@theprivacyfoundation at least a little bit, but if you're actively depending on those services as an integral and hard-to-change part of your app you're definitely being too loose with those terms
@theprivacyfoundation It's hard to don't use a technology where GAFAM put their hands on. (TypeScript, Go, QUIC, etc.)
But concerning CDN's and social network scripts, and all the shit around trackers... you definitely can and should avoid it.
I don't necessarily see a direct relation with "open source" and "private" (even though apps which focus on one usually also focus on the other)...
So I think you're asking two very different questions:
- Are we being loose with the term "open source" [...]?
- Are we being loose with the term "private" [...]?
@jack Do you feel that those orgs (#Google, #Twitter or #Facebook) are truly open, even if their license model is? It seems as though the #opensource APIs and SDKs they might have are doorways to a closed world. And that they are directly connected to losses of #privacy, which is often a reason to use open source software.
What are your thoughts on that?
Whether or not a piece of software is open source or not is orthogonal to whether it helps or harms privacy, although there's probably a skew towards privacy-preserving functionality in open software.
Open source (and free software especially) is concerned with the legality and ethics of code distribution, modification and use.
Given that the OSI definition (criterion 6) and FSF software freedoms (freedom 0) grant people rights to use software for *any* reason, it follows that people may use (F)OSS for privacy-destroying reasons.
Obviously the fact that a (F)OSS project can be forked to remove privacy-destructive functionality is a big plus in its favour, but (F)OSS alone is not enough.
Of course, *all* developers should be aware of the privacy implications of using any code, just like they should be aware of the copyright license that code is under.
(And, in fact, the GDPR does place an obligation to write software that includes data protection by design and by default as one mechanism of ensuring this but enforcement of Art. 25 is not going to be exactly... robust)
@jack Thank you. And we do get that we are essentially arguing semantics, but feel it's necessary to understand the impact of going into Open Source projects with our eyes closed on privacy.
Appreciate you taking the time to comment.
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!