Richard Stallman: Facebook is surveillance monster feeding on our personal data
Our world today may be a high-tech wonderland, but we, the users, own nothing in it, with our personal data being the new oil for Big Tech. How do we break its grip on our digital lives? We asked Richard Stallman, the founder and leader of the Free Software Movement.
Sophie Shevardnadze: Richard Stallman, the founder and leader of the Free Software Movement. Welcome to the show. It’s great to have you back one more time. It’s been a while. So, Richard, the Internet of today is all about collecting and using people's data. For instance, you call Facebook a ‘surveillance engine’ because all of the data mining it does. Do you think it is possible to make an enormous platform like Facebook without this large scale data collection - a social network that won’t spy on you? Or is collecting and monitoring data inherent to the business model of today's Internet products?
Richard Stallman: Well, I don't know if it's either one. And I don't think there should be a platform like Facebook. The only thing about Facebook that is specially useful is that you can get in touch with lots of people who have offered to be contacted. Perhaps, the government should run a platform you can do that with just so everyone can be on it. But once you contact a person you shouldn't be pushed to communicate through that same platform. No, quite the contrary. That should only be for how to get in touch with someone and then you'll talk with each other through any system of communication you choose. So you see, the business model of Facebook is to pressure people to continue communicating through Facebook and giving Facebook personal information. This is what makes Facebook a surveillance monster. So Facebook does not have users. Facebook has useds, people that Facebook uses. I'm not one of them. I have never had a Facebook account and I'm never going to. Facebook spies on people even who don't have an account.
SS: But let me ask you this: why should people be worried about data that the social networks collect about them? I mean, the data used is a bulk, the amount of it is so huge. You can't really do anything with it. It's not really personalised, is it?
RS: That's not true. Facebook personalises people and makes that data available for manipulating them, and it can discover things that people may not wish to have generally known to businesses, such as, if they're pregnant or if they're gay. You know, in some countries in the world you can get killed if the state figures out that you're gay. Facebook is used to carry out discrimination, racial discrimination in job offers and housing and so it can hurt people in lots of ways. And this is not to mention the fact that the U.S. government can collect all of that data at any time and find out a lot about people. And not only that. You know, Facebook has some data. Google has some data. These companies don't have access to each other's data directly but they all get sold to data brokers. And even if they're sold without the person's name and address what happens is the data brokers figure out who it is. They figure out that this is your record from Facebook, and that is your record from Google, and that's your record from Twitter, and that's your dossier of travel from Uber. And they put it all together to draw conclusions. And the FBI does the same thing. Now, this starts to be dangerous. There may be some governments in the world that don't threaten people with the use of their personal data against them. But they're not the powerful governments. They shouldn't get that kind of information...
SS: Mark Zuckerberg has published a manifesto called a privacy focused vision for social networking and there he actually outlined the idea of creating a new communication platform which would be ‘focused on privacy first’ and people's communications there will be private, encrypted and safely stored. Do you think Facebook can create something as safe? I mean, would you trust it?
RS: No it can't. In fact Australia just made a law claiming the power to punish anyone in the world that refuses a secret demand to sabotage the privacy of a communication system, and that would include any employee of Facebook or any other company, if the company allows users in Australia. So it's going to take courage to refuse this kind of insidious evil demand and a company like Facebook would never even think of refusing, would hardly resist at all because they're in it for the money and they're not going to get money by seriously defending anybody's rights. But, you know, if we want to have privacy it's not enough to have rules about the use of the data that's collected about us. We need to design systems so that they don't get data about us. That's what privacy really means - it means anonymity. And that's the opposite of Facebook business model. So it's hardly ever going to allow anonymity. Remember, Facebook is the company that started demanding people give their real names and have only one account, which is a tremendous restriction.
SS: OK. And then the governments as we know now collect data in droves as well for security purposes, it is claimed. Last time me and you spoke...
RS: They call it security.
SS: Yeah, last time me and you spoke you said you weren't against authorities using data to investigate people with a warrant or at least on a valid suspicion. But today's algorithms allow artificial intelligence to flat potential threats by scanning data. Do you think, it's a reason good enough to use it? Let's say, a program scans social networks and identifies a potential school shooter by their posts online, wouldn’t that be a good thing?
RS: It doesn't work. It's known not to work. The fact is a lot of people don't talk about what they... Well, a large fraction of such killers don't actually talk about what they're going to do, they're indistinguishable from thousands of other neo-Nazis who might conceivably commit violence. But most of them don't. So that method is bogus. In any case a government that doesn't respect our rights is even more dangerous than occasional terrorists that don't respect our rights. Of course, they don't. The point is that you can't make people safe by setting up a tyranny of surveillance as in ‘1984’. Somehow we have to investigate when there is evidence of a specific threat. And that means when there's evidence to suspect someone then that can authorise starting to collect data about that suspect. But to collect data about everyone in the world in case one of them is later suspect - that prepares the way for repression. And we have to make ourselves safe from repression as well as from terrorists.
