Authors: Esther Plomp, Lena Karvovskaya, Yasemin Turkyilmaz – van der Velden
From the 14th of April until the 7th of May, the Mozilla Foundation launched the “Movement-building from home” – a series of online meetings. The topic of these meetings was activism, community building, and maintenance in the special circumstances around COVID-19. Below follows a summary with some of the key points out of these meetings and some resources that were brought together by all the participants.
Throughout these calls, it was inspiring to hear about the ways that people deal with the new situations caused by COVID-19. Everyone is experiencing similar challenges but shows the remarkable ability to adapt to these changes, and we felt connected through our compassion and understanding during these unusual times.
The sessions were hosted by Abigail Cabunoc Mayes and Chad Sansing from Mozilla Foundation. There were four sessions per week to enable people to join at their preferred time. The calls were open to anyone interested in online community and movement building and sharing experiences. The notes and recordings are available online:
- Week 1: Online Meetings (Notes, Recording)
- Week 2: Community Care (Notes, Recording)
- Week 3: Personal Ecology (Notes, Recording)
- Week 4: Community Management (Notes, Recording)
- Bonus episode! (May 26th)
- See also the additional resources for each of the calls
Each session started with a check-in where participants wrote some information about themselves in a collaborative google document, as well as their expectations of the call. After the check-in, the discussion topic of the week was introduced by Abby, as well as the functionalities of the tools used (Google Docs, Zoom). This was followed by some expectations that Abby and Chad had of the participants of the calls. To facilitate an inclusive and accommodating environment we were referred to the Community Participations Guidelines. Issues could be reported to either Abby and/or Chad. Now that a secure environment was established, the goals of the call were outlined based on the topics of the different weeks. After this introduction, the participants got to contribute their experiences on the topic. Abby and Chad summarized the experiences and added their comments to the document. In the next part, Abby and Chad introduced the content that they have prepared and answered questions. Every call included break-out rooms (2-3 people) where participants could have more intimate discussions related to the topic of the meeting. Finally, reflections and take away points from these break out discussions were summarised, and participants were directed to other resources and means to stay in touch with the community.
Week 1: Online Meetings
The first week focussed on our positive and negative experiences with online meetings. The participants listed some successes and challenges:
To host a successful online meeting, you should first choose an accessible platform that meets the needs of your community in terms of privacy and safety (see some examples of platforms here). It should be clear what participants require from the call, and you should follow up with anyone that could not attend the meeting. You should be explicit about the types of contributions you expect from participants, such as note-taking, facilitating the discussion or keeping time. It is good to allow for asynchronous contribution through a collaborative note-taking document to make space for questions as well as contributions from anyone that could not attend. You should document your meeting through e.g., a recording, captioning, or a summary. To facilitate more interaction, participants can be split up into smaller groups using break-out rooms. When your meeting has ended, it should be clear what the next actions are, and how participants can stay in touch with you and each other.
Week 2: Community Care
The second week on ‘Online Meetings’ focussed on community care which was defined as:
all of the ways in which you show attention to and care for your community members across different dimensions of accessibility, equity, and inclusions, from caring meeting times to compensation to hitting pause when things go wrong to take care of people first, etc.
Community care is basically any care provided by an individual to benefit other people in their life. The participants listed some successes and challenges:
Here are the take home messages from this call:
- Ensure belonging by MIMI (make it more inviting), set up enough structure to provide a clear purpose, while maintaining enough flexibility to care for each other, and people’s safety and privacy.
- Repeating foundational practices such as the Community Practice Guidelines while checking-in with the community members, and showing gratitude and recognition.
- Flexibility and prioritization for adjusting to the new norms. What are elements you must sustain, what can be de-emphasized to reduce overwhelming?
- Assessing needs, especially those around privacy and security and communicating risks involved with various platforms.
- Being prepared about how to disagree. Taking an increased response time to overcome fear-driven defensiveness and sharing key information and gathering responses ahead of time to limit surprises.
- Careful and caring moderation. Generating new communication channels when necessary while avoiding duplication/overload.
- Reframing professional development & training by asking what people need to do, by offering training on not only new online tools and risks involved but also on new life and work balance demands. Using collaboration and mentorship to show care and build capacity for continuity.
- Opting-in social time to help members to feel belonging to their community by doing lightweight prompts such as google street map tours of hometowns, pet parades and virtual play dates.
- Expect to make mistakes and rehearse taking responsibility and moving forward from them.
- Ensuring sustainability by re-assessing roles, responsibilities, and contribution pathways, identifying what matters most to continue online, and scanning for funding opportunities.
Week 3: Personal Ecology
Personal Ecology is a term that is not well known outside of Mozilla’s community. It refers to self-care in a wide sense of the word: things one does to stay happy, healthy, and engaged with one’s work.
Personal ecology means “To maintain balance, pacing and efficiency to sustain our energy over a lifetime.” – Rockwood Leadership Institute, Art of Leadership
At the beginning of the meeting, some prompts were offered to the participants:
The big idea behind personal is that taking care of oneself is among the responsibilities of an activist, leader or community manager. Self-care must be a strategic: It requires intent, caring, and frequent self-assessment and support from others.
“You can’t sustain a movement if you don’t sustain yourself.” – Akaya Windwoo
The crucial part of this call was a self-care assessment. The participants were invited to make a copy of the inventory prompts below. Ten minutes were devoted to ranking once response on each item from 1 (never) to 5 (always).
- I have time to play in ways that refresh and renew me.
- I am energized and ready to go at the start of my day.
- I regularly get a good night’s sleep.
- I effectively notice and manage stress as it arises.
- I can execute my current workload with ease and consistency.
- I have time to daydream and reflect.
- During the day I take time to notice when I’m hungry, tired, need a break, or other physical needs.
- I periodically renew my energy through the day, every day.
- I eat food that satisfies me and sustains my energy throughout the day.
- I often have ways to express my creativity.
