~mroik@TTBP

06 september 2023

I came back from Canada on the 29th, arrived in Milan on the 30th and on the 1st I had to fly again. I went to Brussels, Belgium, to attend the Freedom not Fear conference. It is a digital rights and online privacy conference, it is more on the political side rather than technical, so a lot of activist. A few devs did attend and some paranoid nutjobs (but that's to be expected when you host a conference centered around privacy). I went with some of the members of the association I'm part of POuL.

The first day when arrived it was pouring hard, and Brussels' manholes really don't drain a whole lot... but that was fine I guess. After we arrived at the hostel we played some ping-pong there and after the weather cleared a bit we went out for lunch. For lunch we went to a fast food place that made the worst chips ever, I quickly realized that google reviews mean shit in Brussels, they must be used to eating substandard stuff (or so I thought at the time). After we went for beers at a place called Delirium Café, it was nothing like a café tho, we were specifically looking for a pub that served belgian beers, when we saw that they served meters of beers we went in straight away, and for those who don't know, a meter beer is a slab of wood onto which you line up pints of beers. The reason it's called a meter of beer is pretty obvious. Into each pint there was a different beer. The beer we tried were:

• Bush Amber
• Trappe White
• Maredsous Brown
• Grisette Bio
• Legends Harmony
• Paranoia IPA
• Floris Cactus
• Delirium Red
• Delirium Tremens
• Campus

There were a couple that I didn't like at all, but the rest were pretty good. We even had a CodiMD document to rate all of the beers. There were 9 of us and got 3 meters. After we drank our fill (after tasting all of 'em we had to get seconds of our favourite ones) we went to the conference location. It was held at Mundo Madou a café that also had some conference rooms. After registration we went to the main conference room.

We kicked off with an overview of each attendant's country, listing all of the current news of our own countries related to digital rights and privacy. After that we had what they called a fishbowl, we pretty much listed all of the topics we were interested in discussing at the conference. After that we had our first talk held by Wojciech Wiewiórowski the current European Data Protection Supervisor, his presentation was on the use of fediverse instances hosted by the EU, mainly peertube. These instances had no tracking, transparency on the platform's workings (it was all opensource) and they were idependent from corporations. Despite all of their efforts these platforms were barely used, and could soon end up being closed.

After the talk we had some more informations on logistics and then we headed towards a music festival held in a park, there we had dinner with street food.

Onto the 2nd day, after breakfast at the hostel we headed for the conference straight away. We started the day by sharing an overview of the status of each member's own country in matters related to digital rights and privacy. As per Italy, we really had nothing to share other than the fact that digital rights and privacy online don't really make it on the news.

After that we moved onto the scheduling of the day, this was something we had to do every day, as the program was filled at the start to make room for "spontaneus" workshops based on interest showed on topics discussed previously.

For the first day the talks/workshops were:

• Noon session 12:00 - 13:00:
  • How about AI?
  • Unveiling Data Pollution: Navigating Enviromental and Ethical Challenges in the Digital Age
  • Chat control - How to get involved
  • Fediverse integration for public administration
• Lunch 13:00 - 14:30
• After lunch session 14:30 - 15:00:
  • Lighting Talks
  • Educational software (School clouds)
  • Biometric surveillance
  • Resisting police tech in Europe
  • Introduction to the Fediverse
  • Divide et Imperare - Tactics & Strategy
• Break 15:00 - 15:15
• Afternoon session I 15:15 - 16:15:
  • Digital Services Act: soon in your country
  • Globalleaks: Reflections on Whistelblowing
  • DearMEP - Free Software infrastructure for Online Campaigning in the EU
  • "Going Dark" - how to counter EU's surveillance forge (data retention, e2ee)
• Break 16:15 - 16:45
• Afternoon session II 16:45 - 17:45:
  • War on Cash / Digital Exclusion
  • Even the safest places aren't safe from CCTV everywhere
  • Tehcnology-led border management in Greece
  • Hate speech / Freedom of Expression: A delicate balancing act
  • Big tech? Small tech
  • Cyber Resilience Act

Of these I attended:

• Chat control
• Educational software (School clouds)
• "Going Dark" (tho I regret this, the host seemed like a nutjob)
• Even the safest places aren't safe from CCTV everywhere

Chat control was held by StopScanningMe. It was about the current state of the Child Sexual Abuse Regulation or CSAR for short, it's current draft, why and how to stop/delay it. There were rapresentatives from about 5 different associations that together held the presentation. I'm not about to share what the CSAR legislative proposal is all about, you can inform yourself here. This was one of the better held talks of the conference, there was even an MEP, Patrick Breyer, the MEP leading the opposition of this proposal (at least in its current state). It doesn't really help with catching abuse online, and even if it did, it comes with the cost of mass survailance and infringement of our right to privacy. I was pleasantly surprised to find this talk, 'cause it seemed to me like no one knew about this proposal, there's no one talking about it online and even less on TV (not that I expected italian news outlets to pick up on news related to privacy). A natural consequence of this talk was the announcement of an impromptu talk held during the last 30 minutes of lunch time to talk about how to contact your MEPs to bring their attention to this (or any) proposal, since one of the things that Mr. Breyer highlighted was the fact that many of his colleagues (even within his committee) didn't know about the proposal.

