Indiana’s Lawsuit Against TikTok Fails As Well

Legal Issues

from the tiktok-china-bad-is-not-a-legitimate-legal-claim dept

Last week we wrote about how Montana’s ridiculous TikTok ban was blocked by a judge for being fairly obviously unconstitutional. But in the rush of the moral panic over TikTok coming from all over, I had missed that Indiana had sued the company. The argument was that TikTok had violated “child safety laws,” and in some ways appears to have some similarities with the recent state lawsuits against Meta.

If you want a preview of how that might go, well, a judge has dismissed the lawsuit.

The case was in local court, not federal court (TikTok tried to move it to federal court, but for procedural reasons it went back to the state court), but the reasoning for the dismissal is pretty straightforward: basically, wtf does any of this have to do with Indiana?

Here, the Amended Complaint does not allege facts sufficient to establish this Court’s jurisdiction over Defendants. The Amended Complaint does not allege that Defendants made any of their allegedly deceptive statements or omissions in Indiana, nor does it allege that those statements or omissions were specifically directed at Indiana users. The statements and alleged omissions are found in multiple sources, all of which can be characterized as directed to the U.S. market as whole. Some of these places include letters and testimony to legislators, interviews with news outlets, and statements on TikTok’s website.

While the Amended Complaint alleges that the TikTok platform is available to Hoosiers through third-party app stores, this is insufficient to establish specific jurisdiction because the State does not allege that TikTok specifically targeted Indiana. See Wolf’s Marine, N.E.3d at 17 (“If the defendant merely operates website, even ‘highly interactive’ website, that is accessible from, but does not target, the forum state, then the defendant may not be haled into court in that state without offending the Constitution”) (quoting be2 LLC v. Ivanov, 642 F.3d 555, 559 (7th Cir. 2011)).

Moreover, it is well-established that the unilateral act of third party such as Hoosier downloading and using TikTok, or third-party app store offering TikTok in Indiana cannot establish specific jurisdiction. See, e.g., Walden, 571 U.S. at 28586. As the Seventh Circuit has observed, if having an interactive website were enough in situations like this one, there is no limiting principle and plaintiff could sue everywhere. Adv. Tactical Ordnance Sys., LLC v. Real Action Paintball, lnc., 751 F.3d 796, 803 (7th Cir. 2014).

Still, the court looks at whether or not TikTok’s conduct here would have violated the state’s Deceptive Consumer Sales Act and finds that… no… it would not. First, downloading a free app is not a sale or transaction, so the law doesn’t actually apply:

As the downloading of the free TikTok app is not consumer transaction, the State has failed to state claim under the DCSA and TikTok is entitled to dismissal of the State’s Amended Complaint under Trial Rule 12(B)(6).

Furthermore, the court notes that it does not appear that TikTok made any “deceptive acts or omissions” that were related to any consumer transaction.

There are no allegations that Indiana users even heard these alleged misstatements, let alone relied on them. when deciding to download and use the TikTok platform. ln the absence of such allegations, the State has not asserted claim under the DCSA and TikTok’s Motion to Dismiss shall be granted.

Was TikTok deceptive? Well, the court doesn’t think the state presented any such evidence:

But notably absent from the State’s allegations is the “how” of the fraudin other words, the “identity of what was procured by fraud.” Cont’l Basketball Ass’n, /nc., 669 N.E.2d at 132; see also Himan v. Thor Indus, lnc., 2022 WL 683650, at 14 (N.D. Ind. Mar. 8, 2022). In particular, the Amended Complaint does not assert that TikTok’s alleged statements or omissions “led [consumers] to” download the TikTok platform, “which [they] would not have otherwise done if [they] had been fully informed.” Himan, 2022 WL 683650, at 14. This is dispositive and requires dismissal of the Amended Complaint…..

Similarly, the Amended Complaint does not allege facts establishing that TikTok’s alleged misrepresentations were material, or that TikTok acted with an “intent to defraud,” as required to state claim of incurable deceptive acts.

Even more to the point, regarding Indiana’s arguments that TikTok users were deceived and unaware that ByteDance employees in China might be able to access their data, well, the company has been kinda public about that?

