However, I’m concerned Solid is ill-equipped to tackle the challenges of the data ownership space and deliver impact. This article explores some of the problems PDSs face and suggests we need a strategic approach that’s user centered, systemic and allows for a diversity of approaches to overcome centralisation.

Can we sell privacy?

The scandals over Cambridge Analytica’s abuse of Facebook’s app privileges, and the implications in terms of political influence and the spread of disinformation, has led to a significant rise in interest in the decentralised web. People increasingly distrust Facebook which shares your phone number with advertisers to target ads and Google which tracks your location even when tracking is explicitly disabled. More recently, the unwitting exposure of at least fifty million Facebook profiles to the prying eyes of random hackers will only increase the pressure on companies to demonstrate that they can be safe custodians of personal data. So earlier this year, myself and Simon decided to explore the personal data store space to assess the effectiveness of the approach Solid takes.

How does a Personal Data Store work?

Solid’s model is typical of a lot of the PDSs we looked at. User data lives in a datastore. The user either self hosts, or pays for someone to securely host a PDS on their behalf. Applications read/write to that data through user controlled granular permissions.

In the best case scenario of this model, app developers simply provide the interface and functionality of, for example, a calendar or journal app. The data always lives in your datastore. When you browse your journal or calendar in a web or desktop/phone app, the data from your datastore is displayed in the interface, but it’s securely transmitted between you and your datastore. No other parties are able to access it. This would be game changing.

But there are challenges

1. Most digital transactions require verified claims

Much of Tim’s narrative assumes that there is clear ownership of data, which is far from straightforward. Different entities are looking for different kinds of data:

• For the majority of digital transactions and interactions (buying things online, applying for services, booking a flight, proving my age), the most valuable data is data asserted about me from an authoritative source. For example, that I have a valid driving license or verified address, bank account, passport.
• For advertising, it’s what I bought and where I clicked as well as profile data (email address, demographic and interests info). This data is generated by the services I use (e.g. Facebook, Google, Twitter).
• For AirBnB and Uber it’s the ratings that other users have given me that’s important, which isn’t data I obviously ‘own’.

Yes, some of this can be self-asserted, but organisations often want objective data based on behaviour and decisions made about us not what we say is true. Mortgage brokers don’t just want my assertion that I have income, they want proof.

This means that Solid’s use cases will be limited unless it partners with institutions like banks and governments to assert and verify such data. Luckily there are standards being developed in the W3C to facilitate this, but we still need good frameworks and incentives for why such institutions will spend the time/energy to share and verify data about us, how this happens securely and how GDPR requirements are met.

2. If we narrow the market, the value proposition is hard

Putting aside verified claims, we then have the potential market of apps or services which only need self created data, preferences or quantified self data. This could be my calendar, todo list, journal entries, emails, messages, Apple/Google health app stored data, Fitbit data, what websites I use, time spent online, and so on. This is still a major market, but one already well catered for.

What’s the offer to users?

I want to see user research that identifies real problems users have with the current status quo which Solid will solve well enough to overcome switching cost and inertia. Most privacy concerns are centered around Facebook — but people are not on Facebook because they lack alternatives. There are numerous well designed, encrypted, decentralised and privacy preserving, even blockchain-based, alternatives. However, your current social network isn’t portable and the value of Facebook and Twitter comes from the people using it. The way we tackle this is to push for regulation around open protocols, not by expecting everyone to switch.

So if we can’t sell privacy as a product in social media, we need evidence of where else these priorities will bring users. Alternatively, decentralised or PDS-integrated tech must deliver novel and valued functionality or be solving major problems users have with existing centralised solutions.

What’s the offer to companies and app developers?

For companies, service providers and app developers the value proposition is hazy. I have yet to come across a PDS provider with an impressive or long list of partners and companies. Most existing business models depend on controlling the data and using it to improve a service and provide valuable analytics to up-sell paid plans or directly monetise the data collected through advertisers and third party data marketplaces. Giving this up requires incentives or regulation.

If Solid uptake is big enough to attract app developers, what stops the same data exploitation happening, albeit now with an extra step where the user is asked for ‘permission’ to access and use their data in exchange for a free or better service? Consent is only meaningful if there are genuine alternatives and as an industry we have yet to tackle this problem (see how Facebook, Apple, Google, Amazon ask for ‘consent’). What’s really going on when users are asked to agree to the terms and conditions of software on a phone they’ve already bought that won’t work otherwise? Or agreeing to Facebook’s data selling if there’s no other way for users to invite friends to events, message them or see their photos if those friends are Facebook users? I wouldn’t call this consent.

The answer may lie in partnering with civic or NGO organisations that have different incentives, but many users. Organisations like the BBC, governments, local authorities, the charity sector, and even financial organisations like Funding Circle and other peer-to-peer lenders. This is a worthwhile avenue to explore, but it doesn’t feel enough.

