Dan Shearer

Samba co-founder. AI safety, medical research, IP and privacy law.

Samba co-founder · AI safety · medical research · IP and privacy law · startup advising

No trackers, no ads, no data collected or retained.

I build organisations, data governance systems and pragmatic research systems. Email dan@shearer.org, or verify and email securely.

💬

Samba, briefly Samba is the open-source software that shares files between Windows, Mac and Linux in probably a billion devices today. Microsoft spent decades trying to shut the project down. Full story in the official history and the timeline of battles lost and won: in brief, Samba survived well but Microsoft survived better.

Motivations

The common thread in my work is promoting sovereignty for organisations and individuals, and in 2026 this is now a global concern. Control over data and software confers great power, and such power should operate within structures of policy, law, ethics and technology. I’m interested in collective approaches and benefitting the individual humans involved, because the loud society-wide issues of our time (climate! group psychoses! war! pandemic effects!) are too big and complex to tackle as technical problems. IP controls software; software controls power. That power now runs on captured personal data — and paracopyright is what stops anyone from stopping it.

If you’re here about…

…AI ethics or agentic systems — safety belongs in the structure around agents, not inside them. Structure vs Constitution makes the argument. Addressing the Biggest Problems in AI describes the Perseverance Composition Engine, the open-source implementation I use daily.

…medical research, biobanks, epidemiology or data ethics — Medical Snapshot proposes an observer-only health system that resolves the causality paradox in longitudinal studies, compared against 26 systems across 90 years. Active Heat Exchanger is indoor air quality infrastructure that generates the residential data the field has never had. One Health and rule-based malaria modelling are current work in epidemiology.

…me as an advisor, expert witness, or collaborator — since 1997 I’ve worked with founders, boards and courts on software IP, privacy regulation, and open-source strategy. Background and how to engage.

…Samba, open source, or the Microsoft-era IP battles — Samba and the official history are the long version. The battles are not over: Data Mobility post-Brexit and EU–US Privacy Shield in 2026 are the current phase. GDPR Article 28 is the next commercial opening.

…my interests, or your contributions and corrections — the sections below are an index by topic. Errors, missing references, and additions welcome; the site challenge has the details.

Agentic AI, Ethics and Artificial Organisations

▼

Addressing the Biggest Problems in Using AI — Most work on AI ethics and correctness tries to make individual models better-behaved. The Perseverance Composition Engine takes the opposite view: assume misbehaviour is inevitable, and structure the system to catch it before harm is caused. This is modelled on how human institutions have worked for centuries.
Structure vs Constitution in AI Safety — Comparing two approaches: Anthropic’s constitution locates AI ethics in the agent through training and guidelines; PCE locates it in the structure around the agent.
Slow LLMs and MCPs are Hiding Problems — Agentic AI systems are currently slow enough that serious concurrency and coordination problems remain invisible. This is a technical note about what happens when that changes.
AI, PCE and the Geth Consensus — Science fiction saw artificial organisations coming years ago. A collaboration between me and my Consul agent on what the Geth story tells us about multi-agent AI.
Snow Crash and Standing Orders — What it is like to work alongside an AI apprentice that studies you.
Logical and thermodynamic reversibility — LLMs consume vast amounts of energy. Computer science tells us energy is not consumed by computation but by the erasure of information. Models that don’t erase information might avoid an AI energy crunch.

→ More AI safety and agentic systems articles

Medical research, epidemiology and public health

▼

Medical Snapshot — A proposal for an observer-only health system in which individuals are tested longitudinally, results are withheld during life, and the full record is released to a treating clinician only after independent diagnosis. Resolves the causality paradox that breaks most longitudinal studies.
Health Observer Systems: A Comparative Review — Every comparable programme I could find across 90 years, 26 systems scored against 18 features in six dimensions, with multi-language source searching and explicit source-credibility tiering. The quadrant plots are reproducible from the R source.
Active Heat Exchanger — A cheap retrofit ventilation device that addresses houses making their occupants sick (Awaab Ishak’s law), and as a side-effect generates the large-scale longitudinal indoor air quality dataset the field has never had. Current research programme with Costa Talalaev and Makerbee Ltd.
One Health and Epidemiology — My 2026 paper (UK MRC-funded) introducing One Health to scholars outside medicine. One Health treats ecology, animals and humans as a system of systems across dozens of fields.
Rule-based Epidemic Modelling and Malaria — Modelling sub-Saharan malaria using rule-based techniques rather than differential equations, to investigate whether asymptomatic HbAS carriers introduce testing bias sufficient to undermine epidemic suppression. Part of the MRC-funded RBEM project.
Radiophobia — Why Linear No-Threshold is wrong, what it costs in missed diagnoses and fear-driven iatrogenic harm, and how to talk to a radiologist.

Open Source

▼

Samba — Co-founding Samba meant taking on Microsoft’s attempt to own all networked file storage. Conservatively a billion users later, the project is still running. Full context in the official history and the timeline of battles lost and won.
LumoSQL — A novel twist on the world’s most-used software, adding privacy and security features. We found a way to extend SQLite without breaking compatibility.
Not Before Time — Assembling existing technologies into a universal way to time-lock information using everyday software tools.
How to Replace Windows NT with Linux — The first methodology and comprehensive guide for organisations migrating off proprietary software. Written in 1999; highly topical in 2026 as this has become a widespread global goal.
Reversible Execution — Rewinding systems and replaying them forward to find complicated bugs and security problems. What I worked on at the second serious startup I was involved with.
Not Forking — Automates change management across source trees in ways version control systems such as Git or Fossil cannot.
Fossil — A practical alternative to Git with stronger cryptographic and reproducibility guarantees. I contributed improvements and use it for several projects (but still mostly use Git).
Open Source to Chemical Rockets — How I found open source in the first place.

→ More open source and software trust articles

Legal and regulatory

▼

Opportunity in GDPR Article 28 — Buried in the legalese is precise computer science that effectively mandates something blockchain-shaped. GDPR enforcement tightens annually; many non-EU jurisdictions have copied the law; this is a commercial opening.
EU–US Privacy Shield et. al. in 2026 — US corporate-coercion-as-policy is not new; this site documents decades of it. But in 2026 it is a mainstream concern intersecting trade wars and shooting wars, with court decisions and laws changing weekly. My work is on minimising risk across the axes.
Software Patents, TPMs and Paracopyright — Copyright and software patents have morphed into something else entirely when combined with technical protection measures. This is the key to technical sovereignty, something I have been speaking about since linux.conf.au 2004.
Microsoft Patent Process — Ballmer Era — A practical guide to Microsoft’s software patent strategy 1998–2014, from direct experience fighting it. Historical, but the tactics evolved rather than disappeared.
Security Standards and Certifications — How ISO27001, GDPR, NIS and related standards work in practice for UK organisations, from someone who has implemented them several times.
Data Mobility post-Brexit — Currently the hardest question for UK organisations that cross the Channel, now tangled with trade-war complexity.

→ More law and privacy articles

Browse all content by topic or search full text.