19 Sep 2017

Why Cozy won't be the next Google - MyData follow-up

One question that I often get when I discuss what we do at Cozy Cloud is: “How do you want to replace the Google paradigm without becoming the next Google?”

nitot_at_myData2017_about_open_source.jpg

As I was on the main stage at the MyData 2017 event in Tallinn and Helsinki recently, I thought is was a great opportunity to respond to this question. First, let explain that we do not plan to kill Google as a company. However, we consider that their current model is toxic for society: collecting personal data to profile people in order to display targeted advertising is — as Edward Snowden explains so clearly — de facto what makes state mass surveillance economically possible.

Now, offering digital services that are customized for each individual is a must and it cannot be done without personal data. So how can we provide such customized services without damaging user privacy? This is exactly what Cozy and other PIMS projects are about: provide solutions that empower people with their data; but there are a few key differences with what Internet giants do. Let’s go through them:

Decentralization

Personal data is stored in personal clouds. Such personal clouds can be self-hosted (if you are knowledgeable enough to do this), which means that your data can be physically hosted on a computer running at home, connected to the Internet through your high-speed connection. You can also host this on a server at in a datacenter or you can have a third party that hosts and administers your Cozy cloud for you. That’s the beauty of the approach: if you’re not happy with your current hosting solution, you are free to move your data to another solution while getting roughly the same features. Personal clouds are therefore a lot less centralized, on top of being private, which means that it makes surveillance a lot harder compared to the centralized model.

Free / Open source software

One major issue when one puts his/her data into a system is trust: how can I be sure that my data is not being used in ways that I don’t want? If the software code is proprietary / closed source, then there is not a lot I can do. I need to believe in the good faith of the company when they say they care about my privacy. Honestly, I’ve read so many privacy policies and Terms of Services that stated “we care about your privacy” while explaining a couple of pages further down that they communicated my data to third parties that I have a hard time with this approach.

This is why Cozy is an open-source project which code is licensed under the well-known AGPL (Affero General Public License, a free software license for application services providers).

To keep things simple, let’s just say that by being open source, the source code of our software has to be public, which means that people who want can check if the software does what it says it does. While not everyone is willing to read source code (honestly, it’s quite boring), this approach brings transparency to what the software does, in ways that promote trust: if Cozy does something silly with the software, people will notice because it will be obvious, this is why Cozy won’t do it.

In short:

In a post-Google world, the Internet should be open-source and decentralized! - Click to tweet

Why would you choose Cozy today?

At Cozy, we think that by promoting Internet decentralization and Open Source software, we’re helping Making the Internet Great Again (feeling some cognitive dissonance? No worries, that’s intended!). We want to create systems that are better at serving the users’ interests. In this, decentralization and open source are key. Oh and if Internet giants want to switch to this new paradigm and join Cozy, they are more than welcome. Provided that they give up on their bad habit of collecting personal data on a global scale!

12 Sep 2017

Why you should see the 'Nothing to Hide' documentary

Nothing_to_hide_poster.jpg

I’ve just seen the documentary Nothing to hide and I’ll say it plainly, it’s a movie that I would have liked to have made, a sort of video parallel to my book Surveillance:// and the conferences I give. It’s a shock response to the “I have nothing to hide” argument that crops up when we talk about mass surveillance carried out by Internet giants and a growing number of countries throughout the world. In order to increase the exposure of this excellent documentary — which brings together political victims of surveillance as well as whistle-blowers — I interviewed the film’s director, Marc Meillassoux.

Tristan Nitot: Hello Marc, congratulations on your excellent film! Can you tell me about yourself?

Marc Meillassoux: I am an independent journalist, based in Paris and Berlin. I first studied economics before turning to journalism, and so I have a background in economics.

TN: How did you come up with the idea of this documentary?

MM: I was working in the start-up scene in Berlin, which had become very fashionable. As I met people, I heard about CryptoParties (or Café Vie Privée in French), which I started to attend. I had no background in IT and security, and I found it really interesting. First I learned the basics: Tor navigation, PGP email encryption, I installed Ubuntu Linux… Mihaela Gladovic, a Croatian colleague, was also interested in these subjects and we were both frustrated with the discussions we were having with our friends and acquaintances. People would mostly say: “OK, yeah, surveillance isn’t ideal, but we’re getting all of these free services. And in any case I’m not doing anything wrong, they can watch me, I have nothing to hide.”

This theme of “I have nothing to hide” came up all the time, and people were associating secrecy — and privacy — with something wrong. This is a misleading fallacy, but one that isn’t really easy to deconstruct.

We also realized that people had certain reactions to different arguments: some were unhappy that tax authorities were sifting through their data without their knowledge; others understood that some poor life choices could be used against them by an insurance company or a bank; others may have had a family member affected by a mental health issue and were sensitive to the question of intimate information and its relationship with the outside world… Not everyone has the same approach or risk model. We wanted to take these different aspects and address a maximum number of people.

We made a documentary somewhat by accident. It’s our first, but we thought that we needed to use a video format, especially in order to reach out to a younger audience.

TN: After experimenting, were you expecting to achieve such a result, to elicit such a reaction from Max Thommes?

