June 29 2023 GM: Difference between revisions
No edit summary |
(→Notes) |
||
Line 23: | Line 23: | ||
==Notes== | ==Notes== | ||
'' | |||
===== '''Would you mind telling us more about you and your work in digital rights? What are some issues that you're interested in personally?''' ===== | |||
* I’ve been working in, with, and around this community for a while now. As you might have seen around, I’m currently with ARTICLE 19 where I work on matters of internet infrastructure. We focus on internet infrastructure because it’s technology that often goes unscrutinised. We don’t hear about it often, only when internet infrastructure fails. And when it fails, it’s big – remember that time when Fastly outage led to us not being able to access the BBC, HBO, Spotify, GitHub all at the same time? Before I worked on this, you might have known me from my personal/previous work in Vietnam where I worked to support frontline activists and citizen journalists, convened a few multi-stakeholder spaces and campaigned for those arrested. | |||
===== '''What are SDOs, or standards-developing organizations, and why are they important?''' ===== | |||
* Standards developing organizations that develop (who would have guessed) standards! They can be national, regional, or international. And oftentimes, they're also industry-led. We actually rely on standards every day. Standards in the automobile industry ensure that our seat belts keep us safe while driving. Standards in food safety ensure that our dinner doesn’t make us sick, whether it’s prepared in our kitchen or a restaurant. They also exist across the technology industry. And while we use standardized technologies everyday, we actually rarely recognise them for what they are. | |||
===== '''So when we're thinking about SDOs in the tech space, how do they usually develop their standards, and how do these standards then impact human/ digital rights?''' ===== | |||
* Developing a technical standard is a ((very) long) process. A proposal made by a participant in an SDO must be reviewed and accepted by its technical community; even if a proposal successfully becomes a draft, it generally takes two or more years for a draft to become a standard. Over this time, the draft is subject to iterative improvements, deliberations, and feedback from the community. Even then, publication isn’t guaranteed: a stable draft must generally be agreed by consensus before it can become a standard. | |||
* We often think about how technologies impact human rights. But... but... what if we could engage in the various processes before these technologies are even deployed? Given that… we know that once a technology is sent out into the real world, its harms can’t ever really be fully mitigated. If we’re able to engage in the stages (like design, development, and deployment) as well as standardisation and be like hey! This technology can be harmful or it can be better improved considering privacy, encryption, or censorship in a particular context – it could become a key opportunity to ensure that harms aren’t replicated in the real world. | |||
===== '''Standards are only as good as the community abiding by them, maybe?''' ===== | |||
* Right. They're only as good as companies abide by and implement them. and they're only as good if they're actually... good | |||
* There's a lot of chatter about AI regulation. The EU AI Act actually falls back to relying on standards bodies to determine some of the harms behind AI yet... the standards piece kind of falls out of the discussion a lot of the time. | |||
===== '''Can you think of any examples of SDOs that are doing interesting work, or are good at setting (good) standards?''' ===== | |||
* I think the Internet Engineering Task Force (known by most as the IETF) is a really interesting SDO. It develops and promotes a wide range of internet protocols and standards, including the Internet Protocol suite (TCP/IP) -- which we happen to use everyday! The IETF also develops standards related to the Domain Name System, also known as the DNS, the directory of the internet which translates domain names to IP (numerical) addresses. This allows browsers and other tools (AND US) to connect to the right website or other internet resources. | |||
===== '''How do different SDOs collaborate with each other? Is it common for them to work together on the same standards? Or working on similar standards for the same technology at the same time (i.e. being competitive with each other)?''' ===== | |||
* There are some SDOs that work and coordinate with each other (the IETF does this with ICANN since their mandate is on the DNS) or the ITU-T also works with such SDOs as ISO/IEC on encryption. But yes!! Developing standards can also be very competitive. Some standards bodies feel like they do have to compete to develop a particular standard on a particular technology (you can imagine how many standards bodies want to focus on AI related tech these days) | |||
===== '''What is [https://almanac.article19.org/ Almanac] and how did it come about (talk us through the methodology)?''' ===== | |||
* We honestly sat down and were like if I was a newcomer and wanted to engage in standards work where do I even begin? There are just so many technical SDOs, they have so many different mandates, it’s hard to figure out and navigate how to engage, and they’re also super specialized. So we were like hey! Let’s map this all out. | |||
* As a team, we’ve been involved and have participated in technical standards for a while. So we decided to reach out to our various networks and contacts to see if we could collectively map out the various technical SDOs, their specific working groups, committees, and study groups that are developing standards that have a potential impact on human rights. | |||