- I have time to enjoy my hobbies.
- Those that love and care about me are happy with my life’s balance.
- I spend enough time with family and friends.
- I take time to participate in fun activities with others.
- I feel connected to and aware of my body’s needs.
- I take time to pause and reset now and again.
- I am satisfied with my balance of solitude and engagement with others.
- I make time for joy and connection.
- I feel at peace.
- At the end of my day I am content and ready to sleep.
After the ranking was done, the participants were invited to make lists for themselves of:
- Things to continue.
- Things to improve or increase.
- Things to try or work towards.
The meeting was completed with everyone writing down one powerful next step they will take.
Week 4: Community management
The fourth week we were asked about the successes and challenges we experienced in community management. Several examples of successful online communities were listed by participants: Mozilla Open Leaders (including its “daughters”: Open Life Science, eLife innovation, Open Post Academics, and OpenScapes), the Carpentries, the Software Sustainability Institute, rOpenSci, The Turing Way, The Athenas, and the Center for Scientific Collaboration and Community Engagement (CSCCE).
In a time of crisis, such as during COVID-19, a community manager should give hope and be emphatic, but also be realistic and transparent about the situation. Abby introduced a community management principle: the Mountain of Engagement. A sustainable community should have two things: 1) new members and 2) a way for existing members to grow within the community. These two things involve different levels of engagement (on the Mountain). First there is the ‘discovery’ level, where members first hear about the community. Then there is the level of ‘first’ contact, where they first engage with the community. After first contact, new members can contribute to a community in the ‘participation’ phase. When this contribution continues they reach the ‘sustained participation’ level. They may also use the community as a network (‘Networked participation’) and eventually take more responsibilities in the project in the ‘leadership’ level. It is good practice to consider how you will engage your members through these various levels from the start of your project or community. Your members will have different requirements and needs, depending on which level they are at:
- Discovery; where the promotion of your community is important, which can be done through having a public repository that has an open license so that it is clear for others what they can reuse.
- First contact: your community needs to have a clear mission, and multiple communication channels to make it easy for people to get in touch. This includes offering some passive channels which allow them to just follow the community.
- Participation: Personal invitations to contribute work best. In these invitations you should set clear expectations by having contributing guidelines and a code of conduct (to which members can contribute). It is also good practice to let your participants know how much time and effort is expected from them if they want to contribute. By allowing your members to contribute at their own terms you allow them to take ownership of their contributions.
- Sustained Participation: It is important to recognise the contributions of your community members, as well as to allow for their skills and interests to move the community forward inline with the community mission.
- Networked Participation: Your community should be open to mentorship and training possibilities to allow members to grow. You can also think about professional development and offer certificates to members.
- Leadership: Leadership should be inclusive, and involve value exchanges. It should be clear what is expected of community members when they take responsibilities. Leadership can take many forms and can come from anyone within the community.
It is also important to recognise that your community members can move up and down these levels of the Mountain of Engagement. Sometimes they will even need to depart and come back to your community at another time. To help move members forward it is important to assign them timebound and specific tasks in accordance with their capacities and recognise their contributions. Not everyone in your community needs to contribute and engage at all opportunities.
In a time of crisis, it can also be important to focus on the things that really matter right now, rather than overburden your community members. Here it is important to ask your community members about their needs and preferences. You can, for example, consult them on their preferences for communication platforms in order to meet where they are. Patience and reflection are great goods in these situations, as they allow us to think more deeply about why we work in certain ways and what we can learn from working online. It is important to realise that anything we build up now can also be used when a time of crisis is over!
Grant R. Vousden-Dishington / Mario García / Cornelius Kibelka / Kim Cressman / Ryan Pitts / Julien Brun / Eirini Zormpa / Di / Jennifer Polk / Tim Butcher / Jen Hernandez-Munoz / Barbara Paes / Anisha Fernando / Terra Graziani / Elio Campitelli / Kristen Thorp / Kevin Mulhern / Erin Dunigan / Cora Johnston / Meg O’Hearn / Emily Stovel / Una Lee / Marty Downs / Gabriela Mejias / Jason Heppler / Brandon Locke / Julie Lowndes / Debra Erickson / Chad Walker / Patricia Herterich / Bradly Alicea / Bhuvana Meenakshi / EN,Hi,Ta / Chiara Bertipaglia / Gayle Schechter / Oscar van Vliet / Lisa Bass / Samantha Teplitzky / Kevin Helfer / Stavana Strutz / Jessica Steelman / Hilary Ross / Aliya Reich / Carrie Kappel / Elizabeth Blackburn / Sarah Melton / Jodi Reeves Eyre / Daphne Ugarte / Verena Lindner / Zannah Marsh / Marilyn Pratt / Kimani Nyoike/Maskani Ya Taifa / Joppe Hoekstra / Edoardo Viola / Rachael Ainsworth / Lucy Patterson / Merle von Wittich / Grace McPherson / Sara El-Gebali / Lucia / Naomi Alexander Naidoo / Gavin Fay / Kim Wilkens / Alan Berkowitz / Vinodh Ilangovan / Marijn / Jez Cope / Christina Rupprecht / Teo Comet / John Cummings / Hanan Elmasu / Harshil Agrawal / Brenda Hernandez / Christina Cantrill / Lis Sylvan / Dylan Roskams-Edris / Kate Nicholson / Maartje Eigeman / Dave Howcroft / Francesca Minelli / Brooke Brod / Steve Van Tuyl / Sharan Jaswal / Nicole Holgate / Elisabeth Sylvan / Anna Desponds / Emma Irwin / Konstantina / Daniel Sestrajcic / Camille Maumet / Mohammad Issa / Cassandra Gould van Praag / Sadik Shahadu / Rubén Martín / Ana Rosa Rizo-Centino / Kartik Choudhary / Erin Robinson / Sarah Dorman / Carla Garcia Z. / Noha Abdel Baky / Elizabeth Sarjeant / Leslie Hsu / Suzi Grishpul / Philo van Kemenade / Ioana Chiorean / Raven Sia / Jaana Pinheiro / Angela Li / Lewis Munyi / Chana Fitton / Callan Bignoli / Jona Azizaj / Malvika Sharan / Annette Brickle / Edwin / Anita Cheria / Eileen McNulty-Holmes / Pablo Chamorro / Emilie Socash / Trevor Haché / Lynn Gidluck / Izzy Czerveniak / Lara Therrien Boulos /
Author: Esther Plomp
How should you move your event or conference online? By examining the three online meetings I attended this week (11-15th May 2020) we might find some insight into this question. These events were all related to open science and data, but the organisers made use of very different types of conference/event formats to move their event online:
1. Open Scholarship Week: A full week conference with 1-2 sessions on each day (presentations or more interactive workshop sessions) (see also the upcoming Open Publishing Festival for a similar format).
