hober
commented
3 years ago Moving this issue over to the Ethical Web Principles document, since it seems to be about that.
Closed csuwildcat closed 3 years ago
hober
commented
3 years ago Moving this issue over to the Ethical Web Principles document, since it seems to be about that.
dbaron
commented
3 years ago My reading of your position is that you're arguing that Web technology should be constructed to establish (through technology) rights that cannot be revoked by governments and their legal processes. I think such an approach to rights means that law is then no longer a mechanism for the defense of those rights; defense of one's rights becomes a matter of technological skill (for example, skill at computer security). While such an approach may increase the power and wealth of those with technological skill, I don't think it's a good, fair, or ethical way to structure a society.
csuwildcat
commented
3 years ago My reading of your position is that you're arguing that Web technology should be constructed to establish (through technology) rights that cannot be revoked by governments and their legal processes. I think such an approach to rights means that law is then no longer a mechanism for the defense of those rights; defense of one's rights becomes a matter of technological skill (for example, skill at computer security). While such an approach may increase the power and wealth of those with technological skill, I don't think it's a good, fair, or ethical way to structure a society.
A lot of strange assumptions I see in this reply:
masinter
commented
3 years ago @csuwildcat Could you perhaps say a bit more about what you mean by "most important". W3C is a fundamentally technical forum, W3C isn't really in a position to declare one set of rights "more important" than another.
https://github.com/w3ctag/ethical-web-principles/blob/gh-pages/README.md
has the Abstract:
The web should be a platform that helps people and provides a net positive social benefit. As we continue to evolve the web platform, we must therefore consider the ethical consequences of our work. The following document sets out ethical principles that will drive the TAG's continuing work in this direction.
A set of principles (engineering, safety, regulatory, ethical) should ALL be considered in applicable circumstances. How is "helps people" and "provides a net positive social benefit" different from your proposal for "most important"?
OR13
commented
3 years ago I agree with @masinter ... not sure that one set of principles are more important than another... all should be considered, but I suspect pretty low chance of unanimous agreement on applying an order to the set.
Lets look at some examples:
The technology will avoid the privacy risks of third-party cookies, but it will create new ones in the process. It may also exacerbate many of the worst non-privacy problems with behavioral ads, including discrimination and predatory targeting.
Which is more important:
A. Making money from users? B. Preventing discrimination?
The web must enhance individuals' control and power
We recognize that web technologies can be used by developers to manipulate people, complicate isolation and encourage addictive behaviors. We recognize these risks and seek to mitigate against them when creating these technologies and platforms. We will therefore favor a decentralized web architecture that minimizes single points of failure and single points of control. We will also build Web technologies for individual developers as well for developers at large companies and organizations. The web should enable do-it-yourself developers.
The web is transparent
The web was built on a "view source" principle, currently realized through robust developer tools built into many browsers. We will always make sure it is possible to determine how a web application was built and how the code works. Furthermore, we will always make sure it is possible to audit and inspect web applications and underlying software for security, privacy or other considerations.
In my opinion, FLoC is incompatible with ethical web principles... However, maybe web content won't exist if web operators can't make enough money... perhaps we should add a web principle that supports monetization, since the current set does not include a principle of "the web should be useful for making money"... Or perhaps the principles don't matter if we can decide to implement a technology that runs afoul of them anyway.
Let's consider another example...
While EFF supports regulators stepping in to hold accountable those engaging in fraud, theft, and other misleading business practices, we have been skeptical of many regulatory proposals that are vague; designed for only one type of technology; could dissuade future privacy-enhancing innovation; or that might entrench existing players to the detriment of upstart innovators.
Which is more important:
A. Preventing funding of terrorist organizations? B. Protecting funding of journalist organizations?
See also: Visa, MasterCard Move To Choke WikiLeaks
The web should not cause harm to society
When we are adding a feature or technology to the web, we will consider what harm it could do to society or groups, especially vulnerable people.
Are wikileaks "vulnerable people"?... are they causing harm to society?
Is allowing Bitcoin to exist enabling the funding of a terrorist organization or protecting journalistic rights?
