It's increasingly convenient to manage personal data up in the cloud. Eben Moglen worries that people entrust important data to organisations without thinking of the downside. Drawing an analogy with open source in software, he encourages people to store data themselves rather than pumping it into proprietary information silos.

I am persuaded by the argument as I've phrased it above. It's timely to consider investing in keeping copies of the personal data that is important to you, because otherwise you're going to lose it when the silo closes. Ideally you would keep the copy rather than a copy, - you would manage the canonical resource and publish it. This is because you have the most interest in and ability to ensure the ongoing correctness of the data. Because DIY is hard, third-party service providers will help you; but they should be neutral hosts rather than aggregators motivated by their own uses for the information.

Actually Moglen seems to be making the stronger argument that you should hold the data because you need to be able to control it, not just publish it. Commercial entities will enter into contracts with you about what use they are allowed to make of this data that you own and are generously granting them access to. His argument is phrased in terms of privacy - your right to control the use of digital data about you. Maybe you'll even sell access and usage rights.

And this is where I differ from him and a whole bunch of organizations with whom usually I find myself in agreement. Trading overzealous stereotyping for a reduced risk of misquoting, I will pick the Electronic Frontier Foundation as a specific example of what I find to be a widespread and questionable position. I find their stance on issues of privacy to be very much at odds with the pragmatic approach they take to, say, DRM.

On the latter, essentially they say: trying to control how digital information is copied and used doesn't work very well. The technologies are too easy to break, and they prevent unintended new uses of the content, restricting freedoms and stifling innovation. Therefore we should avoid purely technical solutions, and retire historic business models that now rely on them. Instead play nice with the world as it is, and try to nudge it in the directions you desire.

That all sounds right to me. So how on Earth will we be able to use any kind of Digital Privacy Management mechanism to control how personal information is copied and used? Bits are bits, and once you publish them you just don't get to control their copying and use. The hazily envisaged DPM is DRM, only without a law-buying cartel behind it. It's not going to work. Move on, and start discussing and tackling the problems that can arise in a space where there are plausible solutions, please.

(You'll also find the open source analogies work better once technical controls are abandonned, I believe.)

Tags: copyfighting