Decentralizing personal data management with Solid:
a hands-on workshop

Decentralizing personal data management
with Solid: a hands-on workshop

10:00–10:20

Introduction

10:20–11:05

Ruben Verborgh: Concept & architecture

11:05–11:30

Goedele Van der Spiegel: Flanders Demo

11:30–12:00

Questions and discussions

14:00–16:00

Hands-on experience

The history of computing
started out centralized.

• Large mainframes provided computational power
  for an entire organization.
  • People brought punched cards to a control room,
    where they were processed by a machine.
• When networking came along,
  terminals interfaced with mainframes.
  • The server possessed magnitudes more
    computational power than the client.

Personal computing decentralized
computational power.

• Personal computers were able to perform
  enough calculations for simple software.
  • spreadsheets
  • word processing
  • …
• Up to the 2000s, only few of these
  were connected to the Internet.
  • Data and software were transferred using physical media.

Even when the Internet became popular,
data and CPU remained decentralized.

• The Web provided a way to:
  • retrieve information faster
  • retrieve information we did not have before
• Desktop software remained dominant.
  • Data remained on-device.
  • Processing remained on-device.

The software-as-a-service model brought
storage and processing to the cloud.

• Centralized software platforms reduced friction.
  • Sharing becomes easier by linking.
  • Real-time collaborative editing becomes possible.
  • Users always have the latest software.
• Data processing and storage are outsourced.
  • Once again, our devices act as terminals.

Universality and innovation
is driven by more than just technology.

• The technological gap between clients
  and servers is smaller than ever.
  • Servers resemble ordinary computers.
  • Even some of our portable devices are more powerful
    than our personal computers were a decade ago.
• Many cloud applications could still run on-device.
  • The UI in fact often does.
• Cloud business models have economic benefits.

The world before the Web
was highly heterogeneous.

• Exchanging information was hard.
  • different hardware
  • different software
• Innovation was hard.
  • For which machines do we build?
  • For which operating systems do we build?

The Web strives to be universal
through independence of many factors.

• Anyone can use the Web, regardless of:

  hardware

  desktop

  phone

  tablet

  watch

  …

  software

  operating system

  browser

  app

  …

• Developers are free to innovate.
  • Build for the Web.
  • Standards provide interoperability.
• Unfortunately, this is not the default elsewhere.
  • App stores are a prominent counterexample.

The Web brings freedom of expression
to everyone across the world.

• Anyone can say anything about anything.
• We all have our own spaces,
  so we don’t have to agree.
• We can link to opinions of others
  to discuss about them.

The Web brings permissionless innovation
at a global scale.

• Anyone can build anything for any reason.
• The technologies are open.
• You don’t need anyone’s permission
  to join the Web and launch a new idea.
  • This contrast with app stores.

Decentralization was an assumption
when the Web was designed.

• Internet
• email
• FTP
• …

The Web’s novelty was universality.

The first threat to universality
were the browser wars of the 1990s.

• No Internet Explorer?
  • You’re out of luck!
• People needed a certain computer.
  • no mobile devices
• Developers depended on Microsoft’s pace.
  • browsers were not very powerful

This battle was replaced by another:
the search engine wars of the 2000s.

• Not on Google?
  • You’re out of luck!
• Ranking high became more important
  than high-quality content.
• The reach of your innovations
  depended on one crawler.

This battle was also replaced by another:
the platform wars of the 2010s.

• Not on Facebook?
  • You’re out of luck!
• Clicks became more important
  than high-quality content.
• You either compete for innovation
  with Facebook, or depend on it.

In 2017, Tim Berners-Lee listed
three challenges for the Web.

1. We need to regain control
   over our personal data.
2. We need to reduce the spread
   of misinformation.
3. We need transparency and understanding
   of political advertising.

All three indicate a loss of control/agency.

Ironically, permissionless innovation
even allows platforms that prevent it.

The Facebook founder has no intention of
allowing anyone to build anything on his platform
that does not have his express approval.

Having profited mightily from the Web’s openness,
he has kicked away the ladder that elevated him
to his current eminence.

John Naughton, The Guardian

Tim Berners-Lee is spearheading Solid
as an ecosystem to take back control.

• Solid is a way of creating services that
  let people keep control of their data.
• Solid combines existing W3C standards
  to define how agents should interact.
  • It is not a new Web:
    it builds on top of the existing Web.
• Like the Web, Solid is for everyone.
  • Bring back universality and permissionless innovation.

Solid aims to restore choice
by separating data from services.

• Typical platforms nowadays store data
  inseparably from a service.
  • If we need the data, we cannot choose our service.
  • If we need the service, we can’t choose our data source.
• By separating data from services,
  we create independent choices.
  • In essence, we‘re taking Web apps back to desktop mode,
    where one file can be opened by multiple apps.

Every person can choose where to store
any data produced by or about them.

They can grant people and services access
to very specific parts of their data.

Separating service and storage
drives permissionless innovation.

Solid is not a platform to replace others,
but a way of building for the Web.

• Solid is an ecosystem.
  • Standards enable interoperability
• Solid is a movement.
  • We need to shift the app builder mindset.
• Solid is a community.
  • Building Solid requires different people,
    companies, and organisations.

Solid acts as an interoperability facilitator
and integrates with existing technology.

• Make data flow more easily
  from one location to another.
  • interface
  • authentication
  • authorization
• Integrate with existing identity solutions.
  • Be compatible instead of creating yet another one.
  • All an agent needs is a URL.

A Solid server acts as a data pod
that stores and guards your data.