The web must be an environmentally sustainable platform
The web, as a whole, is a big source of carbon emissions, because it is a big consumer of power. New web technologies should not make this situation worse. We will consider power consumption and the resulting emissions when we introduce new technologies to the web.
Is bitcoin's decentralization worth its energy cost?
What happens when one principle costs power to defend, but another principle is to use less power?
Is one principle worth more to society than all others?
Is "Protecting against Environmental destruction" more important than the Economy?
Is "Protecting against Discrimination" more important than the Economy?
bumblefudge
commented
3 years ago Yup, +1 to @masinter and I fear the expertise of the average participant in this process might be too far afield of ethics and governance to make a document prioritizing or even high-level describing the calculus at play, even if I support efforts to define digital and informational rights as a framework for international law and, particularly, anti-trust enforcement and tech regulations. Might just be a question of venue.
csuwildcat
commented
3 years ago @bumblefudge I do agree with you, @OR13, and @masinter that the vast majority of these principles are highly subjective and can be interpreted/weighted in dramatically different ways depending on who is reading them, or straining to read into them (as is the case in recent events). As a result, this document and its contents are clearly inappropriate for use as a tool one would invoke, be it with genuine or dubious intent, to block specifications and technical work. The document should plainly state that each individual member should personally consider these principles in relation to their own behavior and choices, not attempt to use the document as an appeal to morality/authority to hand out dubious Scarlet Letters based on subjective 'principle violations' that may be dubious in motivation and/or lack basic empirical rigor.
I must admit, I'm surprised I got pushback on making human rights the most important principle for W3C members to consider, as evidenced by the statements here against elevating technologies that protect human rights. However, this did tease out an important takeaway we must act on: the principles in the document are clearly hard to weight, full of subjectivity, and are prone to use in divisive, selective ways. The best course is to add language to the document to ensure this does not continue to occur.
louisnk
commented
3 years ago Definitely a complex issue as all have pointed out.
As nearly all of the principles are about people already, it seems environmental and healthy communities are most likely to be coopted as weapons in thinly veiled attacks against human rights. Stating that the web should advance individuals' control and power, or privacy and security, does not sufficiently protect against these attacks on holistic, digital human rights.
Making digital human rights the most important principle may be easy to oppose as it may appear to degrade the importance of other principles if viewed in a snapshot of time – today. However if readers were encouraged to consider this document over a time horizon longer than today I believe we can agree that all of the principles clearly coalesce in support of human rights, including environmental sustainability.
The cost of energy for proof of work today may seem high, but is clearly heavily incentivized towards net zero or better, and contributes significantly towards nearly all of the principles in the long run.
Do some emissions today (one 1 principle) outweigh the benefits to all of humanity (the other eleven 11 principles) today? Perhaps, if we accept that those emissions are making the planet less hospitable.
However if we consider that nearly all outcomes require activation energy to get to a lower energy state, we might see a different calculus. Are a few years of emissions worse than a century of sound money, strong communities, privacy, and most of the other principles, all being protected by technology regardless of authoritarian whims? Perhaps not, if we consider the long history of government power grabs and corporate surveillance that work tirelessly to undermine these principles.
This is all an oversimplification, but it seems simple enough to state that the ultimate goal of ethical web principles is to advance digital human rights, which contributes to human rights on the whole.
After all, these principles are about people and what the web can do for them.
dbaron
commented
3 years ago Let me try to give an example to clarify what I meant:
Suppose that I (David) get a reliable and generally trusted authority to issue me a digital identity that says that I am Daniel. Is it my human right to communicate using that identity and impersonate Daniel, and should Web technology be built so that my ability to continue to use that digital identity cannot be disrupted? Or should Daniel have some method of recourse, perhaps through a legal system, to get me to stop using that identity and impersonating him?
csuwildcat
commented
3 years ago @dbaron you seem to have commingled a couple key concepts, so let's unpack:
Preface - your digital identity is composed of two main things: identifiers you use to be recognized (when you choose to be), and actual identity data about you that you generate, gather, or publish as you choose. Credentials are one type of identity data, as are your tweets, pictures of family, etc.
