Insurance companies that are excellent from a customer’s perspective will still need to have operational excellence. This is necessary because efficient processes enable affordable premiums. The challenge is to make the operational excellence “invisible” for the customer, to treat the customer in such a way that he or she doesn’t notice the processes needed to deliver the service. Ideally, there’s a lean machine on the inside, while customers get the feeling they are receiving personally tailored service. This requires thought about where the “machine” part of the processes ends and the “human”, emphatic part begins. Not everything that can be done by software should be done by software. The telltale sign that the proportions are right is the customer enjoying a pleasant experience.

How can such a combination of operational excellence and customer intimacy be achieved?

Big data is an important tool to achieve this. Now, it really is possible to have an intimate relationship with the customer. However, this can only come about if several preconditions are fulfilled. Firstly, you must be highly compliant. Secondly, and most crucially, you should proactively contact pressure groups such as Bits of Freedom, EURM or the Chaos Computer Club. You can ask them to ask you difficult questions about how you handle privacy and protect the secrecy and integrity of the customer data that you use. You can also discuss the legitimacy of the goals you use the data for. The same must be done with customer focus groups. In the end, much of what can or cannot be done is dependent on individual preferences. You should enable and encourage an informed customer choice about when to supply what data. Don’t make assumptions about what customers prefer, but ask and validate. Fourthly, data should always be protected and encrypted to minimise the chance of anyone gaining illegal access. Finally, the hard- and software that you use should come from suppliers that are demonstrably not associated with any illicit eavesdropping, be it by corporate or government organisations. Insurance companies may struggle to put all of this into practice, not least because they have to deal with a lot of legacy hard- and software. This complexity is unavoidable, and you should be super-transparent about it.

The important thing here is that you “live” your data philosophy, not only in communication but also in visible behaviour. Be explicit about what level of assurance regarding data is possible today, and how that’s going to improve over the next few years. Have a credible road map for getting to the technical solutions that are needed. And again, get into contact with opinion leaders. Invite them to a dialogue to design a code of conduct, organise an employee training day on internal compliance together. It’s bound to be educational for all involved. If you act on your good intentions in this way, there are still going to be blow-ups because of data problems. But even then, a good relationship with opinion leaders will help enormously in containing the damage.

You also said American companies are at a disadvantage in terms of reassuring customers worried about privacy because of the nature of US privacy laws and the scandals surrounding the NSA. Does this also mean you see new business oppor­tunities for European insurance companies?

Sure. European insurance companies could provide “privacy-strong” ISP services, data centres or cloud space guaranteed to be compliant with Article 12 of the UN Charter. And what about a “safe Facebook”? What about a service that says to the customer: we will help you leave Facebook behind you? Moreover, providing high-privacy/ security online services to (European) customers is not only a business opportunity for the insurance sector, but also a great way to show leadership in socially responsible entrepreneurship. The privacy issue will only grow as more of the 78,000 plus documents from Snowden are released (so far we’ve seen only about 200, and the best is being saved for last). Insurance companies can work towards being the trusted parties by way of clear moral leadership on customer interaction and care of data. Such companies would surely also attract some of the most talented and motivated employees: everyone wants to work for companies that are seen to be leaders.

• “He is a really inspiring person with a truly interesting vision for IT and the insurance business.”
• “Thank you, Arjen! Your presentation was refreshingly blunt and, in my opinion, realistic. I think Eurapco showed courage inviting you to speak about things most of us want to ignore.”

‘Refreshingly blunt’, best compliment I’ve had in a long time 😉

NSA intell goldmine, who else has access?

<ook op Sargasso.nl en HuffPo UK>

Shortly after the initial release of some documents from whistleblower Edward Snowden I wrote a little summary about the IT-policy implications for Europe based on earlier columns. A lot of additional documents have come out since then and we can basically conclude that almost every computer system on the planet is fully broken or at least very vulnerable to NSA interference or manipulation.

