Surveillance by Design
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Title of Series | ||
| Number of Parts | 132 | |
| Author | ||
| License | CC Attribution - ShareAlike 3.0 Germany: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this | |
| Identifiers | 10.5446/33538 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | ||
| Genre | ||
| Abstract |
|
00:00
WindowDirected setMathematical analysisFrequencyTheory of relativityQuicksortDifferent (Kate Ryan album)XMLLecture/Conference
00:42
Multiplication signVirtual machineSelf-organizationRight angleDigitizingLecture/Conference
01:27
Multiplication signTelecommunicationComputer animationLecture/ConferenceMeeting/Interview
01:54
TelecommunicationInternetworkingMultilaterationSurface of revolutionOpen setMathematicsTransformation (genetics)2 (number)Mobile WebData storage deviceComputer animation
02:36
InformationMathematicsPhysical lawMereologyMultiplication signInternetworkingWeb 2.0InformationPower (physics)WikiMeeting/Interview
03:07
MereologyWeb 2.0Product (business)CollaborationismSurfaceElement (mathematics)WordUser-generated contentLecture/ConferenceMeeting/Interview
03:34
FreewareFacebookProduct (business)Information systemsInternetworkingWordTransformation (genetics)Data miningResultantElement (mathematics)User-generated contentCombinational logicComputer animation
04:02
WordInternetworkingLine (geometry)Combinational logicInformationSoftwareVirtual machineInternet der DingeInformation privacyInternetworkingLecture/Conference
04:28
Physical lawElectric power transmissionDigitizingUniform resource locatorInformationMobile WebCloud computingService (economics)Lecture/Conference
04:53
Mobile WebPoint cloudData storage deviceComputer networkEmailArithmetic meanService-oriented architectureInformation privacyFacebookRule of inferenceAxiomInformationComputer animationLecture/Conference
05:28
Game controllerPhysical lawRegulator geneInformation privacyFlow separationProduct (business)Service (economics)Computer animationLecture/Conference
06:09
TelecommunicationCopyright infringementSign (mathematics)Lecture/ConferenceMeeting/Interview
06:39
Information securityMereologyDefault (computer science)Information securityTelecommunicationComputer animation
07:04
MereologyInformation securityGame theorySummierbarkeitRight angleMultilaterationData storage deviceProgramming paradigmShift operatorLecture/ConferenceMeeting/Interview
07:38
InformationTelecommunicationSound effectState of matterDirection (geometry)MultilaterationComputer animation
08:08
TelecommunicationBitPoint (geometry)System callAuthorizationOffice suiteSurface of revolutionMultiplication signEmailLecture/ConferenceMeeting/Interview
09:21
Data storage devicePattern recognitionProjective planeType theoryDefault (computer science)Lecture/Conference
09:51
Data miningTerm (mathematics)FrequencyExtension (kinesiology)Arithmetic meanLatent heatShift operatorInformationDefault (computer science)Multiplication signComputer animation
10:30
Data miningCarry (arithmetic)AdditionCodecCivil engineeringProxy serverInformationInformation privacyLecture/ConferenceComputer animation
11:08
SoftwarePhysical lawTelecommunicationData centerMeeting/Interview
11:56
Carry (arithmetic)Denial-of-service attackAuthorizationFlow separationDatabaseDirection (geometry)Set (mathematics)Default (computer science)Lecture/Conference
12:35
Default (computer science)Service (economics)Information securityProduct (business)Personal digital assistantTelecommunicationCASE <Informatik>Set (mathematics)Point (geometry)Order (biology)Service (economics)Default (computer science)Speech synthesisPhysical lawLecture/ConferenceComputer animation
13:09
Musical ensembleStandard deviationTelecommunicationInternet service providerGoogolBackdoor (computing)Service (economics)Product (business)Inclusion mapReal-time operating systemFacebookCharge carrierTwitterLecture/Conference
14:13
Product (business)Point (geometry)MalwareNumberLecture/Conference
14:40
SoftwareContent (media)Computer virusData managementEmailOperator (mathematics)MalwareNeuroinformatikIntercept theoremInstance (computer science)Functional (mathematics)NumberInternettelefonieType theoryAuthorizationWebcamInformationComputer animationLecture/Conference
16:11
Information securityPhysical lawTerm (mathematics)Order (biology)Information privacySummierbarkeitLecture/Conference
16:53
AuthorizationIntercept theoremTraffic reportingPhysical lawInternetworkingLine (geometry)Point (geometry)Speech synthesisMeasurementInformation securityTerm (mathematics)System callInformationAddress spaceComputer animationLecture/ConferenceMeeting/Interview
