Selling digital products online in an ethical way?

27 replies [Last post]
zigote
Offline
Joined: 03/04/2019

Suppose you make a website for selling some digital product you produce (music, images, videos, or other).

Nobody likes to see ads, to be tracked or limited by a license. However:

1. In order to sell something first you need people to know about it (advertising on a 3rd party platform)

2. To know how efficient your advertising is you need to measure it, inevitably leading to certain amount of tracking. That is the only way to know which audience is interested in your product

3. To optimize the UI/UX in a measurable way certain feedback from users is necessary. For this purpose people have invented analytics, heatmaps, A/B testing, cookies etc.

4. On the licensing side: a permissive license for the content would encourage unlimited copies, so perhaps your business may end before it even started.

5. Payments: I suppose it is unavoidable to make any sustainable business without using any of the popular payment ways (which are third party, e.g. PayPal).

6. Email marketing? Newsletters?

How would you approach all that in an ethical, privacy respecting way?

Libreshop
Offline
Joined: 10/27/2018
  1. Advertising can be done in multiple ways

    1. Start a thread on forum(like Trisquel/Parabola/other free/open forums)
    2. Make brochures/flyers and put them in peoples postbuses
    3. If you have family/friend on platforms where you don't want to create account, ask them to spread the word(like facebook, ...)
    4. If you don't mind(because your business is publicly available), you can create a (temporary or specific) account on platforms and publish it from there
  2. This isn't clear to me. Do you want to track a user actions or platform where the user is comming to your site?

    1. platform tracking is possible, on your server you can read the referrer, to see from where the user is navigating to your site, so you don't track the user
    2. if you want to track the user, you need to add js/cookie/..., which can be blocked by noscript or librejs(if not configured correctly), and to be complete(legally), you need to add notification that you are tracking the user
    1. Ask the user to fill a form to help you, with your UI. Start from a well-known UX(Material/Bootstrap templates).
    2. You can add a cookie, and each time the user clicks a link, you can add serverside heatmap, to see where the users are heading.
    3. If you really want to know, how long the user is spending on what page, and the scroll level, what element the user is clicking, then you need to add JS(make it libreJs compatibel)
  3. You can achieve most(maybe all) of your work with GPL-v3 type of license, but if you have doubts, then you can use Apache/Mit(Expat)/MPL/...

    If I create an endproduct(I'm working on my libreshop.eu), it will have GPL license.
    But if I create a plugin or library, which I can reuse while working as a software consultant, the library is licensed under MIT(Expat), because some clients have software which they don't want to license under GPL, and if I release my library under GPL, it won't be compatible.

    1. Yes this is a difficult one, you can ask the user to pay by Wire transfer, but this will take days. If you do it using crypto, bitcoin is the most used, you need to find a clients who wants to pay using crypto. But this is also not always secure.
    2. I tell my client to pay by Wire Transfer, but if they want to pay using creditcard or paypal, it's also ok for me.
    3. Another option is to pay cash, or at delivery, but you need to trust your shipping about this.
    4. If there isn't much political achievement regarding this, it will be very hard to pay anonymously for online shops.
    1. add rss feed
    2. create specific twitter account
Libreshop
Offline
Joined: 10/27/2018

I want to correct my answer, about point 4.

> 4. On the licensing side: a permissive license for the content would encourage unlimited copies, so perhaps your business may end before it even started.

In my opinion, Licensing doesn't change the fact that your software can be copied and distributed (i)legally. (like chaosmonk mentioned).

If you license your product Free, people will still buy it the same way they buy non-Free. You just permit the user to copy/modify/distribute the product.
I already saw non-free(and none opensource) software being decompiled and modified by someone I knew, and it was (i)legally obtained in the first place.

If you create the content yourself, you can sell it to low price, which is affordable for too many people(of course, you need to make profit), but next to that, add support contracts.

eg. iredmail is free(GPLv3 + gratis), but you need to pay for extra functionalities(which you can perform yourself, if you have the skills and patience) and when you buy a subscription, you receive updates, if you don't you can still create your own update system on top of it.

If you write a book, you can also give the buyer access to download the latest copy each time you update your book(typo, rewrite of a chapter, maybe translated versions, ...)

You can always ask for donations for your webshop, or sell gift-kind of thing.

The bottom point is: Free licensing is not the end of a webshop.

zigote
Offline
Joined: 03/04/2019

Libreshop,

To clarify - I am particularly interested in selling digital media online (not software).

> 1.1. Start a thread on forum(like Trisquel/Parabola/other free/open forums)

(Poor man's) advertising through forum posts is quite a bad idea because:

A) When one visits a software forum one expects to see discussions about software, not unsolicited off-topic stuff like ads for digital media websites. The later would actually be considered spam. That's why normally it is against forum rules.

B) I don't know what you mean by "other free/open forums" but Trisquel is surely not an example of a large community. To enter a market, especially a highly competitive one like that of digital media, you need to reach huge audience.

So the "conversion rate" of such advertising is really zero. Additionally it is actually unethical because of A).

> 1.2. Make brochures/flyers and put them in peoples postbuses

Wasted money and paper. If one wants to buy digital media online one goes *online*.

> 1.3. If you have family/friend on platforms where you don't want to create account, ask them to spread the word(like facebook, ...)

But how exactly is it ethical to encourage others to do things which you disapprove? I really don't like when someone proudly says "I don't use *something*" but ask others to do things for them on that *same thing*.

> 1.4. If you don't mind(because your business is publicly available), you can create a (temporary or specific) account on platforms and publish it from there

In case you mean popular platforms (where it would make sense to do it) - well, people who have already sacrificed their privacy by having joined those platforms perhaps don't mind it because they simply don't understand the problem with it. However you are not really helping them to understand it by encouraging them to "follow" you there. I am not saying that the purpose of selling something online is to "enlighten" others but it should at least not encourage the wrong ways.

