Much easier than regulating to break up Facebook, just regulate to force them to make an API for us to get data in and out. We can break them up ourselves once we have that. (source)

Neil is right, an effective way to break-up big tech monopolies is requiring they have API‘s. (Much like key government data sets across the EU will be required to have API’s from 2021 based on the 2019 PSI Directive)

A monopolistic platform that has an API will be effectively broken up by its users and by app builders as they will interact with bits and pieces from various platforms as they see fit.

That FB and Twitter e.g. have been on a path over steadily reducing public API access over time shows you the truth of that.

(Adversarial) interoperability and standards are key elements in avoiding vendor lock-ins. This is true for ‘smart home’ appliance silos just as much as for webservices.

If you don’t have an API you’re not a platform (platforms are after all bases to build/grow things on, if you stunt that ability you’re not a platform). If you’re not a platform, you’re fully liable for your user uploaded content. How’s that for a trade-off?

All platforms should be required to join the API family…

2019-07-16_04-51-20
Picture taken earlier this month at La Folie de Finfarine in Poiroux

This from Wendy Grossman hits the nail quite precisely on its head.

The problem isn’t privacy,” the cryptography pioneer Whitfield Diffie said recently. “It’s corporate malfeasance.”

This is obviously right. Viewed that way, when data profiteers claim that “privacy is no longer a social norm”, as Facebook CEO Mark Zuckerberg did in 2010, the correct response is not to argue about privacy settings or plead with users to think again, but to find out if they’ve broken the law.

I think I need to make this into a slide for my stock slide deck. It’s also I think why the GDPR focuses on data protection and the basis for data usage, not on privacy as such.

(Do add Wendy Grossman’s blog net.wars to your feedreader.)

Read net.wars: Hypothetical risks

Hotel keys
Hotel keys, photo by Susanne Nilsson, license CC BY-SA

Everybody hates the keycard, says the NYT, and talks about using your phone instead. There are a few reasons why using your phone as a hotel key is not something I do, or would do.

One reason is provided by the hotels promoting this themselves:

And, since the keys are downloaded electronically through a hotel app, the host has a presence on the guests’ phones, and can offer other exclusive services, like promotions and a chat feature.

Presence on my phone, that sounds rather ominous. Let me count the hotel apps I currently allow on my phone…. 0.

Unless there’s an opt-in for each single additional ‘service’ as part of a hotel’s ‘presence’ on my phone, it is in breach of the GDPR wherever I travel. Do hotel chains really want to expose up to 4% of their annual turnover to liability risks?

The ones I’ve encountered worked through bluetooth. That opens up a wide range of potential vulnerabilities. I never have bluetooth switched on (nor wifi when not in active use, for that matter), and there are very good reasons for that. There might be other bluetooth devices nearby pretending to be my hotel door to get access to my phone, or piggyback on my room door’s communication. A plastic card and a room door never have that issue. NFC based ones have less of these issues, but still bring their own issues.

A vulnerability in a hotel’s mobile app now also becomes a vulnerability for your hotel key as well as for your phone. It also means a phone will contain data traces of any hotel you may have used it as a key. That is a privacy risk in itself, not only to yourself, but potentially as well to people you have encountered. (E.g. investigative journalists would be risking the anonymity and privacy of their sources that way.)

Another reason is, also when I travel alone I have 2 plastic key cards. I keep them in different places, so I have a back-up if one of them gets out of my hands. Having just my phone is a single point of failure risk. Phones get left in hotel bars. Phones slip out of pockets in taxi back seats. Phone batteries die.

That is the third reason, that phone batteries die, especially on intensive work days abroad. Already that is sometimes problematic for mobile boarding passes for e.g. a second leg of a trip after a long haul flight (such as last month on a trip to Canada), or an evening flight home.
When staying in a hotel, after a long day, I sometimes need to leave a phone to charge in my room (sometimes the room safe has a convenient power outlet), while I go have a coffee in the lobby. This month during holidays I left my phone charging during dinner in a hotel in Rouen, as well as in an apartment on the Normandy coast, while we headed out for a walk on the beach.
So when I read in the article “What is also great is that I don’t find myself forgetting my key in the room as I always have my phone with me“, I take that to mean “you can’t leave your room when your phone needs charging” and “you can’t return to your room if your phone battery died”.

