
A New Digital Manifesto - danShumway
https://anewdigitalmanifesto.com/
======
sjs382
Along similar lines, John Perry Barlow's "Declaration of the Independence of
Cyberspace" from 1996 is something I make a point to read often.

[https://www.eff.org/cyberspace-independence](https://www.eff.org/cyberspace-
independence)

~~~
gotts
Thanks for sharing. Good read

------
glitchc
Where's the right to forget?

If someone takes a photo of my driver's license and posts it on their website,
does their right to communicate (and remember) override my right to have that
photo deleted?

~~~
danShumway
Yes.

I realize that the privacy community is diverse, and different people have
different opinions on this. In general, I've tried to be vague enough with how
I stated rights so that they could be applied to multiple different
situations. I wanted there to be a little bit of leeway and ambiguity.

However, on this point in particular, I take a hard stance:

> Users have the right to share information with others, _to share indexes of
> that information with others_ , and to tell other people that the
> information exists.

I explicitly mentioned indexes to respond to people who claim that forcing
information to be de-indexed or removing it from search queries isn't the same
as censoring that information. I respect people who believe that, but I think
they're wrong.

~~~
glitchc
According to your logic then, if I use a service to store personal artifacts
online, then the vendor providing that service can use or modify those
artifacts in any way they see fit. My only protection or recourse seems to be
to limit participation to useless or irrelevant information. How is that any
different from the present day Internet?

Any digital bill of rights that doesn’t protect my rights to my own
information is worthless.

~~~
dbtx
Agreed, we still have the right to avoid having one's identity stolen, to take
action toward making that more difficult, to protect our one real name IRL.

Parent: if you s/driver's license/credit card & CVV visible/, does your
position change? It's "just another picture of a thing."

~~~
danShumway
Good question.

As a practical example, I am skeptical that Todd Davis should be able to force
Wired to take down his social security number[0]. I am also skeptical that
people should be able to demand that HaveIBeenPwned remove their information
from a database.

On social security numbers or IDs, I am definitely more _open_ to discussing
limits to the Right to Remember if they're very narrow and very rigidly
defined, in the same way that I'm OK with exceptions to Freedom of Speech that
are narrow and rigidly defined.

However, I want to posit that if infrastructure around identity verification
is broken, we should focus on fixing the infrastructure, not curtailing rights
as a band-aide. Identity theft is rampant because our identity metrics are
horrible. Social security numbers are a joke. Credit card numbers are a joke;
the only reason that system works is because banks are willing to reverse
charges whenever identity theft happens. These are bad systems, but instead of
forcing companies to fix them, we restrict user rights to make it easier to
have some semblance of pseudo-security.

This same principle has come up in a few other places on this page,
particularly with the Right to Filter, and whether that should allow a
monopoly communication platform to circumvent the Right to Communicate. My
take on that is similar: this sounds like an infrastructure problem. We
wouldn't have an issue there if we didn't allow a private company to have a
monopoly over communication online.

To me, it feels like people are attacking the wrong problem.

It's also important to remember that the Right to Be Forgotten is separate
from GDPR. Where GDPR (arguably) is narrow and allows you to demand that a
subset of companies delete specific PII, the Right to Be Forgotten is broad,
and allows you to make demands regarding general information and your
reputation.

I have some issues with GDPR as it's implemented today, and I won't go out of
my way to endorse it, but I also won't take a strong stance that GDPR is
incompatible with the Right to Remember. Readers can draw their own
conclusions, but on GDPR, I'm neutral.

But I do take a hard stance on the Right to Be Forgotten. There's a difference
between talking about edge-cases with IDs in a private, purely corporate
database, and talking about deindexing news articles.

[0]: [https://www.wired.com/2010/05/lifelock-identity-
theft/](https://www.wired.com/2010/05/lifelock-identity-theft/)

~~~
michaelmrose
SSN as proof of identity is stupid. Any time proof of identity requires you to
share all information needed for the party to impersonate you to other parties
you know that you have fucked up and undermined the purpose of such proof.

It a sane universe you simply share proof of your secret and we move on to
discussing policies regarding data about you instead of data you have a direct
interest in controlling.

------
323454
How do you reconcile the right to communicate with the right to filter? If I
want to publish something on someone's platform, and they don't want me to,
who's "right" wins? Similarly with the rights to hide and to remember.

I understand that rights are more like aspirational principles than concretely
achievable properties, but I think this particular list of rights wants to
give everyone everything.

