My previous post on personal privacy following Prismgate, “My Privacy Plan”, sparked a fantastic discussion over on Hacker News.

The comment that most resonated with me – and had the most upvotes – questioned what the political aspect of a privacy plan would look like:

“My privacy plan will involve learning more about politics. Who are our representatives? What districts play disproportionate roles here? How are the oversight committees formed? Who’s on them and why? What can we do to be involved? This is a much longer timescale play — it’s a lifetime of being involved, rather than a quick technological fix now.”

I agree that what I was proposing in my post was a quick technological fix. Well, quick compared to going down a lifetime of political activism route.

But one part of the comment suggested doing just this:

“I don’t believe that there’s any substitute for a politically engaged constituency…  It’s not ok to simply complain that the system will defend itself and there’s nothing you can do. Apply the same mindset that drives you through the multiple brick walls that are a startup to changing Washington.”

Yes, the comment applied to the US, where the NSA surveillance scandal happened. But what would those brick walls look like in the UK? Who is my representative at a local, regional and national level? What can I do to get involved?

I’d been thinking about these questions but not actually doing anything about it. But then the Open Rights Group (ORG) – one of the pressure groups I signed up to since Prismgate – sent a newsletter, with a main piece called “What does Prism mean for the UK?”

“Further revelations about the UK intelligence agency’s (GCHQ) access to data gathered by their US counterparts have raised serious concerns about the legal framework they apply when accessing the data.

William Hague, Foreign Secretary, responded to the revelations with a statement in Parliament, a classic, ‘nothing to hide, nothing to fear’. Despite challenges from MPs, questions remain unanswered, including whether GCHQ can access UK citizens’ or others’ data from the NSA without a warrant.”

While not giving too much information on what I can do, beyond supporting them, ORG are fighting for greater data protection law at the EU to help UK citizens’ privacy rights.

ORG also have a campaign site called Naked Citizens, where you can contact your MEP to ask them to respect your privacy rights.

This is done through the attention-grabbing-but-fun method of sending them a postcard of a naked citizen, covered by a privacy cat:

In order to send the postcard, I had to find out who my MEP was. A quick DuckDuckGo search later and I was on the WriteToThem site, a site from MySociety, which lets you find and write to your political representatives for free.

A simple postcode check let me find out not only who my MEPs were, but my Councillors, London Assembly members and my Members of Parliament representatives.

So through ORG’s newsletter, Naked Citizens site and WriteToThem, I had:

• Found out more about the issues surrounding personal privacy
• Found out more on how it applies to the UK
• Research who my political representatives are at various levels
• Taken an action to let my MEP representative know that I care about this issue

I did think the process would take some time and I’m aware this is just the start, but I had made a good start to educating myself about the issues and letting a representative know that I cared about this issue in less than an hour.

Which means you can do the same and perhaps it won’t take as long as you’d think.

But where next for me?

As well as continuing with the technological points in My Privacy Plan, I will continue working through the questions posed on the Hacker News discussion.

But I’d really appreciate hearing from anyone who is more aware of the political aspects around these issues to leave their advice and ideas in the comments about what we can do to protect our privacy.

(Photo via Sean MacEntee)

I’ve decided to come up with a privacy plan for myself. After hearing about the NSA’s surveillance scandals and now the details about Edward Snowden, the whistleblower behind the NSA surveillance revelations, I’ve been kicked into action.

These events has got me (and several million other people) spooked by who is capturing information about me, how they are capturing information about me and what are they are doing with that information.

It’s always been an issue, I just didn’t care.

The interview with Edward Snowden is especially interesting / frightening / thought-provoking, so I suggest you read that right now if you haven’t already. In the interview, Snowden says that “The greatest fear I have…is that nothing will change.”

My privacy plan is an attempt to take some action about this, as an exercise in getting a little privacy back in my online life, to better understand the issues for myself and to show Snowden that his actions have made a change (at an individual level at least).

Below is my initial privacy plan, that I will work through in the next few weeks. Many are taken from this excellent Security Stack Exchange Question: What are the implications of NSA surveillance on the average internet user?

(Interestingly, Edward Snowden himself when asked “Is it possible to put security in place to protect against state surveillance?” said the following: “You are not even aware of what is possible. The extent of their capabilities is horrifying. We can plant bugs in machines. Once you go on the network, I can identify your machine. You will never be safe whatever protections you put in place.” This may make this privacy plan futile at best.)

I’ve divided each action by Difficulty (easy, medium or hard) and Time (short, medium, long) to give an indication of how long I expect the action to take.

I’ll also add to this privacy plan as I find other useful suggestions or more suggestions are made to me, so please leave extra ideas and tips in the comments below.

