Confidentialité
De Mi caja de notas
Projet en cours.
toutes les pages de ce site étant publiques, pensez à ne pas divulguer vos données confidentielles comme des mots de passe, comptes bancaires, numéro de cartes bancaires, codes de porte, etc. |
—--
Voir les contenus en anglais de la page confidentialité sur l’indieweb
Privacy on the IndieWeb spans multiple aspects, from keeping your own information private on your personal site like private posts, to respecting the privacy of those who interact with your site, perhaps within an explicit privacy policy.
Wikipedia on Privacy says: it is “the ability of an individual or group to seclude themselves or information about themselves and thereby express themselves selectively”.
As of 2014-06, anecdotally, most of the work done by the IndieWeb community has been focused on publishing rather than privacy, although it’s an important factor for many people here, especially as we start publishing data such as checkins and personal metrics --Barnaby Walters 07:45, 10 June 2014 (PDT)
Some sites have a privacy policy, a form of disclosure about what kind of the information the site may retain about users, their usage, and who they might share it with.
Silo Examples
Facebook has both a privacy policy in their terms of service, and privacy settings.
Facebook Privacy Settings
Facebook’s privacy settings are particularly interesting; since they have been historically criticized for privacy failures they have consciously iterated on their privacy settings in attempt to make them more understandable, usable, and predictable.
There’s another privacy settings screen with more options at a device-specific URL (choose "More Settings" in the above, and then "Privacy")
(where touch presumably refers to iPod Touch)
There’s one more option just below the bottom crop:
- “Do you want search engines outside of Facebook to link to your profile?”
Who can see my stuff
Facebook’s “Who can see my stuff?” setting is itself at least two settings (depending on context). E.g. expanding that from the /privacy page shows:
- Who can see your future posts?
- Where do I review who can see things I've posted or been tagged in? (Use Activity Log) which then links to your /userid/allactivity which only you can see, e.g.
Or from the /privacy/touch/basic page (see above)
- Limit the audience for posts you've shared […]
Limit audience for previous posts
One privacy setting in particular that seems like it was a response to user-demand is the very specifically worded:
Limit the audience for posts you've shared with friends of friends or Public?
as seen in a previous screenshot.
Note the use of a capitalized “Public”, perhaps imply a “the Public” as a deliberate attempt to avoid confusion about which of many publics.
When you select it the wording changes to:
Limit The Audience for Old Posts on Your Timeline
(no idea what the "masher" means there)
If you choose (Limit Old Posts) you are presented with a confirmation screen:
Are You Sure You Want to Proceed?
By the wording in this screen, it appears that this is a one-way mass-change, that is, if you want to undo or revert this change, you have to (somehow) know which of your past posts used to be Public, and then “change the audience for each of these posts one at a time.”
Search engines outside of Facebook
From the /privacy/touch/basic page, if you choose “Do you want search engines outside Facebook to link to your profile?” the following page is shown:
- The URL starts with https://m.facebook.com/privacy/touch/public_search/ but has a
?gfid=
(alpha-numeric-hyphen-code) presumably for security purposes
With that same text as the heading of the page, and a big button to
Allow search engines outside of Facebook to link to your profile
If you select it and turn on "allow" (as it were), there is no confirmation.
If however you see a blue checkmark on the right edge of that button,
Allow search engines outside of Facebook to link to your profile ✓
it means the option is currently enabled, and selecting the button takes you to a confirmation screen to disable public search:
This section needs expansion including screenshots based on current Google products & services as of 2022.
Google Location Sharing
Google Location Sharing is available at another page, though linked to from the Google+ Setting page:
If it says:
Off
Your location isn't visible to anyone.
Then you're likely good. Otherwise you may want to edit it to turn off all location sharing.
Flickr
Flickr has lots of privacy controls.
(screenshot needed)
In addition you can set defaults and other options.
Flickr Default privacy
Flickr's Default privacy page:
(need screenshot)
Has settings for:
- Who can see your photostream?
- ( ) Only you (private), [ ] Your friends, [ ] Your family, (•) Anyone (public)
- Who can comment? (Only applies to things that other people can see.)
- ( ) Only you, ( ) Your friends and family, ( ) People you follow, (•) Any Flickr member (Recommended)
- Who can add notes, tags, and people? (Flickr may add autotags to your photos. You control who else may add notes, tags, and people. This setting only applies to things that other people can see.)
