IETF Logo Mail Archive

Re: [hrpc] Human Rights Research Group Call on draft-irtf-hrpc-research-07

Niels ten Oever <niels@article19.org> Tue, 10 January 2017 10:22 UTC

Return-Path: <niels@article19.org>
X-Original-To: hrpc@ietfa.amsl.com
Delivered-To: hrpc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0471A129BA9 for <hrpc@ietfa.amsl.com>; Tue, 10 Jan 2017 02:22:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6ypUpA1OLE8c for <hrpc@ietfa.amsl.com>; Tue, 10 Jan 2017 02:22:22 -0800 (PST)
Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 637B4129BA5 for <hrpc@irtf.org>; Tue, 10 Jan 2017 02:22:21 -0800 (PST)
Received: from smtp.greenhost.nl ([213.108.104.138]) by smarthost1.greenhost.nl with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <niels@article19.org>) id 1cQtZL-0005CF-CF for hrpc@irtf.org; Tue, 10 Jan 2017 11:22:19 +0100
To: hrpc@irtf.org
References: <1ee78d09-fd33-1851-6786-5645f4833671@acm.org> <9c1dc523-7f1f-db40-efdf-5e08ccdd630d@kit.edu>
From: Niels ten Oever <niels@article19.org>
Message-ID: <1bc65daf-42ec-4836-61d4-a5fa0ece0062@article19.org>
Date: Tue, 10 Jan 2017 11:22:17 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Icedove/45.5.1
MIME-Version: 1.0
In-Reply-To: <9c1dc523-7f1f-db40-efdf-5e08ccdd630d@kit.edu>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="u4PCh2hGmBfQiGF2PpKEGCKEEbRhAHpQa"
X-Virus-Scanned: by clamav at smarthost1.samage.net
X-Scan-Signature: 1cc067c3b15672d9939cf417dd12a4d6
Archived-At: <https://mailarchive.ietf.org/arch/msg/hrpc/YVgU3FeRi7u_psUhEZ2OomcFpEs>
Subject: Re: [hrpc] Human Rights Research Group Call on draft-irtf-hrpc-research-07
X-BeenThere: hrpc@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "niels@article19.org" <hrpc.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hrpc>, <mailto:hrpc-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hrpc/>
List-Post: <mailto:hrpc@irtf.org>
List-Help: <mailto:hrpc-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hrpc>, <mailto:hrpc-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jan 2017 10:22:25 -0000

Hi Roland,

Thanks for this. Reply inline:

Niels ten Oever
Head of Digital

Article 19
www.article19.org

PGP fingerprint    2458 0B70 5C4A FD8A 9488
                   643A 0ED8 3F3A 468A C8B3

On 01/10/2017 01:35 AM, Roland Bless wrote:
> Hi Avri and all,
> 
> On 04.12.2016 at 20:54 avri doria wrote:
>> Please send all comment to the HRPC email list: hrpc@irtf.org.  I do
>> hope that some good discussions occur on this list where the
>> resolution to any issues may be forged. Discussion has been shown to
>> improve this draft.
> 
> Unfortunately, I didn't manage the full review write-up after returning
> from holidays today. Nevertheless, I have some general comments and try
> to provide more detailed comments later today.
> 
> Overall, I think the draft is good to raise awareness for
> the issue that sometimes technical decisions may impact human rights.
> However, it falls a bit short on the problem that even human rights
> get in conflict with each other and that conflict resolution is
> hard to decide on,

This section aims to address that:

   Human rights can be in conflict with each other, such as the right to
   freedom of expression and the right to privacy.  In such as case the
   different affected rights need to be balanced.  In order to do this
   it is crucial that the rights impacts are clearly documented in order
   to mitigate the potential harm in a proportional way.  Making that
   process tangible and practical for protocol developers is what this
   research aims to ultimately contribute to.  Technology can never be
   fully equated with a human right.  Whereas a specific technology
   might be strong enabler of a specific human right, it might have an
   adverse impact on another human right.  In this case decisions on
   design and deployment need to take this into account.

You think this is inadequeate? If so, would you have text suggestions?



 or is maybe not possible or desirable to built
> into a technical system (because it's too rigid then).

This sections aims to address this:

ur position is that hard-coding human rights into
   protocols is complicated and changes with the context.  At this point
   is difficult to say whether hard-coding human rights into protocols
   is wise or feasible.  It is however important to make conscious and
   explicit design decisions that take into account the human rights
   protocol considerations guidelines developed above.  This will ensure
   that the impact protocols can have on human rights is clear and
   explicit, both for developers and for users.  In addition, it ensures
   that the impact of specific protocol on human rights is carefully
   considered and that concrete design decisions are documented in the
   protocol.

You think this is inadequeate? If so, would you have text suggestions?

> For example, considering anonymity and authenticity at the same time is
> not easy (cf. the APIP design
> http://dl.acm.org/citation.cfm?id=2626306). Sometimes it may be better
> to refrain from
> embedding technical solutions (i.e., specification and
> operationalization) and think of institutionalization, i.e.,
> considering solutions based on policy/governance or choice and markets.
> Technical support for such solutions can sometimes be beneficial (e.g.,
> providing transparency solutions). More details here:
> http://dl.acm.org/citation.cfm?doid=2935634.2935640
> or slides for the impatient:
> http://conferences.sigcomm.org/sigcomm/2016/files/program/sigcomm/SessionCCR-Paper02-Values-Carsten-Slides.pdf
> 

Do you think this is a sufficient representation of your positions?

   Bless and Orwat [Bless] represent a fourth position.  They argue that
   it is too early to make any definitive claims, but that there is a
   need for more careful analysis of the impact of protocol design
   choices on human rights.  They also argue that it is important to
   search for solutions that 'create awareness in the technical
   community about impact of design choices on social values.  And work
   towards a methodology for co-design of technical and institutional
   systems.'

I'd me more than happy to have a bit more elaborate description.


> There are some inaccuracies with the vocabulary section and I have
> several comments for section 4. I'll come back to that later in more detail.
> 

Looking forward!

Thanks,

Niels

> Best regards,
>  Roland
> 
> _______________________________________________
> hrpc mailing list
> hrpc@irtf.org
> https://www.irtf.org/mailman/listinfo/hrpc
>

v2.23.0 | Report a Bug | By Email