↑ (Note the privacy-violating tracking link from AddThis. Our my.lwv.org website adds that automatically, and I haven't found a way to remove it!)

The LWV Los Alamos study on Digital Privacy began in June 2020. It's headed by JoAnn Lysne and Akkana Peck. It led to a new position:

Position on Digital Privacy

County government should place a high priority on the privacy of citizens when selecting and using software digital platforms, digital services, and when contracting for digital work, particularly when these platforms are used to interact with residents.  These expectations also extend to those working as sub-contractors for the County.

The County should clearly identify third-party digital services and platforms at the point of use along with links to the privacy and user agreements for the software.  However, just linking to a privacy agreement isn't enough; County government should make every effort to use services that don't compromise citizens' privacy. If a digital platform is known to be intrusive, an alternative, less-intrusive method of receiving the same information or accessing the service should be provided.  In this context, for example, most social
media are considered to be digitally intrusive and do not qualify as alternatives.

Consensus Meeting:

The consensus meeting was Monday, Jan 4 at 7pm, via Zoom.

Read our summary and consensus questions here.

Background:

We know that tracking practices are common in the digital realm. Even when scheduling the Zoom event for the first Privacy study group meeting, JoAnn had the option of attaching a tracking pixel. When citizens interact with the County, they do not have the option to opt out of such tracking and data skimming tools. The Los Alamos County newsletter, The County Line, is an example of this. It is operated by Constant Contact which has an unsavory history (which is why these newsletters often end up in junk mail folders). When citizens click on the link to visit the county's website, Constant Contact collects location, demographics, browser type, and click information. The disclosure provided is vague and no alternative exists. The County also uses a number of other digital platforms. Not all citizens can or will use these platforms and those that do may not be making an informed choice.

We propose to study they County's use of digital tracking and other privacy-invasive measures. The County and its citizens would benefit from transparency and privacy, not data skimming. The League of Women Voters of Oregon has undertaken a similar, though wider ranging, study: Privacy and Cybersecurity Today.

Participating:
JoAnn Lysne, Akkana Peck, Don Machen, Joyce Nickols, Jeffrey Howell, Becky Shankland, Barbara Calef, Dave North, Lynn Jones, Amy Birnbaum, Ed Birnbaum, Adelaide Jacobson, Jody Benson, Kyle Wheeler, Rebecca Chaiken, Rosemarie Fredrickson.

Meetings

Meeting: Introduction (June 9 2020)

• How Data Brokers Sell Your Identity, TED Talk by Madhumita Murgia

Meeting: Browser Privacy (July 6 2020, 10am)

• I Visited 47 Sites. Hundreds of Trackers Followed Me.
• How cookies track you around the web and how to stop them

Optional for Meeting 2:

• I Turned Off JavaScript for a Whole Week and It Was Glorious
• This Article is Spying on You
• Browser Fingerprinting
• Akkana's Browser Privacy page (with her Toastmasters talk)

List of Trackers on (Some) County Websites.

Meeting: Discussion with John Roig (July 20 2020)

The study group met with the County's Chief Information Officer, John Roig, and discussed the County's website and use of apps. We learned a great deal of interesting information, but it was clear that user privacy isn't much of a consideration when choosing providers.

Meeting: Mobile Issues (August 24 2020)

We discussed apps running on phones and other mobile devices, how to evaluate what information an app might collect, and some factors to keep in mind when choosing and installing apps.

Mobile Links:

• The hidden trackers in your phone, explained, from Vox
• Exodus privacy reports for Android apps
• 3 Red Flags You Should Look Out For Before Downloading an App (CNET)
• How to Secure Your iPhone and Android Device (ZDNET)

Consensus Meeting (January 4 2021)

We decided that we've gained enough knowledge to have a consensus meeting to prepare to draft a basic privacy position. After that, the Privacy Group will continue to meet and delve into finer detail, which may later lead to changes to the basic position.

Recommended Optional Reading

• Dragnet Nation: a quest for privacy, security, and freedom in a world of relentless surveillance, by Julia Angwin.
  Angwin has written many excellent articles on digital privacy, and this book is wonderful.
• Little Brother, by Cory Doctorow (fiction)
  Young Adult fiction by Cory Doctorow, science fiction author who has worked with the Electronic Frontier Foundation for many years. Good reading both as a fiction story and as a cautionary tale of current surveillance techniques and where they lead. There's a sequel, Homeland, plus a third in the series coming out later this year.
• EFF's Guide to Digital Rights During the Pandemic: An eBook
  You can download this short eBook free from the Electronic Frontier Foundation's website (or donate/join if you feel inclined: it's an excellent organization that does a lot to protect our digital privacy). Includes information on issues like how to evaluate government surveillance proposals, privacy of COVID tracking apps, right to repair medical devices, surveillance of crowds at protests, and student rights in an age of online classes; we'll talk about some of those issues later in the study.
• Weapons of Math Destruction, by Cathy O'Neil
  Not strictly a privacy book: it's about Big Data algorithms (like the ones advertisers or Google use on our collected info) and how they're misused. It's relatively short and very readable. Warning: it will make you furious in places, especially if you're concerned about social justice issues (like Black Lives Matter). But it will also give you a good sense for why it's dangerous to have all this data out of our control.
• This report, published by the Norwegian Consumer Council, is an excellent summary of how the business of data harvesting, the sale of personal information, and advertising are connected and leveraged across multiple kinds of digital platforms. Additionally, the report looks at a sampling of apps, the data they collect, and how widely that data is shared.