8 July 2010

Notes from the 6th Internet, Law and Politics Conference: Cloud Computing: Law and Politics in the Cloud, organized by the Open University of Catalonia, School of Law and Political Science, and held in Barcelona, Spain, on July 7th and 8th, 2010. More notes on this event: idp2010.

Citizen Participation in the Cloud
Chairs: Ismael Peña-López

Citizen participation in the Cloud: risk of storm
Albert Batlle, Open University of Catalonia.

If you cannot see the video, please visit <a href="http://ictlogy.net/?p=3414">http://ictlogy.net/?p=3414</a>

The situation we are in is a context of crisis of political legitimacy. This means much less political participation in general and, more specifically, protest voting, young people voting less, decreasing levels of affiliation to parties or other civic organizations, etc.

On the other hand, we see the explosion of the Information Society and of the Web 2.0, “participative” by definition. ICTs are adopted by political organizations in the fields of eGovernment — to provide public services for the citizen — and eDemocracy — to enhance and foster participation.

Two different perspectives in the crossroads between political disaffection and the Information Society:

  • Cyberoptimism: ICTs will lead to a mobilization effect. More people will participate because participation costs are lower, there is much more information than before, etc.
  • Cyberpessimism: ICTs will lead to new elites because of the digital divide. The existing differences between the ones that participated and the ones that didn’t are broadened.
  • Realists: we need more empirical studies (and to avoid technological determinism).

We have new technologies for citizen participation but, what tools for what uses? A research for the Barcelona county council.

After a survey within the Barcelona municipalities, we can state:

  • There are different participation activities depending on whether the communication is horizontal or vertical.
  • There are topics more prone to intensively use ICTs: urban planning, youngsters, education and equality, elder people, sustainability.
  • Not organized citizens, resources, transversal coordination are variables that are usually identified as barriers not overcome; while training, innovation, agenda, associations or political agreement are usually identified as goals reached through ICT-enhanced participation.

The study then goes on to analyze tools and applications and how they fit in the participation process:

  • Directionality, qualitative: unidirectional, bidirectional, hybrid
  • Directionality, quantitative: one-to-one, one-to-many, many to many.
  • Competences: basic, advanced, expert.
  • Applications: type of tool, cost, hosting, “mashability”.

Participation moments:

  • Mobilization: information about the participation process and the goals to be achieved.
  • Development: putting into practice the participation project.
  • Closing: stating the decision being made.
  • Follow up: monitoring and assessment of the decision reached.

A first analysis of 19 international cases, we see that most tools have a one-to-many directionality, are bidirectional, and are mainly used in the mobilization moment. User registration and the data they have to provide is an important issue and must be decided in advance, as happens with deciding the goals and functioning of the process, which includes defining and identifying the role of the online facilitator. Free software is usually the option chosen, and accessibility (in a broad sense) is normally taken into account.

We find two different models. Even if models are not “pure”, we can see opposite approaches: Initiatives aimed at community building, characterized by being open, relational, fostering engagement, using free tools and aiming at a networked participation, with a facilitator that engages in a bidirectional conversation. And policy oriented initiatives, characterized by being more formal (or formalized), focussing at decision-taking and representation, using own platforms and more “traditional” participation means, with a facilitator that guides and information that flows asymmetrically and unidirectionally.

Cloud computing is both an opportunity and a challenge. On the one hand, there are legal hazards that need being solved, but that also disclose some interesting spaces. Indeed, the new a-institutional logic is disruptive but also provides new ways of learning, as the public and private spheres intersect one to each other and get confused (want it or not) one with each other. It is a response to the de-legitimation of political institutions, but it is also a reassurance that citizens do care about public affairs: the crisis is in the institutions, not in participation itself.

Bernard Woolley: “Well, yes, Sir…I mean, it [open government] is the Minister’s policy after all.”
Sir Arnold: “My dear boy, it is a contradiction in terms: you can be open or you can have government.”

(from Yes Minister, 1980)

Evgeny Morozov, Georgetown University’s E. A. Walsh School of Foreign Service.

