You may have heard that a widespread security problem – ‘Heartbleed’ – has been found that affects a large proportion of all websites on the Internet.
Here is one of the many explanations about the nature of the problem.
Members of the mySociety team have reviewed our potential exposure to the vulnerability.
We have no indication that our sites have been attacked, or that any information has been stolen, but the nature of the vulnerability would make an attack difficult to detect, and we prefer to be reasonably cautious.
What does this mean for you? The advice from around the web has been for people to change passwords, especially on sites they use that contain a lot of very important information (e.g. your email account).
We think the risk that passwords have been compromised is low, but as changing passwords occasionally is always a good idea anyway, now might be a good time.
For those of you interested in the technical detail of our response, we have:
- Installed new SSL certificates based on a new private key
- Revoked the old SSL certificates
- Replaced the secrets used for security purposes in the affected sites
- Removed active sessions on affected sites, so that users will need to log in again
- Required that users with administrative access to affected sites reset their passwords
- Required that staff users reset their passwords
- Notified affected commercial clients so that they can take appropriate action
Back in January, we introduced SayIt, our new software for the publication of transcripts. To show what it could do, we launched with a few demos.
Today we’re launching a couple more demos using data from the United States, as a way of saying ‘hello!’ to American groups and individuals who might want to use modern transcripts for their own purposes.
Philadelphia City Council Meetings
Decisions affecting your house, your street or your job are often made in city government meetings. But who can be bothered to sit through hours of irrelevant waffle? Why can’t you just look for the things that matter to you?
To show a better way, we’ve published a searchable, shareable version of Philadelphia’s City Council meetings available for use. It’s just a deployment of SayIt, filled with screen-scraped data.
You don’t have to live in this city to find some of what’s talked about interesting. Some issues are international, and it’s interesting to see how e-cigarettes are also a concern for Philadelphia. There are also issues which, we suspect, are not common to all city governments. ‘Giant tomato cannon‘ is one of them.
Federal Reserve Transcripts
We’re keen to demonstrate that SayIt isn’t just about what politicians say. Often unelected people say very important things too. Few discussions are more important to the way the world runs than the meetings of the Federal Reserve.
The Fed publishes these with a five year delay, which means that what’s coming out now is all about the financial crisis in 2008. What exactly was said? Now that we’ve put the Federal Reserve Open Market transcripts from 2002 to 2008 online, you can find out far more easily than before.
Also, with SayIt you can search through the speeches of just one person. Want to know whether Ben Bernanke used certain terms? Have at it.
As with other SayIt instances, these transcripts were previously available online, but spread across a huge number of old fashioned PDFs. For the first time, SayIt makes them easy to browse, search or link to.
Want to see more transcripts up there?
We’re looking to find one or more groups in the US who would be interested to use SayIt to help make citizens more powerful, in one way or another. We’re looking for people who think that access to certain kinds transcripts would really make a difference, and we’re not snobbish about whether it’s a really big issue or a really small one.
If these two examples have given you ideas for transcripts you’d like to publish with SayIt, do get in touch.Image: Philadelphia City Hall by Stephen Downes (CC)
Applications for this position have now closed.
Are you interested in digital tools, but able to keep an intellectual detachment about their effectiveness? And are you free to do contract work in the next few months? If so, read on.
mySociety is looking for a research specialist with experience in transparency and accountability issues. You may be a freelance researcher, or an agency providing research services.
About mySociety and Alaveteli
mySociety is a not-for-profit social enterprise. Our mission is to invent and popularise digital tools that enable citizens to exert power over institutions and decision makers. We are based in the UK, but support partners who deploy our technologies across the globe, in about 20 countries so far.
One of our most popular tools has been Alaveteli, a tool that enables people to set up powerful freedom of information websites in their own countries. Spun-off from our highly popular UK site WhatDoTheyKnow, Alaveteli enables partners to set up and maintain sites that make it much easier to ask governments questions under Freedom of Information or Right to Information Laws.
What makes the service truly powerful is that it automatically publishes both requests and responses online for other people to see, making the site into a public resource of potentially wide interest – the UK site has about 400,000 visitors a month.
Alaveteli has been widely used in many different jurisdictions. In Hungary, to name just one Alaveteli instance, there have been over 2,000 different FOI requests so far.
No single activity or approach is enough to bring about a culture of transparency and accountability in a country.
Countries with effective cultures of transparency acquire them slowly, and through a multifaceted process which may include campaigning, coalition building, journalistic scandal discovery, alliance building, protesting, whistleblowing, legal action, political leadership, elections, legislation drafting and media coverage.