2. csv,conf,v5: A two day conference focussing on lectures and keynotes.
3 Remote ReproHack: An interactive day that had a number of keynote speakers but mainly focussed on the input of the participants that tried to reproduce papers.
Below I will give a brief overview of these events, and some things to consider for future online events.
The Open Scholarship Week – #OSWGalway2020
The Open Scholarship Week started with a 1-hour opening session on Monday (11th of May) to introduce the Open Scholarship Week and was followed by a keynote about Open Science and Community building in the Netherlands by Dr. Antonio Schettino. Later that same day Antonio led a more interactive session on how to use the Open Science Framework (see here for the slides). On the second day three 1-2 hour sessions on Open Educational Resources and Wikipedia took place. On the Wednesday a session was hosted on Open Data and Software, by Adam Leadbetter and Niall Moran (see here for part of the slides). There were no sessions on the Thursday. On Friday two sessions took place, one on the recently launched Arts and Culture in Education Research Repository, and a closing session focusing on Open Science. Slides of the presentations are available on Zenodo. The Open Scholarship Week made use of Zoom and recorded the sessions which are available here.
This week the fifth edition of csv,conf,v5 took place. During the welcome session up to 900 people were tuning in! The conference took place in several sessions on crowdcast. There was a Slack channel available to facilitate interaction between participants. Everyone was encouraged to introduce themselves through Slack in a dedicated introduction channel. Social interaction was also stimulated during lunch through a Zoom meeting (using break-out rooms to facilitate smaller group discussions) as well as a llama showing (I am not making this up). This has been the perfect set up for a conference with over 800 participants attending each session! Recordings will be made available on YouTube.
Remote ReproHack – #reprohack
To get a better understanding of what a ReproHack is, I can recommend reading a blogpost about a ReproHack that I attended in person last year as well as this overview by the hosts. (A blogpost about the Remote ReproHack will be posted next week!) The remote ReproHack took place on Blackboard Collaborate in the webbrowser. This platform was chosen as it allows participants to freely move between break-out rooms. This is not possible with tools such as Zoom, where participants have to be moved by the host to break-out rooms. During the remote ReproHack the participants could choose a paper to reproduce from a list of 37 papers (who’s author’s volunteered to be reproduced). The ReproHackers could indicate through a hackmd.io file on which paper they were working. We could work on reproducing the papers in three sessions, each lasting about an hour. About half an hour of those sessions was spent on providing constructive feedback to the authors of the paper, using a previously set up feedback from. During the day three short keynotes took place on reproducibility and tools participants could use to make their research more reproducible. No recordings took place during this event.
So which format should you pick?
It is important to stress that there is no right or wrong format for your online event: These three conferences/events were all successful in moving their event online in an engaging way. The idea is to pick the format that fits your community or that best gets your message across.
For example, if you would like to host an event that is similar to a conference, the format that csv,conf,v5 used is more applicable. This requires your participants to be available for only one or two days, but for a longer time period. If your participants cannot commit to a full day online, the format of the Open Scholarship Week could be more interesting.
In terms of commitment it was possible for both the Open Scholarship Week and csv,conf,v5 to only follow certain parts or sessions, and catch up later through the recordings. This was a bit more complicated for the Remote Reprohack: if you would miss out on the explanation in the morning it would be difficult (though not impossible) to attend the rest of the day.
All of these formats allow for active contributions from participants. The Open Science Framework session of the Open Scholarship Week and Remote Reprohack had a more workshop type of format which allowed participants to contribute during the session itself (other than to just ask questions). Csv,conf,v5 used the lunch break as a space for interaction, by hosting a lunch Zoom meeting. With the dedicated csv,conf,v5 Slack channel it was easy to reach out to other participants and engage with them. For example, a self-organised session on communities of practice took place, which resulted of the engagement in the Zoom-lunch and continued afterwards with participants that noticed the message in the Slack channel. The Remote ReproHack made use of a hackmd.io document. Other online meetings, such as the Collaboration Workshop 2020, made use of a Google document where individuals could sign in and reach out to each other. These text documents also allow participants of the event to contribute their thoughts.
Most of these interactions could benefit from some stimulation in the form of a facilitator or organiser that takes charge. Here it is very important to have an inclusive environment and point people towards your code of conduct (see those of the Remote Reprohack and csv,conf,v5 for excellent examples), to ensure that everyone feels safe to contribute. Sometimes interaction can be facilitated by just stating that it is possible to introduce yourself in the chat, or to give an example on how to do it, as was done for the closing session of the Open Scholarship Week.
It is also important to allow your participants to catch a break and recharge. The Open Scholarship Week sessions were spread over several days, which allowed for plenty of time to recharge in between the sessions. Csv,conf,v5 had a number of scheduled breaks of ~15 mins in between the sessions, which was praised by participants in the chat. During the remote ReproHack there were scheduled breaks and during the interactive sessions you could also choose to pause whenever you felt like.
Hosting events online does not make them boring or static. By facilitating interaction with the participants and having a llama show in the break, your event will be just as memorable as normal!
