Tag Archives: free software

Consent

I was walking down the platform at the train station when I caught eyes with a police officer. Instinctively, I smiled and he smiled back. When I got closer, he said “Excuse me, do you mind if I swipe down your bag?” He gestured to a machine he was holding. “Just a random check.”

The slight tension I’d felt since I first saw him grabbed hold of my spine, shoulders, and jaw. I stood up a little straighter and clenched my teeth down.

“Sure, I guess,” I said uncertainly.

He could hear something in my voice, or read something in my change of posture. “You have to consent in order for me to be allowed to do it.”

Consent. I’d just been writing about consent that morning, before going to catch the train down to New York for Thanksgiving. It set me on edge and made more real what was happening: someone wanted to move into my personal space. There was now a legal interaction happening. “I don’t want to be difficult, but I’d rather you didn’t if you don’t have to.”

“It’s just a random check,” he said. “You don’t have to consent.”

“What happens if I say no?”

“You can’t get on the train,” he gestured to the track with his machine.

“So, my options are to let you search my bag or not go see my family for Thanksgiving?”

“You could take a bus,” he offered.

I thought about how I wanted to say this. Words are powerful and important.

“I consent to this in as much as I must without having any other reasonable option presented to me.”

He looked unconvinced, but swiped down my bag anyway, declared it safe, and sent me off.

Did I really have the right to withhold consent in this situation? Technically, yes. I could have told him no, but I had no other reasonable option.

At the heart of user freedom is the idea that we must be able to consent to the technology we’re directly and indirectly using. It is also important to note that we should not suffer unduly by denying consent.

If I don’t want to interact with a facial recognition system at an airport, I should be able to say no, but I should not be required to give up my seat or risk missing my flight spending exceptional effort as a consequence of refusing to consent. Consenting to something that you don’t want to do should not be incentivized, especially by making you take on extra risk or make extra sacrifices.

In many situations, especially with technology, we are presented with the option to opt out, but that doesn’t just mean opting out of playing a particular game: it can mean choosing whether or not to get a life saving medical implant; not filing your taxes because of government mandated tax software; or being unable to count yourself in a census.

When the choice is “agree or suffer the consequences” we do not have an option to actually consent.

Autonomy

I’ve been stuck on the question: Why is autonomy an ethical imperative? or, worded another way Why does autonomy matter? I think if we’re going to argue that free software matters (or if I am anyway), there needs to be a point where we have to be able to answer why autonomy matters.

I’ve been thinking about this in the framing of technology and consent since the summer of 2018, when Karen Sandler and I spoke at HOPE and DebConf 18 on user and software freedom. Sitting with Karen before HOPE, I had a bit of a crisis of faith and lost track of why software freedom matters after I moved to the point that consent is necessary to our continued autonomy. But why does autonomy matter?

Autonomy matters because autonomy matters. It is the postulate on which not only have I built my arguments, but my entire world view. It is an idea that is instilled in us very deeply that all arguments about what should be a legal right are framed. We have the idea of autonomy so fundamental as part of our society, that we have been trained to have negative, sometimes physical, reactions to the loss of autonomy. Pro-choice and anti-choice arguments both boil down to the question of respecting autonomy — but whose autonomy?  Arguments against euthanasia come down to autonomy — questions of whether someone really have the agency to decide to die versus concerns about autonomy being ignored and death being forced on a person. Even climate change is a question of autonomy — how can we be autonomous if we can’t even be?

Person autonomy means we can consent, user freedom is a tool for consent, software freedom is a tool for user freedom, free software is a tool for software freedom. We can also think about this in reverse:

Free software is the reality of software freedom. Software freedom protects user freedom. User freedom enables consent. Consent is necessary to autonomy. Autonomy is essential. Autonomy is essential because autonomy is essential. And that’s enough.

Free software activities (November 2019)

November brings two things very demanding of my time: Thanksgiving and the start of fundraising season.

