Author Archives: Ton Zijlstra

Arsonists Walk Among Us

Playing politically on base emotions has consequences. Choice of words has consequences. It does not make the fear mongers and populists directly or criminally responsible, but it does come with moral responsibilities. If you consistently fan emotional flames you do bear moral responsibility for the resulting sparks and ‘singular unconnected’ fires. What British radio host James O’Brien says in the fragment embedded above about the UK, is as much true in Germany, France, Netherlands, Belgium, Hungary, Poland, Austria etc. I share his deep frustration.

The arsonists walk among us pretending to bring common sense and empathy, because “one should be allowed to say this after all, and high-time too”. They don’t go by the names of Schmitz or Eisenring, but it doesn’t take Max Frisch to point them out. The arsonists walk among us pretending it is some mythical Other that will take “what is Ours” and who will burn our house and institutions down. The arsonists walk among us, luring us with reactionary nostalgia for a country and a time that has never existed. It will be those arsonists however that end up setting things alight, not any ‘Other’.

The question is how much of a Herr Biedermann I will be, you will be, we will be, before we learn to send the arsonists packing.

Do we even know anymore how to do that?

The Burning of the houses of Parliament, October 16, 1834 by Turner
The Burning of the Houses of Parliament, Oct 16 1834, by J M W Turner. Image by Pete Jelliffe, CC-BY-SA

Data Sovereignty as Prerequisite for Open Data Agency

As we are living in a networked world, increasingly government bodies execute their tasks while collaborating in networks of various other stakeholders. This also happens when it comes to collecting, providing or working with data as part of public tasks. One of the potential detrimental side effects is that it quickly becomes unclear who can decide to open such data up. Or whether a government entity, who wants to publish data as part of a policy intervention, still feels able to do so. This ability to decide over your own data, I call data sovereignty. I think without proper attention, the data sovereignty of public institutions is under pressure in collaborative situations and a threat to the freedom of public entities to decide and act on their own open data efforts. This is especially problematic where the lack of data sovereignty hinders public entities in deploying open data as a policy instrument.

I have just completed an inventory of the data sets that a Dutch province holds and the visible erosion of data sovereignty was the main unexpected outcome for me.
This erosion takes different shapes. Here are a few examples of it, encountered in the Province I mentioned:

  • Data collection on businesses locations and the number of people they employ (to track employment per municipality per sector) is being pooled by all provinces (as a national level data set is more useful). The pooling takes place in a separate legal entity. It is unclear if this entity still falls under FOIA and re-use regulations. This entity also exploits the data by selling it. Logical at the organisational level perhaps, but illogical in comparison with the provincial public task (and maybe not even legal under the Re-Use law). Opening up the data needs to be done through that new entity, meaning not just convincing yourself, but all other provinces as well as the entity who has commercial interest in not being convinced. The slowest will thus set the speed.
  • Data collection on traffic flows, collected by the Province, is stored directly in a national data warehouse (NDW). Again pooling data makes it more useful, but the Province cannot store cleaned data there (anomalies filtered out, pattern changes explained etc.), so always needs to redo that cleaning and filtering whenever they want to work or access their own data. Although the publicly owned NDW now publishes open data, until recently they saw themselves as a commercial outfit, adverse to the notion of open data.
  • Data collection on bicycle traffic, done by the Province, is stored in the online database of a French service provider active in the entire EU. Ownership of the data is unclear. The Province only accesses the data through the French website. If a FOIA request came, it would be unclear if providing the data runs counter to any rights the service provider is claiming.
  • Data collection on the prevalence of bird species is being collected in collaboration with nature preservation groups and large numbers of volunteers. The Province pays for the data collection, but the nature preservation groups claim their volunteers (by virtue of their voluntary efforts) are the rightful owners of the data. Without seeking internal legal advice, the discussion remains unsolved and stalls.

