Trustworthy Technology

My Android phone prevents me from taking screenshots if an app author doesn’t want me to. [ It] prevents me from recording phone calls at the request of my carrier, even though it’s legal for me to do so in my jurisdiction. I’m not loving where all this is going.—jeffparsons at HN

Indeed—governments, technology companies, and data brokers have come to believe that we “technology users” are resources to extract value from, “monetize,” and frankly control as they wish.

To begin with, the group “technology users,” is modestly sized no longer. Nowadays, the club has expanded to ((checks notes))… nearly everyone on the planet!  Ponder that for a second. Computers and communication networks have shoehorned themselves between almost every aspect of everyday life. We’re neither few nor unimportant any longer—we are the citizens of the world. 🤩

Thus, we have the power to declare that the trampling of human rights now occurring in the technology realm is not acceptable, and hasn’t been for quite some time. Of course, this is a power available to us only when realized. We must band together, demand respect from product and service providers, curate, and even build some of our own solutions.

(Why yes, this is the theme of the Pixar film A Bug’s Life, if anyone needs a little inspiration. ;-)

Background: The Good Old Days

For decades now we’ve relied on idealists in the FOSS software movements, such as the Free(dom) Software Federation (FSF) and Open Source communities to give us options beyond the worst of industry practice. Born from an earlier time (the mid 1970s), when AT&T was forced to release its Unix operating system source code as part of an antitrust case (UK: CMA). That development fostered a culture of openness in computing, built on the tradition of sharing that underpins classic STEM research. (A tradition once strong, that now limps into the present.)

The next requirement for computing freedom was the availability of cheap, accessible hardware. Thankfully less than a decade later, serendipity struck with the introduction and rapid market dominance of the IBM Personal Computer (PC) in 1981—an accidentally open hardware platform. Another instance of good fortune, heavily influenced by IBM’s own antitrust battles over “bundling,” etc. The resulting competition in the marketplace drove prices down even faster than the march of technology alone.

This combination of events (and a lot of hard work) led to an incredible “golden era” of technological innovation and prosperity, unrivaled in history until that point. So there was a period of roughly twenty years—from the early 1980s through 2000s—where we were in full control of our computers and living with substantial amounts of freedom and privacy. Looking back now, industry leaders might call it an accident, or perhaps a mistake. Either way, as we began to connect our unrestrained PCs together the promise of the new-fangled “information superhighway” grew and grew. The future felt incredibly bright in the late 90s. So much potential lay ahead, little did we know.

Slumbering Giants Awaken

Yet towards the end of this era, the powers-that-be began to wake up and recognize the ungodly amounts of money, power, and leverage at stake. As a result, the technology industry increasingly moved to seize control from the end user. Locking down products and removing choices—ostensibly to simplify and secure—but also consistently (and only coincidentally :wink:) enhancing profits all the while. Early on, the push was in deference to intellectual property concerns (as demanded by vested interests by the turn of the century), an increasing focus on neophyte users, and later in concert with an aggressive rise of government and corporate surveillance.

As a result, BigTech™ enthusiastically built the walls to lock us in, and for that were richly rewarded. With the dust settled, it’s clear we’ve lost much autonomy and effectively all of our privacy in the process. Further, as the mobile-revolution later demonstrated, the accident (mistake) of the open Personal Computer platform won’t be made again. There are recurring attempts to “fix” the past as well. Proposals for the dreaded “attestation” technology (i.e. that secures your computer from you, not for you) are brought up regularly to shore up imagined deficiencies of the PC. While they typically garner disgust from experts, supporters know that only a single functional proposal has to slip under the public radar to entrench itself.

