App Freedom - fix the internet

Show video

I'd like to talk about the notion of application  Freedom it seems to me this is our best clearest   path to how to kind of fix the internet  make the internet like good for people again   um and let me just be clear I think the  internet is great it has so many things   that we love from the from Global culture to  direct collaborative systems um I mean the   value of Wikipedia is unbelievable we get these uh  open education initiatives like crash course the   value of GitHub is off the charts of course when  problems happen it's great and disaster relief   um you've seen it expose corruption and uh you  know during the pandemic remote collaboration   was amazing it was before two and after  since but just that sort of the fact that   we could we could suddenly Move online and things  basically kept working through so much of society   and around the world it's as an engine for  economic growth it's uh amazing so so that's all   given let's accept that well I think we all know  it has enormous potential and is is doing really   good things even now but also that the internet  is is pretty bad um it has you know this is   just kind of the list of things that came to my  mind I don't know if there's an objective list   uh unfair bands like the other day one of  my videos of my kids was taken down for no   discernible reason and and that happens you  know that's just why it's on the top of my   mind but so many times people talk about really  unfair ways uh the judgments are made that are   a problem to them and a problem to society uh on  the flip side of that it also can Empower people   doing considerable harm to the world uh things  that are not banned that that maybe should be   because they're harming people it's a huge engine  for surveillance um both uh sort of capitalist   surveillance capitalism I'm doing it for money  and for government and other control reasons   um there's corrupt algorithmic bias we see  this with feed algorithms all the time like   being tuned for not they don't say outrage but  it announced to that which is probably driving   the division in society there's all sorts of  dark patterns parts of applications that uh   you don't want the as the user but the application  developers put there because it makes them more   money or achieves other ends um and something  some lots of people have mentioned when I bring   this up is they really don't like it when  the user interface changes uh without you   know it doesn't give them anything they want but  still things change under them and that's a very   disquieting feeling and similarly policies  can change in ways that are very unpleasant   um I think all of these reflect a kind of  underlying problem each application is its   own Community its own database it has its own  policies effectively it has its own police   sort of metaphorically we can say each one is its  own kingdom and it's got these walls between the   kingdoms um well you're kind of Trapped so  this this comes from an underlying problem   um a sort of vendor lock-in that comes from  social Computing when you have people using   the computers to interact with each other  that's social Computing and let's take an   example of a lot of people have wanted to move  away from Twitter either before or after the   recent acquisition and it's very hard to do  that because if you switch from Twitter to   some other system that has all the same features  the same even this if it were exactly the same   software you would lose your feed you know all  the interesting things you see every day you'd   lose all the followers you work to achieve you'd  lose everything you ever posted you lose all the   conversations the back and forth the interactions  you'd lose your effect of training the algorithm   which is part of why you got the good feed and  and sort of at a human level you would lose your   community and and who wants to do that I mean  sometimes it's worth it you move somewhere else   and start over but that is not a trivial thing  to do so the lock-in of social Computing is a   significant problem and so I'm defining the  opposite of that as app freedom uh you should   just be able to switch apps if you you know let's  say you like one salad dressing uh maybe you use   that every day for the rest of your life every  time you have salad uh fine that's your choice but   there's no real problem with switching another one  if you want to try five other brands that is not   an issue similarly you should be able to try five  different Twitter clones in a day see what they're   like but keep all the same history the same state  the same interactions so you're not really losing   anything and other people don't even notice like  their interaction with you should be the same like   nobody cares which salad dressing you use nobody  should care Which social media platforms you use   it doesn't affect them versus right now we're  totally the opposite so as you switch different   um competing apps you could easily have a  different user interface different algorithms   and there might be different policies and  restrictions and features and in some cases   those won't line up perfectly and that's okay but  then that's that's sort of what you're aiming at   with that app so you get to make those decisions  but as soon as it becomes a lock-in then we have a   problem and I'm just using Twitter as an example  because it's very familiar but this applies to   so many different applications I sort of  think of it like if it ever bugs you if   you don't love it if it bugs you and you  haven't switched then you're locked in um so here's uh just some of the you know very  recently read it has been having one of these   little rebellions where people like we're gonna  leave but they don't usually because of this   this lock-in um YouTube has had many of these over  the years uh yeah lots of lots of different apps   you've probably had that experience many times  yourself so ad freedom is the idea that users   can move seamlessly between competing