Round-up for March 4-5

New Bill Would Force NYPD to Disclose Surveillance Tech Playbook: Though not as pressing as other privacy disclosures, this is a timely local-level one that could predicate other states/cities following a similar line. What's notable here is that we are all essentially under a watchful eye from city security cameras, other citizen's cameras, and a myriad of tactics alluded to in the bill (including facial recognization). The New York Civil Liberties Union's statement on this being "critical to democracy" is rather obvious.

How to Keep Messages Secure: Friendly rundown of why teens (ahem, anyone) should avoid using popular chatting apps like Snapchat, et al, for serious communication or for chatting at all. Surprising editorial source, too.

Is There a Business Model For Serious Journalism in the Age of Trump?: Comprehensive analysis on the state of serious journalism.

Smart Condom to Track Your Sex: Here we go with another invasive Internet of Things product. At this point we're just turning ourselves into constantly-monitored subject matter for government, medicinal, and corporate overlords.

Government's Privacy Watchdog is Basically Dead, Emails Reveal: Should we have seen this one coming? "[T]he agency, known as the Privacy and Civil Liberties Oversight Board, is down to just a single voting member — which means it has been stripped of nearly all its powers, according to emails obtained by The Intercept." Important to note: it appears that this didn't start with Trump, and it's been "been withering away for almost a year."

That Free Health Tracker Could Cost You: Handing out Fitbits is something my agency recently did, and I've seen a number of health insurance providers do the same thing -- not sure if all circumstances are leading to more risk pooling bullshit, but this is certainly where it starts.

Want to Improve Data Quality, Reduce Liability, and Gain Consumer Trust? Try Deleting: In its latest white paper, CDT "explores th[e] disconnect and the reasons why commercial data stores have grown. We make the case that it is neither in a company’s nor a customer’s best interest to hold onto large amounts of data." Deleting old, unusable, or irrelevant data is absolutely a consideration to make, especially if you don't plan to use it anymore.

Great piece from The Guardian on how no one reads terms of service for apps/services/hardware they sign up for, and points to solutions in the way of redesigning them.

[T]here’s a lot in click-to-agree contracts that would give many people pause if they knew about them. For example, users give web-based services – and third parties the services contract with, about which users know nothing – the right to keep, analyze and sell their data. Increasingly often, too, people click away their right to go to court if anything goes wrong. “There’s a real concern that consumer protection law is basically being swallowed by click-by-agree clauses,” said David Hoffman, a professor at the University of Pennsylvania Law School, who researches the law and psychology of contracts.

Hoffman is among the legal scholars who believe the no-reading problem isn’t new. After all, he points out, few people read the fine print even when it was literally in print.

However, it’s possible that the design of click-to-accept pages makes the problem worse. A few years ago Rainer Böhme of UC Berkeley and Stefan Köpsell of Dresden’s Technische Universität tested alternative wordings of a simple consent form on more than 80,000 internet users. Some were told their consent was required and presented with highlighted “I agree” button. They went along 26% more often than did other users, who had been politely asked to participate (with phrases like “we would appreciate very much your assistance” and both “yes” and “no” options represented by lookalike buttons).

In other words, when design invites people to consider their options, at least some do. If the design nudges them instead to follow a habit that years of click-to-agree has instilled, then they’ll do that instead. “Ubiquitous EULAs [end user license agreements] have trained even privacy-concerned users to click on ‘accept’ whenever they face an interception that reminds them of a EULA,” Böhme and Köpsell wrote.

This kind of thing has been pointed out ad nauseum, but it is a vital struggle to acknowledge and consider. There is a great site out there called Terms of Service; Didn't Read that operates as a user rights initiative rating and scoring websites' terms of services/privacy policies from Class A (good) to Class E (miserable). A wise read for anyone who has clicked or tapped away on agreeing to walls of unreadable text before engaging with software.