I actually received an email from @steverushton that suggested we test it in general, not only for the media team.
If it is getting confusing then maybe it would be best to create a subgroup for the media team?

@Vica Oh well, it sound like it is confusing. I have also suggested a sub group to @philenglish for the Media team. Are you in the Media team? I was in the group but to do with tools for discussion, e.g this tool. The real Media and Communications people, discussed separately.

I could create the sub group but would not know who to invite to it. A chap called Ronan had the email list and said he would send it out.

@johnsinha I understand your concern, the obstacle on rushing to change this would be a) That somebody would have to take control and say I am the power user here and I will keep admin. Myself and @steverushton were the people in the working group for tools, so maybe its semi legitimate but not fully if we did.

Maybe it should be each working group put forward a person plus two nominees/volunteers have permission.

However as we are only testing and trying out the tool for now it seems that we could break it easily. So no great loss if something goes wrong.

I am a bit worried that people don't realise we are just testing the tool

What are "our needs"? One thing that has come up is that it might be useful to have an online forum for developing our list of "demands" so that a wider group of people other than those at general assemblies in Parliament Square could be involved, and also discussion could continue to take place during times we are not in the Square.

Also we have agreed (as one of our provisional "demands") to support a citizen-led constitutional convention and would need online tools for this. As @steverushton hopefully can confirm/clarify, I think citizens in Iceland produced a new Peoples Constitution using some kind of online tool? The pirate party and others also use online tools to develop policy ideas?

However, I wonder whether this tool might become unwieldily if too many people are involved? It seems to be working OK now (although we're still on a learning curve - but it seems like it has potential) but how will things change if numbers involved scale up? Are there limits? Has Loomio been used on a large scale? What tools have other social movements used (Iceland, Syriza, Pirate Party…) and what can we learn from their experiences?

Whatever happens here I feel it is important to remember the word and definition of a democracy 😊

I think it is also v important to have a clear safe spaces policy as once agreed when we had the groupspace account and moderators for the email list. see link below
http://occupylondon.org.uk/about/statements/saferspaces/
Perhaps we make it a condition that people agree to this before joining? And also have a small group of mods/admins who will, with the help of the rest of the members, take decisive action if needed. I sincerely hope we never need to do this, but given that Occupy is so feared and loathed by the 1% (amazing really) we can expect some trolls to turn up sooner or later. Keeping everything open to everyone just makes us vulnerable both collectively and individually.

Can I just make it clear that I was only agreeing on this for the trial period. I do agree that it is very dangerous to assume that everyone who would join would be trustworthy and faithful to the cause. In the long run I feel we need a secure environment in order to be able to express our thoughts and ideas freely.

I haven't explored what admin gives you on loomio, so hoping someone has worked out, what happens if an unwanted deletion occurs, is there any kind of back up in their system or ours?

An SSL certificate for occupylondon.org.uk, including sub-domains, would cost £225 a year. If it wasn't so much I would pay it myself but that's a lot of money.

Plus it's worth noting that the only benefit would be encrypting the transmission of data to and from the site - it would not prevent intelligence agencies from workout out who is visiting our site, just what they are doing on it. Since our site doesn't process truly sensitive data such as credit cards then some could argue that it would not be money well spent.

It's really great to see how this proposal moves forward and the visualisation to the right is very clear - regardless of the outcome of this discussion, I think it's clear that this platform is very valuable for testing proposals that may emerge. I actually think that the system becomes more effective and the decision becomes more validated, the more people use it. I think it could deal with a large number of participants well.

I believe that any information passed onto whatever platform is used should be kept a secure as possible. Whether it only be discussions, planned events/meetings or anything else. As it has been said; this group is causing great controversy and we all know what comes with that. I myself do not understand how these things work either but I know I wouldn't feel safe discussing some things unless I was convinced it was a 'safe environment'. So I'd be willing to pay for that. I do also know though that probably nothing is totally safe from the powers that be...