If you cannot see the video, please visit <a href="http://ictlogy.net/?p=3414">http://ictlogy.net/?p=3414</a>

Decisions made at the technological level in Western economies/businesses will affect how cyberactivism takes place… all over the world. What Google, Twitter or Facebook decides impacts citizen action everywhere.

There is much effort on building social capital online, uploading content, gathering people in a group, and this effort relies on a potential arbitrary decision by the owner of the online platform, who serves who knows whose will. Groups in social networking sites disappear every day without previous notice and most times without an explicit and clear reason for it.

But regulating these corporations is often seen as a barrier to democratize more quickly less democratic countries. You don’t want to “spoil” a Web 2.0 application if it is seldom used to raise protests against non-democratic regimes, or used on human emergencies, etc.

But outside of Western countries, most applications are owned and run by local companies that have less freedom of choice than in other places of the World. If the Chinese or Russian or Iranian governments ask for user personal data to these companies, they have little chances not to deliver them. This makes datamining by governments very easy and very effective to locate and identify dissidents.

Besides direct extortion to companies, governments can directly monitor and put up several kinds of citizen surveillance, including entering an individual’s computer because the government infiltrated the computer with a trojan or any other kind of spy-software. Of all, the major problem is not even being aware of that manipulation. Same applies to web servers, of course.

On the legal side, governments or several lobbies have the power to manipulate content online, by crowding out conversations. If this is a trivial debate, then the influence of the strong part has no major impact. But if that is a pre-election debate, it can lead to indirect tampering and not-really-legitimate democratic participation.

And doing all that is not very difficult: custom police can (actually do) google people and see what comes up in the search results, scan their Facebook profiles, see who a specific person is related to and, according to that, decide to decline a visa request.

Besides governments, authors that we would not consider very “democratic” (e.g. fascist movements) are doing impressive things online in social networking sites, mashups, etc. So, Web 2.0 and cloud computing tools are double-edged swords and both serve noble and evil purposes and goals, like e.g. mapping where ethnics minorities are mashing up rich public data with map applications either to avoid or to attack them.

There is a dynamic that the Internet brings and that might makes us stop and think whether we like it or not: is a shift towards full openness a good thing? is a shift towards direct democracy a good thing too?


Ana Sofía Cardenal: can you provide more information about the survey you talked about? Batlle: the survey was made in 112 cities (more than 10,000h less Barcelona). 81% answered the survey explaining use of ICT in participation initiatives.

Ana Sofía Cardenal: why nationalist movements are more present online than liberal ones? Morozov: the short answer is that hate travels more faster than hope online. But it might be more about phobia rather than nationalism. On the other hand, the Internet has no borders and allows for birds of the same flock to cluster around online spaces rather than having to stick to their artificial national myths.

Ismael Peña-López: data havens yes or no? protection or impunity? Morozov: One the one hand, governments should not support law circumvention tools (like TOR), basically because they are massively used by criminals, or by people whose purpose is not very clear and its justification varies depends on your approach. Regarding Wikileaks, the problem is that once a hot file is out, it is difficult to block, and the more you try to block it, the more it is disseminated (the Streisand effect). Something should be done, yes, but it is not clear what.

Ronald Leenes: It is also true that governments also use tools that activists use for security reasons, so they should at least allow for these tools to develop and even be funded. Morozov: right, but you cannot be pushing for the rule of law and with the other hand allowing the proliferation of tools that are clearly used to break the rule of law. Leenes: this apply to many technologies!

Jordi Vilanova: We’re talking about social networking sites as being run by corporations, but it is likely that in the future we find SNS being ruled by foundations or non-governmental organizations. So, there still is some room for Web 2.0 applications being “safely” used by individuals. A second comment is that we are looking at non-democratic regimes but, in the meanwhile, so-called liberal democracies are trimming citizen rights with the excuse of security and so. So we should be more concerned about these hypocrite countries. Morozov: it is true that foundations can run their own SNS, but the thing is that most times is not about the tool, but about audience and critical mass, and this audience is in private corporations’ platforms, and this will be difficult to change. And regarding transparency, transparency has to come with footnotes to avoid misleads.

