Personal Data Storage Is an Idea Whose Time Has Come
Posted3 months agoActive3 months ago
blog.muni.townTechstoryHigh profile
calmmixed
Debate
80/100
Personal Data StorageData OwnershipDecentralization
Key topics
Personal Data Storage
Data Ownership
Decentralization
The article discusses the concept of personal data storage, where individuals have control over their own data, and the HN community debates its feasibility, incentives, and potential impact.
Snapshot generated from the HN discussion
Discussion Activity
Very active discussionFirst comment
1h
Peak period
59
3-6h
Avg / period
14.5
Comment distribution160 data points
Loading chart...
Based on 160 loaded comments
Key moments
- 01Story posted
Oct 5, 2025 at 5:07 AM EDT
3 months ago
Step 01 - 02First comment
Oct 5, 2025 at 6:20 AM EDT
1h after posting
Step 02 - 03Peak activity
59 comments in 3-6h
Hottest window of the conversation
Step 03 - 04Latest activity
Oct 7, 2025 at 3:53 AM EDT
3 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
ID: 45480106Type: storyLast synced: 11/20/2025, 8:23:06 PM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
Most companies have no incentive to let you hold your data when they can just hold it for you.
If they do this they can mine it for data to improve their product as well as sell or otherwise indirectly profit from it. And, it's easier.
Also, while the market for privacy focused products isnt nothing, the number of people willing to pay a lot extra to compensate for the missed opportunities companies get by collecting your data is, i think, smaller than many people imagine. Which is sad.
I think the only way it will grow to an appreciable size is by seeing up close and personal what a really vicious stasi-like secret police does with dragnet surveillance and come out the other side, with scars. I believe we've only seen a small taste of this.
Most people have no incentive of owning their data. Otherwise the companies which don't give you that would die out because people wouldn't use them if they cared.
Same fallacy as believing smartphones are giant and with non-user swappable batteries because somehow smartphone making companies are forcing this on the market, instead of the real reason which is that it's what consumers want.
Consumers want what they're told to want by a constant barrage of commercial propaganda.
Devices are large and non-serviceable because this way they can be sold with a higher profit margin. Side effect being that the larger screens make the embedded commercial propaganda more effective and easy to deliver.
I agree that people don't care enough about owning their data for it to matter more than what the companies want to push, which is of course monetizing the data and maximizing user lock-in.
Similarly, I think it's in the companies' interests to use non-swappable batteries: simpler and cheaper to manufacture (I think this is the main reason) and the device is made obsolete earlier which is an added bonus. Maybe small improvements in size etc., but that's a very small difference. Modern phones are already larger even with non-swappable batteries so I'm not sure it mattered. But again, having a non-swappable battery has to be weighed against other features, and availability of alternatives. In the end, people just care more about the other features, even though swappable battery would be a good thing.
Just to conclude: I don't believe markets work to fully cater to what customers actually want. It's more like customers (and other parties) get a compromise between what different parties in the market want.
People want vendor lock in...otherwise they wouldnt pay for it.
People want bait and switch sales tactics...otherwise they wouldnt work.
People are perfectly fine with high rents...if they didnt, they would not pay them.
People want their smartphones to be deliberately slowed down when they get old...otherwise theyd vote against it with their wallet.
I'm still hoping they release an Apple TV Pro with fully local LLM capability that's shared with everyone in the family - adding a few TB of disk space to it for local data storage and backups wouldn't be a massive thing.
This is understating it honestly.
The software industry has become completely reliant on renting data access back to users to maintain subscription revenue. One effect of this is it has devalued the actual software in the eyes of users to such a degree that virtually no one will pay for alternatives, certainly not enough to compensate the development cost.
that's why we all need to exercise our rights and freedoms. I'm scared that if we fail to do this in next few years. And let the AI be used in similar ways like it has been used to create social media algorithms. Then we are all fucked!
Whoever owns your AI owns you, so it better be you who owns it!
Well, either that or someone else hosting their identity (see did:plc), which seems to be the part you say should exist?
Probably DNS is the most decentralized centralized system we have available today that most people can actually use, unless I'm missing some obviously better way of doing the same thing?
Wouldn't that turn into did:plc:facebook all over again?
But from a practical point of view a decentralised system should not rely on domain name ownership. Any computer can generate a private/public key pair, which is all you need for identify.
Right, but once you've generated those, then what? You need a global registry of sorts so people can lookup each others keys for example, which is why DNS kind of is the best we have available today.
I don't think there is any perfect solution here, but it's hard to come up with something that has better trade-offs than DNS. Sure, ICANN might be based in the US, but so far DNS been relatively safe to rely on, and if ends up not reliable in the future, I'm not sure social media profiles is the biggest worry at that point.
It is true that full data sovereignty isn't something most people are interested in, but this is more about a cooperative model for data ownership and access. Having your data identifier be JackDaniels@yahoo.com isn't particularly different from it being jackdaniels.is.technically.bourbon.com. In both cases another organization owns some of the path to your identifier and could potentially lock you out of it. In both cases, verizon is near the top of that list (.com).
As far as the domain name system being centralized, I'm not sure I agree. DNS is like a feudal system with hundreds of kings (top level domains) who all work together with one pope (ICANN), and various lords and ladies occupying positions under those kings. If ICANN goes completely bonkers the kings can get a new pope, some of them are literally sovereign because they are nation states. Just for fun, some of those states are ruled by literal kings, too. There are experiments to run a TLD by Decentralized Autonomous Organization (DAO), but I think for the most part nobody really cares because the current system happens to work pretty OK. If you have an idea for a more decentralized way to organize a namespace that doesn't involve your grandmother typing in a massive UUID or onion address, and doesn't result in someone being able to domain squat literally everything; I would love to hear about it.
> foo.bar.baz.bim.bim.bap.com
is owned by the owner of bap.com, under the current system.
Top level domains can change pricing, terms, or cease operation. Freenom is a great case study, as they previously operated TLDs. At the edges, a well-operated subdomain service could offer stronger ownership-like behavior than a top level domain.
DNS is not perfect but I think the best we have for now.
That is something that could be feathered in gradually -- your country, region, city, neighbourhood, etc could have their own domains, and you could be anon237@milan.italy or whatever, until you find it necessary or inspiring to obtain your own domain.
This idea is an incremental improvement over "everyone is posting x.com"
We can work to make DNS /ICANN et.al. more democratically operated and people-owned while at the same time devising wholly alternate paradigms like Handshake and similar: https://blog.webb.page/2025-08-21-dap-the-handshake-successo...
- Who can see my personal data storage posts? Can someone with Twitter see them?
- No, but you'll own your data
- Bye
So maybe start with something which backs-up what you post on Twitter/Instagram/Discord to your personal data storage through APIs/data export.... This has no downside if it's easy to "activate"
also your government, your service providers and many other entities are creating data on your behalf
People getting into Solid and ATproto today are like people using own XMPP servers decades ago, or Mastodon years ago, or Matrix. Some projects like that will succeed, others will fade. But one day, you won't be able to post to Discord due to some policy changes and you'll have to reevaluate options.
Also, you can't backup from Twitter anymore. Or Discord. Or google photos. Or many others - they cut off that option once they're big enough.
I've been waiting a long time. Over that time, the closed services have only gotten more popular and no regular person is ever complaining that they are "hostile".
Regular people don't like ads, but they dislike paying even more, so they're pretty OK with the status quo. They certainly don't want to be paying for a domain name and paying for hosting.
The irony of ad supported free services is that if you just let the advertisers pay you directly for eyeball time then paid for your services, it'd be better for you financially while keeping the web pure outside of the "paid to consume ads" app.
There are SO MANY bots on both Twitter and Instagram that a legit developer shouldn't have any issues automating posts.
Discord is a bit harder, you an post as a "bot" easily, but if you want the posts coming from your actual user, you need to poke the actual client.
> the platforms should be asking us what kinds of data they may copy from our servers, and only with strictly temporary allowances.
Until practical homomorphic encryption arrives, I don't see how this temporariness can be enforced. If we rely on promises or regulation instead of the technical ability to enforce this, how is that any better than today's social media companies promising not to do anything bad with the data they have on us?
Aka: I agree it can’t be dine with technology; it has to be done with regulation, and the EU example already models a lot of it.
price of intelligence is dropping day by day like it or not, sooner or later price incentives for someone to host such social media experience could become financially viable
We have not solved decentralisation in an accessible and useful way yet, and the incentives won’t change until we do. If ever.
Even today, I doubt I could get anyone to just give me a smartphone.
So the next best thing is trying to operate in the constraints that apply, such as most people being unwilling to learn new things and going down the path of least resistance.
That some people don't want to spend time learning the thing that you happen to find interesting doesn't mean they're wasting their lives.
There was no choice but to use someone else’s computers for moving around large files. Plus CGNAT and whatnot making people have to use dynamic DNS. If a turnkey solution could have existed 20 years ago, maybe a market for it would have developed before the big companies locked it down.
Even if I’m wildly in favor of user control over data, I’d venture to say that there still is no choice but to use someone else’s computers, and not just for performance reasons. If applications have to gather every individual user’s data that gets shown to another user from somewhere outside their servers every time, won’t reliability and consistency and UX likely become nonexistent, in addition to the unusable performance?
Decentralized does not need to be slow like that. And very limited upload does get to be a problem if you want more than a couple people/servers to be able to access your media posts at the same time.
The person you replied to is assuming a reasonable distributed system.
But self-hosting machines are susceptible to the "I can only upload pictures and videos at 5-10mbps" problem. That requires more difficult peer-to-peer systems.
The first problem only requires getting small bits of data onto the same machine. The second problem requires getting large amounts of data onto many machines. Or reasonably symmetrical upload speeds.
I, and many like me, would pay for centralised service or any other service if it meant that we own our data and can tune the algorithms to our own preferences. I wont pay for doom scrolling, but would gladly pay for algorithm to serve me content that would better my human experience.
Governments have given corporation to much power, people need to rise up agains that, if it remains the same in AI age, we humans, and our collective mind would erode to the point of no return.
Unequivocally, users water plants that deliver in demand fruit while being most convenient and cheapest.
So, why can't I have that?
During my standard install of my favourite distro, I would only need to enter my name, subdomain and email password for everything to be magically installed, so I have a standard web site, some file sharing and email out of the box.
However, it would take me a fortnight to get this setup and I wouldn't have a clue how the email actually worked, if it worked. This wouldn't be my first rodeo either, so I wouldn't be starting entirely from scratch. I am also sure that there are some that have setup umpteen virtual linux machines that they could get everything done by tea-time.
Whether two hours or two weeks, it is still not that much work in the bigger scheme of things, which makes me wonder, why haven't I got some all-singing and all-dancing bash script that automates the whole process? But why has nobody else done it either, to make it fully open source and as easy to obtain as it can be?
Also, why can't I buy a glorified router box that does all of this? It could take the mainboard and power circuitry from any laptop, and, out the box, provide a decent web server, mail server and whatever else.
There is a suspicious absence of products in this space.
Step 0 is to secure that box, as routers are obvious targets, even before they have self-hosted data. There are some products based on RPi, NAS and router form factors.
> suspicious absence of products in this space
Earlier efforts:
Active OSS projects include Proxmox (https://community-scripts.github.io/ProxmoxVE/), Paperless-NGX (docs), Immich (photos), NextCloud and others, https://github.com/awesome-selfhosted/awesome-selfhostedAs for security, it is all a bit meh. If you have a box that only runs https: with no other ports open, you are half the way there. If you are just running static pages then you are done. If you run a NextCloud type of beast then you are opening things up, but my hunch is that it works just fine with nobody losing sleep on it.
Plex is obviously not true self hosting, but it’s a lot closer to it than a Netflix subscription, and the number of people who I do not consider very tech savvy who have not only been joining other people servers but trying to set up their own is staggering lately. And they’re not simply doing it because they want free movies or something. A lot of them have done it for the same reason I initially started: their kids.