* So we sent out a survey, had people respond, and then did a bit of our own desk research before bringing it together. We wanted to categorize the information based on two things: the SDO itself, as well as the mandate groups or committees work on (such as messaging and communications, or digital identity). It’s also because SDOs can have fairly broad mandates so we wanted to be as specific as possible for those who are looking at participating in an SDO. | |||
* But your question on the name! We hope to have it updated on a periodic basis (maybe every two years or so? What do folks think) which will continue to be a guide or point of reference for those who are looking to better understand the standards landscape. | |||
===== '''If there is a working group/policy area in the almanac (which is so beautiful), that means there's some civil society engagement on that issue?''' ===== | |||
* There are some super niche working groups or committees where there might be just one (it can be lonely) person who's either picked up that it could be impacting human rights or something that people have heard of or are monitoring, but not necessarily actively participating. | |||
===== '''How do you imagine people working in digital rights to use the Almanac?''' ===== | |||
* This would be useful for those who are wanting to either better understand what standards are coming up that impact human rights, or looking to engage in technical SDOs. Say you wanted to know where standards are being developed for biometrics, the Almanac can direct you to the particular group or committee that's known for developing standards for biometrics. It's also got information about how to participate and some of the challenges to participating in the SDO. | |||
* The Almanac includes major international SDOs, do you intend to map the regional ones at some point too? (I am asking because I think it would be great for civil society to be engaged in these discussions not only at the international level, but locally too) | |||
* We've also mapped some regional ones, too! We included ATIS, which is the North American organization under the 3rd Generation Partnership Project (3GPP). We also mapped out some bits of work from ETSI and CEN/CENELEC which are European SDOs. But we definitely need to map more! | |||
===== '''Do you see any challenges in setting standards and ensuring that everyone abides by them?''' ===== | |||
* SDOs aren't very open and transparent (who would've thought!) so it can be hard to find information about them, also one of the big reasons why we sought to develop the Almanac. Participating in technical standards setting processes require a bit of time and investment over a long period of time to see the changes we're trying to advocate for. I mentioned earlier that the standards process can take years, which means you should be ready to be involved for a long while. There's quite a few in-person meetings every year as well, so for people coming from the Global South it can be challenging navigating visa systems, finding funds to support travel and accommodation costs, etc. | |||
* It's also a very different culture as well! We're engaging with a very technical community who may be siloed from some of the impacts that these technologies have. It's a different sort of "talk" so it can be a bit jarring and overwhelming, especially given many of the SDOs primarily consist of participants from the US or Europe. But we need to be there, to explain how these technologies impact the real lives of everyone, not just a small subset of people in the world. | |||
* Companies don't necessarily have to abide to standards -- they can choose which standards they implement or not. Standards aren't an end all; we also have to engage with companies to implement (good) standards in order for our work to be impactful. | |||
===== '''What recommendations and/or advice do you have for those with a human rights/policy background to successfully engage in SDOs? How can one go about building the technical expertise needed for engagement?''' ===== | |||
* Patience! It can be a bit of a learning curve, navigating the culture, the language, the technical concepts. A bit of grit to get you through it will really help. Also being able to translate some of these concepts; whether it be how human rights will be impacted on a technical level, or why a particular spec will be impactful on human rights. We don't have many bridges between these different communities so the more bridges and intersections, the better! | |||
===== '''Are most of the authoritative bodies setting standards that are 'global' so to say? Is there a kind of agreement that once it's set, it's applicable in most countries? or is it different across the board?''' ===== | |||
* Yeah! Lots of countries and regions have their own standards bodies, whether it be focusing on technologies or not. But governments/companies can choose whether to apply a standard or not. Much like policy. | |||
===== '''What does the maintenance work of the Almanac look like? Who updates it and is it possible to contribute as well?''' ===== | |||
* We do plan to update it whether it be on a periodic basis (every two years perhaps - what do y'all think? Is this okay?) and we'll definitely open it up to as many people to contribute. The more we can map the standard landscape, the better. It's like we're explorers. Only we're decolonisers. | |||
===== '''What is the Internet Corporation of Assigned Names and Numbers (ICANN) and where is it?''' ===== | |||
