W3C home > Mailing lists > Public > public-credentials@w3.org > October 2015

Law-Enforcement, Metadata Retention, LDP, Creds & auIGF experiences

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Tue, 6 Oct 2015 23:47:43 +1100
Message-ID: <CAM1Sok0TRMzmr80Q3rCq3LAQqSRuXQhsKOqzSg=N-3Ckj9y_1A@mail.gmail.com>
To: W3C Credentials Community Group <public-credentials@w3.org>, public-rww <public-rww@w3.org>
Hi All,

A brilliant man suggests he might have time in December, yet i cannot
afford to travel to see him. This is similar to the issues i have in
travelling to attend other W3C related functions, etc.

I find that really embarrassing to say,  my family started a large
pathology company in Australia, i was brought up with the hippocratic oath
(hoping that simplifies 'it' sufficiently) and after
some devastating experiences I've been investing into this work for years,
with little regard for income, which appears to be a shared value with so
many doing similar work in the area, this is a reality of the results to
date.

I simply felt i needed to focus on fixing some problems - which led me
further into a journey, that led to you, and others, which i feel humbled
by, yet, a sense of purpose and value that i am not entirely wasting my
time in a manner that would mean i'd be better off doing something else...

I've been banging on about this idea of 'data ownership', 'knowledge
banking industries' that should be industrially augmented as to provide
governance capacity to governments by way of regulation rather than
operation. 'credentials' as an evolved method from 'WebID' to form means
for accountability systems, connected to citizen data storage...

This seems 'crazy' or 'too hard' to so many, yet I then got back from the
auIGF today, to be prompted by an article that says the EU is
disallowing the storage of personal information to be transported to the US
[1].

In AU, a 'mandatory data retention' thing is happening, and whilst
traditional 'wisdom' says, 'fight it' (which to me kinda means they recon
commercial storage (eg:"choice of law California") is good enough (lets not
get into equities, et.al) ;)...  I doubt that's going to work, for a
variety of reasons... It seems a bit like beaming free facebook[1] to
Africa, calling it internet, like we don't know about 'walled garden' cable
companies...

*Please feel welcome to gimme my AOL Browser and tell me about the
future...*

A World that is developing one where the 'save' icon looks like a floppy
disk, yet people forget the day where applications stored files separately
to the application, by way of a floppy disk

if the data exists, then at what level should an *accountable*
law-enforcement capability charged with the responsibility of upholding the
laws of the people, be placed, and who do you think they should be
accountable to?  A company who has the data for a deal?  or the person who
might want to take some verifiable knowledge - to a local court for the
purpose of accessible utility of their rule of law...

At the auIGF today, i figured the sessions were being recorded so the best
thing was to meet people.  so, amongst others - I found myself chatting to
the man in our local police force (VicPol), who is charged with the
difficult task of leading tactical intelligence for sexual crimes squad
(children) hearing about the difficulties he has in legally obtaining
capability to deal with issues that quite frankly - should be attended to
by all those who seek to call themselves human...

Capabilities and internal resources exist within many v.large companies who
are capable of making and managing the necessary ideological decisions
around what is 'reasonable' and what is not.  why are VicPol using
traditional methods? why don't they have semantic reasoning capabilities?

I've immediately sent him starting-point info he could leverage to build a
capability, such as a basic graph UI example [3], info about Virtuoso[4]
and semantic analysis [5] yet, i also understand the way in which that very
important purpose of technology utility may be re-purposed; and whilst that
issue underscored by experience of frustration, today, at the auIGF.
Underlying that worry - was the knowledge that those minds in which i work
with - have the intellectual capability to seriously *deal* the types of
issues this man, working for vicpol, is empowered by pen, paper, a bloody
telephone and a web-browser...   I'm simplifying things a little, yet
seriously - where are our priorities?

*Does anonymity exist or are we serious when we say we're targeting only
pseudo-anonymity... *

the whole situation between those who want to store - saying it's for
law-enforcement - and those who need it for law-enforcement - who, for
whatever reason - are still using telephones, meetings and other
traditional methods when well...  that's not the technical capability world
we live in IMHO; and that we continue to build - within our international
community.

