commit 7e9161614fe957ab7f1692c8b0497cc349448225 Author: Mike Gerwitz Date: Sat Apr 14 00:29:08 2018 -0400 Slide source code and resources The talk didn't go quite as well as I had liked---I ran out of time to prepare---but I hope that it will convey some useful information to others. The source code contains my intended transcript. diff --git a/COPYING b/COPYING new file mode 100644 index 0000000..34ec65f --- /dev/null +++ b/COPYING @@ -0,0 +1,425 @@ +Attribution-ShareAlike 4.0 International + +======================================================================= + +Creative Commons Corporation ("Creative Commons") is not a law firm and +does not provide legal services or legal advice. Distribution of +Creative Commons public licenses does not create a lawyer-client or +other relationship. Creative Commons makes its licenses and related +information available on an "as-is" basis. Creative Commons gives no +warranties regarding its licenses, any material licensed under their +terms and conditions, or any related information. Creative Commons +disclaims all liability for damages resulting from their use to the +fullest extent possible. + +Using Creative Commons Public Licenses + +Creative Commons public licenses provide a standard set of terms and +conditions that creators and other rights holders may use to share +original works of authorship and other material subject to copyright +and certain other rights specified in the public license below. The +following considerations are for informational purposes only, are not +exhaustive, and do not form part of our licenses. + + Considerations for licensors: Our public licenses are + intended for use by those authorized to give the public + permission to use material in ways otherwise restricted by + copyright and certain other rights. Our licenses are + irrevocable. Licensors should read and understand the terms + and conditions of the license they choose before applying it. + Licensors should also secure all rights necessary before + applying our licenses so that the public can reuse the + material as expected. Licensors should clearly mark any + material not subject to the license. This includes other CC- + licensed material, or material used under an exception or + limitation to copyright. More considerations for licensors: + wiki.creativecommons.org/Considerations_for_licensors + + Considerations for the public: By using one of our public + licenses, a licensor grants the public permission to use the + licensed material under specified terms and conditions. If + the licensor's permission is not necessary for any reason--for + example, because of any applicable exception or limitation to + copyright--then that use is not regulated by the license. Our + licenses grant only permissions under copyright and certain + other rights that a licensor has authority to grant. Use of + the licensed material may still be restricted for other + reasons, including because others have copyright or other + rights in the material. A licensor may make special requests, + such as asking that all changes be marked or described. + Although not required by our licenses, you are encouraged to + respect those requests where reasonable. More_considerations + for the public: + wiki.creativecommons.org/Considerations_for_licensees + +======================================================================= + +Creative Commons Attribution-ShareAlike 4.0 International Public +License + +By exercising the Licensed Rights (defined below), You accept and agree +to be bound by the terms and conditions of this Creative Commons +Attribution-ShareAlike 4.0 International Public License ("Public +License"). To the extent this Public License may be interpreted as a +contract, You are granted the Licensed Rights in consideration of Your +acceptance of these terms and conditions, and the Licensor grants You +such rights in consideration of benefits the Licensor receives from +making the Licensed Material available under these terms and +conditions. + + +Section 1 -- Definitions. + + a. Adapted Material means material subject to Copyright and Similar + Rights that is derived from or based upon the Licensed Material + and in which the Licensed Material is translated, altered, + arranged, transformed, or otherwise modified in a manner requiring + permission under the Copyright and Similar Rights held by the + Licensor. For purposes of this Public License, where the Licensed + Material is a musical work, performance, or sound recording, + Adapted Material is always produced where the Licensed Material is + synched in timed relation with a moving image. + + b. Adapter's License means the license You apply to Your Copyright + and Similar Rights in Your contributions to Adapted Material in + accordance with the terms and conditions of this Public License. + + c. BY-SA Compatible License means a license listed at + creativecommons.org/compatiblelicenses, approved by Creative + Commons as essentially the equivalent of this Public License. + + d. Copyright and Similar Rights means copyright and/or similar rights + closely related to copyright including, without limitation, + performance, broadcast, sound recording, and Sui Generis Database + Rights, without regard to how the rights are labeled or + categorized. For purposes of this Public License, the rights + specified in Section 2(b)(1)-(2) are not Copyright and Similar + Rights. + + e. Effective Technological Measures means those measures that, in the + absence of proper authority, may not be circumvented under laws + fulfilling obligations under Article 11 of the WIPO Copyright + Treaty adopted on December 20, 1996, and/or similar international + agreements. + + f. Exceptions and Limitations means fair use, fair dealing, and/or + any other exception or limitation to Copyright and Similar Rights + that applies to Your use of the Licensed Material. + + g. License Elements means the license attributes listed in the name + of a Creative Commons Public License. The License Elements of this + Public License are Attribution and ShareAlike. + + h. Licensed Material means the artistic or literary work, database, + or other material to which the Licensor applied this Public + License. + + i. Licensed Rights means the rights granted to You subject to the + terms and conditions of this Public License, which are limited to + all Copyright and Similar Rights that apply to Your use of the + Licensed Material and that the Licensor has authority to license. + + j. Licensor means the individual(s) or entity(ies) granting rights + under this Public License. + + k. Share means to provide material to the public by any means or + process that requires permission under the Licensed Rights, such + as reproduction, public display, public performance, distribution, + dissemination, communication, or importation, and to make material + available to the public including in ways that members of the + public may access the material from a place and at a time + individually chosen by them. + + l. Sui Generis Database Rights means rights other than copyright + resulting from Directive 96/9/EC of the European Parliament and of + the Council of 11 March 1996 on the legal protection of databases, + as amended and/or succeeded, as well as other essentially + equivalent rights anywhere in the world. + + m. You means the individual or entity exercising the Licensed Rights + under this Public License. Your has a corresponding meaning. + + +Section 2 -- Scope. + + a. License grant. + + 1. Subject to the terms and conditions of this Public License, + the Licensor hereby grants You a worldwide, royalty-free, + non-sublicensable, non-exclusive, irrevocable license to + exercise the Licensed Rights in the Licensed Material to: + + a. reproduce and Share the Licensed Material, in whole or + in part; and + + b. produce, reproduce, and Share Adapted Material. + + 2. Exceptions and Limitations. For the avoidance of doubt, where + Exceptions and Limitations apply to Your use, this Public + License does not apply, and You do not need to comply with + its terms and conditions. + + 3. Term. The term of this Public License is specified in Section + 6(a). + + 4. Media and formats; technical modifications allowed. The + Licensor authorizes You to exercise the Licensed Rights in + all media and formats whether now known or hereafter created, + and to make technical modifications necessary to do so. The + Licensor waives and/or agrees not to assert any right or + authority to forbid You from making technical modifications + necessary to exercise the Licensed Rights, including + technical modifications necessary to circumvent Effective + Technological Measures. For purposes of this Public License, + simply making modifications authorized by this Section 2(a) + (4) never produces Adapted Material. + + 5. Downstream recipients. + + a. Offer from the Licensor -- Licensed Material. Every + recipient of the Licensed Material automatically + receives an offer from the Licensor to exercise the + Licensed Rights under the terms and conditions of this + Public License. + + b. Additional offer from the Licensor -- Adapted Material. + Every recipient of Adapted Material from You + automatically receives an offer from the Licensor to + exercise the Licensed Rights in the Adapted Material + under the conditions of the Adapter's License You apply. + + c. No downstream restrictions. You may not offer or impose + any additional or different terms or conditions on, or + apply any Effective Technological Measures to, the + Licensed Material if doing so restricts exercise of the + Licensed Rights by any recipient of the Licensed + Material. + + 6. No endorsement. Nothing in this Public License constitutes or + may be construed as permission to assert or imply that You + are, or that Your use of the Licensed Material is, connected + with, or sponsored, endorsed, or granted official status by, + the Licensor or others designated to receive attribution as + provided in Section 3(a)(1)(A)(i). + + b. Other rights. + + 1. Moral rights, such as the right of integrity, are not + licensed under this Public License, nor are publicity, + privacy, and/or other similar personality rights; however, to + the extent possible, the Licensor waives and/or agrees not to + assert any such rights held by the Licensor to the limited + extent necessary to allow You to exercise the Licensed + Rights, but not otherwise. + + 2. Patent and trademark rights are not licensed under this + Public License. + + 3. To the extent possible, the Licensor waives any right to + collect royalties from You for the exercise of the Licensed + Rights, whether directly or through a collecting society + under any voluntary or waivable statutory or compulsory + licensing scheme. In all other cases the Licensor expressly + reserves any right to collect such royalties. + + +Section 3 -- License Conditions. + +Your exercise of the Licensed Rights is expressly made subject to the +following conditions. + + a. Attribution. + + 1. If You Share the Licensed Material (including in modified + form), You must: + + a. retain the following if it is supplied by the Licensor + with the Licensed Material: + + i. identification of the creator(s) of the Licensed + Material and any others designated to receive + attribution, in any reasonable manner requested by + the Licensor (including by pseudonym if + designated); + + ii. a copyright notice; + + iii. a notice that refers to this Public License; + + iv. a notice that refers to the disclaimer of + warranties; + + v. a URI or hyperlink to the Licensed Material to the + extent reasonably practicable; + + b. indicate if You modified the Licensed Material and + retain an indication of any previous modifications; and + + c. indicate the Licensed Material is licensed under this + Public License, and include the text of, or the URI or + hyperlink to, this Public License. + + 2. You may satisfy the conditions in Section 3(a)(1) in any + reasonable manner based on the medium, means, and context in + which You Share the Licensed Material. For example, it may be + reasonable to satisfy the conditions by providing a URI or + hyperlink to a resource that includes the required + information. + + 3. If requested by the Licensor, You must remove any of the + information required by Section 3(a)(1)(A) to the extent + reasonably practicable. + + b. ShareAlike. + + In addition to the conditions in Section 3(a), if You Share + Adapted Material You produce, the following conditions also apply. + + 1. The Adapter's License You apply must be a Creative Commons + license with the same License Elements, this version or + later, or a BY-SA Compatible License. + + 2. You must include the text of, or the URI or hyperlink to, the + Adapter's License You apply. You may satisfy this condition + in any reasonable manner based on the medium, means, and + context in which You Share Adapted Material. + + 3. You may not offer or impose any additional or different terms + or conditions on, or apply any Effective Technological + Measures to, Adapted Material that restrict exercise of the + rights granted under the Adapter's License You apply. + + +Section 4 -- Sui Generis Database Rights. + +Where the Licensed Rights include Sui Generis Database Rights that +apply to Your use