See also

This post originally published at ICT4D Blog as 6th Internet, Law and Politics Conference (VIII). Citizen Participation in the Cloud

Algunos enlaces más de la segunda jornada del VI Congreso IDP, organizado por la UOC. Freedom on the Net: A Global Assessment of Internet and Digital Media http://bit.ly/eyOuB New blog post: Karin Deutsch Karlekar: The State of Freedom on the Net http://bit.ly/dpNimG Las cuentas claras y el chocolate espeso Lospresus.de Yo pago la obra.com http://yopagolaobra.com/ […]

Se cierra el VI Congreso IDP, organizado por la UOC, con una mesa redonda dedicada a la participación ciudadana en la nube. Para ello han intervenido, Albert Batlle, investigador del IN3 de la UOC y Evgeny Morozov, Yahoo! fellow, Georgetown University’s E. A. El primero ha presentado las conclusiones del estudio: “Nuevas  tecnologías y la […]

“Con los pelos de punta” podría ser el mejor comentario que se adaptaría al resumen de esta mesa redonda, protagonizada por el responsable del Area de Seguridad en TIC de los Mossos d’Esquadra, Rubèn Mora, y el fiscal de la Fiscalía provincial de Granada, Francisco Hernández Guerrero. El tema: la persecución del crimen en la […]

Notes from the 6th Internet, Law and Politics Conference: Cloud Computing: Law and Politics in the Cloud, organized by the Open University of Catalonia, School of Law and Political Science, and held in Barcelona, Spain, on July 7th and 8th, 2010. More notes on this event: idp2010.

Cyber-crime prosecution
Chairs: Blanca Torrubia

Police investigation in the field of cloud computing
Rubèn Mora, head of Technologies of Information Security Department, Mossos d’Esquadra [Catalan national police].

If you cannot see the video, please visit <a href="http://ictlogy.net/?p=3413">http://ictlogy.net/?p=3413</a>

One of the problems of cybercrime in cloud computing might be that the actual regulation does not take into account especific illegal uses of the Internet. Thus, the police has always to catch up with both technology and the law.

On the other hand, in real life we are used to sue (or to complain after) someone whose actions hurt us, but when it happens online we just go and call the police: this is overwhelming for cybercrime prosecutors, as many times it is not their duty or it is not that clear that it is.

Nevertheless, it is understandable that the citizen goes to the police, as many times it is not that clear who is liable for you having been harmed. This ends up with the citizen, in general terms, being less secure in matters of who is liable. In the same way, the police is tied to geographical jurisdictions that are not always the same ones as the ones that affect the one that created the harm.

If that was already a problem in the first year of the Internet, with cloud computing it has been multiplied by orders of magnitude, as cloud computing works in three different layers (SaaS, PaaS, IaaS) that make reality much more complex. The creation of Certs has lightened bureaucracies, but their interaction is still slower than crime.

Some cloud computing cyber-crimes: password cracking (PaaS), anonymous transactions (SaaS), phishing hosting (PaaS), botnet renting (IaaS), CAPTCHA resolving (PaaS), credential credit card steal (SaaS), etc.

Francisco Hernández Guerrero, Prosecutor, Granada Prosecutor’s Office.

If you cannot see the video, please visit <a href="http://ictlogy.net/?p=3413">http://ictlogy.net/?p=3413</a>

Law has to be practical, efficient. We have very nice laws and guarantees of rights that we never apply. There usually is a trade-off between efficiency and guaranteeing the citizens’ rights: the problem is finding the desired balance.

Against cloud computing, nowadays, there is no way to be efficient: prosecutors (police, courts) have no means of being efficient. Thus, should we give up to some guarantees? Cloud computing is about dematerializing everything: and, with dematerialization, the difficulty to trace and monitor. Cloud computing shifts the claim for ownership to availability (e.g. instead of downloading music, having it available through streaming). Cloud computing is also about delocalization: hardware and software are usually not where the user is.