I am concerned about the media that is put in front of my kids. I care about what shows they are watching. Kids are going to get their hands on screens there almost is no getting around it, so I would rather not trust YouTube et al with deciding what my kids do and don’t see. I can’t realistically be there to catch literally everything they watch, but if they’re using my server I know they only have access to a certain Library at all times so I can rest a lot easier. In a lot of ways I imagine this is how our parents felt when we were kids. On cable television growing up there were only so many “weird” or troubling things that could pop up, definitely nothing as extreme as we see today, and you could be reasonably aware of what most of those things were and know what channels to forbid/what times your kids should not have free access to the TV.
I found a lot of other parents feel the same way here. They’re just tired of feeling like the Internet is such an incredibly hostile place and want to find ways to take a little power back into their own hands.
I don’t know hopefully something useful popped up in that rant above. I have a lot of disjointed thoughts about this I really haven’t been able to bring together.
I started with CasaOS and Jellyfin. Quickly outgrew Casa and moved to learning Docker and setting up my own container stack, moving from media self-hosting to adding new containers of stuff like budgeting apps. I’m still working on building out my server but every container I add, the goal is basically to self-host a version of something I’m doing on a centralized service on the web and ultimately take my data and privacy back.
I will say some peoples’ elitist attitudes about stuff can be annoying and discouraging; it’s the same general spillover attitude from the Linux supremacy crowd. When I started with Casa I had someone basically tell me I was wasting my time and if I wasn’t running everything in VMs why bother. Which is entirely the opposite attitude to get “normies” and low technical literacy people on board, they need easy one-click install solutions like CasaOS. And if they decide to move onto something more complex, well I’m sure they can figure out how to reimage and rebuild their server in ProxMox or Docker as part of that.
Definitely agree about the elitist attitude problem. The amount of people who dunk on people for using Plex when I think it’s a fantastic jumping off point for true self hosting…it’s just so unnecessary and becomes a missed opportunity.
And I still don't get the "VM for everything" crowd. Why would you do that when you have containers?
It's much simpler and lighter. Any 200€ old corporate PC can run a dozen containers easily. What it can't do is run that same stuff in 12 VMs.
I don't see how this follows. The moment you create/share data with a site, what's to prevent them from reselling it?
The only thing this seems to attempt to solve is portability/interop (and moving control of and responsibility for blocking/moderation/spam to users rather than sites).
I don't see how it helps at all with privacy or you "controlling" who gets your data. If you give it to site A but not data collector B, what's preventing A from selling it to B? As far as I can tell, the situation will remain identical to how it is today.
Your data will never be in one place unless you never share it. The moment you use it with other sites or services, it is stored there too, out of your control.
If I can clearly assert origin and personal ownership of my data, I can forbid further reselling of it.
EU legislation shows that we can actually have the right to demand that a company forgets about us. Asserting such rights become easier the more accurately we define what data is ours.
Can you? A site's TOS will say that by sharing your data, you grant them the right to display, reuse and redistribute it, the same as you do now. And that would take precedence because your host provided the data. They requested and you provided.
The only thing that would change that is actual legislation. But then the legislation is orthogonal to personal data storage. If you want legislation for that, pursue legislation for that. Personal data storage is completely separate, and the two shouldn't be confused with each other.
I mean, a TOS could be written that way. But they're generally not, because companies don't want to self-impose limits like that.
The TOS usually has something like "grant the platform a perpetual, worldwide, royalty-free, non-exclusive license to host, display, distribute, modify, and otherwise use that content in connection with the service".
See the word "perpetual"? That's standard.
It sounded to me like you were making a general statement about TOS's.
All that is much, much better than what we have now.
But it doesn't? Obviously every site's TOS will say that by providing them with your data they can use it for all sorts of purposes. If you sued, you'd lose.
And you're generally going to want to make your data available to the various services requesting it, because otherwise most people won't see your posts and comments on their preferred platform.
