champagne anarchist | armchair activist

Privacy

Embedding tweets in Leaflet popups

I just created a map showing where so-called Biro’s (small cars) are parked on the pavement and annoying people. Twitter has quite a few photos of the phenomenon. In some cases, finding their location took a bit of detective work.

First you’ll need the embed code for the tweet. You can get it manually from the Twitter website, but if you want to automate your workflow, use a url like the one below. It’ll download a bit of json containing the embed code:

https://publish.twitter.com/oembed?url=https://twitter.com/nieuwsamsterdam/status/958761072214896640

When trying to embed the tweets in Leaflet popups, I ran into a few problems:

  • When popups open, the markers didn’t properly move down. As a result, most of the popup would be outside the screen. The problem and how to solve it are described here.
  • Twitter embed code contains a script tag to load a widget. Apparently you can’t execute javascript by adding it directly to the html for the popup content, but you can add it using a selector (cf here).

Here’s the code that’ll solve both problems:

map.on('popupopen', function(e) {
    $.getScript("https://platform.twitter.com/widgets.js");
    var px = map.project(e.popup._latlng); 
    px.y -= e.popup._container.clientHeight;
    map.panTo(map.unproject(px),{animate: true});
});

You may also want to do something about the width of the popups, because otherwise they will obscure most of the map on mobile screens and it will be difficult to close a popup (which you can normally do by clicking outside of the popup). You can change the width of embedded tweets, but this will not change the width of the popup itself. A simple solution is to give popups a maxWidth of 215 (.bindPopup(html, {maxWidth: 215})).

Of course, you could also vary maxWidth depending on screen width, but I think 215px works well on all screens. Further, embedded tweets appear to have a minimum width of about 200px, so if you want popups narrower than 215px you’ll have to figure out a way to fix that.

If you embed tweets, Twitter can track people who visit your webpage. Add <meta name="twitter:dnt" content="on"> to your page and Twitter promises they won’t track your visitors. I wasn’t sure whether this should be put in the web page itself or in the html content of the popups (I opted for both).

If the popups have a somewhat spartan look and do not contain photos: Good for you! You’re probably using something like Firefox with tracking protection enabled. This blocks sites which have been identified as ‘engaging in cross-site tracking of users’ - including, apparently, platform.twitter.com.

Het einde van de anonieme fietser

Amsterdam wil de markt voor ‘deelfietsen’ reguleren. Er worden straks allerlei gegevens bijgehouden over het gebruik van die fietsen en je zou die gegevens beschikbaar kunnen stellen als open data, zoals in veel steden al gebeurt. Amsterdam, een stad met ambities als het gaat om verantwoord datagebruik, lijkt dit echter niet van plan te zijn.

Ok. Maar het is ondertussen ook goed om stil te staan bij het feit dat die gegevens verzameld worden.

Je kunt je nauwelijks nog verplaatsen zonder dat je wordt gevolgd. Als je een telefoon bij hebt, is je locatie bekend. Automobilisten worden gevolgd via hun navigatiesysteem en met nummerplaatscanners. In het openbaar vervoer wordt je ook gevolgd - tenzij je een anonieme ov-chipkaart koopt en betaalt met muntjes.

Fietsers kunnen wel nog over straat zonder dat ze gevolgd worden. Maar ook daar wordt aan gewerkt. In Tilburg wordt een test uitgevoerd waarbij fietsers sneller groen krijgen als ze zich laten detecteren met een app (terwijl er ook wel andere manieren zijn om fietsers te detecteren - als je per se innovatief wil zijn gebruik je gewoon een warmtesensor). De gemeente belooft dat deelnemers anoniem blijven, maar verzamelt wel gegevens om analyses te maken.

VanMoof stopt een gps-chip in sommige fietsen om diefstal te ontmoedigen (waarom je een VanMoof zou willen stelen ontgaat me, maar dat terzijde). Amsterdam test een systeem waarbij je fiets dankzij een chip herkend wordt in de fietsenstalling. De Amsterdamse ondernemerslobby, die klaagt dat er teveel fietsen zijn, wil ook dat fietsen een chip krijgen.

Bij ‘deelfietsen’ zit ingebakken dat de fietsen gevolgd worden. Sterker nog, Amsterdam eist van aanbieders dat ze real-time gaan volgen waar hun fietsen zijn. Liefst zo nauwkeurig dat ze kunnen zien of je je fiets in of naast een fietsvak hebt neergezet. Natuurlijk beloven de fietsverhuurders dat ze zorgvuldig omgaan met de gegevens die ze over je verzamelen (alhoewel). Maar de gemeente stelt hierover geen voorwaarden aan de vergunninghouders.