> 2. This isn't clear to me. Do you want to track a user actions or platform where the user is comming to your site?

Generally one would have to do both to optimize the efficiency. But in this particular item I was discussing the measurement of the advertising efficiency, i.e. which campaigns, which audiences, which days/hours of displaying an ad give better conversions etc. For that you need more than just HTTP referer.

> 2.1. platform tracking is possible, on your server you can read the referrer, to see from where the user is navigating to your site, so you don't track the user

Why is this not tracking the user? You track where he came from.

BTW technically: That is unreliable because the HTTP referer is an optional header.

> 2.2. if you want to track the user, you need to add js/cookie/..., which can be blocked by noscript or librejs(if not configured correctly),

HTTP cookies can be blocked too. Everything can be blocked.

Making a business model compliant with all possible web browser extensions and their recent, current and future versions is an impossible task. Also those extensions are neither technical standards nor laws.

> and to be complete(legally), you need to add notification that you are tracking the user

What notification exactly do you mean?

> 3.1. Ask the user to fill a form to help you, with your UI. Start from a well-known UX(Material/Bootstrap templates).

There are more than one problems I see here:

- Very few people actually fill such forms
- Those who do are not the typical majority (which one would like to know better)
- Filling in a web form cannot replace the actual, spontaneous measurement of how the site is used (where people click, how long they stay on a page etc).

> 3.2. You can add a cookie, and each time the user clicks a link, you can add serverside heatmap, to see where the users are heading.

Why would you store a cookie for this? Cookie = persistence. If you are just recording the URL visit on the server you don't need to store anything on the particular HTTP client.

Also this is not really a heatmap. It is not very different from what webalizer would do (analyzing the HTTP logs and making stats) which is too rough.

> 3.3. If you really want to know, how long the user is spending on what page, and the scroll level, what element the user is clicking, then you need to add JS

I know that. But again - you explain the technology. What I am rather interested in is to know which particular usage scenario of the technology would be considered ethical (and not privacy invasive).

> 4.

I am not asking about software but about digital media.

> In my opinion, Licensing doesn't change the fact that your software can be copied and distributed (i)legally. (like chaosmonk mentioned).

I appreciate these opinions but I would rather appreciate facts if you can share some. One fact which we all know of is - companies who use restrictive licenses make billions. Those who use permissive licenses usually starve begging for donations. So again: please share facts showing how one can sustain a business when using permissive licenses (without a big company backing that for their profit).

> If you license your product Free, people will still buy it the same way they buy non-Free.

I question that. If something is available gratis or for $100 - which one will you chose?

> If you create the content yourself, you can sell it to low price, which is affordable for too many people(of course, you need to make profit),

Professional media production (images, music, video) requires expensive equipment and years of training to do it right. I don't understand how "you can sell it to low price" can compensate that and lead to a sustainable business.

> but next to that, add support contracts.

What would you support when you sell digital media? In case you mean additional service (e.g. producing content by specific request) that is a different business (work for hire), not what I am asking about.

> If you write a book, you can also give the buyer access to download the latest copy each time you update your book(typo, rewrite of a chapter, maybe translated versions, ...)

If one reads a book - one reads it and that's it. Nobody would pay for your typos. Also one buys what one can read. If the language is initially unacceptable - the visitor simply leaves your store. I don't get your point with these.

> You can always ask for donations for your webshop, or sell gift-kind of thing.
> The bottom point is: Free licensing is not the end of a webshop.

Can you show digital media online stores which make $5k or more monthly net profit based on such business model?

chaosmonk

I am a member!

I am a translator!

Offline
Joined: 07/07/2017

Good questions. I don't have all the answers, but here are some ideas.

> 1. In order to sell something first you need people to know about it (advertising on a 3rd party platform)

Not all forms of advertising track users. For example, many of the podcasts I listen to contain advertisements for sponsors. Some might still make a cultural argument against these kinds of ads, but privacy-wise they are better.

> 2. To know how efficient your advertising is you need to measure it, inevitably leading to certain amount of tracking. That is the only way to know which audience is interested in your product

These same podcasts often give promotion codes with which listeners can receive a discount. The number of times that this promotion code is used allows the vendor to gauge the effectiveness of sponsoring the podcast. There are ways to get information about demographics without invading the privacy of individuals.

> 3. To optimize the UI/UX in a measurable way certain feedback from users is necessary. For this purpose people have invented analytics, heatmaps, A/B testing, cookies etc.

There are ethical standards for research studies, such as the need for informed consent from subjects (who are often paid). Some companies do in fact pay people to test the software for the purposes of UI research. UI research should be scientific, done in the open, and published for peer review. Legislation should disallow websites from experimenting on users as part of normal site usage, which will incentivize companies to help fund this research to their and all web developers' benefit.

> 4. On the licensing side: a permissive license for the content would encourage unlimited copies, so perhaps your business may end before it even started.

I'm going to focus on music here because it's an area I'm familiar with. I have no idea how well this applies to other media like books and software.

Suppose that an online vendor releases a digital album. When the album is first released, no one has a copy except the vendor, so paying is the only way to acquire it. Once a few people of purchased copies of the album, it is convenient for their friends to acquire a copy, but still inconvenient for most people. If album sales are very good, then eventually the album becomes ubiquitous, at which point many (but not all) people will seek out an easily available gratis copy rather than pay. This means that new albums are more profitable than old albums (which would be true anyway due to fading popularity, so the difference is one of degree), so vendors need to sell more than one album to stay in business. Perhaps the vendor wishes that they could sell a lot of copies without reducing the scarcity of copies and therefore the value of the original, but that's just not how it works, and restrictive licenses have not changed that.

