It turned out that scripting rich formatted documents on the Mac is a bit more tricky that I would have preferred it. Anyhow, its done now. The purpose of the script is to turn a text document with in-text footnotes, in-text comments, distinct rich-text formatting for headings at distinct outline levels into a nicely formatted document, which uses in-built footnotes, comments, styles and ToC features.

For now, the script does the following:

• Space/new line doublets are replaced by single space/new line.
• Outline levels of all paragraphs are set to 0, which means: no more garbage in Word’s Document Map.
• Text with certain formatting is assigned to paragraph styles “Heading 3″, “Heading 2″ or “Heading 3″
• In-text comments, i.e. text like “[AN: this is an in-text comment]“, are replaced by Word’s colourful comment bubble
• In-text footnotes, i.e. text like “[FN: this is an in-text footnote]“, are replaced by a real footnotes
• A table of content is created at a position marked by a certain string.

Find the scripts for Word for Windows (VBA) and Word for Mac (AppleScript) and a test document attached (format document files.zip).

—

For those interested in too much technical background information: Scrivener’s RTF export is somewhat insufficient for academic writing (cf. discussions in their forum), Scrivener’s support for Multi Markdown is weak at exporting footnotes, comments and styles support. Pages (part of Apple iWork 09) has an insufficient API, which provides no access to footnotes and comments. Adobe InDesign CS4 likewise doesn’t provide APIs for comments, neither does Nisus Writer Pro. Microsoft killed VBA with Word 2008, but will be back later this year with Office for Mac 2011. So I considered reusing my 1990s VBA code by using Word 2003 on Windows, using Parallels. Turns out albeit that my aging, crash-happy Macbook doesn’t like running Parallels 5. So, back to the Mac and Word 2008 using Applescript. Turns out though – surprise, surprise – that APIs for Word for Mac slightly, but critically differ from Word for Windows.

1. There is a lack of empirical analysis undertaken by social scientists, who are not affiliated with biased agencies engaged in turf-wars or the fear-mongering security industry, about the scale, quality and impact of internet security issues. Furthermore, existing institutions have hardly been researched.
2. Ongoing debates in the political sphere often refer to an lack-of-enforceability argument. More often than not, these arguments fail to be backed by scientific findings.
3. The geopolitical dimension of internet security is under-researched.
4. The potentially disruptive impact of internet-based collaboration on traditional security provisioning processes is to be explored. We can observe these discourses about new forms of distributed collaboration everywhere, but not in the field internet security governance.

The main issue for social sciences however to provide guidance for institutional and organisation design for internet security governance.

Ad-hoc defense system protecting railway embankment against Danube flood

The goal is to overcome the “problem of discovering workable political institutions for a community … that was created by a formidable revolution in technology; … and many of its common problems are beyond the power of nation states to solve.” This is a quote from the 1958 book, World Peace through World Law, by Grenville Clark and Louis B. Sohn. The community they refer to is nothing less than humanity or the community of world citizens that had been turned from a diverse, distributed, unconnected set of ethnics, tribes and nations into one community facing the fate of extinction by the invention of nuclear and hydrogen bombs. One can very well argue whether assured mutual destruction was the wisest answer humanity could have found for this problem.

Luckily, internet security problems aren’t that grim as the security problem caused by military use of nuclear technology — despite all that cyberwar/cyber-terror/cyber-Pearl Harbour/cyber-9/11/cyber-Katrina rhetoric. Societal risks are not only caused by internet security problems. The political reactions to them, the emergent institutional design and patterns of internet security governance can pose as grave a problem. The underlying threat for, well, relatively and somewhat open societies is that the responsibility for the security of the communicational nerve system is transferred to political, administrative and bureaucratic bodies which are characterised by secrecy, clandestiness, non-transparency and national egoisms. Traditionally, security-provisioning was owned by agencies that have just these characteristics. If, however, societies do not want to pass control of the internet to such institutions, the options are the following:

• Security institutions are substantially changed by adding transparency, openness, attributability and direct more direct involvement of citizens.
• Responsibility for internet security is distributed over complex, multiple layers with daunting attribution and legitimacy challenges. Responsibilities will be divided along criteria such as geography, jurisdictions, scale and scope of impact, ownership of resources and infrastructures, locus of expertise.

The risk inherent in internet security governance is to end up with governance institutions that are neither transparent, legitimate, far from citizens’ influence, non-inclusive or separatistic and do not allow for clear attribution. Which would equate to: insecurity through internet security institutions.

Two intense days of workshopping at the Central European University produced a stunningly long list of open questions and – as Rummy would have called – things that we now know we don’t know. Things decision makers however should know before jumping to conclusions in the delicate area of internet security, surveillance, filtering and what else. One of the well-connected participants with intimate knowledge about cybersecurity circles estimated that some 90 percent of knowledge about cybersecurity had been developed by brains sitting in the Pentagon or it’s contractors offices. For the sake of societal values such as openness and transparence, time is ripe to look at internet security from a decisively different angle.

It speaks volumes about the state of European internet research, that roughly half the number of the workshop participants were flown in over the Atlantic. Necessarily so, as the workshop organisers pointed out, given the lack of European social scientist studying internet security governance especially in Eastern European countries.

Anyhow, it’s going to be very interesting to see where this thing is heading to once, if at all, the European Science Foundation will pour some drops out of its funding buckets onto this promising undertaking.

Ralf Bendrath and I gave a presentation on “statehood and internet” at this year’s re:publica conference in Berlin. Re:publica is an annual conference for internet aficionados, bloggers, internet activists and, ever more so, politicians and public authority representatives involved in internet regulation. For the first time organised in 2007, it has by now risen to host some 2500 visitors and has been extensively covered (DE) by old-media outlets.

We used the opportunity of the China-Google/US conflict to discuss basic relationships between states and private actors, a question raised (both links DE) in the blogosphere and media, and some general perspectives of internet politics.

The rich body literature on global governance has identified and thoroughly analysed these basic variants:

• States and private actors jointly set rules on either global or national scale. An example for this would be if US government agrees with Google to treat internet censorship as a trade barrier. Another example: Icelandic parliament supports Wikileaks with their Icelandic Modern Media Initiative to create an informational safe haven.
• Private actors ignore state-set rules. The persevere existence of file-sharing is one prime example for this with PirateBay as its, by now broken, incorporation.
• Rules are primarily set by states, but with option to exit the market by private actors. Their is an abundance of examples for this. States set law, corporations follow suite. Google spokesman Brian Richardson in an Wired article: “Obviously, we follow the law like any other company.“ Or exit the legislative territory.

While I don’t want to transcribe our presentation, I’d like to highlight a few topics we were discussing.

In an interview with NPR back in early 2009, Google CEO Eric Schmidt outlined Goole’s reasoning for entering the Chinese market three years before.

“The decision that we ultimately came to with China was that it was better to engage rather than be estranged. The Chinese citizens will eventually rebel over some of these — in our view — idiotic restrictions, because they are now aware of them. They now know that information is being withheld from them by law and that those laws will be overturned from public pressure over time.”

The strategic concept is simple: Stirring rebellion by censoring and publishing censorship. Chinese internet readers would realise that they are deprived of information and thus of freedom, get angry, unite, fight the government and change internet regulation. Easy as that. A “perfected storm” (Philippa Malmgreen) on the financial front sounds like a more plausible US foreign strategy to deal with China and contain and retard its rise to the top of international politics. But I wouldn’t blame Eric Schmidt here, US foreign policy pundits had talked about this strategic approach for years. (e.g. Kalathil 2003, Dot Com for Dictators; Metzl 2001, Network Diplomacy, Arquilla/Ronfeldt, Noopolitik) From that perspective, Google was indeed kind of privately run Radio Free Europe. And I would assume that many pundits in Washington involved in foreign politics shared this perspective. Eric Schmidt himself seems to very engaged in questions about perpetuating and stabilising America’s global stance and Western liberal democracies: “Set against this sober assessment of the future of liberal democracies, we have to come to grips with the new strength and success of those countries which don’t fit neatly into the traditional Davos model. China, of course, tops this list.” (Quoted in: Huffington Post, 11.2.2010) Strategic thinking in Foreign Affairs, such as the latest piece of Anne-Marie Slaughter still considers the internet as a valuable resource for the US hegemonic status, yet it’s less about stirring rebellions and virtual diplomacy, but about exploiting competitive advantages by non-hierarchical, open communities and transnational networking.

