that the fundamental reason why these things happen has really changed in that is you know being threatened of collective mobilization coming from from from below basically he
shows so called provide also a slightly different perspective and so I do workers civil society organizations and Tactical Technology collective has been working for over a decade now I'm mostly in the context outside of Europe and the United States and Canada and so with human rights defenders and fairly repressive environments and and during this time we have experienced something that is sometimes called secure decision which we'll talk more about later on but it's this idea that over time things seem to become more and more about security and as soon as they do the discussion kind of shots down a bit and so are all then and because we do work on together with different groups and communities who are facing and quite concrete harms from something that is considered abstract actually and it forces us to start from a different place and actually I'm asked what security means
so whereas right now when there is a debate that's framed around and it's very specific and there's a very specific discourse behind it we actually have we find that in order to actually the help people respond in a practical way the 1st thing you have to do is to dismantle the discourse and start by asking what security action means to you and your community into groups and when we do that we find it means very different things depending on context and and so as we observed these kind of higher-level policy things happen we also observe how they are quite common really affects the
communities of human rights workers and human rights defenders and how they then have to work to break apart this discourse and actually make it support the human rights thanks for
that like for me when I hear of this kind like yes there is kind of a security trends and the other thing is who are the actors like who's talking to you and who is affected by that had a conversation is the symmetric measures that has taken up and the other thing is
like this label cybersecurity obviously is already at that time goes into a political discussion because I think most of you have use digital security or interests act in there we can also go into this apart from talking about where the actors and who are actually communities were talking we're not talking and should be engaging and whose putting which pressure on what is also a question like Which terms that we use in maybe do we use different terms on like never once said I think he is already nodding
so understanding get has right not to the already share and so as we do you use the word digital security in fact uh tactile
tech has a slogan and it's additional security is possible and and basically what this means is that the security is a process that along the way you have to figure out what it means and I think that historically we have used the word digital on it's an interesting to watch cyber kind of like I mean it was around in the nineties and it disappeared for a while and then it came back to with that with a vengeance to get to the point that it's kind of part of everything now and and uh you know and and and actually information security is a word that you hear so often still in in communities of actors different IT professionals working on and security and a or organizational or institutional level on the answer to the question arises as what does happen when everything does fall under this umbrella of cyber on for now we're thinking of digital although we also have a methodology
called ballistic security which attempts to understand actually on how security and basically it's not confined to the digital space it's not confined to this thing we call Cyberspace which I'm still not sure that is 1 uh because anything you do have an impact on in real space we we're still embodied people even if we're using technology and so I'm not sure what cyberspaces I'm not so this theory is true if I may add to that
is that the term information security in the political discourse that I went in usually
is actually heavily layered because it usually means that with regard to sustain you also meet the content said like information means you don't just have metadata yes indeed be let into content like it's really heavily politically loaded and this kind of a clash between the attack community that would say like well information security is kind of better than cytokines because whatever sigh and we do have the cyber cyber or hypercycle where would you wanna call it a debate with that like you know where do you have that class and where's the authorities that we might need to kind of try and what a way around it
and not everyone economists so yeah I'm I'm a hearing with an eye and actually but you just said that I'm also kind of a calling a couple years ago there was this
morning a cyber Pearl Harbor do you remember about and that's the level of discourse were at the same rate and we started we actually made teacher but that cyber Vesuvius you just to really bring it home and a thinking about the rhetoric of governments and I'm sorry to to do that again that and particularly putting my Government for that matter and the rhetoric of governments has become this Europe were under threat your the threat and then it might not be you but it nevertheless us not them that is considered a threat and and so on work when they're talking at this level and and it feels so sort of like security for me not for the yeah I agree absolutely with the with what what do said and I think uh if we look at and if we go a little further back in time for the internet and look at how governments framed some of the the usual justify the use of of repression from in autocratic and also in democratic countries and we see have just you know the name has changed and it used to be that the threat of the left and that was the threat of terrorism and now we see that lots of governments use of threat coming from the cyber world whatever that might be
favored terrorist and which of people living in the cyber space I guess and so so it's it's really useful for some 4 and governments who want to stay in power to come to find something that is abstract enough to to invoke fear and the majority of the population or at least in a sufficient amount of the population so as to you and says to still kind of rally enough support for the for for that the measures that the using and generally and and the nice thing about and about and