None of these situations are unsolvable, all of them can get a definitive answer. The issue however is that nobody is clearly in a position, or has the explicit role to make sure such an definitive answer gets formulated. Because of that, uncertainties remain, which easily leads to inaction. If and when the Province wants to act to open data up, it therefore easily runs into all kinds of questions that will slow action down, or ensure action does not get taken.

It is entirely logical that public entities are collaborating in networks with other public entities and domain-specific stakeholders for the collection, dissemination and use of data. It is also certain, given our networked society and the drive for efficiency, the number of situations where such collaboration takes place will only rise. However, for the drive towards more openness it is detrimental when ownership of public data becomes unclear, gets transferred to an entity that potentially falls outside the scope of FOIA, or falls under the rights of a private entity, just because nobody sought to clarify such matters at the outset.

Public entities should learn to strongly guard their data sovereignty if they want to maintain their own agency in using opening up data as a policy instrument. Moving to open by design as a default for the public sector, requires stopping the erosion of data sovereignty.

On Open Data and the Panama Papers

Two questions I was asked

In the past days people asked me questions about the Panama Papers and how it is connected to open data. Is a leak like the Panama Papers helpful or not to the cause of open data? Is it reasonable that the journalists don’t plan to publish all leaked files?
Before answering those questions, I will explore aspects of the data we’re talking about, the content of the leak, and the legality and morality of it all.

The core concept at stake: beneficial ownership

First let’s look at the data that we are interested in here, and why that data needs to be fully transparant.
There are two elements of importance. One is that in a transaction you need to be able to verify that you are dealing with the right person: can your counterpart deliver, and is your counterpart legally able to enter into a transaction? If you buy my house you need to verify it is mine to sell, and therefore cadastral ownership information is a public register. Similarly if you deal with my company, you need to verify who is allowed to enter into a contract on behalf of that company, and who ultimately owns it. That last bit is called beneficial ownership: cui bono? This information is registered in public company registers.

This means that for my company (The Green Land), you can find out through the Dutch company register (searching by name, or by the company number we provide on our website and letter head) that there are 4 owners with power of signature. Those four are all other companies. One of those owning companies is Interdependent Holding, and if you check that one, you’ll find out that I’m the sole owner (the other three are owned by my partners). This way you can trace that I am the ultimate owner of part of The Green Land. This is relevant information if you do business with my company, and it is important information for the tax office, who want to know when to tax me for what. These sort of checks, which should be possible, means beneficial ownership should be completely transparant. You are thus able to find out personal information about me through the company register.

That is the trade-off I make as an entrepreneur with you and the rest of society. You all allow me, by creating a company, to shield myself personally from several risks: a bankruptcy of my company will mostly not touch me personally (unless it is due to my negligence or misconduct). The overall benefit to society is that more people will feel opportunity to start something new that way. In exchange I need to give up some of my anonymity, so that it is always clear who ultimately owns something.

Shell companies break that trade-off when beneficial ownership is purposefully obscured, especially when it is the primary reason that company was created in the first place. It allows me to make myself invisible to you in a deal, and it allows me to evade taxes without much chance of that becoming easy to spot.

What is in the Panama Papers?

The Panama Papers are a collection of over 11 million of documents and some structured data, about the creation of a wide range of shell companies (210.000!) in the past 40 years. All the documents come from one law firm in Panama, that has assisted in creating companies in jurisdictions where beneficial ownership is not fully recorded. Those jurisdictions don’t record that information because they don’t need it for taxation. The leaked documents contain the correspondence and other material, such as copies of passports, that was used to keep client records at the law firm, and to establish firms. So the leak is not a list of companies and beneficial ownership like you could get from e.g. the Dutch company register. But from the leaked documents that information about beneficial ownership can be derived. Even if it is ultimately not recorded in the company registers of the jurisdictions these companies are established in (such as the British Virgin Islands). And that is what some 400 journalists in 80 countries did this past year: derive the beneficial ownership information from the leaked documents. And then write stories about it. The law firm in Panama involved is just one of many law firms offering these services. It is not the biggest either, though it is in the top 5, it just is a law firm that seems to have had crappy data security.