Facebook couldn't enforce a TOS because the hosting user had never gone to facebook.com and created an account, so the user never agreed to a contract. But a user couldn't enforce a TOS either because the crawling was automated, so Facebook wouldn't be agreeing to a contract either. But Facebook would be allowed to use the data because that's what a user is inviting by making it publicly available to crawlers and not doing anything to restrict access to Facebook.
also by having ability to enable/disable access to your data, you have the power of who gets what and for which purpose
also reselling of your data should become illegal to start with, would you be OKAY if your lawyer sells your data? or your colorectal surgeon? off course not, we have laws in place for that, and same laws should be applied to whoever handles your personal data
Not true -- advertising profiles are vastly more valuable when based on a lifetime of data.
> also by having ability to enable/disable access to your data, you have the power of who gets what
But realistically, when are you ever going to disable access? If you want people to be able to read your replies no matter what social network they're using, you're going to make those replies available to every social network.
> and for which purpose also reselling of your data should become illegal to start with
This is my point. The solution here is legal, not technological. Personal data storage doesn't change anything legally, and changing the law would prevent reselling even if you didn't have personal data storage.
It seems important not to confuse the two, in order not to give people false hopes.
Solid idea is more in line with revolution and demand for our representatives to give their people internet that can push the humanity forward, and not just let us waist countless hours on doom scrolling.
When Meta (or any other company) decides to destroy them, they go away forever. You have no "control" over it.
https://indieweb.org/POSSE is the way to go.
You want to write a long post on a 3rd party platform? Write it on your own device, that you control. Then you save it, copy the content and post wherever you like.
If your 3rd party blogging or social media platform goes tits up and everything disppears, you still have your own copy you can just Ctrl-C Ctrl-V anywhere.
You can go as fancy with this as you like, depending on your nerd-level. You can have a self-hosted N8N system that automatically reposts everything to new sites you add to the flow. Or you can just have your stuff in a directory in Obsidian.
The trouble isn't a lack of the right technologies - I'd argue it's a problem in the go-to-market strategy of those building these products/technologies.
Ideas flow along lines carved out by power/influence. Facebook's early strategy was to start with restricting its usage to people at Harvard University - arguably a highly influential institution - and then expand outwards to other highly influential institutions. Only once the "who's who" from those institutions were already onboard did they let down the walls to allow us plebs in, and we all rushed in head-first.
X's current strategy leverages Musk's visibility and influence (for better or worse).
Get the most prominent influencers onboard with your decentralized social network, and others will follow (dramatically easier said than done, of course). But without a significant contingent of influencers/powerful people, your network's DoA.
That's sort of a contradiction, no? Or at least it assumes transplanting the same mechanisms into a new milieu -- which I argue is something to leave behind, because it's those very mechanisms that have ruined the current internet.
I think instead of tapping into the same addictive attention economy schemes, the distributed / decentralized socials could onboard people en-masse by providing what's missing there, and filling a real need.
Meanwhile - Nothing changes, everything generally gets worse and younger generations come into the world with no memories of the 90s internet or the world before mobile devices or surveillence everywhere.
Applying for a job or apartment or anything today means creating endless pointless copies of your pesonal information in databases across the world that will eventually be neglected, hacked, exploited, sold off etc
I dont know the way out if there is one, I guess we can keep fantasizing and thinking about it. It just feels like it would be easier to get the earth to start spinning the other way sometimes.
Don't get me wrong, I'm in the tech industry and generally more online then likely 95% of the population, but ime ... Nobody even knows what bluesky is?
(They also don't know what X is, though they DO know what Twitter is)
And even more niche products like mostodon, the fediverse altogether etc are entirely unknown to most of the tech industry too.
For example Twitter and Facebook didn’t result in a bunch of Democracies springing up after the Arab Spring, it resulted in the complete opposite. Tech simply amplifies the culture that was already there.
I know the topic of mental health and social media is different from the topic of independence vs the monolithic web. But that doesn’t mean that there isn’t significant overlap in terms of those who are willing to boycott Meta for privacy reasons are also the kinds of people who likely dislike social media for other societal reasons too.
