Replied to The Modern QR Code Life by Wouter GroeneveldWouter Groeneveld (brainbaking.com)

While thinking about the implications of smartphone requirements, I completely disregarded two very important topics: accessibility and privacy! We seem to prefer interaction with shoddy interfaces on small screens where different browser and OS versions all add to the complexity of simply rendering a restaurant menu instead of reducing it. Furthermore, to use the WalkUp app, you of course have to exchange your precious data. Why?

Wouter Groeneveld discusses his experience of the new normal associated with the use of QR codes and smartphones for viewing menus. He touches on the bad habit of expecting people to use their smartphone at the table and privacy impact.
Bookmarked Opinion | We Need to Take Back Our Privacy by Zeynep Tufekci (nytimes.com)

In a post-Roe America, women will bear the costs of letting data collection undermine our liberty.

With the proposed changes to the right to abortion in United States, Zeynep Tufekci explains how we need take back our privacy. She provides a number of examples of data uses associated with Grindr, Uber and phone companies, highlighting the limits associated with de-anonymised data.

In 2020, Consumer Reports exposed that GoodRX, a popular drug discount and coupons service, was selling information on what medications people were searching or buying to Facebook, Google and other data marketing firms. GoodRX said it would stop, but there is no law against them, or any pharmacy, doing this.

That data becomes even more powerful whenmerged. A woman who regularly eats sushi and suddenly stops, or stops taking Pepto-Bismol, or starts taking vitamin B6 may be easily identified as someone following guidelines for pregnancy. If that woman doesn’t give birth she might find herself being questioned by the police, who may think she had an abortion. (Already, in some places, women who seek medical help after miscarriages have reported questioning to this effect.)

When Tufekci says ‘we’, she is talking about more than personal action, but rather collective change through law. She highlights how attempts to turn off location settings, use a burner phone or stay away from big tech are fraught, and explains how we need more systemic change.

Congress, and states, should restrict or ban the collection of many types of data, especially those used solely for tracking, and limit how long data can be retained for necessary functions — like getting directions on a phone.

Selling, trading and merging personal data should be restricted or outlawed. Law enforcement could obtain it subject to specific judicial oversight.

Sadly, as she demonstrates with the example of Louis Brandeis in 1890 responding to Kodak camera small enough to carry and loaded with 100 shots, calls to protect privacy are not new.

It is interesting to think of this in regards to discussions around digital forgetting and the idea of a hypocratic oath. I guess Tufekci’s point is that maybe some things should not be ‘remembered’ in the first place. Often we worry about the threat of cyber attacks when it could be said the greatest fear is often in plain sight.

Liked DuckDuckGone (mguhlin.org)

I switched my mobile browsing to Firefox Focus with StartPage as my search engine of choice on mobile and desktop (although I use LibreWolf browser with uBlock OriginStartpage Privacy Protection add-on and Ad Nauseum on Desktop). And, run all that with a Private Internet Access, my favorite VPN.

Are those choices going to guarantee total privacy? Probably not. It’s still worth doing because it just isn’t anyone’s business.

Liked Why You Should Think Twice Before Sharing a Covid Diagnosis by Amy Gajda (WIRED)

Based on the data that’s made available about any one of us—information from social media posts about our diagnoses or information from credit card companies about what we like to buy or information from geolocation data about where we like to go—data that could be shared with would-be employers and life insurance companies to name two, it’s not too much of a stretch to say that there are many who would be interested in such a diagnosis, perhaps now but maybe even especially later. Why hire someone who may have a brain abnormality? Why insure that person?

Bookmarked How Private Is My VPN? – The Markup (themarkup.org)

Only four VPN websites had no trackers of any kind, and only three of those VPN apps didn’t track its users in any way. The Markup’s analysis found that the VPNs Mullvad, IVPN, Windscribe, and ProtonVPN had no trackers on their websites. Other than ProtonVPN, whose app uses customers’ email addresses for advertising, their apps don’t collect any data for marketing, either.

Alfred Ng reports on the different ways in which different VPN providers collect data on users.

Ultimately, it’s important to note that VPN privacy policies are built on trust, as these companies have the capability to collect a ton of information and it’s not always obvious what they’re doing with it.

Safety Detectives provides a useful breakdown of the different VPN options, including privacy.

Bookmarked https://privacy.garden/ (privacy.garden)

How China’s massive Digital Silk Road project threatens privacy around the globe Privacy News Online 18 hours ago Glyn Moody Privacy News Online | Weekly Review: April 16, 2021 Privacy News Online 20 hours ago Chris Miller New Federal Data Privacy Legislation Proposed PogoWasRight.org 23 hours ago…

Doug Belshaw has started news aggregator associated with all things privacy.

