Law in the Internet Society

Decentralize Services:

Start From Email, Social Network, And Maybe Searching

[Revised First Paper]

-- By ShimengCheng - 29 Nov 2012

As an information science major myself, when I graduated from college in 2006, I had never heard any talking about how complex services on the net could restrict human freedom. All I had experienced was the expansion of freedom resulted from the faster-than-ever dissemination of information and the vast knowledge pool open to anyone on the net.

The net itself, at its very beginning (the 60s and 70s), was an autonomous creation invented to break the then monopolizing powers in the telecommunication world – telephone and broadcasting. For many years following its invention, the packet switching feature of the net has decentralized information dissemination.The packet switching design is itself a decentralized structure. Unlike in a circuit switching system, the communication between two points in a packet switching system does not depend on having a dedicated data transmission path for the duration of the entire communication. At the data transmission level, there is no single entity in the net that is central to the functioning of the whole net. Thus, the net was born decentralized and free.

However, what brings centralization back to the net are the service platforms built on top of the data transmission layer of the net. The existence of service platforms are often justified by the “complicated” functions they serve and the “convenience” brought to the users. The underling assumption is that personal computers or other personal devises cannot economically accomplish these functions on their own. However, the “convenience” provided by service planforms impose cost on human freedom. The service platforms gain enormous centralized power when ordinary functions of the net are performed through them. Under the current net architecture, behavior monitoring through activities on the net can generate enormous unjust profits for email service providers, search engines and social network operators, etc. Decentralizing services requires us to change certain behaviors in our daily life – namely, our dependency on the perceived “conveniences.” Democracy, both in our social structure and in the net, have cost. The “inconveniences” in the net context are just like, in the social context, the cost of everyone taking time off to go to vote in a democratic society. These “inconveniences” will not be a burden to us if we, the netizens, understand their meaningful purposes. It would be great if we have a plug-in personal server like Freedom Box, but before that, we still can do a lot to our emails and social networks by using simple and free softwares.

From an architectural point of view, how can we decentralize the services on the net? Start from our email services: we can each contribute a little storage space in our computer to build our own email server. Since the price of digital storage has become very cheap, it is possible for everyone to set up his or her own email server so that we do not need email service providers. By doing so, we avoid using a centralized platform that is built on top of the decentralized packet switching system. To achieve this, we do not even need a Freedom Box or similar product, we need only a free software that can help us to easily set up our own email server in our personal devises.

How about social network? The fundamental components of social network are millions of individual webpages linked to each other. Even before social networks emerged, webpages were frequently linked to one another through the links provided by the webpage owners on their webpages. Then why social network like Facebook has been able to attract millions of users? It is often claimed that the biggest “convenience” offered by Facebook is its “find by name” feature. As long as you know the name of a person, you can friend him/her on Facebook. There is no need to know the web address of anyone's Facebook page. However, if we create our own webpages, put our names on and store the webpages in our own devises, we can easily search the whole web to look for other's webpages – the perceived “convenience” of the “find by name” feature can be replaced by one second of web searching. All we need is a web domain that we have full property ownership, and a free software that helps us to design our webpage.

How about web searching? Web searching differs from social network and email services in that it is a complicated service that requires constantly scanning of the whole net, massive storage place and good algorithms. The Freedom Box's approach to web searching is to disguise the real search request by randomly generating a few faked search inputs alone with the real search request, so that Google will not be able to keep an accurate log of the real search requests. This is a smart approach to temporarily combat with Google, but several things may happen following the deployment of this strategy: (1) Google will try to enhance its data mining algorithm so that it can filter out the faked inputs generated by Freedom box's algorithm; (2) Google will need to enhance its search engine to deal with the sharp increase in the number of search requests, since each real search request is now accompanied by a few faked requests; (3) Google may go bankrupt if it cannot get the real log that is critical for its advertisement business. If the success of Freedom Box is to completely wipe out Google's business model from the market, then we will be left with no private enterprise willing to offer free web searching. In the future when the the data storage become so cheap, the internet connection become so fast and the processors in our personal devises become so powerful, we may be able to each have a search engine of our own in our own house. But before that, the intermediate solution can be replacing Google with a public search engine funded by tax money, maintained by elected trustworthy engineers, made to disclose important search algorithms and allows individuals to change the search algorithms and to access the stored data. Freedom Box's attack on Google can win us time to develop such a public search engine, so that we can eventually decentralized the power currently owned by the one entity in the net, acquired illegitimately and unjustly.