apps and  this involves the data being under the control of   the user not the app and relationships are part of  the data so they move with you or or stay with you   competing apps can interoperate so I'm using one  you're using a different one or I'm using them   in using two different ones in two different  windows or on two different devices and it all   works the same um communities have to cooperate  for safety we'll get into this a lot more because   uh there's no police force across all  of these apps so how do you get safety   um and in the end we got a competitive  market for apps and for hosting   so let's return to that list of  uh problems I mentioned earlier   and see how those might get solved without  freedom in the case of unfair Bans um because   the apps would have no power to ban things or you  could move to another app and get it there um uh   users pick their own host and that is is where the  policies are and since they can pick one if they   don't if they get banned they can move to another  host in general obviously there are limits to that   um like for blatantly illegal activity they'd have  a hard time finding a host that would allow that   uh for empowering harms we have this community  defense that again I'll talk about more later   for surveillance uh we can change the incentive  structure here surveillance capitalism doesn't   really work uh very well in in an app freedom  world so and you can pick hosts that um have the   policies you like and and are in the jurisdictions  you like doesn't necessarily uh I'm not trying the   sidestep law enforcement surveillance I think  that's actually often a good thing um there's   some balance there though and getting rid of uh  corporate surveillance seems like a good plan   um for algorithmic corruption big change there  because users pick their own apps they can pick   their own algorithms within those apps again  dark patterns hopefully go away because dark   patterns feel bad and as soon as the app makes  you feel bad you switch to a different one just   like a salad dressing suddenly targeted tasting  bad to you you just switched to a different one   um for unwanted UI changes again you use  the one you feel like using no problem for   unwanted policy changes you pick your app  and you pick your host so hopefully you can   find ones that have policies you like and  don't change when you don't want them to   so that's the idea of app freedom and I've set  up at freedom.org doesn't have much content   yet hopefully it will at some point kind of a  rendezvous spot and just to sort of Define that   you know our freedom is there the ability to move  easily between competing apps keeping all your   data and connections so that's the first part here  I've sort of explained what app freedom is now I   think you know I'm not claiming this is original  uh I don't know that name has been used um but as   far as I can tell nobody's really crusading for  this and I think that's because they don't know   how to get there it seems probably impossible  or impractical so for the rest of this talk I'm   going to sketch out how we get there so part two  a technical solution I'm a technical guy and there   are four key Technologies here Each of which has  sort of arisen over the time in in trying to get   to this point the first and most obvious and I'll  go through each of these in in much more depth   but I want to First ex name what each of them is  um the first is just destroy the data under user   of control the second is to use data translators  between different data formats or schemas   um the third is to have a network of  credibility assessments this will be   our key to community defense and finally to use  a user data sandbox which I will explain when   we get there so restoring data under user  control this has been around for a while   here's a diagram I did back in 2012 on the  crosscloud project at MIT which produced solid   um the idea here is that you have Alice and Bob  trying to schedule a meeting and in in the world   then and also the world today the non-app freedom  world the two of them have to pick one system and   here you see they pick doodle so there's devices  I'll communicate with doodle um and the databases   these piles of disks next each of them are part  of that application so doodle has some application   and Alice and Bob have to use the same one that's  the crime world and we switch to a data under the   control of the users now you see the disks are  with the users and either user either device   can talk to any of the different software use the  software they want and it still works with their   data that's the that's the vision um there's many  different ways to do this technology is to move   the data around I personally like what I would  call blog style decentralization which is just   using web technology no fancy crypto um no real  decentralized database unless you consider the   web decentralized which okay we probably should uh  so so every time you want to do a data right in an   application you're writing to the user's web space  kind of like making a mini blog post um every time   you do a read you're reading across a variety  of web pages or websites need some kind of host   to host authorization and authentication because  this is not uh not all data is public of course so   I've been working on a protocol I call site query  that handles this I'm sure there are other options   out there this is as I say I think something  people have been working on for a long time now we get into things that I don't  hear a lot of people working about so   uh second point is we need these Bridges  between different parts of the world   um because each application uh stores its data  in its own format or even if we agree on the   format and probably our data store is going to  require that so then we still need the same scheme   we still need a schema for each application  like what the what the shape of the data is   um this always varies sort of randomly between  even a very simple to-do list two different   