Ideas for a Better Internet

From Paul Trevithick:

What is the problem this idea addresses, why does it matter?

To create the kind of society that most people want, personal data must be be managed differently than it is today. Adaptations to technical, operational, and regulatory aspects of the Internet are necessary to ensure better protection and privacy for personal data.

What is the goal of the idea?

To change some of the data architecture and policy layers of the Internet in order to enable the individual to control the storage and dissemination of his personal information. Taken together these changes can bring about the end of today’s personal data feudalism.

How does the idea work?

There are technical, operational and regulatory aspects to what must be changed.

In terms of the technical aspects, every person must have access to a personal data service that provides a central point of control (i.e. a dashboard) for that person’s physically distributed data. To genuinely shift control to the individual at least some of the places where personal data is stored must hold only encrypted attribute values (so-called translucent storage) with the individual in exclusive possession of the encryption key.

Operationally, networks of people and services must have the ability to adhere to multiple trust frameworks, each of which includes rules for data schemas, roles, authentication methods & levels, auditing, compliance, etc. As far as possible the policies of these trust frameworks must be machine, lawyer and human readable.

Regulations must be changed to make it illegal for anyone (except law enforcement) to cache personal data by another actor for more than 24 hours.

From Adam Bray:

What is the problem this idea addresses, why does it matter?

Certificate Authorities allow organizations and individuals to prove their identity to others, however problems with such authorities persist. There needs to be more accountability to ensure their trustworthiness.

What is the goal of the idea?

Allowing users to rate and review certificate authorities would increase accountability and enable users to “watch the watchers.” This information would enable others to control what certificates their browsers and operating system trust.

How does the idea work?

The system would likely consist of three parts:

1) A website designed to educate users on how PKI (public key infrastructure) works and why it’s important.

2) A site or service allowing people to leave ratings and reviews of certificate authorities.

3) A suite of web browser plugins or stand-alone applications which would alert users when a visited site’s certificate was granted by a CA that is considered untrustworthy. Ideally, these plugins/apps would allow users to manage the default trust settings for CAs in their browser.

Implementing this idea would require the programming of the site and the plugins, as well as the creation of the educational materials. The feasibility of the browser plugins assisting with certificate management may be limited, depending on how various browsers expose this functionality, and thus may require cooperation with browser developers.

From David Kettler:

What is the problem this idea addresses, why does it matter?

As the internet becomes more and more based on machine-read API (application program interface) access, users are still operating within the older model of separate identities and accounts with different services spread across the web. APIs often offer redundantly overlapping features but disparate access methods, separating the internet into a bunch of walled gardens with needlessly duplicated data. This server-centric model also forces companies to mine users’ data to sell to advertisers in to cover the cost of hosting the user’s data and serving pages.

What is the goal of the idea?

To create a cloud-based user agent that would centralize the collection and storage of personal information while giving users more tools to control the release of their information and developing a robust system to ensure its protection.

How does the idea work?

This idea proposes a cloud-based user agent which would hold the user’s identity and information, ideally in a mobile device and in a dedicated personal server box. Said user agent would collect data from the user’s services across the web and store it in a unified semantic model, and push data to other agents and services as the user creates new content.

In this way, the user could have all their data in one place and operate on it in novel ways with fine-grained privacy permissions granted to certain services instead of extant all-or-nothing privacy models. Once this migration mission has been accomplished, systems which then never use a central-server model and instead are based on a mesh network of independent distributed databases can come into existence, respecting user’s privacy even more strongly.

From Mark Cooper:

What is the problem this idea addresses, why does it matter?

While crowd sourcing is a growing phenomenon in cyberspace, it has yet to become an important and stable part of regulatory enforcement. Mark Cooper, Director of Research for the Consumer Federation of America, argues in his presentation, “Building a Platform for Participatory Regulation in the Digital Information Age,” (2011) that it can and should be an important part of the public sphere in the digital age, but it will not achieve the stature it deserves without active implementation and management. The project proposes both conceptual (design) and practical (implementation) steps to show the potential effectiveness of crowd sourcing enforcement.  The template developed in this project will be generally applicable for similar activities dealing with the Internet and non-Internet related rules.

What is the goal of the idea?

This proposal seeks to use the Internet to improve the Internet by tapping into the unique ability of the Internet to unleash viral communications.  At the same time, it endeavors to “organize” those communications in a structured, task oriented-activity that impacts a formal regulatory process.

How does the idea work?

This project will create an institutional framework of structured viral communications to inject crowd sourcing of enforcement into three “rules” recently adopted by three federal agencies that seek to enhance the consumer experience on the Internet.

