Mozilla

User Sovereignty for our Data

January 13th, 2012

Our Internet experiences involve more and more data about us. Some of this data we create ourselves.  Sometimes our friends and acquaintances create it, and sometimes the services we use create data about us. On one hand this enables all sorts of exciting new applications. On the other hand, there are some very disconcerting aspects to the explosion of personal data. The ability of big data and cloud service providers to monitor, log, store, use, correlate and sell information about who we are and what we do has huge implications for society and for individuals.

Right now there’s no convenient way for me to share information about myself and maintain control over that information. I share information about myself by putting it someplace where someone else makes all the rules. That “someone else” is the application. Most people think of Facebook or Google, but this issue is much bigger than either of them.  This is an issue of the architecture of user data today, and applies across the Internet. Think of the big recommendation / review sites, or any other application you spend a lot of time living in. Think of any social network you’ve identified connections in. The only convenient way for us to have a “home” at one of these sites is to contribute our data and have whatever control the application developer chooses to give us.

These issues have big implications for Mozilla.

First, it means we should do some new things in the user data space. To really help people with the way we use and share data today, Mozilla will also need to offer people the choice of storing data in the cloud in a way that allows services to access it with your permission.  This will be a new thing for Mozilla. It will involve new challenges.  It’s important that we take these on and address them well. If we develop an offering that handles user data in the cloud properly we will help ensure choice and user sovereignty in new areas of online life. Each of us should have a meaningful choice about where and how our data is stored and managed. No other organization have both the ability to do something totally focused on user sovereignty rather than financial profit, and the ability to have wide impact. A Mozilla presence in the cloud will allow us to to fulfill our mission in important new areas of online life.

Second, this means our approach to handling user data must be different from the industry norm. It must put you at the center, array your data around you, and let you deliver that data to any app you want, on the terms you want. It should store user data when there is a measurable benefit to the user, rather than gathering everything in the hopes that data mining will provide value to someone else. It should allow people to determine if their data is available to others. The principle of user sovereignty will affect the way we design every aspect of our offerings.  Mozilla offerings must embody the values of the Mozilla Manifesto and our privacy principles.

My colleague Ben Adida (tech lead for identity and user data and one of our resident cryptographers) has written a piece describing our thinking on how to build such products.

28 comments for “User Sovereignty for our Data”

  1. 1

    Brian said on January 13th, 2012 at 10:27 am:

    You take a look at UMA. It’s largely overlooked, but something wicked this way comes…

    http://kantarainitiative.org/confluence/display/uma/Home

  2. 2

    Pingback from Who owns “you” online? « o p e n m a t t

    […] Mitchell Baker and Ben Adida‘s blog posts on online identity and what Mozilla is doing to empower users are important reading for anyone who cares about where the web is headed. […]

  3. 3

    Sean Michael Kerner said on January 13th, 2012 at 3:35 pm:

    The term User Sovereignty is a very powerful one. I’ve always though in terms of privacy for data and open source for my code. Please push this message in everything you do, you’ll make the web better for us all.

    Thank you.

  4. 4

    Justin Hawkeye said on January 14th, 2012 at 5:14 am:

    I had an idea some time ago for a service and potential business based on that and a related issue.
    My angle was from the fact that when your information changes, say, you get a new phone number, you move, you marry or divorce, you have to update multiple groups of this change. Why not have a central location?

    My idea is to have a cloud service, where you use a *locally run program* to encrypt your information, where every piece gets it’s own rsa key. I. E., your first name has a separate key from your middle name has a separate key from your birth day of the month, which has a separate key from your birth month… Yes, this is potentially literally hundreds of keys, and thus *generating them* will take a bit of time… That is currently the challenge. But doing it this way, encrypting using the public key, means you can hand *the keys to the information you want to give out* to a program, website, friend, etc, but they cannot access what you do not give permission for. And if the data changes, they just requiry the server. The keys that are given to entity x will be private keys, encrypted using entity x’s public keys, so no one else can access it. And entity x will have different keys handed to it than entity y, even if they are given access to the same information. And when you update your information, new keys are generated.

