The Orwellian doublethink of ‘open data’: when closed is open.

Proprietary platforms that call themselves ‘open’ create the illusion of choice, lead to apathy, and have ramifications for privacy, human rights, and the health of the commons. It’s time to call them out on it.

Sorry, we’re open sign in windowsill.
Sorry, we’re open… when words don’t mean what we think they mean.
Photo credit: Jorge Rey

I recently called out a company called for stating that they are ‘open’ when they are a proprietary platform with lock-in.

To echo the words of their founder, Yodit Stanton: “Twitter is not the best medium for nuanced conversation”, so I want to explain why I feel that this is a crucially important issue and why initiatives like are actually causing more harm than good by creating the illusion of open alternatives without actually contributing to the commons or challenging the fundamentals of harmful mainstream technology in a meaningful way.


I only became aware of on Twitter when Yodit responded to my tweet of an article by FastCompany that urges caution about the Internet of Things (IoT).

In her reply, Yodit stated that there are those, like, who “deeply care about privacy and are also excited about the tech”. Needless to say, I was happy to read her words and excited to find out more about the service. In the words of Melvin Kranzberg, “technology is neither good, nor bad, nor is it neutral” and it gives me hope whenever I meet people who tell me they are building platforms that respect privacy and human rights. However, when I looked into their service, I realised that it was anything but open.

The litmus test for an open platform is an Internet of Things platform that provides an Application Programming Interface (API) that you use to add intelligence to Internet-connected devices. The API is what adds the smarts to your “smart” device; it’s what makes your thing a “thing of the Internet”, as it were. If you program your device to use the platform, it is fundamentally dependent on that API to function. Without it, it cannot do what it does or be what it is.

It’s crucial that we understand the importance of this point because it is the heart of the issue.

Here’s the litmus test for whether is an open platform or not:

If was an open platform, you could change the URL in your API calls to a self-hosted version of (or to one hosted by a competitor) and your device would still function.

This, sadly, is not the case.

This is called lock in and this is what makes a closed platform.

Whether or not a platform has lock in is the litmus test of whether or not that platform is open.

The API: closed and proprietary.
The platform is closed. We cannot simply host the API ourselves. Once we use the API for building our IoT, we’re locked into using

What open isn’t

There are a large number of things that are not a factor in determining whether a platform is open. These include quite a few of the points put forward by in their blog post.

To be absolutely clear, your platform is not open just because:

Your platform is also not open just because people can export their data. If we are to use that test, Facebook, Google, and many other closed silos would pass with flying colours.

In summary, just because your platform consumes open data or releases some open data, this does not imply that the platform itself is open. And if your platform is a closed one, like is, using ‘open’ in the name of your platform is misleading.

What can do if it wants to become truly open.

If is serious about being ‘open’ and about protecting privacy—and we must, at the very least, give them the benefit of the doubt that they are—there are several actions that the company can take to make this happen.

In her blog post, Yodit states: “we are not a social enterprise and there will be parts of our code base that will be private. We are ultimately a for profit company and our aim is to create a sustainable business model for an engineering led business to thrive.”

This is not a convincing argument as being a social enterprise is not mutually exclusive with either being a for-profit company or creating a sustainable business model. (And you don’t have to be a social enterprise to release your platform as open source either. The two things really are not in any way related.), for example, is a for-profit social enterprise and we are working to create a sustainable business fuelled initially by a combination of one time sales of our social app, Heartbeat, on the Mac App store, as well as recurring subscriptions to an encrypted backup system. (The source code for the whole platform will, of course, be released under a free as in freedom license alongside the first public release Heartbeat.)

Additionally, to guarantee that we do not lose control or get bought out, we incorporated (the trading name of Article 12) as a company limited by guarantee. This means that we do not have share capital. We have no equity to sell. We cannot take venture capital. And we cannot be bought.

All this to say that there is absolutely nothing that is stopping from building a sustainable, for-profit company that is actually open and which actually can promise to protect the privacy of their customers by incorporating as a company limited by guarantee and open-sourcing the platform if they want to. In fact, if or the ODI want to explore this route or want any advice on any of this, we’d be more than happy to provide it, pro-bono.

Again, the litmus test is simple, can you:

  1. Install the platform on your own machine,
  2. Take a device that you’ve programmed using the API,
  3. Change the URL in the API calls to point to the address of your own machine and have your device function as before?

Until that’s possible, is not open — it is a proprietary platform with lock-in.

We’re open… for business.

Needless to say, silos like Google and Facebook also think of themselves as open. I had Facebook UK And Ireland’s Policy Director, Simon Milner, retort in a hurt and indignant tone after my talk in Bratislava last year: “Facebook is open… we allow anyone to join.”

In other words, for Facebook, open means ‘open for business’.

And heck, if Facebook is open, I guess not much is closed in this world.

