Opening up the Foundation

29.02.2024 19:00 — Foundation Thib

Since the Foundation got itself a Managing Director at the end of last summer, it has been working on its independence. With lines more clearly defined between its major supporter Element and itself, the Foundation has been able to clarify its role. The Foundation's major goal, alongside stewarding the specification, is to fill in the gaps where there is no direct organisational interest, to make the Matrix ecosystem grow.

There are two levels where the Foundation can have an impact: at the governance level, in the form of the Governing Board; and at the hands-on level, with working groups and projects.

See below what the coming year holds for us.

Continue reading…

Launching the Matrix.org Website Office Hours

20.02.2024 16:00 — Foundation Thib

The Matrix.org website is the public face of the Foundation, and the first thing you stumble upon when looking up “matrix chat” on a search engine. It’s a very important step in people’s Matrix journey.

A lot of thought has been put into making a website that talks to the various audiences visiting it, but we still have a lot of room for improvement!

The website is only maintained by community member MTRNord in a volunteer way, and part-time by me, Thib. We could use an extra pair of hands or two, but to make the most of people’s desire to help we need to let them know where they can have the most impact depending on their skill set, and how we can accept their help!

Continue reading…

This Week in Matrix 2024-02-16

16.02.2024 00:00 — This Week in Matrix MTRNord

Dept of communities

Ubuntu Matrix homeserver just went live 🎉

Nils announces

Even if we are formally still in testing phase until the end of the Ubuntu 24.04 cycle, the Ubuntu Matrix homeserver reached a state in which we can consider it live.

Although Ubuntu used to be IRC-only, we are now adopting Matrix to cater to a wider, diverse audience, including less technical users and younger generations. Matrix allows us to do so while staying true to the values that brought us Ubuntu, Linux and FOSS. When selecting the tools we use, we are always focused on open-source, privacy and freedom respecting software. We believe that Matrix offers all the modern features we need without compromising our values. Moreover, Matrix will make it easier for us to interact with neighboring communities such as Fedora and KDE.

There is still a lot of work to do, but we want to take a moment to thank the Ubuntu and Matrix communities for their great effort and dedication to this project.

You can read more about it on this Discourse thread and of course, you can now join our Ubuntu community from any Matrix federated server. A good start is the Ubuntu Community Space

Continue reading…

This Week in Matrix 2024-02-09

09.02.2024 00:00 — This Week in Matrix Thib

Matrix Live

Dept of Status of Matrix 🌡️

Matthew says

Very happy to announce that the Spec Core Team has been reviewing how to make more progress on MSCs and get more organisational diversity into the SCT, and we've decided to expand the team - unanimously voting to add both tulir and clokep to the team effective today. Huge thanks to both tulir and clokep for being up for joining and donating their time... and looking forwards to their contributions in helping get MSCs to and through their Final Comment Period and merged into the spec!

Josh Simmons says

We’re excited to be forging stronger ties with other open source foundations, so that we can work together and lean on one another’s areas of expertise. Last week we announced that the Matrix.org Foundation joined OpenForum Europe as a supporter alongside Mozilla and many others.

Adding to that, we’re pleased to share that we have become an affiliate of the Open Source Initiative and joined their Open Policy Alliance, and we’ve also joined the Eclipse Foundation as an associate member.

We look forward to going further, faster, together! 🚀

Continue reading…

FOSDEM 2024 Wrap Up

08.02.2024 16:00 — FOSDEM Thib

This year again the Matrix.org Foundation was at FOSDEM, and what a huge energy boost it has been for us! Between a Fringe Event for the Matrix community to gather, a booth where the vast majority of people came by to show their support for our work, a devroom with four hours of awesome Matrix content, and last but not least a main track talk where Matthew covered what we had been doing for the past year… It has been a very intense weekend!

Continue reading…

This Week in Matrix 2024-02-02

02.02.2024 00:00 — This Week in Matrix Hubert Chathi

Matrix Live

No Matrix Live this week, but there will be plenty of Matrix talks (live!) on Sunday at FOSDEM in the Matrix devroom, and at Matthew's main track talk. The talks are livestreamed, so you can follow even if you aren't at FOSDEM (or if you are in FOSDEM but the room is full). If you are at FOSDEM, you can also find live Matrix people at the matrix.org stand in Building K, level 2.

Dept of Status of Matrix 🌡️

Josh Simmons announces

Announced today during the EU Open Source Policy Summit in Brussels, the Matrix.org Foundation and Mozilla have joined OpenForum Europe as supporters. OpenForum Europe has proven an effective convener and advocate for open source and open standards in Europe, and we’re glad to help further that work.

Josh Simmons announces

This week the Matrix.org Foundation launched a new fundraiser, shared some high level budget figures, and kicked off a series diving into our emerging roadmap!

We’ve made huge strides over the last year, with the Foundation more robust and independent than ever before, and there’s a lot to be excited about in the future. Critically, we still need more organizations to step up to fund our work before January 2025.