Free software activities (personal)

  • The Open Source Initiative had it’s twice-a-year face to face board meeting! Good times all around.
  • Debian is having a GR. I’ve been following the development of proposals and conversation, which is basically a part time job in and of itself.
  • Participated in Debian Community Team meetings.
  • I started drafting Bits from the Debian Community Team.
  • Wrote some blog posts! I liked them this month.
  • Wearing multiple hats I attended SustainNYC, talking about sustainability in free and open source software.
  • I submitted to some CFPs — SCaLE, FOSSASIA, and OSCON.
  • I am serving on the papers committee for CopyLeftConf, and for this I reviewed proposals.

Free software activities (professional)

  • We launched a fundraiser! (About a patent infringement case)
  • Funding a legal case is an expensive proposition, so I am also meeting with companies and potential large donors interested in helping out with the case.
  • We launched another fundraiser! (About general Foundation activities)
  • I participated in the hiring process to fill two roles at the GNOME Foundation.

Health care

One of the most important issues for free software within the US is one we rarely talk about: healthcare. That is why I am going to write about it.

These days, sustainability in FOSS is a hot topic. In my experience, for many years this conversation focused nearly exclusively on making FOSS -profitable- for companies, in order to create jobs. Now, the conversation is shifting to ask: what conditions do we need to create so that everyone who wants to work in FOSS can do so?

The answer is not the same for everyone, nor is it the same in every country. Someone supporting a family of two, three, four, or however many has greater income needs than I do, as my biggest financial responsibilities are debt and a cat. However, I also have a condition with a mortality rate estimated at 15%. Access to affordable, comprehensive health care is not just a nice perk, but crucial for my continued survival.

Access to health insurance has been the primary factor in all of my professional decisions: staying places where I was miserable, doing work I hated, even choosing where to apply. Access to health insurance was a major factor in my moving to Massachusetts, which offers health insurance to all residents.

While my free software career has been amazing — I am extremely lucky that I was able to cultivate a skill set and social network that enabled me to work in the greater sphere of FOSS (and previously open ed) — I would have made different decisions had I not been reliant on employers to provide me with health insurance.

In the United States (and many, many other places), access to affordable, comprehensive healthcare (from here on: healthcare) is a major factor holding people back from FOSS contribution. When your access to health care is tied to your employer, your time — and literally your life — is dependent on your employer. This seriously impacts your ability to even have free time, let alone using that time to build FOSS.

Since the creation of software largely relies on people’s professional skill sets, we’re asking people to do in their free time what they do in their paid time — design, develop software, plan architecture, organize events, maintain systems and infrastructure, be a lawyer, manage finances, and everything else that strengthens FOSS and FOSS communities. In asking someone to take on a leadership role in a FOSS project or community, you’re asking them to take on another job — one that comes with neither pay nor benefits.

When people face constant threats to their existence due to fearing for their lives (i.e. their health), it can be hard, if not impossible to spend their time contributing to FOSS, or indeed to any activist project.

People who live in societies that rise to meet the basic material needs of all citizens are able to spend time contributing to the greater good. Those of us struggling to survive, however, must forgo opportunities to become participating members of communities that are trying to change the world. Instead, we look to our employers (usually with commercial interests) to meet our needs.

When you work in tech, meeting our basic material needs through employer-sponsored insurance comes at a steep price: non-compete agreements, signing away patent and intellectual property rights, fights to ensure your work is available under a free and/or open source license, and giving up more than 8 hours a day/40 hours a week. When we try to create good FOSS in addition to that, we burn out, we become miserable, and we’re trapped.

People are incapable of creating FOSS when they’re sick, burnt out, worried about their health, struggling with an ongoing condition or disability, or dead. It’s that simple. [powerful]

People fighting for access to healthcare should care about free software for many reasons, but we as a free software community also need to care about access to health care. This is for the sake of ourselves and the sake of our communities. We cannot build the tools and resources the world needs when we are struggling simply to live.

If you accept the notion that lack of access to comprehensive healthcare impacts our ability to have the resources necessary to create something like free software, then we can acknowledge that, by providing health care to everyone, everyone will then be in a better, more equitable position from which they can contribute to FOSS and lead safer, happier lives.

According to the KHN, 8.5% of U.S. Americans didn’t have health insurance in 2018. Un-insurance rates are even higher among non-white populations according to HHS. As a community, we’ve accepted that the lack of diversity and the over-representation of cis white folks is a problem. We need to create more equitable conditions — so that people come to FOSS from similar places of privilege, rather than having a huge disparity in privilege and oppression. Providing health care to everyone will help alleviate this, and will enable more people to do the things they are passionate about — or things they will become passionate about once they have the chance to do so.