18:31
Information privacyCASE <Informatik>Process (computing)Civil engineeringInformation securityPhysical lawMeasurementInformation technology consultingLecture/Conference
19:06
Process (computing)Information privacyInformation technology consultingAuthorizationCivil engineeringPhysical lawMultiplication signVector potentialModal logicDirection (geometry)Physical systemComputer animationMeeting/InterviewLecture/Conference
20:26
Structural loadRight angleNumberCivil engineeringInformationDirection (geometry)Physical lawStandard deviationTerm (mathematics)Lecture/Conference
21:18
Term (mathematics)InformationRegulärer Ausdruck <Textverarbeitung>Information privacySystem administratorStandard deviationCASE <Informatik>FacebookProduct (business)Service (economics)InformationTelecommunicationObservational studyMultiplication signComputer programmingGroup actionInformation and communications technologyRight angleLecture/ConferenceMeeting/Interview
23:08
InformationsgesellschaftVector potentialInternetworkingOpen sourceLecture/Conference
23:40
MereologyMereologyMeeting/InterviewLecture/Conference
24:11
Open setStandard deviationFundamental theorem of algebraInformation technology consultingRule of inferenceArithmetic meanMeasurementStandard deviationPhysical lawRight angleCivil engineeringTelecommunicationSound effectRegular graphComputer animationLecture/Conference
25:18
Traffic reportingAuthorizationNumberRegular graphTelecommunicationBasis <Mathematik>State of matterNormal (geometry)Physical lawDrop (liquid)TwitterLecture/ConferenceMeeting/Interview
25:55
State of matterPower (physics)Information privacyState of matterVideoconferencingAxiom of choiceField (computer science)ResultantCASE <Informatik>Office suiteLecture/ConferenceComputer animationMeeting/Interview
26:48
TelecommunicationEntire functionInformationRight angleField (computer science)Lecture/Conference
27:19
Direction (geometry)Maxima and minimaInformationPoint (geometry)Regulator geneInformation privacyLecture/ConferenceMeeting/Interview
27:45
Latent heatMaxima and minimaRegulator geneInformationStandard deviationOperator (mathematics)Lecture/ConferenceComputer animation
28:15
Medical imagingFrequencyTheory of relativityProfil (magazine)Lecture/ConferenceMeeting/Interview
28:43
Control flowRadio-frequency identificationInformation privacyEmailEncryptionGame controllerMereologyTerm (mathematics)Dependent and independent variablesTelecommunicationIntegrated development environmentLecture/Conference
29:15
Multiplication signTelecommunicationMessage passingInternetworkingEmailLecture/ConferenceMeeting/Interview
30:04
Information privacyCollaborationismLecture/ConferenceComputer animation
30:35
Structural loadRight angleDigitizingSelf-organizationGroup actionInformation privacyRepresentation (politics)WebsiteCuboidCoalitionRegulator geneComputer configurationLecture/ConferenceMeeting/Interview
32:06
Level (video gaming)CuboidLecture/Conference
32:35
Computer animationXML
Transcript: English(auto-generated)
00:03
I'm going to switch to English now, since it's an American speaker. Canadian? Oh, I'm sorry. That's almost an insult, right?
00:22
It's just a different country, that's all. Big difference, I know. Her name is Regan McDonald, and she's going to talk about surveillance by design. And yeah, I'm going to leave it up to you. Thank you. Applause, please.
00:41
Hi, everyone. So the first thing that I'll say, if you were in the discussion before and you did understand German, I will say forget everything that Kirsten and Alex just told you. I'm Regan. I'm originally from Canada. I work with an organization called Access.
01:01
It's an international NGO that defends the digital rights of users around the world. And I head up the Brussels work. So I've been based in Brussels in the heart of the European Union's sausage-making machine. So today I want to talk to you about surveillance by design. And just a note, I know it's a little bit late, and I'm standing between you and beer.
01:26
So I will try to be as brief as possible and hopefully allow for some time for discussion and questions. So I will just do a short introduction, and then I want to walk you through the foundational principles of surveillance by design
01:42
and then conclude with what we need and what we can do to make the situation better. So it's quite obvious to say that the explosion of electronic communications has affected us and continues to affect us in ways that we're still not even yet conscious of.
