Latest posts

Event: “Website Privacy Extreme” (16 May in Helsinki/FIN)

Wed 16
18:0000530 Helsinki

An experimental hacking event for active webizens concerned about privacy first and legal compliance second. The goal is to take it to the extreme: challenging 'common practices' and pushing the boundaries.

Saturday night 'fun' of a privacy designer: catching up on the latest in privacy law at @fu_berlin

Collaborative list of GDPR-compliant DPA contracts

One of many GDPR tasks before May 25 is to sign Data Processing Agreements with third-party services you use for your website, newsletter, etc. For an easy start, we created a collaborative online list to provide an easy starting point – please use for your benefit! …and contribute back?

“Working Draft” podcast on privacy and GDPR (in German)

Baltasar, Joschi and I discuss importance and implications of the GDPR for web designers and developers - on the Working Draft podcast, hosted by Hans Christian Reinl.

Workshop 9.5.2018: “Datenschutz im Web — Fallstricke, Strategien, Risikomanagement, DSGVO”

Wed 09

Neuauflage unseres Praxisworkshops zu Datenschutz im Web und ethischen Fragen der DSGVO in Düsseldorf, am Tag nach der beyond tellerrand -Konferenz.

Feb 2018

Bookmark: GDPR: 10 examples of best practice UX for obtaining marketing consent

I was delighted to find this blog post, reviewing recent examples of UX solutions for GDPR-compliant marketing consent. This is the kind of reviews designers concerned with privacy need, in order to generate an industry-wide debate about (slowly emerging) practices and work out optimal solutions over time.

Challenge GDPR: undesirable effort or entrepreneurial opportunity?

The efficient combination of legal risk management and privacy-sensitive design ensures a good ROI for GDPR compliance efforts.

Workshop 5.3.2018: “Datenschutz im Web — Fallstricke, Strategien, Risikomanagement, DSGVO”

Mon 05

DSGVO-Grundlagen, praxisorientiert verbunden mit konkreten Webdesign-Fragen und Ansätzen zum Risikomanagement. Am 5.3.2018 in Nürnberg - jetzt anmelden!

Eight valuable insights from a discussion panel on opportunities of the GPDR

A high-profile expert panel met in Berlin on 31 Jan to discuss the nature and risks, but above all the rewards and opportunities of the GDPR. This blog post summarizes eight key thoughts emerging from the presentations and discussions at this inspirational and positively spirited discussion of the new privacy regulation. Hosted by privacy messenger […]

Jan 2018

Bookmark: When Trading Track Records Means Less Privacy

Just anonymising data does not mean it is no longer personal data - more often than not it needs to be treated with similar care as data that carries individual identifiers.

#DataProtectionDay 2018

All personal data stored may eventually pose a risk to somebody. Three stories of how data stored or shared can have unwanted consequences.

UX for users with cookies disabled – a neat example

The design takes into account privacy-conscious users with cookies disabled. When closing the notification popup, the user learns that by using an alternative URL, they can reach a version of the site without the notification

The GDPR: not a revolution, but an evolution – its core is similar to the 1995 directive, but now enforced more strictly; figure from “The GDPR is a call to practice ethical design”

Bookmark: Apps, Trackers, Privacy, and Regulators – A Global Study of the Mobile Tracking Ecosystem

Particularly relevant for privacy design is the authors' category of ATS-C: third-party services that may process unique identifiers despite their primary purpose is not tracking as such.

Bookmark: GDPR consent design: how granular must adtech opt-ins be?

The wireframes presented in this article should make every UX designer cringe: Johnny Ryan of PageFair embarks on a step-by-step journey through various GDPR requirements and Article 29 Working Party opinions/guidelines, illustrating how the wide range of purposes adtech companies process personal data for would—when taking the law as literal as possible—require consent dialogues of […]

The GDPR is a call to practice ethical design

Internalizing the history and philosophy behind the General Data Privacy Regulation is key for every designer in privacy-critical contexts. The GDPR is not a law that specifies detailed demands for consent forms or the like—it is a change agent for embracing ethical principles in dealing with personal data, across the EU and beyond.

#A11YBerlin meetup series kicked off with two great talks

The newly established Accessibility Meetup Berlin had a great start in January, featuring speakers looking at the topic from two different angles.

Reposting a Tweet by Smashing Magazine

Amen! "While I feel that performance has finally found its place on the agenda in web projects, it’s about time to push privacy, accessibility and ethics to the spotlight as well. Still way too often forgotten or dismissed for the sake of business."

Piwik is now Matomo

Free/libre Google Analytics -alternative Piwik is now “Matomo”: no matter the name, the tool remains #1 choice for independent web analytics. #GDPR

Bookmark: The Looming Digital Meltdown

In her spot-on meta-explanation (sociologists to the rescue!) of the recently revealed security flaws affecting almost any processor used in today’s computers, Zeynep Tufekci delivers a chilling analysis why, as a citizen of a world in which digital technology is increasingly integrated into all objects — not just phones but also cars, baby monitors and […]