Pharos - Organization and Governance: Difference between revisions
No edit summary |
No edit summary |
||
Line 27: | Line 27: | ||
The Tech team will be charged with matters of security and stability. They will maintain the website, and scrub each video of all identifiable content and metadata. | The Tech team will be charged with matters of security and stability. They will maintain the website, and scrub each video of all identifiable content and metadata. | ||
Pharos may be besieged with videos at certain times (like, if there is a high-profile crisis going on) and it should be built not to crash during an intesnse spurt of activity. The site may also be subject to DDOS attacks, or other attempted take-downs. The tech team must devise a strategy -- whether it involves mirroring, hosting with a major company, or otherwise -- to insulate Pharos from such attacks. Pharos should be reliably available, particularly in the face of attacks from those actors who do not want a certain video to be seen, and during times of crisis when more users want to upload and to view human rights media. | Pharos may be besieged with videos at certain times (like, if there is a high-profile crisis going on) and it should be built not to crash during an intesnse spurt of activity. The site may also be subject to DDOS attacks, or other attempted take-downs. The tech team must devise a strategy -- whether it involves mirroring, hosting with a major company, or otherwise -- to insulate Pharos from such attacks. Pharos should be reliably available, particularly in the face of attacks from those actors who do not want a certain video to be seen, and during times of crisis when more users want to upload and to view human rights media. | ||
Security of the content must also be a priority of the Tech Team. If Pharos retains unscrubbed versions of the content it receives -- the videos with distinguishing features still visible, or with metadata attached -- they must be protected from any posible intrusion. Pharos must be able to promise its uploaders that no one will ever be able to trace the video back to them. If Pharos keeps any logs of the videos have been submitted, like how they arrived or when they did, these logs should receive similarly high levels of security. | Security of the content must also be a priority of the Tech Team. If Pharos retains unscrubbed versions of the content it receives -- the videos with distinguishing features still visible, or with metadata attached -- they must be protected from any posible intrusion. Pharos must be able to promise its uploaders that no one will ever be able to trace the video back to them. If Pharos keeps any logs of the videos have been submitted, like how they arrived or when they did, these logs should receive similarly high levels of security. | ||
[[Image:Pharos_Slide_-_Encryption_Key_Distribution.png|300px|thumb|right|Pharos' public key encryption]] | |||
If Pharos decides to offer uploaders a public key encryption service, then the Tech team will have to ensure the absolute security of its encryption process. The private key it uses to decrypt the submitted files will have to be guarded so that no technological or human infiltration is possible. We expect the Tech team to hire out a private security firm that can ensure the utmost security is possible. | If Pharos decides to offer uploaders a public key encryption service, then the Tech team will have to ensure the absolute security of its encryption process. The private key it uses to decrypt the submitted files will have to be guarded so that no technological or human infiltration is possible. We expect the Tech team to hire out a private security firm that can ensure the utmost security is possible. | ||
[[Image: | The Content team will focus more on soliciting media, determining whether it fits the mission, and publishing it as widely and fully as possible. They will use the Board's guiding principles as the basis for their decisions about whether a submission is appropriate for Pharos. They can approach the Board if a video is particularly challenging. | ||
[[Image:Pharos Diagram - right side - dsitribution.png | |||
|300px|thumb|right|Content distribution]] | |||
The Content team will be responsible for distributing the media to as many sources as possible. They may also provide contextual information alongside the actual file -- with any information that they can verify about where it was created, at what time, and under what circumstances. They will not reveal anything that could identify how they received the video or who is involved in it. | |||
The | The Pharos team will cultivate a network of human rights organizations, journalists and academics worldwide, upon whom it can rely when trying to evaluate a video. If they need to learn more about the circumstances in which the video may have been produced, they can call upon this network for general information about the context. If a video is suspect, they may also contact this network to try to determine more about its reliability. | ||
The | The network will also be useful in soliciting videos. They can distribute their public key via these organizations, which may produce human rights media on their own, or which may be the local contact points for people who are not activists, but have ended up with documentation of abuse on their hardware. These local organizations can instruct people on how to submit their media securely, directing them to Pharos and with guidance on using public keys, Tor, or other methods that will ensure some security. | ||
== A Wider Network == | == A Wider Network == | ||
Pharos need not be a sole office in a Western country. Though this may be its central place, it could include a worldwide network of localized publishers. Taking the model of human rights organizations, there could be regional or continental Pharos Hubs. The local versions could have more translation and language support tailored to the area, and it could have distribution networks that are focused less on US news media, and more on local media. | |||
A less centralized system would help insure that Pharos does not make decisiosn that are divorced from local realities. Local hubs will be more attuned to which videos may be forgeries or editing; they will also be able to contextualize videos and provide consumers with fuller explanations of why the abuse occurred and what response woudl be best. | |||
There could be two main problems with a more dispresed Pharos. First, local offices may be more biased about the content submissions. Because the employees will be more directly invested in the region, they may not publish any video that they consider could harm their political party or movement. A centralized Pharos organization would be more separate from local organizations (and though that makes them less knowledgeable about the context of a video) it makes them less biased in deciding which content to distribute. | |||
Second, local Pharos operations will be more liable to security attacks or governmental requests. If they are working in a country that does not have strong protections on freedom of expression, their site may be blocked or their employees may be subject to prosecution for their work. Moreover, their offices, records, and stored content may be inflitrated or subpoenaed. It will be harder to guarantee uploaders security if the office itself is not immune to attack or investigations. If they use public-private key encryption systems, the key may be more easily compromised as well. | |||
The ideal would be for Pharos to be balanced between a centralized, Western-based office and a worldwide network that can offer more local support and contextualization. Security concerns may be the overriding ones. Pharos must be able to guarantee its uploaders absolute anonymity, and protect its own employees from prosecution or attack. If the organization could maintain this high level of security while still partnering with organizations worldwide, and perhaps even delegating some decision-making and hosting to them, that would ensure that Pharos was better attuned to situations on the ground and protected from forged content. |
Revision as of 15:40, 3 February 2011
Pharos will be built around its core mission: to protect, enable and promote human rights media. The challenge will be to interpret the mission into clear principles, upon which the organization will be able to function deftly and responsibly.
