_config.yml

# --------------
# -- Settings --
# --------------

# Ignore this. This is only if you're hosting this in a sub-folder.
baseurl: "/dtlhackday16"

# If you're using GitHub pages without custom domain, this is "[github_username].github.io". Prepend with "http://"
url: "https://datatransparencylab.github.io/dtlhackday16"

# The ability to use custom themes.
style:
  theme: "original"

# Let people connect & engage with you through social media.
social:
  twitter_handle: "dtl_info"

# This is Search Engine Optimization. It'll help your website look better on search.
seo:
  title:       "DTL Hack Day| 19th November 2016"
  description: "A 12 hours hack day to work together on building tools that help educating users on the importance of privacy and transparency"
  #image:       "https://prime.mlh.io/img/logos/mlh-prime-color.svg"

# Event information.
event:
  name:        "DTL Hack Day"
  description: "A 12 hours hack day to work together on building tools that help educating users on the importance of privacy and transparency"
  date:        "Saturday 19th November 2016"
  location:    "Columbia University, NY, United States"

  hero:
    links:
      - text: "Register"
      #href: "https://www.eventbrite.com"
        href: "#attending"
      - text: "Sponsor"
        href: "mailto:events@datatransparencylab.org"

  about:
    description: >
      The Data Transparency Lab is hosting, collocated with DTL 2016
      conference a 12-hours hack day.
      The hack day main topic is “User Education on Privacy and
      Transparency”. If you have any idea to help users understand
      why they should care about privacy and why they should demand
      online services to be more transparent you shouldn't miss this
      event!

  # Info Sections
  info:
    section-intro: >
      Don't have any idea about a hack that could fit into the Hack Day main theme? No worries! We have a list of potential challenges and ideas that you can hack on! Check the list below:
    section-footer: >
      You can check <a href="ideas.html"> a detailed list of these ideas </a> 
      but you are free to bring your own idea. Furthermore, do you
      have an idea for a project that you want the hackers to work in? Please
      send us an <a href="mailto:{{events@datatransparencylab.org}}">e-mail</a> so we can include it in the list of challenges for
      hackers!
    sections:
      - image: "images/image1.png"
        title: "APPS"
        description: >
          We are looking for apps (mobile app, browser plugin, web site, etc.)
          that let users understand the privacy implications of actions they
          do.
      - image: "images/image2.png"
        title: "VISUALIZATIONS"
        description: >
          We have access to multiple sources of data that could be useful to
          users, we are looking for ways to create impactful visualizations
          that raise awareness on privacy/transparency.
      - image: "images/image3.png"
        title: "EDUCATION"
        description: >
          We are also looking for material (websites, videos, comics, etc.)
          that can be used in an innovative way to communicate adequately the
          need for privacy and transparency.

  prizes:
    - title: 1st Prize 
      amount: $1600 
    - title: 2nd Prize 
      amount: $1200 
    - title: 3rd Prize 
      amount: $600 

  sponsor-prizes:
    - title: Best Social Impact 
      amount: $400 
    - title: Most creative and user-friendly 
      amount: $400 
    - title: Biggest privacy protection impact
      amount: $400 

  criteria:
    - title: Originality
      weight: 25%
    - title: Look & Feel
      weight: 25%
    - title: Technical Complexity
      weight: 25%
    - title: Does it work?
      weight: 25%

  judges:
    - name: Daniel Coloma
      image: images/daniel.jpg
    - name: Ramón Sangüesa
      image: images/ramon.jpg

  sponsors:
    - name: Redmorph 
      image: images/redmorph.jpg
      description: 
      url: https://redmorph.com 
    - name: IPVanish 
      image: images/ipvanish.png
      description: 
      url: https://www.highwinds.com 

  schedule:
    - start: 08:00 AM 
      title: Doors Open
    - start: 09:00 AM
      title: Intro // Kick-off
    - start: 09:30 AM
      title: Idea Pitches and Team Formation
    - start: 10:30 AM
      title: Hack!
    - start: 12:30 PM
      title: Lunch!
    - start: 01:30 PM
      title: Hack!
    - start: 06:45 PM
      title: Show and Tell!
    - start: 07:45 PM
      title: Judges Evaluation!
    - start: 08:15 PM
      title: Prizes and Closing!

