RFC: User Data Manifesto

Hi, I’d like to know your opinion on the current draft for the User Data Manifesto.

user data manifesto

“User data” means any data submitted by or collected from a person using a service on the Internet, on which a user has power.1

This manifesto aims at defining basic rights for people regarding their own data in the Internet age. Roughly, we refuse feudalism: people ought to be free and should not have to pay allegiance to service providers.

Thus, users should have:

  1. Control over user data access

    The data that the user uploads should be under control of this person. Users should be able to decide whom to grant direct access to their data and under which permissions.2

    Cryptography3 is necessary to ensure this.

  2. Knowledge of where the data is stored

    When the data is uploaded to a specific storage provider, users should be able to know: where their data is stored, how long, in which country, and which laws apply.

    It is recommended that all users have their own server in the long term and that users do not rely on centralised services. Use of peer-to-peer systems and unhosted apps are a means to that end.

  3. Right to leave a platform

    Users should always be able to extract their data at any time without being locked in to a specific service.

    Open standards for formats and protocols, as well as access to the program under a Free Software license are necessary to achieve this.4

If users have these, they are in control and can reasonably trust the services they use, rather than paying allegiance to the operator of a service.

When users control access to data they upload, it also applies to the operator of the service and to governments. Thus, a service should not force you to disclose private data (including private correspondence). That also means the right to use cryptography5 should never be denied. Exceptions where the user of a service “forces” the user to give access to some user data to the service provider includes cases where data that is necessary for the service to perform the service.6

Some services allow users to submit data with the intention to make it publicly available for all. Even in these cases, some amount of user data is kept private. The user should also have control over this data. This usually applies to so-called “metadata” or to the social graph.

When users make data available to others, whether to a restrictive group of people or to large groups, they should be able to decide under which permissions they grant access to this data. However, this right is not absolute and should not extend over others’ rights to use the data once it has been made available to them. What’s more, it does not mean that users should have the right to impose insane restrictions to other people. But this should be ultimately under the user’s control, not under the control of the operator of the service.

Ultimately, to ensure that user data is under the users’ control, the best technical designs include peer-to-peer or distributed systems, and unhosted applications. Legally, that means terms of service should respect users’ rights.

In the long term, all users should have their own server.

But it is also important that users are not stuck into a specific technical solution. This is why people should always be able to leave a platform and settle elsewhere. It means users should be able to have their data in an open format, and to exchange information with an open protocol. Open standards are standards that are free of copyright and patent constraints. Obviously, without the source code of the programs used to deal with user data, this is impractical. This is why programs should be distributed under a Free Software license.


  1. what’s not user data?

User data is not necessarily private data and does not necessarily relate to a person or contains personnally identifiable information. Thus, this manifesto does not aim at modifying personal data regulations, but rather aim at complementing them.


  1. For instance, the power to edit or move such data. That means that anonymously “dumped” data, e.g. on pastebin, or data that can be edited directly by anybody, e.g. a public etherpad, do not usually deal with user data.

  2. ^6 Services shall apply this principle in spirit. However, we understand that in order to provide some services such as providing email, some amount of user data needs to be accessed by the service provider (e.g. the email metadata from:, to: etc.) This is why Rule #2 is important.

  3. ^5 We mean effective cryptography. If the service provider enables cryptography but controls the keys or encrypts the data with your password, it’s probably snake oil.

  4. The GNU AGPL-3+ safeguards this right by making it a legal obligation to provide access to the modified program run by the service provider. (§ 13. Remote Network Interaction)

Who’s tracking me online the most: Google or Facebook?

In a year, how many times have Facebook and Google tried to track me while I was browsing the web? (Note: I’m not even subscribed to Facebook, I barely go to facebook.com).

June 3, 2012:

May 30, 2013:

Google: 32968

Facebook: 36328

PS: You too can block these with the adblock filters from antitracking.net. However, the domain is going to expire. If there are enough flattrs, I will renew the domain. If you are interested in the domain, please contact me ASAP.

Flattr this

If you’re looking for something more advanced: Try Disconnect.me extensions.

Google Talk discontinued

Will Google keep its promise and give xmpp users a way out?

As you may have seen, Google announced at their Google I/O conference that they were discontinuing their XMPP service, Google Talk. It’s very unfortunate, because XMPP is the most deployed open standard for instant messaging. It gave Google users the ability to communicate instantly with anyone using an XMPP federated service (like FSFE’s fellows XMPP server). Even Microsoft recently enabled its users to communicate to the outside world through XMPP. Now, Google is “replacing” Google Talk with Google+ Hangouts which will no longer support XMPP¹:

Note: We announced a new communications product, Hangouts, in May 2013. Hangouts will replace Google Talk and does not support XMPP.

What we know is that Google stops XMPP federation. Soon, Google users won’t be able to chat with anybody but other Google users. If I were paranoid, I’d say this makes their recent move on Google Talk look suspicious. But enough whining. What can we do about this? Well, there might be a way out for those of you who were using Google Talk as their XMPP service and who had a lot of non-Google contacts. Did you read Google’s Terms of Service? I bet you didn’t ;-). No worries, we sum it up for you at Terms of Service; Didn’t Read. So, you might have noticed this interesting bit:

Google enables you to get your information out when a service is discontinued Discussion Google gives you reasonable advance notice when a service is discontinued and “a chance to get information out of that Service.”

The full terms state:

We believe that you own your data and preserving your access to such data is important. If we discontinue a Service, where reasonably possible, we will give you reasonable advance notice and a chance to get information out of that Service.

So far, the only notice I have seen is on a developer page so I don’t think that counts for a “reasonable advance notice”; we yet have to wait for this when Google announces to their users that they discontinue Google Talk. Or maybe Google’s going to argue that they don’t “discontinue” a Service because Talk is replaced by Hangouts (which does not support XMPP and which isn’t federated). I’d argue it’s not true and that XMPP chat is discontinued. Hence Google should give users a way out. Let’s hope that those who have decided to pay allegiance to Google will be able to get their chat contact list out of Google Talk, with a way to import them into XMPP providers which are federated.

  1. it remains unclear whether XMPP support is entirely gone for xmpp-client-to-server according to Ars

Edit Source Link