02:00
But the pace of the change is something that is definitely something to note. For example, the invention of modern electronic communications, the telegraph, was in 1844. And the telephone came three decades later. But the second communications revolution, which happened in the 90s, which was basically the opening of the internet to commercial traffic,
02:25
the massive laying down of fiber optic cables around the world, and the worldwide adoption of mobile phones, took place in roughly 10 years. These massive transformations basically happened overnight. So laws are not able to keep up with these changes, which is a big part of why we found ourselves in this situation.
02:47
And then there was you. In 2006, Time magazine made you the person of the year. It was the dawn of the age of Web 2.0. Web 2.0 was a new way of interacting with the internet.
03:00
It focused on user power and user-centered design. It was about information sharing, social networking, interoperability, collaboration, and wikis. No longer would the individual be a passive consumer, but they would also have a part in the production. So there were buzz words like the prosumer, because Web 2.0 meant that individuals would have both instead of just being a consumer.
03:30
But when you scratch the surface on Web 2.0, you realize that our participatory element is not actually measured through user-generated content
03:41
or our value in producing, but actually through the mining and harvesting of our data. So today, in 2013, we're undergoing another transformation and taking another step forward. We have new buzz words, such as big data, which is the result of the combination of myriad pieces of information,
04:05
which continue to blur the line between what is personal data and what is public data. The Internet of Things, where more and more devices are becoming connected to the network, from your fridge to your alarm clock to your washing machine.
04:21
By 2020, people have estimated that there will be 100 billion internet-connected devices. This emerging digital power grid will be run on cloud computing services. This means that the origin of the data being processed and the location in which it is stored
04:41
might have conflicting laws that govern the protection of that information. When you combine this with the prevalence of mobile technology, what this means is that every minute of every day, we are basically hemorrhaging data.
05:02
This also means that it's much easier for third parties to get access to any and all of that information, whether it's companies, some we might know, like the Facebooks and the Googles, and others that we don't know, like large data brokers such as Axiom or government agencies.
05:23
The European Commission has proposed last year a proposal to update the privacy rules in Europe through a data protection regulation. This law would, among several things, give individuals much more control over their personal data and encourage accountability and transparency among public and private bodies that control your data.
05:49
My personal obsession in the privacy data protection regulation is privacy by design. This is a feature in the proposal. And it's the concept where government public and private bodies basically bake privacy
06:06
into the products and services and policies about personal data. This is a very welcome step, but when you take a step back and you look at the big picture and the way our communications infrastructure is built,
06:22
you see that there are flaws in the design of our communications ecosystem. And there are two main problems with surveillance by design. Not only does excessive surveillance infringe on our rights and undermine our ability to be able to trust the technology that we have come to depend on for our day-to-day lives,
06:43
but a communications infrastructure that is built with surveillance as the default in fact undermines our security. So that's the introduction, and now I want to walk through the six foundational principles. They are proactive and retroactive policing, surveillance as the default setting,
07:07
end-to-end insecurity, zero-sum game, opaque and undemocratic policymaking, and no respect for user rights. I'll go through them, and there will be a quiz later. So the first one.
07:21
The use of more and more intrusive surveillance techniques by public bodies has resulted in two distinct paradigm shifts in policing, proactive and retroactive policing. The first one, as the collection and storage of data becomes much cheaper and much easier,
07:40
law enforcement is increasingly prone to collect first and ask questions later. The Data Retention Directive is a primary example of this. It was passed in 2005 in the European Union, came into effect in 2006, and basically mandates that all telecommunications information is stored from between six months to two years, depending on the member state.
08:06
This blanket retention of all of our communications data threatens the backbone of democratic societies by removing the presumption of innocence and treating us as what would be criminals or maybe suspected criminals.
08:22
The second point is that a little bit of data actually says a lot about us. In the old days, before the communications revolution, law enforcement could listen into our phone calls or even read our emails. This often paid a heavy toll on resources for time and money
08:41
to pay all of these police officers to listen to certain phone calls. But with the ubiquity of technology, traffic data, which is collected under the Data Retention Directive, which includes the calls that you make, to whom, what time, can in fact reveal an awful lot about us, our habits and our relationships.
09:03
In many jurisdictions, getting access to traffic data also requires much less judicial authorization, so it's much easier to get at. Finally, behavioral surveillance. Centralizing surveillance techniques. Law enforcement seeks to predict criminal behavior.
09:24
Projects such as INDECT in the EU, which are underway right now, and through combining these surveillance techniques and types of data, such as face recognition technology, traffic data, and social networking data, plus CCTV cameras and even camera drones,
09:41
we are all increasingly classified as pre-criminals in the eyes of law enforcement. It's also when collection and storage of data is the default. This represents another shift because meaning is derived retroactively from this information.
