I remember when Google used to say “do no evil”.
I remember when Jack Dorsey testified to Congress under oath that they would not block a leader of the world from participating on their platform (that sunlight was the best disinfectant) and that this was why they hadn’t removed the Ayatollah despite a constant stream of anti Semitic posts coming from that account.
Charters can be changed - and one day it might make sense for Purism to change their charters in response to any external, or internal pressures. (just as google did, just as Twitter did etc)
you can’t guard against that, - As I said, I trust them now… (but that could change.)
yeah… I mean except history shows that may not always be the case.
The initial Librum one (privacy suit) shipped with trackers that the company didn’t even know about since they literally just took someone else’s code and put their own name on it…
Freedom for me to install whatever app I like from whatever supplier I choose to trust.
Now, of course that doesn’t mean that applications should act in nefarious ways. (and this is how the law currently is.)
the law doesn’t stop the app taking data it doesn’t need, the law doesn’t stop the company selling said data. the law stops the company that makes the app and sells the data from misrepresenting (lying) about what they are doing, and penalizes them (with fines) if they do.
For GDPR the fines are set significantly high enough for most companies to want to comply. - so everything is managed under current laws - there is no need to call an app illegal, because it isn’t the app that is illegal, it’s the actions of a company illegally collecting and selling data that is illegal.
There is a very big difference between saying “don’t be evil” as an internal corporate marketing strategy, and going to the trouble we have to encapsulate our values into a binding corporate charter. We did that not because the community demanded it (the community didn’t know about SPC until we became one), but because we truly believe in these values and specifically wanted to prevent the possibility of an outside investor forcing us to violate our ethics and sue us for not “maximizing shareholder value.”
No, we forked a well-known client and made changes not simply to put our own name on it, but because we needed to make it more convenient than the traditional client. The goal, like with the Librem Mail client and Librem Social, was to make it so a user could just enter their Librem One username and password and it would “just work”, without their also having to enter in server information and deal with other complexities. You have to realize we are trying to compete with Google and other all-in-one service suites that are incredibly convenient for the user–one login works across multiple applications without the user having to enter server and other information.
Writing yet another Matrix client would have been a waste of our resources and reinventing the wheel, when all we wanted was to provide people an easy way to log into Librem Chat with their username and password.
We removed the trackers we knew about but there was still latent (possibly unused) code that was flagged with a different scanning tool, and once we became aware of it, we removed it. So much of the phone app ecosystem is dedicated to spying that it’s really difficult, even if you use free software applications on those platforms sometimes, to identify and remove all the trackers on existing code.
I know how hard it would be to write the complete suite from scratch, my criticism isn’t that existing code was forked, rebranded and re-released.
Whilst I couldn’t have done better myself, This is an example of how even with charters, even with a team of developers, even with a promise that Purism vet all the source code for apps that are released…
“features” that don’t respect privacy still were released! - like you promised would never happen.
Treating that as a broken promise is unreasonable, just like if we released software that later was found to have a security bug which we then patched upon discovery, we wouldn’t be breaking a promise to prioritize the security of our customers.
Our corporate charter states our values and what our priorities are. It does not promise we won’t make mistakes as we work to achieve our goals according to our values. I certainly hope you don’t actually think it does, and are instead doing the typical “devil’s advocate” forum discussion thing.
I’m not treating it like a broken promise. (that was a poor choice in words.)
There is a huge difference between an accidental oversight a couple of years ago and a malicious action (or inaction.)
The article literally says “we’re putting in new systems to aid in detecting things like this in future”
Two posts ago I wrote “yes I trust Purism to be able to deliver this promise”
My only point about the charter was that things change. - and that can be for a variety of reasons.
People have spent most of this year literally threatening the lives of people/spouses/co-workers/pets of people they politically disagree with… (whether that is the Parler CEO, or that woman in charge of certifying votes in Georgia)
All I’m saying is there are more pressures than business pressures once a company reaches a certain size, or certain audience…
If you had a genuine and credible threat on the life of yourself or employees to “pull” an app from your store, I would hope that the response would be nuts to the charter, pull the app, call the FBI and hope to re-instate the app in future. (it’s rhetorical, hyperbolic and not even a question.) the point is that life can develop to be much more complicated than anyone can ever imagine… the charter is a great guide, but it’s no stone tablet!
