Responding effectively to digital emergencies & human rights violations online

Video thumbnail (Frame 0) Video thumbnail (Frame 4612) Video thumbnail (Frame 12293) Video thumbnail (Frame 21406) Video thumbnail (Frame 24874) Video thumbnail (Frame 26029) Video thumbnail (Frame 28353) Video thumbnail (Frame 29830) Video thumbnail (Frame 30977) Video thumbnail (Frame 32887) Video thumbnail (Frame 34713) Video thumbnail (Frame 36690) Video thumbnail (Frame 41442) Video thumbnail (Frame 53266) Video thumbnail (Frame 58966) Video thumbnail (Frame 61991) Video thumbnail (Frame 64380) Video thumbnail (Frame 67907) Video thumbnail (Frame 70308) Video thumbnail (Frame 73132) Video thumbnail (Frame 74347) Video thumbnail (Frame 75583) Video thumbnail (Frame 77103) Video thumbnail (Frame 80718) Video thumbnail (Frame 84804) Video thumbnail (Frame 89217)
Video in TIB AV-Portal: Responding effectively to digital emergencies & human rights violations online

Formal Metadata

Responding effectively to digital emergencies & human rights violations online
Title of Series
Number of Parts
CC Attribution - ShareAlike 3.0 Germany:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this license.
Release Date

Content Metadata

Subject Area
Challenges to human rights online are rapidly evolving very rapidly, emergency situations pose a particular challenge to the digital rights community. How do you support people in emergency situations swiftly and effectively when struggling to balance institutional capacity of emergency response with digital know how? Challenges to human rights online are evolving very rapidly, emergency situations pose a particular challenge to the digital rights community. How do you support people in emergency situations swiftly and effectively when struggling to balance institutional capacity of emergency response with digital know how. The following workshop will discuss some of the challenges of responding to digital emergencies. Panellists will discuss both technical and institutional tools that can help to increase rapid response capacity.
Point (geometry) Presentation of a group Range (statistics) Automatic differentiation Computer programming Confluence (abstract rewriting) Goodness of fit Internetworking Different (Kate Ryan album) Directed set Endliche Modelltheorie Tunis Area Dialect Digitizing Expert system Content (media) Bit Digital signal Limit (category theory) Sphere Arithmetic mean Wave Word Process (computing) Self-organization Right angle Quicksort Resultant Row (database)
Laptop Webcam Group action Service (economics) Source code Range (statistics) 1 (number) Online help Event horizon Twitter Neuroinformatik Facebook Malware Internetworking Term (mathematics) Energy level Directed set Data conversion Information security Form (programming) Email Information Pseudonymization Expert system Independence (probability theory) Bit Lattice (order) Instance (computer science) Limit (category theory) System call Flow separation Connected space Data mining Type theory Software Telecommunication Password Aerodynamics Video game Quicksort
Point (geometry) Web page Service (economics) Interior (topology) Multiplication sign View (database) Online help Event horizon Facebook Frequency Latent heat Term (mathematics) Internetworking Information security Graphics tablet Dependent and independent variables Email Scaling (geometry) Myspace Pseudonymization Electronic mailing list Expert system Planning Bit Denial-of-service attack Contingency table Measurement Type theory Arithmetic mean Process (computing) Personal digital assistant Password Compact Cassette Blog Phase transition Self-organization Website Right angle Quicksort
Group action Thread (computing) Scaling (geometry) Semiconductor memory Natural number Civil engineering Network topology Videoconferencing Bit Quicksort Information security Position operator
Group action Spyware Computer file Content (media) Bit Host Identity Protocol Neuroinformatik Product (business) Broadcasting (networking) Factory (trading post) Convex hull Gamma function Videoconferencing
Real number Cellular automaton Forcing (mathematics) Electronic mailing list Similarity (geometry) Mereology Product (business) Revision control Type theory Word Root Software Square number Right angle Quicksort Pressure
Type theory Moment (mathematics) Chaos (cosmogony) Liquid Physical system Form (programming)
Trail Game controller Mathematics Internetworking Physical law Virtual machine Summierbarkeit Quicksort Neuroinformatik Physical system
Arithmetic mean Software Order (biology) Physical law Sheaf (mathematics) Videoconferencing Intercept theorem Theory
Webcam Email Android (robot) Digital filter Group action System call Computer file 1 (number) Mathematical analysis Electronic mailing list Information privacy Product (business) Neuroinformatik Latent heat Antivirus software Telecommunication Different (Kate Ryan album) Process (computing) Information Computer forensics Proxy server Physical system Webcam Mobile Web Operations research Computer file Heat transfer Airy function Instance (computer science) Incidence algebra Computer Flow separation Electronic signature Telecommunication System programming Video game Hill differential equation Quicksort Videoconferencing Physical system Computer forensics Window Local ring
Point (geometry) Game controller Group action Overlay-Netz Service (economics) Civil engineering Multiplication sign Spyware Perspective (visual) Number Mathematics Whiteboard Hypermedia Software Office suite Gamma function Fisher's exact test Position operator God Noise (electronics) Dependent and independent variables Mapping Gamma function Video tracking Physical law Incidence algebra Control flow Complete metric space Product (business) Word Process (computing) Programmer (hardware) Network topology Hill differential equation Right angle Gastropod shell Quicksort Pressure Resultant Row (database)
Complex (psychology) Context awareness Group action Presentation of a group State of matter Multiplication sign Workstation <Musikinstrument> 1 (number) Materialization (paranormal) Set (mathematics) Water vapor Disk read-and-write head Perspective (visual) Computer programming Neuroinformatik Medical imaging Mathematics Mechanism design Different (Kate Ryan album) Semiconductor memory Negative number Office suite Information security Physical system Intelligent Network Moment (mathematics) Sampling (statistics) Electronic mailing list Sound effect Bit 3 (number) Staff (military) Instance (computer science) Connected space Type theory Telecommunication Order (biology) Self-organization Normal (geometry) System identification Right angle Procedural programming Quicksort Reading (process) Spacetime Row (database) Point (geometry) Identifiability Service (economics) HD DVD Displacement Mapping Similarity (geometry) Online help Distance Event horizon Product (business) Wave packet Latent heat Internetworking Energy level Feature space Associative property Condition number Dependent and independent variables Multiplication Scaling (geometry) Information Expert system Incidence algebra Extreme programming Cartesian coordinate system Cryptography Software Integrated development environment Personal digital assistant Object (grammar) Pressure Window
Laptop Presentation of a group Information Neuroinformatik Medical imaging Arithmetic mean Strategy game Different (Kate Ryan album) Password Cuboid Energy level Figurate number Information security
Context awareness Presentation of a group Price index Tracing (software) Strategy game Profil (magazine) Touch typing Musical ensemble Energy level Acoustic shadow Information security Traffic reporting Associative property Dean number Addition Information management Dependent and independent variables Constraint (mathematics) Scaling (geometry) Arm Information Key (cryptography) Projective plane Mass Type theory Arithmetic mean Software Integrated development environment Personal digital assistant Video game Self-organization Right angle Cycle (graph theory) Traffic reporting
Presentation of a group Dependent and independent variables Distribution (mathematics) Arm Information Gamma function Multiplication sign Sound effect Counting Instance (computer science) System call Revision control Programmer (hardware) Software Self-organization Quicksort Information security