cybersecurity for for governments now is that it not only am and is an abstract and that can be used as and but it's also a way that information is used that can be controlled and and the disk was to be shaped as well so but that's actually a very important point which leads directly to the next question and I had it can it if cyberspace is now as abstract that we can use to secure dies and retiree and kind of the political
discourse of something as you said has happened but before cyberspace as well before we had the internet there was already this poses a we use in terrorism doesn't matter so there's always this trend of securitization which kind is something that governments might use to control the space the how do we react to this like what is if we have this discourse have what's the next term that we gonna use if we do can find something to describe this a cyberspace to us so we use this term for it defined in a different way than was the the the next word so kind how do you react to this trend and what he do you with this very sophisticated isation is really really something that we do have been a lot of things that are happening right now whether it's the data retention debate whether it's the you terrorist laws or whether it's an the front or back doors to encryption there so many things happening where this is used so how do we actually answer to this what's going to be the replied like how do we find strategies to work with this it is a difficult question should just was to that of your nomination
going you know what I'm 1 thing I'll give 1 answer not the whole answer that ensure that that the ideas great insight into this as well I I think that we have to stop treating Cyberspace through the Internet or the digital sphere as a separate universe and if you look at like the cyber crime bills that are coming out of places like Pakistan and Egypt and frankly for that matter the west but what we're seeing is criminal penalties the higher for crimes committed online versus those committed offline and has been a trend for some time but it's particularly at just in the past month Tanzania Egypt and Pakistan all came up with new bills and I think that it when we do that when we treat cyberspace each because whatever will just ever stays up when we treat that as if it's an entirely parallel universe and were were buying into that that rhetoric that discourse that that I think it just makes literally 0 cents and
so I can just explain this process that I guess we sometimes call contextualizing security
and so I have been working on a research project called security in contexts and basically and and and the idea has always been to you I am basically pull out the meaning firms and wanna say from the ground and by and from where the work is happening and from where the the greatest being experience and and so when we talk about context that can mean many different things and it's about geography it's about culture languages that are spoken um what kinds of workload workflows people have so what kind of tools are essential to their work and what kinds of vulnerabilities of experience and and when you put all of this together you discover that for example you might learn that 1 specific group really needs to maintain malleable identities online because when they're forced to use a specific legal name that for a specific name that relates back to other forms of identification they actually have an experience of violence and and this violence can be tied back to different forms of harassment they experience online as well and and another it's another example would be a human rights defender might want to use encryption but it might be illegal in the country to do so and so if we're talking about the importance of encryption and then the question of what what exposure means for people who know who use the standard tools becomes important so the priority then becomes 0 how do we actually enable people to be able to pursue digital security in in a particular place and that particular time so I'm yeah and going going contextualization for now as a strategy for reducing the violence there's kind you keyword we can probably been waiting the I think and I think 1 important way to to make this debate and I'm kind of resonate with with them with larger and public from public interest is to to kind of tied to concrete things that are happening to people also to take it away as he said from the like cyberspace somewhere else so that's actually something we'll spend time on the internet and and some and basically uh um show and show how it effects are every day to day life and them and and 1 1 way that we try to do that my research is seeing how and different forms of social control the being being used and actually go hand in hand with government repression by gunmen repression here physical repressions of people being killed people are being targeted for certain identities or people just being killed them
at random and them and what we see for example in the string conflict were being the most of my research is that when the government decides to and seemingly provide Internet access to come to its population and meaning that it has the opportunity to use all kinds of spyware and and and all kinds of surveillance techniques that we see much higher prevalence of targeted killings we see more people have been detained using single people being tortured and then being killed of single people who being executed and directly and and at the same time where the government shut down the internet and
completely as we see more people who being from being targeted and in in the large-scale way so here basically the
effects of how the Internet and this and this is available not directly impacts people's lives and I think that can also be drawn to less crack contexts and interior but uh and that kind of tying the effects of these cybersecurity both to come to the human rights discourse for example from is really something that I think brings home the idea of such some they sell their effects are really there was going to be my take away from those
for u satellite it seems like to get away from this the thickness of the UN human rights like this this the link that we can use to we have to rethink this in
the debate is only like in the beginning because that like it governance is to be like 0 yeah that freedom online into the human rights on an adventure that having a security debate hanging going all over the place maybe what you have to what like should be the message is kind of strengthening the human rights aspect the question is does that also mean that we're
