Hey,
This week I was really not sure whether to send the newsletter or wait at least until the beginning of the week. But I think I shouldn’t hold the content I found just because of a new law called “GDPR” that forces a lot of companies to send a lot of emails regarding updated privacy policies.
So here’s my take on this: I believe the law has huge potential to fix a lot of the problems we face today with privacy being exploited on purpose by companies making money with our data. Laws that at least require them to share these practices so that people could read it is good. Laws that hold them really accountable for data leaks like this very recent one where Amazon Alexa devices sent recorded private conversations to random contacts can only help the consumer. But noticably, this forces all of us to rethink our current best practices: Should we really put all our data to a variety of CDN and cloud providers or is one just enough? And if you ask companies whether they are able to provide a Data Processing Agreement (DPA) for you, many reply that they don’t or only do this for business accounts. All these replies are very interesting because they basically say “we don’t care about you little customer, only the big ones who have money and really require this contract get it”. And there’s a reason for this: A DPA holds service providers accountable to what they promised and it makes a difference to give that promise to millions or only a couple of customers.
I see privacy laws as a chance to proof that you and your company wants to do things right and not only go the easy way out without caring about customers. I know how hard it is for many people to understand and implement the legal requirements but let’s make the best out of it — for our own sake and our customers. We owe it to them.
Lastly, if you like what I do, please consider help me funding this letter financially. And now have a great Friday and weekend!
News
- We’ve seen quite some changes in the browsers’ security interfaces over the past months. First and until now, they emphasised sites that offer a secured connection (HTTPS). Then they decided to indicate insecure sites that offer forms and now Chrome announced new changes coming in fall that will make HTTPS the default by removing special indicators for this and marking HTTP pages as “not secure”.
Security
Privacy
- So here’s something new. The ACLU discovered that Amazon now officially teamed up with law enforcement and provides a mass-face recognition technology that is already used in cities around the world.
Web Performance
- Stefan Judis discovered that we can already preload ECMA Script modules in Chrome 66 by adding a HTML header tag
link rel="modulepreload".
Accessibility
- It’s relatively easy to build a loading spinner for example for a Single Page Application during load. But we rarely think about making these accessible; Stuart Nelson explains how to make CSS loading spinners accesible.
We now have the choice:Paul Stanton explains that while we have a lot of tools to test accessibility, in reality we need to use many of them to get the best results.
JavaScript
- filepond is a JavaScript library for uploading files that looks great and comes with a lot of adapters for React, vue, Angular or jQuery and has some nice built-in UX.
- React 16.4 is out and brings a big feature to the library: Pointer Events. They’ll make it easier to deal with user interactions and have been requested for a long time already.
CSS
- Rafaela Ferro shares how to use CSS Grid to create a photo gallery that looks not only good but actually great. This article has the answers about many questions I regularly get when talking about Grid layout.
- Marcin Wichary explains how with modern CSS Custom Properties we can create a dark theme in little time and shows this by going through the theme creation step by step with visual results alongside.
Work & Life
- Ben Werdmüller on the reality about resumes and how they always fail to reflect who you are, what you do and why you should be hired.
Anselm