Bestand wählen
Merken

Ranking Digital Rights

Zitierlink des Filmsegments
Embed Code

Automatisierte Medienanalyse

Beta
Erkannte Entitäten
Sprachtranskript
and the if you want to hear it and the and
the types but due that object to the hello has today we're going
to be talking of the ranking Digital Rights project ends the findings of the 2017 corporate accountability
index i which ranks 22 Internet and telecommunications companies on their respect for freedom of expression and privacy I'm these agreements and program Manager of ranking degenerates and I'm also a visiting researcher here in Berlin at the Humboldt Institute Internet and position shaft the Hague and I'll on all men policy
and communications analyst with ranking digital rights and I'm also a fellow at the Center on Media data and society at Central
European University in Budapest cases so just to give you an overview of what we're going to cover
today our kinetic about the background of the rank Detroit's project and then talk about the methodology and process and what goes into building and of an
index like this and then we're going to talk about the findings of the 2017 index in uh the categories of governance freedom of expression and privacy and to close so we
will give recommendations for companies and recommendations for governments and then will open up for questions and you can also treat questions
that you have with the hashtag ranking right and also visit the website of making digital rights . org slash index 2017 as we go along and you will this will become clear as fairly soon but we will not be able to
cover nearly even a quarter of the data that is part of this index the we want to give a few introductory findings on such a system background to how the project came about on ranking
digital rights founder Rebecca MacKinnon wrote the book called consent of the network and it looked at this question of how can we structure technology in a way that promotes the rights and liberties of all Internet users and 1 of the key issues that she looked at in this book was the growing role that Internet and telecommunications companies play in our daily lives and the impact they have on our digital rights but unlike Governments where we have methods of accountability like collecting officials and there are more clear accountability mechanisms on there is lingering question of how can we hold of companies accountable on how can we as medicines and Internet users make sure that they're respecting our digital rights and so additionally on the UN power plots the Guiding Principles on Business and Human Rights which state that government governments have a responsibility to protect human rights but that companies and businesses in the private sector also have a responsibility to respect human rights and so an organization called the Global Network Initiative at the GNI was formed to implement these principles and
apply them to ICT companies and so companies can join the GNI and commit to uphold a certain level of standards on freedom of expression and privacy issues on and even with all these efforts there is still a gap fell and so the GNI is a voluntary organization what about the companies that don't choose to join or what about issues that the GNI perhaps doesn't are get to you aren't we also
know that rankings work as a mechanism to encourage company improvement when you compare a company to its competitor and show where there may be falling short on it it is a really important incentive on to changing that behavior and we've seen that with companies in other sectors already on so that was sort of a lot of the a background into how the project came about in 2013 OK and in the same vein I'm just as sustainable business practices have become a mainstream expectation in the environment from 1 of the
overarching goals of ranking to rights and we've heard this echoed in other spaces including the uh Mozilla Internet health reports that we really want to mainstream this idea where this expectation of Internet and telecommunications companies that are digital rights will be respected ends uh in order to provide for a sustainable digital environment I am and here is of the map of companies that we
evaluated our we this is a global index we didn't want to uh to be read in enlarged European focus American focused with and we know that the blue is where companies are headquartered but does not encompass the reach so and for example we all know that's the reach of Facebook and Google and Microsoft is worldwide and then we also wanted to get companies that were used more widely in other areas of that for example long and I had never interacted with before doing the research like cacao in South Korea or 10 cent invite you in in China alone and so we look at
3 categories of indicators and the 1st is governance and so we look at other companies to disclose a
