Slashdot Mirror
Tim Berners-Lee Talks About India's Recent Push To Data Localization, Proposed Compromise of End-to-End Encryption, and Frequent Internet Shutdowns (medianama.com)
On the occasion of the web's 30th anniversary, its creator, Tim Berners-Lee, has given some interviews and shared his thoughts on some challenges that the web faces today. He spoke with Medianama, an Indian outlet, on some of the relatively unique challenges that the government over there has been pushing lately. Some of these challenges include government's push to have Silicon Valley companies store data of Indians in India itself; a nudge to WhatsApp to put an end to its encryption (On a side note: The Australian government recently passed a law to do this exact thing); and frequent shutdowns in the nation.
On data localisation and data as a national resource : That's one of the things that the Web Foundation has always been concerned about: the balkanisation of the Internet. If you want to balkanise it, that's a pretty darn effective way of doing it. If you say that Indian people's data can't be stored outside India, that means that when you start a social network which will be accessed by people all over the world, that means that you will have to start 152 different companies all over the world. It's a barrier to entry. Facebook can do that. Google can do that.
When an Indian company does it, and you'll end up with an Indian company that serves only Indian users. When people go abroad, they won't be able to keep track of their friends at home. The whole wonderful open web of knowledge, academic and political discussions would be divided into country groups and cultural groups, so there will be a massive loss of richness to the web.
On Internet shutdowns : It is a very real problem. A lot of the concept of the web is about trying to build a world in which people naturally spend more time working towards the truth than working towards exchanging conspiracy theories. Asking the platforms -- so I know then when discussions on social media has led to genocide, the platforms have felt responsible and looked towards what they want to do, and governments have wanted to pressure social media companies. I know the British government wanted to pressure the social media to try to suppress material by people trying to radicalise terrorists. To start with, shutting down the Internet is not the solution. The solution is, we need to talk about where the border is between hate speech and free speech.
[...] Another problem is when all these conspiracy theories have been created very cleverly by political or commercial or criminal organisations. That is a part of cybersecurity. That is an outright deliberate attack, and cybersecurity is about attacks on the democratic processes, and can cause rioting and death. These are important cybersecurity issues. When the government wants to have processes to take things down, obviously the first suspicion is that the government is going to do that in order to stifle its opposition, and not to fight crime. That's our experience looking at the world.
Shutting down the Internet as a whole is very destructive to the economy. It's very destructive to the constructive discussion about what should happen. In a way, it is a last resort option by the government, I think, indicating that the government is too weak. Censorship in general I think is an indication of the weakness of the government. A strong government is one which can allow people to criticise it. A strong government allows open debate, and becomes stronger in their commitment to involve the population fairly. When governments win the trust of the public, they will become more capable of leading them.
On end-to end encryption : Personally, I've always thought that end to end encryption is crucial, but recently if you can point to the incident of it being a component of a genocidal wave, then it's a concern. One of the things that social networks can look at is looking at metadata. The text of people's messages, most of the time, is very private. If the police can, using the appropriate judicial system, ask to get the metadata to see who's talked to who, that's provided traditionally for phone records and so on, that has been a very very powerful tool. When you look at the some of the hacks that have been done, like the Russians hacking the Trump Election, there's a trail of breadcrumbs, and you can see what happened. You can learn to do this before the critical thing happens.
My suggestion is to establish good legal grounds for getting metadata and use the metadata, because you can draw the social graph of these people, and even though you can't read the message, you can see from the time patterns, and geographical patterns of the clustering of the communication, you can build machines which will flag things which are suspicious. And then you don't have to un-encrypt the messages. You do have to be able to expose the identity of the people with appropriate legal due process.
On data localisation and data as a national resource : That's one of the things that the Web Foundation has always been concerned about: the balkanisation of the Internet. If you want to balkanise it, that's a pretty darn effective way of doing it. If you say that Indian people's data can't be stored outside India, that means that when you start a social network which will be accessed by people all over the world, that means that you will have to start 152 different companies all over the world. It's a barrier to entry. Facebook can do that. Google can do that.
When an Indian company does it, and you'll end up with an Indian company that serves only Indian users. When people go abroad, they won't be able to keep track of their friends at home. The whole wonderful open web of knowledge, academic and political discussions would be divided into country groups and cultural groups, so there will be a massive loss of richness to the web.
On Internet shutdowns : It is a very real problem. A lot of the concept of the web is about trying to build a world in which people naturally spend more time working towards the truth than working towards exchanging conspiracy theories. Asking the platforms -- so I know then when discussions on social media has led to genocide, the platforms have felt responsible and looked towards what they want to do, and governments have wanted to pressure social media companies. I know the British government wanted to pressure the social media to try to suppress material by people trying to radicalise terrorists. To start with, shutting down the Internet is not the solution. The solution is, we need to talk about where the border is between hate speech and free speech.
[...] Another problem is when all these conspiracy theories have been created very cleverly by political or commercial or criminal organisations. That is a part of cybersecurity. That is an outright deliberate attack, and cybersecurity is about attacks on the democratic processes, and can cause rioting and death. These are important cybersecurity issues. When the government wants to have processes to take things down, obviously the first suspicion is that the government is going to do that in order to stifle its opposition, and not to fight crime. That's our experience looking at the world.
Shutting down the Internet as a whole is very destructive to the economy. It's very destructive to the constructive discussion about what should happen. In a way, it is a last resort option by the government, I think, indicating that the government is too weak. Censorship in general I think is an indication of the weakness of the government. A strong government is one which can allow people to criticise it. A strong government allows open debate, and becomes stronger in their commitment to involve the population fairly. When governments win the trust of the public, they will become more capable of leading them.
On end-to end encryption : Personally, I've always thought that end to end encryption is crucial, but recently if you can point to the incident of it being a component of a genocidal wave, then it's a concern. One of the things that social networks can look at is looking at metadata. The text of people's messages, most of the time, is very private. If the police can, using the appropriate judicial system, ask to get the metadata to see who's talked to who, that's provided traditionally for phone records and so on, that has been a very very powerful tool. When you look at the some of the hacks that have been done, like the Russians hacking the Trump Election, there's a trail of breadcrumbs, and you can see what happened. You can learn to do this before the critical thing happens.
My suggestion is to establish good legal grounds for getting metadata and use the metadata, because you can draw the social graph of these people, and even though you can't read the message, you can see from the time patterns, and geographical patterns of the clustering of the communication, you can build machines which will flag things which are suspicious. And then you don't have to un-encrypt the messages. You do have to be able to expose the identity of the people with appropriate legal due process.
From the moment Berners-Lee endorsed DRM in HTML, it was clear to me that he had lost all relevance forever.
I'm in the process of moving out all "mass social networks/surveillance" (FB, Twitter, Google, ...) off my personal life. I pay Fastmail to host my own email domain (I don't want to maintain an email server). I'm going to be part of the Fediverse. I have an hosted VPS where I'm about to install my Matrix node, my ActivityPub servers (Mastodon, Pleroma, PeerTube, PixlFeed, ...)... I'll host MY data and share what I want with who I want.
I know not everyone can do it but you can use one of many nodes available and create an account on it. There is thousands of it built by community interest : developers, art, music, (left | right | top | bottom) wings politics, family groups, ... If you don't want to host yourself, you have choice.
Will $CURRENT_YEAR be the year of the Linux Desktop?