The Endgame

“I don’t get no respect! No respect at all.”—Rodney Dangerfield

Regrettably, the “golden era” of openness and freedom in computing described above is largely over. Closed off in all growth areas; hanging on by its fingernails in legacy tech. While it is common to think that “no one cares about this stuff,” many more people are concerned than is perhaps generally known. The findings from a study on privacy in the modern world:

• 91% of adults in the survey agreed that consumers have lost control over how personal information is collected and used by companies.
• 88% of adults agreed that it would be very difficult to remove inaccurate information about them online.
• 80% of those who use social networking sites say they are concerned about third parties like advertisers or businesses accessing the data they share on these sites.
• 70% of social networking site users say that they are at least somewhat concerned about the government accessing some of the information they share on social networking sites without their knowledge.

Courtesy Public Perceptions of Privacy and Security in the Post-Snowden Era, by Pew Research.

Rather than not caring, perhaps it is more accurate to say instead that the public feels powerless to change the situation. Pluralistic ignorance may also be a factor as well, that is “a phenomenon in which people mistakenly believe that others predominantly hold an opinion different from their own.”

• App Tracking Transparency: Four Years of Impact on User Privacy 🔗
• Granular Control and Privacy Decisions: Evidence from Apple’s App Tracking Transparency (ATT)

For example, after the introduction of Apple’s ATT program mentioned above, a majority of folks chose not to be tracked by their phone apps. They only needed an option and/or default to privacy. Which they are rarely, ever given, for (we hope to make) obvious reasons.

What Now?  Expand the Mission

Notably, we claim that the predominantly open PC and FOSS software combo are no longer enough, as they’ve become further marginalized by proprietary mobile and cloud-based communication systems. Hard to believe, but a growing number of services 🔗 🔗 🔗 🔗 won’t even allow one to use the web any longer to do business! These services demand full control of the client from an “app” running on government/industry-approved corporate hardware. A recent discussion on Hacker News:

I think the conversation needs to change from “can’t run software of our choice” to “can’t participate in society without an Apple or Google account.” … If you decide you don’t want a relationship with either of those companies you will be extremely disadvantaged.—kristov

Even more worrying is the inverse of this - if Google and/or Apple decide for whatever reason they don’t want a relationship with you (aka they ban you for no reason) - you are completely screwed. —shawabawa3

Even if they ban you for a reason, you’re screwed. Granted, the ban may have been warranted, but you’re essentially put into a societal prison with no due process or recourse. —abustamam

Therefore, we must expand the mission to include these new frontiers and build a “superset movement,” if you will. One that addresses the mobile device and cloud aspects as well. Keep in mind, the goal is not only about computers, software, or network technologies, these are simply implementation details. The issues we really care about—at their core—concern ethics and human rights. Yes we know that sounds lofty, but the stakes are already high, growing in the wrong direction, and continue to do so every year.

On the other hand, it makes sense to restrict the scope of this initiative to the parts of the problem that are practical to solve in the medium-term. In short, we suggest the curation of an Open hardware line and FOSS software platform, matched with a palette of respectful web services supporting our goals. Details to follow.

Importantly, don’t give up—because the vast majority of this stuff is already built and available. One merely needs to decide to use it. Let’s go, Allons-y, Vámonos, lass uns gehen, 我们走吧  !

We’ve discussed a portion of the past few decades in the sections above. However, it may be surprising to find out how far this struggle reaches into the past, and how ugly it can get. A warning—the pages below are lengthy and follow a thread through many of the darkest chapters in history.

1. Historical Background
2. Recent IT History
3. Fiction & Vocabulary
4. Doctorow Insights

For sanity preservation they may be skipped, skimmed, or deferred.

In short, we the owners and end-users of technology products must be in the driver’s seat. That is, no longer in a position of servitude to government and business interests.

We require our computing devices, software, protocols, and communication systems to acknowledge and support the inalienable, universal, human rights we enjoy elsewhere in our lives—recently circumvented by technology.

With the “mission” addressed, we stipulate the following three pillars of autonomy as our primary goals:

1. Freedom, including:
   • The Right to Repair
   • Interoperability and Accessibility
   • Digital Sovereignty
2. Privacy, and
   • Data Sovereignty
3. Informed Consent

Let’s dig in, shall we?