Huge thanks to Beeper, Gematik, Fractal Networks, Fairkom, Thunderbird, and the hundreds of individuals who have already stepped up! Learn more in our blog post and become a member today 🚀

Continue reading…

A roadmap and appeal for help from The Matrix.org Foundation

30.01.2024 17:00 — Foundation Josh Simmons

A new fundraising drive

Today we launch a new fundraising drive, talk about the scope of the Foundation's work, and begin to unpack our emerging roadmap for the future. There is a lot going on and we need your help to keep it going!

At the end of 2022 Matthew and Amandine sounded the alarm: the Foundation needed more support. To deliver that, they launched the Foundation's membership program. They also introduced open governance, and committed to hiring a Managing Director to act as a robust, neutral steward.

You can help: If you are already sold on Matrix, become a member today. To find out how the last year has gone, and how your support helps us to serve the Matrix ecosystem, read on.

Over the last year, there are lots of positive, healthy signs for Matrix. New members like Beeper and gematik — and hundreds of individuals ​— boosted our annual revenues from £82K to £364K. The open network has grown from 80.3M to 115M addressable users. We've invested in long-term interoperability efforts at the IETF. And we've shifted focus from experiments to polish, usability, and advocacy.

We've supported development of core libraries, and subsidize hosting for FOSS communities like GNOME and KDE. The Foundation runs the Matrix.org homeserver, with over 250K daily active users, and operates several public bots and bridges. And indeed, the Foundation hired a Managing Director 👋.

You'll find a full accounting of our 2023 activity and finances in our first Annual Report, slated to come out around April 2024.

Continue reading…

This Week in Matrix 2024-01-26

26.01.2024 00:00 — This Week in Matrix Thib

Matrix Live

Dept of Spec 📜

Andrew Morgan (anoa) says

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://spec.matrix.org/proposals.

MSC Status

New MSCs:

  • There were no new MSCs this week.

MSCs in Final Comment Period:

Accepted MSCs:

  • No MSCs were accepted this week.

Closed MSCs:

  • No MSCs were closed/rejected this week.

Spec Update

For those familiar with Travis' weekly task lists of MSCs for the Spec Core Team to review in the Office of the Matrix Spec Core Team room, a new weekly list is now being posted in the Matrix Spec & Docs Authoring room. This list is aimed at technical writers who can help by converting MSC authors' words into PRs against the spec text itself.

This is the final step for getting an MSC integrated into a new release of the Matrix spec, and anyone can try their hand at it! It would also very much help the Spec Core Team by freeing up more bandwidth for review of the MSC backlog, as well as push forward the protocol itself. Thank you!

If you have any questions, feel free to ask them in the relevant Matrix rooms.

Random MSC of the Week

The random MSC of the week is... MSC4003: Semantic table attributes!

This MSC proposes expanding the set of suggested, interpreted HTML tags in Matrix clients to include additional tags related to tables. With them, more control over table rendering is possible. The proposal itself includes one such (albeit fairly arbitrary) example

The proposal is well-written and straight-forward, so do feel free to have a look if the subject interests you!

Continue reading…

Open letter to EU Member States on the proposed CSA Regulation

22.01.2024 00:00 — Foundation Denise Almeida

We join our voices to technology companies, trade associations and other supporters in asking EU member states to align the Council's position on the CSA Regulation to the position agreed by the Parliament.

Safeguarding encryption should be a priority in negotiations, ensuring the protection of rights and freedoms around privacy and security of communications.

A copy of the open letter sent to ministers can be read below.

Open letter to EU Member States on the proposed CSA Regulation

Dear Ministers of the Interior, Justice, and Economy of EU Member States,

We write to you as small and medium-sized companies and organizations from Europe, concerned about the proposal for a Regulation on Child Sexual Abuse (CSA). Collectively, we call on you to ensure that your country’s position on this file is brought as close as possible to the European Parliament’s (EP) one. We all agree that ensuring children are safe online is one of the most important duties of tech companies and for this reason, we find the European Commission’s proposed Regulation extremely worrying. If it were implemented as proposed, it would negatively impact children’s privacy and security online, while also having dramatic unforeseen consequences on the EU cybersecurity landscape, on top of creating an ineffective administrative burden1. The European Parliament recently adopted its position on the file, acknowledging that scanning technologies are not compatible with the aim of having confidential and secure communications. The crucial changes it therefore puts forward for the proposal reflect the opinions of the European Data Protection Supervisor (EDPS), the Council legal services as well as countless experts in cryptography and cybersecurity2. It also reflects the opinion of between 63% and 69% of the companies, public authorities, NGOs and citizens consulted by the European Commission in its Impact Assessment3. As small and medium-sized tech companies and organizations, we share their concerns as we know that looking for specific content – such as text, photos and videos – in an end-to-end encrypted communication would require the implementation of a backdoor, or of a similar technology called “client-side scanning”. Even if this mechanism is created with the purpose of fighting crime online, it would also quickly be used by criminals themselves, putting citizens and businesses more at risk online by creating vulnerabilities for all users alike.

Data protection is a strong competitive advantage

As tech companies operating within the European Union, we have built products and services in line with the strong data protection framework of the EU which still serves as an example and inspiration across the world.

