As a FOSS organization, our policy priority should be to push back against software patents, and to create a favorable policy environment for FOSS, and that is what we are engaged in.
I would also like to remind you that I did submit FOSS United’s policy position on the Digital Personal Data Protection Bill. and that reflects my own views as well. Kindly read that. It may be a short document but it took a lot of time to put that together, and my realization was that it took time away from the software patents work. In the field of privacy, there are hundreds of organizations involved. Just look at the comments submitted to the Srikrishna Committee’s draft. However, how many organizations are out there advocating for FOSS? Isn’t that something we should be focused on?
On Digital Public Infrastructure (DPI), yes, I am a supporter because I think all of us need efficient governments. However does that equate to supporting surveillance as you postulate? I think you are postulating a false dichotomy. Rather than take an “All DPIs are bad,” stance, I prefer to take a more nuanced approach that balances efficiency with oversight and the checks and balances of democratic institutions. For example, when Aarogya Setu was released during the Covid Pandemic, I wrote the following in an op-ed in Indian Express:
"Where the collection of data through such apps is done by the state, the state must recognize that it is not the owner of the collected data, but merely the custodian of data. It holds the data in custody, on behalf of its citizens. Secondly, as compared to the private sector, the state has a much higher responsibility for safeguarding data, because its control of the police, tax authorities and other instruments gives it great coercive power. The threats of state misuse of data are therefore much higher than its misuse by the private sector. The only way to mitigate this is by putting privacy and good data governance practices at the center of such data collection, and by instituting checks and balances on state power.
“Wherever data is collected by the state, it must be the minimum required to get the job done. For example, self-testing apps should not collect personally identifiable information, except essential information like age (higher age groups have higher risk, and therefore this is essential), gender etc. This data should be deleted after the crisis is over.”
To repeat, I prefer to take a nuanced approach on these issues, and not an absolutist approach. If that equates to “compromised” in your mind, I am not going to try and change your opinion.
On institution building, I have said again and again that what we are building at FOSS United is really precious. I have been in the FOSS community since 1999, and the big mistake that we made in the past was that we did not focus on building a FOSS institution. Most of us were happy organizing FOSS meetups and dispersing. Different FOSS groups used to talk to each other rarely. Our policy advocacy was unfocused and sporadic. With FOSS United, we now have an organization that is spreading the gospel of FOSS to places like Sholapur that have never seen a FOSS meetup, we are supporting many FOSS organizations around the country. By trying to be all things to all people, we can very quickly lose all of that. In other words, I don’t agree that institution building is a “moot point.” On membership, I have replied on a previous thread and don’t have anything more to add.