Re: Solid: An Explainer from Melvin Carvalho on 2023-11-24 (public-solid@w3.org from November 2023)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Fri, 24 Nov 2023 16:00:02 +0100
To: "Harshvardhan J. Pandit" <me@harshp.com>
Cc: public-solid <public-solid@w3.org>
Message-ID: <CAKaEYhK-j0usy0UWm_XkNEUpPj3WP6H9YDpuXMryRSw_bfvHRw@mail.gmail.com>

čt 23. 11. 2023 v 13:04 odesílatel Harshvardhan J. Pandit <me@harshp.com>
napsal:

> Hi.
> FWIW, I request that the language regarding 'privacy' be broader than
> 'access to data'. See suggestions below.
>
> On 23/11/2023 09:31, Melvin Carvalho wrote:
> > *Data Management with Solid*
> > Solid enables users to store their personal data in online data stores,
> > known as Pods. These Pods are controlled entirely by the user, who can
> > grant or revoke access to applications as desired. This separation of
> > data from applications allows for greater user autonomy over their
> > personal information.
>
> 1) "These Pod are controlled entirely by the user" - What about cases
> where Solid Pods are 'provided' to the user with ability to manage data
> but NOT manage the pod or move it to a different provider etc. Or cases
> where data may not be under the user's control i.e. they can access it
> but cannot manage it or only can approve specific applications and not
> others. Should such cases not be called 'Solid'?
>

Yes, that's a managed form of Solid.  In this case you co-own your identity
and your data with your provider.  It's still Solid, but restricted, with
less user control, however, possibly better than the status quo.


>
> 2) "who can grant or revoke access to applications" - Pods are about
> controlling/managing data and the language should reflect this. E.g.
> "who can control the storing and usage of data by applications". By not
> using the line 'grant or revoke access' I am avoiding reducing autonomy
> to take it or leave it type situations based on solely on
> access/gatekeeping.
>

Good point, that makes sense, it's not a binary thing.


>
> >
> >       Security and Privacy in Solid
> >
> > *Data Control and Privacy*
> > One of Solid's key features is its emphasis on user-controlled data
> > privacy. Users have the authority to manage who can access their data,
> > enhancing privacy and data security on the web.
> >
>
> Same as above, "users have the authority to manage who can access and
> how it will be used and shared with others..." - the "how it will be
> used and shared with others" is the key part to not just stop at having
> access to data but also managing the who and why aspects of it being used.
>

I like it, emphasizing how things can be shared rather than how things are
restricted.


>
> Regards,
> --
> ---
> Harshvardhan J. Pandit, Ph.D
> Assistant Professor
> ADAPT Centre, Dublin City University
> https://harshp.com/
>

Received on Friday, 24 November 2023 15:00:19 UTC