So, you have an email address at Gmail which you're using to authenticate everywhere, which is your username at most services, and possibly your main point of contact.
Then you mention something innocuous, I don't know, a cucumber maybe, on YouTube in a comment, and now your account is gone because apparently cucumbers are a part of some neo-nazi slang or a secret pedophile ring slang, and you got reported into oblivion.
Since your email address was also a part of getting into your bank account, now you've got a problem of getting your money, too.
The hoops you have now to jump are worse than changing spelling of your legal name or changing the fucking citizenship.
Still, the internet hivemind is raving that "it's not censorship if a private company is doing it", "they are a private company so they have a right to boot anyone off".
Of course another cohort of smug internet users will say: just self-host your email! Well, good luck getting your email deliverable if you're a Joe Schmoe and not one of the big players in the first place.
The big companies pulled the blanket so much that without using their services, you may as well not exist on the internet. They've made it extremely difficult, at least. They got, in some sense, bigger than many individual governments in regulating information channels. And yet they dodge all responsibility on the premise of being "private companies".
Yep exactly. The way I’ve been thinking about it lately is that we live with a foot in two worlds.
In the physical world, we have a cascading set of governments, councils and countries we form part of in a participatory process. If someone is smoking next door I can raise it with the home owners association. Or my local council. Or if laws need to be changed, I can talk to my member of parliament or get involved in the local political process. As a society we spent thousands of years and countless deaths to reach this fragile place where we take collective responsibility for our shared spaces and communities. Who pays for the roads? We all do. Who sets the rules for public spaces? We all do.
On the Internet, we absconded from our collective responsibility to invest in shared infrastructure. So, absent other investment, a bunch of US corporations went around creating “free” services. You don’t want to pay for infrastructure? No problem. We’ll cover the bill, so long as you don’t mind us tracking you everywhere, selling information about you to advertising brokers, and advertising to you directly. Don’t like the spaces we created? We’ll aim some of the best AIs humans have ever created at your mind to algorithmically find your attentional weaknesses. All to keep you hooked on outrage, so we can show you more ads. You don’t live in the US? We don’t care. We’re in charge and we’re enforcing American “decency” standards on everyone. Don’t like the feudal empire we built? You’re welcome to delete your account and banish yourself from our society. If we don’t do that ourselves first, automatically. Good luck with the other feudalist corporate empires down the road.
We’re all paying for this as we watch social trust fray around us. We’re paying with a generation lost to outrage wars on Twitter, antivaxers on Facebook, the capital hill riots, teen suicide, conspiracy theories, and witch hunts. All pushed on people by algorithms that our community has created in a desperate attempt to maximise “engagement”. All so we can show more ads at any cost. Never mind if democratic liberal society crumbles in the process.
We’re kings of the world, and the only responsibility anyone can name is to the almighty dollar. Somehow maximising shareholder value is held in higher regard than our responsibility to leave a functioning society to our children. Help us all, but we need to do better than this.
>In the physical world, we have a cascading set of governments, councils and countries we form part of in a participatory process.
This doesn't really work in practice though. For most people they keep their head down and hope that nobody finds fault with them, because everything is filled with so many rules and gotchas that you're almost guaranteed to be breaking some of them. You're supposed to follow rules that you don't even know. And this is considered fine by society, because as long as you keep your head down you're not going to be bothered.
The internet is the way it is because people in the real world are the way they are. When a real world business bans you on a technicality you don't really have recourse either.
> When a real world business bans you on a technicality you don't really have recourse either.
But there are vanishingly few real world businesses that have the kind of editorial power Facebook, Twitter and YouTube have over what information people consume. The only other industry with that sort of power is the news industry. And they (at least used to) have very strict legal codes and professional ethical codes which hold them accountable to society. It’s not ok for journalists to slander people or give bogus medical advice. But somehow we think it’s fine if a witch hunt is trending on Twitter, or YouTube patiently convinces people that the earth is flat, or vaccines don’t work.
You can talk all you want about the sovereignty of businesses and I get it. The problem is, when those businesses are so big and form such an essential part of how people connect in society, we (society) collectively depend on those businesses to be responsible actors.
Not all governance is bad governance. Where did you get the idea that governments can only ever be part of the problem? There are plenty of people doing good work in the US government at every level. And plenty of world governments that work well. And plenty of historical examples of fantastic US public policy measures - like the space program.
And if government isn’t working properly, you think digital feudalism would work better? A world some rogue AI at Google is able to shut off your online life because they don’t like the contents of your email or Google docs. So they brick your gadgets and shut you off from the world. With no recourse or human appeal process. No thanks!
I think recognising the internet as a utility would go a long way to solving most problems with it. Enter hordes and hordes of bureaucrats and regulators. maybe not, but I'm sure a middle ground exists but were not there yet.
I'd go deeper and consider not just the internet. How does it affect your life if Visa and Mastercard decide they don't like you while Paypal freezes your account and keeps your money? What if the transportation services decide you're not welcome on board the local cabs, coaches, trams and subways?
Recently I've been thinking along the lines that the bigger a company (or the larger their ability to influence, discriminate, and in doing so screw individuals over), the greater their social responsibility (roughly: provide the service they've set out to provide without discriminating and unjustly taking action against individuals any more than is necessary to prevent immediate harm & abuse).
That small mom & pop store? Sure, kick me out and ban me if you don't like the shade of my mask or my manner of speech; I will look for another place to shop. The two big chains that own virtually every grocery store and supermarket in town? Well it's going to be very inconvenient for individuals to be rejected by these behemoths.
Private or not shouldn't matter, there are many companies who have huge potential to mess with your ability to live a normal life and participate in society and do all the things that other people can do.
And I really think this social responsibility should extend to all services, not just ones that the customer pays money for. So deep pockets and the ability to offer lucrative free services that largely displace competition shouldn't relieve a company of their responsibility. If anything, these seem to give them immense power and huge potential to screw people over.
The internet and online platforms are important but still just a part of the issue.. which is that corporations take over our cities and lives but have essentially no obligation to serve you.
The internet access is largely recognized as utility. The internet services (email, hosting, video sharing, messengers, cloud storage, etc) aren't really a part of that utility. Many ISPs offer some of their own services in addition to the access (@aol.com email anyone?), but that can cause issues if the user moves to a location where their old ISP is not available, or if ISP goes bust.
Though it is worth pointing out that it was in that earlier model where ISPs covered most "infrastructure services" that the internet was most often classified as a utility. Your utility provider gives you all the services that you need to use your utility.
Now we are in a much weirder situation where services to use the utility are provided by companies you don't have a direct utility provider relationship with. That's not necessarily a bad thing, but it's a new thing that doesn't follow the traditional "rules" and analogy models of traditional utilities. If you have electrical problems you call your energy company. If you have telephone problems you call your phone company. If you have internet problems you can't just call your ISP to fix them.