First, the State’s allegations establish that TikTok disclosed to TikTok users the ways in which their data may be accessed and with whom it may be shared. TikTok users in the United States are subject to TikTok’s Privacy Policy, which is available on TikTok |nc.’s website. The Privacy Policy states that the TikTok platform “is supported by certain entities within our corporate group, which are given limited remote access to Information We Collect,” and that “entities with whom TikTok may share [user] data may be located outside of the United States.” Relying on the Privacy Policy, the Amended Complaint alleges that “current and recent versions of TikTok’s privacy policy state that it may share data it collects with its parent company ByteDance or other affiliates, or certain entities, within its corporate group, many of whom are subject to Chinese law.” Additionally, the Amended Complaint alleges that in 2020 former executive stated: “TikTok relies on China-based ByteDance personnel for certain engineering functions that require them to access encrypted TikTok user data.” Similarly, the Amended Complaint alleges that in “a June 2022 letter to multiple U.S. senators, TikTok acknowledged that ‘[e]mployees outside the U.S., including China:based employees, can have access to TikTok U.S. user data subject to series of robust cybersecurity Controls….

ln light of these alleged disclosures, TikTok cannot be held liable under the DCSA for not “alert[ing] Indiana consumers to the ability of TikTok to share their data with individuals or entities located in China, or for individuals or entities located in China to access that data.”

Indiana tried to argue that TikTok isn’t totally forthcoming about its relationship to ByteDance, but that’s not enough for a cause of action, especially since there’s no clear standard for what is the “appropriate” disclosure regarding the relationship:

Third, the allegations that TikTok downplays the “influence and control” that “ByteDance has over TikTok” are not actionable. The Amended Complaint does not allege that TikTok’s statements about TikTok lnc.’s relationship with ByteDance are false. Instead, the State argues that TikTok does not disclose “the full extent of ByteDance’s control over TikTok” and thereby paints “a picture for Indiana consumers that TikTok is an independent company and that the risk of consumers’ data being accessed and exploited by the Chinese Government or the Chinese Communist Party is minimal to nonexistent.”

These allegations do not state claim under the DCSA. The “extent of ByteDance’s control over TikTok” is not fact capable of being proven true or false, and is “too general” and subjective to support claim under the statute.

Look, we get it. Politicians (including Attorneys General) are going to grandstand about “evil social media” and TikTok in particular. But just saying “gee, this is scary” does not a credible legal claim make. And, really, if you’re filing bogus lawsuits to distract from the latest ethics investigation against you as Attorney General, it seems like a generally poor strategy.

Filed Under: child safety, china, deceptive practices, indiana, todd rokita
Companies: tiktok

Activists Call On FTC To Craft Tougher ‘Right To Repair’ Rules, Repairability Scoring System

Policy

from the fix-your-own-shit dept

On one hand, the Lina Khan FTC has been the toughest agency in history when it comes to “right to repair” reform — or efforts to let you affordably repair your own tech. On the other hand, given past regulatory actions have been minimal, that’s not historically saying much.

Still, the FTC under Khan’s leadership has taken consistent aim at companies that unfairly claim that using third party parts and repair services violate warranties. The Khan FTC also crafted a useful report debunking many of the dumber industry excuses for efforts to monopolize repair (such as claims that affordable, easier repair poses a serious security and privacy risk to consumers).

Still, activists say there’s a lot more the FTC could be doing if the agency crafted slightly tougher rules. So organizations like iFixit are calling on the FTC to beef up their rules to include the industry’s use of things like proprietary screws and parts pairing software blocks (both things Apple is a big fan of).

They’re also calling on the FTC to implement a repairability score system to better educate customers, similar to systems already deployed in France:

“We also are suggesting that they develop a repairability scoring system, which in the case of appliances covered by the FTC-administered Energy Guide program, could go on that yellow label that appliances must have. After all, the energy impact of an appliance has at least as much to do with how long it lasts (and how easily it can be repaired) as with its energy consumption during use.”

The FTC has consistently had its funding, staffing, and authority stripped away by industry lobbying under the well-documented pretense that zero government oversight of industry results in Utopian outcomes. The agency also consistently has a tiny sliver of the staff of overseas regulators when it comes to major issues like privacy, much less smaller reform efforts like right to repair.

Whether the FTC heeds the calls of activists and doubles down on right to repair enforcement remains to be seen. But as ongoing legislative victories in states like Maine indicate, the widespread, bipartisan support for such reform shows no sign of slowing down.

