Twitter appears to have behaved responsibly toward its users when it was served with a subpoena last month demanding the release of information for Jacob Appelbaum (a.k.a. ioerror), Birgitta Jónsdóttir, Wikileaks, Julian Assange, Bradley Manning and Rop Gonggrijp. Claiming “the COURT finds that the applicant has offered specific and articulable facts showing that there are reasonable grounds to believe that the records and other infomation sought are relevant and material to an ongoing criminal investigation”.
The subpoena was unsealed January 5, presumably at the request of Twitter, enabling them to inform their users they have ten days to file a motion to quash. Both Wikileaks and Gonggrijp suspect other providers, Google, Facebook, etc… have been served as well and may have quietly turned whatever they had over without informing their users or making any effort to protect them.
Wikileaks has put out a statement demanding Facebook and Google release the contents of any subpoenas they may have received. “Today, the existence of a secret US government grand jury espionage investigation into WikiLeaks was confirmed for the first time as a subpoena was brought into the public domain”.
The court issuing the subpoena said it had “reasonable grounds” to believe Twitter held information “relevant and material to an ongoing criminal investigation”.
It ordered Twitter not to notify the targets of the subpoena – an order the company successfully challenged.
The court order crucially demands that Twitter hand over details of source and destination internet protocol addresses used to access the accounts, which would help investigators identify how the named individuals communicated with each other, as well as email addresses used.
Twitter, came under criticism when it was accused of preventing Wikileaks from becoming a trending topic. Twitter denied this but it has more than redeemed itself by sticking up for its users. Can the same be said of other services? Can we trust the online services we use to protect our rights anymore than cell phone companies?
Many online groups say, no. There is a movement afoot to decentralize the web. Personally, my ears always prick up when I hear the word ‘decentralize’ and I advocate for decentralizing power production and banks and even democracy on this blog all the time. Centralized systems concentrate the power into the hands of a very few, often at the expense of the many. The more we rely upon centralized servers like Google and Facebook and Twitter the more vulnerable we become to unwanted and unwarranted surveillance and privacy invasion.
Enter ‘unhosted‘, an open source attempt to put some ‘grease’ between hosted applications like a website and the limited number of big centralized websites, that we all connect to. Normally, a hosted website provides two processing and storage. An unhosted website would theoretically only host source code and the processing would take place in the users browser. “These unhosted storage nodes can be provided by whoever provides your email hosting: your employer, ISP, university, mobile operator, public library, a hobbyist friend who runs a server at home, a hosting company, etc. They become just like mailservers, BGP switches, fibre links and other commodity infrastructure: independent of which application you run on top of them. And they only get to see encrypted data.”
Free/libre and Open Source Software (FLOSS) frees us from having to install proprietary software on our terminals. But installable software is losing ground to hosted software (websites). The server software is often open source (e.g. LAMP), but the website itself as a software product is almost always proprietary. There is an obvious reason for this: Even if an Affero license allows us to download the website’s source code, only a commercial company can finance the thousands of servers needed to host a successful website. To make things worse, hosted software has more power over its users than installable software, because it forces you to put your user data on servers owned by the same company that publishes the software. If you want to use Google Docs, you have to reveal your work to a Google-owned server (what Richard Stallman calls “careless computing”)…
We needed to break the one-to-one link between the software publisher who writes a website (e.g. “Google, Inc”) and the “hostage provider” who hosts that website (e.g. also “Google, Inc”). Unhosted creates a simple grease layer in the form of an open web standard (UJ/0.1) between the hosted software and the servers that host it, so this is decoupled.
The unhosted manifesto admits it may not be possible to decentralize everything on the web …”Websearch will be the most challenging one because of its inherent centralization”.