On to your use case:
did:example:123, that identifier is something no one should be able to feasibly take from you, and you should be able to use it however you choose - this is a fundamental digital human right. We should definitely build and support the technologies that make this possible.The Web, and we as technologists, must ensure both of these critical identity needs are accounted for: 1) people should be able to own and control their identifiers without fear of being Thanos snapped, and 2) identity credentials/data mechanisms should come with the necessary capabilities to enable exactly the kind of revocable severance you illustrated. Luckily, that's exactly what the systems we have been working on make possible, preserving the digital human rights of every party involved in the scenario you mentioned.
csuwildcat
commented
3 years ago @dbaron honest inquiry: how did you come to be of the mind that, in terms of digital human rights use cases, folks here are arguing for a system where a Driver's License errantly issued to the identifier of a 5 year old somehow means it is irrevocable and the 5 year old is able to drive from here on, without intervention/recourse? Did you think credentials issued to an identifier were immutable, or put on a 'blockchain'? If so, that's definitely not the case, so it would be great to talk offline about these critical system constructs, if you'll allow me the time.
lknik
commented
3 years ago Would it be possible to ground this in some more official document of a State or the UN? Just to know what this principle is based on. Human rights did not appear out of vacuum.
tobie
commented
3 years ago I agree with @lknik here, it’s not super clear to me what we’re talking about when we’re discussing digital human rights. The UN has ongoing work on this topic, but it seems little more than a roadmap at this point. Was that what you were referring to?
lknik
commented
3 years ago And if you want to include China's take, here's some new document speaking about "the adherence to the guidance of Xi Jinping’s Thoughts on Socialism" to "monitor against risks" and to "establish correct orientation of the algorithms" in order to "promote the core values of socialism, and adhere to the correct political direction" and "prevention of the risk of algorithm abuses".
Upons second thoughts, maybe it's best to not keep it regional and go with standard UN grounding.
dbaron
commented
3 years ago OK, sounds like I misunderstood some of the details. But what if you steal my identifier (e.g., by taking the computer that it's stored on)?
rhiaro
commented
3 years ago I'm concerned by the framing of human rights vs [other principle], in particular (as seems to be the heart of this) environmental sustainability. I'm seeing this presented as a tradeoff where "more human rights" means "less sustainable". Assuming the basis that we have a technology that has a uncontested positive impact on human rights, but consumes a lot of power (the giant server farms that power the Web certainly do) or requires intensive hardware manufacturing processes, and therefore has negative impact on the environment: so we much choose which is "more important".
But my understanding of the ongoing climate disaster is that environmental destruction itself degrades human rights, exacerbates inequality, primarily impacts the most vulnerable people in the least technologically or economically developed parts of the world.
So rather than "human rights are more important than environmental sustainability" it seems to me environmental sustainability is critical for upholding human rights.
Pitting these two things against each other doesn't make sense to me at all.
In other words https://github.com/w3ctag/ethical-web-principles/issues/52#issuecomment-930630385:
all of the principles clearly coalesce in support of human rights, including environmental sustainability.
+1
csuwildcat
commented
3 years ago OK, sounds like I misunderstood some of the details. But what if you steal my identifier (e.g., by taking the computer that it's stored on)?
It's certainly possible to lose your identifiers or have them stolen, but that doesn't mean people don't have a digital human right to a root of digital identity they own and control. To argue the opposite is like saying people don't have the right to own objects/property simply because objects/property can be lost or stolen.
This digital human right and the technology that enables it protect people from a range of harms, some quite significant, in a world that is becoming more and more dependent on digital systems every day.
OR13
commented
3 years ago @rhiaro
all of the principles clearly coalesce in support of human rights, including environmental sustainability.
I am not sure this is true.
The web must make it possible for people to verify the information they see
We have a responsibility to build web technologies to counter misinformation, allowing information sources to be traceable and facts to be checkable.
The web is federated, and censorship is rampant.
Clearly, the interpretation of these principles does not lead to consistent improvement of human rights...
"Freedom of expression" and "Protecting against misinformation" are incompatible when the network is federated, since there remains a central choke point to attack, and nation states know this.