Maybe the author could provide some more colour on what specific situations
they have in mind and how the rights would be used.

~~~
danShumway
In the US, we see this same conflict with Freedom of Speech and Freedom of
Association. It's a real conflict that does complicate things, but it's not so
much of an issue that we've needed to revise the US Constitution (yet ;))

My short answer is that where public communication (one-to-many) is concerned,
the Right to Communicate:

A) describes _voluntary_ communication. It doesn't give you the right to force
someone to listen to you, it gives you the right to share information with
someone who wants it. (I would be open to modifying the language if that
distinction isn't currently clear.)

B) are designed to combat legal challenges (Facebook may ban you for talking
about something they don't like on their platform, they shouldn't be able to
sue you).

C) are designed to draw attention to infrastructure and monopoly problems (the
existence of one company that controls a large majority of web content is in
itself a threat to these rights).

These rights are purposely vague because I want them to be stronger than just
my own opinion; I want them to be somewhat interpretable and adaptable.

However, in my opinion if I want to publish something and I have to publish it
on Mastadon instead of Twitter, I don't consider that to be a violation of my
Right to Communicate. If Twitter becomes the only way to publish content, or
it controls so much of the Internet that publishing outside of Twitter is
infeasible, then in my opinion it's reasonable to start talking about
antitrust.

There's leeway there -- ISPs are always going to be gatekeepers just because
of how the Internet is structured, so maybe we decide that it's OK to force
Net Neutrality on them. In general though, we should break apart monopolies
rather than force them to be neutral.

Bear in mind that the Right to Communicate is also about the right to encrypt
message contents and to conceal message recipients, and to circumvent platform
restrictions that try to remove those rights. The right to publicly publish
information is only part of that, and is (imo) an already relatively well
established right that I don't lose much sleep over. Other people may disagree
with that, but I don't think Twitter/Facebook have as much control over modern
communication as is often supposed.

~~~
nine_k
Hmm.

Imagine you are running a forum.

A few users decide to use it to exchange some encrypted content,impenetrable
walls of base64.

Should you be able to ban them, and remove their postings, if they don't
listen to polite requests to stop?

How is this different from being an email service, or an ISP?

I mean, there are more relevant details than the very broad formulation
assumes.

~~~
danShumway
To start with I definitely shouldn't be able to sue them or bring legal action
against them. That would violate their Right to Communicate. If I put a clause
in my EULA that said, "you can't post any information that I can't read," I
don't have a right to legally enforce that clause.

However, as a forum owner, I have the Right to Filter the content and users on
my forum, so I can ban them. And they're free to go to another forum and
communicate that way.

Now, let's say that my forum is ridiculously popular, and completely
entrenched, and that I take active steps to kill or buy any competing forums,
and eventually my forum becomes the only way to share content online. I still
have the Right to Filter, but you could argue (and I personally would argue)
that my _existence_ as a monopoly is incompatible with the Right to
Communicate. Essentially, I have privatized a public resource, and my forum
should either be broken up or (if that's not possible) regulated like a
publicly owned resource rather than as a private one.

That last point is where ISPs become interesting. ISPs aren't nationwide
monopolies, but they are often regional monopolies. If your only choice of
provider is Comcast, and Comcast doesn't follow Net Neutrality, then I would
argue that Comcast's _existence_ is incompatible with the Right to
Communicate. You don't have a choice of going somewhere else -- if Comcast
filters, you just flat-out can't access public content.

It is very, very difficult to break apart ISP monopolies. Additionally, ISP
monopolies consume large amounts of public funding and subsidies, which means
the public can make a strong claim that they are borderline essential, public
utilities, at least partially funded through public taxes and city-wide
contracts. And without a neutral ISP that everyone has access to, the Internet
just flat-out doesn't work. Because of that, I personally support government
restrictions that force ISPs to respect my Right to Communicate. But if
someone thought that was a bridge too far, I wouldn't say they were stupid.
The ambiguity on that issue in the manifesto is on purpose; I want guiding
principles rather than a step-by-step tutorial on every problem.

In regards to email, the same principles apply. Is the current system making
it impossible for users to (voluntarily) communicate with each other? Spam
doesn't count here, the Right to Communicate is not a right to force everyone
else to listen to you. What is concerning about email to me are cases where
untrusted IPs mean that multiple parties who _want_ to communicate with each
other are getting emails bounced and/or silently rejected with no way to fix
the problem or bypass it.

If you wanted to make a case for regulating an email service with some version
of Net Neutrality, you would need to make a case that email is a fundamental
public utility that users/communities can't just avoid or bypass, that
providers like Gmail/Yahoo are so big that they can't be broken up or unseated
by normal means, and that they're currently failing to meet the standards that
their size/power demands. I think making that argument about email providers
is a lot tougher than making it about an ISP. But again, different people
might reach different conclusions.

------
rollinDyno
Nietzche said something along the lines that we get the rights we fight for,
and we will lose those we stop caring about. Are you willing to die for your
right to, for example, filter?

At some point the pile of rights will start conflicting each other and will
also start becoming too costly to enforce. Sorry for being overly cynical but
I stay hopeful that in the near future code literacy will be as common as
alphabet literacy thus allowing anyone to circumvent these trespasses.

Edit: I would expand the right to filter to include the right to sort. I was
thinking about it earlier today when searching for what used to be a popular
post on Reddit. I thought I'd find it by sorting by all-time top but the
number of members community had grown considerably since that post was
submitted there, making what used to be a very popular post actually
insignificant. If I would've been able to sort I would've been able to
normalize the votes count so that it is relative to the number of members in
the community at the time of submission.

