Personal Digital Ecosystems and The Viability of Complete Digital Privacy

Image for Personal Digital Ecosystems and The Viability of Complete Digital Privacy

It should be completely possible to have all of the convenience of Google's and Apple's ecosystems with zero compromise of personal privacy and no reliance on large centralized systems.

Technologically speaking I love what Google, Apple and Amazon are doing. I love the cloud, AI, Android OS, smart home systems and everything that they provide. I do believe that these technologies represent a natural evolution of a technological society, and that they should keep evolving.

The problem is that, as of right now, it seems that they come with some pretty concerning caveats. It almost feels like these kinds of technologies are impossible without large scale data mining and privacy compromises. And for the most cutting edge in these areas, such as various AI applications, it can be argued that they in fact depend on the existence of centralized hyperscales like Google, Apple and Amazon. How else can you gather up sufficient training data for the sophisticated AI that we're seeing from these companies?

Well, I believe that it is possible, and that it must be possible. I think people have solved challenges far larger than this one. The real problem isn't so much the amount of data that is required for this kind of tech to work, but the way this data is structured and how it is controlled and owned.

But let's start with relatively easy examples.

Software

Even today we have relatively solid alternatives to the software provided by the tech giants. Servers are already dominated by Linux, and desktop Linux is quickly becoming such a solid experience that I believe it is far underappreciated by most people, and ripe for discovery by the masses. Adoption is a slow and painful process, but its potential can hardly be denied.

On the mobile operating systems front we have excellent deGoogled Android based alternatives such as Lineage OS, Graphene OS and e-OS as well as the non-Android Linux up-and-comers like Purism's Pure OS and the pioneering Librem 5. These are only going to continue to develop.

Then we have the emergence and increasing popularity of privacy-focused web browsers such as Brave with even the tech giant's browsers beginning to take up privacy-oriented features, like the new Apple Safari browser, if you're willing to trust them.

Add to that the rising popularity of encrypted messaging, HTTPS everywhere, VPN services and the existence of privacy auditing and rating mechanisms for choosing the right ones, and it is becoming clear that we can increasingly rely on an entire software stack that protects our privacy and keeps our data under our control.

Hardware

Of course, software is not enough. Even the firmware in the hardware of our phones contains components which can be used to collect data such as precise location tracking. I'm not talking about GPS, but WiFi triangulation firmware that is often tied to unique device identifiers, for example.

This is where things are a bit more difficult at present with only a few early options such as Librem 5, but with the rising awareness and demand for privacy there should be plenty of development in this space as well.

Cloud Infrastructure

You can have privacy protecting software and hardware, but it's not gonna do you any good if you still rely on the various cloud services and cloud based applications which rely on the big tech clouds such as Amazon AWS, Google Cloud Platform and Microsoft Azure. 

To be sure that our data truly is under our control we do need a level of decentralization of cloud computing, and this is going to prove quite difficult considering the sheer gravity that major cloud providers have among developers. 

However, there are promising developments in this space as well, at least in terms of what is becoming possible. Docker and kubernetes along with the entire ecosystems that are developing around them are making it easier to achieve a much higher level of independence from major clouds than ever before, and the somewhat less popular clouds vying for market share are even banking on the idea of hybrid clouds which give developers and companies this kind of independence (such as IBM with its newly acquired RedHat).

For true decentralization to occur, however, we will need much more than that. We will need complete commodification of cloud infrastructure, the ability to use any infrastructure from any provider, small or big, for the construction of fully featured cloud services that don't need to depend on big data-hungry players at all. And again, this is what kubernetes can help achieve, with the entire cloud stack available as open source software that can run almost anywhere.

Cloud Platforms and Services

Services like GMail, Google Maps, Google Docs, Microsoft Office 365, OneDrive, iCloud and so on can be replaced by open source alternatives that anyone can host, and there actually are many great examples of these, such as NextCloud. Users can sign up with one of many competing hosts of these systems and the more tech savvy among them can spin up their own.