of the Licensed Material: + + a. for the avoidance of doubt, Section 2(a)(1) grants You the right + to extract, reuse, reproduce, and Share all or a substantial + portion of the contents of the database; + + b. if You include all or a substantial portion of the database + contents in a database in which You have Sui Generis Database + Rights, then the database in which You have Sui Generis Database + Rights (but not its individual contents) is Adapted Material, + + including for purposes of Section 3(b); and + c. You must comply with the conditions in Section 3(a) if You Share + all or a substantial portion of the contents of the database. + +For the avoidance of doubt, this Section 4 supplements and does not +replace Your obligations under this Public License where the Licensed +Rights include other Copyright and Similar Rights. + + +Section 5 -- Disclaimer of Warranties and Limitation of Liability. + + a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE + EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS + AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF + ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, + IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, + WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR + PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS, + ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT + KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT + ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU. + + b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE + TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, + NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, + INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES, + COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR + USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN + ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR + DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR + IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. + + c. The disclaimer of warranties and limitation of liability provided + above shall be interpreted in a manner that, to the extent + possible, most closely approximates an absolute disclaimer and + waiver of all liability. + + +Section 6 -- Term and Termination. + + a. This Public License applies for the term of the Copyright and + Similar Rights licensed here. However, if You fail to comply with + this Public License, then Your rights under this Public License + terminate automatically. + + b. Where Your right to use the Licensed Material has terminated under + Section 6(a), it reinstates: + + 1. automatically as of the date the violation is cured, provided + it is cured within 30 days of Your discovery of the + violation; or + + 2. upon express reinstatement by the Licensor. + + For the avoidance of doubt, this Section 6(b) does not affect any + right the Licensor may have to seek remedies for Your violations + of this Public License. + + c. For the avoidance of doubt, the Licensor may also offer the + Licensed Material under separate terms or conditions or stop + distributing the Licensed Material at any time; however, doing so + will not terminate this Public License. + + d. Sections 1, 5, 6, 7, and 8 survive termination of this Public + License. + + +Section 7 -- Other Terms and Conditions. + + a. The Licensor shall not be bound by any additional or different + terms or conditions communicated by You unless expressly agreed. + + b. Any arrangements, understandings, or agreements regarding the + Licensed Material not stated herein are separate from and + independent of the terms and conditions of this Public License. + + +Section 8 -- Interpretation. + + a. For the avoidance of doubt, this Public License does not, and + shall not be interpreted to, reduce, limit, restrict, or impose + conditions on any use of the Licensed Material that could lawfully + be made without permission under this Public License. + + b. To the extent possible, if any provision of this Public License is + deemed unenforceable, it shall be automatically reformed to the + minimum extent necessary to make it enforceable. If the provision + cannot be reformed, it shall be severed from this Public License + without affecting the enforceability of the remaining terms and + conditions. + + c. No term or condition of this Public License will be waived and no + failure to comply consented to unless expressly agreed to by the + Licensor. + + d. Nothing in this Public License constitutes or may be interpreted + as a limitation upon, or waiver of, any privileges and immunities + that apply to the Licensor or You, including from the legal + processes of any jurisdiction or authority. + + +======================================================================= + +Creative Commons is not a party to its public licenses. +Notwithstanding, Creative Commons may elect to apply one of its public +licenses to material it publishes and in those instances will be +considered the "Licensor." Except for the limited purpose of indicating +that material is shared under a Creative Commons public license or as +otherwise permitted by the Creative Commons policies published at +creativecommons.org/policies, Creative Commons does not authorize the +use of the trademark "Creative Commons" or any other trademark or logo +of Creative Commons without its prior written consent including, +without limitation, in connection with any unauthorized modifications +to any of its public licenses or any other arrangements, +understandings, or agreements concerning use of licensed material. For +the avoidance of doubt, this paragraph does not form part of the public +licenses. + +Creative Commons may be contacted at creativecommons.org. diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..54ee1ad --- /dev/null +++ b/Makefile @@ -0,0 +1,12 @@ + +.PHONY: all + +all: topics.svg topics.png + +%.dot: %.m4.dot + m4 $< > $@ + +%.svg: %.dot + dot -Tsvg $< > $@ +%.png: %.dot + dot -Tpng $< > $@ diff --git a/README b/README new file mode 100644 index 0000000..a06612e --- /dev/null +++ b/README @@ -0,0 +1,5 @@ +The Ethics Void +=============== +Presented at LibrePlanet 2018 + +Video: https://media.libreplanet.org/u/libreplanet/m/the-ethics-void/ diff --git a/ethics-void.bib b/ethics-void.bib new file mode 100644 index 0000000..1ae07b9 --- /dev/null +++ b/ethics-void.bib @@ -0,0 +1,229 @@ + +@online{guardian:doll-spy, + author = {Oltermann, Philip}, + title = {German parents told to destroy doll that can spy on children}, + subtitle = {German watchdog classifies My Friend Cayla doll as + `illegal espionage apparatus' and says shop owners could + face fines}, + date = {2017-02-17}, + organization = {The Guardian}, + url = {https://www.theguardian.com/world/2017/feb/17/german-parents-told-to-destroy-my-friend-cayla-doll-spy-on-children}, + urldate = {2017-03-22}, +} + +@online{bb:school-spy-home, + author = {Doctorow, Cory}, + title = {School used student laptop webcams to spy on them at school and home}, + date = {2010-02-17}, + organization = {Boing Boing}, + url = {https://boingboing.net/2010/02/17/school-used-student.html}, + urldate = {2017-12-26}, + archive = {http://web.archive.org/web/20171226001728}, +} + +% TODO: https://en.wikipedia.org/wiki/Robbins_v._Lower_Merion_School_District + +@online{tc:moviepass-tracking, + author = {Coldewey, Devin}, + title = {{MoviePass} {CEO} proudly says the app tracks your location + before and after movies}, + date = {2018-03-05}, + organization = {TechCrunch}, + url = {https://techcrunch.com/2018/03/05/moviepass-ceo-proudly-says-the-app-tracks-your-location-before-and-after-movies/}, + urldate = {2018-03-09}, + archive = {https://web.archive.org/web/20180309113540}, +} + +% TODO: elaborate +@online{trustev:tech, + title = {TransUnion | Trustev -- Technology}, + organization = {TransUnion}, + url = {http://www.trustev.com/technology}, + urldate = {2017-03-19}, +} + +% TODO: elaborate +@online{eff:alpr, + title = {Automated License Plate Readers}, + organization = {Electronic Frontier Foundation}, + url = {https://www.eff.org/sls/tech/automated-license-plate-readers}, + urldate = {2017-03-13}, +} + +% TODO: lp:snowden-ovation +@online{lp:snowden-ovation, + author = {Feener, Kori (CC BY 4.0)}, + url = {https://media.libreplanet.org/u/libreplanet/m/wide-02-png-libreplanet-2016-663a/}, + annotation = {CC BY 4.0}, +} + +@online{npr:medical-devices, + author = {Davies, Dave}, + title = {Are Implanted Medical Devices Creating A `Danger Within Us'?}, + organization = {NPR}, + date = {2018-01-17}, + url = {https://www.npr.org/2018/01/17/578562873/are-implanted-medical-devices-creating-a-danger-within-us}, + urldate = {2018-03-09}, + archive = {https://web.archive.org/web/20180309062312}, +} + +@online{insecam, + title = {Insecam - World biggest online cameras directory}, + url = {http://insecam.org}, + urldate = {2017-03-19}, + annotation = {Load the HTTP (non-HTTPS) site, otherwise mixed content is + blocked and thumbnails will not work.} +} + +@online{wp:google-student-tracking, + author = {Peterson, Andrea}, + title = {Google is tracking students as it sells more products to schools, + privacy advocates warn}, + organization = {The Washington Post}, + date = {2015-12-28}, + url = {https://www.washingtonpost.com/news/the-switch/wp/2015/12/28/google-is-tracking-students-as-it-sells-more-products-to-schools-privacy-advocates-warn/}, + urldate = {2017-12-22}, + archive = {http://web.archive.org/web/20171222065049}, +} + +@online{bbc:vtech-fine, + title = {Toy firm {VTech} fined \$650,000 over data breach}, + organization = {BBC}, + date = {2018-01-09}, + url = {http://www.bbc.com/news/technology-42620717}, + urldate = {2018-03-04}, + archive = {http://web.archive.org/web/20180304035206}, +} + +@online{register:baby-monitor, + author = {Leyden, John}, + title = {IoT baby monitors {STILL} revealing live streams of sleeping kids}, + subtitle = {The hacker that rocks the cradle}, + organization = {The Register}, + date = {2016-09-03}, + url = {http://www.theregister.co.uk/2015/09/03/baby_monitors_insecure_internet_things/}, + urldate = {2017-07-04}, + archive = {https://web.archive.org/web/20170704144812}, +} + +@online{acm:ethics-draft-3, + title = {2018 {Code}, Draft~3 | {ACM Ethics}}, + organization = {The Association for Computing Machinery}, + date = {2018-01}, + url = {https://ethics.acm.org/2018-code-draft-3/}, + urldate = {2018-02-22}, + archive = {https://web.archive.org/web/20180222212708}, +} + +@online{kryptowire:adups, + author = {Kryptowire}, + title = {KRYPTOWIRE DISCOVERS MOBILE PHONE FIRMWARE THAT TRANSMITTED + PERSONALLY IDENTIFIABLE INFORMATION (PII) WITHOUT USER + CONSENT OR DISCLOSURE}, + url = {http://www.kryptowire.com/adups_security_analysis.html}, + urldate = {2017-03-11}, + annotation = {BLU mobile phones transmitting SMS content, contacts, call + history, telephone numbers, IMEIs, etc to third-party + servers without users' knolwedge or censent} +} + +@online{nist:sp-800-122, + author = {McCallister, Erika + and Grance, Tim + and Scarfone, Karen}, + title = {Guide to Protecting the Confidentiality of Personally + Identifiable Information {(PII)}}, + organization = {National Institute for Standards and Technology}, + date = {2010-04}, + url = {https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-122.pdf}, + urldate = {2018-03-07}, + archive = {https://web.archive.org/web/20180307050603}, + annotation = {NIST~SP~800-122}, +}, + +@online{mreview:surv-cap, + author = {Foster, John Bellamy + and McChesney, Robert W.}, + title = {Surveillance Capitalism}, + subtitle = {Monopoly-Finance Capital, the Military-Industrial Complex, and + the Digital Age}, + url = {https://monthlyreview.org/2014/07/01/surveillance-capitalism/}, + urldate = {2018-02-12}, + archive = {https://web.archive.org/web/20180212142148}, +} + +@online{w:file:gps, + title = {File:GPS Satellite NASA art-iif.jpg}, + date = {2006-02-09}, + organization = {NASA}, + url = {https://en.wikipedia.org/wiki/File:GPS_Satellite_NASA_art-iif.jpg}, + urldate = {2017-03-19}, +} + +@online{osmand, + title = {OsmAnd - Offline Mobile Maps and Navigation}, + url = {http://osmand.net/}, + urldate = {2017-03-11}, +} + +% TODO +%@online{fb:dev-consent, +% url = {https://developers.facebook.com/docs/privacy}, +%} +% +%% TODO +%@online{kant:meta-morals, +% % https://en.wikipedia.org/wiki/Categorical_imperative#cite_note-4:421-3 +%} + +@online{gnu:open-source-misses, + author = {Stallman, Richard}, + title = {Why Open Source Misses the Point of Free Software}, + url = {https://www.gnu.org/philosophy/open-source-misses-the-point.html}, + urldate = {2018-03-15}, + archive = {https://web.archive.org/web/20180315044814}, +} + +@online{os-almost-everything, + author = {Preston-Werner, Tom}, + title = {Open Source (Almost) Everything}, + date = {2011-11-22}, + url = {http://tom.preston-werner.com/2011/11/22/open-source-everything.html}, + urldate = {2018-01-17}, + archive = {https://web.archive.org/web/20180117094902}, +} + +@online{jlse:behavioral-ethics, + author = {Prentice, Robert}, + title = {Teaching Behavioral Ethics}, + url = {ethicsunwrapped.utexas.edu/wp-content/uploads/2014/09/Teaching-Behavioral-Ethics-by-Robert-A.