Is doing nothing evil?

Last weekend I attended the openSUSE conference in Nürnberg. This is a really nice conference. Awesome location, great people, and an overall very relaxed atmosphere. I gave a talk about Nextcloud Security and what we plan to do in the future to make hosting a Nextcloud instance even easier and more secure.

I attended the Saturday keynote which triggered a reaction on my side that I wanted to share. This is only my personal opinion and I’m sure a lot of people think differently. But I can’t help my self.

The talk was about management of infrastructure and automation. It was a really good talk from a technical perspective. Very informative and detailed. But in the middle of the talk, the presenter mentioned that he was involved in building autonomous military submarines. This is of course controversial. I personally wouldn’t get involved in actual weapon development, building things which sole purpose is to kill people. But I understand that people have different opinions here and I can live with such a disagreement.

However, a bit later the presenter mentioned that he also worked for the US intelligence community to build surveillance systems to spy on people on a mass scale. Global, mass scale surveillance, which obviously involves all the people in the room. Which he pointed out as a some kind of joke, noting he might have helped spy on the people in the room.

I’m sorry but I don’t think this is funny at all. The global surveillance systems are undemocratic, in a lot of cases illegal and an attack on the basic human rights of people.

I understand that playing and working with cool technology is fun. And there is a lot of opportunity to do this for secret services and for the military to earn money. But I think we as software developers have a responsibility here. We are building the technology of the future. So we as developers are partly in control of how the world looks like in a few years.

We can’t just say: I close my eyes because this is only a job. Or I don’t want to know how this technology is used. I didn’t ask and no one told me so I’m innocent and not involved. Let me quote a well known saying here: “All that is necessary for the triumph of evil is that good men do nothing.”

I really have a hard time accepting that some people think that building mass surveillance systems is somehow funny or cool. And it is even more troubling to tell this the people your helped put under surveillance into their face and think that this is fun.

Sorry for the rant. But technology matter. Developers matter. Software matters and can be used in good ways and bad ways. We as developers and free software community have a responsibility and should not close our eyes.

16 Comments

  1. PJ
    04/06/2017

    I appreciate the “rant” and knowing that the head of development of the software that safeguards my most cherished data cares about ethics and basic human rights.

    Values get reflected in code. I don’t think it’s a coincidence that someone who feels this way is publishing under an open source license. Or using an open development model.

    Personally I am grateful whenever a founder shares their personal opinions, as it gives me subtle clues about how aspects of their technology, that are beyond my technical comprehension, are likely to play out in their products and services.

    It’s things like this that had me move off of using GoDaddy hosting years ago when Bob Parsons posted photos of him having proudly killed a member of an endangered species. It’s posts like this that confirm why I continue to rely on Nextcloud for my personal data security.

    Thanks Frank, and please keep it up. <3

    Reply
  2. Björn Schießle said - GNU Social
    04/06/2017

    […] In a software driven world, developers have a special responsibility, don't close our eyes! http://karlitschek.de/2017/06/is-doing-nothing-evil #software #dev #responsibility #ethics Discussion – Posted a few seconds ago from […]

    Reply
  3. Patricia
    04/06/2017

    It’s not only about doing harm to others with technology. Doing nothing at all is also bad. Within our DevOp community he had a lot of engaged people, working towards ‘something good’ in the past. This has changed over the years. Right now there are many GNU/Linux engineers who do not care about the ethical aspect at all. It’s just a job as any other job and they could instead take part in an Oracle or Microsoft Ops meeting.

    To me it’s very important to work towards something that helps our society and I am looking for new ways to motivate those ‘just doers’ to join.

    Reply
  4. Anatole France
    04/06/2017

    I think I am too much in need of harmony to speak up for myself and others. These times where everybody seems to get louder and louder I get in a strange situation. One part of me wants to show disagreement and the other dominant part just wants everybody to calm down. Nonetheless I’d like to come out of the Internet’s shadows where we lurkers live getting excited pressing upvote and like buttons to tell you that you do a good job and that I totally agree with this blog entry.

    Reply
  5. IDM
    04/06/2017

    I completely agree with you Frank!

    Thanks!