And maybe that’s the problem.

Maybe ‘open’ as a term has been so misused, abused, and diluted, that it is now a homeopathic qualifier; entirely devoid of any essence of meaning whatsoever.

As I mentioned on Twitter, “If you have a closed platform, don’t call it open. Is that too much to ask for?”

Maybe it is.

Perhaps it’s time we stopped using the word ‘open’ to mean ‘free as in freedom’ or ‘good for the commons’ and leave it those who want to use it to mean privatisation, open as in business, and open as in free labour.

Or maybe, as Doug Belshaw stated on Twitter, “perhaps we need to #reclaimopen

Reclaiming ‘open’: Open, as in ‘an open field’ instead of open as in ‘an open door’.

The problem with the term ‘open’ is that it has two very different meanings: It can mean open as in ‘an open field’—a public space, owned by all, without fence or gate. In other words, the commons. This is the definition of open that favours liberty. This is the definition of open that I embrace.

But open can also mean open as in ‘an open door’.

This is a very different meaning of open.

This meaning of open assumes ownership. It assumes a fenced-off private space with door, lock, and keys. It assumes private property to which we are given limited, revokable access to, with terms and conditions attached. If we are given a key to the lock, as with an ‘open API’, it is, as Colin Bartlett stated, a key to a lock that we do not own; a lock that can be changed at any time at the whim of its owner.

What actually matters when determining the freedom of a platform is not whether or not the door is open or closed but whether or not there is a door to begin with. What matters is whether or not we’re talking about a field or a door and, if we’re talking about a field, whether or not the field can be fenced off sometime in the future or whether it is a protected from privatisation as part of the commons.

When we want to protect our tangible habitat, we use conservation programs and national parks. The definition of open that is ‘open as in an open field’ requires similar protections. In this case, the habitat being protected by the commons is not of some exotic alien species but a species that we are far more intimately acquainted with: our own.

While one definition of open aims to create the digital national parks that protect our digital public spaces, the other definition wants to create privately-owned public spaces that offer the illusion of openness. There is a term for privately-owned public spaces: private spaces.

We use doors to permit or deny access to these private spaces. ‘Open’, in this sense of the word, is not concerned with the health of the commons. ‘Open’, in this sense of the word, is concerned with providing you just enough access to private property as is necessary for you to add value to the proprietary system.

Perhaps what we need is a new word to describe platforms that are open (as in open door). Perhaps that word is ‘ajar’.

I like the term ‘ajar’ as it makes it very clear that there is a door to begin with and that it provides limited, controlled access, which itself can be revoked at any time by shutting the door completely and locking it.

Definitions matter

It’s important to understand that this is not some attempt to draw a narrow academic distinction, nitpick on semantics, or coin new terminology: this discussion goes to the heart of the intent of platforms to determine whose/which freedoms they protect and whose/which they do not.

That is a platform with lock-in has ramifications for privacy: In her blog post, Yodit states that they “do not resell private data or try to create revenue from insight into private user behaviour” and I have no reason to doubt her on that. However, let’s say that, believing that is an open platform, lots of us build our IoT to rely on the API. At this point we’re locked into What happens when enough of our smart things are contributing enough data into the system that it becomes a tempting takeover target for a company like Google whose business it is to monetise data?

What happens to our privacy promises then?

This model of creating closed platforms and then getting developers to build value into them by using ‘open’ as the bait is not new. The very same thing happened with Web 2.0.

Do you remember when Tim O’Reilly and friends, including evangelists from Twitter, Facebook, etc., told us that we should embrace Web 2.0 and use open APIs to build the ‘open web’? Did you fall for that? (I know I did.)

We were told that by using ‘open APIs’, we would be helping build the open Web. This was bullshit. What we were actually building was value into closed silos. Some of the same people are now trying to get us to do the same thing with the Internet of Things.

The Internet of Things is simply the new Web 2.0.

The game hasn’t changed; it’s still a data play.

The Internet of Things is not about things, it’s about data.

Today, having tapped the arteries of data with their own services and via their open APIs, the data krakens now need the data in the harder to reach places: in peoples’ homes, on their persons, and even inside them.

The ramifications for individual freedoms and democracy are as high as they have ever been. It is more important that ever that we create actual independent alternatives to proprietary and closed systems. Instead, what we’re seeing is the funding and cultivation of an illusion of choice led by ‘open’ initiatives that are not really open.

The problem is, nothing spurs apathy like the illusion of choice.

Mainstream technology companies like Google, Facebook, etc., understand this all too well. There is a reason why they, and related industry groups, are quick to sponsor such ‘open’ initiatives.

The easiest way to keep things the way they are is to sponsor the people who purport to offer the alternatives.

This is plain and simple ‘openwashing’. It’s something we must learn to recognise, call out, and avoid contributing to whenever we can.