Preventing POD data from being copied


#1

Hey all,
New to the Pod / Solid concept but I like the way it sounds and it potential benefits. I’m wondering what provisions are in place for preventing a POD app / agent from copying one’s data?

I realize that might sound silly, given that you’ve granted them access to some piece of your personal Pod, but if the intent is to make sure that one controls one’s own data, doesn’t that also extend to agents use of that data? Let’s say I delete my Facebook account and start a new one using a Pod. And let’s also say that I grant them access to some information and revoke it 24 hours later. What’s to stop them from taking the data granted, however temporarily, copying, storing and monetizing it as they always have?


#2

@Frito If you want to prevent your pod data from being copied, make your pages private. You can do this by setting the .acl controls for that URI while logged into your pod on that specific URI your looking to set controls on. If you choose to leave your page public, then your essentially giving your permission for the pages to be copied. Solid offers a duel set of permissions known as acl and trusted apps. If you do not want your data copied, my advice to you is to make it private.


#3

@adventure Sure, that makes sense. If I don’t want someone to view some data, then I just keep it private. But my question is around trusted apps. Do we essentially have a way to say, here’s data you can use while I’m on your app, but when I’m done please don’t use it anymore?

I suppose you can say, Please don’t access the data anymore, but we don’t have a way to say please don’t use the data you have just gotten. :man_shrugging:


#4

Here is a link to a gitter conversation regarding trusted apps. https://gitter.im/solid/app-development
They should be called trusted web apps if that makes any sense.


#5

Hi Frito,

Indeed, once you have given access to data to an app or Pod provider there is nothing technically stopping the app or Pod provider from copying it.

Mitzi


#6

My view on this is that Solid provides a standard that gives organisations that want to give you control over your data the technical means to do so.

In other words: Solid cannot and does not force organisations not to copy your data, just as it cannot force them to use Solid in the first place.

Thus, as consumers, we need to see data ownership as a unique selling point. Then organisations can offer products in which they explicitly state in the terms that they will not copy, store or sell your data and thus are legally bound not to do so, and they can use Solid to allow you to choose where you want to store it instead.