👓 Daniel Goldsmith’s reply to Sebastian Greger

Read a post by Daniel Goldsmith (View from ASCRAEUS)

Sebastian, first of all, thank you for your detailed write up on this issue. I think much of your roadmap is worthwhile, and of great interest.

I cannot, however, say that I am convinced by your contentions regarding the effect of GDPR and indieweb sites. In particular, I think your definitions are excessively broad, and you elide much information from both the Regulation itself and the Recitals.

It’s certainly interesting to see some of the replies to Sebastian’s article. It’s definitely stirring up some interesting thought. Daniel’s reply here is primarily to the legal issues at stake more than the design related issues, which have some interesting merit aside from the legal ones.

I think I fall somewhere in the middle of the two and see some of the moral and ethical pieces which are more important from a people perspective. I’m not as concerned about the law portion of it for a large variety of reasons. It’s most interesting to me to see the divide between how those in the EU and particularly Germany view the issue and those in the United States which may be looking at regulations in the coming years, particularly after the recent Facebook debacle.

As I think of these, I’m reminded about some of the cultural differences between Europe and the United States which Jeff Jarvis has expounded upon over the past several years. Europeans are generally more leery of corporations and trust government a bit more while in America it’s the opposite.

Reply to The Indieweb privacy challenge (Webmentions, silo backfeeds, and the GDPR) by Sebastian Greger

Replied to The Indieweb privacy challenge (Webmentions, silo backfeeds, and the GDPR) by Sebastian GregerSebastian Greger (sebastiangreger.net)
Originally intended to showcase a privacy-centred implementation of emerging social web technologies – with the aim to present a solution not initially motivated by legal requirements, but as an example of privacy-aware interaction design – my “social backfeed” design process unveiled intricate challenges for Indieweb sites, both for privacy in general and legal compliance in particular.

Again Sebastian Greger has written up a well-thought-out and nuanced approach to design. Here he discusses privacy and GDPR with a wealth of research and direct personal experience in these areas. He’s definitely written something interesting which I hope sparks the beginning of a broader conversation and evaluation of our ethics.

There’s so much to think about and process here, that I’ll have to re-read and think more specifically about all the details. I hope to come back to this later to mark it up and annotate it further.

I’ve read relatively deeply about a variety of privacy issues as well as the weaponization of data and its improper use by governments and businesses to unduly influence people. For those who are unaware of this movement over the recent past, I would highly recommend Cathy O’Neil’s text Weapons of Math Destruction: How Big Data Increases Inequality and Threatens Democracy, which provides an excellent overview with a variety of examples about how the misuse of data can be devastating not just to individuals who are broadly unaware of it, but entire segments of society.

There is a lot of publicly available data we reveal via social media and much of it one might flippantly consider “data exhaust” which has little, if any inherent value by itself. Unfortunately when used in aggregate, it can reveal striking things about us which we may either not be aware of ourselves or which  we wouldn’t want to be openly known.

My brief thought here is that much like the transition from the use of smaller arms and handguns, which can kill people in relatively small numbers, to weapons like machine guns on up to nuclear weapons, which have the ability to quickly murder hundreds to millions at a time, we will have to modify some of our social norms the way we’ve modified our “war” norms over the past century. We’ll need to modify our personal social contracts so that people can still interact with each other on a direct basis without fear of larger corporations, governments, or institutions aggregating our data, processing it, and then using it against us in ways which unduly benefit them and tremendously disadvantage us as individuals, groups, or even at the level of entire societies.

In my mind, we need to protect the social glue that holds society together and improves our lives while not allowing the mass destruction of the fabric of society by large groups based on their ability to aggregate, process, and use our own data against us.

Thank you Sebastian for kicking off a broader conversation!

Disclaimer: I’m aware that in posting this to my own site that it will trigger a tacit webmention which will ping Sebastian Greger’s website. I give him permission to display any and all data he chooses from the originating web page in perpetuity, or until such time as I send a webmention either modifying or deleting the content of the originating page. I say this all with some jest, while I am really relying on the past twenty years of general social norms built up on the internet and in general society as well as the current practices of the IndieWeb movement to govern what he does with this content.

👓 How a Genealogy Website Led to the Alleged Golden State Killer | The Atlantic

Read How a Genealogy Website Led to the Alleged Golden State Killer (The Atlantic)
Powerful tools are now available to anyone who wants to look for a DNA match, which has troubling privacy implications.