On legality and morality

It is perfectly legal to create a company in the British Virgin Islands or any other similar jurisdiction, and using a Panama law firm to help you do that. It is also normal in those jurisdictions that beneficial ownership is not always recorded, simply as it is not needed by the local tax office and they have therefore no reason to collect it.
It is however illegal to not disclose such ownership when asked to do so by the tax office in your country of residence.
When beneficial ownership is hidden, and when the law firm you asked to help you do that is also somewhere hard to get at, it becomes easy to not disclose such ownership to your local tax authority and not be found out though.

This leak now ends that purposefully created obscurity for a large amount of companies and the people who have the beneficial ownership of those companies.
Some of that will until now have been undisclosed to tax authorities elsewhere, and thus illegal. This is what is now prompting government investigations in Australia, Peru, Netherlands etc.

Next to legality, there are also issues of morality at play. And this mostly is where the journalistic interest is.
The morality of having a company in a jurisdiction where you do not do any business, but where you happen to be able to obscure your beneficial ownership can be called into question.
Why would a board member of a Chilean transparency organisation need one? Why would a prime minister who demands austerity from all citizens have one? Citizens that cannot use the options the prime minister apparantly does have access to (or draw immediate attention if they do, such as the shop owners of a Welsh village)
Why would an advisory board member of a Dutch bank, that is currently government owned after a bail-out have one? Why would an NGO have one and send public money and donations to them? Why would family and friends of heads of state need them, coinciding with their rise to power? Why would such obscurity be important to art dealers?

The people it concerns apparantly feel those morality issues themselves as well when confronted, though some have above board explanations, such as the NGO mentioned. Why else would a prime minister walk out of an interview about it and later resign? Why else would another prime minister provide 4 different explanations in 4 different days before coming clean?
Why else would a banker give up his position when challenged? Why else would a country whose powerful figures are named have reporting on it censored and firewalled. Why else would a government denounce it as smear campaign even before the Panama Papers were first published?
Why else would a leading transparency activist immediately resign? A FIFA official resign from his organisation’s Ethics Panel? And a minister from another austerity-focussed government? Why else try damage control, while pleading innocence without denying the facts presented, but because of being caught with your hands in the cookie jar?

The full list will come out

One of the defenses out there for those finding themselves cornered in this moral quandary is that only they are targeted. Trying to raise suspicion about the fact not all companies and their owners are yet published. That is attacking the messenger when you don’t really have anything to counter the message. Of course the journalists involved lead with the juiciest stories, so heads of state and prime ministers find themselves first exposed.
The list of shell companies and their owners is of course much longer, 210.000 companies long, and as I said beneficial ownership is the key concept here. So it is needed that that list will come out in full. It will. The ICIJ has announced that the full list will be published early May (last sentence at that link), after the stories prepared in the past year have been published. So we will soon be able to see for ourselves who else we are dealing with.

Getting back to the questions

So should the entire leak be made public? All those 11 million documents or so? I don’t think so. The beneficial ownership information definitely should be. This is the stuff you can get from most company registers around the world. Beneficial ownership being public is part of the deal a company owner makes with society. That is however only the information derived from the leak and not the content of most of the documents leaked. Copies of passports used to register the company are not ours to see. You don’t post yours either, nor is it public through company registers normally. So no, the entire leak does not need to be public I think.
Once you will see the full list of 210.000 shell companies and their owners, you will realize how many people not of public interest are on it. And you’ll realize that disclosing material other than beneficial ownership is a breach of privacy that doesn’t add anything to further challenge the legality or morality of the situation.

