One For All, or Free For All?

[Originally published in the Communications column for the Vanuatu Independent newspaper.]

One for all and all for one? Policy-making processes aspire to this, but where IT is concerned, it’s as often a free-for-all as one-for-all.

One of the biggest problems we face when we try to establish standards and policies around technology is that it extends into all sectors of society and the economy. This often results in very different views about – well, about pretty much everything.

Some people see ICT policy-making as a chance to pave the way for new business opportunities. Some see it as a chance to enhance the same moral, ethical and legal framework that currently defines their society; others see it as an opportunity for social transformation. Still others see it as merely a vehicle to define technical standards and protocols. Yet others see ICT as only one little egg in a much larger policy basket.

Getting everyone to agree on the process of establishing a national ICT policy, therefore, can be an exercise akin to herding cats and chickens all at once. Priorities are like noses: everyone’s got one, and every one of them is different.

The biggest battle usually arrives before a policy discussion can even start: Who gets to lead this little dance? It’s obvious enough that without substantive commitment from government, a national ICT policy hasn’t got a hope. But it doesn’t follow that the policy-making process falls exclusively within the government’s purview. Indeed, there are many aspects of ICT policy where government doesn’t need to – and arguably shouldn’t – play a role.

Online businesses, for example, are usually happiest when no one’s looking over their shoulder. Indeed, well-intentioned but misguided legislative efforts have done more to hinder online business than help it. The US state of Maine recently required that websites offering products and services to underage people must verify that their customers have obtained parental consent before selling them anything. That’s all well and good, but how exactly do they propose to accomplish this? Webcams? Phone calls? Even those can be faked.

That said, government oversight is often needed in order to ensure that people aren’t blithely left exposed to loss of privacy and identity theft. In an indictment revealed earlier this week, an American and two Russian hackers were charged with stealing over 130 million credit card numbers and owner details from a credit processing company that handles transactions for thousands of online stores. Security at New Jersey-based Heartland Payment Systems was so lax that the criminals effectively waltzed in, using the most trivial means to steal the data.

Industry-developed and driven standards exist for the management of online payment systems and credit card information management, but it’s obvious that whatever inspection regime may exist is woefully inadequate.

Whenever issues of online privacy, identity and trust appear on the radar, we inevitably find ourselves in a push-me-pull-you scenario where business sees any regulation as a threat to its bottom line and government finds itself struggling to express important constitutional values in practical terms. Meanwhile, parents, churches, privacy advocates and other concerned social groups tug the debate in all directions. Inevitably, something’s got to give.

That particular morass is just one tiny facet of a much larger conflict. Education too, often finds itself caught between the flood of newly-accessible information pouring in from the Internet and its own pedagogical processes. It’s a common affliction of education systems around the world that the kids end up knowing more about the technology they’re using than the teachers. There is often significant tension between those who insist on building the entire learning process anew and those who would simply throw technology pell-mell into the mix.

Public morality is another touchstone issue. On the one hand, we have those who would go to any lengths to ensure the safety of their children as they explore what often seems like an online moral wasteland. On the other, there are those who understand that every single tool that allows parents to monitor their children can be used for more nefarious purposes, too. Iran and China are the most obvious places where these same tools are used to control and suppress political and social dissent.

Conversely, the same encryption technologies that keep our online conversations private also protect purveyors of child pornography and other illegal material.

While government plays an important leadership role in determining how much privacy is enough, it must at all costs not be allowed to define and designate appropriate online behaviour alone. More importantly, independent defences against the worst abuses must be built into the mechanisms of Internet management from the start. There aren’t many politicians in the world that would do this without significant – dare I say pointed – encouragement from their consitituents.

Vanuatu has an energetic and ambitious IT community, and we feel it’s time to start thinking in broad terms about how we’re going to cope with the radical changes presented by the entry of high technology into our collective existence.

We can’t do it alone. But we can do it. Government has been toying for years with the idea of developing an overall ICT strategy, but as near as anyone can tell, the closest they’ve come was the fairly broad (albeit quite sensible) telecoms strategy that set the stage for market liberalisation in that sector.

The question of mandate has bedevilled its efforts to set internal standards and policies. The question becomes even more troublesome when we turn our focus outward at the nation as a whole. Who has the right to lead? Who needs to be part of the process?

Well, the short answer to both questions is the same: Who cares who leads; just make it an open, flexible process. In fact, little matters more than defining a transparent, open-ended mechanism for engaging with all sectors of society, and allowing it to take on this vast, amorphous challenge piece by piece over the course of years. Some aspects of the problem will prove intractable, others will develop such momentum that we’ll be tempted to throw obstacles in the way just to keep up.

But just as we’ve always done at village level, we need to keep talking. And talking. If we don’t, the process of developing an appropriate and manageable national ICT policy for everyone will resemble a free for all more than anything else.