Filed Under: consumer protection, environmental waste, ftc, lina khan, repair monopoly, right to repair, warranties

Google Caves In Canada: Agrees To Pay $100m News Bribe To Avoid Direct Link Tax

Journalism

from the the-only-principle-is-money dept

It seems that every other day or so we get another story of big tech companies tossing principles out the window and caving to ridiculous government demands. The latest is Google, yet again, which has cut a deal with the Canadian government to bribe news orgs with $100 million to pay them off to avoid a more specific link tax. It’s the worst kind of corruption.

As we had detailed, almost everything about the Canadian Online News Act (C-18) was a corrupt monstrosity. Link taxes, themselves, are a fundamentally bad idea, that do real harm to both the open internet and the media.

I’ve seen lots of people on both sides “claiming victory” here. The Canadian government is claiming victory because they got the corporate welfare program they wanted, forcing Google to hand cash over to news organizations (the same news organizations that endorse politicians). Google and some of its supporters are claiming victory, because the structure of the deal more or less ignores the actual Online News Act for a side agreement that says “Google gives $100 million in exchange for Canada ignoring the actual law they passed.”

That is, the agreement is that Google forks over this money (close to half of what the government had claimed the company “owed” news orgs) and doesn’t have to negotiate with different news orgs, but with a single party that will distribute the money to news orgs.

Of course, we know how that setup works, because we’ve seen it before in other industries, like the music industry, and it always ends up a corrupt mess. The big news orgs will get some cash via this program, and be forever compromised in their coverage of Google. The smaller news orgs will get shafted. Down in Australia, which has a similar setup, despite the grand promises of everyone involved, smaller news orgs have suffered.

Michael Geist points out that this deal is more or less what Google had offered pre-C-18, but which the government had rejected. Further, he notes that this money will simply replace money that Google had already been giving to Canadian news orgs through other programs like Google Showcase.

Either way, while the deal isn’t a complete victory for the Canadian government, it’s still a loss to the open internet. As with Australia’s News Bargaining Code (and a similar deal by Google and Meta there), it only serves to inspire other countries to pass similar “bribe us too!” laws.

And anyone who thinks this is going to stop at news providers is not paying attention. Others are going to start demanding free cash from successful tech companies via government lobbying. Why wouldn’t you?

I had hoped that Google would actually stand by its principles on this one, but increasingly we’ve seen that Google has no problem compromising on those principles to cut deals with governments. Meta, for now, is still standing strong, but it caved in Australia and it’s probably only a matter of time until it caves here too.

Filed Under: canada, journalism, link tax
Companies: google

Daily Deal: Rosetta Stone (All Languages)

Deals

from the good-deals-on-cool-stuff dept

Embark on the journey of language learning with the Rosetta Stone lifetime subscription for all languages. Trusted by top-tier organizations like NASA and TripAdvisor, Rosetta Stone has been the go-to software for language learning for the past 27 years. With its immersive and intuitive training method, you might be reading, writing, and speaking a new language with confidence in no time. It’s on sale for $190.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Filed Under: daily deal

Documents Show A Bunch Of Canadian Government Agencies Have Access To Phone-Hacking Tools

(Mis)Uses of Technology

from the fisheries-just-out-there-hacking-phones dept

Looks like everybody who’s anybody has got a set of hacking tools in Canada. Well, at least in terms of the federal government. Documents obtained by the CBC shed some light on the prevalence of phone-cracking tech within the government. And what that light shows isn’t all that flattering.

Tools capable of extracting personal data from phones or computers are being used by 13 federal departments and agencies, according to contracts obtained under access to information legislation and shared with Radio-Canada. 

Radio-Canada has also learned those departments’ use of the tools did not undergo a privacy impact assessment as required by federal government directive.

Well, that’s pretty much how it goes here in the US, too. Tech is obtained and deployed. Years later — if ever — privacy impact assessments are delivered. Act first. Get into compliance later. And don’t even worry about apologizing. Sure, governments are supposed to serve the public’s interest. But if those interests don’t align with the government’s interests, well… tough shit, I guess.

It’s not surprising law enforcement and national security agencies have access to these tools. What’s a bit more surprising is how many regulatory agencies have (or have had) possession of device-cracking tech. The full list of agencies with these tools is bound to provoke some questions that won’t be all that easy to answer.

