Book Review: Understanding Privacy - Heather Burns

Book cover for Understanding Privacy.

Heather Burns has an absolutely deft way of turning the sometimes-dull world of digital privacy into entertaining, informative, and actionable prose. Too many of these sorts of books end up being a list of woes and end with "someone should do something, I guess?". Understanding Privacy is different. All the way through the mantra is […]

Continue reading →

What the UK Government gets wrong about QR codes

A leaflet for Childcare with a prominent QR code.

One of my most memorable experiences in the Civil Service1 was discussing link shortening services with a very friendly2 person from the Foreign and Commonwealth Office. I was trying to explain why link shortners like and weren't sensible for Government use. They didn't seem to particularly care about the privacy implications or the […]

Continue reading →

Can you trust

Screenshot of the ProtonApps page.

I've recently signed up to the privacy-preserving service Proton. All the email, calendar, drive, VPN, and other services seem to hang off the domain. I wanted to download the Android apps to my phone - without using the Google Play Store. The VPN app is on F-Droid but none of the others are. So, […]

Continue reading →

O2 UK's Weird MSISDN Lookup API

Sorry, we don’t recognise this number. Please try again.

It's always fun keeping your network inspector tab open. While looking around the O2 UK website, I found this page all about eSIMs. For some reason, it wants to know the user's phone number. I put in a random number, and it refused to let me in. Putting in a genuine O2 number let me […]

Continue reading →

Safelinks are a fragile foundation for publishing

Screenshot showing a document. The cursor hovers over a link. The pop up shows a safelinks URl.

Microsoft loves you and wants to protect you. So every time you receive an email with a link in it, Microsoft Outlook helpfully rewrites it so that it goes through their "safelinks" system. Safelinks allow your administrator, or someone at Microsoft, to stop you visiting a link which is malicious or suspicious. Rather than going […]

Continue reading →

Envelopes and GDPR

A letter addressed to me. Just inside the plastic window you can see the word "colonoscopies".

Privacy is a funny concept, isn't it? Very few people want the whole world to know what medical complaints they have. But most hospitals are open-access buildings, where the waiting rooms have large monitors to tell patients that their doctor is running late. A few years ago I was sat in the proctology waiting room. […]

Continue reading →

I don't think you need to be civil to puppy-smashers

AI generated image of a small industrial machine crushing a cute puppy.

My good friend Jess wrote this a little while ago: The function of a system is its output. If you have dog grooming machine that sometimes smashes puppies and you keep running it, you're in the dog smashing business. If you work for a mass surveillance company that keeps enabling genocide and undermining democracy... — […]

Continue reading →

Let's track footballers' heart rates!!

Photo of a football match. The striker's BPM is a high 150, the goalie a more leisurely 75. Original photo from

I don't follow football - or any sports - which made me an unusual choice for this particular pitch. Let's wind back the clock a decade... A relatively unknown hardware company has just released one of the first "fitness trackers" which can measure a wearer's physiology. As well as counting steps, it now has the […]

Continue reading →

Fediverse Account Portability And Blocking

Cartoon of a tusked mastodon holding a phone.

One of the many great things about the Fediverse (Mastodon, PixelFed, Lemmy, etc) is that your account is portable. Let's say you're bob@social.boring and, one day, you decide to move your account to foxyfun@furryextreme.yif. Well, with a few clicks of a button, all of your old followers are now following your brand new account. You're […]

Continue reading →

The IAB loves tracking users. But it hates users tracking them.

Logo of the IAB tech lab.

The Interactive Advertising Bureau (IAB) is a standards development group for the advertising industry. Their members love tracking users. They want to know where you are, who you're with, what you're buying, and what you think. All so they can convince you to spend slightly more on toothpaste. Or change your political opinions. Either way, […]

Continue reading →