I therefore believe the federal demand of data-retention - is a funding
'gift' that can be used to deploy a solution where data is principally
stored for access by the citizen for which it is about.  IMHO that might
upset providers such as akamai, yet, isn't that their fault for not
innovating?  why do web-innovators need to pay for storage and transfer of
user-data, when the alternative might let innovation thrive in new ways,
using capabilities that are developed via standards organisations - such as
W3C processes - in todays age...

My mind then shifts to the utility of IPv6 rather than NAT; which in-turn
dates back to early conversations about IPv6, DNS SEC, topological
identifiers vs. logical ones, et.al.

Credentials may provide complimentary solutions in those areas... yet, how
and what will resource solutions that overall - simulate sustainability...

The bigger problem for so many is of course that of the honey-pot issue -
which i think is an expensive problem to solve... Discussion with a leading
(local) telco individual - well, the expression on his face when he spoke
of the cost of data-retention...  priceless ;)

I then went onto suggest they build a new innovation capability that better
engages innovates (rather than simply benefiting from their works...),
in-turn supporting innovation around the utility of solutions such as
credentials (which in-turn will challenge the capacity for former business
practices to simply benefit from others work...)... Yet the question
becomes - is this sort of 'commercial behaviour', or the capacity to carry
it out, valued more highly than the safety and human rights of children? is
that a symbol, or a 'verified badge' for our 'advanced' society?

The big question i see - is* how a report might be developed to
better understand and communicate the differentiators in risk between
'traditional data retention' concepts* (no interface for Citizens / People,
designed for things 'invented' by people past and present, like companies,
et.al.)* vs. one that is principally designed for citizens *(and backed-up
by a provider, incase they delete important data...  for law-enforcement
purposes, et.al...).

I believe in a market-based knowledge-banking industry, where data storage
is decoupled from application availability.  I also believe Credentials is
meritoriously designed to solve the sorts of 'approved use' scenarios SNS's
depends upon, regardless of where the data is tele-housed.

I hear the TPP Agreement is signed.  I do wonder the implications.  Yet
we've got brilliant minds around the world and those engaged in exploiting
children - well, we're helping those who combat that, by relegating them
such primitive methods, because we can't match concepts such as LDP and
Linked-Data, to existing 'choice of law california' business models...  At
no stage do i believe such law-enforcement capabilities should not be made
accountable, i've heard stories about issues within such fields of
accountability which are horrific...  Yet Credentials is one solution of
many that is of a lesser debate than the principle i'm highlighting...

We can and should do better...

the mandatory data-retention discussion of issues today were entirely
polarised and IMHO, those that know enough, know the data exists anyway.
IMHO the debate is about how much we can or should, devalued the concept of
'citizen' over 'agent'.

AU has an opportunity where 'too much' money needs to be spent on localised
data-storage.  I think it's worthwhile reviewing the opportunities and
seeing what can be done to showcase some talent and opportunity for the
global scale, by responding to some warranted problems on a local one, in
AU at least.

No difference should exists between the risks of having 'mandatory data
retention' with interfaces for the citizens of which the data-retention is
about vs. a methodology that allows a service for 'upholding the laws of
the people' in which 'the people' have little to no awareness.

RDF is a means in which public health may be improved remarkably.

Whilst i believe upholding the human rights of children needs to be done in
context to other means to deal with false accusations, rule of law, et.al
(therein accountability is essential); means for accountability exists
- beyond pen, paper and telephone calls - and pursuant to our shared
values... that for children...

It's kinda simple really,

If someone abuses a child, i hope we all may call the police and have that
person made accountable by law...  Limiting available verifiable knowledge;
in-turn availing a child and their loved ones, their carers, of that
capacity to expect accessible justice - is wrong and i hope you consider
fully, the implications of the concept...

tim.


[1]
http://money.cnn.com/2015/10/06/technology/facebook-privacy-european-union/index.html
[2]
http://www.telegraph.co.uk/technology/facebook/11911539/Facebook-reaches-deal-to-beam-internet-to-Africa-from-space.html
[3] http://dbpedia.exascale.info/
[4] http://www.slideshare.net/kidehen/openlink-virtuoso-management-des
[5] http://www.mico-project.eu/
Received on Tuesday, 6 October 2015 12:48:54 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:25 UTC