10:02
Where before law enforcement could search for a specific individual or person of interest, they would define what's called a schema and apply this to the search terms. What happens now is that the schema can be determined after the data has been collected and stored for several years.
10:22
Considering the various amounts of data that can be collected, analyzed, and stored for extended periods of time, we are increasingly vulnerable to future crimes. In essence, it really begs this question, how are we to be sure that what is okay today will not be okay tomorrow and will not be used against us?
10:44
In addition to this, there are increasing tendencies to minimize the accountability of both law enforcement and private bodies, which governments use to access and to get to our information. Kind of like a proxy of government surveillance.
11:04
Many suspicions of civil society were actually recently confirmed when the Electronic Privacy Information Center, or EPIC, based in D.C., discovered that the U.S. Department of Justice has been issuing what's called 2511 letters to AT&T and other large companies
11:22
that would basically give them legal immunity to carry out surveillance of communications of their networks that would likely be illegal under U.S. law. Ultimately, this lack of judicial and ethical oversight over communication surveillance means that there is a problem.
11:45
On top of that, it is subject to abuse. When you actually come down to it, who is managing and running these data centers are actually just humans, and humans are flawed creatures. There is already several examples of abuse of these databases in Europe from the Data Retention Directive.
12:07
Some law enforcement authorities maybe want to use it to look up an ex-girlfriend or to look up an ex-wife or a potentially cheating husband. And this is also apparently a growing problem in Ireland. The Irish Minister recently urged the law enforcement authorities in Ireland to stop using the police database
12:27
as what he called a social network. So the second one is surveillance as the default setting. Increasingly, the products and services that we use every day are modified in order to allow for surveillance,
12:43
which fundamentally weakens the security of the services that we are supposed to depend on. Case in point, the Communications Assistance for Law Enforcement Act, or CALEA. There's a lot of acronyms in my speech, so I apologize.
13:03
This is a U.S. domestic law, and I do actually have some U.S. examples, but I only say this because the U.S. in many ways is kind of a standard setter, whether good or bad in this sense. And the CALEA has implications for all of us in Canada and the EU
13:21
since we're mostly using U.S.-made products and services. The CALEA mandates that all telecommunications carriers and manufacturers of equipment have to modify and design this equipment, facilities, and their services to ensure that they have built-in surveillance capabilities.
13:42
So basically, all of the products are made with backdoors in them. What's worse is that there have been discussions in the United States about expanding the scope of CALEA to CALEA II, which would actually include large service providers like Google or Twitter or Facebook to have them build in real-time wiretapping capabilities
14:04
and have them suffer large fines if they do not comply with these wiretapping requests. So we're halfway through the principles. Number three, when we're already starting at a point of insecurity
14:22
by using products that are built with backdoors, this makes us much more vulnerable to attacks such as malicious software and other surveillance techniques that are easily set loose on us, often by our own governments. The first example of this is Deep Packet Inspection, or DPI.
14:42
Deep Packet Inspection is a filtering technique that examines the contents of data packages that are transmitted across the network. This is a tool commonly used for traffic management, so to clean up viruses and spam, et cetera, but it can also be tweaked as a tool to spy and surveil on citizens.
15:02
This, for instance, was one of the pillars of the Tunisian Ben Ali's regime, which they used to spy on citizens but also to even modify emails. Another toy frequently used by dictatorships and democracies alike is malicious software, or malware.
15:23
These types of software can be used for a number of things, to disrupt computer operations, gather sensitive information, or just gain full access to an end user's computer. In 2011, the Chaos Computer Club in Germany has alleged that the German law enforcement authorities
15:43
were actually deploying Trojans on their population, the so-called Bundestrajana. I think I butchered that, but... This is government-designed software that is made to intercept voice-over IP calls, also on Skype, for example,
16:01
but the software's functionality extends far beyond that and includes even keystroke logging and having access to webcams. Much of the discourse around surveillance laws or national security or terrorism, et cetera,
16:23
is often mistakenly framed in terms of privacy versus security, this concept that we have to lose one in order to gain the other. And this highly flawed approach creates a kind of lose-lose situation for us, for citizens, where we're actually left in the end with neither privacy nor security,
16:44
and the ultimate sum is zero. A perfect example of this is a Canadian. Everyone says that Canadians are nice, but that one is not. That's Vic Taze.