-Prentice.pdf}, + date = {2014}, +} + +% TODO +@online{dbd, + title = {Defective By Design}, + organization = {Free Software Foundation}, + url = {https://defectivebydesign.org/}, +} + +@online{sky:cambridge-analytica, + author = {Cheshire, Tom}, + title = {Behind the scenes at {Donald Trump's} {UK} digital war room}, + subtitle = {{Cambridge Analytica} uses data from social media and credit + cards to deliver ``extremely individualistic targeting'' for + {Mr Trump}}, + organization = {Sky News}, + date = {2016-10-22}, + url = {https://news.sky.com/story/behind-the-scenes-at-donald-trumps-uk-digital-war-room-10626155}, + urldate = {2018-02-24}, + archive = {https://web.archive.org/web/20180224060924}, +} + +@online{w:fb-news-feed, + title = {News Feed}, + organization = {Wikipedia}, + url = {https://en.wikipedia.org/wiki/News_Feed}, + urldate = {2017-07-31}, + archive = {https://web.archive.org/web/20170731153353}, +} diff --git a/fix.sh b/fix.sh new file mode 100755 index 0000000..6602e35 --- /dev/null +++ b/fix.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +sed -i 's/^\\usecolortheme/\\setbeamertemplate{headline}{}&/' slides.tex +pdflatex slides.tex diff --git a/images/bbc-vtech-fine.png b/images/bbc-vtech-fine.png new file mode 100644 index 0000000..a7ff13e Binary files /dev/null and b/images/bbc-vtech-fine.png differ diff --git a/images/guardian-doll-spy.png b/images/guardian-doll-spy.png new file mode 100644 index 0000000..2258068 Binary files /dev/null and b/images/guardian-doll-spy.png differ diff --git a/images/insecam-bedroom.png b/images/insecam-bedroom.png new file mode 100644 index 0000000..8479aa1 Binary files /dev/null and b/images/insecam-bedroom.png differ diff --git a/images/iot-baby.png b/images/iot-baby.png new file mode 100644 index 0000000..51050d8 Binary files /dev/null and b/images/iot-baby.png differ diff --git a/images/kryptowire-blu.png b/images/kryptowire-blu.png new file mode 100644 index 0000000..302a804 Binary files /dev/null and b/images/kryptowire-blu.png differ diff --git a/images/moviepass-tracking.png b/images/moviepass-tracking.png new file mode 100644 index 0000000..6b3658f Binary files /dev/null and b/images/moviepass-tracking.png differ diff --git a/images/npr-medical-devices.png b/images/npr-medical-devices.png new file mode 100644 index 0000000..0d4df3f Binary files /dev/null and b/images/npr-medical-devices.png differ diff --git a/images/onstar-collects.png b/images/onstar-collects.png new file mode 100644 index 0000000..8b90ee6 Binary files /dev/null and b/images/onstar-collects.png differ diff --git a/images/school-spy-home.png b/images/school-spy-home.png new file mode 100644 index 0000000..7384dc8 Binary files /dev/null and b/images/school-spy-home.png differ diff --git a/images/sky-ca.png b/images/sky-ca.png new file mode 100644 index 0000000..624659c Binary files /dev/null and b/images/sky-ca.png differ diff --git a/images/tp/.gitignore b/images/tp/.gitignore new file mode 100644 index 0000000..f3a75c5 --- /dev/null +++ b/images/tp/.gitignore @@ -0,0 +1,6 @@ +* +!gen-makefile +!remote-list +!SHA256SUM +!.gitignore + diff --git a/images/tp/SHA256SUM b/images/tp/SHA256SUM new file mode 100644 index 0000000..b5b90f7 --- /dev/null +++ b/images/tp/SHA256SUM @@ -0,0 +1,16 @@ +e363bfb6ccc21f91a74f624a0b9249caf218b9918dcb4c6934d7467fb5b8c17b aclu-tracked.jpg +4b0050a377af1fcd72f14863408eef44d40e7ba6fe31e2121ec7c3a51781a752 alpr-capture.png +f9e8e3dcf3d383399bad9d1ebc52e156a74d32555166be50c8a027ebe17be69f amazon-echo.jpg +110b9f3e72c0337822de8fa6aa2fd262138acbf121689ecf6b332c072769df40 dbd.png +5c3f16aff71210d52592529626b5fe89a23843d2109fa7c709d14ea5b5436440 facebook-logo.png +674cc45e97a4694da4aa73c89f7a7af09ee4a1b369fa3275aba6c0cf96060ff8 fb-news-feed.png +acd0ee4a3392a71d5190e22feda3c9898d8ff4a9c8b038475b8c0d7185d0d3e9 ford-logo.png +2d16ab8104c46908ea7fd0f45b8e017cf68e73c55427ab70ded49585cf9568fd google-home.jpg +97b9850d7087ff14c93f5e01b3f4b248b030c85d4790d334eb58ce6384ab3d5e gps.jpg +52f6e19fe287966e35fbed727d9a3d11e37db7d0c9747842694d9aa9d7f3031c lp2016-snowden-ovation.png +566c10d0004fda789b9fba51f6700003524e061ec169bd9e08ee431e52fb4e43 nsa-spying.png +b4e8ad3e8bf8ba9cf2efe165ee02495a7a7f60bdda985d088fe545e04029554a onstar-logo.png +2ac88ae6b61e49234126453808a93a1c4de12e7c39468a44e37972b0da21641c osmand-nav.png +6daef480647e208f65ea76a9b67a59a2594c4fc3c3c1ab34dd76dab0258324e9 sandler.png +54b087cc2e13ba9e1565e414fdc41e7d1c2a0b8fc44a6f07b0fccc6b01c206db santa-cam.jpg +0a47a1e0b74fa4ec168d935357081a6d15e55ba77edad483ecb7fe14c3f6f4dc trustev-graph.png diff --git a/images/tp/gen-makefile b/images/tp/gen-makefile new file mode 100755 index 0000000..23ea637 --- /dev/null +++ b/images/tp/gen-makefile @@ -0,0 +1,52 @@ +#!/bin/bash +# Generate Makefile for third-party image download +# +# Copyright (C) 2017 Mike Gerwitz +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +## + +declare -r remote_file=remote-list + +cat < \$@ + +check: + sha256sum -c SHA256SUM + +clean: + \$(RM) \$(images) + +EOF + +while read out url convert; do + dest="$out" + + echo "$dest": + printf "\ttorify wget -O %q %q\n" "$dest" "$url" + + test -n "$convert" || continue + + printf "\tmogrify %s %q\n" "$convert" "$dest" +done < "$remote_file" + diff --git a/images/tp/remote-list b/images/tp/remote-list new file mode 100644 index 0000000..14badbe --- /dev/null +++ b/images/tp/remote-list @@ -0,0 +1,13 @@ +onstar-logo.png https://web.archive.org/web/20170322052352/https://upload.wikimedia.org/wikipedia/commons/thumb/b/bc/OnStar_2D_logo_2016.svg/320px-OnStar_2D_logo_2016.svg.png +ford-logo.png https://web.archive.org/web/20170322062219/https://upload.wikimedia.org/wikipedia/commons/thumb/a/a0/Ford_Motor_Company_Logo.svg/320px-Ford_Motor_Company_Logo.svg.png +trustev-graph.png https://web.archive.org/web/20170319060719/http://www.trustev.com/hs-fs/hubfs/JANUARY-2016/Technology/r-feb-t-circle1.png?t=1473256538000&width=1788&name=r-feb-t-circle1.png +alpr-capture.png https://web.archive.org/web/20170318173346/https://www.eff.org/files/2015/10/20/paxton_captures.png +sandler.png https://media.libreplanet.org/mgoblin_media/media_entries/1410/Sandler_01.png -crop 1150x1950+560+970 -scale 25% +lp2016-snowden-ovation.png https://media.libreplanet.org/mgoblin_media/media_entries/1394/Wide_02.medium.png +gps.jpg https://web.archive.org/web/20170319181816/https://upload.wikimedia.org/wikipedia/commons/thumb/8/8d/GPS_Satellite_NASA_art-iif.jpg/300px-GPS_Satellite_NASA_art-iif.jpg +osmand-nav.png https://osmand.net/images/promo-1s.png +dbd.png https://www.defectivebydesign.org/sites/all/themes/dbd2/images/dbd-logo.png +fb-news-feed.png https://upload.wikimedia.org/wikipedia/en/7/7a/Facebook_mobile.png +amazon-echo.jpg https://web.archive.org/web/20170322034016/https://upload.wikimedia.org/wikipedia/commons/thumb/5/5c/Amazon_Echo.jpg/208px-Amazon_Echo.jpg +google-home.jpg https://web.archive.org/web/20180226121233/https://upload.wikimedia.org/wikipedia/commons/6/6e/Google_Home_sitting_on_table.jpg +facebook-logo.png https://upload.wikimedia.org/wikipedia/commons/thumb/7/7c/Facebook_New_Logo_%282015%29.svg/640px-Facebook_New_Logo_%282015%29.svg.png diff --git a/images/wp-google-student.png b/images/wp-google-student.png new file mode 100644 index 0000000..ea67536 Binary files /dev/null and b/images/wp-google-student.png differ diff --git a/slides.org b/slides.org new file mode 100644 index 0000000..1add236 --- /dev/null +++ b/slides.org @@ -0,0 +1,2602 @@ +#+startup: beamer +#+TITLE: The Ethics Void +#+AUTHOR: Mike Gerwitz +#+EMAIL: mtg@gnu.org +#+DATE: LibrePlanet 2018 +#+OPTIONS: H:3 num:nil toc:nil p:nil todo:nil stat:nil +#+LaTeX_CLASS: beamer +#+LaTeX_CLASS_OPTIONS: [presentation] +#+BEAMER_THEME: Luebeck +#+BEAMER_COLOR_THEME: seagull +#+BEAMER_HEADER: \beamertemplatenavigationsymbolsempty +#+BEAMER_HEADER: \setbeamerfont{title}{size = \Huge} +#+BEAMER_HEADER: \setbeamertemplate{bibliography item}{\insertbiblabel} +#+BEAMER_HEADER: \setbeamertemplate{headline}{} +#+BIBLIOGRAPHY: ethics-void plain +#+TODO: RAW(r) DEVOID(v) LACKING(l) DRAFT(d) REVIEWED(R) AUGMENT(A) | READY(,) REHEARSED(.) +#+COLUMNS: %40ITEM %10DURATION{:} %8TODO %BEAMER_ENV(ENVIRONMENT) + +#+LATEX_HEADER: \usepackage[backend=biber]{biblatex} +#+LATEX_HEADER: \usepackage{color} +#+LATEX_HEADER: \bibliography{ethics-void} + +#+BEGIN_LATEX +% citations will be grayed and pushed to the right margin +\let\origcite\cite +% incite = "inline" cite +\def\cite{\hfill\incite} +\newcommand*{\incite}[1]{{% + \tiny + \raisebox{1ex}{% + \color{lightgray}% + \origcite{#1}% + }% +}} + +\renewcommand*{\bibfont}{\scriptsize} +#+END_LATEX + +#+BEAMER: \def\subskip{\vskip0.5in} +#+BEAMER: \def\medsubskip{\vskip0.25in} +#+BEAMER: \def\smallsubskip{\vskip0.15in} + +* RAW Slides +:PROPERTIES: +:ID: slides +:END: + + + +** Summary :noexport: +#+BEGIN: columnview :hlines 2 :maxlevel 3 :indent t :id slides +| ITEM | DURATION | TODO | ENVIRONMENT | +|-----------------------------------------------------------------------------------+----------+-----------+-------------| +| * Slides | 0:39 | RAW | | +|-----------------------------------------------------------------------------------+----------+-----------+-------------| +| ** Summary :noexport: | | | | +|-----------------------------------------------------------------------------------+----------+-----------+-------------| +| ** Introduction :noexport: | 00:00:30 | REHEARSED | | +|-----------------------------------------------------------------------------------+----------+-----------+-------------| +| ** We Are Everywhere (Introduction / Opening) | 0:04 | REHEARSED | | +| *** Let's Switch Perspectives :B_fullframe: | 00:01:05 | REHEARSED | | +| *** Pervasive Technology :B_fullframe: | 00:00:30 | REHEARSED | | +| *** We Control What You See and What\nbsp{}You\nbsp{}Do :B_frame: | 00:00:25 | REHEARSED | | +| *** We Know Where You Are, Have Been, Will Be :B_frame: | 00:00:25 | REHEARSED | | +| *** We Live Inside Your Home :B_frame: | 00:00:30 | REHEARSED | | +| *** We Observe and Influence Your Children :B_frame: | 00:00:20 | REHEARSED | | +| *** Any Of Us Can Do These Things :B_fullframe: | 00:00:45 | REHEARSED | | +|-----------------------------------------------------------------------------------+----------+-----------+-------------| +| ** Moral Considerations | 0:03 | REHEARSED | | +| *** Something Feels Wrong :B_fullframe: | 00:00:20 | REHEARSED | | +| *** Snowden Revelations :B_fullframe: | 00:01:00 | REHEARSED | | +| *** Moral Relativism :B_fullframe: | 00:00:40 | REHEARSED | | +| *** Consequentialism :B_fullframe: | 00:00:45 | REHEARSED | | +|-----------------------------------------------------------------------------------+----------+-----------+-------------| +| ** Human Rights | 0:02 | REHEARSED | | +| *** United States Declaration of Independence (4\nbsp{}July\nbsp{}1776) :B_frame: | 00:00:55 | REHEARSED | | +| *** Universal Declaration of Human\nbsp{}Rights\nbsp(1948) :B_frame: | 00:01:00 | REHEARSED | | +|-----------------------------------------------------------------------------------+----------+-----------+-------------| +| ** Privacy | 0:14 | REHEARSED | | +| *** 2018 ACM Code of Ethics and Professional Conduct :B_frame: | 00:01:20 | REHEARSED | | +| *** 2018 ACM Code of Ethics and Professional Conduct :B_frame: | 00:00:55 | REHEARSED | | +| *** HIPAA :B_frame: | 00:01:00 | REHEARSED | | +| *** When Is Data Collection Okay? :B_fullframe: | 00:02:00 | REHEARSED | | +| *** Universal Declaration of Human Rights (Privacy) :B_frame: | 00:00:15 | REHEARSED | | +| *** Privacy Is A Human Rights Issue :B_fullframe: | 00:00:05 | REHEARSED | | +| *** Introducing Personally Identifiable Information :B_fullframe: | 00:00:15 | REHEARSED | | +| *** Personally Identifiable Information (PII) :B_frame:rmc: | 00:00:55 | REHEARSED | | +| *** Information Security Well Researched :B_fullframe: | 00:00:35 | REHEARSED | | +| *** Organisation for Economic Co-operation and Development (OECD) :B_frame: | 00:00:45 | REHEARSED | | +| *** OECD Guidelines :B_frame: | 00:01:30 | REHEARSED | | +| *** Framework Code of Ethics: Transparency :B_frame: | 00:01:00 | REHEARSED | | +| *** Framework Code of Ethics: Consent :B_frame: | 00:00:40 | REHEARSED | | +| *** Solid Principles, So Why Not Follow? :B_fullframe: | 00:00:15 | REHEARSED | | +| *** Surveillance Capitalism :B_fullframe: | 00:00:50 | REHEARSED | | +| *** Universal Declaration of Human Rights: Opinion :B_frame: | 00:00:45 | REHEARSED | | +| *** You Can, But Should You? :B_frame: | 00:00:50 | REHEARSED | | +|-----------------------------------------------------------------------------------+----------+-----------+-------------| +| ** Those Who Control | 0:07 | REHEARSED | | +| *** You Can, But Should You? Example: GPS :B_fullframe:rmc: | 00:00:45 | REHEARSED | | +| *** Software Cannot Be Trusted :B_fullframe: | 00:00:25 | REHEARSED | | +| *** No Transparency Without Source Code :B_fullframe: | 00:00:20 | REHEARSED | | +| *** Programs That Keep Secrets Aren't Transparent or Safe :B_frame: | 00:01:00 | REHEARSED | | +| *** Keeping Secrets Means Keeping Control :B_fullframe: | 00:00:25 | REHEARSED | | +| *** Universal Declaration of Human Rights :B_frame: | 00:00:20 | REHEARSED | | +| *** Universal Declaration of Human Rights: Liberty :B_frame: | 00:00:15 | REHEARSED | | +| *** No Servitude :B_fullframe: | 00:00:10 | REHEARSED | | +| *** Philosophy of Control :B_frame: | 00:01:00 | REHEARSED | | +| *** User Freedom Is Software Freedom :B_fullframe: | 00:00:25 | REHEARSED | | +| *** Moral Imperative :B_fullframe: | 00:00:30 | REHEARSED | | +| *** What About Moral Relativism? :B_fullframe: | 00:01:20 | REHEARSED | | +| *** Framework Code of Ethics: Serve the User :B_frame: | 00:00:10 | REHEARSED | | +|-----------------------------------------------------------------------------------+----------+-----------+-------------| +| ** A Moral Speedbump | 0:07 | READY | | +| *** A Moral Foundation: The Four Freedoms :B_frame: | 00:00:50 | REHEARSED | | +| *** Why Is ``Open Source'' Popular? :B_frame: | 00:00:50 | REHEARSED | | +| *** Open Source Misses the Point :B_fullframe: | 00:00:20 | REHEARSED | | +| *** Perpetuating An Ethics Void :B_fullframe: | 00:01:05 | READY | | +| *** Conformity Bias / ``Groupthink'' :B_frame: | 00:00:25 | REHEARSED | | +| *** Follow the Leader :B_fullframe: | 00:00:45 | REHEARSED | | +| *** Misjudging Oneself :B_fullframe: | 00:00:30 | REHEARSED | | +| *** Moral Clarity :B_fullframe: | 00:01:20 | REHEARSED | | +| *** Judged By Inaction :B_fullframe: | 00:00:25 | REHEARSED | | +| *** Framework Code of Ethics: Be Mindful :B_frame: | 00:00:35 | REHEARSED | | +| *** Framework Code of Ethics: Empower Others, Recursively :B_frame: | 00:00:20 | REHEARSED | | +|-----------------------------------------------------------------------------------+----------+-----------+-------------| +| ** Conclusion | 0:02 | READY | | +| *** Framework Code of Ethics :B_frame: | 00:00:30 | REHEARSED | | +| *** Pragmatic Ethics :B_fullframe: | 00:00:30 | REHEARSED | | +| *** We, You :B_fullframe: | 00:00:45 | READY | | +|-----------------------------------------------------------------------------------+----------+-----------+-------------| +| ** Thank You :B_fullframe: | 00:00:01 | | | +|-----------------------------------------------------------------------------------+----------+-----------+-------------| +| ** References :B_appendix: | | | | +#+END: + +** REHEARSED Introduction :noexport: +:PROPERTIES: +:DURATION: 00:00:30 +:END: +#+BEGIN_COMMENT +Hello, everyone! +Thanks for coming! + +My name's Mike Gerwitz. +I am a free software hacker and activist with a focus on user privacy and + security. +I'm also a GNU Maintainer and software evaluator, and hold other + various other administrative duties within GNU. + +Last year, + here at LibrePlanet, + I talked a lot about various threats to privacy, security, and freedom. +I provided a /lot/ of references for those who might be interested in them. +How many of you attended or have otherwise seen + The Surreptitious Assault on Privacy, Security, and Freedom? + + +#+END_COMMENT + + +** REHEARSED We Are Everywhere (Introduction / Opening) +*** REHEARSED Let's Switch Perspectives :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:01:05 +:END: + +#+BEGIN_COMMENT +I'm really excited to be back this year and to switch perspectives. +Last year was all about "them"--- + "us" versus "them". +But framing those issues as such doesn't permit the type of perspective that + I'm interested in pursuing this talk. +I'm going to reframe these issues. +I'm instead going to refer to a collective "we". + +The "we" I am referring to is anyone and everyone that has influence over + others with technology. +That includes people that many of us here probably wouldn't want to affiliate + ourselves with. +Because we're all in this together. +We all contribute to the future of the world we live in. +And we have all contributed to the present in some way, + directly or indirectly, + though action or inaction. +To distance ourselves from what we would consider to be "them", + to distance ourselves from what we perceive as bad, + would be an attempt to absolve ourselves of responsibility. + +Because we are /all/ responsible. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +``Us'' vs. ``Them'' +#+BEAMER: } +#+BEAMER: \only<2>{\Huge +``We'' +#+BEAMER: } +#+BEAMER: \only<3>{\Huge +``We'' Are All Responsible +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Pervasive Technology :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:30 +:END: + +#+BEGIN_COMMENT +Technology pervades nearly every aspect of every modern user's life. +And it even touches those that don't or might not have the privilege to use + technology themselves. + +Consequently, + /"we"/ collectively control nearly every aspect of modern users' lives. +/We/ touch, + either directly or indirectly, + nearly every person on this planet. +/Everything/ is affected by the consequences of our actions. + +So, let's speak candidly to users everywhere, + and to ourselves. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \Huge +Technology Is Pervasive +#+END_CENTER + + +*** REHEARSED We Control What You See and What\nbsp{}You\nbsp{}Do :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:25 +:END: + +#+BEGIN_COMMENT +We control what you see. +We control what you do. + +News and information is targeted at you personally. +Your devices hold you hostage, + commanding /you/, + rather than the other way around. +The more that we fade into the background, + as something that is so integral in your life that it isn't noticed until + it goes wrong, + the more ignorant you become of just what you are losing control of. +#+END_COMMENT + +#+BEGIN_CENTER +#+ATTR_LATEX: :height 0.5in +[[./images/tp/dbd.png]]\incite{dbd} +#+END_CENTER + +**** Bottom :B_columns: +:PROPERTIES: +:BEAMER_env: columns +:END: +***** Left :B_column: +:PROPERTIES: +:BEAMER_env: column +:BEAMER_col: 0.60 +:END: +#+ATTR_LATEX: :height 1.25in +[[./images/sky-ca.png]]\incite{sky:cambridge-analytica} + +***** Right :B_column: +:PROPERTIES: +:BEAMER_env: column +:BEAMER_col: 0.40 +:END: +#+ATTR_LATEX: :height 1.25in +[[./images/tp/fb-news-feed.png]]\incite{w:fb-news-feed} + + +*** REHEARSED We Know Where You Are, Have Been, Will Be :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:25 +:END: + +#+BEGIN_COMMENT +We know where you are. +We know where you have been. +We know where you will be. + +The apps you install on your devices violate and spy on you. +The cars you drive may track you. +Cameras everywhere constantly surveil you, inescapably. +We can track everywhere you go online. +And data brokers aggregate these data and then sell you out to others, + as a product. +#+END_COMMENT + +#+BEGIN_CENTER +#+ATTR_LATEX: :height 0.5in +[[./images/tp/facebook-logo.png]] +#+END_CENTER + +**** TrustEV :B_columns: +:PROPERTIES: +:BEAMER_env: columns +:END: + +***** Left :B_column: +:PROPERTIES: +:BEAMER_env: quote +:BEAMER_col: 0.50 +:END: +#+ATTR_LATEX: :height 1.15in +[[./images/tp/trustev-graph.png]]\incite{trustev:tech} + +#+BEAMER: {\scriptsize +#+BEGIN_CENTER + TransUnion Trustev +#+END_CENTER +#+BEAMER: } + +***** Right :B_column: +:PROPERTIES: +:BEAMER_env: quote +:BEAMER_col: 0.50 +:END: + +#+ATTR_LATEX: :height 1.5in +[[./images/tp/alpr-capture.png]]\incite{eff:alpr} + +**** Bottom :B_columns: +:PROPERTIES: +:BEAMER_env: columns +:END: +***** Bottom Left :B_column: +:PROPERTIES: +:BEAMER_env: quote +:BEAMER_col: 0.50 +:END: +#+ATTR_LATEX: :height 0.5in +[[./images/tp/onstar-logo.png]] + +***** Bottom Right :B_column: +:PROPERTIES: +:BEAMER_env: quote +:BEAMER_col: 0.50 +:END: +#+ATTR_LATEX: :height 0.5in +[[./images/tp/ford-logo.png]] + + +*** REHEARSED We Live Inside Your Home :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:30 +:END: + +#+BEGIN_COMMENT +We live inside your home. + +Microphones listening. +Cameras watching. +Your IoT thermostat or TV or bed or toothbrush or whatever it may be leaks + precious information about you. +And they might be hopelessly insecure, + with no way to upgrade them but to replace them entirely. + +You are under assault---not just by the makers of your devices, + but also by those who can exploit them, + sometimes easily and often automated. +#+END_COMMENT + +#+BEGIN_CENTER +#+ATTR_LATEX: :height 1in +[[./images/insecam-bedroom.png]]\par\incite{insecam} +#+END_CENTER + +**** Assistants :B_columns: +:PROPERTIES: +:BEAMER_env: columns +:END: + +***** Left :B_column: +:PROPERTIES: +:BEAMER_env: quote +:BEAMER_col: 0.50 +:END: +#+BEGIN_CENTER +#+ATTR_LATEX: :height 1in +[[./images/tp/amazon-echo.jpg]] +#+END_CENTER + +***** Right :B_column: +:PROPERTIES: +:BEAMER_env: quote +:BEAMER_col: 0.50 +:END: +#+BEGIN_CENTER +#+ATTR_LATEX: :height 1in +[[./images/tp/google-home.jpg]] +#+END_CENTER + + +*** REHEARSED We Observe and Influence Your Children :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:20 +:END: + +#+BEGIN_COMMENT +We observe your children. +We influence their behavior. + +Children are some of the most vulnerable among us. +What they experience now will shape the rest of their lives. +And what we can learn about those experiences now will allow us to exploit + them for the rest of their lives. +#+END_COMMENT + +**** Top :B_columns: +:PROPERTIES: +:BEAMER_env: columns +:END: +***** Top Left :B_column: +:PROPERTIES: +:BEAMER_env: quote +:BEAMER_col: 0.50 +:END: +#+ATTR_LATEX: :width 2.25in +[[./images/school-spy-home.png]]\incite{bb:school-spy-home} + +***** Top Right :B_column: +:PROPERTIES: +:BEAMER_env: quote +:BEAMER_col: 0.50 +:END: +#+ATTR_LATEX: :width 1.50in +[[./images/wp-google-student.png]]\incite{wp:google-student-tracking} + +**** Bottom :B_columns: +:PROPERTIES: +:BEAMER_env: columns +:END: + +***** Bottom Left :B_column: +:PROPERTIES: +:BEAMER_env: quote +:BEAMER_col: 0.50 +:END: +#+ATTR_LATEX: :height 1.5in +[[./images/guardian-doll-spy.png]]\incite{guardian:doll-spy} + +#+ATTR_LATEX: :width 1.75in +[[./images/iot-baby.png]]\incite{register:baby-monitor} + +***** Bottom Right :B_column: +:PROPERTIES: +:BEAMER_env: column +:BEAMER_col: 0.50 +:END: + +#+ATTR_LATEX: :height 2in +[[./images/bbc-vtech-fine.png]]\incite{bbc:vtech-fine} + + +*** REHEARSED Any Of Us Can Do These Things :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:45 +:ORDERED: t +:END: + +#+BEGIN_COMMENT +Any of us here can get involved in these types of things. +You may not be now, + and maybe you never will be. +But maybe your employer will one day ask you to do something uncomfortable. +Or maybe you will find yourself in a situation where someone has done you or + a loved one harm, + and you consider revenge, + knowing full well that it is within your ability to do so. + +There have been studies about altruism. +About those that would risk their lives to save others. +When researchers interviewed these individuals--- + they noticed something in common with many of them: + that they thought about that situation before-hand, + perhaps many years before the actual event. +They pre-committed. +When the situation presented itself, + they weren't caught off guard. + +But what do we commit /to/? + +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \Huge +Any Of Us Can Get Involved With These Things + +#+BEAMER: \subskip\Large\uncover<1>{ +But only some of us are prepared for when these situations present +themselves +#+BEAMER: } +#+END_CENTER + + +** REHEARSED Moral Considerations +*** REHEARSED Something Feels Wrong :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:20 +:END: + +#+BEGIN_COMMENT +Something feels wrong with the things I just covered. +But that "something" is a bit different depending on who you ask. +Here in this room, + we are somewhat aligned by our interests, + with I'm sure some notable exceptions. +And that type of echo chamber can make it difficult to realize others' + stance on these issues. +#+END_COMMENT + +#+BEGIN_CENTER + \Huge Something Feels Wrong +#+END_CENTER + + +*** REHEARSED Snowden Revelations :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:01:00 +:END: + +#+BEGIN_COMMENT +Let's consider the Snowden revelations as an example. + +Edward Snowden addressed us at LibrePlanet 2016 as one of the keynote + speakers. +He received a /50 second standing ovation/ before he could even begin + speaking. +I was there. +The energy in the room was unlike andything I has experienced. + +With this group of people here at LibrePlanet, + the consensus is clear: + what Snowden did was /more than/ just ethical: + he is considered a hero and a whistleblower. + +But not everyone thought that way. +Then-congressman Mike Pompeo called for him to be tried as a traitor and + receive the death penalty. + +The thing is: + he /did/ break the law. +He /did/ reveal State secrets. +He /can/ be tried for espionage. +So in the eyes of many citizens, + that isn't just /un/ethical--- + it is /treason/. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \Huge +Did Edward Snowden Act Ethically? + +#+BEAMER: \only<2>{\medsubskip\Large +Received *50 second standing ovation* during LP2016 keynote /before/ he +started speaking +#+BEAMER: } + +#+BEAMER: \only<2>{\medsubskip +#+ATTR_LATEX: :height 1.5in +[[./images/tp/lp2016-snowden-ovation.png]]\incite{lp:snowden-ovation} +#+BEAMER: } + +#+BEAMER: \only<3>{\medsubskip\Large +Contrast: Eric Holder had to promise that the US wouldn't seek the *death +penalty* in a civilian trial +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Moral Relativism :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:40 +:END: + +#+BEGIN_COMMENT +This difference in opinion is the topic of /moral relativism/. + +/Descriptive/ moral relativism simply acknowledges that such differences do + in fact exist. +This is usually the academic viewpoint. + +/Meta-Ethical/ moral relativism takes descriptive ethics a bit further and + argues that "right" and "wrong", + "good and bad", + don't have any inherent meaning, + because they are relative to the traditions and practices of individuals + and groups of people. +This directly contradicts those who believe in moral universalism--- + that there is some universal moral conduct that everyone should be able to + agree on. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \uncover<2>{\Huge +Descriptive +#+BEAMER: }\uncover<3->{\Huge +Meta-Ethical +#+BEAMER: } + +#+BEAMER: \Huge +Moral Relativism + +#+BEAMER: \uncover<3>{\medsubskip\Large +No Universal Code of Ethics +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Consequentialism :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:45 +:END: + +#+BEGIN_COMMENT +Consequentialists believe that the /consequences/ of one's actions should be + the subject of moral judgment, + not the act in itself. + +So Snowden and his supporters might treat the consequence of his actions--- + informing the public of unlawful abuse of power--- + as the subject of moral judgment. +In this case, + breaking the law was an acceptable and even /necessary/ path to /achieve/ + that result. +And so, + /consequently/, + it was morally acceptable. + +You may hear this phrased as "the end justifies the means". + +Now, despite all of these viewpoints, + there /are/ certain things that large parts of the world /do/ recognize as + unethical. +#+END_COMMENT + +#+BEGIN_CENTER + #+BEAMER: \Huge + Consequentialism + + #+BEAMER: {\subskip\Large + ``The end justifies the means'' + #+BEAMER: } +#+END_CENTER + + +** REHEARSED Human Rights +*** REHEARSED United States Declaration of Independence (4\nbsp{}July\nbsp{}1776) :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:55 +:END: + +#+BEGIN_COMMENT +One of the most well-known sentences in the English language is the second + sentence of the United States Declaration of Independence. + + + +Removing the religious and gender biases, + what this /appears/ to be saying is that all /people/ deserve these + unalienable rights. + +Yet during the 1958 presidential race between Lincoln and Douglas, + Douglas argued that this sentence was referring to /White men/. +Lincoln had a different interpretation--- + that this sentence was referring to the rights of /all people/. +It is /his/ interpretation that lives on today; + it is /his/ interpretation that we apply when we think of the Declaration + of Independence. +#+END_COMMENT + +#+BEGIN_QUOTE +We hold these truths to be *self-evident*, +that *all* men are *created equal*, +that they are endowed by their Creator with certain *unalienable Rights*, +that *among these are Life, Liberty, and the pursuit of Happiness*. + +#+BEAMER: \smallsubskip\hfill +---United States Declaration of Independence + +#+BEAMER: \hfill\tiny +/(emphasis mine)/ +#+END_QUOTE + + +*** REHEARSED Universal Declaration of Human\nbsp{}Rights\nbsp(1948) :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:01:00 +:END: + +#+BEGIN_COMMENT +Original title: Coalition of Right and Wrong + +Fast-forward eighty years. +World War II was over. +The horrors committed by Nazi Germany caused the world to think a lot about + the rights of people. +A few years later, + The United Nations General Assembly finished the Universal Declaration of + Human Rights. + +The first article states: + + + +Article 12 is particularly relevant: + + + +Privacy is one topic that is fairly well researched by many communities, + and represented in various codes of ethics. +#+END_COMMENT + +#+BEAMER: \only<1>{ +#+BEGIN_QUOTE +*All human beings* are born *free and equal* in dignity and rights. They are +endowed with reason and conscience and *should act towards one another in a +spirit of brotherhood*. + +#+BEAMER: \hfill ---Article~1 + +#+BEAMER: \hfill\tiny +/(emphasis mine)/ +#+END_QUOTE +#+BEAMER: } + +#+BEAMER: \only<2>{ +#+BEGIN_QUOTE +No one shall be subjected to *arbitrary interference* with his *privacy, +family, home or correspondence*, nor to attacks upon his honour and +reputation. Everyone has the *right to the protection of the law* against +such interference or attacks. + +#+BEAMER: \hfill ---Article~12 + +#+BEAMER: \hfill\tiny +/(emphasis mine)/ +#+END_QUOTE +#+BEAMER: } + + +** REHEARSED Privacy +*** REHEARSED 2018 ACM Code of Ethics and Professional Conduct :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:01:20 +:END: + +#+BEGIN_COMMENT +The Association for Computing Machinery--- + known as the ACM--- + created a Code of Ethics and Professional Conduct back in 1992. +It is just now being revised, + and is still in draft status.\nocite{acm:ethics-draft-3} +How many of you here knew that the ACM had a code of ethics? + + + +Even back then, + it contained a principle of respecting privacy. + +Draft 3 acknowledges: + . + +I put the two versions--- + the original and Draft 3--- + up for comparison. +It reads: + . + +It's interesting seeing how it has changed. +Collection of personal information is no longer unprecedented--- + it is the /norm/. + +So what does the ACM recommend that we do about it? + + + +Okay, + this seems fair. +#+END_COMMENT + +#+BEAMER: \only<1>{ +- Originally created in 1992 +- Now being revised, still a draft\nocite{acm:ethics-draft-3} +#+BEAMER: } + +#+BEAMER: \only<2>{ +#+BEGIN_QUOTE +*Computing and communication* technology enables the collection and exchange +of personal information *on a scale unprecedented in the history of +civilization*. + +#+BEAMER: \smallsubskip\hfill ---% +§1.7, 1992 Code + +#+BEAMER: \hfill\tiny +/(emphasis mine)/ +#+END_QUOTE + +#+BEAMER: \medsubskip + +#+BEGIN_QUOTE +Technology enables the collection and exchange of personal information +*quickly, inexpensively, and often without the knowledge of the people +affected*. + +#+BEAMER: \smallsubskip\hfill ---% +§1.6, 2018 Draft 3 + +#+BEAMER: \hfill\tiny +/(emphasis mine)/ +#+END_QUOTE +#+BEAMER: } + +#+BEAMER: \only<3>{ +#+BEGIN_QUOTE +Computing professionals should *establish transparent policies and procedures* +that *allow individuals to give informed consent* to automatic data +collection, *review* their personal data, *correct* inaccuracies, and, where +appropriate, *remove data*. + +#+BEAMER: \smallsubskip\hfill ---% +§1.6, 2018 Draft 3 + +#+BEAMER: \hfill\tiny +/(emphasis mine)/ +#+END_QUOTE +#+BEAMER: } + + +*** REHEARSED 2018 ACM Code of Ethics and Professional Conduct :B_frame: +:PROPERTIES: +:DURATION: 00:00:55 +:END: +#+BEGIN_COMMENT +The Code of Ethics does cover a few other important points which we won't be + getting into here. +But I do want to highlight a couple sentences from two paragraphs: + . + +What does this mean exactly? +What are "legitimate ends"? +And what "rights" are they referring to? +Rights under the law? +The EU has more privacy rights under the law than the US does, + for example. + +It also mentions the "minimum amount of personal information necessary". +We can argue what exactly "necessary" is, + but let's illustrate the point by entering a world where this type of + thing actually /does/ happen, + believe it or not. +A context where these sentences /do/ make sense. +#+END_COMMENT + +#+BEGIN_QUOTE +Computing professionals should *only use personal data for legitimate ends* +and without violating the *rights of individuals and groups*. [...] +Only the *minimum amount of personal information necessary* should be +collected in a system. + +#+BEAMER: \smallsubskip\hfill ---% +§1.6, 2018 Draft 3 + +#+BEAMER: \hfill\tiny +/(emphasis mine)/ +#+END_QUOTE + + +*** REHEARSED HIPAA :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:01:00 +:END: + +#+BEGIN_COMMENT +HIPAA! +The Health Insurance Portability and Accountability Act of 1996. + +The medical field already does this stuff. +HIPAA does many things, + but what we care about here is its provisions to protect patient health + records. +It defines "protected health information", + or "PHI". + +Individuals are permitted under the law to request their own records for + inspection, + and heathcare providers have thirty days to fulfill that request. +The individual can correct information that is wrong. + +HIPAA further restricts how PHI can be /shared/. +Outside of certain defined cases, + require /explicit written authorization/ from the patient. +And in /either/ case, + only /the minimum amount of information necessary/ to provide the service + can be shared. +#+END_COMMENT + +- <1-> Health Insurance Portability and Accountability Act of 1996 +- <1-> Defines Protected Health Information (PHI) +#+BEAMER: \smallsubskip +- <2-> Can *request own records for inspection* +- <2-> Can *correct information that is wrong* +#+BEAMER: \smallsubskip +- <3-> Requires *written consent for sharing PHI* outside certain parties +- <3-> Must disclose *minimum amount of PHI necessary* to provide service + + +*** REHEARSED When Is Data Collection Okay? :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:02:00 +:END: + +#+BEGIN_COMMENT +So let's use that highly subjective term ``good''. +Is HIPAA ``good''? +Overall, + it seems like it might be a pretty decent law with respect to patient privacy, + for the aforementioned reasons. + +So what is ``good''? + +Recall that meta-ethical moral relativism holds that nobody is objectively + ``right'' or ``wrong'', + ``good'' or ``bad''. +So we're just going to derive something within the context of this talk. + +Let's consider a few more examples. + +TransUnion's fraud detecton system, + which uses all of these data from many different sources. +Is that ``good''? +Well, + for people who want to detect fraud, + perhaps it is. +And to detect fraud accurately, + you need a lot of data. +In the words of the ACM, + is that ``legitimate''? +Those data are used to provide a useful service. + +But these data brokers aggregate swaths of data without the user ever being + informed of the fact that it is happening. +And the user can't inspect the data. +Or correct it. +Or opt out and delete it. +And the sole purpose of data brokers' existence is to repurpose + and resell your data; + the user will never be able to consent to something when that + ``something'' can be anything! +Is that ``good''? + +Would you say this is more or less ``good'' than HIPAA? + +Let's consider another example. + +Late last year, + security researchers found that BLU Android phones--- + a popular cheap brand that serves advertisements--- + called home with contacts, IMSI numbers, text messages, telephone + numbers, call history, and more. +All of this without any consent. +Researchers found this on /accident/--- + nobody knew this was happening! + +Is this better or worse th--- + no, you know what? +Nevermind. +This is ``bad''. +There's no ``good'' here. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +Is HIPAA ``Good''? +#+BEAMER: } + +#+BEAMER: \only<2>{\Huge +What Is ``Good''? +#+BEAMER: } + +#+BEAMER: \only<3>{\Huge +Is This ``Good''? +#+BEAMER: } +#+BEAMER: \only<4>{\Huge +More Or Less ``Good'' Than HIPAA? +#+BEAMER: } + +#+BEAMER: \only<3-4>{\medsubskip +#+ATTR_LATEX: :height 2in +[[./images/tp/trustev-graph.png]] + +\incite{trustev:tech} +#+BEAMER: } + +#+BEAMER: \only<5>{\Huge +Is /This/ ``Good''? +#+BEAMER: } +#+BEAMER: \only<6>{\Huge +This Is ``Bad'' +#+BEAMER: } + +#+BEAMER: \only<5-6>{\medsubskip +#+ATTR_LATEX: :height 2in +[[./images/kryptowire-blu.png]] + +\incite{kryptowire:adups} +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Universal Declaration of Human Rights (Privacy) :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:15 +:END: + +#+BEGIN_COMMENT +Remember Article 12 of the Universal Declaration of Human Rights? + +#+END_COMMENT + +#+BEGIN_QUOTE +No one shall be subjected to *arbitrary interference* with his *privacy, +family, home or correspondence*, nor to attacks upon his honour and +reputation. Everyone has the *right to the protection of the law* against +such interference or attacks. + +#+BEAMER: \hfill ---Article~12 + +#+BEAMER: \hfill\tiny +/(emphasis mine)/ +#+END_QUOTE + + +*** REHEARSED Privacy Is A Human Rights Issue :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:05 +:END: + +#+BEGIN_COMMENT +Privacy is a human rights issue! +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: {\Huge +Privacy Is A Human Rights Issue +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Introducing Personally Identifiable Information :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:15 +:END: + +#+BEGIN_COMMENT +From a technical perspective, + what is at the core of the privacy problem? + +With HIPAA, + we saw PHI. +If we generalize that a bit further, + we get PII--- + Personally Identifiable Information. +This is the term you'll see used frequently in information security. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +Personally Identifiable Information (PII) +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Personally Identifiable Information (PII) :B_frame:rmc: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:55 +:END: + +#+BEGIN_COMMENT +NIST is the National Institute of Standards and Technology in the United States. +NIST Special Publication 800-122 defines PII as: + . + +This "linked" and "linkable" terminology can be subtle and confusing, + and I unfortunately don't have time to provide examples. +But in a nutshell, + linked data is information that is logically assocaited with other + information about an individual. +/Linkable/ data has the possibility for such an association to be made. +#+END_COMMENT + +#+BEGIN_QUOTE +[...] any information about an individual maintained by an agency, including +(1)\nbsp{}any information that can be used to *distinguish or trace an +individual's identity*, such as name, social security number, date and place +of birth, mother's maiden name, or biometric records; and (2)\nbsp{}any *other +information that is linked or linkable to an individual*, such as medical, +educational, financial, and employment information. + +#+BEAMER: \hfill ---% +NIST SP 800-122\nocite{nist:sp-800-122} + +#+BEAMER: \hfill\tiny +/(emphasis mine)/ +#+END_QUOTE + +- *Linked*---logically associated with other information about the + individual +- *Linkable*---possibility of such an association + + +*** REHEARSED Information Security Well Researched :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:35 +:END: + +#+BEGIN_COMMENT +Unlike other topics related to morality, + the nice thing about privacy is that it can be analyzed based on facts, + not opinions. +That isn't to say that there /aren't/ opinions. +Since we have defined what PII /is/, + it is a /fact/ whether or not some action leads to a violation of privacy + because PII is mishandled. + +So we can look toward best practices in information security for strong + guidance in developing a code of ethics for privacy. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +Best Security Practices Can Help to Guide Code of Ethics for Privacy +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Organisation for Economic Co-operation and Development (OECD) :B_frame: +:PROPERTIES: +:DURATION: 00:00:45 +:END: +#+BEGIN_COMMENT +The Organisation for Economic Co-operation and Development + is an intergovernmental economic organization with 35 member countries. +In 1980, + they adopted Guidelines on the Protection of Privacy and Transborder Flows + of Personal Data. +Mouthful. + +This framework is referenced both in US federal guidance and + internationally. +It also served as a foundation for the EU's Data Protection Directive. +The European Union is known to have strong data protection laws--- + much stronger than the United States. +Many of the notable privacy cases in recent news have come out of the EU, + like Facebook's tracking of users across the web. +I mentioned that problem in last year's talk. + +So let's take a look at some of those guidelines. +#+END_COMMENT + +- Established in 1961 +- 35 member countries +- /Guidelines on the Protection of Privacy and Transborder Flows of Personal + Data/\nocite{nist:sp-800-122}, adopted 1980 + - Referenced internationally + - A foundation for the EU's Data Protection Directive + + +*** REHEARSED OECD Guidelines :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:01:30 +:END: + +#+BEGIN_COMMENT +Just note that they use term "personal data" instead of PII, + which some consider to be more broad of a term. + + + +There are other government guidelines around the world with similar + guidance, + but they largely restate these principles. +#+END_COMMENT + +#+BEAMER: \setbeamercovered{transparent} + +**** Left :B_column: +:PROPERTIES: +:BEAMER_env: column +:BEAMER_col: 0.50 +:END: +- <1-> Collection Limitation +- <2-> Data Quality +- <3-> Purpose Specification +- <4-> Use Limitation + +**** Right :B_column: +:PROPERTIES: +:BEAMER_env: column +:BEAMER_col: 0.50 +:END: +- <5-> Security Safeguards +- <6-> Openness +- <7-> Individual Participation +- <8-> Accountability + +**** Notes :B_block: +:PROPERTIES: +:BEAMER_env: quote +:END: + +#+BEAMER: \setbeamercovered{invisible} +#+BEAMER: \medsubskip + +#+BEAMER: \only<1>{ +Limit PII collection; obtain lawfully and by fair means, with knowledge or +consent of data subject +#+BEAMER: } +#+BEAMER: \only<2>{ +PII relevant to purposes for which they are used; accurate, complete, +up-to-date +#+BEAMER: } +#+BEAMER: \only<3>{ +Purposes specified before or at collection; only used for stated +purposes +#+BEAMER: } +#+BEAMER: \only<4>{ +PII should not be disclosed or used for unspecified purposes, except with +consent or authority of law +#+BEAMER: } +#+BEAMER: \only<5>{ +PII reasonably protected against unauthorized access, destruction, use, +modification, or disclosure +#+BEAMER: } +#+BEAMER: \only<6>{ +Policy of openness about developments, practices, and policies for to PII; +establish existence and nature of PII +#+BEAMER: } +#+BEAMER: \only<7>{ +Right to obtain data in reasonable and intelligible manner; +challenge denials; challenge to erase or amend data +#+BEAMER: } +#+BEAMER: \only<8>{ +Data controller should be accountable for complying with measures that give +effect to these principles +#+BEAMER: } + + +*** REHEARSED Framework Code of Ethics: Transparency :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:01:00 +:END: + +#+BEGIN_COMMENT +For the /most/ part, + these principles are fairly solid. + +Let's start with our framework code of ethics. + +First, we need . + +Transparency isn't useful if a user doesn't know that the information + exists, + or can't understand it. +Privacy policies, + for example, + are notoriously difficult to understand. + +Machine learning is a big issue. +Users have the right to know not only the data about them that was + collected, + but also what is being inferred about them. + +I use the term "transfer" rather than "distribution" or "dissemination" + because I want it to cover another important topic: + data compromise. +It's important that users know /all/ parties that have their data, + /including/ parties that weren't supposed to have it at all. +#+END_COMMENT + +*Transparency in data collection; transfer; use; and methodology, with a +clear and fair procedure to inspect and amend those data, both raw and derived* + +- <2-> User must be made aware /in an apparent and intelligible manner/ + - Even for non-PII +- <2-> Must be transparent with algorithms used for data processing +- <2-> Compromise of data by an attacker counts as a ``transfer'' + + +*** REHEARSED Framework Code of Ethics: Consent :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:40 +:END: + +#+BEGIN_COMMENT +Once a user is aware of what he or she would be consenting /to/, + we should require . +PII must always be consented by the user in some way. + +If the user explicitly enters PII, + say to get an insurance quote on a website, + then that counts as consent, + since clearly the user knows that PII is being provided. + +If /any/ data--- + PII or not--- + is being sent to a third party, + the user ought to explicitly consent. +#+END_COMMENT + +*Explicit consent to collection, transfer, and use of both PII and any data +not offered by the user* + +- PII must /always/ be consented +- Data explicitly entered by user is consented to first party +- /Any/ data transferred to third parties must be consented + + +*** REHEARSED Solid Principles, So Why Not Follow? :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:15 +:END: + +#+BEGIN_COMMENT +I'd imagine that pretty much /any/ individual would want their data handled + /at least/ in this manner, + as a /baseline/. + +Yet, that's not what we see from private businesses. +We often see quite the /opposite/. +Why is that? +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +Why Don't All Businesses Follow These Guidelines? +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Surveillance Capitalism :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:50 +:END: + +#+BEGIN_COMMENT +Because you're lucrative. +You are a product to be sold. +And collectively, + we are worth a lot of money. + +You may have heard the term "surveillance capitalism". + +Companies try to extract as much information out of you as possible using + increasingly invasive means, + much of which I covered last year. +There is a move toward providing a more "personal" or "relevant" customer + experience to hide some of the surveillance, + or to make data collection a necessity for some service. +Or at least make you think that it is. + +There's another consequence. +This more "relevant" experience caters search results, + new articles, + and all sorts of stuff to you based on your opinions, beliefs, race, + religion, age, gender identification, etc. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +Surveillance Capitalism + +\nocite{mreview:surv-cap} +#+BEAMER: } +#+BEAMER: \only<2->{\Huge +``More Relevant Customer Experience'' +#+BEAMER: } +#+BEAMER: \only<2>{\medsubskip\Large +Strong Influence Over Your Opinions and Actions +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Universal Declaration of Human Rights: Opinion :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:45 +:END: + +#+BEGIN_COMMENT +Let's go back to the Universal Declaration of Human Rights. + +Article 19 states: + . + +Personalized services compromise this. +And it's not just organizations like Facebook and Cambridge Analytica. +Ad networks are everywhere on the web. +Data are being collected everywhere you go. +If you are researching a cold and find advertisements for cold medication on + another website, + that is no coincidence. +You aren't being paranoid. +#+END_COMMENT + +#+BEGIN_QUOTE +Everyone has the right to *freedom of opinion and expression*; this right +includes *freedom to hold opinions without interference* and to *seek, receive +and impart information and ideas* through any media and regardless of +frontiers. + +#+BEAMER: \hfill ---Article~19 + +#+BEAMER: \hfill\tiny +/(emphasis mine)/ +#+END_QUOTE + +#+BEAMER: \uncover<2>{ +#+BEGIN_CENTER +#+ATTR_LATEX: :height 0.5in +[[./images/tp/facebook-logo.png]] +#+END_CENTER +#+BEAMER: } + + +*** REHEARSED You Can, But Should You? :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:50 +:END: + +#+BEGIN_COMMENT +Many businesses think that, + just because they're following a law or regulation, + that they must be acting ethically. +But the law is just a /baseline/. +The law may even be /completely misguided/ or /unethical/ to some; + remember the mention of moral relativism earlier. + +Most of the people in this room probably have strong feelings against the + Digital Millennium Copyright Act, + for example. + +And this raises an interesting problem with the guidance we just talked + about. +The user should be made aware of the purpose of the data collection. +But what many users /don't/ understand is whether or not the data collection + is /actually necessary/. +The technical need might be /arbitrary/! +This is where the term "legitimate" in the ACM code of ethics falls short. +#+END_COMMENT + +- <1-> ``We're following the law, so we must be ethical'' + - The law is a /baseline/ + - It may even be /completely misguided/ or /unethical/ to some (moral + relativism) +#+BEAMER: \medsubskip +- <2-> You may be collecting data ``for'' the declared purpose, but do you really + need it? + - Is there /actually/ a technical /need/? +- <2-> ``Legitimate'' in ACM Code of Ethics falls short + + +** REHEARSED Those Who Control +*** REHEARSED You Can, But Should You? Example: GPS :B_fullframe:rmc: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:45 +:END: +#+BEGIN_COMMENT +How many people here think it's possible to use the Global Positioning + System anonymously? +For example, + the GPS receiver in your mobile device or your car. + + + +There have been so many privacy issues surrounding GPS that people just + assume that it's synonymous with surveillance. +That's not true. +GPS only /broadcasts/ data. +The GPS system has no idea who is using it--- + it is /always/ broadcasting for anyone who wishes to receive it. + +So when a program uses GPS to provide location-aware features, + it doesn't necessarily /have/ to call home with it. +There's no reason why map software can't operate without network access, + for example, + if you pre-download map data. +In fact---some /do/. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +Example: +\medsubskip +Can You Use GPS Anonymously? +#+BEAMER: } +#+BEAMER: \only<2>{\Huge +GPS Only /Broadcasts/ +#+BEAMER: } +#+END_CENTER + +**** Left :B_column: +:PROPERTIES: +:BEAMER_env: column +:BEAMER_col: 0.50 +:END: +#+BEGIN_CENTER +#+ATTR_LATEX: :height 1in +[[./images/tp/gps.jpg]]\incite{w:file:gps} +#+END_CENTER + +**** Right :B_column: +:PROPERTIES: +:BEAMER_env: column +:BEAMER_col: 0.50 +:END: +#+BEGIN_CENTER +#+BEAMER: \only<2>{ +#+ATTR_LATEX: :height 1.5in +[[./images/tp/osmand-nav.png]]\incite{osmand} +#+BEAMER: } +#+END_CENTER + +**** Bottom :B_ignoreheading: +:PROPERTIES: +:BEAMER_env: ignoreheading +:END: +- <2> Even some GPS mapping programs can work just fine /without/ network access + (e.g. OsmAnd)\nocite{osmand} + + +*** REHEARSED Software Cannot Be Trusted :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:25 +:END: + +#+BEGIN_COMMENT +The privacy threat is the /software/. +Security experts caution against turning GPS on /because the software on + your device can usually not be trusted!/ + +So when you see headlines like this one: + , + the problem isn't GPS, + it's the individual program. +The people writing this program are to blame. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +Software Often Betrays Users +#+BEAMER: } +#+END_CENTER + +#+BEAMER: \smallsubskip +[[./images/moviepass-tracking.png]]\incite{tc:moviepass-tracking} + +#+BEGIN_QUOTE +We watch how you drive from home to the movies. +We watch where you go afterwards. + +#+BEAMER: \hfill% +---Mitch Lowe, MoviePass CEO +#+END_QUOTE + + +*** REHEARSED No Transparency Without Source Code :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:20 +:END: + +#+BEGIN_COMMENT +I was just talking about transparency. +The ACM Code of Ethics mentioned it. +The OECD guidelines called it "openness". + +We can tell the user what we want them to know. +But there's only one way for anyone to truly know what a program is doing, + and what data it is collecting. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +What was that about transparency and consent? +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Programs That Keep Secrets Aren't Transparent or Safe :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:01:00 +:END: + +#+BEGIN_COMMENT +And the only way to know is to have access to the source code so that you, + or someone else who knows what they're looking at, + can inspect it. + +But that's not enough to know what a program is doing. +Just because you have source code doesn't mean that it actually represents + the same software that is running on your system. +To verify that, + you have to be able to /compile/ the software yourself. + +As inconvenient of a truth that it may be for some, + the only reason to ever keep source code from the user is to keep a + secret. +That secret may be something malicious like spying on the user, + it may be a trade secret, + or maybe it's just because the developer is embarrassed by the code--- + but those are all secrets nonetheless. +#+END_COMMENT + +- <1-> True transparency and consent *requires* ability to inspect *source code* +- <1-> Users must be *able to compile the code* to have confidence that it + *actually represents the program being run* +#+BEAMER: \medsubskip +#+BEGIN_CENTER +#+BEAMER: \uncover<2>{\Large +/The only reason to hide source code is to keep secrets from the user!/ +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Keeping Secrets Means Keeping Control :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:25 +:END: + +#+BEGIN_COMMENT +And keeping secrets is the only way for us to keep control over you. + +Remember, + /you are the product/. +If you could get wise by inspecting the program, + you could fight back. +If you had the source code and could compile it yourself, + that means you could also modify it. +You could /remove/ those antifeatures. +/You/ would then be in control. +How would we turn you into a commodity if /you/ were in control? +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1->{\Huge +Keeping Secrets \equiv Keeping Control +#+BEAMER: } +#+END_CENTER +#+BEAMER: \medsubskip +- Ability to build form source gives the user the ability to *modify the + program* and *reclaim control* + + +*** REHEARSED Universal Declaration of Human Rights :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:20 +:END: + +#+BEGIN_COMMENT +Remember the Universal Declaration of Human Rights from earlier? +Article 1 stated that . + +Is it dignifying to have your privacy stolen from you? +Is all of this acting in the spirit of brotherhood? +#+END_COMMENT + +#+BEGIN_QUOTE +*All human beings* are born *free and equal* in dignity and rights. They are +endowed with reason and conscience and *should act towards one another in a +spirit of brotherhood*. + +#+BEAMER: \hfill ---Article~1 + +#+BEAMER: \hfill\tiny +/(emphasis mine)/ +#+END_QUOTE + +- <2-> Is it dignifying to have your privacy stolen from you? +- <2-> Has everything covered been in the spirit of brotherhood? + + +*** REHEARSED Universal Declaration of Human Rights: Liberty :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:15 +:END: + +#+BEGIN_COMMENT +Let's take a look at articles 3 and 4: + . + +The point I made at the beginning of this talk was that we are /everywhere/. +#+END_COMMENT + +#+BEGIN_QUOTE +Everyone has the *right to life, liberty* and security of person. + +#+BEAMER: \hfill ---Article~3 + +#+BEAMER: \hfill\tiny +/(emphasis mine)/ +#+END_QUOTE + +#+BEAMER: \medsubskip +#+BEGIN_QUOTE +*No one shall be held in slavery or servitude*; slavery and the slave trade +shall be prohibited in all their forms. + +#+BEAMER: \hfill ---Article~4 + +#+BEAMER: \hfill\tiny +/(emphasis mine)/ +#+END_QUOTE + + +*** REHEARSED No Servitude :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:10 +:END: + +#+BEGIN_COMMENT +If we do not act properly, + then by default, + we hold the user in servitude to /us/. +/We/ hold the power over the user. +We hold power over /one-another/. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1->{\Huge +The User Is Held In Servitude +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Philosophy of Control :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:BEAMER_opt: t +:DURATION: 00:01:00 +:END: + +#+BEGIN_COMMENT +There is this philosophy that the user is a subject to be controlled. +And I don't think most people really think about it. + +When we write software, + we ask ourselves certain questions. +Like "what should we allow the user to do"? +I'm not talking about security. +I mean, + "what should we as developers allow the user to do with our software". + +But instead we should be asking ourselves "What should we /empower/ the user + to do"? + +Rather than wondering how to turn the user into a commodity like we've seen, + we should ask how we should /build mutual relationships/ with them. + +Rather than trying to create vendor lock-in to keep users around, + ask yourself how to /earn the respect/ of users so that they come back + under their own free will! +Imagine that. + +Rather than worrying about capitalizing on everything, + let's learn how to /socialize/. +Act in a spirit of brotherhood. +#+END_COMMENT + +**** Don't Ask :B_column: +:PROPERTIES: +:BEAMER_env: column +:BEAMER_col: 0.45 +:BEAMER_opt: T +:END: + +*Don't Ask* + +- <2-> What should we *allow* the user to do? +#+BEAMER: \smallsubskip +- <4-> How should we *commodatize* the user? +#+BEAMER: \smallsubskip +- <5-> How do we *lock in* the user? +#+BEAMER: \smallsubskip +- <6-> How do we *capitalize*? + +**** Do Ask :B_column: +:PROPERTIES: +:BEAMER_env: column +:BEAMER_col: 0.55 +:BEAMER_opt: T +:END: + +*Do Ask* +- <3-> What should we *empower* the user to do? +#+BEAMER: \smallsubskip +- <4-> How should we *build mutual relationships* with the user? +#+BEAMER: \smallsubskip +- <5-> How do we *earn the respect of* the user? +#+BEAMER: \smallsubskip +- <6-> How do we *socialize*? +- <6> How do we *act in a spirit of brotherhood*? + + +*** REHEARSED User Freedom Is Software Freedom :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:25 +:END: + +#+BEGIN_COMMENT +Because we are everywhere, + because the life of the user is so tied to software, + we have no choice but to conclude that: + +User freedom cannot be hard without software freedom. +They are tightly coupled. + +And since software freedom is tightly coupled with user freedom, + and since freedom is a human right, + I argue that /software freedom is too/ a human rights issue! +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +User Freedom \equiv Software Freedom +#+BEAMER: } +#+BEAMER: \only<2>{\Huge +Software Freedom Is A Human Rights Issue +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Moral Imperative :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:30 +:END: + +#+BEGIN_COMMENT +Software freedom defines a type of moral imperative. +From the perspective of those who follow the free software philosophy, + software that is /non-free/ or /proprietary/ is, + simply, + unethical. + +A moral imperative is a type of categorical imperative in the deontological + moral philosophy of Immanuel Kant, + who defines the imperative as: + . +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +Moral Imperative +#+BEAMER: } +#+BEAMER: \only<2>{\Huge +Categorical Imperative +#+BEAMER: } +#+END_CENTER + +#+BEAMER: \medsubskip\only<2>{ +#+BEGIN_QUOTE +Act as if the maxims of your action were to become through your will a +universal law of nature. + +#+BEAMER: \hfill ---% +Immanuel Kant\nocite{kant:meta-morals} +#+END_QUOTE +#+BEAMER: } + + +*** REHEARSED What About Moral Relativism? :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:01:20 +:END: + +#+BEGIN_COMMENT +Throughout this talk, + I've been introducing moral philosophies that aren't always compatible. +This is intentional, + since "we" don't all share the same philosophies. + +There are three types of moral relativism. +We only went over two. +If you recall, + descriptive states simply that people have disagreements about what is + ethical, + and meta-ethical states that nobody is objectively right or wrong. +The last one is "normative", + and goes a step further. +It holds that . + +I don't believe that a universal code of ethics can exist. +But I also don't believe we should just tolerate others that do something we + consider to be immoral. +We should fight for what we think is right. +But we won't always agree universally. +And that's okay. + +And why is it okay? +Because that's a human right--- + freedom of opinion and expression. + +I may wish for a universal moral of software freedom, + but I recognize that such a wish is logically unattainable. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +What About Moral Relativism? +#+BEAMER: } +#+BEAMER: \only<2>{\Huge +Normative Moral Relativism +#+BEAMER: } +#+BEAMER: \only<3>{\Large +We should fight for what we think is right! +#+BEAMER: \smallsubskip +But we won't always agree universally. +#+BEAMER: } +#+END_CENTER +#+BEAMER: \only<2>{\medsubskip +#+BEGIN_QUOTE +Holds that, because nobody is right or wrong, we ought to tolerate the +behavior of others even when we disagree about the morality of +it\nocite{w:moral-relativism} +#+END_QUOTE +#+BEAMER: } +#+BEAMER: \only<4>{\medsubskip +#+BEGIN_QUOTE +Everyone has the right to *freedom of opinion and expression*; this right +includes *freedom to hold opinions without interference* and to *seek, receive +and impart information and ideas* through any media and regardless of +frontiers. + +#+BEAMER: \hfill ---Article~19 + +#+BEAMER: \hfill\tiny +/(emphasis mine)/ +#+END_QUOTE +#+BEAMER: } + + +*** REHEARSED Framework Code of Ethics: Serve the User :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:10 +:END: + +#+BEGIN_COMMENT +But I'm going to try anyway! +And it's a simple statement: + serve the user, not oneself. +#+END_COMMENT + +#+BEGIN_CENTER +*Serve the user, not oneself* +#+END_CENTER + + + +** READY A Moral Speedbump +*** REHEARSED A Moral Foundation: The Four Freedoms :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:50 +:END: + +#+BEGIN_COMMENT +It's very possible that some of us in this room disagree with my statement + that free software is a moral imperative. +And that's because we have two very close and overlapping communities that + both create free software, + but diverge wildly on the principles. + +These are the "four freedoms"--- + the moral foundation for software freedom. +These define the imperative. + +Some found that these freedoms have a corollary: + that it sometimes produces higher-quality software than proprietary models. +They coined this development model as ``open source''. + +The problem is... + they dropped the moral foundation from which it originated so that they + could advocate the development model to businesses. + +That itself is a red flag. +Businesses are turned off by issues of morality? +#+END_COMMENT + +**** Four Freedoms :B_column: +:PROPERTIES: +:BEAMER_env: column +:BEAMER_col: 0.5 +:END: + +0. [@0] Run program for any purpose +1. Study and modify to suit your needs +2. Share with others +3. Share changes with others + +**** Corollary :B_column: +:PROPERTIES: +:BEAMER_env: column +:BEAMER_col: 0.5 +:END: + +#+BEAMER: \only<2->{% +*Corollary:* +#+BEAMER: }% +#+BEAMER: \only<3>{% +``Open Source'' +#+BEAMER: } + +#+BEAMER: \only<2->{% +Development model for creating potentially higher-quality software +#+BEAMER: } + + +*** REHEARSED Why Is ``Open Source'' Popular? :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:50 +:END: + +#+BEGIN_COMMENT +"Open source" is popular. +It is widely encouraged in many software communities, + and has even made its way into proprietary ones where we /never/ would + have expected, + like the walls of Microsoft! + +But what are the reasons? + +Well, + foremost, + it is a development model that claims to produce software that is of + superior quality to proprietary software. +You may have heard the phrase from Eric Raymond: + ``given enough eyeballs, all bugs are shallow''. +Except that's not necessarily true. + +Some people like ``open source'' because other people will fix bugs for + them. + +Some people do it just to fit in with the crowd. +Or because it looks good on a résumé, + or to attract talented candidates to their business. +Some people do it because it feels good to give back. +#+END_COMMENT + +- <1-> ``Given enough eyeballs, all bugs are shallow'' (Eric S. Raymond, + ``Linus's Law'') + - A successful development model + - /But it's not always true/ +#+BEAMER: \smallsubskip +- <2-> Other people can fix bugs for me +#+BEAMER: \smallsubskip +- <3-> Everyone else is doing it! +- <3-> Looks good on a résumé / recognition +- <3-> Attract talent to business +- <3-> Feels good to give back +#+BEAMER: \smallsubskip + + +*** REHEARSED Open Source Misses the Point :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:20 +:END: + +#+BEGIN_COMMENT +But we often say that open source misses the point of free software. + +When someone finds that there is a proprietary program that works better + for them, + they'll use that instead. +The free software philosophy argues, + however, + that a free program is /always superior/, + because it respects the user's freedoms. +#+END_COMMENT + +#+BEAMER: \only<1>{\Huge +#+BEGIN_CENTER +/Open Source Misses the Point/ + +\nocite{gnu:open-source-misses} +#+END_CENTER +#+BEAMER: } + + +*** READY Perpetuating An Ethics Void :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:01:05 +:END: + +#+BEGIN_COMMENT +This talk has been about an ethics void. +A lack of discussion about morality. +And the true light to providing that morality is software freedom. + +But when we talk about "open source", + we're confounding the situation, + because we're talking about software freedom without the moral aspects. +It's detrimental. +It perpetuates the void. +Some in the open source community are even /hostile/ toward software freedom. + +As two communities that deeply overlap--- + both creating free software--- + we want to be able to get along. +And we largely do. + +But "open source" rebranded the corollary and left the moral foundation + behind. +Why should we be surprised, + then, + when we don't talk about ethics in software, + when the two most popular models--- + proprietary and open source--- + avoid it? + +Now, to be clear: + open source is not a scapegoat for this talk; + don't walk away thinking I said that it is. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +Open Source Perpetuates the\nbsp{}Void +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Conformity Bias / ``Groupthink'' :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:25 +:END: + +#+BEGIN_COMMENT +Here's a question: +Which of these three lines is as long as the first? + +This isn't a trick question. + +A psychologist found that, + when he asked subjects to answer a question like this one, + but put them in a group that gave obviously incorrect answers, + many people became /uncomfortable/ giving the correct answer, + or even purposefully gave an obviously /incorrect/ answer + just to fit in with the group. +#+END_COMMENT + +\hfill ===================================== + +#+BEAMER: \subskip +#+BEGIN_CENTER +*Which line is as long as the first?* +#+END_CENTER + +#+BEAMER: \smallsubskip +*(1)* \hfill =================================== +#+BEAMER: \smallsubskip +*(2)* \hfill ===================================== +#+BEAMER: \smallsubskip +*(3)* \hfill ================================ + +#+BEAMER: \medsubskip +#+BEGIN_CENTER +Solomon Asch, ``Opinions and Social Pressure'' +#+END_CENTER + + +*** REHEARSED Follow the Leader :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:45 +:END: + +#+BEGIN_COMMENT +People follow their community and their leaders. +That should come as no surprise. + +So when we have people actively working against the free software community, + we have a problem. +Tom Preston-Werner, + one of the three founders of GitHub, + wrote an often-cited post entitled ``Open Source (Almost) Everything'', + in which he described all the valuable ways to exploit people to do your + bidding, + and told people not to liberate anything of actual business value. + +As long as we have people saying things like that, + and as long as we have people encouraging the use of permissive licenses + that allow others to violate users' freedoms, + and encouraging collaboration on sites like GitHub that discourage good + software practices and is itself proprietary, + then we are fighting an uphill battle almost from within. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +People Follow Their Community and Leaders +#+BEAMER: } + +#+BEAMER: \only<2>{ +#+BEGIN_QUOTE +Don’t open source anything that represents core business value. + +#+BEAMER: \hfill --- +Tom Preston-Werner, GitHub Founder + +#+BEAMER: \hfill +``Open Source (Almost) Everything''\nocite{os-almost-everything} +#+END_QUOTE +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Misjudging Oneself :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:30 +:END: +#+BEGIN_COMMENT +Let's take a step back from open source. +Let's look at the lack of moral guidance as a whole. + +Some studies have found that 92% of Americans are satisfied with their own + moral character. +Further, + 75--80% think they're more ethical than their peers. + +Yet despite this, + many people don't think about ethics in software despite moral issues + staring them in the face. +So what's going on? +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \uncover<1->{\Large +92% Americans Satisfied With Own Moral Character\cite{jlse:behavioral-ethics} +#+BEAMER: } +#+BEAMER: \subskip +#+BEAMER: \uncover<1->{\Large +75--80% Think They're More Ethical Than Peers +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Moral Clarity :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:01:20 +:END: +#+BEGIN_COMMENT +Moral myopia is a term used in behavioral ethics--- + it is described as a distortion of "moral vision" that makes it difficult + for ethical issues to come into focus. +It's enforced by rationalizations. +I used the example earlier of "if it's legal, it must be moral". +Maybe you recognize the value in free software, + but don't see a problem with keeping the good stuff proprietary because + you did a good deed by liberating /some/ of your code. +Maybe you think that pervasive online tracking is wrong, + yet you use Google Analytics and Facebook "like" buttons on your own + website + because you don't see your actions are contributing to the larger + problem. + +Another concept: + Ethical fading is when people focus on other aspects of a decision, + like profitability, + and don't see the ethical issue. + Maybe saying, + "we're not spying on you, we're just gathering detailed usage + statistics". + +Let's further that: + Moral disengagement creates an almost alternate reality to rationalize bad + decisions. + For example, + "we didn't violate our consent decree, it was just a bad actor". + +TODO: images of examples +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +Moral Myopia + +#+BEAMER: \smallsubskip\Large +Difficult for ethical issues to come into focus +#+BEAMER: } +#+BEAMER: \only<2>{\Huge +Ethical Fading + +#+BEAMER: \smallsubskip\Large +Distancing self from unethical implications +#+BEAMER: } +#+BEAMER: \only<3>{\Huge +Moral Disengagement + +#+BEAMER: \smallsubskip\Large +Creating another reality to rationalize actions +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Judged By Inaction :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:25 +:END: + +#+BEGIN_COMMENT +We need to stop making excuses for ourselves. + +Don't be judged by your inaction. + +Consequentialism also holds that inaction is judged no differently than an + explicit action, + because both may result in the same consequence. + +Another bad example of inaction is IoT security. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +Don't Be Judged By Your Inaction +#+BEAMER: } +#+END_CENTER + + +*** REHEARSED Framework Code of Ethics: Be Mindful :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:35 +:END: + +#+BEGIN_COMMENT +Inaction is sometimes due to a lack of care. +With respect to the other principles in this framework code of ethics: + + + +I ask that we keep up with events and learn from them, + and adapt. +And that business actually put money into educating their employees and + securing their products and services. +Make consideration of ethics part of your development process. +And always ask yourself, "am I behaving ethically?" +#+END_COMMENT + +*Be mindful of issues that give rise to consequences in violation of +these principles and act in good faith to mitigate those issues* + +- Continuous education (self and corporate) +- Make ethics part of your development process +- Ask yourself: ``Am I behaving ethically?'' + + +*** REHEARSED Framework Code of Ethics: Empower Others, Recursively :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:20 +:END: + +#+BEGIN_COMMENT +And shouldn't we help others to achieve that very same goal? + + +Don't just teach others about these topics--- + encourage them to in turn teach others. +If I've talked about issues that are important to you, + issues that concern you, + then advocate for change! +#+END_COMMENT + +*Impart your knowledge, skills, and experience to empower others, +recursively.* + +- Teach others how to apply these principles +- Teach others how to teach others +- Advocate for what is important to you + + +** READY Conclusion +*** REHEARSED Framework Code of Ethics :B_frame: +:PROPERTIES: +:BEAMER_env: frame +:DURATION: 00:00:30 +:END: + +#+BEGIN_COMMENT +This framework code of ethics, + as I've called it, + is not intended to be used as-is, + and is /certainly not/ comprehensive. +Its purpose is to serve as something concrete to take away from this talk. +To provoke thought. +To start a discussion. + +There is no universal code. +But maybe enough of us can find something compelling enough to agree on. +#+END_COMMENT + +0. [@0] *Serve the user*, not oneself +#+BEAMER: \smallsubskip +1. [@1] *Transparency* in data collection; transfer; use; and methodology, + with a clear and fair procedure to inspect and amend those data, both raw + and derived +#+BEAMER: \smallsubskip +2. [@2] *Explicit consent* to collection, transfer, and use of both PII and + data not offered by the user +#+BEAMER: \smallsubskip +3. [@3] *Be mindful* of issues that give rise to consequences in violation of + these principles and act in good faith to mitigate those issues +#+BEAMER: \smallsubskip +4. [@4] Impart your knowledge, skills, and experience to *empower others*, + recursively + + +*** REHEARSED Pragmatic Ethics :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:30 +:END: + +#+BEGIN_COMMENT +Times are changing. +We see users becoming increasingly uncomfortable. +We see lawmakers increasingly attentive. + +Pragmatic Ethics is a theory arguing that it is society, + not individuals, + that achieve morality. +That society and its norms evolve as a result of inquiry, + and what is considered to be moral in one age may not be in the next. +We can help to guide that direction. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +Pragmatic Ethics + +#+BEAMER: \smallsubskip\Large +Societial norms and morals evolve as a result of inquiry +#+BEAMER: } +#+END_CENTER + + +*** READY We, You :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:45 +:END: + +#+BEGIN_COMMENT +That collective "we" that I declared at the beginning of this talk? +The truth is that I bundled everyone together to give a sense of moral + insecurity and urgency. +"We" are not all the same. +Here at this conference, + many of us are free software advocates and activists. +As members of the free software community, + it is our responsibility to provide moral guidance to others. +To connect with other communities. + +Other fields have ethics built into their cirriculums. +Health, law, even business. +But I rarely hear of developers having been educated in technology ethics. +If you are an educator, + please, + fight to encorporate these ethical issues into your cirriculum. + +It only takes one voice within a community or organization to start a + conversation and change how things are run. +Let that voice be you. +#+END_COMMENT + +#+BEGIN_CENTER +#+BEAMER: \only<1>{\Huge +``We'' +#+BEAMER: }% +#+BEAMER: \only<2>{\Huge +Free Software Advocates +#+BEAMER: }% +#+BEAMER: \only<3>{\Huge +Educators +#+BEAMER: }% +#+BEAMER: \only<4>{\Huge +You. +#+BEAMER: }% +#+END_CENTER + + +** Thank You :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:DURATION: 00:00:01 +:END: + +#+BEGIN_COMMENT +Thank you. +#+END_COMMENT + +#+BEGIN_CENTER +Mike Gerwitz + +[[mailto:mtg@gnu.org][=mtg@gnu.org=]] + +\bigskip + +**Slides Available Online** + +[[https://mikegerwitz.com/talks/ethics-void]] + +\bigskip + +**More Information: The Surreptitious Assault on Privacy, Security, and +Freedom** + +[[https://mikegerwitz.com/talks/sapsf]] + +\vfill + +Licensed under the Creative Commons Attribution ShareAlike 4.0 +International License +#+END_CENTER + + +** References :B_appendix: +:PROPERTIES: +:BEAMER_env: appendix +:END: + +\printbibliography + + +* Exporting :noexport: +You should be able to simply export this buffer as a Beamer presentation +(=C-c C-e l P=) and get a slideshow. + +* Local Variables :noexport: +# Local Variables: +# org-todo-keyword-faces: (("DRAFT" . org-upcoming-deadline) \ +# ("DEVOID" . (:inherit org-warning \ +# :inverse-video t)) \ +# ("LACKING" . org-warning) \ +# ("REVIEWED" . "yellow") \ +# ("AUGMENT" . (:foreground "yellow" :bold t :underline t)) \ +# ("READY" . (:inherit org-scheduled :bold t :underline t))) +# eval: (add-to-list 'org-structure-template-alist +# '("C" "#+BEGIN_COMMENT\n?\n#+END_COMMENT")) +# End: