It’s been a year of reckoning for the tech industry. The Wannacry virus locked up 200,000 computers for bitcoin ransom at the start of the summer. Women in the tech industry are increasingly speaking up about harassment and the pay gap. Growing interest in the ethics of big data and artificial intelligence is spawning a new generation of tech criticism.
Our lives are increasingly centered around our data. Trafficking in personal data has become big business, both legal and illegal. As much as good things can come from quantified lives — improved health treatment, more efficient production — bad actors are also at the ready to eavesdrop, manipulate and repress.
The theme of the Chaos Computer Club’s 34th annual gathering is #TuWat, or “do something” in English. That theme extends to issues like protecting data, but also, as with so many other industries this year, to confronting sexual harassment. The largest hacker convention in Europe will draw about 15,000 attendees through Saturday to Leipzig, a city in eastern Germany, about a two-hour train ride south from Berlin. The technologists have taken over the city's main conference hall, creating a wonderland of crazy projects and collective actions.
Almost every year, the official and self-organized sessions of the convention reveal tech vulnerabilities that make news, many of which are available to watch on the Chaos Computer Club website. In 2015, it was details on how exactly Volkswagen cheated emissions tests.
One revelation at this year's hacker convention, also known by its acronymn 34c3, was the insecurity of online banking applications. Vincent Haupert, a doctoral candidate at the University of Erlangen-Nuremberg, demonstrated how he compromised 31 mobile banking services, including apps by Commerzbank and German savings banks, known as Sparkassen. The security hole was found in the services of Norwegian cybersecurity company Promon, which has since updated its software. No banks have reported any instances of misuse as of yet. Mr. Haupert's suggested solution is to use two separate devices when enabling two-factor authorization for sensitive apps.
Germans are perhaps less likely to give up their personal data in exchange for convenience. European privacy law is also much stricter than in the United States, which has led to increasing frustration with the overwhelmingly American tech giants, such as Google and Facebook. While protecting personal data sometimes feels like a Sisyphean task, internet privacy activists and cybersecurity experts at the congress don’t want people to give up the fight.
Hackers, who are by their nature a rule-defying people, are also looking inwards, scrutinizing the community's spirits of “fight the power” and “anything goes” with well-known female technologists taking a stand against the congress’ lack of a code of conduct. If a conference wants to be welcoming to people of color, women and gender nonconforming people, it is expected that they codify a zero-tolerance discrimination policy and hold people accountable for their actions. The CCC’s official policy “welcomes all lifeforms” and encourages them to “be excellent to each other,” which critics see as a cop-out. This year, a person asked 34c3 organizers to prohibit a man who assaulted them from attending the conference, even providing evidence of the pending charges and hospital records. The request was denied, and backlash on social media is ongoing.
Nor does the congress shy away from political controversy. Like South by Southwest in the United States, the tech event draws attendees from industry and government as well. This year, exiled American whistleblower Edward Snowden, a controversial but popular figure in Germany, made an appearance at 34c3 via videocall from Russia.
“This year proved how important our skepticism is,” he told the audience. “Our work has never been more important.” When Mr. Snowden first brought the revelations about NSA spying capabilities to light in 2013, he was housed for a time in Hong Kong by a number of refugees, who are now seeking asylum themselves in Canada. Green Party politician Hans-Christian Ströbele, who was part of Germany’s own inquiry into the NSA, was also at 34c3 and expressed his support for Mr. Snowden.
Mr. Ströbele is hardly the only outspoken German politician advocating greater protections for data privacy. It is all but certain that the question of what the digital future looks like, and what governments and hackers alike can do about it, will carry on into 2018.
Video: Sönke Iwersen, the Handelsblatt reporter who spoke with the refugees who hid Edward Snowden, introduced the whistleblower and his protectors. He explained that since then, they have faced persecution so Mr. Snowden set up a fund to provide support. For more information: https://fortherefugees.com.
Grace Dobush is an editor with Handelsblatt Global in Berlin. Ina Karabasz writes about telecommunications, IT and security issues for Handelsblatt. To contact the authors: [email protected] and [email protected].