Australian Internet Governance Forum 2016

The Australian Internet Governance Forum – #auigf – was held at the Park Hyatt, Melbourne, October 11th-12th, 2016. This was the first time I’d had an opportunity to attend the #auigf, and I wasn’t sure what to expect. Internet users are a diverse cohort – and auDA – regulator for the .au namespace, and the body which auspices #auigf classifies members into supply class – those providing internet services – and demand class – those consuming services.

My first impression was one of surprise. The #auigf theme for the forum was ‘a focus on a competitive digital future for Australia’  – and given the significant influence that digital technology, policy and communities will play in an era of digital disruption, I couldn’t help but wonder why more key players weren’t passionate about driving the future of the internet in Australia.

 

Stuart Benjamin, Chairman of auDA

The regulator has been the subject of criticism in recent years, particularly around its engagement and consultation practices, and long-serving CEO Chris Disspain left the organisation in March, being replaced by former Liberal state parliamentarian, Cameron Boardman. This #auigf was therefore a symbolic opportunity for Boardman to signal to stakeholders the organisation’s new focus.  auDA chairman Stuart Benjamin in his opening address tackled this head on, outlining a renewed focus on stakeholder engagement, particularly in the area of building international partnerships, and relatedly, cybersecurity. He framed this strategic shift as auDA ‘growing up’ – moving from adolescence into maturity. In particular he flagged a shift from reactive approaches to domain administration, to more proactive approaches, underpinned by stronger relationships, renewed processes and systems and more innovative thinking. Linking board performance as critical to the success of the organisation, he introduced new Board Directors, Michaella Richards and Dr Leonie Walsh. Continuing the theme of advancing women in the organisation, Benjamin congratulated lawyer Rachael Falk on her appointment as Director of Technology, Security and Strategy, a newly created role tasked with catalysing auDA’s new directions. Acknowleding that auDA needs to win back the trust of the community it serves, Benjamin emphasised higher expectations of auDA – both externally from stakeholders and driven internally by the organisation itself, announcing he will be “seeking a lot more”.

Prof Paul Cornish, former Professor of International Security at Chatham House and independent consultant and author

Prof Cornish outlined how auDA is heading towards a more international posture and developing a number of partnerships. His main argument was that the future of the internet – and the digital economy – needs to be secured. Cybersecurity needs to evolve as the internet does, using a capability maturity model.

Cybersecurity Plenary – Chaired by Rachael Falk, with Alistair MacGibbon, Laura Bell, Prof Chris Leckie, Simon Raik-Allen, Craig McDonald

Rachael Falk opened by drawing attention to the National Cyber Security Strategy, urging attendees to become familiar with it. The discussion quickly turned to why there wasn’t more focus on cyber security, and Prof Cornish had a very incisive response – “interest follows money”. Money is starting to flow to cyber security, and interest will follow. Prof Leckie outlined challenges getting cyber security research from the lab into mainstream commercialisation. Researchers are challenged by the rate of change – for example, hypothetical attacks are quickly becoming reality. Academia is also confronted by getting business and industry to recognise the threat that cyber security presents. The other challenge is getting boards to recognise that cyber security is many different problems – which need many solutions. This is overwhelming for small businesses who “just want it to work”.

One of the best insights on the plenary came from Laura Bell – @lady_nerd on Twitter – who recounted the example of big corporations acquiring smaller firms – who may have a very different security posture, thus putting the larger corporation at risk.

The plenary used the term “happy clickers” to denote people who click on phishing emails without critically assessing their validity. This was the first time I’d heard that term, but it captures the psychological state accurately. Interesting, there was discussion around how people who are disengaged in their roles being more likely to be ‘happy clickers’ – because the phishing email represents a welcome distraction – another reason to ensure positive employee engagement.

Another very interesting discussion thread in this plenary was the paradox of cyberware – people personal information freely with services like Google and Facebook, but resent government intrusion as seen recently with the census. This may come down to the compulsion element – it’s about giving information freely versus being compelled to disclose. There’s an element here for government design of online services – another job for the DTO! – around information design. Imagine a census that was voluntary rather than mandatory, but got people to participate because of the social good involved. I think it would be a much more positive process.

This led into a discussion around corporate use of data – and whether consumers understand the value of their own data – essentially we’re trading our data for ‘free products’. For many online services we have to consent to data disclosure to get access to the service, but in the background there’s data matching going on – there’s a ‘creep factor’. The link was drawn from ‘creep factor’ behaviour to band value – trust and transparency are linked to the public’s view of the brand.

Key takeaway: The pub test for data use – “is it creepy?” If so, don’t do it.

This plenary also covered the practice of ‘hacking back‘ – where individuals or businesses use information security counter-measures to retaliate. The consensus in the room is that this is a poor response, largely because identifying the aggressor is so difficult. The group also highlighted that Australia has an offensive cyber capability – again linking cyber security to an international, nation-state based context. The lack of a standard response protocol for dealing with hacking incidents was also covered – many businesses are afraid of disclosing and are reluctant to do so, but having a standard response protocol would allow businesses to respond in a mature way.