•    Privacy condition in the Federal Trade Commission’s Google-buzz settlement
•    Network Neutrality in the recent Federal Communications Commission’s Broadband Industry Practices Proceeding
•    Conditions on the Comcast-NBCU merger imposed by the Federal Communications Commission and the Department of Justice.

Crowd sourcing will not become an important part of the regulatory structure if it does not improve the functioning of regulatory oversight in two ways – exposing abuse and securing corrective action.  The ability of crowd sourcing enforcement to do so will be greatly enhanced if it is embedded in a structured environment that channels the power of viral communications.  Structured viral communications are an emerging form of communications that is transforming the nature of collective action in many different fields, as described in Mark Cooper’s paper, “Structured Viral Communications; The Political Economy and Social Organization of Digital Disintermediation” (2011).

From Richard Stallman:

What is the problem this idea addresses, why does it matter?

One of the problems of the web is that web pages contain (or load) nonfree Javascript code, in effect installing and running nonfree programs on users’ machines without their knowing it. As frequently occurs with nonfree software, some of those programs have malicious features, often for surveillance.  We need to arrange for users to have control over this software, as they do over the software that they install knowingly.

What is the goal of the idea?

To ensure individual freedom and security by ensuring that the use of any JavaScript on a website is transparent, voluntary, and non-proprietary.

How does the idea work?

(The following text comes directly from Richard Stallman, http://www.gnu.org/philosophy/javascript-trap.html)

First, we need a practical criterion for nontrivial JavaScript programs. Since “nontrivial” is a matter of degree, this is a matter of designing a simple criterion that gives good results, rather than determining the one correct answer. Our proposal is to consider a JavaScript program nontrivial if it makes an AJAX request, and consider it nontrivial if it defines methods and either loads an external script or is loaded as one. At the end of this article we propose a convention by which a nontrivial JavaScript program in a web page can state the URL where its source code is located, and can state its license too, using stylized comments. Finally, we need to change free browsers to support freedom for users of pages with JavaScript. First of all, browsers should be able to tell the user about nontrivial nonfree JavaScript programs, rather than running them. Perhaps NoScript could be adapted to do this.

Browser users also need a convenient facility to specify JavaScript code to use instead of the JavaScript in a certain page. (The specified code might be total replacement, or a modified version of the free JavaScript program in that page.) Greasemonkey comes close to being able to do this, but not quite, since it doesn’t guarantee to modify the JavaScript code in a page before that program starts to execute. Using a local proxy works, but is too inconvenient now to be a real solution. We need to construct a solution that is reliable and convenient, as well as sites for sharing changes. The GNU Project would like to recommend sites which are dedicated to free changes only.

From Roel van Rijsewijk:

What is the problem this idea addresses, why does it matter?

The claim for the Internet was that it could and should not be regulated. But governments and corporations are constructing an internet that will perfect control and make highly efficient regulation possible. The ethical and social issues involved are many and varied; however, it is useful to focus on: 1) property (who owns information?); 2) accessibility (what information does a person or organization have a right or privilege to obtain, and under what conditions?); 3) privacy (what information about one’s self must you reveal to others, under what conditions, and what information can you keep to yourself?); and 4) accuracy (who is responsible for the authenticity, fidelity and accuracy of information?). See Richard O. Mason, Four Ethical Issues of the Information Age, MIS Quarterly, Vol. 10, No. 1, 5-12. March, 1986. The potential conflicts between the issues of information ethics can lead to digital dilemmas. For example ensuring accuracy of information can be in conflict with privacy as codified in the Personal Data Protection Act.

What is the goal of the idea?

To use innovations at the browser-level to increase individuals’ control over their information. We may not mind sharing our personal lives and thoughts, but we want to control how, where and with whom. A privacy failure is a control failure.

How does the idea work?

To put control where it should be, browsers should have build-in safeguards for privacy and property when sharing information via the browser and safeguards for accuracy and accessibility when retrieving information. Like safety regulations for cars before they are allowed on the road, or drugs, food and other stuff in our lives which is of vital importance, browsers should comply with a set of standards before they are allowed on the market.

From Wilfried Rijsemus:

What is the problem this idea addresses, why does it matter?

Identity and activity should never be stored in the same company; the right to one’s identity is a fundamental human right. Any information that points directly to a particular person is identity information. ISPs should be mandated to provide identity management/provision functionality and should be mandated by government law to be the only official bodies who are allowed to store identity.

What is the goal of the idea?

To expand protections for a user’s identity by mandating ISPs to implement protective mechanisms and by forbidding other parties from storing identity information. This will create the right level of trust for a consumer to subscribe to a service and be able to leave at any time without fearing consequences far into the future.

How does the idea work?