Is Encouraging Competition The Answer To Spying?

[First Paper, Original]

-- By ShimengCheng - 15 Oct 2012

No doubt that behavior monitoring through activities on the net can generate enormous profits for email service providers, search engines and social network operators. Yet for individual user, there is virtually no way to prevent this from happening. Unless yourself become an email service provider, how can you ensure that your next email service provider will not secretly spy on you?

So we need to make that trivially easy. With the plug servers and the Rasberry Pi beginning to bring the cost of a microserver the size of a cellphone charger down to $30, as I said two years ago they would, and with FreedomBox software, we can give people something as reliable as and more simple to use than a telephone answering machine which is their personal email server, their secure chat, voice and video communications software, their protection against local snooping, and many other good things, all at once, in a device you plug into the wall and forget.

How do you obtain the evidence that your information on social networks is being used in behavioral studies? Even if we outlaw behavioral studies through collection of private information, how can the governing administrative agency ensure the compliance with the ban when such studies are done by computer programs running behind the scene? My assumption in this essay is that it is technically impossible to achieve zero spying.

Why do you make that assumption? "Zero spying" may not be a practicable goal (as it isn't in the "real" world). But that's not a very interesting or important result. We want to know whether we can provide people with at least the level of network services they presently enjoy, minus as much as possible of the snooping and tracking by private and public parties, in ways that non-specialist network users, including children, can readily install, use and maintain. If possible we want that software to run not only in small low-cost server computers, but also in the "smart" applicances (refrigerators, dishwashers, microwave ovens, rice cookers and coffee-pots) with which the manufacturers of such devices will soon be flooding the whole human world. Our work at FreedomBox Foundation is hardly done after two years; we will just be getting to the public beginning of real software for real, but specialist, users at that point (including however many many children). You are essentially assuming that the people around the world who think they know how to do this are wrong. There is no evidence yet for the accuracy of the assumption, so far as I know. We are of course only sort of smart, and we are no doubt optimistic about our ability to educate ourselves, but how do you know we're wrong?

The question then turns into whether we can minimize the amount of behavioral information produced through spying, and therefore curb the unjust enrichment of big service providers on the net.

One solution is to turn email service providers, search engines and social networks into public carriers and to impose certain public carrier duties on them. However, this requires huge government interference with the IT market and we do not trust the government to operate important functions in the net.

How would this help? The problem with the architectures isn't that particular intermediaries are untrustworthy. The problem is that any intermediaries, including governments, empowered unnecessarily by exploitable technology of this kind will be gaining power no one ought to have, and no one need be given.

Ideally, we need a decentralized system to solve this problem – an invention like BitTorrent? that does not rely on one single entity in the net to complete certain functions. However, what email service and social network are different from file transmission is that the former two demand large storage place in order to complete their functions.

This is wrong. All the data you have stored on all the social networks, photosharers, YouTubes and every other form of cloud storage you are using—unless you are an IT professional or a passionate collector of pornographic video—could be bought for less than $50 in one-time cost. You need backup, too, which—properly implemented through secure sharing networks of actual friends, provided e.g. by FreedomBox—costs a few dollars more, also once.

Can we each contribute a little storage space in our computer to form a decentralized email system? Theoretically it is possible for everyone to set up his or her own email server so that we do not need email service providers.

Indeed, this is precisely how the email protocols in the net are set up to work most simply. I've had an email server of my own longer that you've had a computer of any kind, probably by more than a decade. We don't need to invent anything. It all works automatically and correctly already.

But that requires we each to have a computer that is connected to the internet 24/7, so that the data sent to us via the email protocol can be stored in our own computer while we are away.

No. That's completely false. That's not how the Standard Mail Transmission Protocol (SMTP) works. Every email sender and relay is configured to allow for the fact that other intermediate or endpoint servers might not be available. The tools for handling intermittently-connected mail servers have been technically advanced for two decades now. You need to be sure that technical details on which you rely for your conclusions are correct. Speculation on these points can't work for you.

But in any event, why should that seem like an obstacle? Most people in most societies now carry devices that are pervasively connected to the network. Infrastructure for pervasive connection by servers is no more complicated than the existing infrastructure. Indeed, it is almost always much simpler.

