I'd like to talk about the notion of application Freedom it seems to me this is our best clearest path to how to kind of fix the internet make the internet like good for people again um and let me just be clear I think the internet is great it has so many things that we love from the from Global culture to direct collaborative systems um I mean the value of Wikipedia is unbelievable we get these uh open education initiatives like crash course the value of GitHub is off the charts of course when problems happen it's great and disaster relief um you've seen it expose corruption and uh you know during the pandemic remote collaboration was amazing it was before two and after since but just that sort of the fact that we could we could suddenly Move online and things basically kept working through so much of society and around the world it's as an engine for economic growth it's uh amazing so so that's all given let's accept that well I think we all know it has enormous potential and is is doing really good things even now but also that the internet is is pretty bad um it has you know this is just kind of the list of things that came to my mind I don't know if there's an objective list uh unfair bands like the other day one of my videos of my kids was taken down for no discernible reason and and that happens you know that's just why it's on the top of my mind but so many times people talk about really unfair ways uh the judgments are made that are a problem to them and a problem to society uh on the flip side of that it also can Empower people doing considerable harm to the world uh things that are not banned that that maybe should be because they're harming people it's a huge engine for surveillance um both uh sort of capitalist surveillance capitalism I'm doing it for money and for government and other control reasons um there's corrupt algorithmic bias we see this with feed algorithms all the time like being tuned for not they don't say outrage but it announced to that which is probably driving the division in society there's all sorts of dark patterns parts of applications that uh you don't want the as the user but the application developers put there because it makes them more money or achieves other ends um and something some lots of people have mentioned when I bring this up is they really don't like it when the user interface changes uh without you know it doesn't give them anything they want but still things change under them and that's a very disquieting feeling and similarly policies can change in ways that are very unpleasant um I think all of these reflect a kind of underlying problem each application is its own Community its own database it has its own policies effectively it has its own police sort of metaphorically we can say each one is its own kingdom and it's got these walls between the kingdoms um well you're kind of Trapped so this this comes from an underlying problem um a sort of vendor lock-in that comes from social Computing when you have people using the computers to interact with each other that's social Computing and let's take an example of a lot of people have wanted to move away from Twitter either before or after the recent acquisition and it's very hard to do that because if you switch from Twitter to some other system that has all the same features the same even this if it were exactly the same software you would lose your feed you know all the interesting things you see every day you'd lose all the followers you work to achieve you'd lose everything you ever posted you lose all the conversations the back and forth the interactions you'd lose your effect of training the algorithm which is part of why you got the good feed and and sort of at a human level you would lose your community and and who wants to do that I mean sometimes it's worth it you move somewhere else and start over but that is not a trivial thing to do so the lock-in of social Computing is a significant problem and so I'm defining the opposite of that as app freedom uh you should just be able to switch apps if you you know let's say you like one salad dressing uh maybe you use that every day for the rest of your life every time you have salad uh fine that's your choice but there's no real problem with switching another one if you want to try five other brands that is not an issue similarly you should be able to try five different Twitter clones in a day see what they're like but keep all the same history the same state the same interactions so you're not really losing anything and other people don't even notice like their interaction with you should be the same like nobody cares which salad dressing you use nobody should care Which social media platforms you use it doesn't affect them versus right now we're totally the opposite so as you switch different um competing apps you could easily have a different user interface different algorithms and there might be different policies and restrictions and features and in some cases those won't line up perfectly and that's okay but then that's that's sort of what you're aiming at with that app so you get to make those decisions but as soon as it becomes a lock-in then we have a problem and I'm just using Twitter as an example because it's very familiar but this applies to so many different applications I sort of think of it like if it ever bugs you if you don't love it if it bugs you and you haven't switched then you're locked in um so here's uh just some of the you know very recently read it has been having one of these little rebellions where people like we're gonna leave but they don't usually because of this this lock-in um YouTube has had many of these over the years uh yeah lots of lots of different apps you've probably had that experience many times yourself so ad freedom is the idea that users can move seamlessly between competing apps and this involves the data being under the control of the user not the app and relationships are part of the data so they move with you or or stay with you competing apps can interoperate so I'm using one you're using a different one or I'm using them in using two different ones in two different windows or on two different devices and it all works the same um communities have to cooperate for safety we'll get into this a lot more because uh there's no police force across all of these apps so how do you get safety um and in the end we got a competitive market for apps and for hosting so let's return to that list of uh problems I mentioned earlier and see how those might get solved without freedom in the case of unfair Bans um because the apps would have no power to ban things or you could move to another app and get it there um uh users pick their own host and that is is where the policies are and since they can pick one if they don't if they get banned they can move to another host in general obviously there are limits to that um like for blatantly illegal activity they'd have a hard time finding a host that would allow that uh for empowering harms we have this community defense that again I'll talk about more later for surveillance uh we can change the incentive structure here surveillance capitalism doesn't really work uh very well in in an app freedom world so and you can pick hosts that um have the policies you like and and are in the jurisdictions you like doesn't necessarily uh I'm not trying the sidestep law enforcement surveillance I think that's actually often a good thing um there's some balance there though and getting rid of uh corporate surveillance seems like a good plan um for algorithmic corruption big change there because users pick their own apps they can pick their own algorithms within those apps again dark patterns hopefully go away because dark patterns feel bad and as soon as the app makes you feel bad you switch to a different one just like a salad dressing suddenly targeted tasting bad to you you just switched to a different one um for unwanted UI changes again you use the one you feel like using no problem for unwanted policy changes you pick your app and you pick your host so hopefully you can find ones that have policies you like and don't change when you don't want them to so that's the idea of app freedom and I've set up at freedom.org doesn't have much content yet hopefully it will at some point kind of a rendezvous spot and just to sort of Define that you know our freedom is there the ability to move easily between competing apps keeping all your data and connections so that's the first part here I've sort of explained what app freedom is now I think you know I'm not claiming this is original uh I don't know that name has been used um but as far as I can tell nobody's really crusading for this and I think that's because they don't know how to get there it seems probably impossible or impractical so for the rest of this talk I'm going to sketch out how we get there so part two a technical solution I'm a technical guy and there are four key Technologies here Each of which has sort of arisen over the time in in trying to get to this point the first and most obvious and I'll go through each of these in in much more depth but I want to First ex name what each of them is um the first is just destroy the data under user of control the second is to use data translators between different data formats or schemas um the third is to have a network of credibility assessments this will be our key to community defense and finally to use a user data sandbox which I will explain when we get there so restoring data under user control this has been around for a while here's a diagram I did back in 2012 on the crosscloud project at MIT which produced solid um the idea here is that you have Alice and Bob trying to schedule a meeting and in in the world then and also the world today the non-app freedom world the two of them have to pick one system and here you see they pick doodle so there's devices I'll communicate with doodle um and the databases these piles of disks next each of them are part of that application so doodle has some application and Alice and Bob have to use the same one that's the crime world and we switch to a data under the control of the users now you see the disks are with the users and either user either device can talk to any of the different software use the software they want and it still works with their data that's the that's the vision um there's many different ways to do this technology is to move the data around I personally like what I would call blog style decentralization which is just using web technology no fancy crypto um no real decentralized database unless you consider the web decentralized which okay we probably should uh so so every time you want to do a data right in an application you're writing to the user's web space kind of like making a mini blog post um every time you do a read you're reading across a variety of web pages or websites need some kind of host to host authorization and authentication because this is not uh not all data is public of course so I've been working on a protocol I call site query that handles this I'm sure there are other options out there this is as I say I think something people have been working on for a long time now we get into things that I don't hear a lot of people working about so uh second point is we need these Bridges between different parts of the world um because each application uh stores its data in its own format or even if we agree on the format and probably our data store is going to require that so then we still need the same scheme we still need a schema for each application like what the what the shape of the data is um this always varies sort of randomly between even a very simple to-do list two different applications are