The GDPR allowed for the creation of ethical, privacy-first tech companies in Europe, that would otherwise never have been able to compete against Big Tech. It gave European companies a strong competitive advantage in that field internationally and allowed consumers to finally be able to find alternatives to American and Chinese services. Our users, both within the EU and beyond, have come to trust our commitment to safeguarding their data and this trust is a key driver of our competitiveness. The learning curve for adapting to the necessary administrative burden brought about by the GDPR was high but was worth it. However, the CSA Regulation could threaten this unique selling point of European IT companies and would also add a new administrative burden which we fear could overwhelm both our companies and law enforcement bodies. Considering the volume of communications and content transiting through our services, even an insignificant error rate of the technologies applied to scan for abusive material would result in millions of false positives to be manually reviewed every day.

The CSA Regulation could erode trust and safety online

In a world where data breaches and privacy scandals are increasingly common, the EU's reputation for stringent data protection is a unique selling point for businesses operating within its borders. It provides us with a competitive edge, assuring our customers that their information is handled with the utmost care and integrity. This trust, once eroded, is challenging to rebuild, and any measures that compromise it such as mandatory scanning, or mandatory age verification have the potential to harm businesses both large and small. Furthermore, the EU has recently adopted Regulation 2023/2841, which mandates that EU Institutions and bodies to consider the use of end-to-end encryption among their cybersecurity risk-management measures. There are also multiple ‘cyber’ EU proposals currently on the table, such as the Cyber Resilience Act and the Cybersecurity Act. Supporting an opposite approach for the CSA Regulation would only undermine the EU cybersecurity framework creating a contradictory, incoherent and inefficient new set of measures that companies would not be able to enforce without putting citizens and businesses at risk.

The EU Parliament's proposal goes in the right direction

Therefore, we applaud the European Parliament for its resolute stance in defending the European citizens' right to privacy and secure communication. The European Parliament’s commitment to these principles is not only a testament to its dedication to human rights, but also a beacon of hope for businesses like ours that prioritize data protection and security. The position of the Parliament includes alternatives to scanning which have a minimal impact on cybersecurity and data protection, and which experts believe would be both more effective and more efficient than mandatory scanning. Such changes of paradigm would mean going beyond the false dichotomy between privacy and security, while also making the proposal respect the proportionality principle, as requested by the Regulatory Scrutiny Board. Even if not perfect in our eyes, the changes the European Parliament made in its position are a good compromise to maintain digital security and confidentiality and to better protect children online. We believe that these changes strike the right balance between child protection and safeguarding privacy and cybersecurity.

As representatives of the vibrant European small businesses community, we encourage EU Member States to continue championing the values of privacy, cybersecurity and data protection. These principles not only align with the EU's commitment to human rights, but also serve as a foundation for a thriving and competitive business environment. Let us defend and strengthen these principles, ensuring that the EU remains an advocate of privacy in the global marketplace.

For these reasons we call on you to:

  • Ensure that Council’s position is aligned as closely as possible to the European Parliament’s. This will allow for a swifter adoption of the Regulation while building on the important work of the European Parliament.
  • Maintain the high level of fundamental rights - and in particular data protection – enjoyed by citizens in the European Union.
  • Refrain from forcing companies like us to conduct mass surveillance of private correspondence on behalf of law enforcement agencies.
  • Guarantee a high level of cybersecurity in the EU by protecting end-to-end encryption and bringing the necessary safeguards in the text. Client-side scanning and backdoors in particular should not be mandated.
  • Preserve the confidentiality of correspondence.
  • Minimize the administrative burden of the proposal by making it more effective and efficient, through alternatives to mass scanning.

Signed,

  • Blacknight Solutions (Ireland)
  • Element (United Kingdom)
  • Mail.de GmbH (Germany)
  • Matrix Foundation (United Kingdom)
  • Nextcloud (Germany)
  • Open-Xchange (Germany)
  • Renvis (Greece)
  • TelemetryDeck (Germany)
  • Tresorit (Switzerland)
  • E Foundation (France)
  • Logilab (France)
  • Mailfence (Belgium)
  • Murena (France)
  • Olvid (France)
  • Proton (Switzerland)
  • Surfshark (Lithuania)
  • Threema (Switzerland)
  • Tuta (Germany)

Trade associations and supporters:

  • ACT | The App Association
  • Defend Democracy
  • Gate 15
  • Myntex
  • Quilibrium
  • Studio Legale Fabiano
  • Cyberstorm
  • Encryption Europe
  • ISOC-CAT
  • Privacy & Access Council of Canada
  • SecureCrypt
1

A detailed summary of the proposal, drafted by the NGO EDRi, is available here: https://edri.org/our-work/private-and-secure-communications-put-at-risk-by-european-commissions-latest-proposal/

2

For more information, you can read their statement from July 2023: https://edri.org/wp-content/uploads/2023/07/Open-Letter-CSA-Scientific-community.pdf

3

See in particular page 134 of the impact assessment: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52022SC0209