I think a lot of these growing pains with "is the internet a utility?" and "is email a utility?" and "is Facebook a utility?" are happening precisely because we've passed a boundary of what "utility" means both governmentally and culturally. When your ISP was your email provider, the government had power to regulate it is a utility service: if your ISP didn't support things that kept you safe the government in theory could mandate it as a part of the limited regional monopoly rights granted to an ISP. When Google is your email provider the government has no such rights, and yet Google has far and away de facto become much of a "regional monopoly" for email than was ever expected to possible pre-internet. A lot of the specifics of Facebook weren't exactly on the radar as 1990s internet services, but suddenly for many people are required services with monopolistic lockdown.
There aren't easy answers here. We've passed beyond the 20th Century definitions of "utility". We probably need a new vocabulary for all of this. We probably need to collectively "sit down" and establish what all our new boundaries are, what powers we expect corporations to have over our lives, and which we expect to return to governments (as regulatory powers), and which we expect to collectively need to disrupt (through existing monopoly laws and trust busting exercises). Unfortunately no easy answers, just a lot of work to do that we'll probably collectively continue to procrastinate.
> All pushed on people by algorithms that our community has created in a desperate attempt to maximise “engagement”.
And remember, the maximum engagement one can possibly get is the open warfare. Facebook has been a tool of war propaganda, too, Zuckerberg is all for it if he can display some ads to the participants, last I've heard.
The early Internet was the Wild West, but people didn't notice the lesson of how the Wild West was tamed, or perhaps assumed there was something ineffable about a digital network still rooted in physical infrastructure that would make it untameable.
After the frontier era came the company towns and the large independent communities... Then, eventually, government incorporation and legal control.
Off topic but your response is spot on, and a key justification for why I want out. I want out of Silicon Valley. I want out of tech, out of screens, out of all of it.
I’m using COVID as an excuse to move away and start drawing down my involvement with all of it. I spent years trying to work my way into one of the few tech companies I considered at least nominally not trying to ruin the world for money but that’s not even enough.
We have built a dystopia, and short of finding a way to dismantle it that still lets me pay the rent and eat and not resign myself to a cat food retirement, I just want to get as far away from it as possible.
The endless treadmill of tech fads is brutal, and I agree that the current state of affairs has a lot of dystopian elements. Remember that there are lots of SMBs who need talented IT, and some startups that are trying to tackle real issues like hunger and climate change.
If you're set on getting out of the SV bubble, look around for needs in regenerative agriculture, or even carbon offset projects that need real estate to operate. If I had a different family situation, that's what I would be doing.
I already do, but I can’t shake the feeling that it’s all bound up together and there are no choices I could make that mitigate the deleterious effects the industry has.
You’re free to label that histrionics, but I’m the one who has to face myself in the mirror.
For what it’s worth, I made the same decision several years ago. I am 110% happier! I can look at myself in the mirror and feel good again.
For me it wasn’t just tech though; its all of corporate America. I just can’t take the lack of humanity, empathy, kindness. Nor can I take the useless work, endless, pointless posturing, forced “fun” activities, and the general dishonesty.
I weep for what we’ve done and the awful future that awaits. All this is probably histrionic too. But like you, I’d rather be able to look myself in the mirror, and get a good nights sleep.
There ought to be something like eviction rights for certain quintessential Internet services. Requirements to warn users, give a reason and chance to rectify, before an outright ban in which the user has a generous time frame to move their data.
Your landlord is a "private entity" but you're still a human being.
This is exactly it. Governments have no problem interfering deeply in the private sector when it comes to enforcing the public policy. We need that for the internet.
Even worse, when it comes to real estate, the government has no problem interfering in the livelihoods of landlords (often small operations), but completely absconds its responsibility on the internet dealing with giant billion-dollar corporations.
Unfortunately, this isn't just a question of how much governments should interfere, but the manner in which they should.
Some analogue to eviction rights is a fantastic idea. But the political winds are trending sharply in the other direction, pushing more responsibility onto services for aggressive enforcement of what people say or do on their platforms.
In an ideal world, the guilty would be rapidly and firmly dealt with while the innocent would be protected, but this is a million miles from the reality of how enforcement at scale works. It's a game of false positives vs false negatives, and we've recently been steering hard in the direction of diminishing user protections.
If I hadn't paid attention for the last ten years, it'd be astonishing that begging for corporate overlords to be more heavy-handed was coming from the _left_, of all places.
>If I hadn't paid attention for the last ten years, it'd be astonishing that begging for corporate overlords to be more heavy-handed was coming from the _left_, of all places.
It is not coming from the left. Liberals, left and right leaning, are demanding corporations take responsibility but the _left_ are not liberals (in fact, go to any leftist message board and ask them what they think of liberals.)
You seem to be saying that the left, by definition, can't be in support of censorship et al. I don't see how this follows: in fact, I feel the exact same way about _liberals_. Individual negative rights are definitionally liberal values, while being on the left (or right) is obviously compatible with authoritarianism.
More empirically (though anecdotally), I happen to have a decent amount of exposure to honest-to-god self-identified Communists and left-anarchists, the type of people who talk about praxis and casually mention revolution, including a good handful in my social circles (though none that i'm extra-close with).
While they're dismissive of the prissier, more superficial forms of identity politics that many moderate leftists enjoy performing, they're often openly dismissive of liberal values. While their preference is for regulation, they're fully in support of forcing platforms to more heavily engage in banning and censorship of undesirables (or as you and they put it, "take responsibility" for making the platform "safe"), presumably as a strategic move.
I literally never claimed that. I said that it isn't the left pushing for censorship from corporations because the left almost entirely hates corporations more than liberals or the political right do.
It gets better. There is no way to appeal these decisions. There is no way to talk to an actual human being at $megacorp. You can't even rely on the legal system, because $megacorp has terms of use which you probably agreed to. Even if there were a way to go for a legal appeal, even defining something as simple as the appropriate court (even country!) would be an uphill battle.
India is trying. Under new IT rules 2021 social media intermediaries have to publish the name of an actual Compliance Officer based in India and acknowledge a complaint within 24 hours and resolve within 15v days.
Twitter was forced to do it, almost on the verge of getting banned. So was Facebook and WhatsApp.
India's "compliance officer" demand is not for the corporation to look into customer issues. The compliance officer's role is to look into only censoring of content and does not AT ALL include looking into customer support issues.
The "Compliance Officer" job is for the Indian government to have a neck to squeeze if that social media company allows some content on their site which doesn't toe the official line from the Indian government.
It seems that there’s a lot of room for resolving the complaint within 15 days to just be the compliance officer rubber stamping whatever decision is being appealed. I hope that’s not the case though.
