Family isolation protocols: don’t judge

In this time of sheltering-in-place and self-imposed isolation, we have to learn to be kinder and less judgmental to each other. One of the biggest issues for families is agreeing on your own “isolation protocol,” for lack of a better description. Most of the stuff that I have read include suggestions such as from Britain’s NHS here. Or articles on what activities to do now that the kids are home. But I haven’t seen that much discussion about how you formulate your own protocol. Given my interest in Internet protocols, this seems a natural point for me.

It is just my wife and me at home. You would think that the two of us would be able to figure out some common ground for exactly how much isolation we should be doing. But it is a harder problem than that. There are two dimensions to this. First is that the ground is shifting. As the virus spreads, scientists are learning more about its transmission and its lethality and changing their own recommendations. That means building into the family protocol the ability to be updated to reflect these changing conditions. Or if one of you becomes more concerned about a particular activity, for example. As I said, things are changing rapidly.

The second dimension is that all of us, even long-married couples, come to this virus from different perspectives. What we need is to make some consensus decisions. We do this all the time, and it part of our daily lives. Only, instead of what are we having for dinner or who is going to clean the bathroom, they become decisions that involve the potential life and death of the family members themselves. Maybe that is too dire a description, but you see what I mean.

Let me give you some examples of the potential points around assembling your own protocol:

  • When should we wear a mask, if at all? (See the link above for the latest CDC recommendation.
  • Is takeout food acceptable under specific circumstances?
  • How often do we shop for groceries and other supplies? Do they require delivery?
  • When one of us returns from being outside our apartment, what is the cleansing and transition process?
  • How often should we go to the office?
  • What about continuing or beginning any volunteer activities?
  • Do we have a cellphone cleansing policy, and who enforces it?
  • What about how to disinfect the mail and newspapers?
  • Is anyone other than the family allowed inside our apartment and if so under what circumstances?

These all seem like pretty petty issues, but in the time of Covid, they could be life and death, quite literally. If you want your family to survive this crisis, you need to come to agreement on these policies and be willing to concede to your spouse’s POV. I have heard stories about those medical workers who have to sleep over the garage or in someone’s RV rather that spend their time inside the family manse.

I was talking to a friend of mine who has a father who is in his late 70s and still goes to work at his office. She tried talking to her dad and getting him to stay home but was unsuccessful. Another friend who is 80 had all of his grandchildren over to their house for dinner not too long ago. This person recently had heart bypass surgery.

Here is the thing. You can’t judge what someone else’s protocol may be, however inelegantly expressed or however much you disagree with their position. Everyone has to come to terms with this pandemic on their own terms and reach their own comfort level. Now I realize how frustrating it can be to deal with a family or friend who has a different position on what social isolation means, and perhaps doesn’t disinfect as much (or as more) as you do. It isn’t up to us to judge. You have to be you, to quote a common phrase. But you and your family should have some discussion about this and at least agree on some of the basic principles as I listed above.

Maximizing the benefits to your family of web conferencing and video chat

More of us are now working from home, and more of our kids are having to finish their school year from home too. That presents all sorts of opportunities and problems, and at the center of both are web conferencing and video chat technologies. Understanding how they are used and setting up basic rules, figuring out your collection of tools, and setting up separate work/school areas in your house will determine if your family will be productive and if you can survive your “sheltering in place” during this COVID crisis.

Even Bill Gates is spending most of his time on video conferencing (check out this interview with TED’s head honcho where he plugs Microsoft Teams several times during the first few minutes).

I have been using a variety of conferencing systems over the years, and help produce a several-hundred person webinar for the American Red Cross monthly. Here are some tips from these experiences.

 1. Each family member needs to establish their own “broadcasting protocol,” for lack of a better term. If Mom is online, does that mean that Dad can’t interrupt the call? Or that the kids can’t wander in for a visit? The old rules of not having a child interrupt your work meeting no longer apply. I put together a podcast with Paul Gillin about some of these old rules last fall here.)

The number of memes showing various family members caught in states of undress have certainly proliferated. Clearly, set some ground rules about what, when, and what to wear when on a video call, or when video is and isn’t appropriate. Figure out where each family member is going to be using as their “studio” so that everyone can have their own space. A friend of mine has noticed that all the professional news anchors who are now broadcasting from their homes has given him a chance to view their room designs. It certainly isn’t “design on a dime” but it at least injects some new interest in their broadcasts.

Another thing that I have seen in the past couple of weeks is a more relaxed use of the video conference. “Sharing” dinner over a conference call link in lieu of being at the same dining table. Celebrating a work milestone with drinks from everyone’s home office, rather than in person at the local bar or conference room. Doing homework together over a conference line. You get the idea. Be creative and figure out what works for your situation.

2. Video is nice, but having solid audio is key. That brings up my next point. I don’t want to minimize the importance of video. As you know, I mostly work alone in my office. In the past weeks I have wanted to connect more via video, to see my family and friends. Video is an important connector in these times of crisis. But if your audio gear is subpar, you need to address that now. No one wants to listen to bad audio. Your laptop’s audio gear might not cut it, and if you are going to be doing a lot of conferences, invest $50 to $100 in a decent external USB mic.

