👓 The breach that killed Google+ wasn’t a breach at all | The Verge

Read The breach that killed Google+ wasn’t a breach at all by Russell Brandom (The Verge)
A bug in the rarely used Google+ network has exposed private information for as many as 500,000 users. Should Google have shared more sooner?

📑 Standard Notes | Nelson’s Log

Annotated Standard Notes (Nelson's log)
I love the voice of their help page. Someone very opinionated (in a good way) is building this product. I particularly like this quote: Your data is a liability to us, not an asset.  

👓 The Information on School Websites Is Not as Safe as You Think | New York Times

Read The Information on School Websites Is Not as Safe as You Think (nytimes.com)
Some tracking scripts may be harmless. But others are designed to recognize I.P. addresses and embed cookies that collect information prized by advertisers.
The idiotic places we end up seeing surveillance capitalism just kills me.

Administrators: But they were give us the technology for free…
Really? Why not try pooling small pieces of resources within states to make these things you want and protect your charges? I know you think your budget is small, but it shouldn’t be this expensive.

👓 Avatar Privacy | WordPress.org

Read Avatar Privacy by Peter Putzer, Johannes Freudendahl (WordPress.org)

Avatars from Gravatar.com are great, but they come with certain privacy implications. You as site admin may already know this, but your visitors and users probably don’t. Avatar Privacy can help to improve the privacy situation by making some subtle changes to the way avatars are displayed on your site.

The plugin works without changing your theme files if you use a modern theme, and it does support (simple) multisite installations. It requires at least PHP 5.6 and WordPress 4.9. For the plugin to do anything for you, you need to visit the discussion settings page in the WordPress admin area and save the new settings. Please note that the plugin does not provide an options page of its own, it rather adds to the existing discussion settings page.

👓 Digital Photocopiers Loaded With Secrets | CBS

Read Digital Photocopiers Loaded With Secrets by Armen Keteyian (cbsnews.com)
Your Office Copy Machine Might Digitally Store Thousands of Documents That Get Passed on at Resale
Hearing that container ships are taking these overseas is a very troubling thing.
Reposted Aaron Parecki on Twitter (Twitter)
It never occurred to me that people would be blaming @oauth_2 for the Facebook mess. Friendly reminder that OAuth is what lets you control *which* parts of your Facebook data apps get access to, and what lets you revoke that access, which you can do here: https://www.facebook.com/settings?tab=applications

👓 The Google News Initiative: Building a stronger future for news | Google

This article is even more interesting in light of the other Google blog post I read earlier today entitled Introducing Subscribe with Google. Was today’s roll out pre-planned or is Google taking an earlier advantage of Facebook’s poor position this week after the “non-data breach” stories that have been running this past week?

There’s a lot of puffery rhetoric here to make Google look more like an arriving hero, but I’d recommend taking with more than a few grains of salt.

Highlights, Quotes, & Marginalia

It’s becoming increasingly difficult to distinguish what’s true (and not true) online.

we’re committing $300 million toward meeting these goals.

I’m curious what their internal projections are for ROI?


People come to Google looking for information they can trust, and that information often comes from the reporting of journalists and news organizations around the world.

Heavy hit in light of the Facebook data scandal this week on top of accusations about fake news spreading.


That’s why it’s so important to us that we help you drive sustainable revenue and businesses.

Compared to Facebook which just uses your content to drive you out of business like it did for Funny or Die.
Reference: How Facebook is Killing Comedy


we drove 10 billion clicks a month to publishers’ websites for free.

Really free? Or was this served against ads in search?


We worked with the industry to launch the open-source Accelerated Mobile Pages Project to improve the mobile web

There was some collaborative outreach, but AMP is really a Google-driven spec without significant outside input.

See also: http://ampletter.org/


We’re now in the early stages of testing a “Propensity to Subscribe” signal based on machine learning models in DoubleClick to make it easier for publishers to recognize potential subscribers, and to present them the right offer at the right time.