kind philly fueling the beta cybersecurity actually go away from it and thus a human rights simply try to bring the human rights aspect into the debate and that and something we also need to consider can also get the weight of that the Kingdom Kingdom of luminance and and so
I don't see human rights of separate from securities simply because of what we do and I mean basically sometimes the only way you can exercise their human rights is by using it a specific crime privacy-enhancing technology a form of encryption that will provide you the assurance that something that you need kept private and confidential will actually be kept confidential and I mean this is seen as a problem in itself but the only way to exercise the right is by using this tool but on the other hand actually know and that uh criminalizing tools and making them harder to use and that means that we need to basically support the ecosystem and supports that allow us to actually a a way of human rights and those that simply talking about them so for you but I
want the best and the resources to do actually this training and contextualization I guess research results and she probably nicotine yet he wanted strengthen this thing they pass this on to the shore and they think um I think more research on how on how different forms of cybersecurity and bills for example we're seeing right now and are and are tied to and to large movements within countries and that's something that really kind of overly demonstrates and what direction governments of going in with the
bills and so some of the that the inclusion of of cybersecurity more kind of large-scale quantitative repression research from which is which is facing the field that I work and is relatively new and then what we see is that some and people everyone in in in in in in state repression research so all this is going to be great in the Internet is going going to help us and it's going to show us that and we have a general trend of democratization in the world and so on and so forth and what we actually see the opposite we see that governments that have made you still have have allowed them a large proportion of that some population to access the internet and and are much more stable in securing the power so and so and I think this is something that really impressive shows and that it really depends on what what and what happens now and in terms of the effect that the Internet can have and then and again I don't know if this really has to be discussed within the context of the cybersecurity discourse and but I think tying it to things such as democratization and and and just durability of autocratic regimes really and kind of makes the point that this is something that affects some more work policy basis yeah and a vertical will be less
and so the crime bills and that they all seem to be kind of coming in around the same
time our being test test-driven in in different kinds of ways in different countries and that's certainly something that we saw reflected back to us just through practical work of teaching digital security strategies teaching privacy strategies and in different contexts and uh a lot of people are a lot of human rights defenders are extremely concerned and in different countries throughout Asia and and and Africa and on and they all notice that these bills are coming in and often in their languages copy and pasted on it maybe from a regional neighbor who holds kind of of the prevailing influence in that area and and so then that language gets copy instead and it's on the bill gets put together in an oblique way that doesn't engage civil society and but then what civil society does the is all of a sudden of bloggers are getting arrested and people who seem to simply be working on
democratization efforts and an iron and this is a huge cause for concern and it causes them to wanna find constructive responses due to preserve the human rights and in response to you uh something that and is probably 1 of the more prominent parts of cyber security as a as a agenda right now cybercrime crime is a huge part of that so seems to be in contradiction of it at there's
not much I can add all of that because the 1 thing I would say it's a once in a while working in other parts of the world you you get your calls for a good bring it more local let's let's you know let's have traders from our country let's do this let's whatever
and have a localization context and and I I think what often gets forgotten areas and that all of our governments are cooperating with each other so we should be as well that's definitely get point is the other thing is when I hear that
is like I we still balancing freedom and security or like should thus be the same what's the discos and also this when a country balancing security and freedom which is also tied to all those cybercrime bills and all the
other legislation of the political discourse but I Given that there's 2 Americans into German some states so we also talk about the transatlantic relationship because I have a feeling that the debate might be going in different directions or not depends on which way you look at it I guess and I'm just going to be pass back to tell him for this 1 I don't have much to say because my organizations the left out of that so I I feel a personal opinion love I think that this has not resulted in a minute have to pass I don't I just don't have much their theory yeah well and I can I can talk a bit about this and we we've all been wondering and what kind of awareness and those Snowden's leaks revolutions documents whatever this process has been what what kind of awareness of that really are brought up month of society among government governments among all the stakeholders in the and ended for a little while there was a sense of optimism that and this would cause governments to well outside the western perhaps question in the direction that the uh that surveillance was taking and how many resources there putting into our creating extremely pervasive and invasive systems and
but unfortunately we've been hearing back from a so called repressive environments that this when when when a group of people see that these capabilities exist they want them to it's like it's a copycat effect in a way and signal fathers guys have a really great away