Google and Apple Inc. on Friday removed a smart-voting app from Alexey Navalny, an imprisoned critic of Russian president Vladimir Putin. Google made the decision to remove the app from its online store in Russia after officials threatened to imprison local employees, according to a person close to the company.
googlers-protest-removal-of-russian-app-as-bend-to-government
Nation states have a role to play in defining the boundaries of digital human rights, and they don't all agree to the same web principles.
In some regions, protecting the state might be more in line with protecting "human rights", then protecting "freedom of expression"... various interpretation of "don't cause harm" can lead to a reduction in human rights... including "don't cause harm to the environment".
FloC uses energy, so does rendering gifs, so does bitcoin... If we want to talk about measuring the environmental damage of web technologies, and argue that the cost is "worth it" to prevent "3rd party cookie tracking"... we can.
OR13
commented
3 years ago To be clear, I am not arguing for "1 principle is more important than all others..." I am arguing for a consistent mechanism for apply the principles, when they conflict with each other... which is the case for regional preferences for environment, social or ethical issues... not everyone wants to live in Sealand... or in US, or China.
csuwildcat
commented
3 years ago To be clear, I am not arguing for "1 principle is more important than all others..."
I'll again note that as a result of this conversation underscoring how fraught with subjectivity the definition, weighting, and empirical application of these principles are, they are not fit for use as a moralizing objection tool. My plan is to draft a PR that adds a sentence or two stating that the Principles are to be applied within the scope of an individual member's implementation and adoption choices, vs a divisive basis for what will often be subjective, amorphous, highly debatable objections that may not even be directly related to the material contents of a given spec.
marcoscaceres
commented
3 years ago @csuwildcat, I’m just not sure that will help. A skilled debater or rhetorician can twist whatever is in the document to make their case or co-opt a position. Additionally, saying that members can interpret this however they like seems somewhat counterproductive.
Having said that, pointing to the UN’s declaration of human rights might give this some grounding.
hober
commented
3 years ago @marcoscaceres wrote:
Having said that, pointing to the UN’s declaration of human rights might give this some grounding.
Yeah, the document should point there, and in fact already contains an xref we can use. #53 adds a [[?UDHR]] to the first mention of rights in the introduction. Personally, I think that PR would suffice to close this issue, but perhaps others disagree.
tobie
commented
3 years ago Anchoring the text in the UNHR like you just did on #53, @hober, seems valuable.
I’m curious whether @csuwildcat was referring to UNHR or to the digital human rights which, as I mentioned above, is a work in progress at the moment, but has some very concrete and very relevant requirements to web standardization. See a primer here (PDF).
louisnk
commented
3 years ago @rhiaro
But my understanding of the ongoing climate disaster is that environmental destruction itself degrades human rights, exacerbates inequality, primarily impacts the most vulnerable people in the least technologically or economically developed parts of the world.
I 100% agree that environmental destruction degrades human rights. That is the reason I wrote that all the principles coalesce to support digital human rights. Without a healthy environment, we fail article 3 of the UDHR: "Everyone has the right to life, liberty and security of person." This is just one of countless other failures, as I think we're all in agreement on.
This is also why technology which may appear detrimental in the short term is ultimately going to have a massive positive impact – the incentives (of proof of work value & data ownership, particularly) are aligned towards ensuring our survival and bringing more people into prosperity. As we see in places with rampant inflation and a history of intervention by malevolent foreign influences, ensuring digital human rights actually starts with those on the fringes who are currently most negatively impacted, and are driving us towards a future of better rights with technology that may appear to conflict with the environmental principle today.
@OR13 - I also agree that we need a consistent mechanism for interpreting and applying the principles. That's why I think @csuwildcat's point of "Digital Human Rights" as paramount enables enough simplification for people to comprehend this document without too much deep thought.
By adding clarifying language that these principles should be viewed on a longer time horizon than a snapshot of today would (I hope) help others see the interconnectedness of all of us and our technology, and adding a line or two about digital human rights as an unifying concept gives a focus for that longer range thinking.
rhiaro
commented
3 years ago We could also mention https://datatracker.ietf.org/doc/html/rfc8280 which is pretty comprehensive.
rhiaro
commented
3 years ago Clearly, the interpretation of these principles does not lead to consistent improvement of human rights...