Does this help open data? That is uncertain to me. Maybe it helps to put beneficial ownership information at the heart of current discussions of opening up company registers in Europe further. Many of these European registers are public (you can check the records, for a fee), but not open. Only Denmark has a fully open company register. In other words: for you as an individual, Panama isn’t very far away in a certain sense, Panama is right in your own capital. Maybe it helps European governments to understand that they should lead by example in opening up beneficial ownership to the public pro-actively, and that their tax-offices have something to gain by it (because then data across multiple European jurisdictions will be routinely available).
Maybe it shows owners of shell companies that geographical distance and obscurity are much less of a protection than before digitisation, and lead at least some to make different choices. Or maybe it shows that full global transparency of company registers is unavoidable over time: if not voluntarily then forced.

On Agency Pt 1.

As individuals, as groups, as organisations, as societies, we are not leveraging the full power of distributed networks by far. In distributed approaches to many of our current issues is where we will find much needed agency for ourselves.

Paul Baran distributed networks

The internet is meant to be distributed
The internet was conceived as a distributed network (item c in the pic above). Physically, in terms of cables, this is true. Practically in terms of functionality, and socially, in terms of people, it mostly is not.

….but that is not what we get provided with
Especially for individuals, as the end points of whatever gets provided or done over the internet, the experience is much more like a centralized network (a in the pic), or at best a decentralized one (b in the pic) when I use various services next to each other. Whereas tremendous affordance and power lies in being myself a real node of agency in a distributed network. Facebook is to users a centralized hub, that we interact with, a walled garden. Google, Apple, Amazon all behave in similar ways. Most Internet of Things devices and other connected products require you to stay within one silo. My Sonos speakers can’t play nicely with other wireless solutions. A ‘smart’ thermostat or a smart meter only communicate with their own components, or with the energy company instead of me. Most of it is not open and require us to pick one specific ecosystem to be part of, and voluntarily lock us in. Because for these products and services the easiest path to viable business is in aggregation, providing a measure of control to the business as they scale.

Truly distributed solutions are of course available online. Diaspora does what Facebook does, but your data is under your control. The blockchain behind BitCoin distributes transparency and accountability, and combines it with anonymity, even though current implementations end up almost centralized as well. Maker machines leverage the distributed network: the machines allow me to use and produce locally what I find through the networks. With Arduino and Raspberry Pi we have open computing power at our hands that allow us to do much of what centralised and silo’d IoT systems do.

We need to make distributedness way easier
The threshold to use truly distributed technology yourself remains extremely high however.
If something is difficult, even if it’s ultimately better, I won’t do it if there are easy alternatives. I will not go through the trouble of administering a UNIX server to run my own Diaspora pod if I can join Facebook within a single minute. I will not repair my own fridge door handle if getting my 3d printer to work and drawing a thing takes ages, but I can order a new fridge in 2 minutes and have it delivered tomorrow.

…also when it comes to human interaction
Similar patterns I see on the social side, when it comes to learning, organizing, collaborating, creating. Recently I was in another meeting where the participants only knew one mode: sit down to talk with an agenda and discuss things to death, even though what was needed was to just get to work together and do something. But they did not know any of the work forms, methods or instruments you could use for that. Again there is a myriad of proven work methods when it comes to organizing, collaborative structures, decision making, ideation and designing. Methods that build on the diversity and connectedness of groups, on distributedness, on peer to peer.

Reducing adoption thresholds of truly distributed technology and peer to peer methods allows an increase in agency. What agency looks like in a connected and distributed world (On Agency pt. 2), and what reducing thresholds to adoption (On Agency pt. 3) looks like in my eyes is for following postings.

Looking into keeping my files safe

This is a quick assessment to get a grip on how I can secure my documents, and against which risks.

Basically the core device is my laptop. I haven’t incorporated my phone yet in this overview.