If we are to create a world where FOSS is successful, access to health care is paramount and we need to take it seriously.

Rebellion

We spend a lot of time focusing on the epic side of free software and user freedom: joys come from providing encrypted communication options to journalists and political dissidents; losses are when IoT devices are used to victimize and abuse.

I think a lot about the little ways technology interacts with our lives, the threats to or successes for user freedom we encounter in regular situations that anyone can find themselves able to understand: sexting with a secure app, sharing  DRM-free piece of media, or having your communications listened to by a “home assistant.”

When I was writing a talk about ethics and IoT, I was looking for these small examples of the threats posed by smart doorbells. False arrests and racial profiling, deals with law enforcement to monitor neighborhoods, the digital panopticon — these are big deals. I remembered something I read about kids giving their neighbor a pair of slippers for Christmas. This sort of anonymous gift giving becomes impossible when your front door is constantly being monitored. People laughed when I shared this idea with them — that we’re really losing something by giving up the opportunity to anonymously leave presents.

We are also giving up what my roommate calls “benign acts of rebellion.” From one perspective, making it harder for teenagers to sneak out at night is a good thing. Keeping better tabs on your kids and where they are is a safety issue. Being able to monitor what they do on their computer can prevent descent into objectively bad communities and behavior patterns, but it can also prevent someone from participating in the cultural coming of age narratives that help define who we are as a society and give us points of connection across generations.

People sneak out. People go places their parents don’t want them to. People stay up late at night reading or playing video games. People explore their sexuality by looking at porn when they’re underage. People do things their parents don’t want them to, and these are things their parents are increasingly able to prevent them from doing using technology.

I met someone at a conference who was talking about potentially installing a camera into the bedroom of their pubescent child — the same kind designed to allow parents to monitor their babies at night — because their child was playing video games when they “should be sleeping.”

This appalled me, but one of the things that really struck me was how casually they said it. Technology made it not a big deal. They already had one in their baby’s room, putting another in seemed simple.

I would happily argue all the epic points that come out of this: creating a surveillance state, normalizing the reality of being monitored, controlling behavior and creating a docile population. These are real threats, but also, seriously, poor sleep hygiene is just a thing teenagers do and it’s okay.

These benign acts of rebellion — staying up later than we’re told to, chatting with our friends when we’re not “supposed to” — are not just important points of cultural connection, but also just important for our own individual development. Making mistakes, doing dumb things, acting the fool, and learning from all of this is important in the process of defining ourselves. Technology should not be used to hinder our personal growth, especially when it offers to many opportunities for us to better explore who we are, or makes it safer for us to continue to rebel in the myriad ways we always have. Rebellion is important to our narratives — it’s certainly integral to mine. I hope that people younger than me don’t lose that because of the fear others hold.

Free software activities, October 2019

A belated hello! I was traveling at the end of October and missed this. Apologies!

A beautiful, green Japanese maple tree in front of a Buddhist shrine.

In October, work was quite busy, though a lot of it was behind-the-scenes stuff I cannot yet update you on. It was also very busy with a very exciting trip I took that had absolutely nothing to do with free software. If you’re ever going to Kyoto or Tokyo and looking for some recommendations for coffee, cocktail bars, restaurants, or general things to do, hmu.

Free software activities (personal)

  • I have regular meetings with Patrick Masson, the general manager of the OSI. We made most of them in October.
  • I did some writing for the OSI. Not all of it is published at this point.
  • I worked on crafting drafts of organizational policies for the OSI, including staffing, travel, and a whistle blower policy. I hope to be able to arrange for an HR specialist or employment lawyer to review these.
  • The OSI has two new board members! In order to make this happen, I contacted all of the nominees for whom I had contact information. I spoke with them about the OSI, the Board and it’s activities, and how they saw their potential involvement. Basically I interviewed a bunch of ~fancy~ people. It was so much fun talking with every one of them and I learned so much during the process.
  • The Debian Community Team had some meetings, wrote some emails, and discussed The Future together and with the greater Debian community.
  • I attended All Things Open and spoke about ethics and IoT devices. My slides were puppy themed.
  • I did some philosophy based writing. I got a  lot out of this and hope you did too.
  • I also found out that my brother’s company does some open source work!
  • I submitted to the Open Source Festival 2020 CfP. And you can too!

