This should be interesting reading the coming days. Pegasus: Global abuse of surveillance tool supposedly only made available to government entities. Back doors are never picky about who goes through them.
Since the start of this year I am actively tracking the suite of new European laws being proposed on digitisation and data. Together they are the expression into law of the geopolitical position the EU is taking on everything digital and data, and all the proposed laws follow the same logic and reasoning. Taken together they shape how Europe wants to use the potential and benefits of digitisation and data use, including specifically for a range of societal challenges, while defending and strengthening citizen rights. Of course other EU legal initiatives in parallel sometimes point in different directions (e.g. EU copyright regulations leading to upload filters, and the attempts at backdooring end-to-end encryption in messaging apps for mass surveillance), but that is precisely why to me this suite of regulations stands out. Where other legal initiatives often seem to stand on their own, and bear the marks of lobbying and singular industry interests, this group of measures all build on the same logic and read internally consistent as well as an expression of an actual vision.
My work is to help translate the proposed legal framework to how it will impact and provide opportunity to large Dutch government data holders and policy departments, and to build connections and networks between all kinds of stakeholders around relevant societal issues and related use cases. This to shape the transition from the data provision oriented INSPIRE program (sharing and harmonising geo-data across the EU), to a use needs and benefits oriented approach (reasoning from a societal issue to solve towards with a network of relevant parties towards the data that can provide agency for reaching a solution). My work follows directly from the research I did last year to establish a list of EU wide high value data sets to be opened, where I dived deeply into all government data and its governance concerning earth observation, environment and meteorology, while other team members did the same for geo-data, statistics, company registers, and mobility.
All the elements in the proposed legal framework will be decided upon in the coming year or so, and enter into force probably after a 2 year grace period. So by 2025 this should be in place. In the meantime many organisations, as well as public funding, will focus on already implementing elements of it even while nothing is mandatory yet. As with the GDPR, the legal framework once in place will also be an export mechanism of the notions and values expressed in it to the rest of the world. This as compliance is tied to EU market access and having EU citizens as clients wherever they are.
One element of the framework is already in place, the GDPR. The newly proposed elements mimic the fine structures of the GDPR for non-compliance.
The new elements take the EU Digital Compass and EU Digital Rights and Principles for which a public consultation is now open until 2 September as a starting point.
The new proposed laws are:
Digital Markets Act (download), which applies to all dominant market parties, in terms of platform providers as well as physical network providers, that de facto are gatekeepers to access by both citizens and market entities. It aims for a digital unified market, and sets requirements for interoperability, ‘service neutrality’ of platforms, and to prevent lock-in. Proposed in November 2020.
Digital Services Act (download), applies to both gatekeepers (see previous point) and other digital service providers that act as intermediaries. Aims for a level playing field and diversity of service providers, protection of citizen rights, and requires transparency and accountability mechanisms. Proposed in November 2020.
AI Regulatory Proposal (download), does not regulate AI technology, but the EU market access of AI applications and usage. Market access is based on an assessment of risk to citizen rights and to safety (think of use in vehicles etc). It’s a CE mark for AI. It periodically updates a list of technologies considered within scope, and a list of areas that count as high risk. With increasing risk more stringent requirements on transparency, accountability and explainability are set. Creates GDPR style national and European authorities for complaints and enforcement. Responsibilities are given to the producer of an application, distributors as well as users of such an application. It’s the world’s first attempt of regulating AI and I think it is rather elegant in tying market access to citizen rights. Proposed in April 2021.
Data Governance Act (download), makes government held data that isn’t available under open data regulations available for use (but not for sharing), introduces the European dataspace (created from multiple sectoral data spaces), mandates EU wide interoperable infrastructure around which data governance and standardisation practices are positioned, and coins the concept of data altruism (meaning you can securely share your personal data or company confidential data for specific temporary use cases). This law aims at making more data available for usage, if not for (public) sharing. Proposed November 2020.
Data Act, currently open for public consultation until 2 September 2021. Will introduce rules around the possibilities the Data Governance Act creates, will set conditions and requirements for B2B cross-border and cross-sectoral data sharing, for B2G data sharing in the context of societal challenges, and will set transparency and accountability requirements for them. To be proposed towards the end of 2021.
Open Data Directive, which sets the conditions and requirements for open government data (which build on the national access to information regulations in the member states, hence the Data Governance Act as well which does not build on national access regimes). The Open Data Directive was proposed in 2018 and decided in 2019, as the new iteration of the preceding Public Sector Information directives. It should have been transposed into national law by 1 July 2021, but not all MS have done so (in fact the Netherlands has just recently started the work). An important element in this Directive is EU High Value Data list, which will make publication of open data through APIs and machine readable bulk download mandatory for all EU member states for the data listed. As mentioned above, last year I was part of the research team that did the impact assessments and proposed the policy options for that list (I led the research for earth observation, environment and meteorology). The implementation act for the EU High Value Data list will be published in September, and I expect it to e.g. add an open data requirement to most of the INSPIRE themes.
Most of the elements in this list are proposed as Acts, meaning they will have power of law across the EU as soon as they are agreed between the European Parliament, the EU council of heads of government and the European Commission and don’t require transposition into national law first. Also of note is that currently ongoing revisions and evaluations of connected EU directives (INSPIRE, ITS etc.) are being shaped along the lines of the Acts mentioned above. This means that more specific data oriented regulations closer to specific policy domains are already being changed in this direction. Similarly policy proposals such as the European Green Deal are very clearly building on the EU digital and data strategies to achieving and monitoring those policy ambitions. All in all it will be a very interesting few years in which this legal framework develops and gets applied, as it is a new fundamental wave of changes after the role the initial PSI Directive and INSPIRE directive had 15 to 20 years ago, with a much wider scope and much more at stake.