@clairemorris as far as the loss of features, we are actually likely to gain more features if we host the site ourselves. The code that would be deployed on our server is exactly the same as the code deployed on this site, except as an administrator of the entire site rather than just a group, I would be able to add custom features like for example branding and plugins (if they are developed).

@em actually em, as far as a threat model is concerned, I would be far more concerned about this site being a big juicy target for hackers than us (although I am not saying we are not a target). Our site might attract a couple hundred active users for Loomio, whereas this site has the personal details of possibly thousands, maybe eventually tens of thousands of active users. As far as the site being vulnerable to being hacked into, the code would be the same on both sites so there wouldn't really be any difference.

@sharonbaskerville I will always encourage people to adopt SSL and I sincerely hope more people are willing to come forwards and help foot the bill, but I think it is worth remembering that, atleast for Loomio, there wouldn't be much material gain in using SSL if everything posted is public anyway. Obviously, there will be a gain if people start using private subgroups to plan direct actions, but I generally always advise against planning such things over the internet anyway since it is never really possible to be 100% sure that the messages are not going to be read.

@sharonbaskerville re your earlier comment about not feeling safe discussing some things. Whether hosted on cloud (Loomio's main site) or locally it's important to fully understand, that if you post on line your comments are essentially public because everybody who is threatened by a movement like this, can see everything you post whereever it is hosted.

@James I strongly believe that this is the wrong approach to security, following are my reasons.

Democratic discussions are a strength that can win public opinion. We need to publicise this and in fact replicate the data so it cannot be lost or sabotaged.

Direct Actions should not be discussed on a tool like this or any other platform online.

If people want anonymity of their views they need to do at source, which is hard for even techies. I.e get an email hosted in a privacy conscience country that will be protected by activists. Do not link it to your name or address in anyway. Never log in from your home and get and change the hardware you log in from frequently and widely change the locations you log in from. Always enter via tails or TOR and then can protect you to a certain extent and at least raise the cost of tracking you for whoever wants to get you (corporation, lobby, fascists, zionists, government, foreign government, crime syndicate or any combination of the above) Oh and dump your smart phone or any other electronic kit your holding somewhere far from the place you log in from.

And if you can actually handle all of that and you have some time, then campaign and understand that our very ability to speak out is behind our ability to gain a political solution of the war on our privacy.

Saying all that I would recommend the following for every political activist.

A) Get off gmail, yahoo mail or any email that is not hosted in a country that does not force a legal warrant process to use your data.

B) Use an encrypted phone service like silent circle on your mobile. This will get rid of low level interference from any old cop / corporate spy

C) Start following Snowden and Jacob Applebaum.

@saeedabukhari1 i'm not following which of my points you are disagreeing with and i'm not sure what you mean by replicate data. I agree with what you say about the steps people should take if they want anonymity. Please explain which of my points you think is the wrong approach to security.

In fact I propose we start a discussion on the likely security issues for Occupy democracy as a group and to individuals and then set some appropriate responses.

@saeedabukhari1 I don't think public Loomio posts are any more of a security issue for activists than the riseup mailing list since I think it is safe to assume that the police or security services will have joined the lists. I think the illusion of privacy on the mailing list is dangerous - at least on here people are well aware that what they post is public. In fact, if we do get SSL set up then Loomio is arguably more secure because when setting up a private group we can be confident (within reason) that the people in the group are really the only people reading the messages.

The best way to protect yourself on here is simply to not use your real or full name.

@James
security from whom
security for whom
security for what? these question change the debate and what kind of security approach we take as individuals and a group.

There is no protection from Not using your real or full name if that is all you are going to do from official security, maybe a fascist who is not tech savvy would be kept from tracking you down and therefore that is a good approach for those who feel it is the right choice.

@James I agree riseup mailing list and Loomio main and loomio local will be available quite easily to a police infiltrator or any other private company infiltration if they put a physical person in the group. Which in my mind, they will, I assume that is the case.

For me the conscious decision to remain an activist has implications that it may not for you. By talking about data security and going to demonstrations, I get put on a anti-terror watch list being of Muslim origin. This has implications for even where I can find a job, the more I discuss these things the higher the threat I become.