we want that toy 2 so when that happens have a machine you end up seeing that within a couple years and even in a country that might still be described as 0 it's still a developing nation and they don't have much infrastructure and they're still working on access to the internet on a lot of the time and the harms may come much sooner than anyone thinks because and 1st of all they see the toy they wanted and then a big regional ally might might give them that way because that way they get access to a lot more data than they would have otherwise now they can monitor the countries around them as well and this is something that we've observed concretely and and so yeah I think what we're seeing is a copycat effect because I'm you see a shiny new thing and you wanted to and that's it that's a human saying I guess the sense that best
practices that talking copycat yet think new fortunately and any 1 into this you get is briefly at the 2nd 2nd
that and I think that diffusion of different repertoire of repression as we might call it is something that we've seen before that and that and so am I the types of torture them mostly used nowadays forms of torture where you don't see scars from is something that was predominantly developed by democratic countries because of it's much easier to plausibly deny what you've done and now this is something that non-democratic countries to take on as well the like a that's a good idea but why not copy that as well and I think that's something you know what this node revelation that was also a way to demonstrate other governments Hey look if you think you know these are these are tools that we have these things that we capable of and
and you might want them to and so I think I think we're seeing a lot of a lot of diffusion on on this topic and since we take us a little bit away from the gentleman that I'll just add to that and say that 1 of the things that I found really troubling at that that conference that I mentioned
earlier and was the was in translation so I'm not sure how accurate that the translation was that the Chinese government saying and let all hold hands and work together to police the Internet and and the Western governments laughing at right up more than happy to work with China when it's convenient for them and then condemned them with the other hand and I and I just want appalling and find the entire thing appalling so
given that like we think this is actually quite depressing debates and it was like some must be you know 1 of the positive takeaways and what we did to 15 so I can't I wonder if it could going back to the transatlantic relationship media happen very very different and I wonder if that just because the media works differently or is it because the population actually has a different state of certain issues like is privacy really seen differently in Jimmy that is in the US or
is it just the coverage that the press has a different standing like what you see on this because I really think that this also influences the debate a lot especially when a CTC CS in the way it's been received in the media I was like it was this huge success in a lot of things that actually happened or did not work out or when like really not going the way they were planned wikimedia lost in the how it was just not there so I wonder like should not have been like receive more attention on it was was this young this 1 so like going into the media space and trying to find out like do journalists working hard as the population went to these issues might be appointed I think
privacy is different in the US in Germany have been living here for about 8 months and 1 of the things that I noticed uh actually some alleles pointed out to me I can't category on but I'm toilets in the US and public toilets the the door comes to
about here and in Germany comes all the way to the ground and and their parts of the world where everyone goes together with outdoors and so do you think the privacy is definitely differs by culture up there's obviously personal context to as well but the coverage the media coverage as the non-German reader but nevertheless is significantly different and I think that you know I'm in the terms of our conferences all yes bear only glowing and ends horrifying articles there's nothing in the middle nothing new wants to and I don't know what to say that it good but I do think that and that the media agenda for part of optimism I do think of the media coverage of these topics is getting better in a lot of ways and were asking a journalist asking questions that were being asked a few years ago there working with them security researchers are experts in ways that they worked and I think that all that is positive yeah so I'll say a couple that's about and cultural relativity of privacy and so it's it's it's definitely bear and it in a way yes of course wherever you go out there and the culture that uh infrastructure and the resources will dictate and how people feel about and the space and how people feel about the boundaries and on the other hand what's always present is that people do always care about and for for boundaries and whether it's whether they decide that something is confidential and every single culture in the world cares about keeping certain things confidential and so in that way you discover that privacy is present everywhere and and in terms of media coverage and I think there's definitely Germany has done a rather thorough job of going through uh well since the summer of 2013 and looking at surveillance and and maybe this is part of a kind of a European attitude that has a different take on privacy and in the US you find that most of the time it's at the focus is on the individual and I and uh so privacy becomes and as something than individual takes care of it they go hide in a cave somewhere and that's a goal to the notion of privacy and and the result of that is then that you have come companies to build the entire cultures around this notion that the only way you can be private as long and then as consequence of that sharing information is seen as the opposite of privacy and if people don't share information and we don't have you know like the Internet can stop running anymore I like that I heard election run the way it should this becomes the argument and so I think that in the US there's still a huge emphasis on into individualism as it pertains to privacy and that impacts and the tools we use the regulations that we get in many different kinds the world and I think that that's something that historically Europe has done a better job with but in Europe and the US are quite interdependent