Tag Archives: Privacy

About privacy issues in general, and Kerika’s approach to privacy in particular.

A change to our Privacy Policy

We have updated our Privacy Policy because we have decided to use Microsoft Clarity, at least on an experimental basis, to understand better how visitors navigate our website.

Microsoft Clarity uses cookies (see here for more details), and you can reject or block them if you want; it won’t affect your use of the website or the app.

We have a lot of different website pages, but we still need a better understanding of how people actually view them, and which parts seem to be most important to our users.

Google Analytics provides some of that information, but not enough, and it looks like Microsoft Clarity will help us optimize our website content.

Let us know if you have any questions or concerns.

Managing the privacy of your Kerika boards

Kerika offers a great deal of control over how each board is shared:

  1. A board can be made public to everyone.  This makes sense for open-source projects and many nonprofit and advocacy groups, where the goal is to get maximum visibility and publicity rather than to hide the details of what the project is about.

    Making a board public means that anyone who has the URL of the board can view it, even people who are not Kerika users.  Note: we are talking about viewing the board; viewing doesn’t mean anyone who isn’t part of the board team can make changes.

    If a board is viewable by the public, it can be found by anyone using Kerika’s search function.

  2. A board can be viewable by everyone who is part of the account team. This is the default setting, and it makes a lot of sense for most organizations: you want your coworkers to be aware of what your team is doing, unless the project is particularly sensitive.

    An account team consists of everyone who is a Team Member or Visitor on any board owned by the account.

    As people get added to individual boards, they are also automatically added to the account team.  When someone is removed from every board owned by an account, they are automatically removed from the account team as well.

    As with public boards, described above, we are talking only about viewing, not changing: only people who are Board Admins or Team Members on a particular board’s team can make any changes to that board. (And, of course, the Account Owner who owns the board.)
    If you use Kerika’s search function, you can find boards that are being shared with the account team, provided you are part of that particular account team.

  3. A board can be kept private.  This means that only the people who are listed on the board’s team — as a Board Admin, Team Member or Visitor — can view the board.  (And, of course, the Account Owner who owns the board.)

    This is appropriate for any sensitive projects, e.g. stuff related to personnel matters or confidential contracts.

    Private boards can’t be found by Kerika’s search function either, and it doesn’t matter if you know the URL for the board: only the specific people listed on the board team can see anything related to that board.

For each board owned by an account, the Account Owner or Board Admins can manage the board’s team: decide who is part of the team, and what sort of role (Board Admin, Team Member, or Visitor) each person has.

  • Board Admins and Team Members can make changes to all the items on the board, including any documents attached to the board.
  • Visitors have read-only access to the board and all its documents.
  • A person’s role can be changed at any time by the Board Admin or Account Owner: the effect is immediate, and extends to all the documents associated with the board as well regardless of whether you are using Google or Box for your file storage, or whether you are storing your files with Kerika.

A board’s team and current privacy settings can be viewed by clicking on the Team button that appears on the top-right of the Kerika app, when viewing a board:

Board Team button
Board Team button

Clicking on this button brings up the Board Team dialog:

Board Team dialog
Board Team dialog

Each person who is part of the Board Team is listed in this dialog, in alphabetical order along with their role.

At the bottom of the dialog is the board’s current privacy setting: in the example shown above, the board is being shared with everyone who is part of this user’s account team. (We have obscured the URL in the screenshot for security reasons.)

If you are a Board Admin or the Account Owner, you can change the privacy of the board using the Change Privacy link that’s shown on the bottom of the dialog:

Board Privacy options
Board Privacy options

So, every board can have it’s own privacy settings: private, shared with account team, or public.

When you are viewing the boards in an account, Kerika shows clearly what the privacy setting is for each board:

Privacy settings, at a glance
Privacy settings, at a glance

If you are part of someone’s account, you will be able to create new boards in that account: you will automatically be a Board Admin on those new boards, but the owner will always be the account you are working in.

You can set your privacy preferences for each account; this will determine whether new boards you create are automatically shared with your coworkers or not:

Privacy preferences
Privacy preferences

All your preferences can be set at https://kerika.com/preferences.  The default setting is Share with Account Team, which works well for most people, most of the time.

 

Rewriting our Privacy Policy

We recently rewrote our Privacy Policy to be more conformant with GDPR, the European regulation on privacy protections for their citizens.

There are no substantive changes: our old Privacy Policy was already very pro-privacy and pro-user, but the language and format has been changed to follow what appears to be the common standard for GDPR-compliant policies.

 

Visitors can view chat on public boards

Some of our users are working on open-source, advocacy, or volunteering projects, and for these people privacy is less important than publicity: rather than hide their work, they would prefer to have as many people as possible view it, in real-time, so they can build momentum for their initiatives.

Here’s an example of a public board:

Example of public board
Example of public board

We have always accommodated such users, by offering an Anyone with link option that Board Admins can use to make their boards accessible by anyone who has the URL of that board, even if they aren’t Kerika users:

Making boards public
Making boards public

When a board is made public, all the files attached to and all the chat as well can be viewed by anyone.

As with any other Visitors, members of the public cannot make any changes.