Edited on the 16th of May to add the “Breaks” session, as inspired by a conversation on Twitter with Dr. Elaine Toomey from the Open Scholarship Week.
Research moves fast. Policies and practices change quickly. Information flows rapidly. Google and other dynamic online services move with blistering speed. Libraries have a hard time keeping up.
I have recently been appointed Head of Research Services at TU Delft Library. One of my first tasks is to review how effectively our services, advice and support is communicated to the research community.
We have some great services. We have an Open Publishing Platform for hosting open access journals; along with the eight faculties we have a team of fast-moving Data Stewards; we have a strategy and expertise guidance in place to ensure that all necessary documentation from the university is archived in accordance with Dutch archival laws; we have a long-running archive for research data. There are many more.
And of course, the Library is not the only group running services for researchers. Our colleagues in ICT, Legal Services and Valorisation Centre all help staff during different aspects of the research life cycle
This creates a profusion of services. The services are good. But the way they are communicated is awful.
The rationale, help and background for all of these services are usually dumped on the university website. The ideal website is a sleek and concise piece of ingenious design, providing answers in seconds. Most university websites, however, are a sprawling mass of text and images, out of date or 404 pages, with conflicting or unclear information.
Going to the university website is like that moment you come back from a long holiday and find a mass of letters, brochures, business cards and magazines stuffed through your letterbox. Where to start?
I’ve not run any focus groups, but I suspect that researchers would find it difficult to find information about these university services. Most will resort to Google, or knocking or their neighbour’s door. These can be useful solutions, but they don’t necessarily point back to the library services. The library is leaking customers.
Before we try and find solutions to this, it’s worth looking at some of the particular problems we face in dumping all our service information on the university website. If we start to identify these, then we can start to create something better for researchers.
1) Siloed content – Services are not presented in an integrated way. For instance, one service for data management might be run by library, and a related one by ICT. But they do not refer to one another at all.
2) Guidance is text heavy – do visitors really like wading through long scrolls of text? Some might, but they are few. But others need quick, immediate guidance via text, image, video or walkthrough. (Additionally, how can we make the services themselves more intuitive so less guidance is needed?)
3) Excess of articles. Researchers are pressed for time. They want to concentrate on their research. So having multiple pages describe features will drive researchers to distraction
4) For editors and administrators, it’s not easy either. Publishing information via a website Content Management System can be a distressing usability experience. Often the website editor is not the expert on the actual service, leading to further difficulties in getting the right content online.
5) University websites are organisation focussed not service focussed; they are organised in a way that reflect how a department is line managed. (Good businesses never do this) But researchers don’t really care which service or department runs a tool they need – they just want to get access to the tool.
6) Lack of community ownership. This is a more intangible problem. Researchers often avoid library or other websites run by the support teams, because such websites don’t quite speak the researchers’ language. The don’t build up a sense of a user community. Truly great university services and related guidance would give researchers a stake in how these services are run and described
So, there we have it. Some of the key problems in advertising library and other services. I will follow this up with a second blog post looking at some of the solutions.
Authors and contributors: Santosh Ilamparuthi, Marta Teperek, Anke Versteeg and Yasemin Turkyilmaz – van der Velden
The worldwide spread of COVID-19 has led to a shortage of vital healthcare equipment, especially personal protective equipment (PPE) and ventilators. This has led to a dramatic increase in demand for possible solutions. People around the world, including researchers, have started working on various solutions from simple ventilators, homemade face masks and testing equipment.
More does not always mean better
While this outpouring of ideas and projects is welcome, healthcare professionals and others who wish to make use of these resources do not have any guidance as to where to turn. Searching online for these projects is not easy and it might be difficult to find the best resource. Searching in Google for “open ventilator design” returns about 70,200,000 results. Even when promising solutions are found, often the quality and feasibility of the solution isn’t easily verifiable. Malicious actors and profiteering happens aplenty as well. Additionally, the documentation about the details needed to reproduce the solutions are mostly not available.
The need for FAIR
In short, we want to help in making the projects and proposed solutions as FAIR (Findable Accessible Interoperable and Reusable) as possible. The solution for this comes from José Carlos Urra Llanusa, a former TU Delft student and current Data Champion. Along with collaborators and members of the Delft Open Hardware team, he has developed the CombatCovid App that enables the standardisation of documentation for hardware projects related to COVID-19. This open source project hosted on github has developers from around the world working on it. It also provides assistance to those who are unfamiliar with the best practices in documenting open source hardware projects. José has also recently received funding from the EOSC Secretariat Steering Group for hardocs, a package to make hardware documentation intuitive and user friendly.
The app also uses sophisticated search to find hardware designs within the documented database. It is able to handle misspellings and multiple keywords. The fast search functionality along with documentation in multiple languages provides hardware documentation for COVID-19 relevant devices to a broad audience. The documentation format is already available in English and Spanish, versions in Dutch, Russian and Portuguese are currently being prepared.
Documentation is vital for re-usability
A single location to access all relevant projects along with documentation in a single format enables users to efficiently use the resources. Several projects like the MIT ventilator and various face shields have already been documented by volunteers from Delft Open Hardware (see examples here and here). TU Delft students participating in workshops on data documentation and using GitHub also contributed to the documentation of some projects.
TU Delft project Project Mask is in the process of being documented at CombatCovid with more TU Delft projects (OperationAir, Project INSPIRATION) in discussions on documenting. Funding resources are available through the TU Delft COVID-19 response fund and the data refinement fund.
The team developing the CombatCovid app along with members of Delft Open Hardware community are available through discord to help teams document their projects. The assistance provided includes:
- step by step guide in structuring the documentation and source files,
- uploading the documentation to the github repository,
- creating a resource metadata file that will help others find the project and get a quick overview of the status and relevance,
- providing a structure that allows other contributors to translate the project documentation in various languages and selecting an appropriate license for your project.