    The user must be able to download all of their information at will, for free, and host wherever they want (at the loss of your credit card company, for example, not being able to necessarily access the information as readily), but this gives the largest guarantee of control of your own information that is possible.

    This has a benefit of preventing warrantless demands for user information, such as the US government may sometimes make, or the Iranian or Chinese government make seek, from being as easy. If the user encrypts everything on their computer, with no help from a central server for the keys, the only option for rogue entities, be it governments or hackers, is to brute force either the data, the individual’s login, or an account that is given access. Of course, if you give your DMV certain information, the government can just request that, but it doesn’t help with what you didn’t give.
    And this can be taken further, putting your information into an array row, and encrting the columns, meaning you have to have all of the keys to get any information. And you can combine Shamir’s secret sharing algorithm to require further knowledge or agreement to access the information.

    But this really taxes a poor desktop to encrypt your address, for example, so your dozens of credit card numbers, expiration month, year, security code, bank account information, im login credentials, website login credentials, etc make it impractical, unless keys are generated before or while you need them…

  5. 5

    Mitchell Baker said on January 14th, 2012 at 9:14 am:

    Justin
    We have similar goals. We’re still finding that key management is a big issue, so we’re trying tom other things as well. Please see this post from my colleague Ben Adida: http://benlog.com/articles/2011/12/21/encryption-is-mostly-not-magic/

  6. 6

    Pingback from Mozilla Slovenija

    […] prevod bloga M.Baker […]

  7. 7

    Mike Ratcliffe said on January 16th, 2012 at 6:01 am:

    Sharing of data makes a lot of sense, especially in an increasingly mobile world. Of course, preventing duplication of data and enforcing correct usage of keys is the big challenge here, although subsets of data should be simple enough.

  8. 8

    Paul Booker said on January 16th, 2012 at 9:09 am:

    It’s great to hear Mozilla starting to talk more about the need to get into Cloud services to protect user sovereignty on the Web . It’s surely only a matter of time now until we start talking about sovereignty on the social Web and federation.

    Best, Paul

  9. 9

    said on January 17th, 2012 at 6:28 am:

    I am very enthusiastic that in 2012 user sovereignty has begun to enter our dialogue. These are long legs that will redefine what technical systems enable, and more importantly, what Human people can expect from their participation in a Society that is technically enabled.

    I have often wondered over the years if Mozilla would get here at the leading edge. Looks like that has turned out to be the case. So now the issue is how to marry technical design with operating models that are driven by sovereign users… There is but one door required to express infinite user instances.

    For those that think a browser co should stick to building a better browser, realize… Identity is the ultimate browser. Everywhere you go, everywhere you browse… There you are. The opportunity to be sovereign in design versus a protectorate customer is profoundly important in some very simple Human systems terms

  10. 10

    Pingback from Links 16/1/2012: Red Hat RHEV 3.0, LibreOffice 3.4.5 | Techrights

    […] User Sovereignty for our Data […]

  11. 11

    Nicolas said on January 17th, 2012 at 11:06 am:

    The idea looks more and more like my dream http://blog.lizardwrangler.com/2011/07/14/mozilla-in-the-new-internet-era-more-than-the-browser/#comment-21418 🙂

  12. 12

    xohtelklue said on January 18th, 2012 at 11:01 am:

    hkuopcmph, pnshfpljyz

  13. 13

    Guide said on January 28th, 2012 at 9:19 am:

    Saya masih belum mengerti, biarkan saya menyimak .