Laptop
Risk: gets stolen
Mitigation: encrypt HDD, and back-up to Time Machine and/or NAS drive and/or VPS, cash reserve for immediate replacement
Current status: mitigation measures in place

Risk: breaks down / HDD failure
Mitigation: back-up to Time Machine and/or NAS drive and/or VPS
Current status: mitigation measures in place

Risk: gets read / copied while en route
Mitigation: encrypt HDD, being able to travel without documents and without being able to reveal passwords needed to trigger access to remotely restore documents to laptop
Current status: mitigation measures partly in place

Time Machine
Risk: not in sync, HDD failure
Mitigation: fix sync, restore from off-site back-up or laptop
Current status: mitigation measures in place

Risk: gets stolen
Mitigation: encrypt files, and maintain offsite back-up
Current status: mitigation measures in place

NAS drive (with archived files, music library)
Risk: not in sync, HDD failure
Mitigation: syncing process, RAID, restore from off-site back-up
Current status: mitigation measures in place

Risk: gets stolen
Mitigation: encrypt files, and maintain offsite back-up
Current status: mitigation measures partly in place (encryption not supported by current NAS, planned to replace NAS) UPDATE: NAS replaced, encryption added.

VPS
Risk: crashes
Mitigation: restore from back-up service, or restore from on-site back-ups and laptop
Current status: mitigation measures in place

Risk: gets hacked
Mitigation: encrypt files, keep on-site back-ups of files, restore from back-up service
Current status: mitigation measures in place

Risk: deleting files through syncing errors (actually happened already)
Mitigation: syncing through a local copy on laptop (scripted), one-way syncing
Current status: mitigation measures partly in place

Keeping files save

Enjoying Indie SF

In the past months I have increasingly read books from independent authors that self-publish. It seems there is a growing supply of it, and of increasing quality.

Fellow nerd Peter Kaptein has been cutting his own path into the writing jungle, and I enjoy following his reports on his blog and on Facebook chronicling his musings, struggles and process. Likewise here at home it is exciting to see my wife finally giving in to her lifelong urge and start writing stories, after getting a huge burst of motivation from following a training on methods and tools. It is what allowed her to see writing as artisanship and thus well within her own scope.

Today I read the book Remanence from indie US writer Jennifer Foehner Wells (twitter). Remanence is the sequel to Fluency which I read sometime last year. Remanence was published yesterday, and provided me with a good, exciting and relaxing read this weekend. I was originally attracted to Fluency because it promised a linguist at the heart of a hard scifi story (who else to crack the Universe’s lingua franca?). The follow-up provided techno-collapse to pre-industrial level, ecosystems gone haywire and space faring squids finding out they weren’t as free as they thought.

fluency remanence
Fluency, and its sequel Remanence

Independent writers are learning to embrace the affordances that global connectivity provides, and directly creating their own audience, distribution channels and brands, much like indie musicians before them.

It’s not that regularly published SF isn’t interesting or fun. As long as I’m able to explore or be surprised by what I find in terms of perspectives etc. Such as around new year when I hugely enjoyed the two SF novels from Chinese writer Liu Cixin (his Chinese blog). His Three Body Problem, and the follow-up Dark Forest are both great reads with a first encounter in a game world, a quantum-enabled block on human science development and a solution for the Fermi paradox. Already looking forward to the third installment becoming available in English later this year.

threebodyproblem
darkforest
Three Body Problem, and its sequel Dark Forest

Serbian Information Commissioner Now Publishing Open Data

Today a tweet from the Serbian office of the Commissioner for Information of Public Importance and Personal Data Protection thanked me and colleagues for promoting open data. As a result the Commissioner’s Office has launched an open data site today, on the data subdomain of their regular website, data.poverenik.rs. This is very good news, and a welcome consequence of the open data readiness assessment I did with the World Bank and the UNDP last year. In June I spoke with the Commissioner about their work, and his deputy already took an active role last December at the conference where we presented the results of the assessment.