In comparison, through the economy of scale, commercial email service providers provide better services at a lower cost, and saves us from the trouble of maintaining our own email server.

Depends how cost is measured. I attach a much higher value to the preservation of the integrity, secrecy and privacy of my email than I do to the cost of maintaining my own mail server, which is indistinguishable from zero. Your conclusion seems amazing and absurd to me, so I wonder whether we are disagreeing about technology or disagreeing about social value.

In the social network context, it is theoretically impossible to have a decentralized social network because it is the network effect and the collection of information that create value for every user. The reality is, if we want better, cheaper and advance services, we risk losing our privacies.

This is also wrong. The complexity of a "social networking" application is much lower than that of the Web itself: the Web can be used to make distributed database applications as easily as centralized ones. Many architectures and implementations, including Diaspora*, GNU Social, and BuddyCloud, are working on aspects of the technology. FreedomBox is built, among other reasons, to provide the infrastructure for federated social networking. You could join some 37,000 other people at my Freedom in the Cloud talk, or you could even just read some of the material posted on the wall outside my office on the 6th floor east corridor.

If it is technically and economically impossible for us to stop spying, can we make service providers compensate us for mining our private data? If Google offers us 10GB email accounts for free and in exchange doing behavioral studies through what we write in our emails, someone else may want to offer a better deal in order to get us to use their services. Microsoft started a loyalty program called Bing Rewards in 2010, giving Bing users credits that can be redeemed for products or gift cards. In order to receive credits, users not only have to conduct searches on Bing and to use other Bing features, they also must have installed the Bing toolbar, acquired a Windows Live ID and used Internet Explorer on a PC when conducting the search. No credit is given if Chrome, or Firefox, or Mac is used. Bing director Stefan Weitz explicitly stated in an interview that the program aimed to get Bing users to “have a conversation” with them about Bing features.

So Bing bribes users in order to compete with Google. If there is enough competition in the market of web searching, each search engine will presumably try to offer more to users in order to get more inputs in their search bars, which are the basis of their data mining. Moreover, each search engine in a competitive market will get less search requests comparing to that of Google gets today. Collectively, less behavioral information can be produced if the raw data pool is broken into multiple pieces belong to different service providers. Will service providers trade data among themselves in order to generate more behavioral information? Perhaps yes, but it is better than letting Google have almost the entire raw data pool. The same theory also applies to the email service market. In a more competitive market, not only users get better services, we also curb the total amount of behavioral information that service providers can produce.

What leads you to believe that aggregation of data is difficult? You should understand that it is not difficult at all, that the whole point of this process is the aggregation of data from thousands of sources, in which one more or one less, or even an order of magnitude more or less, is of no technical or substantive relevance.

The only question left is about social networks. Facebook differs from Gmail and Google Search in that Facebook's central function depends on each user's information input. It is the collection of billions of personal information that makes Facebook valuable. Whilst for Gmail and Google Search, their central functions – email and web searching, will not be affected if less people use these services. Thus, competition law seems not to be a good cure for our privacy issues in social networks, for the reason that if we break Facebook into several mini networks, we destroy the very value it creates.

This is simply another wrong inference from the previous proposition that federated social networking is for some reason theoretically impossible, despite the evident existence of the Web within which Facebook is cancerously situated.

I don't think it's necessary to discuss the "market will fix it" just-so story that is the current synthetic presentation in the essay. The logic depends upon so many technical propositions that are unestablished that it doesn't seem to me worthwhile to decide how the logic would run on this one point against a duly established accurate technical background. As a beginning point I would recommend the talk of mine already mentioned, which in addition to being aimed at establishing the technical matters on which you touch, has the advantage of also being itself an artifact of the process whereby what you claim can't happen is already occurring. It thus provides you with more than an architectural primer. Let's get the technology right first, settling whatever questions you may have about how things actually work, and what can be done with software before we go on to the more difficult task of drawing interim social conclusions.

You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable. To restrict access to your paper simply delete the "#" character on the next two lines:

Note: TWiki has strict formatting rules for preference declarations. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of these lines. If you wish to give access to any other users simply add them to the comma separated ALLOWTOPICVIEW list.


Webs Webs

r4 - 30 Nov 2012 - 01:11:56 - ShimengCheng
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM