Privacy

Indieweb - Restoring people's control over their online presence

The Indieweb is a community promoting the use of individual rather than corporate web sites. It focuses on people owning their own data, on their own domain– both to prevent large sites becoming information silos and to mitigate against the risk of any given product being shut down. Content can be syndicated (cross-posted) elsewhere, like how this site cross-posts to Twitter, but Indieweb community members use their own personal domain as their identity on the web. They interact with others in the Indieweb community, and the broader web, using a minimal set of principles, protocols, and formats.

Its “people-focused” mission makes it the perfect candidate for what Improving the Net is trying to promote. I do have my own domain but still need to add some of the biographical information and links to my other online profiles. Maybe that will be a project for over the holidays!

Mozilla - supporting a human-centered Internet

Mozilla is of course best known as the company behind the Firefox browser, but their contributions to an open and sustainable internet go far beyond that. Here are some of the other things they’re behind:

  • Firefox Monitor, which I mentioned yesterday, alerts you when your email address or other personal information is included in a data breach.
  • Pocket, a service that saves articles for you to read later, is focused on user privacy.
  • Holiday gift guides that research how various tech products handle users’ data and to what extent they track you.
  • MDN, one of the best resources for web development documentation, guides, and tutorials.

I’d encourage you to check out any or all of the above!

Have I Been Pwned - Notifying you about data breaches

Have I Been Pwned collects data from known data breaches and can notify if your email address, password, or personal data has been exposed. It also allows you to check if a password has been leaked (either through one of your accounts, or someone else using the same password), using a clever algorithm that doesn’t require you to actually share your password (which is of course not safe), or even the full hash of the password. Rather than try to summarize how it works, I’d invite you to just read the Frequently Asked Questions about the service.

I specifically use HIBP through the excellent Firefox Monitor, which uses HIBP as its data provider. I also HIGHLY recommend using a password manager like 1Password (the one I use), LastPass, or KeePass (there are many others, too). I’ll likely talk more about password managers in the future.

(h/t @jayeless for suggesting this, even though I’ve known about it for years!)

Solid - Giving users control of their data

Solid is a family of standards and protocols, along with software implementing them. It was designed to give users control over their data, while creating a decentralized network of computing resources known as pods. Co-founded by Tim Berners-Lee, it is a great example of rethinking our reliance on big monopolistic social networks and data silos. There are several existing providers that allow users to register their own pods, or you can run the software yourself.

I don’t have any hands-on experience with Solid, but I do remember running across it last year. I’m glad to see it’s still going strong and seems to be doing well. I’ll be interested to dig in a bit more and learn about it.

(h/t Cal Newport’s blog) If you don’t already follow Cal’s work, you should!

Ecosia - Planting trees with web searches

Ecosia is a search engine that uses the profits from ad revenue to plant trees all over the world. On average, every 45 searches on the site translates to a tree planted, and so far Ecosia has planted well over 100 million trees.

Like DuckDuckGo, which I’ve talked about previously, Ecosia is committed to protecting users’ privacy, and has a very easy to read privacy page.

I’m still using DuckDuckGo as my primary search engine, but love to see more services that are taking market share away from Google and promoting privacy and diversity among search engines.

Fastmail - Email, Improved

Fastmail is an email service offering a privacy-focused, user-centric alternative to free email providers like Gmail.

It has everything you would want from an email service: web and mobile apps, contacts and calendar support, integration with other clients using IMAP and CalDAV/CardDAV protocols. And it has nothing that you don’t want, like ads or being tracked along with the rest of your web activity. It even has a streamlined feature to import all your email, calendars, and contacts from Google and many other email providers.

Although it’s not free, you pay per user account, not per address or domain. Because Fastmail supports custom domains, all of my domains forward to the same account, using wildcard, so I have effectively infinite email addresses but only pay for one account. I even have my Gmail account set up to forward to Fastmail, as I transition the email address on all of my online accounts to use Fastmail address(es).

Because email is a core feature and product for Fastmail, they care a lot about email standards, and even helped develop a new protocol, JMAP, which has been accepted by the IETF as an Internet Standard (RFCs 8620 and 8621.

I’ve talked before about Hey, which seems promising for me once it supports custom domains and some other features. But for now, Fastmail is the email service I use every day.

DarkPatterns.org - Shining a light on bad website behavior

DarkPatterns.org is a site dedicated to exposing malicious patterns websites use to trick users into doing things that aren’t in their best interest.

Taking a “name them and shame them” approach, the site, run by Harry Brignull and Alexander Darlington explains how sites can cause you to spend money you don’t want or make it harder to get out of a relationship with the site. The Dark Patterns Reading List has additional resources for people who want to learn more.

I tend to think I’m a pretty savvy web user, but there were some patterns on the site that I wasn’t aware of before.

Because this is the Internet, I’ll be explicit: the dark patterns themselves are making the Internet more hostile to users. But the DarkPatterns.org site raising awareness of them is a good thing!

DuckDuckGo - Search without being tracked

If you’re reading this, you probably already know that Google is not the only way to search the Internet, despite their massive dominance. There are other search engines out there.

DuckDuckGo is one such search engine, and happens to be the one I use every day. Its focus is on user’s privacy. Just like Google, it still makes money primarily by selling ads that show up in search results. But unlike Google, it only sells ads against the terms you search for, not anything about you or your browsing behavior. In fact, they don’t store or track any information about you at all.

I’ve set my default search engine in Firefox to be DuckDuckGo, and also installed their Privacy Essentials Firefox extension. Maybe 1% of the time, DuckDuck go doesn’t find what I need, in which case I can still go back to the big G.

Fathom - Privacy-focused Website Analytics

Fathom is an alternative to Google Analytics and similar web analytics software. It provides information about top pages, referrers, devices, browsers, and country of origin, without using cookies or otherwise violating users’ privacy.

On top of that, Fathom is an independent, bootstrapped company. It’s not free, which means they don’t have to compromise on the things needed to run a “free” service.

Google Analytics was the very first thing I blocked using uBlock Origin (which I’ll talk about soon, I’m sure), but I’m going to add a blanket whitelist for Fathom’s servers, out of respect for site owners who choose to use it instead of Google Analytics.

Web analytics without user tracking is possible!

Hey.com - Rethinking Email

Hey is a (relatively) new email service by the makers of Basecamp that’s rethinking how we use email.

One of the least flashy but, in my opinion, most important features is blocking so-called “spy pixels” that can track when, where, and how many times you open an email.

I haven’t tried Hey out just yet (I’m waiting for the custom domain support that will be coming with Hey for Work), but it’s good to see some innovation in a technology that is fundamental to a lot of digital life but hasn’t seen much love in years.