What restrictive license have done is slightly increase the inconvenience of seeking a gratis copy, since some people who would otherwise share copies choose not to because it is illegal. However, common practice has largely diverged from law here, so while permissive licenses might change the dynamic a little, I'm not sure they would change it a lot. Filesharing is quite common, yet the music industry makes a ton of money. I don't expect a little more filesharing to kill the industry.

This is an oversimplication. The reality is too complex to address in a forum post. For example, there is evidence that filesharing has *increased* the sales of albums, and that people who illegally download music spend *more* money on music than people who don't. It's entirely possible that an increase in filesharing would be correlated with a further increase in albums sales, so if copyright law reform (not feasible while corporations like Disney have a lot of influence over governments) or a cultural shift toward artistic works often being released under free licenses more often (more realistic. free artistic works are rare compared to free software programs, but that might change) lead to an increase in filesharing, that might even be good for album sales. It's hard to predict, because there are so many variables, but we live in a very different world from that in which copyright law was initially developed (for example, it used to restrict publishers whereas it now restricts audiences), so it is not a given that it is still socially necessary. Evidence that it might not be, at least in the context of the music industry, is that people generally ignore copyright law and yet the music industry (though they deny this publicly) is doing as well as ever, but it's hard to say for certain.

There is much more to consider that I haven't addressed, but I'll stop there in the interest of keeping this thread on track. To get back to your point:

> a permissive license for the content would encourage unlimited copies, so perhaps your business may end before it even started

Perhaps, but as I hope I've shown, it's not that simple, so it's hard to say for certain. You might make significantly less money, or you might make only slightly less money, or it might not matter, or it might matter now but less so over time. What does seem clear to me is that copyright law has failed to adapt to a world in which information can be trivially copied, and that the practice of using restrictive licenses to imposed artificial scarcity in order to give copies artifical value is not a sustainable practice.

I'll stop there, as I don't want this topic to dominate the discussion at the expense of the other points you've raised, it's a huge rabbit hole that I don't have time to discuss much further, and I'm not sure whether it's a topic that interests you that much. In case you are interested, I'm attaching a relevant excerpt from Capturing Sound by musicologist Mark Katz which addresses some of these issues. I don't agree with 100% of it, but I recommend it if this is a topic that interests you.

> 5. Payments: I suppose it is unavoidable to make any sustainable business without using any of the popular payment ways (which are third party, e.g. PayPal).

This one is tricky. People are generally uncomfortable giving their credit card information to a small company, so it is difficult at this time to avoid using a large company like PayPal as an intermediary. Even Trisquel has a PayPal option for donations. It's hard to avoid. GNU Taler should provide a solution to this, but it's not ready yet.

> 6. Email marketing? Newsletters?

There's nothing inherently unethical about newsletters, as long as you don't use dark patterns to trick customers into subscribing or failing to unsubscribe.

I spent much more time on this post than I had planned and don't have time to discuss this much further, so I'll check back to read other people's thoughts but apologize in advance if I don't reply to something directed at me.

AttachmentSize
chapter-8.pdf 146.28 KB
zigote
Offline
Joined: 03/04/2019

chaosmonk,

Thanks for sharing your thoughts too. I will try to keep my comments short and the questions specific.

> many of the podcasts I listen to contain advertisements for sponsors

Normally such ads don't leads to sales but to brand awareness. You need huge budget for such things.

> promotion codes

Those are too easy to trick. So measurement based on codes is unreliable. Promos are usually aimed at getting many many visitors because usually 1 out of 1000 becomes a customer and even less - a regular one. To measure something like this you need a lot of money.

> There are ways to get information about demographics without invading the privacy of individuals.

What are these ways?

> There are ethical standards for research studies, such as the need for informed consent from subjects (who are often paid).

Informed consent is necessary only if you process personal data. It is not necessary for anonymous statistics.

Also if one is aware that one is being monitored, one's behavior changes. That's why a consent in which one is informed about what will be recorded will surely create a bias and skew the whole measurement.

That said: may I have a link to those ethical standards? Or at least a hint what to search for?

> Some companies do in fact pay people to test the software for the purposes of UI research.

First - you need a company. Second - you need huge budget for this too. And the end result is not sales - it is directions. Very long and expensive way which indeed only big companies can afford. Also it is an overkill for simple tests like: green or blue button gives better click rates?

> UI research should be scientific, done in the open, and published for peer review.

Science does not aim at profit. If the public/state funds a scientific research - it should be public. Science serves the whole humanity.

But business aims at profit. Why would you pay for a research and give it for free to your competitors?

> Legislation should ...

I am asking about what one can do as of now. I know laws are not perfect, neither is society etc. But that is a separate discussion.

> This is an oversimplication. The reality is too complex to address in a forum post. For example, there is evidence that filesharing has *increased* the sales of albums, and that people who illegally download music spend *more* money on music than people who don't.

I don't know what evidence you mean but indeed this is oversimplified. What I have heard (but I can't show evidence) for example is that Adobe is OK with piracy because it makes their products more popular. So they are approaching this from the perspective of a big company and all big companies need to sustain and increase brand awareness, not simply sell directly through an ad. This is beyond the scale of one person having a web store for selling his digital media.

I will check the pdf, thanks.

> as long as you don't use dark patterns to trick customers into subscribing or failing to unsubscribe.

What is a dark pattern?

chaosmonk

I am a member!

I am a translator!

Offline
Joined: 07/07/2017

I understand better now that your questions are not about how companies could behave more ethically as part of a larger social shift, but about what options individual companies have right now. I'll avoid things like hypothetical legislation and software that isn't operational yet, except when I briefly go off-topic to answer some of your clarifying questions.