I want everybody to make their choices, "eyes wide open"

I am not bothered with this too much, if the data can only be accessed by an elite group of counter terrorism agents who need to go through a transparent and open legal procedure to follow their hunches.

Laws have changes so that this is no longer the case. Secret trials can be held and the judges can see "evidence" that his withheld from the defence. If I am thought to be guilty my nationality can be stripped from me. My data is also being passed from the UK to other countries around the world, including those whom I have protested against.

I am very bothered with this, if designation is fed through to airports, local police officers, transport police, sold on and gifted to lobbies and given to other countries and private corporations. When this information is then taken and cross refrenced with my medical details, my working and business details, my financial details, my personal and private emails to personal relationships, my photographs, my legal details and also passed on to anybody who wants to play racist and now has the power to access and control and change my data/my life because their is no accountability or transparency.

@james20 sorry that was a rant.

Re your proposal. I think we need to discuss our security threats and risks before implementing a security approach. In the meantime Loomio cloud is good enough. (Each individual know they are essentially discussing everything publicly, i.e no privacy)

@james20 replicate means we would have multiple copies off our discussion on more than one platform hosted in more than one country that can publicly be viewed, maybe we form exchanges with other occupy groups.

I.e it would be hard to trash, delete our discussions or make them unavailable to the public. A good example would be the wikileaks set up.

I'm not a tech so please forgive any ignorance on my part. There are various aspects to security. For individuals, if I join Occupy (substitute any activist group here) I just assume that I will be surveilled, that our comms will be monitored either via infiltration or blanket snooping. Fuck em, I am not anonymous I am who I am and I am standing up. Our meetings are public and we are not secretive. This is what democracy looks like etc.

For groups and record keeping the existential threat is to our data. It seems sensible to have back ups and keep all discussion open (assuming safer spaces is observed). Transparency is one of our greatest strengths. I am wary of only one or two people holding the keys to the server kingdom (OLSX website shenanigans spring to mind) how can we overcome this?
Does it really matter if we use loomio servers?

@Saeeda I completely understand your personal concerns, perhaps assuming an alias and observing strong personal internet security, encryption, tor etc etc? Sadly I believe that these draconian times are persecuting people precisely to prevent them from standing up. For those who choose to despite this, they should know that they are representing thousands who are afraid or trapped in circumstances which prevents them from doing so themselves.

In principal I think we should be open but with processes and procedures which protect us from bullying, trolling and any other abuses. Strong working groups help and have complete autonomy in how they choose to operate.

@saskia1 I agree, I would add.

If you are a citizen of europe you are under surveillance and your data is being collected and shared for at least 10 years. This includes every email, every website you visited and every phone call. (See citizen four, the documentary)

If you are a part of occupy democracy or any other activist group you are flagged for a higher level of surveillance. You cannot avoid this. On public forms like loomio, you cannot protect your conversations assume they are public.

Direct activists best not discuss/organise their activities on Loomio.

Groups like occupy democracy may be subject to efforts to shut them down, take down their servers etc. They can also be subject to hacking, changing our data. That needs a security strategy that is robust and I believe is worthy of a discussion so it can be a comprehensive response to the risks we face.

@saeedabukhari1 it seems to me that your disagreement to my proposal is more about the security implications of adopting Loomio altogether than it is about whether the service is installed locally or on the cloud. With regards to your comment that Lommio cloud is good enough, I would have to disagree. As I have said, it is always better to be in control of the database hosting our conversations. Sticking with what we've got at the moment (the cloud option) is not as safe as hosting the service ourselves.

I don't plan on installing Loomio locally until the end of November anyway (whether or not we start using it) since it is still in beta (testing) until then.

@em has my earlier response to your concerns offered you any comfort?

@James, My concerns were more like what I think Saeeda is saying. Not that we'd be more likely to be snooped on via the OL website - I tend to assume we're being snooped on wherever we are - but that the OL website would be easier to crash or meddle with than Loomio itself. I don't know how correct/relevant that is, but saeeda seems to have serious concerns and to understand the tech and security sides of things. I don't really get the 'pros' of putting it on our server, either. So I remain ambivalent-to-disagree but I wouldn't outright block if everyone else thought it was a good idea.

