Notes Human Rights Protocol Considerations (hrpc) RG https://datatracker.ietf.org/rg/hrpc/about/ IETF 116, Yokohama 2023-03-31, 0930-1200 local time Sofia Celi and Mallory Knodel, co-chairs Agenda: # Welcome and Introduction: Intro and Note Well - 5 min {#welcome-and-introduction-intro-and-note-well---5-min} * Welcome all * HRPC group introduction * HRPC group providing guidance on human rights internally, also talking about the importance of the IETF with other organizations * grateful for the support of the community, including technical advisors and document sheperds # Talk: Hack Leaks and revelations - Micah F. Lee - 30 min {#talk-hack-leaks-and-revelations---micah-f-lee---30-min} Hacks, Leads, and Revelations - book presentation: a hands on guide to analyzing hacked and leaked data Presents various tools, datasets, and skills that journalists can develop to do analysis of hacked or leaked data sets, like blueset, aleph, and python programming. also made their own software, blue leaks explorer, to make it a bit easier to query it. https://nostarch.com/hacks-leaks-and-revelations \[Presentation\] Q: curious, if you have chapter on ethical considerations re: the links, and how students etc should deal with that? A: yes - different levels of ethical considerations, especially around source protection. PII need to be careful around, not publish if you dont have to. Q: do you have a chapter on how people to encourage to produce datasets, your examples are from the US but these types of leaks dont happen everywhere? A: lots of leaks around the world, this is the stuff that Micah knows the best, hence that focus. But they have seen leaks from eastern europe and other places. Hopes that if more people starting digging into what is available that will encourage more leaks happen. Q: Your exmaples are about dumps and leaks, since we are here at the IETF, do you have examples of network traces? A: There is no work on PCAP, there is an appendix on webscraping that shows you how to use beautifulsoup and cellenium to gather your own datasets and scrape them yourself. More active stuff gets into legal grey areas, so probably consult your lawyers Q: Do you consider protecting against stenographic techniques to protect sources? A: The most secure way to protect your sources is not publishing, but that needs to be balanced to transparency for your readers. If you do want to publish, you can quote from it. If you want to publish documents, you can recreate it. For instance in audio, you can re-record it. So if there are hidden watermarks that won't be included. So there is a whole range of things. # Talk: Cryptography for grassroots organizing - Leah Rosenbloom - 30 min {#talk-cryptography-for-grassroots-organizing---leah-rosenbloom---30-min} Reframing cryptography for activism, in 7 parts: introduction, protocol design paradigm shift, definition of grassroots organizing, lessons from history, lessons from the current landscape, tlgro: trust infrastructure for grassroots organizing, conclusions. Leah was focusing on number of properties of security, making sure that needs are contextualized and focused on offline trust - which is key given online info glut. Low-tech fallbacks matter, as does the role of human trust which they are applying to a grounded trust method. The choices we make in the design hold power and we want to communicate about - who does our work serve? who holds power? where does the trust come from? who has meaningful choices? Q (Shivan Shahib): Thank you for the talk and this work. Have there been groups that are working with this trust infrastructure? A: Not yet, we are finishing the security analysis. I want to be very careful, implementation is important. Q (Mallory Knodel): I hope you consider hrpc as a place where you can do this work. Can you talk a bit more about the annotations. Are these visible or is it just a hash? A: The annotations are not public, but only available for those that it is encrypted to. We're not trying to fix physical risk trough digital technologies, this is impossible. Q (Erik Nordmark): Thank you for the talk - many of the tools we have can be used for this. In a different time and world transparency and visibility is one way of shining a light, how do you ensure that this is not used by hategroups? Is there any work going on in that space? A: That is something to continue to think about, with any open source tool this is an issue. In facilitating technology trainings we are explicitly aiming at grassroot movements. People who work on this project, will likely be working with marginalized groups and not take the tools to help hate groups. Q follow up: as we can see with social media, we can see that these platforms are being used for hate. So can we tilt the playingfield to make it make it harder for bad actors to use these tools. A: yes, its a hard problem. Other people are working on this. Q (Lars Eggert): remembers PGP, this feels like PGP on steroids, web of trust concept has natural scaling boundaries, where do you scale to? a 100 people? a country? etc A: web of trust, there is a lot of paralels. but his has no PKI, but the second difference is the scale, this is community based platform, we are operating on a communinity basis, the scale is different - there will be most localized. Q (Lars Eggert): we had PGP signing ceremonies at the IETF - but then they would never meet again. We can establish some trust, but how to use these technologies if never meet again? Q (Niels ten Oever): How do you do discoverability? how do i know if there is tigro object of a meeting? A: Tigro is not its own platform, it takes content from social media, still playing with this. You take the content on social media (event post,image) and hash it, so you have a short identifier that you can upload into the tigro server - and then you can see if anyone else has uploaded info about that same hash. Q: what if the governments forces shutdowns? what about offline functionalities? A: thinking about decentralizing this, encrypted version firechat (insure way of bluetooth),. Would be possible technical, have to think more about