Computer virus Installation art Point (geometry) Noise (electronics) Fisher's exact test Context awareness Information State of matter Forcing (mathematics) System administrator Physical law Bit Line (geometry) Neuroinformatik Type theory Personal digital assistant Order (biology) Authorization Quicksort Information security Sinc function Exception handling
Process (computing) Software Computer file Forcing (mathematics) Plotter Physical law 1 (number) Data storage device Point cloud Quicksort Addressing mode Orbit
Laptop Context awareness View (database) 1 (number) Sheaf (mathematics) Mereology Distance Perspective (visual) Latent heat Goodness of fit Internetworking Hypermedia Profil (magazine) Energy level Extension (kinesiology) Traffic reporting Information security Address space Vulnerability (computing) Dependent and independent variables Gamma function Relational database Software developer Digitizing Cellular automaton Lattice (order) Instance (computer science) Software maintenance Message passing Commitment scheme Integrated development environment Website Right angle Quicksort Pressure Family Resultant
Laptop Presentation of a group Building State of matter Multiplication sign Online help Twitter Facebook Internetworking Term (mathematics) Operator (mathematics) Authorization Information security Covering space Dependent and independent variables Spyware Sound effect Instance (computer science) Personal digital assistant Self-organization Figurate number Quicksort Pressure Table (information) Spacetime
Word Directed set
and and and cheap and
but good morning
everybody good morning and welcome to the last day of Republic o to last day on stage 3 of them today we're looking again for a very interesting their own discussions and panels regarding the sphere will of Internet and politics and society
so today's session starts already was Brunei's so the expert panel of a topic responding effectively responding to effectively to digital emergencies in human right uh well lations online and we will have 6 the limits to discuss and then modernism but will make them aeration already told me that when it's stolid OK if you have any questions during the model so something to up just us for the public is word broke topics so maybe there will be some basic questions to the tune just raise your hands and will get you might and you can ask and yeah I know who fruitful discussions upon thank you and thank you for coming despite the parties lost lights and the difficulty of getting to Republic pretend in the morning I realize it's a struggle to be but firm including coffee and so I'm grateful that they will be free coffee here afterward so if you'd like to tell anybody else the coming I will clearly Philip stage and we have a fantastic panel here I think from all areas of digital emergencies you can imagine and of course the the title itself when 1st suggested that the people coming to elect to do some of this is what so the the topic itself is 1 of those contention and different meanings and I think it's important to see that there is a very broad scope of things happening so this may also mean that in between you'll be hearing things are from different areas some of which you know about some of which you've never heard about some which are very different results of that just feel free to raise your hand at any point to wave to jump up and down to shout at me whatever and then you can happily asked questions involved so on my very far left we have 70 Hanke from Tactical Tech very little bits of closer to me we have the the ads and firms evils that and closer further on the right we have cloudy again yearly from a record 7 and then to my left directly we have genuine you from the from from different nations all of them have a very broad range of expertise in this area and all of them in some way or another deal with digital emergencies and I'd like in that presentation that you could also just mentioned specifically what you think you direct relation to this this panel as well and then sort of move through all the things we discussed it would you like to right and do you want to start what my direct relationship this harsher start 1st with the job regions and so I'm on this panel said I'm as setting up a new program that supports organizations working on digital emergencies because uh what
you will see also I think throughout the talk said there's a lot of threats happening right now to people especially political activist or journalists and on all different levels uh from hacking the computers to to India blackouts and that there's a fairly limited things we can do so far so I'm actually working for a donor organization uh and I'll be talking a bit more about them on a meta-level what is the dual emergencies what actually happening and then the other 4 3 4 experts will go more in depth on things the and so actually had a node was a weird coincidence but last nite I got an e-mail from a friend of mine in Jordan saying that the Internet was cut interior and they also suspected that the mobile network was taken off and and how they found evidence that school CloudFlare which is a security company they actually saw a rapid decline in the amount of requests coming from Syria to the rest of the Internet and it really went from something to 0 so use in 15 minutes to use all the usual mothers flight for the drop and and I think the question is this is rare and why what is happening while that the Internet is turned off completely it's quite rare I think we had 2 separate events prior to last nite and 1 was Egypt when Mubarak couple on the Internet kill switch and 1 was about I think was december january when also in Syria the Internet was cut so what we see is it has huge implications because it leaves a country completely deprived of the Internet or mobile communication as an and I think you when people think of an internet or a mobile blackout to sort of forgetting that it also affects the 2 basic daily lives if you are having a baby off or a few broken leg you can't call emergency services so nobody can come in actually help you specifically when the mobile network are to turned off because in countries like Syria practiced on this very limited landline penetrations of mobile is very important in this 1 and the reason why most governments won't take down the internet as a whole is because it has quite severe economic a big impact on the country because companies can also not function at the does doesn't mean we're not seeing other trends and between governments and non-state actors around the world are more more targeting mobile and Internet connections uh not only by taking them off but you have the theft of laptops and mobile phones for instance of activists it is happening quite often in Mexico and the reason is um it independent journalist or activista critical governments they have a lot of information stored on their mobile phones with their laptops is usually not very a highly protected to a couple years ago I was in the Guatemala and I was talking to someone journalist and they had their as sources sort of locked in a vault but they had their laptops without a password password and so if then a scaredy for steaks said they have access to all the data uh and 1 of the uh the um Sarette's we see is that it's really targeted surveillance so people or installing malware on computers and mobile phones to really find out what people are doing but it goes as far as in Atlanta will talk more about this type of malware that it could go as far as turning your webcam on when you're having a meeting entering a microphone on of your computer or your mobile phone a listening into your conversation so it's really breaching the offline world that were living in this not only looking into your data but it's actually looking at what we're doing in a daily life um London threats and it's something a lot of people are not thinking about it's also breaches pseudonymity so as he feels we work with a lot of LGBT groups in Africa and and in you got there there's a death penalty on it and people are exposing them on Facebook for being a gay activist uh which yesterday severe occasions of what can you then do uh to help dispersion because it's really of uh 1 off exposure and how can you then help them so I think there's a whole range of threats going on and there's different ways to mitigate them uh ones by the by being prevent preventative so really uh starting before something has happened because usually when a did emergency happens here too late so as better to work prior to an amazing stuff will be talking more about that uh during the crisis how could you respond to it if there's a mobile blackout are there other ways to form communication channels uh we don't have an accurate on this panel on that but there are people working on seeing if with together with your wife I of your phone you can create your own network and then if you link that up to a radio channel you can communicate to other countries and and then after the crisis is also a lot of work has been done but I think the 3 others will go more in depth about it just thank you very much just before we move on are there any questions for clarification was any of that unclear where
