[Chapter-delegates] Privacy policies and consent banners - Re: {Disarmed} Your new Member Portal is live! | Votre nouveau Portail des membres est maintenant en ligne! | Tu Nuevo Portal de Miembros está en vivo

[Dan York]

Klaus,

Thanks for writing about our privacy policy and consent banner that are displayed on our main www.internetsociety.org<http://www.internetsociety.org> site. Given that this falls into my area of responsibility, I’ll comment inline.

On Feb 7, 2019, at 6:11 AM, Klaus.Birkenbihl at isoc.de<mailto:Klaus.Birkenbihl at isoc.de> wrote:

when landing on https://www.internetsociety.org/ we find the ubiquitous and annoying lie "We care about your privacy and strive to limit our use of cookies to those that help improve our site and keep it relevant ...". Frankly this makes me wonder if we - as the "Internet Society" should not be in the position to do it better.

DY> We can always do better.

If you don't click on the only available Button "Close and Accept" but find the small print link see our Cookie Policy<https://www.internetsociety.org/privacy-policy/cookie-policy/> you will see what I'd call ISOC's remorse. It is a fair and understandable lesson on what cookies do, the role of third parties etc, there are links to tutorials on how to disable cookies, links to add-ons that block cookies that some Internet Society staff recommend<https://www.internetsociety.org/blog/2018/01/lazy-persons-guide-better-online-privacy/>.

DY> Thanks. We tried to make that page useful to people.

(Btw. even the cookies policy page doesn't mention all sites that potentially could track visitors of the ISOC Website. Looking into the page source one can find that e.g. also fontawesome.com<http://fontawesome.com/> will notice and collect data about your visit at internetsociety.org<http://internetsociety.org/> according to their privacy statement).

DY> Hmm… thank you for raising that. I thought we had eliminated that fontawesome tracker back in early 2018 by moving the icons/social logos directly into our site so we weren’t pulling them from the FA site. I need to look and see what changed to bring that back, and how we can get it removed.

DY> We spent many long hours using Privacy Badger, Ghostery, and other similar tools (as well as page source code) across Internet Society websites to try to eliminate or minimize as many trackers as possible.  I have a half-written blog post explaining to the community all the challenges with finding and killing off trackers on complex websites, and in keeping them off - I need to finish that post up and publish it.

DY> In an interesting bit of synchronicity with the timing of your message, I was supposed to present last night on "How does the GDPR affect your WordPress website?” at my local WordPress user group in Burlington, Vermont. I was going to talk about what I’ve learned (as a non-lawyer) about privacy and WordPress websites - and I was planning to record the session and share it online. Unfortunately, we had an ice storm and that got canceled. But I’d be glad to offer a discussion like that via a zoom call sometime if people here are interested. It’s quite challenging with today’s complex websites (but at the same time, I have zero interest in returning to days when I hand-coded all my sites in raw HTML!)

96.7% of all users who land on https://www.internetsociety.org/ will click on [the yet another] "Close and accept" button and exactly this is obviously the intention of the cookies banner.

DY> Yes, there’s an ongoing discussion in the wider web developer/publisher community about “consent banner fatigue” and whether these banners are actually serving any purpose.

Personally I think we could gain credibility and attention if we would abstain from the default feeding of Google and others collecting our data. Our cookies banner - if any - should look like this:
"We care about your privacy do not forward any personal data to any third parties. To learn more about how to easily protect your privacy on the Internet read this article.<https://www.internetsociety.org/blog/2018/01/lazy-persons-guide-better-online-privacy/>".

You asume this insane, technically not feasible? I just did a short check of two other .org-Websites that (at least) seem to care and do better. https://www.w3.org/ and https://www.eff.org/ seem to avoid forwarding of data to third parties. I personally would like to see ISOC think about a "privacy by default" policy.

DY> I hear you. We’re always looking at what tools are out there and seeking ways to work better.  We have very real business needs to understand how best to use our resources and finances to reach new audiences and advance the mission and activities of the Internet Society.  Website analytics play a critical role in that as they help us understand what kind of return we are getting on our investment of time, energy, and money - and also how we can potentially make our information available to even more people. They help guide us in keeping our content relevant and understanding how people are reading and sharing our messages. We’ve used Google Analytics (GA) for many years as that has been one of the best and most effective tools for helping us understand. And in our use of GA, we’ve spent a great bit of time going through all the settings to reduce it to collecting the most basic information possible.

DY> But we’ve also been exploring other options. I’ve spent time looking at what Automattic offers through its WordPress Statistics (and we’ve enabled it on a couple of sites to test). I’ve also been exploring what Matamo (formerly Piwik) can do and am looking at potentially trialling that service this year on a site.  I would definitely welcome feedback from anyone who has used these services (or others) and what your experience has been. One of my goals for I and my team this year is to audit all of our sites with regard to what we can do better with regard to privacy.

DY> Thanks again for the feedback. I welcome it - and would always be glad to get on a call (zoom, phone or otherwise) to talk about this with anyone,

Dan

--
Dan York
Director of Web Strategy, Internet Society
york at isoc.org<mailto:york at isoc.org>   +1-802-735-1624
Jabber: york at jabber.isoc.org<mailto:york at jabber.isoc.org>  Skype: danyork   http://twitter.com/danyork

http://www.internetsociety.org/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://elists.isoc.org/mailman/private/chapter-delegates/attachments/20190207/3b5691f4/attachment.htm>