“Doug Belshaw” in Another new side project: privacy.garden | Open Thinkering ()

Liked The Web’s Missing Interoperability (Stratechery by Ben Thompson)

The most frustrating aspect of the entire privacy debate is that the most ardent advocates of an absolutist position tend to describe anyone who disagrees with them as a Facebook defender. My motivation, though, is not to defend Facebook; quite the opposite, in fact: I want to see the social networking giant have more competition, not less, and I despair that the outcome of privacy laws like GDPR, or App Store-enforced policies from Apple, will be to damage Facebook on one hand, and destroy all of its long-term competitors on the other.

I worry even more about small businesses uniquely enabled by the Internet; forcing every company to act like a silo undoes the power of platforms to unlock collective competition (a la Shopify versus Amazon), whether that be in terms of advertising, payments, or understanding their users. Regulators that truly wish to limit tech power and unlock the economic potential of the Internet would do well to prioritize competition and interoperability via social graph sharing, alongside a more nuanced view of privacy that reflects reality, not misleading ads; I would settle for at least admitting there are tradeoffs being made.

Bookmarked Amazon launches a program to pay consumers for their data on non-Amazon purchases by Sarah Perez (TechCrunch)

Amazon claims it will delete any sensitive information from the receipts users upload, like prescription information. But it doesn’t delete users’ personal information, instead storing it in accordance with its existing Privacy Policy. It will allow users to delete their previously uploaded receipts, if they choose.

Amazon’s attempt to collect receipts just makes me wonder how this might be gamed. It is going to make me more mindful of the receipts I merely throw away. I am reminded of the RFID cloners in Cory Doctorow’s Little Brother.
Bookmarked Bluetooth bugs are making contact tracing apps spit out tons of errors by Matt Burgess (WIRED UK)

Seven months into the Covid-19 pandemic, we still don’t know how effective contact tracing apps are. What we do know is Bluetooth can be wildly inaccurate

Matt Burgess unpacks some of the problems and limitations associated with depending on Bluetooth for the contact tracing.
Bookmarked I Scanned the Websites I Visit with Blacklight, and It’s Horrifying. Now What? (themarkup.org)

The Markup recently launched Blacklight, a free, instant privacy-inspection tool. Enter any website, and it reveals how you may be tracked when you visit the site, names the companies receiving your data, and explains what the trackers are doing—some of them watch your every mouse move and record your every keystroke. Trust us, it’s more than you’re expecting, raising the question: What can you do about it?

Aaron Sankin discusses Backlight, an instant privacy-inspection tool, and what it uncovers in regards to privacy on the web. Much of the focus is around cookies and the role that they serve in regards to tracking.

a cookie is a piece of data saved onto your device identifying you uniquely, which can only be read by whoever set it—whether that’s the site you’re visiting or a third-party marketing company that sets cookies on millions of sites and uses all that information to build profiles about us all. Some cookies can be useful—for instance, remembering you so you don’t have to sign in every time you visit your favorite site.

Some companies use cookies in concert with another tracker called a pixel, which is a small image or bit of code that sends information about your actions to whoever owns that pixel. If the owner of the pixel has also saved a cookie on your device, your actions on that page can be linked to everything in the profile that the company has already built on you—from your previous browsing history to purchases you made offline.

One of the hard things is that although you can clear and/or block cookies, this does not stop fingerprinting and session logging.

This is a topic that Doug Belshaw reflects upon in regards to his use of Firefox.

Bookmarked What Does Privacy Really Mean Under Surveillance Capitalism? (lithub.com)

We are not witnessing the death of privacy. Even though privacy is in distress, we are in a better place now to defend it than we have been for the past decade. This is only the beginning of the fight to safeguard personal data in the digital age. Too much is at stake to let privacy wither—our very way of life is at risk. We need privacy to be able to protest anonymously, vote in secret, contact doctors, lawyers, and journalists in confidence, read whatever we are curious about; all these things and more make up the foundations of freedom and democracy.

In an extract from Privacy Is Power: Why and How You Should Take Back Control of Your Data, Carissa Véliz talks about the importance of privacy and how it comes back to owning our own data.

Here discussion also includes an addition to the ‘data is‘ debate. Véliz makes the comparison with asbestos:

The surveillance economy is not only bad because it creates and enhances undesirable power asymmetries. It is also dangerous because it trades in a toxic substance. Personal data is the asbestos of the tech society. In many ways, asbestos is a wonderful material. It is a mineral that can be cheaply mined and is unusually durable and fire resistant. Unfortunately, in addition to being very practical, asbestos is also deadly. It causes cancer and other serious lung conditions, and there is no safe threshold for exposure.