going to have different schema for that if they don't collaborate so what do we do about that because I can't work together like one one application can't read another application is data if the schema is is different so um what usually happens is one of one of two things the the market leaders Define it the usually the first major app to Market will Define it and the others will be compatible with it the problem is that is the market leader ends up having this this control of the market they can change things arbitrarily arrange things to to harm the competitors so it's highly anti-competitive the other common answer is Open Standards and I did this work at w3c for many years and uh it it works but it is slow and expensive and this is how email is you can move between different email clients and you can continue to different web browsers because of Open Standards and there's some calendar sharing and a few other places where we have this but for instance in the social media space it took about 10 years between uh social media being big and w3c having standards for it and during those 10 years so many opportunities were lost so and it becomes very hard to change it and adapt to new ideas so that's a pain so you usually end up with a case that apps just don't work together so what's my answer my answer is translation shims or translators where each app use whatever schema each app uses whatever schema it wants and when you publish apps are forced by the platform to include to publish their schema and then when another app wants to read that data it declares this game it wants to use and then the system can look for trusted shims or translators so you go from the schema of writing to the schema of reading and those translators run in a special sandbox so they don't need to be particularly trusted um and you end up with interoperability I think this creates an ecosystem or could create if done right it could create an ecosystem uh we have a trust Network to find the shims we'll talk more about trust networks next um the incentives are in the right place like right now often competing app developers don't want to allow uh people to move between the apps because they don't want interoperability they're not going to use each other's schemas because each of them wants to control and own the market and that's bad for the users but it's good for the app developers to get these the wrong incentives and and here we switch the incentive because each app is forced to declare its schema that's pretty straightforward but that lets other people either end users or other vendors create the translation shims um interestingly these shims tend to be very small and self-contained for each property or set of properties so this might be very well suited to llm authoring um in time it may be that everyone starts to see one of the schemas is is really the best and everyone just starts to use that one and then the Shen has become null and you just kind of directly copy the data and that's great but you don't get locked into that because somebody comes up with a better idea five years later and they can start to use a different schema and again the shims come back into play so uh that's a bit out on limb there I don't know of anything like this that's working today but I in in various experiments and demonstrations it seems possible and I think it solves a vital problem here to give us that freedom next oops wrong direction next uh these trust Networks the how how do you get community policing and my picture here is one of my favorite demonstrations of trust it shows how humans can collaborate when they really want to um and this particular Tower is interesting this this practice is in Spain usually this one happens to be on the mall at Washington so I get the Capitol building in the background which is another trust related um entity so how do I propose doing this uh credibility assessments the idea is that people um tell the computers about what sources they trust what are the high credibility sources and what sources they distrust the low credibility sources and hopefully they give some reasons an explanation for why that is maybe they even linked evidence for for why that is uh and this will form a recursive credibility graph or a trust Network Let me Give an example from some prototype code I did so in this here you have a screen where somebody is rating me um and they first indicate whether they know me you know do you know Sandra Hawk we know each other I know who that is I'm not sure or skip this case they've skipped uh briefly what experience does most influence how much you trust Sandro Hawk you know again this is a prototype we could refine this I think maybe it's better to have a bunch of uh buttons for common answers here um and then there's a numeric score if you want to really get into the details here and uh rating uh that you know how much should people rely on what Sandro Hawk says that's how I'm defining credibility on a scale of 1 to 99 from not at all 50 is no opinion in this case they say 85. reasonably they they deem me reasonably credible um and then here it is visualized as a graph so the guest uh yeah so we see the guest labeled by the heart they of course have a this is guest number 28 that's just the username for this demo and they uh link to me at a credibility rating of 85 so that means my credibility rating is 85 and you see I have rated a few other sources here uh I rated this Caspian Hawk person 94 percent credible and so that 85 and 94 combines to give Caspian an 81 uh credibility meanwhile over here we get the politician Pete bootage um who who I happened to rate 80. and Caspian uh rated only 40. um because everyone has their own decisions here but that combines to give a fairly High rating because the guest trusts me more than Caspian so my high rating weights higher than caspian's low rating