It is often the sheer scale of big tech cloud services which provides for their almost unbeatable reliability, but with decentralization of such services you don't necessarily need to scale that far. You have many NextCloud instances distributed around the world, for example, instead of a single hyperscale cloud powering such a service.

The overall quality of open source cloud platforms is likely to improve further over time to the point of being almost indistinguishable from big cloud providers for most users resulting in commodification of those kinds of platforms.

AI services

What we covered so far is all well and good perhaps, but there is the elephant in the room. When people switch away from Google's ecosystem they are soon to find out that there's just something missing. These alternative systems just aren't as smart or as convenient as what Google provides, and that's because there's a major catch.

All that data collected by big tech players is also used to feed AI systems which make these services so convenient. In other words, the more AI knows about you the better your experience becomes, and there's hardly a way around that. Once you get hooked to well placed suggestions, notifications, day planning etc. it's really hard to go back.

There's a purpose to the madness, and unfortunately the price is your privacy. This is what makes this particular point the hardest of all.

But it doesn't have to be this way. I think we'd be wrong to just assume that AI systems must rely on centralized silos of training data in order to achieve high levels of usefulness that we now have. 

You should own your own data, period. It shouldn't travel beyond your personally set boundaries at all. This means that you should have your own personal AI, owned by you and trained by only your data, right?

Well, not quiet. The key, again, is decentralization, as well as transparency. Your cloud can collect your data for your personal AI, but you can decide to let some of that data flow into pools of data used by other personal AI systems, and the data you let out doesn't have to be identifiable in any way - no unique IDs, no fingerprinting, none of that.

These identifiers are just not necessary for AI to learn about general human behaviors that will help them understand how to better serve you. The units of human behavior and their contexts can stand on their own.

In other words, there's a difference between AI knowing YOUR behavior and AI knowing HUMAN behavior. This key distinction opens the possibility of training smart AI systems that can offer the same levels of sophistication with none of the privacy sacrifices that now seem to be assumed as necessary for that purpose.

Trustless Computing

Now that we have the software, hardware, cloud infrastructure, cloud platforms, and AI platforms back under control of individuals we can complete the puzzle by removing any remaining middlemen: banks, governments and their financial and contract enforcement systems.

The obvious solution here is the blockchain technology powering cryptocurrencies, smart contracts and decentralized apps. What is so revolutionary about blockchain is not just the fact that you don't need a middleman to trust, but that it is actually far more trustworthy than any middleman can ever be.

You can't argue with the immutable distributed public ledger. It would be like arguing against the universe itself or like trying to change the past itself. You can pretend it hasn't happened, you can lie about it, but you just cannot change the facts, and no person can. Once the record is made it is enshrined there virtually forever, or as long as a given blockchain is relevant to anyone.

How best to remove the fallibility of trusting people? By removing the need for trust in the first place and let the cold hard facts speak for themselves. Nothing can beat technologies like blockchain and other ledger systems for that.

Trustless computing would in fact be the final hard shell protecting your entire personal digital space - your software, your cloud, your AI, and the data that they store and process. Every person in the digital world therefore becomes a protected universe in and of itself, under complete control of its rightful owner.

Conclusion

We already have the technology for building a digital realm in which privacy concerns are a thing of the past without sacrificing the technological evolution that we've come to expect. 

Instead of centralized ecosystems controlled by the few data collectors, middlemen and their AI we can each individually have a block of our own private space that nobody can intrude into, connected to a network of such protected spaces that only share the common software, parts of infrastructure and ever improving shared AI, but none of the actual private data on private lives. 

The connectedness of these private spaces is what allows for the continued evolution of such technologies while their hard protective layer prevents such evolution to come at the expense of personal privacy as well as the authenticity of our identities, validity of our transactions, and reliability of our currencies.

Many have come to expect that technological evolution makes even greater centralized control, surveillance and even all powerful AI overseeing it all to be inevitable.

It is not. But where we ultimately end up will be up to everyone involved; those developing these technologies and the choices of the rest of us.