commitment at the corporate level to respect freedom of expression and privacy so for example we look for companies to disclose that they conduct human rights impact assessments to determine the ways in which their services may infringe upon user rights and to mitigate those on so for example before launching a news service or before entering a new market that might have a negative human rights record on but also in in their day-to-day application using existing services are they understanding the risks to human rights of the users on that the services may presented and an odd in mitigating those on and surreal notice that the
GNI our companies and on that telco telecommunications industry dialog are which has recently merged with the GNI by which previously was the only telecommunications companies on organization on they tended to do better in this category than the other companies because part of that membership requires them to have this sort of corporate commitment and so the next category that we look
at is freedom of expression and we look at a wide range of issues and less on so for example on Terms of Service enforcement each company has their own rules for what content is and isn't allowed on the platforms and a lot of the times when they're enforcing these Terms of Service it's really unclear how the standards are being applied and are in we don't have very much information about the volume or nature of content that they're removing for violating the terms of service and we also look at if they require users to provide a
government-issued ID or information that would tie a user to his or her offline identity on and if they do then they are docked points on because users cannot be fully anonymous on their platforms and so finally the 3rd category that we look at is privacy
are we look for companies are for example to disclose how they are collecting using sharing and retaining user
data we look for information about how they respond to government and other 3rd party requests for user data and for them to publish things like transparency reports that have the number of those requests they receive from law enforcement and the number with which they comply action go a bit deeper into the specific privacy indicators and the results of the companies on and soon and but before then um we wanna talk
a little bit about process and what goes into making an index of of of this nature of the scale and so firstly to be clear we look at publicly available documents I'm and disclosures
um and we work with a team of international researchers based in over 19 countries around the world and this is mostly for that language purposes of for example neither of on or I speak Korean and this and that in those environments he needs that's that knowledge and also as they have the contextual knowledge so in the same vein we haven't used those products we don't know how how they are used within society that you don't have that local knowledge of the so we have 7 steps of the research process we start with a basic primary research of each researcher gets a company and goes to all 35 indicators in all 3 categories of them and then we do a secondary review so as different researcher looks at that same company and goes through its use if there's any if they I disagree with the judgment of the 1st researcher
or any of the forces your missed a piece of disclosure I'm and then we do an internal step 3 as we do an internal of review and reconciliation of those 1st 2 steps and then what we find is really important as we do a horizontal review and where where up until this point we've been looking at that company by company and and at this point we take each indicator and look at them across all companies and make sure that we're judging them equally and that were not being too strict with or more stress than other companies on on an indicator or that of researcher interpreted something differently on a specific company and then we have
preliminary draft results and this is an important part of our process because we send those staff results to each of the companies and we
offer them a chance to respond to comments on in so in some cases if there was maybe a document on the website that we missed or if they've
published a a new document that's relevant that was published after we began the research then it's an opportunity for them to point us to that and and again we're only looking at publicly available documentation so if they perhaps have a really great internal policy on for encryption or 1 of the other issues we look at that would not affect the
scorer because part of R and theory of change and part of what we're looking for is improved transparency with their policies so if the public and the users don't know it what is going on on on a given issue then they don't receive credit on not on and then we decide whether or not any new information or new contexts are merits a score change and
then we conducted another horizontal review our for quality assurance and just again nature were applying uniform standards across the board and is then we have our final score which look like that I'm so this is these are the