MM: No, we had no idea. I had started by conducting surveillance on myself, including spyware on my mobile, with the help of the Tactical Tech Collective organization. It didn’t work, because I was much too aware of what was happening on my phone. At the same time, I noticed the impact of this experience on my behavior: I knew that someone was following my every move, action and gesture, and that changed my habits. A slightly ridiculous example, but one which I find interesting: I woke up an hour earlier every morning — I’m a freelancer and more of a night person — because somehow I thought that someone would be monitoring the hours when I got up and went to bed, and I stupidly wanted to seem like a super dynamic guy who gets up early in the morning… This is a small anecdote, but intriguing nonetheless: when you know you’re being monitored, your behavior changes, even in terms of little things. That’s Bentham’s Panopticon theory as explained by Foucault.

I ditched my smartphone at the end of the experience and have only had an old Samsung since.

Finally, I asked Max Thommes, an actor who was once my flatmate. He’s a nice guy, “normal” in the good sense of that term, and a total extrovert. Like everyone else, he wasn’t too bothered by these surveillance stories. I called him, and was waiting for him with our cameras, and asked him live to try a new experience: install super intrusive spyware on his mobile and computer. That scene is in the movie.

I was sure that even in 30 days, the two analysts would find something, and we were not disappointed. We even had to remove a substantial part of their findings at Max’s request. But he was great, he played along, and I must say with a great deal of courage.

TN: Did Max change his habits? And you?

MM: Max was a bit shocked by the experience. He started using Tor and is much more careful these days. But he’s more fatalistic than I am. I personally changed my habits completely. However I try and see it as a game rather than my becoming paranoid. I keep asking myself how can I reduce my data footprints by 10%, then another 10%, etc. There’s a site by Tactical Tech: Myshadow.org where you can calculate your digital footprints: for example, using an iPhone, a Windows computer, Google Chrome, etc. You can change combinations and see how to reduce data footprints. For example, I have completely stopped using Google services.

TN: What do you think should be changed in the world and/or on the Internet?

MM: It’s not really my place to answer that kind of question, that’s more for you or the people from Quadrature du Net… I often repeat a set of basic principles: use free software, decentralize data and encrypt conversations end-to-end.

TN: Ahh, it almost seems as if you’ve read my book Surveillance://: that is exactly what I suggest! However, if there were one thing you learned from making this film, what would it be?

MM: Max acknowledged that he self-censored and under pressure from his contacts asked that the data concerning them be excluded from the film.

TN: Yes, that’s something we often forget: even if we lie to ourselves by saying that we have nothing to hide, by accepting to share our data, we expose our loved ones, from whom we haven’t received permission.

MM: During the surveillance experience, I didn’t want to have access to Max’s data. We asked a lawyer to formalize the whole process to ensure that nothing got out. We had tons of metadata: contacts, calls, GPS position at any given second, his professional circle, family, friends, etc. In the first few days however, I needed to make sure that the software was working and I checked a number of times. I saw one highly anecdotal thing in Max’s metadata, which was nothing serious, but which was about his circle of friends and which I shouldn’t have seen. I very quickly handed over the work to the two analysts and never again looked at Max’s raw data. One detail, one call, one hour can speak volumes.

TN: What is the future now for your film?

MM: It is playing in Paris until the end of September in Paris at the Saint-André-des-Arts cinema, and is scheduled for release in France in Clermont-Ferrand and Saint-Gaudens (nothingtohidedoc.wordpress.com). We held about thirty hosted viewings over the past few months as well as viewings at a few cinemas here and there, but never main-stream venues. At the end of September, we’re going to put the film online, for free streaming and torrent download (thanks to alternative Internet Provider Aquilenet who is lending us their servers). The film will be available in four languages: English, French, German and Spanish. We had requests to translate it into Russian and we hope that people will take charge and translate it into other languages.

We use a Creative Commons BY-Non-Commercial license: anyone can watch it, download it and even screen it free of charge, as long as these screenings are free and open to anyone. For marketed and fee-paying screenings, people must contact us. The aim is to reach as many people as possible, because this is a vital subject.

TN: Thanks Marc, and congratulations to you and your team for your remarkable and, might I say, essential work! I wish “Nothing to Hide” a great success, for it deserves it!

4 Aug 2017

4 must-read fascinating books while traveling by Tristan Nitot

selection_livres_vacances_nitot.jpg

Before going on vacation, Tristan Nitot share with us his great selection of books or documentary that you should read! Perhaps these books will inspire you to switch to Cozy! If you are fascinated by the Silicon Valley A novel: The Circle. Fast, troubly, compulsively addictive - The Circle is Dave  […]

Continue reading

1 Aug 2017

Introducing the concept of Data DMZ, where personal data is safe

nogunsallowed_CC-BY-SA_Roulez_45_CC0_Hakiltu.png

We often hear — as in The Economist — that data is the oil of the 21st Century. This claim is confirmed by the share values of Google and Facebook who, along with Apple, Amazon and Microsoft (the famous GAFAM), are the 5 companies with the best performing shares in the world. As a result, several  […]

Continue reading

21 Jun 2017

Announcing the Cozy Connector community developer program

Cozy_Collect_screenshot.png

Cozy Collect, the app that empowers users to collect their personal data from third parties, using connectors Would like to learn how to make holes in data silos? Let me explain: as Cozy V3 Beta is about to be released, we can move forward on what makes Cozy truly unique: enabling individuals to  […]

Continue reading

- page 1 of 6