[D66] Stallman interview

[A.O.]

http://nymag.com/selectall/2018/04/richard-stallman-rms-on-privacy-data-and-free-software.html

‘No Company Is So Important Its Existence Justifies Setting Up a Police
State’

By Noah Kulwin, nymag.com
View Original
April 18th, 2018

Over the last few months, Select All has interviewed more than a dozen
prominent technology figures about what has gone wrong with the
contemporary internet for a project called “The Internet Apologizes.”
We’re now publishing lengthier transcripts of each individual interview.
This interview features Richard Stallman, an activist and legendary
programmer who developed the foundational and widely used software Emacs
and GNU. He is a recipient of the MacArthur “genius” grant and is
currently president of the Free Software Foundation.

You can find other interviews from this series here.

Thank you so much for agreeing to a call. I apologize that I’m calling
late, I’ve just had a jam-packed morning.
Please. Stop apologizing. It doesn’t matter when you call me if I can
talk to you. I never cared about that. In other words, you’re being
excessively polite. Catering to an imaginary desire that I never had in
my life. I’m happy if people call me at any time if the conversation is
a useful one.

Of course sometimes I can’t talk or they can’t reach me, which is
unfortunate. But it’s not gonna make me unhappy.

All right then. Let’s start it this way and get right into it. I’m
interested in how you think that the major digital platforms in
particular, and Silicon Valley more broadly, sort of … went off the
rails. I’m thinking of the toxic nature of many of these communities and
platforms online — issues with data privacy, the ability to be abused
for electioneering or other purposes, and so on.
You’re talking about very — about specific manifestations, and in some
cases in ways that presuppose a weak solution.

What is data privacy? The term implies that if a company collects data
about you, it should somehow protect that data. But I don’t think that’s
the issue. I think the problem is that it collects data about you
period. We shouldn’t let them do that.

I won’t let them collect data about me. I refuse to use the ones that
would know who I am. There are unfortunately some areas where I can’t
avoid that. I can’t avoid even for a domestic flight giving the
information of who I am. That’s wrong. You shouldn’t have to identify
yourself if you’re not crossing a border and having your passport checked.

With prescriptions, pharmacies sell the information about who gets what
sort of prescription. There are companies that find this out about
people. But they don’t get much of a chance to show me ads because I
don’t use any sites in a way that lets them know who I am and show ads
accordingly.

So I think the problem is fundamental. Companies are collecting data
about people. We shouldn’t let them do that. The data that is collected
will be abused. That’s not an absolute certainty, but it’s a practical,
extreme likelihood, which is enough to make collection a problem.

A database about people can be misused in four ways. First, the
organization that collects the data can misuse the data. Second, rogue
employees can misuse the data. Third, unrelated parties can steal the
data and misuse it. That happens frequently, too. And fourth, the state
can collect the data and do really horrible things with it, like put
people in prison camps. Which is what happened famously in World War II
in the United States. And the data can also enable, as it did in World
War II, Nazis to find Jews to kill.

In China, for example, any data can be misused horribly. But in the U.S.
also, you’re looking at a CIA torturer being nominated to head the CIA,
and we can’t assume that she will be rejected. So when you put this
together with the state spying that Snowden told us about, and with the
Patriot Act that allows the FBI to take almost any database of personal
data without even talking to a court. And what you see is, for companies
to have data about you is dangerous.

And I’m not interested in discussing the privacy policies that these
companies have. First of all, privacy policies are written so that they
appear to promise you some sort of respect for privacy, while in fact
having such loopholes that the company can do anything at all. But
second, the privacy policy of the company doesn’t do anything to stop
the FBI from taking all that data every week. Anytime anybody starts
collecting some data, if the FBI thinks it’s interesting, it will grab
that data.

And we also know that the FBI and other such agencies are inclined to
label protesters as terrorists. So that way they can use laws that were
ostensibly adopted to protect us from terrorists to threaten a much
larger number of us than any terrorist could.