3. Understand you’ll need some minimal production values, for both personal and work purposes. Have an agenda, have a conference call leader, prepare the presentation ahead of time, set up a call sheet of who speaks when. And check your audio setup to make sure folks can hear you clearly. These things are also important for calls to family and friends too. While having a “coffee talk” freestyle type of meeting is nice, once the novelty of seeing everyone wears off, you should make the calls more structured. Also, if you are going to share your screen, prepare it ahead of time: don’t have everyone looking at your email inbox or have your messaging client pop-ups enabled during your session.

4. Use calendar invites with care. Google’s calendar invite automatically adds its own Hangout link: that is great if that is what you want to use, but it is confusing if you have some other tool in mind. Remember that some other automatically generated invites (such as from Zoom) don’t automatically adjust for time zone differences. And speaking of which, start your meetings on time, please.

5. No single tool will work for every family member, or even every situation. We are fortunate that we have so many products that are available, and many of them are free of charge: Zoom, Webex, Facebook Messenger, Facetime, Google Hangouts/Meet/Duo, WhatsApp and Skype are just a few of the services. If you look at this list (and there are dozens more products that I didn’t mention), they come to the party from different places: video telephones designed for 1-on-1 calls, video-enhanced text messaging, video collaboration tools designed for supporting sharing stuff (files, URLs and chats), video-enhanced social networking and video training tools that are designed for a somewhat different collaboration.

Figure out what works for you, based on your prior experience, what your contacts/peer groups are using and if your business already supports one of these for work-related calls. Zoom has been in the news a lot because it is very easy to setup (including these simple recording features shown here) and because a lot of schools are setting up distance learning classes using it. But if you want to run meeting longer than 40 minutes with more than two people, you’ll need the paid version, or try out Webex, which has a free tier for this situation. Also, if you are concerned about Zoom’s cavalier attitude towards privacy, you may want to choose something else.

So it is possible that your kids might use Facebook Messenger/Whats App, you will use Zoom and your spouse will use the office’s Microsoft Teams. That’s okay. Realize that each family member is coming from a different experience and comfort level with these tools. Remember that our kids have grown up with various digital products but may not be used to using them productively under present circumstances. You may want to monitor their use, depending on their age and what kind of parent you are too.

Video calls now have a heavy lift and have to support your work life and your family’s social life. As we spend more time at home, we need to stay connected with loved ones and work colleagues and figure out how to become more productive.

Support your local restaurant

I live in a very urban part of St. Louis for a reason: it is walkable, it is vibrant, it is near a wonderful park and transit. All of that has changed in the past two weeks.All of these advantages now have to be examined under a different lens.

Like many of you, we are staying home. When we do go out for a walk, it is a bit eerie: the streets are empty. Street parking — which used to be an issue especially weekend evenings — is copiously now available. Meeting other pedestrians used to be under the midwest code: you nod and say hello as you pass. Now we hold our breath and hope that we have enough room on the sidewalk to “socially distance” ourselves.

The dozens of restaurants that were at the core of our community are mostly under lockdown. The ones that are closed have small signs in their windows, hastily printed. The few that are open are only for carryout, under orders of the city. I want to support the ones that are still doing business, even though it is a risk: do I trust the sanitation and health protocols that the restaurateur has adopted in these post-COVID times? Many of these places are run by people I have gotten to know over the years living here. My wife and I eat out frequently. Not anymore.

Still, I feel that I need to do something. So I started looking into how to make it easier for customers to get their meals from the local restaurants. If you are willing to take this risk — and there are many of you that might not even go here — there are three main issues:

First, many local restaurants have terrible websites. One of our favorite places has been in business for decades and is about a three-minute walk from our apartment. It has a single page website with a phone number. No online menu. No online anything, really. Others just have Facebook pages, which aren’t much better. I realize that there are many places which are not tech-savvy. But still, there are many restaurants who are. Take for example this group of local places (none of which sadly is in my neighborhood). They have a very nice website. But that is just first hurdle.

Second, I want to be able to purchase my carryout food online. Here is a complicating factor. There are two typical ways that a restaurant does this: either through a food delivery provider (you can select a pickup option if you don’t want the food delivered) or via the restaurant’s point-of-sale (POS) vendor. In our neighborhood, there are at least five different delivery vendors:  DoorDash, UberEasts, Postmates, GrubHub and FoodPedaler (the latter being a hyper-local St. Louis startup that has concentrated in our neighborhood and downtown). Some restaurants have setup accounts with multiple delivery vendors. But many of the places don’t have any accounts with any of these services.

The problem isn’t just technology. The restaurant has to be setup with a place for the pickup orders, or have the workflow for how the delivery provider is going to interact with its staff. These days where interpersonal interaction is scrutinized, that means being extra careful with sanitation.

One way to simplify matters in these dire times is to present just a few choices. That is what Grace Meat + Three has done with their online ordering. You just have two menu choices.

Third, I want to purchase a gift card to provide an interest-free loan to my favorite places. This can be done in one of several ways. The easier way is to use a gift card with one of the food delivery vendors mentioned above. The second method is by using gift cards that are associated with a POS vendor. Clover (shown here), Toast and Square are the three POS vendors that are most often found around here. The rub is that the restaurant has to enable this option, and not everyone has set this up.

Another method of obtaining gift cards is to make use of one of the E-Gift service providers. (Everything is a service nowadays, so why not gift cards?) There are two that I found: Yiftee and TheGiftCardCafe. The latter vendor is waiving its setup fee for new accounts, which is a nice gesture.