results from our index which was released in March of this year on the far left column is the total score which is out of a hundred and then it's broken down into governance freedom of expression and privacy the Internet and mobile companies are at the top and the telecommunications companies are at the bottom and so are the highest performing company was Google is 65 per cent of what Microsoft was a few points behind it 62 per cent on an average score for all the 22 companies was around 33 per cent so by any standard that is really a failing grade and we found that there is significant room for improvement across the board and and additionally your steps that the sum of these companies could take tomorrow or in the near future without any regulatory change or a legal on change on
these are a subset the companies themselves could take on and so for example on the and what are the lower performing companies or you which is a telecommunications company based in cut are and they actually did not have any privacy
policy that was publicly available on their website on so they didn't get any points for privacy yeah the and so
some of the key findings on that we took away from the report where as I mentioned company disclosure is really inadequate across the board on every company has areas in which they can make a significant improvement on mobile ecosystems which will talk about in a bit but have the least amount of disclosure of the services we looked at so we still don't know enough about the impact of smartphones on our digital rights and freedom of information is getting short changed so the majority of the companies we looked at published more detailed information relating to privacy than they did on our policies relating to freedom of expression handling of user information is very OK so if someone were to make a
profile on me based on the different services I use and the data that I give them and the data that they share with other 3rd parties on what would that look like what would my iPhone combined with my telecommunications mobile phone carrier combined with you know Google and Facebook and whatever other platforms I use what would someone be able to tell from all the data that I'm giving them we still don't know enough to be able to really answer that question on and
finally on 1 of the other key takeaways was that security commitments lack evidence so there may be some companies that are known for having really robust security or the the strong encryption or other things like that but if they don't make the user is aware that users don't know to what extent or even if the data is being protected and how secure they really are it so to go
into a little bit of detail and we're gonna cover 3 indicators today out of the 35 so again I do
encourage I'm going to go insane finding which indicators someone most interesting to you or that you want to find out more about but but this is key 3 so the 3rd privacy indicator of
a collection of user information and so the questions that we ask when we evaluate this indicator are does the company clearly disclose what types of user information it collects for each type of user information the company collects does a clearly disclose how it collects the information and does the company to
clearly disclose that limits the collection of user information to what is directly relevant and necessary to accomplish the purpose of a service is it not
collecting superfluous information from and this is an interesting indicator in any case cow was the South Korean company actually best of of the internet companies and a lot of the arguments you would expect when evaluating corporations on this basis and also the during the average score of 33 per cent is that our expectations are too high and that it's not achievable what we're asking more expecting of them but the fact that cacao was able to get 90 89 per cent some on this indicator and Google could only get 60 % an Apple Fellow at 29 person as of those worst scoring um in this indicator is kind of telling about what's possible and what choices these companies are making on disclosure of this 4th privacy indicator sharing of user information and so again similarly and those of a row of these so it goes from collection to sharing to
retention and actually see there that the whole average score a kind of go down as you get deeper into
into other questions but so does the company clearly this goes with it shares user information just as a basis does the company disclose which types of 3rd parties it shows information and but so what's interesting and we have seen done is does it disclose the names of all the 3rd parties with which it shares user information and so on and so 1 of the new indicators
that we looked at in this year's index was company policies for responding to data breaches i it seems like every other week in the news there's another high-profile data breach of a given