It will have two bodies, the board of directors and the day-to-day team, to establish & to implement these principles. The first will be responsible for formulating a clear statement of Pharos' principles and, in difficult or changing circumstances, interpreting how they should be applied. The implementation team will oversee the functioning of the site, protect the security of the data, and manage relations with other content publishers and users.
Alongside Pharos' formal organization, we envision a worldwide network that Pharos can promote active and appropriate submissions, as well as providing information to submitters about to do so securely. The network can also supply Pharos with the necessary contextual information to provide alongside the video. While Pharos does not want to reveal any information about the people in the video, it does want to provide information that will help explain where the event occurred, in what circumstances, and related to what underlying factors.
The Board of Directors
The Board of Directors will include a variety of professionals and experts with proven experience in human rights, freedom of expression, human security, and international relations. Like other mission driven organizations, we want to draw members from several different fields to ensure that the principles are written in a rich and thoughtful way. We envision some of the members may be human rights attorneys, former diplomats, professors, journalists, activists, and IT professionals.
Their initial task will be to draw up a clear mission statement and list of principles, upon which Pharos will accept, process, and distribute content. We envision that the mission statement will be 'To Promote Freedom of Expression and Protect Human Rights'. It should provide a clear, but general, vision of why Pharos exists. Ideally, these principles will be sufficient guidelines for how the operations will be carried out day to day. After its initial meetings, the board will only have to meet quarterly to review the operations of Pharos. But in case there are some submissions that are particularly difficult to evaluate, the Board should be on call for
The list of guiding principles will necessarily be more specific. These will determine which videos Pharos will process, publish, and distribute, and which it will not. Other organizations, like CNN's I-Reporter and Witness' The Hub, have formulated content policies that provide useful baselines for Pharos.
We envision Pharos' list may be similar. It may contain prohibitions against which types of content will not be allowed, unless justifiable to the message -- like on the grounds of extreme violence, cruelty to animals, or explicit sexuality. But because of Pharos' concern for human rights abuses, it must expect that many legitimate videos may include violence, foul language, and sexuality in the context of abuse. The Board will draw up a general rule upon which legitimate versus illegitimate content can be distinguished. Their public guidelines about submissions may resemble CNN I-Report's -- general and user-friendly -- but privately they can hold detailed discussions about particular videos that may walk the line between appropriate and obscene.
In its guiding principles, the Board must also spell out how to approach videos that have been sent anonymously and cannot be verified. Pharos' general policy is that it will accept any content sent to it, and will only publish content related to human rights. The goal is to have a quick turn-around, so that all submissions, after being evaluated and scrubbed clean, will be posted and distributed immediately. Pharos can have a badge system (like CNN's I-Report) that declares whether the video has been verified as accurate and reliable by Pharos standards. A video without a badge will be understood as not necessarily real or trustworthy.
If the content arrives from an unknown source, Pharos must be concerned that it has been edited to misrepresent reality or is a lie outright. We recognize that there has been a history of forged abuses, including with videos of abuses that have been manufactured to give the appearance of an abuse when there has not been one. We are aware that competing groups, particularly in long-standing conflicts, use allegations of human rights abuse as tools to promote their political agenda, rather than strictly to protect human rights principles. We do not want to be drawn into such disputes, if it is possible. The Board, relying on its own knowledge and its network of contacts, will have to make the difficult calls whether to publish videos that are suspected of being edited or forged. Other human rights organizations must make similar determinations in whether to publish accounts of abuse, that may have been exaggerated or falsified. Pharos can borrow their insights into how to maker responsible choices on questionable content.