you are unsure of any of the terms that we use you completely disagree not so that's just I disagree with 1 point at they're actually for Internet like out before Egypt so actually the website about
this I'll tell you later which which countries shut down the internet don't come very creative I'm has no I my absolute you agree with everything that the cassette on the subject and and I think and just before I talk about some specific examples so I wanted to really agree with the point that a lot of the the preparation and that is needed is happening and so and were not that you know in in in in our countries in the countries in which we work and and in countries where we know we have contacts I think most people are generally not and thinking about preparation for some of the types of emergencies that we've discussed and so I made in my organization and think other folks here I'm also all work on these types of things to so we will hear about all of them that there's a lot of resources out there may organization does work on and surveillance self-defense so preparing yourself and against potential surveillance and also mitigating against attacks like dead distributed denial-of-service attacks and that on a talk about a couple of very specific examples just to give you kind of a range of of of the types of things that I do and so start would that the sort of least scary and I'm everyone remembers a little Facebook page called we're also solid same from Egypt's sort of Vienna not everyone OK so this was the Facebook page where that people said you know let's go out on the streets on january 20 5th and they had but 1 million responses and people went out and and this was and the Facebook pages actually created in 2010 in response to you and the murder of had played at the hands of police in Alexandria and this phase page of been around for a while and in November of 2010 and it suddenly went down it was taken offline and hands it through some other contacts we heard that the reason it was taken offline was that's animated in terms of service violation on Facebook and how what could possibly be the terms of service violation like I had followed the site you know and it turned out that when a person named well Cunningham who has now become quite famous and had been anonymous on MySpace but the pseudonymous rather he been using a pseudonym on his Facebook account of and this meant that his Facebook account was then taken down now this is not necessarily what you would think of as an emergency your Facebook page not being out may not be that important trade but this happened to be during an and and as an election period and it was intentionally sort of targeted by people who didn't agree with his views and so this is something where and you know if you sure yes he violated the terms of service perhaps unknowingly but if you're in that sort of situation what pads of recourse you have and so that's 1 way and that and you know it but 1 of the things that I do is try to contact those companies and help people on the other end and and to give an example which may actually seem a lot more like an emergency and there are some companies that have recognized that and having an account on their services and ends and being asked for the password to it by and security services if you're rested can get you know quite a bit of trouble there be a lot of cases where and security services for example in Tunisia have infiltrated people's Facebook pages have taken them over etc. and an end so if you're rested and you're using a social network and and you're asked for your password or tortured for your password and that can obviously you're probably going to hand over that password and that can cause far more damage and so 1 thing that some sites have been willing to do is kind of work with us on that maybe take down the page in and another example that is when you so this happened that sort of thing happens to a lot of activists to our sort of accidental activists and you don't realize that their Facebook pages going the constant threat but then you have more and then as a professional that sounds wrong that that as experience activists who are aware of the risks that they're taking and but who still want to put some sort of measure in place for event like that so I'll give an example and where as Syrian activists name resent Valley and she's written about this and she's allowed me to use her name on this and a couple of years ago she knew that she was under threat this is I think November 2011 shoes interior and she knew that she was at risk she contacted me and and another friend so had 2 different people gave us an a list that I sent it encrypted and give us a list of her passwords on various social networks and instructions on what she wanted us to do in the event that she was arrested the next day she was arrested and so we knew that she wanted her Facebook account shut down her blog kept up and used to update people about this her situation and then her e-mail you know she she left specific instructions on that as well and so that was the type of thing where I mean I thought afterward and sort of came up with some ideas for creating a contingency plan which is something you may or may not want to do depending on your situation I'm and the last 1 because I think of getting over time is just an and there have also been more extreme examples of the same sort of putting on and I were a few different after work FF but I also work with uh organization called Global Voices in the Global Voices has bloggers and right to the site located all over the world and some of them and you come under threat and so were beginning to not be getting that in the middle of thinking through how we can best support those people when they come under threat and whether that means and helping them with technical means helping them keep their website up during emergency or rather and helping them to get out of the country and this is something that's very few organizations due on there and and granted there are some doing an excellent job of it but it's not available on scale at this point so this is something that's a real challenge I think a pass on
wonderful thank you very much uhm there any questions or specific clarification points on this I know there's lots of other experts in the audience so if you like to wait only of the points mentioned in if not I realize that it's still very early in the morning for public and I
believe the next position maybe a film which made them to allow you to going to actually see some of these things and also I wake people up to feel more interested in participating it but