I find this mechanics relating to privacy in this case to be extremely similar to Facebook’s leak of data via Cambridge Analytica. Something crucial to your personal identity can be accidentally leaked out or be made discoverable to others by the actions of your closest family members.

👓 Privacy sentences to ponder | Marginal Revolution

Read Privacy sentences to ponder by Tyler Cowen (Marginal REVOLUTION)
The increasing difficulty in managing one’s online personal data leads to individuals feeling a loss of control. Additionally, repeated consumer data breaches have given people a sense of futility, ultimately making them weary of having to think about online privacy. This phenomenon is called “privacy fatigue.” Although privacy fatigue is prevalent and has been discussed by scholars, there is little empirical research on the phenomenon. A new study published in the journal Computers and Human Behavior aimed not only to conceptualize privacy fatigue but also to examine its role in online privacy behavior. Based on literature on burnout, we developed measurement items for privacy fatigue, which has two key dimensions —emotional exhaustion and cynicism. Data analyzed from a survey of 324 Internet users showed that privacy fatigue has a stronger impact on privacy behavior than privacy concerns do, although the latter is widely regarded as the dominant factor in explaining online privacy behavior.
Emphasis added by me.  That is by Hanbyl Choi, Jonghwa Park, and Yoonhyuk Jung, via Michelle Dawson.

Better control of online privacy is certainly something that the IndieWeb can help to remedy.

The past weeks have indicated that we really do need some regulations. It’s not just Facebook, but major, unpunished leaks from data brokers like Experian (which seemingly actually profited from it’s data leak) or even those of companies like Target. Many have been analogizing data as the “new oil”, but people shouldn’t be treated like dying sea birds trapped in oil slicks.

I’m bookmarking this journal article to read: The role of privacy fatigue in online privacy behavior. 1

References

1.
Choi H, Park J, Jung Y. The role of privacy fatigue in online privacy behavior. Comput Human Behav. 2018;81:42-51. doi:10.1016/j.chb.2017.12.001

👓 Gmail is getting a ‘confidential mode’ that prevents users from printing or forwarding your email | CNBC

Read Gmail is getting a 'confidential mode' that prevents users from printing or forwarding your email by Todd Haselton (CNBC)
Gmail is getting a new confidential mode that reportedly prevents recipients from forwarding or printing email messages.

🎧 This Week in Google 452 The Mormon Bartender Problem | TWiT.TV

Listened to This Week in Google 452 The Mormon Bartender Problem | TWiT.TV by Leo Laporte, Stacey Higginbotham, Mike Elgan, Kevin Marks from TWiT.tv
Mr. Zuck Goes to Washington
Hosted by Leo LaporteStacey Higginbotham
Guests: Mike ElganKevin Marks

Mark Zuckerberg answers Congress' questions. Is YouTube for kids? Google Photos automatically generates cat videos. Alexa for Business. Questionable fireplace placement.
  • Kevin's Stuff: indieweb.org
  • Stacey's Things: Nest Hello and Are We Already Living in Virtual Reality?
  • Mike's Joint: Taskade


The discussion about the Facebook hearings in congress makes me feel a tad better, but still they’re very unsettling, and they’re on a relatively simple and easy topic.

👓 Fed up with Facebook, activists find new ways to defend their movements | Tech Crunch

Read Fed up with Facebook, activists find new ways to defend their movements (TechCrunch)
Malkia Cyril Contributor Share on Twitter Malkia Cyril is founder and executive director of the Center for Media Justice (CMJ) and co-founder of the Media Action Grassroots Network. More posts by this contributor The benefits of police body cams are a myth In the wake of revelations that the person…

👓 Facebook deleted Mark Zuckerberg’s Messenger texts without telling anyone | The Verge

Read Facebook deleted Mark Zuckerberg’s Messenger texts without telling anyone by Tom Warren (The Verge)
Facebook has been secretly deleting messages sent on Messenger by founder and CEO Mark Zuckerberg. Facebook claims it did nothing wrong, but it demonstrates a double-standard with regard to how the company see privacy.

It’s very telling that they have certain privacy policies for themselves and different ones for everyone else.

