Point-scoring our web freedom | Dan Gillmor

We use ratings for all kinds of services, so let's try scoring the way we use the internet to check on our security and privacy

We are a ratings-obsessed culture. Critics award stars and points for films, books, restaurants, hotels, gadgets and a vast number of other products and services. Sometimes, a professional critic does the scoring, but increasingly, the public collectively creates averaged scores. Some ratings gathered with great detail, such as wine critics' commonly used 100pt scales. Others are as simple as Facebook's "like" button, purely a measure of marketing prowess.

Some of the most useful ratings combine verifiable metrics. Consumer Reports, which has been an essential part of my reading for many years, comes up with what I consider highly trustworthy scores for automobiles and other products. A car goes through a variety of tests; the magazine then weights them according to its longstanding practices and comes up with a total score on a 100pt scale.

NGOs and thinktanks take this approach to measuring such imponderables as economic and press freedom, scoring countries around the globe for policies that aid or restrict such things. As with auto ratings, the results depend on the criteria, and there's plenty of debate about what the surveyors decide is important.

I've been wondering if we could create a system of this sort to gauge our liberty in the technology and communications ecosystem. My goal is a fill-in-the-blanks online form that people could use to: a) say what gear and services they use; and then, b) give them a "liberty scorecard".

The more I've explored this idea, the less sure I've become that it's doable – but that only convinces me it's worth trying. The problem, as we see with all such efforts, is that topic is loaded with complexity, in part because technology and communications presents so many kinds of trade-offs – convenience, cost, security, privacy – in the choices we make. (Trade-offs of this sort exist in all other fields as well; we could make a perfectly safe car if we were willing, and able, to pay ridiculous amounts of money for it.) Moreover, the rise of centralized online services has brought about vast choices within certain domains, but at the cost of ceding an enormous amount of control to them.

Several examples: Apple is highly restrictive with its iOS mobile ecosystem, but the devices are super-convenient to use. The GNU/Linux operating system offers the ultimate in flexibility, but isn't as convenient or easy. Microsoft's Skype is easy and convenient, but not secure from government spies who are vacuuming up all kinds of communications. Running your own mail server is safer in some respects from government dragnets than Hotmail, but it's a pain setting up and maintaining it. Netflix has zillions of movies and TV shows on its streaming system, but uses heavy-duty digital locks to ensure that you can only watch when you're online (and stores vast amounts of data about everything you do when you're using it). You get the idea.

There are degrees of safety, too: you have to decide what are the likely threats. If you set up an unsecured WiFi network at home and use that for your main connection (you shouldn't), you need to use encryption for your online activities. This is the same notion as putting a lock on your front door, to deter other people from casually wandering around your house when you're away. If you want more security, from more serious threats, you have to do much more. (Insurance companies have scores they keep for various ways you secure your home and valuables from theft and fire, and your premiums reflect that.)

The kind of threat makes a huge difference. Skype is insecure if a government is after you, but if I'm chatting with my spouse when one of us is traveling, I'm not going to worry about it.

In thinking about a tech-liberty scorecard, the topic of a talk I gave this week at the O'Reilly Open Source Conference in Portland, I've opted f