Phones and hotel keys all have their vulnerabilities. Putting a key card on your phone doesn’t remove the existing vulnerabilities of existing key card systems, but transfers and adds them to the vulnerabilities of your phone, while also combining and increasing the potential negative consequences of one of those vulnerabilities becoming actualised.

Read Everybody Hates the Key Card. Will Your Phone Replace It? (nytimes.com)

Technology that allows hotel guests to use their phones as room keys is expanding, taking aim at those environmentally unfriendly plastic cards.

Very unsure what to think about Tim Berners Lee’s latest attempt to, let’s say, re-civilize the web. A web that was lost somewhere along the way.

Now there’s a draft ‘contract for the web‘, with 9 principles, 3 each for governments, companies and citizens.

It’s premise and content aren’t the issue. It reads The web was designed to bring people together and make knowledge freely available. Everyone has a role to play to ensure the web serves humanity. By committing to this Contract, governments, companies and citizens around the world can help protect the open web as a public good and a basic right for everyone., and then goes on to call upon governments to see internet access as a core necessity and a human right that shouldn’t be censored, upon companies to not abuse personal data, and on citizens to actively defend their rights, also by exercising them continuously.

There’s nothing wrong with those principles, I try to adhere to a number of them myself, and have been conveying others to my clients for years.

I do wonder however what this Contract for the Web is for, and what it is intended to achieve.

At the Contract for the Web site it says
Given this document is still in the process of negotiation, at this stage participants have not been asked to formally support or oppose the document in its current form.

Negotiation? What’s there to negotiate? Citizens will promise not to troll online if governments promise not to censor? If a company can’t use your personal data, it will no longer be an internet service provider? Who is negotiating, and on behalf of whom?
Formally support the contract? What does that mean? ‘Formal’ implies some sort of legal status?

There are of course all kinds of other initiatives that have voluntary commitments by various stakeholders. But usually it clearly has a purpose. The Open Government Partnership for instance collects voluntary open government commitments by national governments. Countries you’d wish would actually embark on open government however have left the initiative or never joined, those that are active are a group, (not all), of the willing for whom OGP is a self-provided badge of good behaviour. It provides them an instrument to show their citizens they are trying and doing so in ways that allows citizens to benchmark their governments efforts. Shields them against the notion they’re not doing anything. It does not increase open government above what governments were willing to do anyway, it does provide a clear process to help build continuity, and to build upon other member’s experience and good practices reducing the overall effort needed to attain certain impacts.

Other initiatives of this type are more self-regulatory in a sector, with the purpose of preventing actual regulation by governments. The purpose is to prevent exposing oneself to new legal liabilities.

But what does the Contract for the Web aim for? How is it an instrument with a chance of having impact?
It says “this effort is guided by others’ past work on digital and human rights” such as the Charter of Fundamental Rights of the EU and the EU GDPR. What does it bring beyond such heavy lifting instruments and how? The EU charter is backed up by the courts, so as a citizen I have a redress mechanism. The GDPR is backed up by fines up to 4% of a company’s global annual turnover or 20 million whichever is bigger.

How is it envisioned the Contract for the Web will attract more than those stakeholders already doing what the contract asks?
How is it envisioned it can be a practical instrument for change?

I don’t get a sense of clear purpose from the website. In the section on ‘how will this lead to change’ first much is made of voluntary commitments by governments and companies (i.e. a gathering of the willing, that likely would adhere to the principles anyway), which then ends with “Ultimately it is about making the case for open, universal web that works for everyone“. I have difficulty seeing how a ‘contract’ is an instrument in ‘making a case’.

Why a contract? Declaration, compact, movement, convention, manifesto, agenda all come to mind, but I can’t really place Contract.

What am I missing?