Our latest improvement to this public boards feature has been to make the chat also viewable by anyone who has the URL of the board.

Note: a Board Admin can change their mind at any time, and revert a public board back to one that’s restricted to the board team or account team.

 

When Facebook tries to stalk your business

Every couple of weeks I get email from Facebook along these lines:

 

Yup, Facebook is stalking me.

In its remorseless scanning of everyone’s private information, Facebook has figured out a personal phone number for me, and now it is “helpfully” trying to make that a public piece of information by associating it with my company instead.

And it’s not just phone numbers: Facebook tries repeatedly to associate my home address with my company’s page as well, because, you know, it would suck if any part of the Internet were “inaccurate or out of date.”

I guess I should feel flattered that I am as worthy of stalking as the best B-list celebrity, but there’s also the incompetence common to any creep who thinks he can safely hide in the bushes.

Clicking through on the “Review Page Info” link always lands me on an dead-end page:

 

Let’s all sing along…

If there’s a bustle in your hedgerow, don’t be alarmed now,

It’s just a spring clean for the May queen.

Yes, there are two paths you can go by, but in the long run

There’s still time to change the road you’re on.

And it makes me wonder.

By the way, I learned to program in 1978, so I can tell by now when someone writes crappy code. Facebook does.

Tracking Kerika users

If you use Ghostery (which is a pretty cool browser plug-in, by the way), it’s easy to see which “trackers” are being used by a website.

The only tracker that Kerika uses is Google Analytics:

Trackers on kerika.com
Trackers on kerika.com

Google Analytics is a free service from Google that we use to get a general understanding of who visits Kerika.com, from where, and using which kinds of browsers.

For example, Google Analytics tells us that an amazing 98.27% of all visitors to Kerika.com use the Chrome browser: this is way above the general market share for Chrome, which is about 29.15%!

And that’s the only tracker you will find on Kerika.

Here, by way of contrast, are what news sites like the New York Times and CNN use in terms of trackers:

Trackers on nytimes.com
Trackers on nytimes.com: 11 in total
Trackers on cnn.com
Trackers on cnn.com: 18 in total

Snacking on our cookies

Ever wonder how many cookies Kerika sets when you are logged in, and why?

Here’s the answer:

Kerika's cookies
Kerika’s cookies

The first cookie, called “BAYEUX_BROWSER”, relates to our use of the CometD communications protocol for ensuring that you always get real-time updates whenever you are looking at any Kerika board, no matter which browser you are using.

CometD leverages WebSocket when it can (because it’s the most efficient web messaging protocol), and makes use of an Ajax push technology pattern known as Comet when using HTTP.  Most modern browsers support WebSocket, but we still have some older versions of Internet Explorer out there that don’t support WebSocket.  This cookie helps us track whether your browser supports WebSocket or not.

The next couple of cookies are used simply to keep track of your Kerika session.

The fourth cookie, “i18next”, is really not used much right now, but we hope to make greater use of it in the future.

Right now Kerika is available only in English, but the code was always written to make it easy for us to create versions in other languages, e.g. Spanish, Chinese, etc.  This process is called “internationalization”, and is usually abbreviated as “i18n” by us nerds.

The last two cookies, “last-selected-auth-service” and “tabs”, are used to remember what you were last doing when you were logged into Kerika on that computer: when you log back in, after having logged out, these two cookies help us restore your view of Kerika to exactly where you left off.

As it says on our website, we are committed to transparency, so now you know everything about our cookies.

Want to learn more? Check out our privacy policy.

Making projects viewable by the public: a new Kerika feature

Most users work on private projects: i.e. projects that are accessible only to people added to the project team.

But some folks find it useful to have their projects viewable by everyone, typically because they are working on nonprofit causes, like WIKISPEED.

WIKISPEED publicizes its projects because it helps attract new volunteers to their cause, and this is actually a pretty smart way for nonprofits to showcase their work.

Kerika has always had an option for people to have all their projects made viewable by the public, but even nonprofits, for example, may have some Kerika boards that they don’t want to share with the rest of the world.

Well, with our newest release, it is possible for the Project Leader (or Account Owner) to make individual projects open to the public to view.

A project can be easily switched from Private to Public, and back again, using the Project Info button that’s available on the top-right of every Kerika board:

Privacy
Privacy

The privacy choices are as follows:

  • Only the project team can access: this is the default setting, and it means that unless people are added to the project team, they won’t be able to view it — or even find it using the Search function.
  • Anyone, anywhere can view: this means the project is “public” — it can be found through search, and anyone who knows the URL of the project can view it. (But, they still won’t be able to make changes.)

When a project is made Public, all the documents contained within it — on all the cards and canvases that make up that board — are also made viewable to the public.

This means, for example, that if your Kerika+Google Whiteboard or Task Board is made available to the public, all the documents in that board’s Google Docs folder are also made viewable by the public.

(And Google indexes all public Google Docs, the project could be found in more than one way, depending upon who is searching for it.)

One caveat: users of premium Google Apps, e.g. Google Apps for Business, cannot make their projects open to the public, because of limitations imposed by Google.