  # Hack Slies
  slides:
     - title: "ReCon"
       url: slides/recon.pdf
     - title: "Fingerprinting"
       url: slides/fingerprinting.pdf
     - title: "Facebook Data Valution Tool"
       url: slides/fdvt.pdf
     - title: "Intro Slides"
       url: slides/hackday16.pdf

  # Hack Ideas
  ideas:
     - title: "Raising Awareness of Personal Information Leaks"
       id: "recon-visualization"
       hook: > 
         Northeastern University has been running <a
         href="http://recon.meddle.mobi/"> ReCon project </a>with the 
         target of identifying which mobile apps are leaking Personal Information,
         which type of information it's leaked and what are the destinations of 
         that info. We want you to create different tools that leverage the 
         insights discovered by this project.
       description: >
         <ol>
           <li>
             The first idea for the hack is developing a visualization on top
             of the ReCon Dataest that let people understand what is going on 
             with their data when they use mobile applications on their mobile 
             devices. This could be built directly by using ReCon Dataset.
           </li>
           <li>
             Another idea is developing a browser plugin that let end-users
             check what is the level of leakiness of an application when she is 
             browsing the application homepage in the Google Play or App Stores.
           </li>
           <li>
             An Android application that scans the applications a user has 
             installed in her device and tells her the potential information 
             that those applications could be leaking and calculates a 
             <i>leaking </i> score for her device. The idea would be using 
             ReCon API to develop an Android application that scans the other 
             apps installed in the device and use the API to check if any of
             those apps has been spotted in the past leaking Personal 
             Information by ReCon. The application could offer user advise 
             about how to proceed depending on how bad the issues spotted in 
             the installed applications are.
           </li>
           <li>
             The idea would be implementing a Browser extension that inspects
             the traffic and provides a similar level of detection of Personal
             Infomration leaks to third parties.
           </li>
           <li>
             We would like also to provide users with a Real-time visualization
             of leaks that let them better understand which information is 
             being sent and where is it sent to.
           </li>
           <li>
             We would also love a mecanism in which users could contribute back
             their feedback about the leaks so we could create a crowdsourcing
             database with all the modificatoin/blocking rules users create.
           </li>
         </ol>
       type: "Visualization, Browser Plugin, App"
       assets: 
         - title: "ReCon Dataset" 
           url: "http://recon.meddle.mobi/json/data.json"
           description: >
             It's a JSON file that gathers aggregated information about all 
             the leaks of Personal Information that have been detected by the 
             ReCon project.
         - title: "API"
           url: "http://datatransparencylab.github.io/recon-api/"
           description: >
             It's an API built on top of that json that could be used 
             to check directly in an app is leaking PI or whether a domain 
             is receiving information and from which apps.
         - title: "ReCon ML Source Code"
           url: "https://recon.meddle.mobi/codeanddata.html"
           description: >
             Source Code of the ReCon Machine Learning System that detects PI
             Leaks.
         - title: "Example Visualization"
           url: "http://datatransparencylab.github.io/recon/"
           description: >
             You can get some inspiration by checking a sample
             visualization developed by the Data Transparency Lab Team.
       links: 
         - title: "ReCon Project Homepage"
           url: "http://recon.meddle.mobi/"
       facilitators: 
         - name: "Dave Choffnes"
         - name: "Jingjing Ren"
         - name: "Daniel Coloma"
     - title: "Privacy Census"
       id: "privacycensus-visualization"
       hook: >
         Thanks to a Princeton project named <a
         href="https://webtransparency.cs.princeton.edu/webcensus/">Privacy
         Census</a>, we can now understand how extended are tracking techniques
         over the web, including advanced ones such as fingerprinting. However, 
         this information might be difficult to process and understand for the 