* I think you’re asking about ICANN because you noticed that it’s not there. But firstly, to answer your question, ICANN is a global organization that coordinates and manages the Domain Name System (DNS), IP addresses, and namespaces of the Internet. In more simplistic terms, the DNS is kind of like the phonebook of the Internet that translates a domain name (that we often refer to as the website link) to a series of numbers. There’s a lot of technical policies that ICANN works on that impact the operations of the DNS. But we didn't include ICANN as we decided to focus on technical internet-related standards rather than the much broader and complex world of technical internet policy. (It's a whole new world) | |||
===== '''stepping back, can you tell us what Article19 is and why it decided to commit to making this resource publicly available?''' ===== | |||
* Oh, yes! ARTICLE 19 -- my organization! We're a human rights organization working to protect and promote freedom of expression through policy and advocacy. More specifically, I'm a part of the Global Digital Program which works on the design, development, standardization, and deployment of internet infrastructure technologies. | |||
* We recognise that we alone don't have the capacity, competency, nor the power to influence every stage of the technology life cycle... of every single technology that can impact human rights. | |||
* But (!!!) if we work together and collaborate with interested organizations, communities, and individuals who have different expertises, experiences, and resources; we can collectively work to intervene on these technologies before they're deployed in the real world. And so we can also better serve the communities who are most affected by these technologies. | |||
* Which is why we thought to create more resources in order to support folks looking to engage in technical discussions related to internet infrastructure | |||
===== '''Is there anything else you'd like to add before we end our discussion today? And how can folks reach out to you directly?''' ===== | |||
* There are also different ways we can support folks interested and looking to engage in technical standards setting processes. We have an Internet of Rights fellowship which looks to support individuals from the Global South to participate in these SDOs and we also have quite a few resources on the web which you can access to better understand internet infrastructure, or each SDO. | |||
* Reach out to me via email donle@article19.org if you want to know more! |
Latest revision as of 14:33, 29 June 2023
Glitter Meetups |
Glitter Meetup is the weekly town hall of the Internet Freedom community at the IF Square on the TCU Mattermost, at 9am EDT / 1pm UTC. Do you need an invite? Learn how to get one here.
- Date: Thursday, June 29
- Time: 9am EDT / 1pm UTC
- Who: Don Le
- Moderator: Astha
- Where: On TCU Mattermost "IF Square" Channel.
- Don't have an account to the TCU Mattermost? you can request one following the directions here.
The Internet Standards Almanac by ARTICLE 19: The how, where, and which Internet infrastructure is standardized
Almanac is an interactive site by Article 19 to support public interest technologists and civil society organizations who wish to participate in technical standards-developing organizations. It answers two primary questions: 1) Which standards developing organizations (SDOs) are developing standards that have human rights implications? 2) How do these standards impact human rights? We will speak with Don Le about how anyone curious about engaging in the standardization of internet infrastructure can get involved.
Don coordinates Team Digital’s cross-programmatic work, supporting the implementation of programs and projects. He has previously managed interdisciplinary communities and convened actors from a cross-section of fields facilitating collaboration to improve access to information and achieve greater freedom of expression. He has also organised international advocacy efforts to promote digital rights, and to support frontline activists and citizen journalists in Vietnam.
Notes
Would you mind telling us more about you and your work in digital rights? What are some issues that you're interested in personally?
- I’ve been working in, with, and around this community for a while now. As you might have seen around, I’m currently with ARTICLE 19 where I work on matters of internet infrastructure. We focus on internet infrastructure because it’s technology that often goes unscrutinised. We don’t hear about it often, only when internet infrastructure fails. And when it fails, it’s big – remember that time when Fastly outage led to us not being able to access the BBC, HBO, Spotify, GitHub all at the same time? Before I worked on this, you might have known me from my personal/previous work in Vietnam where I worked to support frontline activists and citizen journalists, convened a few multi-stakeholder spaces and campaigned for those arrested.
What are SDOs, or standards-developing organizations, and why are they important?
- Standards developing organizations that develop (who would have guessed) standards! They can be national, regional, or international. And oftentimes, they're also industry-led. We actually rely on standards every day. Standards in the automobile industry ensure that our seat belts keep us safe while driving. Standards in food safety ensure that our dinner doesn’t make us sick, whether it’s prepared in our kitchen or a restaurant. They also exist across the technology industry. And while we use standardized technologies everyday, we actually rarely recognise them for what they are.
