[Freedombox-discuss] Relationship driven privacy

Mon Jul 11 22:46:42 UTC 2011

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/07/11 14:13, Daniel Kahn Gillmor wrote:
> On 07/08/2011 12:20 PM, nathan nolast wrote:
>> now, i know that the freedombox is going to be used by average individuals
>> that are not interested in remaining anonymous for what ever reason. But
>> lets not kid ourself, social networking is social networking... we can
>> increase the privacy, make strong privacy relation policys, but posting your
>> pictures and life story on a service is not in any way shape or form ...
>> logical.
> 
> Wanting to form a meaningful and potentially lasting relationship with
> other humans may not be "logical", but i consider it very valuable.
> 
> If we build a network that is completely opaque, such that no one can
> form any lasting relationship across it, we might as well not bother.
> 
> Even the whistleblower who herself wants to remain anonymous needs be
> able to reliably identify a trustworthy recipient for her information.
> She won't be able to do that on a fully-anonymous network.
> 
> We should not be segregating our work into systems for "normal people"
> and "dissidents".  To make that segregation implies two things:
> 
>  0) surveillance and corporate- or government-controlled communications
> for "normal people" is acceptable, and
> 
>  1) that these categories are fixed, mutually-exclusive, and static --
> an individual cannot be both at once, or change from one to the other,
> either voluntarily or involuntarily.
> 
> We should support people making connections with other people, creating
> social bonds and sharing values.  We should discourage or prohibit third
> parties from commoditizing or surveilling these relationships.  We
> should enable people to take a stand publicly for what matters to them.
>  And we should enable people to publish material anonymously, to ensure
> that even people with significant vulnerabilities have a way to get
> their important information out to the world.
> 
> We cannot presume to say that sharing personal stories, opinions,
> images, movies, jokes, etc. is somehow irrelevant to the creation of a
> more just society.  And we can't afford to ignore the appeal of sharing
> in making this network something people actively want to participate in,
> and enjoy using.
> 
> Networks grow in value the more users they have (by the square of the
> number of users, if you believe Metcalfe).  If we build a darknet that
> is useful only to handful of international men-of-mystery, it will be a
> very poor network indeed.
> 
> 	--dkg
> 

- -----------------
Some sort of disclaimer: what I write below is based on reading the
FreedomBox list for many months, as well as the TAC list. I do not know
what the TAC members are doing, especially behind the scenes (work at
the Foundation, etc.)

This email is a bit long, and I have no short version or summary of it.
It is long because I explain what I see as a coherent way to make
progress, considering the challenges we want to take on. Please excuse
the length of the post, and any offense or blunder I may make due to
ignorance or overlooking of a previous discussion.
- -----------------

It seems to me FreedomBox has evolved into an opportunity for many
people to fix most of the problems they identify with today's Internet,
but where we haven't yet acquired the means of successfully doing so,
or, which is more of a concern to me, where we haven't yet realized the
size and the complexity of what we want to tackle (or at least I don't
see us acting upon it). I'm answering in the "privacy" thread because I
see it as a strong example of what's happening to the project:

Yesterday I was watching the Federated Social Web 2011 Summit videos[0]
(they are well worth the time watching), which led me to Seda Gürses, a
"Social Networks, Privacy and Surveillance, and Requirements
Engineering" researcher (from her home page[1]), of which I have no idea
if she is well known on this list. Seda gave a fantastic talk a while
ago (available on youtube[2]) that makes clear that the word "privacy"
is not yet well defined and gives a critical view of what anonymizers
achieve, and I urge anybody interested in privacy to take an hour to
watch her talk. It really is enlightening. (Judging by the number of
views on Youtube, the video is not widespread.)

Privacy has to do with surveillance, control, identities, hiding of
information, anonymity, audience and context (and more), and all those
concepts are difficult to define in a clear and operational manner. In
the cases where they have been defined, many interesting results have
been proven (for example, Seda talks about a mathematical proof showing
that anonymizing a database is impossible in practice: the data in the
database can be cross-linked with other databases, eventually leading to
identify 80% or 90% of the people in the initial database). This is
quite similar to what Sam Hartmann explains in his post on the TAC list,
about anonymity on Internet[3] (that, too, is enlightening).

A lot of research is going on about this, and a lot of money is being
put into it especially by the European Union (and according to Seda,
part or most of those initiatives are not going the right way). I
believe the Tor wiki is another great source of information and framing
of the subject.

What I am trying to say is that "privacy" is a *hard* and *complicated*
problem, and we cannot aim to implement it correctly without better
resources, means, or organization. I think we need to 1) get all
competent parties on board, and 2) organize ourselves accordingly, if we
want to achieve something useful.