🪽 Freedom 🪽

Ahh yes, the fundamental right that many, many others spring from. To exist freely under the absence of unnecessary constraints. To use, control, create, develop, and communicate as we please with our computing devices. Sound familiar? Yes, it’s built on the past and present of important existing work:

• The Four Essential Freedoms of Software Freedom:

  1. The freedom to run the program as you wish, for any purpose.
  2. The freedom to study how the program works, and change it so it does your computing as you wish. Access to the source code is a precondition for this.
  3. The freedom to redistribute copies so you can help your neighbor.
  4. The freedom to distribute copies of your modified versions to others. By doing this you can give the whole community a chance to benefit from your changes.

• FSF’s “Respect Your Freedom” (RYF) certification is an example for hardware, though unfortunately not well known.

• The Software Freedom Conservancy provides advice, infrastructure, and legal support to FOSS projects.

Note however—these pioneering organizations continue to focus and brand themselves on the software-freedom aspect of the effort, which of course is and continues to be of essential importance. However, though these organizations are quite aware of the hardware and emergent privacy and consent aspects of the struggle, from the outside at least it appears that they have not fully realigned themselves on that new reality, or perhaps don’t intend to focus on it.

Might this be due to how unrealistic it’s been to build a fully open hardware platform and/or ecosystem? That idea has been a pipe dream, as long as we can remember. But, by the mid-2020s we are perhaps closer to the goal than many realize and getting closer.

We hope to expand the pioneering work above on freedom to other realms, specifically the following:

🛠 The Right to Repair

“The companies that make our stuff have gone too far, and their actions are mobilizing more people to fight back.” —Nathan Proctor

An ascendant movement describing the freedom to tinker with our electronics and other machinery. This includes the right to repair or replace components, update firmware and operating system, bypass restrictions (as threatened by the DMCA), and just plain-old figuring out how things work, A.K.A. learning.

Wasn’t that always the case? For the most part, but companies have increasingly moved to lock up their hardware products to prevent “unauthorized” modification, in order to minimize costs and wring every last cent of profit they can from the customer. These unfairly gained, inflated repair costs continue to boost bottom lines.

Indeed, allowing for folks to fix (or hire someone to fix) the technology products they own facilitates a better world, straight up. Not only does repair reduce ownership costs over time, it also reduces electronic waste. Competition in the repair market gives consumers greater choice and control over their computing devices, while encouraging the creation of local repair jobs. Win-win—win.

🔍 Interoperability and Accessibility

The supporting players of freedom, promoting its effective exercise. Technology built to enable and not exclude or constrain.

Interoperability means that systems, formats, and protocols work together, enabling collaboration and allowing us to move data freely. Therefore, our platforms must support open standards and protocols.

Accessibility means potentially and (preferably) easy to use for everyone—that is in accommodation of the folks of differing abilities. To the now healthy people who can’t be bothered to care, remember that our own senses decline over time. You almost certainly will get old, so think ahead. Don’t forget that ease-of-use benefits often accrue to others as well. Making a product easier to use, say for example for someone with arthritis, often makes it easier to use for everyone. 🔗 🔗

After all, what good is computing freedom if you can’t interact with others nor access all of it fully? Let’s take a look at a couple of examples.

The grizzled among us will remember the days when a friend might have a Commodore computer and you an Apple, while at work they used the IBM PC. Back then if you wanted to collaborate—nope, simply couldn’t be done! Younger folks should think about the plethora of streaming services one must use to watch the shows they like. This is the kind of balkanized marketplace that business overwhelmingly prefers. Having their own little kingdoms instead of a piece of a much larger pie, even to their own detriment and our expense! They’d rather leave money on the table than give us convenience and choice.