service that impacts a lot of users on a very personal level and so that's 1 of the reasons it was really surprising and and also concerning that actually have the 22 companies we look back there were only 3 they actually all telecommunications companies are Telefonica
18 t and Vodaphone were the only 3 out of all 22 companies to disclose information about the processes for responding to data breaches so usually in after a data breach a company may put out a press release or a blog poster will speak to to the media or will maybe e-mail users that were affected on but this is different than a comprehensive policy that expresses a commitment to always respond come in a certain way on ended and so we look for companies to disclose that they'll notify the relevant authorities without delay the bill notify data subjects who may have been affected and we look for them to disclose ways that they will try to mitigate the impact of the breach and so it's also important to note that a lot of these
companies are operating in countries that do have laws governing response to data breaches so they may be legally of thought are required to notify authorities were users and all this doesn't mean that they're not doing that on but it means that they're not disclosing to users that this is what they do and users shouldn't need to be experts in data breach response law our data protection law of a given country to know you know if they're secure in their data and to have that sense of security and so on I
1 of the other new areas we looked at this year was mobile ecosystems answer so by that we mean the combination of the device the operating system
of your smartphone your user profile and the App Store are where you download your act so for Apple that would be your iPhone your Apple ID I O S and Apple App Store and we found that all 3 companies we looked at Apple Google and trade and the
Samsung implementation of Android all 3 failed to disclose on sufficient policies on held a sufficiently disclose policies affecting users freedom of expression and privacy rights so Google as you can see from this graph outperforms both Apple on the left and Samsung on the right in all 3 categories on but really over all this is the category we soloists disclosure on and we also found that app stores are points for freedom of expression so an app
company with an app store might receive a request from government on so the Chinese government requests for Apple to remove the New York Times Apr from its App Store for users in China and we want to know you know what is Apple's response corresponding to this request how many of these types of opacity received how many did they comply with and we still don't have enough information about that process on and additionally appstores don't provide clear disclosure about whether they enforce their
privacy policy rules for app developers so any app developer making an app that collects user information should have a privacy policy for how they treat that information and additionally source should
provide evidence that they're removing apps that don't have sufficient privacy policies and that's another thing that we haven't seen yet and so and of the other really interesting things from this year's report was for the 1st time we looked
at 2 Russian companies and to Chinese companies and so for China we looked at by do and 10 cents and the Russia we looked at me and mailed out are you and on this really allowed us to examine if there are areas in which these companies do you have room to increase their disclosure so obviously these are very restrictive legal
environments for both freedom of expression and our privacy issues on but we found that by looking at the gaps in scores between the 2 Chinese companies and the 2 Russian companies it showed that they actually do you have some degree of flexibility on certain issues to decide how much information to disclose and what their policies are so for example yandex ended up
outperforming mailed out are you on several security indicators which would mean that despite the restrictive legal environment Mail . ru could still improve its disclosure the
case element and then the other from this whole study we have some general recommendations that we can offer to companies so I'm from our findings we
recommend that companies carry out risk assessments for freedom of expression and privacy and show evidence that the company has
institutionalized commitments on the transparent and accountable not only about government request but also private requests and Terms of Service enforcement so this is about transparency reporting and communicate clearly about what happens to users information we saw already in the 2 indicated the 3 indicators that we covered that there's a lot that could be done and there's a lot that's not being done and we really don't have enough information about the data that was collected and establish effective grievance and remedy mechanism so when someone's digital rights are violated there is a mechanism in which that they can report this and communicate with the company and if damages
