Tim Berners Lee's Startup Inrupt Releases Privacy Platform for Enterprises

Inrupt, the startup from World Wide Web founder Tim Berners-Lee, announced an enterprise version of the Solid privacy platform today, which allows large organizations and governments to build applications that put users in control of their data . From a report: Berners-Lee has always believed that the web should be free and open, but large organizations have grown up over the last 20 years that make their money using our data. He wanted to put people back in charge of their data, and the Solid open source project, developed at MIT, was the first step in that process. Three years ago he launched Inrupt, a startup built on top of the open source project, and hired John Bruce to run the company. The two shared the same vision of shifting data ownership without changing the way websites get developed. With Solid, developers use the same standards and methods of building sites, and these applications will work in any browser. What Solid aims to do is alter the balance of data power and redirect it to the user. "Fast forward to today, and we're releasing the first significant technology as the fruits of our labor, which is an enterprise version of Solid to be deployed at scale by large organizations," Bruce explained.

The core idea behind this approach is that users control their data in online storage entities called Personal Online Data Stores or Pods for short. The enterprise version consists of Solid Server to manage the Pods, and developers can build applications using an SDK to take advantage of the Pods and access the data they need to do a particular job like pay taxes or interact with a healthcare provider. Bruce points out that the enterprise version is fully compatible with the open source Solid project specifications. The company has been working with some major organizations prior to today's release including the BBC and National Health Service in the UK and the Government of Flanders in Belgium as they have been working to bring this to market.

In the mean time

[LibreHome]

The entire society shall engage in active discussion about what a service provider needs to know? And nothing shall be disclosed.

Re:

[BuckBundy]

Who has the link to that laughing guy from the Trump press event? Too lazy to look for it now.

So, it has come to this

[DontBeAMoran]

Pod People.

I don't understand

[Errol backfiring]

First, this company is meant to be just a middle man between the user and Google/Apple/WhatEver. If you don't trust companies with the data, why trust the new middle man? Also, if (and that is a really big if) companies like Google start to use such a platform, you can expect "we need full access to proceed" messages just like the "we need to store third-party cookies and run third-party javascript" blockades you encounter now.

In other words, this will add an untrusted player to the existing system, but nothing else will change.

Yes, you don't understand

[TuringTest]

The Solid server is open source, so you can host it yourself; it's also decentralized, so you don't need to trust a single provided with all your data, you can slice it and distribute it among any number of independent servers.

There's also the possibility to encrypt the data end-to-end, [solidproject.org] so the provider will not even have access to it.

Re:

[theshowmecanuck]

99.99 etc % of people either don't know how or won't be bothered to host their own server. Your response is typical "I don't want to understand the real world" nerd drivel. The OP is correct, this means someone else is hosting your data. So now their is a single point of failure that all hackers can target, as opposed you data being everywhere for them to target. Not really any advantage. The only thing that will stop identity and data theft is to make laws preventing POS companies from taking it against yo

Re:

[Errol backfiring]

That sounds familiar. OpenID was the same, you could host it yourself also, but in practice there are no sites that allow you to use your own OpenID server. I see this going the same direction. You can technically host it yourself, but nobody will allow you to in real situations.

Re:

[CastrTroy]

Yeah, I don't see this really being any different from the situation with cell phone apps asking for various permissions to access your data and people blindly clicking OK. The only thing this will do is make it easier for companies to get data from people because it will be easily accessible via an API that only on requires the user to click a single button to authorize, rather than the user have to manually enter the data.

Re:

[yassa2020]

The big difference is your relationship to the 3rd party. You are contracting them to store and secure your data, that's it. It's kind of like a bank safety deposit box for your data. Also you can self-host.

Privacy lol

[Anonymous Coward]

Nobody gives a shit about privacy.

Proof: # of user for google, facebook, twitter, etc.

You own and control your data, not some corp.

[mspohr]

True data ownership
Users should have the freedom to choose where their data resides and who is allowed to access it. By decoupling content from the application itself, users are now able to do so.

Modular design
Because applications are decoupled from the data they produce, users will be able to avoid vendor lock-in, seamlessly switching between apps and personal data storage servers, without losing any data or social connections.

Reusing existing data
Developers will be able to easily innovate by creating new apps or improving current apps, all while reusing existing data that was created by other apps.

Re:

[Hentes]

So basically cookies without domain restrictions. That's less secure, not more.

Re: You own and control your data, not some corp.

[mspohr]

Try reading again.

Does anyone actually think this is going anywhere?

[wiggles]

I remember the hype when it was announced, dipped my toe in to see what it does. I even tried putting a little tech demo together just to play with it, then I asked - what is the commercial argument for this? Is anybody going to make any money from it? If the answer is no, then this entire project is doomed to failure as it seeks to replace portions of the infrastructure that are actually making money.

Money talks, bullshit walks.

Re:

[theshowmecanuck]

Privacy online will only come if governments elected by people force it. Most people are too dense to care.

No Thanks

[nuckfuts]

Put all your personal data in one container, and store it online?

I don't think so.

Re:

[urusan]

You don't have to put all your personal data in one container and put it online, that would indeed be ridiculous.

The point is to have your public (or mostly private but sharable) data in different pods. They even call them pods to emphasize that you can have multiple pods for different purposes.

Re:

[theshowmecanuck]

So you are saying average people will have to manage different pieces of data about themselves in multiple places all over the internet. What could possibly go wrong.