Tuesday, August 27, 2013

Dinner speech for the International Conference on Cyber Crime and Computer Forensic 2013

Dinner speech for the International Conference on Cyber Crime and Computer Forensic 2013 – Hong Kong (August 27, 2013)

Ray, Oliver, KP, Laurie, Albert, Michael, it is my honor to be invited to give this remark at the International Conference on Cybercrime and Computer Forensic 2013 at Hong Kong.  It is especially an honor and very special for me to do so, I think, because I am neither an expert in cybercrime nor forensic.

As I was introduced, I am currently serving as the Legislative Councilor representing the information technology sector here in Hong Kong.  Our legislative council is our law-making body here, and for better and for worse, we do have representatives for a number of professional sectors. I felt I better explain this a little for the benefit of our overseas delegate.

But my background has been from IT, and in particular for the last almost twenty years, particularly focusing on the Internet.  I actually first used the Internet in 1982, more than thirty years ago.  This is something I used to brag about in other audience but tonight, I am afraid that there must be others here who have been on the Internet longer than I have.

Things have certainly changed a lot in the last thirty years, and one thing must be true – that the Internet has changed the world, and that includes the very themes and subjects we are talking about in these three days.  Crime has become cybercrime, or at least a bigger and bigger part of what we consider to be crime today is now consisting of so-called cybercrime.  And, forensic has become computer forensic.

To be sure, much of the hype created in the media because of all these new cybercrime phenomena has given the Internet a bad name, I am afraid.  But the Internet is just a medium, and as a medium it carries both good and bad information, and people do both good and bad things there.  And I hold it to myself as a very basic principle that we should not shoot the messenger.

I always like to remind people and friends that the Internet was, unfortunately, not designed for this sort of things.  The sort of things we do or we let people do on the Internet today – buying and selling things, making friends, sharing photos and liking things, and all these activities done by people of all countries at all ages.

Really, the Internet was first designed and built with a lot of assumptions that no longer holds true today – such as, people using the Internet were well, well-educated people from universities and research companies and they were generally “doing their jobs” with the Internet, be it technical research or related communications, with only occasional chit-chatting.  The Internet was indeed built with a high level of trust because the founding fathers did not think his teenage sons and daughters would be using it.  How they were wrong about it.

And, to revamp the whole Internet with the right technologies to ensure trust is certainly technically feasible, but it would be a commercial disaster and with all the vested interests from companies and countries around the world, it has simply become impossible to do.  It is somewhat like if we want to redistribute wealth and redraw country borders in order to root out poverty.  So, we can only tinkle with the problems we face rather than, in most cases, make large-scale, wholesale changes.

So, in the last twenty since the world-wide web era began, we have moved rapidly from emails and the web to social media, mobile phones and tablets and the cloud.  Think about it, the first iPhone just appeared in 2007, and the first iPad in 2010.  Think about how many iPhones and iPads, or its Android and other variations of smartphones and tablets you have thrown away.  Think about that, not how many you have used, but how many you have thrown away.

With the hardware and the tools including all these apps changing so rapidly, it gives a new meaning for what we have talked about for a long time, that technology moves and changes faster than the law.  Certainly in making laws we talk about due process, consultations and making decisions at lawyers' speed.  But technologists and engineers don't wait for the next court session or legislative session to reconvene in several months' time.

If laws are behind technology, then what is law enforcement going to do?  That's why I always believe that laws and regulations must be technology-neutral as much as possible, and only when we are very sure or we see a proven need or advantage then we implement laws that are technology-specific.

Having said that, things are surely not getting any easier for law enforcement in today's cyberworld, combatting against cybercrimes and cybercriminals.  Expectations from citizens have grown, and incidents in the cyberworld tend to be more widely publicized, and cyber-citizens often expect a much higher degree of transparency.

These emerging conflicting priorities and expectations have certainly risen to the surface of public attention, and the Edward Snowden and NSA incident has revealed that the NSA and indeed later on as we found out many other governments of the world are literally spying on us, people are beginning to ask all kinds of questions: Can they do this and that?  Are they really doing this and that?

People are no longer just happy to be able to use these tools to enhance their own utilities.  People now want to know if and whether they can be spied upon and how.  In a sense, this may be the beginning of basic awareness for the understanding of computer and information forensic.  So, all these developments indeed have made this conference and the sharing you are having more timely and important than ever before.

So, once again, welcome to Hong Kong, the city that Edward Snowden once wanted to call home.  Too bad he couldn’t or else I am sure Ray and Oliver and KP will invite him to give the speech here to you tonight. I wish you bon appetite, and more great sharing in this conference.  Thank you.


Post a Comment

<< Home