so before going into the video with a bit of introduction what I'm actually going to talk about some some uh secure researcher kind about sort of the space and that of the narrative the group boats said from I specialize in memory search and what the research and of thread research in general and I've been doing that for lots of years in the commercial space and and the recently have been from non-Balkan incidentally in investigating and researching into the use of surveillance technologists from all over the globe from this any of you ever heard of the feature before In future 1 2 3 4 5 6 but a few of them but it so been involved in 2 researching investigating the nature of of of surveillance acknowledge including the future and on exposing the use in on a global scale and I'm not published together with other other researchers through citizen Lab collection of research is that it can go online and find more details on what it actually does and how it's being used and I'm gonna talk about a bit more into that later actually of tree copies of the research if you guys gonna pick it up or animal distributed some some way but you can find everything there but since most of you true them off in future and gonna show a very short introduction video that will give you kind of an idea of what we're what we're talking about what is surveillance member what what kind of capabilities it as and what relevancy at on you know on the 1 side and civil society and actors in general choose working on on the other hand uh the
uh the
uh this of the commercial
actually get the people
here's an group so long
costs by cities around the world and what we found when you ability closer look inside that is that it operates pretty much as advertised can listen your of intercessory here e-mails it's there take over your computer secretly from the
inside and broadcast all the contents of what side to turn the microphone
and could do that broadcast factories operating centers that are listening in
recording every bit of data on the defense by spyware product is produced in Germany
and it's become a political issue partly because the same sort of products be used domestically by long words in Germany and now it's not that they're exporting a similar type of real conflict
between people supporting the industry in Germany in any cell stuff and
those who think that the human rights
concerns with the square of the thought a human rights activists have voiced concerns about how this is being used
to be used get and once it's all this in the hands of whatever country where
government whatever fighting the it's in the hands of the human rights activists and a lot of politicians in Europe now where this is exported from work on restrictions on on out of and revelation the 1st year of the final chairman of the the array the there has been a a part of a little blood pressure and you paid paid much and you will have extra restrictions fine software and the German foreign minister also said all yeah part of the sentence that the user is kind of like around serious but we think that not enough not to have a black list of countries that you expose the forces were in the sanctions we should exclude this software like that and was with the export suffers any country that is known for violating human rights the
but the government is somewhere in the middle east
Asia the Americas by of these systems that does that users just in that country know I mean the the system is specially and body and the type of many forms of AAC targets with reside foreign countries are the problem which we use of I have not how they wanna unjustified if the legal because of how it might be legal or government in within their countries within their jurisdictions to use a liquid is no whatever well we suspect this guy the importance of community with the 1 evidence on the parties of in the but the moment he travels he's already I in other restrictions where this might be the only illegal to find and also the way it is made is known as the for controlling who uses the
computer so the workers were all that and you can reuse told to in the Internet of the features of the machine so when the people use to guide to let me the phone calls they can listen to all of them and have no idea because this is not normal civil law in that were formed by humans
so this is like the Pentagon approach is sum of all the sort of later these
interests or hostile pedantic they're
very clear that they operate the wall they say that they obey export restrictions of the UK US and and they say that the system itself has a built-in control they're good for making
sure track the changes in the sky
at all and so much right at the
company business is what's in your we record which sections were it out of which you do
that so there is this is the correct and law and what they do is possible the actors in 1 of the most responsible parties here business to the users of their hair and so the video self-explanatory what we're talking about is basically a lawful interception software which is being produced by mostly European companies but also American companies and in know companies from other countries as well as as from the western world mostly and is the sole generally speaking from through enforcement agencies and in no order in government agencies of but you know pretty much every country in the world and they should be the theory being used for criminal investigations organized crime terrorism and so on what the research that we publish and cord was studied actually it's not completely true it's obsolete being used for those meanings as well but it's also being abuser using other ways in other countries were is fully not supposed to be used on so the features of these technologies have arcanum
listed should thing this was taken from the conditional confusion itself also considered it pretty much can do anything in bypass and diverse suffered of covert communication full-scope monitoring intercepting Skype calls intercepting the instant messaging right stealing credentials for her G Gmail and you hope you have a male and so on but I can do lot surveillance through using the webcam and a microphone so basically environmental surveillance on it can you know still files files of install keyloggers due to you know to get the actual keystrokes from the user and alive from what forensics and all those sorts of things it's being produced for all operating system Windows Mac OS X and upon instances of these products for IUS singin from Android and Windows Mobile as well so it's very invasive technology I mean it's it's signature that from it's virtually invasive for an individual privacy and in some situations so such as the ones that I'm going to show in a second even for a safety individuals under specific of specific kind of social and political circumstances on
so what are basically what when uncovered was that when only the connections and see this properly but it all started last year basically up so about any activists realize there were something Dodger going on with the computer and she received some of the she knows that she's the realize or something suspicious of them and then a got encountered we done you 1 other researchers and from beginning to that that the that the that the computer up the victim basically we realize that it was active in future so that was the 1st instance of belief that from this acknowledges we're actually funding using the wild and specifically being used against political dissidents or activists and I was just just a start from there I inquiry lots of different incidents in several different countries that were that were there was basically again I could be a sort of opposition political groups and journalists and so on being targeted with these technologies allegedly by the local governments or foreign governments and so on and and that obviously as on a strong impact on the daily life because they operate through the computed protruding intranet editing the belief and the work on the expressive the use of computers and that's basically notify sort of privacy that might have when doing their work and we also find ways to identify where at
the back in the service of these technologies are actually being located so you can see on the map it's pretty much scattered all over the place and so North America lots of countries in Europe as well as but think of God and the Amorites Ethiopia and Nigeria Pakistan Turkmenistan from Indonesian Malaysian and so on and so forth and so you can see that it's dealers glory writing all over the place it's it's completely and you know thank uncontrollable at this point on the the research there was more done was mostly on covering a technique of