Spreading information is one side of the coin, gathering information the other. (Maybe the coin-methapher is detrimental here, as dealing with information consists of more than two processes; computation, organisation etc. need to be added. Anyhow.) Utilising information, information technology and the internet has been discussed by US foreign policy thinkers ever since the rise of the internet. Joseph Nye’s and Owen’s article “America’s Information Edge” was seminal in its attempt to instrumentalise the internet and its technologies for US strategic goals. While concepts like “system of systems” and “information umbrella”, which ought to span the US and their allies (with different degrees regarding the latter), mainly referred to military information (think of battlefield information dominance), it also conveyed a touch of, well, political information awareness.

(I haven’t found literature on this topic providing further details here. So either this branch of strategic thinking is discontinued, which I do not believe given the number of citations according to Google Scholar. Or its so obvious that no further discussion has been necessary and all that has been of interest is how to operationalise such a strategy. And that for sure is something that wouldn’t happen in Foreign Affairs and some RAND studies.)

The instrumental use of the internet is hardly ever mentioned in internet governance discourses and debates, especially in economic approaches which tend to have a blind spot for more fundamental political questions, anyway. But on the empirical side, what we can observe there, is the battle over informational dominance in many societal dimensions, non just the military one. While a state monopoly of informational power for sure won’t emerge, some of the current policy approaches could be labelled as attempts to erect some informational asymmetries and hence change the rules of the game for certain actor constellations.

The government–terrorist/suspected citizen relations were fundamentally changed by the information aggregation policies in the 9/11 aftermath. Discussions about TIA, the total/terrorism information awareness program, followed. Back in 2003, Markle Foundation’s Task Force on National Security in the Information Age provided still stunning work on which governmental/corporate/private data sources would need to be combined. (Cf. screenshot) And now, then ten years after, the European Commission is planning for a 2012 “Green paper on commercial information relevant to law enforcement and information exchange models”. (p. 30; kudos to Ralf for that hint) By using massive informational resources provided by state organisations and private corporations, security agencies have been able to overcome their ignorance over some malevolent perpetrators. But it comes with a hefty price tag attached.

Information aggregation policies certainly have an effect on relations between states/private corporations and individual citizens and customers. For sure, it’s under-researched. Google, to name just one, is feeling the heat of user criticism about their data aggregation practices. Their efforts of fostering freedom of expression might be laudable (well), the amount of information voluntarily and possibly in part unnecessarily gathered by their systems and services contradicts some fundamental privacy recommendations. While Google itself might have no economic incentives to exploit their vast amount of information about individual users, this stance might vanish in the long run. Today, their data aggregations are already sought after by governments and we have no idea to which extent this is happening.

Google’s reaction (and of other corporations in the data aggregation segment) to questions about their unavoidable cooperation with governments has been so far: “We don’t comment on any discussions we may or may not have had with any national intelligence agency.” (Chrisine Chen, Google, Policy Communications Manager)

This week, Google has launched a website to share some statistical data about government requests. But still, their information does reveal hardly anything about quality and quantity of data shared with state authorities and private intelligence providers, as we don’t know what a request covers and the data stream it entails. (“Requests may ask for data about a number of different users or just one user. A single request may ask for several types of data…”) Google is walking an impossibly fine line, here, between kowtowing to government requests on the one side and not handing-in user (who are usually not their paying customers) interests. (Jeff Rosen described earlier challenges of Google’s policy department in the NYT in 2008.)

From the individuals’ perspective, this is a change for the worse. Normatively, an individual would likely want to be in control over every bit of data relating to her personal life. Some business models (search, marketing, intelligence, etc.), however, rely on an detrimental approach to individuals’ privacy and data protection rights. The same holds true for government responsibilities such as domestic security, taxation, public health, or emergency operations. While it is worthwhile to discuss the value of openness, the political debate for the years to come will have to address rising informational asymmetries that discriminate individuals against governments and corporations.

The disruptive nature of the internet has been acknowledged and can be experienced in a wide range of societal dimensions. It has changed and still is changing the ways we communicate, how businesses are organised, how people collaborate, how we produce, exchange and consume informational goods. The internet is making inroads in domestic and international communications. However, the impact of the internet on the core institutions of organising security and the institutional necessity for organising internet security is still nebulous.

Cybersecurity can be seen as the umbrella concept for technologically related problems that are institutionally and in terms of governance addressed in fundamentally different ways: disturbance of infrastructural performance, internet-based crime, warfare and terrorism. As to practical governance, any of these problems needs to be properly assessed, empirically evaluated and practically addressed with appropriate means and institutions.

This is where the problem starts: Empirical analysis seems to be insufficient in nearly all the aforementioned security dimensions. While everyone seems to agree on that cybercrime amounts to billions of damages, the numbers vary widely. Analysis are often funded and executed by persons or organisations with vested interests, problems occasionally exaggerated, hyped and securitised, numbers overblown, not set in context. Hence, the scale of internet security problems and their respective risks need to clarified.

Regarding institutions, we are currently witnessing the emergence of a state-driven internet security architectures as an attempt to deal with cybercrime-type internet security problems. Internet security policy seems to be more and more driven by actors that have always played a crucial role in nation states’ security politics: governments, states, international organisations, police forces, military and intelligence agencies. In a sense, national security institutions are reclaiming the state’s sovereignty to regulate whatever is within their territories. It is arguable whether this institutional approach will solve internet security problems such as phishing or botnets.

Ongoing debates in most Western countries on, e.g., web-filtering are framed by those in favour as a necessity to overcome a lack of enforceability of national criminal laws (sexual criminal law, property law, treason, other types of content regulation). The argument of non-enforceability is based on a) the lack of reach of national law enforcement agencies beyond their jurisdiction and territorial borders, b) the lack of cooperation of foreign national LEA, c) the agility of perpetrators to change their locus of action, technologies and tactics, d) slowness of legal international cooperation, e) unlawfulness of direct cooperation between national LEA and foreign non-states actors such as ISPs , f) non-cooperative stance of rogue countries. The question here is whether those national approaches are caused by a lack of institutional adaptivity on the side of national legislation, by entrenched interests of national security authorities and other societal interests or justified by the nature of the problems. The idea of evidence-based governance suggests that we should know the empirics of the scale of the problem and effects of regulation before regulation is proposed.

Currently, internet governance is characterised by institutional diversity, and likewise, internet security problems are addressed by different organisational and institutional forms. These differences can be found in criteria like the degree of state involvement in policy formulation, policy implementation or security operations, the degree of hierarchical forms of steering, the degree of information sharing, the kind of threats to internet security or the kind of objects of internet security dealt with by the governance form. The diversity of current modes of internet security governance and provisioning seems to be underexamined. The same holds true for the relationship between concurrent modes of governance/provisioning.

New technologies in general allow for reorganising existing organisational, political and production processes. With the rise of the internet, not only new types of security problems have evolved, but also new ways of organising tasks and processes on any societal level have become possible. We need to explore and assess new possibilities in security provisioning and their normative consequences.

The geopolitics of internet security governance and provisioning is another topic lacking thorough research. The role of the internet has played a stunningly minor role for IR theorists for quite a long time. The trend of nationalising regulatory capacities highlights the necessity to analyse and assess the internet as a strategic resource for national politics and foreign policy strategies. Likewise, the idea of networked internet politics and the role of private actors therein, their consequences on shared democratic political values and institutions requires more thorough examination.

The difficulty for software producers is that in the end their code needs to represent the real world or create new worlds by using a rather rigid set of algorithms and functions. As any social scientist, psychologist and student of complex system knows, applying mathematical rigidity to the real world has its issues. The masters of ceteris paribus are just learning the hard way that the ‘other’ doesn’t disappear by excluding it from sophisticated, yet under-complex models. Could one imagine a more challenging field than to computerize human thinking and innovation? It is highly individualized, it differs from person to person, individuals have different strengths and habits depending on their surroundings, the time of the day, their moods, their intensities, their socialisation, their education. Human beings think in and with images, texts, sounds, narrations, dictations, scribblings, sketches and all the other techniques for informational computation humanity has invented in its short history. Individuals get ideas while watching movies, reading books, dozing, dreaming, running, listening to presentations, chatting, brainstorming and so on. That’s why the venerable new economy provided their hard-thinking employees with sofas, table soccer, thai massages and luxurious brunches. And it’s not by chance that distributed collaboration and flattened hierarchies are so en vogue in knowledge intensive work and innovation creating endeavours: knowledge and ingenuity are everything, but impossible to measure and calculate. The complexity and abundance of varieties of thinking and creating pose a challenge for creating digital support systems for these activities.

