õpib ise ja õpetab edasi, vahel ka tagasi

For past 20 years or so Estonian e-government – and the x-road backbone – have been promoted with promise of transparency. Yes, we keep a lot of data, but it is stored securely and you can always check who has accessed it. This means transparency and trust. Or “trust”, as in this The Guardian interview with Toomas Henrik Ilves:

The Estonian system, he explains, is based on “trust”. While the national database can be accessed by the authorities, he stresses, the citizen has to be notified when their records are observed. So if the system hasn’t been built on Blockchain technology, it nonetheless operates on Blockchain-like principles – creating a data system that can’t be altered with notifying both the authorities and citizens.

This is what Ilves calls a “Lockean contract” between digital citizen and the government. The 21st-century networked sovereign, he says, is the guarantor of what he calls “data integrity”. While the government can’t access our data without our knowledge, the citizen no longer has any anonymity in this system.

Problem is, there is no such transparency – no notifications, no place to log in and see who has accessed your data. There was one system with such functionality, but that was shut down like 10 years ago (added: there is one more system now: E-health, sample below). And even when it worked, it displayed only trivial amount of accesses – like if police used the data while identifying me during traffic stop and I had done nothing criminal (my car’s mandatory checkup had expired) that wasn’t visible. As I had also forgotten all my documents (and money) at home I was of course totally in favour of them identifying me via databases… but anyway, there’s no trail of that positive moment that I can show to you.

The rest of the databases? I recall a meeting (in government residence, no less) where the topic was discussed, possibly on a roundtable arranged by National Audit Office. After some serious googling I found a contact address where to submit a request to get information about access to my data in population registry. It took some months to get answer, as supposedly information about who had requested my data was only available in “comments field” and had to be assembled manually. Promoting the idea of requesting such transparency is a good start for denial-of-service attack on Estonian e-government.

Then there was a case when somebody from Ministry of The Interior was promoting some new legislation mandating more data storage with the argument, that everybody is able to see who has been accessing the data, so it is not a privacy violation. Our correspondence ended after couple of rounds, after she was unable to find any proof of solution where I can view the access log.

And don’t get me started on the question of who can purchase the data from our population registry or from business register. Want to get contacts of underemployed pensioners? Give us your monies! Want to spam every e-resident who has created a company? Sure, all addresses in registry must be business contacts so spam away (and give us some monies)!

THI is as kickass president as they ever get – but there is some serious ass-kicking to be done back at home, to cover his own that has been left without notable protection on this trust issue.

Trust in Estonian e-gov databases is completely meme-based. As a citizen I should presumably be able to see, who has accessed my data. As a former tech journalist someone should have told me I’m wrong and shown me the place to see the data. But it’s like… you know, jet fuel doesn’t melt memes.

Correction – There is one system that currently displays access log, Estonian E-Health’s Digilugu.ee “patient portal”. While it is difficult to tell if all accesses are listed I can find most of the cases where I recall having had interactions, like my filling of “health self-assessment” and a doctor accessing it to provide me with proof-of-health needed for driver’s license:

This was meant to be a temporary post – so I could easily publish some notes during eTwinning PDW 2014 workshop… but as I didn’t prepare any slides I’ll keep it up so it can be linked into conference materials. AND it can serve as template to my next lecture, titled “Teaching young hackers” that I’ll present on a conference taking place in my old school – where I learned to be hacker some 30 years back.

Codecademy was the main topic this time – but as discussed on Saturday in some smaller circles we should not ask “how can we use Codecademy in classroom”, as simply learning to code – or coding – shouldn’t be considered as the target. What are the cool / useful / fun things one could do with code – to create need for learning to code? Like – Minecraft is written in Java, but if you want to create mods you can start with simpler Javascript ScriptCraft mods … and JavaScript can be learned on Codecademy. Hmm, could we create a course for using ScriptCraft? (btw – Minecraft can be used for designing models that can be 3D-printed, see Printcraft and minecraft.print())

Or, for less game-minded – could solving Project Euler math problems be reason to learn programming? Could you do music or paint? Or could you evade surveillance – like in Cory Doctorow’s Little Brother (must-read, mostly culture not code)?

Also – please bear in mind, that programming might NOT be for everybody – as Jeff (who can program) explains in Why Can’t Programmers.. Program?. Let’s make sure all “we’ll teach all kids to code” projects (a) give all kids chance to understand if concept of coding is suitable for their mindset (b) take a wider approach and promote the idea that not everybody developing software is coder: we need at least us much designers, architects, technical writers, testers (you can break things and earn money!) etc.

Actual courses we looked at during workshop:

• HTML+CSS – http://www.codecademy.com/en/tracks/web/
• Javascript – http://www.codecademy.com/en/tracks/javascript
• JQuery – http://www.codecademy.com/en/tracks/jquery
• Python course is also very good (specially if you have a reason to learn Python, like your robotics club uses that) but PHP – while used by most popular web content management solutions – is crowd-sourced and somewhat weaker and less-fun.

Playground for your own projects – http://labs.codecademy.com/

Or use (and learn from) http://codepen.io/ or http://jsfiddle.net/

Or open Developer Tools in your browser – or use https://addons.mozilla.org/en-US/firefox/addon/greasemonkey/ / http://tampermonkey.net/ plugins.

Or… look what Bret Victor thinks about tools we acutally need for teaching:

http://vimeo.com/36579366