Nobody, including the NSA, Edward Snowden, Glenn Greenwald has a total oversight of all the in the tens of thousands of documents let alone the political or strategic implications of the info contained in them. Most of the news keeps focusing on the ‘scandal’ aspect and/or the person of Snowden. Being angry at the US government (practised by most opponents) and attacking the person of Snowden (a favorite of apologists of the US regime) distracts from defining adequate policy responses and so far there have been precisely none in Europe. This constitutes a massive failure of the various EU governments to protect their citizens’ rights and the economic sovereignty of their nations. It is also strange in light of the fact that an adequate policy response had already been formulated in July 2001 and really just needs to be implemented.

But every now and them the disinfo spread by some apologists for the behaviors of the NSA is useful for understanding how much worse the situation may just turn out to be. This article by a former NSA employee is a nice example of an attempt at smearing the whistleblower while actually digging the hole the NSA (and the US regime) is in much, much deeper. The piece claims Snowden secretly worked for Russian intelligence all along. While I do not share the authors views on Snowden’s motivations or allegiances the suggestion that outside organisations could have agents inside the NSA has some interesting implications.

If I understand the gist of this post correctly there is a much bigger breach than one would conclude based on the mainstream news from the Guardian. Not only can (and does) the NSA collect pretty much everything anyone does in the digital realm by breaking systems and breaking into systems. They then are unable to protect this sigint goldmine from falling into the hands the agents of foreign intelligence organisations. So now all our data is in the hands of both the US and Russian governments. This begs the question what other organisations have deep-cover moles inside the NSA using its infrastructure to do the hard works of global sigint for them? The Chinese government? A South-American drugs Cartel? Private Military Companies? Journalists-activist-terrorists? Goldman Sachs? The implications are astounding.

If what this academic-with-the-columnist-style says it true the disaster is exponentially much bigger than it would initially appear to be and this has very little to do with any ‘damage’ to the US image (it’s got nowhere to go but up by now) or its ability to ‘do’ intelligence. First America gave the world the Internet as a global comms infrastructure and now it has given an unknown number of completely unaccountable actors the keys to this infrastructure to do with as they please.

A Russian/Chinese/Israeli/Iranian spy will benefit both from the sigint collected by the NSA systems and even more from the info about what the US Intelligence community is (and is not) looking at. They could maybe also manipulate the collection process to steer the NSA away from things they would like to remain unseen. Any serious spy organisation would spend a lot of resources on creating that ability since the US has made itself totally dependent on signals intelligence as opposed to humans in the field who speak languages and understand cultures.

If the NSA has created a global spying machine whose output they cannot control perhaps it would be best to shut the whole thing down today. This would also have the additional benefit of respecting the human right of privacy (as described in Article 12 of the universal declaration of human rights) for most of humanity.

On Journalistic integrity

(deze blog startte als een mail naar Jeroen Wollaars, medewerker van de NOS n.a.v. een twitter bericht van zijn hand – staat ook op Sargasso.nl met veel reacties en discussie, reactie van Jeroen Wollaars. Mijn reactie daarop iets ingekort voor leesbaarheid hier – volledige mail hier. Deze blog ook op geenstijl, onze server had een drukke zondag … 😉

Hi Jeroen,

Yesterday you felt it tweet-worthy that Russia Today TV had cut off a guest who used the platform he was given not to discuss the Bradley Manning trail but instead staged a protest against the horrible LGBT-rights situation in Russia. This incident was to you ‘proof’ that RT could not be trusted as a good information source in other things. As a reference you picked the Dutch newspaper ‘De Telegraaf’. This, in my view, was a rather unfortunate choice since this newspaper has itself a long and sordid history of collaborating with the German occupation, misinforming of misrepresenting world events and generally being a publication that only cares about human rights when it suits their political agenda. All in the tradition of FOX-news and the Daily mail.

At OHM2013 I talked about implications of accelerating tech, some ways to understand the various crisis we’re in right now and some questions we can ask about the strange things our governments seem to be up to these days.