~~~
megous
> Nietzche said something along the lines that we get the rights we fight for,
> and we will lose those we stop caring about. Are you willing to die for your
> right to, for example, filter?

Whys such extremes? All you really need to be willing to do is to write some
software to perhaps scrape data and then filter them locally. Certainly
there's no need to die. Or did I miss something?

------
dfabulich
This manifesto forbids moderators from banning users on a forum! It’s
completely unworkable. I profoundly doubt whether the author has ever
moderated a forum before, say nothing of a meaningful social media site. Why
should we listen to any of this?!

~~~
danShumway
Banning users from a forum is literally the second right I list.

> Both users and communities have the right to filter and organize the content
> they consume and host

[https://anewdigitalmanifesto.com/#right-to-
filter](https://anewdigitalmanifesto.com/#right-to-filter)

~~~
dfabulich
That’s not what filtering means. Filtering is kill files, ignoring people you
want to ignore. (Look at that icon, of a person plugging his _own_ ears.)

If I’ve banned you from my forum, you’ve lost your right to communicate there.
If I can do that, if Facebook and Twitter and Hacker News can all “de-
platform” you, all without violating your right to communicate, then the right
to communicate means nothing.

~~~
danShumway
See the thread on
[https://news.ycombinator.com/item?id=21444900](https://news.ycombinator.com/item?id=21444900)
for more details on why the Right to Communicate and the Right to Filter are
not mutually exclusive.

The TLDR:

\- The Right to Communicate describes voluntary communication between multiple
parties that want to communicate, not the ability to force someone to listen
to you.

\- The Right to Communicate is not a right to access to every single private
platform or community, any more than the Right to Modify is a invitation to
hack 3rd-party computers.

\- Nevertheless, it is valuable to have a right that guarantees access to
encryption, including encrypted metadata, and that enshrines a right to
create, distribute, and host communication tools, including websites.

If it's not clear to readers that filtering content includes filtering content
sources, I'll look into making that text easier to understand. But I do know
what the Right to Filter is intended to mean, because I wrote it.

------
Zamicol
There's no date on this, or other contextual information. Wayback machine
seems to suggest this is newly published.

This seems to reuse a lot of material from the "Internet Citizen Bill of
Rights" started sometime around Jan 27, 2016.

[https://github.com/Cypherpass/InternetCitizenBillOfRights/bl...](https://github.com/Cypherpass/InternetCitizenBillOfRights/blob/master/README.md)

And there's a subreddit for it:
[https://old.reddit.com/r/InternetBillOfRights/](https://old.reddit.com/r/InternetBillOfRights/)

Daniel Shumway, please feel free to get in touch.

~~~
danShumway
It's all extremely mysterious! ;)

I'm unaffiliated with the Internet Citizen Bill of Rights, this is the first
I've heard of it. I don't have any major criticisms of the document, but I
still probably would have written my own manifesto even if I had known about
it. Some of these seem a little over-broad just based on a quick glance, and
at the very least I would have wanted something with more detail than just
headers and a one-sentence description.

> For questions, comments, and criticism, write to <prefix-
> here>@anewdigitalmanifesto.com.

If you have questions/comments you're uncomfortable posting on HN, I'm pretty
sure that email address works, but I haven't really tested it.

------
shaneprrlt
I think the right to communicate is a part of a right to freely express
oneself, which would be much more meaningful to codify in my opinion.

~~~
danShumway
Would you be willing to expand on that?

My instinct is to think of self-expression as a subset of communication, so
I'd be curious to hear your thoughts on what parts of self-expression aren't
currently being encapsulated or covered.

~~~
sixstringtheory
I'm trying to think of counterexamples to each approach. Can one express
oneself without communication? Can one communicate without expressing
something about themself, or, slightly more relaxed, without having someone
perceive something about them?

------
joshiefishbein
> Users have the right to subvert software and platform restrictions that
> would force them to consume content that they do not wish to see, and to
> teach other people how to subvert these restrictions. Users have the right
> to distribute software that circumvent technological restrictions for the
> purposes of personal content filtering.

How about "Users have the right to not use software that forces [...]"? I have
a hard time agreeing with the idea that people agree to a ToS and then have a
right to abuse the platform. Seems like that could lead to an
inconsiderate/unsafe/unfair place for other people and stakeholders in that
platform. I understand that anyone can do whatever they want whenever they
wish and that it's up to the platform to battle "subversion" and misuse – but
I don't believe it should be an indoctrinated imperative.

