Privacy International at the Internet Freedom Festival 2018

From IFF website - illustration

*picture obtained from the IFF website

The next Internet Freedom Festival (IFF) 2018 will take place in Valencia, Spain, between the 5th and the 9th of March 2018. Since its beginning as the Circumvention Tech Festival in 2015, the IFF has grown into one of the largest, most diverse and inclusive gatherings in the Internet Freedom community. The theme this year is "Joining Forces to Fight Censorship and Surveillance".

The IFF brings together journalists, activists, technologists, policy advocates, digital safety trainers, and designers working in digital rights around the world to create an inclusive and diverse space, cultivate an atmosphere of trust, and collectively improve the services, strategies, and tools offered to the most vulnerable individuals on the frontlines by mapping censorship, surveillance and access obstacles faced in different regions in the world.

Privacy International is proud to participate in this event, where it will be addressing issues such as privacy litigation, consent, organisational privacy and security, and cybersecurity in the developing world, as part of our efforts to build a global privacy movement. To join on the action, follow us in Twitter at @privacyint, @PrivacyUN, @lucypurdon@panchovera, and @ed_geraghty.

In particular, we will be participating in the following spaces:

Defending privacy through litigation in the global south 
(Monday, 5 March 2018 at 3.45 pm)

Together with Fundación Datos Protegidos, one of our Chilean Partners, we will be discussing how to defend the right to privacy through litigation. The session will identify some common trends and legal tools that can be used by a community of legal privacy practitioners, mainly in Latin America but applicable to other regions.

Among those tools are public information requests, data subject access requests; data protection, consumer, criminal and constitutional litigation; and regional human rights tools. As part of this, Privacy International will present some of our litigation work on surveillance (such as the 10 Human Rights Org case and our Microsoft Ireland intervention), and explore avenues for collaboration with other participant organisations, to help them navigate the EU/UK/USA legal framework to request relevant information or intervene in relevant cases.

Everything’s on fire, here’s how we’re trying to put it out 
(Tuesday, 6 March 2018 at 09:45 am)

Defending systems and infrastructure we rely on every day from attacks is hard. How to secure networks is an integral yet often neglected part of cyber security policy discussions. If, as a society, we are to have a hope of protecting both our privacy and our security when using technology, networks must be secure by default, from the start. As an NGO we face challenges in the same way as any small or medium sized enterprise (SME) when it comes to technology. But tech knowledge is expensive, hard to find, and until recently was not even considered in funding models. 

Technologists at Privacy International developed Thornsec, a piece of open source software which is an automated way to deploy, test, and audit internal and external services for an organisation, saving a lot of time and creating a sustainable security model. This software runs all of Privacy International’s services – website, calendar, project management tools, Tor hidden services, VPNs. Thornsec is not solely a technological initiative, it is also changing the culture of the organisation by increasing our understanding of network security and making us all pay more attention to the technology we take for granted every day. We would like to share our experience and lessons learned of failing, tearing apart our services and rebuilding our organisational network from scratch. This is also an opportunity for us to ask technologists to probe Thornsec's code, find mistakes/weaknesses, and question our decisions. 

How we imagine consent in a data society 
(Wednesday, 7 March 2018 at 09:45 am)

Together with technology and gender researchers and activists, including our Brazilian partners from Coding Rights, we will be talking about how the increasing reliance on digital services, and therefore related terms of services (ToS), is re-defining traditional notions of informed consent. Every day we see how this concept is undermined, with long and difficult text that is unintelligible to users, who are powerless to negotiate those conditions. Consent is also a core element to avoid gender-based violence. For example, informed consent will make a fundamental difference regarding women being able to exercise their sexual freedom on the internet, or being a victim of gender violence through the publication of non-consensual pornography.

Social practices, different approaches on policies, and creative technologies can work together to create a more fair and free internet, where informed consent can be more than just an empty concept. This session will be the start of a conversation that the presenters hope to continue in their own research and activism.

How to engage in cyber debates: furthering society's capacity to challenge bad policy
(Thursday, 8 March 2018 at 12.15 pm)

Describing cyber security can often feel like a riddle. It is a term widely used but poorly understood. It can mean different things to different communities, governments and companies. Nonetheless, in the name of cyber security, governments are adopting laws and policies that affect everyone. In 2017, Asociación por los Derechos Civiles, Karisma and TEDIC, all partners of our international network,  began a joint research project to examine the contemporary narratives and processes that shape the cyber security agenda in Latin America. Their recently published policy paper is aimed at driving a more human rights-oriented cyber security agenda, and serves as a resource for civil society organisations, individuals, technical experts, and journalists. Perspectives based on similar work by PI partners in Africa will also be shared and analysed.

Biometrics and privacy

Privacy International will also be participating in two sessions on biometrics, and its impact on privacy and identity. New technologies may hold great benefits, but without strong legal frameworks ensuring that rights are adequately protected, they pose serious threats to the populations they are supposed to empower.

This is never more evident than with the rapid and widespread implementation of biometric technology. Whilst concerns and challenges are seen in both developed and developing countries, for the latter they are more acute due the absence of laws or flawed legal frameworks, which are failing to uphold and ensure the protection of basic human rights. Research conducted on this issue by members of the Privacy International Network in Africa and South Asia will be discussed and highlighted.

The sessions are:

Privacy and Data Protection In The Age of Biometrics
(Wednesday, 7 March 2018 at 12.15 pm)

Quantified identities as a global phenomenon: analyzing the impact of biometric systems in our societies
(Thursday, 8 March 2018 at 5:00 pm)