  14. 14

    cuneyt said on January 28th, 2012 at 10:49 am:

    windows 7 64 bitte problemler var yıllardır mozzila kullanısıydım 64 bit işletim sisteminde birseyler oluyor randıman alamıyorum deneyecegim duzelmiştir herhalde xp kullanırkem mukemmeldi

  15. 15

    Pingback from User Sovereignty for our Data

    […] My colleague Ben Adida (tech lead for identity and user data and one of our resident cryptographers) has written a piece describing our thinking on how to build such products. Source: http://blog.lizardwrangler.com/2012/01/13/user-sovereignty-for-our-data/ […]

  16. 16

    Brian Richard Allen said on January 28th, 2012 at 7:03 pm:

    Firefox and You ….

    I wonder if the person who wrote the Firefox and You eMail I received within the past couple of days has any idea what his/her, “1. No Surprises, paragraph,” means? The choice seems to be that Mozilla is totally cynical and is relying on every reader being as functionally illiterate as I suspect is the writer and is/are your editor/s.

    Or that you meant to tell us:

    Sure, most of us like surprises, but not when it comes to what’s happening with our data. At Mozilla, we use and share information about you for your benefit, only, as is spelled out in our notices. What you get for your birthday should be a surprise. What we do with your data should not be.

    And not what you did say:

    “Sure, most of us like surprises, but not when it comes to what’s happening with our data. At Mozilla, we only use and share information about you for your benefit and as spelled out in our notices. What you get for your birthday should be a surprise. What we do with your data shouldn’t be.;”

    Which has a totally different meaning to the paragraph above, is a license to do whatever the Heck you like and/or may be interpreted to mean whatever you desire it to mean according to the circumstance in which you employ it.

    Trust this helps.

    Best regards.

    Sincerely – Brian :.

  17. 17

    siroos ebrahimi said on January 31st, 2012 at 6:28 am:

    Im very happy when i use mozilla foxfire because it is so fast and easy!

  18. 18

    Pingback from User Sovereignty - Just another My blog Sites site - newcomputertechnologynews

    […] User Sovereignty var addthis_product = 'wpp-262'; var addthis_config = {"data_track_clickback":false,"data_track_addressbar":false};if (typeof(addthis_share) == "undefined"){ addthis_share = [];}Mitchell Baker has just posted about a very important issue, user sovereignty over our data. Please go give her post a read. User Sovereignty for our Data […]

  19. 19

    seloi said on February 5th, 2012 at 4:14 am:

    mozilla is fine…easy to used browser…thank you for having this ultimate browser…

  20. 20

    rayat said on February 10th, 2012 at 6:16 am:

    thankyou

  21. 21

    Pingback from Tu și Firefox | Mozilla România

    […] informații, citiți aceste mesaje cu privire la confidențialitate de pe următoarele blog-uri: User Sovereignty for our Data Mozilla to Offer New User-Centric Services in […]

  22. 22

    almanya chat said on March 18th, 2012 at 9:57 am:

    Sovereignty for our Data Mozilla to Offer New User

  23. 23

    avrupa sohbet said on March 18th, 2012 at 9:58 am:

    hi turkish Sovereignty for our Data Mozilla to Offer New User

  24. 24

    doğal bitkiler said on March 18th, 2012 at 9:58 am:

    hi Im very happy when i use mozilla foxfire because it is so fast and easy

  25. 25

    kürtçe sohbet said on March 18th, 2012 at 10:00 am:

    halo turkish Im very happy when i use mozilla foxfire because it is so fast and easy

  26. 26

    Pingback from How I lost access to my Google account today | Ehsan Akhgari

    […] But starting today, I look at this problem from an entirely new angle.  The issue of user sovereignty for our data was always close to my heart, but this time it's […]

  27. 27

    Pingback from Expecting privacy while demanding personalization | Beyond the Code

    […] not, and what is being done with the data gathered by Websites. This is what we call, at Mozilla, User Sovereignty. In my next post, I’ll detail what Mozilla does to bring it to the […]

  28. 28

    Pingback from دانشگاه پیام نور مرکز تیران نشریه الکترونیکی گروه ما

    […] right?!).  But starting today, I look at this problem from an entirely new angle.  The issue of user sovereignty for our data was always close to my heart, but this time it’s […]

Skip past the sidebar