Dark Designs:

           How tech companies undermine consent.

September 6th, 2018

Outline:

  • Introduction
  • Rules n’ Such
  • Current Events
  • Cambridge Analytica
  • Mini Workshops
    • Browser defense
    • What is a 'Meshnet'?
  • Thank You/Resources

Who are we? Who are you?

  • We are the…
    • The Cypurr Collective: A group of folks that organize cybersecurity workshops and socials, looking to spread knowledge and talk about privacy rights!
  • ...and you are?
    • Name
    • Pronouns (i.e. he/him, she/her, they/them, etc)
    • In a few words, what brings you here today?

A few rules for this workshop …

  • Share the space!

    • Ask a question, give a comment, leave room for others to speak

  • Stack!  Raise your hand, we will queue speakers

  • Saf(er) Space

    • We DO NOT tolerate language or behavior purposefully meant to demean or harm others

    • Don't pressure anyone to discuss their experience/threat model/situation

    • Consent: Ask before helping someone out, e.g. before taking their device

  • Photo/Video- No photo/video without asking!

  • Reporters/Researchers: Make yourself known

  • Bonus Rule: Try not to invalidate experiences!

     

Current Events

Story #1:Facebook

Facebook users are a changin'

Story #1:FB bein' evil

A platform for hate

  • Facebook in Myanmar
    • Facebook’s refusal to deal with hate speech may fuel the Rohingya genocide (bbc 9/9/18)
  • Facebook use predicts levels of real-life violence against refugees in Germany (Mashable 8/22/18)
  • Mark Zuckerberg defends Facebook providing Holocaust deniers with a platform (The Verge 7/18/18)

Story #1:FB bein' evil

Who moderates the moderators?

Story #2: Alex Jones

or, 'no good very bad man has a no good very bad month'

  • Context: Who is this supplement slinger?
  • B& or removed from:
    • FB, Youtube, Pintrest, Apple app store, iTunes, Spotify and Twitter (verge 9/7/18)

Story #2: Why care?

The Ban's Goodness

- AJ & InfoWars had spread misinformation

- Also spread violent right-wing conspiracies

- "No platforming" discourages others & delegitimizes these views

- Sold dangerous supplements

The Ban's Badness

- Non-democratic and corporate coordinated banning is...scary

 - Can/does translate into banning of other views.

- No wider "anti-hate" policy

- Lack of records

- Legitimizes AJ's 'rebel' image

Story #3: Google skipping out on Congress

  • Meeting on foreign influence in the US via social media
  • Facebook COO Sheryl Sandberg and Twitter CEO Jack Dorsey testified
  • Larry page (CEO of Alphabet) and Sundar Pichai (CEO Google) didn't show
  • (cnet 9/6/18)

Story #4: LinkNYC tracking NYers

  • ReThink LinkNYC finds plans to track users in accidentally-public code.(The Intercept 9/8/18)
  • Alphabet (google) owns Sidewalk Labs.
  • Sidewalk labs are main investor in CityBridge

Break & Discussion

10 min break to stretch etc

Talk with neighbors:

What frustrates you about certain apps/websites?

(e.g. I really dislike "infinite scroll")

Dark Designs

(aka "A**hole designs")

 

What are dark designs?

Dark Patterns are tricks used in websites and apps that make you buy or sign up for things that you didn't mean to. " darkpatterns.org/

We say:

Any design choice which deliberately undermines user consent

Consent

Requires (at least):

  • Full knowledge of outcomes/risk
  • Lack of pressure
  • Autonomy to decide yes/no prior to actions
  • No repercussions for declining
  • Ability to change choice at any time without repercussions

Apps/sites often:

  • Operate in secrecy
  • Pressure users to decide quickly (through inconveniences)
  • Burden users to "opt-out"
  • Withhold services unrelated to the permission
  • Do not allow users to undo decisions

Dark Designs Examples

1. A mean dirty click

Dark Designs Examples

2. The click dodge

Dark Designs Examples

2. Countdowns and Killer cookies

Dark Designs Examples

4. The ToS slip

  • Facebook tricks users after GDPR with fake badge
  • Length of these documents

Dark Designs Examples

5. All or nothin'-ing

  • When a service knows they have 1 good feature so they sneak in a dozen bad ones

Dark Designs discussion

  • What sort of companies resort to it?
  • How to avoid
    • Ad-blocking
    • Open Source
    • Nesting (eg opening FB in firefox instead of the FB app)

Mini Workshops

  1. Browser defense: selecting a browser and  extensions that protect you

2. Learning about Mesh networks

Thank You and Resources

  • CyPurr Collective

    • https://www.cypurr.nyc

    • Facebook & Twitter

  • Sign up to our email list too, we won’t spam ya!

  • Further Resources

    • NYC CryptoParty Meetup/CryptoParty Harlem (Meetup)

    • HacbBlossom (Hackblossom.org)

    • Tactical Tech Collective-

    • Holistic Security, MyShadow, Data Detox

  • EFF- Surveillance Self Defense (ssd.eff.org)

  • Freedom of the Press Foundation (Freedom.press)

     

Upcoming

  • Here again on October 20th for Privacy Week (metro.org)
  • Open meeting here TOMORROW @ 7pm
  • Two upcoming socials TBD, watch Faceboo/Twitter

Thank You!

Made with Slides.com