From 5a16b277810bd3f72b9fb3142024b08619cb317f Mon Sep 17 00:00:00 2001
From: hendr-ik
Date: Mon, 28 Dec 2020 16:12:50 +0100
Subject: [PATCH 1/7] merge deep dive and about section
---
homepage/content/pages/about.md | 71 ++++++++++++++++++++++----
homepage/content/pages/deep-dive.md | 79 -----------------------------
homepage/theme/templates/base.html | 3 --
homepage/theme/templates/index.html | 2 +-
4 files changed, 61 insertions(+), 94 deletions(-)
delete mode 100644 homepage/content/pages/deep-dive.md
diff --git a/homepage/content/pages/about.md b/homepage/content/pages/about.md
index 35be0c4..076ea0d 100644
--- a/homepage/content/pages/about.md
+++ b/homepage/content/pages/about.md
@@ -1,25 +1,74 @@
title: About | Offen
-description: Who we are, who supports us and how you can can get in touch.
+description: Who we are, what we do, who supports us and how you can can get in touch.
slug: about
-bottom_cta: matomo
+bottom_cta: fair
## About
+### What is this thing called "my data" and why does seemingly everyone want to get hold of it?
+
+It has a ring, gives a slight spine-chilling sensation and generates a whole lot of clicks: consumer magazines like German "Computer Bild" caution about ["Google espionage"](https://www.computerbild.de/artikel/cb-Ratgeber-Kurse-Wissen-Was-weiss-Google-ueber-Sie-2799009.html){: target="_blank"} just like the internet has countless tutorials on turning off numerous ["data leeches"](https://praxistipps.chip.de/datenkrake-windows-10-so-schalten-sie-auffaellige-funktionen-ab_99652){: target="_blank"}. Interestingly, diving into these realms will have you accidentally catching the next toolbar, malware infection or [even worse](https://blog.malwarebytes.com/cybercrime/2012/10/pick-a-download-any-download/){: target="_blank"}.
+
+Yet, many internet users still do not know what really is happening to their data. Public relation activities trying to calm the public - as recently undertaken by Facebook [for example](https://www.zeit.de/digital/datenschutz/2019-01/social-media-facebook-mark-zuckerberg-ads-privacy-business-model-transparency){: target="_blank"} - end up being rather disturbing instead of creating transparency or adding any value to the public debate. Denelle Dixon, COO of Mozilla, just publicly [warned the European Commission](https://blog.mozilla.org/blog/2019/01/31/mozilla-raises-concerns-over-facebooks-lack-of-transparency/){: target="_blank"} about the dangerous effects an opaque apparatus such as Facebook can have on society. Updated Terms and Conditions only parenthetically mention that newly created Google accounts will now hand over real names to third parties for [advertising purposes](https://www.propublica.org/article/google-has-quietly-dropped-ban-on-personally-identifiable-web-tracking){: target="_blank"}.
+
+
+
+
+
+As a regular user of the internet, are you really being spied upon? *What exactly is "my data"?* Can a website operator see my name when I'm using it? Does it know about my Email address or my phone number? Does it know which other websites I have been visiting, which search query led me to the site in the first place, what I have recently purchased online, or who I am acquainted with?
+
+> [If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place.](https://www.eff.org/de/deeplinks/2009/12/google-ceo-eric-schmidt-dismisses-privacy){: target="_blank"}
+>
+> Eric Schmidt (at this time CEO of Google), 2009
+
+We would like to turn the tables on this much quoted statement and apply it to the operators of services and websites instead of their users. The analytics software Offen *transparently and uncompromisingly discloses what data is being collected and what it is being used for* to the users.
+
+---
+
+### For users
+
+Visiting a website or using a web application that utilizes Offen, the user gains access to and ownership of the usage data collected. As a guiding principle, data collection is Opt-In only. Consent can be revoked at any time, just like users can choose delete their data retroactively. The cookie used by Offen allows viewing all of the associated metrics so that users can *assert themselves what is being collected and what isn't*. Data is being displayed in an accessible and articulate manner and each metric comes with explanations about its usage, relevance and possible privacy implications.
+
+
+
+### For operators
+
+Operators of small and mid-sized websites and web applications are faced with growing challenges not only since the introduction of GDPR: how do they gain insights into what users are interested in and which of the features offered are being used? Is it possible to showcase *transparent and considerate handling of user data* - i.e. neither being spy or data leech - without surrendering and abandoning usage metrics altogether?
+
+Choosing Offen, websites and web applications obtain a free, open and robust tool for collecting and analyzing relevant usage data. The insights gained enable continuous improvement of these services while still respecting their user's privacy. *Opening up the data to the users does not constitute a disadvantage, but strengthens the relationship with them* by being entirely transparent.
+
+### Part of the public debate
+
+Transparently handling usage data in the open creates mutual trust while still enabling operators to collect needed usage statistics. Offen is designed to be a mediating agent only, and does not side with either users or operators. Sharing knowledge between the two parties creates opportunities for an *open and fact based discussion* about user data and privacy. Users gain insights into what data is being collected and what these data points are used for, just like they learn about which kind of data is not part of the collection. They are enabled to reach self-determined decisions about what they consent with and what they disagree with when it comes to privacy on the web, also in other contexts than analytics.
+
+We want to exemplify that it is time to depart the age of ["data capitalism"](https://www.zeit.de/digital/datenschutz/2019-01/datenschutz-nick-couldry-datenkolonialismus-datenhandel/komplettansicht){: target="_blank"} and to create *technologies and infrastructure that are transparent, open and oriented towards the common good*
+
+
+
+
+
+### Offen as a technology
+
+At runtime, Offen is just mediating exchange between users and operators. Usage data is collected in conformance to GDPR and with the concept of ["Datensparsamkeit"](https://martinfowler.com/bliki/Datensparsamkeit.html){: target="_blank"} in mind. All user data is encrypted in the browser so that it can only ever be accessed by the users themselves or the matching operator. While being collected in the context of a website or application, neither operators nor third party scripts have any possibility to access the usage data. Offen itself doesn't have any way of decrypting, processing or even selling the gathered data at any point.
+
+The software itself, as well as *all the used tools are open source*, [project planning and technical specification](https://github.com/offen/offen){: target="_blank"} take place in the open and actively solicit feedback from the general public.
+
+Users and operators are given intuitive and accessibility-focused tools for analyzing and managing their data in the form of a web application and a browser extension. Operators deploy the service using a simple script tag.
+
+---
+
+### Modus Operandi
+
+Developing and running Offen can only work out when it is entirely *free of any kind of economic constraints or goals* and its only objective is *contributing to the common good*. Development of a prototype is reliant on public grants or similar funding sources. Long term development and maintenance of the software is tied to resources granted by foundations or being donated by the public.
+
### Status Quo
-Offen is created by [Frederik Ring][frederik-ring]{: target="_blank"} and [Hendrik Niefeld][hendrik-niefeld]{: target="_blank"} and is currently being conceptually designed and in active development, both as a product as well as as a software.
-
-[hendrik-niefeld]: http://niefeld.com/
-[frederik-ring]: https://www.frederikring.com/
+Offen is created by [Frederik Ring](https://www.frederikring.com/){: target="_blank"} and [Hendrik Niefeld](http://niefeld.com/){: target="_blank"} and is currently being conceptually designed and in active development, both as a product as well as as a software.
[![NLnet Foundation](/theme/images/nlnet-logo.svg){:width="160px" height="60px" class="mt4"}](https://nlnet.nl/){: target="_blank"}
-We are happy to work with [NLnet Foundation,][nlnet-foundation]{: target="_blank"} which actively supports our efforts as part of its [Next Generation Internet][next-generation-internet]{: target="_blank"} initiative.
+We are happy to work with [NLnet Foundation,](https://nlnet.nl/){: target="_blank"} which actively supports our efforts as part of its [Next Generation Internet](https://nlnet.nl/NGI/){: target="_blank"} initiative.
-[nlnet-foundation]: https://nlnet.nl/
-[next-generation-internet]: https://nlnet.nl/NGI/
-
----
### Contact
diff --git a/homepage/content/pages/deep-dive.md b/homepage/content/pages/deep-dive.md
deleted file mode 100644
index e58916e..0000000
--- a/homepage/content/pages/deep-dive.md
+++ /dev/null
@@ -1,79 +0,0 @@
-title: Deep dive | Offen
-description: What do users know about their data? How can they access it? Do operators benefit from a careful handling of user data? Does Offen work in accordance with GDPR?
-slug: deep-dive
-sitemap_priority: 0.7
-bottom_cta: quality
-
-## Deep dive
-
-### What is this thing called "my data" and why does seemingly everyone want to get hold of it?
-
-It has a ring, gives a slight spine-chilling sensation and generates a whole lot of clicks: consumer magazines like German "Computer Bild" caution about "Google espionage" [^1] just like the internet has countless tutorials on turning off numerous "data leeches"[^2]. Interestingly, diving into these realms will have you accidentally catching the next toolbar, malware infection or even worse [^3].
-
-[^1]: Gegen Google-Spionage wehren
-[^2]: Datenkrake Windows 10: So schalten Sie auffällige Funktionen ab
-[^3]: Pick a Download, Any Download!
-
-Yet, many internet users still do not know what really is happening to their data. Public relation activities trying to calm the public - as recently undertaken by Facebook for example [^4] - end up being rather disturbing instead of creating transparency or adding any value to the public debate. Denelle Dixon, COO of Mozilla, just publicly warned the European Commission [^5] about the dangerous effects an opaque apparatus such as Facebook can have on society. Updated Terms and Conditions only parenthetically mention that newly created Google accounts will now hand over real names to third parties for advertising purposes [^6].
-
-[^4]: Sometimes People Assume Facebook Does Things It Doesn't Do
-[^5]: Mozilla Raises Concerns Over Facebook's Lack of Transparency
-[^6]: Google Has Quietly Dropped Ban on Personally Identifiable Web Tracking
-
-
-
-
-
-As a regular user of the internet, are you really being spied upon? *What exactly is "my data"?* Can a website operator see my name when I'm using it? Does it know about my Email address or my phone number? Does it know which other websites I have been visiting, which search query led me to the site in the first place, what I have recently purchased online, or who I am acquainted with?
-
-> If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place. [^7]
->
-> Eric Schmidt (at this time CEO of Google), 2009
-
-[^7]: Google CEO Eric Schmidt Dismisses the Importance of Privacy
-
-We would like to turn the tables on this much quoted statement and apply it to the operators of services and websites instead of their users. The analytics software Offen *transparently and uncompromisingly discloses what data is being collected and what it is being used for* to the users.
-
----
-
-### For users
-
-Visiting a website or using a web application that utilizes Offen, the user gains access to and ownership of the usage data collected. As a guiding principle, data collection is Opt-In only. Consent can be revoked at any time, just like users can choose delete their data retroactively. The cookie used by Offen allows viewing all of the associated metrics so that users can *assert themselves what is being collected and what isn't*. Data is being displayed in an accessible and articulate manner and each metric comes with explanations about its usage, relevance and possible privacy implications.
-
-
-
-### For operators
-
-Operators of small and mid-sized websites and web applications are faced with growing challenges not only since the introduction of GDPR: how do they gain insights into what users are interested in and which of the features offered are being used? Is it possible to showcase *transparent and considerate handling of user data* - i.e. neither being spy or data leech - without surrendering and abandoning usage metrics altogether?
-
-Choosing Offen, websites and web applications obtain a free, open and robust tool for collecting and analyzing relevant usage data. The insights gained enable continuous improvement of these services while still respecting their user's privacy. *Opening up the data to the users does not constitute a disadvantage, but strengthens the relationship with them* by being entirely transparent.