For lunch we had some sandwiches, everything was donation based, so it could've been a free meal if you really wanted, but I didn't want to be that guy... anyhow, after I ate I crossed paths with one of the speakers at the chat control talk, it was a rappresentative for EDRi a network of NGOs that advocate for digital rights. We exchanged a few words and since I showed some interest she asked me and the other member of POuL that was with me if we were interested in joining the protest that is happening in October to raise awareness to the MEPs that are not. I most likely won't be attending, I have classes in October and I and it is also an economic burden that I can't afford right after coming back from holidays (well, if I really wanted I could, but I still have classes). Either way she left us her card in case we wanted to attend or even if we just wanted to contact her.

The talk on how to contact your MEPs was held by both the girl that I just mentioned and her colleague, another girl that was in EDRi. They shared their methods of contacting an MEP, how to better pique their interest and which MEPs we'd have to contact ideally to help oppose the CSAR proposal. One of the things that really surprised me (it really shouldn't if you think about it) was the fact that if the MEP was not available for a meeting to discuss the proposal, and they instead pointed us to their advisor, it is even better than meeting the MEP. If you think about it it does make sense, MEPs have to work on multiple proposals at once, so the advisors are the ones most likely to know all about the proposal they are working on. After the talk I asked the other girl from EDRi for her card as well, in case I wanted some pointers in case I decided to contact an MEP regarding CSAR, which I most likely will.

I then attended the workshop on Educational software. There we mainly shared the current state of cloud based solutions forced onto students, specially during the pandemic. If you didn't want to use zoom or any of the other video conference software you couldn't attend classes, the main problem we all had was the fact that instead we could've used open-source solutions not hosted by any corporation.

The Going Dark session was so bad, I don't even want to talk about it. The one hosting it was a nutjob. We were all flabbergasted by the end of the presentation.

The talk about CCTVs was hosted by the same guy that hosted the talk about educational software and was pretty good tbh. It was about the fact that there were so many CCTVs in Portugal that didn't conform to GRPR laws and the fact that in recent years they started installing more and more of them. He understandably was concerned, he didn't want to live in a place where everyone is surveilled 24/7, I thought it was a bit of an overreaction, but I guess I'm used to being monitored since I live in Milan, we literally have cameras at all the entrances of our city center to monitor the cars that enter (we have area C which is a restricted area for cars with older engines, it's a pollution control zone). After the talk I even met this girl from portugal that was attending the talk as well, well she was with the host, they both were from the same organization. She very plain, no makeup (or very little of it, if she had any I didn't notice) and was wearing a Tor Project t-shirt (was my way into a conversation). Had a nice talk with her, exchanged a few words, our experiences as students. She's even a weirdo that uses QubesOS, an OS were you can run each program in their own virtaul machine, achieving security through isolation. Wild concept if you ask me, I wonder how much is the loss in performance. It is pretty nuclear option to achieve security.

After that we had our evening plenary which consisted in a quick overview of the talks/workshops of the day.

We then moved to a place called DK a cultural center, for dinner. But before that me and 3 other guys from POuL went back to the hostel to take a shower. When we arrived at DK we had some beers (there's a picture of our table of 4 that had a bunch of beers, the other tables must have thought we were drunks). We then had dinner, they served hummus or paella but vegan, it was all pretty ok, but I was starting to miss meat. At some point of the evening we had a bit of a conversation with the barman. He was a black fellow that had been in Brussels for the last 2 years, before that he was in Italy for over 15 years, so he knew Italian pretty well. At some point me and him went out to go get some weed, my first time buying off the streets, went pretty well. Didn't even need to do the talking, he did everything for me, I just handed over the money. When I got back me and some of the members of POuL chilled outside and shared a joint.

I then found again the portuguese girl I had talked to, to not make it obvious that I wanted to talk with her I first approached the dude that held the CCTV talk that was in her group and talked a bit about the need of CCTVs, mainly the fact that I was arguing the fact that there is a good point to be made for the use of CCTVs in some areas. We talked for so long that most of the POuL already went back to the hostel. I then joined the group of portuguese guys to a bar to join some other group. The place was a pretty good bar, the vibes were there and the drinks were reasonably priced. There we talked a bit more, I got the chance to talk to the girl but by the end of the evening (at least the end for me) I realized that the dude that held the CCTV talk and the girl I was going for were a couple... there I then found another member of POuL, he too was trying to get into another girls pants, and since he was not getting anywhere we both decided to go back together to the hostel.

This took longer than I expected, so I'll write about the other days of the conference another day.

permalink