The Implementation Team
The Implementation Team -- made up of a Tech Team and a Content one -- will work according to the directives established by the Board. It will be responsible for ensuring the site operates smoothly, that the content is protected, and that it is distributed promptly and fully to the appropriate publishers. If Pharos hosts content on its own site, the team will ensure that the media is presented in a timely and usable manner.
The Tech team will be charged with matters of security and stability. They will maintain the website, and scrub each video of all identifiable content and metadata.
Pharos may be besieged with videos at certain times (like, if there is a high-profile crisis going on) and it should be built not to crash during an intesnse spurt of activity. The site may also be subject to DDOS attacks, or other attempted take-downs. The tech team must devise a strategy -- whether it involves mirroring, hosting with a major company, or otherwise -- to insulate Pharos from such attacks. Pharos should be reliably available, particularly in the face of attacks from those actors who do not want a certain video to be seen, and during times of crisis when more users want to upload and to view human rights media.
Security of the content must also be a priority of the Tech Team. If Pharos retains unscrubbed versions of the content it receives -- the videos with distinguishing features still visible, or with metadata attached -- they must be protected from any posible intrusion. Pharos must be able to promise its uploaders that no one will ever be able to trace the video back to them. If Pharos keeps any logs of the videos have been submitted, like how they arrived or when they did, these logs should receive similarly high levels of security.
If Pharos decides to offer uploaders a public key encryption service, then the Tech team will have to ensure the absolute security of its encryption process. The private key it uses to decrypt the submitted files will have to be guarded so that no technological or human infiltration is possible. We expect the Tech team to hire out a private security firm that can ensure the utmost security is possible.
The Content team will focus more on soliciting media, determining whether it fits the mission, and publishing it as widely and fully as possible. They will use the Board's guiding principles as the basis for their decisions about whether a submission is appropriate for Pharos. They can approach the Board if a video is particularly challenging.
[[Image:Pharos Diagram - right side - dsitribution.png |300px|thumb|right|Content distribution]] The Content team will be responsible for distributing the media to as many sources as possible. They may also provide contextual information alongside the actual file -- with any information that they can verify about where it was created, at what time, and under what circumstances. They will not reveal anything that could identify how they received the video or who is involved in it.
The Pharos team will cultivate a network of human rights organizations, journalists and academics worldwide, upon whom it can rely when trying to evaluate a video. If they need to learn more about the circumstances in which the video may have been produced, they can call upon this network for general information about the context. If a video is suspect, they may also contact this network to try to determine more about its reliability.
The network will also be useful in soliciting videos. They can distribute their public key via these organizations, which may produce human rights media on their own, or which may be the local contact points for people who are not activists, but have ended up with documentation of abuse on their hardware. These local organizations can instruct people on how to submit their media securely, directing them to Pharos and with guidance on using public keys, Tor, or other methods that will ensure some security.
A Wider Network
Pharos need not be a sole office in a Western country. Though this may be its central place, it could include a worldwide network of localized publishers. Taking the model of human rights organizations, there could be regional or continental Pharos Hubs. The local versions could have more translation and language support tailored to the area, and it could have distribution networks that are focused less on US news media, and more on local media.
A less centralized system would help insure that Pharos does not make decisiosn that are divorced from local realities. Local hubs will be more attuned to which videos may be forgeries or editing; they will also be able to contextualize videos and provide consumers with fuller explanations of why the abuse occurred and what response woudl be best.
There could be two main problems with a more dispresed Pharos. First, local offices may be more biased about the content submissions. Because the employees will be more directly invested in the region, they may not publish any video that they consider could harm their political party or movement. A centralized Pharos organization would be more separate from local organizations (and though that makes them less knowledgeable about the context of a video) it makes them less biased in deciding which content to distribute.
Second, local Pharos operations will be more liable to security attacks or governmental requests. If they are working in a country that does not have strong protections on freedom of expression, their site may be blocked or their employees may be subject to prosecution for their work. Moreover, their offices, records, and stored content may be inflitrated or subpoenaed. It will be harder to guarantee uploaders security if the office itself is not immune to attack or investigations. If they use public-private key encryption systems, the key may be more easily compromised as well.
The ideal would be for Pharos to be balanced between a centralized, Western-based office and a worldwide network that can offer more local support and contextualization. Security concerns may be the overriding ones. Pharos must be able to guarantee its uploaders absolute anonymity, and protect its own employees from prosecution or attack. If the organization could maintain this high level of security while still partnering with organizations worldwide, and perhaps even delegating some decision-making and hosting to them, that would ensure that Pharos was better attuned to situations on the ground and protected from forged content.