This take will probably create some disagreements, I am well aware. And don’t get me wrong, I’m a big fan op interoperability when done well. In an ideal world all our software would be interoperable and we all have the freedom to choose our clients and providers without consequence. But sadly we don’t live in a perfect world. And while it’s good to strive to get there, it has to be done correctly or we’ll end up hurting ourselves more than we gain.
Reactions can go on this Mastodon post (or just @ me there in general).
The breach in security, the damage to privacy
You might notice I use security and privacy both. I am well aware they are different things. It’s not a mistake. Security is the ability to protect. Privacy is the ability to choose and control who gets your data. While security can be against privacy in some cases (for example, a website might keep logs to increase their security, which may decrease your privacy), being able to have your own data well secured is needed to protect your own privacy. The two are linked, something as partners, sometimes as enemies.
With the Fediverse, we have a great example of how interoperability can be great. The same goes for SMS right? Email? Well, yes. But we also have the cautionary tales. All of these platforms are insecure for sharing data. Now, this is not always a problem. Especially in the Fediverse, where we generally post public content, it’s fine. Other parties having a copy of my public content isn’t an issue, and private data (like credentials) aren’t shared between servers.
With SMS it already gets a bit more finicky. But generally, for most Average Joes, it’s not a big issue yet. Mainly due to the limited use of SMS in our modern world and the fact most people frankly aren’t interesting enough to attack. But… security by obscurity is no security at all. SMS is in no way secure, and when you would get targeted it’s trouble. Then email. Oh email. The most common example to explain federation on the Fediverse, but also full of issues security-wise. And this is where we start the see the real issues.
The thing with email is, it’s often used for internal and sensitive topics but it’s security is quite horrid. Sure, compared to how it started it has some additions but it’s all what in Dutch we call “sticking bandages” more than a secure design and that has a rather negative effect on it’s security. And while there are many efforts to improve it, like PGP, they often are too complex and too little adapted to really have effect on a wide scale. Because when you’re dependant on many parties, it only works if everyone involved in a connection agrees on the same changes. After all you are only as secure as the least secure link in the connection. And what if those least secure links also happen to be the very party you’re trying to avoid? What if that party has become so big that they are unavoidable? It becomes even bigger of a mess. And that mess is the current state of email. Luckily we have better options to connect with each other now. And yet, we can’t really fix nor get rid of email and all it’s issues.
Imagine if this also happens to other more private methods or connecting, like our private chat apps. The ones we now use when email doesn’t hold up. We’re fighting against Chat Control, because we care about keeping our encryption in-tact and avoiding mass surveillance. Yet at the same time, people are pushing interoperability now without anything to ensure strict security standards are uphold. And then we complain about governments and organisations pushing for stuff that’s full of double standards privacy-wise… The current European laws put all specifics of the interoperability with the providers, with the biggest (generally the least privacy-respecting) parties making the rules to inter operate with them. Sure, WhatsApp has to be interoperable, but then you do need to do so in Meta’s way! And if Meta wants, they can even have that way be less secure than WhatsApp to WhatsApp chats. It means that part of your private conversations are gonna end up with a parties you cannot control, under security circumstances you cannot control. And with that, our chat apps will soon not be able to be considered secure anymore either. Uncontrolled is unsecured.
If you ever wondered why most privacy respecting chat apps decided to not support WhatsApp interoperability. That’s why. And by extend, that makes the whole interoperability law useless. Meta can now say “but we did our part, it’s those others who are the baddies that make it not work”. Great for their marketing, bad for the people who actually cared about privacy.
People might say, it’ll be more scattered. Now, I already have doubts that it works that simple for services already centralised. More on that later. But even if it does end up like that: for certain data, scattering isn’t enough security. There is data that we want to ensure the security from, data that is only allowed to reach certain parties. Not just hope not too much of it reaches certain parties. And that is exactly the kind of data you’d send in private channels. Privacy is more than preventing tracking, security even more so.
In the end, you might be able to choose your clients and providers. But you loose all control of who processes and stores you data, and how. It’s a false, fake freedom. It breaks privacy. It’s bad. Really bad.
Overcoming the issue
Now that doesn’t mean all dreams of interoperability is lost. Another thing all these earlier examples have in common, is that they’re based on an open standard that where made to be interoperable from the start. This is, in my eyes, where the solution should lie. Email might be insecure, but it’s old. It was made based on the standards of that time. A new standard could be made with modern security in mind, and with adaptation to future (even unknown) security risks in mind. When making anything interoperable, one first need to design how this should be done. How do those connections work? What is stored where? Currently designing this is in the hands of the biggest players. But those are generally the ones that have been proven time and time again not to be trustworthy and that we want to take power away from. These designs shouldn’t be made by them.