In the last twenty-five years or so, there have been numerous attempts by software producers to address one or more of these problems. We have thus seen hundreds of attempts to create software for retrieval and creation of information, visualisation, for storing, categoring, linking, annotating, writing, or referencing of information. Note-taking software and text editors were among the first programs developed for computers and are probably as old as computers with attached monitors are. Word-processing was dealt with right from the start of the PC boom. Reference management software has proliferated in the nineties and early naughties. The 2000s have seen mind-mapping software (developed by Terry Buzan, with whom securitization thinker Barry Buzan has co-authored a book on mind-mapping) popping up everywhere. The vanguard of the more interesting category of individual thinking supporting software probably was asksam, created in the mid-late eighties and in a slow decline since late nineties, a DOS- and then Windows-based full-text database, with which you could easily create a digital version of Niklas Luhmann’s famous Zettelkasten (youtube video, in German though) or any other kind of text-based databases.

Asksam also spearheaded the concept of tagging, though implicitly, the wildly claimed feature of Web 2.0 with its still fashionable and ever more ubiquitous tag clouds. As of now, we have many isles created by software imitating certain aspects of human text-based knowledge production, some of them interconnected with different degrees of tightness. What is certainly missing, is the kind of round-trip interconnectivity between visualisation/modelling software and text production software that has been around for code writing and software design for years. Visualized idea generation in the form of diagrams can be transformed into respectively structured text (code), just as changes in code result in automatically changed visual diagrams. The category of outliners has tried to fill this gap (and more), easing the organisation, sequencing and hierarchisation of text. But this is only one aspect of the lack of integration and interconnectivity between the isles of idea generation and information production.

The emerging cloudification of computing and the rise of web-based collaboration has shifted a bulk of the collective software developer mindset to collaboration, social production, sharing and opening personal silos. And yet, a big share of knowledge production happens individually. The web is full of fora discussing how to apply which software for which use case, how to integrate which software with which feature of another software, whether to digitalize certain steps in your workflow, or whether a paper-based approaches are superior for certain tasks. A lot of the innovation of software adaption is happening there, partly in hand with software producers.

For writers – whether novelists, business report creators, or academics – many tasks in text production are similar: collecting and gathering raw material (digital text, articles, pdfs, movies, links; photocopied artefacts, graphics etc.) related to general interests or to a specific project or task; annotating, categorizing and highlighting the raw material; taking notes, writing down ideas, mindmaps, sketches; write drafts, digest third party comments, create new versions, add bibliographic data (researchers only). All of this is happening jumping back and forth, chaotically, not sequentially. It’s the non-sequentiality that requires tight round-trip integration of as many aspects as possibly either within one software or a set of distinct applications. This integrated feature-set can, speaking in ideal types, be created by a network of distinct application or by a single, bloated piece of software.

There is one piece of software that is mentioned in every discussion about software for writers and researchers, albeit it’s Mac-only: the aptly named Devonthink application. To judge the usefulness of software, it is helpful to recall use-cases in which feature of the software can result in productivity gains for the user. A long list of feature doesn’t help you to be productive with a piece of software if it doesn’t fit your behavior and working style. And simplicity, though widely claimed, can turn out to be adverse if it misses to encompass features necessary for a certain task. Imagine – not that imaginative in this context, but you feel free to imagine any other topic – you would want to write down a couple of remarks about the individuals’ thinking supporting software in general and devonthink in particular. It’s a topic you’ve been interested in for while, you’ve read a few things about it on the internet, copied a few snippets on your local computer and filed them with more or less discipline and consistency.

Devonthink’s features make it a strong, the leading contender in the category of “everything bucket” applications, a term used not only for FBI database systems. (More on that in the next paragraph) The characterizing feature of “everything bucket” software is that it serves as the central repository of whatever information you would like to store on your computer. Whatever you get and see and consider to be worthy to remain on your computer: it goes straight into that bucket. As such, it serves as a sophisticated replacement for less feature-rich file-systems. File-systems historically lacked full-text search capabilities, a feature heftly missed by researchers until it finally became a commodity in the last couple years as Apple integrated Spotlight into it’s Mac OS X and Microsoft drew equal with Vista and Windows 7. Before that, user’s had to rely on third party systems like venerable dtsearch or the intrusive and talkative Google desktop search.

Twitter engineer Alex Payne argued against everything bucket applications, as they would deprive users to use external application which expect files to stay in the normal file system hierarchy and not within buckets. While he has a point to some extent, and Doug’s concept of the “File System Infobase Manager” is geekily charming (Doug draws on stunningly sophisticated debates in Scrivener’s user forums), and it might hold true for some of these bucket applications that: “By using Everything Bucket applications you give up functionality for compactness and eventually that equation works against your creative process. By working in the file system you use best in class apps for each specific purpose.” (ibd.) However, devonthink’s indexing feature does allow files to remain in the file system hierarchy; and even if a file resides inside Devonthink’s own databases, you can still use, say, Word to edit your documents. As far as I know, devonthink is the only consumer-level software that can both act as a file-system indexer and as a bucket at the same time.

One of the core arguments against “everything bucket” applications is the threat of lock-in, of non-exportability, of the potentially high costs of moving out and abandoning a software system in favour of another. Devonthink supports those who want to walk out, and thus lures those who want to sneak in: Mark the top level groups in your database, press alt-command-E and wait an hour or so until DT has shuffled the gigabytes of your database into a file system hierarchy that copies the group structure of your DT database. In addition, devonthink creates one file per group that contains meta-data related to the documents within that group. And out you are.

So, feeding the “everything bucket”. Sucking the more important sediments (thus ‘devon’ in devonthink) of your hard disk into devonthink, is one of the first things you will do after starting using the software. The procedures are described in dozens of other places on the web. More tricky is the question of data organization and structure. If you have multiple personaes, you might want to create several database, one for each, e.g. one related to research, one for administration of your business, one for your writings. Others prefer project oriented approach, but a one-database-for-all approach is also possible. Devonthink databases can contain gigabytes and still be functional and responsive. Devonthink imports virtually any file format on your hard disk. If you prefer your files to stay in their filesystem hierarchy, DT can alternatively just index them instead of importing.

The second way of feeding devonthink – a popular one among all the internet consuming researchers out there – is to store snippets cut out of web pages. PDFs from journals , news articles from media sites, blog entries from RSS readers, emails – press a keyboard shortcut to copy the respective document to DT or select the text that’s relevant to avoid the clutter of ad-loaded news articles. After you’ve pressed the shortcut, a semitransparent window will pop up where you can tag the information-piece and file it in a group. All in all, it works remarkably well and efficient and devonthink can probably rightfully be labelled as the hegemon amongst all “everything buckets” applications. It robust, stable, at times lightning, at times liveably fast. In certain cases, however, e.g. when you’re using fifteen application at the same time, among them memory junkies like a browser with fifteen tabs and an Adobe application and your database is a couple of gigabytes in size, Devonthink has to claim back a few hundreds of megabytes RAM. In such cases, waiting time for your search to be completed can easily amount to a dozen of seconds.

Devonthink truly shines, when you start harvesting the repository and digging in the sediments of what you’ve neatly filed or hectically thrown into it. It kind of resembles sneaking around in an old dusty library, looking for the magic gem, the eye-opening book written in the allegedly dark ages by an unknown monk. Umberto Eco described this approach so lucidly in his book on academic researching. Transferring this method to the new ages: As mentioned earlier, imagine you would want to write down a few ideas about individuals’ supporting text-based information production software. What I do in DT is this:

• I create a new group in in the “current activites” group of “general interest” database. Create a document that will contain your final article or first drafts. Just start writing or crawl through the database first.
• The second step is to create a subfolders for the, well, ‘raw material’ that I replicate (replicating in DT is creating a link to another database item instead of a physical copy) into the subfolder.
• Search database for documents and groups to link to the ‘material’ group.
• Start or continue writing.

After a while, you have written down a couple of ideas. Devonthink’s most unique feature surely is the “See also & group” button, iconized as an upside-down semi-filled stovepipe hat. This is the magic, devonthink does with my first draft of this review document.