I was critical of most western ‘mainstream’ media because they see quite incapable of asking basic questions such as: “why are we putting Bradley Manning on trial and not the helicopter-gunner who shot up over a dozen civilians including children?” Shooting at children with an anti-tank gun and then lying about it to the world is probably a war-crime, certainly something worth digging into in the context of a war that itself has been started based on lies.

After more than 10 years the organisation you work for seems quite incapable to even come up with the proper questions relating to the greatest western war-crimes since 1945 (let alone have the guts to ask them). This despite the fact that you are paid for, by the public, to inform that public about the world. This so we can make better-informed choices when we go to vote or protest the people we voted for last time.

It is the kind of simple question that RT.com *does* ask (or allows their guests to ask) on-air. And for this reason I find them a good source of information/insight with respect to Western policies and activities. And when discussing getting good information on these policies I was asked what I considered a good source and so I said: RT.

I do not *prefer* using a Russian-state-funded TV channel to get my info about what the West gets up to in Asia or North Africa but the utter failure of organisations like the NOS (and BBC, etc, etc) leaves me with a distinct lack of options. Instead of critising RT for not being the news organisation you would like them to be you really should look for solutions closer to home.

So for somebody like yourself, employed by an organisation that is supposed to ask tough questions but does not (for whatever reason) to use that single incident using that particular source to ‘prove’ a point is, to be quite frank, laughable and sad. Understanding that Twitter is not good for nuance my reaction to your tweet was therefore in kind.

Before and during OHM2013 I did several radio interviews, including with some of your colleagues. Every time I was asked if the hacker-community was a bunch of (cyber)criminals. This despite the fact that in 24 years of Dutch hacker events not a single crime has been reported. I considered to reply with the return question if all journalists where corporatist-warmongering-whores. Obviously this would be somewhat hype as well but at least it would be hype with *some* basis in fact.

During the interviews your fellow journalists seemed to be most baffled by the fact that Julian Assange was happy to spend a full hour talking to our community while they were getting no responses at all to their repeated interview requests. I hope the above shines some light on this situation.

You state your job is listening. I would suggest it is also asking questions and providing context. Taking half a answer out of a 45 min lecture seems to be neither to me.

So about the listening (and asking questions); What is your view on the lack of questions being asked about proven NATO war-crimes and the current war on whistle-blowers & journalists? Would you ask the question:

“Why is Manning in prison, after being tortured (according to the UN), for informing us about war-crimes while the perpetrators of said war-crimes are free to fly/command more Apache helicopters?”

And if not, why not?

Given that my taxes pay your salary and our taxes pay for the bullets in those helicopters I suggest pursuing these kinds of questions (on live TV if possible) might be a better use of your time than tweeting about the possible lack of journalistic integrity of a foreign TV channel. And then some of us might even start referring to you as a ‘journalist’ (a title that one needs to earn, just as ‘hacker’), instead of NOS-employee.

I look forward to hearing your views on these matters. Feel free to forward this mail (without edits of course, you would not want to look like a Russian censorist).

The missed opportunity of avoiding PRISM

<originally a column for Consortium News>

On July 11th 2001 the European Parliament published a report on the Echelon spy network and the implications for European citizens and businesses. Speculations about the existence of this network of Great Britain-and-her-former-colonies had been going on for years but it took until 1999 for a journalist to publish a report that moved the subject out of the tinfoil-hat- zone. The report of the EU Parliament contains very practical and sensible proposals, but because of events two months later across the Atlantic, they have never been implemented. Or even discussed further.

Under the heading “Measures to encourage self-protection by citizens and enterprises” lists several concrete proposals for improving data security and confidentiality of communications for EU citizens. The document calls on Parliament to inform citizens about the existence of Echelon and the implications for their privacy. This information must be “accompanied by practical assistance in designing and implementing comprehensive protection measures, including the security of information technology“.

