The year is 2019 and I can’t buy a good majority of consumer technology because we lack privacy legislation and consumer protections. Example: it’s absurd that my TV came with spyware that can’t be turned off or avoided; I had to stop it from phoning home at the network level. It also came with an arbitration clause and a clause waiving the right to a class action lawsuit.

@retrohacker How do they make you agree to that? Is there an EULA just to turn it on the first time?

@crlf Yeah, the TV is essentially bricked until you agree to the ToS of the "Smart TV" software (Roku). You can't even use the HDMI inputs until you agree.

i think the problem is not lack of legislation. the tech monopoly of big corps exists because people bought it. they sold their privacy for convenience and trendy blinking lights. furthermore, it is impossible for lawmakers to understand new technologies and to do specific laws for each new tech trap and it is impossible to stop the stupidity from people with the "it is ok, i have nothing to hide" mindset.

The"I have nothing to hide" excuse is government propaganda.
The issue behind these monopolies is far deeper, it's corrupt legislators in cahoots with companies.
It's a web of laws aimed at protecting the rich, and the more these laws are passed, the harder it is to fight then at consumer level - 1/3

@hansbauer @retrohacker
Can you stop consuming Comcast when it's the only freaking ISP in your county? Can you stop high RAM prices when the industry engages in price fixing?

Can you stop consuming gas when the law forces you to live in a suburb where businesses - even grocery stores and hair salons and dentists - cannot be built and the closest one is kilometers away?

And then you can't prevent big corps from lobbying because they've legalized it - 2/3

@hansbauer @retrohacker
It's very hard to boycott when you're alone. Soon smart TVs will be the only kind of TVs because of "consumer demand".
The solution requires organization, propaganda and supporting pro-consumer and pro-human-rights nonprofits worldwide.
We can't win this war alone; we need to stick together, and these nonprofits are our greatest ally. - 3/3

@hansbauer @retrohacker Spot on.

I wish I'd gotten into free software stuff back when I had a chance of actually taking the time to comprehend it properly. Might have been a bigger part of my life and given me more control.

@hansbauer @retrohacker nope, actually, it's the lack of legislation.

We don't expect people to be experts in chemistry and food safety in order for them not to get poisoned by food they buy. This is called food safety standards.

And yet we expect people will become tech and legal experts, reading through endless EULAs and understanding the fine print, and then being able to verify the tech behind it, for them to be able to protect their basic privacy?


@hansbauer @retrohacker legislators were able to create food safety standards that make getting poisoned by store-bought food impossibly unlikely. They were able to create regulations around medicines that make it highly unlikely for people to get poisoned by actual, you know, poisons (every medicine is poison in the right amount).

We can, and should, expect legislators to step in and regulate the IT industry.

Market will not solve it.

@rysiek @hansbauer @retrohacker

I've found this language helpful for thinking about some aspects of some of these problems:

There is some value in having people be the ultimate arbiters of what goods and services they buy.

But, to get reasonably safe and good things, we need the support of experts. And we need those experts to do their work on our behalf.

@deejoe @hansbauer @retrohacker oh absolutely. I am not saying people should not be able to make independent decisions.

But it is *not* an independent decision if the person is misinformed or does not have enough information to make an informed decision.

Legislation is needed (among other things) to create a baseline of quality of information about stuff that matches the baseline expectations of people.

I also want to point out that expecting people to 100% advocate for themselves in terms of tech and privacy is a privileged and even ableist position. Not everyone who gives in, does so out of laziness, convenience, or even ignorance. Some genuinely have few options.
@deejoe @hansbauer @retrohacker

@erosdiscordia @deejoe @hansbauer @retrohacker thank you for making this point, yes! This is such an important point that gets missed all the time.

@rysiek @erosdiscordia @deejoe @hansbauer I've been planning a post on this for a while... I've been working on taking back my privacy and network security. I'm dozens if not 100s of hours into the project, have several hundred dollars worth of hardware invested, and none of this includes the 10+ years experience I have as a linux sysadmin that made it possible in the first place.

@rysiek @erosdiscordia @deejoe @hansbauer Some folks' threat model is making sure their kids have food. Getting a pi-hole configured to do DNS over HTTPS isn't even on their radar. What does effective privacy look like for these folks? I can't come up with anything other than effective privacy legislation.

if they enjoy using facebook, google etc products, or enjoy having the last model of tvs, i guess they have to wait for lawmakers to do something, as they seem to value convenience over other things. i'm not judging it. it is ok to do so.
@rysiek @erosdiscordia @deejoe

@hansbauer Well, the people who choose it for convenience are obviously in it for convenience. The people who don't have alternative choices without a huge pricetag or investment of time (which is money) are secondarily preyed on in that scenario, and they're a good enough rationale for legislation.

