How We Protect Privacy

ByWayne Willis

When you have a site like this that caters primarily to members of a single community -- in our case, Owners of Las Mañanitas condominium -- you want to share some information that should be kept only WITHIN the group.  If you put it on a public website, anyone with the link can access the information.  So, what can you do?

The conventional answer is "Just add security."   Experts would suggest things like:

  • Password Protection.  Here's a page on this website with a juicy photo.  It's password protected.  Try out.  You'll need the password, which is the Las Mañanitas postal code: 23405.  It works, but the password can easily be compromised, all the Owners would have to remember it, and it'd be very hard to change.
  • Access Control.  That's a fancy way to say that you need to be logged in to see the page.  This works well, but frankly, people don't like having to register for yet another internet account that has a username and password.   Unless there's a huge benefit in getting access to the website, people just won't bother.  Requiring every Owner to log in will reduce the number of readers dramatically.   Just look at our TownSq.io page.  How many people use that?  Somewhere close to zero.
Security and Ease-of-Use are inversely related.

The reality is that Security and Ease-of-Use are tradeoffs:

The value to Owners of having a vibrant "community website" is easy access to timely, relevant information.  Want to learn about the rule related to kids in hot-tubs?  Check out the Rules page that opens when you click on "Rules" in the menu bar at the top.  (Try it!)   How about learning more about the recent announcement from OOMSAPAS about a 36% rate hike?  Or our preliminary look at desalination?

If "access control" limits readership, then authors will be reluctant to do the work to research and write such valuable content.  This is the vicious cycle that dooms so many community websites:  access control reduces readership.  The people producing the "content" become demoralized and do less.  That makes the site less valuable, so fewer people sign up for an account or log in.  Rinse. Repeat.  And end up with TownSq.

Now, the two examples I used -- looking up the Rules and understanding the challenges looming for our water situation -- are not particularly private.  But as we move forward, we'll want to share information that is more sensitive, for example:

  • Budgets and Financial Statements.  Sure, this information goes to new buyers, but it's not generally available.
  • A list of Owners -- or the subset coming to the annual Assembly.  I'm not talking about phone numbers, unit numbers or email address; I'm just talking about the names of our Owners.  But an Owner might not want to let anyone -- much less the general public -- know they live here.
  • A Discussion Board or "Forum."  What if we had a robust online discussion about Rules as applied to Renters.  We might be willing to express some opinions just among other Owners, but we wouldn't want, e.g., Realtors in San Jose del Cabo (or renters within Las Mañanitas for that matter) to be able to follow that discussion.

These are tricky issues, and here's how I plan to manage them now and over time.  First, start with "security by obscurity."

Security By Obscurity

-- discover vs. access

then full access control

and "opt out" not "opt in"

 

Take something simple, like a list of who the Owners are.  I'm not talking about a directory that shows their addresses, phones or emails; I'm simply talking about their names.

Yes, some Owners may prefer

 

 

 

 

 

the annual budget of the HOA. --  tradeoff between security and ease of use.

  • tradeoff between too much disclosure and easy communication - e.g., a Directory -- should we publish a directory with names?  names and emails?  Or put it behind a login-wall?

here are some images to possibly use.