the trust component of that. Q (Lars Eggert): There was a delary tolerat research group, that is now a WG, which might be relevant Q (Gareth Tyson): How do you account for centralization in networks producing vulnerabilities because of dependency on a centeal point? A: Data about centrality is not shared through the system. Q (Gareth Tyson): Can you produce indirect trust relationships? A: Yes, we are working on this, but a lot of user studies are needed. # Updates: Status (10 minutes each) {#updates-status-10-minutes-each} ## draft-irtf-hrpc-guidelines {#draft-irtf-hrpc-guidelines} Ekr: some comments have been addressed, some of have not. Mallory: folks were clear about what they took on board, and why they did not include everything else. This is a research group. Collin: did not realize that it was progressed back, we do need consensus from the group. we do need the people who commented to feel like their comments to be addressed by the group. we need more discussion on the list. Niels: so lets discuss some of these issues, it will save bits and bytes. Mallory: what is the date of the last message? Ekr: bit about content agnotiscim is bad: content agnosticism is not a property of the protocol but of something else. We need to clear up things that are in the protocol vs other parts of the system. Collin: people need to sit down and discuss. Mallory: my sense is that the authors explained why they did not want to include some things and then silence. Collin: you need people to respond to the draft authors. We need a response from the people sending the comments, they either agree, have further comments, or agree to disagree. I did not see the closing of the list. There is no complete agreement. Mallory: talk to niels, not me. I am not the author, i am the sheppards. Ekr: last message from me is march 15th, and i do not feel my comments are addressed. there are still open issues. Niels: okay - so lets sit down and do it together. Mallory: happy people want to commit to sit down. But the rest of the group needs to weigh in, it is not just Ekr. there might be moments where the authors do not incorporate everything, me as the sheppard, i am happy with that. Collin can you nod? he's coming to the mic, its not fine. Collin: you need to get confirmation from the folks making the comments that the suggestions are addressed. You cannot make a consensus call based on silence. Mallory:is that person ekr? Collin: yes Mallory: i am not asking for a time-out, i am asking the authors + ekr to resolve this within a reasonable amount of time. Sofia: other people on the queu Seb: what are these documents for, what impact do they have? whats the goal? Niels: goal is to make the doc go to an informational doc. its a normative output documents. Shivan: process question - does this need consensus? what does that mean in the context of an RG? I thought RGs did not need consensus. Collin: IRTF docs do not need consensus. But the group has decided to make it a consensus draft. You can also make it non-consensus, but then you have to change the boilerplate language when it goes to the editor. Mallory: we could reconsider the status of the document. Niels: I am happy to work with ekr, and want to respect the work of the people who contributed to it. Collin: consensus or not, if there are technical flaws those should be addressed. Niels: lets take that of list. ## draft-irtf-hrpc-association {#draft-irtf-hrpc-association} Mallory: draft-association: waiting for doc sheppard. its now in the datatracker. Collin: data tracker does not notify people, so please email them as well to let them know. ## New: Intimate Partner Violence Digital Considerations, Sofia Celi {#new-intimate-partner-violence-digital-considerations-sofia-celi} Still being developed, have a look at the current structure. Please add examples and comments. Q (andrew campling): observation that some of the recommendations could be negative in the context of CSAM. a lot of CSAM is 'self-generated' and the tools that might prevent that, will be undermined by the recs you make. A mallory: we are focusing on the harm, not imagines of the harm. Q (andrew campling): CSAM is also about grooming, which is real harm. Juliana: we do not focus on grooming. Seb: thanks to tom ristenbark (?) wondering what the norms are around referencing in the ietf / irtf? Sofia: folks from Tom's have presented in the group. We are also working on an academic paper on his work. Niels: would be great if this would be a research group document, brings in great experts like Leonie Tanczer. Happy to help. Sofia: let us know who ele we should bring in. Shivan: the threat here is the intimate attacker, we could generalize from IPV to any considerations that might have access to your device, like immigraiton officials and your employer. Sofia: we focus on IPV, but you see the intimate access in other contexts - we could expand it to other forms. Mallory: at CDT, we work on bossware and online surveillance of kids - all these things have common elements. We can look and analyze the software itself Collin: important topic, a good draft for this group to be working on. Following on from the previous comments, i would be cautios about trying to broaden it too much. Focused drafts are easier to complete and more impactful. Sofia: https://datatracker.ietf.org/doc/html/draft-celi-irtf-hrpc-ipvc-00 All other WG business - remainder Mallory: charter, i dont have slides. Want to change the document around the words guidelines, as irtf can't do prescribe. Colin: Mallory and I agreed yesterday, we have small text changes left but we agreed on the direction, we're almost there. John Curran: We should probably redefine what 'addressed' means, it is probably perhaps 'considered' is enough. Mark: I support the recharter and I think it will make the work stronger. Mallory: You might be interested https://datatracker.ietf.org/doc/html/draft-irtf-hrpc-political as well! Avri: With the recharter, would implementations fall into scope now? Mallory: That would be interesting to me, perhaps you can make a suggestion? *Minutes by Corinne Cath and SofĂ­a Celi*