Even if I hadn’t set up a project folder with its replicants, devonthink would have supplied me with a few dozens of worthwhile links in my database. Interestingly, most of the files I created links to in earlier paragraphs above are listed in the lower part of the window, whereas the upper half suggests a couple of relations that are somewhat oddish at first sight. And at second sight. And third sight. Or is that “machine memory creates ideas we’ve never considered” (Clive Thompson, A head for detail; see image above)

But what is the idea behind setting Karl Marx’s Kapital on number two on the list? Devonthink plays Google and keeps the algorithms close to its chest. What could it be? Identical words? This article’s language is, well, English (possibly plus denglish and anglish), Marxen’s “Kapital” is a German edition. The words devonthink rates as the most significant ones of both articles differ substantially: Grossejean, rearchitected, patinized, oligopolist vs. Grundeigentumsverhältnisse, Arbeitsprodukt, Fetischcharakter, Entwicklungsgrad.

This machine’s firewall software hasn’t yet logged any traffic from my machine to the internationale.org or fifthcolumn.net, making a political conspiracy unlikely. What then? I opened the “Kapital” in a second tab in this “devonthink review” window, it takes a minute or so for the document to open – the memory consuming “see also & group” drawer is open, which is used by DT to list and visualise statistical similarities between the current document and those in the database. The Kapital comes with some 376.000 words, giving devonthink a few words to crunch. But, still, I really don’t get the link between this review and the Kapital. Because of the “Oligopol”? Das Kapital, however, doesn’t contain the string ‘Oligopol’. Should DT know that a monopoly is the big sister of an oligopoly? Anyway, I’ll take it as joyful news that artificial intelligence isn’t inhumanely clever, yet.

As said, the lower area of the “see also” window lists many helpful and relevant articles: Stephen Berlin Johnson’s article on devonthink in the New York Times; “Devonthink and other Mac Apps for History and Humanities Research”; “Delve into Devonthink”; “An attic called Devonthink”; “A digital academic workflow”, and couple of other documents, some of which were already mentioned above. “See also” obviously works very well. So I can continues with the odd findings…

What about the second in the list, “Billmon on war”. Billmon (“War is to important to be left to the think tank nitwits”) was a blogger who portrayed and analyzed the preparation and later the implementation of the US engagement in Iraq. He was renowned for his stunning sources, and obviously had a terrific citation database with hundreds of sharp quotes that he managed to deliver on the spot. Again, devonthink doesn’t reveal the reason why “Billmon on war” (a document containing his articles on war) is on rank #2. You have to find the connection between war and devonthink. Do you see it? It’s speed and maneuverability. Military history and military strategy highlight the superiority of the aforementioned two qualities in many modern warfare scenarios. Both require sophisticated logistics and advanced, durable technology. If you’re at war with your brain because e.g. it’s too late after midnight, devonthink might give you a rescuing hand. Your Devonthink databases amass tons of pdfs, texts and writings from which it sends you off deep into unknown territory or over unknown bridges. This is exactly where you would want to go. If that doesn’t work out, take rank 4: Innovation studies tell you that it takes a bunch of failed efforts to for one major innovative leap to strive.

Next to its capabilities in gathering, searching and drafting information, Devonthink’s fourth major feature is its position within the network of information-support systems on individuals’ computers: it has managed to acquire the status of production the master hub, the fat node where all the remaining applications link to or are linked to. Devontechnologies has laid ground for this by redesigning the underlying architecture and increasing speed and scalability of devonthink. It remains to be seen, whether they will be able to capitalize on their hub status or whether devonthink’s hegemonial position in its software segment will be contested by new contenders in the long run. The biggest challenge for all these small-size Mac software shops will be lie in the contestation of the indie-devoper model by a more capital-intensive development approaches – which will only be a natural development caused by the increased size of the Mac market. The business models of Evernote or particlarly Mendeley shed a light on how the post-indie Mac world will look like and it might force the code-smiths behind devonthink to substantially change their approach to the market.

The territorialisation of the land of information-production support systems is for the most part still happening in distinct, distributed isles of application. With their maturation, the focus for desktop software in this area will in the years to come be to integrate functionalities and features across the borders of single applications. The second stream of innovation will continue to be in the area of collaboration and finding new ways and possibly new granularity in the degree of publicness or peer-level sharing of knowledge work and its pre-products. Looking back in the history of this area of computing is a akin to development in science in general: it’s sobering how little progress has been made and thrilling to see what has been achieved at the same time.

China spearheads the anything-goes movement of technology-based societal control, authoritarian countries worldwide follow suit, and we yet don’t know whether western democracies will manage to at least remain in their currently mediocre shape if one of the many ongoing global developments and crisis should ever have a major and disruptive societal impact. From the perspective of the freedom and unhindered flow of information, the internet makes a bad expression these days and things haven’t changed for the better in the last year and the naughties.
John Perry Barlow’s “fuck them” against the dark priests of internet regulation has died away, the rejected kings have given a dam, the doers of power moved on – internet governance has covered a long distance in the last decade. Yet, the fundamental conflict is still ongoing and presumably will, as long as the Internet remains the world’s leading communication infrastructure and the constant flux of innovation raises again and again new opportunities that actors consider to take advantage of pursue their agenda.

Just as every year, the Chaos Computer Club has held its annual Chaos Communication Congress. Being the 26th instance of this post-Christmas meeting, it was aptly named 26C3. The motto of the congress “Here be dragons” was, as Frank Rieger explained in his keynote (summed up in a CCC blog, video streams of all presentations), a text-label used on old sea maps to mark uncharted territory where dangers, dragons, sea monsters or treasures were assumed. According to this analogy, the CCC community aims at playing a more avant-garde of a role, an exploratory force with “small ships ahead of the masses” looking into potential traeasuries and dangers lying the yet not fully charted territory of societal and cultural usage of information technology.
Whereas other actors contemplate launching military invasions to fight the unknown unknowns, 26C3 prefers a more playful search for truths of and possibilities for the use of information technologies. Playful indeed was the scenery on the floors and in the basement of the Berlin Congress Center with all these flying quadrocopters, Lego-based machines and robots and all these blinking hackerspaces. And Berlin couldn’t have welcomed the geeky crowd better than with the mystique of a freezing, snowy, quiet post-cristmas days setting.

Rieger outlined his ideas of a political agenda for the CCC and the hackers’ community for the months and years to come. He called for nothing short of a roll-back of data breaches and mass data collection, individual liabilities of business and public administration executives for “data crimes”, data protection quality ratings by publicly funded research institutes. He explicitly excluded the German Federal Office for Information Security (BSI) from the list of possible organisations to excert such ratings. While formally responsible for enhancing user security on the internet, the BSI had, accroding to Rieger, recently been granted the right to intercept inter-administrative traffic in Germany — a development one should have in mind when discussing the cooperation between German internet providers and the BSI.

The community should, Rieger asked, start activities to upgrade and invent systems needed for the “technical defense of our communicative habitat” — just in case. My impression that no one really doubts that the judicial, business and political sphere will put more pressure on the that “digital habitat”. Thus, the conceptualization of internet security from the perspective of the CCC congress is very different from what is usually discussed on conferences where the majority of attendees has an LE, policy or business background. (I wonder whether my Giganet paper, in which I have tried to conceptualize internet security, will ever go online :-/)
Rieger, who has a strong technical background in cryptography for mobile communication, asked the crowd to technically improve tools and software, e.g. to correct OpenSSL, to speed up and increase the scalability of Tor, and to find ways to technically circumvent the presumably upcoming mass usage of deep packet inspection. Decentralized technologies would be the route to go.

Austrian journalist Erich Möchel has covered IT politics and European data surveillance policies for more than a decade. In the late 1990s, he was the first to cover Enfopol, the then emerging transatlantic Europol-FBI surveillance system. On 26C3, he gave a follow up on US-EU data retention activities.
In the last couple of years internet security politics would have changed in a way, that Möchel describes as an ongoing “militarization of cyberspace”. The working group of the European Technical Standards Institute (ETSI) that is responsible for defining technical standards for exchange of data retention data has been staffed with personnel with significant military intelligence background. Möchel concludes that the British GCHQ is in a key position to control activities within these working groups and influences technical standards.
The technical standards for exchanging data gathered via data retention comprises data fields that are forbidden to collect according to current legislation in most EU states. The ETSI standards go way beyond what is defined as mandatory by data retention laws, comprising optional data fields such as lists of all the devices with which a user uses a service, ring duration of failed attempted calls, billing details such as customer numbers at the billing provider or the list of billing numbers used to pay the providers services. The resulting list of BIC and IBAN numbers can then be used to link retention data with SWIFT data.

