On the 1st of April 2016, the Open Integrity Initiative (OII) team gathered with hundreds of activists and technologists from the Internet and Human Rights sector in San Francisco. Similarly to the workshop at IFF in Valencia, the participants were invited to join in an ongoing discussion about software's security and privacy best practices and share their views on how to better measure them.
As a starting point, the workshop built on the list of hundred of metrics assembled by the OII team over the past two years about software development features such as governance, systems, architecture, build and user experience. We used the OII participative framework [http://openintegrity.github.io/openintegrity.org/framework/workflow/meta/] to guide the development of partnerships and infrastructure to capture metrics about software practices ensuring users' privacy and security. Following this interactive process, we asked participants to share their own experiences or scenarios concerning these issues.
Through the discussions, the framework allowed us to collect meaningful feedback to understand how specific practices mitigate specific threats in a constantly evolving context. This meeting also gave us the opportunity to collect insights regarding the debates currently at stake in this field of expertise. It is essential for us to encapsulate this information in available metrics to improve the transparency, reproducibility and traceability of the issues and assumptions.
This interactive session benefited from the enthusiastic partipation of the attendees and contributed to successfully flesh out a common ground for our software assesment metrics.
If you would like to send us feedback, or know more about the session at Rightscon Silicon Valley, drop us an email or a tweet at @openintegrity[https://twitter.com/openintegrity].