This is effectively a core practice of all of Silicon Valley, right? It
sounds like you also think that this is something that extends well
beyond privacy. It’s the foundation for how these companies act.
Yes. Although I’d rather not refer to companies that collect personal
data with the name Silicon Valley because there are other companies
there that do other things that relate to digital technology, and maybe
they’re making some chips that are not harmful at all. So I’d rather not
talk about Silicon Valley, also because they may be located somewhere else.

So how about we use the New York Times’ phrase? They use “the Frightful
Five” to refer to sort of the emergent tech, digital monopolies or
duopolies.
Well, first of all, whether they’re monopolies is a secondary issue, as
I see it, and the danger is not limited to them. For instance, the FBI
was — I suppose still is — collecting data about every long distance
call from some of those long distance companies. Perhaps all. But those
are not monopolies. There aren’t very many of them; it’s an oligopoly,
and that’s dangerous too. But in any case, they’re not among the five
companies you’re thinking of. And as I see it any store that wants to
know who you are is doing the same thing and it’s just as bad regardless
of the size of the store.

I never tell stores who I am. I never let them know. I pay cash and only
cash for that reason. I don’t care whether it’s a local store or Amazon
— no one has a right to keep track of what I buy. The local store, I
might do business with, I wouldn’t give it any way to know my identity.
I would pay cash. With Amazon, I can’t pay cash, so I don’t buy from there.

Understood.
The Frightful Five — I think in France they’re called GAFAM — may have
special power to cause harm. Certainly Facebook does. But each one is
different and they’re doing things that other companies are also doing,
and it’s just as bad when other companies do it. So I think it’s a
mistake to focus on the especially large companies, and instead we
should look at the things they are doing that are the basis for being
harmful. And then we should stop anyone from doing that.

It sounds like you feel that collection of user data is the root problem
with these companies.
It’s an injustice. It is disrespect for human rights, and it’s not only
when a company does it. There are, on streets nowadays in some cities,
lots of cameras that can be pointed by officials in any direction they
like, and I believe they’re trying to recognize people’s faces
automatically. Well, this is monstrous. This is far worse than Google or
Facebook.

And it doesn’t — it’s not done by a company. It’s done by the city of
New York. Or some other city doing the same thing, who knows? The point
is, tracking people is dangerous. And especially tracking who
communicates with whom. And who goes where. Once the state can find that
out, human rights are basically dead because protests will be crushed.
Look at what various so-called law-enforcement agencies did to try to
crush the pipeline protests not long ago, or the laws various states are
adopting or thinking of adopting making it a grave crime to protest, and
imprisoning protesters for a long time. Or cutting off journalists to
cover them, as was done during the Dakota Access Pipeline protests, when
they declared a no-fly zone so journalists’ drones couldn’t be there to
watch what the thugs were doing to the protesters.

So, I see this as fundamentally dangerous to a point that makes the
issues of, say, advertising pale by comparison. Sure, I don’t want
companies to be able to find out all about us for the sake of
advertising, although for the specific case of Facebook, there could be
a remedy to stop it from being so harmful. For instance, political ads
on Facebook might be less harmful if every company that buys political
ads is required to post the full list of all the ads that it has bought
in the past six months in one place. So people can see what they all are.

Why do you think these companies feel justified in collecting that data?
Oh, well, I think you can trace it to the general plutocratic neoliberal
ideology that has controlled the U.S. for more than two decades. A study
established that since 1998 or so, the public opinion in general has no
influence on political decisions. They’re controlled by the desires of
the rich and of special interests connected with whatever issue it is.

So the companies that wanted to collect data about people could take
advantage of this general misguided ideology to get away with whatever
they might have wanted to do. Which happened to be collecting data about
people. But I think they shouldn’t be allowed to collect data about people.

We need a law. Fuck them — there’s no reason we should let them exist if
the price is knowing everything about us. Let them disappear. They’re
not important — our human rights are important. No company is so
important that its existence justifies setting up a police state. And a
police state is what we’re heading toward.