> podcasts, promotional codes

The promotional codes were meant to be an example of "ways to get information about demographics without invading the privacy of individuals." Another way would be through focus groups. You raise a good point though, that things like these are more difficult for small companies. See "Possible Compromises" below.

*This next section is is a little off-topic, but is necessary to answer some of your questions.*

> Informed consent is necessary only if you process personal data. It is not necessary for anonymous statistics.

Legally I think this is true, but I'm discussing ethics. While ethical guidelines might not exist in market research, they exist in scientific research. I'll elaborate more below.

> Also if one is aware that one is being monitored, one's behavior changes. That's why a consent in which one is informed about what will be recorded will surely create a bias and skew the whole measurement.

This factor can sometimes be controlled for with control groups, placebo, etc. Maybe other times it can't, and it would be more convenient or efficient to forgo informed consent. The moral thing to do is not always most the most convenient or efficient thing to do, which is why convenience and efficiency aren't the only values which inform research ethics.

> That said: may I have a link to those ethical standards? Or at least a hint what to search for?

It varies by field, but I think that for UI research it makes most sense to look at the ethics of research in psychology.

https://en.wikipedia.org/wiki/APA_Ethics_Code#Research_and_publication

> Science does not aim at profit. If the public/state funds a scientific research - it should be public. Science serves the whole humanity.

> But business aims at profit. Why would you pay for a research and give it for free to your competitors?

I think a rough analogy could be made between scientific/market research and free/proprietary software. Neither scientific research nor free software are perfect, but they generally serve the public interest whereas market research and proprietary software serve private interests.

There are many situations in which businesses will try to avoid allowing their work to serve the public interest in order to gain an advantage over their competitors. However, this is an inefficient way for businesses to behave, because they all waste time doing work that has already been done by someone else. Sometimes, under the right conditions, businesses will opt for efficiency over the desire to gain a competitive edge in a particular areas. There are many examples of businesses funding free software development, to the public's benefit, because it is also to their benefit.

For example, some businesses who use Debian sponsor the extension of support for Debian releases from 3 years to 5.

https://www.freexian.com/services/debian-lts.html

This doesn't give any of them a competitive edge over each other, but they all benefit from extended support for an operating system that offers a reduced total cost of ownership and/or some of the benefits of software freedom.

For a more interesting but more-complex-and-nuanced-and-therefore-harder-to-explain-in-a-forum-post example, see Chapter 5 of "Two Bits: The Cultural Significance of Free Software" by Christopher Kelty.

https://www.twobits.net/pub/Kelty-TwoBits.pdf

(The whole book is actually pretty interesting. Kelty is an anthropologist, not a developer, so his perspective on the free software movement and the open source movement is a little different from that of the developers directly participating in those movements.)

Anyway, back to UI research: I am hopeful that if UI became a serious interest of scientific research, then some companies would choose to sponsor that research rather than waste resources on inefficient market research. However, this is something that might hypothetically happen in the future, not something that can be used now.

*Back on topic*

> I don't know what evidence you mean but indeed this is oversimplified. What I have heard (but I can't show evidence) for example is that Adobe is OK with piracy because it makes their products more popular.

The pdf I shared in my last post discusses the effect of filesharing on music sales and cites some sources. Since Adobe makes (or often just acquires) software rather than music, there might be some differences, but perhaps also some similarities. I don't know if there is the same correlation between gratis downloading of software and the purchase of software that there seems to be between gratis downloading of music and the purchase of music.

My main point about licensing though, is that since many users ignore licensing restrictions, their behavior and the fact that their behavior does not seem to have harmed the music industry, indicates that restrictive licenses may not be necessary to preserve this industry. However, this does not address the possibility that permissive licensing might be less viable for small companies than large companies. See "Possible Compromises" below.

> What is a dark pattern?

https://en.wikipedia.org/wiki/Dark_pattern

In general, it is an intentionally misleading UI decision. In the context of newsletters and mailing lists, it generally takes the form of counter-intuitive checkboxes or selectively visible buttons to trick users into subscribing to newsletters and/or to trick them out of unsubscribing, while still technically providing the ability to opt out in order to create the illusion of consent.

# Possible Compromises

There might be cases in which avoiding unethical practices is not always viable, or at least not viable for small companies, at this time. I don't think that this is always the case, but I'll accept the premise that it is sometimes the case in order to address what to do in that situation.

Some examples:

If I ran a business, I would not like the idea of having a Facebook presence, because Facebook is nasty for reasons I don't think I need to get into here. However, if I felt that a Facebook presence were necessary, I might attempt a compromise whereby I post on Facebook, but avoid posting any information so that it's *only* available on Facebook, and where possible link to another platform like my business's website or Mastodon account. This way, I am not guiding any users toward Facebook, and might guide a few toward alternative platforms.

If I had video series, I might have a YouTube channel, but upload the same videos to PeerTube, and encourage viewers to watch my videos on PeerTube or Invidious, and to generally watch YouTube videos on Invidious.

Mullvad VPN accepts several methods of payment with varying degrees of privacy, from cash to bitcoin to credit card to PayPal. This avoids losing customers only willing to use privacy-hostile methods of payment, while also offering privacy-conscious users a better option.

In general, my approach would be
* Do I *really* need to use this ethically problematic practice here? If not, i won't, but
* if so, can i provide at least provide a more ethical alternative as an *option* to customers?
* Is there anything i can do to communicate the importance of and encourage the use of the better option, in the hope that eventually I will no longer need to support the option with which I'm morally uncomfortable?
* Where no better option exists yet, is there anything I can do to support a better option, or at least keep myself informed so that when something is available I can be an early adopter. (Example: I'll use PayPal for now, but as soon as GNU Taler is operational I'll add it as a payment option. Once it's stable I'll heavily encourage it over PayPal, and hopefully I'll eventually be able to afford dropping PayPal support.)

zigote
Offline
Joined: 03/04/2019

> The promotional codes were meant to be an example of "ways to get information about demographics without invading the privacy of individuals."

