humanitarian.info

• MapAction and BrightEarth both feature in an article in the Independent entitled “Mapping the disaster zones” – how they think up the intensely creative titles for these articles, I just don’t know. Interesting enough, but these articles always leave me with a sense that the writer just doesn’t get it – apparently “Within 48 hours: The latest field information is combined with accurate 1:5,000,000 “base maps” to form the first complete maps of disaster-zone data”, which is news to me.

• At the bottom of the press release Intel, Grameen Announce Joint Business Venture to Fuel Social and Economic Development Opportunities Empowered by Technology, we learn that Intel have teamed up with NetHope to develop new solutions for the field, the first (and possibly last) of which is the Aid Station, a “rugged, purpose-built, low-cost technology platform suitable for use in harsh, remote locations”.

• Jon Thompson sends me links to two initiatives which mainly force me to ask the question “Why?” NGO Post and Commkit are both well-intended, but both seem to be hell-bent on reinventing the wheel. If Digg works, why not just create an NGO channel on it rather than build an entirely new NGO version of it? If you need “a humanitarian communications platform that is autonomous (works with very little infrastructure) and accessible (anyone can use it)”, then why not use the internet with Sahana running on it? OTOH, it’s standard NGO practice to reinvent the wheel, so maybe I shouldn’t be surprised – however if anybody can shed any light on either of these, I’ll be more than happy to revise my opinion.

• Development Gateway have launched two new dgCommunities – one for Disasters Prevention and Response and one for Stabilization & Reconstruction, both with the Center for Strategic and International Studies. This partnership seems to have emerged out of CSIS giving up on the idea of launching their own community, the Hub, which explains the inclusion of S&R (terminology which the US military loves and the humanitarian community does not). I’ve nothing against community sites, but I’m waiting to see one in this sector which works as a community (particularly following my own experience with AidWorkers Network).

• The OLPC XO2 is announced. Quoth OLPC news:

On top of that it seems as though a new UN Millennium Development Goal is in the works. The press-release quotes Nirj Deva, Member of the European Parliament, as saying: “One Laptop per Child and the XO laptop are crucial to the fulfillment of the proposed UN Ninth Millennium Goal: to ensure that every child between the ages of 6 and 12 has immediate access to a personal laptop computer by 2015.”

Somebody shoot me. Or better still, send me more news for this section.

Now that I’ve got my snark out of the way regarding Twitter’s role in breaking the news about the earthquake in China, it’s time for some more positive. One of the projects going on behind the Burma cyclone is the development of Geochat – basically a spatially-enabled Twitter – as a disaster response tool. Given that I’ve just snapped at the likes of Robert Scoble for cheerleading about Twitter as a news source, why do I think that something like Twitter has a role to play?

I’m not saying that Twitter (and others like it) is useless – far from it. It’s a tool and, like many tools, it has many uses. The example from the earthquake today shows that Twitter can provide a wealth of details on current events – but that wealth of details is difficult to filter and has no quality control. If you know of a particular Twitterer who is a reliable source, then you can follow them – but for the casual reader, most of the flood of detail won’t rise above the level of gossip. Essentially, the Twitter stream isn’t targeted enough to be particularly useful to me.

As both of the regular readers of this blog will know, I’m interested in how these tools can be used in humanitarian operations. In this case, we want to see how microblogging via sms can be harnessed for reporting – for logistics updates, for example, or reporting security incidents. We want to see how co-ordination activities might benefit from having sms notifications as an extra stream of communications, on top of email and telephone. We want to see how beneficiaries might be able to use these channels to build their own picture of their situation and to increase accountability (that one’s a bit optimistic, I admit).

If the technology community really wants to show that Twitter is a force to be reckoned with, that’s where we need to be headed. It’s fine to gloat about beating the mainstream media to the news story, but that doesn’t actually help anybody. Let’s see where this Geochat development takes us – it could be the start of a beautiful friendship.

So, cyclone in Burma followed a week later by earthquake in China. Business as usual, I’m afraid – we live in a world of accidents waiting to happen. When an accident does happen, though, how do we know about it?

There’s been a blizzard of coverage in the blogosphere about how Twitter beat the US Geological Survey to the punch with news of the Chengdu Earthquake. Twitterer dtan felt the earth move under his feet in Beijing, and his twitter was picked up by Robert Scoble, one of the world’s best-known technology writers and a man with about 23,000 people following his Twitter stream. On his blog, Scoble explains:

I reported the major quake to my followers on Twitter before the USGS Website had a report up and about an hour before CNN or major press started talking about it. Now there’s lots of info over on Google News. How did I do that? Well, I was watching Twitter on Google Talk. Several people in China reported to me they felt the quake WHILE IT WAS GOING ON!!! Over the next two hours I pointed at anyone who had info about the quake on my Twitter account.

