The concept of ethical social network

Tue Sep 6 21:16:58 UTC 2011

I found them useful ;-)

> I've made some suggestions however in case you find them useful. On
Tuesday 30 August 2011 21:33:18 judith at movingyouth.eu wrote:

>> I. The ethical social network

>> Ethical is not about price, neither about the only freedom of the
source code. It is about the recognition and  the respect of user freedoms: -
to recognize and respect the privacy of all communications exchanged by
>> users,
> ...In a permanent and sustainable way. Private companies are subject to
takeover and sale of assets, one of which is usually user data. Privacy
policies can be changed retrospectively in some cases, and at the very
least
> may not be updated to meet future threats that are currently hard to
anticipate. Interpretation of privacy policies can also change to suit a
company's financial goals, even if the wording of the policy doesn't.
Therefore a strong privacy policy is not sufficient in my view. Legally
binding
> statements of intent which affect future circumstances are additionally
necessary. This is why foundations and public benefit organisations are much
> better guardians of private data in my view as they are often obliged to
serve
> the public interest or the interests of the people who they work with
and
> represent.

I answer to this issue at the end of this mail.

The issue is not to allow full interoperability towards networks but to
allow full users data extricability to users.

>> II. How to respect those freedoms?

>> First: the communication protocol

>>
> 'open' is open to interpretation and has no strict meaning. It would be
better to say that they must qualify as Open Standards in my view.

I totally agree with you. I proposed: the communication protocol must
qualify as Open Standards.

Two: the save file format

> This is an important freedom but it isn't sufficient. Having an 'open
API'an conforming to open standards are fundamental requirements, but they
don't guarantee that a user will be able to extract all their data. I
think
that a stronger requirement such as "all data pertaining to a user must be
accessible to them and extricable in a meaningful, documented way, in
formats which meet> the definition of an Open Standard".

I agree with you.I proposed: the save file format must qualify as Open
Standards.

>> Three: the software

>> The software specific to the social network must be under a free
licence as its  dependencies. The whole software distribution, including the
server part,  must be available to users. The software must be secure.

> Stating that the software must be secure and should be fixed asap
doesn't
> convey very much to me. I think you need to be more specific. Something
like
> the requirement that there is a good peer review process and open bug
hunting
> workflow. You can websearch examples of how organisations effectively
manage
> security issues with Free Software.

I agree with you that we should not write the sofware should be fixed
asap. In fact I should indicate that a security policy is necessary for
the sofware process. This is not a place to detail the security policy.

>> Three: the respect of the user data privacy

Using the word server in this way also stretches its meaning in a
potentially confusing way.

I proposed: Each user should host his sofware server on his own hardware
server.

> That's an ideal rather than a requirement it seems to me.

I agree with you.That's why I used "should" rather than "must".
Nevertheless, the respect of the user data privacy can not be guaranteed
without the user operating himself the hardware server.
Tha's why an ethical social network probably must be technically a peer to
peer network.

> You could rephrase this requirement in terms of a user's account not
having
> any single remote point of failure,

Could you clarify that part?

And having the ability to be accessible independently of any other network
or computer.

Why the accessibility from any network or computer is necessary to the
ethical disposition of the social network?

>> The communication protocol and software of the social network must let
the
>> user be able to decide freely, clearly and efficiently what to do with
each of his data and his account: the user may decide for each
>> communication who are the recipients, even possibly the general public.
Users must be warned constantly that once they publish their data, those
>> may be known to the general public, including current or future
employers
>> and the government.
>> Concerning the data hosted on other servers than the user's own, the
delay
>> to delete a post or to close an account must be quick once the user
requests it. The closure or the deletion must be definitive, no data must
>> be available to the social network once it is done.

> How about adding that the user must be the legal owner of anything that
they submit to the service. This may be assumed from your other
requirements, but I think it should be explicit because historically users
of some networks have not had the right of ownership over their social
network content.

It's interesting what you said, but in which way this proposition is
necessary to the ethical disposition of the social network?

> Furthermore the user should have the freedom to choose what license is
used.If a user is the legal rights holder of their messages but those
messages are always automatically licensed in a particular way then it
undermines the ability of the user to exercise those rights due to
technical
constraints.

I agree with you. I proposed to add:the user should be free to decide what
is the license of the communicated data.

> This seems to broad. Allowing users to sign in on one page and then
access
> another theoretically requires tracking; in the form of cookies or
sessions. I think you need to clarify what you mean by tracking. Not all
tracking is necessarily bad. How about stating that users must be made
aware of any tracking and have the opportunity to disable it where this
would not compromise the other requirements stated above or render the
basic functionality of the service inoperable?

Finally services in peer to peer network are provided by users, so this
part may be useless.

I answer now to the first question.

As the social network is peer to peer, there is no central company or
organisation. So there's no need of legally binding statements concerning
the privacy of communication exchanged by users. For example, if a user
represents the organisation behind the software development, this one has
by design no more access to any user data than anyone else.

> Also see these resources and their authors if you haven't already:
http://wiki.fsfe.org/CloudComputing (Torsten Grote)
> http://blogs.fsfe.org/greve/?p=452
> If you need clarification or more help please ask.
> Thanks,
> Sam.
> --
> Sam Tuke
> British Team Coordinator
> Free Software Foundation Europe
> IM : samtuke at jabber.fsfe.org
> Latest UK Free Software news: uk.fsfe.org
> Is freedom important to you? Join the fellowship.fsfe.org

Judith Lukoki
+33 (0)6 15 94 50 23
http://www.movingyouth.eu