How to join
Authors and contributors: Marta Teperek, Robbert Eggermont, Yan Wang, Anneke Zuiderwijk, Seda Gürses, Taritha Sari, Yasemin Turkyilmaz-van der Velden, Heather Andrews, Sjoerd Dijkstra, Esther Plomp, Jeff Love, Igor Nikolic
There has recently been a lot of questions about the security and privacy aspects of Zoom – a popular tool for online meetings, for which TU Delft has recently purchased an enterprise licence.
Typically, for every tool centrally purchased by TU Delft, there needs to be a review procedure looking at privacy and security issues (among other aspects). Only after a positive review, an enterprise licence for a tool can be purchased. However, given the rapid need for hundreds of licences for Zoom at TU Delft (especially given the sudden surge in demand from educators), the decision was made to purchase an enterprise licence, despite a non-positive outcome of the privacy and security review. The motivations behind that decision were rather pragmatic: an enterprise licence for Zoom is cheaper than hundreds of individual licences. In addition, TU Delft gets an opportunity to guide the usage of the tool, and information on the number of Zoom users (through NetID).
However, given that the outcome of the privacy and security review was not positive, Zoom is not a recommended tool for use by TU Delft employees. The official information about the access to Zoom states that those using the tool should be aware of “the privacy implications from using Zoom” and that they should not be using Zoom to discuss “critical/sensitive matters”. But what are these implications?
This blog post has been written in collaboration between the data stewards, colleagues from ICT (including the ICT Security & Privacy team) and TU Delft researchers, to discuss some of the main issues with Zoom, and also help TU Delft employees decide which of the tools accessible through TU Delft licences might be most suitable to them.
The issues with Zoom
The COVID-19 crisis created a surge in the number of Zoom users all over the world. At the end of December 2019, the maximum number of daily meeting participants conducted on Zoom was approximately 10 million. In March 2020, Zoom had more than 200 million daily meeting participants.
No surprise that various security experts have been scrutinising Zoom’s privacy and security policies, which led to a series of blog posts reporting numerous flaws of the platform. Below we list and discuss some of the issues which have been most frequently reported on the internet.
Misleading information about encryption in Zoom
In its white paper, Zoom promises its users end-to-end encryption of their meetings. “End-to-end” encryption means that no one, including the company, is able to decrypt messages shared between two users. As explained by the Verge, in Zoom, the encryption is between the end-user and the company servers. So while Zoom stated that it “has never built a mechanism to decrypt live meetings for lawful intercept purposes”, it does not offer end-to-end encryption. Therefore, users cannot be guaranteed that their meetings could not be decrypted and, for example, shared with law enforcement or intelligence agencies.
On the 1st of April, Zoom’s CEO highlighted that Zoom can also be run on-premise, and that later this year (2020) a solution will be available for organisations wishing to use Zoom’s cloud infrastructure, but preferring to manage encryption keys themselves.
Sharing data with third parties
- “We do not sell your personal data.” (…)
- “Zoom collects only the user data that is required to provide you Zoom services.” (…)
- “We do not use data we obtain from your use of our services, including your meetings, for any advertising”
However, while there are no cookies or tracking in the Zoom app itself (thus addressing the concern of third party data sharing), one should still be aware that Zoom tracks its users and uses their data when they visit their “marketing websites, such as zoom.us and zoom.com”.
Meetings being trolled, aka Zoom-bombing
There were also numerous reports of unwanted people joining and disrupting Zoom meetings. This also happened to one of TU Delft teachers, who complained that their class was disrupted after an army of trolls stormed in. It turned out that the link to the Zoom meeting has been posted on a public platform.
Zoom offers meeting hosts lots of functionalities to choose from to help make their meetings more secure. To help navigate its users through the options, Zoom has issued detailed guidance on how to “Keep uninvited guests out of your Zoom event”. In addition, in its blog post on 8 April 2020, Zoom has released a new in-meeting security feature which helps hosts deal with undesirable behaviour/uninvited participants.
And a final note on Zoom-bombing, as stated by Zoom: “When you share your meeting link on social media or other public forums, that makes your event … extremely public. ANYONE with the link can join your meeting.”
There are also several controversial functionalities which Zoom offers/offered, which, if used inappropriately, can attract a lot of privacy concerns.
Zoom had an optional functionality called “Attention tracking”. If turned on, it would have notified the host if meeting participants had moved away from the active Zoom window for more than 30s. In response to growing criticism, on the 2nd of April Zoom permanently removed this feature.
There was also criticism about the video recording function of Zoom. It has been particularly popular with teachers or conference organisers who wished to make meetings or lessons available to people who couldn’t attend them. However, there was some criticism that video recordings of calls are stored on Zoom servers, and thus accessible to Zoom.
However, the host can decide on the storage location of the video. The host can choose whether the recording will be stored on Zoom’s servers, or locally, on his/her own device (or a local server).
Some articles criticised Zoom’s chat export functionality, reporting that it also exports private participant-to-participant messages. However, Zoom only allows the host to export all public and all host-to-participant messages. Private messages, sent between participants, are not viewable by the host.
How to navigate between all the different functionalities of Zoom?
We have discussed above some of the most controversial functionalities of Zoom and how Zoom have addressed or is addressing some of these issues. The power of Zoom, however, comes with the fact that appropriately using its myriad of functionalities, can make your meetings or classes very effective – depending on what’s the goal of your “Zoom meeting”, you will find some functionalities more or less useful.
If your goal is to make your Zoom meeting as privacy-proof as possible, then Mozilla Foundation compiled some useful tips how to adjust the various functionalities of your Zoom meeting (please note that if the purpose of your meeting is to stimulate active discussion, debate, or networking, some of these recommendations might not be suitable).
Tips for choosing video conferencing tools at TU Delft
As mentioned before, it is always good to think about your needs and objectives before looking into the features of various tools and services, which enhance organisational online communication and collaboration. Here we discuss several points, which are important to consider when choosing video conferencing tools.
At the moment TU Delft provides enterprise access to two separate tools: Skype for Business and Zoom. In addition to these tools, TU Delft teachers can also get access to YouSeeU for educational purposes. At the same time, through SURF, TU Delft employees also have access to a pilot of Jitsi, which is an open-source and encrypted tool, compatible with Linux, as well as to a pilot of vc4all .
Below we will discuss selected functionalities of Skype for Business and Zoom, as these are currently accessible to all employees at TU Delft to support online meetings and videoconferencing (Jitsi and vc4all are currently at a pilot stage, and YouSeeU is provided for educational purposes and not accessible to everyone).
- Think about the size of the audience expected at the meeting and check if the tool you choose supports a large number of participants.
- Consider where the participants connect from to the meeting and check if the tool has any organisational boundaries or limits for external people.
- Further consideration: is there already a tool that is used by the target audience? There is always an acceptance curve when switching to new tools/services.
- In order to maximize the use of the tool, make sure that the functionalities are self-explanatory and intuitive to use by all participants. Pay attention to the learning barrier of implementing the tool. How easy is it for both hosts and participants to establish the connection and conduct the online meeting? Do people need to install additional apps or clients? Are there any other things in relation to the online meeting/education that need to be adapted? It is helpful to think through the complete workflow of organising your online activities.
Participants from outside of TU Delft sometimes experience difficulties connecting to Skype for Business meetings. Zoom meetings seem to be equally easily accessible for TU Delft, as well as for external participants. In addition, Skype for Business seems to be less user-friendly than Zoom (e.g. people struggling to find the camera or mic settings, problems viewing the chat, or chat history, problems re-joining the call after getting disconnected).
When using multiple video conferencing tools on the same computer, there might be conflicts between these programmes about using the computer’s audio or video devices. You may need to reset or restart it in order to make the tool function properly.
Skype for Business cannot be used on Linux (no client/plugin exist), so Zoom might be a better choice for users of diverse operating systems.
When making decisions about the tools (and the functionalities you will decide to turn on), also think about how your choices might affect the privacy of the people participating in your meeting. This is particularly important to consider in an educational context and the implication for students and their right to privacy.
- When looking at necessary functionalities, it is important to choose them based on the priorities of online tasks or activities.
- Be aware of the tool’s integration with other existing applications and its potential risks/benefits.
Zoom seems to have many more functionalities and options available as compared with Skype for Business. Some of these functionalities might come in handy, depending on the purpose of the meeting (e.g. ability to split the attendees into multiple breakout rooms, in-tool polling, in-meeting instant communication tools).
In addition, the integration between video conferencing tools and email/Outlook calendar is a handy plug-in, and both Skype for Business and Zoom allows it. At the same time, there are privacy implications to be considered. For example, people’s status is also visible to the organiser when sending emails in Outlook due to its integration with Skype for Business.
Knowledge, Information, Data
- You may read many other articles evaluating the tools. It is crucial to obtain critical thinking when reading the comments and reviews. It is wise to think about the context of the article, including the purpose, the authors and their standpoints. For example, the fact that Zoom’s shares increased so dramatically in the recent month, might prompt additional criticism from its competitors (note that while Zoom has/had a lot of privacy and security flaws, some of the “issues” reported in the media – see above – were incorrect).
- Always think about the sensitivity of the topics and information that will be discussed online. Make sure the online environment is secure enough for the data that will be processed.
Due to the aforementioned encryption issues, TU Delft currently advises its employees not to discuss any “critical/sensitive matters” through Zoom and to use Skype for Business instead.
Zoom’s position in relation to the criticism
Zoom’s response to all the criticism with regards to its privacy and security policies was rather admirable.
In addition to all the adjustments and actions already described above, its CEO published a post on the 1st of April stating: “…we recognize that we have fallen short of the community’s – and our own – privacy and security expectations. For that, I am deeply sorry (…) We appreciate the scrutiny and questions we have been getting – about how the service works, about our infrastructure and capacity, and about our privacy and security policies. These are the questions that will make Zoom better, both as a company and for all its users.”
The CEO also promised that over the next 90 days (from the 1st of April), Zoom will freeze any feature development efforts and will instead shift all work towards addressing safety and privacy issues. The CEO also announced a weekly webinar series intended to provide security updates to the community. On 8 April Zoom announced the official formation of its CISO Council and Advisory Board to assist with the comprehensive security review of their platform. In addition, anyone can subscribe to their security update blog posts.
Next steps for TU Delft
So what’s next for TU Delft?
At this very moment, there are two tools for online meetings available for TU Delft employees to use (Zoom and Skype for Business). In addition, educators also have access to YouSeeU. What is important in the short-term is to help employees make informed decisions about which of these two tools to use, when and how. We hope that this blog post is a step in this direction.
It would be useful to conduct a comprehensive analysis of the various video conferencing tools available, including gathering feedback from the two pilots currently taking place (with Jitsi and vc4all). These should be analysed not only with regards to functionalities and user experience, but also privacy, security and business models.
The end-users: researchers, teachers, staff members, students, should take an active part in the evaluation effort.
In the long-term, ideally, the best solution for TU Delft is identified (taking into account all the considerations listed above). Ideally, the solution would be open source – not only to ensure greater security but also adherence to the mission and vision behind TU Delft’s strategic commitment to Open Science. Investment in open source infrastructure and the commitment to the building of own infrastructure is also important to lessen institutional dependence on proprietary vendors (who may or may not survive the online wave induced by COVID-19).
Ideally, one should also always keep in mind the ever-changing landscape and the necessity to constantly re-evaluate what’s best and also what’s most popular with the end-users (and why).
Ideally, the same steps would be followed for any other tools and applications at TU Delft.
To summarise, as with everything, tools for remote meetings have their pros and cons. Same is for the two video conferencing tools provided by TU Delft: Zoom and Skype for Business.