Other gems are the requests to “take appropriate measures to promote, develop and manufacture European encryption technology and software and, above all, to support projects aimed at developing user encryption technology, which are open-source” and “promote software projects whose source text is published, thereby guaranteeing that the software has no “back doors” built in (the so-called “open source software”)”. The document also mentions explicitly the unreliability of security and encryption technologies whose source code is not published. This is an issue that is a strict taboo in Dutch and UK discussions on IT strategy for governments (probably because certain major NATO partners might be offended).

Also, governments must set a good example to each other and their citizens by “systematic use of encryption of e-mails, so that in the longer term this will be normal practice.” This should in practice be realised by “ensuring the training and publication of their staff with new encryption technologies and techniques by means of the necessary practical training and courses.” Even candidate countries of the EU should be helped “if they cannot provide the necessary protection by a lack of technological independence“.

That one paragraph from the summer of 2001, when rational security policies had not yet been completely destroyed by 9/11, describes the basis for a solid IT policy that ensures security and privacy of citizens against threats from both foreign actors and the government itself (historically always the greatest threat to its citizens and the reason why we have constitutions).

Had these policies been implemented over the last decade then the PRISM revelations of the last week would have been met mostly with indifference. European citizens, governments and companies would be performing most of their computing and communications on systems controlled by European organisations, running software co-developed in Europe and physically located on European soil. An American problem with an overreaching spy apparatus would have been just that, an American problem – like teenagers with machine guns or lack of universal healthcare, just one more of those crazy things they do in the colonies to have ‘freedom’.

From the proprietary frying pan into the cloudy fire
Over eleven years ago, I was talking to Kees Vendrik (Dutch MP) about the broken European software market. Not only was it impossible to buy a brand laptop without having to buy a Microsoft Windows licence, it was also impossible to visit many websites (municipalities, railways and many others) without using Internet Explorer. The latter area has greatly improved and I can today lead my life using my OS and browsers of choice. The Dutch dependence on products such as MS Windows/Office has not really diminished however, despite all the wishes expressed by Parliament and attempts at government policies. Today it is not possible to finish secondary school as a student without owning and using several pieces of proprietary software. Imagine making a certain brand of pen mandatory for schools and picking a brand of pen that comes with a spying microphone (not under control of the user). That is the current situation in practical terms in the Netherlands and UK amongst others. Germany, France and Spain are doing slightly better by at least acknowledging the problem.

Meanwhile, the technological seismic shift that frightened Bill Gates so much back in ’95 (the web makes the operating system irrelevant) is fast becoming reality. Almost all new developments discussed by IT power players and specialists are web-based or based on open specifications and the most commonly used applications are running quite well as service in a browser.

So while the 15-20 year old problem of software dependency has never really been resolved (governments, with tens of thousands of IT workers, are still unable to wean itself off the familiar Microsoft technology stack), its impact is slowly becoming less relevant. Meanwhile, new dependencies based on ‘cloud’ providers are now proven to be even more detrimental.

Excessive use of proprietary software creates the risk of foreign manipulation and potential attacks on critical infrastructure (see Stuxnet). But at least if your systems are attacked in this way, there are some ways to track this. If you are working on the computer that does not belong to you, that is based in a foreign country and is managed by people you don’t know in ways you cannot check, it will be very difficult to have any control over what happens to your data.

The old assumption, that using local servers could be part of the solution, seems unfortunately to be an illusion under the post-9/11 Empire. All cloud services offered by companies based in the US are subject to US legislation, even if the servers are physically in another country. And US law is now somewhat, shall we say, problematic. With no evidence, but with an allegation of involvement in “terrorism”, systems can be closed down or taken over – without any warning or the possibility of adversarial judicial review. The term “terrorism” has been stretched so far in that anyone who allegedly breaks US law, even if they’re not a US citizen and even if they’re not in the US can still a deemed “terrorist”, just on the word of one of the many three-letter services (FBI, CIA, NSA, DIA, DHS, TSA, etc.). The EU was not happy about this but until the PRISM leak did not want to go so far as recommending its citizens and other governments to no longer use such services. PRISM is making it possible to at least have a serious discussion about this for the first time.

