On 03/01/2013 05:39 AM, Hugo Roy wrote: > > Any comment on these suggestions? > https://lists.gnu.org/archive/html/consensus/2013-02/txtZ5VLz15Cr2.txt > *** Hello Hugo,
I think you're right. Reducing the UDM to its core ideas, and expanding on them would probably help making it both more consensual, and easier to understand. It would still leave space for discussion. About the first point on "user control of data", I still think that "user data" is a problematic concept. Not only the contents one is uploading forms the "data" in my opinion, but also the relations one establishes with other people, and other people's contents. Let me give an example: in a forum, a conversation can span years and each contribution has the potential to make the conversation evolve in one way or another. Yet, if some participant leaves the network, I don't think there's any value to anyone that her contributions disappear--leaving a hole in the conversation, potentially a big one that would make the whole conversation unreadable, and I do doubt that for that participant, sticking with her own contributions out of context makes any sense either. Therefore, there's more to "user data" than just blocks of contents: it looks to me more like a flow that creates agency out of which the data loses value. That said, I believe that this point should encompass access and availability as well (as in: export in a format suitable for importing elsewhere, that is covered by 3.) Point 8. Server Software Transparency might be extended to client software as well. As in UnHosted apps, the distinction between server and client software is blurring, and with the expansion of Javascript-based social software (e.g., NodeJS), the same code is supposed to run on both sides, leaving the data flowing in-between. Truth is, unless your business model is about surveillance, there's no technical reason why private messages would ever need to appear to the service provider at all. But this manifesto being addressed to users of existing social software platforms, it makes sense to mention that messages exchanged over the Internet between individuals, and between members of the same non-public group, should benefit from the same rights as offline exchange by means of the postal service, that is: inviolability of correspondence. Re-reading the original points, it appears to me that the whole manifesto assumes a defensive position facing an invasive state of affairs on the part of service providers. Indeed, "social networking companies" assume that anything you submit to them is their property, and they have the right to use it as they wish. In the same way the computer industry assumes failure as part of the business (e.g., bugs), in a manner unknown to any other industry, it now assumes that, on the pretext we're using their machines, our correspondence can be violated with impunity and worse, that it can be used for statistical analysis to build a probabilist model of any user, for reasons of marketing, surveillance, etc. What we need instead, is to denounce that practice, and stand for extending the rights of correspondence to the Internet, so as to protect ourselves from the prying eyes of any entity that is potentially using "our data" for their own interests. Free software is one way of guaranteeing that the code we're using is indeed doing what it's made for, and no hidden spyware feature is included. That does not prevent any service from running their own proprietary analysis software on top of it, given the fact that they can, but it would at least forbid them from running spyware on our own devices without our express consent. That brings me to another point: that remote control of third parties on devices we have purchased should not be possible at all. That Amazon can wipe out legally purchased books from your electronic-book-reader is outrageous; that any company would be able to make an inventory of what's on your device with impunity is outrageous. Then, I would make the first point about the nature of online communications: communication on the Internet is private, unless it's explicitly made available to the public--which is in accordance to the principle of network neutrality. Therefore, the rule of inviolability of correspondence applies on the Internet, and in particular in the context of social networking services. It is not enough that it is technically possible to violate one's communications for it to be either legal or ethical. It is indeed technically possible to wipe out an entire population by means of artillery or poisoning; however none of it is legal, nor ethical. It seems to me that living in a "temporary" exception to the rules since 2001, under the pretext of terrorism, should not make us forget about the exceptional nature of that fact. The law did not cease to be when belligerent powers took over civil life. We're looking at things on our heads if we think it's normal that companies can benefit from anything we do or say online, on the pretext we're using their service. It is indeed the fact, for those hundreds of millions of people who are under the spell of Facebook and friends, but it doesn't make it more exceptional. Next time you write a love letter, try and think about how you would feel if anyone on the way to delivery would read it. == hk
signature.asc
Description: OpenPGP digital signature