Some restaurant websites have direct links to gift card purchases, but most don’t. Usually they are found on the bigger national chains’ websites, which is not where I want to go at the moment. And one local chain listed gift cards on their website home page, but the link brought me to a page saying that it hasn’t been setup yet. FAIL!

One effort has already begun, called CurbSideSTL. It is a good first attempt and does a decent job of listing who is still open and how to order and obtain food. But it lacks direct links to gift cards and online delivery services. I realize that involves a lot more work, but given how quickly things are evolving, it would be more helpful with these links.

So, where does that leave us? If you own a local restaurant, I will give you some help to at least get your carryout menu posted online. If you have a POS system and haven’t gotten online ordering or gift cards setup, I can do this for you. My price is a free meal. Now more than ever, we have to make it easier to do business online.


As the coronavirus spreads throughout the world, businesses are being faced with setting up policies and procedures to enable everyone to work from home (WFH). Doing this presents several challenges, some of them brought on by new demands on your IT department and some by demands of a new way of working that you may not have anticipated. A good reference point for the complexities involved is this Twitter thread about what Slack did to move to 100% WFH model. In this podcast, Paul and I draw upon their own decades-long experience as sole business owners. Among our advice:

  1. Think about printing, email and sharing files and the IT services that will be needed to support that activity. Be careful about SaaS services such as Dropbox; if users aren’t trained property they could expose your corporate data unintentionally.
  2. Make sure your infosec is up to par. A VPN isn’t just the only thing you need to worry about it. Is your home router secured with an appropriate password? Do you encrypt your network traffic across the Internet? Has your laptop been screened for malware? These and other questions need to be addressed before rolling out any work-from-home solution.
  3. Does your staff have the right tools? Just because everyone has a laptop doesn’t mean anything, particularly they’re used to having multiple monitors and great audio/video gear. You may have to purchase additional accessories to make your staff productive.
  4. Make sure your staff has a separate workspace that is isolated from the rest of the house. You want to minimize distractions and unplanned family “visits” during the workday.
  5. Get a good mic (I use the Blue Snowball, Paul uses a Logitech wireless). You should be able to get something decent for $50-$100.
  6. Standardize on a video conferencing supplier (we both like Zoom at the moment, although there are privacy issues you might want to consider) and make sure all your gear provides solid audio quality when you use it.
  7. Make sure your home bandwidth is sufficient. Pay attention to upload speeds, because these can impact your latency and video quality.
  8. Learn new video conferencing etiquette, review our previous podcast on some of our tips here.
  9. Set up a shared scheduling tool for everyone to use and standardize on a corporate instant messaging tool, too.

Listen to our 15 min. podcast now:

Taxing cryptocurrency transactions

For the past several years, I have prepared my taxes using the H&R Block software. This year I noticed something different, a series of questions about any cryptocurrency holdings and transactions. Ruh-oh, I thought to myself, those crypto-chickens have come home to roost. The IRS wants its tribute.

Actually, the IRS has had some ruling on cryptocurrencies for several years, but last fall wrote some new guidelines that have clarified some things and made others more confusing. One of the pitches I recently got from a PR person started off with this line: “The IRS is cracking down on properly reporting taxable crypto transactions, even going as far as issuing tens of thousands of audits.” It was time to get some advice, so I asked my accountant, who does my business tax filings, what was up.

She told me that “Tens of thousands of audits is probably an exaggeration – as they don’t have the manpower. What is probably more likely is that they have sent out many letters to taxpayers” asking for clarification. But not full-blown audits. The Next Web reported last summer that taxpayers got these letters and some were told they owed thousands of dollars in back taxes.

The form that the IRS requires is called a 1099-K, which is what my tax software was trying to figure out if I needed filing. “The IRS has used 1099-K information in audits – although they had at one time said they wouldn’t. I haven’t seen a crypto audit based on a 1099-K. The important thing is – if you have cryptocurrency, do keep track of it. Do  report to the IRS your sales if you’re using it as an investment. And do report your income from it if you’re using it for business. If you have crypto transactions showing up on a 1099-K just make sure you can document what the transaction is.” Some of the coin exchanges now automatically generate an annual 1099-K form, like your mutual fund or IRA operator.

But the problem that isn’t yet solved by the IRS is what happens when your coin account forks because the developers have a food fight and split into two separate coins. This creates what the IRS calls a taxable event and “That means that anyone who forks a blockchain can, without warning or notice, create new tax obligations for every holder of coins on the old chain,” says one coin news site. The taxpayer holding the coin hasn’t done anything to acquire this new asset. That isn’t great, but I think it is somewhat analogous to holding shares in a pre-IPO company. When such a company goes public, those shares are now worth something and that is a taxable event that is outside the control over the taxpayer. Many of you know exactly this situation, and had to sell off your shares to pay the feds during that particular year.

So make sure if you have significant holdings in crypto, you track it when you bought it — or when you got it as payment for services rendered — and when you traded it in for hard currency.

“People don’t seem to realize that Bitcoin was designed as an immutable evidence trail. It is anything but an anonymous system,” says Craig Wright in his blog post here. “If we want to be treated like adults, we need to start acting in such a way and understand that we live in a world of rules.” I agree.

Yep, I got cancer

Last week I got my biopsy results back and yep, I got prostate cancer. I know — “the good cancer” or “the one cancer to get” or “very slow moving and curable cancer.” 

