Key elements of the new Flattr – the all-knowing, privacy-friendly algorithm

Flattr in a gif, the extension automatically flattrs content

 

 

 

 

 

 

 

 

 

The new Flattr is completely automated, meaning that it flattrs your favorite content for you based on the attention you give it. This is done through our smart algorithm, but how does it really work? What does the algorithm know? What does it tell us? Let’s take a dive into automation, algorithm and privacy!

The challenge

As described in the last post, we realized quite a while ago that to make Flattr more convenient, we needed to make it easier to use. So the goal became to make it automatic. Of course, your flattrs should still reflect what you care about, like, consume and engage with. So the challenge was to create a profound connection between what you give attention to, engage with and flattr. We knew we would need to connect it to what you do – more precisely, what you do in your browser – something that is, and should be, very private.

We believe in privacy!

Most companies do not feel as strongly about privacy as we do. Au contraire, they want to know as much as possible about who you are and what you do so they can use all this data and turn it into additional profit. For us, this is unacceptable. We have been and will always offer our services in the most privacy-friendly way. So how would we tackle the challenge of making your flattrs personal, but keeping your personal data private? Quite simple: by keeping your private data on your own device. It is possible to locally, on your device, figure out what to flattr. Locally measuring in detail what you do in your browser is not a problem if we never send that data anywhere else – which we don’t, of course! With the Flattr extension running locally in your browser, it can collect and measure everything needed to determine which content you engage with the most. This data is then used to decide what to flattr. To make a transaction and send money to people who created the content, we need nothing but the URL. Only these URLs are sent to us; no other data relating to your browsing behavior is sent. So yes, you can provide personalized services without invading privacy.

The all-knowing, privacy-friendly algorithm

It’s true, the Flattr extension knows your browsing activity. In fact, it needs to know as much as possible, so it can make the best-informed decisions about which sites it flattrs for you. But by keeping the information and algorithm on your device, the solution is as privacy friendly as it gets. The algorithm is a part of the extension that we know will be continuously improved. This means that trying to describe how it works right now would make this blogpost out-of-date very quickly. So let’s instead explain how we think.

How we measure engagement

As you now know, we want a flattr to happen when you consume something that receives enough attention and engagement. This is done through the extension, which registers when you engage with content (meaning you actively give it attention). Let’s use a news article as an example. The algorithm measures the time you spend on the page as a basic metric. But just time spent on a page is not enough to know if you are actually paying attention to the content, or if you got up and went to the coffee machine. So the extension uses other information to understand this e.g. if the window is active and in front, if you have scrolled the page recently and if the mouse pointer has moved or if you moved the page with the keyboard. This to understand when to register attention.

Once enough attention has been gathered, the extension flattrs the URL. The exact threshold is set differently for different types of content, e.g. text versus video. Other visits to the site, earlier flattrs and other metrics. We plan to make these differentiations even more granular to reflect all the different kinds of content and consumption patterns.

These are of course simplified examples, but they hopefully give you an idea of how we work and also why the new Flattr extension needs to register these quite personal data points. Let us emphasize again that we regard your privacy with the utmost importance and ensure that your data stays on your own device and is not sent anywhere.

14
Comments

14 Responses to Key elements of the new Flattr – the all-knowing, privacy-friendly algorithm

  1. beroal says:

    I hope you will give an option to delete URLs from a user’s history before money leave the user’s account. It is easy to create a web page with a “hot” title and useless content, and understanding that the content is useless takes time.

  2. anonymous says:

    I’m sorry, I can see your effort, but this is still not enough privacy for me. A list of URLs being sent to the server is already way too compromising if it falls into the wrong hands or is stored and accumulated on some server in “the cloud”.

    Here is a list of criteria that – in my opinion – the new flattr would need to fulfill in order to be acceptable from a privacy point of view:

    • Possibility to create a flattr account without real name, address etc.
    • Possibility to prevent site owners from seeing which account flattered their site.
    • Possibility to pay with privacy-friendly means like Bitcoin, PaySafeCard etc.
    • Amnesia-feature: All URLs are immediately deleted from the system once the monthly/weekly/daily flattr share has been calculated.
    • Strong encryption of all databases and transfers (duh!)
    • Open source codebase

    I recommend you have a look at the german e-mail provider Posteo. They figured out a way how to handle payment perfectly anonymous without them ever knowing who paid for which account: https://posteo.de/en/site/payment Posteo has recieved much international praise for their zealous privacy policy.