Privacy is not the only *hard* problem we are tackling. I would say
there are four main areas the project aims for at large (all of them
interlinked of course):

1. Privacy (see above)

2. The Federated Social Web. I understand the Fbx will be social deep in
its heart, and may (or should) have that layer separated from
application layer. I imagine most people on this list already know what
follows, but it came even clearer to me when watching the FSW 2011
Summit videos[0]: there are many projects in the FSW area, with
different solutions to many of the usual problems (federation, identity,
etc., though no federated solution to people search, I understand), and
the main problem now is agreeing on the best standards (as we have seen
in discussions on this list about discovering/connecting/authenticating
people).

3. User Experience. Not much to say here. Ideally, I envision a
usability level like Apple or Google do it.

4. Data ownership: acquiring the legal rights given by hosting one's
data at home or at a friends' home (namely, higher legal requirements
for authorities to search that data, though this varies between
countries). I think this aspect is the only one which is "deliverable"
right now, i.e. which we are able to provide properly at the moment (and
many tech-savvy people already benefit from it by using their own home
server -including me-).

IMO, points 1), 2), and 3) need thorough work/development and maybe
research, and are not only about bundling existing stuff together. Each
one is virtually a sub-project of its own (or has the ambition of one,
at least). Those areas are already explored by many other entities
working sometimes individually or not so individually (software
projects, standards organizations, researchers, etc.). I think we need
to reach out to as many of them as possible, and explicitly start
working with them.

I don't know if those categories are shared at all among members on this
list. Another way of categorizing could be with the different layers of
the FreedomBox: data layer, identity management layer, authentication
layer, social and people-discovery layer, UI layer, etc. But I think it
is not yet clear how "privacy" interacts with each of those layers.

I suggest we form dedicated (and publicized) working groups for areas
1), 2), and 3). Those groups could reach out to other competent entities
and work with them (other projects, standards organizations,
researchers, etc.), at the same time updating each other on the progress
that is made, so as to make sure all parts work together (because those
areas are interlinked and can't be separated so easily) and don't
diverge. This would make sure we don't reinvent the wheel or overlook
existing knowledge and expertise on a subject, as well as providing
specific spaces for discussion about those areas (that way not flooding
a common list with a maze of diverse subjects). In this sense, I see
FreedomBox as some sort of meta-project.

Those groups need only exist on sub-mailing-lists, reporting progress to
the main list (or the TAC list). To me, the first challenges to those
groups *could* be:

For 1), defining "privacy", reaching out to Seda to see what paradigm or
model we can use, and what requirements we should set (maybe she's on
this list in fact, or somehow already involved? I did not see her in the
recipients list)

For 2), reaching out to the various projects and standards organizations
to see what kind of unified identity management can be made, work on
standardizing federated social protocols, see what is implemented for
people-discovery methods, and tackle authentication. For example, I
would love to know if it is (or will be) possible to separate Diaspora's
(or any other federated social network's) social features as a different
layer, and have other apps run on and use that layer. Or see how an
identity management layer (or a groups/circles layer) could work with
"apsects" in diaspora, etc..

For 3), building UX scenarios (I think the question about where the box
sits in a home network --behind a NAT, or as main router-- has not been
decided), reaching out to UX designers (who?), sketching UI parts.

Please note that these are only hypothetical examples to give a better
idea of what kind of tasks I see for each of these working groups.

Concerning what help I can bring, I am currently studying sociology and
cognitive science in a masters program after having studied quite a lot
of maths, and am therefore relatively close to the academic world of
privacy and social network research. I would be happy to be part of a
"privacy" working group if this view is shared. If people agree with
this, please drop me an email (and we could start).

Again, sorry for this long post and for any offense I might have made
due to ignorance, my goal is to have this project succeed in the best of
ways!

Regards,
- -- 
Sébastien Lerique
seblerique at wanadoo.fr | @wehlutyk on twitter/identi.ca

[0] http://d-cent.org/fsw2011/videos/
[1] http://homes.esat.kuleuven.be/~sguerses/
[2] http://www.youtube.com/watch?v=gOhbCEX1doc
[3] His post is on 28 April, in the "Anonymous communication" thread on
the TAC list. Link:
http://lists.freedomboxfoundation.org/s/arc/tac/2011-04/msg00006.html
(you need to bypass the "I'm not a spammer" barrier, which means the
direct link will not work).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk4bfVIACgkQgkn/UaLvmGe51ACePjT/RHy0j/TaltvqVBaFJ3Tr
MkYAoIMAea0pXwOa61Iwd3yXWOWZbzyq
=RzZO
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xA2EF9867.asc
Type: application/pgp-keys
Size: 2808 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110711/89497e59/attachment.key>