in many different ways and so there's a lot more critical thinking that needs to be done and even if you know a certain things are respected years slightly differently than in the US just determines what's ahead while I'm not a media expert that I wanna talk over the German media and but I do think to uh to things that we do observe in the coverage of of cybersecurity issues is number 1 2 very acts it's still a very abstract topic Amendment of few people attending Republican maybe that that's not the case but if you talk to everyday people and whatever everyday people might be as if you talk to people we don't think about this 24 hours a day and they have a very often have a very different very simple take on and that is you know doesn't really hold me in the end and other really gonna find my needle in the haystack and how how important is that and I think I think the media has a really good job of kind of making making it clear how this does impact us but at the same time that the problem is so big that it feels insurmountable and then you see that people just get you know resignation about it so so I think that's a really big problem in in getting in mobilizing people to kind of and they engage with that with the top
absolutely I can agree more which can a brings me to another tool which might help or might not might be interested to hear what other people think about it is used as rapporteur might privacy see by is this going to help with the debate is still like you think there's going to be positive outcomes from this is gonna be more inference on the legal level in X the finding of a proportionally as or is it more of a political level in kind during the debate and drawing more attention to the topic we think and as so I don't know how how familiar everyone here is with the with the Special Rapporteur but the the previous 1 was literature on and freedom of expression and privacy Proprinter expression of a right so this is
just sigh food bearings out so that the previous Special Rapporteur on freedom of expression and was amazing and I think really furthered that particular debate but I think that there is an opportunity for that but I honestly can't say that i've seen any of the candidates of so far that will do a good job I mean I I think it's a tool in our toolbox that although sometimes people say 0 and you know there's more practical things you can do then there's the policy things that I don't see it as like dichotomy between that some people go train he believes GP and other people go engaging high posts and high-level policy debates I think that I a great strong afterward with the help everything that we're doing interesting that I know someone like alan kay who is
now making a strong push for the importance of encryption and in support of human rights so do you want to come and will take at the park from who's going to be taking the
office I think just the fact that people have sat down and this is what we need to we need someone to do doing the job that can actually have some kind of signal signaling power that can be important even if some measurable in the same way as other things is actually the 1st time that there's ever going to be a temperature once privacy before that there was always freedom of expression and other people just use the mandate to actually cover these aspects to and so we're going to see what's gonna come out of this Indian but I do think that David Kay especially with the encryption might be something that we want to go into as well because he also said that 1 of the
next issues is going to be talking about with freedom of expression as whistleblowing which spelling out of topic which we can talk about when Kansas acuity I just like to say at this stage if there's any questions from the audience please raise your hand so we can take questions from the audience as well and just if you if there's something that we haven't covered all said they get a little on encryption and whistle-blowing and had to actually because that's also something intermediate regulated all there is no law for that's do we need this is this debate the debate that should be part of the same security debate or not or is this really that money you write perspective and from that adding something that we haven't mentioned at all is the role of corporate organizations and enterprises like if especially related social media and there's this whole algorithm thing like hiatus this impacted in which royalty actually companies have when cancer security is another topic that will release of properly brought briefly not going a 1st this time I think the truth of this
so OK so encryption in yes if you think of I'm can you promptly again I don't worry now if encryption specifically it's basically that the whole debate of having legislated on extracting clocks and like hey go forward because we have the tools but the there is the loss coming out on this that and limiting at the same time we advocate and certain efforts and the with another question is like because the the case that that the report of how this actually with if we like limits the use of encryption were actually also inflicting on how you can write a lot and that's gonna be the aspect is going to bring out and whistling as well so that this is a this many heights of this event there's 2 main ones which is from where we're coming from which is on 1st of all everyone should be able to use encryption if they want to the reality is that when you're building a strategy for privacy and security and if you're in a place where certain rights aren't supported and then and then the you have to take into consideration whether using encryption is really going to give you the result you want because you may get something and someone's office will still get busted in and all of the information will be stolen and they might end up in prison so you knowing encryption can't solve everything on and on and on and on so then what we try to understand this what's actually necessary for a for people to be able to use it at all because you know encryption is available most people but when is left to the level of an individual practice which requires you installed to install a particular kinds of tools and go through a series of processes most people don't end up actually carrying that out it's a bit different when it's infrastructure level which is probably a separate arms a conversation and but if it if this problem arrives at a person's computer and then they now need to do something and we find that it becomes a a very and intensive process when working with people who really really have hi desire to learn all of the motivations because they're facing concrete harms in their environment they have every reason to want use this surveillance is not abstract and and they still have difficulties and and a lot of that ultimately becomes what we're finding now is that this really boils down to resources and social structures around this person so this gets me back to my rant about an American notions of privacy being individual and so if you are an individual and you