Key: Action (Difficulty, Time).

1. Sign up to relevant pressure groups (easy, short)

If you live in the UK, you can support the Open Rights Group, who work to protect your privacy and voice your feelings on the matter to your local representatives. If you are a US citizen, you can support the Electronic Frontier Foundation, who are based in San Francisco and do similar work over there. Even just signing up to their mailing lists or reading around their sites to understand the issues is important.

2. Install HTTPS Everywhere (easy, short)

Produced as a collaboration between The Tor Project and the Electronic Frontier Foundation, HTTPS Everywhere is a Firefox and Chrome extension that encrypts your communications with many major websites, making your browsing more secure.

3. Install Adblock Plus (easy, short)

With every browsing session, there are multiple companies tracking your online activity and browsing history. There are hundreds of ad agencies tracking your every move, but with Adblock Plus you can easily disable all tracking, and browse the web truly anonymously. It has a pretty good data and privacy policy too.

4. Review my browser use (easy, short)

According to the EFF Surveillance Self Defense Guide, the web browser is a security hole that needs to be plugged. You need to take regular steps to clear out all the stuff it’s been storing, such as a history of the web sites you’ve visited and the files you’ve downloaded, cached copies of web pages, and cookies from the web sites you visit. In particular, it’s a bad idea to have the browser save your passwords for web sites, and it’s a bad idea to have it save the data you’ve entered into web forms. If your computer is seized or stolen, that information will be compromised.

5. Review web services I use and switch if necessary (hard, medium)

Of those services that were detailed in the NSA surveillance scandal, many of them are the web services and apps I and many other people use every day, hence going in the hard category for Difficulty. Google, Facebook, YouTube, Skype and Apple being the most notable. It’s going to take time to move over to new services that better protect my privacy, but there are a host of them out there for most of what I do online. For example, duckduckgo.com can replace google search, PGP can help with encryption, TorMail for personal email (I use Gmail at work – one other thing to consider).

6. Download and Use Tor (medium, short)

For information like a web search history, you can prevent that information from being linked back to you personally by confusing the point of origin. Using an onion routing service like Tor will help with this.

7. Use the Onion Browser on my mobile (easy, short)

As an extension to using Tor, Onion Browser is a minimal web browser that encrypts and tunnels web traffic through the Tor onion router network and provides other tools to help browse the internet while maintaining privacy.

8. Run “host-proof” Web applications (difficult, long)

The server holds only encrypted data, and the client does encryption and decryption to read and write to the server. For example, if there’s some persistent information (i.e., a document) you don’t want a government to see, don’t let your service provider see it either. That means either use a service you absolutely trust (e.g., an installation of FengOffice or EtherPad that’s running off your SheevaPlug) or use encryption at rest, e.g., encrypt your documents with AES before you send them to Google Drive.

–

I’ll add to this privacy plan as more suggestions are made, so please leave extra ideas and tips in the comments below.

Update: There’s also some further discussion and advice around this post over on Hacker News.

Update #2: I’ve written a follow-up post on the politics of a privacy plan here.

(Note: I get the irony of writing about a digital diet on a blog, which you will undoubtedly read on some kind of digital device.)

It’s a fact of modern life that we spend most of our days looking at digital screens. From checking tweets on your mobile, to doing email on your laptop, to reading digital magazines on your tablet, we go from device to device living our lives online.

All that staring into digital screens like your eyes are trying to burn a hole in the screen in front of you is not healthy. When you finally shut down and turn away from the screen, your eyes begin to sting from actually looking out into the brightness of the real world.

Eye drops will help with the stinging, but you need more than this to revitalise and re-energize for another day in front of screens.

You need a digital diet, a way to take a break from our intense digital live.

Inspired by Stef Lewandowski’s post on “Ignore the News”, I’ve been thinking about my own ways of developing a healthier relationship with technology and pulling myself away from the online world for a while.

Here are my top ways to cut down on your screen time with a digital diet:

1. Turn app notifications off

When you first download an app, especially to an iPhone or Android device, you often get asked if you’ll accept push notifications. Do not accept. It might seem a good idea at the time (“I’d love to be notified every time I get an email or a tweet!”) but in the long run it’s a headache and an unwanted distraction, drawing you back in to whatever app it is.

I recently turned on phone notifications for Twitter, as part of setting up the two-step authentication process. Although it’s great to have an extra secure account, it wasn’t great to be getting a text every time my username was mentioned. I’ve since turned off these notifications (but left Twitter’s two-step process on) and feel much better and less distracted for it.

Here’s a simple guide from Pocket Gamer to turn off app notifications if you don’t know how.

