Categories
Public notebook

Opt in tracking – an all too rare experience

I use the Overcast app for podcasts on my iPhone and iPad. It’s really good – straightforward with some useful features like keeping synced between devices and being able to control the speed of playback.

Today it asked me if I wanted to “go anonymous”.

So simple. So much simpler and less queasy an experience to be able to opt out completely of having my data tracked than the post-Cambridge Analytica, pre-GDPR emails and terms and conditions alerts from apps and online services elsewhere. While they are all getting you to click more user agreements you might have a 20% better chance of understanding or even seeing than the old ones, all in the hope of evading a fine or further market cap slips – this approach is so refreshing.

“In or out?,” It says. “We don’t really have to know your date of birth and closest friends and family in order to provide you with an acceptable podcast app.”

Categories
Public notebook

Crypto-consumers

The fact that Ad Blocker and similar plug-ins have long been top of the charts for browser extensions gave us a clue to what people like online: an absence of advertising.

What then, to make of the Red Onion Tor Browser – a web browser that makes it hard for digital eavesdroppers to see what you are doing online – being number 11 in the iOS App Store paid chart?

IMG_8847.PNG

Probably that people don’t like being spied on by Big Brother’n’Big Brands. Another signal – along with things like the Cryptoparty movement that increasing numbers of people are looking at how to take personal privacy more seriously. Here’s some excerpts from a piece I wrote a couple of months ago for the IAB Future Trends report on The Future of Data (and also blogged about at Brilliant Noise):

Ain’t no party like a cryptoparty

Last month I saw a warning from the near future for brands. I was at something called a Cryptoparty, one of hundreds happening every month around the world where activists teach ordinary people how to lock down their personal data online and avoid the perceived twin evils of Big Brother and big brands.

A nice man called Chris quickly taught me how to encrypt my email, web browsing and instant messaging. In 2008 the founder of Facebook predicted that the amount of information people shared online would double every year. Zuckerberg’s Law as it was inevitably named, was part of the spirit of openness and increasing transparency that had been sweeping through the web and our personal lives since the first glimmerings of social media as mass media took hold in the early Noughties.

That wave may now be breaking with some violence on the rocks of the Snowden revelations of mass surveillance by the US and its allies, along with the clumsy efforts of governments and corporations to take advantage of the big data bonanza to peer into the lives of citizens and consumers.

Marketers have been lazy and clumsy in their use of customer data to date. Even floating the idea for this article met with indifference and denial from my peers – consumers couldn’t give a fig about privacy, is the gist of some individuals’ feelings on the matter.

Things move fast on the web, however, and soon enough Martin Sorrell was telling Ad Week Europe that the Snowden scandal was going to hit brands harder than they thought and that “people are underestimating its significance among consumers.”

At the Cryptoparty, I learned that there are a mass of apps and services you can use securely, but as soon as I try them a big downside becomes clear. They are slow, clunky and lack the features of free services like those from Google, Microsoft and Apple, for instance.

I point this out to Chris. “People think my machine is broken when try it,” he admits cheerfully, “But it’s just very secure.”[…]

Last word to Sir Martin: “We want to be more respectful of privacy and also want to monetise our audiences our way. Being more focused on privacy is not bad for business, it can be good.”

We may not reach a stage where everyone cares about online privacy enough to download a Tor browser or a VPN like Cloak to their smartphone, but the number of people who do is likely to grow, even become a significant minority.

Categories
Public notebook

Words, actions, privacy.

Ember

Image: My medieval public identity…

It used to be when users kicked up a fuss, social networks quaked and gave way to their demands.

Then Facebook began a kind of two-steps-forward / user outcry / one-step-back dance with privacy and user data.

These days, as the market has matured and the incumbents feel a little more settled, their networks seem a little too hard to opt out of for users.

In a recent New York Times article about Google+, Google’s Bradley Horowitz said: “We are attuned to both what people say and what people do.”

How I read that: sure, we hear a lot of complaining, but no one’s voting with their virtual feet.