Can't find the link right now but there was a case where someone took Google to small claims over an AdSense issue and won. The paralegal Google sent did try to argue that they were in the right per ToS but the judge still ordered them to pay.
"The big companies pulled the blanket so much that without using their services, you may as well not exist on the internet."
It's an edge case (one small country), but in New Zealand you currently can't exist *in public* without either iOS or Android. They've universally deployed a covid-related tracking app, which has been made mandatory this week, and only supports those two platforms.
> in New Zealand you currently you can't exist in public without either iOS or Android.
This sounds too insane and stupid to be true. Because it isn't. From your second link:
> If you can’t use the app, download the NZ COVID Tracer booklet, keep a calendar or diary or take photos so you can recall where you’ve been.
Moreover, it looks like this is more about getting businesses etc to get people to log their visits. Like masked mandates in the United States, I would guess that this isn't about making sure that individuals who don't comply are dragged away by the cops.
Since your email address was also a part of getting into your bank account, now you've got a problem of getting your money, too.
There must be a billion ways to implement account deletion without this happening. The first one that comes to mind is giving the user 6 months of email-only access (so they can move to a webmail provider who will tolerate them).
At any rate, the root cause is that Gmail, the world's largest webmail service, is affiliated with the world's largest search engine and the world's largest repository of video. Never mind this essay about social media, the connection between these three services is a ridiculous, dangerous thing.
Yea, the multiple uses of a single account strikes me as the bigger issue here. Why would my email access by tied to my ability to comment on a video sharing website? Same issue as Oculus requiring a facebook account.
I disagree, it’s the tying of your email address to a provider. If your email goes to “first@lastname.com”, then a quick MX change side steps a Google ban trivially.
But if your email address is “name@provider.com”, you’re kind of screwed.
Now the problem is making the acquisition, setup and maintenance of personal domain names and mapping to an email account something the average literate adult can manage.
…and chuckling ruefully as I recall walking recent college grads who are far better devs than I am through what needed to happen for SendGrid to actually work for one of their project, having to start with “what is an MX record?” and “where is that controlled?”
Governments all over the world use email nowadays for all kinds of their own services, but which country offers free email to all their citizens? What about social networking or search? State broadcasters have existed for decades, yet nothing exists as fallback from big tech.
Would you want to use an email account provided by your government?
State broadcasters are a good point, but we tend to claim they aren't really "by the state" but "by the public", and thus independent from the state. Countries that don't do that (e.g. Russia, China) have invested heavily to have their local versions of Google, Facebook & friends.
Estonia gives a government email address to its citizens. I use it for some real world services, especially related to government. I kind of regret it, because the address is now inundated with spam. Apparently some of these services made that information publicly available.
The other practical solution from "host yourself" is "maintain, in the long-term, multiple email accounts with multiple providers" so the blast radius of running afoul of one of these providers is curtailed. Fine advice, but in practice few people are willing to shoulder the inconvenience of doing it (and the bookkeeping to preserve it).
Ironically, this is one of those places where in the US, government intervention could help... Not with regulation, but with service provision. A ".citizen.us" account provided through a federal bureau could be constrained legally in ways that a private email account currently cannot and serve as an authorization provider for citizens who don't want to entrust their digital identity to a megacorporation.
> Of course another cohort of smug internet users will say: just self-host your email! Well, good luck getting your email deliverable if you're a Joe Schmoe and not one of the big players in the first place.
Or worse, what happens if you do that, but then your domain registrar or ISP decides to cancel you? Or Gmail decides to block messages to or from your server?
Yes, I have recently started to suspect that the trend may lead to "Possibly undesirable terms, expressions or ideas, false information, possible hate speech in your SMS texting: telephone number suspended".
Or, on a lighter side: "Our systems have detected that you address to your partners-in-fun inappropriately".
It's almost impossible to get full digital sovereignty with existing widely deployed Internet tooling. For the domain part, something like Handshake could give us full digital sovereignty, but more people need to use it in order to make it useful.
You’re not going to lose access to your bank accounts merely from losing an email address. At worse you’ll be inconvenienced for a day, and maybe not even that long because with a phone call and your SSN and account number, you can get anything you need done including a change of email address for your online banking.
Every financial or governmental institution is going to have some kind of failsafe for verifying you if you lose access to an email address.
If you’re worried about being put into a position that you’ll never have what you need to recover from a loss of an email address, then the onus is on you to make sure that doesn’t happen.
I know you had a larger argument you were articulating, but it was undermined by your example.
I share your general concern here, but this is not how email-based service logins work. Excluding account creation and password resets, third-party services don't require you to access your email every time you log into them. For the most part, the login process simply treats the address as an identifier.
The actual consequence of the scenario you describe would be logging in to each service and changing the email address associated with it. But the idea that you'd be locked out, especially from your money, is just not realistic.
My bank uses 2FA in which they send a pin to my email on login (I know it's not the most secure thing, but it is what is being used). Though if I lost access to my email, I can go to my bank branch with identification to get it changed in 2-3 business days - during which time I won't have access to a number of online banking services.
>Well, good luck getting your email deliverable if you're a Joe Schmoe
I would go further and say good luck self-hosting your email at all if you're a Joe Schmoe.
Being able to do that can't be expected of everyone, so for the individual (especially the individual reading hackernews) it might be a way around the problem - but it's not a solution.
Well, good luck setting up even a Joe Schmoe Email Services Company whose email is deliverable.
In the other HN thread about self-hosted email I've heard it essentially amounts to paying for racket protection so the big players don't "oops we accidentally blacklisted you, good luck trying to rectify that" you.
Self-hosting e-mail is exceptionally easy. I've been doing it for almost a year now without problems. In fact, it's easier than a service. I use https://nixos-mailserver.readthedocs.io/_/downloads/en/lates... and rent space in a data center, so to cloud IP space.
But expecting non-technical people to do it would be a nightmare, that I agree with.
A habit I picked up due to frequent computer system reinstalls (intentional and no): learn to be resilient to system failures. Know how to setup your system on a whim, and learn to forego too much pointless configuration, learn how to deal with doing the same takes on different OSes/distros.
I practise the same with email (and other coords): make sure changing them is easy, and do it occasionally to test if you've thought it through. Compartmentalize by having a number of adresses. You'll learn how to combine being lazy with being resilient, instead of just lazy and complacent. One email address at a company which you cannot hold accountable should not and in fact is not your identity. Prove to yourself it isn't and in that process learn how to deal with moving your identity (since that is how email is used nowadays).
Most bank accounts use a username rather than an email for logging in (at least for all of mine), and if you forget your password and don't have access to the email you can revert to the 1990s way of doing things seamlessly and call up the bank or even visit a branch.
