moratorium, n.: I won’t ask you to be responsible when I push myself into an abyss if you won’t ask me to pretend I’m on stable ground.
— David Levithan (@loversdiction) 9 janvier 2017
moratorium, n.: I won’t ask you to be responsible when I push myself into an abyss if you won’t ask me to pretend I’m on stable ground.
— David Levithan (@loversdiction) 9 janvier 2017
Standard is about building consensus, in long meetings. Spending few days of meeting, keeping concentrated on governance aspects, even with the most friendly folks is not always easy. To survive and share with the group good ideas and insights, I am working as a team with my little voice. And here are the things this little voice reminds me when things are getting boring, crazy, unexpected, too warm… Well, here are some crisis hints for marathon meetings.
Virginie, do not to get nervous when you suspect bad faith around, do not to get nervous…
Hey, honey. Make your points, one by one, taking time (you deserve the time you use).
I authorize you multi-tasking, when you can afford, it also releases tension when the conversation is getting warm or turning in circle and there is nothing you can do about it…
Relax. Listen with no intention at all to answer, you will make your point tomorrow.
Ask this simple question, go, ask it ! Go! Raise hands !
Rule number one. Express your perspectives, your general goal, to allow other to understand where you wanna go (I came in peace) …
Pffff. Don’t know what to say ? Try ‘That is an interesting feedback’…
Virginie ? Did you read the fucking manual (aka, the material supporting discussion, mail, communication related to it, controversial content, …)
Come on ! You will not win that decision in one shot, take your time, this meeting is not the only one.
Be polite. Thank you, mister or miss, for supporting my ideas.
Pssst, state the problems, even if you dont have the solution, some one else may…
Thanks to that voice, so helpful not to loose myself. It deserved a blog post…
Think about kindness, empathy, contribution, responsibility, yourself, values, stand up, perspective, peace, hope…
How long have I been wandering in the tech standard ecosystem ? 12 years ! Yeap, 12 years supporting the great ideas of advanced products, building with customers, competitors, partners some industrial solutions. Changing market or technology focus every year, to keep the interest up and learning things. In the telecom area, in the banking field, in the mobile planet and for the sake of the web. I have been proudly representing my company in ETSI, GSMA, SIMAlliance, GlobalPlatform, W3C, OWASP, FIDO Alliance. All those organizations may not sound familiar for you as they are mainly dedicated to B2B markets, or specific to the security industry, but this is where the actors of their respective fields do agree on common technology. Balancing their own interest, with power, smartness and being vision driven (well, …).
And ? This is the end of that series of travels all around the world. Where I could have Sake with some friends, hamburger with others, german beers in gardens, and special moments with those tribes. All having their strong characters, their dedicated supporters, their eternal detractors, their fantastic chairmen and chairwomen (less usual). I met hundreds of people, able to make distinction between conflicting business interest and friendship. Being able to change their mind, learn and share their good advices and experiences. Each tribe was a new continent that I had to discover, understand, and convince (and ended loving them). Leaving that (most of the time) friendly ambiance is a hard decision.
I was offered a great job. Managing the communication of gemalto technology innovation. Cross market, cross company, cross people. The kind of job that you cannot decline when, like me, you used to spend your energy in valuing each pieces of innovation or creative person you met. I said yes. And that ‘yes’ moment was a great one – that I am still appreciating. I am currently making up my mind, drafting strategy, listing all great things that position will allow me to do. Trying to make sure to infuse the spirit of making, sharing, valuing people, stays in the plan, like I used to in all my previous missions. More in few weeks !
