Latest posts

  • Reposting a Tweet by Jared Spool

    This. One of the things I enjoy most about doing research is to unveil realities that are different from what everybody “believed to know”.

  • Bookmark: Report: Deceived by Design

    A detailed report, documenting how Google, Facebook and Microsoft use UI dark patterns to deceive and manipulate users towards accepting low privacy defaults; by the Norwegian Consumer Council.

  • Bookmark: Modern myth: Nothing to hide? Collected responses to a dangerous fallacy

    Anyone who is concerned with surveillance will hear this statement over and over again. Though dangerous and false, it is very persistent. And we are fed up with it. Ten points against the notion that you have “nothing to hide”.

  • IxDA Berlin #67: The strategic role of UX research

    What made the combination of these two talks so powerful is their underlying message in combination: (UX) research is all about asking the right questions, using the right tools and embedding the activities in the organisational context to fit the processes, but maybe even more importantly to inject user-centred thinking into team culture.

  • Reposting a Tweet by Webkongress Erlangen ‏

    Exciting! Got invited to present my latest “Usability as UX” talk at the “Webkongress Erlangen” conference in September, alongside a great a11y & webdev/des line-up (event in German)

  • Self-hosting maps: taking control over UX and users’ privacy

    OpenMapTiles allows for efficient self-hosting of embeddable OSM maps without significant resource requirements and with reasonable effort for a web professional.

  • Reposting a Tweet by Frederike Kaltheuner

    "Privacy was once misconstrued as being about hiding and secrecy. Now it’s understood to be something much more pressing: power dynamics between the individual, the state and the market."

  • Can we PLEASE talk about privacy, not GDPR, now?

    Let’s not bury this under “achievement unlocked by May 25” but use the momentum to work on new ideas how to proceed from here. Likely everybody had to take shortcuts in recent weeks. Now, with pressure off, is the time to share what we have learned – and continue to keep working on new ideas for privacy first, compliance second.

  • Reposting a Tweet by DataEthics

    "Data Ethics" is an inspiring book making the case for ethical design of businesses and products; PDF now available for free

  • Next week: “Website Privacy Extreme” in Helsinki (Wed 16.5.)

    10 more days to go, and we will assemble for an evening to discuss and work on improving the privacy of our websites (for real, not for "GDPR compliance").

  • Reply to a post by Daniel Goldsmith

    Daniel, thank you for your elaborate response to my article on “The Indieweb privacy challenge”. As I explicitly state whenever writing about the GDPR: I am not a lawyer. In recent months, I spent more hours on legal research and debates than many designers ever will, but I always inform readers that I am not […]

  • The Indieweb privacy challenge (Webmentions, silo backfeeds, and the GDPR)

    Originally intended to showcase a privacy-centred implementation of emerging social web technologies – with the aim to present a solution not initially motivated by legal requirements, but as an example of privacy-aware interaction design – my “social backfeed” design process unveiled intricate challenges for Indieweb sites, both for privacy in general and legal compliance in […]

  • Bookmark: On Weaponised Design

    This may well be the most comprehensive article I’ve read this year so far on the topic of the ethical responsibility of designers. Its author, Cade, discusses “weaponised design”: “electronic systems whose designs either do not account for abusive application or whose user experiences directly empower attackers”. The role of designers is put at the […]

  • Event: “Website Privacy Extreme” (16 May in Helsinki/FIN)

    An experimental hacking event for active webizens concerned about privacy first and legal compliance second. The goal is to take it to the extreme: challenging 'common practices' and pushing the boundaries.

  • No title

    Saturday night 'fun' of a privacy designer: catching up on the latest in privacy law at @fu_berlin

  • Collaborative list of GDPR-compliant DPA contracts

    One of many GDPR tasks before May 25 is to sign Data Processing Agreements with third-party services you use for your website, newsletter, etc. For an easy start, we created a collaborative online list to provide an easy starting point – please use for your benefit! …and contribute back?

  • “Working Draft” podcast on privacy and GDPR (in German)

    Baltasar, Joschi and I discuss importance and implications of the GDPR for web designers and developers - on the Working Draft podcast, hosted by Hans Christian Reinl.

  • Workshop 9.5.2018: “Datenschutz im Web — Fallstricke, Strategien, Risikomanagement, DSGVO”

    Neuauflage unseres Praxisworkshops zu Datenschutz im Web und ethischen Fragen der DSGVO in Düsseldorf, am Tag nach der beyond tellerrand -Konferenz.

  • Bookmark: GDPR: 10 examples of best practice UX for obtaining marketing consent

    I was delighted to find this blog post, reviewing recent examples of UX solutions for GDPR-compliant marketing consent. This is the kind of reviews designers concerned with privacy need, in order to generate an industry-wide debate about (slowly emerging) practices and work out optimal solutions over time.

  • Challenge GDPR: undesirable effort or entrepreneurial opportunity?

    The efficient combination of legal risk management and privacy-sensitive design ensures a good ROI for GDPR compliance efforts.