Follow

I'm envisioning a user education project that masquerades as a new startup, with a website and mobile apps. It would implement every design used by typical startups, like asking for access to contact lists on other services to help users "find your friends", asking for every permission available on a mobile during install etc. But instead of exploiting these, it would email the user, explaining all the ways the information they gave could have been used to do so.

Obviously to work, it would have to be a bit sneaky. So to avoid suspicion of being actually exploitative (instead of simulating it for educational purposes), the project could work with user rights groups like the and behind the scenes, and allow both its code and servers to be audited by people from those orgs before going live.

Show thread

@strypey Though I like this approach, I'd also like to see the other way 'round: Not just email the user explaining how these information could have been abused - but also telling the user how they could have achieved what they tried to achieve this way in a less privacy-invading/-compromising way. Especially talking about, like, "finding your friends" (with contact list access) or "finding things nearby" (requiring location access), ... . It's not always just mindless users. 😉

@z428 @strypey now i actually wonder: how would "finding your friends" work without contact list access or "finding things nearby" without knowing your address?

hopefully not in a way that requires you to manually input your location or everyone's phone number?

@devurandom Yes. That's the actual question. 😉 We need to spend more time on that, rather than telling users that their use cases are invalid. We need to build better solutions rather than trying to argue these requirements away. 😉

@strypey

@z428 @devurandom good thoughts, both of you. But we've drifted a bit from my pitch, which was to educate people about . Like getting access to a user's address book for one purpose, then using it to spam their contacts with an invite to the service, in the name of the user. Or asking for permissions the app has no legitimate reason to need, but that the dev knows they can use for datafarming, because most people don't yet know to check or control app permissions.

@strypey I like the idea.

Remember a few years ago when there was a news article about that guy who volunteered some of his location data or something to see how bad tracking was?

Just automate that. Tell everyone, "This is what a computer can infer from you automatically, meaning that hiding in a crowd is not hiding at all. And over here is what a human can infer about you if someone wants you to disappear."

@strypey

This would be a perfect idea to pose at the Humane Tech Community forum. And fit with our Awareness Program where we want to educate the public on tech harms and their solutions.

Would also be nice to show balloon popups as soon as you were baited into a #darkpattern or generate a report of all of these at the end of your session.

community.humanetech.com/t/-/2

@z428 @devurandom

@strypey

Could I mention this idea with link to the thread on Humane Tech Community forum? Or maybe you'd like to do so yourself.. would love ❤️ to welcome you to our community.

Our forum discussions constitute an archive of topics waiting to be picked up in future crowdsourced projects, and anyone can start their own initiatives (which I'll facilitate best ways I can).

@z428 @devurandom

@humanetech I claim no ownership over good ideas. If you think any of my shower thoughts are good ideas, and you have the resources to carry them out, go for it! If I can help, let me know how. But be aware that I've spent 20 years doing fulltime volunteer work on these issues, and I'm currently focused on trying to find ways to fund my work. I'm not really keen to take on more volunteering, especially where it involves planning and leading complex development projects.
@z428 @devurandom

@strypey @z428 @devurandom

Good! Mine'll all be CC0 eventually too, but some are still evolving and hence they temporarily are in #WoloPoC

(Ask HTC what that concept means, but involves brave leadership)

Next project is stewing!

Only one Big hurdle to overcome: Getting some of that sticky dough that clings to your hands, and bake it into delicious bread for our trip to prepare a beautiful life for all of us, while we can also relax and prepare to go to work again fit. Some call that money

Sign in to participate in the conversation
Mastodon - NZOSS

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!