Picture : Saint Malo diving, by Nicolas Doreau
How did my friends amazed me again ? In one week, a single week. And what to learn from that…
But first. The story. I had to move in a new flat, quite quickly. I had low possibility to reuse my old furnitures. That move was sudden enough that I did not manage to make saving to pay new fridge, shelves, new every basic things that should go into a flat. I contacted my best friends, the closer circle and some broader, mentioning. “Dear friends, I have to move somewhere and I have nothing. What could I get from you, that you would be ready to give me, for free. Having in mind that I don’t want you to miss to make money with second hands market, and that I don’t want you to miss anything, once that thing will be gone.” I mentionned clearly that I would not have money to balance that donation, but would definitely have open bar sessions to the ones giving a hand (and the others trying to). And the miracle was. In less then a week, I got from those friends enough furnitures, washing machine, beds, sofa, sheet and dishes to start living in my new flat. In addition, I got from those friends help for repairing, painting and washing that new home.
So. The lessons. One could think that alcool is ruling the world, as I offered open bar in my new home and got so much success. Another one might see that me and my friends have invented a super cool startup that is disrupting Ikea and second hand furniture market. But I believe that something else happened. Few things I feel important to notice :
Of course, this is the beginning of something, we might discuss that again in one year and see if this “light life” is still suitable for me and my familly. But I got from that situation some great quality life improvement; being able to focus on what matters. And this is another reason to thank my friends, and whisper here to them “I love you”.
Note : That new situation is also triggering some questions on the way I use my time and how my digital life in progressing, some more thoughts to share soon…
Some of the things I have looked at those days is resilience. How can you survive bad moments, build again, start from scratch, after an incident that is affecting you (whatever its cause). Again, just like for bad emotion, or anger, here are some articles I identified as bringing some pieces of answers. Those are not *the* answer, but an opportunity to deal with notions and play with it.
For the ones looking for the ideal and theoritical conditions for resilience. Here is a good way to start : some short lists with 5 entries or 10 entries (for the bravest ones). This is an opportunity to catch what resilience means, and why it could matter. Sounds like a magic recipe. Each of us could identify what item corresponds to his natural tilt and what item is missing and may potentially be considered.
For the ones who needs to silence their constant self-criticism, in order to find peace and listen to themseves. Here is an interesting blog on how we sometimes kill ourselves by being to harsh on ourselves. To tease you, here is an extract : “We know virtually nothing about ourselves because we judge ourselves before we have a chance to see ourselves (as though in panic).” Hum, hum ?
For the ones locked by conflicts and emotion, and who wants to get rid of that. I liked that blog post about managing your emotion. The most interesting point of that story is this notion of “a story hurts you, because it clashes with a story sensitive to you”. So let’s find our sensitive stories. In addition, I found crucial this idea of victim and villain caracter that we ususally allocate in conflict (guess who is the victim ?). The author suggests to make a shift in that, and try to ignore those roles (easy to say, I admit, but why not trying…).
For the ones, fan of analogy with working conditions, and believing that not to fall is the key. It is actually to recover which maters the most. This is what is explained in this Harvard Business Review blog, about work. It suggests to have real breaks. So could we in our personnal lives. Resilience Is About How You Recharge, Not How You Endure
And for everyone, think about that a second…
Allow yourself to feel… pic.twitter.com/UbufcjdIDa
— The Resilience Lab (@Resilience_Lab) 14 décembre 2016
Début Décembre, Nicolas Courtier m’a invitée à présenter devant un parterre d’avocat-e-s et de juristes plus ou moins averti-e-s les bases de l’intelligence artificielle. Ce colloque “Droit et Numérique” avait pour vocation plus large de faire état de la loi et des questionnements sur les disruptions technologiques telles que smart city, big data, machine learning et blockchain. Je ne peux que vous encourage à aller consulter le storify issu de cette journée riche en partage de compétence ou encore de parcourir mon court article sur quelques unes des questions évoquées (in english). Mais je partage également avec vous, cher lecteur assidu, la session que j’ai animée.
