[Chapter-delegates] Privacy policies and consent banners - Re: {Disarmed} Your new Member Portal is live! | Votre nouveau Portail des membres est maintenant en ligne! | Tu Nuevo Portal de Miembros está en vivo

Thu Feb 7 07:51:12 PST 2019

I've setup Piwik now Matamo for a number of websites and web apps. It
also has a WordPress plugin which I have also used.

The fact I can self host and manage the setup and analytics for many
sites and services is a big plus in the sense of control. If you don't
want to run your own then that might be a minus. The data though is
one's own and that means it is very straightforward proposition from a
privacy point of view. You can get the analysis and not share it at all
with third parties because none are in the loop.

I've had one or two moments of instability but nothing that hasn't been
fairly straightforward to fix.

Recommend you look at it. 

Christian

Dan York wrote:
> Klaus,
>
> Thanks for writing about our privacy policy and consent banner that
> are displayed on our main www.internetsociety.org
> <http://www.internetsociety.org> site. Given that this falls into my
> area of responsibility, I’ll comment inline.
>
>> On Feb 7, 2019, at 6:11 AM, Klaus.Birkenbihl at isoc.de
>> <mailto:Klaus.Birkenbihl at isoc.de> wrote:
>>
>> when landing on https://www.internetsociety.org/ we find the
>> ubiquitous and annoying lie "We care about your privacy and strive to
>> limit our use of cookies to those that help improve our site and keep
>> it relevant ...". Frankly this makes me wonder if we - as the
>> "Internet Society" should not be in the position to do it better.
>>
> DY> We can always do better.
>>
>> If you don't click on the only available Button "Close and Accept"
>> but find the small print link see our Cookie Policy
>> <https://www.internetsociety.org/privacy-policy/cookie-policy/> you
>> will see what I'd call ISOC's remorse. It is a fair and
>> understandable lesson on what cookies do, the role of third parties
>> etc, there are links to tutorials on how to disable cookies, links to
>> add-ons that block cookies that some Internet Society staff recommend
>> <https://www.internetsociety.org/blog/2018/01/lazy-persons-guide-better-online-privacy/>.
>>
>>
> DY> Thanks. We tried to make that page useful to people.
>>
>> (Btw. even the cookies policy page doesn't mention all sites that
>> potentially could track visitors of the ISOC Website. Looking into
>> the page source one can find that e.g. also fontawesome.com
>> <http://fontawesome.com/> will notice and collect data about your
>> visit at internetsociety.org <http://internetsociety.org/> according
>> to their privacy statement).
>>
> DY> Hmm… thank you for raising that. I thought we had eliminated that
> fontawesome tracker back in early 2018 by moving the icons/social
> logos directly into our site so we weren’t pulling them from the FA
> site. I need to look and see what changed to bring that back, and how
> we can get it removed.
>
> DY> We spent many long hours using Privacy Badger, Ghostery, and other
> similar tools (as well as page source code) across Internet Society
> websites to try to eliminate or minimize as many trackers as possible.
>  I have a half-written blog post explaining to the community all the
> challenges with finding and killing off trackers on complex websites,
> and in keeping them off - I need to finish that post up and publish it.
>
> DY> In an interesting bit of synchronicity with the timing of your
> message, I was supposed to present last night on "How does the GDPR
> affect your WordPress website?” at my local WordPress user group in
> Burlington, Vermont. I was going to talk about what I’ve learned (as a
> non-lawyer) about privacy and WordPress websites - and I was planning
> to record the session and share it online. Unfortunately, we had an
> ice storm and that got canceled. But I’d be glad to offer a discussion
> like that via a zoom call sometime if people here are interested. It’s
> quite challenging with today’s complex websites (but at the same time,
> I have zero interest in returning to days when I hand-coded all my
> sites in raw HTML!)
>>
>> 96.7% of all users who land on https://www.internetsociety.org/ will
>> click on [the yet another] "Close and accept" button and exactly this
>> is obviously the intention of the cookies banner.
>>
> DY> Yes, there’s an ongoing discussion in the wider web
> developer/publisher community about “consent banner fatigue” and
> whether these banners are actually serving any purpose.
>>
>> Personally I think we could gain credibility and attention if we
>> would abstain from the default feeding of Google and others
>> collecting our data. Our cookies banner - if any - should look like
>> this: 
>> "We care about your privacy do not forward any personal data to any
>> third parties. To learn more about how to easily protect your privacy
>> on the Internet read this article.
>> <https://www.internetsociety.org/blog/2018/01/lazy-persons-guide-better-online-privacy/>". 
>>
>> You asume this insane, technically not feasible? I just did a short
>> check of two other .org-Websites that (at least) seem to care and do
>> better. https://www.w3.org/ and https://www.eff.org/ seem to avoid
>> forwarding of data to third parties. I personally would like to see
>> ISOC think about a "privacy by default" policy.
>>
> DY> I hear you. We’re always looking at what tools are out there and
> seeking ways to work better.  We have very real business needs to
> understand how best to use our resources and finances to reach new
> audiences and advance the mission and activities of the Internet
> Society.  Website analytics play a critical role in that as they help
> us understand what kind of return we are getting on our investment of
> time, energy, and money - and also how we can potentially make our
> information available to even more people. They help guide us in
> keeping our content relevant and understanding how people are reading
> and sharing our messages. We’ve used Google Analytics (GA) for many
> years as that has been one of the best and most effective tools for
> helping us understand. And in our use of GA, we’ve spent a great bit
> of time going through all the settings to reduce it to collecting the
> most basic information possible.
>
> DY> But we’ve also been exploring other options. I’ve spent time
> looking at what Automattic offers through its WordPress Statistics
> (and we’ve enabled it on a couple of sites to test). I’ve also been
> exploring what Matamo (formerly Piwik) can do and am looking at
> potentially trialling that service this year on a site.  *I would
> definitely welcome feedback from anyone who has used these services
> (or others) and what your experience has been. *One of my goals for I
> and my team this year is to audit all of our sites with regard to what
> we can do better with regard to privacy.
>
> DY> Thanks again for the feedback. I welcome it - and would always be
> glad to get on a call (zoom, phone or otherwise) to talk about this
> with anyone,
>
> Dan
>
> --
> Dan York
> Director of Web Strategy, Internet Society
> york at isoc.org <mailto:york at isoc.org>   +1-802-735-1624 
> Jabber: york at jabber.isoc.org <mailto:york at jabber.isoc.org>
>  Skype: danyork   http://twitter.com/danyork
>
> http://www.internetsociety.org/
>
> _______________________________________________
> As an Internet Society Chapter Officer you are automatically subscribed
> to this list, which is regularly synchronized with the Internet Society Chapter Portal (AMS):
> https://admin.internetsociety.org/622619/User/Login

-- 
Christian de Larrinaga
@ FirstHand
-------------------------
+44 7989 386778
cdel at firsthand.net