The division of two concepts: the difference between being connected and being communicating. Your mobile phone might be on and connected and exchanging information with other devices, but you might not be communicating — strictly speaking — with anyone. And being so easy becoming a criminal — in full consciousness or unconsciously — the solution is to monitor and put surveillance on anyone.

Main characteristics of cloud computing:

  • Economic: money aimed;
  • Highly pro;
  • Botnet: the infrastructure as system;
  • Absolutely unbalanced: the bad guys are much more than the good ones, as the good ones’ computers are corrupted by the bad ones, thus becoming part of the crime network.

We definitely have to re-define the law.

  • We need a set of measures to enable surveillance of the citizen but distinguishing connection and communication. e.g. RFID-based crime should fall onto the category of data protection, not onto the right of communications.
  • Measures (legal and technical) have to be progressive: we have to distinguish an individual uploading photos of their ex-couple in a social networking site, from a terrorist network copying credit cards.
  • We need a catalogue of cyber-crimes, especially those characterized as serious.
  • And we need independence of the support or the holder of data: we need access to all data from a person wherever they are stored.

The model should, thus, split technicalities from guarantees: the police should lead the investigations, as they have the knowledge and the means; while prosecutors and courts should follow the processes to guarantee their righteousness.


Jordi Vilanova: what is the liability of the owner of an infected device? Hernández Guerrero: Yes, in the same way that you are liable to a certain extent to do the maintenance of your car so that you don’t run over anyone, some knowledge of the power of a specific device and its maintenance (e.g. a PC and an anti-virus) should be a requisite and the owner liable for not acting according to that requisite.

Marcel Mateu: Right, we have to change the law. But how many policemen and prosecutors are able to work in the digital age? Mora: the resources of the police often depend on how the citizenry pushes their governments to fight this or that type of crime. If the priority is e.g. gender violence, then cyber-crime is less funded. Hernández: in general terms, agreed that cyber-crimes are not in the political agenda. Surely much of the “cyber-” is just crime done by electronic means, but maybe the politician needs an “e-Pearl Harbor” to realize that the world has changed.

Blanca Torrubia: what is the profile of the cyber-criminal? and what should be required to fight cyber-crime? Mora: the cyber-criminal is increasingly younger as years go by, astonishingly young. And the best way to fight cyber-crime is information and training. There is evidence that cyber-crime over minors drastically decreases if they are being informed and trained on the hazards of specific behaviours on the net.

See also

This post originally published at ICT4D Blog as 6th Internet, Law and Politics Conference (VII). Cyber-crime prosecution

Entramos en la segunda sesión del Congreso IDP, con la mesa redonda dedicada a cómo las administraciones públicas se están metiendo en la nube. En ella ha participado Nagore de los Ríos, directora del Gobierno Abierto y Comunicación en Internet del gobierno vasco; y Miquel Estapé, sudirector del Consorcio Administració Oberta Electrònica de Catalunya. El […]

Notes from the 6th Internet, Law and Politics Conference: Cloud Computing: Law and Politics in the Cloud, organized by the Open University of Catalonia, School of Law and Political Science, and held in Barcelona, Spain, on July 7th and 8th, 2010. More notes on this event: idp2010.

From Electronic Administration to Cloud Administration
Chairs: Agustí Cerrillo

Open Government in the Basque Government
Nagore de los Ríos, Director of Open Government and Internet Communication, Basque government.

If you cannot see the video, please visit <a href="http://ictlogy.net/?p=3412">http://ictlogy.net/?p=3412</a>

Open data as transparency in the purest state. Examples:

Irekia is the open government project of the Basque Government to provide public data in a very accessible way, easy to reuse. Open Cloud Government is more a philosophy than a technology, it is another way to manage public affairs, to decide taking into account the citizens’ opinion. Irekia is not a services website, it is not an e-Administration website. Irekia is a website to listen to the citizen, to offer immediate information in search for debate and reflection.

Data are linked from the original source.

Transparency, participation, collaboration.

What does Irekia offer the citizen:

  • Tools for collaborative work.
  • Streaming of events.
  • Informations in real time.
  • Daily agenda
  • Audiovisual and multimedia material.
  • Tools to comment and share information.

This kind of initiatives are based on leadership and government commitment. Otherwise, they are neither possible nor sustainable. Besides political support and commitment, open government also requires a radical organizational change and, over all, a change in attitudes. It is in the daily tasks that open government succeeds or fails.

What does Irekia offer the members of the public administration:

  • On demand audiovisual material.
  • Internal agenda per department.
  • Possibility to diffuse events.
  • Active Internet monitoring (escucha activa, what is being said about you on the Net).
  • Consultancy 2.0.
  • Comment moderation.
  • Complete, tag and disseminate on the Web information published by the departments.

One of the goals of open government is not to have a lot of traffic, or a lot of sympathisers of the website, but to be a hub and distribute interests to their goals. e.g. what open government pretends is not creating online communities of patients, but that they are able to do it by themselves.

One of the problems, notwithstanding, of “all being open” is that anyone can create their own participation platform (government and citizens) and it is becoming increasingly difficult to know who’s “legitimate” to promote a certain activity; it is also becoming increasingly difficult to find out where to participate, or what for; there’s a big replication of projects that reinvent the wheel on and on, etc.

Open Electronic Administration in Catalonia
Miquel Estapé, Assistant Manager of Catalonia’s Open Administration Consortium.

If you cannot see the video, please visit <a href="http://ictlogy.net/?p=3412">http://ictlogy.net/?p=3412</a>

Open Administration Consortium: built upon the principles of collaboration, ICTs and change. Why collaboration?

  • Interoperability: not about technology, but about the citizen and the interaction between public administrations.

  • Reutilization: Avoid reinventing the wheel.
  • Security. Digital identity, electronic signature, long-lasting validation.
If you cannot see the video, please visit <a href="http://ictlogy.net/?p=3412">http://ictlogy.net/?p=3412</a>

Cloud computing is not a new technology, but a new way to provide services. But, in the public service, this means some struggles:

  • 82% of cities and towns are below 5,000 inhabitants which means they have no resources for an IT director. Same happens with organizational management.
  • Actually, in general city councils have increasing obligations and decreasing revenues/resources.
  • The management of (electronic) services is complex: more services, specific regulation, security, 24×7 availability, scalability, etc.
  • Reluctance to change.

The Open Administration Consortium works with district and province councils — as they are the more knowledgeable on the reality of city councils — and Localret, a consortium of municipalities to develop ICT strategies. The Open Administration Consortium provides, thus, different services to the different municipalities according to their needs, nature and resources. Among others, main services include public procurement, online invoicing, inter-administrative procedures, citizen documents, etc.

Reluctances are the usual about privacy, data security, liability of data management, fear of change, fear of cyberwar, etc.

I look forward a municipality that will have no physical space, no web servers, no… but a virtual desktop where all data, applications and services will be hosted. This will be especially useful for the secretary of several tiny towns (small towns usually share a single public officer) that will be able to manage three or four of them from just a virtual desktop and teleworking from home.

See also

This post originally published at ICT4D Blog as 6th Internet, Law and Politics Conference (VI). From Electronic Administration to Cloud Administration

Se ha estrenado esta segunda jornada del VI Congreso Internet, Derecho y Política, organizado por la UOC, con la intervención de Karin Deutsch Karlekar, investigadora de la organización independiente Freedom House, que lleva décadas defendiendo las libertades cívicas en todo el mundo. Karin Deutsch, responsable del informe ‘Freedom of the Press’, ha comentado que con […]

Se ha estrenado esta segunda jornada del VI Congreso Internet, Derecho y Política, organizado por la UOC, con la intervención de Karin Deutsch Karlekar, investigadora de la organización independiente Freedom House, que lleva décadas defendiendo las libertades cívicas en todo el mundo. Karin Deutsch, responsable del informe ‘Freedom of the Press’, ha comentado que con […]

Notes from the 6th Internet, Law and Politics Conference: Cloud Computing: Law and Politics in the Cloud, organized by the Open University of Catalonia, School of Law and Political Science, and held in Barcelona, Spain, on July 7th and 8th, 2010. More notes on this event: idp2010.