On the other hand, I have a personal domain name that I’ve been using through (ironically) gmail for over a decade. It was set up before dkim and dmarc and I (stupidly) never implemented them. A few days ago I realized that some of my emails were being filtered to spam on Gmail (who knows for how long). While it was totally my fault for not acting sooner, your average user can’t be expected to deal with the hassle of using your own domain name, let alone self hosting.
Namecheap has a service called Private Email. If you bought your domain with Namecheap and pay for email they set MX records and all the dkim / dmarc stuff for you. It is quite easy and is pretty cheap. I am guessing other domain registrars have a similar feature.
Even if you use gmail for your domain’s email, you won’t lose your email address when google bans you. You will have to take an additional step of changing hosts to recover, but you aren’t stuck forever.
At least that’s what I tell myself to avoid doing the work of changing email hosts for my family’s domain.
I think that’s their point. They have the benefit of a custom domain and they pay a good provider to host it for them.
I self-host my email on a VPS and have been doing so for many many years. But for a startup that I am a part of, I said we buy mail hosting from Proton mail and so we did.
Probably eventually I will also begin hosting my personal mail with Proton mail because honestly the intermittent deliverability problems that I’ve been having through all these years with my self-hosted mail are a bit of an annoyance. Mostly it happens that I am marked as spam when mailing someone that has never sent mail to me yet. But I don’t send much email with that address anyways, mostly just receive, and rarely to new people, so it hasn’t been a priority.
For a while I was thinking of starting a paid email service of my own, but I just don’t think it’ll be worth the time to try and get into that market. But the idea was that if I was making money from it then I could spend the time to run such a service for many people and have employees to help me run it.
I wonder if government provided personal domains that you could point to popular providers of services using a simple control panel might be a good idea (they could be on a separate tld).
It's a pretty big stretch to generalize from your particular example, Google as a credential provider, to private internet firms altogether.
In the case of the Google login you're actually right. Once you get booted off it you'll have a problem. But this doesn't hold for all private firms. If you get kicked off Twitter you're just kicked off Twitter, it doesn't impact your ability to make payments or go about your day. Same for TikTok, whatever else have you.
There's a particular class of applications, identity and payment providers namely for which you can make a good case that they're infrastructure of sorts, but it doesn't really extend to the majority of digital services.
My email account is not part of my online banking authentication process, and I don't think there's an option to do so.
Though it seems the authentication process is not robustly secure anyway: a username & password combined with a personal question if it hasn't detected a login from your machine recently.
In my experience, the "they are a private company..." argument is quite often given as an ironic or sarcastic retort, pointing out a perceived inconsistency or hypocrisy, rather than a statement that "actually, the system works". More of a "by your own logic...".
Thank you for pointing this out. When a company also serves as a universal login system, who the hell gave them the right to block you from accessing those third party services because you did not comply with the rules on only THEIR system?!
> Still, the internet hivemind is raving that "it's not censorship if a private company is doing it", "they are a private company so they have a right to boot anyone off".
This is pretty disingenuous. Most of these arguments are about whether or not you can have a Twitter account, tying it to you losing a gmail account is to twist other people’s arguments around.
Because the consequences of losing access to Twitter and your personal email are different, and we should treat them differently?
Email is much closer to a phone than say, Twitter or FB. Losing the ability to post on Twitter is annoying, but losing your email can have devastating consequences that OP delineated.
Indeed, losing email would be worse, but the usual arguments to let Twitter ban whoever they want don't rely on the premise that getting banned from Twitter isn't that bad.
They absolutely do depend on the premise that getting banned from Twitter isn’t that bad. I’ve made this exact argument here many times before; Twitter doesn’t rise to the level of ubiquity and necessity for us to consider classifying it as a common carrier. Meanwhile I absolutely can see some argument for email getting such a classification.
Any time that we discuss whether or not the government should step in and curtail the actions of a private party, we are explicitly or implicitly balancing the harm of government interference against the harm that such a private action might cause.
Nowhere, but I wasn’t actually saying that you were talking about Twitter. Rather I’m saying that you’re taking an argument usually relevant to social media companies like Twitter, and using them in a new context in a way that’s closer to a straw man than anything else.
> Looks like you just spotted a right list of "trigger keywords" and launched a counterattack.
No, I saw an argument I normally make being represented in an unfair way, and wanted to express my disagreement. Your use of the pejorative “hive mind” did not help my perception. Nor, frankly, has this response.
Mother of bad takes... let's consider the two alternatives.
Every single example you name happens just the same under regulation / government bureaucracy. Replacing private services with government services or tight regulation of industry doesn't improve error rate nor incentives. Consider the three key differences:
1) When the regulators / the bureaucracy causes you trouble, it is legally and culturally considered your own fault - "you filled the form badly" or any other such. The error rate gets worse, if anything.
2) When the regulators / the bureaucracy causes you trouble, the media has little incentive to hound them persistently. Private companies buy advertising, and the media can push them until they do; conversely the government doesn't buy advertising, but instead can launch endless "lawfare" against journalists, thus making it rather unprofitable to hound them over - what legally and culturally is "your own fault" anyway. That's mis-aligned incentives.
3) There's no competing government to come to, unless you're willing to uproot your whole family and move abroad. And in particularly egregious cases even that is either illegal or made difficult and lengthy - hey, we're having a pandemic right now.
That we know and obsess over the mistakes and problems caused by private service providers is prim and proper - as it is thanks to the interest of journalists and aligned incentives. The same would largely pass unnoticed and at larger scale, under regulation / bureaucracy. So let's not go backwards, shall we?
The third option, un-coordinated / de-centralized services are technically feasible, but quite hard to successfully build for organizational & financial reasons. Presumably we will get there eventually.
Not at all: just like platforms "suspend" account and may un-suspend it at their discretion, the government arrests suspects and confiscates property for evidence. That it ends after a year or two is of no help - the business is ruined, the person's good name is ruined. At least with the private platforms online our fellow users give us the presumption of innocence after a "suspension". Conversely, having been arrested or indicted is a long-lasting blemish.
Government and regulated institutions have endless ways of denying service - whether by finding procedural errors or by stalling. Iron property of bureaucracy. For example: KYC and AML laws hurt small businesses at random, including countless PayPal drama stories.
Again the difference is in culture and in reporting: account "suspended" is often reported and perceived as unjust and raise understandable outrage (the egregious cases aside), while legal proceedings are usually reported and perceived as just and proper.
My point is, if we were to change the private platforms to strict regulation or outright government provided services, almost all suspensions would be reported and perceived as the user's own fault, and probably for the better of the society. Which puts the incentives of such supposed service-provider completely out of whack.
Case in point: a government-provided account would be suspended "for the duration of investigation into spreading misleading information about health/elections/finances/etc.", and reporters and people would largely shrug it off as "well that's for the better". Oh and trying to open an account with another government would raise all sorts of red flags, naturally.