want to use and encryption in your communications you need someone else in order to do it with and it's actually incredibly hard to find tools that make this like a feasible process for people so unless they have been sitting there working on it in a training for 5 days which is what we try to do and even after that training it's a problem and that's because there aren't enough resources to continue to learn and to continue to practice these things and so were really really come down to ultimately is that we need we need more resources and in order to build more sustainable strategies that I would start with communities in groups so that people can even exercise the human rights in the use of encryption in the 1st place basically about individual empowerment and having the resources to allow for that yes I think that absolutely clear that I think and use using encryption using that hidden technologies is 1 of the only way is that we can take individual responsibility and I agree and I I have a lot of
problems with the American conception of privacy but but nevertheless that's still the 1 thing that you can do individually everything else every other solution and believe me I think that we should approach this from all angles of every other solution to this problem requires some sort of collective responsibility a collective work and whereas encryption is absolutely and had well I guess you're right not particularly individual but the individual a different sense that individual as opposed to you probably collective responsibility question for me if I may interact on this 1 is if we provide encryption and we have places like he will always completely legal and you have to do you go to jail for quite a long time or
in Egypt is like how do we help those people that had you empower them what's the message that we send out to actually you know with regard to security how do you defend yourself if that's how we going because if we're talking about empowerment to kind of discourse now is the solution to there's always that the reason why it's actually taking to the government level because there's you know you have to kind inference legislation which is not gonna happen from an individual person as I wish I want
incited a removal of people to commit a crime in Egypt without that that I mentioned that and I didn't know the encryption is illegal there and I was speaking of in Cairo to a larger audience was telling everyone to use encryption summer came up to me after was like he asks for the eagles from and you know I I probably wouldn't have said the same things they said knowing that I used for personal risk of blight but I think it fine and then it's an active civil disobedience and I'm still encourages and the as well you know I would I would love it if this new post for security was ultimately about making individual level digital
security more feasible and services the optimistic side of me things that all of this money being spent right now on the beautiful conferences to figure out what cybersecurity is ultimately get channeled into like enabling more people to use it because the politicians and the and the legislators and regulators and the company representatives are obviously sitting there and hashing out how to make it possible for people in the words of 2 friendlies tools so that's my optimistic the idea that letter a and the more
I think they can obviously there
a this should be in the individual right for everyone to use encryption tools as they as they please let them before the internet and before we used encryption governments working in and and rating Rating offices and and you know Germany has a great history surveillance predating beginning there than that so I think there are lots of other ways in which Governments can still do that and even if you know the the message is encrypted that might actually enough you can you know be enough reason to to go investigate and so it's a political question in the end right so it's both it's mn giving people the opportunity to look at the and their information but also some encouraging discourse where governments keep checks on try to please the checks on each other and using that I was in the range I hang I hope that they were doing there and they're figuring out this political discourse yet equals
the of before attending to the question of what's the role of companies in this US when it comes to security are the questions from the floor that we should take on and just signal there's some idea where we can pass around if someone has a question to the panel and see any at the moment so I'm just going to go to this aspect of like his corporations actually do have a lot of power when comes to this cyberspace
whatever it is so how do we actually engage them so we engage the difference is that now we've been talking about governments and not doing the right things are over regulating or not a being palace Square and haven't but there is this actor that is super influential so what do they actually doing cancer cybersecurity or which at that meeting and what could be a take on the US and but positive to is working on on either such a problem due and social media losses he probably does have a very interesting take on we haven't had just said the the
interview with the Google VP security in engineered to use of it was that the new thoughts and now I think that you know a lot of my work is really critical of companies and the ways in which they control or social spaces online of add that primarily as to the censorship this is a separate issue I think that
in this issue in this area companies can absolutely be positive actors means they're not necessarily doing so at the moment but I think that there's a there's a place for us to encourage them to be positive actors in building a more secure Internet and I think you know mean criticize google you want that they've put millions of dollars into doing that are doing just that and I think in some ways despite despite being assailed put that aside for a moment and despite the potential collaboration with them and they nevertheless set example for other companies other companies know now that they have to do that and all the mom Google's not doing everything right I'm not I'm not a Google ventral