Interestingly the technology here isn’t that different than the Facebook Data that Cambridge Analytica was using, the difference is that they’re not using it to directly impact politics, but to drive sales. Does this mean they’re more “ethical”?


With AMP Stories, which is now in beta, publishers can combine the speed of AMP with the rich, immersive storytelling of the open web.

Is this sentence’s structure explicitly saying that AMP is not “open web”?!

👓 Introducing Subscribe with Google | Google

Interesting to see this roll out as Facebook is having some serious data collection problems. This looks a bit like a means for Google to directly link users with content they’re consuming online and then leveraging it much the same way that Facebook was with apps and companies like Cambridge Analytica.

Highlights, Quotes, & Marginalia

Paying for a subscription is a clear indication that you value and trust your subscribed publication as a source. So we’ll also highlight those sources across Google surfaces


So Subscribe with Google will also allow you to link subscriptions purchased directly from publishers to your Google account—with the same benefits of easier and more persistent access.


you can then use “Sign In with Google” to access the publisher’s products, but Google does the billing, keeps your payment method secure, and makes it easy for you to manage your subscriptions all in one place.

I immediately wonder who owns my related subscription data? Is the publisher only seeing me as a lumped Google proxy or do they get may name, email address, credit card information, and other details?

How will publishers be able (or not) to contact me? What effect will this have on potential customer retention?

Following much of the recent Facebook privacy and data scandal over the past several days, 1–4 today I deleted 169 of 184 apps which had access to all or parts of my Facebook data. Often many of them also had access to data by proxy of my family, friends, and acquaintances.

Of those apps still remaining, 7 are apps that I’ve made personally, and the remainder solely help me export data from Facebook. Short of quitting the platform altogether, this feels like a good first step to limiting the data that I leak into the platform and their partners.

For several years now I’ve been posting content to my own personal website first and syndicating it to Facebook secondarily. Few, if any, of these old apps need any legitimate access to my account anymore presuming that they ever really did.

Want to do an audit of your own app access and make a similar purge? The IndieWeb community has some resources for doing so quickly. Looking for a better place to own and better control your own data? They can help there too.

References

1.
Graham-Harrison E, Cadwalladr C. Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach. the Guardian. https://www.theguardian.com/news/2018/mar/17/cambridge-analytica-facebook-influence-us-election. Published March 17, 2018. Accessed March 20, 2018.
2.
Rosenberg, M, Confessore N, Cadwalladr C. How Trump Consultants Exploited the Facebook Data of Millions. The New York Times. https://www.nytimes.com/2018/03/17/us/politics/cambridge-analytica-trump-campaign.html. Published March 17, 2018. Accessed March 20, 2018.
3.
Grewal P. Suspending Cambridge Analytica and SCL Group from Facebook | Facebook Newsroom. Facebook Newsroom. https://newsroom.fb.com/news/2018/03/suspending-cambridge-analytica/. Published March 16, 2018. Accessed March 20, 2018.
4.
Madrigal AC. What Took Facebook So Long? The Atlantic. https://www.theatlantic.com/technology/archive/2018/03/facebook-cambridge-analytica/555866/. Published March 10, 2016. Accessed March 20, 2018.

Go To Hellman: How to check if your library is leaking catalog searches to Amazon

Read How to check if your library is leaking catalog searches to Amazon by Rob Hellman (go-to-hellman.blogspot.com)

I've been writing about privacy in libraries for a while now, and I get a bit down sometimes because progress is so slow. I've come to realize that part of the problem is that the issues are sometimes really complex and  technical; people just don't believe that the web works the way it does, violating user privacy at every opportunity.Content embedded in websites is a a huge source of privacy leakage in library services. Cover images can be particularly problematic. I've written before that, without meaning to, many libraries send data to Amazon about the books a user is searching for; cover images are almost always the culprit. I've been reporting this issue to the library automation companies that enable this, but a year and a half later, nothing has changed. (I understand that "discovery" services such as Primo/Summon even include config checkboxes that make this easy to do; the companies say this is what their customers want.)