Free software activities (professional)

  • I attended All Things Open and had one of the most awesome tabling experiences I have had to date! It was such a great crowd at ATO! They took all of our stickers!
  • I had a lot of meetings with some more great people. Thank you everyone who made some time for me!
  • We launched a Patent Troll Defense Fund! I cannot thank the donors enough! It’s so inspiring for me to see the community come together to support a project I really believe in.
  • We’ve been doing a lot of work on this Rothschild Imaging thing.
  • We did some fundraising for Linux Application Summit (which happened this week!).

Autonomy and consent

When I was an undergraduate, I took a course on medical ethics. The core takeaways from the class were that autonomy is necessary for consent, and consent is necessary for ethical action.

There is a reciprocal relationship between autonomy and consent. We are autonomous creatures, we are self-governing. In being self-governing, we have the ability to consent, to give permission to others to interact with us in the ways we agree on. We can only really consent when we are self-governing, otherwise, it’s not proper consent. Consent also allows us to continue to be self-governing. By giving others permission, we are giving up some control, but doing so on our own terms.

In order to actually consent, we have to grasp the situation we’re in, and as much about it as possible. Decision making needs to come from a place of understanding.

It’s a fairly straightforward path when discussing medicine: you cannot operate on someone, or force them to take medication, or any other number of things without their permission to do so, and that their permission is based on knowing what’s going on.

I cannot stress how important it is to transpose this idea onto technology. This is an especially valuable concept when looking at the myriad ways we interact with technology, and especially computing technology, without even being given the opportunity to consent, whether or not we come from a place of autonomy.

At the airport recently, I heard that a flight was boarding with facial recognition technology. I remembered reading an article over the summer about how hard it is to opt-out. It gave me pause. I was running late for my connection and worried that I would be put in a situation where I would have to choose between the opt-out process and missing my flight. I come from a place of greater understanding than the average passenger (I assume) when it comes to facial recognition technology, but I don’t know enough about its implementation in airports to feel as though I could consent. Many people approach this from a place even with much less understanding than I have.

From my perspective, there are two sides to understanding and consent: the technology itself and the way gathered data is being used. I’m going to save those for a future blog post, but I’ll link back to this one, and edit this to link forward to them.

Conferences

I think there are too many conferences.

I conducted this very scientific Twitter poll and out of 52 respondants, only 23% agreed with me. Some people who disagreed with me pointed out specifically what they think is lacking:  more regional events, more in specific countries, and more “generic” FLOSS events.

Many projects have a conference, and then there are “generic” conferences, like FOSDEM, LibrePlanet, LinuxConfAU, and FOSSAsia. Some are more corporate (OSCON), while others more community focused (e.g. SeaGL).

There are just a lot of conferences.

I average a conference a month, with most of them being more general sorts of events, and a few being project specific, like DebConf and GUADEC.

So far in 2019, I went to: FOSDEM, CopyLeft Conf, LibrePlanet, FOSS North, Linux Fest Northwest, OSCON, FrOSCon, GUADEC, and GitLab Commit. I’m going to All Things Open next week. In November I have COSCon scheduled. I’m skipping SeaGL this year. I am not planning on attending 36C3 unless my talk is accepted. I canceled my trip to DebConf19. I did not go to Camp this year. I also had a board meeting in NY, an upcoming one in Berlin, and a Debian meeting in the other Cambridge. I’m skipping LAS and likely going to SFSCon for GNOME.

So 9 so far this year,  and somewhere between 1-4 more, depending on some details.

There are also conferences that don’t happen every year, like HOPE and CubaConf. There are some that I haven’t been to yet, like PyCon, and more regional events like Ohio Linux Fest, SCALE, and FOSSCon in Philadelphia.

I think I travel too much, and plenty of people travel more than I do. This is one of the reasons why we have too many events: the same people are traveling so much.