Users complain about the forcing upon them of a Google+ identity, but they don’t do much about it. They don’t close down their Gmail, start using other search engines, give YouTube a swerve. Not many of them. Not enough of them to worry about.

To data driven Google, an outcry on Twitter and in opinion articles is largely noise. People stopping using their services would be a strong signal – and they just aren’t seeing that.

I can think of a couple of people who have opted out of Facebook (a couple out of the few hundred people I’m connected to there).

As for Google, I have only met one refusenik so far – and heard tell of others in the online activist community.

Two questions come to mind:

  1. Will governments and brands begin to follow this logic? Petitions and online slacktivism, as one-click protests are derisively labelled by some, aren’t always going to signal real behaviour changes – boycotts, votes, spending money elsewhere.
  2. Are people who are opting out of Google and Facebook the start of a movement toward “de-clouding”, rejecting handing their personal data over to large corporations? It’s too early to tell whether this will remain fringe dissent or whether it will begin to spread. Google, Facebook, Microsoft and, to some extent, Apple and Amazon (the “stacks“) will be aiming to make sure the massive utility value of their services outweighs fear and suspicion of their stewardship of our data.

Online security expert Bruce Schneier calls entrusting our data to the stacks “feudal security”, a theme picked up by Aral Balkan recently in his TEDxBrighton talk.

Feaudalism works, you could argue. It worked for thousands of years. Quite apart from inequality and fairness though, feudalism kills progress – it causes stagnation, homegeneity, stasis.

I guess what Schneier and Balkan are pointing out with the feudalism metaphor is that this is a kind of opt-in feudalism – it doesn’t have to be that way. Actually, as I sit here typing into a Chrome Browser, on an iMac, before turning to my Gmail etc. – you realise that it’s no opt-in, it’s something you have to put a great deal of effort and time into opting out of…

: : As an aside, I’d be a lot more likely to use Google+ more often if I didn’t have two identities there. Reflecting on the “forcing users to have a single Google+ identity” strand in this post as I edited it, I realise – I’d love a single identity. Can I have one, please?

My work and personal email are both on Gmail, so I have two lots of circles, etc. Reminds me of this tweet I favorited [sic] the other day:

 

 

 

Categories
Public notebook

Who can see what you are doing on the internet right now?

Yesterday’s cryptoparty was fascinating in so many ways. A two hour-ish session took us through online privacy issues, behaviours and tools.

Particularly useful was an interactive diagram from the Electronic Frontier Foundation, which campaigns for internet freedom, showing who can see what you are doing with your web browser – from a hacker sitting in the same coffee shop, to your ISP, the hosts of the website you are using and government agencies tapping into the internet backbone (as the NSA and GCHQ in the UK have been doing) or contacting the ISP or website for their records. 

Click on the image below to try it for yourself.

ZZ55706B45

 

I knew some of this previously, but this diagram is really helpful in clarifying the situation. You can see who see how of your online activity is blocked by using a secure plug in (the HTTPS Everywhere extension for Chrome and Firefox browsers will do this) or a super-secure browser like TOR (which encrypts and hides users’ location, identity and web use). Fro the most part, the former blocks people seeing who you are and your data, the latter almost everything except your location and the fact that you are using TOR.

On the last point, using TOR presents what my colleague Jason Ryan calls “the cryptographer’s dilemma”. While it means you have a huge amount of privacy online, it also holds up a metaphorical sign saying “I am doing secret things! Over here, mass surveillance agency – me! Me!”.

Recommendations for using TOR for people like activists or journalists who need to keep their online activity away from prying eyes include:

  • Don’t use it too often
  • Don’t use it at home
  • Don’t upload files on it
  • Don’t log in to your email

There are more in an exhaustive – and, frankly, exhausting – list called Want TOR to really work?.

Online privacy and mass surveillance are very complex issues, as are the solutions. I’m very grateful to Chris Pinchen and his cryptoparty friends for helping me to begin to think these issues and ideas through.

Categories
Public notebook

Against mass surveillance – what will you do today?

ZZ6D612BDC

Today is a day of action and protest against mass surveillance by our governments: The Day We Fight Back.

