This morning when our 5 year old woke up and called me. First thing we had two little conversations starting with questions from her.

She asked me what leeches are. I told her they live in water, but not where we are in the world. Then she asked ‘so, do whales have them?’, and I realised I hadn’t specifically mentioned sweet water, and she first thought of the sea.

Immediately following that, she asked me if kangoroos are already born with their pouches. I said I didn’t know but, grabbing my phone, that we could look it up on the internet. She: On the internet? But who writes that?

I wish all of us grown-ups would more often stop and ask who writes that on the internet.
I love the perceptiveness contained in such questions she asks.

Favorited Forcing Google’s Image Search to Provide CC Licensed Results by Default by Alan Levine

Good suggestion Alan, I’ve used it to add a ‘gcc’ workflow to my AlfredApp. If I type, sticking with your example, ‘gcc dog’ it will open https://www.google.com/search?q=dog&tbm=isch&tbs=il%3Acl. Any input ‘gcc query’ will open an url https://www.google.com/search?q={query}&tbm=isch&tbs=il%3Acl. I do wonder, as you note as well, about the general effectiveness of a Creative Commons search through Google. It yields many results that aren’t at all obviously CC licensed for instance. I use the Flickr search a lot as it allows me to set which specific CC license I am looking for, not all CC licenses are suitable for use on my blog e.g. And there is also OpenVerse (previously Creative Commons search, now an open source project hosted by WordPress), which I probably should be using more often and which includes Flickr. I have added Alfred workflows for those too (WordPress: https://wordpress.org/openverse/search/image?q={query}, Flickr with a specific license: https://www.flickr.com/search/?text={query}&license=4%2C5%2C6%2C9%2C10). So your post is a good prompt regardless of Google.

Do everything you can to subvert The Google. And find joy when you succeed. It’s a likely losing war, but you might come out on top of a few skirmishes.

Alan Levine

Today marks the end of my work this year. A day later than planned due to the schools closing a week early. This meant that my and E’s available work time at home was halved so we could split the time caring for Y. There are always a few things that really do need to be finished, thus carrying over into what would otherwise have been the first day off.

In my company we gave the entire team next week off, meaning we don’t expect anyone of us to work, and won’t count the days against the default 5 weeks of paid leave per year everyone has.

It’s been a challenging second pandemic year. At times each of us struggled with energy, motivation and mental wellbeing. I hope we’ve done well by our team to support them at those times. We tried to spend time together regularly and have fun within what was possible. I’ve noticed a general slow down of work in the late spring towards summer. As if the entire world was tired. After the summer things kicked back into high gear however.

Despite that slowing down before summer, which was noticeable in our turnover as well, economically it ultimately was not a challenging year. This year, like last year, we’ve done some 15% better than the pre-pandemic 2019. For 2022 much has already been lined up. I will have the pleasure to focus completely on the new wave of EU digital and data related legislation. In fact, as far as my own time is concerned, I’m already overbooked for the entire year. In short, we are looking to expand our team again.

Last month it was a decade ago that me and my business partners decided to start our open data consultancy The Green Land. To me the past three years, despite the pandemic dominating two of them, were the best of those ten, with a fun and growing team, and meaningful projects.

A well deserved break for all of us is in order therefore.

Volgens mij doet niets op de website van Vereniging Open Nederland de suggestie dat het ook maar iets te maken heeft met ‘testen voor toegang’ van Stichting Open Nederland. Verwarrend is en blijft het wel voor veel mensen, en daar hebben we bij de vereniging al het hele jaar bijzonder veel last van.

Last van gemeenten bijvoorbeeld die op het contactformulier van onze website (zonder die kennelijk ook maar even te bekijken) de vraag stellen of ze een testen voor toegang locatie kunnen krijgen.


Nee niet bij ons! Screenshot van ingezonden bericht van het contactformulier op de opennederland.nl website

December always seems to be the season of increased and novel forms of email spam in my inbox. As if they’re hoping my spam filters will take time off, or something.

This year’s personal novelty in my inbox is what seems a trolling attempt w.r.t. the EU data protection regulation (GDPR) and the similar Californian consumer privacy act (CCPA).

Yesterday I received an email titled “Questions About GDPR Data Access Process for zylstra.org” sent from an address that has left no previous online search traces, and for which the domain name was first registered in March 2021. The sender’s domain envoiemail.fr looks set up specifically for this. The name used seems fake (no one in the world has that name if I’m to believe Google, LinkedIn et al).

The mail reads:

To Whom It May Concern:

My name is … , and I am a resident of Paris, France. I have a few questions about your process for responding to General Data Protection Regulation (GDPR) data access requests:

Do you process GDPR data access requests via email, a website, or telephone? If via a website, what is the URL I should go to?
What personal information do I have to submit for you to verify and process a GDPR data access request?
What information do you provide in response to a GDPR data access request?

To be clear, I am not submitting a data access request at this time. My questions are about your process for when I do submit a request.

Thank you in advance for your answers to these questions. If there is a better contact for processing GDPR requests regarding zylstra.org, I kindly ask that you forward my request to them.

I look forward to your reply without undue delay and at most within one month of this email, as required by Article 12 of GDPR.

Sincerely,

That last bit about Article 12 and having a month to reply, seems ominous but in my reading of the GDPR only concerns actual data access requests.

When I received that mail it appeared fake to me, mostly because it’s boilerplate text without context about me as the receiver and using the domain name as some sort of organisation name. I replied nonetheless, which I probably shouldn’t have, with a single line message that my private website doesn’t fall within scope of the GDPR. I do have a GDPR policy page out of professional interest in the subject matter.

Then today I received another mail. This time concerning the Californian Consumer Privacy Act (CCPA), which is a data protection act modelled on the EU GDPR. The text was the same, the name used was different but also fake / trace-less online, the sender’s domain name (potomacmail.com) was registered in March 2020 and like the previous one pretends to be an e-mail service (but one whose online traces are all blogposts like mine outing it as some sort of scam attempt). The mail reads the same as the first one:

To Whom It May Concern:

My name is …, and I am a resident of Norfolk, Virginia. I have a few questions about your process for responding to California Consumer Privacy Act (CCPA) data access requests:

Would you process a CCPA data access request from me even though I am not a resident of California?
Do you process CCPA data access requests via email, a website, or telephone? If via a website, what is the URL I should go to?
What personal information do I have to submit for you to verify and process a CCPA data access request?
What information do you provide in response to a CCPA data access request?

To be clear, I am not submitting a data access request at this time. My questions are about your process for when I do submit a request.

Thank you in advance for your answers to these questions. If there is a better contact for processing CCPA requests regarding zylstra.org, I kindly ask that you forward my request to them.

I look forward to your reply without undue delay and at most within 45 days of this email, as required by Section 1798.130 of the California Civil Code.

Sincerely,

….

Needless to say, this blog is not within scope of the CCPA.

Both domain names used, envoiemail.fr and potomacmail.com show the same message if you visit the domains. Judging by the mail headers they use Amazon simple e-mail services.

What would be the purpose of such spam messages. The blogpost I linked to says there was a tracking pixel in the mail they received but I don’t see that in my mail’s source. The hard thing is I now have to wait 30 and 45 days according to these mails to see if there’s a follow-up. 😉