How does a promotional code tell me anything about the demographics of the audience reached by the ad and the efficiency of the ad targeting? In case I am not missing something: The only possible demographics which I could get info about is those of the people who actually used the promo codes. But that can not give me a measure of what is their % compared to those who were reached by the ad, what is their demographics, at what day/hour the ad is most efficient etc.

> Another way would be through focus groups.

Do you mean specific audiences (e.g. "age 25-30, males, living in US") or anything else?

> Legally I think this is true, but I'm discussing ethics.

Then perhaps we should clarify what ethics is, i.e. what is right and wrong (and why).

As for consent: I would say there is nothing unethical in statistical data processing because the data is aggregated, i.e. it is not identifying. So creating a heatmap or a geo-map does not mean you are invading into anyone's privacy. This is very different from IoT devices watching how you move in your home 24/7 (which surely requires very well informed consent and limited usage).

Of course when it comes to explaining in a policy "We process this particular data for statistical purposes without identifying you" there is the element of trust, i.e. - I cannot possibly check what the actual software on the server is doing. I just have to trust someone's word about it. So how would you ensure ethics in that case?

> The moral thing to do is not always most the most convenient or efficient thing to do, which is why convenience and efficiency aren't the only values which inform research ethics.

That sounds too quick. Example: what is immoral in A/B testing the click rate of green vs blue button? Or of 2 different versions of the text on the button? You are not taking anything from the user. Why should that need consent, considering also that the purpose is to optimize an UI to make it easier for user? The final result would be the user spending less time and energy to find what he is looking for. When more users do it, then it would be possible to keep lower prices (as sales would be better). It is a win-win, not an exploitation. No?

> the ethics of research in psychology

From the link you shared:

"However, studies which are not expected to cause any harm, such as observing in a naturalistic environment, using anonymous questionnaires, or if permitted by the law, informed consent may not be necessary to be obtained."

While a website is not exactly "a naturalistic environment" nowadays it actually feels natural to people to browse the web. So we are not forcing anyone into it and there is no harm or risk involved in clicking a green or blue button.

Of course it all comes down to the intent: if the purpose of a psychological experiment is to create addiction or to encourage the user to skip reading an agreement text and simply click the more prominent "Yes" rather than the less prominent "No", then there is risk involved and a consent is necessary.

But that doesn't mean convenience (which is physical efficiency, doing more with less energy) is necessarily unethical. Example: you can open a web page by clicking a link or by typing commands. The later is surely more exhausting.

So ethics-wise - where do you draw the line? Based on what?

OT/

It seems to me we should discuss scientific research, ideals etc. Also UI optimization != market research.

Re. companies sponsoring open projects etc. - I think it is again part of brand awareness. When you are big you can afford things which others cannot. As of today the startups etc. aim to become big first and asap (which often results in failure), so they pile up money from all possible sources, try to conquer a territory, then work on keeping it and expanding it. It is no longer "start producing and expand your market". Today it is "own quickly as much as possible from what is available, then expand and destroy competition". How do you survive materially in this environment by sharing openly?

/OT

Dark patterns:

I see. Well, that is illegal (anti-GDPR) anyway.

> # Possible Compromises

Sounds rather theoretical :)

BTW another thing about permissive vs restrictive licenses which I was thinking about:

Suppose you sell photos or videos. Some of them may be of people for which you have received the written permission of the person to use his likeness commercially etc. If you sell this media with a permissive license ("do whatever you like") what protects the person from abuse? Normally stock media sites have explicit terms in their licenses which forbid any pornographic or defamatory usage. In that sense - a limited licenses is more ethical than the permissive one and based on it there can be legal defense. OTOH with a permissive license you are simply sacrificing the subject on the photo. What do you say about that?

chaosmonk

I am a member!

I am a translator!

Offline
Joined: 07/07/2017

Sorry, I was unclear and inaccurate with some of my terminology. It was late and I was tired.

> How does a promotional code tell me anything about the demographics of the audience reached by the ad and the efficiency of the ad targeting?

In this context, by "demographic" I meant "audience," treating "people who listen to this podcast" as a demographic. I didin't mean that the promo code gives you a demographic breakdown of the audience. And you're right that without knowing how many people heard that add what percentage responded to it. What you do know, is how much you spent on the ad, and whether you made your money back from sales using the promo code in the ad. I acknowledge that this data might only be accurate with a data size only feasible for large companies. I don't have evidence for or against that.

> > Another way would be through focus groups.

> Do you mean specific audiences (e.g. "age 25-30, males, living in US") or anything else?

Yes, that's what I mean.

*off topic*

> Research ethics

I keep spending more time on this thread than I can afford to, so I'm going to try to clarify the statements I've already made but won't respond to some of your points in this section right now, even though I think they are valid and worth discussing at another time.

Market/scientific were the wrong words. I'm not sure what the correct terminology would be for what I'm describing. Maybe public/private research is better, but I'm not just talking about access. I think trying to frame this dichotomy just confused things instead of clarifying, so never mind that.

> As for consent: I would say there is nothing unethical in statistical data processing because the data is aggregated, i.e. it is not identifying.

Anonymous data collection is fine on its own. It's completely passive and doesn't affect the user. You're not running an experiment until you start making changes that affect the user in order to test a hypothesis. This is not always unethical either, and as you point out in same cases might not even require informed consent by the APA's standards. These aren't the cases I'm talking about.

> While a website is not exactly "a naturalistic environment" nowadays it actually feels natural to people to browse the web. So we are not forcing anyone into it and there is no harm or risk involved in clicking a green or blue button.

