The year is 2019 and I can’t buy a good majority of consumer technology because we lack privacy legislation and consumer protections. Example: it’s absurd that my TV came with spyware that can’t be turned off or avoided; I had to stop it from phoning home at the network level. It also came with an arbitration clause and a clause waiving the right to a class action lawsuit.
@retrohacker How do they make you agree to that? Is there an EULA just to turn it on the first time?
@crlf Yeah, the TV is essentially bricked until you agree to the ToS of the "Smart TV" software (Roku). You can't even use the HDMI inputs until you agree.
i think the problem is not lack of legislation. the tech monopoly of big corps exists because people bought it. they sold their privacy for convenience and trendy blinking lights. furthermore, it is impossible for lawmakers to understand new technologies and to do specific laws for each new tech trap and it is impossible to stop the stupidity from people with the "it is ok, i have nothing to hide" mindset.
The"I have nothing to hide" excuse is government propaganda.
The issue behind these monopolies is far deeper, it's corrupt legislators in cahoots with companies.
It's a web of laws aimed at protecting the rich, and the more these laws are passed, the harder it is to fight then at consumer level - 1/3
Can you stop consuming gas when the law forces you to live in a suburb where businesses - even grocery stores and hair salons and dentists - cannot be built and the closest one is kilometers away?
And then you can't prevent big corps from lobbying because they've legalized it - 2/3
It's very hard to boycott when you're alone. Soon smart TVs will be the only kind of TVs because of "consumer demand".
The solution requires organization, propaganda and supporting pro-consumer and pro-human-rights nonprofits worldwide.
We can't win this war alone; we need to stick together, and these nonprofits are our greatest ally. - 3/3
We don't expect people to be experts in chemistry and food safety in order for them not to get poisoned by food they buy. This is called food safety standards.
And yet we expect people will become tech and legal experts, reading through endless EULAs and understanding the fine print, and then being able to verify the tech behind it, for them to be able to protect their basic privacy?
@hansbauer @retrohacker legislators were able to create food safety standards that make getting poisoned by store-bought food impossibly unlikely. They were able to create regulations around medicines that make it highly unlikely for people to get poisoned by actual, you know, poisons (every medicine is poison in the right amount).
We can, and should, expect legislators to step in and regulate the IT industry.
Market will not solve it.
I've found this language helpful for thinking about some aspects of some of these problems:
There is some value in having people be the ultimate arbiters of what goods and services they buy.
But, to get reasonably safe and good things, we need the support of experts. And we need those experts to do their work on our behalf.
But it is *not* an independent decision if the person is misinformed or does not have enough information to make an informed decision.
Legislation is needed (among other things) to create a baseline of quality of information about stuff that matches the baseline expectations of people.
I also want to point out that expecting people to 100% advocate for themselves in terms of tech and privacy is a privileged and even ableist position. Not everyone who gives in, does so out of laziness, convenience, or even ignorance. Some genuinely have few options.
@deejoe @hansbauer @retrohacker
@rysiek @erosdiscordia @deejoe @hansbauer I've been planning a post on this for a while... I've been working on taking back my privacy and network security. I'm dozens if not 100s of hours into the project, have several hundred dollars worth of hardware invested, and none of this includes the 10+ years experience I have as a linux sysadmin that made it possible in the first place.
looking forward to read your post about it!
@rysiek @erosdiscordia @deejoe @hansbauer Some folks' threat model is making sure their kids have food. Getting a pi-hole configured to do DNS over HTTPS isn't even on their radar. What does effective privacy look like for these folks? I can't come up with anything other than effective privacy legislation.
@hansbauer Well, the people who choose it for convenience are obviously in it for convenience. The people who don't have alternative choices without a huge pricetag or investment of time (which is money) are secondarily preyed on in that scenario, and they're a good enough rationale for legislation.
i'm in a similar situation as you with shitty phones. i know how to root and everything, use dns blocking etc, and even so is not enough. i guess we have to wait for more phones like the one from purism, with a better price tag. i meanwhile we are somewhat screwed. i have no hopes lawmakers will do anything good even if pressured, but it would be good if they did. i'm not excluding that.
@retrohacker @rysiek @deejoe
It's not just the choice to use Facebook and Google. That is actually irrelevant if you have a cellphone or use an ISP. Your DNS resolution to ISPs servers is being sold. Your location data from cell towers is being sold. Deep packet inspection by your ISP, that metadata is being sold. Simply being connected to the internet with a *stock* consumer device forfeits your right to any sort of privacy.
@hansbauer @rysiek @erosdiscordia @deejoe The last few generations of the private sector have worked to create an ineffective government. This may not have been the intention, but it was definitely the result.
