I am just back from orgcon17, and here are my notes; this was a two day conference, with many sessions on issues of concern to digital liberty campaigners on regulation of the use personal data. It took place over two days, consisting of lectures & panels and workshops. On the first day, at Friends House, where we had the use of the amazing central meeting room it looked at the coming legislation on investigatory powers, the use of the law to make political advances (it’s slow & uncertain), an interview with Caroline Criada Perez, the campaigner who got the first woman on British bank notes and a women’s statue in Parliament Sq.. It looked at e-voting systems in Taiwan where the government used a consensus building software product to engage the population in traffic management solutions design. Jamie Bartlett spoke about privacy vs. security. There was a session on Digital Liberty & regulation in Nigeria. There was also a session on the privacy vulnerability to the coming “age verification for porn users” regulations. Much of these lectures are available on the ORG’s Video channel.
The second day consisted mainly of workshops focused on campaigning. There was a workshop that reviewed the technical architecture of the investigatory powers bill (as they then were i.e. the architecture and legislative stage). There was a workshop in using the Freedom of Information Laws to enhance campaigning, and also about the likely campaigning tools to be offered by the coming General Data Protection Regulation (GDPR) i.e. enhanced subject access requests, the right to be forgotten, of remediation and to object and stop processing.
There were sessions on building local Open Rights Group groups, how to perform IT security effectively for campaigners and a review of the ORG’s Blocked tool.
I chaired a session on building a Charter of Digital Rights, with Richard Barbrook and Mara Leverkuhn. Richard announced his initiative to put some more detail behind the Jeremy Corbyn’s Digital Manifesto which they created to support his 2016 Leadership Campaign. I documented/advertised this session on my blog https://davelevy.info/digital-liberties/
ooOOOoo
The relevance of this conference to CISSP certification is in the Regulation & Compliance domain. One of the critical to IT organisations is failing to keep up with laws and regulations. The ORG focuses on the law as it relates to privacy, censorship & intellectual property. Businesses need to keep these laws in mind when designing their risk taxonomy and control catalogue.
This was written in Oct 2018, nearly 12 months after the event; I did it to claim CISSP CPD Credits. I have as normal, for me, in these circumstances backdated the article to the time of occurrence. …