Notes from MozFest 2019

This is super delayed! I typed up my rough notes right after MozFest finished in October but never pressed publish. Voila.

MozFest is 10 years old! This was their last year at Ravensbourne in London. Sad, but I’m excited to see where it heads next.

This is a haphazard brain-dump of everything I want to remember and follow up on, a lot of questions for future consideration and resources that I need to explore. See also Common Knowledge’s notes from MozFest written by Gemma Copeland.

Let’s break big tech open! Loved Ira Bolychevsky’s talk.

We need to learn how to speak to regulators about interoperability, how do we do this in a way that is understandable but also specific and unambiguous? Regulations are nothing if not enforced; how can we ensure that the penalties are appropriate and are actually carried out?

Read “What is a data trust?” from the Open Data Institute (and beware of The Data Trust in Washington DC if searching for “data trust” online…).

See also the Data Transfer Project, “an open-source, service-to-service data portability platform so that all individuals across the web could easily move their data between online service providers whenever they want”.

Explore European Digital Rights, an association of civil and human rights organisations defending rights and freedoms in the digital environment.

See the Internet Governance Forum (IGF), a “global multistakeholder platform that facilitates the discussion of public policy issues pertaining to the internet”.

What are the risks of interoperability? New threat models that need to be considered when writing standards?


Folks from the UK’s Government Digital Service (GDS), including GOV.UK, gave a few great talks about practicing user-centred design. Design roles in government include:

  • Service design — interfaces, policy, interoperability between departments, taking paper to screen
  • Interaction design — screen (but not just UI!), pacing, removing questions, reducing complexity
  • Graphic design — colours, typography, more traditional visual design
  • Content design — words, writing, tone, videos, images
  • User research — designers shouldn’t be testing their own results!

Many related resources to explore:


Maja Kraljic gave us an excellent introduction to Feminist Principles of the Internet. Maja is a web developer at the Association for Progressive Communications. FPotI works to empower more women and queer people to fully enjoy their rights, engage in pleasure and play, and dismantle the patriarchy. Maja noted that from her perspective the principles could be more intersectional regarding race and income. But that’s the beauty of it, they’re still evolving! Check out the principles and try evaluating one of your favourite websites against them. Also check out ethical.net/resources to find tech services that share your values. Remember that dignity and respect in tech starts with the design. See Maja’s slides.


Eileen Wagner from Simply Secure is remixing UX patterns for distributed systems. “I don’t have all of the solutions, but I can at least collect all of the problems!” How do we explain decentralisation?

Check out the decentral patterns library. Eileen’s session included some small workshops. I worked with a handful of people to come up with patterns for Baculus, a backpack-based, self-contained kit for networking in tough-to-network areas. Related: check out NYC Mesh.


Danielle Robinson from Code for Science and Society led a discussion on how to model the threats to our open projects. Not from a security or particularly digital perspective; more focused on the mundane, the human, the existential. The unexciting-but-critical stuff that leads to decay if ignored.

Threat modelling is about identifying and prioritising worst case scenarios. How do you identify something in a blind spot?

She started the discussion by sharing some of the biggest threats she has encountered or witnessed in some way:

  • The legal status of an entity and its assets — If there’s no entity, it’s hard to defend! Consider trademarking a name (see Datcoin, a cryptocurrency completely unrelated to Dat protocol). If you definitely want your project to remain open source, write it in to your grants. That way, other stakeholders can’t undercut that decision. Third party oversight for $$$ is almost always best.
  • Financial management — Taxes, grants, who owns the bank account, etc. Informal is bad!
  • Governance — How are decisions made? Is there an advisory committee above the project, external oversight?
  • Bus factor — What happens if someone gets hit by a bus (leaves in a rush, etc.)? Is someone gatekeeping their work either intentionally or unintentionally?

Strong resources and points raised by Danielle and others present:

  • For reference regarding agreements and contracts, perhaps refer to The Engine Room
  • For transparently controlling small payments without a bank account, check out Open Collective
  • Remember that *all* money has strings
  • Grant writing sucks! Turn your grant answers in to publicly-available FAQs and documentation for your org / project, kill two birds with one stone (from Lai Yi Ohlsen)
  • Make sure you *tell* people their responsibilities (fiduciary duty) for accountability and oversight, don’t assume that they’re aware
  • If you have zero governance, maybe start with just one body with oversight
  • Consider sociocracy, steward-ownership, co-ops
  • If you’re EU-based in any way, make sure you’re using appropriate tools for GDPR! (from Kirstie Whitaker)
  • How to handle free labour? On one hand volunteer work is so helpful, sometimes essential, for an open source org. On the other hand, accepting too much free labour can devalue that work and lead to resentment for one or more people involved. Suggestions: scope the contributions, be transparent about it, and pre-screen some appropriate small tasks for people that want to contribute. For orgs that seem to do this well, refer to the Freedom of the Press Foundation and Amnesty Decoders.

It was a great discussion. See Danielle’s slides.


A lot of topics came up in shorter sessions and random conversations, these are just a few:


Looking back through my scribbles, I see LANGUAGE over and over again in all caps. It was the thread that ran through the weekend. Language may be our most universally accessible way to communicate with one another, but it is flawed (why is the web still so English-centric?) and we screw it up constantly. We routinely exclude one another by misusing it, on purpose and unintentionally. We must strive to wield language consciously and responsibly, especially if occupying a position of power. On the flip side of the coin, give others the benefit of the doubt where possible. If someone says something that doesn’t seem quite right, try not to immediately assume that they meant harm or don’t care. They may still be finding the right words, and you can help.