the technical perspective of the use of this technology although operate on the being use all they can potentially enough that an individual but obviously realize over the time that it had a busy political impact because we we we were finding instances of of these being using countries where other very bad records of human rights abuses and and and after we started know of exposing this this incidence obviously the response that we got was kind of complete denial of from from the vendors as well as from the government said we're actually being exposed on and sometimes even even disillusion also differs from a quote from an interview that of the the spokesperson of of gamma which is a company that produces this this acknowledges gave to I'm a journalist from from Bloomberg I think it was a good thing that you can succeeded action realize that the impact that they're having on the victims of all the people of the customers at a scientist this acknowledges to they also admittedly say that they have absolutely no control over this acknowledges are once they're being sold they're being accessible to a country itself to the country on the actually being used in the problem is that they comply only to export regulations and so they can sell to us that you would think Procedia Iran and so on but I consult but can sell to other countries where there is a critical political situation of word in archaea trees of their own safety but it also had some pretty funny enough personal outcomes and so this is again was Martin Munch after that 1 of the reasons that we have it was asked if if and the result of this this publication actually the personal impact on and basically saying I from girl and she was my name should never go back and number sort that can manipulate anymore 1 but the response the after after I know there's been pressure for the media they also started saying OK we're gonna change things and is is being same paragraph adopt on human rights officer position to the characters of the of the situations and this was a positive positive move forward if it wasn't going to appoint himself especially after the noise of the law in the interview actually gives a comic this saying that you know police does the job no matter what would you action Vargas so I hope that is gonna gonna gives an idea why this is the critical emergency for individual so over the globe I mean it's not something localized in civilized countries something localize pretty much everywhere and that in both of everyone I but we're talking about here in this panel on how to prevent to
respond to this to this incident some I'm gonna try to give kind of my perspective on this things and very very briefly because I think I'm running on as well I would like to be able to give an answer on how connection respond to this disease incidence but the reality is that I can't and the reason is that it's very difficult to John surveillance especially to reduce level into the steepness of as long as we operate on the internet as get bursaries of which in some cases might be local governments nowadays it might be foreign governments corporations against investigative journalists and it's very difficult to challenge that if we keep operating as a expect us to bomb In order of lots of resources this acknowledges gets all frontiers of thousands of euros from the discourse is that they have these monitor disposal them the resources to research and and identify weaponize some abilities in applications and operating systems begin by exports from 3rd but third-party vendors and they can have the resources to evade security mechanisms that secure vendors like my company in other companies provide on again even in some situations of silently and interfere WordNet objectivity and in some in some cases even in security so the people I could find problematic to retreat into find respond to this to this situations but there are some few things that we can actually do answers to make that a situation would better on the security industry there is a fundamental concepts from the commercial industry of course there's a fundamental concept of of trying to minimize the risk of compromise by making it more expensive for that doctors to be successful in an in a secure displacing or commercial organizations and government agencies that this translates into having that layer at a time and what do I multiple layer of defenses of the log network defense workstation depends on different products different technologies in place the basically should treat more more obstacles for an attacker to be successful and compromising the and and fulfilling its goals I we can achieve some or something like that as well as in this society but nothing could be done in 2 main steps the 1st let's keep researching and an understanding of these technologies work all these all these subversive basically operates and you know trying to of keep up to date on water actually facing if we don't realize if you don't understand deeply what we're actually trying to protect the people from the activists and dissidents and journalists from we can effectively do it realistically and secondly secondly it's we have to stop operating on on the internet as they expect us to do once we know and realize how the actually operate another reaction expect this to be a compromise in effect on you know tracking otherwise we have to change that we have to be dynamic and flexible and that's not an easy thing and there's lots of the groups like the ones from this but on the other the book 8 and train people and using cryptography ends in a security tools and so on but that's but not enough on because lots of data is this acknowledges actually born help from when there's the step of surveillance and this set of technologies which are so in this event transparent come from what we need to do it this trust started up alternative technologies and you know stop using Internet Explorer use Google from non use Windows and use of alignments and stop use of supporting use OpenOffice or something similar but we need to start using disposable during use neutralization to isolate critical applications and that's something really complicated but you we want to get to a stage where we actually want to provide us you know some sort of guarantee that they can operate safely on the internet is the steps needed to I need to be taken the when this countermeasure actually do not work in order not to in place of then we need to be prepared to respond to this things and a secure Israel been developing capabilities and procedures to do this read effectively the promise that's coming out these these probabilities German-speaking and available only to commercial organizations and big corporations and government agencies as well as a civil society as a kind a lack of these these capabilities and after probably change and so actually hope that the secure this start moving forward to serve also society and individuals but we can do something as well I mean I it's very difficult as I say and we're trying to address an issue that has is is on a global scale on the trying to and all people in critical condition in different geographical political economical and social situations and that doesn't really help if in this in the case of these these these incidents for example if you want to respond to distances different things about to happen in order to be successful the 1st thing is that the thing actually have to realize that something wrong going on with this computer over this network or whatever and that's not treated on that's something that most likely would have to involve unsecured expert to to 25 after this actually happened yes to know who to contact and with the goal to to to ask for help and to ask for expertise to to to fix this issue and that might not be trivially the norm 3rd thing when actually able to communicate with the this organization individuals that I might be able to help them and there's no infrastructure issue that comes in and they have to be able to send relevant data that could alone investigation and trust me it's not easy out to get in gigabytes the device of the disk and memory images sort of final but a more Africa our or is your pure other countries of it's very very complicated and by our own experience that's not really scalable and all and so you know when given the sample obviously on the context that our jumping into this situation of 2 of the technical expertise to 2 and a lot of things and now I will actually like to hear what it's what's the opinion of