Re: [projectvrm] John Naughton on VRM in The Guardian

[Markus Sabadello < >]

Hello,

A bit late to this thread, nice to see FreedomBox being discussed here
once again.

I think the first IIW where I demo'd FreedomBox was #14 in 2012.
Since then a lot has happened, many other similar projects have been
started, which is great, and FreedomBox itself is also quite active
right now.
The Databox seems to have a few really good ideas around attaching terms
to your own data.

At that IIW#14, I showed two related use cases, 1. one where you store
basic profile data in a personal data store and share it with others,
and 2. one VRM-related where you publish an intent in the network for
others to see.

That FreedomBox demo was done using the XDI protocol on a mesh network
(but of course other technologies would work too).
If you are interested, here is the write-up plus screenshots:
http://blog.projectdanube.org/2012/05/freedombox-at-the-internet-identity-workshop/

At that time, I felt that these two use cases (interaction with other
individuals, and interaction with businesses) were really just two sides
of the same coin, which I tried to draw in this old video..
http://projectdanube.org/videos/video-the-three-visions/

I agree with Doc that the original idea of FreedomBox was and remains
decentralization, the free peer-to-peer Internet, being in control of
your online identity and communication. Based on this principle, you can
evolve and satisfy many other ideas and use cases, including
marketplaces (of both data and physical goods/services, see the OuiShare
community).

I also agree with many other points that were made on this thread, e.g.
that it should be possible to run software either on a physical box at
home or in the cloud, and that it should be possible to move data from
one place on the network to another (data portability).

As merely one member of a global community working on FreedomBox, I am
trying to contribute to the project in a moderate way with development
work and by promoting it at events.

Markus

P.S. Also looking forward to next IIW, let's see what we can come up
with this time :)

On 02/01/2015 08:17 PM, Doc Searls wrote:
> I don’t think it is.
>
> The Freedom Box proceeds from the assumption that the individual should 
> have full control over a box in their possession, and what happens to the 
> data on it. It’s context is not the marketplace but the original 
> peer-to-peer end-to-end Internet. So, while it can be used in the 
> marketplace, it doesn’t start there.
>
> The original links for Freedom Box are pretty stale (from 2011): 
> http://freedomboxfoundation.org/  
> http://www.nytimes.com/2011/02/16/nyregion/16about.html?_r=0
>
> But Markus has been active in a variety of ways: 
> <http://iiw.idcommons.net/ID_Things_You_Can_Do_With_A_%E2%80%9CFREEDOM_BOX%E2%80%9D><http://blog.gmane.org/gmane.linux.debian.freedombox.user/day=20141228>
>
> One of those is from IIW. We should talk about it some more there.
>
> As for Databox, this, from http://arxiv.org/abs/1501.04737 sounds similar...
>
>> We propose there is a need for a technical platform enabling people to 
>> engage with the collection, management and consumption of personal data; 
>> and that this platform should itself be personal, under the direct control 
>> of the individual whose data it holds. In what follows, we refer to this 
>> platform as the Databox, a personal, networked service that collates 
>> personal data and can be used to make those data available. While your 
>> Databox is likely to be a virtual platform, in that it will involve 
>> multiple devices and services, at least one instance of it will exist in 
>> physical form such as on a physical form-factor computing device with 
>> associated storage and networking, such as a home hub.
> But this from 
> <http://www.technologyreview.com/view/534526/how-a-box-could-solve-the-personal-data-conundrum/>
>  lays it in a commercial context:
>
>> The basic idea behind the Databox is that it is a networked service that 
>> collates personal information from all of your devices and can also make 
>> that data available to organizations that the owner allows. This piece of 
>> software must have a number of important attributes.
>>
>> First, it must be trusted by the individual who uses it. That’s a big ask. 
>> The Databox will gather information about browsing habits, buying 
>> behavior, financial details such as bank statements, e-mail and social 
>> media contacts as well as calendar entries and so on. To allow all this 
>> all to be stored in a single online repository will require remarkable act 
>> of faith for most people. Ensuring the security of a Databox is therefore 
>> a crucial requirement.
>>
>> But the owner of the data is not the only one who needs to share this 
>> trust. Any company or organization that accesses the data must also have 
>> faith that it is reliable, something that will require third-party 
>> auditors who can verify that the system is operating is expected.
>>
>> As well as gathering personal information, the Databox must allow 
>> controlled access to it. So third parties must be able to selectively 
>> query any information that the user allows them access to. At the same 
>> time, the user must be able to control how this data is accessed and be 
>> able to change the settings when necessary.
>>
>> Finally, there must be incentives for all those involved to use the 
>> Databox. For example, ordinary people may be more likely to use the 
>> service if it contains a mechanism that allows third parties to pay for 
>> using the data.
>>
>> It may also provide an incentive for third parties by reducing their 
>> exposure to sensitive data, such as health records. For example, an 
>> organization may need access to health data but not want the cost and 
>> responsibility of storing it securely. “An analogy might be the way online 
>> stores use third-party payment services such as PayPal or Google Wallet to 
>> avoid the overhead of Payment Card Infrastructure compliance for 
>> processing credit card fees,” say Haddadi and co.
> This is also consistent with the full .pdf of the Databox report: 
> <http://arxiv.org/pdf/1501.04737v1.pdf>. The authors have also not designed 
> the platform. They have just outlined the need for one and how it might 
> work.
>
> Like John Naughton's Guardian piece, the Databox writeup ignores work 
> already happening in the world, including the Freedom Box, abundant work 
> going on in the U.K., notably all the PIMS followed by Ctrl-Shift, plus 
> other efforts such as Aral Balkan's <http://ind.ie> — and work happening 
> around the world and listed (incompletely) here at ProjectVRM: 
> <http://cyber.law.harvard.edu/projectvrm/VRM_Development_Work>. (Ind.ie and 
> Databox are both there, among much else.)
>
> Doc
>
>
>
>
>
>> On Feb 1, 2015, at 10:52 AM, Chasen, Les 
>> <
 >
>>  wrote:
>>
>> Sounds like the freedom box that markus works on.
>>
>> From: StJ Deakins 
>> <
 >
>> Date: Sunday, February 1, 2015 at 9:17 AM
>> To: Reuben Binns 
>> <
 >,
>>  John Harrison 
>> <
 >
>> Cc: 
>> "
 "
>>  
>> <
 >
>> Subject: Re: [projectvrm] John Naughton on VRM in The Guardian
>>
>>> Nice spot Reuben. Will go buy the paper :)
>>>
>>> John H, is DataBox linked to your initiative? 
>>> StJ
>>>
>>> On Sunday, February 1, 2015, Reuben Binns 
>>> <
 >
>>>  wrote:
>>>> I was leafing through the Observer (the UK Guardian's sunday edition)
>>>> and found this nice little piece from John Naughton which refers to Doc
>>>> and VRM. It's on the front page of the paper's 'Discover' supplement on
>>>> science and technology.
>>>>
>>>> http://www.theguardian.com/technology/2015/feb/01/control-personal-data-databox-end-user-agreement
>>>>
>>>>
>>>>