in practice with a system like this we need an interface that users can can definitely understand um and interact with comfortably because it can get very complicated so again the idea is uh your ratings let apps know who you trust and who they should therefore trust when they're acting on your behalf um it argues to your community who they should community members should trust overall it creates an ecosystem with a bias towards integrity this is very experimental work we're awaiting real user testing and experience but it strikes me as this might be I think will be the scalable and safe answer to online trust and safety no more letting the uh big tech companies have to decide what is trustworthy and and what isn't we can decide for ourselves with this uh tool for for collaboration I should say some of this work was done in the w3c credible web community group at credweb.org and that work was funded uh generously by Google and Facebook and the City University of New York um one more point on that it also can The credibility Network also approves identity because you build up your crowd out of these these testimony links so it is uh I think quite strong against impersonation um AI can't really step into a network of people saying yes I have met that person and yes I have met that person um so we can be are but you can set your criteria for what you decide your network is trustworthy and so this is a really strongly resistant against bots even um even AGI Bots um it does raise the question of does this increase division because you could also use it to separate other ways uh that that people might discriminate against each other that is definitely a potential and so the question is how do we protect against that or mitigate that risk um I think disinformation is a lot of what is driving division in this Society right now so this pushes back against this information so it could push back against that division it also makes it more clear you're in a bubble so maybe you don't necessarily want to be in a bubble you want to see what's going on in the whole world um maybe you think truth and accuracy are important and rational Behavior so all this enables you to take a better path there and in general I think a good user interface can nudge people in that direction towards increasing rationality um it brings evidence into the process the computer can clearly you know I said when you're given credibility assessments you should probably say what your reasons are in your evidence not in every case but when when you get to controversial cases you can do that and so this helps people uh support each other in making those credibility assessments um and in general it's less driven by outrage engagement which I think is another thing that's heavily increasing division so that's a quick overview of how the credibility networks work fourth and final step the user data sandbox the idea here is that in this model of separating apps from the data uh the applications well so it's risky to give apps a full read write access to your data it kind of puts us back in the old days of of PC viruses um the trust graph can help we see this thing often like only install this software if you trust it and I'm like how am I supposed to know whether I trust this well if we had a trust graph it could show me that those developers are actually a friend of a friend to a friend of mine and they all write each other highly credible so those developers maybe can be trusted that's a step but I think we can actually do better than that with sandboxing um and the idea here is that apps run in a restricted environment so they can read and query anything you see they run with access to all that data any of the data any of your data and any data of other people who they have given you read access to and then it can process that however it wants within the Computing resources it has and display the application specific view of that to your screen and then if you want to make a change it can propose making updates to your data and those are always undoable and always attached to the application so if you notice it during something squirrely you can mark that share that with your community other people will be flagged and you can easily undo all the change it may have made sort of peeling off the layer it put on top um and in a prototype I find this actually surprisingly nice coding environment it's it's in many ways easier than a lot of other application situations and performance obviously there's a lot of work going on here so performance isn't is not going to be as good uh in general but it uh hasn't it's been pretty good so far at least on the scale that that we've tested so to summarize these four Technologies which give us um application Freedom putting the data in the user's web space running data conversion shims and provide interoperability I use incredibly networks for trust and safety and user data sandbox to allow running untrusted apps next steps working on some demo apps of the whole stack there's a mailing list and resource list you can join at freedom.org you can reach out to me there's contact information should be here very
interested in why this won't work you know if I could stop and give up go home that would be okay but I'd really like to see this work and so far every problem that's Arisen I'm like yeah here's a way we can work around that also looking for Partnerships uh people to work with and companies to work with on this and in general once you've gotten this idea of app freedom I hope you will start to push for it yourself to to you know totally separate from any work I've done um use the concept of app freedom uh in your own application development and in other apps you have some say in and say this is a thing we need this is a thing we want so let the users move seamlessly between the apps thank you very much
2023-07-14