applications are going to have different  schema for that if they don't collaborate so   what do we do about that because I can't work  together like one one application can't read   another application is data if the schema is  is different so um what usually happens is one   of one of two things the the market leaders  Define it the usually the first major app to   Market will Define it and the others will be  compatible with it the problem is that is the   market leader ends up having this this control  of the market they can change things arbitrarily   arrange things to to harm the competitors so  it's highly anti-competitive the other common   answer is Open Standards and I did this work at  w3c for many years and uh it it works but it is   slow and expensive and this is how email is you  can move between different email clients and you   can continue to different web browsers because of  Open Standards and there's some calendar sharing   and a few other places where we have this but for  instance in the social media space it took about   10 years between uh social media being big and w3c  having standards for it and during those 10 years   so many opportunities were lost so and it becomes  very hard to change it and adapt to new ideas so   that's a pain so you usually end up with  a case that apps just don't work together   so what's my answer my answer is translation  shims or translators where each app use whatever   schema each app uses whatever schema it wants  and when you publish apps are forced by the   platform to include to publish their schema and  then when another app wants to read that data   it declares this game it wants to use and then the  system can look for trusted shims or translators   so you go from the schema of writing to the schema  of reading and those translators run in a special   sandbox so they don't need to be particularly  trusted um and you end up with interoperability   I think this creates an ecosystem or could create  if done right it could create an ecosystem uh we   have a trust Network to find the shims we'll talk  more about trust networks next um the incentives   are in the right place like right now often  competing app developers don't want to allow   uh people to move between the apps because they  don't want interoperability they're not going   to use each other's schemas because each of them  wants to control and own the market and that's bad   for the users but it's good for the app developers  to get these the wrong incentives and and here we   switch the incentive because each app is forced to  declare its schema that's pretty straightforward   but that lets other people either end users  or other vendors create the translation shims   um interestingly these shims tend to be very  small and self-contained for each property or   set of properties so this might be very well  suited to llm authoring um in time it may be   that everyone starts to see one of the schemas  is is really the best and everyone just starts   to use that one and then the Shen has become null  and you just kind of directly copy the data and   that's great but you don't get locked into that  because somebody comes up with a better idea five   years later and they can start to use a different  schema and again the shims come back into play   so uh that's a bit out on limb there I don't know  of anything like this that's working today but I   in in various experiments and  demonstrations it seems possible   and I think it solves a vital problem  here to give us that freedom next oops wrong direction next uh these trust  Networks the how how do you get community   policing and my picture here is one of my  favorite demonstrations of trust it shows   how humans can collaborate when they really want  to um and this particular Tower is interesting   this this practice is in Spain usually this one  happens to be on the mall at Washington so I   get the Capitol building in the background  which is another trust related um entity so how do I propose doing this  uh credibility assessments   the idea is that people um tell the computers  about what sources they trust what are the high   credibility sources and what sources they distrust  the low credibility sources and hopefully they   give some reasons an explanation for why that is  maybe they even linked evidence for for why that   is uh and this will form a recursive credibility  graph or a trust Network Let me Give an example   from some prototype code I did so in this here  you have a screen where somebody is rating me   um and they first indicate whether they know me  you know do you know Sandra Hawk we know each   other I know who that is I'm not sure or skip this  case they've skipped uh briefly what experience   does most influence how much you trust Sandro Hawk  you know again this is a prototype we could refine   this I think maybe it's better to have a bunch  of uh buttons for common answers here um and then   there's a numeric score if you want to really get  into the details here and uh rating uh that you   know how much should people rely on what Sandro  Hawk says that's how I'm defining credibility   on a scale of 1 to 99 from not at all 50 is no  opinion in this case they say 85. reasonably they   they deem me reasonably credible um and then  here it is visualized as a graph so the guest   uh yeah so we see the guest labeled by the  heart they of course have a this is guest   number 28 that's just the username for this demo  and they uh link to me at a credibility rating   of 85 so that means my credibility rating is 85  and you see I have rated a few other sources here   uh I rated this Caspian Hawk person 94 percent  credible and so that 85 and 94 combines to   give Caspian an 81 uh credibility meanwhile  over here we get the politician Pete bootage   um who who I happened to rate 80. and Caspian  uh rated only 40. um because everyone has their   own decisions here but that combines to give  a fairly High rating because the guest trusts   me more than Caspian so my high rating  weights higher than caspian's low