Yes I have, but that's just one personal experience. My frustration with your proposal stems from the general trend of government monopoly making for sticky and byzantine bureaucracies.
For all the warts of private services, there's alternatives available, and the journalists & public opinion don't side with them by default - but rather with the user.
Wondering what kind of experience it is. I hope you're not one of the refugees on the Belarus/Poland border where both governments are pushing and shoving them around as if they were hot potatoes.
What you described above, about doing paperwork, has one trait: those government institutions live by the book and die by the book. A frustrated official may act against you as long as regulations permit him, but you can use just the same regulations against him right back. I mean if you live in a democracy, even a shitty one.
There are, though, no restraints whatsoever on what a private company may do, and entrusting them with that much of one's life is foolish. Because you don't even get to see the rulebook, like, ever. Employees reading your private messages daily? Well boo hoo, cry me a river, and it's probably in one of those ToS amendmends you agree to or else get booted out.
When this topic is applied at scale, I feel that the article is discussing "Tech giants don't want to recruit the people they need to handle customer support", with extra steps.
Tech scales cheaply. People do not.
The argument here, which I wholeheartedly support, is that people deserve transparency - we should know what happens to our data. The sum of human interactions, our actions as a group, our foibles, best natures and choices are sitting behind NDAs and firms that are essentially imperial, a state that no one wants.
Firms like the power, but not the cost. But any more equitable state will require legions of people to respond to all of those complaints raised in a day. Which costs money.
Making that information transparent, giving reasons, creating an appeals process (the santa clara principles) is expense.
I bet that no firm wants to, and if forced to do so, they will shift the costs to someone else. Either firms that treat all of those escalations as fodder to churn through or upsell, or to tax paying citizens.
Kafkaesque bureaucracy? If anyone is willing to take the other side of a bet, I'll bet that there is ONLY Kafkaesque bureaucracy here. Get more people, then you get more lopsided human bias influenced decisions. Get more automation, and then you have the current state of affairs - no nuance, no clarity and the unfeeling boot of an automaton on your account.
"Which KPI defined the fate of humanity? Appeals addressed per second"
Final point: In the real world, if you have open transparent rules, then it takes human time and physical action to appeal or tie up the system.
In a digital system, open and transparent rules mean that someone will eventually automate a way to tie up your appeals que at no cost. Ban the user? New account shows up in 10 seconds.
I have no idea how to address this last difference.
> Get more automation, and then you have the current state of affairs - no nuance, no clarity and the unfeeling boot of an automaton on your account.
You seem to be taking as given that they have to be making these decisions to boot people off. You can have all of the inexpensive automation and little customer support costs you want and it works just fine, as long as you don't try to enforce a Kafkaesque set of terms and conditions to begin with.
And then you end up with antisemitic child trafficking porn ring on your platform, people ( rightfully ) hate you for it, and there's legal trouble.
There have to be content rules. Once they're there, various interest groups ( advertisers, religious nuts, "concerned parents") will exercise pressure to add their "demons" in those rules.
> And then you end up with antisemitic child trafficking porn ring on your platform, people ( rightfully ) hate you for it, and there's legal trouble.
What legal trouble? Let's get precise.
> There have to be content rules.
No there don't. You receive a court order, you remove the illegal content. That doesn't require a lot of staff, or listening to "various interest groups".
If there's child porn on your website? I'm fairly certain that will bring legal trouble. The same way that torrent trackers were sued for "conspiring", "enabling", "accessory" to copyright violations.
> No there don't. You receive a court order, you remove the illegal content. That doesn't require a lot of staff, or listening to "various interest groups
Depending on your size, it can require some staff. Furthermore, once you get to a certain size, things can be forced - look at YouTube that had to settle and implement ContentID to appease copyright holders, or OnlyFans having to remove certain types of content due to pressure from payment providers.
Payment providers, advertisers, religious, lobbying groups will all try to pressure you once you're big enough.
Even Cloudflare with their very aggressively independent/free speech stance had to bow to the pressure and get rid of certain very unsavoury clients.
> Furthermore, once you get to a certain size, things can be forced - look at YouTube that had to settle and implement ContentID to appease copyright holders
All fairly automated systems. YouTube has since taken it much further though, and this is the questionable step.
> OnlyFans having to remove certain types of content due to pressure from payment providers.
Which suggests that payment providers should also be utilities. I actually thought this long before the recent uptick in censorship, even before they suspended Wikileaks' payment processing.
> Even Cloudflare with their very aggressively independent/free speech stance had to bow to the pressure and get rid of certain very unsavoury clients.
To me it just sounds like the business model won’t scale if you have to solve this problem.
I’m not sure why society has to solve it for the tech giants (advertising conglomerates) though. We should just say, via regulation, that it needs to be solved or we shut it down. Give them a reasonable amount of time to figure it out of course.
What magnifies this problem is that unrelated, offline companies are more and more frequently requiring you to use these tech products in order to do business. On United, you can't buy a drink on the airplane without installing an app (only available to serfs of the apple or google empires). You can't attend a Cubs game in Chicago, again, without an app (no physical tickets, before pandemic). You can't see a menu at a restaurant without a smartphone and personal internet connection. Order carryout only through an app, etc.
In some countries they refrain from it for heavy demographic component of the elderly. But if it was not for that, which some would call the small part in the issue: no cash etc.
I must presume that at that level of direct interaction the evidence of losing customers, and the accompanying insults, will be clear.
I also once wanted to go to the theatre to see a company I had been dreaming of seeing for decades. They only sold ticket online. I told them my insulting part, I used «dramatic irony, metaphor, bathos, puns, parody, litotes and satire [and] by a combination of violence and sarcasm» [M. Palin], I left, as duly.
It's all very well that a company can disable your account without any recourse but I would be interested in someone with deep enough pockets to take legal action against an organisation that actually posseses your property.
If a bank closed my account and wouldn't give me my money back and their "decision was final", I would be rightly outraged. I guess the problem is just the massive disparity between some Joe Schmo who cannot afford legal action and these multi-billion corporates who can actually afford to lose.
Oh, but those are not your money, strictly speaking: when you make a deposit, you surrender the legal title to the cash, and it becomes an asset of the bank. In turn, you get the right to cash withdrawal, as specified in the terms and conditions. But money itself, those now belong to the bank and the bank can do (and actually does) with them whatever it pleases, without needing your knowledge, or consent, or approval, or whatever.
> Oh, but those are not your money, strictly speaking: when you make a deposit, you surrender the legal title to the cash
You don't own the $10 cash bill in your pocket either. It's just a promissory note from the central bank.
When you deposit that $10 cash, you're not surrendering legal title, you're transferring liability. Switching from one third party to another.