other panelists Butterfield that coming from the security space that doesn't really happen what there can community events moving out a little bit about a secure industry still chemicals into itself it's a market that it's involving itself involving the customers and doesn't fall be beyond that you know it's it's very narrow some so there's lots of points if there's and this things and when Ben actually in in in mentioned you might need to this battle and in our Tomioka arena discuss about how to respond to digital emergencies was trying to get my head around it and as my contacts on what they were thinking about that are both other researchers that I work with as well as some of the victims of this event acknowledges that exposed on so the ones in but in and in the UAE and so on and I never active and actually get a unified answers so everybody has different opinions on on for instance the victims of that that I wasn't going to this they also OK we want we want to have some easy-to-use identification removal tools which are not easy to do obviously and the other researchers that I work with so that we need local presence on those countries enabled you all in order to be able to actually perform this investigations successfully and that's even more difficult what I believe is that's what it's really needed is that of a global cooperation network where individuals like us that actually have technical expertise could know providing service to organizations are like the ones in this battle and this audience for sure on that can coordinate and provide a deeper this beaten reachability of 4 2 point and then act like point complex for 4 people at risk so that we can more effectively in be present and respond more quickly and provide some of some solutions to these issues that such thanks to the few OK thank you very much I realize that was quite a technical way of looking at those issues although the importance is useless as well is there any specific questions of things needed to
please me the I was sorry so yeah it's actually pretty accurate from so mn almost all the things that they actually mention in the feature space so this is is true any other questions in the room not the will move on to slightly less technical presentation bias of negative of that the right the so the the good thing about going last as we have more people a bad thing and after they took surety had is that what is that even say and that's the so what organizational Tactical Tech and we work more on need training capacity-building side and and developing materials to help people to self lending so is a slightly different perspective than you've heard from the other speakers and so I'd like to start by inviting you to imagine what it's like to get emergency response and called for an organization like ours so 1 instance happened here is not alone there is unity we get any money after me in saying that there is an organization with 25 staff in Russia I if you has just been closed down and is under and financial attacking and financial and the interrogation and looking to the organization can you help the director in Kenny helps us so the question is how do you do that when you're sitting for example in our case and in office in Berlin and training people and that kind of pressure when they're dealing with a lot of different things are going on and it has been arrested uh or or some of us have been arrested is something that's very hard to see if not impossible and a teaching them how 16 need new types of software have to install things this is the furthest thing from their mind is not something we go through that point in time and you can also think about bringing them out of the situation so bring them to the place you are to be trained but easier con travel in that situation and you you going in and the associated with them but actually put them into greater risk and you could also think about perhaps asking them to you find local technical expertise but they may have a trust problem with you talking to use the person is giving the advice is that are already know them and they may also have a question in a problem with that as the people giving them advice that by association by training them at that point of a given technical support they themselves get in trouble and you might not know the context of the working as well in the organization providing support from the outside may not understand the ins and outs of what's happening in a particular country and even just establishing a 1st safe connection you know on the side by side right now just that very 1st connection even may be a problem so I just wanted a kind of freaky goes to a list of wine what sounds like emergency responses to just and help sounds really easy but when you're actually trying to transfer skills and those kinds of circumstances it's very very difficult if not impossible so in in the 2nd you do your best to basically find ways around and they try to help them out of that situation but organizations like ours you're trying to deal with these problems in a long time trying to develop a program that responds in that kind environment is in a state we think so we do working with helping activists these technology for over 10 years now and 1 of our approach is to think about these things in a much longer time and how can we help people before they get that situation in the 1st place and so how do we reduce the risk before the against that kind of extreme situation and how do we make sure that that had advance awarded things I think it's important to remember is that a lot of information is used against people when they're in trouble is actually from the past so tied into to the what to do that particular moment with they communications is very helpful but remembering that the records
online on the computers or on their mobile phones from 2 3 4 years ago and other things which will partly be used as evidence against them so this is another reason why preparing amounts is really important so this initially some
things I hope it works just you know make this in the abstract the in I and this is and so on and it is mentioned 3 different approaches that we take on 1 of them is looking it oversee transferring skills technology skills and strategies and Gillian already mentioned and this example of somebody who you in advance told somebody these my password is what I want to happen if i'm arrested that kind of forward thinking is quite rack and and is it sometimes it is close to TT level that that we need to act and just had in the presentation and before this 1 about these in a more technical questions that some of these things are no just technical and she's so for example it may be technically possible to lock down your computer so that it is taken away from you is protected but is agood idea in situations like that just means the threat to the physical figure in a situation where computers down and you have nightmare for somebody and you hold password you you here leave affect the physical in this extreme situations so we need to look for strategies basically we need to look for ways to help people think 3 you know in that situation completely looking down a laptop probably isn't a good idea but getting some information away and keeping something the hidden would be a better strategy so that's winning by strategies this is just an image from a toolkit we have called security in a box which is essentially the different kinds of technical solutions for some of these problems but increasingly I think that's our foreign means with technical present when he's the PDF and it's now for thank you to the
