[NetBehaviour] A radical proposal to keep your personal data safe | Richard Stallman

Rob Myers rob at robmyers.org
Wed Apr 4 04:21:11 CEST 2018

On Tue, 3 Apr 2018, at 10:21 AM, marc.garrett via NetBehaviour wrote:
> I propose a law to stop systems from collecting personal data.

A long digression: :-) RMS is very good at making clear what they mean
by "personal data" here:
> Data about who travels where is particularly sensitive, because it is
> an ideal basis for repressing any chosen target. We can take the
> London trains and buses as a case for study.
One of the problems with using Facebook as the paradigm for "personal
data" is that there are two kinds of things that Facebook collects.
The first is the text and images that people upload to it. This is
what makes Facebook look like work in a way that, say, phoning
someone on a landline doesn't. In the wonderful world of copyright,
these are resources that people have rights to, and so it is "ours"
in a meaningful way. This isn't the kind of data RMS is talking
about, I think.
The second kind of thing, and the one that I think RMS is talking about,
is the telemetry and metrics that Facebook generates to describe our
actions, both using their systems and across the web. That ain't our
data. It's data about us.
Confusing click counts with cat pictures is something we should avoid.
Both when talking about privacy and waxing workerist about how much
money Facebook makes from "our data".
So, yay RMS here.

> However, convenient digital payment systems can also protect
> passengers’ anonymity and privacy. We have already developed one: GNU
> Taler. It is designed to be anonymous for the payer, but payees are
> always identified. We designed it that way so as not to facilitate tax
> dodging. All digital payment systems should be required to defend
> anonymity using this or a similar method.
On the less yay front, I'm very disappointed that Taler has become a GNU
project. It's as if GNU Privacy Guard was a re-implementation of the
Clipper Chip, or GNU Emacs sent your documents to the NSA (but only when
you save them...).
Cryptocurrency exchanges already allow you to export spreadsheets of
your trades, and cryptocurrency wallets already allow you to export
spreadsheets of your transactions. Compliance with tax regimes, where
the relevant agencies give clear guidelines, is easy. Pretending that
there is something inherently dishonest about not having every payment
transaction spied on by the state is part of the War on Cash, and
represents a supra-Soviet degree of surveillance at least as much as
tracking your taxi rides does.
The argument that payees give up their right to privacy by being paid
for something bakes in social and economic inequality, and makes
receiving money a safety risk that will of course fall the hardest on
the most vulnerable.
Baking surveillance and social inequality into software goes against
everything that GNU stands for. GNU should not be producing spyware,
making software that targets people's safety, or furthering state
surveillance rhetoric.
> The EU’s GDPR regulations are well-meaning, but do not go very far. It
> will not deliver much privacy, because its rules are too lax. They
> permit collecting any data if it is somehow useful to the system, and
> it is easy to come up with a way to make any particular data useful
> for something.
They are however a nightmare to comply with if you are not a company the
size of Facebook.
We should be wary of producing regulation that locks in rather than
fixes the underlying problem of too-big-not-to-exploit data gatherers.
- Rob.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.netbehaviour.org/pipermail/netbehaviour/attachments/20180403/6002ca33/attachment.htm>

More information about the NetBehaviour mailing list