The State of Freedom on the Net
Karin Deutsch Karlekar, Freedom House

If you cannot see the video, please visit <a href="http://ictlogy.net/?p=3411">http://ictlogy.net/?p=3411</a>

Freedom on the Net (FOTN) report analyses how are rights respected on the Internet, especially right of communications, privacy, etc. Questions asked:

  • Internet and new media dominating flow of news and information
  • What techniques do governments use to control and censor online content
  • What are the main threats
  • What are the positive trends

The methodology examines the level of internet and ICT freedom through a set of 19 questions and 90 subquestions, organized into three baskets:
* Obstacles to Access—including governmental efforts to block specific applications or technologies; infrastructural and economic barriers to access; and legal and ownership control over internet and mobile phone access providers.
* Limits on Content—including filtering and blocking of websites; other forms of censorship and self-censorship; manipulation of content; the diversity of online news media; and usage of digital media for social and political activism.
* Violations of User Rights—including legal protections and restrictions on online activity; surveillance and other privacy violations; and repercussions for online activity, such as prosecution, imprisonment, physical attacks, and other forms of harassment.

Negative trends

11 of the 15 countries censored content; 7 of the 15 countries blocked web 2.0 applications; there are also restrictions on infrastructures (speed restriction or broadband restriction, total access restriction, etc.)

In low-income countries, there are infrastructure and economic constrains, but, in general, economic issues are barriers that are overcome in low-income countries when a benefit can be made from ICTs.

Censorship is not always related to political or social content. We find significant lack of transparency in censorship procedures, including in some democracies. There is a wide range of techniques for blocking and/or removing content.

A nice example in images:

Censorship is being outsourced in some countries, the government hiring companies to run censorship or surveillance procedures themselves.

In many cases, it is ‘offline’ regulation, or general regulation the one that has an impact in online activity, like general media legislation against online activities, etc. This is leadind, in some cases, to “libel tourism”, where people have they web servers e.g. in the UK to put legal responsibility for posting or hosting content in a more democratic jurisdiction.

Of course, we find too extra-elgal repercussions, with detentions, intimidation, torture and extra-legal harassment and violence in general against “dissidents”. This also includes DDoS attacks, hacking, etc.

Positive trends

In general, there is more Internet freedom than press freedom, though the gap might be narrowing.

“Sneakernets” to avoid being monitored or scanned when being an activist on the Internet. Bloggers, though sometimes pushed-back because of threats, are increasingly creative in their usage of the Internet to have their voices heard.

Future trends:

  • more access to the Internet because of the mobile web and smartphones;
  • globalization and spread of Internet will not necessarily lead to greater freedom;
  • web 2.0 leading to Authoritarianism 2.0
  • foresight and creativity needed from more open countries to establish policies to protect free expression on new tecnologies.


Albert Batlle: how is it that the UK scores worse in Freedom on the Net than Freedom of the Press. A: It might be because of “libel tourism”. Maybe because of that, maybe because of other issues, the reality is that it is easier in the UK to close a website than a newspaper, etc. All in all, it all highlights that though related, these are freedoms that can be taken independently.

Jordi Vilanova: what about the US and other western countries? A: Summing up, surveillance and even censorship are much more paramount that what would look like at first sight.

Mònica Vilasau: how do we tell censorship from e.g. fighting against copyright violation? A: It is always difficult to tell. It is nevertheless true that any kind of legal activity against online activity (legitimate or not) has chilling effects in the whole ecosystem.

Ismael Peña-López: the Wikileaks affair seems to have found a solution in a data haven in Iceland. Are data havens the solution to censorship? Will data havens allow people to act illegally under the flag of freedom? A: The problem with data havens, as with other barrier circumvention tools like TOR, is that they can be used both in good and evil ways. Nevertheless, it seems like, as now, there are more good uses than illegal ones, and way more need to enable transparency and to help democracy advocates rather than focus on prosecuting some illegal activities.

See also

This post originally published at ICT4D Blog as 6th Internet, Law and Politics Conference (V). Karin Deutsch Karlekar: The State of Freedom on the Net