  3. anonymous says:

    Even more criterion:
    • Servers in privacy-friendly countries where they cannot easily be seized by NSA, GCHQ etc.

  4. lo says:

    I sometimes browse news outlets I despise to see the other side (Fox news, breitbar, etc…). I would hate to give them any money though, would it be possible to block some urls from getting flattred?

  5. Linus Olsson says:

    • Possibility to create a flattr account without real name, address etc.
    > That will be the normal usage for all contributors soon.

    • Possibility to prevent site owners from seeing which account flattered their site.
    > That is how it works.

    • Possibility to pay with privacy-friendly means like Bitcoin, PaySafeCard etc.
    > You can buy a prepaid Mastercard from a shop to add that layer of privacy.

    • Amnesia-feature: All URLs are immediately deleted from the system once the monthly/weekly/daily flattr share has been calculated.
    > This is a question of accountability, most user would like to know what they paid for historically. Allowing user to do this if they want to might be worth looking into.

    • Strong encryption of all databases and transfers (duh!)
    > Of course.

    • Open source codebase
    > The plan is to open source the extension.

    • Servers in privacy-friendly countries where they cannot easily be seized by NSA, GCHQ etc.
    > Our servers are in Sweden.

  6. Linus Olsson says:

    beroal: The goal is to create an algorithm that only flattrs content you cared for. But if for some reason you did not think the page deserved money you can of course delete the flattr.

    lo: Yes you can change it to be enabled/disabled on domain level. Only sites where majority of users wants to Flattr will be on by default. This is subject there will be a blog post later on.

  7. Alias says:

    I guess that, until the system gets a bit of traction, we may end up having a lot of “unclaimed” flattrs.

    Now, I understand that these are out of the new Flattr and I won’t cry over them, but it would be good to have a tool for evangelism that say “hey, last month, N people flattred your page, so why don’t you create an account?” to page owners.

  8. This post is inaccurate. Flattr stores more than just what URLs were visited. It also stores when the URL was visited. What time a day and which days your devices are active can be considered personal information.

    Flattr shouldn’t store Flattr’ed URLs forever. After six months, the specific URLs that an account has Flattr’ed holds no value to Flattr. The data can be anonymized somewhat after 3 or 6 months by reducing the data-precision to only store the domain rather than the full URL. That way accounts can still get statistic about which websites they’ve Flattr’ed the most without revealing their activity on those websites. After a year or two, even this data should be deleted.

    More importantly, Flattr needs to offer good tools for deleting old data! The EU General Data Protection Regulation comes in effect in May 2018. The tools Flattr currently offer aren’t good enough to meet the requirements that the GDPR says you need to provide to your users. (In short: store as little information as possible and only for as long as absolutely required by default. Give users good tools to delete all or specific data.)

    For example, it should be possible to search-for-Flattr’ed sites and delete every Flattr’ed results that is found with a given search. It should also be possible to delete all data older than say 1 month, 3 months, etc. Google’s activity deletion tool is a good example of what Flattr should create to offer users flexible and easy to use tools to control their personal data.

  9. Linus Olsson says:

    Alias:The old concept of unclaimed flattrs is gone, but we will do the same idea on a URL wide approach instead. So what you refer to will be a core feature to drive adoption!

  10. Linus Olsson says:

    Aleksandersen: Yes, when and what device, is meta data we get with a flattr, it’s important from an accountability perspective for users, so they can know when and what device made the Flattr. But we do not know when the device was active or what it visited, but rather what was flattred and when. It’s just a smaller subset of the full data, as only urls where flattr is enabled on and where enough attention and engagement was gathered becomes flattrs.

    But you are absolutely right, we should never store more then needed and also allow users to delete what is ok to delete. Flattr is currently in beta stage so lots of things are yet not done fully, this is one of those areas. Our data protection officer will make sure we at the very least follows GDPR. Our business model is transactions, it’s not to know things about our users.

  11. anonymous says:

    @Linus:
    Thanks for the detailed answers. I guess I’ll give it a shot once it comes out.
    I always felt guilty for not paying all the sites that I care about. However, privacy always had priority for me. I really hope this new Flattr will take off.

  12. anonymous says:

    Another thing:
    Will there be something like a “wow!” feature to manually boost a flattr for a specific site that really blew my mind or that deserves a bigger share in any way?

  13. Linus Olsson says:

    You can also manually flattr pages via the extension.

  14. Out Date says:

    Speaking for myself anyway, I will never flattr an anti adblock website.