Digital Sovereignty

Another aspect of autonomy for groups is the concept of “digital sovereignty,” sometimes called network sovereignty. This is the legal authority over physical IT infrastructure, allowing regulation over the processing and transmission of information within a jurisdiction. When implemented, it empowers organizations, regions, or countries to operate independently, reducing or eliminating dependence on foreign technology providers. Recently in the news—wake up Europe!   🔗

✋ Privacy

“Privacy is the right to choose what you keep to yourself and what you share with others.” —Small Technology Foundation

“Privacy protects us from abuses by those in power, even if we’re doing nothing wrong at the time.”
—The Eternal Value of Privacy, Bruce Schneier, 2006

On the technology side, this is the liberation from spyware and unnecessary telemetry, as determined by each of us. The right to conduct the business of daily life in solitude if we choose—free from government, corporate, criminal, as well as private surveillance. Well-implemented security also supports privacy, as it keeps private data private.

“Ultimately, privacy protects us from the unknown. Circumstances change.”
—The need and value of privacy, Vox, 2020

Indeed, they do change, and more quickly than one might expect. 🔗 🔗 🔗

Devices and platforms must be designed to support privacy by default. (Continued below.)

Data Sovereignty

Similar to digital sovereignty as more about groups than individuals. Here however we’re focused on the laws and governance surrounding data collection and storage for privacy-related reasons, including required security (encryption at rest), limitations on what is acceptable to record, associated retention-periods, and the right to be forgotten.

🤝 Informed Consent

The right to be fully informed, clearly and concisely, of the ramifications of the tech products we use, including their main options and associated tradeoffs.

Of course—to the extent possible. Sometimes a product or system grows in complexity to the point that users cannot fully understand the inner workings. Inevitably, that gives the lazy or unscrupulous the excuse to not even try.

Reason dictates that products/platforms must give explanation the “old college try,” at a minimum, rather than deciding ahead of time what’s best for us. Because, we’ve found more often than not, creators and shareholders come first.

🛡 No Means No—Dammit!

“You’rrre Deth-picable!”—Daffy Duck

Furthermore, no means no—and permanently—to sensitive options until explicitly enabled. It’s disturbing enough that we need to explicitly state this, post-#MeToo movement. Defaults matter, and so does the permanency of our decisions. Oops, we mistakenly reset all your privacy settings to open!—is simply despicable, and shall not be tolerated. When there’s a bug or reset, options must fall back to the more private, less sensitive choice.

With our main goals addressed, let’s look at breaking free of the current tech dystopia (Yes, really).

Good news—it may be a bit surprising, but we’re already about 90% of the way there in terms of the most important pieces we need! The last few of the puzzle dropped only a couple of years ago, after a very long wait.

The future is here, but not yet evenly distributed. Legend:

• ✅ Complete (or nearly), open, respectful
• ✔️ Open choices exist, but need substantial improvement
• ❌ Proprietary, or no feasible open alternative

Summary of Progress

The (approximate) current status of the Ethical Computing space:

Kindly proceed to the status page for additional juicy details.

Ninety percent, huh? Well, we feel that most of the remaining portions are not insurmountable. While a few, such as fully open hardware components are impractical to achieve without substantial capital outlay, they can continue to be worked around in the medium term through software. The situation appears to be getting better though across the board after a decade of decline, with new attempts popping up frequently.

What we believe is needed is for folks to notice the trend and start working together. For their part, customers must divert some money toward their freedom and privacy! This is somewhat of an education/outreach problem, but it is getting easier as big tech companies turn the screws on their customers.

Why the focus on hardware and cloud services?

“We Won!”—FLOSS Weekly (TWiT)

A few folks have asked us this. Simply because these organizations already exist and are doing their jobs quite well:

Essential software organizations, like the Linux and Mozilla Foundations are successful and well-capitalized to boot. We aren’t going to eclipse these organizations—we’d like to complement them and work together instead.

