[kictanet] (Warning: high risk of targeted Social Engineering Virus!) Fwd: [Internet Policy] A summary of the report of the UN High-Level Panel on Digital Cooperation

Patrick A. M. Maina pmaina2000 at yahoo.com
Fri Jun 14 02:19:58 EAT 2019


 Dear Grace, Listers,

What I am noticing (and it's quite concerning) is an attempt to divert attention away from the high-profile information security risks that I have raised - rather than to address the substance of the issues.

1. Are we comfortable with the idea of unofficial versions of important policy-related documents that have not been independently vetted or certified - and which are targeted at "time-poor (sic)" policy practitioners? 

2. Are we not concerned that such an approach promotes the entrenchment of high-risk habits that prime policy practitioners for targeted disinformation and malware?

3. What is the basis for concluding that policy makers / practitioners cannot understand plain-language documents? Is there a study that shows this? 

4. In the case of https://digitalcooperation.org/ report , what is wrong with their official 4-page Executive Summary which is plainly written, in six UN languages)? 

5. Are we OK with the risks of a non-institutionalized framework (without independent checks and controls) that purports to simplify things for policy practitioners who may not have time / inclination / capacity to ascertain the veracity of the dumbed-down information? 

Does this not contribute to further entrenching corruption and nepotism even deeper - by hiding the associated problems (e.g. incompetence), as well as creating avenues for third party manipulation of policy agendas? 

5. Do we not care about: The methodology are they using to summarize? Where did it come from / how was it made? The basis for choosing what is important and what is not? Do they have a vetting framework? How do they choose what reports/event to cover or not to cover? What tools do they use to create & scan the document? Do they have resources to protect themselves from being targeted as unwitting virus dissemination vectors?
These are legitimate professional issues. Anyone care to give a professional response?
Brgds,Patrick.

Patrick A. M. Maina[Cross-domain Innovator | Independent Public Policy Analyst - Indigenous Innovations]

    On Friday, June 14, 2019, 1:25:56 AM GMT+3, Grace Bomu <nmutungu at gmail.com> wrote:  
 
 Careful Patrick. The same questions may be asked of you- who are you and what is your interest?

On Thursday, 13 June 2019, Patrick A. M. Maina via kictanet <kictanet at lists.kictanet.or.ke> wrote:

 As I read some worrisome replies here, I'm starting to wonder... have foxes been guarding our hen-house? 

Brgds,Patrick.

    On Thursday, June 13, 2019, 5:58:36 PM GMT+3, McTim <dogwallah at gmail.com> wrote:  
 
 Hi, Let me help you.

On Thu, Jun 13, 2019 at 10:38 AM Patrick A. M. Maina via kictanet <kictanet at lists.kictanet.or.ke > wrote:

 Listers, 

This model of "don't worry, we'll read the policy/research for you and summarize" (i.e. dumbing down research & policy for negligent/lazy/disorganized policy practitioners) is very dangerous in many ways. It is not a wise solution to "tl;dr" (too long didn't read) and should be actively discouraged. 



Nonsense, it is extraordinarily useful.

 
Rationale: (and I invite cyber-security and internet safety experts to quip in with their thoughts/perspective please):
1. The idea of unofficial versions of important policy documents that have not been independently vetted or certified - and targeted at "time-poor (sic)" policy practitioners - should trigger alarm bells in this day and age. In the case of https://digitalcooperation. org/ report , what is wrong with their official 4-page Executive Summary which is plainly written, in six UN languages)? If policy practitioners can't understand it, perhaps the question to discuss is whether we have a competence problem?



Yes, it is a competence problem.  I prefer the Sam Dickinson version....always.
She is a trusted and experienced practioner, knows the politics and policy inside and out.

 

An experienced, high-profile internet policy consultant should know this and avoid doing it because it promotes the entrenchment of high-risk habits that prime policy practitioners for targeted disinformation and malware.


It is part of her business model.

 

2. The premise of Nissaba.net is that official policy documents are too complex or too long. 

no, not the premise.  The premise and biz model is that she goes to Geneva and sits through week long events so I don't have to!
 
So Nissaba.net hopes to attract the tl;dr audience (people who don't like reading or are cognitively lazy or presumably are "too busy" to read important things that affect them). Do you see the danger here? 


I only see the upside. 
This model gives the site owner(s) immense power as an information gatekeepers and influencers - with a target audience of cognitively lazy (or negligent) individuals. 



nonsense.   

This kind of high-profile nannying, if deemed necessary due to realities like nepotism/corruption (which guarantee incompetence) is something that can only be done credibly by transparent multilateral organizations that have independent checks and measures. Policy activists should be combating incompetence - not enabling it.

3. Besides the raised concerns above, there needs to be clarity on: What methodology are they using to summarize. How do they choose what is important and what is not? Do they have a vetting framework? How do they choose what reports/event to summarize and what not to cover? What tools do they use to create & scan the document? Do they have resources to protect themselves from being targeted as unwitting virus dissemination vectors?



OH FFS.  If you are paying, you get to ask these questions.  If you aren't a client of her consulting biz, then you don't get to ask these questions!

 

4. Why is she not running this as a non-profit organization that can be subjected to non-profit rules and scrutiny?

Becasue there is no way to raise funds for an NGO?  Why are non-profit rules and scrutiny better? 
 Her credentials and incredible levels of access (and exposure) don't paint her as a blundering amateur. Is this the result of reckless negligence or an excited rush to implement a half-baked idea?
 neither
 
It doesn't make sense. What's going on?


it makes total sense if you understand that she goes to events and reports on them as part of her consulting biz.
 

5. If she got the idea from somewhere, she should have consulted the idea originator for implementation (execution)  strategies that would not increase the danger of turning a bad situation into something far much worse. It could be that the idea originator (if not her) protected the idea by not reveling the most critical aspects of its execution.



it is not a bad situation.


 

We cannot claim to be promoting internet health - and then we appear to do things that worsen internet health, just because we are known/trusted in policy circles!

This does zero to worsen Internet "health"...whatever that means! 

What am I missing here?



the point man, you are missing the entire bloody point! 




-- 
Cheers,

McTim
The 'name' of a resource indicates *what* we seek, an 'address' indicates *where* it is, and a 'route' tells us *how to get there*.  


-- 
Grace Mutung'u 
Skype: gracebomu
@Bomu
PGP ID : 0x33A3450F


  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20190613/87841b50/attachment.htm>


More information about the KICTANet mailing list