Alternative approaches

It’s time to challenge the standard economic approach when it comes to digital. The economies of scale are fundamentally different and we need bold new frameworks to ensure that technology benefits and protects everyone in society. Governments could and should invest in open infrastructure so that the basics of communicating online or connecting with people, cannot be ‘owned’ by companies, but is a shared basis like the internet or email protocol.

I’m thrilled Tim is pushing forward with Solid, but we need to be thinking bigger. Let’s start tackling the broader challenges and opportunities for a decentralised web to deliver a better ecosystem for all. Solid and similar projects need user research, user centered design, marketing and coordination to ensure interoperability and a user experience that can compete with the status quo. Common authentication and authorisation standards for digital identity and login and communication standards that work across applications and services will help break down silos and create real benefits to users and companies to motivate the move away from digital monopolies. It’s time to push for serious funding and resources into such public infrastructure to create an internet and web that works for everyone, just like Tim’s original vision.

The post How solid is Tim Berners-Lee’s plan to redecentralize the web? appeared first on P2P Foundation.

Holochain : The Blockchain picks up a Dimension

Jamie Klinger: Bitcoin’s central mechanism — the Blockchain — is a monumental achievement in computer science. And from that central achievement, many other cryptocurrencies have emerged attempting to improve the model in one way or another. Holochain has come along to further decentralize, maximize efficiency, and allow for all types of interfaces and applications to be built with it.

Holochain harnesses the parallelism of BitTorrent to power fully distributed apps.

Holochain is a data integrity engine for distributed apps

An Engine is “a machine with moving parts that converts power into motion.” (Source: Google)

Data Integrity is what blockchains and torrents have been doing. They make certain that the data on my computer is the same as the data on your computer. They make certain that the order of the data is exactly the same, otherwise there would be a malfunction.

Distributed Apps are apps that run locally on your personal device (as opposed to in the cloud).

https://www.pexels.com/u/lumariia/

A centralized app like Snapchat offers you a small file (the app) to download that sends data through centralized servers.

A decentralized app like TenX runs on a decentralized blockchain (Ethereum).

A distributed app would run locally on your personal device and would offer peer-to-peer connections.

So if Snapchat were a distributed app, you and your friends would all have the (d)app on your phone, and when you send a photo, it would be sent directly to your friends and only to your friends. No intermediary servers. No intermediary blockchain.

Another way of seeing distributed apps are as scripts (executed code) that hook into distributed databases, compiling data.

Holochain allows you to build interoperable apps for communication

https://www.pexels.com/u/gratisography/

If you want to build a Twitter clone on Holochain (which, incidentally, its core team has already started, and it’s called “Clutter”), you decide on the rules for message size, hashtags, and whatever other parameters are important to you. Maybe you decide that for your specific Twitter app, it is crucial to segregate posts by the person’s color preference, so in the creation of your app, you hold a sign-up requirement for people to share their favorite color.

Now, when you post a poll and people begin to respond, you can have their answers sorted automatically by the respondent’s favorite color.

Ok, so you made Twitter with color preferences, we’ll call it Color-Twitter. That’s not the most useful feature in my opinion, so I make a poll asking people to vote on a more useful parameter and gather statistical information. The group votes and they choose age. We then request to the creator of the app to add in this parameter to Color-Twitter. Here’s what happens next.

https://www.pexels.com/u/sebastian/

The app creator likes your idea

Congratulations! The app creator wants to integrate your update! They build the new functionality into the app, but since it is a distributed system, everybody who is using the platform needs to download the latest version.

The founder will run both versions (and hopefully many people will do the same to facilitate the transition) where the users who have upgraded will leave one final tweet saying, “I no longer post here. Find me as HonestlyJamieK on ColAge-Twitter, follow this link.”

Some users may choose to stay behind and continue using Color-Twitter. They will not be able to interact with ColAge-Twitter accounts. But it could be possible in the future that ColAge-Twitter accounts can interact on the old chains of users still running Color-Twitter. This is because the parameters for Color-Twitter have been met by all users, but the parameters of ColAge-Twitter have not been met by all users.

Color-Twitter can only exist as long as there are users running that specific app. If all of Color-Twitter users go offline and/or upgrade to ColAge-Twitter, it will no longer be accessible.

Users who have chosen to use ColAge Twitter are now required to register their age before being able to join..

Once Ceptr — a parent project encompassing Holochains and related tech that would further simplify interoperability — is integrated, it could be fully possible that if another application already holds the information required by this app, Color-Twitter could automatically make a request for access to this parameter. This can be looked at a little bit like an auto-fill feature. In other words, by filling out your age once, you might never have to fill it out again, you would only need to approve access to that information by a specific app that you downloaded.

https://www.pexels.com/u/pixabay/

The app creator does not like your idea

If the creator does not believe that this is the vision of their system, they can refuse to upgrade and remain with Color-Twitter.

Now, the same thing happens as before except that the founder of Color-Twitter is the one who is left behind. I can take the original app’s code, fork it, add the parameter of age, and launch it in holochain as my separate app. People can now use my app to broadcast tweets too if they choose.