constraints you would think so anyway so the thinking so there there ever level this and about the you trace of people making so how can we help people think about not necessarily technical problems but also the information that the given away in the 1st place and this is a project that we and our involved for me my shadow which is helping people think about the digital traces that leading online and 1 of the reasons I'm saying this is because you to these people about security in technology as cycles Seafrance on your faces is quite out so finding ways to provide is engaging in interesting way that brings people into the question can be really useful and so in this project to be and you look at the question of how can we bring to life these issues in a less technical way unless overwhelming right and and then the last thing I want to mention is there and the 3rd approach which is the key this question of self scales so looking at day the question of what information is being gathered in the 1st place on the he oppression of the strategies that organizations he's so for example if I'm collecting and corruption cases for example from individuals do I really need to write down the name of the person who reports reports that corruption is not going to a legal case for example so how can we help organisations think about the question of what data by collecting the 1st place knowing that sometime in the future this may be an issue for them to and I guess I'm going to cut this short I just say 1 more thing and in this case I think found
I think it might be useful to bring up in this context is this European problem or not because I think we'll sitting here in Berlin many of his not from these countries perhaps they even working these environments and the 1 the question is is you know what does this have to do people and working in in Europe and a lot of the what we do is also with intermediaries so these offenders or organizations international organizations based in Europe or North America here providing support to these types of organizations so just by being in touch sometimes by some of these organizations or by being a funded he transfers money from these organizations or by traveling to those countries in Western with these people you often exposing networks and exposing people and there's not enough responsibility taken by is here you have the luxury of living and working in London Amsterdam open entering these places and don't have to worry about the and physical and digital security but they are by association often putting other people in danger so some of their European organizations working to support activists worldwide and journalists really need to think hard about the additional security practices the I think I've already had them mentioned before about a European technology companies are and you know what responsibility to they have that that was is exactly that the the set it to the last presentation as well but increasingly was saying that these kinds of techniques I also being used by accident it by organizations and by governments in the European North American context not in these extreme ways in closing down accounts maybe but not you know people not being arrested and some but by other means and I think we need to be realistic about 5 is an increase in activities to discredit activists who you if you challenge the status quo who act differently and and they mainly in these kinds of so called semi democracy or democracy environments the threat is Americans that litigation so dismayed at less abstract information provided this is what you see happening in the biggest panels we see in the last few years it a assigns arms was and so on that there are reasons why at high high profile activists and journalists even working european of America need to start thinking about their digital traces that leaving behind online the
FIL B fantastic thank you very much for that wonderful presentation the since we have several interesting people in the audience and we've talked a lot about the European technology companies but also the German technology companies and other any questions specifically on the presentation or specifically on these European technology companies the presenting about so of the camera about all sorts of other companies will make this the last back-to-school difficult but I don't see anybody uh specific you wanted to call about as anybody in helping with that response how to respond more effectively to the things created specifically in Europe and the clearly in both you all this to denote this way at which the microphone but so I just have a question that we have there been any efforts made to conflict call programmers so this kind of software as a so the official for example I mean that is it possible to to trace standard coders the programmers and talk to them and I say what you doing is so that he so so I'm not sure why would 1 want to that but I mean it's a public company it's it's transparent I mean it's of it's
officially basin in the UK and so on the 1 that actually produce a self-imposed is in Munich in Germany I think I I never really spend much time into investigating the details of our you know the organization of the company that operates on a 1st would not say I'm not interested in going after individuals that actually produces things because I don't think would have much effect on the things that need to be done is 1st of all regulates the more strictly all these things get exported because there will always exist in those existed in all of the seats in the future we deserve something which is demanded by law-enforcement of so it's not consistent instances the problem is tried to control more was actually going to use and when they're when to use it for arm and therefore not sure whether of trucking of programmers that there would be would be much affected in that sense of OK there's no question the back the the I am of the question about romance mn about interest behind those companies sending finfish apart and that rumors that not only the economy but I like to take Germany 90 German economy in German Institute for Economies and and and gamma selling them Siemens selling this kind of stuff about also secret services and send to attain information of the counts as having the software to him in an interview this like 3 minutes I just want to ask if you give this to you and if you could say anything about that some if if if you know that really affects the distribution because then we don't do not only have to deal with interest from the economy than for the I was supposedly security and interests of all countries to sell this kind of trations things as well I think I'm not sure if I have a question completely
because microphones echoing quite a bit but since last Thursday there's been in the Netherlands has been a proposed law by our Ministry of Justice and Security that they will also be able to install viruses and computers of terrorists and talkin which is basically the same as uh what Iran of offline or other governments reviewing with confusion as I think a lot of security agencies already using at the only thing is that with anything the European context have to have a court order assigned to be able to use it here that I have also not sure if this were has some pretty bad noise issues of Muslim much I understood completely but I mean in the US we recently had and they can remember which state it was in the police force try to get authorization from a judge to use the Fisher
and in that case the judge turned it down thankfully but that's the sort of thing but the sort of thinking that's going on in the US we've had and our own problems with the NSA spying on millions of of 18 t customers and completely warrant less and you know and the Obama administration has done nothing except stamp thick black lines all over any type of and freedom of information request on that so if you think that surveillance is something happens in Iran and Syria and no it's something that happens in all probably all of our countries I don't know where everyone's from I but I think you know this is far beyond river at this point this is something that affects people that we know and and not just outside of our countries yeah and just a quick follow-up question to feed his will because I'm not sure it was quite clear this law is a partial and it's only relevant in the Netherlands will higher no hidden
and is explained that while we still 3 months to sort of can have to have enough the Congress members to vote no to it yeah I know it can actually also be deployed to the exterior so it's of not only national orbits with a force of conflicting with