In summary, cyber security is hard – there’s lots of layers and issues to consider, there’s a lack of general awareness in business and industry, the field is rapidly changing and no defined response protocols for business to use.

Women in STEM Plenary – Dr Rowan Brookes, Renee Noble, Dr Catherine Lang, Dr Leonie Walsh, Luan Heimlich

Dr Brookes introduced the plenary with an apology for not being able to include more women of colour and from the LBGQTI spectrum, particularly on Ada Lovelace Day. The key themes of needing to address systemic issues and create a pipeline for women in STEM were prevalent throughout the conversation.

What struck me first up with this plenary was the range of initiatives, groups and organisations that are working to further women in STEM, and I wondered whether this fragmentation is actually a disservice – so many voices have less volume.

Key takeaway: Are there too many women in STEM groups that are too fragmented? Do we need an Australia ecosystem map of women / females in STEM / ICT

Luan Heimlich opened the plenary by asking the audience who young girls look up to; met with responses of pop stars, sports celebrities and models. Not a science or technology role model in sight! She followed up by questioning whether these role models are going to solve the problems of tomorrow – digital disruption, climate change and public health, and let the audience ponder on the gap.

Dr Leonie Walsh covered efforts to help encourage early to mid career researchers to further their careers, noting that it’s difficult for women to step out of their careers to have a family – as this often puts them several years behind. She also noted that employers are looking for candidates with more well rounded skills, and her program provides exposure to work environments. Dr Catherine Lang highlighted the influence of pre-service teachers in promoting STEM. Another key thread in this discussion was that professions are socially constructed, and that this can be changed – but it’s an uphill battle because ICT careers are not even on the radar as a career choice for young women.

While programs are having localised success, there are still major gaps at a systemic level, and better consistency and co-ordination is required at a national level.

Behavioural insights panel – Kirstan Corban, Dr Alex Gyani, Christian Stenta, Helen Sharpley

This panel was a series of vignettes centred around how behavioural insights had led to social change. The standout piece was by Alex Gyani, who ran the audience through examples of where minor changes had a major impact – using a framework of

  • Easy – interventions should be easy for people, but this is hard to do
  • Attractive – the intervention has to be attractive for people
  • Timely – try something, see if it works – don’t be caught in analysis paralysis
  • Social – social norms are a powerful influencer for change

A key concept from Gyani’s talk was the concept of cognitive budget – we have so many choices to make every day we need to think critically about choice architecture.

The other three speakers, from health and government, highlighted case studies that showcased design thinking, co-design, and approaches to difficult problems.

Key takeaway – minor changes can make a big impact

Internet of Things Plenary – Pablo Hinojosa, Matthew Pryor, Phil Goebel, Lorraine Tighy, Dr Kate Auty

Hinojosa opened proceedings by outlining how the internet has reached 3.5 billion users – half of this volume in Asia – and there are double the number of internet connected devices than people. We’re on the cusp of a revolution.

Matthew Pryor outlined the use of IOT in agriculture and agribusiness, and emphasised how IoT helps with decision making. He highlighted how it’s hard to scale infrastructure in regional and rural areas – and questioned whether we should be investing in networks that connect people or devices or both? He gave the example that as soon as farmers leave the farmhouse, they have no internet – they need to go back to the farmhouse to make better decisions, and this reduces their ability to deliver economic benefit. We need to consider the principle of universal access as we build out infrastructure.

Phil Goebel used the Disneyland Magic Band example to highlight how IoT has taken a purely physical experience and used connectivity to enhance that – leading to “augmented experience”. For example, the band allows Disney to know where the longest queues are, how the park is being used, what facilities are important for which demographics – very granular marketing data. He outlined that there are multiple users of the data – different actors in the ecosystem – administration, marketers and the users themselves – using the data gathered by wearables for different purposes. He flagged the issue that there are no guidelines around how the data is being used – for instance is it being sold on – we need to consider transparency.

Lorraine Tighe is the Smart City and Innovation Manager at City of Melbourne, and outlined how vendors she mets present the IoT as a silver bullet. She outlined the use cases for IoT in smart cities, including parking sensors – to reduce traffic that is searching for a car park – leading to traffic efficiencies. She positioned local government at the coalface of the community, and bringing the community along on the journey – using the City Lab as a vehicle to test and prototype solutions. As part of this, the City of Melbourne made the decision to go open by default with their data, encouraging smart people to co-create with the City.

 

Dr Kate Auty spoke on projects like RedMap and Atlas of Living Australia providing citizen scientists with tools to protect biodiversity. She related how ‘super science’ projects like AURIN and NECTAR are important for understanding how cities work.

Scott Seely had the quote of the panel though;

 

Conclusions

In summary, the #auigf reflected many of the contemporary themes of digital society. Digital disruption and digital society are changing at a rapid pace, and we have a dearth of tools, approaches, standards and response protocols to handle them. We need to start by clearly defining the problems we’re trying to solve, and approach solving them with new types of problem solving approaches, such as design thinking, co-creation and open data. Many of the problems we’re trying to solve require national and international co-operation to build ecosystems, standards and agreed approaches – and the #auigf is a good starting point.

Save