    Kind regards

    Reply
  6. AnGry
    04/06/2017

    In current times, this is a very rare statement! So I appreciate it so much! Thank you for that, and of course for a great piece of software!

    Reply
  7. Klaatu
    05/06/2017

    100% agree with you, Frank.

    If people would stop enlisting, there’d be no more armies. Same is true for contracting out to an organisation doing blatantly evil things with your code. There are other ways of making money; it’s just not worth it.

    Reply
  8. Sven
    05/06/2017

    Unbelievable! Thanks for sharing this.

    Reply
  9. Adem
    05/06/2017

    Frank, so you vouch for every customer you ever served with your software, licensed as it is AND if you would know that, let’s say the Turkish MİT, uses nextcloud to share data among prosecutors that hold journalists in custody without fair trial, you would just stop them. For the good cause, for the right thing?

    How are you going to do that?

    Oh and how do you address the very likely situation, that your company OR the community you are part of serves these customers in your keynotes?

    It is always easy to address the shortcomings of others if you are free (or think your are free of) the situation they are in.

    Rest assured you are not.

    Reply
    • Killy
      07/06/2017

      It is very different if you work for a company that violates human rights (you are in control and responsible) or if your foss software is used by those people (you can’t control this, it is their responsibility).

      Reply
  10. Graham Miller
    06/06/2017

    I agree 100% with your sentiment in this article Frank. It is just so refreshing to hear a project leader speaking in this way. Thank you for increasing my hope for humanity!

    Now all we need is for your attitude to be infectious and spread to all the other software developers in the world. That would make it harder for the money power to control our lives.

    Keep up the great work and thanks for terrific software!

    Reply
  11. Craig
    06/06/2017

    Yes!

    Reply
  12. Scared
    10/06/2017

    Hi,

    While I agree with your general sentiment, please be careful to not make the mistake the ccc made. They went to the other extreme, and basically started a witch-hunt. Everyone who was suspected of not being totally aligned with the message ‘thou shall not work for the government’ was being painted black, verbally and physically assaulted and smeared with propaganda campaigns. This led to a highly toxic environment.

    If there was even a hint that you had done anything that could indirectly be considered ‘working for the government’ you were targetted. And the masses would blindly follow their heroes, such as the now ousted Jacob Appelbaum, who would point at the targets and unleash the unthinking army of minions on those targets.

    I do hope we can keep that out of the nextcloud community. I felt uncomfortable reading your blogpost, because it reminded me of that attitude from the ccc, and suggests the start of that toxicity in nextcloud as well.

    Thanks.

    Reply
    • Jos Poortvliet
      15/09/2017

      As a company, we do have a policy to not work with arms manufacturers but this isn’t anywhere near as easy as it seems at first thought. Companies like Airbus and Boeing might by most people be seen as the company that create the planes used by their local airliners but both businesses also do a lot of defense work. And with ‘a lot’ I’m talking much more than 20% of their revenue. And going further down the stack, how do you make sure the materials produced by a mining corporation don’t end up in a gun?

      So we’re well aware of the complexities of this problem and we’re certainly not looking for any witch hunt. In no small part because what we do as a company isn’t always something we expect from the community. People hopefully have and can follow their own conscience and we want to keep politics out of community as much as reasonably possible.

      Reply
  13. camilo santana
    13/06/2017

    thank you for the article. i would not only agree with you but encourage you to take the time to *stand up* and make this statement in person/in public.

    To expand on your quote, “The world is in greater peril from those who tolerate or encourage evil than from those who actually commit it.” -A. Einstein

    There is nothing wrong with taking the time to stand and state openly what you wrote here – that, “… global surveillance systems are undemocratic, in a lot of cases illegal and an attack on the basic human rights of people.” technology would serve humanity best by elevating it. the systems this person is supporting do not line up with that potential goal.

    Reply
  14. James R. Martin
    02/08/2017

    I agree completely with thoughts at the openSUSE conference. I became aware of NextCloud with the project NextCloud Box from WD. I started working with my Church that was hit with Ransomware that lost a lot of information I am trying to work with NextCloud in hopes of providing a more secure alternative to prevent this sort of thing happing. Any links or information would be helpful. It is important to have a secure private alternative like NextCloud.

    Reply

Leave a Reply