The Nexus of Privacy at the turn of the year
With some teasers about stories in the works ...
Happy 2023 everybody!
The start of the year's a good time to reflect on the Nexus of Privacy's focus in 2022 – and think about what to do differently in the upcoming year. Here's how I originally framed it back in June in Welcome to The Nexus of Privacy:
The Nexus Of Privacy is a website and newsletter focused on different perspectives on privacy, including technology, policy, activism, and strategy.
At a high level, that's held up pretty well! Privacy News roundups routinely cover technology and policy; longer posts on including federal privacy legislation, FTC comments, ShotSpotter, and Mastodon discuss activism and strategy as well as technology and policy.
Looking at it in more detail, though, there's room for improvement: most of the technology deeper dives have focused on automated decision systems and Mastodon, and there's been a lot less on privacy technologies and business strategy around privacy. So that's something I hope to focus on more in 2023 – starting with Data Privacy Week in late January.
I'm still working on finding the right format and tempo for the Privacy News updates. The half-dozen or so links where I summarize and provide context take the bulk of the time writing it ... but subscribers generally tell me they find this very valuable, often more so than the (much less- time-consuming) laundry list of links. Over the fall I was doing two to three Privacy News stories per week; I could move down to one per week or update it to daily. Once the new year starts up for reals I'll run some polls to try to get a better feel for what people want.
Beyond that ... well, here's a list of some of the longer posts currently in draft form. For calibration, some of my posts stay in draft form for years, so there's no guarantee when these will appear. Still, this gives an idea of what's in the works.
- A discussion of The Rise of Privacy Technology (TROPT) Tech Stack Whitepaper. With hundreds of privacy tools out there, TROPTs structure helps bring clarity to the complexity of the landscape. Just as valuable are the perspectives from privacy domain experts on the biggest challenges facing privacy tech (and potential solutions), privacy tech trends, visions of the privacy tech future, and a privacy tech buyer "wish list".
- A longer look at the policy questions Twitter's new management's actions highlight – and an evaluation of how well different legislation addresses them. ADPPA and Twitter: eight questions and an elephant was a prototype for this post, with a shorter list of quesitons and focusing narrowly on the proposed American Data Privacy and Protection Act; but it's also interesting to look at proposed Washington state regulations as well as how other states and the EU handle these situations
- Applying social threat modeling techniques. Mastodon provides some great examples here; Mastodon privacy: you can’t really opt out of search engine indexing and Black Twitter, quoting, and white views of toxicity on Mastodon both have some analysis along these lines, but more structured thread modeling could be very useful.
- A Washington state legislative session preview for privacy and tech justice legislation, similar to The stakes are high: Washington state privacy, facial recognition, and automated decision systems legislation 2021 (on jedii.tech). This year, we'll have the My Health My Data bill, a new version of the People's Privacy Act, yet another try at automated decision systems regulation, and who knows what else.
- Looking at Mastodon, the fediverse, and other independent social networks. Twitter's deterioration under the new Chief Twit – and the mounting regulatory pressure on Facebook – mean that there are a lot of opportunities here! As well as revising Mastodon: a partial history (DRAFT), I'm also planning on talking more about strtaegy moving forward.
- Key recommendations for business decision makers based on current privacy trends. Some are straightforward but very important: invest in compliance (because more and more states have regulations going into force, and California and the EU are flexing their enforcement muscles), privacy by design (because it's cheaper and more effective to think about privay issues up front and holistically), and privacy tech. Others relate to exploring new business models and social network dynanics.
If any of those sound particularly interesting to you – or if there are other topics you think are important that I should also cover – please let me know.
And while I didn't make a big deal of it in 2022, I'm also available for consulting work (and would consider a part- or full-time employee role). It's tricky because I have a lot of strengths and interests: strategy, software engineering (especially the interaction between with justice and equity, but also engineering processes and reliable software), social networks, automated decision systems, organizing, and of course privacy. I'm still wrestling with how to best to present that ... but if you're looking for help in any of those areas, please get in touch!
A lot happened on the privacy and tech justice front in 2022 and I expect there will be even more in 2023, so it should be a very interesting year. Stay tuned for more!