Most non-free software has malicious functionalities. And they include
spying on people, restricting people — that’s called digital
restrictions management, back doors, censorship. Empirically, basically,
if a program is not free software, it probably has one of these
malicious functionalities. So imagine a driverless car, controlled of
course by software, and it will probably be proprietary software,
meaning not-free software, not controlled by the users but rather by the
company that makes the car, or some other company.

Well imagine if that has a back door, which enables somebody to send a
command saying, “Ignore what the passenger said, and go there.” Imagine
what that would do. You can be quite sure that China will use that
functionality to drive people toward the places they’re going to be
disappeared or punished. But can you be sure that the U.S. won’t?

You could argue that in China, they’ve just centralized integrated data
collection and they’re integrating it with streams of data from a
variety of different sources, both government-controlled and not.
Whereas in the U.S., it seems like these platforms sort of compete with
one another to offer different services like this — it’s not centralized.
Remember all the data is available to the FBI at any time. And remember
how easy it is to pressure companies to send the remote-control command
or to get from them all the secrets that are needed. Remember Lavabit.
Lavabit was ordered to tell the state enough to spy on all its users 100
percent. And the only way that Ladar Levison could avoid that was to
shut down the company instantly. And he could do that; he could consider
doing that because he just owned it. Now imagine that it’s a public
corporation with stockholders, and imagine that the insane ideology that
its primary responsibility is to make money for the stockholders, which,
by the way, is still not accepted in some European countries. And I read
that this idea didn’t get started until the 1980s; before that, even in
the U.S., it was accepted that a corporation had other obligations.

So we shouldn’t accept that premise. But the fact is, they do accept
that premise and they wouldn’t even dream of shutting down the company
just because it had been corrupted 100 percent — lock, stock, and barrel
— into spying on all its users.

Apple just faced that situation in China and Apple surrendered.

As somebody who’s had your set of experiences and expertise, I’m
curious: Do you feel like you’ve had any experiences that lend
particular insight into how these companies work?
They’re corporations. Corporations have been compared to psychopaths.

But do you think there’s any particular set of cultural attitudes, or
ideology, that has affected this particular variety —
Yes, neoliberalism.

A certain flavor of neoliberalism?
No, I don’t think it is. Neoliberalism in general. The idea that greed
is good and justifies doing to people whatever profit requires, that’s
all that’s needed. Of course, depending on what business the company is
in, there’ll be different nasty things it could conceivably do.

The nasty things that, say, Apple can do are not the same as the nasty
things that Facebook can do, and not the same nasty things Monsanto can
do, or the same as the nasty things Kinder Morgan can do. And each one
finds itself in certain circumstances based on its line of business,
which will suggest certain ways of making more money by screwing people
over.

But, and it would be good to make it clear that corporations have other
duties that are just as important as making money for their
shareholders. But we also need specific laws. For instance, there was a
coal company that a few years ago arranged to steal its employees’
pensions by splitting into two companies and programming the one with
pension obligations to go bankrupt. Now, I think we need a law requiring
pensions to be handled through independent funds so that a company can’t
just disappear and leave its 20-year employees with no pension.

So the remedies depend on the area. That’s one remedy that deals with
stealing employees’ pensions. Lots of employees’ wages are being stolen
frequently, especially low-paid employees. Happens a lot in fast-food
establishments. I’m not sure how to prevent that. But that’s another
very big area where companies screw people over.

Companies that have websites or apps tend to screw people over by
collecting data about them. I think we need a law that requires every
system to be designed in a way that achieves its basic goal with the
least-possible collection of data.

And secondary features, conveniences and so on, should not be allowed to
justify making the primary goal require collection of data. Let’s say
you want to ride in a car and pay for the ride. That doesn’t
fundamentally require knowing who you are. So services which do that
must be required by law to give you the option of paying cash, or using
some other anonymous-payment system, without being identified. They
should also have ways you can call for a ride without identifying
yourself, without having to use a cell phone. Companies that won’t go
along with this — well, they’re welcome to go out of business. Good
riddance.

