Follow

Are we being loose with the terms “open source” and “private” if we utilize Google, Facebook, & Twitter scripts, listeners and CDNs in websites and apps (even if they claim to be “open”)?

@theprivacyfoundation at least a little bit, but if you're actively depending on those services as an integral and hard-to-change part of your app you're definitely being too loose with those terms

@theprivacyfoundation you may be using free software but it's shackled by a nonfree service

@theprivacyfoundation It's hard to don't use a technology where GAFAM put their hands on. (TypeScript, Go, QUIC, etc.)
But concerning CDN's and social network scripts, and all the shit around trackers... you definitely can and should avoid it.

@theprivacyfoundation to use a technolgy where GAFAM didn't put their hands on*

@theprivacyfoundation
I don't necessarily see a direct relation with "open source" and "private" (even though apps which focus on one usually also focus on the other)...

So I think you're asking two very different questions:
- Are we being loose with the term "open source" [...]?
- Are we being loose with the term "private" [...]?

@theprivacyfoundation Loose with the word "private", yes. "open source" not so much...

@jack Do you feel that those orgs (, or ) are truly open, even if their license model is? It seems as though the APIs and SDKs they might have are doorways to a closed world. And that they are directly connected to losses of , which is often a reason to use open source software.

What are your thoughts on that?

@theprivacyfoundation

Whether or not a piece of software is open source or not is orthogonal to whether it helps or harms privacy, although there's probably a skew towards privacy-preserving functionality in open software.

Open source (and free software especially) is concerned with the legality and ethics of code distribution, modification and use.

@theprivacyfoundation

Given that the OSI definition (criterion 6) and FSF software freedoms (freedom 0) grant people rights to use software for *any* reason, it follows that people may use (F)OSS for privacy-destroying reasons.

Obviously the fact that a (F)OSS project can be forked to remove privacy-destructive functionality is a big plus in its favour, but (F)OSS alone is not enough.

@theprivacyfoundation

Of course, *all* developers should be aware of the privacy implications of using any code, just like they should be aware of the copyright license that code is under.

(And, in fact, the GDPR does place an obligation to write software that includes data protection by design and by default as one mechanism of ensuring this but enforcement of Art. 25 is not going to be exactly... robust)

@jack Thank you. And we do get that we are essentially arguing semantics, but feel it's necessary to understand the impact of going into Open Source projects with our eyes closed on privacy.

Appreciate you taking the time to comment.

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!