Public Service Internet monthly newsletter (Aug 2021)

Solar protocol

We live in incredible times with such possibilities that is clear. Although its easily dismissed seeing more centralised downtime, seeing a surge of ransomware and hearing about Voice as a vector for attack.

To quote Buckminster Fuller “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.

You are seeing aspects of this with reading about the path aware networking proposal (Scalability, Control, and Isolation On Next-Generation Networks), Google providing an element of transparency and artificial intelligence used to restore the missing parts of a Rembrandt.


Digital Infrastructure as the core of the European internet

Ian thinks: There is so much good thinking here from Nesta’s Katja Bego. This why the infrastructure is so important as a base for privacy focused better/smarter systems.

Labelling retouched photos

Ian thinks: This is great news and hope it spreads to other EU nations and further a field. Although it should also cover video and audio and highlight whats in the metadata too.

You have YouTube regrets? Join the massive line

Ian thinks: So many of been horrified by where Youtube recommendations can lead you, and this crowdfunded campaign speaks volumes. Will Google do anything about this, its very unlikely.

Our digital legacy in data

Ian thinks: Elaine is right on the button, if you think the data ecosystem is bad now, what happens when most of the dead outnumber the living on social networks. Those terms and conditions need a massive reform.

Steve Wozniak on the right to repair

Ian thinks: Although its a cameo video and its Wozniak, I do think his thoughts are genuine. Does this make much of a difference in the right to repair? Unlikely.

Have you noticed the price increase of Uber?

Ian thinks: I wonder how much of this is the drivers, public understanding of the gig economy and the investors finally wanting their return on investment?

Those apps are selling your most private data

Ian thinks: Its funny but with a deadly serious message. Its also well researched too, its good to see the data ownership/misuse is getting attention everywhere. Even the daily show.

Its time to make the decentralised systems more common and friendly

Ian thinks: Although I don’t agree with everything said here, there is a need to change things and for me it comes down to user experience.

A new future for Solar power

Ian thinks: Great to see the advancement in the use of solar power technology. Using rocks personally surprised me but makes a lot of sense.


Find the archive here

Understanding makes all the difference

What a difference the police reaction to the vigil of Sarah Everard.

blm protest in bristol

Last year in Bristol with the statue of Carlton

Speaking on a live webchat, the Avon and Somerset Police chief constable said he “doesn’t condone any criminal activity” but intervening would have “risked a violent confrontation”.

Reclain the streets

Last week in London in Clapham Common

The Met Police chief has said she is not considering her position, after the force was criticised over its handling of a vigil for Sarah Everard. Officers handcuffed women and removed them from crowds on Clapham Common in London on Saturday.

The big difference is cultural and emotional intelligence. I seriously don’t understand how the police thought, it would be a good idea to arrest women during a vigil against the death of a woman who was killed at the hands of a police officer!? Someone in the Met police team should have said turned to the chief and said “don’t you see the tragic irony in this all? We need to rethink our tactics here

I know these are isolated cases but I was thinking this while watching

I don’t like Disney but I like Abigail’s words

…I was quite taken by Abigail Disney’s words.

What’s the purpose of a company? In this bold talk, activist and filmmaker Abigail Disney imagines a world where companies have a moral obligation to place their workers above shareholders, calling on Disney (and all corporations) to offer respect, dignity and a living wage to everyone who works for them.

Disney has a long way to go to be honest.

The story behind the 1968 Olympics Black Power salute

John Carlos and Tommie Smith made headlines across the world when they raised the black power salute on the podium after winning in the 1968 Olympics. That protest brought them death threats, and they were expelled from the games.

Vox is on fire recently. The story behind the 1968 Olympics black power salute is something worth watching.

Open rights are human rights

Wish I could have made ORGcon, but I was away again and haven’t been to a ORGcon for quite a few years now. Regardless I’m a supporter (you should be too) of the Open right group since they started many many moons ago.

Data portability and GDPR, been waiting a long time for this

EU GDPR 2018

One of the things I always wanted but never couldn’t see how it would happen without the good will of companies. Was real data portability of my own data.

Google, Facebook and others do provide a data dump but I found it really interesting to see the difference in my Facebook dump/zip/archive. I request it every year or when something changes. This year I did one while Facebook struggled to deal with the impact of Cambridge Analytica and the new GDPR changes.

In 2017 my zip was 31.4 MB (31,425,658 bytes)
In 2018 my zip was 171.3 MB (171,267,617 bytes)

Unlike previously FB included ALL the media in the messages I’ve exchanged with friends. All those gifs and videos friends have shared are now in the dump. I find it interesting they were not included previously. Which always raises the question of ownership. Something we (dataportability group) talked a lot.

I’m so looking forward to similar with other services… Although I’m still unsure if you can legally create services which use the data exports to import or not. It should be possible, as its your data.

Having already crafted a email to send to OKCupid, POF, Bumble, Tinder and some other dating sites similar to when the journalist requested every bit of data they had on her. Its set to send on May 25th which is the day when GDPR comes into effect aka tomorrow!