When you’re nose deep in it, when you think that you’re doing is important, you keep going to them as long as you’re invited. I really believe in the messages I share during my talks, and I know by speaking I am reaching audiences I wouldn’t otherwise. As long as I keep getting invited places, I’ll probably keep going.

Finding sponsors is hard(er).

It is becoming increasingly difficult to find sponsors for conferences. This is my experience, and what I’ve heard from speaking with others about it. Lower response rates to requests and people choosing lower sponsorship levels than they have in past years.

CFP responses are not increasing.

I sort of think the Tweet says it all. Some conferences aren’t having this experiences. Ones I’ve been involved with, or spoken to the organizers of, are needing to extend their deadlines and generally having lower response rates.

Do I think we need fewer conferences?

Yes and no. I think smaller, regional conferences are really important to reaching communities and individuals who don’t have the resources to travel. I think it gives new speakers opportunities to share what they have to say, which is important for the growth and robustness of FOSS.

Project specific conferences are useful for those projects. It gives us a time to have meetings and sprints, to work and plan, and to learn specifically about our project and feel more connected to out collaborators.

On the other hand, I do think we have more conferences than even a global movement can actively support in terms of speakers, organizer energy, and sponsorship dollars.

What do I think we can do?

Not all of these are great ideas, and not all of them would work for every event. However, I think some combination of them might make a difference for the ecosystem of conferences.

More single-track or two-track conferences. All Things Open has 27 sessions occurring concurrently. Twenty-seven! It’s a huge event that caters to many people, but seriously, that’s too much going on at once. More 3-4 track conferences should consider dropping to 1-2 tracks, and conferences with more should consider dropping their numbers down as well. This means fewer speakers at a time.

Stop trying to grow your conference. Growth feels like a sign of success, but it’s not. It’s a sign of getting more people to show up. It helps you make arguments to sponsors, because more attendees means more people being reached when a company sponsors.

Decrease sponsorship levels. I’ve seen conferences increasing their sponsorship levels. I think we should all agree to decrease those numbers. While we’ll all have to try harder to get more sponsors, companies will be able to sponsor more events.

Stop serving meals. I appreciate a free meal. It makes it easier to attend events, but meals are expensive and difficult to logisticate. I know meals make it easier for some people, especially students, to attend. Consider offering special RSVP lunches for students, recent grads, and people looking for work.

Ditch the fancy parties. Okay, I also love a good conference party. They’re loads of fun and can be quite expensive. They also encourage drinking, which I think is bad for the culture.

Ditch the speaker dinners. Okay, I also love a good speaker dinner. It’s fun to relax, see my friends, and have a nice meal that isn’t too loud of overwhelming. These are really expensive. I’ve been trying to donate to local food banks/food insecurity charities an equal amount of the cost of dinner per person, but people are rarely willing to share that information! Paying for a nice dinner out of pocket — with multiple bottles of wine — usually runs $50-80 with tip. I know one dinner I went to was $150 a person. I think the community would be better served if we spent that money on travel grants. If you want to be nice to speakers, I enjoy a box of chocolates I can take home and share with my roommates.

 Give preference to local speakers. One of the things conferences do is bring in speakers from around the world to share their ideas with your community, or with an equally global community. This is cool. By giving preference to local speakers, you’re building expertise in your geography.

Consider combining your community conferences. Rather than having many conferences for smaller communities, consider co-locating conferences and sharing resources (and attendees). This requires even more coordination to organize, but could work out well.

Volunteer for your favorite non-profit or project. A lot of us have booths at conferences, and send people around the world in order to let you know about the work we’re doing. Consider volunteering to staff a booth, so that your favorite non-profits and projects have to send fewer people.

While most of those things are not “have fewer conferences,” I think they would help solve the problems conference saturation is causing: it’s expensive for sponsors, it’s expensive for speakers, it creates a large carbon footprint, and it increases burnout among organizers and speakers.

I must enjoy traveling because I do it so much. I enjoy talking about FOSS, user rights, and digital rights. I like meeting people and sharing with them and learning from them. I think what I have to say is important. At the same time, I think I am part of an unhealthy culture in FOSS, that encourages burnout, excessive travel, and unnecessary spending of money, that could be used for better things.

One last thing you can do, to help me, is submit talks to your local conference(s). This will help with some of these problems as well, can be a great experience, and is good for your conference and your community!

