What’s this?

This post is part 2 of a series looking at online privacy from a sex blogger perspective. I recommend you read Part 1 first, as there is some background info there that I didn’t have the time or patience to duplicate here.

[Updates added in 2021]

Why care?

You might be one of those people who doesn’t care about having your online activity tracked and used to make judgements about you – but that doesn’t mean your readers are similarly blasé. Being outed to family, friends, colleagues or their government may be a serious concern for them and unless you are taking steps to protect them, you might accidentally be enabling people of marginalised sexualities to be identified and targeted.

Apart from these potential doomsday scenarios; there’s also the matter of common courtesy. We in the sex blogging, and particularly the kink community, place a high value on communication, respect and consent – and we should be extending this to the digital as well as the physical. That means not exposing site visitors to tracking or profiling without their permission, not collecting or using their information without telling them about it, and not interfering with their devices or attention in sneaky and disrespectful ways.

You probably don’t have the time or geek knowhow to make changes yourself, but at least with the info here you can instruct your web designer (or a friendly web geek, if you’re lucky enough to know any and trust them to know your blogging persona)

Risks to your readers:

Being outed, being shamed or ostracised, discriminated against, marginalisation, imprisonment, torture, death (in some countries).

Cookies

Cookies on the web are not yummy harmless biscuits, they are the seeds of a vast and uncontrolled surveillance network. They are basically digital ‘stickers’ that allow your online activity to be followed, analysed and used to influence you. Cookies are the simplest form of spy technology, and they are everywhere. Sometimes they are used for harmless and helpful reasons – such as showing content in your reader’s preferred language or remembering what’s in an online shopping basket. Used carefully and respectfully, cookies are not inherently bad.

However, when they are used for tracking, building databases of profiling information, making judgements about people and influencing the content they see, things get a lot more sinister very quickly.

There are laws about the use of cookies (and other trackers, like web bugs) – but those laws are being ignored by almost everybody. You’re unlikely to get into legal trouble for your site’s use of cookies, but there is a huge ethical question to consider here.

Analytics

If you are using Google Analytics, Doubleclick, MailChimp, Jetpack or similar services on your site, the every time someone lands on your site (it opens your newsletter), they are being outed to Google, MailChimp, Automattic, plus everyone they deal with in the advertising marketplace. Their visit to your site is logged and added to profiles linked to your device, your IP address, your behaviour patterns and social media accounts, so that judgements can be made about their lifestyle, interests, health and other traits. This will be used to label your visitors, to judge them in order to target adverts, set ‘personalised’ online prices, make decisions about things like their credit risk or health insurance coverage. You might be ok with that, but are they?

Social sharing

If you have Facebook, Twitter, WordPress, linking tools, Instagram, Pocket (etc) buttons on your site then your visitors are identitied and reported to those companies for them to add to the profiling data sets linked to their device ID, the contents of the Contacts (if synced), their geolocation and their browser history. When blogging about sensitive topics such as sex, this might not be a risk you are comfortable with exposing your readers to.

Video

When you embed video content from YouTube (owned by Google), Vimeo, and other video sharing sites on your blog, your visitors are also identified and tracked by those companies – even if the reader doesn’t actually click on the content. It works in the same way as all of the above – by matching huge amounts of data with other data in order to trace and influence individuals. This is all done in seconds without any human action needed.

So what can you do?

You don’t have to do all of this – you don’t have to do any of it if you don’t have the time/energy/money to sort it out. The more you can do, the safer place your blog site is (for vulnerable, marginalised, closeted people particularly).

1. Dump Google Analytics and use the privacy-friendly Matomo instead. This allows you to track activity on your site but doesn’t track or profile the individual visitor outside your site. Matomo is £9 a month, or free if you run your own server. I’m putting together some ideas for sharing the costs of running a Matomo server among the privacy-conscious sex blogging community, so watch this space… [edit: that idea never really took off. You will need someone web-savvy to help you set up the configuration that meets your needs]

2. Use a plugin tool to stop cookies from being planted on your readers unless they choose to allow it. Just telling people about the cookies and forcing them to click ‘accept’ to make the message go away is NOT consent! That would be like someone buying you a drink and telling you after you’ve drunk it that by swallowing, you agreed to let them spike you with rohypnol and whatever happens after that, they were asking for. It can be very difficult to stop plugins, themes and widgets from dropping cookies without digging into the code, so putting them in quarantine is a much easier option. I use Confirmic, but Real Cookie Banner or the Cookiebot plugin are good too.

Sadly my analytics data has been reduced because some visitors don’t accept my cookies – but that’s a drawback I’m willing to accept to protect them. Your mileage may vary. There are no consequences for breaking eprivacy law at the moment, so this is really more about ethical behaviour than legal trouble.

3. Set your site to respect ‘Do Not Track’. If a visitor has the DNT setting enabled, your site should not drop any tracking cookies on them at all.

4. Make your privacy info really clear. Explain what cookies, scripts and trackers you are using, and what for. Point site visitors to privacy tools like Privacy Badger to help them manage their exposure.

5. Remove social sharing buttons. Honestly, if someone likes your content enough, they can copy the URL to social media. If they don’t then it’s even more rude to use spying tools on everyone who visits your site.

6. Linking tools are a problem – although they are necessary for joining in with memes, they also collect a huge amount of data which is then – you guessed it – sold to data brokers and advertising networks to be added to profiles. If anyone can find a linking tool which respects European privacy standards (which are, on paper at least, the strongest in the world) then please let me know!

Thanks for reading. I have a non-compete clause in my day job contract, so I can’t do any official consultancy work on this, but I can try to signpost to useful info to help answer any questions that might sidle into the comments below. [I’m freelance now, so if you’d like a consultation on how to make your site more eprivacy-friendly, please get in touch with me via Twitter. NB: I will require you to agree to a confidentiality arrangement that protects my pseudonymity before I start talking with my professional hat on!]