SS: So, Richard, you told me also that we need a critical mass to fight against today's total surveillance, but is it even possible to assemble this critical mass these days?I mean, it seems to me that the general public is quite complacent about online visibility and privacy. I mean, people grumble when NSA or Google get their e-mails but they still use those gmails anyways, they use credit cards over library Wi-Fi, use unsafe messengers…
RS: You don’t need credit cards...
SS: My question is how do you rally people around the privacy cause if they don't really feel like it's important enough to change their everyday habits for it?
RS: The first step is don't be defeatist. Don't say “oh, nobody cares anymore, it's useless”. Because that just guarantees defeat and we’ll never have any kind of privacy and we’ll not have democracy either if we tolerate constant surveillance. And I reject a lot of systems of surveillance that most people do tolerate, for instance, I don't know if you could see my button but it says “Don't be tracked, pay cash”. I never use credit cards for anything except airline flights and the only reason I use it is because they demand to see my ID any way. So there are a lot of things you can do the anonymous way if you're willing to make some effort. So the question is: will you make a sacrifice for your freedom and everyone else's? We can implement convenient systems as well.
SS: Let me ask you this - what is the ‘critical mass’? I mean, how does it manifest itself? Would a privacy march on Washington help or will it take a boycott of some online services? What has to happen?
RS: I don't know. What I do know is that the more we demand privacy the more we'll get it. I've cultivated contacts with the Cambridge City Council and the council is considering now the licensing of scooters on the street. Well, I'm proposing they should require that the scooters permit anonymous usage so that they don't know who is using the scooter. They know, somebody paid, of course. They want people to pay for using them. But there are ways to do that where they don't find out who. And that is what I'm saying. The city council should require these systems to permit. How do you get a critical mass? You get it by making small actions and occasionally winning something, and this builds the awareness that there's something to fight for.
SS: So, the Internet, when it began, was an anarchic playground, and now, like in real life, it's dominated by a few giants. If the giants hold all the markets, where does a user who needs an alternative go?
RS: Well, you talk about markets, but what I do on the Internet has nothing to do with markets. So I'm actually less concerned with markets than I am with communicating with people. Let's look at what the sensitive data are, about you or any person, what is it that the state should not be allowed to know about everyone: where people go, what they do while going there, and who talks with whom. These are the most sensitive data, things that we should do the most to prevent from being tracked massively. It should require a court order to begin collecting data about any particular person, and the court order should be justified by specific reasons that show a judge that that person must be investigated. We have to set up all systems that can track people to follow that rule, and this doesn't just mean the Internet, they're putting up cameras in the street to recognize car license plates and people's faces, and listen to people. There's a scandal now in the UK that Chinese cameras have been put up, and they may be transmitting the video or the sound to China. But you know what? They could be transmitting to the British government too, and that's even more dangerous for you if you're in Britain and you're a dissident of any kind. And we know that the police have investigated protesters, non-violent protesters, politicians or even Members of Parliament. So you just can't trust, and you have to make sure that they can't do that on their own accord.
SS: Should there be some trust-busting done, like Roosevelt-style, against monopolizing the Internet? And is it possible, like breaking Google into many smaller Googles, like Rockefeller’s Standard Oil back in the days?
RS: That wouldn't change much.
SS: Why not?
RS: That wouldn't change much, because remember, the data brokers put the data together, and so do the so-called security agencies. When they get the data from these companies, they put it all together. So it doesn't matter whether it's 10 big pieces, or 20 pieces, or 30 pieces, they'll still get all those pieces and hook them up into one coherent collection of data. So the idea of breaking up these companies is a distraction from what we really need to do, which is require these systems to be designed so that the data doesn't get collected in the first place.
SS: So the European Union right now is finalizing the Article 13 of the Copyright Directive, that obliges all social media and publishing platforms to install automated filters to scan our posts prior publication. These automated filters will block your posts if they decide that used a copyright video music or an image. Are these filters equal to censorship in some way?
RS: Well, ostensibly, those automated copyright censors are only about copying. Now, I think that's an injustice by itself. People... Copying and sharing is good, and people should be free, lawfully, to share copies of any published work. Now, not your personal data, which is secret, that's a different issue entirely. But once something is published, it's not a secret, and we should all be free to share it on the Internet. So that law is not only harmful, its purpose is unjust, but it's also going to serve the purpose of censorship, we know this from YouTube. We've seen cases where somebody posted, say, a political message, and somebody who doesn't like it claims it's copyright infringement, but this claim is a lie. Those false claims occur quite commonly, and they serve to censor the material that the liar wants to censor. And after 10 days, if the poster appeals, then it can go back up, but censoring somebody for 10 days through a cheap lie is very effective against political discussion. And then, there are the errors in the filters too. YouTube has been known to say about pieces of white noise that it's a copyright infringement of somebody else's different white noise or something, or rather it automatically gets things wrong. And if Google hasn't been able to do it right, nobody's going to be able to do it right. But, fundamentally, that law is wrong because its purpose is wrong, because sharing is good.
SS: So let me ask you this, the EU now is moving forward with another measure, it's a link tax proposing that users pay for sharing links to the news articles published online. Considering that news mostly travel through social media these days, how is it going to change the way we get information about what's happening around us?
