A Penny For Your Bytes: Part 1 – About DCDR
By Jean Quéralt October 4, 2021
- Developers play key role of next generation of Rights defenders
- Provide clear technical guidance of the protections we wish to ensure
A new car built by my company leaves somewhere traveling at 60 mph. The rear differential locks up. The car crashes and burns with everyone trapped inside. Now, should we initiate a recall? Take the number of vehicles in the field, A, multiply by the probable rate of failure, B, multiply by the average out-of-court settlement, C. A times B times C equals X. If X is less than the cost of a recall, we don't do one.
The Fight Club, Chuck Pahlaniuk
Aside from being a book that should be read by most adults, Pahlaniuk defined in barely few lines the reality of most industries: how the cost of a remedial penalty is usually regarded as preferable than attempting to fix an identified problem, let alone learn the lesson and proactively do a better design in the next iteration.
Going back almost 20 years, I started getting concerned about data and how it was extracted and used by (at-the-time-not-so) big tech. I quickly realized that I was in no position to change any of the narrative and convinced myself that someone with more knowledge, connections and funding would take care of it.
Flashforward to a few years ago, under an unexpected turn of events, I had enough of waiting and decided it was time to attempt changing things. It was not lost on me that the enterprise was difficult (read crazy) and the odds were overwhelmingly low. With nothing to lose, I started The IO Foundation to advocate for Data-Centric Digital Rights (DCDR).
A quick definition of DCDR would be the attempt to establish the necessary technical standards to transparently implement your Digital Rights and enable technologists to create better and safer digital societies by embracing their role as nextgen Rights defenders. A mouthful, so let me unpack that with a few examples.
There are currently over 130 jurisdictions out there that have adopted some sort of data protection law. To date, they all have failed to provide effective, transparent, by design implementation because, as opposed to the car industry, they don’t provide a technical standard for their implementation. 50 different companies will interpret a given regulation the best they can, making it virtually impossible for citizens (and the authorities) to verify compliance.
Instead, we ended up with a remedial situation in which, like in the Fight Club, a company can simply budget money for compensations instead of ensuring your data is properly protected.
One comes to quickly realize that, as a result, there is a new player to consider: the developers that design and implement all the technology everyone is so much concerned about. Being at the core of ensuring that digital societies are, by design, safe for everyone, grants them the role of next generation of Rights defenders.
Problem is, not only are they not given clear technical directions on how to implement those regulations, there is effectively no technical standard defining Digital Harms and Digital Rights and thus all these are missing in their educational pipeline.
At this point, you may wonder why should this matter to you?
Take the overused knife metaphor: A knife can be used to both spread butter on a toast or to stab someone. We tend to say that the tool is not the problem, how we use it may be.
Now, what if we identified the possible problematic outcomes in advance and prepared the manufacturing regulations of knives so that their design didn’t allow for those harms to happen in the first place? What if we approved the making of knives that would remain stiff in contact with butter yet turned into jelly in contact with human skin? Science fiction? Check programmable materials.
Extending this concept to technology as a whole, it’s not hard to see that if we provided programmers with the necessary knowledge and clear technical guidance of the protections we wish to ensure, we would all have an opportunity to enjoy better and safer digital societies.
So what’s next?
In the coming weeks we’ll be exploring some of the key elements of DCDR, the nature of some of its core components, new perspectives in our understanding of our digital experiences and the changes we should promote in both education and industry in the tech sector.
Because we all agreed that we seek better and safer tech. Didn’t we?
Jean F. Quéralt founded The IO Foundation in 2018 as an organisation dedicated to promote, protect and provide solutions for Digital Rights.