Just like in the other example, if my new app follows all of the rules of the Color-Twitter, when someone broadcasts on the ColAge-Twitter app, they can (if they choose) simultaneously broadcast on the Color-Twitter app. As long as the rules of all the apps validation rules (color for Color-Twitter, color+age for ColAge Twitter) are met, you can broadcast across as many apps as you are running; the holochain-equivalent Facebook, Flickr, Slack, etc.

https://www.pexels.com/u/pixabay/

Distributed, not decentralized

Want to post on the Color-Twitter? I hope you’re prepared to share the network load. Holochain apps will be light enough to run on your cell phone and will be efficient enough to only be grabbing the information you request at any given time.

If the system was decentralized, we would require upgraded nodes for ColAge-Twitter to be able to run. With a distributed system, it is entirely individualized and is up to the user base to voluntarily follow along. However, if your dApp is financially sustainable and you want to provide your users with access without requiring them to maintain a shard* of the system, there will be an opportunity for dApp maintainers to run nodes/servers.

*Each app consists of a series of shards distribted across the userbase sharing the serverload, comparable to torrent functionality

https://www.pexels.com/u/kaiquestr/

Lyft & Uber vs La’Zooz & Holochain

La’Zooz was a blockchain-based ridesharing app. It functioned as a self contained system. The network was supported by its mobile app users running the app and earning tokens, who were supported financially by token purchasers, which worked by having drivers accept the tokens. They completely removed the middleman that is Uber. While that project itself has fallen to the wayside, the idea of it seemed completely obvious to anybody who has ever played with blockchain — and it won’t be going away.

Why pay a middleman when the system can be taken entirely out of the hands of a corporation? There actually are a number of very important reasons why Lyft and Uber need to exist today and why the blockchain isn’t ready for them just yet. There are legal challenges, security issues, insurance requirements, etc., that make a purely peer-to-peer system for ridesharing a bit out of reach. But in a few years, we can expect smart contracts to enter the equation and solve many of these problems.

Decentralized and/or Distributed reference systems are right around the corner. We can create parameters for verification of proper insurance, background checks, and any other requirements for potential drivers. This would function similarly to a smart contract, allowing for users to move through to the next level of verification once accepted through the former.

And once the Uber-clone is up and running, somebody can decide to fork it and generate an eco-friendly version which would only support drivers using electric cars. Eco-Uber might cost more, but it would offer a new parameter to its participants.

https://www.pexels.com/u/gratisography/

There Are Too Many Apps!

After Eco-Uber started, somebody created Red-Uber for red cars and Blue-Uber for blue cars. If the driver is subscribed to the Mass-Join-Drivers App, and fits the appropriate driver parameters, they can automatically (with permissions) becomes a driver for all of the latest apps.

For users, imagine someone now has a list of options to choose from (Red-Uber, Blue-Uber, etc) and it’s just too many unimportant choices for them. They don’t care about who drives them from point A to B, they just want to get there quickly.

Just like with Color-Twitter and ColAge-Twitter, if you as a broadcaster meet all of the requirements, you can broadcast to whomever you like, even multiple applications simultaneously.

So the user sends out their lift request to all of the appropriate driving apps. Once the first driver responds to the call, it will ping the user and then automatically cancel all of the other lift requests.

Holochain is like having access to all of the capabilities of all of the Internet apps simultaneously without needing an API, because the languages are entirely compatible. Holochain is the equivalent of having an IFTTT layer built underneath the entire Internet.

It is important to note that some of the deeper features described in this article will require self-describing protocols which have been built into Ceptr, a highly related but (currently) separate sister project.

The Ultimate Dashboard

Today, we are forced to settle for what Facebook’s algorithm decides to show us. Our capabilities for manipulating our feed are extremely limited. With Holochain, we are only limited to the parameters set by the applications. And if you and your friends don’t like those parameters, you can change them with a forked app!

And because the information exists on a layer on top of the app and isn’t held proprietarily, you can mix and match your feeds to your heart’s content. I might create dashboards for all different circumstances and be able to jump between them seamlessly. Everything dog-related from all of my app channels from users who have posted at least 10 times could be one of my dashboards. All pizza-related posts by users with a high reputation level who live within 10km of me could be another dashboard.

Because the information isn’t forced to sit uniquely in each application, the end user can create a customized experience with the parameters of their choosing. The possibilities for data mining and consensus building are endless. End the data-monopolies of Facebook and Google. If we choose to use Holochain, we choose how our information is shared and empower the commons to utilize it for collective growth and understanding.

Sources:

• CEPTR Home
  
• Holochains for Distributed Data Integrity
  
• Arthur Brock’s Personal Web Site | Arthur Brock 

Lead image: https://www.pexels.com/u/invisiblepower/

The post What is Holochain and why does it matter? appeared first on P2P Foundation.