Archive of posts with tag 'Privacy'

Annotating the Web with Memex

June 5, 2020 • #

I linked a few weeks ago to a new tool called Memex, a browser extension that touts itself as bookmarking for “power users of the web.” Its primary unique differentiator is how they approach the privacy angle.

I’m a couple of weeks into using it and it brings an interesting new approach to the world of bookmarking tools like Pinboard or Raindrop, both of which I’ve used a lot. Raindrop has been my tool of choice lately, but it’s heavy for what I really want, which is a simple, fast way to toss things into a box with tagging nomenclature to organize.

On the privacy topic from Wednesday’s post, Memex is approaching their product with similar principles. It’s is a browser extension only with no “cloud” element to it like most other services have. All of your data is stored client-side, and the only attachments to the cloud at all have to be opted-into, like syncing backups to Google Drive. It’s got an open source core also, for maximum transparency on how it works. Reading the vision document gives you a sense of where they’re headed:

The long-term mission of WorldBrain.io is to enable people to overcome information overload and the influence of misinformation through collaborative online-research.

We can’t research and understand all the topics we are exposed to well enough to not fall for misinformation. But we all are experts in some of those topics and could help each other understand them better — if we were able to share our existing knowledge more effectively with each other.

Decentralized knowledge management and web annotation is a movement I can get behind. I’m reminded of what Fermat’s Library is doing with academic papers — creating a meta layer of knowledge connection on top research source material. Passages highlighted in Memex could be referenced from other pages to denote connection points or similarities, building a user-generated knowledge graph on top of any internet content.

With Memex you never have to leave the browser. It overlays a small right-hand sidebar on hover with commands for bookmarking, adding tags, or displaying annotations. And they’re following through on their promise for power users with keyboard shortcuts. It also offers the option of indexing your browser history, which if you’re using DuckDuckGo but still want to archive your history for yourself could be useful. I don’t care much one way or another about this particularly, but it’s cool to have the option.

From mobile they have something interesting going. There’s a “Memex Go” app that works well for quickly bookmarking things from the Share Sheet on iOS. Syncing is a paid feature that works through a pairing process with end-to-end encryption to move data between mobile and desktop, synced over wifi. I haven’t tried this yet but I’m looking forward to checking it out. Seems like occasional syncing is all you’d need to move data between desktop and mobile, so this model could work fine.

I don’t think Memex has any integrations yet with other tools, but ones that come to mind that I’d love to see at some point are with two of my favorites: Readwise and Roam. From a technical standpoint I’m not sure how one would integrate a client-side database like what Memex has with a server-side one, but perhaps there could be a “push” capability to sync data up from Memex on-demand to integration points. With Memex’s highlights, perhaps I could decide if and when I want to send my highlights up to Readwise, rather than Readwise doing the pulling. In the case of Roam, even simple tools to drag highlights or bookmarks over as blocks in Roam pages would be a cool addition.

✦

Privacy with Utility

June 3, 2020 • #

The winds of internet privacy¹ shift all over the place. Certain technologies like encryption have given us important moves forward in security, but then big platforms like Facebook or a million small ad tech outfits have taken us the other way with invasive trackers and mishandling of data they shouldn’t have and most of the time don’t need. But the prevailing winds over the past few years have moved, on net, positively toward a focus on protecting personal data.

The nuclear options deployed by the pro-privacy EFF advocate to combat internet creepiness are to delete Facebook, block all trackers, use burner devices, and tape over their webcams. Of course that type of response brings a level of security in exchange for utility and convenience. Events like the revelations around PRISM, the Cambridge Analytica scandal, and countless corporate data breaches have made it common knowledge for everyday people what personal data many companies had, what could happen when that data is exposed, and how easily it happens.

Blockchain technology promises to enable a lot in this area, but most of it is still immature. On the political front the regulatory responses through GDPR and other challenges to corporate data handling have helped, as well.

I’ve never been too paranoid about this stuff. I still use Chrome, Google’s productivity services, and many more of your classic Big Tech platforms. As technology spreads to more people (the internet is for everyone now, not just techies) and becomes more complex (a natural side effect of improvement) the issues creep in depth and scope. Data breaches, browser cookies, IP tracking, and hidden Javascript trackers are different dimensions of the same broader issue: gradually boiling the frog of what users will tolerate, if they even realize it’s happening in the first place.

There are many companies in the market now getting traction by safeguarding privacy as a central tenet. I like seeing these challengers to the BigCos of tech building secure, privacy-first products. They’re finding revenue paths that don’t require invasive, privacy-encroaching models with advertising, bending backwards to support “free” products.