• It is a regular Web server
  • …with support for access control.
  • …with support for Linked Data.
• Its interface is application-agnostic.
  • Build any service, like on the Web.
  • Service-specific logic resides in clients.
• A Solid pod is essentially a website with data.
  • Its data is compatible with any service.

A data pod can contain any data
you create or need online.

• profile 👤
• media 🖼
• comments 🗣
• likes 👍
• … ✨

Solid clients are browser or native apps
that read from or write to your data pod.

• People give read and/or write permissions
  for specific pieces of data to:
  • services
  • other people
  • automated agents
  • …
• Apps deliver an integrated experience.
  • Instead of displaying individual webpages or data items,
    apps interleave data from multiple sources.

Any service you can envision,
you can build with Solid.

• calendar 📅
• social feed 👥
• photo sharing 📸
• conference organization system 🎤
• … ✨

Client–server communication is governed
by the Solid specifications.

• The specifications are a (currently unstandardized)
  set of documents on GitHub.
• They essentially demand compliance
  with a couple of existing standards:
  • HyperText Transfer Protocol (HTTP)
  • Linked Data Platform (LDP)
  • Linked Data Notifications (LDN)
• They suggest specific RDF vocabularies.

Several open-source implementations
of servers, apps, and libraries exist.

• server
  • Use a public instance or host your own.
• apps
  • data browser
  • contacts
  • photos
  • meeting organizer
  • …
• libraries
  • authentication
  • data processing
  • …

Interoperability challenges in Solid
are solved through Linked Data in RDF.

• If we all store our own data,
  how do we connect it to others’ data?
• How can services share data,
  without too many prior agreements?
• How do we integrate data
  from multiple data pods?

With JSON-LD, every piece of data
can link to any other piece of data.

{
  "@context":  "https://www.w3.org/ns/activitystreams",
  "id":        "#ruben-likes-semic",
  "type":      "Like",
  "actor":     "https://ruben.verborgh.org/profile/#me",
  "object":    "https://www.semic2020.eu/#this",
  "published": "2020-10-06T08:00:00Z"
}

Data shapes and their semantics
enable layered compatibility.

{
  "@context":  "https://www.w3.org/ns/activitystreams",
  "id":        "#ruben-likes-semic",
  "type":      "Like",
  "actor":     "https://ruben.verborgh.org/profile/#me",
  "object":    "https://www.semic2020.eu/#this",
  "published": "2020-10-06T08:00:00Z"
}

Different source data
can be concatenated.

{
  "@context":  "https://www.w3.org/ns/activitystreams",
  "@graph": [{
    "type":      "Like",
    "actor":     "https://ruben.verborgh.org/profile/#me",
    "object":    "https://www.semic2020.eu/#this",
    "published": "2020-10-06T08:00:00Z"
  },{
    "type":      "Like",
    "actor":     "https://example.org/people/seth#me",
    "object":    "https://www.semic2020.eu/#this",
    "published": "2020-10-06T08:05:00Z"
  }]
}

The Paradox of Freedom:
you can only be free if you follow rules.

• Decentralization means making our own choices.
• Unless we agree on some basic things,
  no one will see the result of our choices.
• Agreement can be layered:
  • 100% agrees on a small set (labeling, authorship, …)
  • 80% agrees on a larger set (places, dimensions)
  • 5% agrees on many smaller sets (sizes, colors, …)

We need to identify those rules
we all need to agree on.

• vocabularies
• data shapes
• interfaces

Lessons learned from aggregating hundreds of datasets
are highly useful to inform the discussion.

Decentralization needs replication
for realistic performance.

In addition to technological changes,
we need a shift of mindset.

• from the one
  to one of many
• from source
  to station
• from platform
  to service

Current networks are centered
around the aggregator.

We need to create network flows
to and from the aggregator.

The individual network nodes
need to become the source of truth.

Aggregators need to become part
of a larger network.

Aggregators serve as a crucial
but transparent layer in the network.

Aggregators’ main responsibility becomes
fostering a network between nodes.

Warning: Solid client-side apps
are rough around the edges.

• Be prepared to see bugs.
  • When in doubt, refresh the page.
• This is not representative of the final experience.
• It is a technology demo, focused on understanding.
  • Watch and learn how data flows.

Create your own Solid pod
with a provider of your choice.

• Host Solid server software yourself.
• Use free demo hosting.
  • https://inrupt.net/
  • https://solid.community/

You have now created a WebID
and storage location for yourself.

• In Solid, those are separate things:
  • a URL identifying you
    • https://ruben.verborgh.org/profile/#me
  • a space to store documents
    • https://drive.verborgh.org/
• You happen to have received both at the same time.
  • But there is no need to!
  • You can reuse an existing identity and log in with it.

Log in to your own pod
and edit your own profile.

1. Go to the homepage of your newly created pod.
   • https://rubenv-semic-2020.inrupt.net/
2. Click Log in and pick your provider.
3. Click Edit your profile.
   • Fill out some basic information.
   • Bonus points for a profile picture!

Give specific apps permission
to act on your behalf.

This bit should happen through a dialog,
but we found some issues when testing.

1. Click Preferences on your pod homepage.
2. Add Application URLs with Read/Write/Append:
   • https://idlabresearch.github.io
   • https://rubenv-semic-2020.inrupt.net
3. It should look exactly like this (no slash at the end).

Join me on a Solid chat
hosted on my own pod.

1. Visit the chat that I am hosting on my pod.
2. Log in.
   • Ignore any warnings.
   • I have given append permissions to logged-in users.
3. Send a chat message.
   • Now I know your WebID for reuse later on.

Let us used Linked Data
to connect people.

1. Open the instructions.
2. Open the app.
3. Follow the instructions.
   • Keep a close eye on your data as you progress.
   • Keep a close eye on your inbox.