Fisheries and Oceans Canada
Environment and Climate Change Canada
Canadian Radio-Television and Telecommunications Commission
Canada Revenue Agency
Shared Services Canada
Competition Bureau Canada
Global Affairs Canada
Transportation Safety Board of Canada
Natural Resources Canada
Correctional Service Canada
National Defence
Royal Canadian Mounted Police

Here are some details on just one of the oddities on this list. Shared Services Canada is the government’s IT wing, providing infrastructure and support for the federal government. This government agency acquired a whole suite of device crackers to crack devices.

According to the documents Light shared with Radio-Canada, Shared Services Canada purchased the equipment and software for the end users from suppliers Cellebrite, Magnet Forensics and Grayshift. (The latter two companies merged earlier this year).

No explanation was given as to why this entity should need this tech. The only explanation given for any of this was this defensive, nonsensical statement from Cellebrite, in which it defended itself from accusations no one was making.

After publication of this story, Cellebrite said in an email that its “technologies are not used to intercept communication or gather intelligence in real time. Rather, our tools are forensic in nature and are used to access private data only in accordance with legal due process or with appropriate consent to aid investigations legally after an event has occurred.   The person/suspect does know our technology is obtaining data through court/judicial permission through a search warrant or consent by the individual.”

Um. OK. No one was accusing Cellebrite of engaging in illegal (or even legal) interception of communications or real-time surveillance. That the company chose to lead with that almost suggests that it does provide these services to other governments or government entities, just not the ones being discussed here. (It probably doesn’t. So far, Cellebrite has only been shown to provide phone-cracking devices that require those doing the cracking to have possession of the device being cracked. But still, it’s a weird thing to say when no one’s accusing you of doing those things.)

As for the mandatory privacy impact assessments that have yet to be created, only one agency (Fisheries and Oceans) said it planned to whip one up. The rest of the agencies that bothered to respond to this query suggested no privacy impact assessment was necessary because any deployment of the tech was backed by a court order or warrant. That’s an obviously wrong assumption, but that’s the excuse being given.

As for the legal justifications that supposedly allow these entities to skip publishing PIAs, they’re almost as ridiculous as the excuses offered for ducking their own legal obligations to the general public. Fisheries and Oceans listed “Fisheries Act” as its sole justification for deploying device-cracking tech. The Radio-Television and Telecommunications Commission claimed “Canada’s Anti-Spam Legislation” allowed it to break into devices and computers. The Environment and Climate Change agency was just as vague, citing “enforcement of different laws and regulations.”

The more plausible explanation for the possession of these devices by agencies that aren’t actually in the law enforcement/national security business is this: they’re being used to perform internal investigations.

Some of the departments say they use the tools to conduct internal investigations when employees are suspected of fraud or workplace harassment, for example. They say data is only extracted from government-issued devices in accordance with internal protocols that govern the collection and storage of personal information to ensure its protection.

And the statements provided by the Transportation Safety Board strongly suggest forensic devices are being used to search devices recovered from traffic accidents, most likely to determine whether or not they were due to distracted driving.

All in all, a pretty eye-opening set of revelations. Agencies one would never suspect had any need for these powerful tools not only have them, but are using them for reasons that are mostly left unexplained. The lack of privacy impact assessments isn’t surprising, though. It’s just disappointing. Obligations to the public are always put on the back burner, especially when agencies possess little-known tech with capabilities that have yet to be fully exposed. They want every chance to exploit these before their oversight catches on and/or public records requesters figure out what questions to ask and who to ask them to.

Filed Under: canada, hacking, phone cracking, surveillance
Companies: cellebrite, grayshift, magnet forensics

Carmakers Push Forward With Plans To Make Basic Features Subscription Services, Despite Widespread Backlash

(Mis)Uses of Technology

from the breathing-clean-air-will-now-cost-extra dept

Automakers are increasingly obsessed with turning everything into a subscription service in a bid to boost quarterly returns. We’ve noted how BMW has embraced making heated seats and other features already in your car a subscription service, and Mercedes has been making better gas and EV engine performance something you have to pay extra for — even if your existing engine already technically supports it.

And despite widespread backlash (BMW had to backtrack on many of its plans), the auto industry shows absolutely no indication they’re going to back away from their plan, with numerous automakers currently working on efforts to “subscriptionize” basic functions and features. And now they’re apparently trying to pretend that this shift is necessary to finance the shift to EVs:

Alistair Weaver, editor-in-chief at Edmunds, says automakers are counting on the new revenue stream to pay for the expensive transition to electric cars.

