SAFE and Solid: the internet as it should be
In his talk: “An introduction to the Solid ecosystem” last weekend at Mozilla Festival 2018, Ruben Verborgh laid out very clearly the case for Solid as a tool to give people back their choice on the Web.
The talk was very accessible and inspirational, so I thought I would try and spread the message in blog format for those who couldn’t attend.
I am a member of the SAFE Network community. In the second part of this blogpost I share my personal opinion on the synergy that I see between the Solid project and the SAFE Network project to make the internet at the service of its users.
In the original vision for the internet, users would be empowered to access their own data or data that was shared with them at their own leisure. If they decided to share data with someone, only that person would have access to the data. A World Wide Web.
Somewhere along the way, the reality took a sharp turn away from the vision as a small number of large companies started to place themselves between different users of the internet to harvest the extremely invaluable resource that is user’s data. This led to today’s state of affair where the large majority of all data on the internet is stored in the datacenters of a handful of humoungously large companies which design their applications with two objectives: harvest as much data as possible; sell ads.
The Solid ecosystem enables the individual to use the apps they need, while storing their data wherever they want. They own their data, and share it with the apps and people they choose.
In today’s world, to make an app that is profitable; one must enter the data silo game or place advertisement from one of the internet giants, hence reinforcing their oligopoly. Given the headstart these companies have, it is nigh impossible to compete. This means that the apps ecosystem suffers from a severe lack of competition which limits innovation.
With Solid, some companies can sell data storage and other companies can develop applications. This enables application developers to have one goal in mind: provide value to the users. The users can then pay a fair price for the value they received and don’t have to enter a contract whereby they give away every piece of data that’s dear to them for the purpose of analysis by robots that try and optimize their ability to get into one’s head to coerce one into buying so and so’s latest product. The price will be fair by necessity as any programmer who can provide better value will be able to enter the competition.
On the other side of the equation, some companies would sell access to servers. No data mining necessary: just plain and simple access to a computer in their datacenter. This computer would run the Solid server software and act as a data pod. These would also be able to compete fairly as a mountain of data wouldn’t be a prerequisite to profitability. In fact, the barrier to entry would be so low that technically savvy individuals could decide to host their own data themselves.
“Decentralization” in Solid is not needing centralized platforms to enjoy the Web.
As everyone gets back control of their data, a completely new paradigm becomes possible: a single web application can access and display data from many different sources.
For instance, a news application could show an article hosted on the news outlet’s pod, display the writer’s profile hosted on the pod the author uses for their professional persona. Comments and likes on the article would be hosted in each different individual’s data pod.
This allows an unprecedented level of granularity in access granted to applications. A news application may access the information about which news articles I like and no other information about me.
Every piece of data can link to any other piece of data and the application is only a vessel to display meaningful relationships between different pieces of data. In other words, the fact that I liked a blogpost about Solid doesn’t belong to the blogging application. It belongs to me. I can grant access to that information to any application and they can display this information in the most meaningful way.
How does this even work?
The Solid project is not a company or organization. It is not just software. It is an ecosystem: a set of standards used to describe how different instances should cooperate. It is a movement: the mindset about the very essence of a web application is evolving. It is a community: people, companies and organizations are building Solid together.
Anyone can build or host software for Solid.
The Solid server acts as a data pod that stores and guards one’s data. The data pod is a regular Web server with support for access control and Linked Data (two new web standards that are part of the Solid ecosystem).
The Solid data pod is application agnostic. Any application can be built using data from any data pod. All application specific logic resides in clients.
A typical data pod can contain any data an individual creates or needs online: user profile, photos, comments, likes, blogposts… The list goes on.
Solid clients are browser or native apps that read from or write to user’s data pod.
Users can choose very precisely what part of their data pod any application can access.
Who’s behind it?
Solid started as a MIT project lead by Tim Berners-Lee. Its development is now accelerated by the newly created startup: Inrupt.
Taking it to the next level: SAFE and Solid?
I am convinced of the potential Solid has to disrupt the established order of the internet by enabling application developers to materialize their vision without having to compete with corporate giants on who can gather the most data and mine it most efficiently.
A Solid internet would align the incentives of web developers and users for the first time since the very early days of the internet.
The point in this vision that I think can still be improved on is the pod:
There are two possible ways to store one’s data in a pod:
The user may be sufficiently technologically savy to run and administrate their own server, with appropriate measures to ensure data security from theft or loss. This is a task that only a small elite will have the competence to undertake.
Alternatively they must delegate this task to a pod provider. They must then place their trust in a company. That is they must trust the company’s competence and good intentions.
Enter the SAFE Network, a protocol to store any data on a secure and distributed peer-to-peer network. Data on the SAFE Network is split into chunks that are distributed onto a network of people’s computer. Each chunk is encrypted and stored in multiple locations to make data-loss practically impossible. No trust is necessary as the encryption key for a user’s data never leaves this user’s computer. Unlike traditional peer-to-peer networks, no identifiable information is shared as peers only know of other peers through an opaque identifier.
Using the SAFE Network as a store for user’s and company’s data, one could replace Solid servers with a serverless, trustless autonomous network. This would make data security a first class feature of the Solid vision.
When will the web be SAFE and Solid?
Solid is still in early stages of development, with an implementation of the Solid server and a small number of applications being already available. Progress of the project can be followed on their website: https://solid.inrupt.com/how-it-works
The SAFE Network is currently in alpha stages of development with still a significant amount of work ahead of it. The progress can be followed here: https://safenetwork.tech/timeline/
Both projects have already proven the viability of their vision through protocols and working code that have been released and developed in the open over the last 12 years for the SAFE Network and 5 years for Solid.
Communication between the projects has accelerated over the last year, culminating in a proof-of-concept social network on the SAFE Network using RDF, a standard from the Solid movement.
Re-inventing the internet is no small feat, so a significant amount of engineering is still required before the vision can be fully realized. Individuals of any level of knowledge and skills can find ways to help either project get closer to their vision.
Join us in creating an internet by the people, for the people!