Facebook removed iCal feeds quietly

Facebook Dislike

The other day a good friend mentioned a birthday invite to me. I was confused, I knew it was their birthday but it wasn’t clear what they were talking about as I asked what they were going to do in UK lockdown number 3.

I looked into what happened and realised the new Facebook redesign removed ical feeds. This was further backed up by google support and  Reddit. Worst still the facebook help page doesn’t actually exist any more.

The key seems to be getting access to the old facebook page, which I have tried and tried to get access to, but can not get anymore.

This means all my friends who invited me to events and all my volleyball events will no longer appear on my calendar, unless I see it then export it as a ical. I always thought of Facebook as a massive walled garden but this is getting stupid.

The reasons to be on Facebook just got a lot closer to zero!

Mastodon shows, social data-portability the way it should be

https://mas.to/@cubicgarden/104231400255269868

I recently moved from Mastodon.cloud to Mas.to. My main reason was for some (political?) reason mastodon.cloud was no longer accepted as part of the crossposter accepted domains.

I looked into hosting my own crossposter but decided there might be a reason why mastodon.cloud isn’t supported anymore? I had a look around the fediverse and read quite a few of the terms for each instance/domain. Mas.to looked good.

The actual moving was easily done as per the instructions here.

So easy and quick, if only it was always like this…?

Mozfest10: 3D’s: Dating, Deception and Data-Portability (GDPR edition)

There are a number of blog posts I need to write about the last Mozilla Festival in the UK and I have already written about the dyslexic advantage previously. So its time for my workshop session the 3D’s Dating, Deception and Data-portability in the openness space. I added GDPR edition to the workshop, as I did submit it last year but did so before I actually got my GDPR data back from the dating sites. I assume the lack of clarity about having the data made it tricky for privacy & security to accept it last year?

I was looking forward to this one but on the week of Mozfest, my Dell XPS laptop woke me up in the middle of the night with a bright screen. I thought it was odd to have it on, as its usually a sleep. On closer inspection I found I couldn’t do much, so rebooted it. On the reboot I was able to login but not launch almost anything, so I rebooted again. To find I dumped into a GRUB recovery console. Its a long story what happened next but ultimately my plans to host the dating JSON files on my local machine with a nicer interface was never going to happen.

With all this in mind I changed the presentation (google slides are my friend) and scope of the workshop. Luckily I had redacted enough of the data in advance, and I kept a hold of my data instead of letting people rummage through like I had planned.

I focused the presentation into the 3 areas, dating, deception and data-portability. My slides are all online here.

DSC_0498

The people who came were quite vocal and engaged with everything. There were many questions about the dating and deception part, which made think I could have done a whole bit similar to my TEDx talk a few years ago. But I really wanted to get into the meat of the workshop, beyond requesting your data, actually getting it but now what?

This is exactly what I posed as a question to people.

DSC_0499

 

The replies were quite different from what I was thinking…

  • A group said if you could get a number of data dumps over time, you coul mine the data on your profile to look at positive & negative changes over a longer time scale. This would work great especially on the OKcupid questions, which you can change at anytime and I have.
  • Another group suggested something similar to Cambridge Analytica using OKcupid questions. I did suggest its highly likely they (Okcupid) are already doing this and its reflected in the people you are shown rather than your vote and news you see. I wasn’t making light of it, just sadly saying everything is there and yes it could be turned into a personality profile easily enough
  • There was a interesting thought to tally up messages and changes in profile data with historic weather, moon, quantified self data and other data. To see if there is a link. I think this one might include the person who asked why I redacted the star sign data?
  • The idea of creating a dating bot of yourself was quite shocking, but the thought was with enough of my chat transcripts you could easily train a bot to answer people in the future like I would. There was a discussion about ethics of doing so and what happens when a bot meets another bot pretending to be human
  • Finally group suggested visualisations to help make tangible choices and things I wrote. This was good in the face of what was missing and how to inform the dirty little tricks dating companies do for profit. Its always clear how powerful visualisation can be, you only have to look at my twitter gender data visualisation from openhumans.

Its clear the Plenty of Fish data was less interesting to people and it would be trivial to move from OKCupid to POF based on the dataset. Other way would require a lot user input.

Massive thanks to Fred Erse for keeping me on time and collecting the ideas together.

IMG_20191102_185108

So what happens next?

Jupyter notebook from openhumans demo

Well I’m keen to put either the actual data or the redacted data into openhumans and try the Jupyter notebook thing. Maybe I can achieve the final groups ideas with some fascinating visualisations.

 

Interviewed by PyDataMcr for their podcast about data in dating

Beginning XSLT with Jeni Tennison

I had the pleasure of talking to PyData Manchester better known as PydataMCR.