Thanks to Ubergill for much improving the email I originally drafted…

I’m looking forward to the replies!

Dear {service}

I am making this request for access to personal data pursuant to Article 15 of the General Data Protection Regulation. I am still concerned that your company’s information practices may be putting my personal information at undue risk of exposure or in fact has breached its obligation to safeguard my personal information.

I would like you to be aware at the outset, that I expect a reply to my request within one month as required under Article 12, failing which I will be forwarding my inquiry with a letter of complaint to the Information Commissioner’s Office.

Please advise as to the following:

  1. Please confirm to me whether or not my personal data is being processed. If it is, please provide me with the categories of personal data you have about me in your files and databases.
  2. In particular, please tell me what you know about me in your information systems, whether or not contained in databases, and including e-mail, documents on your networks, or voice or other media that you may store.
  3. Additionally, please advise me in which countries my personal data is stored, or accessible from. In case you make use of cloud services to store or process my data, please include the countries in which the servers are located where my data are or were (in the past 12 months) stored.
  4. Please provide me with a copy of, or access to, my personal data that you have or are processing.
  5. Please provide me with a detailed account of the specific uses that you have made, are making, or will be making of my personal data.
  6. Please provide a list of all third parties with whom you have (or may have) shared my personal data.
  7. If you cannot identify with certainty the specific third parties to whom you have disclosed my personal data, please provide a list of third parties to whom you may have disclosed my personal data.
  8. Please also identify which jurisdictions that you have identified in 1(b) above that these third parties with whom you have or may have shared my personal data, from which these third parties have stored or can access my personal data. Please also provide insight in the legal grounds for transferring my personal data to these jurisdictions. Where you have done so, or are doing so, on the basis of appropriate safeguards, please provide a copy.
  9. Additionally, I would like to know what safeguards have been put in place in relation to these third parties that you have identified in relation to the transfer of my personal data.
  10.  Please advise how long you store my personal data, and if retention is based upon the category of personal data, please identify how long each category is retained.
  11. If you are additionally collecting personal data about me from any source other than me, please provide me with all information about their source, as referred to in Article 14of the GDPR.
  12. If you are making automated decisions about me, including profiling, whether or not on the basis of Article 22 of the GDPR, please provide me with information concerning the basis for the logic in making such automated decisions, and the significance and consequences of such processing.
  13.  I would like to know whether or not my personal data has been disclosed inadvertently by your company in the past, or as a result of a security or privacy breach.
  14. If so, please advise as to the following details of each and any such breach:
  15. a general description of what occurred;
  16. the date and time of the breach (or the best possible estimate);

iii. the date and time the breach was discovered;

  1. the source of the breach (either your own organisation, or a third party to whom you have transferred my personal data);
  2. details of my personal data that was disclosed;
  3. your company’s assessment of the risk of harm to myself, as a result of the breach;

vii. a description of the measures taken or that will be taken to prevent further unauthorised access to my personal data;

viii. contact information so that I can obtain more information and assistance in relation to such a breach, and

  1. information and advice on what I can do to protect myself against any harms, including identity theft and fraud.
  2. If you are not able to state with any certainty whether such an exposure has taken place, through the use of appropriate technologies, please advise what mitigating steps you have taken, such as
  3. Encryption of my personal data;
  4. Data minimisation strategies; or,

iii. Anonymisation or pseudonymisation;

  1. Any other means
  2. I would like to know your information policies and standards that you follow in relation to the safeguarding of my personal data, such as whether you adhere to ISO27001for information security, and more particularly, your practices in relation to the following:
  3. Please inform me whether you have backed up my personal data to tape, disk or other media, and where it is stored and how it is secured, including what steps you have taken to protect my personal data from loss or theft, and whether this includes encryption.
  4. Please also advise whether you have in place any technology which allows you with reasonable certainty to know whether or not my personal data has been disclosed, including but not limited to the following:
  5. Intrusion detection systems;
  6. Firewall technologies;

iii. Access and identity management technologies;

  1. Database audit and/or security tools; or,
  2. Behavioural analysis tools, log analysis tools, or audit tools;
  3.  In regards to employees and contractors, please advise as to the following:
  4. What technologies or business procedures do you have to ensure that individuals within your organisation will be monitored to ensure that they do not deliberately or inadvertently disclose personal data outside your company, through e-mail, web-mail or instant messaging, or otherwise.
  5. Have you had had any circumstances in which employees or contractors have been dismissed, and/or been charged under criminal laws for accessing my personal data inappropriately, or if you are unable to determine this, of any customers, in the past twelve months.
  6. Please advise as to what training and awareness measures you have taken in order to ensure that employees and contractors are accessing and processing my personal data in conformity with the General Data Protection Regulation.

Thank you,

Ian

Graceful degradation of apps via permissions under android 6.0

Android 6.0 Marshmallow has a very nice feature, something I have been wanting to see more across all services and applications. Granular permissions, which can be applied and revoked by the user at anytime.