But it still is cancer. Or CANCER, which is how I and many of us think about it. It is larger than life itself. Here is a brief introduction to my journey.I was going to say that it all began last May, when I got my PSA results that “something was wrong.” Actually, that timeline isn’t completely true. I should go back further in time, when I wasn’t able to control my urine one night. I will spare you the details for now. I was so ashamed of myself. What is happening to me? Did I have too much to drink? Was I losing control over my bladder? Was I becoming an “old man?”

Well, yes to all above. But it turns out that my prostate is ginormous. I didn’t know that at the time, at least not until last May, when I got my PSA and got checked physically. I will spare you those details here. But that just meant more tests, starting with more PSAs.
These were high but not consistently higher and certainly not as high as I have seen elsewhere in conversations with friends and associates. That meant another blood test called 4K, which also confirmed that I had a higher-than-normal result. Next stop on the diagnostic train: a MRI. That happened in January. The scan didn’t find any cancerous lesions, which meant that if I had cancer it was going to be hard to find.That meant my next step was a biopsy. My doctor took ten samples, four came back with cancer. It turns out that have a little bit of it, I can wait a few months to figure out what I need to do, but I definitely need to do something. That officially began the “end of denial” period for me.

Denial is a great management tool: I see this all the time in the IT world where managers deny that they will be a hacking target, or that their aging Windows 7 infrastructure will be the digital equivalent of a welcome mat and punching bag. But when it comes to cancer, you have to make the move at some point from denial to action. Writing this blog officially marks my transition.

Why I am I telling you this? When I wrote a few years ago about my first hearing aid, I got a lot of feedback and encouragement about sharing my story. So it seems like here we go again, into the medical/industrial complex.
I have come to realize that my newly minted membership into Cancer Fight Club means that I have to operate with different rules than regular Fight Club. If you haven’t seen the movie you probably still know the first (and second) rule of Fight Club is not to tell anyone about the club’s existence. Well, Cancer Fight Club turns this (and some of the other rules) on their head: tell everyone you know you have cancer. Don’t keep it to yourself. So here we are.
I have already written a bunch of posts on a CaringBridge journal and you are welcome to send me a request for access, or to share your own cancer journey here (in public) or via a private email if you’d like. And thanks for your support.

Becoming a digital vagabond? Here are ways to be secure

A friend of mine is nearing retirement and thinking about spending some extended time living and working abroad. He has a few years to plan how to manage this transition, and asked for my advice. Here are a few recommendations on gear, process, and managing his security. In the past year I have been to London, Prague and Israel, so I have some ideas. I also asked some long-time fellow vagabonds to help provide some guidance based on their own experiences.

Your phone. At the heart of your communications is going to be your smartphone. My recommendation is to have at least one country-based SIM card when you travel, which is what I do when I am abroad. The issue is that some countries can recognize others’ cards, and some can’t. If you have a European cell plan, you can easily roam around the entire continent. For those of us from the States, we can use the GiffGaff SIM — it works really well there and it is very inexpensive. Another recommendation is to limit your use of voice minutes, and get the biggest data plan that you can afford for the period of time that you will be traveling. If you are going to be someplace for a month or longer, you should consider buying the SIM when you arrive, as you often can get the best deals at a local drugstore or supermarket.

The issue is whether to have an Android or an Apple one. I am biased towards Apple. Do you need to buy the latest and greatest iPhone model? No, and lately the American cellular carriers are offering all sorts of discounted (and sometimes free) phones if you agree to a two year contract on an older iPhone, such as the iPhone 8.  One issue with using different SIMs on an iPhone is that it can mess up iMessage and deregister your American phone number from your iCloud account. A way to avoid this is to start originating your iMessages from your iCloud account instead of from your phone number.

If you are an Android fan, I would stick with Samsung, because they have updated their phones’ security software. Avoid other Androids, because they are so easily compromised: all it takes is downloading a phony app, or clicking on a phished email. You might say that you will pay careful attention and not download anything, but it is just human nature.

What about getting a dual SIM card phone such as the iPhone XR or Samsung Galaxy S10? I don’t think this feature is worth it, especially as these tend to be the more pricey phones. They also don’t really have two physical SIM sockets, so you will have to make use of a virtual or eSIM, which adds another layer of complexity and compatibility. Many non-US carriers offer free inbound calling from US numbers anyway. 

Your American cell provider. Reading articles about SIM attacks such as this one on c|net, I think the best US carrier for secure international use is T-Mobile. It also has a very flexible travel plan. This doesn’t mean that it works everywhere, and you should map your planned route with its coverage area, otherwise you will run up a nasty roaming bill in those unsupported places.

You should definitely add a wireless PIN to your online cellular account. Depending on how long you will be out of the USA, you might be able to get by without having any American cellular account. Given that there are so many data-based voice apps (WhatsApp, Skype, Viber, Facetime), you probably can limit your actual voice calls anyway. For example, WhatsApp seems to be the app of choice that many AirBnB owners use to get in touch with you, and in Israel it is really the main communications tool among locals.  

Google Fi also has some interesting plans, especially for international travel, and has expanded their geographic coverage. If they offer service in the countries that you intend to be in, then give them consideration. They also might work better on Android models. One of my friends uses this and finds it very handy: “I can touch down in 170 countries and immediately have data access plus have coverage for when I’m in the States. I cannot stress enough how important it’s been to have data when I land somewhere for both safety and convenience. When I’m able to respond to messages at touchdown and get an Uber from the airport without needing to hope there’s Wifi it’s been a genuine lifesaver.” That reminds me when I was in London for a few days and just had Wifi coverage: I had to run back and forth between the terminal and the car park and almost missed my ride because the garage had no coverage. 