The result has been a whole discussion about how this shows that Twitter is a force to be reckoned with. The Online Journalism Blog goes link crazy on crowdsourcing without managers, so start reading there and follow the trail. The key indicator for the Twitterers (ironically) is a post on the BBC News dot.life blog:

I was beginning to think Twitter – the micro-blogging service that’s all the rage amongst the technorati – was just another fad for people who want to share too much of their rather dull lives. Until this morning. When I logged on to my desktop Twitter application (sad, I know) it was alive with Tweets about the earthquake in China… Let’s see, as this story unfolds, whether this is the moment when Twitter comes of age as a platform which can bring faster coverage of a major news event than traditional media, while allowing participants and onlookers to share their experiences.

Many of the comments on these posts express their skepticism, particularly about the claim about having the news before the USGS – it’s more likely that the USGS was cross-checking their data before releasing it. This relates back to something I wrote a few weeks ago – there’s no accountability on Twitter, so there’s no requirement for people to check facts.

When the World Trade Centre fell, the reason I knew about it was that my Dad phoned me and told me to turn on the television. This Twitter coverage operates in the same way – as gossip, rather than news. Check out the direction of the conversation on Twitter after the initial news breaks – it falls into three categories:

1. This earthquake is terrible, isn’t it?
2. Here’s a link to a news source with some actual detail about the earthquake.
3. Isn’t Twitter great for breaking this news first?

That doesn’t mean that it’s not valid, useful or interesting – but it does mean that you’re not going to find it that useful as a news source. If you think I’m harshing Twitter’s buzz, then you should try Better Living through Software:

It’s silly in the extreme to act like twitter is somehow breaking news, though. Masses of people within China found out about the earthquake as it was happening via messages from friends on QQ (which is massively more popular than twitter), and CCTV carried the news almost instantly. I suppose it’s cute that some English-speaking expats using echo-chamber technology were able to *also* report the event on twitter, but even the tweetscan example seems a bit lame to me. When I search for tweets with the word “地震”, tweetscan gives me nothing — apparently tweetscan doesn’t care about Chinese.

Ouch, but a fair ouch.

UPDATE: As always, Global Voices Online is the solid antidote to Anglocentrism, while the Frontline Club is much more positive about the whole Twitter ride.

So it all kicked off in Myanmar this week, except that it didn’t, because the military regime has managed to bungle the response to Cyclone Nargis. We could get into a long discussion about the whys and wherefores, and there’s some frightening talk about the “right to respond” over-riding sovereignty, but let’s stay focused on technology. At least it’s relatively non-controversial, except that it isn’t, because Myanmar is one of those places where internet access is a non-starter, where satellite telephones are essentially illegal and where the technology infrastructure (e.g. suppliers and maintenance) is close to zero. What that means is that we’re going to be extremely limited in what we can do on the ground. So what is happening?

• A Sahana instance is being set up for the use of anybody who needs it, with the support of INSTEDD and possible uptake by NetHope members.
• Direct Relief International have done up a KMZ file of health facilities in-country, based on the WHO 2002 Global Health Atlas.
• OCHA are prepping a HIC to support the existing Myanmar Information Management Unit, who have already put out some W3 maps. UPDATE: MapAction have also deployed in support of OCHA and have maps available on their website.
• UNOSAT have also got their sat on with a KMZ file of the cyclone path and the usual satellite mapping.
• Ditto ITHACA, who have released a series of satellite maps showing the impact of Nargis.
• ReliefWeb’s info stream on Cyclone Nargis is of course like drinking water from a hose, with their map filter probably most useful.
• The WorldWideHelp blog roars into action with all the news that’s fit to blog.
• A couple of the mailing list discussions that I’m on are talking about ways in which we might leverage cellphone and/or satellite phone communications if they become available, particularly for tracking relief and relief personnel.
• Digital Globe and Geo-Eye have hopped the NASA satellite for an updating KML layer on the cyclone.
• Microsoft apparently have a team on standby to deploy the refugee tracking software that was developed for Kosovo (no reference yet). Microsoft are focused on supporting the HIC, and are ready to respond to other requests from the humanitarian community.
• Telecoms sans Frontieres are also on standby out of Bangkok, waiting for access to free up.
• Also Infoworld points out that – with regards to early warning – IT didn’t fail Myanmar, people did.

