Let’s make May 25th Privmas Day

25 May is when the GDPR—the General Data Protection Regulation—went into effect. Finally, our need for privacy online has legal backing strong enough to shake the foundations of surveillance capitalism, and maybe even drop it to the ground—with our help. This calls for a celebration. In fact, many of them. Every year. So let’s call… Continue reading Let’s make May 25th Privmas Day

Privacy is personal. Let’s start there.

The GDPR won’t give us privacy. Nor will ePrivacy or any other regulation. We also won’t get it from the businesses those regulations are aimed at. Because privacy is personal. If it wasn’t we wouldn’t have invented clothing and shelter, or social norms for signaling to each what’s okay and what’s not okay. On the Internet we… Continue reading Privacy is personal. Let’s start there.

How customers help companies comply with the GDPR

That’s what we’re starting this Thursday (26 April) at GDPR Hack Day at MIT. The GDPR‘s “sunrise day” — when the EU can start laying fines on companies for violations of it — is May 25th. We want to be ready for that: with a cookie of our own baking that will get us past the “gauntlet… Continue reading How customers help companies comply with the GDPR

Digging Indieweb

For perspective, we are at #2 above, spreading some love at IIW (the Internet Identity Workshop) toward Indieweb, at a breakout session hosted by Tom Brown. I’ve always liked Indieweb, and have wanted to be involved with it, but have found myself inconvenienced by geography. Not this time. I also think everybody who wants to be involved in… Continue reading Digging Indieweb

Hey publishers, let’s get past mistaking tracking protection for ad blocking

Here’s what the Washington Post tells me when I go to one of its pieces (such as this one): Here’s the problem: the Post says I’m blocking ads when I’m just protecting myself from tracking. In fact I welcome ads. By that I mean real ads. Not messages that look like real ads, but are direct marketing messages aimed by tracking. Let’s call them fake… Continue reading Hey publishers, let’s get past mistaking tracking protection for ad blocking

Home Depot left customers’ unprotected personal data online

It’s been awhile since hackers broke into Home Depot’s servers and stole 56 million customers’ credit card information back in 2014. But recently, a tipster pointed business watchdog site Consumerist to a web address under the HomeDepot.com domain. The unprotected page stored photos of various home improvement projects…and 13 Excel spreadsheets filled with customer data.… Continue reading Home Depot left customers’ unprotected personal data online

The Only Way Customers Come First

— is by proffering terms of their own. That’s what will happen when sites and services click “accept” to your terms, rather than the reverse. The role you play here is what lawyers call the first party. Sites and services that agree to your terms are second parties. As a first party, you get scale across all the sites and… Continue reading The Only Way Customers Come First

Secret Service loses encrypted laptop with possible access to classified data

This laptop contains Trump Tower floor plans and ‘national security information! An encrypted Secret Service agency laptop was stolen from an agent’s vehicle recently, it has been revealed, potentially giving the thief access to classified data located on agency servers. According to one source speaking about the theft, this laptop contains Trump Tower floor plans… Continue reading Secret Service loses encrypted laptop with possible access to classified data