One other recommendation for navigation is the mobile app You can easily prepare digital maps and download them to your phone in situations where you don’t have decent data coverage. One downside is that the maps are in their native language.

Your American banking provider. If you take a look at the twofactorauth site, you can see that Capital One, HSBC and USAA all support phone authentication apps. There may be others — my friend pointed out that his local credit union also now supports the Google Authenticator app. Now I know that changing banking providers is painful, but if you are planning this in advance you might as well start now and choose one of them that supports one of the auth apps. Also, if you haven’t gotten a Yubikey or a Google Titan key, you might want to purchase one of these as well. 

While supporting the local credit union has some appeal, you want a bank that has a larger footprint, and is able to make deposits and withdrawals from overseas ATMs with minimum fees. If you are going to be sticking around in one place for several months, you might want to open up a local account, and then consult the twofactorauth website to see if there is a bank that offers additional authentication support. 

Speaking of other accounts, I have been experimenting with the mobile app Revolut. It makes it easy and inexpensive to move money around the world. You can use the app to find low-fee ATMs and hold funds in multiple currencies.

What other accounts do you have that handle money transactions? Amazon, for example, is an obvious one. But you might have set up accounts for bitcoins that you have forgotten about, or other online merchants that you do business with. You should use this time to flag them and if they don’t have an authentication app option, delete them. I had set up a email account back in the early days, and had about 100 contacts on this account. When Yahoo got breached, that account was compromised. I had forgotten about this account and its contents. It didn’t help matters that Yahoo made it difficult to completely delete it too. 

Harden all of your passwords. If you don’t use a password manager, now is the time to get on board with one of them and start changing your passwords to something more complex, and of course unique. Watch yourself and take note when you create a new online account and let the password manager take over – rather than typing in one of your old standbys. I use Lastpass, but there are others that are just as good. Should you be concerned about storing your entire password collection in the cloud? Yes, but the better password managers also use authentication apps to secure your master password, so make sure you use this option. BTW, you should not store your passwords in any of your browsers. This is because if you cross an international border, you might have to unlock your phone at the checkpoint. This also means that you should sign out of all your email and other sensitive accounts when you reach a customs barrier, especially when entering and leaving the USA.

What online accounts use your present cell phone number as part of your identity? This is a lot harder to figure out, even with your password manager. Facebook and Twitter are the biggest issues here. I don’t think you can easily change your cell attached to your account, but if you can you should set up Google Voice as a phone number for use just in authentications. It will forward both voice and texts to your “regular” cellular number too. One issue: you can’t use both Google Voice and Google Fi on the same account. 

Laptop physical security. I got a “disposable” – meaning cheap – laptop so I don’t have to worry about it being stolen when I travel. But when you are living somewhere else, you might have to rethink this. How can you travel with your data without worrying that something will happen to your laptop if it is all on your computer? I have heard that thieves in Silicon Valley are going around with Bluetooth scanners looking for laptops in cars. It is only a matter of time before this catches on elsewhere. This means you might want to consider either a laptop with a removable hard drive, or else keep everything in the cloud with a Chromebook.  

How about a VPN? I use ProtonVPN, made by the same folks that do ProtonMail. The basic free version is fine. One issue, though: when transiting some airports and staying at some hotels, you have to turn it off in order to connect to the venue’s WiFi hotspot web portals. The nice thing about this VPN is that you can use it on both your phone and laptop. The paid versions have fancier features, such as being able to pick an originating network.

Thanks to Paul, Bryan and Joel for their help with this article. Feel free to share your own digital nomadic experiences in the comments here. And good luck with your travels!

Celebrating data privacy day should be everyday

Are you familiar with the term dark patterns? You probably are if you do any online shopping. The term has been in use in the UX world for a decade and refers to a design choice that makes a user decide on something that they might not have otherwise chosen, such as adding a product to a shopping cart that wasn’t selected, running a deal countdown clock, or warning that a product you are thinking about buying is running low in inventory. These are also called nudging, where the website designer places the preferred answer in larger font or bigger icons such as the image below.

Last fall a group of academic researchers found more than 1,800 instances of dark pattern usage on 1,254 websites, which likely represents a low estimate. Many of these websites had pretty deceptive practices.

Dark patterns are just the latest salvo in the attempt to keep our privacy private. An article posted over the weekend in the New York Times documents the decline of this notion. “We have imagined that we can choose our degree of privacy with an individual calculation in which a bit of personal information is traded for valued services — a reasonable quid pro quo,” writes the author, Shoshana Zuboff. “We thought that we search Google, but now we understand that Google searches us. We assumed that we use social media to connect, but we learned that connection is how social media uses us.” Our digital privacy is now very much a publicly traded service. Zuboff’s study of this erosion of privacy is just in time to honor this year’s Data Privacy Day. She mentions a series of examples, such as Delta Airlines’ use of facial recognition software at several airports to shave seconds off of passenger boarding times, with almost everyone opting in without nary a complaint.

The other news item in time for DPD is the UK’s Information Commissioner’s Office (ICO) recent publication of a series of design guidelines called Age Appropriate Design Code to help children’s privacy and online safety. Let’s discuss what they are trying to do, what some of the issues are with enforcing their guidelines, and what this all has to do with dark patterns.