Like, I hate Google. My phone uses it. I hate Apple worse, can't afford a Purism, don't know how to root my phone, and need a bus app to help me get by with no car. @retrohacker @rysiek @deejoe

i'm in a similar situation as you with shitty phones. i know how to root and everything, use dns blocking etc, and even so is not enough. i guess we have to wait for more phones like the one from purism, with a better price tag. i meanwhile we are somewhat screwed. i have no hopes lawmakers will do anything good even if pressured, but it would be good if they did. i'm not excluding that.
@retrohacker @rysiek @deejoe

@hansbauer @rysiek @erosdiscordia @deejoe I feel you are trying to reduce this down to an efficient market problem. It's not. We don't have an efficient market here.

@hansbauer @rysiek @erosdiscordia @deejoe

It's not just the choice to use Facebook and Google. That is actually irrelevant if you have a cellphone or use an ISP. Your DNS resolution to ISPs servers is being sold. Your location data from cell towers is being sold. Deep packet inspection by your ISP, that metadata is being sold. Simply being connected to the internet with a *stock* consumer device forfeits your right to any sort of privacy.

@hansbauer @rysiek @erosdiscordia @deejoe

Legislation _creates_ free markets, a free market can not exist without legislation. Legislation gives us the power to correct for inefficient markets. Legislation _creates_ human rights, and gives us the power to ensure they are honored.

@hansbauer @rysiek @erosdiscordia @deejoe The last few generations of the private sector have worked to create an ineffective government. This may not have been the intention, but it was definitely the result.

Now the private sector is promoting the idea that you can't trust your government with these problems because it is ineffective. Don't drink that kool-aid, they are the ones who fucked our system of self-regulation up in the first place.

i don't trust it, because big corps are inside it. they have perverted the whole thing. i'm not saying legislation is bad, but that in the actual scenario, it is really bad to ask for more. at the end of the day, if we ask for. more legislation today, we are asking big corps to do it.
@rysiek @erosdiscordia @deejoe

@retrohacker @hansbauer @erosdiscordia @deejoe plus, it's not the choice of using Facebook or using Google. They offer vastly different services. They are not in the same markets. They create their own vertically integrated markets. They are, in a very real sense of this word, monopolists.

There cannot be an efficient market in this situation.

And yes, of course I had a talk about this at CCC once:

sorry if i gave this impression. what i'm trying to say is that legislation is not the only thing that will solve this, and from the things that can be done, legislation is a pretty dangerous one to be the main route.
@rysiek @erosdiscordia @deejoe

@hansbauer @rysiek @erosdiscordia @deejoe

I think the point I'm trying to make is that effective legislation is the _only_ thing that can actually get us out of this. The logistics of making that happen w/ government surveillance and lobbying included. If we can't navigate that, we are lost.

@hansbauer @retrohacker @rysiek @erosdiscordia @deejoe Could be they value their social lives. I made the “principled” choice re Facebook, and lost an entire social circle because Facebook is so good at being sticky that people will genuinely forget you exist. Reminded, they feel bad about it, but then forget again. Others have seen the same. Calling it a mere matter of preference fails to reflect the reality.

@alexis @hansbauer @rysiek @erosdiscordia @deejoe not to mention our ISPs and most consumer hardware vendors are user hostile so, unless you are tech savy, leaving Facebook doesn’t actually win you back your privacy.

@retrohacker @hansbauer @deejoe @erosdiscordia @rysiek Making privacy an individual responsibility is what the tech industry wants. They know damn well that most people have more pressing concerns than surveillance capitalism.

We should be forcing opt-in everything, mandatory informed consent with policies written in fourth-grade English, and outright banning the use of CRM tech that isn't HIPAA-compliant. Any consumer data that isn't deleted after the product warranty period should at least be stored with as much care as medical records.

One thing that frustrates me is this marketing fiction that technology can be made so that people can do things "for themselves". The central conceit is the company can disintermediate technology, that one is communing directly with the tech gods, with no priests or middlemen or dependency.

But it's crap. Instead, the megacorp replaces a more personal relationship with local experts. They capture that relationship to become the sole arbiter between that person & technology. The dependencies are all still there.

@erosdiscordia @rysiek @deejoe @hansbauer @retrohacker
This is matter of education: it's totally possible to teach programming, networking and crypto before 13. Why we don't? Because many people don't even understand they are used not users.

I'm totally for regulations, but I'm scared by the incompetence of Politicians, even in Europe.
What I read on #AI looks scary: they totally misunderstand what it is, how it works and can be abused.

@erosdiscordia @rysiek @deejoe @hansbauer @retrohacker

In this context there is a huge risk that regulations would be used to create business entry barriers by big players.

This in turn would kill #FreeSoftware.

You just need to impose conditions to who can program to effectively inhibit #freedom 1, 2 and 3.