RS: Well, what I understand is that large companies would be required to pay for posting links. I don't have much... I don't have a strong opinion about that. I'm not sure whether it's good or bad. I don't think it's as dangerous as the mandatory copyright filters. And I do think it's a bad thing, it's a bad thing for people to depend on social media platforms to get their news. I never do that.
SS: Ok. Right now, the regulations that exist on Internet globally do not satisfy the needs of one or other countries’ cultural codes, so each country is trying to regulate Internet inside it, in some way or another. Even Zuckerberg lately, in the article that we mentioned, has said that governments should be involved in regulating their Internets more.President Emmanuel Macron last year came out and said, I want to do something to regulate Internet in France, I don't like what America's doing, I don't like what China is doing, I don’t like what Russia is doing, but I'm going to do my own thing. So everyone is trying to regulate Internet inside their countries. Do you think it's a good thing? Should there be government regulation on Internet?
RS: Most of those countries are trying to block dissent so as not to have anything that resembles democracy. China is an extreme, vicious example.
SS: Not necessarily, I would disagree. I would argue that France is probably the most democratic country on Earth right now. So no, not necessarily, I wouldn't agree.
RS: No, no, I wouldn't agree. It's pretty clear that Macron also is thinking about laws that would enable, that would authorize blocking dissent, and a lot of kinds of dissent are illegal in France. Somebody mocked President Sarkozy once by repeating an insult that Sarkozy had said to a member of the public, and this person was put on trial and just barely escaped being jailed for it. There's actually a lot of censorship in France, and probably even more in Britain. So I am just as scared of government regulation as I am of some of the terrorist movements, you know, whether it's Islamist, or Nazi, or... They're all dangerous. But we've got to avoid leaving ourselves open to repression in our rush to defeat a lesser danger.
SS: Elon Musk is developing his project of a satellite network that would provide the whole planet with free Internet access. Are you afraid there's going to be a catch? I mean, nothing is really free. Will we have to pay for this somehow? Our data, perhaps?
RS: When I use the word free, it refers to freedom. I am much less concerned with whether something is gratis or not. I'm worried that if we all got our Internet connection through the same system, that it would censor, it would spy, it would restrict us in various ways, and we'd have no choice, no way to protect ourselves from that by going in some other way.
SS: You're so critical of the Internet of Things, or Stings, as you call it. Smart home tech, however, has its genuine virtues, for example, it could be easier for people with disabilities to control their house through an app. How do we get to the point where people can reap the benefits of such tech without having to pay with their privacy?
RS: Wait a second. The Internet of Stings is made up of devices that spy on everything you do with them, and they do this by communicating with the owner through the server of the manufacturer. And that means all the commands are recorded by the manufacturer, and all the responses, all the reports are watched by the manufacturer. This is a design for total surveillance. Now, I wouldn't allow such a device in my house. I regard it as a spy. On the other hand, we could have computerized devices that provide the same benefits, but are designed not to spy on people. It's actually not hard to do that. But that's not what companies want. They want to collect data, so they use the design that enables them to collect everything. There's even a sex toy that talks on the Internet, and you can let someone else send it commands for what to do, which might be nice, except that those commands all pass through the manufacturer’s server, so that manufacturer knows what the toy is doing, and probably knows who is sending it commands. You probably don't want the manufacturer to know that. Well, if that device were designed the right way, it would talk to your computer, and you could allow someone else to communicate with your computer, and your computer would pass the commands on to the toy, and then you get the same benefit, but it wouldn't be designed to spy on you.
SS: You’re an advocate of all things secure and trustworthy:pay with cash, don't use mobile phones, encrypt your traffic. But even if I go independent and set up my own encrypted satellite uplink, I mean, I'll still be watched by a whole lot of special services wondering what on Earth I'm up to! Not to mention how much it would cost.
RS: I doubt it.
SS: Oh yes, trust me. So why should I bother with all the nuisance? Tell me. Because it's just so inconvenient.
RS: Oh come on. Well, first of all, you've exaggerated. I don't have my own satellite uplink, that must cost a million dollars, and you'd have to get permission to use it. But you don't need anything like that. You just need to communicate through TOR. So it’s actually that easy.
SS: But my point is that creating all of this independence is so inconvenient in today's world. So inconvenient! I mean, it’s like creating your own ecosystem.
RS: It's not that... Well, not using a credit card is sometimes inconvenient, but I value my freedom, and when it comes to the choice, it's very clear to me that I don't want to sacrifice my freedom for a little convenience. And after all, why do we have any freedom at all? It's because in the past there were people who were willing to make sacrifices for it. We are all subject to commercial public relations trying to teach us that convenience is what we need more than anything else. If we want freedom, we have to learn to disagree with that commercial public relations. Now, when I don't carry a portable phone, it's inconvenient sometimes, but I don't want people to track me everywhere I go. That’s Stalin's dream!
SS: Alright. Thank you so much for this interview once again, Richard. It’s a pleasure talking to you, as usual, good luck with everything. We were talking to Richard Stallman, the founder and leader of the Free Software Movement, discussing whether our online privacy is buried for good in today’s tech-based world, and what can be done about it. Well, that’s it for this edition of SophieCo, I’ll see you next time.