rating   in practice with a system like this we need an  interface that users can can definitely understand   um and interact with comfortably  because it can get very complicated so again the idea is uh your ratings let apps  know who you trust and who they should therefore   trust when they're acting on your behalf  um it argues to your community who they   should community members should trust overall it  creates an ecosystem with a bias towards integrity   this is very experimental work we're awaiting real  user testing and experience but it strikes me as   this might be I think will be the scalable  and safe answer to online trust and safety   no more letting the uh big tech companies  have to decide what is trustworthy and and   what isn't we can decide for ourselves  with this uh tool for for collaboration   I should say some of this work was done in the w3c  credible web community group at credweb.org and   that work was funded uh generously by Google and  Facebook and the City University of New York um one more point on that it also  can The credibility Network also   approves identity because you build up your  crowd out of these these testimony links   so it is uh I think quite strong against  impersonation um AI can't really step into   a network of people saying yes I have met  that person and yes I have met that person   um so we can be are but you can set your  criteria for what you decide your network   is trustworthy and so this is a really strongly  resistant against bots even um even AGI Bots um it does raise the question of does this  increase division because you could also use   it to separate other ways uh that that people  might discriminate against each other that is   definitely a potential and so the question is how  do we protect against that or mitigate that risk   um I think disinformation is a lot of what is  driving division in this Society right now so   this pushes back against this information so it  could push back against that division it also   makes it more clear you're in a bubble so maybe  you don't necessarily want to be in a bubble you   want to see what's going on in the whole world um  maybe you think truth and accuracy are important   and rational Behavior so all this enables you  to take a better path there and in general I   think a good user interface can nudge people in  that direction towards increasing rationality   um it brings evidence into the process the  computer can clearly you know I said when you're   given credibility assessments you should probably  say what your reasons are in your evidence not in   every case but when when you get to controversial  cases you can do that and so this helps people uh   support each other in making those credibility  assessments um and in general it's less driven   by outrage engagement which I think is another  thing that's heavily increasing division   so that's a quick overview of how the credibility  networks work fourth and final step the user data   sandbox the idea here is that in this model of  separating apps from the data uh the applications   well so it's risky to give apps a full read  write access to your data it kind of puts us   back in the old days of of PC viruses um the trust  graph can help we see this thing often like only   install this software if you trust it and I'm  like how am I supposed to know whether I trust   this well if we had a trust graph it could show  me that those developers are actually a friend of   a friend to a friend of mine and they all write  each other highly credible so those developers   maybe can be trusted that's a step but I think we  can actually do better than that with sandboxing   um and the idea here is that apps run in a  restricted environment so they can read and   query anything you see they run with access to all  that data any of the data any of your data and any   data of other people who they have given you read  access to and then it can process that however it   wants within the Computing resources it has and  display the application specific view of that to   your screen and then if you want to make a change  it can propose making updates to your data and   those are always undoable and always attached  to the application so if you notice it during   something squirrely you can mark that share that  with your community other people will be flagged   and you can easily undo all the change it may have  made sort of peeling off the layer it put on top   um and in a prototype I find this actually  surprisingly nice coding environment it's   it's in many ways easier than a lot of other  application situations and performance obviously   there's a lot of work going on here so performance  isn't is not going to be as good uh in general   but it uh hasn't it's been pretty good so far  at least on the scale that that we've tested   so to summarize these four Technologies  which give us um application Freedom putting   the data in the user's web space running data  conversion shims and provide interoperability   I use incredibly networks for trust and safety and  user data sandbox to allow running untrusted apps   next steps working on some demo apps of the whole  stack there's a mailing list and resource list you   can join at freedom.org you can reach out to me  there's contact information should be here very  

interested in why this won't work you know if I  could stop and give up go home that would be okay   but I'd really like to see this work and so far  every problem that's Arisen I'm like yeah here's   a way we can work around that also looking  for Partnerships uh people to work with and   companies to work with on this and in general  once you've gotten this idea of app freedom I   hope you will start to push for it yourself to to  you know totally separate from any work I've done   um use the concept of app freedom uh in  your own application development and in   other apps you have some say in and say this  is a thing we need this is a thing we want   so let the users move seamlessly  between the apps thank you very much

2023-07-14

Show video