This applies to most of what is found in "Right to Modify". I think there's
truly a legal nuance to who owns what (especially when a lot of folks are
currently renting their phones from their device manufacturers or service
providers).

The sentiment seems to elevate the end user and expose the software developers
a bit more than I personally care for. There should be more emphasis on the
responsibility of users to understand what they are getting themselves into.

EDIT: I drew my guns too quickly and forgot to mention I appreciate most of
the other points and its simple presentation. I see the OP in the comments and
commend ya for taking the leap.

~~~
x220
The great thing about the right to modify is that it's a natural right. I can
use uBlock Origin and no one can stop me unless they engineer a tyrannical
system. Users reverse engineer programs and subvert restrictions because
internet companies are notorious for breaking the law or crossing ethical
boundaries without paying for it. EULAs often contain illegal clauses, so it's
unreasonable to ask people to follow the EULA. At the end of the day users
will (barring some Orwellian software restrictions imposed on everyone) do
what they want and take whatever liberties they can to browse the internet
without restrictions and without tracking if that's what they want. If
internet companies didn't want this to happen, they shouldn't have fucked over
consumers at every possible opportunity.

------
kapnobatairza
What about the right to appeal / speak to a human arbiter? If you get banned
from a major service like Google or Facebook or Amazon it can have major
ramifications on your life.

------
danShumway
Hosted on Netlify, so
[https://web.archive.org/web/20191104180034/https://anewdigit...](https://web.archive.org/web/20191104180034/https://anewdigitalmanifesto.com/)
for anyone running into problems related to their current CDN outage.

------
zwieback
Is it implicit that these rules apply don't apply to the workplace or other
situations that aren't public?

~~~
danShumway
That's a good question.

My intention was yes, there is an expectation that if you're renting a
computer on behalf of an employer or accessing their internal network, that's
a different situation than using a personal device. In the same way,
circumventing a captcha to automate logging into an account you own is a right
I imagined being protected, but exploiting an XSS vulnerability to scrape
private data behind a login is not.

I would be open to having my mind changed on where that line is. I'm cautious
about trying to nail down a very hard line about what is and isn't 'public',
because I see some ambiguity (using a personal device for work, using EULAs to
enforce non-disparagement clauses).

With Right to Remember, I felt like I needed to at least allude to that
distinction:

> and archiving information that _they have lawful access to._

But I didn't feel comfortable drawing hard lines elsewhere. If I found a solid
metric that I felt could be easily, universally applied, I'd be willing to
adopt it.

------
clamprecht
"the right to publicly publish..." seems redundant.

~~~
danShumway
I've heard a lot of people in my own circles use the word publish to refer to
posts on private platforms like Facebook that aren't publicly accessible.

It is a bit redundant, but I wanted to be certain I got across, "you have the
right to put information on the Internet where everyone can see it, not just
to post in someone else's walled garden."

------
marcus_holmes
I was with this right up to The Right to Modify.

If I create something, I get to say how people use it. That's the core of the
wonderful proliferation of software licences.

If I don't want people to see the source code of something I write, either
because I don't want to deal with the criticism or because I've hidden some
malicious nasty in there, then that's my call. Anyone can choose not to
execute my code on their machine, that's their call.

Anything else ends up enforcing a defacto GPL on the world.

~~~
danShumway
Without the Right to Modify, it is very difficult to guarantee any of the
other rights I've listed. Most of the rights I list have provisions explicitly
outlining that users have the right to circumvent DRM, captchas, and other
technological locks that prevent them from exercising their rights.

Without the Right to Modify, anyone could restrict any of the other rights on
this page just by flipping a few bits in software and calling it DRM. Imagine
if a website operator could sue Gorhill because Ublock Origin circumvented
anti-adblocking measures in clientside code.

~~~
ocdtrekkie
The problem is realistically, DRM exists to prevent unlawful access and use.
Your "right" narrowly avoids the topic by claiming users only should have the
right to circumvent that which prohibits access they're legally entitled to.

However, imagine a term of service that only grants access to a website in
exchange for viewing ads. (This is the implicit contract of ad-based web
viewing from the beginning, but websites aside from some streaming video
platforms have not really "enforced" the fact that users pay for content by
viewing ads.)

~~~
belorn
> imagine a term of service that only grants access to a website in exchange
> for viewing ads

Lets first imagine that the term of service is fully understood by the users.
The tracking is explained and understood, the trading of personal data, the
auction of targeting advertisement to anyone, the lack of liability in case of
malware. In that world it make sense that websites enforce the trade of access
in return for all the above.

Until then we have the wild wild west that is online advertisement without
regulation, liability or contract between the user and the publisher.

------
alexfromapex
Overall good but needs some tweaking

------
nathias
what about a right not to be manipulated (transparency of algorithms)