This is a victim fantasy, and if being under intense attack from the state meant you were rebelling against the authoritarian system, then you would be capping for Parler, Gab, X and Tiktok. Bluesky, however, is only under attack from its own users, who are authoritarian trolls. At least the management seem to be getting sick of them, because it is actively inhibiting their growth* that they've been used as a base for the angriest, most entitled, least interesting people on the planet. It must be hell trying to manage a site filled with people demanding to speak to the manager.
It is also just a centralized twitter clone backed by VC looking for a return; not a revolution.
[*] Of course, it was their strategy to cater to that group because of all the free advertising they'd get from the media. But it had and has nothing to do with Dorsey's hopeful redemption arc, which was only about decentralization (i.e. not having speech under the control of people like him) and resilience. Bluesky was supposed to be bittorrent.
That feels like something that could displace other social media in a way that's difficult for for-profit businesses to replicate since it goes against every product manager's instinct to leave engagement on the table, and would stand in stark contrast to the current social media landscape.
I suppose social subscriptions have to overcome network effects and a plethora of “free” alternatives - ranging from iMessage to facebook.
So the idea of paying for the infrastructure needed to see the content produced by your social network doesn't feel like a good deal.
or unless you don’t comply quickly enough when they say “jump” and they unilaterally take away “your” gvoice number.
And hope you never have your identity stolen, or an account hijacked, since that was the only proof of who you are.
"over the past 20 years" is not the same as next 20 years
What happens when the rising tide stops but the boats still have to rise?
My bet is that we will hate Google, Facebook, Amazon, modern Microsoft a lot more than people in the 80s and 90s hated IBM and old Microsoft.
Giving all your data for better services is easily hijackable.
We need to do what we preach: sure, things are worse in certain things but for sure setting up a local network with top-level open source self-hosted alternatives is the easiest it has ever been ever.
Also I think people forget to realise that the type of people who were online in the 90s are still online, many still does exactly the same things. The Internet just got so much easier to use for the rest of the people who doesn't really see the magic of it all. And that's ok.
People always complaining how bad things currently are, they are doing a disservice to all the services and communities still around. They are not sexy or cool but they exist.
You start.
edit: I have no idea what people think they're talking about when they're like "people should just" and "you should just." The cage is not all in your mind, dude; it's an actual cage, guarded by people with guns.
So yea, some of us are practicing what we preach.
It's always fun to read articles about how urgently we need to go back to local-this and self-hosted that, knowing I never left!
In what country?
In all the ones I know of, regulations are enforced by courts, without the use of guns or violence.
Posting these kinds of hot takes every day are probably why you got shadowbanned.
Sometimes the last stage in a chain of potential escalations is some kind of deprivation instead of violence. For example, if I get money taken from my bank account to pay a fine, and I only planned to use that money to buy a really big TV online, then now I don't get a really big TV, which is a punishment, but not a violent one.
But that's actually quite rare. It doesn't work with a brick-and-mortar store, because there would still be more stages of escalation available, where I could take the TV from the store without paying and then men with guns would come after me. It also doesn't work if I was going to buy food with the money, since starvation is a form of torture. It also doesn't work if I was going to pay rent with the money, since eviction is violent. Only relatively few escalation chains end in non-violent deprivation.
With fictitious legal entities it's more likely to end without harm to any natural entities. The last stages of the chain of enforcement against a corporation can be to transfer ownership to a different natural person, followed by dissolving it entirely. Both of those are just pushing words around on paper, and nobody gets a black eye. On the other hand, one could argue that dissolution is to a legal person what the death penalty is to a natural person, and we only just don't care as much legal people aren't real. I don't think have any ethical qualms with metaphorically murdering a corporation by writing a legal document saying it no longer exists, but it actually supports my point, that even against fictitious entities, escalation chains end with something analogous to shooting the corporation in the head.
Routing to your home address could be hard, but it’s also pretty easy and cheap to set up a reverse proxy from a server you can rent. Routing through a public CDN is also easy and cheap and solves a lot of problems like DDoS.
Understand your enthusiasm but to relate the discussion back to Tim Berners-Lee idea for SOLID data storage protocol... Running self-hosted things like email, NextCloud, Plex, sandstorm.io, etc -- are not relevant to the gp's "nothing changes" complaint.