They post their podcasts to Anchor.fm oddly enough but post it elsewhere too, so its take your pick. There is a RSS feed too which was tricky to find at first for us old skool podcasters.

The interview was nice but if you heard me talk about online dating data before you may have heard a lot of it before. It was noticeable how things move in the dating world, should do some more research really.

At the end there is a shout out to a woman who has been an inspiration for me. Jeni Tennison the CEO of the Open Data Insitute. I wasn’t sure if Jeni was the only woman on a wrox book cover ever. Although I did notice both genders on the C# 2005 programmers reference book and Beginning XHTML. Even saw multiple races on Professional Multicore Programming: Design and Implementation. Then I finally found Beginning Java Objects: From Concepts to Code by Jacquie Barker

So I take back, although I was never so sure..

Thanks to PydataMCR for the interview and my chaotic schedule which caused many issues. Remember to subscribe to the podcast here.

Over 15 years of Flickr data

All those files to download

Its been a long haul but finally Flickr is beyond use for me. I briefly tried Flickr pro for a while but theres so many other options now. Its a shame but Flickr went through a lot of trouble at the end but was saved from Yahoo craziness by snugmug. But even looking at the pro account prices, I decided that after…

It was time to leave Flickr and just let it start deleting my photos, which I mainly had backed up in multiple places anyway.

I was quite impressed with Flickr’s data portability option, for example the uploaded files are exactly the same. But it would have been great if they embedded the tags into the original EXIF data. However it seems they kept the tags in account data. So with some work, it would be possible to pull the whole lot together again? I’m actually surprised no ones already done this?

Digital licence woes and problems ripped large

https://www.flickr.com/photos/will-lion/2593488374/i

Digital licensing and ownership has been discussed in the past a lot, back then it was therotical. But its interesting to revisit the discussion in more modern times with the new ecosystems which have become common place.

Ok fair enough it’s from Torrentfreak but still interesting a read.

The digital world has made it much easier to buy and consume entertainment.

Whether it’s a movie, music track, or book, a shiny “buy now” button is usually just a few keystrokes away.

Millions of people have now replaced their physical media collections for digital ones, often stored in the cloud. While that can be rather convenient, it comes with restrictions that are unheard of offline.

This is best illustrated by an analogy I read a few years ago in a research paper by Aaron Perzanowski and Chris Jay Hoofnagle, titled: “What We Buy When We Buy Now.”

Data-portability and the data transfer project?

data transfer project

Its over 14 years since the dataportability project was founded by a bunch of well meaning people including myself. It was a challenging time with vendor lock, walled gardens and social guilt trips; to be honest little changed till very recently with GDPR.

Data export was good but user controlled data transfer is something special and one of the dreams of the data portability project. Service to service; not because there was a special agreement setup between the services but because you choose to move of your own freewill; makes so much sense.

This why I was kind of sceptical of the Google data transfer project. But on deeper look its pretty good.

In 2007, a small group of engineers in our Chicago office formed the Data Liberation Front, a team that believed consumers should have better tools to put their data where they want, when they want, and even move it to a different service. This idea, called “data portability,” gives people greater control of their information, and pushes us to develop great products because we know they can pack up and leave at any time.

In 2011, we launched Takeout, a new way for Google users to download or transfer a copy of the data they store or create in a variety of industry-standard formats. Since then, we’ve continued to invest in Takeout—we now call it Download Your Data—and today, our users can download a machine-readable copy of the data they have stored in 50+ Google products, with more on the way.

Now, we’re taking our commitment to portability a step further. In tandem with Microsoft, Twitter, and Facebook we’re announcing the Data Transfer Project, an open source initiative dedicated to developing tools that will enable consumers to transfer their data directly from one service to another, without needing to download and re-upload it. Download Your Data users can already do this; they can transfer their information directly to their Dropbox, Box, MS OneDrive, and Google Drive accounts today. With this project, the development of which we mentioned in our blog post about preparations for the GDPR, we’re looking forward to working with companies across the industry to bring this type of functionality to individuals across the web.

All sounds great and the code is open source on Github for anyone to try out. The paper is worth reading too.

However! The devil is in the data or rather the lack of it. As the EFF point out theres no tracking data exchange, the real crown jewels. The transfer tool is good but if the services don’t even share the data, then whats the point?

Dataportability and Dock.io

Dock.io stack

You may have gotten an invite to dock.io which is a service which reminds me of the late atomkeep;

Atomkeep helps users sync their profile information on social networks, job boards and other Internet sites. Users gain a streamlined way to validate and control their social identity across multiple sites.