-
-### Part of the public debate
-
-Transparently handling usage data in the open creates mutual trust while still enabling operators to collect needed usage statistics. Offen is designed to be a mediating agent only, and does not side with either users or operators. Sharing knowledge between the two parties creates opportunities for an *open and fact based discussion* about user data and privacy. Users gain insights into what data is being collected and what these data points are used for, just like they learn about which kind of data is not part of the collection. They are enabled to reach self-determined decisions about what they consent with and what they disagree with when it comes to privacy on the web, also in other contexts than analytics.
-
-We want to exemplify that it is time to depart the age of "data capitalism" [^8] and to create *technologies and infrastructure that are transparent, open and oriented towards the common good*
-
-[^8]: Vielleicht wird in Zukunft auch mit Gewalt um Daten gekämpft
-
-
-
-
-
-### Offen as a technology
-
-At runtime, Offen is just mediating exchange between users and operators. Usage data is collected in conformance to GDPR and with the concept of "Datensparsamkeit" [^9] in mind. All user data is encrypted in the browser so that it can only ever be accessed by the users themselves or the matching operator. While being collected in the context of a website or application, neither operators nor third party scripts have any possibility to access the usage data. Offen itself doesn't have any way of decrypting, processing or even selling the gathered data at any point.
-
-[^9]: Datensparsamkeit
-
-The software itself, as well as *all the used tools are open source*, [project planning and technical specification][github-org]{: target="_blank"} take place in the open and actively solicit feedback from the general public.
-
-[github-org]: https://github.com/offen
-
-Users and operators are given intuitive and accessibility-focused tools for analyzing and managing their data in the form of a web application and a browser extension. Operators deploy the service using a simple script tag.
-
----
-
-### Modus Operandi
-
-Developing and running Offen can only work out when it is entirely *free of any kind of economic constraints or goals* and its only objective is *contributing to the common good*. Development of a prototype is reliant on public grants or similar funding sources. Long term development and maintenance of the software is tied to resources granted by foundations or being donated by the public.
diff --git a/homepage/theme/templates/base.html b/homepage/theme/templates/base.html
index 01ccf3e..f54a417 100644
--- a/homepage/theme/templates/base.html
+++ b/homepage/theme/templates/base.html
@@ -53,9 +53,6 @@
Blog
-
- Deep dive
-
Roadmap
diff --git a/homepage/theme/templates/index.html b/homepage/theme/templates/index.html
index 2fd9bbd..f0ab61d 100644
--- a/homepage/theme/templates/index.html
+++ b/homepage/theme/templates/index.html
@@ -128,7 +128,7 @@
- Web analytics is still an unfair and impenetrable business. A proper alternative to common tools is missing. Therefore we develop one. Deep dive
+ Web analytics is still an unfair and impenetrable business. A proper alternative to common tools is missing. Therefore we develop one. Learn more
From fbbad51c3c02ea6991a1d1a99bd86fdb8f553688 Mon Sep 17 00:00:00 2001
From: hendr-ik
Date: Mon, 28 Dec 2020 16:28:30 +0100
Subject: [PATCH 2/7] remove some Docs campaigns, hide summary menu section on
index
---
homepage/pelicanconf.py | 3 +--
homepage/theme/templates/base.html | 6 ++++--
homepage/theme/templates/index.html | 1 +
3 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/homepage/pelicanconf.py b/homepage/pelicanconf.py
index bb4a79e..ade321a 100644
--- a/homepage/pelicanconf.py
+++ b/homepage/pelicanconf.py
@@ -97,8 +97,7 @@ HEROKU_DIRECT_URL = 'https://heroku.com/deploy?template=https://github.com/offen
UBERSPACE_DIRECT_URL = 'https://lab.uberspace.de/guide_offen.html'
YUNOHOST_DIRECT_URL = 'https://github.com/offen/offen_ynh'
OFFEN_AUDITORIUM_URL = 'https://offen.offen.dev/auditorium/'
-DOCS_URL_CAMPAIGN_TOP = 'https://docs.offen.dev/?utm_campaign=top'
-DOCS_URL_CAMPAIGN_BOTTOM = 'https://docs.offen.dev/?utm_campaign=bottom'
+DOCS_URL = 'https://docs.offen.dev/'
DOCS_GETSTARTED_URL = 'https://docs.offen.dev/running-offen/'
DOCS_GETSTARTED_URL_CAMPAIGN = 'https://docs.offen.dev/running-offen/?utm_campaign=get-started'
DOCS_TRYDEMO_URL = 'https://docs.offen.dev/running-offen/test-drive/'
diff --git a/homepage/theme/templates/base.html b/homepage/theme/templates/base.html
index f54a417..6470dcb 100644
--- a/homepage/theme/templates/base.html
+++ b/homepage/theme/templates/base.html
@@ -47,9 +47,11 @@
+ {% if not index %}
Summary
+ {% endif %}
Blog
@@ -63,7 +65,7 @@
GitHub
- Docs
+ Docs
Get started
@@ -258,7 +260,7 @@
Blog
- Docs
+ Docs
GitHub
diff --git a/homepage/theme/templates/index.html b/homepage/theme/templates/index.html
index f0ab61d..88d5126 100644
--- a/homepage/theme/templates/index.html
+++ b/homepage/theme/templates/index.html
@@ -1,4 +1,5 @@
{% extends "page.html" %}
+{% set index = True %}
{% block content %}
From ef6df724b3549f63f99fddfd1ba04a28448ba797 Mon Sep 17 00:00:00 2001
From: hendr-ik
Date: Mon, 28 Dec 2020 21:40:03 +0100
Subject: [PATCH 3/7] add new article, tweak quotation styling
---
.../content/articles/0040-test-offen-today.md | 6 +-
.../content/articles/0140-privacy-cookies.md | 126 ++++++++++++++++++
homepage/content/pages/about.md | 4 +-
homepage/pelicanconf.py | 9 +-
.../offen-blog-0140-privacy-cookies.jpg | Bin 0 -> 157299 bytes
homepage/theme/templates/archives.html | 4 +-
6 files changed, 138 insertions(+), 11 deletions(-)
create mode 100644 homepage/content/articles/0140-privacy-cookies.md
create mode 100644 homepage/theme/static/images/offen-blog-0140-privacy-cookies.jpg
diff --git a/homepage/content/articles/0040-test-offen-today.md b/homepage/content/articles/0040-test-offen-today.md
index aa64d09..a0bce51 100644
--- a/homepage/content/articles/0040-test-offen-today.md
+++ b/homepage/content/articles/0040-test-offen-today.md
@@ -23,15 +23,15 @@ Although we have dug very deep, things may still contain issues. Therefore, we r
## Offen v0.1.0-alpha.3
-#### Single binary file for Linux, Windows or MacOS
+##### Single binary file for Linux, Windows or MacOS
[Download](https://get.offen.dev/){: data-button="full"}
-#### Your own Offen instance
+##### Your own Offen instance
[Deploy to Heroku](https://heroku.com/deploy?template=https://github.com/offen/heroku/tree/master){: target="_blank" data-button-mb5="full"}
Download or deploy Offen today and give it a spin. *[Check our Docs](https://docs.offen.dev/){: target="_blank"} for detailed instructions.*
-We appreciate any feedback. No matter if you have difficulties with the installation, find our UI hard to understand or catch anything unexpected. Please get in touch via [Twitter,](https://twitter.com/hioffen){: target="_blank"} [LinkedIn](https://www.linkedin.com/company/hioffen/){: target="_blank"} or [email.](mailto:hioffen@posteo.de){: target="_blank"}
+We appreciate any feedback. No matter if you have difficulties with the installation, find our UI hard to understand or catch anything unexpected. Please get in touch via [Twitter,](https://twitter.com/hioffen){: target="_blank"} [LinkedIn](https://www.linkedin.com/company/hioffen/){: target="_blank"} or [email.](mailto:hioffen@posteo.de){: target="_blank"}
We look forward to hearing from you. Happy testing!
diff --git a/homepage/content/articles/0140-privacy-cookies.md b/homepage/content/articles/0140-privacy-cookies.md
new file mode 100644
index 0000000..13cd423
--- /dev/null
+++ b/homepage/content/articles/0140-privacy-cookies.md
@@ -0,0 +1,126 @@
+title: Privacy focus? Consider the cookie.
+description: Using cookies does not necessarily equal tracking your users. Learn how you can use cookies to respect the privacy of your users.
+date: 2020-12-28
+slug: privacy-cookies
+sitemap_priority: 0.7
+image_url: /theme/images/offen-blog-0140-privacy-cookies.jpg
+author: Frederik Ring
+bottom_cta: quality
+
+## Privacy focus? Consider the cookie
+
+Whoever [drafted the idea for HTTP cookies](https://tools.ietf.org/html/rfc2109){: target="_blank"} back in 1997 likely did not anticipate having created a technology that is as disputed, discussed and also disliked as it is today. A non-technical user of the internet might be under the impression that cookies are an utterly useless privacy disaster that bring you nothing but consent banners filled with dark patterns, and enable advertisers to track you on literally every website ever.
+
+And while there are definitely problems with the modern day usage of cookies, with very good reasons to regulate their usage, they can also be used to enhance privacy on the web. Using cookies does not necessarily equal tracking your users or invading their privacy. In this article we would like to show you how you can use cookies to respect and enhance the privacy of your users.
+
+> *Using cookies does not necessarily equal tracking your users or invading their privacy.*
+
+---
+
+### Collecting data should require consent, no matter your implementation details
+
+Inside the European union the so called "[Cookie Directive](https://en.wikipedia.org/wiki/Privacy_and_Electronic_Communications_Directive_2002){: target="_blank"}" mandates acquiring consent from users for setting non-essential cookies. Similar laws exist for example in California. The internet being a global phenomenon, you are very likely to be subject to these regulations in one way or the other the moment you serve any non-trivial website. Many developers like to complain vocally about so called "cookie banners", and the number of sleazy patterns that try to trick users into consenting makes these complaints relatable. A solution that does not require user consent must surely be the better option for privacy, right?
+
+It's not that easy though. If you think user privacy from the ground up, how do the technical details of your implementation matter? We'd argue they do not matter much. If you want to collect non-essential data from your visitors (analytics data in the case of Offen) in a privacy friendly way, you should be asking for user consent. No matter how your technical solution for doing so looks like, and no matter what regulations currently say. If you're not doing this and instead come up with something that allows you to avoid "the cookie banner" for collecting non-essential data, you are not building a privacy friendly solution, you are building a regulations friendly solution.
+
+Think about it in this way maybe: if you feel like you really do not want ask users for consent, then maybe this is a good hint to reevaluate if you really need to collect that data you would need user consent for. Privacy values choices, and simply not making use of non-essential features should be an option for users always. Not convinced? Think about why ad blockers are so popular.
+
+In case your conclusion is that you do need to collect the data, don't be afraid about that consent banner too much. There is absolutely nothing that requires you to use the overly complex solutions you can find on the internet way too often. Consent banners can be unobtrusive, concise and clear starting the moment when you accept a "No" just as much as you accept a "Yes".
+
+> *Consent banners can be unobtrusive, concise and clear starting the moment when you accept a "No" just as much as you accept a "Yes".*
+
+---
+
+### Essential, non-essential, and what's the difference?
+
+Regulations around data protection and collection often distinguish essential and non-essential features, and this makes a lot of sense. If a user can log in to your service and you have to store a session identifier in a cookie to enable this, it is perfectly fine to do so without consent. Having to provide credentials over and over again for every request made against your server would render your service unusable, hence it is an essential feature.