2. Turn internet off after 10pm

Often when you’re at home and relaxing, this is a good time to catch up on the happenings in the world (in real life and online), as well as browse what your friends have been up to on Facebook, Twitter, Instagram, Path (the list goes on…).

But often I find myself lost in the online world and don’t realise where the time has gone, meaning I spend much longer online than I planned and often late into the night. This leaves my brain feeling too overactive when I finally drag myself to bed, so it takes longer to get to sleep and often my night’s rest is of a worse quality.

I’ve given myself a rule of downing devices after 10pm (if possible) and giving myself at least half an hour to unwind before hitting the sack.

It can be tempting to do that last “internet scrape” before switching off the bedside lamp, but you can always catch up with what you’ve missed in the morning and, more often than not, you won’t have missed a thing.

3. Leave your phone off for the weekend

For most people, the weekend is when you’re meant to not check any work related email or social networks. It’s understandable that for a lot of people, the lines between online use for work and personal reasons is becoming blurred, so you may be tempted to keep your device with you as you are out and about for the weekend.

I find it works to leave my phone at home or turn it off for at least one afternoon or morning at the weekend. Sunday afternoons are a favourite, when I’m often out for a walk or with family.

You dont miss anything and you’ll appreciate the time offline – plus you’ll be able to concentrate fully on the time spent with family and friends.

4. Take a walk during your lunch hour

Forcing yourself away from email and project work can be extremely beneficial during the working day, even if you think you just don’t have time to take a proper lunch break.

Taking a walk at lunch allows you to recollect your thoughts and come back to the office refreshed. You’ll have a more productive afternoon ahead of you if you take a walk at lunch.

Besides, eating lunch at your desk might actually make you less productive.

5. No devices in the bedroom

This one is a bit stricter and so harder to stick to, but I’ve found it can help banning phones, laptops and even kindles in the bedroom altogether.

Having a space in your home which is digital device free creates an aura of relaxation. In an space where it’s not possible to be online, you’re not worried about connecting.

This is beneficial for sleep, general wellbeing and your love life (if you happen to share a bedroom with a partner…).

When trying this rule, I find I often break it after a few weeks and lapse into taking my phone wherever I go again. This is ok, and I reinstate the rule when I find myself checking the phone too much in the bedroom or working on the laptop in bed (never a good sign anyway).

These are my top suggestions for a digital diet, but what else would you add? Let me know in the comments.

Crowdfunding is a well-known concept for most people, thanks to sites such as Kickstarter. Headlines of consumer products, such as the Pebble, to films, apps and games getting funded – with no apparent downsides – are everywhere.

So when I was asked to write a piece on the “negative” side of crowdfunding, which would be positioned against a positive view, I thought it would make a nice challenge.

In the end, it wasn’t really a negative view, more a look at some of the questions that need to be asked around crowdfunding and a few of the stranger uses for crowdfunding platforms.

You can view the edited piece, including the positive arguments, over on the Guardian Local Government Network.

I was prepared for a bashing in the comments of the Guardian piece from crowdfunding fans, but it did actually turn out to be a balanced discussion. Kudos to Maddie and Andrew from Spacehive for getting involved in the comments and explaining how their platform works well. You can view the discussion here.

The full original piece is below, would love to know what you think in the comments.

The Negative Sides of Crowdfunding for Local Government

There has been an explosion in crowdfunding platforms throughout the last few years and Local Government is starting to get interested in what is happening in this rapidly growing area.

The most high-profile crowdfunding platform is Kickstarter, but lots more have been appearing in the UK: SpaceHive, Indiegogo, PeopleFundIt, PleaseFundUs, Crowdfunder – the list goes on. There are so many in the UK that Nesta recently launched a directory of crowdfunding sites, CrowdingIn, to help navigate the field.

The appearance of these platforms follows the wave of positivity around crowdfunding and crowdsourcing in general. But questions remain and negative aspects often overlooked: Does crowdsourcing produce any more coherence for local government decision-making in modern, austere times? Can crowdfunding fill the gaps left behind by cuts to local government?

I’m a big fan of crowdfunding and its potential to power real social change, but there are several points to bear in mind for local government organisations, communities and individuals when thinking of running your next crowdfunding campaign.

1. The funding is too small for larger projects

Most projects are highly local, limiting the size of the community that might get behind that idea. The most successful campaigns on Kickstarter have generated funding around the tens of millions mark. This is a lot for a consumer product, but really not enough for larger projects that local government is behind, such as transport, infrastructure or educational projects. Can locally-backed projects raise enough funds for larger projects?

2. The people running crowdfunding projects are often amateurs

There is a basic question of who decides what is best locally. The highest value of a local development project is enabled only when subjected to considered critique, continuous exploration, asking the right questions, and engaging with the outcomes in ongoing, iterative fashion. This takes the concentrated work of numerous professionals over several years to take place, not a group of amateurs over just a few weeks.