Möchel’s investigations on the realities of internet surveillance could indeed have enticed the audience to daydream about how it all could be if only…. Sandro Gaycken, technology thinker, philosopher and regular speaker at CCC events, used the opportunity to link Hackers’ visionary thinking with Utopian theory in an inspring, thoughtful and relaxedly academic presentation. (Christian Scholz has the details and a transcription of the presentation.)
Unfortunately, utopia and dystopia are related, and the features of today’s information technologies could too easily be combined with authoritarian forms of governance and result in a real 1984. The recent trends in internet politics make a dystopian outcome more and more feasible. Historically, the emergence of authoritarian or totalitarian regimes would happen every once in a while, Gaycken said.
On the other end of the spectrum is, what Sandro Gaycken calls the “Hacker’s utopia” of the “Free Information society”. Its genuine agenda is derived from the idea that major societal problems could be overcome by establishing a free flow of knowledge and information. This leitbild of a free information society serves as a powerful idea that structures activities against an IT-powered decay of our societies into more authoritarian (I prefer this term over the term “totalitarian” used by Sandro) systems — activities such as the anti-surveillance, anti-censorship or open source movements.
Sandro contrasts the idea of a “‘Free Information’ society” with the idea of a “free ‘Informatized Society’”, in which hackers ought to address any societal problems as soon as ICT is involved. The latter idea leads to an overstretch of hackers responsibilities. Sandro obviously advises hackers to be careful about extending their activities into too many societal territories and political conflicts. “Hackers’ utopian ideas were never meant to constitute a full-fledged social utopia”. As a consequence, an extension of the agenda of hackers’ ethics into more political arenas would “blur the agenda” and create entanglement in left-right infopolitics conflicts.

The politicization of illegal downloads would serve as an example of an overstretch of the hackers’ agenda. While striving for a property rights reform would be a legitimate goal, Gaycken is doubtful whether Christina Aguilera’s albums should be considered as important societal knowledge and thus be part of the public domain. He pointed at how an extended hackers’ agenda aiming at free-beer-not-free-speech filesharing would lead to conclusions about the role of the state and of law that are detrimental to the free information interests that are at the core of the Hacker’s ethic. In short: “Filesharing politicization promotes the surveillance of the internet.”
Instead, Sandro proposes the Hackers’ agenda to be clarified. Concentration on hackers’ core idea of a “free information society” and on neutral and clear infopolitics would be favourable and necessary in order to not get hampered by right-wing/left-wing-types of conflicts.

I have an idea what Sandro might be up to: ensuring the coherence of the hackers’ coalition by selecting “things we can change” — that’s what utopias are about, as he said in his introduction. And never get engaged in fight you can’t win or that would bust the coherence of your troops, one could add. While there might be a difference between the “hackers’ core agenda” and hackers’ extended agenda, I would love to see a more elaborated and precise elaboration about these two concepts beyond the filesharing discussion.
Apropos filesharing. In the advent of 26C3, there has been a bit of a quarrel between Sandro and official CCC representatives around Frank Rieger about filesharing in the German weekly Zeit. An inattentive reader probably has the impression, that Sandro Gaycken considered filesharing not worthy to be politicized whereas Rieger&Co had argued that filesharing is a politically important technology.
In his 26C3 presentation, Sandro Gaycken stated that “filesharing politicization promotes the surveillance of the internet.” Of course, the “politicization of filesharing of copyrighted material” would be politically stupid or hyper-bold, but has it ever been proposed anywhere but in teenagers’ forums? But my impression is, that the alleged ‘politicization of filesharing of copyrighted material’ would more likely be a defensive reaction to copyright holders’ strategy of equating filesharing of copyrighted material with robbery and their attempts to criminalize filesharing in general. Filesharing, i.e. the distribution of files based on peer-to-peer technologies, is indeed a technology that is highly valuable. Peer-to-peer technologies are indispensable for the “hackers’ core agenda” (Sandro Gaycken) and the goal to ensure “free communication with any protocol” (Frank Rieger). Sandro’s argumentation slightly suffers from his definitional looseness and the at least implicit equation of the “politicization of filesharing” to the ‘politicization of filesharing of copyrighted material’. These two things are quite a different thing, just as “filesharing” and “filesharing of copyrighted material” are fundamentally different, politically and economically and judicially.
Having followed Frank Rieger’s presentation, my impression is that the hackers’ community feels being forced into the defensive. Why else should Rieger announce that CCC will come up with a financial concept for artists in the next couple of months. While I’m curious to see the plan, my hunch is that it is going to be a piece of cake for the content industry to get a dozen of talking heads and fora to squash the plan. I couldn’t imagine anything more remote from the hackers’ agenda than the development of a business plan for a whole industry, and anything fitting less to the forthcoming general political agenda than rhetorics like “the state has to guarantee the income of artists” (Rieger at 26C3). Content managers must be cheering for joyful anticipation.

Christian Bahls was a major pillar of the German anti-filtering movement last year, which urged the newly elected coalition of conservatives and free-market partisans to distance itself from its predecessors web-fiiltering legislation to allegedly promote child-security. Christian gave a short summary of last years activities and identified the centralized ownership of critical internet infrastructures such as DNS servers as a major security threat for internet freedom. As providers like Vodafone block port 53, alternative DNS server would not always an option to circumvent illegitimate filtering attempts. Thus, Bahls proposed and briefly showcased stumbling code that implements three technical approaches to counter the vulnerabilities that are intrinsic to DNS as a scarce internet ressources: 1) DNS-via-HTTP(s)-Tunnel, 2) DNS-with-Cache-in-DHT (distributed hash tables), 3) HTTP-Prody-with-Cache-in-DHT.
The latter two approaches reminded me of Yochai Benkler’s 2004 paper on “Peer Production of Survivable Critical Infrastructures“, in which he proposed the use of peer-to-peer systems for three critical internet components, namely networks, storage and computing ressources. While network connectivity should be ensured by using ad hoc mesh wireless networks, resilient distributed data storage is to be implemented by peer-to-peer file services and the availability of computing ressources by distributed computing. In a sense, Bahls extends this peer production approach of technical internet security to secure “information freedom”, which is threatened activities of national governments ironically pursued in the name of enhancing internet security.

Daniel Schmitt and Julian Assange of Wikileaks rocked the floor at 26C3 last week in Berlin by revealing a plan to use to cooperate with Icelandic politician to turn the island into a “Switzerland of Bits”. Icelandic population, threatened by IMF’s widely feared euphemistically called structural adjustment programmes, is highly supportive of Wikileaks’ recent activities to keep documents in the public sphere that were gagged by Icelandic jurisdiction.

Wikileaks describes itself as a “disclosure portal for classified, restricted or legally threatened publications” and an “anonymous safe harbour for the submission and uncensorable provisioning of documents”. According to “The National”, an Emirates based e-magazine, “Wikileaks has probably produced more scoops in its short life than The Washington Post has in the past 30 years”.

Their track record for 2009 is indeed impressive: Trafigura, Toll Collect contracts, the Kunduz Feldjaeger report, the 911 pager messages, the EUISS report proposing a built up of European military and police forces to protect alleged European interests abroad and seal off Europe for migrants, US special forces manual on unconventional warfare for special forces units and intelligence staff.

And now this: a plan for an “offshore publication centre” that “provides a specialized set of laws”, which would “fit the freedom of information needs of the information society”. In short: “a safe haven for data and communication”. While Avi and Randy in Stephenson’s legendary novel were in for a “thick river of gold”, Daniel and Julian want to provide the public with streams of information and make sure that publicly relevant information cannot be hidden from the public by inept court activities or economic or political pressure against media publishers.

As again displayed by the presidential decision to block payments to Dutch and British savers, Iceland is playing a tough political game these days, anyway. According to Roubini.com, the economic analysis website of Noriel “Dr. Doom” Roubini, Iceland is flirting with doom: “Not passing the bill could even lead to Iceland defaulting on its debt.” (Roubini.com Daily Newsletter, 6 Jan 2010) Has Iceland started a campaign of vengeance or would they use the leaking data center as capital that could be traded in in negotiations with EU countries?

Neil Stephenson’s Cryptonomicon figures faced a similar dilemma with their plan of a “data haven”, a “secure, anonymous, unregulated data storage”.

“What if … the good Sultan changes his mind, decides to nationalize your computers, read all the disks? What is needed is not ONE data haven but a NETWORK of data havens–more robust, just like Internet is more robust than single machine.” Neil Stephenson, Cryptonomicon

Decentralisation technologies might indeed be the way to go.

