Privacy Café Nijmegen

In spite of the snow the first Privacy Café in Nijmegen was a success!

With (only) four volunteers (from Bits of Freedom and the Free Software Foundation Europe) we managed to help 60 to 80 visitors to better protect their privacy.

Some of the Linux Nijmegen folks came by as well.

The Dutch “menu” can be found here (pdf) and the slides here. English versions can be found here (pdf) and here.

For some background on the Privacy Café in English, see my earlier post.

I’d like to thank all volunteers and visitors! See you next time.

- Felix

Privacy Café Nijmegen

Ondanks de sneeuw was het eerste Privacy Café in Nijmegen een succes!

Met (maar) vier vrijwilligers (van Bits of Freedom en de Free Software Foundation Europe) hebben we zo’n 60 tot 80 mensen kunnen helpen hun privacy beter te beschermen.

Een paar mensen van Linux Nijmegen kwamen ook nog even langs.

De menukaart staat hier (pdf) en de presentatie hier.

Alle vrijwilligers en bezoekers bedankt! Tot de volgende keer.

- Felix

My T-DOSE talk: The “Internet of Things”: Opportunities and Dangers

I recently gave a talk at T-DOSE, where I also helped out at the FSFE booth and the Privacy Café.

The slides are on github and you can watch the talk on youtube.

The abstract:

The “Internet of Things” is around the corner. What does this mean for us as software developers? And what are the dangers and opportunities when it comes to Freedom, Privacy and Security?

We live in interesting times. The time that a “computer” was a room full of electronics, or even a beige box on a desk is behind us. Computers are everywhere. And there will soon be even more of them, in even more places.

The IoT provides us with wonderful opportunities to remotely monitor, manage and automate. And we as a software development community are the ones building it.

But security is too often an afterthought (if that). Now that the IoT is around the corner, security is not just something that impacts those beige boxes on our desks — or the smartphones we carry around — but also the medical devices that monitor our health and keep us alive, the automobiles we drive, the electronics that monitor our homes, and the public infrastructure we depend on. It now impacts public safety, human life, privacy, freedom and democracy.

Who is responsible for making sure the systems and devices that make up the IoT are under the control of their users? Whether we like it or not, the responsibility for ensuring freedom, privacy, security, and (digital) civil rights rest on our shoulders. So instead of asking ourselves (as we usually do) “can we do this?”, we should ask ourselves “should we do this?

We need development practices that take security into account. We need to build systems that are secure from the ground up. And we need Free Software to make sure that the answer to “who controls our computers?” — including the IoT — is “the users”.

But we also need relevant authorities to ensure policies and laws mandate privacy and security and ensure open standards. And we need public awareness of the impact of the IoT on — and the importance of — privacy and security.

The IoT is on its way. It’s up to us to build it right. And to have lots of fun along the way.

- Felix

Workshop on Privacy and Free Software

I led a workshop on Privacy and Free Software at FSFE’s Germanophone Team Meeting 2014. Here’s a summary.

Privacy Café

The Privacy Café is an initiative of Dutch digital rights organisation Bits of Freedom. Its purpose is to teach people to protect their privacy. They call it “digital self-defence”.

Whilst the Privacy Café has a lot in common with CryptoParties, there are some notable differences:

  • It usually takes place in a public library (instead of e.g. a hackerspace).
  • It targets a non-technical audience (which is why a public library is a very good venue).

The Privacy Café has a “menu” with

  • starters like Firefox, https everywhere, startpage.com, choosing good passwords, automatic updates, screen locking, hard disk encryption;
  • main courses like Tor, GnuPG, OTR, Tails;
  • and desserts like tosdr.org, prism-break.org, xkcd.com.

Volunteers from Bits of Freedom and hackerspaces (and sometimes FSFE) are there to answer questions, help people choose from the menu and install and configure the software.

Sometimes, there are also lightning talks. I gave one about the importance of Free Software at the Privacy Café in Utrecht.

Handouts: → Dutch (april), → Dutch (may), → English (june)

Software Freedom

The people that go to a Privacy Café are already aware of issues surrounding privacy and freedom. This gives us an opportunity to tell them about Free Software. A good place to start is by asking them “who controls the software?”.

Remarks from the Workshop

  • The timing is right, since awareness of privacy themes is very high at the moment and those who worry about privacy are already aware of the importance of freedom. This makes it much easier to show the link between freedom and control and Free Software.
  • It is unfortunate that the theme of Free Software is not already at the foreground, even though it is necessary for privacy.
  • We need all four freedoms, not just the ability to audit the software (i.e. source availability).
  • The menu metaphor is good (like the tools metaphor in the “tools leaflet”).
  • Using a public library as a venue is good, since it takes privacy out of the domain of hackers and “nerds” and makes it more approachable for non-technical people.
  • Free Software and encryption can be made more attractive with proper attention to presentation (e.g. websites and handouts).

Ideas from the Workshop

  • Making it more “fun” by using symbols (for signatures), stickers (for laptops) to show e.g. what “level” one has achieved.
  • Finish Lucile’s privacy flyer draft so it can be used for similar events.
  • Organise something similar (e.g. in Unperfekthaus).

non-free encryption software

What to do when those groups who teach encryption do so using non-free software?

  • Working together is desirable, so we have more Free Software people in the group and can explain our topic.
  • We should keep emphasising that only Free Software can ensure security (Kerckhoffs’s principle).
  • FSFE will never promote non-free software, and advises volunteers to also not recommend non-free software, but rather explain the issues mentioned above.

Links from the Workshop

- Felix