***** "Big Tech" Users' "Bill of Account Rights" *****
While I would be loathe for such a concept to include specific technological requirements that could not quickly evolve as necessary, I am increasingly thinking that some sort of "Bill of Account Rights" for the users of "Big Tech" is become a necessity. This might need to be legally binding, although a less formal agreement could perhaps be a viable alternative.
The focus of such a concept would be account lockouts, recoveries, appeals, access to user data, and related areas.
This would not be a trivial undertaking. Creating a viable model that is sufficiently impervious to gaming by bad actors is a major task.
That said, the current ad hoc nature of how these firms deal with users (especially the most vulnerable ones) in these regards seems increasingly untenable and unacceptable. -L
I'd be even more worried about detriments to good actors, as the standard would run into issues of diversity in the sector and progress.
With different areas having different forms of association between users and service providers, it'd be hard to come up with generic models that apply effectively to all, even as tech changes, and that's overlooking issues of different users having different preferences.
@volkris The opaque, ad hoc, largely arbitrary systems currently in use serve many groups of users very badly, and we only hear about a fraction of the cases. I know this to be true.
Yeah, but one size fits all tech policies raise different problems in a world of diverse users and use cases.
It might be even worse.
@volkris You don't have one size. You have a set of general guidelines that can be customized for each use case. Like: "When criminal activity is not involved, accidental lockout from an account cannot mean that the user is provided with no means to retrieve their already stored data."
That's a fine example, as it shows how tricky this stuff really is:
Fediverse is a distributed platform, so how would that apply to a service provider working here? If my instance accidentally locks me out, does it get off the hook completely by saying the user can pursue already stored data from other instances? What if the technology is designed around storage in the distributed system, so the instance can't help retrieve stores data anyway?
That such rules may assume centralization in an increasingly decentralized internet, of late, shows how those general guidelines would be hard to craft.
So you see, once the designer starts adding the exceptions like those, it becomes clear that this problem is thornier than it sounds at the beginning :)
And one issue to emphasize is that the rules, and exceptions to the rules, will likely favor incumbents over challengers, if nothing else because the rules will focus on what's already being done without looking at the unknown that will come next.
The "I don't know of anyone" part naturally raises issues of the challenger with a great idea who's not yet known.
@volkris I am concerned with helping the most people possible in the most practical ways. Even if such a rule applied only to the very biggest of tech firms, it would be immensely valuable to many lives. I will not let the seeking of perfection and 100% inclusion as you seem to be arguing, derail mechanisms that would be enormously better than the status quo. With time, such protections can be expanded to other players and other models. But the status quo must not stand.
I'm certain that your intentions are good, trying to help the most people, but all too often the unintended consequences end up doing more harm than good.
I fear this sort of thing is exactly one of those cases.
All too often well-meaning regulation ends up stalling progress, disempowering exactly the people it meant to serve, and generally being caught grappling with unknown unknowns, and that is especially dangerous in an area such as tech, where paradigms can shift in mere years.
It's one thing to see the failures of, say, zoning laws that play out over generations, but tech moves so much faster, with so much more downside risk to fingers accidentally put on the wrong scales.
@volkris Fine, then you can just let all those Google users who get locked out of their accounts and lose their emails, photos, and everything else built up for years because G does not have a system for dealing with them, just swing in the wind while you work out a universal system. I'll move ahead in my direction. You can theorize forever if you wish. Good luck.
History teaches us the dangers of that path, but it sure is a popular one.
Really, it comes down to hubris, people with best of intentions who think they can solve difficult problems that are really quite thorny, with all of those unknowns.
So unintended negative consequences are so common in our past. But it's hard to learn lessons from the path when, oh this time will be different, this time we can definitely engineer the system that will only have upside!
This time is rarely different.
@volkris It's not a matter of how the data is stored, it's a matter of responsibility by the controlling entity. For 99.999% of cases, this is centralized services, such as Google.
@volkris I don't know of anyone storing significant data on (for example) Mastodon sites. In any case, such rules would inevitably have a lower size limit probably in the millions, at least for the foreseeable future.