+
+Non-essential features are usually revolving around performance and analytics. Collecting analytics data for a website definitely is not required for the user to use your service. This means it is non-essential usage and you should be asking for consent before doing so. Regulations around this topic only cover cookies, but taking privacy seriously, you would apply this principle to all techniques. On a side note, [quantity does not necessarily mean quality in web analytics](https://www.offen.dev/blog/opt-in-quality/).
+
+Most importantly, both essential and non-essential segments require making sure their technical implementation is secure and respects user privacy as much as possible.
+
+---
+
+### Technical considerations for using cookies in a privacy friendly manner
+
+Offen is a fair web analytics software. This is a promise we can only deliver with an opt-in only solution. Not having to work around a "cookie banner" (for us, that's a feature) we are free to solve any task at hand in the most privacy friendly way we can come up with. And in many cases, this means using cookies. The following collects a few guidelines we've been following when building Offen.
+
+#### Choosing privacy friendly identifiers and values
+
+Cookies are essentially a key-value store. It might seem tempting to store detailed and highly specific information in the values here, but let's have a look at what that would mean from a privacy perspective.
+
+For example let's say you wanted to write a feature test, checking for whether you can set cookies in the first place, you might come up with a mechanism that writes a random value to a certain key and tries to read it again. If the value can be read and is not altered the check succeeds. However, this means the feature test does also make the user identifiable by that random token, which is a privacy implication that is not tolerable for such a basic task. Instead, you can use a static value and also a static key for all users that ever run the feature test, thus making them indistinguishable. The guideline therefore is to always use static values that are the same for each and every user, unless you really need to identify users.
+
+If you find yourself in the situation where you do need to create an identifier that is unique to a user, cookies will give you the privacy advantage of being able to create a truly random and anonymous value (e.g. a UUID) that is not tied to any user or device specific information (as compared with for example tracking sessions by hashing a combination of IP address and User Agent string on the server, [which leaks a lot of private information, even when stored in its hashed form only](https://edps.europa.eu/data-protection/our-work/publications/papers/introduction-hash-function-personal-data_en){: target="_blank"}). Ensure you use a well-tested library for creating such identifiers. Also, consider the option of periodically rotating such tokens so that others that inadvertently get hold of such a token can only make use of it for a limited period of time.
+
+> *Cookies will give you the privacy advantage of being able to create a truly random and anonymous value that is not tied to any user or device specific information.*
+
+#### Allow users to delete their cookies
+
+One of the best privacy features of cookies is: users can delete them at any time, disassociating themselves with the data tied to the previous identifiers instantly. This will never work if you use server side solutions relying in UA strings and/or IP addresses. Many users might know how to do this, but if you take privacy seriously and you are using cookies for your service, why not implement such a feature within?
+
+#### Do not use Third Party cookies
+
+A cookie is always bound to the domain it has been issued from. In a scenario where a page loads resources from different domains, this means that some of these resources may set or use cookies bound to a different domain than the host document is served from.
+
+These cookies are called third-party cookies and are pretty bad for privacy, considering they can be used to follow users around the web when such third party resources are being loaded on a multitude of websites.
+
+Luckily, usage of third party cookies is already being heavily restricted by browser vendors, and there are concrete plans to disallow their usage entirely until 2022.
+
+However, when designing an application you might find yourself in situations where using third party cookies might become a requirement. In case such a requirement pops up, it's probably best to take a step back and reconsider the overall architecture of your application's HTTP schema. Using a third party cookie shows your application would be leaking information (both essential and non-essential) across domain boundaries. Consider consolidating all logic that requires to share such data under a single domain so that data can be neatly protected by other mechanisms such as `SameSite`.
+
+#### Same site cookies
+
+To preserve privacy for the values stored in the cookies you set yourself, you will want to restrict their usage to to a first-party or same-site context. In order to allow for fine grained control of this behavior, [the `SameSite` attribute](https://web.dev/samesite-cookies-explained/){: target="_blank"} got introduced in [RFC6265bis](https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-03#section-4.1){: target="_blank"}.
+
+This allows you to now set a value of either `Strict`, `Lax` or `None` for the `SameSite` attribute, limiting the scenarios in which your browser will send cookie information with requests to your domain.
+
+Considering this article is about building secure and privacy focused applications, using `None` should not be an option here. The major difference between `Lax` and `Strict` is that `Lax` allows for cookies to be sent along with so called "top level" requests, i.e. if your site is using cookies to store a session identifier for login and a 3rd party site links to your site, using `Lax` will allow users to click that link and be logged in instantly, whereas using `Strict` would not send those cookies on the first request, but only on those initiated by the document loaded from your domain itself.
+
+Depending on your use case, both options are valid choices and make sure you respect your users' privacy.
+
+> *One of the best privacy features of cookies is: users can delete them at any time, disassociating themselves with the data tied to the previous identifiers instantly.*
+
+#### Secure by default
+
+Cookies are designed to be sent in the headers of HTTP requests. This means that when not using an encrypted connection over TLS, the values sent in plaintext and are subject to possible eavesdropping by third parties in between your user and your server.
+
+Even while using HTTPS is becoming the default nowadays, HTTP still does exist and it's totally possible in certain setups to accidentally make HTTP requests, even when HTTPS would be available.
+
+To protect cookie values to be sent over insecure, plain-text connections, set the `Secure` attribute on your cookies. This way, the browser will make sure to send cookies only when a request is using the `https` protocol.
+
+#### HTTP cookies and JavaScript cookies
+
+Cookies can be set and read in two different manners, either by using client side JavaScript, using the `document.cookie` interface or by using the `Cookie` and `Set-Cookie` HTTP Headers.
+
+By default, cookies set by one method can be read by the other and vice-versa. This does create privacy implications though: as modern websites can load a large amount of third party code in the client, this exposes information stored in cookies to everyone who can run code on your website, e.g. third party widgets or similar.
+
+To avoid a situation like this, the `HttpOnly` attribute can be used. When set on a cookie, it means reading from and writing to it is not possible using client side JavaScript, it can only be accessed by the server, which gives you much tighter control over the data contained.
+
+`HttpOnly` should be the default setting when issuing cookies. Only disable when there is no other way to achieve what you need to achieve. When you have to do so, consider the information stored in that cookie public, so do never store any user identifiers, session data or similar information in a cookie that is not `HttpOnly`.
+
+#### Scope access using domains and paths
+
+Access rules for a cookie can be defined by using the `Domain` and `Path` parameters. The `Domain` defines the domain a cookie is sent to and `Path` limits its submission to certain sub-paths of that domain. So for example a cookie with a domain of `www.offen.dev` and a path of `/blog` would be sent along with requests of a URL beginning with `https://www.offen.dev/blog` only.
+
+There are some interesting details about the `Domain` parameter: it is optional and when not specified at all, the cookie will be bound to the very domain that is setting the cookie. No sibling or subdomains will be allowed to access its value. When you specify a domain, this domain and all of its subdomains will be allowed to access that cookie.
+
+Sometimes, you will also see domain values starting with a dot like `.offen.dev`, which used to indicate that the cookie should be sent to all subdomains, yet modern browsers will treat the domain [with or without the leading dot in the same way](https://tools.ietf.org/html/rfc6265#section-4.1.2.3){: target="_blank"}. It is not needed anymore.
+
+These two mechanisms should be leveraged from the start when you are using cookies. Start by not specifying a domain and the most restrictive `Path` value you can use and only relax these rules if it is strictly necessary for your application to function. Be extra stringent about this when handling cookies that contain identifiers.
+
+#### Expire cookies you do not need
+
+Cookies come in two flavors: Session cookies and persistent cookies. Session cookies will be purged by your browser once your [browsing session](https://html.spec.whatwg.org/dev/history.html#browsing-session){: target="_blank"} ends, persistent cookies define a point of time where they expire themselves. Technically, it's not possible to issue a cookie that is never expiring, although you can create one that expires in a 100 years, resulting in the same effect for the end user.
+
+Once again using the principle of [Datensparsamkeit](https://martinfowler.com/bliki/Datensparsamkeit.html){: target="_blank"} as a guideline, it's a good habit to start with all cookies being session cookies. Only make those persistent where the benefits justify the consequences of storing possibly sensitive data like user identifiers on a user's device for a prolonged period of time. Consider the trade-offs for your users when defining the expiry and err on the side of security and privacy. If you really need a very long lived cookie, look into if you could periodically refresh its value so that it does not create a potentially unwanted tracking identifier for others.
+
+> *Start with all cookies being session cookies. Only make those persistent where the benefits justify the consequences of storing possibly sensitive data.*
+
+---
+
+### Wrapping up
+
+If you find yourself building a product where privacy is important - just like we do when building Offen - feel encouraged to consider cookies as an option for your tasks. Very often, it's a robust and simple choice that is beneficial for your user's privacy when done right, and the implicit requirement for acquiring user consent is a major privacy feature.
+
+Do you have comments or feedback about this article or about Offen in general? Tweet at us [@hioffen](https://twitter.com/hioffen){: target="_blank"} or email us at [hioffen@posteo.de](mailto:hioffen@posteo.de).
diff --git a/homepage/content/pages/about.md b/homepage/content/pages/about.md
index 076ea0d..9f8e7fb 100644
--- a/homepage/content/pages/about.md
+++ b/homepage/content/pages/about.md
@@ -17,9 +17,9 @@ Yet, many internet users still do not know what really is happening to their dat
As a regular user of the internet, are you really being spied upon? *What exactly is "my data"?* Can a website operator see my name when I'm using it? Does it know about my Email address or my phone number? Does it know which other websites I have been visiting, which search query led me to the site in the first place, what I have recently purchased online, or who I am acquainted with?
-> [If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place.](https://www.eff.org/de/deeplinks/2009/12/google-ceo-eric-schmidt-dismisses-privacy){: target="_blank"}
+> "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place."
>
-> Eric Schmidt (at this time CEO of Google), 2009
+> [Eric Schmidt](https://www.eff.org/de/deeplinks/2009/12/google-ceo-eric-schmidt-dismisses-privacy){: target="_blank"} (at this time CEO of Google), 2009
We would like to turn the tables on this much quoted statement and apply it to the operators of services and websites instead of their users. The analytics software Offen *transparently and uncompromisingly discloses what data is being collected and what it is being used for* to the users.