The long arm of the US Patriot Act goes even further than merely the servers of US companies on European soil. Thus domains can be “seized” and labelled: “this site was involved in handling child pornography“. Try explaining that as a business or non-profit organisation to your clients and (business) partners. Just using one .com, .org or .net extension as your domain name now makes you makes you liable under US law. All Europeans can now be seized from their homes for breaking US law. So a .com domain name makes your server effectively US territory.

We were already aware that proprietary platforms like Windows and Google Docs were not suitable systems for important things such as running public or critical infrastructure. However, now it turns out, that every service delivered through a .com / .org / .net domain places you under de facto foreign control.

Solution? As much as possible, change to free/opensource software on local servers. Fortunately there are quite a few competent hosting companies and businesses in Europe. Use local country domains like .nl, .de, .fr or, if you really want to be bullet proof, take a .ch domain. These are managed by a Swiss foundation and these people take their independence seriously. If you still want to use Google (Docs), Facebook, Evernote, Mind Meister, Ning.com, Hotmail or Office 365 – please do so with the awareness that you have no privacy and fewer civil rights than English noblemen had in the year 1215.

Fighting evildoers
A few months ago, a government speaker was defending the ‘Clean IT’ project at a meeting of RIPE (the organization that distributes IP addresses for Europe and Asia). Clean-IT is a European project of Dutch origin which aims to combat the ‘use of the Internet for terrorist purposes’. The problem with this goal is that ‘internet’, ‘use’ and ‘terrorism’ remain undefined, nor does it seem anyone is very interested in sorting this out. This lack of clarity in itself can useful if you are a government because you can then take a project in any direction you like. A bit like when data retention was rammed through the EU parliament in 2005 with the promise that it would be used only against terrorism – a promise that was broken within a few months. In Germany, data retention has now been declared unconstitutional and been abolished, while the Netherlands has rampant phone tapping, despite a total lack of evidence of the effectiveness of these measures. That all the databases of retained telecommunications data themselves become a target is not something that seems seriously to be taken into account in the threat analyses. All rather worrying for a government that is still usually unable to secure its own systems properly or ensure that external contractors do so.

Also, during the lecture on Clean-IT much emphasis was placed on the public-private partnership to reassure the audience. It’s strange that a government first makes itself incompetent by outsourcing all expertise, then it comes back after ten years and claims it cannot control those same companies, nor indeed their sub-contractors. The last step is then to outsource the oversight function to companies as well and reassurance the citizens: “We let companies do it! Don’t you worry that we would do any of the difficult technical stuff for ourselves, it’s all been properly outsourced to the same parties that messed up the previous 25 projects”.

Terrorism is obviously the access all areas pass – despite the fact that many more Europeans die slipping in the shower or from ill-fitting moped helmets than from terrorism. Moreover, we as Europeans have experience of dealing with terrorism. ETA, IRA and RAF were rendered harmless in previous decades by police investigations, negotiations and encapsulation. This was done without jeopardizing the civic rights of half a billion European citizens. Even when IRA bombs were regularly exploding in London nobody suggested dropping white phosphorous on Dublin or Belfast.

I hope that the pre-9/11 vision of the EU Parliament will be rediscovered at some point. It would be nice if some parts of the ‘Free West’ could develop a policy that would justify our moral superiority towards Russia, when we demand that they stop political censorship under the guise of “security”.

Backup plan: DIY
If all else fails (and this is not entirely unlikely) we need a backup plan for citizens. Because despite all petitions, motions, actions and other initiatives our civil liberties are still rapidly diminishing. Somehow a slow-motion corporate coup has occurred where the government wants to increase “efficiency” by relying on lots of MBA-speak and corporate management wisdoms that worked so well for the banking sector. The fact that the government’s primary function thereby evaporates does not seem to bother most civil servants. And meanwhile the companies themselves are apparently too busy making profits and fighting each other to worry about civil rights and other archaic concepts from the second half of the 20th century.

