March 24, 2010, 10:17 AM —
It comes as little surprise that the guru of free software, Richard Stallman, is not terribly thrilled with the notion of Software as a Service (SaaS).
After all, in a 2008 interview with The Guardian, Stallman derided the use of cloud applications like Gmail as "...[S]tupidity. It's worse than stupidity: it's a marketing hype campaign."
You gotta give RMS props: he isn't shy about speaking his mind.
Primarily, Stallman's objection to SaaS is that users lose control over their applications, because the applications are not installed locally. My objection to Stallman's argument is that a vast majority of computer users will never have real control--even if they use free software.
"It's just as bad as using a proprietary program. Do your own computing on your own computer with your copy of a freedom-respecting program. If you use a proprietary program or somebody else's web server, you're defenceless. You're putty in the hands of whoever developed that software," he told the Guardian's Bobbie Johnson.
Last week, Stallman elaborated on this idea in an essay posted by the Boston Review. In that essay, Stallman compares and contrasts SaaS to the dangers of proprietary software and the inherent freedoms within free software.
He is also very careful to define what kind of SaaS is a problem: not social or collaborative services, but any app that actually manipulates user data:
"Some sites offer multiple services, and if one is not SaaS, another may be. For instance, the main service of Facebook is social networking, and that is not SaaS; however, it supports third-party applications, some of which may be SaaS. Flickr’s main service is distributing photos, which is not SaaS, but it also has features for editing photos, which is SaaS."
Looking at Stallman's essay from a purely theoretical level, it's very hard to argue with it. I, too, have concerns about storing and using data out on the cloud, because ultimately I have to trust that whoever owns the server isn't going to get squirelly with my data. Sometimes I do trust (such as using Gmail) and sometimes I don't (like not using Microsoft's SkyDrive). Stallman would likely argue that my personal choices border on idiocy (and goodness knows I am no stranger to that confused state), but I am willing to live with it.
Here's my problem with Stallman's approach: on a pragmatic level, you can apply the proprietary/SaaS lack-of-control argument to all software applications--even the free applications.
Stallman repeatedly argues that in order for users to have the most control over their systems and their data, they must use free software locally. Even free SaaS apps are not cool, because they're untouchable out in the cloud somewhere. And right there is where I have to raise my hand and ask: how many users can truly exercise control over their local applications?
The real-world answer: not many. In fact, a minority so small that it severely limits the application of the benefits of free software.
I am in complete agreement with the four freedoms granted by using a free software license. But I think that for a majority of computer users, guaranteeing these freedoms is very difficult, if not impossible. That's because most software users have little to no idea what's going on with their applications, and even if they did, they might not care. They just want their systems to work.
For instance, I use Emacs, an application originally developed by Stallman. I love it, it's a great editing application. It's licensed under the GPL, so I know I can get the code to view and manipulate it to my heart's content. It's also locally installed, so I have full control over that app.
But do I? I am not a programmer. If the Emacs development team decides to take out a favorite feature, I can't put it back. I'd have to delay updating to the new version. Since it's free, I can hope that someone who can code will feel my pain and put that feature back. Maybe if I put up a little donation fund, it could expedite things.
Now apply the same situation to that unholiest of unholies: Microsoft Word.
I use Word, an application originally developed by a bunch of Microsoft developers. I rarely use it, but will if I need to. It's under a proprietary license, so I know there's no legal way I can get the code to view and manipulate it to my heart's content. Still I have a little control over that app, because it's locally installed.
But do I? If the Word development team decides to take out a favorite feature, I can't put it back. I'd have to delay updating to the new version. I can hope that someone at Microsoft will feel my pain and put that feature back. Maybe if I offer to pay for a new patch, it could expedite things.
Different paths, but ultimately the same result: because of my intellectual choices in life (i.e., I do not code) my control over something as complex as software is always limited.
Stallman also argues that proprietary and SaaS vendors can (and have) put back doors into their products that will monitor user activity, scan user data, and all sorts of malicious things. Certainly he's right there.
So what about free software? What's really preventing someone from slipping a routine in there that has an app surreptitiously "phone home" about my computer use? The license itself? I don't think so. Even if I stipulate to the argument that free software developers by their very mindset are less inclined to be sneaky, that's not the same as saying there will never be sneaky free software developers.
I am not the best representative of the average computer user, either. I know what's what, and exactly where my limitations lie. The average user is, by choice, not concerned and not skilled enough to protect their own freedoms. Even if you could hand such a user a complete free-as-in-freedom system, there would be little chance they could prevent their systems from being ultimately shaped by the developers of the applications' code. Just like proprietary software users, they would blindly trust the makers of the software not to break their systems, manipulate their data, or abuse their privacy.
They simply do not know enough to prevent any of these things from happening.
That is my core problem with the freedom-through-control arguments of the free (and open source) software movement. Stallman's argument works perfectly for developers, because they can do something about problems in free software. It mostly works for users like me, because we are knowledgeable enough to see problems for what they are and notify the right people to get a fix.
But for people like the apocryphal Grandma who uses a computer, who doesn't even understand the basic concepts of what software is, the argument of freedom through control cannot apply; such users have no way of applying control, even if they have access to control.
So, am I saying that since control is an illusion, we should just give up, use SaaS and proprietary software, and serve our new overlords faithfully?
We need to find a way to educate all users, regardless of their level of use, about the dangers of non-free (and non-open) software. Perhaps we need to shift the argument away from control of apps to what something users might understand on a visceral level: control of data.
I think whatever the new strategy will be, this is an excellent mission for the Free Software Foundation: find a way to make the benefits resonate for all users, not just the ones in the know.