         average user. We are looking for ways to communicate this appropriately
         to end-users so they can understand what are those techniques, how are 
         they used and how do they affect them.
       description: > 
         <ol>
           <li>
             One idea would be using either the whole dataset shared by 
             Princeton or a simplified dataset that just contains the key 
             insights about some of the key tracking techniques that are being 
             analysed. The visualization could be, for instance, a website that 
             shows which are the top domains using fingerpriting, or how 
             fingerprinting adoption varies depending on the geography or on the 
             website type.
           </li>
           <li>
             Another idea would be building  a browser plugin that, utilising 
             the information already spotted by Princeton, shows user 
             information about the site she is browsing or even show her the 
             level of exposure to fingerprinting according to the browsing 
             history. This could be built via a browser plugin that monitors the 
             current website, compares it to the findings database and informs
             the user (e.g. via an icon) about the usage of Finferprinting.
           </li>
           <li>
             The challenges above mostly target fingerprinting techniques, but 
             the Dataset also contains information about stateful tracking 
             (e.g. cookies, headers...) thata could be used for many other 
             ideas.
           </li>
         </ol>
       type: "Visualization, Plugin"
       assets: 
         - title: "Complete Datasets" 
           url: "https://webtransparency.cs.princeton.edu/webcensus/#data"
           description: >
             The complete postgres dumps with all the information of 
             the 1000000 sites crawl.
         - title: "Insight Dataset"
           url: "dataset/privacymeter-export.json"
           description: >
             A distilled information about the websites that have been spotted 
             using different fingerprinting techniques.
       links: 
         - title: "Privacy Census Homepage" 
           url: "https://webtransparency.cs.princeton.edu/webcensus/"
         - title: "Fingerprinting Analysis" 
           url: "https://datatransparencylab.github.io/fingerprinting-census/"
       facilitators: 
         - name: "Albert Terradas"
     - title: "How much are you worth for Facebook?"
       id: "fdvt-material"
       hook: >
         <a href="http://fdvt.org/">Facebook Data Valuation Tool</a> is a
         Browser plugin that has been developed by Carlos III University. The
         plugin shows end-user an estimation of the value they are generating
         to Facebook based on her browsing activity (i.e. the ads she watches
         and clicks on).
       description: >
         In this context, we are thinking in two different directions that
         could be used by the teams.
         On one hand, we would like to offer end-users the possibility to 
         explore what type of ads are shown to them. Thanks to this tool 
         we have a good set of historical data about Facebook sessions and ads.
         The idea would be building visualizations that let users understand
         which companies are targetting them: top advertisers, type of ads, 
         historical evolution, etc. This could be implemented as stand-alone
         visualization but also could be potentially embeded into the plugin 
         itself.
         On the other hand, we are also interested in the creation of companion
         education material that based on the tool, let users understand
         clearly the value they have for facebook, and on which facets do their
         value depend.  Education Material could be some statistics/data, a
         vídeo, a website, etc. For instance, it would be interesting to 
         communicate users how their value vary depending on the audience
         in which they are categorised and how are they assigned to those audiences.
       type: "Plugin, Website, Education material"
       assets:
         - title: "Tool"
           url: https://chrome.google.com/webstore/detail/facebook-data-valuation-t/blednbbpnnambjaefhlocghajeohlhmh
           description: >
             The FDVT Chrome plugin 
         - title: "Dataset"
           url: https://app.box.com/s/248ccb1vwa497abr04l2zzgzxfhywnoo 
           description: >
             It's a JSON file that shows the ads that some users of the 
             toold have been shown durin a limited period of time 
       links:
         - title: "FDVT Homepage" 
           url: "http://fdvt.org/fdvt/"
       facilitators: 
         - name: "Ángel Cuevas"
     - title: "How much is my data worth?"
       id: "data-worth"
       hook: >