diff --git a/homepage/pelicanconf.py b/homepage/pelicanconf.py
index ade321a..96d0ec8 100644
--- a/homepage/pelicanconf.py
+++ b/homepage/pelicanconf.py
@@ -74,12 +74,13 @@ DECORATE_CONTENT = {
'a:not([data-button])': ['gray'],
'h1': ['f2', 'normal', 'lh-title', 'mt3', 'ma0', 'mb3'],
'h2': ['f25', 'normal', 'lh-title', 'mt4', 'ma0', 'mb3'],
- 'h3': ['f5', 'normal', 'mt5', 'ma0', 'mb3', '.cclr-fnt-black-mid'],
- 'h4': ['f5', 'normal', 'mt4', 'ma0', 'mb1'], # text over button
- 'h5': ['f5', 'normal', 'mt2', 'ma0', 'mb1'], # not used
+ 'h3': ['f4', 'normal', 'mt5', 'ma0', 'mb3'],
+ 'h4': ['f5', 'normal', 'mt4', 'ma0', 'mb3'],
+ 'h5': ['f5', 'normal', 'mt5', 'ma0', 'mb1'], # text over button
'h6': ['f5', 'lh-solid', 'normal', 'ma0', 'light-silver'], # not used
'p': ['ma0', 'pb3'],
- 'blockquote': ['f5', 'i', 'ma0', 'ml4-ns', 'ml3'],
+ 'blockquote': ['f4', 'ma0', 'ph4-ns', 'pv3'],
+ 'blockquote p': ['nb2'],
'hr': ['mt5', 'mb3', 'b--black-05']
}
diff --git a/homepage/theme/static/images/offen-blog-0140-privacy-cookies.jpg b/homepage/theme/static/images/offen-blog-0140-privacy-cookies.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..bcbf87f887c4664c5575c13f9af5802ccca6ae56
GIT binary patch
literal 157299
zcma%ibyU<(^!8_$W$A7ZSYYYy?j@G)M!LI0MOYANmXr`dx}`%D=>}<#1tcXDlv3b}
z@OpmdJ-@%+Ki)fM&Y5%P%$%8j?wxs_=RT}HYyqTN>PU3}1O@=-e+_u}0gxd=oV+3c
z5C8!HK<=OG6d+c1_H%RrocsQHKo1xo4uC=+5Nrq(8ykuT{nrU_p-@}`LVSDze0)Mu
z!v8T+LShn95@JFM3Q9@}ibo6#43C)q*FZQpI7Ea*w4|i8^i*V2^#42Y|2uf-1ITc}
zkFZX#Kx6=z41`4ndKdye0st0(1pT6Sm>~tgAS^8KzYG1l
z5*8Rl1Ok%*ELg(i5M@ILRtoHZ7!hd3+h&!1HcFgdbK6E|j)9_7C{=i7Y0H4I6E*Jq
zPOKPBP%Aqb0Kx)eVMDPYAS?(70>%OXWZ-}MD3kv(bO?aN{M&;SyMJz5gyKwv5^Cfa
z$cD-krD`c1nBRd@t2zZetO11o)_}>d$N)v)ujUbKZ%t1(4ts-slh2-+e!wuG=A%{E
zweO>)*j%kX6C-4_fHrwBEle1cRUN&0%
z>N9ShcE1I4eHSbei8L8Zg!76`
z%Xby3UAs=T+Pua(AIU$yqW!yW5d@!qW4Sx(318I6q60{4gN@I@f(~k|maD#}lo&CS
zD$v`UhS^w0Lgp7T$OKuROKphrt+UTME~W=5arceervLCR^fN?_10c6L7ML1R0y1IY
zMl8*P=^npUb9LY(l_kOkEskgSAhxQP+nS8v`p*-E;eKv>E7+Nk&xTg*wkjhfO{qiC
zD;$Dt!5HQqs~MJy&y%knJy8`YE%9au-O)F7_D172Q45!AO#Z5mg}RR#Ok_{)KLC1`
zJdL+Lo#NK)XM5NsIz%J|$c^`B+xOUq5qRcTn^(RJcNDX6gh=3T
zI_BjwhA6G%Rvy_j<$VSdimvZns~Quo)!pa{1vxppD{Xdm>qS{4c1NbY67W~F;peYv
zVVPwAF_%|9VV#i8#M6+>Kg^x(@GHrcyQhwIhP2mM9qX1HI1oGcwH|GKWk){_lBmV=
z61QImmn!%-IN8=yV}hL4I(A`J>SBY*;R}Qps!P~dq>mXq;J9R>P7z&|_CKzCUb?Gx
z5PYINi~Ol^4iibj0B43{{vnmXf}M&F@?P
zD?Y}aaNe95f`CCtczg`^`##XN^n{i({a?ofU`l*JLJ%rW@dm+q=RV;2!+1(GD{Ti?0%o7f(=2#C@CR^la924B?2cr7<~K!W$m$9l@(
zCogV4FVt&x+w(>6K1*hD&F~K`p6Pw^_5EMcJJp}B
zqHoYo&7Z3|%#=mj5sVM)J?WH>Wla1pyPB0+tUZ08*GkgKk#aavox{cVTgLl|-OCF$zq+{#UY-*m5!e&^LBfO;7^p0+KDQ5XVcNpYicgPP9(i+i9cpg!
zv+dvlCo#K-aI1S1zRVqOsf1n#58?7xhK){a@S*MG0`
z;*J=~hBBjClnF?f*ITw+LfDfs>3ZI&E?)&Tv8%Cq_rCfq`3I-?Bx*Z)Zz9MckN`vu
zw~V{bxnK$6
z>PI6z6|~K!KSk7EUC-6*F!o1nwCmImYg)S|MZDj9tE#&L&-&LF2ngA88P`f)@F1IFEB|Hv$Vr
zLRX#Y$NYe}sei&U<=nr-F#HeS5K?p}J9ZILwsD$VQ
zow0m!wsvlSt?KtF!-bM~@KUZ8wWS(U8CVjmVK^UBMTax5d71R{)=wFSa_sB3qyIRO
zj3JfkwSU-A%tvd~`i2d?!TYg5bQ!~LMk+45PEmPLC0;CMpf#@a)+u*4{tFLm$8^${
z&4L`-c~%#AY!aFDj&DnP1IrE#{{7wX2FTHb_Jq3DX(#c;D6ywi3V0ck?$w0A3irSk
znF@CDJRrr;5ZxA|#`;=SD6tNyGFg@0k}w)gXnS3$%27(lNT~y&rap9it*!x2(iz8R
zjQhCc`b}|ED__&_^G5DhNT0NG7Bt-QSTgv=5ay!CGRsx7syFM4J>GUtdBB2F;-Vun
ze$r$z+e%uJwN`enE*wGq$h{89j&jw6xvM3d%6Sx^(8}HpuLwwO5>47LR)nQHkd;7h
z%ek($uHi_+bK2(!v(h)F%7-sRmXHgM>Nv4E<1qgh
z3zQdn^5~q5$fU%-3FeMrwXCg!V{t5$Tra<(HK|ELX~nR9)sHKf%A^90r|MxJJY~&Z
z3`4a7YWdzOf3KhgUVxS!ar4mC*J@_+3Ja4Dz2wP5A8|~jA47>!y~}MVmRYmKCaj8f
zC)FQN`jNhlH9?&P~Sh@-BrNcvm^3-
zZEYt-tjIA88+%=D|Fz|W_)RyHZ
zxujT92kJ3-&v59Z0G7dLk9jvIoJ6hNCgIn0L0x7Y=SI#N|AqBYz
zO~b5L!=L~GZ-0h)dlNp0zkz|~Rt60VFX!!PXxTFjg<(ugyXafC`
zqHtO$$?dY+5|Vg2O>eZ58#~;@r(>0O>==h@%#2omc*&BA>!8O%h6jMY?Hg+-f-8V5$S)Tc0xq>
zp7&L<+I&IDBd7vLLbabVX`MJ6%ig{ranl^U-S%sxq+DBh8#vWtl0B-_&1#voGO3$r~enXt6b>z;}+Rr#N;vQci7)|6~
zOElh!Sh6{n0?@B9MwBS%X31Pd-^O}>8bkV$WQ{ghc`UNk<|Yn}z5U@ya7`<77ycrke5JYBlqz(GcXyzS&8VPII?xzN&Up
zwviH$Di;4C$~1dg6Iw+a;b8T9%M?4K$V8j8tXsIGVA%+Zd_sv`GuM&c+)w!}1?=;r
z7J6@K&|6XO58)eJl2lV)DnbF-1QGs@7^!FxT4Fi0vW209^Xj{HVV~%s{B=z%i{!rV
z;-7Ina?w`8-r=7fiO_X1#C{QAtTpo=j4*OO2Iz?dFB;$SbYOfkr>kR{ag}|(Y92Y1
z9P-bj7wG*k4p(Zr1_TiZY8t|k5eT7B(d--h|!++D(0>L^8crAmd5`l{YdjTiqs&5_>{5*zd(hJ`D
zEJ>hJmmI)Akjdn6pD7(~6Ju=ddZruFWRU2GwaUR6n$7R=Vi`T@{+|<_KS4U#&XTSD
zhJ2-B^7@an8=0h7S)Rt8ehPU2CjX8Wf|Vaj=1|&A@L8rCjeHXM6V^ZBeuZ4;p`sDQCv!2
zu+Gu84vx6W(%wZ241AzOQ(AE3#Uo@qvImlM(R!6!FKj8tSalpu(0V2dLBSU
z1~;~6YGU+bnoHvN(lZixSvQ_+mP5v^UlUuiy(D{U{s1iTvONH`UT>~C2^-1nZ11O^
zU5)+z^mK4^3Uj^QVPiRzZUWhDg#ObFYc^ofJ7wC+uygWy-I4CLDMcXR!=r9%5^zWhl8p`b!FkUaUTy
z*fA?v0dxn5W^iCfeqVDZi8cLTV8ruCl_v+zKlE4f)2|vfQ(U5Wk{4dTRylsOOC5KA
z9L@YB1sqz=DTtuxoxNn#v}(=?Q(eAJiTs`7?5Tm-!!O4B;R?V
zZHjt=;s~Bk0P9098Z)@T&xgIGFK-?NyUFFzJ!<0{Tbm@SY+qq3-2*9RW=hM`#&2|J
zvsh$8Un}rpxgNaX31Z-RF*QcaU+X|u3Qt>_=3SY78$KpB^^8wQWRU19RY{7tySL~M
z^YPCa)~^TTb$EKSRL0PpL*LC8AEPDHPos(Aw{p6$%AHMP$A%|&E6wTD4K|IUy?G=f
