Http://smartcitizen.me/

Hey,

I am a Open Source enthousiast and believe in power to citizens by giving them access to their own data. Also security and privacy by design are principles I hold very dear. These are values that seem to be at the core of the Smart Citizen community and why I am happy to be part of this project.

So then why is the website of smartcitizen.me crawling with third party trackers and cookies?!
On the front page alone there are 22 of them tracking my data and sending it god knows where…

And why does http://smartcitizen.me/ allow for people to send data in the clear? An SSL certificate will set you back €35,- a year if you can’t install it yourself.

If you want people to take you seriously and you want to take all your citizens seriously, please take care of their data.

+1

About the SSL protocol, as the whole website is open to public, we haven’t seen the necessity to protect it. But you are right that user data are still sensible (especially password). We have them encrypted in our server and in general we’ve tried to have strongly secured server. We are now missing a protection against middle man listening communication. SSL can do the job and therefore we are thinking to offer http and https website (some country have https blocked). then some apache detection could make people shift from http to https automatically according to country.

so yes, SSL connection is in the Wish List !

Best
A

Cool to hear SSL is in the working and Google will be replaced by Piwik (very good substitution indeed).

I don’t get the part on why SSL is blocked in some countries… I never heard that one before.

As for social sharing: you can make your own links to those sites, not using their (tracking-)code. Another option is two-click sharing: http://ux.stackexchange.com/questions/20751/why-did-they-use-two-stage-social-media-sharing-buttons

As for Vimeo; yeah. That can only be solved if you serve videos on another domain (video.smartcitizen.me or so) and thus removing them from the frontpage.

Three cookies remain tough:
http://www.addshoppers.com/
lphbs.com
http://www.conviva.com/

I hope those cookies without clear user benefits can be removed at least.

And really… SSL should be available for purchase with your provider and been setup within a day.

It’s a topic that we are always following. We totally agree with the philosophy your putting in front and with this problem of third party services that may track data. So far we are using those :

As analytics tracking tools :

• Google analytics
• New Relics

As Sharing tool (but surely tracking as well for their own interest)

• Twitter
• Facebook
• Google Plus
• LinkedIn

Plus this third party tools :

• Vimeo
• MapBox

We plan to shift out from Google analytics to an equivalent open source (piwik) that we could host on our server and thus control better the datas.

Twitter,Facebook, Google Plus and Linkedin are unfortunately irreplaceable.

Vimeo is using also a tracking system to check your configuration to serve the best video, we could host our own video but that will be loosing a time and energy while loosing in service quality…

And MapBox is serving us the nice map tiles of the website. Here again we could move to a version hosted in our server but again the feeling that this will be a lot of effort while having issue with delivery speed (or move to expensive server).

In general, we where thinking to move away from online services that don’t seems to respect privacy (Google & Cosm) but at the same time is difficult to avoid them (facebook & co) while being a small community platform that want to connect peoples, idea and actions (thus connecting services too).

You are welcome to propose alternative for all this functionalities !

The SSL is blocked in some censored country like Iran… But it’s not a reason to don’t offer SSL to others

About this two stage click, I’m not yet convince " A two click control gets rid of the tracking while making a inconvenience for the user." But it’s a start of a solution.

Then for the last tracking :
lphbs.com / Conviva is from Vimeo
http://www.addshoppers.com/ -> I haven’t seen it before and I still don’t see it (on chrome - OSX) How do you found this one ?

And then about cookies, I can see only cookies from smartcitizen.me (CakePhp cookie session) and google.com.

Let me know if you find something else or would like to propose a solution.
++

I use disconnect.me to track cookies on websites.

Strangely the addshopppers also isn’t appearing anymore. Will test again later.

And yeah, Iran… Well. Considering the SCK userbase there I think this should be an easy decision
(and even if you had users there it would still be good…)

BTW: how habe you managed to put your screenshot in directly? Like it

use html

Also, those moving panes are giving me a headache. I’m sure there’s a better way to present the information and not have the side pane move in and out such a lot. It’s very annoying, but maybe that’s just me.

Anool
team @wyolum
Mumbai, India

nop, that is not just you. Way to much movement happening on the homepage of SC

Ok guys, taking notes for the next release of the web interface, which is going to change in the coming months, we expect to have a BIG update by autumn, including rewriting the entire data base

thanks for the feedback

great, and some more feedback.
When downloading CSV data (or any other format), it would be nice to be able to specify a time period (“to” > “from”) so I don’t have to download every data point every time.
This way I can probably pull data once a month.

Agree with Anool! Time period against download would be really helpful, and would enable quick and easy access to readings more than ca. 4 days ago…

@tomasdiez: how’s it going with the website? It is already almost autumn again!

@dosch finally it is coming really close, we will launch the whole new platform in less than a month.

We will share you the beta in the upcoming weeks!