It was obvious that iOS had it right as far as transparent, granular app permissions were concerned, and Android Marshmallow admits as much, because it now has a very similar system. Permissions are asked for as and when they’re needed, rather than all at once during installation.

That gives you a better idea of what’s going on and also let’s you, for example, give Facebook access to your camera but not your contacts. If you want to check which apps have what permissions (and edit them), go to Settings: tap Apps then the cog icon, then choose App permissions.

Android 6.0 permission system
Why does BBC iPlayer Radio need access to my phone?

Since android 6.0 marshmallow, i’ve wanted to try out the app permission tweaker. I’m interested to see what happens when I block certain apps from key permissions. Will they explode will they gracefully handle it and still operate without it?
For example could I run facebook app and deny access to the internet, or local storage? OK that might be a little too far but what about facebook without access to the mic and camera? Surely that would work right?

So I tried it with the Amazon kindle app, which I always thought had too many permissions anyway. I mean why does the kindle app need access to my contacts and my telephone?!

Android 6.0 permission system

Haven turned them off, I thought I’d better see if the app still actually worked?

Android 6.0 permission system

It did! So I started revoking permissions from apps which I felt didn’t need the permissions. For example Fitbit, which I refused to upgrade in the past due to the permissions.

Android 6.0 permission system

Why does Fitbit need so many permissions anyway!

Android 6.0 permission system

Andorid warms me the app may break as its not written for Android 6.0. But it still works as I want it to., so this has to be a case of them over reaching with the data they want to consume?
Say hello to your new permissions Fitbit, and it works fine when syncing data from the Fitbit.

Android 6.0 permission system

Fitbit better get use to the sandbox I put it in, and they are not the only one!

Android 6.0 permission system
Android 6.0 permission system

This for me is a key part of the VRM infrastructure as Adriana said

If you cannot reject them, if you cannot actually say well, I’m fine with that but not with that, what’s the point?

Great to see it working as expected, graceful degradation of applications based on permissions. I might be able to install Facebook again.

Update

I installed Facebook messenger again with the permissions I felt comfortable with.

Then decided actually I want to break FB messenger as its meant to be written for Android 6.0, so denied it access to my location too.

Installing Facebook messenger under Android 6.0

I can say everything  works, and I haven’t seen any problems so far with my permissions. I did notice you can start to mess with the data usage too, which maybe a way to restrict network usage.?

The right to delete in online dating

Delete billboard by Ji Lee

You know how I’m very interested in the ethical dimension of  services and data. Data portability is something I have a long history with and alongside that, there is related idea of having access to delete.

Of course this can be very controversial like the much talked about, right to be forgotten.

Its intriguing to look at the online dating world where data is thrown about with little regard for the users.

Turns out, there are many people who think deleting a dating app from your phone is the same as deleting your profile – but it isn’t.

Dating apps and online dating sites make it kind of tricky to get rid of you altogether – after all, they attract people (and investors) based on user numbers, so they are not motivated to make it obvious how to delete your account.

Okcupid plays by the rules while eHarmony requires a web action and then a email to confirm. Hinge a mobile dating app, requires you to use a desktop browser before you can delete it the account on your mobile via uninstalling the app.

With Tinder, I disconnected my Facebook account from Tinder meaning the account will be rejected by Facebook if it was started again. Its not elegant but saves me having to install Tinder again. I kind of refuse to install it again.

Makes you wonder how many loops some of the other dating sites and apps will make you jump through…?

The first BBC Backstage podcast: DRM and the BBC

Podcast group

The first ever BBC Backstage podcast kicked off in fine style on Wednesday 7th February.

We invited some of the most vocal backstagers in the long running debate over DRM, to come and join us at the BBC to discuss face to face what they felt about DRM and the BBC. The hour long discussion around DRM and the BBC included,

You can listen with the built in player below, or you can download and remix the MPeg3 file or the Ogg Vorbis file. Both are licensed under creative commons attribution. So as long as you credit backstage.bbc.co.uk, your good to go. Don't forget to check out some great action shots from the debate…

Dave tries to reason with Michela

Miles asks some difficult questions

Dave

Brian prepares to answer James

Tom listening to Brian

Comments [Comments]
Trackbacks [0]

Rights will make you rich or how to Boag?

I went to Rights will make you rich at one dot zero. Without going into details, it was a interesting debate once the presentations (1) (2) were out of the way although I have no idea what on earth the PSP document is. And one of the highlights of the night was a guy called Saw who was trying to make a point about something and decided
to storm out
in frustration. I didn't quite get the point he was making but it was something to do with freesoftware and opensource. I'm sure it was well thought-out but he left before we got a chance to talk. The rest of the evening wasn't very note worthy and I was too tired to contribute anything to the conversation after the BBC Innovation Forum.

Luckly the Boagworld meetup was far better.

Comments [Comments]
Trackbacks [0]