Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Calyx (was Re: GNI in the news and it's not looking hot)

Shava Nerad shava at
Tue Mar 8 01:17:14 PST 2011

Nick Merrill and I are trying to put together something that depends a bit
less on buy in than GNI, where a (cc) like self-certification of
privacy/security is combined with a web of trust-like rating to let
companies commit to various levels of service, but also to let their users
report experiences where that's appropriate, and perhaps provide a browser
plug-in that talks about privacy safety in the same sense current plugins
report "surf safe" ratings.

At this point, we're in infancy with the project.  (There's a website at, but it doesn't reflect the current shape of the
project.)  I know there have been previous icon codes for privacy attempted,
but there are a few ways we hope to improve on the process.  We also see
security as being inseparable from privacy -- there's ad-network privacy,
yes, but there are also issues of breaches, and so on.

We're taking this from an angle of public education and consumer advocacy,
up front -- until we gain sort of a memetic understanding that privacy is
important, there will be no market pressure on providers and data shops to
put efforts into this.  We can create market pressure if we can show a
market advantage to even a small set of companies by certifying that they
respect privacy, have good security practices, and a minimum amount of spine
(not changing policies without notice, not handing info over without a
subpoena, etc.).

Our hope is also to produce a testbed provider (hosting, access, perhaps
VOIP, VPN,...) so there can be an open source best-practices template for
small providers, rather than depending just on the top-down corporations
like Google and such to set examples.

You may know me as the original execdir at The Tor Project -- I got them
initial funding, their 501c3, and helped to turn around their press image
and build alliances with human rights and press freedom groups.  From way
back, some of you may remember me as the original owner of,
and the point in the fight to keep 501c3 status for community networks in
the US back in 1997-2000, when disadvantaged access to the net was being
challenged as a charitable/educational purpose by the IRS. And, in this
group, I suppose a few of you may even remember me as co-moderator of
sept11info at yahoogroups, alongside Andy Carvin (I want the t-shirt that
says:  "I followed Andy Carvin before Twitter existed").

Nick is the John Doe of John Doe vs. Ashcroft et al, the ACLU's case against
national security letters.  NIck decided that no piece of paper saying you
can't reveal this inquiry to anyone could deprive him of right to counsel,
and he chased that one for three years to an ACLU victory, and a Baldwin
Award.  It then took three more years before he got his gag order lifted
last fall, and now he's trying to set up support for people to learn about
their rights and choices -- consumers, providers, marketers, and policy

We're only just getting started on this, and would love input, pointers to
funders, potential board members and advisors, and all that...  We're at
that point where all things are possible (which is to say, we haven't
confronted the hard work yet!).

And just because I'm reading Evgeny's book right now, I'd like to qualify
that neither of us is a "cyber-utopian" by his definition -- you might
imagine that from our backgrounds.   In fact, Evgeny's criticism of Tor in
the book is that people don't read the manual -- and part of what I'm hoping
we'll do is add to the public education and remediate some of those issues.


Shava Nerad
shava23 at
shava at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the liberationtech mailing list