I’m nowhere near being deployed for this one (particularly as the government apparently is still refusing entry to foreign aid workers), but all of this makes me feel that we’re headed in the right direction. However until the government lets agencies start doing their jobs with less restrictions on movement and communications, we’re not going to see the benefits – another example of how the technology can be rendered much less useful when the political environment isn’t supportive. I leave you with the words of Surin Pitsuwan, Secretary-General of ASEAN in his speech last Thursday:

In spite of the technology that we have, in spite of the power that we have, in spite of the network that we have, we still lose lives needlessly… So it is more than just the power of technology, it is more than just the transformation of society through technology, it is certainly a shift in paradigm here in the minds of our people and particularly our leaders. Because if you don’t have that shift, millions and billions of dollars worth of technology cannot deliver effective, timely relief to people when they need it most, because we have reservations about opening up our borders for cooperation, because we have hesitation about cooperating with the outside world, because we have mistrust of the outside world.

• Katrin Verclas at MobileActive and Sheila Kinkade (of ShareIdeas.org) have finished Wireless Technology for Social Change: Trends in Mobile Use by NGOs [pdf]. The report covers a wide range of uses, including public health, advocacy and disaster response, with some interesting case studies (including the recent post-election riots in Kenya). You can read more about it at the MobileActive website.
• The National Library of Medicine have published Information Seeking Behavior and Viewpoints of Emergency Preparedness and management professionals concerned with Health and Medicine (snappy title, guys). Murray Turoff has the entire text online there, or you can dowload the complete report [pdf]. “The emphasis of the study was on determining the current information seeking behavior, existing preferred sources of information, and unmet information needs of professionals involved with the medical and public health aspects of emergency planning, preparedness, and response.”
• A CSM article on Patrick Ball of Benetech. No great insights into human rights documentation and analysis, but a couple of nice stories about Ball’s experiences (HT: Flowing Data).
• NetHope have opened their West Africa Chapter - very gratifying for me to see these Chapters spreading ever wider. The ICT Skills Building Program is also going from strength to strength this year, with trainings announced for Nairobi, Johannesburg and West Africa.
• LINGOS have their new community website up and running [Warning: SharePoint alert!], with the invitation to register with them. The community is very active, and LINGOS offer a lot of resources on the website. Oh, and I’m sorry we never managed to organise that Webinar, Linda!
• The Economist realises that mobile phones are being used for election monitoring, public health, and advocacy – only a couple of years late, guys! – with the article A world of witnesses (HT: Katrin at MobileActive).

Well, not yet, but they will [pdf]. Janet Ginsburg explains the development of the idea of the Humanitarian Technology Review, while Bruno Giussani covers the recent TED breakfast, where Eric Rasmussen gave an update on InSTEDD.

Initially the idea of a Humanitarian Technology Review sounds like a good idea – if it’s done right. The first two questions – remember the first two questions, everybody! – are: who is the target audience, and what do you want them to do with the information you’re providing? The briefing paper I linked to above says

The Review’s readers, like the Review itself, span many niches: medical researchers, software developers, policy-makers, funders, doctors, veterinarians, communities trying to prepare for or reeling from disasters – even other media.

The one group that is noticeable by its absence is – well, me. People like me, anyway, who seem to fall under the catch-all term “practitioner”. I see doctors and veterinarians in there, but which doctors and veterinarians, exactly? I think it’s likely that I’ve misunderstood – the briefing is explicit that this is about building connections between disciplines, and it’s clearly aiming at a wider audience than the humanitarian community.

If we look at the disciplines that they’re talking about, it’s a wide selection, so it’s probably easier for me to focus on the technology examples given in the review:

• lightweight fabric + satellite technology = a cheaper portable satellite dish
• software + cell phones = real-time surveillance for bird flu
• GIS + interactive mapping = real time tracking of fires and floods
• solar panels + refrigerator = reliable field transport for vaccines
• filter + straw = a mobile water purification device
• open source water tech + microfinance = funding for small water projects
• genetic sampling + fast data analysis = identifying a pathogen in hours

I’m going to think about those examples over the next few days, but I’m struggling to see how a publication can cover all of these and still appeal to a coherent audience. That’s why communities of practice exist around epidemiology, water and sanitation, and the like – because they’re focused enough to hold peoples’ attention.

The success or failure of the HTR will be in the delivery, and on that front I’m very positive about their proposal to combine different delivery streams. At the very least, InSTEDD’s deep pockets will enable them to experiment and see what works, although I’d warn them not to expect collaboration to magically appear – two years on ECB teaches you that for nothing.

(NOTE: Full disclosure – I thought about a similar idea a few years ago, but gave it up because I didn’t think it was viable. Two attempts have been made to develop this sort of thing previously – ReliefWeb’s HIN and CMI’s PeaceIT [pdf] – but the InSTEDD concept is much wider.)