I'm not sure if I understand right, but it sounds like you mean because the current status of the web is not perfect, it means the EWP are not valid. Unfortunately I don't think every part of the web has been built with the EWP in mind so far, particularly since the EWP was only published three years ago. The EWP are aspirational, rather than necessarily what exists in practice at the current time.
"Freedom of expression" and "Protecting against misinformation" are incompatible
The EWP already states:
So the need for balance here is clearly acknowledged. Perhaps there's more about this balance we can stress, along the lines of "my rights end where your rights begin"? But, again, it's clear to me that the current state of the web does not match the ideals presented in the EWP.
We can also use the priority of constituencies as a guide when the rights of eg. an organisation might conflict with those of an individual.
OR13
commented
3 years ago What is the term for creating lots of laws and then selectively enforcing them?
I am not suggesting that it's possible to harmonize these principles in a way that would be appropriate for all regions.
My fear would be that EWP is setup as a guide, but then enforced selectively based on the preferences of vocal minorities or majorities... it becomes a tool to obstruct, not a guide for improvement.
If the principles are competing and "need to be balanced"... who gets to decide when we have achieved "perfectly balanced as all things should be".
I think the "priority of constituencies" is the right kind of tool for evaluating balance, and I think it's worth trying to improve here, but we should be careful framing EWP as relevant to everything given its potential for abuse... it could be become a built in vulnerability in all W3C specs.
rxgrant
commented
3 years ago @dbaron
OK, sounds like I misunderstood some of the details. But what if you steal my identifier (e.g., by taking the computer that it's stored on)?
Then (in a well designed DID Method) you revoke. Supporting revocation is a MUST in the specification.
This could be done by broadcasting a revocation certificate stored on waterproof and fireproof media in a moderately secure place, or by communicating (out-of-band, of course) with a quorum of your trusted associates who are acting as your recovery/revocation functionaries.
edit: Revocation has long been solved by PGP, so you might be wondering what DIDs offer that is new. The answer is actually a good reason to use a blockchain: censorship resistance. That's not because they're connected to money, but because they're very battle-tested and have very many active nodes. Although the widely reported Bitcoin node count is only ~10k, there is a more sophisticated node count of ~60k available as well.
hadleybeeman
commented
3 years ago Hi folks – This has been a wide-ranging and interesting discussion, and we thank you for your thoughts.
As we're trying to focus our work on specific changes or additions, I'm going to close this. However if there are specific and actionable contributions to the document that people would like to make, then I encourage you to open up a new issue in this repo for the Ethical Web Principles Finding on that specific suggestion.
With society relying more and more on digital interactions for work, personal, and community life, many digital activities have come to underpin a de facto set of digital human rights, which include: the ability for people to maintain identifiers that cannot be feasibly taken from them (unlike the identifiers of today, which are leased by companies and centralized entities), the ability of dissidents and at-risk individuals to connect/publish ID-linked data in censorship resistant ways, and the ability of individuals to exchange encrypted communications from self-owned IDs.
While the W3C's Ethical Web Principles document does include these sections:
^ they do not elevate digital human rights above other considerations. This is problematic because the EWP document contains far more subjective principles that can be conveniently used to oppose initiatives and technologies that materially aid in the protection of digital human rights. An example of this can be seen in the recent disagreement over the Decentralized Identifier spec: some have argued that using 1/20th of the emissions we dedicate to clothes dryers is not worth enabling systems that can protect people from the serious harms that result from centralized entities being able to Thanos snap any identifier and reliant connection graph they choose, effectively severing people from the digital relationships and communication connections they have formed. Additionally, the technologies that mitigate this harm can also allow people to connect more directly, removing many third parties who are currently privy to their personal digital exchanges/content. There are many more examples, but we certainly owe it to the world to do whatever we can to mitigate these growing threats to digital human rights.
It is the personal opinion of this participant that digital human rights are the most important of all principles, yet the EWP document does not reflect this. It is incumbent upon us to amend the document and clearly state that digital human rights are the most important consideration of all, a seemingly uncontroversial view I would be surprised to see opposition against.