Machine learning, kézako. Le machine learning est un sous-catégorie de l’intelligence artificielle, ce qui ne rend pas le sujet moins intéressant. Cette discipline consiste à prédire le comportement d’un système, d’un humain, à partir d’un modèle – plus ou moins précis. Il s’agit donc de s’appuyer sur le passé pour prédire le futur. Oui, enterrons tout de suite notre fantasme d’une machine apprenante, en auto gestion, et qui règlerait les peines du monde à notre place. Parceque le machine learnign se nourrit du passé, précisément, le machine learning nécessite d’avoir une très grande quantité de données, de très bonne qualité. Et oui, le machine learning exige la quantité *et* la qualité. Pour en finir avec les grands principes, afin de déployer une solution à base de machine learning, il vous faut donc, du logiciel qui décrira le modèle de votre système, des data et un data scientist qui affinera le modèle.
Les promesses du machine learning. Elles sont de différents ordres, selon les cas d’usage, mais on peut songer à dupliquer la compétence humaine (comprendre, dupliquer un expert qui a fait de longues études, comme un médecin, un avocat, un travailleur dont la valeur repose sur la connaissance factuelle), on peut également songer à faire mieux que l’humain (en allant chercher des corrélations entre des événements auxquelles le cerveau humain n’aurait pas songé). Dans le domaine des services, c’est la même chose, le machine learning peut améliorer un service (par exemple une recherche par mot clé, ou une recommandation de produits dans un catalogue) ou encore en créer de nouveaux (une gestion intelligente des trolls sur Twitter par exemple).
Les applications gourmandes de machine learning. Potentiellement toutes. Mais les premiers acheteurs de la technologie sont le marketing (la prospection, le contenu sur mesure, le service après vente, le chat automatique…), les services de recommendation/search/match, le monde de la sécurité (pour la prédictions des risques, des fraudes). Tous les espoirs et fantasmes sont permis sur les domaines de la santé (la quêtes de l’immortalité et des diagnostics, meilleurs et au bon moment) et les voitures intelligentes …
Le machine learning, une science qui s’invente. Comme toutes les autres disciplines qui émergent et sont projetées dans notre monde, le machine learning est soumis aux courants hype tels que l’open source, le crowdfunding, le cloud, la création de communauté… La multiplication des initiatives autours du machine learning pour le rendre plus efficace, plus lisible, plus accessible, sont autant d’opportunité d’enrichir cette science.
Bref. Le machine learning est une technologie nouvellement sous les spots de l’actualité, comme blockchain, big data l’ont été ces derniers mois. C’est également une nouvelle opportunité d’agiter les modèles qui décrivent et conduisent notre monde. C’est l’introduction d’un usage encore plus intensif de la données, la fameuse richesse de notre siècle, et c’est également l’acceptation de plus de prédictif, d’à peu près, dans un monde complexe. Une tendance et des usages à observer de près donc…
Et les slides ? Machine learning pour les simples humains, version slide, c’est par ici. Enjoy !
As part of the amazing opportunities I get with my job, I have been invited to a one-day workshop, organized by the AFDIT, the french association of lawyers, specialized in IT and computing systems (part of the International Federation of Computer Law Association IFCLA). This day aimed to have lawyers discussing the impact of technology on the laws, in public area or business area. The perimeter of the discussion was europe and US, thus some speakers from all around the world came and shared their experience. In order to educate and progress on major 2016 topics, the organizers, Nicolas Courtier and Yves Léon, selected the themes of the day as : smart cities, artificial intelligence and blockchain. Here are some interesting elements that were raised all along the day.
Smart city, what does it means ? We all heard about smart city : it is the promise to improve town management, population mobility, citizen service offer, by connecting all possible pieces of information and building some tailor-made services. That is the vision that some local politicians promoted during the day (Caroline Pozmentier, Stéphane Paoli), together with some French Tech actors. The other way to see it, explained by Art Langer from Columbia University is to position citizen in the middle of the town dynamic. By offering him or her better mobility, frictionless social relation, great work opportunities, better democracy, (which is great news for the humans). That vision suggests a potential coming race, among towns, to become the most attractive town in the world, in order to maintain growth in economics and population. All those improved services will be based on large data collection operations, or interconnection of databases. In order to do so, service providers may be required to have private and public actors collaborating, canvassing the city, the citizen and grab appropriate information. And then came the question of the privacy, which might be one of the most challenging questions in that model where the consumer is a citizen.