The nice thing about the Dock.io is they are doing things more correctly. The potential of blockchain is being talked about everywhere but its great to have these services showing the actual potential.

I always found Atomkeep interesting but found it heavy on the trust and apis. Dock.io benefits from dataportability and GDPR, as I was able to get my Linkedin data dump and drop it in dock.io. Export and import, now thats good! Dock.io reminds me of openhumans as you can have applications which run on top of the protocol which then talks to the actual data.

So far so good, sure to write more about it soon including the use of Ethereum and IPFS.

OKcupid responds to my GDPR request

OkCupid no Match protest

I mentioned how I emailed a load of dating sites for my data and then some… Under GDPR. So far I’ve got something form POF but OKcupid finally got back to me, after finally making it to supportconsole@okcupid.com.

Hello,

OkCupid has received your recent request for a copy of the personal data we hold about you.

For your protection and the protection of all of our users, we cannot release any personal data without first obtaining proof of identity.

In order for us to verify your identity, we kindly ask you to:

1. Respond to this email from the email address associated with your OkCupid account and provide us the username of your OkCupid account.

2. In your response to this email, please include a copy of a government-issued ID document such as your passport or driving license. Also, we ask you to please cover up any personal information other than your name, photo and date of birth from the document as that is the only information we need.

We may require further verification of your identity, for example, if the materials you provide us do not establish your identity as being linked to the account in question.

Please note that if you previously closed your account, your data may be unavailable for extraction as we proceed to its deletion or anonymization in accordance with our privacy policy. Even if data is still available for extraction, there is some information we cannot release to you including information that would likely reveal personal information about other users. Those notably include messages you received on OkCupid, which are not provided out of concern for the privacy of the senders.

Best,

OkCupid Privacy Team

Pretty much the same as the POF reply.

POF first to respond to my GDPR request

Plenty of Fish

I mentioned how I emailed a load of dating sites for my data and then some… Under GDPR. So far I’ve been bounced around a little but POF is the first positive email I gotten so far…

PlentyofFish (“POF”) has received your recent request for a copy of the personal data we hold about you.

For your protection and the protection of all of our users, we cannot release any personal data without first obtaining proof of identity.

In order for us to verify your identity, we kindly ask you to:

1. Respond to this email from the email address associated with your POF account and provide us the username of your POF account.

2. In your response to this email, please include a copy of a government-issued ID document such as your passport or driving license. Also, we ask you to please cover up any personal information other than your name, photo and date of birth from the document as that is the only information we need.

We may require further verification of your identity, for example, if the materials you provide us do not establish your identity as being linked to the account in question.

Please note that if you previously closed your account, your data may be unavailable for extraction as we proceed to its deletion or anonymization in accordance with our privacy policy. Even if data is still available for extraction, there is some information we cannot release to you including information that would likely reveal personal information about other users. Those notably include messages you received on POF, which are not provided out of concern for the privacy of the senders.

Best,

POF Privacy Team

Well I guess they are being careful at least but will be interested to see what other questions they ask me.

Still wondering when the rest will get in touch?

Data portability and GDPR, been waiting a long time for this

EU GDPR 2018

One of the things I always wanted but never couldn’t see how it would happen without the good will of companies. Was real data portability of my own data.

Google, Facebook and others do provide a data dump but I found it really interesting to see the difference in my Facebook dump/zip/archive. I request it every year or when something changes. This year I did one while Facebook struggled to deal with the impact of Cambridge Analytica and the new GDPR changes.

In 2017 my zip was 31.4 MB (31,425,658 bytes)
In 2018 my zip was 171.3 MB (171,267,617 bytes)

Unlike previously FB included ALL the media in the messages I’ve exchanged with friends. All those gifs and videos friends have shared are now in the dump. I find it interesting they were not included previously. Which always raises the question of ownership. Something we (dataportability group) talked a lot.

I’m so looking forward to similar with other services… Although I’m still unsure if you can legally create services which use the data exports to import or not. It should be possible, as its your data.

Having already crafted a email to send to OKCupid, POF, Bumble, Tinder and some other dating sites similar to when the journalist requested every bit of data they had on her. Its set to send on May 25th which is the day when GDPR comes into effect aka tomorrow!

Thanks to Ubergill for much improving the email I originally drafted…

I’m looking forward to the replies!

Dear {service}

I am making this request for access to personal data pursuant to Article 15 of the General Data Protection Regulation. I am still concerned that your company’s information practices may be putting my personal information at undue risk of exposure or in fact has breached its obligation to safeguard my personal information.