So we need to be very careful with regulations: we can regulate specific business uses (AI, privacy etc) but not IT as a whole.

@Shamar @erosdiscordia @rysiek @deejoe @hansbauer

Regulating AI seems nonsensical to me. I'm not sure we want to regulate industries or technologies. I'm pretty sure we want to regulate behaviors.

Start with human rights and work out implications. The limits imposed on industry and technologies are derived from the human rights they aren't allowed to infringe on. It's not "you are allowed to use AI in these ways" its "no technology or person can infringe on the right [of/to]"

@retrohacker @erosdiscordia @rysiek @deejoe @hansbauer

Except that
1. the derivation should be logical
2. you must understand the topic

People and experts talking about "bias" or "non determinism" (of software executed on deterministic machines) show what can omly be either a deep incompetence or a malicious lobbying.

Regulating AI should be simple:
- forbid opaque boxes application to human data
- always held a human accountable

@Shamar @erosdiscordia @rysiek @deejoe @hansbauer

> forbid black boxes

I’m not sure this needs to be a regulation. Folks are free to do what they want with the tech they build, but they are responsible for the actions it takes. It’s risk management. If they aren’t able to comprehend the system they built, they are accepting that they may be found guilty of crimes that system commits. The decision to not use black boxes is easily derived from liability assuming we have balanced legislation.

@retrohacker @erosdiscordia @rysiek @deejoe @hansbauer

With black boxes you need an enormous number or similar damages to prove a crime occurred and corporations will brag about industry standards to protect their interests.

Several people already died, killed by #SelfDrivingCars and no #CEO have gone to jail for the murder. OTOH you would need an enormous number of people from a minority discriminated to prove an AI software is wrong.

@retrohacker @erosdiscordia @rysiek @deejoe @hansbauer
I don't think we can negotiate on these principles.

#Accountability means that for every error of an #AI, at least one human must be held accountable.

#Transparency means that each and evert error must be fully detectable, reproducible and easy to debug (aka explain plenty and clearly).

Without both of these principles, the rich will be above the Law by using an autonomous proxy.


I'm not trying to dispute what you're saying, just offering that as something I've found helpful, specifically being able to pin the phrase "the principle-agent problem" on a big chunk of this.

@hansbauer @retrohacker

software is different from food, chemicals, medicine. these can immediately kill or cause great harm. even so, just the most clear and obvious cases came into legislation. dangerous compounds are still being added to food and water, harmful medicines are still being sold etc. legislation did not really solved this problem.

@hansbauer @retrohacker tell me again how this can't immediately kill or couse great harm:

And then tell me how the above is not an obvious case that should come into legislation?

By saying "legislation did not solve the food and water safety issues" are you saying it's completely useless? Or can we agree that it did improve food and water safety measurably and in a very concrete way?

well it was not an issue before 2016 or so. this is what i mean. it will be only something when it is too obvious. furthermore this is some completely different problem from what was being discussed legislators gave only shitty responses to it.

@hansbauer @retrohacker what was not an issue? Software/hardware that can kill people if buggy? Try about 1985 instead:

I would still like answers to my two questions. they are pretty simple questions, here, for your convenience let me repeat them:
1. how is bad software/hardware not able to do immediate harm?
2. are food and water safety standards useless or not?

>how is bad software/hardware not able to do immediate harm?
i was talking about privacy issues, tracking software embedded in electronics. you tried to change the subject to self driving cars and what not. i was not having a general discussion.
>are food and water safety standards useless or not?
never said that. said it becomes effective in obvious cases, just after something big happened.

@hansbauer @retrohacker

Okay, can we then agree we should have legislation that covers obvious cases where IT crappiness can physically harm people, and that such regulation can improve things?

@hansbauer @retrohacker furthermore, if the only thing we can get is legislation that only handles the most obvious cases, that will *still* be an serious improvement over the current state of affairs! Let's start with that, please.

it is everything ok, but i would like to finish this conversation with you.

if you trust legislators and government, it is ok. but i find pretty dangerous to give more power to them because, asking them to protect us. if they do form an advisory tech board, who do you imagine will be there? the same big corps. it is even possible they decide only approved software and hardware will be lawful in some use cases, and you can be certain, it will be from big corps.

@hansbauer @retrohacker nobody is giving them power, they already have that power.

I have been on a number of advisory boards, including one to a minister in a government. I have been also involved in grass-roots actions, including against ACTA (which, you know, worked).

And you have not answered my questions from the previous toot:
1. how is bad software/hardware not able to do immediate harm?
2. are food and water safety standards useless or not?

I would appreciate your answer.

@hansbauer @retrohacker and I am not saying we should trust the legislators. Quite the contrary.

But we can get them to enact the right kind legislation -- and I know that is actually possible from my own personal experience.

I also know that without legislation, IT crappiness is not going away. Because the incentives are completely b0rked.

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.