"Naturalistic" has a specific meaning in the context of research. If the environment is created or manipulated by the observer then it is not a naturalistic environment, so a website controlled by the observer does not qualify.

https://en.wikipedia.org/wiki/Naturalistic_observation

However, I agree that there *might* be no harm or risk in clicking a green or blue button. One thing that matters is, as you say, intent. Is this a button that a user might consciously want to click (such as a link to a "contact" page) and the website wants to make sure the user can find it, or is it a button that the user might or might not choose to click and the website wants to influence their decision? The website is using this information to inform and change how the site works. This means that users of the site are potentially (if they return to the site) *affected* by the outcome of the A/B testing, so it's not enough to assess whether clicking the button is harmful on its own. Without a clear boundary between user and subject, the outcome of the experiment for users needs to be considered when determining whether informed consent is necessary for subjects.

> So ethics-wise - where do you draw the line? Based on what?

It's pretty tricky, given problems like the lack of boundaries between user/subject, usage/experiment, etc. and the conflict of interest that occurs when a researcher (the website in this case) has a commercial interest in the outcome of an experiement. Legislators should consult science ethicists.

At some point in the futre I'd like to start a thread to have a larger discussion about this, but I don't have time to get into it further atm.

*still off topic*

> Re. companies sponsoring open projects etc. - I think it is again part of brand awareness.

That's definitely a huge part of it, but companies also use a lot of free software themselves, especially Linux, so it is in their interest to see it improve it, even if it does not give them a competitive edge over anyone else and they instead have to compete in other ways (like coming up with a new innovation).

*back on topic*

> Dark patterns:

> I see. Well, that is illegal (anti-GDPR) anyway.

I still see it all the time, although perhaps it has gotten better post-GDPR. I hope so. The worst experience I've ever had with dark patterns was when (pre-GDPR) I decided to delete my Facebook account. This was a while ago, but here's how I remember it.

First, Facebook's account page did advertise an option to disable my account, but gave no obvious indication that it was even *possible* to delete the account. I'm sure that most users stop there, disable rather than delete.

As I kept digging through options and settings, I found references to deleting ones account, but the distinction between deleting and disabling (whether or not your data is deleted from FB's servers) was obfuscated, and I kept being presented with a highly visible option to disable.

Finally, believing that I had scoured the entire interface, I did a web search, and finally found a link from a *third-party site* to the page on facebook.com where I could delete my account. Maybe Facebook linked to that page *somewhere* on their own site, but I spent at least 20 minutes trying and couldn't find it.

This definitely seems like it would be a GDPR violation today. I hope they've changed it since.

> > # Possible Compromises

> Sounds rather theoretical :)

I meant "possible" as in "potentially desirable," not as in "potentially feasible."

> Normally stock media sites have explicit terms in their licenses which forbid any pornographic or defamatory usage.

This is a pretty interesting question. My (very very limited) understanding is that personality rights are distinct from copyright, and therefore *might* be outside the scope of a permissive or copyleft license to enforce. However, IANAL, and the only legal case around this issue that I'm aware of was thrown out without a verdict.

https://en.wikipedia.org/wiki/Creative_Commons_license#Virgin_Mobile

zigote
Offline
Joined: 03/04/2019

Thanks for clarifying.

# promo codes

So as it seems this cannot be a basis of any optimization of the marketing expenses. Perhaps the only thing it can serve is to know which customer came through which campaign but nothing more.

Then the question still is: how does one target the right (interested) people without spamming the others with irrelevant ads?

# focus groups

Alright, this might be the answer. That is what Facebook and Google ads allow - targeting people based on demographics. Even more - based on their interests. Obviously to be able to offer that those advertisement platforms need to get the information about the audience somehow. Still that is considered unethical.

Then the logical question is: if it is right to deliver the proper info to the proper audience without spamming everyone else with it, why is it at the same time wrong to get the information necessary about it? It can't be right and wrong at the same time. What is the answer to that?

> *off topic*

(actually UI optimization is part of the topic)

> "Naturalistic"

It seems non quite scientific because in science you cannot observe anything without changing it:

https://en.wikipedia.org/wiki/Observer_effect_(physics)

This principle applies not only to physics but also to psychology (and here we talk psychology of the UI). It is impossible to study the reaction to a stimulus without the stimulus. Even less - when it comes down to a complex combination/sequence of stimuli. Waiting for a stimulus to occur in a "naturalistic" way may need a long time or may be impossible - the green button won't turn into a blue one by itself.

# intent; where one draws the line

> At some point in the futre I'd like to start a thread to have a larger discussion about this, but I don't have time to get into it further atm.

Yes, this seems important to go into. Whenever you have time - please open such thread and link it here.

# Dark patterns, GDPR, FB

My observation (as someone who has read the whole GDPR) is that most sites have simply tailored their terms so that the language sounds GDPR compliant but they are not actually compliant (very few are). Even kernel.org is not. I don't think that trisquel.info is GDPR compliant either.

As for FB AFAIK today it works like this: you disable the account, then if you don't use it for 90 days it gets deleted.

> My (very very limited) understanding is that personality rights are distinct from copyright, and therefore *might* be outside the scope of a permissive or copyleft license to enforce.

A license is a permission. You can't give permission if you have not been given one. What I am talking about is not about copyright at all. It is about allowing the end user to do anything with the image. I happen to know a few photographers and also from what I have seen on stock sites: the subjects on the photo would give permission through a model release:

https://contributors.gettyimages.com/article_public.aspx?article_id=3069#1

but the release itself also forbids pornographic and defamatory use. So there seem to be 2 options:

a. use a non-standard model release requiring permissions also for pornographic and defamatory use (which may be both illegal and unethical + unlikely to be signed by anyone) and then based on that wrong basis - grant further those rights to the end user through a permissive license

b. limited license (legal but we are questioning the ethics of it)

> Virgin_Mobile

In this story no release has been signed at all. For minors a parent signature is required. So definitely illegal + unethical.