Through government regulation of ISP behavior and a mandate against the storage of identity information by non-ISP entitites.

From Michiel de Jong:

What is the problem this idea addresses, why does it matter?

The centralization of everybody’s data at the hands of the application provider is an architectural flaw of web 2.0, which undermines security and privacy for all Internet users.

What is the goal of the idea?

Separating user data hosting from application hosting is a web-specific solution that would solve the problem of the centralization and hostage-taking of user data by the rise of hosted software (i.e. web 2.0, SaaS, cloud). This solution would improve privacy and security by preventing user data from being stored in the first place.

How does the idea work?

Unhosted web apps are nothing but source code; there is no dynamic data. When the user logs in, the app parses the part behind the ‘@’ symbol of the username, and that is where the user’s data is stored. A working example can be found here: http://www.myfavouritesandwich.org/unhosted.js using a stack of existing protocols, which is specified here: http://unhosted.org/spec/dav/0.1.

From Dean Proctor:

What is the problem this idea addresses, why does it matter?

For most Internet users, not one, but many websites store their personal data including passwords, addresses, and financial information. As a result, user data is spread widely, with little accountability or assurance that information will remain secure. Recent leaks of passwords and other personal information by the websites of even major corporations highlight the security risks associated with this decentralized system.

What is the goal of the idea?

To provide trust, anonymity, and security through an unaffiliated third-party trust mechanism that would store user information and thereby minimize opportunities and incentives to tamper with the storage of user information while increasing accountability if security breaches occur.

Individual users would not have to be anonymous; the system merely gives people a safe way to exercise their right to choose. Some people might have their real names listed, for instance on their business site, but would also enjoy the freedom of speech that anonymity gives on a social or industry discussion site. Effectively, everyone would have the option of being anonymous, with any “unmasking” subject to the law regulating the trusted third party. Because the system would be new, effective public rules could be crafted in advance.

How does the idea work?

The third-party mechanism would store user information so that a person using any existing mobile phone on any network could ‘log on’ to a website and receive trusted anonymity. The third party mechanism would allow sites to recognize users and safely exchange payments with them without knowing or storing their identity, financial details, phone number, IP address or even placing a browser cookie. During processing no personal data is ever stored, transmitted or accessed.

No trust need be placed in the telephone carriers themselves. Merchants require no infrastructure other than web access or a base model SMS capable mobile phone. Although the system does not require SMS, it could be useful for providing additional information and fallback capability if, for instance, a merchant’s web access is interrupted. Users would not be required to remember any passwords or PINS. If a user’s mobile device is stolen, the installed trust mechanism can be rendered inactive within a couple of minutes since users can reset their information using any replacement device.

In addition to increased trust and security, the system will provide important benefits in other areas. The system can provide ‘masked’ calling and impenetrable and forensically safe communications in text across borders and networks, useful for struggling democratic movements and citizen reporters. The system would also work with the proposed P2P ‘cloud’ type Internet being built. Moreover, adoption would be easy to facilitate since enrolling new users can be performed en-masse, real-time in a couple of minutes via mass media.

From Kent Mewhort:

What is the problem this idea addresses, why does it matter?

Improving privacy through ISP-level mechanisms will increase security of individual data while offering platform independence that will allow privacy mechanisms to function across different browsers. With the proliferation  of alternative web browsers such as those on mobile devices, it is not always possible for users to take advantage of browser-based privacy protections; an ISP-based solution would work for all devices. Along with this platform independence, an ISP-level approach will ensure regulatory compliance since ISPs are always local to the user’s jurisdiction and can thus bring the appropriate legal protections to fruition. Additionally, ISP-level solutions avoid conflicts of interest that often arise in the the actual implementation of browser-based tools. For example, Microsoft owns a subsidiary advertising agency, which may already have resulted in watered down privacy protections in IE (see http://online.wsj.com/article/SB10001424052748703467304575383530439838568.html).

What is the goal of the idea?

This idea aims to implement privacy protections at the ISP-level, thereby taking advantage of service providers’ position as intermediaries between Internet users and the browsers they use and sites they visit. Such a solution offers the potential benefits of increased privacy for a wide range of users, platform independence, regulatory compliance, and reduced conflicts of interest.

How does the idea work?

ISP-level filtering would involve a web-based interface as well as underlying filtering/firewalling technologies, which could be based off of existing client-level solutions.  It may also be possible to leverage existing filtering technologies already used by ISPs for traffic shaping. Specific ISP-level mechanisms to increase privacy would include: removal or falsification of geodetic information from uploaded images; removal of “tracking” information, such as third-party cookies by advertising agencies (perhaps through the use of a community-maintained filter list); and automatic redirection to HTTPS services, where supported.