         During the last year, people have started to be aware of the 
         importance of personal data for Internet companies. However,
         it's not clear how much value do they have for those companies.
         We thinks users would love a way to calculate how much they are
         worth, taking into account the type of data, the specific data 
         and the potential number of similar users.
       description: >
         This could be built in different ways: as a website in which the
         user can input manually some data or connect to some of the services
         they use, as a mobile application or as a browser plugin that
         detects user activity. For instance, it should be possible to
         build something similar to what Financial Times built (see link
         below) in a more user friendly way or in a way that instead of
         requesting users to fill-in some data, it monitors user activity.
       type: "Browser Plugin, Website, Mobile App"
       links:
         - title: "Financial Times Data Value Calculator" 
           url: "http://www.ft.com/cms/s/2/927ca86e-d29b-11e2-88ed-00144feab7de.html?ft_site=falcon"
       facilitators: 
         - name: "Daniel Coloma"
     - title: "How revealing my public information can be?"
       id: "public-info"
       hook: >
         Many people unknowingly volunteer sensitive personal information and
         fail to restrict access to it. This kind of information is 
         analytically valuable to both data brokers and exploitation value to 
         attackers. The idea is raising awareness of the potential danger 
         it has for users.
       description: >
         By using public, unauthenticated APIs to collect information on
         individuals that could be used to answer a security question or is
         otherwise sensitive. You may make inferences based solely on metadata
         if appropriate. The goal is to demonstrate accidental disclosure and
         raise awareness.  Example: Someone tweets “I got a new car!” and a 
         photo. You now have the make and model of their current, and maybe 
         first, vehicle. This information may come up in an account recovery 
         process.
       type: "Browser Plugin, Website"
       assets:
         - title: Twitter official
           url: https://dev.twitter.com/rest/public
         - title: Twitter archive search
           url: http://support.gnip.com/apis/search_full_archive_api/
         - title: Twitter tag definitions
           url: https://api.tagdef.com/
       facilitators: 
         - name: "Abhay Edlabadkar"
     - title: "Parent Child Education Challenge"
       id: "parent-child"
       hook: >
         Tracking mechanisms often can't separate child and adult activity,
         putting children at risk for targeted advertising and analytics. 
         Younger generations also tend to have a much larger “digital 
         footprint”, often increasing their risk of identity theft and 
         cyberstalking. There's no technical “silver bullet” for these complex
         issues, so educating parents and children is key to improving their 
         cyber safety.
       description: >
         The goal is creating an interactive tool for educating parents, 
         children, or both on topics related to online privacy. This an 
         open-ended challenge so you may use any format, API, language, or 
         platform you see fit!
         Some examples: “Privacy checkup” style web app that aggregates 
         data from multiple sources or a “What to do if …?” to preven particularly
         risky situations.
       type: "All"
       facilitators:
         - name: "Abhay Edlabadkar"
     - title: "Education and Raising Awareness on 3rd Party Tracking behind websites and apps"
       id: "parent-child"
       hook: >
         Average user don't usually understand what is really going on when 
         they browse a Web Site or when they use an application in their 
         smartphone. Every time they do such a simple action, many third 
         parties are involved, and in most of the situations, all of them try
         to track them.
       description: >
         The goal is creating an interactive tool for explaining to users what
         goes on every time they connect, for instance, to a news web site. Such
         a tool could use the databases collected either in ReCon project 
         (mobile apps) or Privacy Census (Web Sites)
       type: "All"
       facilitators:
         - name: "Daniel Coloma"
         - name: "Abhay Edlabadkar"
       assets:
         - title: "Insight Dataset"
           url: "dataset/privacymeter-export.json"
           description: >
             It's a JSON file that gathers the information about which sites 
             have been spotted fingerprinting users categorised by site type
