#privacy (1/6)
Designing with privacy in mind – not just in a legal sense, but respecting human beings natural interest in controlling their data and considering the societal impact of privacy invasions – is at the core of all I do.
-
Assorted topics ranging from legal to technical, all related to better understanding privacy as a design-relevant concept.
-
Opportunity
adactio.com 
This short text follows up on “Splitting the web” from a few days ago. Jeremy Keith connects it to a bunch of recent texts and presentations that and highlights how not choosing the mainstream path of “enshittification” is not so much about giving up, but about creating new […]
-
Splitting the Web
ploum.net 
While I greatly appreciate the way Lionel Dricot describes the split between the “commercial, monopolies-riddled, media-adored web”, driven by bloat and monetization, and the “tech-savvy web”, as a way to describe the more consicous creation and consumption of digital media […]
-
The Potentially Dangerous Non-Accessibility Of Cookie Notices
smashingmagazine.com 
Nobody likes cookie consent modals. But if you are not able to "design them away" by technical solutions, they should at least be fully accessible. -
Unpacking 'commercial surveillance': The state of tracking
europarl.europa.eu 
Increasingly stakeholders submit that EU data protection rules jeopardise Europe’s data-driven prosperity and demand targeted weakening of data protection rules. As the debate becomes more polarised, it is more important than ever to establish a baseline for discussions by taking […]
-
There are plenty of examples about re-identification, the identification of an individual from a supposedly “anonymized” data set. In this latest – absolutely fascinating – case, Hagen Echzell demonstrates (PDF) how it is possible to locate the Norwegian prime minister from a data […]
-
Browser manufacturers are in a constant battle of finding ways to protect users from being fingerprinted by websites they use. I just recently was very surprised to visit an online store (with emptied local storage, all cookies deleted, and trackers efficiently blocked) which instantly recommended […]
-
MastodonDataProtectionGuidance
codeberg.org 
A collection of guides, templates, and tools for Mastodon and other Fediverse Admins / users, written from a data protection perspective.
This repository by Carey Lening, Data Protection Consultant, researcher, and Mastodon instance admin, aims to be a Data […] -
Robin Berjon points out how having Tweets embedded in websites is – like most “embeds” – a risk in terms of security (for the end users, mostly, but in theory also for a website itself), but also carries the risk of extracting meaning from articles should they really vanish into the […]
-
Punkt. MP02 Pigeon
punkt.ch 
The Punkt MP02 is marketed as a “voicephone” – a 4G mobile device that is stripped down to the very bare functionalities of voice, text and serving as a hotspot for a tablet or PC. It’s not just a cool example of a very minimalist product for people mindful of their relation to […]
-
Privacy Pledge
privacy-pledge.com 
Meet the Privacy Pledge – a simple list of five key principles, designed as a commitment by those signing it:
We, the undersigned, commit ourselves to rebuilding the internet so that it returns to the ideals set out by its founders: a democratic platform designed to facilitate the […]
-
Privacy as Product
berjon.com 
Privacy is a strategic product concern that is key to digital businesses and should be treated as such, not a nuisance to be lawyered away with wobbly incantations.
Robin Berjon’s critique of the “underdeveloped and unsophisticated approach to privacy and data […] -
Minimum Viable Data Collection
hidde.blog The question all website owners should be asking, is: do we really, really need these trackers to exist on our pages? Can’t we do the things we want to do without trackers?
Hidde de Vries presents simple thought exercises to reflect on tracking. He starts with […] -
Why your website should work without Javascript
endtimes.dev 
For some reason, the myth that users without JavaScript don't exist, refuses to die. So thank you to the author of this comprehensive collection of both statistics (1% of millions is still a lot of people!) and – more importantly – all the other reasons that may, even temporarily, turn web users into "users with no JavaScript". -
ADL Social Pattern Library | Anti hate by design
socialpatterns.adl.org 
Conscious designers are well aware of the risks of online hate and harassment in social platforms. The Social Pattern Library wants to provide patterns to mitigate such risks through proven and tested strategies.
The Escalating Spiral of Online Hate model illustrates how hate is […]
-
Let websites framebust out of native apps
holovaty.com 
Adrian Holovaty highlights a massive security and privacy issue, as native apps on mobile OSs ignore the HTTP headers instructing a user agent to never display a website in a framed context. Instead, mobile apps may even display such pages with extraneous JavaScript trackers injected. At the […]
-
Leaky Forms: A Study of Email and Password Exfiltration Before Form Submission
homes.esat.kuleuven.be 
This is another one of those papers that make your blood boil: through an experimental setup, the researchers found an astonishing amount of websites leaking email addresses entered by users to third party trackers …often even in cases where the user decides to not submit the form after all. -
In “Dark Patterns in Personal Data Collection: Definition, Taxonomy and Lawfulness” Luiza Jarovsky dissects deceptive design patterns from a legal perspective, pointing to the fact that current privacy legislation does not properly address these intentionally misleading patterns that […]
-
Datenschutz-Transparenz für Sehbehinderte
datenschutz-notizen.de 
This blog post by the German privacy blog “Datenschutz-Notizen” poses more questions than it provides answers, but I find it noteworthy for bringing together three of my core interests: legal design, accessibility and privacy. The text refers to a court ruling from Italy, where the […]
-
This story starts with a story of conscious technology non-use: an average American, so upset by the opaque tracking of his everyday life, that he decides to pull the plug in an act of self-defence:
Crum, a charming individual who shares his opinions freely, isn’t […]
-
Digital Profiling in the Online Gambling Industry crackedlabs.org
Wolfie Christl aka CrackedLabs is known for his meticulous investigations of surveillance adtech’s inner workings. This latest research report, on the dangers and perils related to behavioral advertising in the online gambling context, is no exception. Methodologically built around the […]
-
Responsible Data Handbook
responsibledata.io 
Co-written by 12 authors, this handbook builds on and makes tangible the Responsible Data Forum’s working definition for “responsible data”. The mission, stated in the introduction chapter, is to illustrate where the responsibilities in dealing with data are and present strategies to deal with that responsibly. -
Algorithmic Transparency
maggieappleton.com 
Maggie Appleton has a “Patterns” section in her digital garden that I very much enjoyed strolling through as we’re obviously thinking along the same lines. The statement on algorithmic transparency cannot be overstated in today’s omni-automated world:
When an automated system recommends a piece of content, it should include an Epistemic Disclosure message explaining why it suggested it, and what factors went into that decision.
[…] -
Crowdforcing: When What I “Share” Is Yours uncomputing.org
Every "sharing" interaction in a digital system has externalities – costs to somebody not involved in the transaction themselves: whenever an individual shares a resource or information about themselves, they are likely also sharing something that isn't theirs. -
Luxury Surveillance reallifemag.com
Using surveillance-based services out of a (perceived or real) position of privilege contributes to normalizing systematic surveillance on a societal level. -
A simple approach to improving form design
clearleft.com “The question protocol”, as suggested by Richard Rutter, is a handy heuristic to evaluate the data fields of a form:
When designing a form, you can ensure you are gathering only pertinent information by always invoking the question protocol. The question protocol forces you – and your organization – to ask yourselves why you are requesting a piece of information from a customer. Getting to the bottom of why you’re asking a question means determining precisely how you will be using the answer, if at all.
[…]
nrkbeta.no 
ctrl.blog 
papers.ssrn.com 
cnet.com 