I think we need to evaluate whether it is any good in the first place before can get into this question?

@em fair point :)

@ronanmcnern yes, I agree. I guess I only made the proposal at this point to save duplication in case people decided to adopt Loomio and just carried on using the site.

I would also be interested to know if people envisage us moving all discussions onto here and to stop using the mailing lists. I notice that people are NOT automatically subscribed to new posts when joining a group (something I could of course change if the site was hosted by us), but it might get a bit confusing if we did decide to start using Loomio but then carried on using the mailing list.

I'm all for using Loomio, it's ideal in my opinion!

It is certainly better than either email or FB for a number of areas including, but not is limited to, the testing of and refinement of proposals. I would like to see all our complex proposals be put on Loomio before they are put before a GA. The "demands" OD produced at the end of the occupation in Parliament Square would have certainly benefitted from such a process of refinement

Testing and refinement of proposals before presentation at GAs makes a lot of sense.

Radical Routes (network of co-ops), who are very experienced in consensus decision making in large groups, always present proposals online first and people make objections, which have to come with suggested amendments, and the proposals get refined (or dropped if it's obvious there are numerous major objections) prior to the decision making quarterly Gatherings. No decisions are made online, but the proposals just don't come to a Gathering (the Radical Routes version of a GA) until everyone's pretty sure all the problems with the proposal have been addressed.

People who don't go online don't need to feel excluded - they can still make objections, amendments etc in person when the proposal is presented - but all the 'onliners' objections and amendments are incorporated into the proposal in advance rather than being ignored. Proposals that reach consensus are therefore really strong and take into account the voices of far more than just the people who can physically get to a GA on a particular day.

I don't why all the need for security. If our GAs are conducted in the open; if a lot of the tools we rely on are hosted by companies such as Google, Facebook and Twitter, I don't see the point of hosting the data on our own servers unless we also plan to stop using the services of the afore mentioned companies

@james20 I agree with John Sinha, everything is public, so privacy is not an issue. (Note: Privacy is different from security or is only one aspect of security)
I am for hosting loomio on more than one location and replicating it so our discussions and decisions are not vulnerable to attack if this is to become a movement that is seriously challenging to the current status quo.

However the first step before making a decision is to discuss and create a security strategy based upon our likely threats. On that basis we can choose where and how to host the data.

Apologies. Using phone and posted on wrong thread.

@steverushton since 2011 our servers have very kindly been provided for at no cost by http://www.openhost.org/. The servers are hosted in France and are managed by http://www.ovh.co.uk/. This hosting service has been incredibly reliable so I don't see any reason for us to migrate to Iceland unless either someone else over there is prepared to offer us free services or we find a pot of money large enough to cover the costs of a dedicated server for 3 years upfront.

Iceland is good for making sure that the company hosting our data doesn't hand over our data. I think it is more likely that if anyone wanted to access our data they would try and hack us.

Openhost benefits from running entirely on open source software so there is much less of a chance of back doors being left in the software by software companies.

Regardless of whether we host our servers I would like to propose at some point that some money is put aside to buy SSL certificates for the site.. but i'll leave that for another discussion.

@James and @steverushton

a) Moving to our servers will centralise not decentralise, if that is the only location and there is a single access point. I think our servers should be used as a replica point.

For non-techies there are two aspects of decentralisation. 1) is organisational. Are we forced through a single organisation or company to manage our tools and data. Can we easily put the same tools and data somewhere else without having a relationship with that company or organisation.

2) The second aspect is. Do we put our eggs in one basket or do we essentially clone those eggs and put them in different baskets in different places. If one basket of eggs gets smashed we have many other baskets of eggs that we can switch to. The single server approach I believe may respond to a) and does not respond to b)

b) The reasons hackers are moving and people like Snowden, Poitras were looking to move to certain countries over others is the same reason that we need to move our servers to Iceland or Germany (Jacob Applebaum and forefront of hacker movement for privacy at the moment and Wiki folk are there)

Its not just privacy of data, its the ability of state vs people to shut us down.