done that there is a remedy mechanism in place I'm and provide evidence of strong security practices so
this is even if companies have really strong security practices they should disclose that information additionally
and so we also provide recommendations for Governments aren't to promote committee transparency and to remove legal restrictions that may be preventing companies from disclosing more about what they're doing with user information so we I believe that laws and regulations must at least enable if not require companies to respect user rights on also maximize transparency from companies about things like content restrictions and requests are were sharing user data with 3rd parties and governments themselves to be accountable and transparent about requests they make on companies both restrict content are and also for user information so that's that so we
have a we have a little bit of time for questions but again would really encourage you to review our full report we can find more information about the issues recovered and all the other indicators that thinking a right that words flash index 2017 thank thank
you
few minutes for questions we have if you have a question resumed now is the time yeah no you no 1 and OK so thanks for coming to stay if you want to play again of whether you want you don't punish by the thank you very much here to
the if my weight room
Objekt <Kategorie>
Rechter Winkel
Digitalisierer
Datentyp
Regulärer Ausdruck
Projektive Ebene
Ranking
Datenmissbrauch
Neue Medien
Computeranimation
Zentralisator
Telekommunikation
Datenmissbrauch
Ortsoperator
Digital Rights Management
Besprechung/Interview
Ranking
Entartung <Mathematik>
Internetworking
Neue Medien
Arithmetischer Ausdruck
Automatische Indexierung
Rechter Winkel
Digitalisierer
Optimierung
Arithmetischer Ausdruck
Datenmissbrauch
Prozess <Physik>
Rangstatistik
Kategorie <Mathematik>
Automatische Indexierung
Besprechung/Interview
Projektive Ebene
Datenmissbrauch
Computeranimation
Web Site
Automatische Indexierung
Rechter Winkel
Ranking
Computeranimation
Telekommunikation
Selbst organisierendes System
Besprechung/Interview
Ranking
Computeranimation
Internetworking
Überlagerung <Mathematik>
Datennetz
Endogene Variable
Elektronischer Programmführer
Leistung <Physik>
Kraftfahrzeugmechatroniker
Internetworking
Datennetz
Plot <Graphische Darstellung>
Telekommunikation
Physikalisches System
Ranking
Mechanismus-Design-Theorie
Software
Datenstruktur
Rechter Winkel
Automatische Indexierung
Digitalisierer
Mereologie
Projektive Ebene
Internetworking
Kraftfahrzeugmechatroniker
Datenmissbrauch
Selbst organisierendes System
Telekommunikation
Ranking
Mechanismus-Design-Theorie
Quick-Sort
Computeranimation
Übergang
Software
Arithmetischer Ausdruck
Erwartungswert
Datenstruktur
Rangstatistik
Rechter Winkel
Datennetz
Projektive Ebene
Hill-Differentialgleichung
Programmierumgebung
Standardabweichung
Telekommunikation
Facebook
Dienst <Informatik>
Twitter <Softwareplattform>
Fokalpunkt
Raum-Zeit
Computeranimation
Internetworking
Mapping <Computergraphik>
Erwartungswert
Digitalsignal
Flächeninhalt
Automatische Indexierung
Rechter Winkel
Ordnung <Mathematik>
Programmierumgebung
Verkehrsinformation
Datenmissbrauch
Kategorie <Mathematik>
Datenmanagement
Kartesische Koordinaten
Mechanismus-Design-Theorie
Hinterlegungsverfahren <Kryptologie>
Datenmissbrauch
Computeranimation
Übergang
Spannweite <Stochastik>
Hinterlegungsverfahren <Kryptologie>
Datensatz
Negative Zahl
Arithmetischer Ausdruck
Web Services
Automatische Indexierung
Rechter Winkel
Adressraum
Implementierung
Telekommunikation
Selbst organisierendes System
Natürliche Zahl
Content <Internet>
Regulärer Ausdruck
Datenmanagement
Identitätsverwaltung
Element <Mathematik>
Term
Systemplattform
Hinterlegungsverfahren <Kryptologie>
Datenmissbrauch
Computeranimation
Hinterlegungsverfahren <Kryptologie>
Spannweite <Stochastik>
Arithmetischer Ausdruck
Web Services
Datennetz
Adressraum
Spezifisches Volumen
Implementierung
Prozess <Informatik>
Content <Internet>
Kategorie <Mathematik>
Telekommunikation
Schlussregel
Quick-Sort
Mechanismus-Design-Theorie
Spannweite <Stochastik>
Netzwerkverwaltung
Mereologie
Information
Term
Standardabweichung
Datenmissbrauch
Punkt
Gemeinsamer Speicher
Kategorie <Mathematik>
Nichtunterscheidbarkeit
Information
Systemplattform
Datenmissbrauch
Computeranimation
Resultante
Umwandlungsenthalpie
Zentrische Streckung
Datenmissbrauch
Bit
Prozess <Physik>
Automatische Indexierung
Natürliche Zahl
Gruppenoperation
Zahlenbereich
Information
Drei
Verkehrsinformation
Computeranimation
Punkt
Prozess <Physik>
Forcing
Automatische Indexierung
Kategorie <Mathematik>
Formale Sprache
Besprechung/Interview
Biprodukt
Normalspannung
Programmierumgebung
Computeranimation
Resultante
Web Site
Chiffrierung
Prozess <Physik>
Prozess <Informatik>
Rückkopplung
Stab
Mereologie
Computeranimation
Natürliche Zahl
Mereologie