Big data privacy challenge in smart city. The relevance of the smart city services are relying on the consolidation of a set of data, for which confidentiality and anonymity are hard to garantee. In addition, this mixing of data set triggers the question of ownership and liability. Who would be owning the data and would be responsible for the the failure of data maintenance ? That question would any way have to be answered with the coming european regulation on privacy. As Massimo Attoresi from @EU_EDPS explained, this regulation mandates that all actors of a service handling data (collecting, processing, storing or destroying) have to take care of the data, by having clear process for user opt-in, transparency in usage, fairness in collection, data minimization (the less you take, the best it is), storage limitation, integrity and confidentiality and inform the user about potential leaks or incident. How to explain a clear purpose of data retention, when you don’t know which service will come from your data collection ? How can you assess the risks, when you have a dynamic system, with cross-system responsability ? How can you garantee anonimity when so much information, including geo-localized ones are collected ? Interesting questions that smart cities will have to answer…
Smart city opportunities. In case citizen consider smart cities as life improvment, some ways to roll out smart city could come with great benefit for the society. Without ignoring potential threat to citizen privacy coming with smart city, Philippe Mouron drafted for us some positive aspects of it. The idea to integrate citizen into service design could be a great way to improve service relevance. In addition, the collection of data, and the fact that data belong to the citizen may accelerate the movment of open data. Philippe advocated also for a better mixing og legal and tech know how in the lifecycle of devices, in order to make sure, that all do see an interest in “the silence of the chips” (aka, users being in control for stopping data collection and leak towards to servers).
What about machine learning ? We discussed during that day the concept of machine learning. I reminded the audience its basic principles. You know. The fact that machine learnng is a sub-categoty of artificial intelligence, which consists in predicting the future (or the most probable one), based on past data. I listed the required skills and tools to roll out machine learning based services (aka, software, some good pieces of data, a smart scientist fine tuning your model). I reminded the audience the first use cases benefiting the machine learning, which are marketing, search and recommendation, security, health and smart cars. One of the main take away that I asked people to remind was the fact that we were switching from a determinist world (where each line of code is describing a possible situation, and where programs take well know roads), toward a world where we describe our environment with a model, with more or less errors and accuracy. Based, on that I took the opportunity to raise questions that machine learning triggers for me, such as privacy, liability and error management. And I got few answers from the other speakers.
What could be the legal impact of machine learning ? @rubin demonstrated how the machine learning could impact the legal business, replacing some assets of the lawers and potentially introducing a better undertanding of risk and gains around trials. Rubin also reminded that the law was not designed for robots, but for human and insuring fair interactions among humans, including in business situation, leveraging on technology. He gave some intersting perspectives on how to pave the way towards a mastered artificial intelligence deployment, based on few principles. Clear responsability, transparence of artificial intelligence in decision making (specially for the ones suffering the decision), efficient maintenance and regular audit of the artifial intelligence systems involved in services, and lastly, a permanent possibility to challenge the results of services based on artificial intelligence. Those principles based on good will and fair relation were good to hear and could be integrated in any strategy embedding machine learning, now.
My take away from that leal and tech workshop. Yes, definitely, mixing of perspectives and visions are key to have everyone progressing in understanding a transversal topic such as technoogy in society. And. The topic of ethic in software is definitely an additional item to add in our watch list, together with the privacy expectations.
Pitch and Pitch. Last week I have been part if a gemalto team organizing a hackathon, on security topic, with some great dev, tech architects, product managers and marketing folks. We spent 3 days playing the game of being a start up. And, obviously, we had to play the game of the pitch. This kind of standard exercice, where a jury expects from you, all the energy, all the positive power, to decide to bet on your project. That formal presentation mandates that you cover important stuff such as purpose of your project, ultimate value proposition, amazing business model, and potentially unveiling your heart, to convince everyone that investors can trust you, in rolling out the stuff you promised, to make them rich. Well, that is a short sumup of a pitch, but here is the spirit. And that is usually a lot of pressure.