@james20 I would like a brainstorm with technical working group or create one it if does not exist. Its too important. I will put a proposal up.

I don't think it's about eggs in baskets. David Price and Nafeez Ahmed have written about the militarization of anthropology, the Minerva project which is spending millions on “socio-cultural modelling” and “social network analysis” in order to spot the domestic extremist. Loomio is brilliant but it is also a gift for those (not very intelligent) intelligence agencies that want to “understand, detect, forecast and mitigate” what they see as peaceful protest getting out of hand, particularly when inevitable civil unrest happens. Unlike facebook which just produces data about consumer’s “likes”, Loomio and democracyOS gets us to write our own participatory anthropology surveys and produces loads of data mineable information on individuals agreeing, disagreeing, abstaining, blocking and how opinions, arguments change over time and it is aimed at activists! I am not saying that Loomio/democracyOS are funded or linked to Minerva but I do think using Loomio as a host makes it a little too easy for intelligence services to data harvest. Maybe this would be a useful question for Ben Knight and Pia Mancini, where are their servers, how secure are they? I assume they have considered this question already and maybe they can convince that this will never happen or that they will never accept that billion dollar buy out from Google when they get successful and sell all our data. Until then I think Loomio is brilliant but maybe a little safer on OL servers with SSL certificate at the moment, Iceland/Germany would be better but what would that cost?

@adrianbrewster I agree that Loomio and DemocracyOS can be mined to, as you say; "Loomio and democracyOS gets us to write our own participatory anthropology surveys and produces loads of data mineable information on individuals agreeing, disagreeing, abstaining, blocking and how opinions, arguments change over time and it is aimed at activists" .

OUR CORE IDENTITY
By our nature we must make this information public and viewable, once it is in that state we cannot prevent this analysis from occurring whichever server that exists on.

Technically, once it is public, screen scraper technology can take that information and reformat into a tool which can do that analysis and are doing this now for a whole variety of private companies.

b) We also need to do that same analysis and spread the knowledge widely among people as we learn to work in this way democratically. We must therefore keep that information disseminated and public, safe and viewable.

Sorry to say it for your concerns about the one server local or subscription to Loomio direct is again a red herring.

I tend to agree with @ronanmcnern that a conversation about security is secondary to the conversation about whether serves our "needs". We did not agree to test out Loomio because we wanted a secure place in which to have sensitive discussions but in order to have a place where we could refine GA proposals, our "demands", etc.

I agree with @johnsinha that, since we are a peaceful pro-democracy campaign we should have nothing to fear. Attempts by the state to clamp down on the campaign will only backfire (as they are/have already). We need to be as open as possible so we can grow this movement. Our strength will be in our numbers and our ideas which are popular and incontestable.

@saeedabukhari1 Is there way people can turn off email notifications for every comment that is made on a Loomio discussion? I would be much warmer to Loomio if my email box wasn't overwhelmed by its notifications. The "yesterday on Loomio" summary would probably suffice?

I agree with @johnsinha that Loomio seems like a good place for refining proposals that can then go to a GA and it's encouraging to hear from @em that this 'refining proposals online in advance of GAs' process is something that is already working for Radical Routes. I'd like to hear from @saeedabukhari1 and @steverushton or anyone else about other online platforms and particularly ones that might be have been used by Iceland, Syriza and the Pirate Party.

@phil_england click down on your name at the top of the page and then email_settings and choose the email settings you want. Make sure you uncheck the boxes you don't want.

Here's a platform they've been using in Iceland that I think we should check out https://www.yrpri.org/home/world It was flagged up at the New Putney Debate "Rethinking Democracy" on Sunday. What do people think?

@phil_england, I like it but I think this is better for day to day discussion, the other tool is a bit clunky. I like that there are categories and that you can flick through different countries to see the international view.