Like asbestos, personal data can be mined cheaply. Much of it is the by-product of people interacting with tech. Like asbestos, personal data is useful. It can be sold, exchanged for privileges, and it can help predict the future. And like asbestos, personal data is toxic. It can poison individual lives, institutions, and societies.

Replied to GDPR Violation: ScribD acquires PII on 500M users in a deal with LinkedIn (thehftguy.com)

TL;DR: If you have a LinkedIn account, you were signed up to SlideShare automatically without your knowledge or consent. Your account including all your personal information will be sold to ScribD unless you opt-out now. See “How to Opt Out” at the end of this article.

Somewhat inspired, I deleted my Slideshare account. Although I have issues with another company simply inheriting my data, I realised that I have not used the space for a few years and saw no reason to maintain a historical presence there.

With my focus on a ‘domain of my own’, I have downloaded all the presentations and am progressively going through my sites to replace any embeds.

via Doug Belshaw

Liked Online Privacy Should Be Modeled on Real-World Privacy by John Gruber (Daring Fireball)

Just because there is now a multi-billion-dollar industry based on the abject betrayal of our privacy doesn’t mean the sociopaths who built it have any right whatsoever to continue getting away with it. They talk in circles but their argument boils down to entitlement: they think our privacy is theirs for the taking because they’ve been getting away with taking it without our knowledge, and it is valuable. No action Apple can take against the tracking industry is too strong.

Replied to Herd immunity for privacy by Doug Belshaw (dougbelshaw.com)

I realise that we can’t turn the clock back, and goodness know privacy advocates have made some missteps along the way. But now we live in a world where both governments and Big Tech have a vested interest in the general public lacking what I’d call ‘herd immunity for privacy’.


So although it seems like somewhat of a futile task at times, I’ll continue to pragmatically protect my own privacy, and encourage those around me to do likewise.

I have a Doug-shaped question. I understand what I can do in regards to privacy for myself, but wonder about my children. My strategy has simply been to keep them away from everything, however living in lockdown has led to the need for things such as email for Ms 8. Wondering how you approach this problem with your children?
Bookmarked It’s Time to Rebrand ‘Cookies’ (onezero.medium.com)

If we could agree on a more accurate name for cookies (or at least third-party cookies), like “tracking beacons,” it would help give users some much-needed pause the next time they’re asked to accept them.

Owen Williams dives into the world of cookies and data tracking. He explains cookies as:

At their core, cookies are simple plain text passed from a website to your computer and stored by your browser for later use. That text is passed back to the server when you request a web page, and it’s used by developers for an array of tasks. For example, when you click “remember me” as you log in to a site, a cookie is set so the site doesn’t ask you to log in again. Without cookies, the internet would be much more annoying and forgetful. But that same useful technology also allows other sites, services, and advertisers to invisibly track you.

He discusses the difference between a first-party verses a third-party cookie.

Third-party cookies, are placed by advertisers and marketing companies to track you across websites, allowing them to figure out who you are even as you leave the original site that set that cookie.

Although there is a significant push to limit third-party cookies, there is still no consensus on what a solution looks like.

In another post, Ariel Bogle explains why the removal of third-party cookies only strengthens Google’s position in the ad market as they are able to collect data associated with users of their own applications.

Liked Snowden: Tech Workers Are Complicit in How Their Companies Hurt Society (vice.com)

Snowden said many in the tech industry believe their work is value neutral, making a comparison to the physicists who worked to harness the power of the atom believing it would be used to build clean energy. The result of course was one of the most devastating weapons in human history.

via Cory Doctorow
Replied to Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say – Doug Belshaw’s Thought Shrapnel (Doug Belshaw’s Thought Shrapnel)

It’s interesting times for those who keep a watchful eye on their civil liberties and government invasion of privacy. Bear that in mind when tech bros tell you not to fear robots because they’re dumb. The people behind them aren’t, and they have an agenda.

It is an interesting time Doug. After watching a teardown of the COVIDSafe app, I am not so much worried about it as I am about the culture that it brings in. It would seem that the British apps is a bit different.

I really enjoyed Naomi Klein’s recent post about the ‘screen new deal’ in which she discusses the lobbying to put technology front and centre moving forward.

Bookmarked

Troy Hunt reflects on the discussion of the Australian Government’s development of an app that would allow users to identify and be identified if in contact with the coronavirus. He suggests that privacy is not an absolute.