“So if your car payment is 600 bucks a month, it’s now $675,” Weaver said.

There are several problems here. One, most of the tech they want to charge a recurring fee to use is already embedded in the car you own. And its cost is already rolled into the retail cost you’ve paid. They’re effectively disabling technology you already own, then charging you a recurring additional monthly fee just to re-enable it. It’s a Cory Doctorow nightmare dressed up as innovation.

The other problem: nobody genuinely wants this shit. Surveys have already shown how consumers widely despise paying their car maker a subscription fee for pretty much anything, whether that’s an in-car 5G hotspot or movie rentals via your car’s screen. Other studies indicate that consumers are generally opposed to making functions subscription based, unless they wind up paying less overall:

Alix Partners, a global consulting firm, found that more than 60% of consumers are willing to consider subscribing for enhanced safety and convenience features as long they don’t feel like they are being charged for something they already paid for.

“A lot of people in the auto industry certainly use Apple as a shining light on the hill,” said Mark Wakefield, Alix Partners CEO.

“The car has to be cheaper, plus this option of subscribing,” Wakefield added.

But there’s zero chance that consumers will ever pay less. I’ve often seen carmakers like BMW try to pretend that turning heated seats and other features into recurring subscriptions lowers the vehicle retail cost, but I’ve not seen any evidence to indicate that’s actually true.

The entire point of integrating subscription systems like these is to please Wall Street’s insatiable, often myopic desire for consistent, upwardly scaling, improved quarterly returns. Once implemented, the subscription costs will inevitably be jacked steadily skyward to please Wall Street. It’s simply how these things work. The end result is higher overall costs, and annoying new subscription systems to manage.

There’s a whole bunch of additional unintentional consequences of this kind of shift. Right to repair folks will be keen on breaking down these phony barriers, and automakers (already busy fighting tooth and nail against right to repair reform) will increasingly respond by doing things like making enabling tech you already own and paid for a warranty violation.

The shift toward endless subscriptions for basic functions may not annoy folks with endless piles of disposable income, but for the majority of Americans that struggle to even afford new vehicle costs already, it’s hard to not see this impacting new car sales — or driving more users to older, used cars with dumber tech.

Filed Under: automobiles, cars, consumer rights, fees, heated seats, right to repair, subscription service

Google Takes Down ‘Downloader’ App Again After Bullshit DMCA Complaint, Restores It Again

Copyright

from the again?!? dept

Earlier this year we discussed an app being removed from the Google Play store over copyright concerns and a DMCA notice that was sent in by a firm representing several Israeli television networks. The app, called “Downloader,” was created by Elias Saba, and he was very confused by the takedown. The reason for his confusion is based on what his app actually does: it combines a simple file management solution and a web browser for smart/streaming devices. It does not host any infringing content. It does not even point a user to any infringing content. If this app is a copyright problem, in other words, so is, oh, I don’t know… Google Chrome. And, yet, Google took the app down, before eventually realizing its mistake and reinstating the app to the Play Store.

As if that whole story isn’t annoying enough, it just happened again. And in the exact same way.

Downloader has been suspended by Google Play again, and this time the reason is even harder to understand. Based on a vague DMCA notice, it appears that Downloader was suspended simply because it can load the Warner Bros. website.

Google notified Saba that the app was suspended again last night, according to the notice that Saba shared with Ars. “Your app contains content that allegedly infringes upon the copyright of others, and violates applicable copyright laws in the relevant country/jurisdiction,” the notice from Google said.

The notice includes a copy of the DMCA complaint, which came from MarkScan, a “digital asset protection” firm that content owners hire to enforce copyrights. MarkScan said in its complaint that it represents Warner Bros. Discovery Inc.

It’s really that simple. In the DMCA notice itself, where MarkScan was supposed to list the infringing content within the app, the notice lists only https://www.warnerbros.com/. Again, my smart TV has a browser on it that can also access that website. It’s called Chrome and is a Google product. But for some reason, that app gets to remain on the Play Store while Downloader has been taken down a second time for the same bullshit reason as the last go around.

And Saba is rightly pointing out that this sort of DMCA abuse, or at least a complete neglect by both MarkScan and Google to actually review what these DMCA notices are claiming to ensure they comply with copyright law, shows just how wide open the current DMCA notice and takedown process is for abuse, error, or collateral damage.

