— Why did you write a book called surveillance:// ?
— I discovered computing when I was 14 years old in 1980, and I was fascinated, to the point I wanted to make it my career. Personal computing was first, then came computer networks, then the Internet. I could envision how this would change the world for the better. I worked for Netscape, in the 1990’s, then launched Mozilla Europe, the non-profit that brought the Firefox Web browser. But over time, I realized that not everything that came with the digital revolution was 100% positive: most people struggle with new digital tools and because of that lack the time and training to reflect on the limits of the technologies. The only information they get is from the application itself and the marketing messages from the company. In both cases, there is no place for critical thinking.
My book’s goal is to explain what really happens with the digital revolution, with smartphones with SaaS aka Cloud computing. It’s not about just pointing problems, but also offering solutions, otherwise users — who already are struggling with all these tools — will consider that they have no choice other than accepting to be under surveillance and having their personal data used against them.
— You wrote the book in an unusual way: publishing every chapter on your blog right it was written, using feedback from your readers. What did it change for you?
— For a long while, I did not feel like I would be able to write a book, until I discussed this with 2 journalist friends, who encouraged me. I’ve been blogging for years now, since 2003, so writing posts was familiar territory for me, but I don’t know how to write a book. I used the feedback from blog readers to motivate me by seeing there is an interest in the topic, and by making sure that what I wrote made sense. I wanted the book to be accessible to a wide audience, so getting feedback on what is interesting, which example to use in order to make a point, was very useful. Without my readers, this book project would not have made it to paper!
— Let’s see how’s structured the book. Here is the first question: is it so bad to lose control of our hardware, software and data?
— In the first part of the book, I explain how data is collected, by who (companies and states), and why it’s a major issue for our liberties and democracy as a whole. We need to remember of Richard Stallman’s utopia back in 1984, which was having free software (or open source if you prefer) that was running on a personal computer so that we knew what was done with our data. But over time, things have changed a lot, including the fact that smartphones became popular. On smartphones, most software is proprietary and we have no control over it. On top of this, the smartphone is a computer that we carry all the time with us and has many sensors, including microphones, cameras, a GPS. It captures a lot more data than a PC. It is also connected to the Internet most of the time and sends data there. In short, a smartphone is a fantastic spying device that we voluntarily pay for every other year with our own money.
The other thing is the concept of Software as a Service (aka Cloud) where someone else’s computer running software that we can’t control, has our data. It’s a convenient model in many cases, but it makes surveillance a lot easier. Things are made worse when it’s combined with targeted advertising, where services are economically encouraged to collect more data and profile users in order to make more money. Free commercial services are actually a very bad trade-off: we trade personal data against inexpensive service. All of this is getting worse as new types of products are being launched such as advertising beacons, quantified-self wristbands, and the Internet of Things. Data collection and surveillance are indeed on the rise.
**— Now that we know all of this, how can we take back control? **
— In the third part of the book, I explain the notion of “SIRCUS” (that’s an acronym in French for “Computer Systems that empower Users”), which is something that technologists can work on in order to create a new generation of products that are serving better the interests of end users. It’s based on 7 principles:
1 - use Free/open source software because it can be audited to understand what it actually does
2 - Have control over the hardware (e.g. decentralize things, ideally in a self-hosted way if you can).
3 - Encrypt communications, otherwise data will leak.
4 - Avoid anything that is relying on the targeted advertising business model
5 - Offer a great User eXperience
6 - Leverage standards to offer interoperability with other systems
7 - Offer a killer feature that centralized / proprietary systems can’t match. This way, we have a compelling reason to switch to the SIRCUS model other than just avoiding surveillance, which is often not compelling enough.
These are the main principles that enable us to build a new kind of digital tools. This is exactly what we’re trying to do here at Cozy Cloud: build a SIRCUS-based product. Our killer feature is empowering people with their personal data, coming from various sources thanks to connectors.
— Is there anything we can do at a personal level?
— I have noticed that when it comes to surveillance, people feel helpless, overwhelmed by the complexity of the tools. One should not accept this as there are so many easy things that we can do. It’s something I describe in Part IV of the book. All the tips I describe demonstrate that one does not need to feel helpless. We can act, we can do something. This will not make the reader a complete expert on the topic, but at least he will resist better to surveillance, which is a great start!