Aptly, the first thing in my Twitter stream when I opened my laptop this morning  was the inventor of the Web re-tweeting the Electronic Frontier Foundation’s message…

ZZ52E6FBD6

Things move quickly, our lives are busy. Today, though, take the opportunity of The Day We Fight Back to stop and ask – what kind of a world do you want to live in? What future do we want to choose? What kind of Web do we want to live with around us?

Then do one thing – or a few things – to mark your intent, to take small steps toward the future you want.

Here’s what I’m doing:

  • Adding my voice to the chorus of dissent –  by signing the EFF petition and adding their banner to my website.
  • Supporting those who are fighting for our online freedom every day – by  re-joining the Open Rights Group in the UK, that campaigns for internet freedom and making a donation.
  • Learning more about how to take control of my data and security personally – by attending a Cryptoparty this evening where people will be learning how to lock down their devices and manage their online data. I’m hoping to help hold more of these for friends, colleagues and clients in the future.

Spread the word. Tell others what today means and what you are doing to support it…

Categories
Public notebook

Getting an Autographer

ZZ121F4985

We’ve ordered an Autographer for the Brilliant Noise office. I’m really looking forward to trying it out.

Three main things I’m interested in…

  1. A new kind of camera: It will be great to experiment with the Autographer in situations where taking photos is difficult. I think especially of running – there are so many interesting scenes you come across when distance training (I’m about to start my 2014 marathon training) and stopping and using your phone can really disrupt your run. I think that it will be interesting to use it when speaking at conferences and capturing other moments where I’m usually focused on something else.
  2. Creating new kinds of stories: Documentally’s* inspired me a bit with his Autographer films earlier this year – like this one about a Storymaking event at the Guardian. It strikes me that there are all kinds of behind-the-scenes, day-in-the-life stories waiting to be told like this.
  3. Seeing how it works socially: In Documentally’s review of the Autographer he talks about both forgetting he was wearing the device and having to consciously make decision to turn the camera off…

I found myself suddenly and understandably concerned by the privacy of those around me. Another time was when I thought other peoples kids were identifiable in a playground.

What might happen when I walk through airport security and inadvertently break the law? What does all this mean for privacy in general?

Like every other piece of social technology we will need to invent the rules and behaviours for devices like this one. I’m curious about how it will feel and the questions it will prompt me to ask myself.

I’ll let you know how I get on…

* He’s actually called Christian Payne, but I always think of him as Documentally. 

Categories
Public notebook

Google Glass and privacy

ZZ1EAEAF1D

Jan Chipchase blows away the froth around the Google Glass/privacy conversation: 

As a product that is both on-your-face and in-your-face, Glass is set to become a lightning rod for a wider discussion around what constitutes acceptable behavior in public and private spaces. The Glass debate has already started, but these are early days; each new iteration of hardware and functionality will trigger fresh convulsions. In the short term, Glass will trigger anger, name-calling, ridicule and the occasional bucket of thrown water (whether it’s ice water, I don’t know). In the medium term, as societal interaction with the product broadens, signs will appear in public spaces guiding mis/use1 and lawsuits will fly, while over the longer term, legislation will create boundaries that reflect some form of im/balance between individual, corporate and societal wants, needs and concerns.

In Kevin Kelly’s What Technology Wants thesis, Google Glass is an inevitability – we could see it coming a mile off. Ban it if you like, ignore it if you like, but you can’t un-invent it or the technologies it bundles together. 

We are surrounded by thousands of cameras and microphones everyday in the hands of our fellow citizens. Some even play with surveillance drones at the weekend. 

All of this technology will only get more common, cheaper, smaller. 

What are we going to do about it? 

Categories
Public notebook

Privacy sells?

NewImage

This advertising billboard in Clerkenwell stopped me in my tracks (and by tracks I mean the sedate progress of my Boris Bike) on Monday.

BlackBerry’s encryption of emails is good enough that it upsets those of an authoritarian, prying-into-your-citizens’-communications-persuasion and now they are making a selling point of it.

