Summit agenda brainstorming for digital security practitioners

From DevSummit
Revision as of 00:38, 30 November 2017 by Evelyn (talk | contribs) (Created page with "# Security and privacy sessions for the rest of the week Themes: * Accidental trainers * Curriculum for journalists * Different levels of need and ability to execute * Incre...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
  1. Security and privacy sessions for the rest of the week

Themes:

  • Accidental trainers
  • Curriculum for journalists
  • Different levels of need and ability to execute
  • Increasing the capacity and number of digital security trainers
  • Developing internal organizational policies and practices
  • Tensions btwn security/privacy and efficient flows of information
  • How to reach hard-to-reach populations (e.g. homeless people)
  • Mydata.org seeks to empower individuals around their data
  • Organizational need for data about participants balanced with risks of that data
  • The emotional side: how do we help people grapple with the impact of this while also being real with them about what is at stake?


Sessions:

  • Cambridge Analytica/future of privacy and security--Lydia; Thurs or Friday (bc prep is needed)
  • Activist surveillance and safety, aka awesome countersurveillance setup, aka Dave's dystopian hellscape--Marty and Dave
  • Resource roundup and maintaining and managing resources (there was a session on this last year so notes should be consulted); note that EFF is releasing a guide at sec.eff.org. (Amanda and Martin)
  • Personal privacy, teaching it, supporting it (Marty) <--OPTIONAL
  • Being responsible with the data you collect (respecting privacy and security of your participants)
  • Organizational security models and practices (Jack and Lisa)
  • FOLLOWING ON THE ONE DIRECTLY ABOVE: Making more trainers--accidental security experts, what do they need and how to get it to them, building a community of practice (Jack and Amanda)
  • Self-sovereign identity--identity validation and security (refugees, healthcare, people w/o documents)--Lydia and a co-lead with experience in the topic

Misc:

  • There is a resource roundup on the web as a git repo that takes pull requests. (Get from Amanda.)
  • Breaking down the phases of organizational security--what is the long term arc and what are the roles that need to be filled?
  • Paralysis generated by fear.
  • What is the digital security moment now? Where the momentum going (funding, organizational energy, etc)?
  • One resource is the Responsible Data Forum