So when we're thinking about SDOs in the tech space, how do they usually develop their standards, and how do these standards then impact human/ digital rights?
- Developing a technical standard is a ((very) long) process. A proposal made by a participant in an SDO must be reviewed and accepted by its technical community; even if a proposal successfully becomes a draft, it generally takes two or more years for a draft to become a standard. Over this time, the draft is subject to iterative improvements, deliberations, and feedback from the community. Even then, publication isn’t guaranteed: a stable draft must generally be agreed by consensus before it can become a standard.
- We often think about how technologies impact human rights. But... but... what if we could engage in the various processes before these technologies are even deployed? Given that… we know that once a technology is sent out into the real world, its harms can’t ever really be fully mitigated. If we’re able to engage in the stages (like design, development, and deployment) as well as standardisation and be like hey! This technology can be harmful or it can be better improved considering privacy, encryption, or censorship in a particular context – it could become a key opportunity to ensure that harms aren’t replicated in the real world.
Standards are only as good as the community abiding by them, maybe?
- Right. They're only as good as companies abide by and implement them. and they're only as good if they're actually... good
- There's a lot of chatter about AI regulation. The EU AI Act actually falls back to relying on standards bodies to determine some of the harms behind AI yet... the standards piece kind of falls out of the discussion a lot of the time.
Can you think of any examples of SDOs that are doing interesting work, or are good at setting (good) standards?
- I think the Internet Engineering Task Force (known by most as the IETF) is a really interesting SDO. It develops and promotes a wide range of internet protocols and standards, including the Internet Protocol suite (TCP/IP) -- which we happen to use everyday! The IETF also develops standards related to the Domain Name System, also known as the DNS, the directory of the internet which translates domain names to IP (numerical) addresses. This allows browsers and other tools (AND US) to connect to the right website or other internet resources.
How do different SDOs collaborate with each other? Is it common for them to work together on the same standards? Or working on similar standards for the same technology at the same time (i.e. being competitive with each other)?
- There are some SDOs that work and coordinate with each other (the IETF does this with ICANN since their mandate is on the DNS) or the ITU-T also works with such SDOs as ISO/IEC on encryption. But yes!! Developing standards can also be very competitive. Some standards bodies feel like they do have to compete to develop a particular standard on a particular technology (you can imagine how many standards bodies want to focus on AI related tech these days)
What is Almanac and how did it come about (talk us through the methodology)?
- We honestly sat down and were like if I was a newcomer and wanted to engage in standards work where do I even begin? There are just so many technical SDOs, they have so many different mandates, it’s hard to figure out and navigate how to engage, and they’re also super specialized. So we were like hey! Let’s map this all out.
- As a team, we’ve been involved and have participated in technical standards for a while. So we decided to reach out to our various networks and contacts to see if we could collectively map out the various technical SDOs, their specific working groups, committees, and study groups that are developing standards that have a potential impact on human rights.
- So we sent out a survey, had people respond, and then did a bit of our own desk research before bringing it together. We wanted to categorize the information based on two things: the SDO itself, as well as the mandate groups or committees work on (such as messaging and communications, or digital identity). It’s also because SDOs can have fairly broad mandates so we wanted to be as specific as possible for those who are looking at participating in an SDO.
- But your question on the name! We hope to have it updated on a periodic basis (maybe every two years or so? What do folks think) which will continue to be a guide or point of reference for those who are looking to better understand the standards landscape.
If there is a working group/policy area in the almanac (which is so beautiful), that means there's some civil society engagement on that issue?
- There are some super niche working groups or committees where there might be just one (it can be lonely) person who's either picked up that it could be impacting human rights or something that people have heard of or are monitoring, but not necessarily actively participating.
How do you imagine people working in digital rights to use the Almanac?
- This would be useful for those who are wanting to either better understand what standards are coming up that impact human rights, or looking to engage in technical SDOs. Say you wanted to know where standards are being developed for biometrics, the Almanac can direct you to the particular group or committee that's known for developing standards for biometrics. It's also got information about how to participate and some of the challenges to participating in the SDO.