I’m vouching for a open standards for secure communication, based on open software. One that meets the highest standards, made by independent security professionals (so no, don’t give current companies any input. Good ideas they have will be taken over because they’re good even without their intervention. Just look how the Signal protocol got adapted by other chat apps). Then have everyone implement that, without allowing them to change things of the protocol (so that they cannot take control by making changes then acting like others aren’t compatible, as companies love to do with open standards using embrace, extend, and extinguish tactics). We need a standard that is so well defined and secured, that it doesn’t matter what providers and processors are used by any of the parties. Perhaps, in a perfect world, we even block parties from having more than a certain amount of market share to avoid monopolies. The moment a provider hits that limit, no new accounts may be allowed until the competitors have grown too.
And before you wonder, no there is no reason to hide the details such a standard. It being open for everyone too see and implement isn’t anything you need to worry about security-wise. As said before, security by obscurity is no security at all. A security standard should be so well made that even if you know the algorithm, you cannot break it. It’s not really a weird suggestion. most encryption algorithms are also open, and many secure pieces of software are open source. If it’s truly good, openness only improves security as every security-minded person looking at it and making remarks is basically doing a mini-audit. The change breaches are found and reported before malicious actors find them, is increased.
Breaching the power
Now, time to get back to data (not) scattering. Let’s be clear: monopolistic positions are a big danger. It gives these monopolists an opportunity to decide how things need to go, and rarely is that a way that helps the people. I’ve had people say “but things need to be interoperable first, otherwise it won’t change”, but I disagree. Email has been interoperable, yet the market share from Gmail and Outlook hasn’t gone down so significantly that their power dwindled. Reality is, most people won’t switch because they can. Most people don’t see the issue with privacy breaching until they experience the consequences personally. More often than not, people don’t care or think taking action is futile. At most, people tend to be stuck to “I should do more, but…” followed by anything from dependencies that may or may not turn out to be a real issue, to convenience they don’t want loose, to simply not taking the time to do so. Simply said, people tend to use and keep using what is known, big, and easy. And you can hardly blame them. Cybersecurity and privacy have become so big and complex, it becomes hard to follow for Average Joe. And that’s okay, no one is an expert on everything. That’s why we need to keep the landscape save. If I go to a doctor, I don’t need to check if he truly knows how to do a complex surgery by learning all the medical skills myself so I can check him. The same should count for a person who just wants to send a private message to a friend. It’s something people who are in the field often forget, but that is important to realise.
Going back to the example of private chat apps, I can only imagine interoperability is going to make things worse. I choose Signal because it’s secure, and also have Matrix. I don’t use WhatsApp, I don’t use Telegram. And because of that, quite some people I know installed Signal too. Great right? Well, less so if they delete it again the moment they can chat with me in WhatsApp again. I have very strong feelings that the amount of people who will do that are much bigger than the amount of people who will switch now that they don’t need their friends to join them. Just like how most people just use Gmail en Outlook, we’ll end up with most people using WhatsApp.
So, then how do we break monopolistic positions? If you ask me, I expect the only way to be proper regulations. I can hear you think “but we already have those right? And how much is that doing?” Well, the GDPR did a lot actually. The DSA and DMA are also doing enough that these American companies are starting to feel threatened, starting counter-offences. But it’s not nearly enough. On one side, laws need to be stricter. But on the other side we see something more important: surveillance. What we have now, is too little and that’s where the biggest current problems are. Authorities that need to ensure these laws are followed are under-budgeted and understaffed. This needs to be solved, or any try of improvement will fail. Because no matter what, as long as these companies earn more from breaking our privacy than it earns them, they will keep doing it. Be it by creating bad interoperability implementations that give them more unwillingly given data instead of less, or by breaking privacy-protecting laws. Asking them to be good won’t work, we need to force them.
Sadly, this takes time. But that’s no reason to push interoperability too soon. Rushed solutions are rarely the ones that work well long term. In the mean time, we need to inform people so they can make informed decisions and make sure alternatives are there. I rather see a good but non-interoperable alternative than one that’s interoperable, but ends up hurting the security and privacy of it’s users. So until we can have both, let’s go for the one that actually keeps us safe.