Thursday, May 29, 2008

Computers, Freedom, and Privacy 2008

For the past eighteen years, the Computers, Freedom, and Privacy conference has considered what it means to live in the digital age in a society that values liberty and privacy. This year, the conference was held near Yale University in New Haven, Connecticut.

My trip began well enough, showing some promise that would go along with living in a well-connected world. While I waited to board my flight from Columbus to Philadelphia—everything to and from New Haven apparently goes through Philadelphia—I was able to get on the Port Columbus WiFi. Unlike at some places, Port Columbus systems seem to work properly. I sat next to a lady who asked me if I could make the font on my MacBook larger so that she'd be able to read what I'm writing more easily. I complied, advising her that if she did in fact read what I was writing, she might find that she's unable to sleep at night. I was responding to a note that someone sent me in response to an article that I wrote several years ago about how a third-party marketing metrics service affects the privacy of site visitors. I didn't much have the heart to tell her the topic of the conference I was off to attend. In any case, the situation seemed to reinforce the idea that this technology around us will take some time to figure out how to handle comfortably.

A more apropos realization could hardly be choreographed for me; ultimately that was the topic of the conference I was off to attend. A few of the sessions that I found particularly interesting included Mike Godwin's presentation on “Constitutional Law in Cyberspace,” wherein he showed the legal history of some of the most commonly-invoked provisions of the U.S. Constitution in the protection of critical rights online. Other stimulating sessions included the panel discussions on spyware policy, The Transparent Society: Ten Years Later, and Towards Trustworthy e-Voting: An Open Source Approach.

I managed to get the last question in the trustworthy voting session, two minutes after the session was supposed to end. I challenged the assertion that open source software was sufficient for providing trustworthy systems. Aside from the obvious issues that arise with the need to rely on hardware—also open source?—there is good historical reason to question what the system is doing even if you have the code. At the end of the day, when dealing with trustworthy systems, the question is going to be the same as it always is: Whom do you trust?

As usual, some of my most memorable conversations happened spontaneously. After my reference to Ken Thompson's Reflections on Trusting Trust, I was pulled aside by someone who appreciated the backreference, lamenting the fact that there are far too many people who subscribe to the notion that open source means better security in practice. Of course, given the recent Debian Linux security fiasco, there weren't too many people willing to make this argument quite as adamantly as they might have a few weeks earlier.

If any one clear issue emerged from the sessions that I attended, it's that these kinds of issues aren't going away anytime soon. It's going to take us quite some time to figure out how to get this digital technology right, and doing the right things for us, rather than the wrong things to us.



Post a Comment

Subscribe to Post Comments [Atom]

<< Home