Re: [GNU/consensus] [RFC][SH] User Data Manifesto

[Richard Stallman]

It needs to start by stating the range of situations or cases
that it applies to.

    The data that someone directly or indirectly creates belongs to
    the person who created it.

Please don't use "belongs to".  It has the same problem as "owmed".

    2. Know where the data is stored
    Everybody should be able to know: where their personal data is physically 
stored, how long, on which server, in what country, and what laws apply.

"On which server" may be too much to ask.

    Everybody should always be able to migrate their personal data to
    a different provider, server or their own machine at any time
    without being locked in to a specific vendor. It is recommended to
    have the personal server for the personal data in the long term.

To migrate data from X to Y consists of
1. Extracting a copy from X.
2. Entering it in Y.
3. Deleting it from X.

Whether you can enter it in Y is a matter between you and Y.
So the two rights you should have are:

1. To extract your data from X when you wish.
1. To delete your data from X when you wish.

    4. Control access

    Everybody should be able to know, choose and control who has
    access to their personal data to see or modify it.

If you have published some data, you won't be able to control who can make
copies.  So this needs some conditions.

    5. Choose the conditions

    If someone chooses to share their personal data, then the user
    selects the sharing license and conditions.

1. "Share" is strange usage in this context.  Say "let others access".

2. This rule has two very bad consequences:

  a. If "personal data" is a program, it implies the author
     should be allowe to make it nonfree.  We can't endorse that!

  b. If the person can choose _any_ conditions, he can choose
     conditions that exploit him.  Lots of services demand users agree
     to unfair conditions.  For instance, Facebook demands users agree  
     that Facebook can use their photos in ads.

So this needs to be changed a lot.

    8. Server software transparency

    Server software should be free software so that the source code of
    the software can be inspected to confirm that it works as
    specified.

There is a misunderstanding here.  If the program is free software,
that does not imply you can get a copy of it.

Thus, if the goal is to make sure you can get a copy of it,
we need to require more.  For instance, "should be free software and
its code should be published".

-- 
Dr Richard Stallman
President, Free Software Foundation
51 Franklin St
Boston MA 02110
USA
www.fsf.org  www.gnu.org
Skype: No way! That's nonfree (freedom-denying) software.
  Use Ekiga or an ordinary phone call