international law because the reason behind it and I think a lot of European countries are thinking in the same way we're just the 1st ones to put it down on paper is that if you look at data storage will and it's more more happening in the cloud become shareware it's actually stored and then if certain things are the while encryptor Dorset things very negative we had abdication of somewhere there a job phonographer network and tell plot of the network and they wanted them to leave those files to prevent further harm for children I think this is the reason behind it but of course which k so them basically I would be subject to this law anywhere in the world as long as 1 of the maybe I
should be nice about people in future from whether any further questions to talk so the men's house and I do work for reporters without borders in Germany and we are also working on this kind of surveillance technology maybe to of question of trying to contact those people and so that's 1 thing it's called back then it's a very good and glossary basically of all the stuff on being there and they have a private address of some of the developers or maintainers and stuff I don't think that the act there's is unproblematic I'm about to add to that and have been in contact with a matching means the ones from from gamma and the if you talk to says it basically it's and down criminals and it's a good thing and we are not killing anyone and this is not mass surveillance and and societal the yeah it helps relieve because those people they sit sit there and say OK well that's a good thing and we we help that people um and also after we we put out a report earlier this year of of the enemies of the internet the guys from trophic or said we build relational databases which is kind of true but only of course small part of it and C S I don't think and they they really have the mind set to see this problem um and so we have to to keep pushing of the public but so that they have to to respond to media inquiries and see why they're doing this and why it's not problematic in their view and just because the panel's coming to an end if there any quick response to the briefing of OK I just like to also offer palace before we close to 1 last response which is specifically if I'm in a situation of digital emergency on trying to prepares for the emergency what should I do crucial eye contact just very briefly from each of you so we have a clear message coming out of this what should be done in the situation little emergency from your perspective so from their commitment could this so I'm not too sure about that I mean I'm sure that and some of them are have good intentions on developing and selling the things but I also
also claimed that they have farm stand lots of situations that might be very opportunistic and how they handled the market demand and the cells because it clearly you know know that both those things get access to people that use it and I know runways against 1 people and swooping publishing details and they thought I'd like to support this claims and the result is always being denial and uh sometimes even marking our results and the proponents that we expose things with with with Baden transparency and they don't and that makes me think that might not exactly be true that that best mind set on Mount approves distance but that's my personal opinion so and then 1 more comment is that and I think these the sort of specific surveillance companies I wonder it to what extent it actually um you can impact on what public pressure because using not dependent on the on the could consumers to buy things and that the public pressure section the directed towards the legislators because they can pressure on companies because on the territory the yeah so that then just questions on and about what to do something like this happens and I think what we're seeing increasingly people don't know what to do is that they just start using technology and if you something that situation here we've had a lot of instances of people just dumping that fired dumping their laptop and the same with everybody else in the family and this is this this situation what happens when you don't know what to do which obviously may signal further isolated that's 1 the problems with responding like that I mean it's good in a way because it's found some of the possible vulnerabilities but it doesn't actually solve the problem I hate to say this but the question of what to do this that there's no answer because it's completely context-specific and the reason why somebody's under surveillance the kind of level of trouble there in the high level of profile they have and the context in which the working the legality of the environment in which the working intently dictates what they should do fortunately and 1 of the ways that we have a look at this question is biased encouraging people to ask and answer the question about distill security concerns especially in a high pressure and short environment by looking at what is the general approach of policy to security outside so if people tend to think that it's I just additional issues some meeting emergency response will front relevant to this and her her her at that and that's a anyway sorry to say that I think that's I'm this is the the site is that this is actually my colleagues giving the comedy My right in the front I think this this and so the
latest the thing think these things are about the KB offline reality of of security how do you how do you deal with that anyway in in what's in your bag he is speaking to you these are all skills activists have before the internet and the chief is that you are not underestimating the problem and many many of the problems about the risks that people that that taking but in extreme situations
laden with the for help we have to try to get people to use the same status that using offline and think about the online and to come into effect of stuff that's a at 1 people in an emergency there 1 of the reaction is to stop using technology technology the other uh responses especially when they're for instance during this for activists are thinking that their laptops or mobile phones are infected and they sort of don't know what to do and they continue with their doing um or once a cover and organizations deals there panic and once Beatles attack goes over they don't think to the food futures I think once you're in an emergency and you sort of deal with that table so the next step as Rutherford start planning for future attacks because once you've been under attack the chance you will get a tax again is quite time you know just a separate command actually grid Stephanie and especially in the case of of surveillance technologies and spyware so that the 1 that with talk about I'm always very reluctant on when I've these myself in the situation where I have to help someone out on you know you disinfecting and responding to these situations because because of the fact that the variants of such a ahead the surveillance state such a you know close monitoring from from their nursery in some situations might be even more expose them even more because if they realize that thing on the well-being monitor they actually go out and contact someone and and I know the operator of the surveillance technology actually understand that they have then in undercut discovered and they're trying to uh to remediate that they could be even more problematic to their safety but we don't look at presents it's very difficult to actually do something up through the internet and 1 so and there's a lot of Vincennes IN NO we can a leave so I guess the 1 thing that I think I'm in terms of things that you can do with public pressure thing figures right you can't really pressure a lot of these and these surveillance building companies effectively but you know you can pressure is social networks and a lot of them are not doing enough to protect the users and I'm talking about your Facebook your Google your Twitter cetera cetera and pressure then talk back to that and tell them what they need to be doing to better protect their users and I think that that something somewhere in the we as the public can have an impact even when we can't know the spaces on the your also if you it a did all emergency wise and still always feel free to contact the author 1 would think very much uh a leave business
further questions such as like to thank you very much for coming and spread the word there's a lot more that needs to be done but what's companies and towards governments in Europe so that you get on few
things my my if you