This week LinuxCon (http://events.linuxfoundation.org/events/linuxcon-north-america) is in New Orleans. I have to say, I have mixed feelings about the program thus far. On one hand, the keynotes have been very upbeat and interesting with a lot of positive energy from the speakers and the crowd regarding the future progress of Linux. On the other hand, the breakout panels seem to be very lack luster – a sentiment I arrived at by comparing my own experiences with some of my colleagues. As someone used to attending academic conferences rather than conventions, I am used to more technical details and meaty discussion than I experienced here. My expectations may have been too high, but it does seem most of the talks are really thing veneers of legitimacy over sales pitches.
Frank Karlitschek of ownCloud (http://owncloud.org/) gave a talk entitled “Living in a Cloudy Post-PRISM World” which billed itself as discussing the trend of bringing cloud technologies back in-house and discussing the implications of privacy and security. The talk was severely disappointing and light on details. It touched on some of the more sensational headlines going around in regard to what encryption the NSA may or may not have compromised, but treated numerous encryption protocols as failed rather than discussing anything in depth.
He transitioned from that to what he presented as “8 rules” to take back the internet for the uses – unfortunately I cannot seem to locate his slide set, so I cannot touch on all of them – two of those rules stuck in my mind because they dealt with data ownership and privacy issues (a pet topic of mine). The rules centered around two relationships: User-to-Service and User-to-User. User-to-Service includes things like Facebook, Flickr, Twitter, Pintrest, etc where the user uploads data to the service in order to make use of the social network while User-to-User involves transfer of data to another user (i.e. sharing photos or statuses).
In this context, Mr. Karlitschek advocated for users to retain “ownership” of their data, but then moved on without giving specifics. This was where my disappointment really began. Firstly, left by itself, his point is invalid – users are the owners of their data through their copyrights. The mere generic act of uploading your work somewhere does not put it into the public domain, or transfer your copyright to someone else. Copyright is a more complex animal than that. What I think he was trying to articulate was the draconian Terms of Service sites like Facebook enforce require you to grant them an expansive license to your work in exchange for using their service.
This question of the license extent is a legitimate problem up for discussion because you have to grant them some rights in order for the services to function on a technical level. Every act of copying, even merely from storage to memory [see MAI Sys. Corp. v. Peak Computer, Inc., 991 F.2d 511, 517-18 (9th Cir. 1993) (finding the conclusions of the district court, that transferring a computer program from permanent storage to RAM is a copy for the purposes of the Copyright Act, were supported by the law.), SeeMDY Indus., LLC v. Blizzard Entm’t, Inc., 629 F.3d 928, 938 (9th Cir. 2010, amended Feb. 17, 2011) (noting the parties agreement that a the copying of game software into temporary memory potentially infringes unless the human operator is a licensee operating within the scope of the license or owns a copy of the software, and citing MAI Systems v. Peak Computer.)] for more than a transitory duration [see Cartoon Network LP, LLLP v. CSC Holdings, Inc., 536 F.3d 121, 127-28 (2d Cir. 2008) (Accordingly, we construe MAI Systems and its progeny as holding that loading a program into a computer’s RAM can result in copying that program. We do not read MAI Systems as holding that, as a matter of law, loading a program into a form of RAM always results in copying. Such a holding would read the ’transitory duration’ language out of the definition, and we do not believe our sister circuit would dismiss this statutory language without even discussing it.”)] results in copyright infringement if the copying entity is not licensed to do so by the copyright holder.
The legitimate argument centers around where it is permissible for services like Facebook to take far more rights than necessary to achieve the technical needs of the service in order to exploit a user’s work commercially. This concern is heightened by the inferior bargaining position users are in relative to the service they use. In my follow up questions to Mr. Karlitschek I asked where he was drawing the line or what rubric he was advocating for establishing the separation between rights necessary for the technical operation of a service or for sharing with others and rights which go beyond that to violate his rules.
Unfortunately, he had no answer beyond advocating there be a line somewhere. I find this incredibly disappointing because the concern over how many rights social networks and other services require from their users is not a new point. Those concerns have been around for years, and there is a mature discussion about them. Giving a talk essentially starting from square one while ignoring existing work on the topic is inappropriate, but is the general tone of many LinuxCon talks this year.
The above being said, not all the talks were bad. Dawn Foster from Puppet Labs gave a very interesting talk entitled “What Science Fiction Can Teach Us About Building Communities” in which she did an amazing job relating aspects of community management to themes and character archetypes in several popular books. Getting people to work together well is hard, doing it on the internet is ever more difficult. Text is just not a good vehicle for conveying the emotional queues we use offline to govern our social interactions. The Open Source movement is only as strong as its community, so a dysfunctional community will result in a dysfunctional project – or at least a less effective one. I give her major kudos for stressing the single-point-of-failure problem.