have but I do think that we have these the companies setting and example for smaller ones that you could potentially be positive if we encourage now I think it's some quite fascinating to to watch all of the companies in last couple years have decided that loss of trust is ultimately a harmful to their business model on and then that being in a huge incentive to to up the ante on and the best practices and their infrastructure and I think also that and I'm working on infrastructure at a deeper level in terms of protocols and encryption and making that more pervasive throughout internet infrastructures also crucial which overly companies can engage in that process as well in moving forward with inch engineers and there's there's a part of this where sometimes I hear people talk about making systems and secure against human error and this is a language that comes up a lot in different kinds of security discourse like 0 0 a
person is the weakest link in the system and we got against their mistakes and I I find that unfortunately that attitude that the person is the cause of the problem where the user that out of every user of average user this kind of perpetuates a state of disempowerment among people and it did begin to feel like there's nothing they can do that will actually help and they also end up feeling like it's then an entirely up to the companies to take care of things and so on we just like to emphasize that and uh it it's very important to start from and the person's own priorities and understand how they themselves are using a technology and that that plays a very important role in making digital security and ultimately unfeasible in 2 companies
play a role in your research like because you you focus on conflict do you kind of take a look at this to you or is that something that's basically not part of the debate that will allow a large part of them repression
you'll probably teacher is looking at them looking at companies that provide and tools that the for questions and and back in the old days that was small arms that was you know different types of tanks that government fees and so on and so forth I think we can add companies that pro provide a governmental cell and surveillance on so that software to to governments to this list and I think I think research in this field is growing it needs to be expanded there's a question in the audience will have and here so that's exactly the questions that know of
companies that are providing that through the software to use repressive regimes in Syria and Egypt came up and on and on the receiving end of with this
images 1 as shown here more about fuels from our side like going to the bar pursuant Western like yeah but you know the repressive regimes but a lot of companies emerging for the from from their country to so in reducing looking at this in complete disbelief we swallow just you take on said basically questions next control I guess who wants to answer that 1 faced well I think that it's the pattern that we see and and that's repeating itself and in Germany
is 1 of the biggest arms exporters we make a lot of money on this and that and I think and that there's no reason to assume why should be different in in the in the field of surveillance technology might even be a little less obvious to to the public why this should be a problem especially if that sold not in the intent of the civilian protesters but surveilling you giving giving this potential for to the police for example so and so absolutely I think we need to have a much bigger debate on and on export controls and in this area is well known that the but I'm not surprised that we're not seeing it yeah the the I
haven't will ever worked on this issue for about a year so way behind in terms of trends in X controls unfortunately as a kid I came before the answer but just sort of take a step back and look problem were broadly but yeah I think
what we've got is a really for critical situation and that a lot of the earlier solutions to this work you put countries in good and bad categories that countries do this could countries do this have an interview to sell to those but not to those I don't think that that's the way things are going anymore and I'm grateful for that I did as you know the reason of course being the reason that the problem being the fact that western countries torture to us so yeah I think that again I can have I wish I could comment on the current state of export controls a lot people here can all introduce you to them out but the added I actually think that this is this is 1 of the biggest problems that we have right now as in the space yeah where collision if
I made because I mean as a matter of fact I'm on the board with report of of Reporters Without Borders the German section and we've been running a campaign against the export of surveillance technology for several years in coalition with a bunch of international NGO was like uh human rights of
some watch on Privacy International Amnesty International and others and and we have seen some effects to say the least because I mean I I but I won't go into details because different discussion here uh but there is an international agreement that's called the rationale agreement that looks into export controls for dual-use goods in terms of these kinds of software were added to that of protocol soul in in many countries that have signed on to this agreement somebody's is now all mandatory to ask for export missions if you want to export the software now there is of course a huge debate about how effective that is that's always the case when you're talking about some controlling exports of any kind of weaponry or more software in that case but of course especially if we're looking at the western countries the companies who work there usually have a high incentive to not break the law of course we all know that there are companies that break the law but they do will have to face a severe repercussions if they are caught right so at least it's a 1st step and there's some some governments are more cooperative than others and right now there's a new initiative to add some this kind of technology these the the the surveillance technology toward some of them I don't know the exact term in English but the uh on the uh be torture agreement on on the European Union level which would now another layer of control and the opportunity to war at least some have some means to limit the export of that software least from western countries who we still believe have some incentive to abide by the law of the country right OK