— virginie galindo (@poulpita) 1 décembre 2016
Play and Pitch. This is where I believe the PitchCards project could help. I had a chance to handle a beta version. That PitchCards project is a game. It is about helping pitchers to pitch, with no fear. The purpose of the game, is to pitch on a pure exotic project. A project that you have to invent in 10 minutes by collecting, eyes closed, 3 cards. One for indicating which type of project you will work on (a connected device, a car, …) and two others that will express a domain, or a target (babies, dinosaur, …). Once your pitch is ready, you will have to pitch, present it in front of the other players. Purpose, business model, and all the nice story your imagination built. Your audience will listen carefully, and will have to feedback how was your pitch. this is trigerred by choosing random questions from a card deck. Where did you look at ? Did you breath correctly ? What is your motivation ? …
Pitch and Learn. I believe that this game is sooooo relevant in this special timing of a hackathon. This is a way to train your attitude, to educate your voice and your mindset to present something fun, removing the fear and the giant-attachement every startupers has with its own project. It is much more easy to receive a question related to your talk efficiency, while dealing with a fantaisist project, then speaking about the super-idea you have been working on during 3 days or 3 months, isnt’it ?
Buy the project. The PitchCards project will go live in January and you will have a chance to sponsor it, as it will land on Kickstarter. In the meantime, the team made of Will and Camille will improve, train, pitch and redesign the cards and concept. But definitely, as a beta tester I enjoyed, the concept and the spirit ! You might also, if you have any interest in pitch fun.
As co-chair of the W3C community group aiming to offer to web developers the possibility to access to services provided by hardware token, I am receiving some questions on a regular basis about where does this work go …
Well. Executive summary. The good reasons for allowing a web app to access to secure services stored in a harware token, and the possible ways to implement that in browsers are ready. But this is still not in the W3C planet. This is in a form of a report, edited by Sébastien Bahloul, a Morpho guy, and discussed with W3C Community Group members.
In details. The good reasons for allowing a web developers to access to keys stored in a hardware toke, or to trigger a signature which can not be repudiated are detailed in the report. There are some specific industry examples, such as government e-services, or e-banking services, or commercial transaction, which requires legal binding, such as online signature. The potential users of this feature are legions. Basically, the european regulation, named eIDAS “regulates electronic signatures, electronic transactions, involved bodies and their embedding processes to provide a safe way for users to conduct business online like electronic funds transfer or transactions with public services”. To deploy such services on the web, the web developer needs to have some mean to access hardware token (or the web will miss that digital european trust promise). Other countries such as Bolivia, Uruguay, Argentina and Peru are also requiring similar technology.
The technical aspects. The technical proposal embedded in this report is made of two technical features. First. A way to implement the W3C Web Crypto API in hardware token. this is to allow the generation and the usage of a cryptographic key inside a token belonging to the user. Second. A way to digitally sign a transaction with a a key, again stored in a hardware token, and performing the signature confirmation via an interface the user can trust. Those two services are some of the building blocks to have a trusted web, where the user is in control of the credentials used to cipher or sign some data.
So what is wrong ? Well. This set of usages and technical feature were presented to a large group of W3C members during last W3C TPAC. And, nothing amazing happened. The browser makers were kindly requested to have a look at it. But they demonstrated low interest, while this topic has been discussed since september 2014. There might have a cultural problem here behing the slow progress of this topic in W3C. The online access to european government services is not a priority for the major browser makers. In addition most of the actors of the security have managed some hacks to be able to use smart cards or hardware token, like plugins. But this era is over, as plugins maintenance and attacks are getting more sensitive.
And what is next ? Next is about gathering the companies and countries interested in that feature, and start to demonstrate W3C that there is an important question here : do we want the web to get in the secure services, as requested by online signature and government services ? So if you are part of the actors believing this web feature is key, join the Hardware Based Secure Services CG, so that we can collectively work on creating a Working Group in W3C…