BTW as you can see on Getty's article, there are also releases - one can't shoot a trademarked design and sell the image with a permissive license (it would be illegal).

I am starting to question if the ethical is possible or there is just a lot of critique against various unethical things. Perhaps to answer that we should really go into what is right and wrong. (maybe in that new thread when you have time)

chaosmonk

I am a member!

I am a translator!

Offline
Joined: 07/07/2017

I need to take a break from this thread, but thanks for the discussion. :)

chaosmonk

I am a member!

I am a translator!

Offline
Joined: 07/07/2017

One last thing though. If it's not too much trouble, could you submit an issue[1] regarding the things you think are GDPR violations? For reference, here is Trisquel's privacy policy[2] and a description of the changes[3] that have been made so far in response to GDPR.

[1] https://trisquel.info/en/project/issues
[2] https://trisquel.info/en/privacy
[3] https://trisquel.info/en/forum/about-our-changes-better-comply-gdpr

zigote
Offline
Joined: 03/04/2019
chaosmonk

I am a member!

I am a translator!

Offline
Joined: 07/07/2017

Thanks.

zigote
Offline
Joined: 03/04/2019

Well, no need to thank me for anything.
Unfortunately many of the questions remain unanswered, so when you have time we can talk more.

chaosmonk

I am a member!

I am a translator!

Offline
Joined: 07/07/2017

> Unfortunately many of the questions remain unanswered, so when you have time we can talk more.

I agree, but that's the challenge for me with freedom-misc. These discussions are important so I want to participate, but these issues are so complex that it takes a lot of discussion to reach a conclusion, and before I know it I'm spending hours writing forum posts that I should be spending on meeting my upcoming deadlines. I need to take a break from freedom-misc and stick to trisquel-users until I have more time to spare.

Libreshop
Offline
Joined: 10/27/2018

Based on your answers.

I think a good approach would be starting from CrowdSourcing on Free Platforms.
Those CrowdSoursing platforms have their own tracking/ads/...
-> So most of my previous answers are eliminated :)

So you will know upfront if you are going to make profit or not.
Is your digital media is going to be a success, do people want to support you
by paying what you are asking for...

zigote
Offline
Joined: 03/04/2019

So your answer to everything is that one can wash one's hands by letting someone else do the unethical part? How is that ethical?

Libreshop
Offline
Joined: 10/27/2018

No that's not what I say.
I'm not great with words, or to find the right words like chaosmonk did in his answer.

If you don't want to use FB because it is unethical, that's fine, but you are shrinking your possible customer base to Free Platforms. (it's a decision you make as the shop owner).
If you do create FB account just for your digital media to become popular, and refer them to use other platforms, so you are maybe convincing others about the free ideology.
Even if you don't have the FB account, but someone buys your digital media and refers it to it's friends on FB, what do you think about that?
I'm not refering someone to create FB account.

CrowdFunding is not letting someone else do the unethical part.
Those platforms are well-known by communities, so they can do some analytics(and opensource it) and you are doing your market research upfront without investing yourself to much in the research.

I feel frustrated about it too, but there isn't a free alternative to every platform, and when you want to start a business, for a beginner it really is hard...

My answer not to everything but here is
If you want to do something and there is a Free(dom) way, just do it.
If there isn't, and you can get help, use that help.
If the help doesn't feel right, try to create it yourself
If that's a lot of work, review your project again

zigote
Offline
Joined: 03/04/2019

> Free Platforms
> CrowdFunding

I don't understand what you mean by those two (although I know the general meanings of the words). I don't understand perhaps because of the letter case. Are these some brand names or what?

> Even if you don't have the FB account, but someone buys your digital media and refers it to it's friends on FB, what do you think about that?

I don't drink alcohol and don't go to pubs. That doesn't mean people don't get drunk in pubs every day.

> If you do create FB account just for your digital media to become popular, and refer them to use other platforms, so you are maybe convincing others about the free ideology.

Why should I get drunk in order to convince others to stop drinking?

> there isn't a free alternative to every platform

This is getting more confusing. This word "free(dom)" seems somewhat poisoned and used in various contexts not saying really anything. Here I would like to find out the ethical way. Whether something is gratis is not the chief concern. Also the "free" in the FOSS sense is not quite the essence here although it may have a place in the whole picture. So please try to be clearer. Otherwise I just can't understand you.

Libreshop
Offline
Joined: 10/27/2018

> I don't understand what you mean by those two (although I know the general meanings of the words). I don't understand perhaps because of the letter case. Are these some brand names or what?

CrowdSourcing or CrowdFunding = you put your project(which isn't in production yet) on a page(for example kickstarter) and you put a target and people pay you upfront, and comment on your project, if you achieve your target by deadline, you get the money and start producing your product, if you don't, people who send you money, will receive their money back, so you know, that not many people are interested in the project.

Free platforms = Mastadon, freenode irc channel, CrowdSupply, your own social media services, Trisquel/Parabola forums, ...

> I don't drink alcohol and don't go to pubs. That doesn't mean people don't get drunk in pubs every day.

My question here was: You are against the pubs, because people(not all) get drunk and do stupid things or doesn't know the dangers of it. But you sing in a public park only, and someone who listened your song goes in the evening to a pub and talks about your song to his friends. What do you think of that?

> Why should I get drunk in order to convince others to stop drinking?

You don't go to the pub to be drunk, you go there to sing and while you meet people, you convince them to go to public parks where you feel more comfortable.