Straks ben je een moderne Luddiet als je nog op je eigen fiets rondrijdt en weigert om een chip of een groenlicht-app te installeren. Je weet dat het een verloren strijd is, maar toch doe je het.

Tot en met 16 februari kan er schriftelijk gereageerd worden op het plan van Amsterdam om deelfietsen te reguleren. Op dindsdag 23 januari is er een inspraakbijeenkomst.

New Year - time to delete your Facebook account?

Around New Year, people turn to Google for advice on how to accomplish their New Year’s resolutions. The chart below (an update of one I created earlier) illustrates this.

Around New Year, there’s is a peak in people googling ‘quit smoking’, but it appears that even more people to try to figure out how to delete their Facebook account. The parallel is not entirely surprising, given claims that platforms like Facebook are designed to be addictive.

Chart updated 1 January 2018

Dutch rail passengers are observed by cameras in advertising columns

«What are those mini cameras doing in that advertising column!», a Twitter user asked today. In a response, Dutch Railways (NS) said that advertisers use the cameras to assess whether passengers look at advertising and for how long.

A spokesperson of Exterion, the owner of the advertising columns, told Dutch broadcaster NOS that as many as 35 such cameras are already observing passengers at Amsterdam Central Station. Reportedly, the cameras can determine the gender of people and estimate their age. In the future, facial recognition and emotion detection may be added, but that hasn’t been decided yet.

Exterion assures that images will never be stored, but doesn’t make that claim about (personal) data gleaned from the images. They told another broadcaster, RTLZ, the cameras only register «‘ones and zeros’, for example whether someone is male or female, so no sensitive data from a privacy perspective». Such a statement may not be the best way to convince people you take privacy seriously.

A spokesperson of the Dutch Privacy Authority told NOS that they will investigate the matter, but «in general, cameras in public spaces may not be used for advertising purposes». The party leader of the Green Party in Amsterdam, Rutger Groot Wassink, has called for direct action: «Who will join me tomorrow in taping up these bloody things».

UPDATE 11 September 2017 - According to media reports, Exterion has announced it will temporarily turn off the 35 cameras in advertising columns at Amsterdam Central Station, because of «the commotion» they caused. They ascribe the commotion to insufficient communication, which suggests they see nothing wrong in the cameras as such and may turn them back on in the future. Members of Parliament have asked questions about the cameras (SP, D66).

Scraping LinkedIn profiles could be legal. Is that creepy?

An interesting American court ruling discusses whether the company hiQ Labs may legally scrape public LinkedIn profiles and sell analyses based on that information.

LinkedIn tries to portray this as an attack to its efforts to protect the privacy of its users. Some media seem to buy this line: Having a public profile just got more risky (the Independent); Is your boss checking up on you? Court rules software IS allowed to look for changes to your LinkedIn profile that suggest you’re quitting your job (Daily Mail).

It’s worthwhile to read the actual ruling. Judge Edward M. Chen pretty much trashes LinkedIn’s argument:

LinkedIn’s professed privacy concerns are somewhat undermined by the fact that LinkedIn allows other third-parties to access user data without its members’ knowledge or consent.

LinkedIn specifically refered to users who use the don’t broadcast feature, which prevents the site from notifying other users when these users make profile changes. hiQ could be violating these users’ privacy by informing their employers about profile changes, which may be an indication that they’re looking for another job.

However, hiQ presented marketing materials from LinkedIn suggesting LinkedIn does exactly the same:

Indeed, these materials inform potential customers that when they ‘follow’ another user, «[f]rom now on, when they update their profile or celebrate a work anniversary, you‘ll receive an update on your homepage. And don‘t worry – they don‘t know you‘re following them.»

All in all, LinkedIn has credibility issues when it claims it’s protecting its users’ privacy. Perhaps what hiQ does is creepy, but not more creepy than what LinkedIn is doing itself. (It’s a bit reminiscent of Facebook, which limited access to user data through it’s public API, claiming it was protecting its users’ privacy.)

There’s more to the case than just the privacy issue. For example, can a website owner prohibit the automated retrievel of otherwise public information? Can they sanction specific users for even looking at their website («effectuating the digital equivalence of Medusa»)? And is it ok for LinkedIn to use it’s dominant position in the professional networking market to stifle competition in a different market? It will be interesting to see how this develops.

Via. Ruling downloadable from the Register

Pages