To try and wean myself off of some of these platforms and support organizations committed to privacy, I recently made two big switches: DuckDuckGo for search, and Brave as my default browser.

DuckDuckGo’s gradual growth is a testament to how little Google has done to address the privacy concerns with their technology, especially the Ads stack, Analytics, and Chrome. In the way that I use search today, DDG’s usefulness and speed rival Google’s results, as far as I can tell. On the browser front, Brave was created by Javascript creator Brendan Eich to rethink how web browsing works, to rid us of the creeping, bloated megabytes of JS trackers that have to load on every modern media outlet website. It’s got ad blocker tech built in, and brings an interesting concept to attempt to replace old media-style advertising revenue through its “Basic Attention Token” cryptocurrency model — as you browse the web and view ads through their secure ad network, you earn tokens which you can donate back to content creators. From what I’ve read there’s some controversy around this model which I haven’t researched much, but I’ll have to give them credit for trying something new. On the surface it feels like they’re onto something here. As long as we’re using the traditional ads and PPM model, we’ll be chasing ghosts on the privacy front. Content creators can push on this issue, too. Substack and Ghost have been building healthy businesses supporting content creators building properties to go direct to their audiences, disintermediating the ad networks and big media distributors from the business of publishing and owning customer relationships — consumer directly pays creator, with minimal indirections in between.

But back to the original title of this post. The interesting thing today is that there are compelling tools to replace the high utility (but low privacy) products that seemed irreplaceable a few years ago. Indexing on security has felt like a trade-off against having quality products available to you. But now there’s been a renaissance for personal, secure products by companies being transparent about where their money comes from. DuckDuckGo is still ad supported, as is Brave. I’ve read a lot about Fastmail recently as a Gmail alternative, and they’ve gone with the all-too-unique business model of charging money in exchange for a service (how novel!).

You could use the terms “user data stewardship” or “security” interchangeably here and throughout this article. ↩

✦

EthicalGEO →

August 13, 2019 • #

Our friends over at the American Geographical Society have spearheaded a new competition (in partnership with the Omidyar Network) called EthicalGEO to seek out new ideas on how the community can better understand the ethical challenges with geospatial data, privacy, sharing, and the like, and find solutions and systems to embrace what’s new and combat the risks and downsides:

The EthicalGEO initiative seeks to activate thinkers, innovators, entrepreneurs, policymakers, practitioners, students, and everyday citizens and bring them in to a global dialog that shines a light on their best ideas about the ethical challenges and opportunities posed by the many geospatial technologies and data sources that are reshaping our society. Just as the EthicalAI dialog has enabled a broad-based discussion about the future implications of AI, and the ways in which our society might steer the technology to our purposes, the EthicalGEO initiative seeks to spur a similar conversation around the flurry of geospatial innovations that have become part of our daily lives.

Check out the introduction video:

✦

It's Time for a Data Bill of Rights →

December 20, 2018 • #

This is a fascinating idea, arguing that we should shift our thinking about privacy and data away from “ownership.” Since owning / renting data doesn’t afford the privacy and agency control people actually want, the author argues for a broader set of rights

Clear, broad principles are needed around the world, in ways that fit into the legal systems of individual countries. In the US, existing constitutional provisions—like equal protection under the law and prohibitions against “unreasonable searches and seizures”—are insufficient. It is, for instance, difficult to argue that continuous, persistent tracking of a person’s movements in public is a search. And yet such surveillance is comparable in its intrusive effects to an “unreasonable search.” It’s not enough to hope that courts will come up with favorable interpretations of 18th-century language applied to 21st-century technologies.

A Bill of Data Rights should include rights like these:

The right of the people to be secure against unreasonable surveillance shall not be violated.

No person shall have his or her behavior surreptitiously manipulated.

No person shall be unfairly discriminated against on the basis of data.

These are by no means all the provisions a durable and effective bill would need. They are meant to be a beginning, and examples of the sort of clarity and generality such a document needs.

I’d be open to more arguments for how to bring about changes like this. Broad, sweeping new regulatory concepts tend to be short on realistic implementation details, so the jury’s still out. But it’s a subject important enough to keep iterating on and thinking about.

To make a difference for people like Rachel, a Bill of Data Rights will need a new set of institutions and legal instruments to safeguard the rights it lays out. The state must protect and delimit those rights, which is what the European General Data Protection Regulation (GDPR) of 2018 has started to do. The new data-rights infrastructure should go further and include boards, data cooperatives (which would enable collective action and advocate on behalf of users), ethical data-certification schemes, specialized data-rights litigators and auditors, and data representatives who act as fiduciaries for members of the general public, able to parse the complex impacts that data can have on life.

✦

Browse the full archive →

✦