Gathered under the umbrella of the Shadowserver Foundation, a group of engineers and scientists have scrupulously gathered evidence and background information about the activities of the Conficker botnet. They have known for months that millions of machines worldwide had been infected with Conficker malware. Yet, no one reacted, only shoulders were shrugged. At govcert.nl in October, many were contemplating how to proceed with Conficker.

Starting today, Shadowserver let’s everyone know where these Conficker-infected machines are. The move is a valuable contribution to increase global transparency about the somewhat obscure botnet problem.

An interesting example from Germany immediately sticks out. 1&1, a big hosting and medium-sized accessed provider, had initiated an internal initiative against botnet-infected customer systems earlier this year. Today, only ten IP addresses and 0% of their routed space are assigned to infected machines. For customers of Deutsche Telekom, which hasn’t announced a similar program, things look worse: 0.1% of all IP addresses or more than 32,000 IP addresses belong to a Conficker-infected machine.

However, the German national ICT security agency (Bundesamt für Sicherheit in der Informationstechnik, BSI) and the association of the German internet business, eco (Verband der deutschen Internetwirtschaft), have cooperated on botnet issues at least since October 2008.

A workshop on botnets in early February 2009 addressed topics such as data-exchange between ISP regarding information from systems such as honeypots, abuse systems, spam traps (email analysis), DNS analysis, IDS/IAS (anomalie detection) or harmful websites. This information provided by ISPs could then be complemented with external data sources. Given the lack of published data, it is not clear which techniques ISPs actually use to exchange data today.

Another workshop on botnets, obviously organized by eco, took place in early February 2009. One of the speakers was Frank Ackermann, senior legal counsel to eco, who talked about judicial aspects of botnet fighting. According to Ackermann, “ISPs are interested in moderate filtering” of spam. Thus, politics should be discouraged from strict anti-spam regulation.

The programme of another joint eco-BSI workshop, the 7th German Anti Spam Summit mid-September 2009 on conficker, has sessions like “Status Quo central botnet disinfection call center DE” and “Legal Guide on Technical Approaches against Botnets” listed. According to the programme, Dr. Lothar Eßer, Head of Division Internet Security of BSI, also attended this session.

In late November 2009, eco mentioned in a summary of their IGF09 activities that it is going to build a “Botnet Disinfection Center” in a joint effort with BIS and several providers.

So, Germany will get it’s public-private anti-botnet center. According to eco’s press release, eco and BSI will establish a user-support center. ISPs will forward customers with infected machines to a website which provides tools and descriptions for removing malicious software from their machines. In addition, users with infected computers can call a special hotline with experts assisting users in removing harmful software.

—-

Upd. 9.12.; 16.12: changed headline, added the paragraph with eco’s press release; corrected typos

Dan Woods had an intersting column on the “Myth of Crowdsourcing” on Forbes online the other day. Best quotes:

“There is no crowd in crowdsourcing. There are only virtuosos, usually uniquely talented, highly trained people who have worked for decades in a field. … The crowd solves nothing, creates nothing.”

“There is no crowd of open-source developers ready to attack every problem. ”

“without the virtuoso contribution at the outset, they would achieve nothing.”

“Does crowdsourcing exist as it is popularly conceived? Yes, it does, but it doesn’t have anything to do with innovation. …The other businesses mentioned in the crowdsourcing category… are really versions of Wikipedia, that is, aggregations of the inventions of individual virtuosos”

“[crowdsourcing should be conceptualized as] broadcast search.”

In short: Only virtuosos innovate, not crowds; crowds can’t solve anything; virtuosos steer the crowd. Dan Woods concludes that crowdsourcing is not about creating collective intelligence and labour force that would unite in creating new things. Crowdsourcing would not create collective intelligence and not result in mass co-creation. Following Wood’s ideas, crowdsourcing is a mode of production, and as such it combines elements of Taylorism (splitting up working packages into small chunks like in Mechanical Turk) with a tender technique often used by creative buyers: let the service provider first show what their solution would look like and then decide whether it’s fine for you and worth some of your money. Jeff Howe uses the name ‘open call’ for this. It’s open neither the caller, nor the called are obligated to anything. The called is free to answer, the caller is free to accept the answer. Reading Jeff Howe’s crowdsourcing blog, you can easily get the impression that he touts crowdsourcing as a way to get out of the recession. But at what price? Brabham has the answer: ”Proportionately, the amount of money paid to the crowd for high quality labor relative to the amount that labor is worth in the market resembles a slave economy.” {Brabham 2008@83}

Surprisingly, Brabham is very optimistic about the civilizing potentials of crowdsourcing. “I am eager to see us learn from the successes and mistakes of crowdsourcing so that we can apply the best principles to the non-profit world and in the fight for social and environmental justice. ” {Brabham 2008@87} Never underestimate scientists’ ingenuity. They can turn nuclear energy into an ecological blessing, advanced interrogation techniques into a humanitarian act and and war into a means for creating peace. But, please, using a “slave economy” technique as an instrument to “fight for social…justice”? Well, Brabham defines crowdsourcing as a two-pronged concept: “Crowdsourcing is an online, distributed problem solving and production model already in use by for–profit organizations such as Threadless, iStockphoto, and InnoCentive.” {Brabham 2008a} The key word here is: “problem solving”.

Brabham draws on theory (idea? modes?) of the “Wisdom of Crowds”, which basically states that ‘under the right circumstances, groups are remarkably intelligent, and are often smarter than the smartest people in them’ (Surowiecki, quoted by Brabham 2008). The new web-based knowledge communities and their knowledge culture would alter the operational modes of commodity culture. “Thus, there may be an immense amount of good that can come from the existing for-profit crowdsourcing applications in that we may be able to harness the intelligence-aggregating engine of the crowdsourcing model to blend commodity culture with social justice goals.” {Brabham 2008@80} There is a point.

But anyway. It’s not so much the social aspects that raised my interest in Brabham’s article and crowdsourcing. It’s rather the mix of centrality and decentrality, voluntary engagement and exploitation, individuals and masses, openness and propertization.

Brabham considers the crowdsourcing model as way to overcome limits and restrictions of the open source production model, for better or worse. The latter is characterized by “transparency and access in the design stage”, freedom from intellectual property law constraints, openness brings in new creative ideas, contributors donate labour for self-interested motivations (feel-good rewards, increasing social-capital, fun in problem-solving), ownership of production factors by contributors, non-proprietability of production results. {Brabham 2008@82} The hacker ethic, or better: hacker’s hypothesis is that the output in such collaborative open environments is superior to others and socially favourable.

The applicability of the open source model is however limited when it comes to the production of goods other than software, goods which require material pre-products with a price and physical production facilities. In the end, even the creativity of contributing social producers depends on pre-production goods with a price tag, at least those necessary for his or her personal subsistence.

Kazman/Chen use the term crowdsourcing in just this two-pronged way. A rather useless way of conceptualizing crowdsourcing is to define it as a synonym to commons-based peer production. Kazman/Chen use this definition in an article on the rather interesting “Metropolis Model”, which they conceive as a sucessor of for software-development models such as agile development, Rational Unified Process or waterfall model. “Crowdsourcing—the popular term for commons-based peer production—is used to create value in information technology, the arts, basic research, and retail business.” {Kazman 2009} I will discuss commons-based peer production in another blog entry. But for now: It is rather sloppy to define “crowdsourcing” as a production technique for proprietary services with the words “commons-based”. For Kazman/Chen, co-creation, crowdsourcing, commons-based peer production, community-based service seem to be synonyms. That certainly is a conceptual mess: “Examples of co-creation have emerged, from OSS to Wikipedia, Facebook, Amazon’s Mechanical Turk, and many other community-based service systems (CBSSs). Each is a complex software-intensive or software-enabled system co-created by its participants—the crowds.” {Kazman 2009@77}

Summing up, there are at least three different definitions of crowdsourcing used by scientists and journalists: In the first, narrow sense, crowdsourcing refers to a mode of production (or problem solving) in which — following Howe — a central firm harnesses selected contributions from individuals who respond to an open call for proposals. In a second, slightly wider sense, crowdsourcing doesn’t only call for individual proposals, but also includes self-organized collaboration amongst individuals of the crowd. Both definitions assume the propertization of the contributions of the called by the central organisational firm or actor, while the latter also assumes that collaborating individuals can produce more innovative results than the ingenious virtuoso. A third definition, the widest one, equals crowdsourcing to commons-based peer production. This definition however would almost level the conceptual differences between crowdsourcing and open source-like production modes. (More on that in subsequent posting.) The crucial differentiator to open source models is that the crowd’s product can be appropriated. Commons-based peer production-like crowdsouring would resemble something like software produced with an GPL libraries in an open-source way, but licensed with a Microsoft EULA.

———-

Here’s a preliminary scheme of production modes (I’ve left out crowdsourcing III, i.e. commons-based peer production-like crowdsourcing, as it doesn’t make sense at all.)

———-

References

Brabham, D C. “Crowdsourcing As a Model for Problem Solving: An Introduction and Cases.” Convergence 14, no. 1 (2008): doi:10.1177/1354856507084420. http://con.sagepub.com/cgi/content/abstract/14/1/75.

Brabham, D C. “Moving the Crowd at Istockphoto: The Composition of the Crowd and Motivations for Participation in a Crowdsourcing Application.” First Monday 13, no. 6 (2008): 1-22. http://firstmonday.org/htbin/cgiwrap/bin/ojs/index.php/fm/article/viewArticle/2159/1969.

Howe, J. “The Rise of Crowdsourcing.” Wired Magazine 14, no. 6 (2006): 1-4. http://www.wired.com/wired/archive/14.06/crowds_pr.html

Kazman, R, and H M Chen. “The Metropolis Model a New Logic for Development of Crowdsourced Systems.” Communications of the ACM 52, no. 7 (2009): 76-84. http://portal.acm.org/citation.cfm?id=1538788.1538808

more magazine articles on Crowdsourcing: http://crowdsourcingexamples.pbworks.com/Acknowledgements-and-Sources

Wired’s series on Crowds: http://www.wired.com/techbiz/media/news/2007/07/assignment_zero_all

When Germany’s leading webpolitics site netzpolitik.org brought the message (“Toll Collect wird offen”), its leading brain Markus Beckedahl asked his broad and usually helpful audience how, with which tools and techniques some 10,000 pages of contract papers could collaboratively be analyzed to quickly find the rascalities that everyone was expecting to find there. I was split on whether this could work out or not, whether such a task is suited for social ad-hoc collaboration or not.

Back in 2004, I was working with a

small team of consultants for an ICT provider that was about to louse up an e-government project and thus wanted external expertise to learn what was going wrong. After days interviewing key persons, on-site inspections and analysis of key-documents it was obvious that the ICT provider had developed a prototype that simply didn’t meet the specifications of its clients. Worse, no one actually knew exactly which features should have been implemented in the first place.

It turned out that the contractual basis for the project consisted of a dozen of substantially different contracts between the ICT provider on the one hand and distinct German bundesländer (federal states) or groups of them on the other. As no one had thoroughly read the contracts before, the ICT provider had developed for two years and implemented functions they assumed they had to develop. Just to know how deeply they were in trouble, some several thousands of pages of contract paper had to be reviewed very rapidly. On the one hand, you have to dive deep into the text to understand it, but you also have to get an overview to get into the complexities of such set of contracts—a task you simply can’t split up and delegate to several persons. On the other hand, some tasks were handed over to trainees. They were gathered in a small lab, got copies of text analysis software installed on their desktops and created series of reports and text extracts. Those more senior cared about the overall strategy and the big picture.

In a sense, crowdsourcing is similar has similar characteristics. It is a mode of production that invokes a coordinating center and supportive helpers. The poster-child of web-based collaborative production, Wikipedia, is steered by the Wikimedia Foundation, a small organisation with 34 employees and $5.6 million turnover (or expenses) per year. Analogue foundations are set up for regional Wikipedias in more countries all over the world. Tens of thousands of contributors are coordinated by this central organisation and its national siblings. Notwithstanding this centre, Wikipedia’s contents are more the result of more egalitarian modes of production than created in a crowdsourced mode. But what is crowdsourcing then actually?

Jeff Howe, who allegedly came up first came up with the term “crowdsourcing” with his 2006 Wired article and acts as its evangelist ever since, has two definitions of crowdsourcing: a “White Paper Version: Crowdsourcing is the act of taking a job traditionally performed by a designated agent (usually an employee) and outsourcing it to an undefined, generally large group of people in the form of an open call.” And then a “Soundbyte Version: The application of Open Source principles to fields outside of software.” (Jeff Howe’s Blog) I would prefer a more generic definition that doesn’t see crowdsourcing just as the activity of outsourcing to the crowds, but as a distinct mode of production that is characterised by a designing and controlling center and the production at the edge by “an undefined, generally large group of people in the form of an open call” (ibd).

A prominent example of political ad-hoc crowdsourcing was launched earlier this year by the Guardian. The British daily had within a few days set up an web-based system, which enabled interested users to participate in a distributed analysis of MPs’ filed expenses. Users could contribute to the overall effort of reviewing 457,000 pages in total, and select and review a few of them. The designers of the crowdsourced solution admitted later on that “keeping up the interest is hard” (http://www.slideshare.net/simon/crowdsourcing-with-django). Too hard, obviously. Hardly 50% of all the documents online have been reviewed by the reading electorate. (Guardian)

It is helpful to know the limits and potentials of crowdsourcing. The recent debates about Wikipedia (Wall Street Journal) point at generic problems of social production: accuracy, breadth and reliability. In a sense, any organisational form has to struggle with these targets, yet crowdsourced production models are especially prone to run into difficulties with these organisational targets. For products to be reliable, modern production techniques comprehend quality management, training and certified qualifications—nothing a person working for free and for fun is too keen on. At commercial organisations, breadth of service offering is guaranteed by economic interests of service providers—more services, higher revenues, higher profits. For crowdsourced endeavours however, breadth of service offering implies more unpaid, yet somewhat differently compensated work. Wikipedia has to go on road-shows to sell work to others. This is not an option for smaller projects. Guardian’s crowdsourced expenses intelligence system seems to have stalled as the respective discourse vanished from news headlines.

Another approach to crowdsourcing involves payments for the work of the amateurs, as can be seen on websites such as iStockphoto. Crowdsourcing here creates “distributed labor networks [that] are using the Internet to exploit the spare processing power of millions of human brains” {Howe 2006}. Mechanical Turks so to speak, according to Amazon. This is the name for a “Human intelligence tasks” (HIT) brokerage website owned by Amazon. (Mechanical Turk) The seekers for these Mechanical Turks have “access to a global, on-demand, 24 x 7 workforce” that only gets paid “when you’re satisfied with the results”. A capitalist’s dream come true. According to Jeff Howe a “network of passionate, geeky volunteers could write code just as well as the highly paid developers at Microsoft or Sun Microsystems”.

The the underlying principle of crowdsourcing is “to connect with brainpower outside the company”. By R&D crowdsourcing, businesses can find people who could assist them in developing products and decrease time-to-market. {Howe 2006} On Innocentive, so called solution seekers “pay solvers anywhere from $10,000 to $100,000 per solution”. Many of these solvers allegedly are hobbyists or undergraduate student. One of Howe’s interviewees stated, “We have 9,000 people on our R&D staff and up to 1.5 million researchers working through our external networks”. An R&D managers dream come true.

Now, as the mode of crowdsourced production has been around for a few years, it is used in a range of markets. Anjali Ramachandran of London-based consultancy Many By Many has set up a wiki that enlists the types of businesses that currently make use of this mode of production. She categorizes them into four groups: “1. Individual businesses or sites that channel the power of online crowds 2. Brand-sponsored initiatives or forums that depend on crowdsourcing. I’ve included those that are no longer active as well, for reference. 3. Brand initiatives that allow users to customise their products, 4. Brand-sponsored competitions/challenges focussed on crowdsourcing”.

But what about crowdsourcing in politics? The ideal of a democracy is quite the opposite of a sheep market—a felicitous word for crowdsourcing coined by artist Aaron Koblin, who used Amazon’s Mechanical Turk in one of his art projects. (Interview with Koblin in Wired)

Mary Joyce has summed up the problems of applying crowdsourcing in politics or political activism. The definitional key of crowdsourcing is, “the task is defined at the center, produced at the edge”. (digiactive)

To come back to Wikileaks, Toll Collect and the call for collaborative contract analysis by netzpolitik.org: Such a thing wouldn’t turn out to be a crowdsourced net activism. While some nodes in bottom-up political networks will be more influential as others, none of them will be so influential to become the node that controls all the process and chops up the project into small chunks for the masses, into HITs. Or, to use the analogy of Aaron Koblin, to turn net freedom activists into sheep. A differentiator between crowdsourcing and peer production is the frequency and intensity of relations among the smaller nodes. Wikipedia’s problem might be that they have morphed from a peer-to-peer production model to crowdsourcing. And, by the way, it’s peer production, not crowdsourcing that is going to have an impact on existing political institutions.

