Cloud services like Facebook and Gmail might be “free,” but they carry an immense social cost, threatening the privacy and freedom of people who are too willing to trade it away for a perceived convenience, according to Eben Moglen, a Columbia University law professor and founder of the Software Freedom Law Center.
On Friday, Moglen was the guest speaker at a seminar at New York University that was sponsored by local technology organizations. Moglen criticized the hierarchical nature of the Web today, and called for a return to peer-to-peer communications.
“The underlying architecture of the Net is meant to be about peerage,” Moglen said. “…There was nothing on the technical side to prevent it, but there was a software problem.”
The client/server architecture has been locked in over the past two decades by Microsoft Windows, Moglen claimed. “Servers were given a lot of power, and clients had very little.”
Control has been moved even further away from the client (people) by cloud services, which can be physically located anywhere in the world where the provider chooses to operate, Moglen said. Privacy laws vary widely from country to country.
There was no discussion of social consequences on the part of computer sciences as they created technologies that comprise the Web, Moglen said. “The architecture is begging to be misused.” Cloud providers are the biggest offenders, in Moglen’s view.
Privacy Obscured by Clouds
Cloud-based services range from simple offerings that could easily be duplicated to complex services that require clusters of computation and are administratively complex, Moglen added.
That affords providers a level of control that enables them to remain one step ahead of laws and regulations that meant to safeguard privacy, Moglen said. All server logs belong to the platform and service provider, he added.
Consequently, the public (and government) has lost ability to use legal regulation or to leverage the physical architecture of the network to prevent abuse when a cloud provider that might “fall from innocence,” Moglen said. He considers Facebook to be one of those bad actors.
Facebook, Moglen quipped, has turned into a “structure for denigrating the integrity of human integrity.” Joking aside, he called it a poor deal for users who receive a smattering of Web hosting, “PHP doodads,” and “all the spying that you can get for free all the time… It’s grossly overpriced.”
“The human race is susceptible to harm,” Moglen said. “[Facebook founder Mark Zuckerberg] has the distinction of having done more harm to the human race than anyone else his age.”
Facebook has recently taken steps to improve its privacy policies, and to give its users more rights to determine what other users and third party applications may see about them.
“Facebook knows who is going to have a love affair before we do,” Moglen said. Through accessing server logs, it can see whom “obsessively checks profiles,” he explained. People may also be telling others more about themselves than they realize.
In a dramatic example of that notion, a group of graduate students working with Moglen were able to use data from Facebook to identify homosexuals by examining their social mesh, pictures, and other information posted to the site.
“It’s not what they had in mind, and it’s not what we had in mind for them,” Moglen said. The biggest privacy problem, he noted, may be that people do not realize what is and isn’t discoverable about them.
Regardless of what steps Facebook has taken to address privacy concerns, Moglen believes that its business model is itself misuse. “It’s bad; it should be obsolete–not illegal. We are technologists, and we should fix it,” he told attendees.
The underlying social process that forces Facebook along is nothing more than perceived convenience, Moglen said. “Convenience is said to dictate you need Facebook in return to spying all the time, because web servers are so terrible to run.”
The “Freedom Box”
Running our own servers and keeping our logs is the solution to the problem, Moglen said. He proposed creating a “freedom box” device that is pocket-sized and portable, with a built-in Web server.
“If someone wants to know what is happening on your server, they can get a search warrant,” Moglen said. “Your home is your castle, and the place where your fourth amendment rights sort of exist…when the Supreme Court is not in session.”
The freedom box would come pre-loaded with social networking software, use dynamic DNS, and replicate itself on trusted peers so that users still maintain a permanent online presence, Moglen explained. Existing open-source software would be up to the task, he suggested.
Moglen pitched a business model for the freedom box: end users pay $29.99 for a lifetime of use, get “great social networking,” “strong software,” and “no spying for free.” The idea is to create an economy of scale with many hundreds of thousands of users.
Attendees at the event seemed skeptical about the freedom box concept–their questions about it ranged from issues surrounding configuration and maintenance, and ISPs terms and use, to the perceived difficulty of building distributed systems. Me, I’m intrigued by the idea of the freedom box in theory, but I’m not convinced that it could easily become a viable alternative to Facebook. Why? Because, “all my friends use it,” and people may not understand the value of peer-to-peer computing.