I would like you to be aware at the outset, that I expect a reply to my request within one month as required under Article 12, failing which I will be forwarding my inquiry with a letter of complaint to the Information Commissioner’s Office.

Please advise as to the following:

  1. Please confirm to me whether or not my personal data is being processed. If it is, please provide me with the categories of personal data you have about me in your files and databases.
  2. In particular, please tell me what you know about me in your information systems, whether or not contained in databases, and including e-mail, documents on your networks, or voice or other media that you may store.
  3. Additionally, please advise me in which countries my personal data is stored, or accessible from. In case you make use of cloud services to store or process my data, please include the countries in which the servers are located where my data are or were (in the past 12 months) stored.
  4. Please provide me with a copy of, or access to, my personal data that you have or are processing.
  5. Please provide me with a detailed account of the specific uses that you have made, are making, or will be making of my personal data.
  6. Please provide a list of all third parties with whom you have (or may have) shared my personal data.
  7. If you cannot identify with certainty the specific third parties to whom you have disclosed my personal data, please provide a list of third parties to whom you may have disclosed my personal data.
  8. Please also identify which jurisdictions that you have identified in 1(b) above that these third parties with whom you have or may have shared my personal data, from which these third parties have stored or can access my personal data. Please also provide insight in the legal grounds for transferring my personal data to these jurisdictions. Where you have done so, or are doing so, on the basis of appropriate safeguards, please provide a copy.
  9. Additionally, I would like to know what safeguards have been put in place in relation to these third parties that you have identified in relation to the transfer of my personal data.
  10.  Please advise how long you store my personal data, and if retention is based upon the category of personal data, please identify how long each category is retained.
  11. If you are additionally collecting personal data about me from any source other than me, please provide me with all information about their source, as referred to in Article 14of the GDPR.
  12. If you are making automated decisions about me, including profiling, whether or not on the basis of Article 22 of the GDPR, please provide me with information concerning the basis for the logic in making such automated decisions, and the significance and consequences of such processing.
  13.  I would like to know whether or not my personal data has been disclosed inadvertently by your company in the past, or as a result of a security or privacy breach.
  14. If so, please advise as to the following details of each and any such breach:
  15. a general description of what occurred;
  16. the date and time of the breach (or the best possible estimate);

iii. the date and time the breach was discovered;

  1. the source of the breach (either your own organisation, or a third party to whom you have transferred my personal data);
  2. details of my personal data that was disclosed;
  3. your company’s assessment of the risk of harm to myself, as a result of the breach;

vii. a description of the measures taken or that will be taken to prevent further unauthorised access to my personal data;

viii. contact information so that I can obtain more information and assistance in relation to such a breach, and

  1. information and advice on what I can do to protect myself against any harms, including identity theft and fraud.
  2. If you are not able to state with any certainty whether such an exposure has taken place, through the use of appropriate technologies, please advise what mitigating steps you have taken, such as
  3. Encryption of my personal data;
  4. Data minimisation strategies; or,

iii. Anonymisation or pseudonymisation;

  1. Any other means
  2. I would like to know your information policies and standards that you follow in relation to the safeguarding of my personal data, such as whether you adhere to ISO27001for information security, and more particularly, your practices in relation to the following:
  3. Please inform me whether you have backed up my personal data to tape, disk or other media, and where it is stored and how it is secured, including what steps you have taken to protect my personal data from loss or theft, and whether this includes encryption.
  4. Please also advise whether you have in place any technology which allows you with reasonable certainty to know whether or not my personal data has been disclosed, including but not limited to the following:
  5. Intrusion detection systems;
  6. Firewall technologies;

iii. Access and identity management technologies;

  1. Database audit and/or security tools; or,
  2. Behavioural analysis tools, log analysis tools, or audit tools;
  3.  In regards to employees and contractors, please advise as to the following:
  4. What technologies or business procedures do you have to ensure that individuals within your organisation will be monitored to ensure that they do not deliberately or inadvertently disclose personal data outside your company, through e-mail, web-mail or instant messaging, or otherwise.
  5. Have you had had any circumstances in which employees or contractors have been dismissed, and/or been charged under criminal laws for accessing my personal data inappropriately, or if you are unable to determine this, of any customers, in the past twelve months.
  6. Please advise as to what training and awareness measures you have taken in order to ensure that employees and contractors are accessing and processing my personal data in conformity with the General Data Protection Regulation.

Thank you,

Ian

Data portability in online dating sooner than they think?

Dating Apps make money from attention & personal data

I have written a few times about disruption in online dating, heck its something which will be discussed at Mozilla Festival this year (tickets are available now).