Debating what that really means is where the discussion gets interesting. But rather philosophical. Pragmatically, you own money in a bank account the same way as you own it in cash.
Not at all wrong. What protects my (in the US) bank money isn't that I own the $10 the bank is holding for me; it's that the bank is FDIC-insured and if it's ever not able to satisfy our contract and give me my money back, the US government will step in and hand me my $10.
... and that $10 has value because the US government says it does, and people believe it (including international banks and other naton-states, which cram physical dollars into secure vaults as back-stops against the implosion of their domestic currencies).
That money is an asset under the control of the bank, sure. But you are willfully ignoring a key aspect of the terms and conditions: That when you ask to withdraw your deposit, the bank provides that money.
If you want to keep pulling on that thread, you will find it connect almost directly to the root problem of large-scale human organization:
Some people think that when you put your money in a bank it is incumbent on you (it is your personal responsibility, they may say) to ensure that that bank will not close and run away with your money and if they do it's your own fault and you got what you deserved.
Other people think that when you put your money in a bank, you should be able to trust a broad social contract that prevents your money from being stolen.
> But money itself, those now belong to the bank and the bank can do (and actually does) with them whatever it pleases, without needing your knowledge, or consent, or approval, or whatever.
Is this actually the situation in developed countries?
Depends on the country, of course. In Commonwealth (which includes the UK, Canada, Australia etc.) Foley v Hill (1848) still holds, which contains this absolutely lovely passage:
Money, when paid into a bank, ceases altogether to be the money of the principal; it is by then the money of the banker, who is bound to return an equivalent by paying a similar sum to that deposited with him when he is asked for it. The money paid into a banker’s is money known by the principal to be placed there for the purpose of being under the control of the banker; it is then the banker’s money; he is known to deal with it as his own; he makes what profit of it he can, which profit he retains to himself, paying back only the principal, according to the custom of bankers in some places, or the principal and a small rate of interest, according to the custom of bankers in other places. The money placed in custody of a banker is, to all intents and purposes, the money of the banker, to do with it as he pleases; he is guilty of no breach of trust in employing it; he is not answerable to the principal if he puts it into jeopardy, if he engages in a hazardous speculation; he is not bound to keep it or deal with it as the property of his principal; but he is, of course, answerable for the amount, because he has contracted, having received that money, to repay to the principal, when demanded, a sum equivalent to that paid into his hands. That has been the subject of discussion in various cases, and that has been established to be the relative situation of banker and customer, the banker is not an agent or factor, but he is a debtor.
Notice how completely different it is from lease of tangible property.
>Money, when paid into a bank, ceases altogether to be the money of the principal;
>but he is, of course, answerable for the amount, because he has contracted, having received that money, to repay to the principal, when demanded, a sum equivalent to that paid into his hands.
These are the two important parts.
The banker must pay back an amount equal to that which was deposited but is not required to return the literal cash. If you hand a banker a physical gold coin to deposit you have no reasonable expectation of receiving that exact individual gold coin upon withdrawal. But, you still get back a gold coin.
Legislation like the GDPR is a step in the right direction, by defining and enforcing your ownership over your own data. It seems like we need another similar legislation to define our rights when we license IP - e.g. so I can't just lose my Steam or Oculus game library.
Perhaps like cities traded franchises in exchange for access to digging up roads, we can trade franchises in exchange for access to privileged information. If you don't want to play by the rules, then please enjoy a total ban on storing PII or confidential data.
I sort of think that the right solution of like this is to force platforms to make a choice. Platforms like youtube or facebook should be allowed to choose to be common carriers - carrying all (or perhaps all legal) content without being responsible for that content.
Or they should be publishers, and treated like publishers - which means taking responsibility for what they publish.
I don't think the current regime, where the platforms act as publishers but don't take responsibility for what they publish is all that tenable.
Youtube is a platform that will host anyone's videos.
Youtube is a publisher that chooses which videos to display (and where to display them).
Are you essentially saying you would be satisfied if videos that violate Youtube's terms of service (without being illegal) were only available by special direct link and rendered on a page containing no "related" videos?
That way Youtube as a platform will still host any legal video uploaded by anyone regardless of it's content while Youtube as a publisher does not publish anything that goes against their terms of service.
I don't see a problem with forcing companies to pick a lane. If YT wants to publish its own content split it out into YouTube Publishing Inc., and the platform treats it like any other content.
This is the type of thing people mean when they say "legislation has not caught up to technology".
Where do you define the boundaries? How do you enforce it? If the boundary is "Platforms host video. Publishers distribute video.", who is going to make sure they every video sent through YouTubeThePublisher.com is loaded from some other domain that is not controlled by YouTubeThePublisher.
I agree we need some kind of regulation to foster a healthier competitive environment but it is a complex problem that lacks a single simple solution.
> This isn't true? They don't host porn and many other things, so they aren't a common carrier.
This is a reductionist gotcha? YouTube is obviously the de facto english-language video host on the internet. That position is weakening now vs TikTok and Facebook/Instagram.
Porn is a good example of the overlap between platform/publisher and how the publisher keeping it off the platform has allowed competition to exist in that niche. That could probably form the basis for a strong argument in favor of an enforced separation of hosting and publishing.
I don't think you understood the post you responded to. The point was that if they were a common carrier then they would not censor anything that isn't illegal. They censor a lot.
The game is all about controlling users, gaining rights in a standard take-it-or-leave-it "bargain." These companies rarely sell you anything just for revenue. It's always a play to aggregate data, aggregate users, create network effects and dominate their emergent properties.
There's usually no value to data, for example, unless its aggregated. I think consumers might need to "unionize^" in some fashion. It may not resemble a trade union at all, but consumer rights, increasingly, resemble labour rights issues.
.
Youtube is a great example. There are multiple classes of users/consumers: watchers, youtubers, advertisers. All of them are completely expendable, and youtube's relationship with all of them is 100% take-it-or-leave it. No one is important enough to speak to the boss.
It's actually not hard to see how youtubers would unionize. It might even resembles a labour union quite a lot. If enough youtubers users strike, for example...
Advertisers I dunno. In some industries/segments, adwords and FB are basically a tax. The norm is spending >10% of your gross on advertising. OTH... it's hard to see them being a factor.
I don't even have a mental model of how an organized usership might look, but data aggregation probably needs to be a part of it.
Moderation decisions should be transparent, rules-based, and follow basic due process principles.
That is not so far from what we have already and it is a spectacular failure! No, moderation decisions should be transparently arbitrary (as opposed to rules-based), and offer no 'due process' whatsoever.
I would prefer a social media ecosystem with dozens of players and a philosophy more like this:
Remember you are a guest on our server; we can kick you off if we think you're a liability to our reputation; and if we do kick you off, you won't be getting any months-long court of appeals because we owe you nothing but an archive of your data. Don't be an idiot.