Earlier this week, Paul noted that computer network attacks could have an impact on future relief efforts. In the early days of NATO’s Kosovo air war in 1999, I remember chirpy NATO spokesman Jamie Shea saying that the NATO website was under attack by Serbian hackers. Who knows whether it was true, or just a ruse of some sort, but was it the first government-acknowledged mention of cyber-warfare? There are a few more interesting things to note about that story: the BBC still had an “Internet Correspondent”, reporting on events in that far-off planet of “cyber-space”, and it was filed on 1 April 1999. Hmm …

Anyhow, back to the important business of digital security. I prefer the blander term information assurance because the work we’re discussing has so many angles to consider beyond ICT. To illustrate this, marvel at the McCumber Cube, designed by security guru John McCumber in 1991:

[Graphic courtousy Munawar Hafiz, on Wikipedia]

Handy, eh? This clearly relates geeky technical and operational considerations to the purposes for which information is collected and used in the first place. There’s little point considering how to secure information before defining why it needs securing, which requires a consideration of who might gain/lose from possession of the information.

Likewise, as Kevin over at Patronus rightly pointed out, social engineering – or how an adversary relies on your politeness, habits and generally positive view of humanity to get you to hand over the jewels – is an effective way to break the most technically secure of systems. Commercial organisations have long been using external actors to test how vulnerable they are to theft of information. This penetration testing industry has become commonplace enough in the US to spawn its own reality television show. This service (and perhaps the reality TV show!) could easily be extended to NGO offices, should the need be demonstrated.

I wonder how McCumber’s information assurance model dovetails with common approaches to NGO security, and how current materials – like the ECHO Generic Security Guide – could be updated to take it into account.

Pass the cube around the office and start the discussion.

I promise that this is going to be my last post in what has turned into “Digital Security Week” here at humanitarian.info. A lot of my thoughts on this have been brewing since the the cyber-assault on Estonia last year, which at least had the positive effect of bringing the issue to a much wider audience than ever before.

This is the flip-side of e-governance – increased government reliance on the internet creates more opportunities for abuse. However Estonia has learnt from its experiences, with the result that it’s now a far more difficult target for cyber-attacks, as well as successfully prosecuting at least one of the perpetrators.

Although the attack has not been tied to any specific institutions, suspicions that the Russian government may have been involved have persisted, which raises a critical question, posed at its simplest by a BBC report on digital Estonia:

As a member of NATO, a military attack on Estonia would be treated as an attack on all NATO states. So, how about a cyber-attack that cripples its information infra-structure for weeks?

If the Kosovo war were to happen today, I have no doubt that NATO and the UN would be subject to similar attacks, whether organised by another government or not. I wrote yesterday about the experience of the Save Darfur campaign, and with the recent unrest in Tibet, a number of Tibetan NGOs are reporting malicious emails with attachments that target client side vulnerabilities.

At the moment, most of our organisations are not vulnerable in the same way that Estonia was – I doubt most people working in the field would even notice if their organisation’s website went down. (Advocacy organisations who rely on the web for their organisational presence are far more exposed.) However our servers can still be overwhelmed, leading to the failure of key finance, admin, communication and logistics functions; and we grow more dependent on the internet for these functions every day.

The best time to address these issues is now – before they become problems. The humanitarian community needs to make sure that digital security receives the same attention as physical security, addressing skill gaps in our staffing at headquarters and the field, and making sure that our technology adoption prioritises security as a critical factor.

We haven’t even begun to discuss more basic aspects of digital security, such as encrypted communications or secure storage. Maybe Digital Security Week should turn into Digital Security Month…

Hat tip on the Tibet story: NGO Security.

Cisco have done a lot of good in our sector through their support to NetHope and similar initiatives, no doubt about that. However the promo video on their Telepresence site manages to showcase the least useful way we could possibly use their technology, as well as putting the stereotypical “young white middle class aid worker” in the centre of the frame – instead of the people that we’re supposed to be helping.

UPDATE: Okay, so I got hit by the grumpy stick this morning.  On the other hand, the first draft of this post was far more vitriolic…

UPDATE 2: Also, did you catch the obscure Western reference?  This blog is in danger of becoming too much like my personal blog…

Sequence of events:

1. Benazir Bhutto assassinated.
2. Pakistan goes postal.
3. Telecoms/internet disrupted.

Although Masud’s post isn’t clear about what specifically brought the internet went down, or how they brought it back up again, he does have a good point about why these things happen, and what urban planners / architects / anybody who’s listening might do about it:

PTCL Telephone exchanges stand out among buildings. Banks, Telephone Exchanges, Shops and the like are the first target of an unruly mob. TWA1 or other small operators are not that evident. No one knows the whereabout of their landing stations,Points-of-Presence etc. So, during rioting, they do not make identifiable targets.

So a) small is beautiful as far as internet providers are concerned, and b) make sure you have redundant connectivity.  I’m glad that the internet was back on after 30-odd hours, but I’m sure that it won’t be the last time this happens in Pakistan.