Without dissecting the SOLID protocol, the basic idea is that transactional data is stored on a separate user-specified "storage pod". It's not just simplistic sharing of "name/address" profile data. Imagining some idealized scenarios might help:
- Spotify music : instead of "playlists, listening history" being stored on Spotify's servers, it is stored on the user's storage pod. Spotify makes API calls to constantly save that data to the user-controlled data location. If the user then cancels Spotify and switches to Apple Music service, Apple can just read the "music playlists data storage pod" and all the recommendations work as expected. No import/export.
- Amazon shopping: instead of order history being in a data silo on Amazon servers. It could be stored in user's "ecommerce orders storage pod". The user can then give permission to Walmart.com to read it to provide product recommendations.
The user "doesn't own their own data" continues with the current AI chat tools. The users' ChatGPT "prompts history" is stored at OpenAI instead of a user-controlled "storage pod".
The walled-garden and data silos don't just restrict consumers. Businesses have the same issue. They use SAP accounting software package or a SaaS tool and their data is locked up in those services. Exports are sometimes possible but cumbersome.
Therefore, self-hosting Plex on local server for a personal music library instead of using Spotify cloud doesn't affect the "nothing changes" narrative. TBL still wants people to have the flexibility/convenience of using cloud services but somehow still keep "ownership of their data".
On the other hand, if you were self-hosting a SOLID Storage Pod at home, and a company like Spotify wrote listening data to it, that's when the narrative changes.
It should be obvious that companies are not incentivized to write transactional data to users' storage pods which explains why the SOLID protocol doesn't seem to gain much traction for the last 9 years.
Not simply "not incentived" but actually decentivized. It's not just that companies lose the ability to have a better algorithm to recommend products, but the data itself is worth a fortune. Google, Facebook, etc are worth as much as they are because of the give amount of personal data they've gathered. And, the reason it's worth so much (well, one reason, and probably the least-scary one) is advertising.
Online advertising is the keystone keeping this pile of shit upright and I can't wait until that bubble finally pops. That is when the narrative will change. None of the ideas in this article will come to pass until all of the data that Google hoards is suddenly useless.
it comes down to the rights to own the data you produce, and have it easily accesible. Solid is just a way of giving people option to excercise this right
Most comsumers just want websites to work. Something like SOLID would add friction. People who care about privacy are a vocal minority.
i believe that this is rising tide, maybe those who care are minority, but not for long
This can't happen until there's another viable revenue stream. Which requires smoothing out everything about microtransactions, creating a culture where people now expect to pay, and building trust that it won't get stuffed with ads anyway.
Sometimes HN makes me feel like I'm the literal last remaining person on the planet who just... uses a desktop computer, and stores data on SSDs and HDDs, all physically connected to the machine, and never worries about how to access this data from another device because there are no other devices from which it should be accessed.
I mean, okay, fine, I do things like publishing to GitHub. But I still have a local copy, and I'm in control.
This problem is practically fixed in the EU (to the extent that legislation can fix it). Data protection laws have enough teeth that real companies can’t afford to keep or sell customer information illegally.
But people only see the tip of the iceberg and think EU data protection is something to do with annoying cookie banners. We need to do a better job of celebrating Europe’s real achievements in making the digital world better for its citizens. Instant zero-fee bank transfers are another example.
Not even close to the case for any big player. It just exists as a moat for smaller companies.
But I've noticed there are two kinds of people when it comes to entrepreneurship and regulations. There are people who go all gung-ho and do what they want and ignore the law as much as they can get away with. And there are people who are so scared of things like laws that they never become entrepreneurs. I don't see much of a middle ground in practice.
How are real people's lives being effected by these problems?
Starting as a subscription service at least doesn't feel like a broken promise.
Free services funded by ads have been a boon for the poor.
For any given ad supported service, one of two things must be true:
(1) the ad spend was more than or equal to the cost of the service for those users
(2) the ad spend was less than the cost of the service for those users
From fork (2), it follows that the service isn't sustainable anyway.
