Post on 26-Mar-2015
Copyright2010
1
Roger Clarke, Xamax Consultancy, Canberra Visiting Professor in Computer Science, ANU
and in Cyberspace Law & Policy, UNSWChair, Australian Privacy Foundation, 2006-10
Member, Advisory Board, Privacy International, 2000-
Human Choice & ComputersBrisbane, 21 September 2010
http://www.rogerclarke.com/DV/CSSD {.html, .ppt}
Civil Society Must Publish
Standards Documents
Copyright2010
2
Civil Society Standards Documents
Agenda• Standards Documents• The Politics of
Standards• Exemplars
• CCTV• PPS• eMarketing
• Benefits• Prospects
Copyright2010
3
Origins of Standards Documents
• International Telecommunications Union (ITU, since 1865)
• Institute of Electrical and Electronics Engineers (IEEE, since 1884/1912/1963)
Engineering Professions, esp. Construction
Copyright2010
4
Origins of Standards Documents
• International Telecommunications Union (ITU, since 1865)
• Institute of Electrical and Electronics Engineers (IEEE, since 1884/1912/1963)
• British Standards Institution (BSI, since 1901)
• American National Standards Institute (ANSI, since 1916)
• Deutsche Industrielle Normen(DIN, since 1917)
• Standards Australia (SA, since 1922)
Engineering Professions, esp. Construction
Copyright2010
5
Origins of Standards Documents
• International Telecommunications Union (ITU, since 1865)
• Institute of Electrical and Electronics Engineers (IEEE, since 1884/1912/1963)
• International Organization for Standardization (ISO, since 1947)
• Internet Engineering Task Force (IETF, since 1986/1992)
• British Standards Institution (BSI, since 1901)
• American National Standards Institute (ANSI, since 1916)
• Deutsche Industrielle Normen(DIN, since 1917)
• Standards Australia (SA, since 1922)
Engineering Professions, esp. Construction
Copyright2010
6
From Technical StandardsTo Process Standards / Management
Standards• ISO 9000 Quality (Assurance) Family, since
1987 BSI ==>>
ISO• ISO 31000 Risk Assessment and
Management• ISO/IEC 27000 Information Security Family• ISO 10002 Complaints Handling
SA ==>> ISO
Copyright2010
7
From Technical StandardsTo Process Standards / Management
Standards• ISO 9000 Quality (Assurance) Family, since 1987
BSI ==>> ISO• ISO 31000 Risk Assessment and Management• ISO/IEC 27000 Information Security Family• ISO 10002 Complaints Handling
SA ==>> ISO
• Strong Emphasis on Process Audit
Copyright2010
8
From Technical StandardsTo Process Standards / Management
Standards• ISO 9000 Quality (Assurance) Family, since
1987 BSI ==>> ISO
• ISO 31000 Risk Assessment and Management• ISO/IEC 27000 Information Security Family• ISO 10002 Complaints Handling
SA ==>> ISO
• Strong Emphasis on Process Audit• Very Limited Output / Outcomes Audit
Copyright2010
9
The Politics of Standards• Institutionalisation and Scale• Influence = ƒ( Meritocracy /
Technocracy )• From Volunteer Professionals
To Corporations, Government Agencies, Industry Associations
Copyright2010
10
The Politics of Standards• Institutionalisation and Scale• Influence = ƒ( Meritocracy /
Technocracy )• From Volunteer Professionals
To Corporations, Government Agencies, Industry Associations
• Consumers / Citizens / Reps / Advocates ?• Influence from muted to nil, due to:
• Dominance of Meritocracy/Technocracy• Dominance of Corporate Power• Limited Resources for Analysis, Travel
Copyright2010
11
The Form of Process Standards
Aspirational• Loose principles
Diffuse declarationsMotherhead statements
• The organisation is to set targets for the speed of response to complaints
Copyright2010
12
The Form of Process Standards
Aspirational• Loose principles
Diffuse declarationsMotherhead statements
• The organisation is to set targets for the speed of response to complaints
Constructive and Specific• Action-oriented• Precise
• Acknowledge complaint within 30 minutes of receipt
• Respond substantively within 2 working days
• Respond fully within 2 days / 1 week / 3 weeks, depending on complexity
Copyright2010
13Exemplar – CCTV
http://www.privacy.org.au/Papers/CCTV-1001.html
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
Copyright2010
14
APF Policy Statement re CCTVKey Features
• Declaration of Scope
• Declaration of Principles
• Select Bibliography• Guidelines• Evaluations• Resources
Copyright2010
15
APF Policy Statement re CCTVKey Features
• Declaration of Scope
• Declaration of Principles
• Select Bibliography• Guidelines• Evaluations• Resources
1. Justification 2. Proportionality 3. Openness 4. Access Security 5. Controlled Use 6. Controlled Disclosure 7. Controlled Publication 8. Cyclical Destruction 9. Review10. Withdrawal
Copyright2010
16
Principle 1. Justification• Because visual surveillance is highly privacy-invasive,
a Privacy Impact Assessment (PIA) must be conducted before a scheme is commenced or significantly changed
• A PIA involves publication of a clear explanation, demonstrating that it is expected on reasonable grounds to have positive benefits sufficient to justify its intrusiveness, followed by public consultation
• The explanation must be based on evidence and systemic reasoning, and not merely rely on assertions