Now the private sector is promoting the idea that you can't trust your government with these problems because it is ineffective. Don't drink that kool-aid, they are the ones who fucked our system of self-regulation up in the first place.
i don't trust it, because big corps are inside it. they have perverted the whole thing. i'm not saying legislation is bad, but that in the actual scenario, it is really bad to ask for more. at the end of the day, if we ask for. more legislation today, we are asking big corps to do it.
@rysiek @erosdiscordia @deejoe
@retrohacker @hansbauer @erosdiscordia @deejoe plus, it's not the choice of using Facebook or using Google. They offer vastly different services. They are not in the same markets. They create their own vertically integrated markets. They are, in a very real sense of this word, monopolists.
There cannot be an efficient market in this situation.
And yes, of course I had a talk about this at CCC once:
@hansbauer @retrohacker @rysiek @erosdiscordia @deejoe Could be they value their social lives. I made the “principled” choice re Facebook, and lost an entire social circle because Facebook is so good at being sticky that people will genuinely forget you exist. Reminded, they feel bad about it, but then forget again. Others have seen the same. Calling it a mere matter of preference fails to reflect the reality.
@erosdiscordia @rysiek @deejoe @hansbauer @retrohacker
This is matter of education: it's totally possible to teach programming, networking and crypto before 13. Why we don't? Because many people don't even understand they are used not users.
I'm totally for regulations, but I'm scared by the incompetence of Politicians, even in Europe.
What I read on #AI looks scary: they totally misunderstand what it is, how it works and can be abused.
In this context there is a huge risk that regulations would be used to create business entry barriers by big players.
This in turn would kill #FreeSoftware.
You just need to impose conditions to who can program to effectively inhibit #freedom 1, 2 and 3.
So we need to be very careful with regulations: we can regulate specific business uses (AI, privacy etc) but not IT as a whole.
Regulating AI seems nonsensical to me. I'm not sure we want to regulate industries or technologies. I'm pretty sure we want to regulate behaviors.
Start with human rights and work out implications. The limits imposed on industry and technologies are derived from the human rights they aren't allowed to infringe on. It's not "you are allowed to use AI in these ways" its "no technology or person can infringe on the right [of/to]"
1. the derivation should be logical
2. you must understand the topic
People and experts talking about "bias" or "non determinism" (of software executed on deterministic machines) show what can omly be either a deep incompetence or a malicious lobbying.
Regulating AI should be simple:
- forbid opaque boxes application to human data
- always held a human accountable
> forbid black boxes
I’m not sure this needs to be a regulation. Folks are free to do what they want with the tech they build, but they are responsible for the actions it takes. It’s risk management. If they aren’t able to comprehend the system they built, they are accepting that they may be found guilty of crimes that system commits. The decision to not use black boxes is easily derived from liability assuming we have balanced legislation.
With black boxes you need an enormous number or similar damages to prove a crime occurred and corporations will brag about industry standards to protect their interests.
Several people already died, killed by #SelfDrivingCars and no #CEO have gone to jail for the murder. OTOH you would need an enormous number of people from a minority discriminated to prove an AI software is wrong.
#Transparency means that each and evert error must be fully detectable, reproducible and easy to debug (aka explain plenty and clearly).
Without both of these principles, the rich will be above the Law by using an autonomous proxy.
software is different from food, chemicals, medicine. these can immediately kill or cause great harm. even so, just the most clear and obvious cases came into legislation. dangerous compounds are still being added to food and water, harmful medicines are still being sold etc. legislation did not really solved this problem.
@hansbauer @retrohacker tell me again how this can't immediately kill or couse great harm:
And then tell me how the above is not an obvious case that should come into legislation?
By saying "legislation did not solve the food and water safety issues" are you saying it's completely useless? Or can we agree that it did improve food and water safety measurably and in a very concrete way?
I would still like answers to my two questions. they are pretty simple questions, here, for your convenience let me repeat them:
1. how is bad software/hardware not able to do immediate harm?
2. are food and water safety standards useless or not?
>how is bad software/hardware not able to do immediate harm?
i was talking about privacy issues, tracking software embedded in electronics. you tried to change the subject to self driving cars and what not. i was not having a general discussion.
>are food and water safety standards useless or not?
never said that. said it becomes effective in obvious cases, just after something big happened.
if you trust legislators and government, it is ok. but i find pretty dangerous to give more power to them because, asking them to protect us. if they do form an advisory tech board, who do you imagine will be there? the same big corps. it is even possible they decide only approved software and hardware will be lawful in some use cases, and you can be certain, it will be from big corps.
I have been on a number of advisory boards, including one to a minister in a government. I have been also involved in grass-roots actions, including against ACTA (which, you know, worked).
And you have not answered my questions from the previous toot:
1. how is bad software/hardware not able to do immediate harm?
2. are food and water safety standards useless or not?
I would appreciate your answer.
But we can get them to enact the right kind legislation -- and I know that is actually possible from my own personal experience.
I also know that without legislation, IT crappiness is not going away. Because the incentives are completely b0rked.
Fosstodon is a Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.