> That is not so far from what we have already and it is a spectacular failure!
We have nothing like a transparent, rules-based system based on basic due process. The rules are vague and broad, the transparency is basically nil, and due process does not exist at all.
People are banned and then rules are invented post-hoc to justify them, there is no discovery, and corporations have total authority to do as they please without restriction. In what non-authoritarian country does this resemble anything like a legal system?
Twitter, FB, etc still try to do rule-based moderation. Sometimes they later discover there's problem content that the rules don't cover.
They still think they need to do (corporate) soul-searching and provide justifications to the public when they moderate. Since the way they moderate is awful, they often lie or reverse course when doing so.
They still have these complicated appeals boards and processes. But since it's absurd to have some committee deliberating about most 'tweets' these processes are slow or seldom-used.
So I consider what they do 'not so far' from what the essay recommends because it's the same paradigm, just terribly implemented.
My opinion is that it's not desirable, and maybe impossible, to implement moderation well using this paradigm.
If a guy walks into a hotel and takes a crap in the lobby, the hotel doesn't check a flowchart before kicking him out; the hotel doesn't need any justification aside from 'he defecated in the lobby', and if the guy petitions the hotel to crap - on a later occasion - in the lobby again, the hotel won't assemble a committee to tell him 'no'
The hotel can't keep the guys belongings in that case.
When your business transaction is fleeting, you can handle exceptions easily. You can just stop selling coffee to the guy who refuses to pay or makes rude comments.
On the other hand, you can't kick out a tenant because they are rude or even if they shit on the floor. You have to go through a process that has external, third party controls. The tenant is allowed to retrieve their property. You can't prevent the tenant from being rented to again.
Google, Facebook and co are basically digital landlords. The tenants get rights too.
I do agree these companies have an obligation to provide a user with the data he or she creates. We might disagree over how far that goes. Personally I think they just owe the user a zip archive.
My hotel analogy probably complicated things. The main problem I have with moderation on social media is that I think moderation is necessary (to keep the world relatively sane) but also impossible to implement objectively. So it's better to embrace the subjectivity than to obfuscate it with flowcharts and procedures.
Yeah I agree that I don't think any platform is going to be objective, and I think a lot of users also don't want strictly objective moderators.
One of the reasons I want the fediverse to do well is because it can solve this case. Your local instance can be moderated as you desire - heavy handedly or barely at all - and you can still communicate with other folks.
However, we do need some kind of user rights to enable platform migrating. Something like mobile phone carriers where they have to unlock your phone and let you port your number. Social media companies need to let your identity and data be portable.
> Twitter, FB, etc still try to do rule-based moderation. Sometimes they later discover there's problem content that the rules don't cover.
Ex post facto laws are prohibited, ie. retroactively make something a crime and then charge people for breaking that law. This is something Twitter et all do all the time. The law is rules-based, and something like that is what this article is recommending. Whatever Twitter et al are doing is not that.
We can take a cynical guess at what they're doing though: negative PR minimization. Negative PR is proportional to the size of the mob that's upset about it, so this ultimately reduces to mob rule. The law is intended to eliminate mob rule.
> They still have these complicated appeals boards and processes.
Their appeals process is not complicated. It's "my word goes, so you'll take my judgment and like it; you have no representation or say in these decisions, and I'm not going to tell you what rule you broke or specifically how you broke that rule; I can in fact change any rule arbitrarily so that you are ex post facto guilty, and there's nothing you can do about it, but we're going to be performative about abiding to 'rules' to project the illusion of impartiality and fairness, unless of course the rules inconvenience us". There are countless examples of this.
Governments also try these tactics from time to time, but with the separation of powers they are often smacked back in line by the courts. Do you see a comparable separation of powers in these corporations?
> So I consider what they do 'not so far' from what the essay recommends because it's the same paradigm, just terribly implemented.
I disagree. It's not the same paradigm because the principles and processes at play are not remotely the same. These companies are acting on the principle maximizing their profitability, which I think leads to the negative PR minimization principle, which ultimately reduces to a form of mob rule. This is often the opposite of fair and just, and this article is about requiring these corporations to legally uphold other principles to re-align their incentives for fairer outcomes.
We need public utility alternatives to FAANG. Everyone deserves an email address that can't be taken away from them just as much as they deserve a mailing address.
> Losing your cloud account can cost you decades of your family photos. Losing access to your media account can cost you access to thousands of dollars’ worth of music, movies, audiobooks and ebooks. Losing your IoT account can render your whole home uninhabitable, freezing the door locks while bricking your thermostat, burglar alarm and security cameras.
I keep all my personal data on my local machine, which I periodically back up to an external hard drive. My music library is a collection of raw audio files in my "Music" folder, which I play with Windows Media Player or VLC Media Player when WMP can't handle the format. I don't rely on a third party. Same with everything else. I don't use any Internet of Things device, and never intend to.
I also don't use any Facebook or Apple product or service. If the major tech companies failed overnight, I would lose the ability to discover new music through YouTube, but my life wouldn't be affected otherwise.
I do a amazon glacier for most important data. but then I do have other cloud storage besides my home NAS. that said I wouldn't lose any sleep if all the FAANGs were to go offline for a while.
Yes, you do that... but many Average Joes and Aunt Marges don't... they buy a phone, click the default settings, and their data gets sent to the cloud... when the storage on the phone is used up, the phone recommends deleting old, backed up photos, and they click yes. Then they argue about trump/vaccines/... whatever, and get banned, and lose everything.
EFF points to DRM as a driver of vendor lock-in. I would point to opaque, often proprietary standards for dynamic, user-hostile data formats. Word processing documents come to mind. DOCX and DOC never have been fully cross-vendor compatible as far as I can tell. And the leading word processor doesn't transparently support a format that is. The situation is improper it's an anti-social moat for the dominant software vendor to construct.
Actually it was adsense pubilshers and paypal customers who felt the burn first. They 'll be feeling some schadenfreude that their desperation is now everyone's
Am I the only one who doesnt use cloud services/iot for these very reasons? Never felt “right” handing all my personal photos and messages to Apple or M$, and owning an appliance or gadget that’s connected to the big bad internet just seems like a privacy violation waiting to happen.
Facebook,amazon, twitter, youtube and google are free/cheap to hundreds of millions of users. If they started offering the same customer service that utilities, offer presumably prices would have to go up a lot? My solution: get off google and other platforms. I use proton mail. Use duckduckgo (even though it may not be as good as google at finding things). use Instagram (which although owned by Facebook is not as heavily censored). Use substack instead of blogger. Also, do not question the official media narrative about covid or the 2020 election. Doing that will get your accounts killed fast. make sure your covid and vaccine posts are compliant with the CDC and WHO
I spend too much time thinking about and tweaking my digital life on platforms.
I am a long time paying customer for all of Proton Mail's services, and sometimes I assign my domain to Proton Mail. Sometimes, when I will be doing lots of traveling, I instead use a secure forwarding service to send everything to Gmail because I like calendar integration, etc. better. Speaking of Google: I let them permanently track my activity on GCP (a service that I love), Google Play Books + Movies; I let them keep usage data on YouTube for 3 months; everything else I configure for keeping no data.
Re: losing data when leaving a platform: I have never even thought of backing up my data from Twitter or Facebook because my posts have little meaning except for advertising new versions of my books and sharing cool tech papers, etc. that I discover. No need to archive any of that. When I go swimming in the nearby Verde River, I can enjoy swimming through the water without wanting to save any. Same applies for social media.
BTW, a great way to control use of social media and other platforms is to use the https://freedom.to service. Very inexpensive, easy to configure, and is very effective for thoughtful time management.
EDIT: I do fairly frequent backups of Gmail and ProtonMail, and keep local copies of my GitHub repos on multiple computers. My iPhone pictures go automatically to iCloud, Microsoft OneDrive, and Google Photos - funny that my life history in photos is to me the most important thing to backup.
Rights have to be regulated in to existence or actively fought for. These days the populace is so zoned out on Tiktok and home delivery the chances of a popular movement are precisely zero unless it's toward a new TV serial.
I appreciate the EFF putting together some concrete proposals for changing the status quo. This is the necessary next step to merely identifying the existence of the problem that it seems like most channels I see rarely get past.
Most of the problems mentioned can be solved with a little bit of teaching - teach these "average users" how to get their data (email, photos, etc) backed up in a usable way and use a personal domain name as their email address, and most of these problems go away.
I believe you're underestimating just how poor the "average user"s understanding is of what's going on in "their" computers... they literally have no concept of "where" their photos/email/etc. is stored or backed up: in the cloud, on device, synchronised,... it's just a single black box. They literally have NO mental model of that.
A personal domain? They have no idea how to do that, no understanding of why you'd want to do that outside of "marketing reasons" (which don't apply to the vast majority,) wouldn't know what to do with one should they obtain one, and would not be capable of managing said domain once they have it.
Don't believe me? Go and look at an ordinary user's email inbox. ALL the emails they've ever sent/received are sitting there. Filing/folders? They've no idea what those are or how to use them. If an email makes it into a folder (by mistake: fat-fingered or a misclick of the mouse) it's GONE for them. Literally no idea that it might still be around, and still less notion of how to go looking for it. So every email ever sits "safely" in the inbox and "search" is a linear eyeball scan by date.
I little teaching? I believe not. A lot of teaching? Perhaps. Might have some small effect, and even then you'll not get through to a large minority. This is not intended to dis those people or imply that they're stupid -- far from it -- just that they've never developed/been taught the mental skills these sorts of abstractions demand, and there's no way to make that happen at scale. It's a massive, persistent, pervasive UI/UX failure, and a pisspoor reflection on our "industry"s priorities.
> I believe you're underestimating just how poor the "average user"s understanding is of what's going on in "their" computers... they literally have no concept of "where" their photos/email/etc. is stored or backed up: in the cloud, on device, synchronised,... it's just a single black box. They literally have NO mental model of that.
It's probably something that should be taught in schools, early-on, when people have the neurological flexibility to absorb it. Sure, the technology will change after you get out of school, but I'm pretty damn old, and filesystems and the client/server model haven't changed a whole lot since I was in middle school. When I was in school, they didn't really have computer classes, and I think the generation after me basically got "how to use Microsoft Word", when what we all really needed was education in the fundamentals.
Cory Doctorow has been in the slippery slope warning business for a solid twenty-five years now, but has he ever been right about, well, anything? None of his old predictions stand up. Did DRM silence journalism around the world, or did it simply stop few people from ripping movies, which are objectively now more widely available to more people than ever? Did digital rectal thermometers lead to a massive government database of, uh, rectal temperatures? No? Why does anyone take this guy seriously? He runs this online doom and gloom business to flog his dystopian fiction novels!
I like Cory Doctorow quite a bit, but he's wrong a lot of the time. His views suffer from a combination of two flaws: 'magical group-think' might describe them. Despite this, his tech opinions are worthwhile because he keeps his finger on the pulse, and even his bad takes are representative of a large number of people in tech.
I used to think he had some points, and for that matter I used to belong to the EFF before I got fed up with them, but after I saw him speak in San Francisco about the dangers of digital rectal thermometers, that was the moment when I realized that this is just a crank.
> after I saw him speak in San Francisco about the dangers of digital rectal thermometers, that was the moment when I realized that this is just a crank.
While that's a funny example, it is hard to draw a sharp distinction between various categories of medical devices that range from CPAP machines to pacemakers to continuous glucose monitors, all the way up to MRIs and external beam therapy devices.
Ultimately, if you own a device -- and it is hard to argue that you don't own something that is attached to, or implanted in, your body -- a whole set of rights should apply to your ability to inspect and control the associated data, hardware, and software. Any rule that excludes the manufacturer of a digital rectal thermometer from requirements to honor those rights becomes a huge loophole that will be exploited ruthlessly.
Since there is no rule that says a device manufacturer has to disclose the code to anyone (not even to the FDA) in the first place, there is no need for a loophole. Device manufacturers largely keep their code secret (and yes, in a few cases where such code has had to be disclosed anyway because of a lawsuit or the like, it has been shown to be pretty crappy).
So, I'm saying that if code disclosure and the like (ala Right to Repair, etc.) was required, but some subset of devices was exempt, manufacturers would do their best to cram their devices into the exempt category.
So, you have an email address at Gmail which you're using to authenticate everywhere, which is your username at most services, and possibly your main point of contact.
Then you mention something innocuous, I don't know, a cucumber maybe, on YouTube in a comment, and now your account is gone because apparently cucumbers are a part of some neo-nazi slang or a secret pedophile ring slang, and you got reported into oblivion.
Since your email address was also a part of getting into your bank account, now you've got a problem of getting your money, too.
The hoops you have now to jump are worse than changing spelling of your legal name or changing the fucking citizenship.
Still, the internet hivemind is raving that "it's not censorship if a private company is doing it", "they are a private company so they have a right to boot anyone off".
Of course another cohort of smug internet users will say: just self-host your email! Well, good luck getting your email deliverable if you're a Joe Schmoe and not one of the big players in the first place.
The big companies pulled the blanket so much that without using their services, you may as well not exist on the internet. They've made it extremely difficult, at least. They got, in some sense, bigger than many individual governments in regulating information channels. And yet they dodge all responsibility on the premise of being "private companies".
What a wonderful world to be living in.