The Role of Open Source Projects in the Privacy Wars

The Role of Open Source Projects in the Privacy Wars

Nobody likes to be tracked without them knowing, that’s a fact. Some of you might claim you don’t care, like I don’t personally mind if Google keeps track of everything I do so they can provide me with a more integrated experience. However, that lack of interest has its limits.

Let’s put it like this: as long as you clearly tell me when and how you’re going to track me, I don’t mind… too much.

But then again, that’s not always the case, is it? We as developers know that tracking users and their lives, is not that hard, we have the power to know a lot about them, even if they don’t necessarily want to share that information with us. There are many “innocent” data points we can collect that coupled with a bit of data science can tell us a lot about our users.

They take a leap of faith when they install our products, and we tend to honor that pact, “we won’t steal your data as long as you use our product”, at least that’s what most of us claim.

But what happens when that’s not the case? What happens when software companies don’t honor that gentleman’s agreement? Either because they go ahead and track data anyway or because they make it so damn hard for you to know they’re doing it, that you assume they’re “safe”. Users hardly ever find out. For example, did you know your SmartTV at home is tracking your viewing habits and sending that information back to their makers so they can sell that data to ad companies? In fact, many TV manufacturers claim they earn more money from data than from hardware. That should tell us something.

We’re constantly being tracked, and the average person is probably aware of the 10% of that tracking. Developers, maybe 25%?

How are they getting away with it?

It’s actually very easy, companies can get away with it because they pray on the fact that the average user won’t care for reading those huge terms & conditions pop-ups that products show where they clearly state everything they track and what they do with it.

I know I don’t read those, do you?

Yes, I know, I probably should, but I’m sure that once we all start reading them they’ll find a better, and legal, way to make it uncomfortable for us and still remain compliant in the eyes of the law.

Because that is what this is all about, they do it like that so they can make sure no one is going to sue them or start some kind of campaign against them for illegally tracking your personal information. You have, after all, agreed to all terms and services, which included them tracking you. Now shut up and keep feeding the machine.

This is made even worse by the fact that they never show their code. The source code for all these applications is closed and unreachable for us, so we can’t really verify their claims. This means that even if we decided to somehow trust them again, we’re back at the leap of faith situation. We either trust them or pick a sub-par product, dumb TVs, slightly dumber phones, less personalized browsing experiences, and the list goes on and on.

But from a user perspective, that’s not ideal. As users we want to have the latest product and the latest software version while at the same time, having our privacy respected. This list shows alternatives to all major products that track your personal data. Would you pick any of these instead of the original version? Would you stop using Instagram and migrate all your social activity into Pixelfed for example? It’s not fair, is it? I mean, don’t get me wrong, maybe Pixelfed is great, but I’m sure it’s not where all your friends and other social connections are, is it?

So the question remains: can we have our cake and eat it too?

The role of Open Source

The answer to that question is not only “yes”, but also “we must”.

Sadly, we’re not there yet. But we’re getting closer, it’s a long way and we’ve started walking it already. We need to keep moving forward.

It’s no secret for anyone who knows me that I love Open Source. Mind you, I’m not a big OS contributor myself, and while I have published OS projects in the past my love for it is related to what it means for us as a society. The open-source movement implies that within an industry people work together, sharing knowledge for something that does not necessarily provide monetary gain. Don’t get me wrong, I’m fully aware that there are benefits to working on open-source projects but that “working for the betterment of the industry” feeling is still there, at least for me.

And one of the main reasons why this is, in my opinion, the solution to all of our privacy problems is that we can clearly see what products are doing with our data. It’s that simple. Open-source keeps products and their creators accountable for their actions.

They can’t hide tracking logic within the source code, someone will pick it up and call it out for everyone to see.
While there are A LOT of products dedicated to actually tracking users for one reason or the other, those that share their code while doing it are the ones that deserve our trust.

The products that openly state: we take care of the data we track and we don’t do anything your users wouldn’t want us to do with it, while at the same time showing you the code that does it should be the only choice. We as a community, should choose to use them instead of close-code options.

Open-source keeps developers (and more importantly, companies) accountable. It’s that simple, and it should become the standard. Tracking software should always be open source. Period.

Open Source Session Replay

OpenReplay is an open-source, session replay suite that lets you see what users do on your web app, helping you troubleshoot issues faster. OpenReplay is self-hosted for full control over your data.


Start enjoying your debugging experience - start using OpenReplay for free.