Alaveteli is only one tool in the toolkit of modern-day transparency and accountability advocates. We believe it to be a potentially powerful tool, but it remains only one tool. Over the next few years, mySociety wants to do the best we can to help groups around the world to use Alaveteli as an effective aid to social change.
The context for the research is to understand how to position Alaveteli within a wider context of transparency and accountability campaigning. It is a highly action-centric piece of research. Your findings will help us to make decisions about how to help our partners to bring about the changes they want to see in countries outside the UK.
The research contract in more detail
Whilst we will want the successful contractor/consultancy to determine key parts of the research process, there are already certain known constraints and activities.
The contract is for 60-80 working days.
The contractor/consultancy must be able to start work by May 1st 2014, and produce the primary deliverable by 31st August 2014.
The work will consist of both a literature review and practitioner interviews to determine what is known about effective and ineffective transparency and accountability based campaigning across a range of countries.
The primary deliverable for the project is a strategy document that is ready to be consumed and actioned by both mySociety and some of our key Alaveteli-using partners.
After the primary deliverable is complete, we will ask you to help us work directly with at least one new partner, to help them make more effective use of Alaveteli.
More details of the research scope will be made available to applicants.
Minimum Skills and Experience
The individuals engaged in the work will be either working on a PhD in a topic that relates to transparency and accountability, or will already possess such a qualification.
How to apply
Applications for this position have now closed, but thanks for your interest!Image credit: Jenny Downing
At the beginning of this year we launched SayIt, our software for bringing transcript publication into the internet age.
In that post, we briefly mentioned that “we use a cut-down version of the Akoma Ntoso open standard for data import”.
Well, that’s easy enough to say, but what does it actually mean?
In a nutshell, if you want to upload transcripts to SayIt, they need to be in a format that SayIt can recognise. It can then transform them into the linked pages that make SayIt so useful.
Akoma Ntoso is a simple way of showing (for example) which bits of the data are names, which are speeches, etc. – and how they all relate to one another. At first glance, it’s not all that different from HTML, the basic language behind many websites.
But there are some differences. There are also some interesting ideas behind it, from how it began and where it got its name, to why the world needs another open standard. And what is an open standard, anyway?
We pinned down Flavio Zeni, one of the people behind Akoma Ntoso’s creation, and he very patiently answered all our questions, even the most basic ones.
And then, because it seemed silly not to, we put the whole conversation into SayIt. You can read it here.
Do you know how your MP voted on the issues that matter to you?
If not, take a look at the new Voting Record section for your MP – accessed easily via TheyWorkForYou.com. Even if you don’t know who your MP is, we’ve made it easy to find their voting activities, and to easy understand their big decisions at a glance.
We’ve been working hard to increase the coverage of votes (we admit – they had got a bit out of date), as well as to make the experience of reading them much more pleasant. There are now so many bits of analysis we’ve actually split a separate voting page out for each MP, accessible from their main TheyWorkForYou page.
Now you can see how your MP voted on issues like these:
- Benefit levels – what goes up or down
- Foreign policy – including military decisions
- Social issues – eg gay marriage
- Constitutional issues – for example, how many MPs there are
Keeping things objective
TheyWorkForYou is a trusted, non-partisan service so we work hard to ensure that these voting lines are unbiased and neutrally worded.
We’re so keen to ensure that we don’t accidentally introduce unconscious biases, that we try to avoid entirely the business of picking which topics to analyse. Instead, we prioritise our analysis based on what gets voted on by lots of MPs (accounting for whole party abstentions), not what gets talked about in the news, or what we care about ourselves.
Wording is important
We have decided to prioritise clarity over expressing every detailed nuance of votes – this is an intentional choice, reflecting our priority of reaching citizens who have never paid attention to their MPs before. Consequently, vote summaries need to be concise and not use jargon.
For example, would we be wrong to use the common term ‘bedroom tax’? It’s a phrase that a lot of people would recognise from the press coverage, but the government’s preferred term is ‘removal of the spare room subsidy’.
In the end, we went with reducing housing benefit for social tenants deemed to have excess bedrooms (which Labour describe as the “bedroom tax”) – a balance between objectivity and clarity.
The bottom line
We’ve made lot of changes to the display for information on MPs recently. So if you have any feedback, good or bad, please us know what you think by leaving a comment below, or dropping us a line.
What are your plans for late April? If you’re a civic coder, a campaigner or activist from anywhere in the world, hold everything: we want to see you in Santiago, Chile, for the first international PoplusCon.