From fork (1), it follows that the buyers of the ad slots in turn only make a profit if those ads led to sales higher than the ad spend.
But for any given poor person, buying that which was advertised on the ad supported service necessarily means spending more than they would have on a non-ad-supported version of the same ad supported services.
It doesn't matter how much you think my attention is "really worth". If I want the service now, have no cash, but can pay with my attention, I am strictly more enabled than if the service only accepts cash.
The fork between (1), (2) is how much cash their attention is actually turned into.
To put it another way: what's the attention of a poor person really worth, in dollars? Answer is always less than or equal to the amount they can spend.
I mean I supposed every transaction leaves someone poorer of something and richer in something else. I'm not sure of the point though.
I concede that if the ad companies are willing to forgo collecting X dollars in exchange for showing you an ad then it must be worth >=X dollars to the ad company for the person to see the ad.
But it remains true that the poor person has no way to convert their attention directly into X dollars, and all that taking away the free tier does is make it so that someone who would have made a trade (of their attention for a service) cannot do so.
thinking of stuff like facebook here...
Endless investing is, depending how you look at it, either not (just) ad supported and preceeds the premise, or it still is ad supported (and hence (1)) just with extra steps to badly hide who is doing it.
Hmm… I suppose the purchase of a vote in a democracy is something that a poor person might not otherwise be able to sell, and where "we advertised and convinced you" is (depending on campaign finance etc. rules) one of the legitimate ways to do it… but even then, for reasons too long to type on my phone, I'd say in this case it would still make the poor poorer.
The big majority goes with the comfort of the mainstream, almost by definition.
How about we go back 20yr and train a generation of unix sysadmins and self host at companies and at home.
The browser controller actually runs its own local server that handles indexing and archiving on your disk, while the front end lives inside your browser as a dashboard or control pane. So it’s both a locally hosted app and a browser extension of sorts.
This is still a work in progress, but one direction I want to push further is allowing users to publish curated collections or search indexes of their browsing history.
More likely, though, you’d create a separate archive centered on a topic you care about, and as you browse you selectively add pages to that topic. Over time, you end up with a niche search engine tied to your expertise.
If that archive is good, others might find it valuable—and you might choose to publish it from your own machine. With tunneling tech (Cloudflare, Tor, etc.), you can expose your local box to the public internet. The vision is: user-sovereign data, but still shareable.
You could even federate groups of topic-based archives into a shared search ecosystem, useful for domains like biotech or other specialized fields.
Another crucial point: DownloadNet archives your browsing in real time. It doesn’t crawl externally; it captures exactly what you see, including sites you access via institutional credentials (e.g. research journals behind paywalls). Then you can optionally share those archives with a trusted group.
I’m also exploring a web-document bundle format: package an interactive set of web pages (not just one) into a self-contained snapshot you can send (e.g. via email). The recipient can browse that snapshot locally, with all internal links intact, as of a particular moment in time. It’s a simple but powerful idea, and I think it has real growth potential in the data-sovereignty space. I started this as a passion project, and I believe many others care deeply about these ideas too. If you’re interested or want to get involved, head to the repository.
One way my vision differs from something like Solid is the philosophy of adoption: rather than launching with a full-blown protocol, you start with a simple tool that users adopt, extend, and share. Over time, emergent use cases and community practices shape the system. It’s bottom-up rather than top-down.
I’m not dissing Solid — I understand its aims and don’t see this as strictly competitive or exclusive. But I feel the incremental, user-led route is likelier to produce something sustainable. You grow it in the wild, learn what users actually need, and adapt. Instead of trying to design for all cases in advance, you let real-world use teach you what matters.
Anyway, that’s the gist of my vision—and how it diverges from other approaches like the one in the article you referenced. While it may seem as a condemnation of other ideas, it's not. So please don't take it that way.
If this is something you could get into, I encourage you come on over to the repo and share your contribution. I also riff more on Solid, this article and the approach of DN if you're interested, here: https://github.com/DO-SAY-GO/dn/wiki/What-is-DiskerNet-and-h...
119 more comments available on Hacker News