> This is getting more confusing. This word "free(dom)" seems somewhat poisoned and used in various contexts not saying really anything. Here I would like to find out the ethical way. Whether something is gratis is not the chief concern. Also the "free" in the FOSS sense is not quite the essence here although it may have a place in the whole picture. So please try to be clearer. Otherwise I just can't understand you.

To be honest, I agree that the use of the word "Free(dom)" is confusing. But I was refering mostly on Licensing terms(GPL, Mit/Expat,...)

zigote
Offline
Joined: 03/04/2019

OK, so you just used a fancy letter case and the meaning is what I thought previously. Thanks for confirming. I don't see how your suggestions can be used in the context of this thread though.

To answer your question:

Everyone is free to do whatever one likes - even the most stupid thing. This is not freedom, just permissiveness. What I think doesn't matter much for others. You can change only yourself.

Libreshop
Offline
Joined: 10/27/2018

Srry, for my use of fancy letter case, I also develop code, so I use the CamelCase(or "fancy letter case") a lot, that't the reason that on my post I also use it. I will try to use it less in forums I post. Thanks for pointing this out :) (it's an improvement for me to do)

I think my answer is mostly based on from software point of view, I need to change it too.
I started from that point of view, tried to steer my answer toward Digital Media after your reply, maybe I didn't steer to well.
Maybe because I try to answer all of the questions all together, I should focus on 1 question at a time :), and think thoroughly about that question instead of all the question at the same time.

But I understand your point of view.
Correct me if I'm wrong, the discussion is about: What is the ethical way of doing profitable business and what are the limits we are facing today?

Thank for sharing this thread and I really like to see more threads like this and also more people get involved, so maybe we have more and overlapping point of views, where we can understand each other better.

But I think, I should stop here, trying to explain my point of view, as I'm wandering to off-topic subjects :)

Btw, I don't know if others have noticed, but there is a note next to +- "Please use the rating system to mark posts that go against the Community Guidelines", please use it correctly. Nothing in this thread was against the Community Guidelines.

Thanks for the discussion :)

zigote
Offline
Joined: 03/04/2019

> Correct me if I'm wrong, the discussion is about: What is the ethical way of doing profitable business and what are the limits we are facing today?

Just read the OP :)

In case it has not become clear by now:

Yes, it is about digital media (not software).

No, it is not about limits but about the actual possibilities.

ADFENO
Offline
Joined: 12/31/2012

One way to tracking inside the website/store is to have access to some logging facility that tells parseable details (a .CSV file perhaps?) at least related to the following:

* IP address: can be faked through proxies, VPNs, Tor and other means. However, if the address doesn't change that frequently (which I agree that the high frequency can happen, but still worth a try), one can hash/or encrypt it before passing it to the date/time analysis (see next point), thus making a token which is a little harder to deanonymize. One per request.

* Request date and time: can be used to calculate how much time one takes to go from one to other location. The calculation just mentioned can be inaccurate as some people might go to first page, get out from the front of the computer for long time, then go to second page. One per request.

* Location destination: user can't fake if page location doesn't change according to session variables. Only one per request.

* Referer: user can remove or fake with settings or extensions. Zero or one value.

* GET and HEAD query/request key-value lists: can be easily changed by the user since they can remove those from the URI itself. Zero or more key-value pairs.

* POST query/request key-value lists: same as the previous one, but harder to remove for most users since they need to edit the request or to know where to do so. Zero or more key-value pairs.

The .CSV file can be used if you have a way to prefix the request's key part with the request's method name, otherwise, the .CSV solution might not be ideal since you must use commas according to the standard, besides the CR+LF/"Windows" ("\r\n") line endings. And you *might* want to split key-value pairs also with commas for better analysis.

I didn't implement none of these suggestions since I have no need to, but its just an idea. Next step is how to do outreach and find ways to make the user opt out.

--
- Página com formas de contato:
https://libreplanet.org/wiki/User:Adfeno#vCard
- Ativista do software livre (não confundir com o gratuito). Avaliador
da liberdade de software e de sites.
- Página com lista de contribuições:
https://libreplanet.org/wiki/User:Adfeno#Contribs
- Para uso em escritórios e trabalhos, favor enviar arquivos do padrão
internacional OpenDocument/ODF 1.2 (ISO/IEC 26300-1:2015 e
correlatos). São os .odt/.ods/.odp/odg. O LibreOffice é a suíte de
escritório recomendada para editar tais arquivos.
- Para outros formatos de arquivos, veja:
https://libreplanet.org/wiki/User:Adfeno#Arquivos
- Gosta do meu trabalho? Contrate-me ou doe algo para mim!
https://libreplanet.org/wiki/User:Adfeno#Suporte
- Use comunicações sociais federadas padronizadas, onde o "social"
permanece independente do fornecedor. #DeleteWhatsApp. Use #XMPP
(https://libreplanet.org/wiki/XMPP.pt), #DeleteFacebook
#DeleteInstagram #DeleteTwitter #DeleteYouTube. Use #ActivityPub via
#Mastodon (https://joinmastodon.org/).
- #DeleteNetflix #CancelNetflix. Evite #DRM:
https://www.defectivebydesign.org/

zigote
Offline
Joined: 03/04/2019

The essential question here is how to approach the whole thing ethically (incl. what is considered ethical and why), not the technical implementation.

Masaru Suzuqi -under review-
Offline
Joined: 06/06/2018

It seems that it is better that you should define the word ethical first. The General who commanded the nuclear attack was seriously considering himself to be ethical. Can a peep be ethical?

zigote
Offline
Joined: 03/04/2019

We reached this point more than once, so let's talk about it in another thread (as it is too big itself), then we can return:

https://trisquel.info/en/forum/what-ethical