             and country
         - title: "ReCon Dataset" 
           url: "http://recon.meddle.mobi/json/data.json"
           description: >
             It's a JSON file that gathers aggregated information about all 
             the leaks of Personal Information that have been detected by the 
             ReCon project.
       links:
         - title: Tracking Mechanisms of Potential Interest
           url: https://www.chromium.org/Home/chromium-security/client-identification-mechanisms
         - title: AdBlock EasyPrivacy Tracking List
           url: https://easylist-downloads.adblockplus.org/easyprivacy.txt
         - title: Fanboy's Enhanced Tracking List
           url: https://www.fanboy.co.nz/enhancedstats.txt
     - title: "Tools to bring transparency to targeted advertising"
       id: "transp-ad"
       hook: >
         Targeted advertising has been the focus of much research effort,
         mostly dedicated to optimizing the strategies for targeting users. As
         a consequence, it has increased online advertising revenues
         significantly. However, it has also been raising more and more
         concerns from users, who often feel that it constitutes an invasion of
         their privacy. In particular, users often wonder “why am I being shown
         this ad?” or similar questions.
         EURECOM Institute and MPI-SWS, have been conducting an study on how to
         provide answers to such questions, in a privacy sensitive way. To this
         extent the following following would be useful:
       description: >
         <ol>
           <li>
             Facebook Ad Collector: Build a browser extension (preferably
             Chrome extension) that collects the ads users receive on
             Facebook, as well as data from the new ‘Why am I seeing
             this” functionality on Facebook, and sends them all to a server.
             This functionality provides some explanations that could be
             useful to our end goal, since It tells users why they have been
             targeted. From each ad, the info collected should include at
             least the landing page url of the ad and the media content of
             the ad (e.g. image).
           </li>
           <li>
             Android Ad Collector: Build an application that collects all the
             ads that appear in an android device. This means that the app
             needs to collect not only the browser ads but also ads that
             appear in other android applications. Insights on how to achieve
             this functionality can be gained by examining how ad blockers
             like Adblock Plus for Android work, and emulating their
             functionality. Similarly to the Facebook Ad Collector, after the
             data have been gathered, they should be sent to a server. In
             this case apart from the landing page url and the media content
             of the ad, we would also like to collect the link that invokes
             the ad (or some information on the ad distributor if getting the
             exact url is not possible).
           </li>
         </ol>
       type: "Browser Plugin, Android App"
       facilitators:
         - name: "Athanasios Andreou"
       links:
         - title: Chrome Extensions API 
           url: https://developer.chrome.com/extensions
         - title: AdBlock Plus for Android 
           url: https://adblockplus.org/android-about 

  # Frequently asked questions.
  faq:
    - question: "What is a hackathon?"
      answer: >
        A hackathon is an invention marathon. People come together to build cool
        stuff over 12 hours. It's very beginner friendly
    - question: "How much does it cost?"
      answer: >
        Nothing. Attending is free.
    - question: "Do I need to be a developer to attend?"
      answer: >
        No! We are looking not only for tools, but also visualizations and other material that could be used to educate people on privacy and transparency.
    - question: "Where is the event?"
      answer: >
        The event is being hosted at [Columbia University](#venue) .
    - question: "Is there a code of conduct?"
      answer: >
        Yes there is. We enforce it very strongly. You can [find it here](code-of-conduct.html).

  # This is the message you'll receive once you've registered.
  register:
    message: >
      You'll receive more information closer to the hackathon.

  # Contact Information 
  contact:
    twitter_handle: dtl_info
    twitter_hashtag: dtlhackday16
    email: events@datatransparencylab.org

# ----------------------------------------------------
# -- Ignore this unless you know what you're doing. --
# ----------------------------------------------------

markdown: kramdown
exclude:
 - node_modules
 - gulpfile.js
 - Gemfile
 - Gemfile.lock
 - package.json
 - README.md
 - CNAME