3. Crowdfunding distracts from bigger issues

Crowdfunding campaigns are becoming a stream of micro-distractions to occupy individuals while the local government organisation get on with the larger projects, such as transit systems, energy infrastructure and civic buildings. As Dan Hill of City of Sound says, “Are we too distracted to notice developments that will affect us in a much larger way as we’re all too busy trying to crowdfund a park bench?”

4. Lack of accountability

For those crowdfunding projects that do successfully get funded, there is an extreme and supreme lack of accountability for actually making the project happen or delivering on the promised product. Platforms like Kickstarter specify in their terms that successful projects have to deliver within a “reasonable” time, but this is too loose to be held accountable to. Who decides once a project is finished and to an agreed standard?

5. Maintaining interest and long-term investment

In 2007, MyFootballClub sought to recruit at least 50,000 football fans to buy a football club. With its purchase of a majority share of Ebbsfleet United, MyFootballClub became the first online community to fully run a professional sports club in history – all through the power of crowdfunding. From this highly positive beginning, long-term interest in the club dwindled. In 2009, an estimated 23,000 members no longer visited MyFootballClub, leaving around just 9,000 active members. At the time of the next membership renewal date, the renewal rate had fallen to 20%, with only 800 out of a previous 4000 members still involved.

6. Crowdfunding is already being used towards a perverse end

A major digital media outlet recently created a crowdfunding campaign that aims to raise money to purchase a video of a Canadian mayor smoking crack. The site will then pay that money to members of Toronto’s drug trade for that video. Who will be paying the money to these drug dealers? Ordinary Toronto citizens. The campaign has raised over $64,000 so far, so is popular on the scale of crowdfunding platforms. What other will questionable projects will crowdfunding be used for?

It’s happened to lots of us at one point and is becoming increasingly more common.

You’re working on a project or come up with a fantastic web project to get started on, so naturally the first thing you do is run to your favourite domain registrar or Twitter itself to see if the domain name is taken.

And it often is.

Long before your idea came to you, someone else came up with a brilliant use for that domain. Or just parked it for future use/profit.

Or you can get a decent domain name, but the Twitter username to match has been taken. Or visa versa. You get the idea.

So, what do you do when that perfect domain name or Twitter username is taken?

This question came up just the other day, via Dave Briggs on Twitter:

bit of advice folks: twitter name that matches URL gone. Acceptable, non-cruddy variations I could use? i.e. suffixes etc?

— Dave Briggs (@davebriggs) May 15, 2013

Dave was pleased to hear (and you will be too) that there are plenty of options for decent mear-alternatives to the name you’ll want – with a lot more availability than any .com domains. Think about .co or .io domains, prefixes such as ‘get’ or ‘weare’, and suffixes such as ‘hq’.

Some of these domains are even being treated by Google as generic top level domains, rather than country specific. So if you have a .co (Colombia) or .io (Indian Ocean Territory) domain, you are now treated as top level by Google. Which go.co welcomed with open arms:

.CO is on the list! We’re treated as a gTLD RT @rustybrick: Google Now Treating 20 ccTLDs As Generic TLDs ser.bz/150wlMf #SEO

— .CO(@dotco) May 2, 2013

Here’s my top list of alternative domain names (which can also be used for Twitter usernames):

• hq – as in basecamphq.com (before they changed to basecamp.com)
• the – as in thefacebook.com (before they changed to facebook.com)
• try – as in tryghost.org
• weare – as in wearefuturegov.com
• get – as in getpocket.com
• use – as in @UseClear
• io – as in Action.io (and lots more on Russell Beattie’s site)
• direct – as in Direct.gov (before they changed to gov.uk)

Other ideas to use, but I couldn’t think of examples to put here (feel free to suggest examples in the comments):

• uk
• us
• my
• juice
• central
• best
• top
• online
• web
• info
• me

One other service worth mentioning is Domainr, which finds shortened domain names and short URLs for you to play with. Instantly check availability and register for all top-level domains.

As an example, the Domainr team’s own favourites are mike.tig.as, goodfil.ms, and farukat.es.

Here’s what I got when searching for facebook.com alternatives:

Try it with your own preferred domain and see where you get. There’s also a Domainr iPhone app if you get an idea for a domain on the move.

Incidentally, Dave’s original question was almost answered by his own blog domain url, which takes a Domainr-like format: http://da.vebrig.gs/

I guess it’s more difficult when trying to get that perfect Twitter username…

What do you do when you can’t get your perfect domain name or Twitter username? What other prefixes or suffixes do you use? Leave your suggestions in the comments.