z9NVFL0s|s4?eesdR&6f)6y!>-XBPT`GHx0+qawY^so8MHwGp{SMAk)P(2|}gIr%a>
z3%OXEMQ(YkeC=?FGT{_6{U81}Ag5P3T_;YNnxvYtG+I9nkxK!GAKHiMRJIOJKb@Jt??GkisXVVE?F!*Oog^(2DS7O;12b!&st?>zCY#Pn_xFqsbC>
zrh#>IFmMlBr}m1oOXzez-K0UDG%(f7Dv}5j<@(0qcO2fQFv7`MY((RJWA@CM^M=3K
z>G&NKzk#gMWWA#Gd@h2A;YmQgWeWhkw8tZr8AiN&oREh--9qpHWa|&-;3D#h&wud>
z5LPL2ax8De0KoI^JiU)Fvt{4HSMcF2;Dn4sBO~af1Si60rSdxI`gH1#
z%eaQVNm4R6SwajGEvrP_c6XlkbT;bFsKj^7i%~DXmk)Rib3TRd$L{xFQwqb0Cc$n8
zY4qoR?Ui97-XKl>jxaCrNrIK(j4*TIa>@18pH{T0k8{tq-sKm|^eQI{lA88niI*!OqJo8t?BMQ^o_ZF|^+w8lv!8babyX;Ps8Pbg~QP
zC9!T@y88p*F6mxyY40YR$)Ssj%#YtLILOT)(?YkevIowL+#h&hPjS%Rxm)`E7;Dm+=g5dSpsi
z>GO742!Cct;{AZ?cuzaj3lyh%3+B%(ewu(k0B43JAeOGX<<1V5$$WLVpFXuTA)jUH
z=P`5Uj*X%|R^q(T4|gvMR;m*cgN#f$d<}N0c$cu@STEg~j4<9I1znHd^Ao)PD0bO_
z=#YA^PPXW{QCpmoL&6C;9cP;r!hSQk@V2(tnCo6sc6{W`8VTi#rr_7D+J%J@k_73(
zueD2^Ho|)^NI9zNK1xxi^v-45-T!!r3N6766yDwISW45Qmnqig@U}lCwa<`%exx0n
z8AHpsNZr)qdSoPEy9Z#hVlj3+F0$n@EcTMs%10bt)FcP%uyME)Hc@Mqu0Q*THs73sHOAy@V!eM(h(G0J|%gpgLce`~r9Il-*8rT8UR
z(toemh~1g)MheXnxVHKSM!tR;@d!K;#!RZ&_$DdxBvG6Gre)^R3V~e{-TbIeYO{WC
zTyPJ3fOI5^_>EM|c3(QqdB(qEcJa5jvSc%#F5r=z+1O+&sTc-svg2H>#4L4x~yF+?mb3IBhEvT1%+b40N~z
zIrw9j7bF|Lg;cS1BZ`e=hNfK)jOt%mFBnW61EHxS;^2>e0djTr;%5I|t$bAw4?Qkx
zWOzD#V1l%~0ehs^Czozx8&MOU~k5*?ZAE7y#fCbX0U82@Dqh7zq+#z=yYDjAca
zzeU~nZpDFMbUvPdT>Y{~;s<4%>C429xJBHtSAE50e*byt;03QcbPU7n76~WJbhsFN
zVYFV;i9TGA<3NV@ZM5fC4qd-Hh&nJir{nzl>(s$$O8ZcP8Qp(h($aGJPAnp22CX>!$b6&
z@LSHP-|zUqj7=u}IdsCSqq&2V?hM|bu6fTrT!=1j$DZgCo8ehOA%j<{xNcjI-9wOM>BDkLuXGNe#x>H_6gc3?FqEOtZW`;4G;aA2_
zh&!ko)TL_1@nG0a-O&sMtol)l%6(2osAlRZ=+;)_!Me3K7j!K&?EyHNxd8Q-O;S5-
z^c2gVbud}`+%C&;C9RGVeQ2cv>wK5LYT#cZgG%+hdGhu7A$fLUt*404h^>iG(S{${
z{`Epy=?o5Y<*Km^>ymSXx|t)$9bmKoJMwYB4V77gsuUN#cT+i2jdq)~4f&`e(ia}@CfeC(Z32(6(}&%{k>2d!QW;j9$v!0KV+SGL1)Q|eol
zzUrl}kfqNCp*0vetiPUUrz8(%HjigS!38rSgKs!9%xBhF8B
zaADX3K$Dl$&Y<|m>B}d@LfIu5XzZeTCw*+y6RWmtJD(m&Zfq{T?c70iVIm%H0kM^9
zlV3EiiluyT%e}9!_ry)R6
z^sU|TXUFHsek~O}ReU8g8hGOQC1b5>KD~Wd(WV{El<8i!V$BnQBU_!Dr-Yz;wgwKF
zE=5Mn)1pMKao@3?Kj_l`9<7HcxMQlW#o9Gx7Xp5c5`79_m%t(FSYq0_G`?Z<%m
z|8Z9L5GNK!sndznLE_P`I)Eno5>Km6v%$SYeSZt$
z!GIe*)ZmWi6)@wO<*OfdXvNP>9cX@ZhN1muHt5M!C;
za+FHh!lNhG1wLK=&d2{Upy4}QK8xsy5F^|lG7H@><&8~A^W5;DVXmY~dHLS_HJrI7
zWqKWrzw$isx%1XRPi0%w0!-@=88i~j`SeS!nf53URJn^a5B3s|pXAve!lxvj`+-&m
z)Y6y+%tY(9_`!cwCVZC{x%LsW;SIN5k>9{K`knp(j!O;B#q&gc&5CxefV)_w2tv
zDFuQ@X#~gH)Qwjy9=<$4{#(}LwqsWZmW48^eAZAs;TsV!j$1K^e
ze}6s>g_3SxvlkI}_g`NNT`tPNupSAaKH=TIdt5F!Dn4azPLVaTN5iMg?hI%y*)tD(
zWC%(Y88GB6ent1>n4=F@qWin8a2DT~d8%ZI3xk{T*{O$SvkrDnK#C^175?)9(2C_p
zR8FY?+3Ql;s1=Ref(>*WEaNpv^
zUSF2H6%VX5x#K213|asEF2Ltn)A2*JWpm2|&_z-Xy1Z74*wBq0y)#$q{_}46`I=(S
zuV;h5H|6@$j{}PJC8&BAf)t^R`Yz0|rm?mh#U}z!*Tej*LZUj}{39Swb5&4t@=jWR
zc7E*pXU7sW&ytqy_!zM#a(8HHv4@vxL+Sb-bXRGCQkn9J5e`2CGlZutoJN#*bCNq*X+GVnJTr|PLE+PN?
z^)Bx&=S@)BvSmIxaz*UcFfekcf*EtPbv@gFy+Are9HM{A$3_kpvfW;tYWD9NZ(jUv
zdMAa8yVR~oZns-tm)FgM0q;$wqr-ehtnFu2L9#KQwC2qa2MjskJ)s@)<9JQNo84b$
zzwwYdjYT^Xs$WS(8;g`3OZVWJeokJgXaSVZ+v9jQZU
z(Ec%zWRAaVZ?lf<>)nW!5I%OsB(t{c^6x<&FH_iL{JzE_tJS3gW6ip0nR@!=ict|r
z?M7NYsw3^zX_EY))*#PYAG`+FWH0yH|FzR1`3Ps+OA&|VbAJDLYM^&&BP6=BxK7o^
z=&+(O@Cu==heL0AHtj741-~eAd&~q2pyTNR**NIFjq_^ESz^k>(o+GVG3jYcyllZM
zNm)Zf*B7Fbgxk-Q@Di=LjaW-Ao3fpCLt1~^k0+Ote&N|YGpDvQ*z@kjKOsKpiuMBo
zG_}q13HpW{My`Q&O+r`&oB@NP*jTYIXap!eHoH6k7&w*nI1l!B;W-sngDcuez88Vh
zqT#t>{&gf2OoT6aMZb-yFAAuV;vG3ySsk%?sv{->`{bjLT1RM4pqMj3bWdewY<19Q
zRf)|%o&K4ImcW=aZ1_u8h3{#`wE82wSg6Zr4~IskwoNMnv1(@Koos+kp3sPL>B-S^
zH6l?e?mT;5x$8K5+1m}flDVfh4Q74&+MZtY}#%d)5#Zg~+_i}MABI{GP
zvkh+J50IZ>r^5F>7;#R$H$pS_ncC#J3x{*GB%jwwmuWMzIm>09ggD&CV%Eb_15-ly
z%;*xW6bb!d5{Y_@s*%JKafUmO1whwVJ0o1(s*55`CQDQH|7dIXzN&lxlyg
z6N&O_V&2>c2Dr=mY+H|3)UW=%zA;qpeu=F(??@287l~_#NR9=3JMY>RhmzH+W@*Fm
z|8U;uhSv=D4ZVBO&$Alrg@lX~ZCkD#I#GZLXd?pF5+}}JsYimH4s^i!0rk#NLPir^
z5vzv=W()qAUtmkID$@1FyLec1aNx^|XzVBE`BGLH{qH7`np#`=&kP6sC|}I84uYEx
zww>I38V^PEt7{#sAffes!2u$C&X8s&m0B82Iz#WB;iDIZmpcZDk}`;blXfp9z=5>i
zgrz+**Ma%J5
z?q(b1I@5Mr32#cyv&18Ia$75!@S7b*M@RAkCi^+dGj+b6)pdGGl(NuBRdCbMa69fc
ziX8qU?=#{KEv}l{bsJx+joi>NE$&OcgBp(Sro20j_vWiLkIaKJ#VfbFEn3hJcM8Eo
zQ;a+1S(1WX*r2oFk5{0oPZqn>?R_1akk_
zW6Zs{V|rAV=Vn)0tI-z13>O&tZdwSph(zOJtBy@>KAF3`d!jUy_Rpu#%OuynPjfXM
z3BojrESvciQ5z3{!uEv*HjHIr(@q%M^4l!|SZt-M#yy|j{CQYd{O@T=zP#J#SqwfD
zvcaS@1G2`nkwU*FiHUlMMylnEb=>}}*HNp&zbjz%X73W+kgJ7$MIla&uFsmyy`5W?
zQXPjLpV^O88YDWZ>90I$l@+niP%=ypx2+#`9T$Fo9+I2KTtVtjo4fHT>imaXVl9C@
z73+%;8tPR`GJ8CV`whW{+A`{7<(du)bNW!Yc0n~AXpMn&3?`+5ljkMk3Qsn3^zF+S
z?mSpM(FvQa^~LY>y|?ZgQ$K`=DK~fBQ$@B%>Tjg|{&@qRHbk-7Q2Pl*Ll8|+N4K{}
zswUF!hSNws3(Om44#zU=j+t=b0!DKbZMxB^+RSH_5tXRVW26nu
zP&U?6mVAqfY>NaA1jcTn(d_FYQ#tiuSg!23G$gLY#3HtRFV~OHYJlk7^-O22h~ucJ
zPRGubc$p!`dYtR|fW!(zc_GS=kmOet9=$>HuY=|vnrS?!OqT678MUD>&IXG_Khw~g
z^8a#0_EF7DDg=aY>^NUpXUY^Njg7C~FNalC7JcxflEBQRKEeiWAXKh=7JoK`>x*9=
zs)zufmo!luHCuEnbb-4Fm*-;K=)QG;!`|cD$Lj7t;Y4WLlvDinNSl^0e9lM|1hR}4
z?#kfoj-`G805z$xBw<;T^Hr!bX+bl(%0ecis~>D{I#fWioJd-MJO0fk6Vz;1`L!X1