Readers of netzpolitik.org came up with only a few suggestions how this massive contractual framework could be collectively analyzed. The aforementioned Guardian solution (presentation of the developer on technical details) was mentioned. Another approach is Bundestagger.de, a web platform that provides an API, the ability to comment and tag certain text passages of plenary session protocols of the German Bundestag.

A third user recommended to just use “grep”, the Unix command line tool to search text files. But nothing was ready to go. A day or two later, heise.de journalist Detlef Borchers, a notorious critic of German eGovernment projects gone wrong, had already published an article with key statements of the contracts. At such complex tasks, nothing beats a dedicated professional with attitude. As someone who makes a living with selling his computational brain cycles, I’m relieved. But where does it leave social ad-hoc investigation? Is there still some collaborative analysis going on in this matter? Maybe peer-produced net politics just needs more time to develop more effective tools and techniques.

Update 4.12.2009

“Given enough eyeballs, corruption and waste are similarly shallow problems.” (Brito, J. 2008. Hack, mash & peer: Crowdsourcing government transparency. Colum. Sci. & Tech. L. Rev. 9:119-122. http://www.stlr.org/html/volume9/brito.txt.)

Britain’s new Internet law — as bad as everyone’s been saying, and worse. Much, much worse. – Boing Boing Including 3-strikes, stricter video-game ratings, ISPs forced to deliver data with content industry, business secretary gets carte blanche to come up with stricter regulations.
“It’s a declaration of war by the entertainment industry and their captured regulators against the principles of free speech, privacy, freedom of assembly, the presumption of innocence, and competition.” (BoingBoing)

US
The cyberwar plan, not just a defensive game – Nextgov
Stupid headline – who would think that cyber-warfare is about defense only.
„Computerized tools to penetrate an enemy’s phone system“, „computer viruses and malicious software programs that can disable electrical power systems, corrupt financial data, or hijack air traffic control systems“, „cyber-intruders have probed our electrical grid“ (no, not the squirrel terrorists), “we’d have cadres of people who’d know how to do that”, “Military forces fight for the ownership of that domain [cyber-battlefield]“, “Defense Department graduates only about 80 students per year from schools devoted to teaching cyber-warfare”, ” proposed building a military “botnet,” an army of centrally controlled computers to launch coordinated attacks on other machines”. “The risk of losing control of a weapon provides a powerful incentive not to use it”

See also: National Journal Magazine – The Cyberwar Plan

Who’s in Big Brother’s Database? – The New York Review of Books
Degree of surveillance measured in electricity bills: 70 millions per year http://bit.ly/3DwW49

Information Security News: NIST Drafts Cybersecurity Guidance
“tackling criticism that federal cybersecurity regulations have placed too much weight on periodic compliance audits”; “more onus on applying risk management throughout the lifecycle of IT systems”. Yawn.

[ISN] Inside the Ring – Chinese, Russian cyberwarfare
Like nuke-counting in the eighties.
Noteworthy: a new Cyber Security Alliance 14 tech firms form cybersecurity alliance for government — Government Computer News

Australia
Australian government overhauls national cyber security arrangements – Government & Policy “against increasing online espionage and attacks on critical infrastructure”, new CERT Australia, Cyber Security Operations Centre (CSOC), details undisclosed

EU
Automated Social Networking Surveillance Systems Statebook is going to be developed!?

====
How the Internet Ruined Newspapers, TV, Music, Movies, Microsoft – Newsweek 2010, The Internet: A Decade of Destruction – Internet Use/New Technologies „wherever companies were profiting by a lack of transparency or a lack of competition, wherever friction could be polished out of the system, those industries suffered“ – What about national political institutions (in the wider sense) then?

The legitimacy of the parliamentary democracy stems partly from the problem of aggregating individual interests into societally binding decisions. Technology might act as a game changer here. Moreover, the potentials of social technologies appear to be so enormous and presumably inline with majorities interest, that it is hard to envisage how the the currently predominant political system in western societies, representative liberal democracies, will remain unchanged. That is unless no massive backfiring by plutocratic interests—in opposite to democratic interests—will set in. Which will, dead certain, happen or better: does happening right now. Even mainstream media is starting to get it: Germany’s conservative daily FAZ (Frankfurter Allgemeine Zeitung) had an article today titled: „The state is reclaiming the net“ (in German, though). Baseline: There is a global trend driven by states to get the internet into their hands. Indeed. But that’s only one part of the story.

Wikileak has just published 10,000 pages of one of the best hidden secrets in German politics in the last couple of years: the contracts between the Federal Republic of Germany and Toll Collect, a joint-venture of Daimler-Chrysler, Deutsche Telekom and Cofiroute. Toll Collect had developed a fully automatized system to collect tolls payable for utility vehicles on the German autobahnen. The system consists of integral boxes with GPS receivers and obligatory for any utility vehicle driving on highways, a system of physical bridges receiving information from the boxes as well as holding cameras with OCR technology to identify potential free riders.

(In the Netherlands, there is currently a debate about a comparable toll-collect system for any vehicle. The early promises that the foto&OCR system would only and exclusively be used for toll-collection purposes have long been forgotten. By now, it also serves as a public surveillance technology.)

While the system by itself is a solid piece of engineering, it has been criticized for its non-pragmatical, overly ambitious and expensive approach. The biggest burden for federal finances however was caused by a delayed roll-out of Toll Collect’s solution, as billions of toll revenues didn’t made their way to federal accounts. While one would assume that a decently brokered contract would provide indemnifications by the service provide for the purchaser, this hasn’t allegedly been the case with Toll Collect. While politicians ranted about Toll Collect’s failure, the federal government acted as if it didn’t really want to get compensations from Daimler-Chrysler and Deutsche Telekom. In addition, the secrecy of the contracts for the operation of the toll collect system has aroused suspicion from the onset.

Wikileaks has become a major obstacle for those who are in favour of a plutocratic interpretation of democracy and it’s proneness to behind-the-curtain deals. Some private-public partnership and cross-border leasing deals would have had more difficulties in passing legislation if municipal, state or federal parliaments had known the contracts beforehand and been able to understand them. Regulatory capture precludes secrecy and intransparency of bureaucratic and managerial activities. Stern.de, a Bertelsmann subsidiary product, has called Wikileaks the „Robin Hood of the Internet“ (German). His popularity and his fate are legend.

While a lot has changed since those times, post-noble dukes still don’t like being ridiculed by mere peasants. These days, business interests feel plagued by flash-mobs and are weakened by the ability to organize labour interests by social technologies, maneuverability of national governments is reduced by the abililty to instant vet governmental activities (if public knowledge brokering services like Wikileak continue to grow), and mass media has suffered some dents in their credibility by their reduced use of investigational methods and easy alignment with business and government interests. These actors are those who a are set on a slippery slope, who are in descent. For them, the biggest problem is three-fold: technically enhanced trooping and rallying by like-minded interests, social motivation, the ease of achieving transparency by, say, Wikileak, and the ability of social investigation. But then, state institutions dominate the spheres of law and law enforcement. Laws and law enforcement are the tools for vested interests to make their wills publicly binding. We might very well see legislation upcoming that would go beyond some kind of Prohibition on the internet. Some vested interests would rather prefer thick digital walls and high barbicans.

My focus currently is on bottom-up processes to provide internet security, like task-forces and working groups that are set up in an ad-hoc manner to tackle with the lates security phenomenon. Academics, engineers, experts and geeks from all over the world collaborate to provide. The way in which they are addressing security problems resembles what could be called peer production of internet security. My interest is to learn to what extent this mode of security provisioning is used, the settings in which we can observe it and whether this mode is sustainable or not. And how this all relates to internet security and the overall structure of internet security in general.

The internet is a tool that already has fundamentally changed business processes and business models. It is too early to tell what its long-term impact on societies and politics will be. Debates about ‘freedom’ on the internet have been going on for a while, such as if and how the internet fosters freedom of expression, or how authoritarian internet governance approaches could suppress individuals’ rights. The practices of internet security provisioning will have decisive consequences for the shape of ‘freedom’ on the internet.