The ICO rules haven’t yet been adopted by Parliament – that is several months away if all goes well, and longer if it turns into another Brexit debacle. And that is the crux of the problem: “Companies are notoriously bad at self-regulating these things. Guidance is great, but if it’s not mandatory, it doesn’t mean much’” says my go-to UX expert, Danielle Cooley. And Techcrunch likens this to the ICO saying, “Are you feeling lucky data punk? How comprehensive the touted ‘child protections’ will end up being remains to be seen.”

Cooley gives the ICO props for moving things along – which is more than we can say for any US-based organization. “It is a step in the right direction and a good starting point for other government entities, much like GDPR was for motivating California to pass their own privacy legislation. However, there is really no way to enforce much of this and there are multiple ways around it too.” She gives the example of American alcohol manufacturers that prohibit people under 21 from entering their websites. Can they really stop a minor from clicking through the age screen? Not really. “At least, the ICO addresses dark patterns and nudging.” One point Cooley makes is proving the opposite of dark patterns is a lot harder to do, and few analysts have done any research.

The ICO has specific examples of nudging, which “could encourage children to provide more personal data than they would otherwise volunteer.” There is a total of 15 different categories of guidelines, ranging from transparency, dealing with default setting and data sharing, and parental controls. The rules are for all children under the age of 18, which is a wider scope than existing UK and US data protection laws that generally stop at age 13. It is extensive and mostly well thought out and applies to a wide collection of online services, including gaming, social media platforms and streaming services as well as ecommerce sites.

Another plus for the ICO rules is how it adopts a risk-based approach to ensure that the rules are effectively applied. However, while that sounds good in theory, it might prove difficult in practice. For example, let’s say you want to verify the age of a website visitor. Do you have one version of your site for really young kids, while another for teens? Exactly how can you implement this? I don’t know either.

Naturally, the tech industry is not happy with this effort, saying they were too onerous, vague and broad. Like GDPR, they apply to every online business, regardless of whether they are based in the UK or elsewhere. The industry reps do have something of a point. What is interesting about the ICO rules is how it places the best interest of children above the bottom lines of the tech vendors and site operators. That is going to be hard to pull off, even if the rules are passed into law and the threat of fines (four percent of total annual worldwide revenue) are levied.

The UK tech policy expert Heather Burns wrote an extensive critique of the ICO draft rules last summer (while there have been some changes with the final draft, most of her issues remain relevant), calling it “one of the worst proposals on internet legislation I’ve ever seen.” The draft proposed a catch-22 situation: to find out if kids are accessing a service, administrators would be required to collect personally identifiable data about all users and site usage, precisely the sort of thing that the ICO, as a privacy regulator, should be dissuading companies from doing. Another issue is that the ICO rules, which were written to target U.S. social media giants, could be onerous for UK domestic startups and SMEs, at a time when many are considering their post-Brexit options. “If the goal of the draft code is to trigger an exodus of tech businesses and investment, it will succeed,” she writes. Additionally, no economic impact assessment of the proposals, as is required for UK legislation, was conducted.

Her section-by-section analysis is well worth studying. For example, she wrote that the draft proposal associated “the use of location data with abduction, physical and mental abuse, sexual abuse and trafficking. This hysteria could lead to young adults being infantilised under rules prepared for toddlers; rules which could, for example, ban them from being able to use a car share app to get home because it uses geolocation data.”

Only time will tell whether the ICO rules are helpful or hurting things. And in the meantime, think about how you can do something today that will help your overall data privacy for the rest of the year. Ideally, you should celebrate your data privacy 24/7.Instead, we seem to note its diminishment, year after year.

How theme park technologies have helped museums: a case study of the new St. Louis Aquarium

I am a big patron of museums. I go to many of them and try to fit in a visit whenever I am out of town. But what I have seen lately is how they have begun to use the same technologies that entertainment companies have been perfecting for movies and theme park rides, all in the interest of capturing more visitors and increasing visitor engagement. I think this a positive development, and this blog explains its evolution and why it is welcomed.

I have written about this trend before: once for the NY Times when I visited the Lincoln museum in Springfield Ill. back in 2008, and once for HPE’s blog posted two years ago. In those posts, I talk about how the best museum designers combine exhibits involving non-visual senses (not just reading some text plastered on the wall) and using technologies such as RFID and touchscreens to personalize the visit. (I’ll talk about these in a moment.)

You might call this when museums become theme parks. And while this isn’t quite as dire as this might sound, it does show how hard museums have to work to gain notice in this Snapchat world where attentions can shift in a matter of seconds. It also shows how the technology developed for the theme parks (including higher-definition video, complex theatrical control systems and the like) can be deployed in ways to improve learning and make the visits more memorable. These technologies can also help those of us that want to learn more and take a deeper dive into what is being shown in the museum.

I got a preview of the latest example with a new aquarium here in St. Louis that will open next week. The aquarium is part of a major redevelopment of our Union Station, a building that hasn’t seen any scheduled passenger service for many decades and is more than 100 years old. When I moved here more than ten years ago, the building contained a shop-worn mall that had lost its luster. Then a few years ago it began to be redeveloped by its current owner, Lodging Hospitality Management (LHM). That company continued its adaptive reuse with various entertainment improvements: besides the aquarium, there is a Ferris Wheel, new restaurants and an indoor ropes course.