Poplus is a project which aims to bring together those working in the digital democracy arena – groups or individuals – so that we can share our code and thus operate more efficiently.
We’re right at the beginning of what we hope will grow into a worldwide initiative. If you’d like to get involved, now is the time.
Together with Poplus’ co-founders, Ciudadano Inteligente, we will be running a two-day conference in Santiago on the 29th and 30th of April. It is free to attend, and we can even provide travel grants for those who qualify.
Are you part of a campaigning organisation? If you ever ask your supporters to write to politicians, you should know that WriteToThem can be integrated into your website simply, and for free.
Like all mySociety’s offerings, WriteToThem is really easy to use. All your supporters need do is input their postcode and compose their message, then we send it off to the correct representative.
From your side, there are no worries about data management or CRM integration – we take care of all that at our end.
Behind the scenes, we’ve included several safeguards that prevent abuse: for example, your supporters will only be able to contact their own MP, not bombard other representatives with messages they’re unable to act on.
We also check that messages have been safely accepted by the representatives’ servers, and we even follow up to ensure that your supporter received a response.
WriteToThem is free for you, and free for your supporters. It’s available to every sort of organisation, from any part of the political spectrum.
WriteToThem on your website
Full integration with your own website
You can include WriteToThem’s functionality onto your own site, and even template it to match your own styles so that it’s a seamless experience for your users. You will need just a little technical expertise: the instructions are here.
A simple link
If you don’t have any technical resource available to you, though, it’s still easy enough to harness the power of WriteToThem. The quickest and most straightforward way is, of course, to include a link to the WriteToThem homepage, from your own website or in your campaign emails.
A slightly more polished link
For a more sophisticated interface, take a look at this page, which has code that you can drop onto your site or newsletter. You can modify the code so that you only cover certain types of representative – for example, MPs, or MSPs.
If you want to get fancy, you can even pre-fill the name and address fields for your supporters.
Integrating with WordPress
There’s a very simple way to include WriteToThem on a WordPress site: through this plug-in. Installing it is just a matter of drag and drop.
Start by reading our guidelines of use.
We hope you’ll find WriteToThem to be a simple solution that really helps you rally your supporters to contact their representatives on the issues that matter. Please do drop us a line if you hit any problems, or would like to share your experience of using WriteToThem.
Much of what we do here at mySociety relies on Open Data, so naturally we support Open Data Day. In case you haven’t come across this event before, here’s the low-down:
Open Data Day is a gathering of citizens in cities around the world to write applications, liberate data, create visualizations and publish analyses using open public data to show support for and encourage the adoption open data policies by the world’s local, regional and national governments.
If you’re planning on being a part of Open Data Day, you may find some of mySociety’s feeds, tools and APIs useful. This post attempts to put them all in one place. (more…)
There was some excitement here at mySociety this week, as the People’s Assembly website launched in South Africa. It’s the result of a year’s partnership with PMG and a good test of some of our newest collaborative software.
The site contains a vast amount of information, all available in the same place for the first time, and offering a simple way for South African citizens to keep an eye on what their representatives are doing. There are pages for each representative, Hansard and parliamentary Questions and Answers, records of members’ interests, and more.
Locating, processing and displaying this data was quite a challenge: it has been taken from a wide range of sources, and came in an even greater range of formats, including PDF documents, Word documents, Excel files, CSV files and sometimes just e-mailed lists of information.
But perhaps most significant is the site’s Representative Locator function. For the first time, South African citizens can now find out, with ease, who represents them – not as simple as it might seem at first.
The Proportional Representative system means that members of the National Assembly and National Council of Provinces are not directly elected from constituencies. Political parties are, however, funded to run constituency offices and to allocate representatives to those offices. We believe that this is the first time this data has been consolidated and presented as a simple search tool.
The software that runs the site
As you’ll know if you read our recent blog post about SayIt, our recent focus has been reaching out to provide software for civic or democratic-focused websites anywhere in the world.
The idea is that such groups no longer need worry about writing code from scratch, since we’ve already done it – and their energies can be better expended on gathering data or adjusting the software to work within the local governmental systems.
People’s Assembly is a great example of this. It utilises two underpinning pieces of technology:
Firstly, the Pombola platform, our software for running parliamentary monitoring websites.