so much for that sorry for the mentally that it is an to the thanks for the addition because I'm gonna my questions sort of taps into that so 1st of all thanks a lot it's an amazing panel
and my question is about how an efficient are governments and laws
anyway with what we see for example with works ships and what he does with your Facebook and which we see that actually a lot of these companies are a new way of processing that sort
of you know moving our data from place to place so it also reached deprotection it also breeds safe-harbor so what is you know the efficiency of these collective agreements like you said as well as they are actually there but they're not really being a forest you know a lot of companies reciting the sea Harvard seal were not that it will be status but they're actually doing it so I was sort of I wanted to hear your take on antigens cyber security is well before that have lost how effective might be be if there already not be respected and I laugh because we talked about like topics that we're not going to touch on safe harbor was 1 of the 100 because we like we could play bingo like which basis to be probably job they have a week we agreed not to have great that's fine and because that that that a question like how do we actually implement agreements that we have the same problem with class because there's also some actually issues with dual use technologies because encryption is on there today
610 alike to have to find a way of how to implement it effectively which is a valid question and I have a personal taken that yeah the I Al-Jazeera could go and I think that and I think we can look to what has been tried already and what doesn't work and in terms of keeping companies accountable for their actions and I think
the Global Network Initiative for example is something you could point to the massive failure of in my opinion I I think that they haven't kept companies from censoring out of line and I got a call with Microsoft Bing this week it turns out they're still censoring the Middle East and without any government asking them to do so so keeping companies responsible for keeping them accountable to you and the concessions to the users is hard even when there are laws in place and and I think that we need to look for innovative solutions to that but I if I had the answer that the a millionaire well maybe I'll just briefly come back to
the security station of the topic because a lot of the time but it's 1 of the things that may make a lot of health ultimately were an effort I'm around Boston and failures when the security argument comes and unfortunately ironically if that comes in and i if someone says the word national or the 2 words national security that tends to override almost any other rationalization sometimes even human rights on although there has been good progress recently to to better document enhanced human rights that happened when these arguments around security occurred so I think the key is to make sure that any more any further discussion around security via a constructive discussion rather than 1 that shot everything else down basically since we're
running out of time on this and you want to add and as I would ask like the last question of kind of each of the panellists what's the main challenge for you a enthusiasm 50 like an excellent and what should be tackled 1st in what would you suggest would be like how can we influence this challenge that shouldn't fight in a positive way just to end on a positive note the keep making sure that the people the users are secure and making sure that people understand and we can mean and then in forward of making sure that users understandable security for themselves and if companies and governments have it then we need to we need to step up to the 2 2 positive points from the recent perspective I think the 1st was the point is that a lot of pessimism around international agreements and I think rightly so a lot of research shows that immediately work but then this new research that actually says it doesn't work immediately but it does somehow put something out there that can hold governments accountable ultimately so I think not only giving up hope on these and international removes might actually quite good and then secondly if we look at it more closely how governments using some cyber security selectively and in their and their own in their policies and we see that using it when they get we get right and they're scared because of its something's happening some them obviously and the you know people using for example social media to to mobilized against the government and and government scared that and so I think of the fact that this is the response that we seeing is because obviously something is happening and so I think that can be taken there there's a positive twist in there someone who had yeah and I guess the positive transfer us as people who work on capacity-building and in other words I'm trying to build constructive appropriate responses to big scary problems if it is that we found that actually when we get enough resources and in order to so work with communities over time and we find that that has a real facts and when we are able to train human rights defenders in a way that you're not just coming in for 5 days and then you have to go back and then you expect all these 2 people to understand the inner workings of digital security like uh and no 1 of the top experts in the world like when we're not just limited to this tiny little um artificial resource and great things can happen and therefore I would just emphasize the importance of resources for education not just the kind of education where you get a public safety notice like what would you wear of spam review where fishing like it needs to be more substantive than that so thank you for
that the thing that's really quite web of of like OK if we want to act of cybersecurity we need to build capacity in like empower people and so very happy and thank you so much for
joining the and states I really enjoyed it I have the duty and I'm getting signals that was suppressed and so things over 100 each
area rule