But interestingly the EU’s General Data Protection Regulation may get in there ahead of any setup/network disruption. In the Guardian I saw a piece called Getting your data out of Tinder is really hard – but it shouldn’t be.

Its all about getting data back from Tinder (which remember is part of IAC/Match group)

…Duportail eventually got some of the rest of her data, but only on a voluntary basis, and only after she identified herself as a journalist. Her non-journalist friends who followed suit never got responses to similar requests.

Finally armed with the 800 pages she had clawed back from Tinder, Duportail wrote a story reflecting on her own relationship with her data, and the myopic view Tinder had of her love life. I feel her story helps bridge the chasm between those with information stored in the database and the architects behind it, providing much needed neutral common ground to democratically discuss power distributions in the digital economy.

Given the popularity of her story, and my overflowing inbox, I would say many agree. And indeed, you should expect more similar stories to be unearthed in the future because of the upcoming General Data Protection Regulation (GDPR). From May 2018, the new European-level regulation will come into force, claiming wider applicability – including on US-based companies, such as Tinder, processing the personal data of Europeans – and harmonising data protection and enforcement by “levelling up” protections for all European residents.

I know there is a lot of push back from the big American internet corps, but this is coming and the there is no way they can wriggle out of it?

…beyond the much older right of access, the true revolution of GDPR will come in the form of a new right for all European citizens: the right to portability.

It seems like such a small thing but actually it has the potential to be extremely disruptive. Heck its one of the things I wanted back in early 2011. Imagine all those new services which could act like brokers and enable choice! It could be standard to have the ability to export and import rich data sets like Attention profile markup language (APML).

I just wish we were staying in Europe, although the UK has agreed to take GDPR, thankfully! There was no way, if they were left on their own, this would ever come about; like it looks like it might.

Standardnotes my alternative choice to Evernote

Standardnotes

This is continuous fight I keep having with myself… For quite some time I’ve been looking for an alternative to Evernote on Linux & Android. I got it down to 3, Turtl, laverna and standardnotes.

In the end I decided Standardnotes mainly because I needed something which easily syncs like simplenote and I guess evernote. I liked the idea of being able to run my own standardnote server in the future. But the biggest thing for me was being able to convert my evernote notes. Yes it costs but I was happy with the terms (client side encryption) and comfortable with the payment which is less than evernote anyway. I also been looking a little deeper at Standardnotes. The privacy and sustainability statements are just stuff of dreams. Theres very few other services which can say and do these things.

What about the others?

Turtl, was good but the interface drove me a little nutty, having to login each time and no offline support? Maybe in a few years if the project gets more development it grow into something special and I’ll check it out again.

laverna is also good and is very quick and easy to get going but its mainly built around the browser as it uses javascript. There is a android app coming but its not there yet and syncing is tricky because it stores everything in the browser. I think you can move this to a sync container like dropbox, google drive, etc.

Standardnotes

With Standardnotes., I have added it to Wavebox, installed the Android apps (doesn’t install on my ereader as it needs Android 5+) and paid for a year subscription.

So far so good!

I do still use Simplenote for quick and temporary notes, but not I installed the the Linux app, this may go away too. Now I just need to sort out my imported 2177 evernotes!

Pebble update opens the door

ef433d2391d654aa37817295ce10f4a0_original

Been very happy to hear FitBit are contuning to make the pebble operational after they sunset the pebble servers.

One of the biggest questions for Pebble owners following the company’s acquisition by Fitbit last year has been how long their watches would keep working going forward. And while Pebble had announced at the time that Fitbit would be “going out of its way” to keep the smartwatch platform’s software and services running through 2017, there hasn’t been much news of what would happen past that point, especially given that a fair portion of Pebble’s software is cloud based.

To help address those issues, Pebble released an update this week that decouples the smartwatches from their dependency on cloud services, meaning that whenever Pebble’s servers do shut down, users will still be able to side load apps and new firmware to their smartwatches.

It’s not a perfect fix, and there are still plenty of answered questions. Features like dictation, messaging, and weather, for example, are all based on cloud services, and Pebble still hasn’t commented on whether or not it’s found a way to keep those working for users going forward. Still, at least Pebble fans will be able to continue to use the basic features of their watches, even as the rest of Pebble is absorbed into Fitbit.

I have been looking at alternatives to the pebble and not finding much especially when Fitbit bought Vector too.

GadgetBridge logo

But I’ve been looking at alternative ways to get the same fuctionality as whats currently available. The big one seems to be GadgetBridge, which seems to be growing in fuctionality quickly.  The other great thing about gadgetbridge is it supports the MiBand too, which may be a saver to the crappy MiBand application, which I can’t seem to get syncing with anything.