We hope that this blog post helps people understand the concerns around Zoom and provides some suggestions on how to make informed decisions which tool might be most appropriate for their meeting (out of the current TU Delft offering). And regardless of their choice, meeting organisers should always remember to inform their meeting attendees about their choices and available options, and how they impact their participation (for example, camera on/off, recording of meetings) – same as with traditional face-to-face meetings.
Finally, the surge of questions about Zoom’s privacy is really welcome, as it illustrates how much more privacy-aware TU Delft employees have become since the introduction of the GDPR and the campaigning around it. That’s key for responsible risk management around privacy and security.
- Information about Zoom from TU Delft ICT: https://intranet.tudelft.nl/-/zoom
- Tobias Fiebig from TU Delft TPM faculty is running a local instance of BigBlueButton, which can be used by TU Delft employees
- TU Delft Teaching Lab also provides access to Webex. Information can be requested by contacting firstname.lastname@example.org
In the afternoon of Day 3, Danny and I met with Belinda Weaver and her colleagues from the library research support services at Griffith University. Belinda shared with us an impressive example of how Griffith Library reinvented its research support services to meet the growing demands of supporting digital research in the 21st century. The Library not only had to upskill their staff but also restructure support services and develop new approaches to training and engagement. Below are some selected snapshots of what Belinda and her team did to support data-intensive research.
Mapping out the needs
In order to decide what services should the library provide and how to do it, the team organised two types of consultations:
- With research staff and students, who needed research data support
- With support staff at the Library, who offered such support
The first one was essential to understand what are the needs of researchers. Research data management support offered by the Library traditionally focused on issues such as back up strategies, IP and licensing. It turned out that what researchers needed most was support with working with data across the entire research lifecycle and taking into account all the complexities of research projects. The newly surfaced issues were, for example, effectively managing access rights and access control, data security, data governance, but also data clean-up and data-driven research methods.
The internal consultation with the library staff helped to collectively agree which services the library should offer, decide on roles and responsibilities within the library staff members (who should deliver these new services), and to identify the knowledge and skill gaps. Doing the process collaboratively helped everyone understand and accept the need to build new capacity and capability to support data-driven research, and also to realise the roles they needed to play in the process.
Breaking down information silos
After establishing the gaps, the team focused on collaboratively creating a new knowledge base. This was again approached from two different angles:
- By looking at specific topics – the team has identified 60 topics where knowledge needed to be updated and consolidated (e.g. APIs, data encryption)
- By looking at disciplinary differences and practices (e.g. tools, research methods, data sources)
To ensure that knowledge can be easily shared and exchanged between colleagues and to counteract information silos, the team created templates for both specific knowledge topics, and for mapping out and understanding research disciplines.
Ensuring that such information is easily shareable between team members is essential when it comes to supporting the increasing amount of interdisciplinary research, and also in situations where team members need to switch roles or share tasks and responsibilities.
Skills and awareness
Understanding the needs of researchers and becoming familiar with the knowledge and disciplinary differences in which researchers operate, helped Belinda and her team to adjust the training provided by the Library. It is was particularly interesting for me to learn how the team addresses the ever-growing need for data wrangling skills. This is done through a combination of weekly hacky hours, software carpentry workshops organised once every two months, and yearly Research Bazaar festivals.
Software Carpentry workshops
Software Carpentry workshops teach researchers basic computational skills. Griffith University Library currently has four certified Software Carpentry instructors, which includes two instructor trainers. In addition, some Library staff act as helpers during these workshops. All these help Griffith University run these workshops on a regular basis. All workshop logistics are managed by Griffith’s eResearch Services unit.
Weekly hacky hours complement the software carpentry workshops. While Software Carpentry workshops are essential for researchers to learn the basic skills they need to start working with code and data, the content of the carpentry workshops is generic. Therefore, researchers who attend Software Carpentry workshops sometimes struggle in implementing the new learning into their daily practices and workflows. Hacky hours invite researchers to pop over to get help finding solutions to their specific problems, or to get advice on working with their own research data.
ResBaz, or Research Bazaar
ResBaz or Research Bazaar is an impressive, three-day-long festival of digital skills for research. In Brisbane, it is organised jointly by Queensland University of Technology, the University of Queensland, Griffith University, the University of Southern Queensland, and Queensland Cyber Infrastructure Foundation.
The first two days of the festival offer myriad of workshops helping researchers learn how to work with digital skills (in addition to Software Carpentry workshops, researchers can also learn how to work with Jupyter Notebooks, how to program with R, or how to do RNA sequencing etc.). The third day consists of talks on various topics: case studies on the use of digital tools and methods; talks on effective collaboration; or seminars on topics issues pertaining to personal and professional development.
While at TU Delft we do run regular carpentry workshops, and piloted drop-in consultations for code and data (our “Coding Lunch and Data Crunch” sessions), so far we haven’t run any big festivals of the like of ResBaz – definitely something worth considering!
Other blog posts from my trip to Australia:
The third and the fourth day of my trip I did jointly with Danny Kingsley, Scholarly Communication Consultant and the former head of Scholarly Communication at the University of Cambridge (my former boss). Together we have met with Fei Yu, Jan Wisgerhof and Kathleen Smeaton from the University of Queensland.
Machine Actionable DMPs: theory and practice
In Europe, there are now a lot of discussions about machine-actionable data management plans (maDMPs). In the European context, traditional DMPs were created mostly as a result of funders’ requirements. Funders wished to have assurance that researchers would manage their research data responsibly. Typically, the information in data management plans was not structured and was not much re-used. The goal of machine-actionable DMPs is to make information recorded in the DMPs structured and actionable by machines. For example, if a researcher needed X amount of data storage space, appropriate storage requests would be made straight away from the DMP. Under the auspices of the Research Data Alliance, a lot of important theoretical work has been already accomplished in order to agree on a data model for maDMPs. However, at least in the European context, there has not yet been a fully functional implementation of the maDMP concept (or I am not aware of them).
