-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Frank,
I agree with the spirit of the manifesto but I have a couple of reservations. First, the idea that people own the data they create is problematic. The manifesto describes rights belonging to the creator of personal data, which must be respected by those who store and process the data. In contrast, European data protection law describes rights belonging to the *subject* of the data, which must be respected by those who store and process it. I hope those two sets of rights can be reconciled, since it seems to me that both the creator and the subject have an interest in how the data's used; but I'm not sure ownership is the best approach to reconciling such conflicting interests, since it tends to produce binary outcomes (either you own something or you don't). Second, having the source code to server software doesn't enable you to confirm that it works as specified; it's not possible to know whether the binary running on the server corresponds to the source code you've downloaded. I still think we should insist on free software, but we should recognise that it only protects us if the server operator is acting in good faith. Cheers, Michael On 21/01/13 12:43, Frank Karlitschek wrote: > Hi, > > let's try to create a version 2 of the manifesto together. I > created a draft 1 based on the feedback. So What do you think? > > > Frank > > > -- User data manifesto V2 draft 1 > > Changeslog: > > - Add a remark to 3. that it is recommended to have an own server > for the personal data. - Removed "open source" so that only "free > software" is in point 8. - Replaced "Invulnerability of data" with > "Protect the data from loss" - Replaced "own data" with "personal > data" > > ---------------- 1. Control the personal data The data that someone > directly or indirectly creates belongs to the person who created > it. > > 2. Know where the data is stored Everybody should be able to know: > where their personal data is physically stored, how long, on which > server, in what country, and what laws apply. > > 3. Choose the storage location Everybody should always be able to > migrate their personal data to a different provider, server or > their own machine at any time without being locked in to a specific > vendor. It is recommended to have the personal server for the > personal data in the long term. > > 4. Control access Everybody should be able to know, choose and > control who has access to their personal data to see or modify it. > > 5. Choose the conditions If someone chooses to share their personal > data, then the user selects the sharing license and conditions. > > 6. Protect the data from loss Everybody should be able to protect > their personal data against surveillance and to federate their > personal data for backups to prevent data loss or for any other > reason. > > 7. Use it optimally Everybody should be able to access and use > their personal data at all times with any device they choose and in > the most convenient and easiest way for them. > > 8. Server software transparency Server software should be free > software so that the source code of the software can be inspected > to confirm that it works as specified. > > > -- > > > > > > > > On 15.01.2013, at 17:03, Rich Hilliard <ri...@mit.edu> wrote: > >> if it allows rms to participate, I'm in favor. >> >> ________________________________________ From: Frank Karlitschek >> [frank.karlitsc...@userdatamanifesto.org] Sent: Tuesday, January >> 15, 2013 10:56 AM To: Rich Hilliard Cc: r...@gnu.org; >> consensus@gnu.org Subject: Re: [GNU/consensus] [RFC][SH] User >> Data Manifesto >> >> O.K. >> >> Let's try to do it by email. I hope it's O.K. if we use this >> mailinglist :-) >> >> I will take the current text and merge all the discussed >> improvements in and send it to the list as first draft. Then we >> can iterate until we have something that works for everybody. >> >> I will send something probably tomorrow. >> >> I hope thats a good approach. >> >> >> Frank >> >> On 15.01.2013, at 16:34, "Rich Hilliard" <ri...@mit.edu> wrote: >> >>> Email is fine with me; who has the current draft version? >>> >>> ________________________________________ Sent: Sunday, January >>> 13, 2013 5:42 PM To: Frank Karlitschek Cc: consensus@gnu.org >>> Subject: Re: [GNU/consensus] [RFC][SH] User Data Manifesto >>> >>> I'd rather participate the way I have done thus far: by email. >>> >>> -- Dr Richard Stallman President, Free Software Foundation 51 >>> Franklin St Boston MA 02110 USA www.fsf.org www.gnu.org Skype: >>> No way! That's nonfree (freedom-denying) software. Use Ekiga or >>> an ordinary phone call >>> >>> >> > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJQ/T/qAAoJEBEET9GfxSfMNJ8H/26scjfyRokSOrTxUHwNlV0+ RxNeHaXDB6BEHnfz/8uLfzDjIDAqR7hICZpjiVIvGotWCszdI3ssCadxFLCAIqsK ZESW7S6QoAbVCsFxQHwDBkvx4SpMWJ2En/RuKYYGs+/AnJHa/bvCt6t8j8kAvqjY I2tYuq3Sz0yoBPFPuBDtRHlg21g6CQjLLmoKgwTBnHx1xt+I17N14A87uAhGOwts VSfj9AQP3kavWNbuHlEiG8vx/PGUq2kj4LMV5gl/4B08kgZ3u+UUFtjWHB0PET+V AKIAHwiuwANlqdL6hjrwsKeAwHZUzaWvIRua7rGOOSxjPCP2zR1YXeZ4nx0CedE= =2sUe -----END PGP SIGNATURE-----