z`Jy_JqFR3SSr~JS&H_84W~}TOmY)ElU3?Qya$uqvj~n~L@Ouh}J8Yo=^}Lns&f{1V>c%RRjy%I1MoxgmY1<2K70GxeyL%Ni1CqdE
z;_^-_X;p$~LP4bP8rf1uj|o?CSwH4b1uQXKRLxS6&pvEy9gBd$Dk^emhC?O0F$5F-
zZX9L_h5?ZhX7K?T1jHN3)f3!QXC?WXuQi`8ekG7@r$g
z=Ul`P%i2Vy{WB4rQ&^~E&1+V94baBaiH-qYzvVjom~}$DIKP1)sXVg=J8|)FLvv9#
zK1)m3(LhVPeddZSv@mtPb081KWE1w+
zT^7Yt=fBZekDTB5MBiZQoUfe^jGNg`(O5>S#~Mad=l@{2w;)u1HXhd;1FQ8m5MUK_
zn7zbcwzXD?w>%gkB*$9d<^})#6g%r$4^KU{D6};onXrhWI%i&gpDM9Uw09lVOR)Sq
zPcHGX$|sq}=Lln!;c?4>!LGUv&q@nH#Zx)wWd4LtqaP!41*kqtHLC0T(w-BJ8dv{)
zBaUG>rE_#B7%W_q`tm71hh74$!=OLXmTt^7%PrAw6Xk}Ps9-!H_TUP-c}n7BQ^7eA8v@OMgj%86_z7AZXK
z6`9RJ4bY%SKl?|p(^>-jwJRDI7?b~AJ8E00E&av6*JpCKmvETbP@?PmuAQZ?qw>J{
z9&J5UDRMThT4il}pSO^f&@>hm$4KN7DnP<+C~jwYKlyC)S^BAs_rU`YGktINR9lFE
zjwou%Yv|bRnvNK%7LqV)lnFO2@Fm)x1yJ
z*QT)@8{?GG7tq9GHp)Ee~PBd&a+Qv$)9$LDT5y-9CF`aPDGgHU%0y}TyF!MRU
z>o`y)&Sjt^1RDZx(pyE-KAkm5yuvQ`x({JH#oH_7?@wgiMSiT#4pQQBHx|*kTtR-U
znRo$$nMmRL1x~|OiDd6jvtNS&S#QHk+Qi3ME?MfI@aX}L2VLm$R*Q1evmp{4j
z->ysy><#Y>efH#}Cyn+*yEwtJ;M`bB%D?W85ivh~dbwM2gI^k{&CKFvbR{NSn@l*C
zoS(SqU?KjBvjobI0d0vAd7U$LO6BP*p5-?XzLtNIJazrh4we&tz13_B+-zk99u9(
z6L92OUJ)Zlt*32+z0>qFK|KKjOODL9)PsKq2JL3DU#GGNCzr%u?eNu9AvvvZWo{rX
z>T~<>qgBHy9Pal@PBk#zZR!4{~RIo;C;zQ}A5$LF!O@>g4U=4+6P`7801n7=
zrQqxVS!D0`ijYU1*leGN<+QZmr%xV$F%mlpW74ZvfzGGO3hJBoda>=0+4uBq>Rk98
z7ftL43bhW052Y400Y07G7eXuBhQhh`mjk02R2xFOvSxUWf>p}bW??Wmf=#KGJ%(MM
zIq@66f?8(zRsC&LLHYgc>(j9MuBWR*?gh)gKN{{;ns7O@TVMs%8**h5!0{jJzIlUj
z_b}GW)oc775?G(ZNBPXo>>EIC9a;h)ydI<93$eEjf2LU%8Ez>(5H>Mq8Dn`X=^OBj
z6@WS!2HX?njZMU-9WY{Ul2Vf(BH$c5iElgugkay0?{g*hhMI^NbG~rD(cyF)d(zWt
z0&Z8Hsd>n#ekD9r{LT}D!-rgT%auPidG9y!03dT+Jf1aS$s9jg5)8|%AZd}ESH
z8>>;_`LlyDk3+cBx_DuoR@1_E$oBF=>8BUHIHLfu<4rHf7PL&JqtmO)_EtT6Ja}eTY
zriALhHeC$_aDl|$g{by6Ww*$TFY6_zDv6RFyg-bDFy>%6k0f#Mvr{pIlHl~;2d+d0
zLCViek8S(s+GHiLNkhvvSSMW%|S%PV;2AyPVFOC&j3Gv
zVUZSbQMsPaYWi5MVR6ZH-ar$7LdhA+1G_vQ40=-;SulnMLCXjujC!t%FiRrpR1n|Q
zO8jWGm^N$*_w*NRM_AMh_E^8xF>{G#suVy@f(YwB_Mr`y)zj0hX)(zLK0g1X%_S^a
zZlnA${npG?Mb$uTaBo$3JtzucOs1wom%yc!A*6XeCLF+{|5AUVR_QhO{u)<=%bUFy
z!pKBE4U^1Tg)+e7{f5)^d`8gZCqCxF&>ad|4v`xIDFVQcLKeA5d$O6=t&t-Xg>&?g
zU%b>o73sur%-N!}2NN^8y1YdE%e3_q)2SB#=G8gxh3vO+A{djYv&$JWu1${Yz9zdXl?a0H%!`
zSBAnNP?4vaCUE+!{C^sman^X7tMB=_BV6ynac)XjW7IeNXP2*0AyZpXP!jkkm
zxj!YYkckDD-!Ikh0~+=E0|Hg9^(Ir}$dus)l-F30P6Dk~N)q0%D^l{}UjRuPAYQU#
zk$Ak}Qcy>e+WvmDclBzc=D$ICondSunRdx9Gt
zR~ijzC7JQ^Vni;PQgo{QdH{L?cA0iQr^Y~)e>OxVpR_2ZCjE+xIkw^XA4qyOZsnLJ
z`Ma{pkN*_A_L%l6)%kze0t*p`ipNP8w{=)&KdmvvHBpoQ34ZOmzxq8&kZpxGdbDq=
z^|7>@t3I5W>b
z#GR<;Bdd0~b4^y;yLt1HgmO<_^^MMHvF2KLUWT8d=waEZm52sFMt~wcy`tN8$
z-AWlxkXWNu_Rz_O34$-hm-evZ#w=6(*@V)#@`Qi@?jk8NHJGul^O_3!jm?kf=ILRz
zno%x05@K;m-5K8=z~0YIg|D3-u1UZanxZqDKG2dVBH$4paXOkiEW!YxAWINmCI~st
zU(DLRUJ$$NWilPU3Hzl%DR8(x0LpBge*l=uv{-)}T>cGQN1>4CKR}wY)GGjikMJfc
z(9`ACn{?e&;^a6v#1WZnZTlp*E~^U*tFu5A$5i1NpSLDO(DQARD~u1y65bJ>m#Kei
zl!{M`XZiFPkIxxPG++l|vTgY0%T_T&&$drul}#D`*@{VTI72PP*&gnZs)8PX=ZWY?
z%hw6}NALcQ|5xaQDx>mba9~i5g}HMePc~~|9VDInALfR!rc_^C@Fg=3dC@OWU4aZc
z){VqU5t>}aNK?ybldI-()wwQ7qMoN&JJn657o@BwV4MSSbtU{3B?VklM=X)yNr_qVaSg3F-!DHfilT=FEj8^J=ykIhAQ(oeWTLRdQ
zbIe5)PqY#Po5oUAie{4oefiMKuhe5~1>SE%Gsp#no%9Sr`M`UGEFQV_JBx*n5OS%~
z7z2V-U+0)>Qvk-3%dRe@0%+uyXGWU&6VmROQkaI3*0R`>Ki{_U2d7kMQxi2Sl=>
zZL`p{`n9>#K-vHfFq1r#)snl$}ezrx12>pBO~8
zB~$-=R{2a^NRa1m*|g|ON*FgOU)hDdj>W=)Xr!JT=C(9lEvmF_5I5|EGH-3k;4Pq+~pb8|@5R
zbX|BRvp|}xzy&Y2U9G0(7;T3-qe=VOHOB6pXoo&4vyGGriHQGa3`2wS3CBcl2G5l
zgpkc<@VMDs)nq({l7Fdwt}_eP$xoid=I!!n$}tQI`Uiu{JTKCDE6UR<^@9P3SO|`V
zNML+c(GwH*E|$7#=rj7Owclz&Qn=x8JOdkhE(nnl~b)>JhL`)H7$hxQ^0dfgrU
z%|!rv0%nN?FRMsBq%!P^^%u#}c63Z3-qNRq
zWcqIbZ_k*II=$t7V@6?t3{wp~6NE_XD`r`b8?&8|YC%0~mru_qMJfycvNpka$~7^@
z_oleB&g0}IyQAqdCDF94*z3+69rVktWG~du-LImsn5j+n<}3|+{K?mBE(@3A#h?Dh
zB)uAU8f|jMuQu_?NhBZ_rv{ZTo2??FJp+7yfX+-gUC`8PNOD9US-8Y^E0k4F_({JO
zT3J?7XpC}mfr23=!jHNd`|!ZnJ1p?8@ouJLUyfrRc_@nLl9%%zeB9sv^ts;Of&{~i
zB-E)xGz11ufc(R}{04MC$;|8(w46ri_hc1-Qt?d5&}PUrGnXyBRfujS;d1%hr!W$k
zlWDD@sk$bxg-SdMG14iDwR^MZ3G?`jvw9aU&E4TqUybFFsnpFUM)BnSna6P7;Lz*N
zyDy)`=qp!Tm@IGO*4IEWzhsuQ%JF?}cQcipY$yK-B$SHMe8a{ewA9Od{E-s^ic4J&
zK+VjlkFwVLvd4J2oB1sDY<}p8JVHDiWB=evmujtED(vD;Hk6VuKH3RelLu)B_h^YE
z8K?z|4dMrGZ*TXrYE^F96JUuf1gt^mYO}T^ekr*mG`X%>yn;0k@!R7URgEtmdr@%m
zU5)C$P*}f^f6e{L6kSx}>qY!N7e+^lGqY5~pLp{+(07g7O^0iZvKnwNQ-&@Msfzk!
z>SdsjZqb@+d@@H-m-Hq@n9%#2T8~p)O5sdq
z1p0kTD_{Rt^JgvAeeoA(m@mudYZu7jZQ<1+_seN)wr_^KPZ%5KFXnx@=~HBXOR+(g
zoN71#_;t94jv89al9uO`j}kZ6NBqX*W0ja?ZZ
zOzI8)UCYj4X{am?sU>hQz>@c3HRXREJSFUZF4PvyY3pNkc^2_Pk^uXcT~9GZP@qVO
z8K*aBk>O3j%2CuRZglO<>D!`+_gCg3PLDUmSb%F;80HBs+iL1?X$8fGrFQ?KvOUU9tt|N
z1r|f;8raQ9*Nwns@a#w9SHx5f=oq#RbJuuIU-u`N6U1gBjNeCi;ckx;wWuq40Ce
zR!X$VFa7*753s91q^a)z0k=R%zm6vYfTJm9Apwr22?xVKVtdqGB$gjtj{fB1N~?EO
zDi735DvHu`0fuTobZ$^oNDR|yy|s!p2Lm#OQb?COO`uFkHqb@QLx&}{+s#sE`Km>N
z^kIJ)9V(Bk9ot}*3UQccZTs1XiRd&j6Khs>%MxA5*tZXe#W`ezN8P&M05+B+pMf7b
zaEzV!XSdA+hD`qeFxiIGCv-&a(g$s6pIM=x^F|0rIT(>1mRRPHnAjm5{
z1+FBHm24z-!7LMk*KGln9}1>=p2U<4o?)c4f@jTc-wMo5y!+KMUP-IN7+IIuj
zw}l`Jhpjf?nJEVVYG!)&kS)@rOgC@Q46XvL?Y8qjooLKCC5nPeC=xeF4e~XaE*mt(
z5bWEgEWb(VGZaom-*?S0D6O`D1nt-2Ye_QtcLQ
zYKYV^$ugOMyWo&NcWLcZSPe-H$wLB`wxj_X(qiEciml2qo4`{hd}_4;9!WJ)ApHW}
zO!O3pI0X2q%0vd%2(d9!aM9C_mtNSTyR
z+5kG39V$uvvB@#Krn^)OY9{tgH2ub$Sb9fy#GuxxJDRtpI`Dk}*r4(UI+lKq?SyFYHi!ht|
zvI)qHmO#L4Z)ifx6%x-6#@Z=QJ`%4)w_PX0|np{9x2T7ZNll
z51M4rf^5(L0x_(_+f7Nc%l_4CrXT=Vs7C~Wgy2R-{Y9SX7jZ-BaqwbqT$A{rZ;j=#zQfdSWP
zia~RwzUujM!0hB$8cw--JT&)VYc6*u{)P@Lygd&*sS#jdEEqE5h~)d#%}~mv#aE_%UsHLABWF&L`c-H;^*?8J
z-KjkpJKccuXaP31nohLqQ<@ZlRTzLaul=|6!h?W!>W0%)(!3L!~SqrIX
zi;xuRHkdO6^%U(-P<}pC^F)Isjzcn%NC(Mdpi$K8dQfmkJ(%FbG|HU07ZUDfP{&pv
z{Q%EN&>zO4?ZE)#hxk6-r;2fls>ayA_Q3NU&9(-!=06zLt`d*!&u8syb4Y`lL5R%2
z$VeMTvPpts<^`&C5i1l#op%d}AB__LknQ#1;(+O$p@Aa$10C=DDvLNtNc5#hJ7V!A
zezVnWsqazgp~J)O-Z=5iI;J*yhTB-rU#m;U;3|V^ND4frWC7IPb*9YC
zhTC?elQe+f2T|q?ui*gnCZ$
zbOZF>NF*NJD&-gD%^+D(AP>sd)|o7ll8VhGZU}?kEqG8>rBq@@dpbm*!zmC%d1ib%MI%s*3K#0$bpp%dK*i4F9mzJ^GXW>}b|&A(DM_(8
z?et6}8zjk1WGc4J^VY)MQQMqJ;tXNIr
zfHNYaY*3|Tc9)hU?N}mv&+YBfrY;zo?!%uAx29`?y{o!gQ+Vkkt!bn^RJvHe19V2~
zn6#etFae#h?CngHwv--Kw&CSHM8PvZIvY*{J-%pnOot?6m|Y8XKZHdx3G}@;qL`%4
zp~+kASXGl6!P0uvnE@vm4YtWJD6L5Z9-2mx_||}_Ax7YV^;HH-9WQ%UdW2sgwh6PQ
z6$;<-)KBR%OhgceC{Q3W=^Iu_h@b$@IUw;+#X(R>V#IXo{3;0ngS)B@s#q%%^>rNp
zs&WB*Qb9sCfW!bGoo0gq7y^J)F7o?DfKwBxKj72{GHwZ$Wmw6BA52RVXg@l3&vH^x
zk%?WfNsuDrUcG8ANy93LSqK2n*2Bx;WBe;p0Inx*B`%N+H?oT_fusR?;Ds#&f==i^
zPmS&4txTH}UK~>jik;+>eH0BoCaA=_p2UHoEoC51pnMLrQv@XN2GR8sAb8ZxfMJSZ
zJc}!~W(EHMja9(ml8LHAb4Nf9v3UGx2Px1g+F6S=fFe5>xv0|R&JLTPu_2r3o5|N(
zT7x27;D8kns<$%nGHQqbSMFqmc_~5)4Z=$wDDdt{sEGzO%`=Kyy!N;nu(Mw1PY%MQb(5rahUmx2keBq>l?*1^AVHUsBGNU0g1?n@duXJ(zI%hKIVO}G+C
zIAolNODRzS29^PCds4VSU=bcE`eBJAy{M4PO;zk(Qb!MNR?`*
zCg9dPL9sp+HyjS=EldOM;qB0J|jaz)YI3S8s1$I%_UlXaV
zFxzjUoK!Szx0x;+ePdrWwdoK)3eHT_sH^ACj|Lsef~IE;W!$mS#@`dxu0}x6INQ%+
zkO2WnExCM+GOcquc!(m91d`*@cJ4c4LC_hPc|-y%&EC=F{{V$OMBz?HkotFKKH}H
z&lF-6I)aUiG&6>Y^J}StsJ&d`2r+t>;*d3UII+euyV;elyQDA#X*$%~gG7fU9r%xr
z#W@QT1YAl$+7}OEA0I(4sAWdrk
z(F#r~T>-l}>IB3|Ad5suI#kL7Gv%45Xvr{DE2~Ty(1RezIvaGVjKRZhDoAA+6C2+u
z4XZL*H2ov3MB^D&LV@wy4Ewt%5-?WENHE1oi;oV#$g7lJ0^4z-kWk=xS|qCty7ltS
zr=g-_1GxP@DTENM=28nRg*t$A(t-r4F%E}iAc;~g9G2XmLA9q|ooNGuXPCo-_GiPf
z1p-bcSlq%xsl4?f3F_EB(rT11QEU`wAlG=
zH7-kYub&O5*t0<2xT`R|(kx&bf(-sN2X-fx)$ikyD4f3Qk14Q^hNh{@@Y`*usD+gw
z8MhdaOl~*5fErqqX+mGmY!G*$kQHGhZt4xiqTQ&J91&XWL;{gONE=4LcWW29n2z*}
zD}^!h%b(9A-3RGA{*N}|@uc`#B7=d|_SN5PHYnt#8Bk*cEHO&F^JMV
zO~$+*hW=O-@h^h5UoySrZ2~R~cl>QyN;L;}EcX3WgOd4oEs?pI%CKSTJTQYkW7@wF
z>p$~P{m0FHjjynBSgV<6rL?9JPK4CF^c2ENUpDY1tfIAxDJxD`k_h;GD|QMLxzZ!X
zs3cP!Q9XN7LWao^(x^oaxc>3(4!F+71q8_P={4Qb*#y;La%;nTueoK+7;f8@0RWTL
zZ+{B-1;aAsa$QQ1;v{@4xEENJ
z6wsXrMA|51E#4}Z%Zne^k*&ng0OfHrTG2f8zfDtKh!w+g9=CYXk6@uX0Q|mBbL63Js086FY(2BpZv(
zC}}aFdgF>^-l*MjK-?4`BwU&Cih8llvfE;lAfPMe+DVN@;d?}U3{o)!RlN4xo7E5%
z7@bHUoj(F8un{R{f*dNMLbj&T1dshaXd*xW7#+DHn3PP*+(d<+4NOq~0J$6y=G*{2
zP&anhy(+s56H>qc7+r*rJDnz`L93s|Fq(~usK;}eJ$^UWy;Me!0jVh()g*qgE#`$0
zFfHDu6VE!+IwnFLT$WP>4aheH5J6o&bWSoPjJ)!1iUA79&`bri3e~dQr6N~#zN2H*
zz^NoZ6e&dsk8_>uZdmr|Z9fW_M@(GQrc0V81MC~%fe|(_)?jv^0@d4l?c9nz6AYjh
zHY_ha6m`CWm>^ewm%$B^Fu)BYOw4rv{At>w?Y6-ZQf?T%frS_GjXG;ma4*XpzNj1)
zMloPM6`?9Z$LXk44g`Z?6CVo8KmY>UZdUlRc}X~n2^KH~iME&0s^KOtUy4!1B^e+g
zklRZZFky-Kojw$zB+PMV?c1>hu}F=jn6V`5tO22jsUe)bcEf67m@cv)w&VMv)vQKm
zH79aP;fT~)cAZ5i$=Na)N0pE(DFQ?+b~e(oq=ON*+cJ0*-M2EftJdNpzl~I+U=1=Xi6iBp>H?tU(K7%I+L8nb
z`0Gs56eOX;mTPni{AmYwC@je;`b-BxcHEl|l`$F*hhk*9N_OQW&BvBO?K)D4X};TS
ziVg{}69l!z`<}L{k;=am1PLs40c-^6t^8>Rep@;f9jXJFkSs{=)-|gv2Bd{(rT`(x
zB!~(QqHIm-C=R38p9DD}j+>SYYpoJ2c!UJmc7eC*{{VKk`PC7mQyu97=_)aJEDUw=
z*Gibgy-wS0y^}=aY?UwvmH_WfwBgAtP|{5|nRsp#miPEIXiM3PM
zi;V#jviH3`07P&@l1j&w_kwptf!|Xt9Zb@T)XD)TzYG3kI9?
z{xue)YU-pC60XAR$G7P~p*fUfna2vO=2%`jYx1UGz!Qo>qtU|4DXRXWbRbMQ^5x7@)B8*3TcB0(T&{A<*az&jnkRmuWPo}nu1
z09{&U=2t>Hccmz6q=wZVTj^B6Y!C|q>m_GhA%2)i}Q^=2)Jms2N{=&kGpzpr=@CdqLs2Kp{9pc%*^1(uify+wL&~965GzC(A_=e)
z9sdA@Q1pfrW3yrM7$u5U8?tSC9VFf@A!kq5@S>HIOUKJ+#9jVqNh4cE{#QC`@w2owquY1Q>u@
za2Af6W}+~1SdK{;8QeI04oGqW*Yrwdi<(@1XOJMGERfPaF3*Ge*@A!6wAL4*M}{!R7RvQF%k$f
zr^4Mvv|?Osw*LT{5P`-Z2^+$IO~{z>GHFCeL=4+*C?qt5devp*AcO?EtqxOb^BlIXhDn4k;^!3VxEqa8qOWeCbADfs^H$2wpGyyYBw)
z?f(F0=3i`9{;QPZ2JAqyt}{D`5!+hv{p$XhMlvEXoS4@t)3%S@RoBtMx9c1743+U4@&vv+^AAb281ncMnzej
zD`-X361nflSvyEGrF4ia$yj}GOi1|FniRUN(xa#~ESg(4*q9wfH)JnA?;K3~GP0>6
z50G`QQ>D2V3!3Cg`Tqd8V|L~zsD~INuc$-~AWy<;>Fh`d7OL~6D!Crz!u4{TNMk5r
zwtC61zm0cTyQDe6V>rDRACZN9Fe7eUWQ>Y>b*}hIyb8dDs}-`9c=0poXw;gSNs|FY
zUJX)9tL=CS9K5z+w~DC5Xl_AWYm2Cxv`6lBt+Afv`b+-+*|Uh4KH2AT0+88rD?|c8
zC<6fM)Ja%vQar?)5#!dBWkA(I
z3CP?`$he(uENQrOCYA(13Uu#P3JwVsEwum}f&eVGh!*@WQ6`NYlNC!~DjAPZ(rj!x
zQqtkiKhY186fxVieyH69?G`@?)_~=hV~uI`{Wm64VD4fHsEKQ6I#oy+7QiGJDwPLl
zl21>KQ;Y^FGLY&_DJ>#P3&{BCQYH=+O_L+}WlRW*8^m`s$n>&Vs8l2pcCgim5pmbA
zg=ZL=yB)iDDkV2APS8H6+9do;+SKGppwDg8Kx7BH0zoe(R^mEe@Sslz&vxy*_ijy!
