The privacy threat model sitting at your dinner table

14 April 2025
Privacy

Many of you will have read about the recent bankruptcy of the genetic testing company 23 and Me. They ran one of those services where you spit in a tube, sent it away in the post, and got a report back telling you “where you were from” (based on a cable-TV understanding of 200 years of global history) and, more to the point, what diseases you might develop someday (based on playing on people’s neuroses).

Now that the company has gone under, of course, all that data – meaning people’s genetic fingerprints – are now just corporate assets up for sale, with no protections for the people that data is about, or rights for those people to have a say in where that data goes. (Naturally, people are gobsmacked that the cheap gimmick they fell for turned out to be a cheap gimmick.)

Read More

At last, a UK data broker removal service

10 March 2025
Privacy

I had been looking for a data broker removal service for quite a while, specifically since some salivating fanboys affiliated with a certain project* sent a threatening package to my house to make sure I got the message. God, it’s fun being a woman on the internet.

Unfortunately, all the market offerings I came across were US-only.

…until this morning, when a generous discount code from the Revolutions podcast led me to discover a data broker removal service which – hallelujah! – covers the UK, and the EU, and yes, the US too, also Canada and Switzerland.

I signed up over my morning coffee and they’d secured seven deletions before I’d finished it. Damn.

Get deleting folks. Here it is – yes this is a discount code. You get a discount! I get a discount! Everybody gets a discount! Go go go etc.

Timely update: DSIT has opened up a consultation on data brokers x adtech x national security. It closes on 12 May. Do not ignore this one.

Update, one week later: my details have been scrubbed from 18 data brokers I’d never even heard of, so far. A small part of me will sleep a little bit better.

*It’s not the one you’re thinking of.

Don’t let anyone tell you that you didn’t see what you saw

27 February 2025
Reading lists, books, and imagination

“Don’t let anyone tell you that you didn’t see what you saw. They want to shake your confidence, to shame you into doubting reality, to get you to use euphemisms and political language that is ‘designed to make lies sound truthful and murder respectable and give the appearance of solidity to pure wind'”.
bitter southerner, via the One Nation Indivisible podcast; the inline quote is from Orwell’s Politics and the English Language.

A story prompt

20 February 2025
Reading lists, books, and imagination

Once every few years you read a book which completely captures you and never lets go. It’s not just the book that you can’t put down; it’s the one that haunts you when you’re away from it. It’s the one which creates a world that you somehow travel into, while you’re reading, as if the real world around you has melted away. It’s the one that you keep forever and re-read every few years. It’s the one that you never, ever forget.

Read More

Strategies for resistance, right now

19 February 2025
Privacy

Eight years ago I stood on a stage in London and recited Shakespeare, without fluffing a single syllable (now there was a bucket list item), before proceeding to tell my audience about strategies for resistance in the face of authoritarianism. I wanted them to understand how, as coders and developers, they had more power they they realised.

I closed the talk by telling the story of René Carmille, the French census official who deliberately sabotaged his work to protect the people in the data. That story then became a Twitter thread which went viral for years. The thread even became a bit of a resource on similar stories of resistance:

Read More

Talking about the IPA TCN Apple mess

14 February 2025
Privacy

This week I made a rare public appearance – and broke my 100% postgraduate attendance rate (soz) – to participate in a webinar from the Future of Privacy Forum. Held on Safer Internet Day, the talk was on the importance of secure end-to-end encryption for children and young people. I was asked to participate on relatively short notice to discuss the Home Office IPA TCN to Apple, in that context.

Read More

Your remedial homework

21 January 2025
Privacy
sneaky peeky

Remember that book I wrote on how to integrate healthy foundational privacy practices into your work, regardless of the presence or absence of legislation, to protect your users from hostile actors in both the private sector and in government?

You know, that book I wrote which was the outcome of several years of unpaid conference speaking about defensive web development practices to deploy against authoritarians, which led me to get shouted at to shut up about politics?

Yeah. That book.

Oh NOW you want to buy it.