#privacy (1/6)
Designing with privacy in mind – not just in a legal sense, but respecting human beings natural interest in controlling their data and considering the societal impact of privacy invasions – is at the core of all I do.
-
Assorted topics ranging from legal to technical, all related to better understanding privacy as a design-relevant concept.
-
There are plenty of examples about re-identification, the identification of an individual from a supposedly “anonymized” data set. In this latest – absolutely fascinating – case, Hagen Echzell demonstrates (PDF) how it is possible to locate the Norwegian prime minister from a data […]
-
Browser manufacturers are in a constant battle of finding ways to protect users from being fingerprinted by websites they use. I just recently was very surprised to visit an online store (with emptied local storage, all cookies deleted, and trackers efficiently blocked) which instantly recommended […]
-
MastodonDataProtectionGuidance
codeberg.org
A collection of guides, templates, and tools for Mastodon and other Fediverse Admins / users, written from a data protection perspective.
This repository by Carey Lening, Data Protection Consultant, researcher, and Mastodon instance admin, aims to be a Data […] -
Robin Berjon points out how having Tweets embedded in websites is – like most “embeds” – a risk in terms of security (for the end users, mostly, but in theory also for a website itself), but also carries the risk of extracting meaning from articles should they really vanish into the […]
-
Punkt. MP02 Pigeon
punkt.ch
The Punkt MP02 is marketed as a “voicephone” – a 4G mobile device that is stripped down to the very bare functionalities of voice, text and serving as a hotspot for a tablet or PC. It’s not just a cool example of a very minimalist product for people mindful of their relation to […]
-
Privacy Pledge
privacy-pledge.com
Meet the Privacy Pledge – a simple list of five key principles, designed as a commitment by those signing it:
We, the undersigned, commit ourselves to rebuilding the internet so that it returns to the ideals set out by its founders: a democratic platform designed to facilitate the […]
-
Privacy as Product
berjon.com
Privacy is a strategic product concern that is key to digital businesses and should be treated as such, not a nuisance to be lawyered away with wobbly incantations.
Robin Berjon’s critique of the “underdeveloped and unsophisticated approach to privacy and data […] -
Minimum Viable Data Collection
hidde.blog
The question all website owners should be asking, is: do we really, really need these trackers to exist on our pages? Can’t we do the things we want to do without trackers?
Hidde de Vries presents simple thought exercises to reflect on tracking. He starts with […] -
Why your website should work without Javascript
endtimes.dev
For some reason, the myth that users without JavaScript don't exist, refuses to die. So thank you to the author of this comprehensive collection of both statistics (1% of millions is still a lot of people!) and – more importantly – all the other reasons that may, even temporarily, turn web users into "users with no JavaScript". -
ADL Social Pattern Library | Anti hate by design
socialpatterns.adl.org
Conscious designers are well aware of the risks of online hate and harassment in social platforms. The Social Pattern Library wants to provide patterns to mitigate such risks through proven and tested strategies.
The Escalating Spiral of Online Hate model illustrates how hate is […]
-
Let websites framebust out of native apps
holovaty.com
Adrian Holovaty highlights a massive security and privacy issue, as native apps on mobile OSs ignore the HTTP headers instructing a user agent to never display a website in a framed context. Instead, mobile apps may even display such pages with extraneous JavaScript trackers injected. At the […]
-
Leaky Forms: A Study of Email and Password Exfiltration Before Form Submission
homes.esat.kuleuven.be
This is another one of those papers that make your blood boil: through an experimental setup, the researchers found an astonishing amount of websites leaking email addresses entered by users to third party trackers …often even in cases where the user decides to not submit the form after all. -
In “Dark Patterns in Personal Data Collection: Definition, Taxonomy and Lawfulness” Luiza Jarovsky dissects deceptive design patterns from a legal perspective, pointing to the fact that current privacy legislation does not properly address these intentionally misleading patterns that […]
-
Datenschutz-Transparenz für Sehbehinderte
datenschutz-notizen.de
This blog post by the German privacy blog “Datenschutz-Notizen” poses more questions than it provides answers, but I find it noteworthy for bringing together three of my core interests: legal design, accessibility and privacy. The text refers to a court ruling from Italy, where the […]
-
This story starts with a story of conscious technology non-use: an average American, so upset by the opaque tracking of his everyday life, that he decides to pull the plug in an act of self-defence:
Crum, a charming individual who shares his opinions freely, isn’t […]
-
Digital Profiling in the Online Gambling Industry crackedlabs.org
Wolfie Christl aka CrackedLabs is known for his meticulous investigations of surveillance adtech’s inner workings. This latest research report, on the dangers and perils related to behavioral advertising in the online gambling context, is no exception. Methodologically built around the […]
-
Responsible Data Handbook
responsibledata.io
Co-written by 12 authors, this handbook builds on and makes tangible the Responsible Data Forum’s working definition for “responsible data”. The mission, stated in the introduction chapter, is to illustrate where the responsibilities in dealing with data are and present strategies to deal with that responsibly. -
Algorithmic Transparency
maggieappleton.com
Maggie Appleton has a “Patterns” section in her digital garden that I very much enjoyed strolling through as we’re obviously thinking along the same lines. The statement on algorithmic transparency cannot be overstated in today’s omni-automated world:
When an automated system recommends a piece of content, it should include an Epistemic Disclosure message explaining why it suggested it, and what factors went into that decision.
[…] -
Crowdforcing: When What I “Share” Is Yours uncomputing.orgEvery "sharing" interaction in a digital system has externalities – costs to somebody not involved in the transaction themselves: whenever an individual shares a resource or information about themselves, they are likely also sharing something that isn't theirs.
-
Luxury Surveillance reallifemag.comUsing surveillance-based services out of a (perceived or real) position of privilege contributes to normalizing systematic surveillance on a societal level.
-
A simple approach to improving form design
clearleft.com
“The question protocol”, as suggested by Richard Rutter, is a handy heuristic to evaluate the data fields of a form:
When designing a form, you can ensure you are gathering only pertinent information by always invoking the question protocol. The question protocol forces you – and your organization – to ask yourselves why you are requesting a piece of information from a customer. Getting to the bottom of why you’re asking a question means determining precisely how you will be using the answer, if at all.
[…] -
Google is rolling out an early-stage experiment with a new behavioural targeting technology: Federated Learning of Chorts (FLoC). As privacy activists globally campaign against this highly problematic “cookie replacement”, the suggestion by some to even add opt-out headers to all CMS by […]
-
If you’re working with privacy notices for the web, chances are that you have seen the privacy policy of juro.com, which rose to fame during the 2018 spring of GDPR panic as an example of legal design applied in a real-world project. Juro and Stefania Passera, the designer behind the project […]
-
If any person behaved like an app—rifled through your address book, fitted a tracking device to your car, obsessively logged what books and TV shows you watched, and wanted to disturb you at any moment of the day or night—you’d throw them out of your house and call the police.
What happened to our culture that this kind of abusive behaviour became so normalized it is not even questioned any more by most? Here’s a free and simple design heuristic for you: Don’t design any artifact that you would throw out of your house for anti-social conduct!
-
If restaurant managers handled food safety regulations the same way that a lot of marketers deal with privacy regulations, then restaurants would be bragging on how low a score they could get from the health dept. and still stay open
That’s not just a really good analogy, but an indicator for how morally rotten that industry is!