[sayhar]

This is a great question! I'm still trying to find a top-down definition instead of a "I know it when I see it" one.

To me it's probably something like this: we can think about an information ecosystem or social platform as a system. "Normal" hacking of the system happens through finding loopholes code. (That's cybersecurity). "Integrity-related" hacking of the system happens through finding loopholes in design and rules.

For some easy examples, that covers things like realizing you can post to 1000 groups in an hour. Or using sockpuppets to give artificial boosts to posts. The attackers aren't hacking code, but are hacking a system of rules, norms, and defaults on that system. (And often, finding the holes between where one part of the system was soldered onto the other).

That's the technical part. Integrity also has a sort of ethical component. I think that's meaningful too.

[dogman144]

I know I'm hammering you in another thread, but will press pause for a second.

What you're basically describing as "integrity hacking" is already around as a discipline "social-cybersecurity." If not the same thing, it's likely a very close peer discipline.

Also, coopting a word like 'integrity' vs. 'platform integrity' or 'cyberspace community integrity' or w/e is a tough call. By doing that, you end up with PR-destruction sentences like "integrity also has a sort of ethical component," which at face value is quite a read w/o the context of how "integrity" is being re-defined here.

https://sites.google.com/view/social-cybersec// https://link.springer.com/article/10.1007/s10588-020-09322-9 https://socialcybersecurity.org/

[sayhar]

dogman, thank you for the heads up about this social-cybersecurity group. It does seem related, and I'll be sure to check them out. Lately, someone has also mentioned m3aawg.org, which also seems adjacent.

Personally, I do think the field has a lot to learn from cybersecurity. From my POV, integrity work has three different 90's ancestors: web forum moderation,email/search engine antispam work, and cybersecurity mindsets like risk mitigation rather than risk elimination.

As for the PR stuff -- fair enough! We're all trying to do the best we can with the skills we have. Not every decision will be the right one. Maybe the name was one of those.

I hope you check back in with us in 6-12 months. Once you can judge us more by our work over time, I hope we will have earned your respect.

[spywaregorilla]

What you describe sounds like you're there to counter user fraud. It's definitely not the first thing people imagine when they hear you're there to support integrity imo. Doesn't that feel misleading to you?

[sayhar]

We spent a good amount of space on the website laying out different types of work that are covered in the term "integrity".

I also do very strongly think there is a moral/ethical dimension to the work. That's one reason I shy away from "Trust and Safety" label. Integrity work may have started with connotations of "structural integrity", but it also must be done carefully and ethically. It's not just engineering, it's also about doing the right thing. Hence the Hippocratic oath we all take. [1]

[1] https://integrityinstitute.org/our-values