Mathematisierung
Information
Kontextbezogenes System
Whiteboard
Physikalische Theorie
Computeranimation
Standardabweichung
Resultante
Internetworking
Automatische Indexierung
Telekommunikation
Datenmissbrauch
Punkt
Gewichtete Summe
Mobiles Internet
Mathematisierung
Telekommunikation
Twitter <Softwareplattform>
Computeranimation
Internetworking
Gradient
Teilmenge
Arithmetischer Ausdruck
Emulation
Automatische Indexierung
Total <Mathematik>
Minimum
Mobiles Internet
Facebook
Schnitt <Graphentheorie>
Standardabweichung
Internetworking
Automatische Indexierung
Datenmissbrauch
Bit
Punkt
Mobiles Internet
Telekommunikation
Information
Twitter <Softwareplattform>
Whiteboard
Computeranimation
Arithmetischer Ausdruck
Web Services
Whiteboard
Emulation
Flächeninhalt
Rechter Winkel
Digitalisierer
Total <Mathematik>
Computersicherheit
Mobiles Internet
Facebook
Information
Smartphone
Verkehrsinformation
Telekommunikation
Facebook
Web Services
Freier Ladungsträger
Systemplattform
Benutzerprofil
Computeranimation
Bit
Computersicherheit
Information
Hinterlegungsverfahren <Kryptologie>
Computeranimation
Inverser Limes
Chiffrierung
Whiteboard
Automatische Indexierung
Typentheorie
Computersicherheit
Mobiles Internet
Maßerweiterung
Datenmissbrauch
Automatische Indexierung
Datentyp
Besprechung/Interview
Information
Information
Drei
Parametersystem
Datenmissbrauch
Gemeinsamer Speicher
Besprechung/Interview
Information
Computeranimation
Inverser Limes
Internetworking
Erwartungswert
Datensatz
Web Services
Vier
Mehrrechnersystem
Automatische Indexierung
Typentheorie
Datenverarbeitung
Basisvektor
Information
Auswahlaxiom
Automatische Indexierung
Typentheorie
Basisvektor
Datentyp
Besprechung/Interview
Information
Information
Computeranimation
Kreisbogen
Internetworking
Telekommunikation
Web Services
Prozess <Informatik>
Automatische Indexierung
Adressraum
Computeranimation
Übergang
Autorisierung
Expertensystem
Datenmissbrauch
Prozess <Physik>
Prozess <Informatik>
Web log
Computersicherheit
Gesetz <Physik>
Hinterlegungsverfahren <Kryptologie>
Computeranimation
Neue Medien
Arithmetisches Mittel
Adressraum
Endogene Variable
Information
App <Programm>
Flächeninhalt
Netzbetriebssystem
Schaltnetz
Speicher <Informatik>
Smartphone
Datenmissbrauch
Benutzerprofil
Computeranimation
Humanoider Roboter
App <Programm>
Softwareentwickler
Datenmissbrauch
Punkt
Graph
Kategorie <Mathematik>
Implementierung
Übergang
Humanoider Roboter
Datenmissbrauch
Computeranimation
Schlussregel
Arithmetischer Ausdruck
Rechter Winkel
Endogene Variable
Datentyp
Mobiles Internet
Punkt
Information
Speicher <Informatik>
Humanoider Roboter
App <Programm>
Datenmissbrauch
Softwareentwickler
Schlussregel
Übergang
Quellcode
Datenmissbrauch
Computeranimation
Schlussregel
Mobiles Internet
Punkt
Information
Softwareentwickler
Verkehrsinformation
Automatische Indexierung
Datenmissbrauch
Arithmetischer Ausdruck
Minimalgrad
Flächeninhalt
Information
Programmierumgebung
Computeranimation
Beobachtungsstudie
Automatische Indexierung
Computersicherheit
Ablöseblase
Element <Mathematik>
E-Mail
Programmierumgebung
Computeranimation
Soundverarbeitung
Kraftfahrzeugmechatroniker
Datenmissbrauch
Übertrag
Information
Mechanismus-Design-Theorie
Hinterlegungsverfahren <Kryptologie>
Datenmissbrauch
Computeranimation
Arithmetischer Ausdruck
Rechter Winkel
Automatische Indexierung
Digitalisierer
Computersicherheit
Information
Term
Verkehrsinformation
Kraftfahrzeugmechatroniker
Content <Internet>
Extrempunkt
Computersicherheit
Besprechung/Interview
Information
Gesetz <Physik>
Service provider
Computeranimation
Gesetz <Physik>
Rechter Winkel
Information
Drei
Regulator <Mathematik>
Beweistheorie
Bit
Rechter Winkel
Automatische Indexierung
Wort <Informatik>
Information
Verkehrsinformation
Computeranimation
Gewicht <Mathematik>
Normalvektor

Metadaten

Formale Metadaten

Titel Ranking Digital Rights
Untertitel Internet and Telco companies’ respect for Privacy and Freedom of Expression
Alternativer Titel RDR 2017 Findings: Internet and Telco companies’ respect for Privacy and Freedom of Expression
Serientitel re:publica 2017
Autor Gutermuth, Lisa
Ullman, Ilana
Lizenz CC-Namensnennung - Weitergabe unter gleichen Bedingungen 3.0 Deutschland:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen und das Werk bzw. diesen Inhalt auch in veränderter Form nur unter den Bedingungen dieser Lizenz weitergeben.
DOI 10.5446/33129
Herausgeber re:publica
Erscheinungsjahr 2017
Sprache Englisch

Inhaltliche Metadaten

Fachgebiet Informatik
Abstract Ranking Digital Rights (RDR) recently launched its second annual Corporate Accountability Index in March 2017, which evaluates 22 internet, mobile, and telecommunications companies on commitments, policies and practices affecting users’ freedom of expression and privacy. We will take this opportunity to present the findings to the Re:publica community and discuss actions that companies, activists, researchers, investors, and end-users can take for improvement.

Ähnliche Filme

Loading...
Feedback