• The justification must make clear what less privacy-invasive alternatives have been considered, and why they are inadequate
Copyright2010
17
Exemplar – Privacy Policy Statements
http://www.rogerclarke.com/DV/PST.html
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
Copyright2010
18
Some Sites That Use the Template
• Association for Information Systems – http://www.aisnet.org• Deacro Industries Ltd. – http://www.deacro.com• Delta Research Digital Productions – http://www.delta-viz.com• Ghost Tours Pty Ltd – http://bookings.ghost-tours.com.au• K1P1 Knitting Yarns – http://www.k1p1.com.au• Kara Nursery – http://karacactus.com• Orange Space [subject to a Malware Warning ...]• Serverus – http://www.severus.com.au• Tactile Books – http://tactilebookspublishing.com.au• Time Merchants Emporium – http://www.timemerchants.com.au• World Hospitality Partners – http://www.worldhospitalityllc.com• Zap Technology – http://www.zaptechnology.com
Copyright2010
19
Some Sites That Use the Template
• Association for Information Systems – http://www.aisnet.org• Deacro Industries Ltd. – http://www.deacro.com• Delta Research Digital Productions – http://www.delta-viz.com• Ghost Tours Pty Ltd – http://bookings.ghost-tours.com.au• K1P1 Knitting Yarns – http://www.k1p1.com.au• Kara Nursery – http://karacactus.com• Orange Space [subject to a Malware Warning ...]• Serverus – http://www.severus.com.au• Tactile Books – http://tactilebookspublishing.com.au• Time Merchants Emporium – http://www.timemerchants.com.au• World Hospitality Partners – http://www.worldhospitalityllc.com• Zap Technology – http://www.zaptechnology.com
300-400 live-person hits per month
Copyright2010
20
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
Copyright2010
21
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
Copyright2010
22
Exemplar – eMarketing
• Information• Terms of
Contract• Security• Choice• Consent• Recourse• Redress
http://www.rogerclarke.com/EC/Collecter08.html#AppA
A Normative Template for Marketer-Prosumer Communications
Copyright2010
23
QuickTime™ and a
TIFF (LZW) decompressorare needed to see this picture.
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
Copyright2010
24
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
Copyright2010
25
Exemplar – Australian Privacy Charter
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
http://www.privacy.org.au/apcc/
Copyright2010
26
Civil Society Standards DocumentsBenefits
• An alternative voice to the documents that are published by and for industry, and by and for governments
• A counter-balance tothe power of industry and governments
• An antidote to civil society's exclusion / weak voice in industry standards processes
Copyright2010
27
Civil Society Standards DocumentsBenefits
• An alternative voice to the documents that are published by and for industry, and by and for governments
• A counter-balance tothe power of industry and governments
• An antidote to civil society's exclusion / weak voice in industry standards processes
• Public Expectations:• Articulated• Communicated• Available in Advance
• Benchmarks:• Established• Applied by Civil Society• Applied by Others
Copyright2010
28
Civil Society Standards DocumentsBenefits
• An alternative voice to the documents that are published by and for industry, and by and for governments
• A counter-balance tothe power of industry and governments
• An antidote to civil society's exclusion / weak voice in industry standards processes
• Public Expectations:• Articulated• Communicated• Available in Advance
• Benchmarks:• Established• Applied by Civil Society• Applied by Others
• Protection of the public from badly conceived projects
• Assurance for investments both public and private
Copyright2010
29
Prospects for Civil Society Standards
National NGOs==>> International NGOs
==>> National Standards Orgs
==>> Int’l Standards Orgs
Copyright2010
30
Prospects for Civil Society Standards
National NGOs==>> International NGOs
==>> National Standards Orgs
==>> Int’l Standards Orgs
Choice ==>> SA ==>> FCO, CI ==>> ISO
Copyright2010
31
Prospects for Civil Society Standards
National NGOs==>> International NGOs
==>> National Standards Orgs
==>> Int’l Standards Orgs
Choice ==>> SA ==>> FCO, CI ==>> ISO
APF ==>> SA ==>> PI ==>> ISO
Copyright2010
32
Prospects for Civil Society Standards
National NGOs
==>> International NGOs
==>> National Standards Orgs
==>> Int’l Standards Orgs
Choice ==>> SA
==>> FCO, CI ==>> ISO
APF ==>> SA
==>> PI ==>> ISO
ISOC-AU >> ISOC ==>> IETF
Copyright2010
33
Civil Society Standards Documents
Agenda• Standards Documents• The Politics of
Standards• Exemplars
• CCTV• PPS• eMarketing
• Benefits• Prospects
Copyright2010
34
Roger Clarke, Xamax Consultancy, Canberra Visiting Professor in Computer Science, ANU
and in Cyberspace Law & Policy, UNSWChair, Australian Privacy Foundation, 2006-10
Member, Advisory Board, Privacy International, 2000-
Human Choice & ComputersBrisbane, 21 September 2010
http://www.rogerclarke.com/DV/CSSD {.html, .ppt}
Civil Society Must Publish
Standards Documents