🎧 This Week in Google 451 B055man69 | TWiT.TV

Listened to This Week in Google 451 B055man69 by Leo Laporte, Jeff Jarvis, Wendy Nather, Ant Pruitt from TWiT.tv
Shooting at YouTube Headquarters. Facebook's continuing kerfuffle. Apple snags Google's AI head. Chromebooks on school buses. Cheaper Pixel 3 on the way - but not for you. Trump vs. Amazon. Security breaches here, security breaches there, even in our underwear. Don't leave your pepperoni on the hotel balcony.



👓 All the URLs you need to block to *actually* stop using Facebook | Quartz

Just by the bulk of URLs, this gives a more serious view of just how ingrained Facebook is in tracking your online life.

Following much of the recent Facebook privacy and data scandal over the past several days, 1–4 today I deleted 169 of 184 apps which had access to all or parts of my Facebook data. Often many of them also had access to data by proxy of my family, friends, and acquaintances.

Of those apps still remaining, 7 are apps that I’ve made personally, and the remainder solely help me export data from Facebook. Short of quitting the platform altogether, this feels like a good first step to limiting the data that I leak into the platform and their partners.

For several years now I’ve been posting content to my own personal website first and syndicating it to Facebook secondarily. Few, if any, of these old apps need any legitimate access to my account anymore presuming that they ever really did.

Want to do an audit of your own app access and make a similar purge? The IndieWeb community has some resources for doing so quickly. Looking for a better place to own and better control your own data? They can help there too.

References

1.
Graham-Harrison E, Cadwalladr C. Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach. the Guardian. https://www.theguardian.com/news/2018/mar/17/cambridge-analytica-facebook-influence-us-election. Published March 17, 2018. Accessed March 20, 2018.
2.
Rosenberg, M, Confessore N, Cadwalladr C. How Trump Consultants Exploited the Facebook Data of Millions. The New York Times. https://www.nytimes.com/2018/03/17/us/politics/cambridge-analytica-trump-campaign.html. Published March 17, 2018. Accessed March 20, 2018.
3.
Grewal P. Suspending Cambridge Analytica and SCL Group from Facebook | Facebook Newsroom. Facebook Newsroom. https://newsroom.fb.com/news/2018/03/suspending-cambridge-analytica/. Published March 16, 2018. Accessed March 20, 2018.
4.
Madrigal AC. What Took Facebook So Long? The Atlantic. https://www.theatlantic.com/technology/archive/2018/03/facebook-cambridge-analytica/555866/. Published March 10, 2016. Accessed March 20, 2018.

👓 Suspending Cambridge Analytica and SCL Group from Facebook | Facebook Newsroom

This is sure to cause a privacy firestorm. Or make the already growing one worse.

👓 Talk: “Designing away the cookie disclaimer” by Sebastian Greger

Read Talk: “Designing away the cookie disclaimer” (sebastiangreger.net)
This is the transcript of my lightning talk from the beyond tellerrand Berlin pre-conference warm-up on 6 November 2017. It was a condensed version of my longer, work-in-progress and upcoming talk on privacy as a core pillar of ethical UX design. If you are interested in the final talk or know about a conference or event that might be, I’d be thrilled to hear from you.

It’s sad the amount of not caring that both laws and apathy on the internet can make your life just dreadful in ways that it shouldn’t.

I love the fact that people are working on solving these seemingly mundane issues. This is a great little presentation Sebastian!

👓 Amazon Key is a new service that lets couriers unlock your front door | The Verge

Read Amazon Key is a new service that lets couriers unlock your front door by Ben Popper (The Verge)
The service is called Amazon Key, and it relies on a Amazon’s new Cloud Cam and compatible smart lock. The camera is the hub, connected to the internet via your home Wi-Fi. The camera talks to the lock over Zigbee, a wireless protocol utilized by many smart home devices. When a courier arrives with a package for in-home delivery, they scan the barcode, sending a request to Amazon’s cloud. If everything checks out, the cloud grants permission by sending a message back to the camera, which starts recording. The courier then gets a prompt on their app, swipes the screen, and voilà, your door unlocks. They drop off the package, relock the door with another swipe, and are on their way. The customer will get a notification that their delivery has arrived, along with a short video showing the drop-off to confirm everything was done properly.

There’s a lot of trust Amazon is asking people for in it’s last few products. Alexa could listen (and potentially record) anything you say, cameras in your bedroom (ostensibly to help you dress), and now a key to your house. I can see so many things going wrong with this despite the potential value.

I’m probably more concerned about the flimsy lack of security in the area of internet of things (IoT) which could dip into these though than I am about what Amazon would/could do with them.