Was not sure if this should be here or in Off-topic and couldn’t find anything on this project in the forums. During the past few months I have regained interest in developing my app idea on the MaidSafe platform, 3 weeks ago resigning from my full time general manager position at a business college and working part time so as to devote more time to clarifying my app project, more on this in the coming weeks. Some posts in this thread from last year give a very rough picture.
During research on personal data schemas I came across MyDex and from initial reading it seemed like an amazing project with significant scope. As I delved further into it I became sceptical. This particular sentence in the T&Cs caught my attention.
“we shall not disclose any Data to a third party in any circumstances except with your specific prior written consent or where we do so under any statutory requirement, in which case we shall use reasonable endeavours to advise you in advance of such disclosure and in any event immediately thereafter unless we are obliged by law not to do so”
Without explaining the technical details of their data security and encryption I will just mention they have much information talking about privacy and security and your PDS (Personal Data Store) only being able to be accessed by you. But the above clause/sentence made me think that if they are obligated to disclose Data under statutory requirement or law without your knowledge or consent does that mean they have some backdoors built in to allow this access to Data?
I read that as “we will protect and secure your data, unless security and/or intelligence services want it”
This project may have been discussed on here previously but I couldn’t find anything through search…
If I were them I’d build a frontdoor, instead of a backdoor, to the scheme. Maybe use a 1-of-2 multisig approach to get access to a user’s PDS (where 1 of the keys is the respective user’s key, and the the other is company’s).
Then the company’s key can be used when necessary. Under normal circumstances, auditing could easily show that the key does not appear in any transactions.
I don’t know how much “encouragement” such companies get from the government to ensure that the government has access to customer data regardless of whether it’s encrypted or not. I imagine that a “uncooperative” CEO could never land a single government contract, which in today’s system means a death penalty for the investors.
Also, slightly off topic but related to use case scenarios which mention the constant re-entering of one’s addresses, etc. - most of that nonsense is caused by the inefficient government (where every department repeatedly asks one for the same freaking details, because the bozos can’t or don’t want organize proper data sharing between them, or where the government forces personal data collection upon all sorts of businesses.)
The concept of PDS is interesting. I didn’t know such initiatives existed. Personally I would prefer to not build a business that would have to predominantly rely on the government (and MyDex is probably one such company), but that’s where the money is.
The idea to create a service to siphon off Google data to encrypted PDS located elsewhere sounds interesting. It may be harder to realize significant revenue, though. People are very willing to trade privacy for free services.
Yes, the problem is if there is a centralisation risk due to control by an entity you can’t trust. With MaidSafe we trust the code, or rather the collective of people who know the code well enough to spot and report anything that shouldn’t be there.
Even if a company wants to protect us, there’s no way we can be sure that closed source code does what they say it does, so there’s the risk.
I loved your app idea and really want to see it getting the attention it needs!
Did you see the apps site we have now? It’s all the ideas for the new SAFE apps. Check it out! www.tiny.cc/appsite
I can also make a logo and page for your app and add it into the site if you want. check out the social network one (click the ‘SAFEbook’ icon on the site to read about it) because it’s similar in ways.
Thanks for the insights. Having a “frontdoor” that gives access to gov would be a hard one to sell I think.
Siphoning off Google data would be interesting, this start up might have it on the scope. They don’t have any technical material explaining where they store the streams of data that I could find.
Front door : I was thinking along the lines of transparency - at least people would know up front, instead of “kind of knowing” based on nebulous explanations like the one in their T&C.
I agree it would be more efficient for sure and I think it would be fantastic if we lived in a world where governments could be trustworthy enough that people provide consent to access their digital life. Many don’t trust them so they have to use sly tactics along with having relationships with companies that have these nebulous T&Cs.
In a future (utopic) reality with SAFEnet (or the evolution of) use ubiquitous I see government as mostly redundant and data sharing would be seen in a completely different way. Something that enhances human collaboration, innovation, creativity and connectedness.