So rather than always trying to influence a political system that so very clearly ignores our interests, we can simply take care of ourselves and each other directly. This conclusion may not be pleasant, but it gives clarity to what we have to do.

One good example would be to have educational and civil liberties organisations providing weekly workshops to citizens on how to install and use encryption software to regain some privacy. These organisations should use their clout to get the slogan of “crypto is cool” on everyone’s lips. Technologists and designers should focus their energies on promoting the hip and user-friendly aspects of these pieces of software. This may be a lot more fun than lobbying ossified political institutions and actually provide some concrete privacy results.

Since 2006 I have ensured my own email privacy by no longer relying on the law, but by using a server outside the EU, SSL connection to it through a VPN tunnel entering the open Internet also outside the EU. I encrypt as many emails as possible individually with strong crypto (using Free GPG software). The fact that all those hordes of terrorists (who, our government asserts, are swamping the planet) have no doubt also adopted such measures – for less than 20 Euros a month – makes most of the low-level spying a complete and pointless waste of resources. Assuming the point truly is fighting ‘terrorism’ – something that is becoming a bit doubtful in light of the above.

Despite what some of the ‘but I have nothing to hide’ apologists say we have privacy rights and other civil liberties for the same reason we have a constitution. Not for situations were everything is OK but for those rare situations where things are not OK. Privacy is the last line of defence against governments who lose sight of their reason for existing (to serve their people). Privacy is therefore not the enemy of security but the most basic part of it. Because governments are much scarier than any would-be cyber-criminal or even terrorists. Criminals may steal some money and terrorists may kill a few people but when it comes to wars, mass repression or genocide you always need a government.

It is very obvious what European governments should be doing to promote the safety and security of their citizens and states. They already wrote it down in the summer of 2001. The fact that these measures are never part of any current ‘cybersecurity’ policy proposals should make people very suspicious, at least of their governments’ competence.

The above article was originaly written for and published on Consortium News. On June 22nd I was interviewed by Chuck Mertz from ‘This is Hell!’ radio (Chicago, WNUR 89.3 FM). The entire program of that morning is on the This Is Hell! site. My interview (all 52 minutes of it) is here.

OHM and other Three-Letter-Agencies

<originally a column for OHM2013.org – also on HuffPo UK> – video of The Great Spook Panel below this post

“Whatever you do will be insignificant, but it is very important that you do it.” – Mahatma Gandhi

This summer the Dutch hacker community, with help from friends all over the world, will organise the seventh hacker festival in a series that started in 1989 with the Galactic Hacker Party. The world has changed massively since then (we’ll get to that) but the goal of these gatherings remains the same: to share knowledge and ideas about technology and its implications for our world, have heated discussions on what we should do about the problems we see (sometimes well before many others see them), generally have fun in communicating without keyboards, and being excellent to each other.

Four years ago a somewhat unknown Australian hacker with some new ideas about the future of journalism gave the opening keynote at HAR2009. His site was called Wikileaks and some of us had a hunch that this concept might be going places. We had no idea just how far that would be…

Not long after the first gathering in the Netherlands in 1989, the Berlin Wall came down. While we can claim no connection, the interminable Cold War had finally ended and many of us felt, with the optimism so typical of youth, that world peace might just be possible in our lifetimes. We would go back to making rockets that went up instead of straight-and-level and other great things would follow.

Regrettably that was not to be. First the .coms imploded, then three skyscrapers in New York, and soon after that our entire economy turned out to be a sort of multi-level-marketing casino. The 3rd millennium has started with a bang that is still echoing around the planet. Since then we’ve seen the ‘free’ part of the world become rather un-free rather fast. “US Department of Homeland Security relaxing a ban on toenail clippers” would have been be a scary headline for someone in 1993 on several levels. But in 2013 it is just one of those things to which people have sadly become accustomed.