Privacy gets in the way of advertising business models as well as the secret police, which is why managing your privacy settings on services from your browser to Facebook is often unnecessarily complicated. It may not be a conspiracy to stop you from guarding your data, but there isn’t a perceived incentive to make this stuff really useful for the networks.

Or for anyone else. Apart from Ad Blocker web browser extensions and a clutch of very geeky tools used by activists and cautious geeks, there aren’t mass market tools and services to help people control how their data is used, how their personal becomes public…

Google’s recognised this, sort of… At least Paul Adams did in his masterpiece of a research paper on social networks – The Real Life Social Network – at Google (I note he is now at Facebook). Then we thought we’d see Google Circles, an social network designed to help with this managing of your content and conversations. But then we didn’t.

Thing is, privacy – what we want from it, what we actually mean by it, etc. – is complicated. As I discussed at Local Social Summit last year, privacy can mean all sorts of things. Privacy is proxy issue for fears and doubts about life with the web and with technology more broadly.

Anyway, back to the BlackBerry ad. I wonder if this sells phones. I wonder if privacy will sell other stuff too. I wonder if – as Alan Patrick – privacy itself is something that will be sold (as a service, a premium package, whatever…).

Categories
Public notebook

Mining the where: CIA-funded start-up says 80% of online content contains location information

201011251323.jpg

Last week at Local Social Summit I talked about some of the issues around location and privacy. Especially problematic is people’s inadvertent tagging of their photos with location information – something potentially of interest to crooks, stalkers and others you might not want to know everything about you.

Open-source spying is a term which has been around for a while, reflecting the fact that when it comes to gathering information, the web is often as good a place as going into the field. In-Q-Tel’s investments reflect a justified fascination with the social web by intelligence agencies.

Well it turns out the CIA is also interested in this kind of information. In a post about the CIA’s Silicon Valley VC firm, In-Q-Tel, the Not So Private Parts blog on Forbes found the firm…

…likes companies coming up with better ways to mine social networking sites and geospatial location data. One of its investments, Geosemble, a private spin-off from USC, estimates that “80% of online content has location information.”

80%? Wow.

“Our mission is to shine a torchlight on geographic unknowns and help organizations neutralize threats and capitalize on opportunities in their areas of geographic interest,” says its website. Another of IQT’s geospatial investments, FortiusOne, promises instant maps based on Tweets and photo uploads, for mapping election-day threats in Afghanistan, for example.

The idealist in me is attracted to the data mining stories of humanitarian efforts of platforms like Ushahidi, but we should remember that governments and their agencies are interested in our geo-location information as well.

Bonus link : : Really interesting presentation from FortiusOne on analysing geo-data for business.

Categories
Public notebook

Publish first, police second… is that how it works?

201011221946.jpg

The other evening I watched some of the Channel 4 documentary Coppers, in which UK police officers were sharing their disquiet about how people they deal with seem to phone the police rather than deal with their problems themselves.

Could it be that there is another contradictory trend, for people to take evidence of crimes to their social networks first, when the police might be more appropriate?

Two cases spring to mind. One, which was a tabloid cause celebré this morning, is the ten-year-old boy who took a picture of a mugger leaving the scene of a crime.

According to Th Sun, he…

He snapped Royal as he fled on a bike then posted the pic online. Cops identified and nicked Royal who was fined in Darlington, Co Durham.

Why not call the police? And the police “praised Alex’s ‘quick thinking'”. Really?

The other was the cat-in-the-wheelie-bin lady, who was caught on someone’s private CCTV committing an act of animal cruelty. The footage was posted to YouTube and then a web community took up the cause of identifying the woman (something they did very quickly).

It may be that the socially acceptable behaviours that emerges, that becomes a norm, is that we post everything to the web and then direct the police to it. At some point this is likely to incite real-world vigilantism, at some point this is likely to compromise evidence in a case, or the ability of a court to hold an impartial jury trial.

: : Lastly, a ten-year-old on Twitter – really? I hear parents wondering whether to let their kids use Facebook when they are 13 (the legal limit), but Twitter? Never… There’s a few things about this story which see odd.