- The Almanac includes major international SDOs, do you intend to map the regional ones at some point too? (I am asking because I think it would be great for civil society to be engaged in these discussions not only at the international level, but locally too)
- We've also mapped some regional ones, too! We included ATIS, which is the North American organization under the 3rd Generation Partnership Project (3GPP). We also mapped out some bits of work from ETSI and CEN/CENELEC which are European SDOs. But we definitely need to map more!
Do you see any challenges in setting standards and ensuring that everyone abides by them?
- SDOs aren't very open and transparent (who would've thought!) so it can be hard to find information about them, also one of the big reasons why we sought to develop the Almanac. Participating in technical standards setting processes require a bit of time and investment over a long period of time to see the changes we're trying to advocate for. I mentioned earlier that the standards process can take years, which means you should be ready to be involved for a long while. There's quite a few in-person meetings every year as well, so for people coming from the Global South it can be challenging navigating visa systems, finding funds to support travel and accommodation costs, etc.
- It's also a very different culture as well! We're engaging with a very technical community who may be siloed from some of the impacts that these technologies have. It's a different sort of "talk" so it can be a bit jarring and overwhelming, especially given many of the SDOs primarily consist of participants from the US or Europe. But we need to be there, to explain how these technologies impact the real lives of everyone, not just a small subset of people in the world.
- Companies don't necessarily have to abide to standards -- they can choose which standards they implement or not. Standards aren't an end all; we also have to engage with companies to implement (good) standards in order for our work to be impactful.
What recommendations and/or advice do you have for those with a human rights/policy background to successfully engage in SDOs? How can one go about building the technical expertise needed for engagement?
- Patience! It can be a bit of a learning curve, navigating the culture, the language, the technical concepts. A bit of grit to get you through it will really help. Also being able to translate some of these concepts; whether it be how human rights will be impacted on a technical level, or why a particular spec will be impactful on human rights. We don't have many bridges between these different communities so the more bridges and intersections, the better!
Are most of the authoritative bodies setting standards that are 'global' so to say? Is there a kind of agreement that once it's set, it's applicable in most countries? or is it different across the board?
- Yeah! Lots of countries and regions have their own standards bodies, whether it be focusing on technologies or not. But governments/companies can choose whether to apply a standard or not. Much like policy.
What does the maintenance work of the Almanac look like? Who updates it and is it possible to contribute as well?
- We do plan to update it whether it be on a periodic basis (every two years perhaps - what do y'all think? Is this okay?) and we'll definitely open it up to as many people to contribute. The more we can map the standard landscape, the better. It's like we're explorers. Only we're decolonisers.
What is the Internet Corporation of Assigned Names and Numbers (ICANN) and where is it?
- I think you’re asking about ICANN because you noticed that it’s not there. But firstly, to answer your question, ICANN is a global organization that coordinates and manages the Domain Name System (DNS), IP addresses, and namespaces of the Internet. In more simplistic terms, the DNS is kind of like the phonebook of the Internet that translates a domain name (that we often refer to as the website link) to a series of numbers. There’s a lot of technical policies that ICANN works on that impact the operations of the DNS. But we didn't include ICANN as we decided to focus on technical internet-related standards rather than the much broader and complex world of technical internet policy. (It's a whole new world)
stepping back, can you tell us what Article19 is and why it decided to commit to making this resource publicly available?
- Oh, yes! ARTICLE 19 -- my organization! We're a human rights organization working to protect and promote freedom of expression through policy and advocacy. More specifically, I'm a part of the Global Digital Program which works on the design, development, standardization, and deployment of internet infrastructure technologies.
- We recognise that we alone don't have the capacity, competency, nor the power to influence every stage of the technology life cycle... of every single technology that can impact human rights.
- But (!!!) if we work together and collaborate with interested organizations, communities, and individuals who have different expertises, experiences, and resources; we can collectively work to intervene on these technologies before they're deployed in the real world. And so we can also better serve the communities who are most affected by these technologies.
- Which is why we thought to create more resources in order to support folks looking to engage in technical discussions related to internet infrastructure
Is there anything else you'd like to add before we end our discussion today? And how can folks reach out to you directly?
- There are also different ways we can support folks interested and looking to engage in technical standards setting processes. We have an Internet of Rights fellowship which looks to support individuals from the Global South to participate in these SDOs and we also have quite a few resources on the web which you can access to better understand internet infrastructure, or each SDO.
- Reach out to me via email donle@article19.org if you want to know more!