How does software practices impact (vulnerable) users?
Software practices that impact users are defined as:
governance, technology and design practices (including processes, systems and set of decisions made in these fields) which have impact (demonstrated or theoretical, negative or positive) on individuals' or groups' security and privacy and other fundamental rights.
Open Integrity therefore collects data to measure the adoption of software practices that fit this definition and the ongoing framework consultation helps define which software practices fit the definition and how to measure their adoption:
Which questions do we ask and which data do we collect?
We aim to answer key questions about software best practices:
How are end-users impacted by software practices in security and privacy, with a particular focus on vulnerable users. Read more about our thoughts on impact
Which best practices impact end-users, which type of vulnerabilities and adversaries do they aim to mitigate for?
Which metrics can be collected that will help measure software practices, i.e. which type of evidence can be collected in order to verify the adoption of best practices?
How should the scoring be determined, i.e. in which way can the fulfilment of certain criteria be aggregated into a score which will reflect end-user concerns and risks?
What does success means for us?
Our data is reliable and up to date as well as categorised appropriately.
Our audience is engaging and contributing their expertise and data.
Tool developers are adopting best practices.
Educators and advocates are using our data.
Which software do we focus on?
In this phase of our project we have selected Asynchronous Instant Messaging tools as a first focus. Within this category, we're focusing first on tools available on the Android operating system.