[Freedombox-discuss] FBX Privacy Enabled UX

Nick M. Daly nick.m.daly at gmail.com
Tue Apr 3 01:54:11 UTC 2012

Hi fifty four, I like your ideas.  Some, we already have, and some are
interesting things I've never heard of before.

On Mon, 2 Apr 2012 16:16:41 +1000, "Fifty Four" <fiftyfour at waldevin.com> wrote:
> I was thinking maybe the FBX could have a privacy enabled UX.
> All comments in a reading/writing pane would be posted by a
> pseudonymous name. ...Over time you would learn the pseudonymous names
> of your friends.
> A further protection would be that each FBX automatically generates
> the same pseudonymous names for new contacts. That way, "blue"
> (example only) on my account could be by Mum, but on partners account
> "blue" could be her brother.  An informants printout would say "blue"
> made the offending comment, while the accused printout would say "red"
> made the comment.

This sounds mighty similar to pet-names [0].  The idea is that everybody
has a publically visible, self-validating, pseudonym.  You give your own
meaningful name to the pseudonym, which is never shared with anyone.
The system substitutes every occurrence of the pseudonym with your
meaningful name [1].  The upshot of all this is that only people who know
who you are know that you're the one speaking.  You always know exactly
who you're speaking to, though.

We have this already, in the form of pseudonymous GPG keys [2].

As DKG makes clear, though, there are certainly other approaches to
identity [3].

> If the informant felt they were being victimized, then they could click an
> Report Abuse button...

I like this, but I think this might be a box-specific setup (along the
lines of which services you provide, you specify your own abuse
policy).  What other abuse systems would be good approaches?  I know I'm
offering my box's services only to people I know personally and trust to
not abuse the system.

> An additional measure would be to mark the sensitivity of content.

Interesting!  I tend to think in terms of friend circles (similar to how
Google does it), but I can see where sensitivity could be useful.
Still, though, you're *always* at the mercy of anyone you share anything

> Just a thought, but in the future "sensitivity labels" could be used as a
> basis for a Privacy License, similar to the Creative Commons Labels.

Yes, and no.  The fact that there isn't really an established legal
framework for "privacy license" (much unlike copyrights) makes that
particular maneuver difficult.  Standardizing levels of sensitivity (and
what that actually means) could be useful, though.

> I am not a developer, but to me these proposals seem minor changes. For
> years, Wordpress comments have been able to track the comments of the same
> external identity. Generating a reasonably memorable pseudonymous name is
> the biggie, but it will be reusing/abusing display name fields. AFAIK,
> sensitivity labels are well defined.
> What do you think? Would these proposals be effective? Are there any other
> Privacy enhanced UX measures we could use?

I like where these ideas are coming from.  If you happen to have
thoughts or references for any other approaches to privacy and identity,
I'd love to hear them.


0: http://www.skyhunter.com/marcs/petnames/IntroPetNames.html

1: http://www.erights.org/elib/capability/pnml.html

2: https://en.wikipedia.org/wiki/Public-key_cryptography

3: http://meetings-archive.debian.net/pub/debian-meetings/2011/debconf11/high/776_Distributed_Naming_BoF.ogv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20120402/d04b6b2f/attachment.pgp>

More information about the Freedombox-discuss mailing list