Specifically, we felt that the hardware ecosystem and cloud services layers of the issue have been rather neglected so far. The last pieces of the puzzle have landed, so to speak. Let’s give them some attention.

Introducing “Trustworthy Technology.”

The Plan 🧭

In short, we work together to build a unified alternative to BigTech-favoring solutions. A proposed list of milestones follows. (Note, this isn’t the only possible plan, feel free to advocate others!)

1. Build a unified storefront, and
2. Support organization
3. Licensing deals, mergers, buyouts… perhaps a consortium 🔗 ?
4. New products?

The current plan is to cobble a Voltron-style solution from different manufacturers and software organizations into as cohesive a platform as possible. One that mirrors the product line of a consumer-focused tech company like Apple. That pros and regular folks alike know they can go to and have IT needs solved without compromising their integrity. A line that pulls in a few directions instead of forty-two.

We are reminded of The League of Non-Aligned Worlds (haha):

The League of Non-Aligned Worlds is a forum of independent alien worlds that are not formally aligned with or against any major power and which for various reasons had banded together for mutual military support, diplomacy, and trade. Membership in the League is flexible and constantly changing in response to the shifting circumstances and events in the galaxy.

Later on if successful, we might try to convince some of these companies to merge, or potentially persuade folks to invest in buying the others as necessary to complete the product line. Perhaps a consortium, or a “big Eastern syndicate would be prudent?”  😅

The idea here is that expecting customers to navigate dozens of different hardware vendors and hundreds of software providers (“distros”) for support is not practical, and so one of the main goals is to unify them into a few principals—an “Army of Light” so to speak.

Brainstorming a Unified Storefront

(See the status page for more details what the products below entail.)

Imagine an ethically oriented organization under a single (or few) roof(s) selling:

• Framework Laptops
  • With Coreboot firmware, Linux preinstalled
• Star Labs StarLite Convertible Tablet
  • Provider/contributor of Coreboot firmware
• System76 Servers
  • Provider/contributor of Coreboot firmware
• The OpenWRT One router, perhaps with AdGuard pre-installed.

• Mobile:

  • Fairphone, Android-compatible w/LineageOS
    
  • FuriLabs, Linux Phone with Phosh
    

• Cloud services: e.g. Librem One, Murena Workspace, or Collabora Online.
  (See discussion below.)

  • Perhaps with Liberapay-type donations integrated.
  • Safe DNS and VPN etc.

• Other players like Purism, Pine64, or newer hardware like SiFive’s RISC-V platform could have interesting parts to play as well, though they need further investment.

(Note: these are just examples, there are a number of other choices for each category that could be substituted.)

Whether this is able to happen simply via an online store, mergers, licensing deals, stock swaps(?), or whatever, is not too important—we simply hope to get folks collaborating as a first step. The insight here is that these pieces already exist! We simply need to put them together, like Legos!

New Products

So, ready to build new technology products respectful of the user? Great! But first, an important digression…

A Business Model

1. Build cool (yet ideologically imperfect) openish hardware combined with FOSS software, supported through compatible business models.
2. Sell it.
3. Profit! 💰
4. Reinvest and improve on #1. 👀

Obvious yes, but attempts too often stumble at the “perfect is the enemy of the good,” stage described above.

Cloud Services

We believe Purism and Murena are on the right track here with the subscription services named Librem One (reminiscent of Ubuntu One) and Workspace, which bundle Ethical versions of mail, chat, social media, storage, and VPN, etc. They could be expanded to various hosting and support services as well. Perhaps combined with something like Liberapay to spread donations. (OnlyOffice could be an ally, though we’d need a plan to handle their proprietary features. There are also historical ties to Russia, which worry some.) The Proton “Suite” is successful and developing. Lots of ideas naturally spring forth.

These are great ideas, and yet the cloud services are not mentioned on the Purism front page. One has to dig down the products page just to find a link. These are the kind of rough edges that need to be solved in the future.

This wraps up our proposed roadmap.  [Close this section.]