But just saying we have a new aquarium isn’t really doing the place justice. It is probably the most technologically advanced aquarium that I have seen. Its use of technology is done so elegantly that you may not really notice it as you drag your brood through the place, looking at the tanks and the sea life. A preview of what you can see in its tanks is linked here. (There is also this story on a local TV station here.) Let’s stop in and see what is going on.

First is using the latest high-def video in interesting ways. When you first enter the complex, you are in a soaring grand lobby that appears to be sitting at the bottom of a tank, as waves of water wash over you. The wall you are facing has loads of gears and a huge analog clock face, which plays off on that you are located inside a former train station. You then realize that you are looking at various video screens, and some very nice ones at that. The screens are delivering twice 4k resolution. That grabbed my attention. According to Andrew Schumacher, the main architectural designer at PGAV Destinations that lead the project, they spec’ed out the lobby ceiling with projection video three years ago when they first began. “But then LED technology became a better solution, so we made that change.” It is certainly stunning.

PGAV Destinations is based in St. Louis and has been designing various attractions for more than 50 years. They have created exhibits for the Atlanta Aquarium, including building a new shark tank for them. They were excited about creating an entire aquarium from scratch, and were challenged by LHM to incorporate technology in interesting pedagogical ways that combined both “high tech and high touch,” according to Schumacher. I think they have succeeded quite well. When you think about their design challenge, they have to meet three different goals:

  • First, the animal or fish has to be comfortable in its habitat.
  • Second, the keepers have to be able to do their jobs, feed the critters, and maintain the tanks.
  • Finally, the guests have to have something interesting to see.

Balancing these three goals isn’t easy, and given that each animal is unique and that the aquarium has more than 13,000 different “residents,” that adds to the complexity. And the trick is making sure that in the future we still have all of these residents alive and well.

But it isn’t just having tech for tech’s sake. The designers wanted to “bring the visitor into the story, something we learned from Disney and other theme parks,” said Ben Davis, the CTO of MoonDog Animation Studio in Charleston SC. This means you have to craft a compelling story from the moment you purchase your ticket to when you inevitably exit through the gift shop. I think they have succeeded. MoonDog designed the stories that are used throughout the aquarium, something they have done for other cultural institutions. “We were trying to get the aquarium to talk back to you, to bring you an emotional experience and keep you in a state of awe,” he told me. I agree completely. This isn’t your grandfather’s fish tank.

Once we leave the lobby, we then move into what appears to be a mockup of a train car. Instead of the windows on the sides and ceiling of the car, you have additional video screens that take you on the start of your journey to the wonders of the rivers and oceans around you. Once you exit the train car, there are six different major galleries to explore that are defined by various ecosystems, including one that covers the nearby confluence of the Missouri and Mississippi Rivers.

Smart Monkey’s ISAAC show control system runs the screens in this and other areas at the aquarium. You can see this company’s work to operate the media installations such as at the Bradley LAX international terminal (shown here) and at numerous museums around the world, including the Shedd Aquarium in Chicago, the US Mint in Philadelphia, and exhibits at the Kennedy Space Center. This makes it easy to coordinate and operate all the various digital media and to program some very sophisticated special effects.

The ISAAC system at the aquarium is running seven VMs and contains all the digital media assets for the place, along with housing a scheduling system and various databases and workspaces. The key, as explained to me by their director of technology Mitch Schuh, is to enable the graphic and exhibit designers to have tools to make it easier to realize their vision, without having to worry about the underlying networks, servers and other infrastructure. The system also has an active-active failover, in case one system goes down. All of this can be managed remotely via a web portal too, so the aquarium systems can be operated anywhere in the world. “I can think of several cases during the construction of the exhibits where we were able to make quick decisions and adjust show runtimes and make other changes on the fly,” said Schuh. “These would have taken a lot more time and effort without Isaac.”

Besides all the HD TVs, there are also touchscreen kiosks. They are popping up at many museums. The aquarium has them sprinkled throughout its galleries, and they are set in an attractive steampunk-like setup. Why steampunk? This is because the designers wanted to evoke what early 1900s-era train travel was like, paying homage to the early days of the station. These screens can provide a simulated 3D display of the sea life you are looking at, along with a map showing you where you are located and other data such as diet and habitat that can help amplify your visit and provide more context about what you are seeing in the tanks. They are also used to support a personalized game designed for kids visiting the museum. (More on that in a moment.)

Second is its use of music and sound and lighting effects. In my walkthrough I met Michael Gleason, the head composer, who told me that he had written more than 75 minutes of music that will play in different galleries and for different situations. That is more than many feature films have and is indicative of the sensory experience they are aiming towards. But it isn’t just the sound effects, but its combination with theatrical lighting too. I first saw this in the Lincoln museum, but the lighting is used in our aquarium in more clever ways to amplify the music you are hearing and what is swimming in the tanks in front of you. These digital assets are part of what the Isaac show control systems are managing.

Next is animation along with virtual/augmented reality. One of the exhibits is the three otters that live there, and of course they are named Thatcher, Sawyer and Finn. There is another animated one called Tommy that you can interact with is manipulated via computers. This was created by the folks at Groove Jones.  Tommy is next to the same gallery where you can see the real ones swimming around. The human operator has cameras to judge the audience response and answer their live questions. Like the Wizard of Oz, the operator is manipulating the controls in a hidden booth. There is also a sandbar touch tank that has a layer of projected video on it, making it more enticing and interactive for the visitors. The goal here is to engage the visitor and have them literally get their hands wet exploring the life aquatic.