Unsurprisingly, Saba is outraged. “You would think that Google would at least verify that the takedown request is actually making a plausible claim,” he told Ars today. “The most important field in the takedown where the claimant has to specify where the copyright infringement exists is void of all detail. If this complete lack of information is all it takes to take an app down, then no app in the Google Play Store is safe from being suspended with just a few clicks and a frivolous takedown request.”

Saba has since appealed the takedown, but that appeal was almost immediately rejected by Google. From there, he had to submit a counter-notice, and now MarkScan has two weeks to either file legal action, or else his app will be reinstated.

Fortunately it didn’t take that long. After initially delisting the app from the Play Store, Google reversed that decision, noting correctly, and far too late, that the DMCA notice didn’t list any actually infringing content within it.

Google has defended its DMCA-takedown process by saying that, under the law, it is obligated to remove any content when a takedown request contains the elements required by the copyright law. But in this case, Google Play removed Downloader even though the DMCA takedown request didn’t identify a copyrighted work—one of the elements required by the DMCA.

That’s probably why Downloader’s latest suspension was reversed more quickly than the previous one. But the incident raises questions about whether Google will do anything to prevent repeated suspensions of apps wrongly targeted by vague or bogus DMCA notices.

Yeah, it sure as shit does! And Saba has gone on to note that it sure would have been nice for Google to have reviewed the notice and found that it was insufficient before taking his app down instead of after.

If we’re going to suffer under this notice and takedown nonsense, there should be a responsibility on the service provider to determine whether a notice is valid to begin with, never mind real toothy penalties for those submitting this sort of garbage as well.

Filed Under: copyright, dmca, downloader, notice and takedown
Companies: google, markscan, warner bros. discovery

Decentralization Matters: But Why?

Innovation

from the decentralize-all-the-things dept

About a year ago, the Filecoin Foundation for the Decentralized Web asked if I would help edit and compile a “magazine” talking about decentralization and why it’s important. It was a fun and interesting challenge, and now the final product is out, the D-Web Digest.

There are a bunch of fascinating articles in there, which I summarize in my editor’s letter to open up the issue. I’m not going to go over all of the articles (you can see that in the editor’s letter) but I would like to highlight a few that I think are particularly worth checking out:

I think, by far, the piece in the collection that made me think the most is Danny O’Brien’s piece on “terminal values and cognitive liberty.” You need to read the whole thing, but it really gets at the question of why decentralization is so important. I’ve been citing and quoting the piece to people since last Spring, but now it’s finally out for people to see.

The key to Danny’s piece is understanding what fundamental, core, “terminal” values are so important, and whether or not decentralization is one of those, or rather a means to reach one of them. His conclusion (though you should read the process by which he gets there) is that cognitive liberty is the terminal value, and the only real way to get there is through decentralization. Here’s just a snippet:

Our own consciousness cannot be rented from others, or temporarily conceded to us, with built-in police or backdoors or hidden ad men. We need to seize the means of computation, and that means ejecting all of these interlopers, and relocating it back into the personal domain we control: whether that’s physically, or by using tools like encryption and zero-knowledge proofs to preserve our control when our data and processing power sits on others’ hardware.

That’s the pyramid of digital rights for me: a firm foundation of decentralized, user-controlled technology, giving us broader cognitive liberty, internal privacy, freedom of self-expression, and freedom of self-determination.

A second piece I want to call out is Mai Ishikawa Sutton’s piece that finally addresses the whole DWeb/Web3 split that has been so frustrating to me over the past few years. Effectively, there are two camps within the decentralized tech world: one that believes it will be powered by crypto and blockchains, and one that… most certainly does not. They sometimes use the same language, and talk about the same goals, but often do not. And the two groups don’t seem to trust each other much. Mai moves the debate significantly forward not by digging into what the two groups agree or disagree on, but looking into a core element of the technology (which is similar to Danny’s piece above) regarding who is designing the technology, who controls it, and who stands to benefit from it. A snippet:

Building new and shinier tools out of the same political and economic conditions will do nothing to fundamentally change the world. But “decentralization” is also not a value in itself, and it’s not enough to build the kinds of technological networks we need to confront intensifying global crises. People need to continue to discuss, shape, and re-shape collective values. With those values held at their core, communities with common interests can collectively coordinate and embody them, first and foremost through how they govern themselves and treat one another. After all, the current internet is a reflection of shared values; the question is how we embed justice and mutual care into the Webs to come. Instead of expecting some technology to save us, we need to organize and save ourselves.

