On Feb 17-18 I attended the Reboot Security & Privacy Conference in Victoria, BC on behalf of BCcampus. Security & Privacy is a hot issue these days; it’s in the news, and at BCcampus we’re particularly interested in the topic of US-based cloud computing and BC’s FIPPA and the Patriot Act, so much so that we’ve organized a meeting in April to help clarify the issues. So I was quite interested to hear what experts in the field were paying attention to.

The first “pre-conference” day was given over to workshops. I was very disappointed with the quality of the sessions I attended. I won’t name names, and maybe it was just the sessions I chose, but people at large conferences seem to think that “workshop” is shorthand for “oh goody, I get three hours, not just one, to bore people to death reading my powerpoints!” So it was with trepidation I attended the first official day on the Thursday.

But what a pleasent surprise! Normally I must say I don’t expect a lot from keynote sessions, but there were 4 (yes, 4!) that day, all of which were pleasent surprises. Someone in the organizers deserves kudos for inviting Jeff Jarvis to keynote in the morning; his talk on “Publicness” was a refreshing reminder that the change we are undergoing now due to the network is at least as large as the change brought about by Gutenberg, and that it is ushering in new notions of “public” that have yet to be clearly defined. At a conference that was largely about the fear of revealing that which must be private, it was a nice contrast (one that actually revealed a real contrast in styles at the conference, between what I would term “open” advocates, largely from government and civic society/NGOs, and “scare and sell” advocates, largely from industry.)

Jarvis was followed by Michael Geist, who gave an update on the Canadian Federal PIPEDA legislation and the view from Ottawa. It was interesting to hear Geist point to a shift from “access” to “proactive disclosure” as one of the emerging trends he is seeing, something that was echoed the next day by BC’s CIO, Dave Nikolejsin, who stated unequivocally the committment from BC’s Public Service to Open Data and transparency as new operating principles.

I can’t say I was expecting much from the lunch keynote on Thursday by Trevor Hughes, President & CEO, International Association of Privacy Professionals, but was once again really pleasently surprised. Hughes used examples from the Arts to illustrate what he sees as becoming the canonical means to organize privacy concerns, Dan Solove’s Privacy Taxonomy. It was a really enjoyable talk that tried to position privacy not just as compliance/regulatory function, which it has too often been cast as, but instead increasingly as a strategic and customer integrity function.

After lunch, Jules Polonetsky of the Future of Privacy Forum offered (both in his own session and in a panel afterwards) so remarkably candid insights into the insides of the tracking and analytics business, another huge threat to privacy, indeed far greater than the Boogeyman Hackers mentioned many times elsewhere at the conference. Unfortunately, the notion that large companies like Yahoo and Google will simply self-police (or else the protection offered by Government legislation) both seemed implausible, and really, the overriding sense I was left with is that I better get into the Anonymous Proxy business soon, as it is going to boom as the public becomes more and more aware of the constant surveillance state they are participating in on the internet.

Those were really the highlights (although one other nice gem got sent my way from Chris Parsons in response to my tweet about the need for a tracker obsfucating bot – TrackMeNot, which I am now running in al my browsers 😉

While it was useful to get some insight into the fears that drive security practices, some of which seem very real, many of which seem imagined, that is not the perspective I bring to my work, so a lot of it was lost on me, and there really wasn’t a lot of specifics. It did however make me realise one thing, which is that it is really useful to go to conferences outside of my sphere of expertise. Not only did I get exposed to new things and thrown into a community I’m not a part of, I started to realize how ALL communities like this balance between insularity and engagement with the broader world/issues, and that how I engage with my work in this regards is just as important as what I do. Long Live General Intellect 😉