My TinyTinyRSS has the issue where many calls to the file backend.php keep timing out. It seems to have as effect that feed updates are not coming through, and worse that the repeated resource use flagged something with my hoster, making them blocking my home IP. That’s a blunt instrument to wield without checking whether that IP is your client’s own IP, but still.
Next to TinyTinyRSS my hoster also supports FreshRSS for self-hosting, so I installed that. I wanted to try FreshRSS out anyway, so this is a good opportunity to make the switch.
I assume that in its most basic form I could redo Dopplr of sorts by announcing travel plans in an OPML file, much like book lists or my rss subscriptions. Then it comes down to how to share such travel plans with a known and limited network only. (You don’t want to announce to just everyone when you won’t be home.)
The IndieWeb efforts concerning travel seem to focus on posting actual travel movements, like planned flights. A sort-of check-in style post. The socially shared Dopplr info was much simpler: a city and a set of dates. Because its purpose was aiding serendipitous meet-ups. Exact travel plans or exact location aren’t needed for it, just a way to flag paths more or less crossing to those involved.
Of course making such an OPML file currently is as easy as posting an empty file, as there’s no significant travel during the pandemic.
Theoretically I could use such an OPML file to announce several things:
- The various cities I consider as home turf, as they’re within easy reach in an hour.
- Selected cities I’m willing to travel to at short notice outside that hour travel time if there’s a good reason to.
From where I am a visit to Antwerp, Brussels, Eindhoven would count in that category, or maybe on specific occasions Düsseldorf or Cologne.
- Upcoming travel plans, things like ‘Copenhagen, Denmark, 4th-7th September’ (actually a 2019 example)
Such a list would allow comparison with your list to see whether any of your travel plans match with my ‘home turf’ and destinations I’m willing to consider outside of it, whether any of your travel plans match with my travel plans, or whether any of my travel plans line up with your home turf and other relatively nearby destinations you’re willing to consider. Cities and countries are part of schema.org vocabularies and as such usable in OPML as data attributes.
I think there’s a space for location based services, such as Dopplr was, that don’t depend on or use maps, but provide location contextualized information that influences my actions, choices and my relationships to my networks (a quote from a 2012 blogpost on moving beyond the map).
Or this is just me applying my current opml hammer to anything that might be a nail 😀
I couldn’t resist making this mock-up mimicking the colorful Dopplr
Could one redo any useful app, for that matter, that now fills the start-up cemetery?
I was reminded of this as Peter mentioned Dopplr, a useful and beautifully designed service in the years 2007-2010. The Dopplr service died because it was acquired by Nokia and left to rot. Its demise had nothing to do with the use value of the service, but everything with it being a VC funded start-up that exited to a big corporation in an identity crisis which proved unequipped to do something useful with it.
Some years ago I kept track of hundreds of examples of open data re-use in applications, websites and services. These included many that at some point stopped to exist. I had them categorised by the various phases of when they stalled. This because it was not just of interest which examples were brought to market, but also to keep track of the ideas that materialised in the many hackathons, yet never turned into an app or service, Things that stalled during any stage between idea and market. An idea that came up in France but found no traction, might however prove to be the right idea for someone in Lithuania a year later. An app that failed to get to market because it had a one-sided tech oriented team, might have succeeded with another team, meaning the original idea and application still had intrinsic use value.
Similarly Dopplr did not cease to exist because its intrinsic value as a service was lost, but because everything around it was hollowed out. Hollowed out on purpose, as a consequence of its funding model.
I bet many of such now-lost valuable services could lead a healthy live if not tied to the ‘exit-or-bust’ cycle. If they can be big enough in the words of Lee Lefever, if they can be a Zebra, not aiming to become a unicorn.
So, what are the actual impediments to bring a service like Dopplr back. IP? If you would try to replicate it, perhaps yes, or if you use technology that was originally created for the service you’re emulating. But not the ideas, which aren’t protected. In the case of Dopplr it seems there may have been an attempt at resurrection in 2018 (but it looked like a copy, not a redo of the underlying idea).
Of course you would have to rethink such a service-redo for a changed world, with new realities concerning platforms and commonly used hardware. But are there actual barriers preventing you to repeat something or create variations?
Or is it that we silently assume that if a single thing has failed at some point, there’s no point in trying something similar in new circumstances? Or that there can ever only be one of something?
Recently I created a proof of concept of publishing book lists, what I’ve read, what I plan to read etc., using OPML. Andy Sylvester picked it up and created his own list, as a way of experimenting with federated bookshelves. He used the XSLT style sheet I created to be able to render the OPML file in a human readable way in your browser. It seems to work, although it doesn’t render in the browser yet.
. The XSLT file must be hosted on the same domain as the OPML file, otherwise it triggers cross-site scripting protections. It should work properly if you download the XSLT I use and put it on your own host.
Hosting the XSLT style sheet also allows you to adapt one other detail: right now there are some tweaks in my version based on the author name of a collection or feed. If it is my name it renders as ‘my list’ and otherwise as ‘list I follow’. When you self host the style sheet you can change the mentions of my name to yours and it will make the proper distinction between your lists and lists you follow.