In a press release (Serbian only), the Commissioner’s Office states that as further encouragement to the Serbian public administration, the Commissioner is opening up data concerning their own work. Thirteen data sets have been published, one of which I think is very important: the list of public institutions that fall under the freedom of information and data protection frameworks (over 11.000!). Other data published concerns the complaints about information requests and their status the office received, as well as complaints and requests concerning data protection and privacy.

With the help of civil society organisation Edukacioni Centar (whom I had the pleasure of meeting as well) the data comes with some visualizations as well, to improve the understanding of what data is now available. One allows navigating through the network of over eleven thousand institutions that fall within the scope of the Commissioner’s Office, another the status and subject of the various complaints received.

Serbian institutions(Screenshot of over 11.000 public institutions)

Steps like these I find important, where institutions such as the Information Commissioner, or here in the Netherlands the Supreme Audit Institution, lead by example. By doing that they underline the importance of transparency also to the functioning of their own institutions.

Open Data Readiness Assessment Kyrgyzstan Published

The UNDP has published the open data readiness assessment for the Krygyz Republic. From November 2014 to June 2015 I visited Kyrgyzstan three times for a week on behalf of the World Bank. In collaboration with the Kyrgyz Government and the UNDP, as well as local companies, civil society organisations and the coding community, we looked for the right starting points for open data in Kyrgyzstan, and which steps to take to get going.

The UNDP has now published the resulting report, which is embedded below. Download link here.

Encouraging Community

In a conference call this morning with an Eastern European client we discussed the need for more and better connections and relations, and moving towards increasing trust over time between those participating in these connections. This reminded me of the little primer I wrote a number of years back, on creating or strengthening communities more purposefully. By paying attention to a range of specific aspects that we would normally not consider as part of your management toolkit. Things like rhythm, spaces, and levels of engagement, or balancing safety and excitement, variety of perspectives, and being welcoming.

It is based on the great work of Etienne Wenger concerning communities of practice, which has been a key ingredient in my consulting practices in the past 15 years or so, ever since his 2002 book Cultivating Communities of Practice.

The primer, embedded below, describes the aspects I pay attention to when hoping to strengthen community, some stemming from Wenger, some from my direct experience, and provides examples of what type of action results from it. You can also download the PDF, if you like. Do let me know if it is of use for you.

I can also recommend the book by Etienne:
Schermafbeelding 2016-02-24 om 12.27.41>
Cultivating Communities of Practice

First TTN Enschede Meet-Up A Success

Last Thursday the first TTN Enschede Meet-up was held. The Things Network (TTN) is an open infrastructure, using LoRaWan, which lets Internet of Things (IoT) devices communicate data to the cloud, from which it can be approached over regular internet connections.

What fascinates me in this, is that one can implement a city or region wide infrastructure for very little money, where normally the infrastructure is the expensive part. Especially after the TTN Amsterdam initiators ran a kickstarter campaign offering the gateways for just 200 Euro, last October. With several volunteers here in Enschede, we can quickly achieve city wide coverage, and open it up to all comers. And that is what is indeed happening, as it looks like at least 6 gateways will become available in the city soon. One gateway, which Timothy at Innovalor placed on top of the highrise of the University of Applied Sciences Saxion in the city center, is already operational, since last week. The rest will follow in June.

The meeting last Thursday of fifteen TTN and IoT interested people in Enschede was a good first encounter. Besides getting to know eachother, it was good to exchange ideas, experiences, and talk about what we could actually do once the infrastructure is in place.

As it turns out, thinking about use cases is not easy, and that will definitely need more thought and discussion.

Meanwhile one of the participants, JP, showed his LoRaWan device that measures signal strength of the mentioned gateway. On his mobile phone he combines those measurements with his phone’s GPS location. This way he built a signal strength map of the Saxion gateway while cycling around town over the course of his normal activities. The LoRaWan receiver and the map are shown below. As it turns out more people are currently doing this type of wardriving, trying to crowdsource a coverage map of the Netherlands.

LoRaWan wardriving results Enschede