Farzaneh Badiei and Holmes Wilson both tackle important points regarding centralization being unavoidable, even in decentralized systems. These systems always have certain elements of centralization to make them work, and being aware of what these are and how they work is critical.

Badiei highlights the role of DNS, and how it has become increasingly centralized, and the potential risks that creates.

One such space is the operation of DNS resolvers, which is increasingly centralized. Imagine if we provided the capability for thousands of operators to run efficient and secure resolvers. Imagine there were so many of these operators that they were not restricted to a single jurisdiction, ensuring that any intellectual property lawsuit would not affect access to web services as a result of the resolvers being forced to block them.

Wilson, meanwhile, highlights that for all the benefits found in open source software for decentralized systems, centralization often rears its head in various cloud services, as necessitated by scale:

Cloud services such as AWS, Microsoft Azure, and Google Cloud enjoy such significant marketshare not because they control the code for technologies they deploy (tools such as Linux, Postgres, and Kubernetes are free and open source software) but because they control the ability to use it at scale. Most engineers don’t even learn these tools directly anymore; they simply learn to turn to a cloud services company, purchase the correct service, and make it work for their needs. The power to operationalize code is creating the same lock-in and barriers to entry that software licenses once did.

This leads well into my own contribution to the series, which tries to highlight how to think about decentralization vs. centralization, recognizing that there are certain tradeoffs, benefits, and costs to each, but suggesting a framework for considering where each makes more sense, and how to implement them in a manner that minimizes the problems of centralization, while enabling more of the benefits of decentralization:

This lesson is important: having centralized infrastructure that is open and on which others can build in a decentralized manner can open up tremendous possibilities.

And we see that same pattern in the internet.

In some ways the internet is an even better example than the U.S. interstate highway system, because the internet did not require a huge centralized planning system to build the infrastructure, nor is the upkeep of the internet reliant on the same centralized system. Instead, it was built and created in a distributed manner, as an open system that anyone could build on, adapt, and contribute to.

As a centralized open protocol, it enabled amazing decentralized benefits. The protocol allowed anyone to build on it and experiment. And out of that grew tremendous benefits, through open innovation. A consistent, standardized protocol allowed for widespread innovation through competition, a standardized infrastructure basis on which to build, and a singular ability to communicate across the different experiments.

Out of this comes the best benefits of both centralization (efficiency, economies of scale, enabling infrastructure) and decentralization: distributed power, adaptive and rapid innovation, and the ability to be more nimble and responsive to opportunities.

The final piece I’ll post a snippet of is one by Cory Doctorow, that highlights one of the biggest dangers of centralization: twiddling. That is, how centralized companies, moving down Cory’s famed enshitification curve, start “tweaking” the knobs to benefit themselves over their users (and partners).

There’s a bitter irony in enshittification: the internet’s great promise was disintermediation, but the calcified, monopolized internet of “five giant websites, each filled with screenshots of the other four” is a place where intermediaries have taken over the entire supply chain.

As Douglas Ruskoff puts it, the platforms have “gone meta” — rather than providing goods or services, they have devoted themselves to sitting between people who provide goods and services and people who want to consume them. It’s chokepoint capitalism, a market where the intermediaries have ceased serving as facilitators and now run the show.

The double irony is how the platforms seized power: by installing so many sliders and knobs in the back-end of their services that they can twiddle away any temporary advantage that business customers, advertisers or end users take for themselves.

Again, that’s not all of the pieces, but I need to leave some room for surprise. Adam Rose and Basile Simon provide very real (and extremely important) examples of where decentralized storage are hugely important. Kurt Opsahl writes about how recognizing code as speech is central to making this all work. Naomi Brockwell highlights how privacy as a core (or terminal?) value is a part of why decentralization is key. Chris Riley talks about the too frequently underexplored issue of how the data flows (not just where it’s stored). And Kristin Smith looks at the regulatory landscape in which all of this plays.

Not all of the pieces in the collection agree with each other (and I certainly don’t agree with everything said in them either), but taken together, they represent a really interesting exploration of decentralization, why it’s so important, and what challenges and tradeoffs there are to building out a decentralized world.

As we seriously consider how to make the world more decentralized, I think this collection of articles should be considered important primary reading, even if only to get everyone thinking.

Filed Under: centralization, decentralization, distributed, enshittification, privacy, protocols, terminal values