- ( ) Only you, ( ) Your friends and family, (•) People you follow (Recommended), ( ) Any Flickr member
Defaults shown with (•)
Flickr Friends Family
The aforementioned "friends" and "family" terms refer to contacts on Flickr that you have explicitly marked as a "Friend" or a "Family" member (note capitalization, likely indicating the special meaning thereof in the Flickr UI), using the Edit Relationship feature, which may be accessed from an "edit" link next to where it says "Contact" on someone's profile page that you're following. When clicked, Flickr shows you an div-based UI like:
Wherein you may use the checkboxes to mark someone as either a friend and/or a family member, and thus include them in the sets of people that can either see or do things on your account as noted above.
last.fm
last.fm has privacy settings at:
(need screenshot)
Including:
- [ ] Hide recent listening information
- Accept messages from: Everyone | Users you follow and neighbors only | Users you follow
- [ ] Disable shoutbox on my profile
As well as block list summary and text field for adding more, labeled:
- Ignore List
Add users who you want to ignore to this list. Any messages from these users will be automatically deleted and you will not see their activity on the site.
Username [________________]
[ Add to list ]
Currently ignoring There are no users in your list.
Previous Silo Examples
The below examples are defunct, offline, or otherwise inaccessible. They may still provide some privacy-related UX insights.
Google Plus
Google+ has various privacy settings, accessible at:
(screenshot needed)
A few in particular to consider:
Geo location on photos
"[ ] Show geo location by default on newly shared albums. You can change the setting per album. Learn more"
You may want to uncheck this setting to not share the locations of your photos by default, and then instead enable it per album specifically.
Prevent Google re-use of your photos
"[✓] Don’t feature my publicly-shared Google+ photos as background images on Google products & services."
Strangely enough this is unchecked by default. From the wording it sounds like you should check this to prevent Google from re-using your photos potentially in any other Google (commercial) product or service!
Discover profile in search
"[ ] Help others discover my profile in search results."
You may want to uncheck this if you don't want new people adding or following you on Google+ by looking for you.
Warning when reposting a private post
When you start to share (repost) a private post, Google+ warns you to "be thoughtful about who you share it with."
Articles
Articles about privacy, particularly from those with an indieweb presence, using indieweb techniques, or otherwise indieweb minded, thus more likely to be indieweb-specifically-relevant:
- Sonya Ellen Mann (multi-POSSEs from her own site, noted "POSSE" technique)
- 2016-02-24 Cybersecurity Tradeoffs & Risks
- 2016-01-12 Obscurity Is The Best Strategy For Privacy
See Also
- private posts
- private account
- PGP
- disclosure / privacy policy
- advertising
- audience
- name
- naming
- anonymity
- pseudonymity
- nymwars
- 2013-12-12 Martin Fowler: Datensparsamkeit - "data austerity", "data minimization", "data parsimony", or "data frugality"
- Privacy Badger Browser Add-on from EFF: https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/
- GDPR
- 2018-06-28 NYT: California Passes Sweeping Law to Protect Online Privacy
- 2018-07-13 The Guardian: 'Data is a fingerprint': why you aren't as anonymous as you think online
- 2018-08-14 NYT: The Unlikely Activists Who Took On Silicon Valley — and Won
Facebook and Google made billions mining personal data, and fought off anyone who threatened to stop them. Then came a challenge in their own backyard.
- 2019-04-16 NYTimes: Opinion | We Built a (Legal) Facial Recognition Machine for $60
- 2019-05-10 Kevin Marks tries to read an article on privacy in private mode.... https://twitter.com/mmasnick/status/1126542913511407616?s=20
- "Trying to read the @nytimes new articles on how social media is destroying our privacy, but I keep bumping up against the @nytimes telling me I can't read them if I want to keep my privacy. 🤔" @mmasnick May 9, 2019
- https://idlewords.com/2019/06/the_new_wilderness.htm
- https://www.oblomovka.com/wp/2003/10/13/the-register/
- Remove private EXIF data before posting or sharing your images online: https://imageoptim.com/
- 2019-11-15 Washington Post: Google almost made 100,000 chest X-rays public — until it realized personal data could be exposed
- surveillance
- https://themarkup.org/blacklight
- 2021-05-03 left alone, together
… in the age of ✨ networked computing ✨, this individual model of privacy just doesn’t scale anymore. There are too many exponentially intersecting relationships for any of us to keep in our head.
- Un-privacy policy: https://blogroll.org/privacy/
- "Bonus: Malwarebytes cares a lot about your privacy and consent, this is likely why, on every webpages of malwarebytes.com, a phony gif () returning JSON for fingerprinting purposes is sneakily loaded." https://dustri.org/b/malwarebytes-privacy-vpn-is-mullvad-in-a-shady-trenchcoat.html
- "Nearly 90% of Britons are concerned about the privacy of their personal data online, but 20% don’t use any data protection practices at all." UK citizens want more privacy but don’t know where to look
- 2022-04-04 CNET: Your Digital Footprint: It's Bigger Than You Realize / Just about everything about you is online, whether you put it there or not.