What happened? And is there anything we can do about it? Why not ask some of the people who were insiders with some of those three-letter-agencies-that-many-of-us-fear*, who left and are now speaking out often at great personal risk and cost. Five former insiders from different government organisations will all give talks about their experiences within various secret agencies and provide a historic context to what is happing right now.

The alphabet soup begins with ex-CIA Ray McGovern who is now an outspoken and indefatigable international peace campaigner. Ray will give a broad historic context based on his experiences as an analyst and presidential ‘daily-briefer’ during a career with the CIA that started during the Vietnam war.

Ex-FBI Coleen Rowley will talk about her experience working against organized crime and terrorist organisations at the FBI. She went public over the intelligence-sharing failures that allowed 9/11 to happen, and in 2002 was voted “Time” Person of the Year.

In a more recent case, ex-NSA and natural-born geek Thomas Drake and ex-DoJ Jesselyn Radack will discuss Tom’s whistleblowing case relating to his work for the NSA were he was managing very large information gathering projects. Tom was one of the first victims of the recent US push-back against whistleblowers under the reanimated 1917 US Espionage Act and was threatened with life in prison.

Annie Machon, a former intelligence officer for MI5, will discuss her experience working for UK’s Security Service against terrorist organisations, why she became a whistleblower about the crimes and incompetence of the UK spies, and how all of this relates to current developments both in the Middle East and the shredding of our civil liberties in the West.

To try to make sense of all these insights and figure out what we should do to get out of the mess, the five experts will discuss our options in a special “Spook Panel”, and you can join in. How can we resist, retain privacy and perhaps get back to a world where you can get on a plane without being prodded, scanned and forced to give up dangerous materials like mineral water?

It is easy and understandable to get depressed about the world today, but that doesn’t help. Hackers are people who do things. So join us, share your knowledge, creativity and talents to help figure out what we can do to fix this. New media, crypto, art, networks, music, blogging, fast & clever analysis of news and patient explanations of history & culture. We need it all and much more. And we need everyone to help out because while the freedom to play with tech is vital, the freedom to do so while not being subjected to ‘extraordinary rendition‘, torture, or drone-strikes is even more important.

The summer of 1989 was long, hot and free. Let’s make another one at OHM2013.

*⁾If you don’t fear these agencies you’re either not paying attention or you have a very boring life.

Installatie Commissie onderzoek elektronisch stemmen

Op 26 april 2013 is Arjen Kamphuis is samen met andere experts door Minister Plasterk (BzK) geïnstalleerd als lid van de Commissie onderzoek elektronisch stemmen (persbericht BzK). Deze commissie gaat onderzoeken of het mogelijk is het stemmen op papier te vervangen door een electronisch proces zonder dat daarbij de essentie van de democratie en de kieswet in gevaar komt. Zowel lokale bestuurders als belangenorganisaties van mensen met lichamelijke beperkingen dringen er op aan een alternatief te ontwikkelen voor het huidige papieren proces dat bij elke verkiezing in hun ogen voor veel problemen zorgt.

Tussen 1997 en 2007 was electronisch stemmen toegestaan maar deze toestemming werk teruggetrokken nadat uit onderzoek bleek dat de gebruikte systemen niet voldeden aan de essentie van de kieswet (stemgeheim en transparantie van het kiesproces).

Op Tweakers.nl en Webwereld.nl is de discussie over het onderwerp meteen losgebastern na publicatie van het bovenstaande persbericht. In de meer dan 175 reacties komen veel van de gebruikelijke misverstanden over de fundamentele problemen met electronisch stemmen weer langs. Ook naar IT-ers en computersliefhebbers is meer voorlichting over de complexiteit van het onderwerp nog noodzakelijk.

Interview op BNR radio op 1 mei 2013. Link naar mp3.

Eerdere publicaties over dit thema:

2008: publicatie in Digitaal Bestuur

2012: publicatie op Webwereld