17:01
He's the public safety minister in Canada. And the justification for intrusive surveillance laws often kind of blur these lines between terrorism, national security, whether it's fighting paedophiles, serious crime or just crime. The problem and proposed solution and the scope of the measures
17:22
are left unanswered. In Canada, there was a so-called lawful interception bill that has been proposed in the government since 2009 called Bill C-30, or the Protecting Children from Internet Predators Act, a very controversial bill in Canada.
17:42
This would have basically given Canadian law enforcement authorities warrantless access to user information, including IP address, search history, everything. The bill was luckily struck down because there was huge protest from citizens,
18:01
not only because the government was calling warrantless surveillance lawful access, which is a big problem, but also because it came with an accompanying report which revealed that the scope of the bill would have went far beyond paedophiles and would have included terrorism, national security and even a vague term called low-level violence.
18:24
I have no idea what that means in Canadian speak. It could be anything. So the fifth point is that with the zero-sum approach, where privacy and security are pinned against one another, this is what allows a lot of questions to go unanswered.
18:45
And this is particularly the case for civil liberties issues. Many laws are therefore able to kind of slip through the democratic process with very little public discourse and care for the actual impacts of such surveillance measures.
19:02
Again, I say Bill C-30 in Canada, it never once sought consultation from the federal nor any of the provincial data protection authorities, not to mention any academics or anyone from civil society. These laws are often proposed during times of crisis
19:24
or immediately after some terrible tragedy, which means that the potential collateral damage is often ignored. Some of the most intrusive surveillance bills have passed in this way. We all know about following 9-11 in the US was the Patriot Act,
19:40
but also in Europe, the Data Retention Directive, which basically followed very closely after the London and Madrid bombings in 2004. Now, I have been working in Brussels for the past few years and focusing on Brussels policy. And the Data Retention Directive passed from 2005 to 2006,
20:04
which to me is one of the fastest directives that has ever made it through that complex bureaucratic system. And what's worse, to this day, the European Commission has still not been able to provide any real evidence to show the necessity or proportionality of data retention.
20:27
So when the debate, or lack thereof, is framed in these terms, laws enabling greater surveillance pass, such as the Data Retention Directive. There are a number of basic human rights
20:41
and civil liberties that are infringed or ignored, which among other things, actually greatly reduces the ability of citizens to one, be aware of the surveillance laws, and to two, challenge them. These laws are rarely given back. Once the rights are taken away,
21:00
they are very seldomly given back to us. So here are a number of, some of the civil liberties implications. One of the, an example is the right to access information. A very dangerous standard, or upsetting standard, was recently set in the United States
21:21
by the Supreme Court of Justice in a case called Clapper versus Amnesty. Basically in the US, under the Bush administration, the National Security Agency was warrantlessly wiretapping its own citizens. Amnesty International had strong suspicions for a long time,
21:42
and perhaps rightfully so, that they might have been kind of wrapped up into this warrantless surveillance. They were worrying that they might have been implicated. So by asking for more information, the Supreme Court actually finally ruled in this case that the International Human Rights Group
22:02
actually had no standing to challenge the program, to challenge the NSA, basically because they couldn't actually prove that they were being tapped or surveilled by a secretive and illegal wiretapping program. This is exactly the kind of example that I mean
22:21
when I say that surveillance by design pulls at the fabric of our societies, because it undermines rights, it undermines the trust that we have, not only in the services and the products that we use, but in our own democracies. More and more, we're dependent on these communication technologies,
22:41
and it's almost like we're getting accustomed to these surveillance flaws. We're getting accustomed to not trust the services that we use. For example, a recent study showed that 71% of Facebook users, which now has 1.1 billion active users, self-censor themselves on the social network,
23:01
because they have basically no idea what, how much, and who has access to their personal information. Is this acceptable? No. Absolutely not. The Internet is one of the most fantastic tools that can give us so much potential for liberation,
23:25
but it has an equal potential to unravel our free and democratic societies. What we have to do is make sure that we are creating digital societies where the technology actually works for us and not against us.