Free software activities (September 2019)

September marked the end of summer and the end of my summer travel.  Paid and non-paid activities focused on catching up with things I fell behind on while traveling. Towards the middle of September, the world of FOSS blew up, and then blew up again, and then blew up again.

A photo of a river with the New York skyline in the background.

Free software activities: Personal

  • I caught up on some Debian Community Team emails I’ve been behind on. The CT is in search of new team members. If you think you might be interested in joining, please contact us.
  • After much deliberation, the OSI decided to appoint two directors to the board. We will decide who they will be in October, and are welcoming nominations.
  • On that note, the OSI had a board meeting.
  • Wrote a blog post on rights and freedoms to create a shared vocabulary for future writing concerning user rights. I also wrote a bit about leadership in free software.
  • I gave out a few pep talks. If you need a pep talk, hmu.

Free software activities: Professional

  • Wrote and published the September Friends of GNOME Update.
  • Interviewed Sammy Fung for the GNOME Engagement Blog.
  • Did a lot of behind the scenes work for GNOME, that you will hopefully see more of soon!
  • I spent a lot of time fighting with CiviCRM.
  • I attended GitLab Commit on behalf of GNOME, to discuss how we implement GitLab.

 

Freedoms and Rights

I want to talk a bit about the relationship between rights and freedoms, and what they are. I think building a mutual understanding around this is important as I dig deeper into conversations around digital rights and software, user, and technology freedom.

A right is like a privilege in as much is that it’s something you’re allowed to do, however rights are innate and not earned. They are things to which everyone is entitled. A freedom expresses a lack of constraints related to an action. When we have a particular freedom (freedom X), we have an unrestrained ability to do X — we can do whatever we want in relation to X. You can also have the right to a certain kind of freedom (e.g. freedom of speech). I talk about both digital rights and digital freedoms. I view digital rights are the extension of our rights into digital spaces, and digital freedoms as the freedoms we have in those spaces. We have the right to free expression when speaking in a room; we have the right to free expression when speaking on the Internet.

Typically, we frame rights and freedoms in terms of government restrictions: governments are not allowed to keep you from exercising your freedoms, and they are there to protect and ensure your rights. It is becoming increasingly relevant (and common) to also talk about these in relation to companies and technology. It is important to also shift this discussion to include companies and technologies — especially computing software. As computing becomes more pervasive, we need to make sure that the software we’re writing is freedom protecting and rights respecting. These freedoms include the freedoms we typically associate with free and open source software: the unbridaled ability to use, study, modify, and share. it also includes freedoms like expression (to express ourselves without constraint) and the freedom to assemble (to get together without constraint). All of these freedoms are freedoms we have the right to, in addition to other rights including the right to digital autonomy and the right to consent.

I want to dig a little into a specific example, of the play between freedoms and rights, and the way we see computing fits in.

We have the right to freedom of speech — to communicate unfettered with one another. Free expression is something to which everyone is entitled, and there is a societal, social, and moral imperative to protect that right. Computers connect us to one another and enable us to express ourselves. They also give us safe spaces to develop the ideas we want to express in public ones, which is a necessary part of freedom of speech. However, computers can also infringe upon that right. Home surveillance devices, like home assistants, that are listening to and recording everything you say are stepping on your right and restricting your freedom. They are taking away your safe space to develop ideas and creating an environment where you cannot express yourself without restriction for fear of possible repercussions.

This is just one example of how computers play with the things we traditionally consider our rights and freedoms. Computers also force us to consider rights and freedoms in new contexts, and push the boundaries of what we consider to “count.” Our right to bodily autonomy now includes which medical devices, which computers, we allow to be implanted into our bodies; what happens with our medical and biometric data; and when and how our bodies are being monitored in public (and private) spaces. This includes the near future, where we see an increase in wearable computers and recreational and elective implants.

We have freedoms, we have rights, and we have the rights to certain freedoms because it is moral, ethical, and necessary for a just world. Our digital rights and digital freedoms are necessary for our digital autonomy, to borrow a phrase from Karen Sandler. Digital autonomy is necessary to move forward into a world of justice, equity, and equality.

Special thanks for Christopher Lemmer Webber.