It was therefore very interesting for me to visit the University of Queensland, where colleagues from the Library’s research data management team have developed a dedicated tool, the Research Data Manager. The tool, while it is not called a DMP tool, is a beautifully working and functional implementation of maDMPs.
So how did it all start?
Back in 2015, the research data team spoke with some Queensland University researchers and asked them about research data underlying their published papers. In most cases, data were either no longer findable, or very difficult to find.
Therefore, the research data team created a tool, with the intention to capture an initial, basic metadata layer about research projects and research data created by university researchers. That’s how the Research Data Manager tool (RDM tool) came to live.
The tool went through several rounds of iterations. Initially, it was started as something similar to DMPs in the European context – researchers were asked to describe their plans for data management at the beginning of their projects.
This approach, however, wasn’t very popular among researchers. They weren’t motivated to respond to long questions about their data management strategy, where a lot of information had to be copied from somewhere else, and they didn’t see the real benefit of doing this.
To respond to this feedback, colleagues from the RDM team made a lot of changes in the tool to make it more useful for researchers:
- Substantially limited the number of questions asked in a DMP
- Changed all the open text fields into lookup, multiple-choice or checkbox questions, in order to allow for structured responses
- Structured responses allowed integrations, which brought actionability to DMPs and provided tangible benefits to researchers.
So what does the Research Data Manager Tool do?
The tool has 20 very easy to answer data management questions (all are lookup fields, checkboxes, radio buttons). By replying to these questions, researchers get free 1TB of storage (capacity can be extended through the tool), which is backed up and maintained by the University. The game-changer was that the storage which researchers could request through the tool allowed them to easily collaborate online with other researchers (authentication through edugain allows easy collaboration with people from 300+ universities worldwide).
As soon as the researcher responds to the questions, the request for project storage space is immediately pushed to their supervisor for approval, and subsequently, a dedicated project space is created. Altogether, it only takes about 15 mins for researchers to receive their allocated storage.
It is all in integrations
The key principles behind the tool are simplicity and integrations. I was impressed to see how many integrations the tool had already in place. In addition to integrations with storage and authentication systems, the tool also has a direct connection with the university finance and ethics application systems. What it means is that when a researcher logs in to the tool and indicates that their project has been externally funded, they can look up their project info coming from the finance system and auto-populate the relevant fields in the RDM tool. Similarly, if a researcher indicates that they will be working with personal research data, some additional questions will appear, including a question about ethics approval. But again, instead of duplicating the information, both the ethics tool and the RDM tool are connected. If a researcher has already started an ethics application, they can look it up in the RDM tool instead of copy-pasting the content.
Digital research notebooks
An additional interesting feature of the tool is that it prompts researchers for the use of digital research notebooks (aka electronic lab notebooks, or ELNs). In the form, researchers are also asked if they would like to use digital lab notebooks for their project. If they tick the box, then an account is created for them with LabArchives, which is the institutional digital research notebook product.
At TU Delft we are currently piloting ELNs and it seems that researchers from various disciplines have different requirements for an ELN. Therefore, I was curious to know if the one-size-fits-all approach wasn’t a problem for researchers at the University of Queensland. “It is used across all disciplines. Various researchers use it in different ways. In arts and humanities, researchers simply use it as a digital replacement of their paper notebooks or sketchbooks with the advantage that they can access it anywhere on their laptop or mobile, and are fully backed up” – explained Fei.
Jan told us about the latest developments in the tool. One of the biggest successes of the team was the integration between the RDM tool and the institutional eSPACE repository. This allows researchers to easily publish selected datasets in the university repository and get a DOI for them, without the need to populate all the metadata fields – these are auto-populated based on the information in the RDM tool. During our visit, the RDM team was just celebrating the first dataset which was published in the repository through the integration (there are of course more datasets hosted in the repository, which were published before, through direct data deposition route).
The two new developments that the team is currently working on are integrations with the thesis submission system and also with popular scientific instruments. The integration with the thesis submission system means not only that theses could be automatically uploaded to the university repository, but also that students will be asked to publish their data at the same time. The integration with instruments allows instruments data to be directly added to the RDM tool, with baseline metadata, which makes the data flow much easier for researchers to manage and also allows for easy data publication. In addition, this could also enable facility managers to get statistics on the usage of tools and facilities.
All data and metadata in the RDM tool are version controlled. In addition, researchers can easily export and submit their DMPs from the system to funding bodies (albeit Australian funders don’t have strict requirements for DMPs).
The usefulness of the tool and the tangible benefits of transforming it into a ‘maDMP’ meant that researchers didn’t need to be convinced to start using it. In the first 10 months, 1000+ researchers started using the tool. At the moment it has 10,000 users. “People create a DMP and see the immediate benefits, without even knowing this is a DMP” – Fei explained.
In addition, seeing the usefulness of the tool, the graduate school made it mandatory to use the tool for all PhD students. This made PhD supervisors very happy. Many of them were worried that PhD students leave the University without leaving their data behind, or leaving them not in good order. Because every student request needs to be approved by the supervisor, supervisors are now aware of where and how students store their research data and gained better oversight over data management practices in their research groups.
An unintended benefit of these integrations was also much closer cooperation with other university services. Thanks to the joint work on the RDM tool, colleagues from other departments now all see how good data management practices are embedded within their workflows: from grant applications, through ethics approval and finishing with publication.
Back to TU Delft
Our DMP template at TU Delft has a lot of questions with simple, multiple-choice responses. However, we do not yet have integrations in place with various university tools and systems. Visiting colleagues from the University of Queensland was therefore very inspirational and, well, we have a lot of work still to do at TU Delft to transform our DMPs into maDMPs. The work done by Fei, Jan and Kathleen certainly provided us with lots of useful lessons learnt and examples we could try to adapt in our institutional setting.