23:42
So how do we do that? This is the hard part. We need four things, basically. Healthy public discourse, research and fact-based policymaking, transparency,
24:00
and more targeted and accountable solutions for law enforcement. So the first one, healthy public discourse. The backbone of any sound policymaking rests upon open consultation with all relevant stakeholders. It also depends upon credible research, proven facts,
24:24
and, of course, well-defined problems and solutions. These measures that would or could warrant communication surveillance must focus first on the actual efficacy, whether or not this measure or this law
24:42
would actually work or be a real benefit to law enforcement before we even get into the civil rights issues. And there's always international standards and national laws, the International Covenant of Civil and Political Rights, Universal Declaration of Human Rights, and in Europe the Charter of Fundamental Rights,
25:01
just to name a few standards. The second thing is transparency. As a basic rule, companies and governments must be transparent about requests for user data and the surveillance that they are mandating. Some companies already do produce regular transparency reports,
25:23
like Google or Twitter, Dropbox, and Microsoft recently started, and a few others, but this has to become the norm. States as well must be transparent about the use and scope of communication surveillance. This includes publishing these reports on an annual basis
25:42
with aggregate numbers of requests and how law enforcement authorities are conforming with domestic and international laws. Increasingly, privacy is power, so if the government must watch us,
26:02
then we should watch the government too. This is already an interesting experiment that's happening in some states in the United States. Through this experiment, they have asked law enforcement to start wearing life-logging technologies or tiny cameras, both on their person and on their tasers,
26:22
which is the weapon of choice for most police officers. The video footage is actually accessible to the public, to anyone who wants to see it. The results of this kind of two-way surveillance actually show that it has benefited
26:40
the relationship between the police and the citizenry. It's kind of like leveling the playing field. The third one. Instead of putting an entire citizenry under full-scale surveillance, other techniques are possible and in fact have shown the ability to meet the needs of law enforcement
27:02
without grossly undermining our rights. For instance, data preservation instead of blanket retention. Most telecoms actually do end up storing some information for a few months and then delete it. In fact, in the Commission's attempts to justify
27:21
the Data Retention Directive, the examples of when retained data was useful to them. They were actually citing mostly information that was not retained under the Data Retention Directive but retained by telcos for another reason. Second point is data minimization.
27:42
This is also a basic principle that's in the data protection regulation. For companies and bodies and public bodies that collect information, they should only collect what is absolutely necessary and for very specific purposes. This sounds like a very simple concept
28:00
but currently this is not how public and private bodies are functioning. The third one is to delete data. Just delete it. This should be standard operating practice for companies. And given the fact of the risk that companies incur by automatically collecting data for which they don't have much use,
28:24
this actually causes risk for them because the frequency of high-profile data breaches is actually an increasingly large problem both monetarily and for public relations image, not to mention for individuals and consumers.
28:43
So what can you do? Until we can fully change the way that electronic surveillance is regulated in the long term, there are some practical solutions that you can adopt now. The first is to be vigilant and take control.
29:02
Part of our responsibilities as citizens living in a technologically ubiquitous environment is that we have to ensure that we ourselves are aware of the risks and the problems that we have depending on communications. The second one is using privacy-enhancing technologies.
29:22
I don't have time to go into all of these but I'm happy to talk after and I can direct you to more resources. But there are ways to browse the internet anonymously, to use off-the-record messaging on your phone and on messaging
29:40
and as well to encrypt your emails. A friend once told me that the internet is kind of dirty and you want to think about it like wearing a condom. You don't want to go bareback on the internet. You need to protect yourself. And these are some of the ideas.
30:06
The second one, get involved. Birgitta Jonsdodir was here and I saw her keynote and it was about participatory democracy and the importance of getting involved and speaking out to politicians
30:22
or even becoming a politician like she did. And she kind of summarized it perfectly. We need less trolling and more collaboration. And I think that's exactly right. Access to my organization and a handful of other European digital rights groups
30:43
have joined a coalition to protect the data protection regulation. So one of the other things you can do is actually get involved. You can right now join the fight to protect your privacy in the European Union. We've set up this site nakedcitizens.eu
31:01
and today and the next few days we actually have postcards, naked postcards, that you can send to your representative. So this is a two-benefit thing. One, you will be helping to get involved and to protect your fundamental right to privacy and data protection. But then also you get to send a naked picture to an MEP,
31:22
which is kind of exciting. So this box here is where you can fill in. You have two options. You can either write your own or there's already pre-written text and you can just sign. And what you do is, after we will send it,
31:41
we will send it to the parliament ourselves. So you want to fill it in and put it into that white box. And the people that are doing this are myself. I will have lots of postcards. And there's also some other people there from Digitäligesauschaft and Bits of Freedom and also Kirsten, who was speaking before me.
32:03
That's it. Thank you. Thank you. Great. Any questions? Somebody has a question too. Questions?
32:25
Then this is it for today on this stage. We see you tomorrow at 10 o'clock. Enjoy the party outdoors on the left side. So I'm in front of the box. Questions? No. If there are no questions, that's it for today. We see us tomorrow.