Untitled Forms / 20090924.SD850IS.3202.P1.SQ / SML
Please sign at the dotted line, before you go online?.
Image ‘untitled forms’ by See-ming Lee, license CC BY SA

The Austrian Open Knowledge Chapter is dissolving itself (link in German), a decision already made at a general assembly in December 2018. Judging by the website activities had petered out in recent years, the blog falling silent at the end of 2017.

Austria over the years has been an active country concerning open government data and open knowledge in general. Specifically I see the Austrian open data community as a globally relevant good practice example, one that I still regularly refer to. Already in 2010, when I spoke at an open data meet-up in Graz, and in subsequent years presenting at OGD Austria conferences and various other events, what stood out to me was the broad scope the Austrian open data community had. Academia, activists, the federal chancellery, state governments, city governments, start-ups, technologists and traditional re-users were all around the same table. Informal get-togethers and resulting relations formed a basis on which more formal structures and cooperative initiatives could grow. I think such a solid community fundament is the key reason Austria was able to achieve a lot on open data in the absence of any legal framework to actively stimulate it, moreover with a constitution that enshrines civil service secrecy.

For a few years I was quite well informed about the Austrian efforts, through regular visits, and regular calls between German speaking community leaders from Germany, Austria and Switzerland, and me as the odd one out. Over time my connection grew more distant however.

With Open Knowledge Austria ceasing to exist, a chapter ends. I suspect the community substrate on which it could exist will endure, even if events, individual members lives and contexts are always in flux around us. It is laudable that OK Austria is actively deciding to dissolve. Organisations all too easily stumble into the pitfall that continued existence becomes the organisation’s primary goal. By dissolving, as Stefan Kasberger, OK Austria’s chair, wrote, one releases its hold on specific topics and niches in an ecosystem, and it becomes possible for new things to emerge over time.

Linz, OGD Austria
At the 2012 OGD Austria conference in Linz, a wall at the venue carried the text, near the floor obviously, “Above starts down below”. It seemed a good description of how the Austrian open data efforts were based on solid bottom-up community building to me at the time.

Since shortly after we moved in we have a temperature and humidity sensor in our garden.

This week’s heat wave is breaking records across Europe including here in the Netherlands. So I’ve kept an eye on the temperature in our garden. Our sensor is part of a city wide network of sensors, which includes two sensors nearby. Of the three sensors, ours indicates the lowest temperature at 36.8 (at 16:45), the other two hover just under 40 and at 41.8 respectively. Such differences are caused by the surroundings of the sensor. That ours is the lowest is because it’s placed in a very green garden, while the others are out on the street. In our completely paved and bricked up courtyard the temperature is 42.1 in the shade, due to the radiation heat of sun and stones. Goes to show that greenery in a city is key in lowering temperatures.

Three sensors in our neighbourhood, ours is in the middle, showing the lowest temperature. Note that the color scale is relative, for these 3 sensors running from 36.6 to 41.8.

In the past days since our return from France the temperature has been steadily rising, as per the graph below (which currently ends at the peak of 36.8 at 16:45). Staying inside is the best option, although the also increasingly higher lowest temperatures (from 15 to above 20) mean that the nights are slowly becoming more uncomfortable as the outside temperature will stay above the in house temperature during most or all of the night.

UPDATE as of 26/7 June noon, here you can see how the night minimum jumped 5 degrees in 24 hours, bringing it above the in house temperature for the entire night, except a brief moment around 6 am. At noon the maximum for the day before is already nearly reached.

The way to make this graph yourself is

  • Go to meetjestad.net/data, where you can select various data types and time frames. Our sensor is number 51, and I selected a time frame starting at July 19th at midnight. This allows me to download the data as CSV.
  • The data in that download is Tab separated, not comma,when you select a comma to be used as decimal point.
  • The file contains columns for the sensor number and its latitude and longitude, that are not needed as this is data for just one sensor. Likewise, empty columns for measurement values for which my sensor kit doesn’t contain sensors, such as particulate matter, can be removed. Finally the columns for battery level and humidity are also not needed on this occasion.
  • With the remaining columns, time and temperature it is easy to build the graph. In this case I replaced the timestamps with sequential numbers, as I intend to make a sparkline graph with it later.