If you’re reading this in the UK, you may be familiar with our own parliamentary monitoring site, TheyWorkForYou. Pombola provides several tools that make it easy to do much of what TheyWorkForYou does: it provides a structured database of the names and positions of those in power; it allows people to look up their elected representatives by inputting their location, and to isolate and see what a specific MP has contributed to discussions in Parliament’s committees and plenaries; albeit, in the case of Hansard, after a six-month delay necessitated by South Africa’s own protocols.
We first developed Pombola for Kenya’s Mzalendo.com, and it’s been re-used for ShineYourEye.org in Nigeria and Odekro.org in Ghana. It’s superb to see this re-use, as it’s exactly what we set out to acheive.
Secondly, People’s Assembly is the very first site to use SayIt, which is embedded as a Django app to power the Hansard, Questions and Committees content. SayIt is one of our Components, built under the Poplus project, and we’re truly delighted to see it in place, proving its worth and being used as we first envisaged.
Thanks are due
The main work on the People’s Assembly has been funded by the Indigo Trust, and the SayIt component work was funded by Google.org as part of the Poplus Project. We also wish to thank Geoff Kilpin, who helped greatly with the scrapers and templating.
You may be familiar with WhatDoTheyKnow, our website which simplifies the process of making a freedom of information request.
mySociety also provides the underlying software as a service for councils: it sits on the council website, templated and branded to fit their site’s style. When someone submits a request, it goes directly into the council’s own back-end processes.
Just like WhatDoTheyKnow, the system publishes all requests, and their answers, online. This helps the council show a commitment to transparency – it also has the effect of cutting down on duplicate requests, since users can browse previous responses.
Brighton and Hove Council are the first council to implement the software.
Now, ordinarily, when we sign off a new project for a client, we write up a case study for our blog. But this time, we were delighted to read an interview by Matt Burgess on FOI Directory, which has done all the hard work for us. With Matt’s permission, we are reproducing the piece in full.
The number of Freedom of Information requests public authorities receive is generally rising and central government dealt with more requests in 2012 than in any year since the Act was introduced. One council has decided to try and open up access to their requests using custom software from mySociety.
Brighton and Hove City Council have implemented a custom version of the popular WhatDoTheyKnow website where more than 190,000 requests have been made.
The council hope it will allow others to easily browse requests that have been made and make them more accountable.
We spoke to council leader Jason Kitcat about why the council decided to implement the new system – which was soft-launched at the beginning of November.
Why did you decide to implement the new system?
JK: I personally, and we collectively as a Green administration, believe passionately in openness and transparency. That’s the primary motivation. So digital tools to support making it easier for citizens to access council information I think are strongly in the interest of our city and local democracy.
We also were seeing an increase in the number of FOI requests, many of them similar. So using a system like this helps people to find the information that’s already published rather than submitting requests for it, when it’s actually already been published.
How does it work?
JK: It’s a customised version of the mySociety WhatDoTheyKnow site, delivered by mySociety for us in the council’s branding. It allows anyone to submit their FOI request in a structured way through the web and others can see the requests and any responses. The requests are linked in with the main WhatDoTheyKnow site to help further reduce duplication of requests and enable consistent commenting.
Behind the scenes it also offers workflow management to assist the council team who are responding to the requests.
What benefits will the system have to those answering and making FOI requests?
JK: It opens up the process, helps others to see what is going on even if they aren’t making requests themselves. Particularly important is that it by default puts requested information out there on the web without any more effort by the council or those making the requests.
Were there any obstacles in setting the system up and how much did it cost the council?
JK: Obstacles were mainly stretched resources within the council to prepare for the changed workflow, making sure our information governance was ready for this and that our web team could support the minor integration work needed.
Given this is a web-based ’software as a service’ offering it’s pretty straightforward to implement in the grand scheme of things. I don’t have the final costs yet as we’ve been doing some post-launch tweaks but, as is the way with nimble organisations like mySociety, I think pricing is very reasonable.
Do you think it will improve the council’s performance in responding to FOI requests and make the council more transparent to the public?
JK: Yes absolutely. Not only will the council’s FOI performance be more publicly accountable but I’m hoping we can reduce duplicate requests through this so that our resources are better focused.
Would you say it has been worth creating and why should other public authorities follow suit?
JK: Yes it’s worth it. I think we as councils have to be ever more open by default, use digital tools for transparency and relentlessly publish data. I believe this will result in better local democracy but also is one of the ways we can truly challenge cynicism in the whole political system.N.B.: The website current shows a large number of requests that appear to be unanswered. We asked about these and it includes the number of historic requests that were loaded into the site.————————————Many thanks to Matt of FOI Directory for allowing us to reproduce this interview in full.