When interviewing people for this, I’ve found that there are some people
who think there are some simple fixes and others who think that these
companies are never going to change, so they need to die. I’m curious
what you think should be done, and what you think will actually happen.
Well, in terms of what should be done, I think we should go back to
selling things in physical stores where you can walk in and pay cash.
And if you want a product that they stock somewhere but isn’t in that
store, well you should be able to put down a deposit and have them order
something and come back and get it later. And they don’t need to know
who you are to do that. They can give you a receipt that will prove you
paid the deposit so you can come back and collect it later.

And by the way, we shouldn’t allow stores to do anything to try to track
the movements of customers. This bizarre practice is again the result of
the ideological assumption that companies should be allowed to do
anything they like unless the people have managed to make a law against
it. I think, in general, identifying or tracking people should not be
allowed, unless there’s some specific and extremely strong justification
offered.

And this requirement should apply to systems, no matter what
organization runs them, including systems run by cities, states, and the
U.S. government. They shouldn’t be allowed to collect data except in
specific ways that have been approved, and that approval should require
justifying that the danger to privacy can be permitted. And the reason
is that we need democracy, more than almost anything else. And the
sickness of democracy in the U.S., which is thoroughly established, and
which was recognized by the supporters of Sanders as well as the
supporters of the troll, is a problem we need to solve. Not exacerbate.
So we must make sure that the state can’t identify people, but the only
way to do that is to make sure that companies can’t identify people
either most of the time.

In addition, we’re facing the threat of massive unemployment due to some
kind of digital technology. One of these areas of unemployment of course
is driverless vehicles. There are also the self-checkout machines in
some supermarkets and drugstores. When I go in and out of those stores,
I shout to the people by those machines, If you use these machines,
you’re putting other people out of work. When I recognized that, I
decided I wouldn’t use them. I’d always go to the human sales agent and
help them stay employed.

I think we could allow driverless vehicles and self-checkout once we
have a system like a universal basic income.

It sounds like the problem you’re describing isn’t these companies; the
problem is capitalism.
Well, it’s neoliberal capitalism. It’s unrestrained capitalism. In other
words, it’s plutocracy. When these companies control our laws by buying
politicians, then we’re not really going to have democracy and the laws
will leave us at the mercy of the companies that regard us as prey.

But that doesn’t mean we have to eliminate capitalism. We have to
eliminate plutocracy. If we have capitalism and democracy, we have more
or less what was invented in Athens. That’s what we had in 1970. If you
look at Chomsky’s video Requiem for the American Dream, it describes the
campaign that was started in the ’70s to recover control for business so
people couldn’t demand and get things like the Endangered Species Act or
the Americans With Disabilities Act or the Clean Air Act or Clean Water
Act or have high enough taxes on the rich or on businesses so that we
could run the country. And everything doesn’t fall apart.

It would be nice to see some of these big companies bring back some of
the gigantic profits that they’ve collected over the years and use them
to fund beneficial things for the public.
Well, yeah, they should pay more taxes so that we can do the things that
we need to do. But because the operations of those companies are
directly harmful in themselves, just making them pay taxes is not
enough. We’ve got to make them stop doing things in ways that are
harmful, but not just those big companies, also smaller companies.

Guber is one of the companies I detest the most. I called it Guber
because it pays drivers peanuts. But the worst thing it does to the
public is make people run non-free software, which is specifically an
app, and that is non-free, meaning the users don’t control it and it
turns out it’s malware. People found it was tracking people’s movements
before and after the ride.

But the fundamental thing it does wrong is the fact that you have to run
that non-free program to get a ride, and you have to identify yourself.
And then you can’t pay cash. These are things that a transport company
shouldn’t be allowed to do. The law should say, “First, respect people’s
privacy. And if you can make money doing so while respecting people’s
privacy, okay. Of course, we’ll make you pay a decent amount of taxes,
but that’s a separate issue.”

I have web pages about many of these companies saying why you shouldn’t
use them. If you look at Stallman.org, pretty near the top, on the front
page, you’ll see this list.

And it’s on your website?
Yes. Stallman.org.