I really wish more people in the forum (and in the community at large) understood that distinction. The FOSS community has been hurt and exploited so many times in the past by other companies that use the community essentially to get free software development, without contributing back, that I think too many people’s default response is to assume malice and exploitation as the explanation behind any action (or inaction).
Everyone at Purism truly believes in and practices those ethics that are in our SPC. It would be difficult to work here and not share those values because essentially everything we do here is made more complicated and difficult due to sticking to them. I never had as many discussions about ethics, free software, and what’s best for the community and end-users as I have working at Purism.
Until someone can convince the holders of 2/3rds of the shares to change or abolish the SPC charter, any single shareholder can sue the company if it violates its SPC charter. This effectively stops the management of Purism from ever violating its SPC charter, because you would have to buy up 2/3rds of the shares to change the company. Any company or investor buying Purism would have to make sure that it controls 2/3rds of the shares, or it will be forced to abide by the SPC charter. Otherwise, all it takes is one idealistic shareholder to stop Purism from ever turning into a company like Google.
The second check on the company is the fact that it has attracted a loyal base of customers who would instantly denounce the company and criticize it in very harsh terms if it violates its SPC charter. Also many of the employees would quit the company, because it has attracted employees who care about free software and privacy. At this point, it would probably mean economic suicide for Purism as a company to start violating its SPC charter in a major way, because it would lose a large portion of its customers and its employees.
I’m pretty sure that many of the people who work at Purism could get paid more working with other companies, but they choose to work at Purism at a lower salary because they agree with the SPC charter. Those types of employees won’t stay if Purism starts behaving like a typical tech company.
Either that or move to “round table”, but forking topics really should fork threads too - even there.
To be a bit cheeky, I think the original poster of the first message mis-categorized this, as this wasn’t about HW [see label mouse-over]
good grief…
I think I like the second best as it literally stops short of saying “won’t somebody think of the children!”
The third one, notice the revision “may need to work with service providers” is crossed out. - the original draft then seems to suggest that they’d planned to work in secret.
hopefully this brings into sharper focus what I’d said about about governments making applications illegal and stopping me from being able to decide what to install on my devices.
(remember when software that could support encryption had export restrictions?!)
It’s only through my freedom to decide what I put on my phone, (and the ability to trust a not-big tech vested eco system) that can provide the confidence that your software / device stack is good.
(e.g. you can’t have privacy or security without freedom.)
(though there is a clear balance to any of these fundamental principals.)
Technologic dominance tends to create oligopolies. We saw this play out with Twitter at the beginning of the month and then parler and now Gamestop and other stocks. This is certainly cleaner issue to litigate in the courts because the damage is quantifiable. It should be interesting to watch…
It’d be nice to have a separate system for phones from Apple and Google with all of the apps available from their stores.
I didn’t see any mention of GrapheneOS here, which is based off of AOSP and is security and privacy enhanced, but does not support Google Play services with the bootloader locked.
I’m sure if left unlocked might be able to get it running or use MicroG or something else similar to get more functionality out of apps that require play services if needed while reducing the security.
Would be nice to have an alternative with as many options and the quality offered by Google and Apple. Without a store-like environment in which apps can be monetized I think that is hard to expect or realize unless something is used like anbox to run apps that are present on one of their stores.
Developers need to get paid, obviously, and any viable alternative to Google and Apple’s app store for phones will need to be similarly lucrative for people to monetize their apps. I think an unfortunate consequence of their need to monetize results in using user’s data to create additional revenue streams by analyzing usage data.
Regardless, I think any viable third option to enter this market will have to have a large user base and a system that allows developers to make money from their applications within the store to attract companies and developers.
You may be able to delay it at least.
Not that that stops Apple from changing the OS so that’s not possible, and not that I know that they haven’t already done so.
As of 11:44 UTC we’ve submitted a detailed appeal to reiterate that Element is a generic chat app for connecting to the global Matrix communication network, just as Chrome is a generic web browser for connecting to the Web - and just as Google does not control the content on the Web, Element does not control the content on Matrix.
[Emphasis mine]
Ooops, maybe telling Google that “we control the Matrix network just as much as you control the Web” is not the best strategy . Google search/Analytics/tagmanager/safe browsing or AMP, anyone?