Personalization is also a big plus. When I visited the Chopin museum in Warsaw, we got a RFID tag that would allow us to hear the content in our language of choice, along with further personalization depending on our age and musical sophistication. Museums are getting smarter about making these visits more personal. A good example of this can be found at Atlanta’s College Football Hall of Fame. When you purchase your ticket, you get a lanyard with an RFID chip that is set to a particular team and player. As you move around the museum, you see statistics that are filtered which are relevant to that player. At the aquarium, children get RFID cards that are age-matched and allow them to participate in a scavenger hunt and knowledge quizzes with results that get posted to their profiles.

Sometimes the personalization doesn’t have to be too high-tech: if you visit one of the Titanic Museums in either Branson or Vegas you will be given a random paper “passport” to allow you to assume the identity of one of the passengers. You get to find out where that passenger lived aboard the ship and whether they survived the accident.

We have come a long way since museums started using AcoustiGuide technology to play recordings of their curators explain their collections to us. MoonDog’s Davis sees one way to make this tech more location-sensitive, to further increase personalization and as a way that it could be driven by an ISAAC or other show-control system. He sees that movie producers and museum curators are converging, so that visitors can create their own stories with their visits.

There is a fine line between putting so much sensory information in a museum that it can overwhelm and defeat its purpose of improving the visitor’s experience. You do want to leave time for visitors to think about what they are seeing and hearing and feeling. While I am excited to see these other, non-visual, elements appear, I do understand that you need to integrate them carefully and ensure that you aren’t becoming a theme park version of the museum. I welcome your own thoughts about this. Please share other examples of museums or places that you have been that have resonated with you in the comments.

How tech can help eldercare quality of life

If you are supporting an elderly member of your family, you might be interested in a collection of home tech devices that can help extend their ability to live more independently. We all need help as we get older, and I write this column based on the experience of my family and caring for my 95 year-old mother-in-law.

She has been living independently for the past 18 months using these three technologies:

  • Hero automated pill dispenser (It now costs at least $30 per month with a $100 initial purchase and 12-month commitment. There are other plans that cost more and provide additional monitoring and support.)
  • BlipCare BP blood pressure monitor (We bought it on Amazon for $159, although it currently is no longer being sold there.)
  • And an Amazon Alexa Show 5 ($89) or 8 (for $129) (These are list prices and are discounted heavily for various promotions.)

The three devices allow us to ensure we can reliably dispense her meds, take her blood pressure, and talk to her when we aren’t able to visit. I’ll explain the limitations and decisions behind each piece of technology. When we brought all this gear into the facility, the medical staff was impressed and also unfamiliar with each of them, which motivated my purpose in writing this column. Note that my mother-in-law lives independently in an eldercare facility, although step-up care is available in other parts of her building. This is a common arrangement.

Each device works with its own smartphone app to setup, but not to use: that is an important distinction as my mother-in-law doesn’t have a smartphone. They also all require decent Wifi service in her room, which could be an issue in some facilities. (This means that you should test the signal strength in your family member’s room ahead of time.) All three units sit nestled together on her desk, which is also important, and I will get to why in a moment.

The Alexa Show is a voice-activated home hub device, similar to what Google and Apple sell with one difference: it has a very simple video conferencing setup. The video screen (either five or eight inches on the diagonal) is critical, because it allows us to “drop in” on her and have a video chat, see what she is doing. This is critical during the pill-taking and blood pressure processes, which is why all three devices are near each other on her desk, and also used to contact her in case we can’t reach her on her cell phone. And it helps that the Alexa show is very simple to use. You do need a smartphone app to make the call. A second benefit of the Alexa-brand of devices is that they have a better event notification process. That is useful for verbal reminders of daily events. Other home hubs, such as from Apple or Google, aren’t as convenient or as capable in this regard.  (Also, Facebook has its Portal, but I haven’t tried it out yet.) BTW, we have had mixed success with her giving Alexa voice commands. You might want to try out one of these devices in your own home with your elderly family member and see how it goes.

The Blipcare device is a bit quirky to setup. It uses its own web server and has alarmingly lax security, but what is nice is that you don’t need anything else to record her blood pressure once you get it working. Results are automatically posted within a few minutes to a special dashboard webpage that family members can check periodically and also share with doctors. If you have two family members to care for, it can track their stats separately.

Finally, the Hero device is used to dispense her pills. It needs to be periodically loaded with them, of course, but it is basically very simple to use: my mother-in-law just presses a button, and the pills drop down into a cup, similar to how a soda machine dispenses its product.  You set up a schedule and which pills get dispensed when.

The notion of having these three devices is to postpone having nursing care or other options for my mother-in-law. While these devices aren’t cheap, using them for several months can have a big payback given what the step-up nursing care charges would be. And they also offer a sense of security for our family. While for our situation the devices involve us in her care, your own family situation might not make this possible or desirable. And like any home tech, you have to be prepared to do some tech support to handle problems.

BTW, I have been using a different device to monitor my own blood pressure, the Qardio Arm ($99). It requires a bluetooth connection to a smartphone to post its results and is somewhat difficult for an elderly person to put over their arm and get it aligned in just the right spot for accurate measurements. I have been using one for many years. And although have had to replace two of the devices, the company quite willingly sent me these replacements at no charge.

Feel free to share your own eldercare tech solutions here.