zLBU1r+%J{mngX-lR+ss9-SSe_xtylC<5movcYQt$?>$(hkIwi(sVBsE8qpNiuX_
z0T-!1a2UUmc{*tY0WwIw)__FlEmazT`*29&g(QzL0FiJlB+`i_S7L$`E-~sLf&8_Z
z@zB&p*wjDL6&X|bnm0_V4k*rlfk_ts*_0YHgg3}$f(y{!&kO8jScW+mqvaWAKpl-iCPtaR>ZzL)!-2XD>;V@SsuRbtCPvY_aj_slZibCD
zbUFgA(guf001R0VRVv%Ds~HUdXiRsL)}k_agP(gQLlm+3+sq&=6b8q?_!OWu8s&$c
z!8uV;1;|N*1Tzg!!l{gla7zlNs-^br&qPCO{b$4x$O_K%jsm5t4uiW&~M}l$ib%m;@5}l*+OLuW*r>-=b#
zKq(;%fGLCY+oX1>iEzV`WHCTHWJSOsXH!fT$r!0qv;~hlv6_HbHe{x1u1SUe0B95b
z1!;{pDOi}nP{zvLJb%i$)C&nry7&DKOV;4v)PBpnU@Xip{diJUvh8qT>uE%2g)o#Kb_>7^?+t<7b+Et9mD94Ey0`XZ_4yW
zPh7UxS2PgG<8bN-d5@|sc+i6+d?~_0LBZSM%M=jG7ZTkVhLqco00A>HOn1NMQ5!=7
zU(;Nj^Yigc%QZ;y>?E+=3Sz?75<5n}DyYtE`(wLRhh&98c@mP}|i62O21yphl$(L}((Y
zN74YpyDkmgM(jh>q_~u;L5mbtQ*b*75Fp#-QZ0fDat)B-xv=aGgCuS&dGkZ5WhGg6
zMn_vHZ3qxbn4ij~Q6v!lsSW;Hb|w#Up^ZQ*17Y2{NSQ2T{{R}H0L_(rb}2d)m|4h@
zVR}uZ#m|iqBz@acnd7xkM&y9I0}AasNHW`JTaKHwqy{4bdrNln!k{Kn#)lXx6z%9H
zbz>$?=c)XuTaJnWPW;aL@jeKVbPQx<3`usscLCjZh4cSlzLx^+Xax
zDct~#b?h~)rznA}dG`HzJ1PL0DqYQYPzWbr)&R8p>Z0bd8Pje*7D(_+?OAeQMaeb*
zRTdQ~a8TR5QqsT;q6j1#>LB=;pN(ZF)b-1IcylkiBv`m?c&&H$!764Okk3W+o(UT(L#@TYXTxb}(8z>sd
zp2CUDKp9A|56fVH9Iy+^d$0F9?LTefHdf?hL!!Bz7o6pN)%SSe#_+6Rq%hgKnH55~KU%OFIMf>a{{XG&ZdtfvFxzCkyEh{^xLaI~
zW;`G>m=gxEg`+GLnKJpW-ap(gd-neTa>c{{RZ~ZGT?0C7UcI*U6U`KlcaS9#wKS-r$k`wdh0H
zEew_itdhP5_b1%&auDYSE&zPU3=%4Ddkwin>7h;?Y=Nr!XWRb(adAD@0%gUKcCh~d
zw>KB+4aIzqThPkPn1$+Dye1cS6a#o7*RL{5pe={NhbV^|tz%hCj$#Thvb;MXUKaY)iC3CI50>)Fg$rB^>6@}wP
za6@pIx2ud2n}o=MCQRR@0`5f`S3q%BC|1QgGqQ}U^%1d6%pQ|mrr{Xng40W{*8c$7
zFSj#$C)!xoI)vnM+t$dU+LA})YY%3DF`d(d$kYDV;onoqUshO%{{W6W%JzyGRaOZs
z43;89-v0pUUbqGz3f2C5HQrKJ!pt}(ITKY$+>UkfJ_i4TOPFn
zLQXd-W>qA~3#U`ot=-58DV1D>-UE?yHrfd?O+$e#M<0Ms5Wxfuj$F!~jSv<;N(iAR
z4m+6{hE!QYDzig3(mIn=WE=u&QUNWpM1XGwdQxXYq}c&b$OcKUA_%oit^yo-lM&xU
zpVXM#cMF0(ksynSy(wznUknaAZcH+w0T4|80K1^8H5F2l7iJ6)fpEG36Rk`MCEJ$X
zNst8{1S*LH4WNz9KRKJlyVD>5`?EV?+f+NCk+vXhyn+ap29Y7Sd{CKY76AFDQY|0A
z)fpYw?cKK|%20(QLrV#RFbBrsW}+pIb=#Bel4h!y#2b%*n@I4hk!qw8##8`IOuz%7
zH~uv?$YkV^KnBn}vH%Kpfz;_p!KstwL_TOjuon^tNxMjkXtq7#h!KQF8&hwR4;0I7
z1d=4oFLYg)OL9t=Je{
zP3_-XQqvb|oVMG=4pU}TKA74B4WcIV+S*ex1Jh0)q5yiNjlUxR2s#o5f(#it(u}o8
zjlQTMf}?W^2`lmyM}|oRMn=eX!mfmV6f}&ez#@#LR66aMNxK^v)Bq}CH3rLUlO>gI
z9-JW?ygPQEg;t@an55OJT4EM}ApA`%BA#h55OOumjqUz5q(E&&18`FhAON6%L~9d!
z-l3%7n`);;dxkt^o)l_pOLP~#1#f{~9+SORvLG5FM$(g+wQnq=4wcU(ku)|oyjDB3o$8k;j4
zn23svG%B8`VY>~*+(-b;5)Te&6etq7fHF<5<1`9DIx|(YLdE*r>orGEy6hZ2-qp)_=;RJF+;WP3~od
z@BWk%-h?U)Z9h{R6QBcHQHX)wQzg&~$x#Ak{kqT$u%alSZA?2syNQ^akA*;J!MCPd
zlw6`CT#^9q^NLu+1GhA0>VPf_G2OI?`FtwC)Ew1{PRc<#wBJtw@ihSN*eX)QY(*9g
zbvlUeQ6e;eGfZMrW&zcwYzQvhZSlQSi%1+elz^fNZ+(CjQFbR&6c}nOC_K;$2S^ud
zC<>!r(vz7`FbU8pWydRyOWt5~_{YYgQHzMLef
z{CMrNps9dakzA5^aCL3ZlTi{k}tbLaHy2
z5cr#GSfgwr$6Zf<%A@Z4qFCf~{Pu45h6l|h#>lw|JB^5f!gi?EB>F{GBKstm)xS~vDh0CdoBsgx?$69}qb6i9+0_{&BMrf~7BOhjHP-c^
za&(;EDmL#P)+%_QA}|cf3o`8_tVlf|-{nX^5ad*i+jk(65)OS*o3|U1phOOxdUg2H
z6ZJE{!))<27zEmmk1F4DC}xYvy#D~rFf9U#3b_t;#|^_O(51N%M042#V
z2huO&pw!fm#rE4^nB0Ui3BINQv_-!I6GRKwZQoQB63R&|2qZu@i7~ArNUQGK<;Ok7
zD7%6TsSGrphDM{WT0ZJwU$5)jj1Vy(Qm_akX%Ie}!rP#l1-O9QHtt9=DXD+l0I<-_
z`t%h+^GLFci0$Q4R56xqY$C$;p9;=#CV;c!^2U$D%}^l)m@*NFlJ;{d3XdD!=cNWj
z5JYju3T^X4aZIse8Yv}A%9CwZ{CLo0<+7;V-M10MW>u^b2!dk&04|lLDpLAOGdGu5
zFaQJmb)|!nY2=e^kfW>#R(0NC~bg2I^0R1O^%#o&f6c;dNk*f$$9YVYg)RLQ$mm!#{EGgM8sYv
z4C%5G^NP~dYLc=;m)I-w(UURDfT
z5p}=9iNqFv*M{4W2~B3;&5enR_38Lij@x)3q#2k3yLOxI25mNtH6P&81e%6zyvKJG
zGbNi2EZELGsvjF!l;}aV#VfXBayn!lCnVz|65|!~KfQmq{?*0g@%`h7TocU3Ghlx*
zfK;$5%r|{tT4V69iuccMx6;^@tycTXT)RbY8zl)Jp8Ymo=?lpD%SzMJ|k>!6GD0
zzX+!i#Uj3E_kZ^DHa;IK+<1JP{GV{2RIz6*uxhDxZ4B#QU+tdu4C8KbjA4dd<#~Na
zMnEzIlC=H%?Yu+SeWRQ1e3jzn3Ku^-VPbb=UHf?a>(A%83vtvk
zj;+-6y#sFD$wk{EL`;iu`L9FvKd>*ed%ra>^RegSz92H-QbVKe@)iURo1(n0ck544
zY9zqMK;w}a{1;D4Yeb70EdKy@`}YfkMjXG-&yfEBD~XJa>>^7!1Z+Xxv-aMOcPc0b
zGCvLFKBDN2JQtkj=PSZ)Pa$yQOpq{O$BP?%SBGqhT4KFhFnQ^Vmc){L8FNh0%HVOZ
z@V&>DoP4|vHeXeU2m;|CPy3MLz3bDtIogSkoP&1w7hLfIMTiT3KiGcJ!WkX-Svh=c
zXU*xee^HDcy9bvdj^Yo6b3@*4++ZXlBfsrExQ`{F=_4GRc&(l<*xzUKv2Wl$?ZQG9
z++(;|AC8rk&v)wWmY7u@mejCXhKAQ99%W$?b2t!#%6-9j4`=eeBu`WDn0;0k%
zOA8A2VQgE7j70#aV&gJ0E^}9@zsuoTb5e#TE#curiE1DrKu||XI+@n=0K>I1Qh-4O
zN{jr(=`drt4v{BmTY}b7HNVEBlFhv}JMo9w%r&x-H2@d`^QqStVn)Man-*3i2_vqR
zpnOV{n61|GuzLQrG9wMigoT#>08kQ4bokN~98j5!hI?GoEXWw7CwjRMNPweXok+wU
z7$=h?E_RQgFjX@qMzcs%u)*8rgauJ5z!d~-yq=LW<4i;f96QkEFjh!o=ZV>1Vq$0n
zI}=^VDhc(HjC>
zi3Bjk1pop;K2_AOS@DVhbGRYWV$Hj5tD{;cSnE?FOSarTX^LW$F@QvF02k_i2s0Fz
zoO91+`VyO_3zFf4C>AC!b4(c$Tu~+zNbfmA{Yn&+07Mw^F-X3r#5Fek6QeR2_G>M;
z*a6|B>G;tp>EpK8pa(*sOm7-7o0Fl|4@x5w7@j;&Y6)@^R8kFrNGl{s@z=dL#2!rB
zb4Zl2?j({%<^sTI0X{TA-N~ujZGs9X%wl2$u<-CSo~fkC1x>+4GY~Z(k?}D~P-fsZ
z?I;CnCLD(-c0xfi2S7Sk9BoTjBxbcT49>Q$qRJIyopmRzzm0cRI0hSSRhB6**pYYc
z3|yY}sgTke6bh7pa#m$mQVA0Pb?Zn1NXREeWZg{9QmPJ>WZ-<1g%VCu#s(z@NWJum
z&B>Gg(5o&fX5LXuLYQ5Xb1|W%b;ujHA}s2djo_Ii`9L}tI@+#8Y6T&JkatY})3gPX
zeGkf{7wn}SHdMkx01fO0fLf|S!3hF_SJFU9B-l4yH8c`5hbYXWbjw7~YglwML%nw7
zP{<4j-7$@3-3k8yN&$NQ(1!0x+-(Ntevl`n=}uI1z)YwL2SfFBwLLUsodOxugJ}FH
z3`j-+W6JChvdO;D&Z<1c+nij-7ytfb~PbmH{GQ
zh=54|_a-!-&XFmyKr&-0KkmD2-O}|S7{rgjp_mZ!1QDliRufyR?4_>1{gM%px
ze3;1ckQm2#?N9|}9I;LCDHG)?)}N$FCI-DJ6GlCs9FqfbU;;eeUrsiWtaPRriqlRB
zd{PWTdXhnIr^fIntsy3kt?9K{Hr(zMF#sfu=kK50s+Uwm}$H`nx~S5GCmAp;m5qYdR`nIHk$dvvcs#6dr}*KZ7$K0K9f
zR4RsVWhU}qnD3zLRj5RP-M3;)^-YhMEyUk&(!^WmR83oKywDVRQ`OkJZ@HNLGDXeE
z(^LL+og=A(X8Ci(VTt*ti#mRxA%Q-g$=-E=cr&EvYPGmE(%9{WWSwhs8Ioj
znC@sU~G+8#QD2Y`vNFGvW^BUH=K@_0w$H(HO>X8R?
zU4d%`)C(Oy){zxB*KMEZnt^~8^$fGJsL;;n#@^qsML@JTMWh>y!a=tC6~&w
zNr^pAQ(;@sRYoc??+6t{g*#;Ve50rUAK_WSz+f<@>TSvLqbe-xAOKhh>-gTZ01OnY
zNEkYxQWX>c-55pewh?dPSw+NzT7Y-=P-Wu5QNh+gpfO=G+T4+D!=-8>#rLUoiMNK`
zDq|o78|_jcMaP)#{QA}scXuCf>>d@bi&l!mcqbUJZx>^9K6G20*ZEc6R2-
z0XIc`b<#l~_tamdRG=k_K(c#=(AR?<4Bx_yL7gT{iMQ!(DUj$zG$~~eHx@9`B1c<&
zJt`#-)qHltEs9{E335%s#?VHF@qaRi~am_vn`GSBv#?no`
zCc>RS-h>hX1hfqz(IkkV(yoAwtF$N(q96-t@S{j($qt=TN>7>!v;c1qW-LLOsXnX@
z+mpdiGEar6f|B$90D3PazS!hu$B%YSImeqS5GT{d;N>6!*BJK^dhvbo#IJNx4eDp^
z?LK%e&W>UifysD!{DFN^C_;?5mm(E1CqfJn@FJ=*Vv!EKkKcaX$}ECdb2
zYqVHb4El-Pkc-e@wh$2xzI*Om%skF|dc{JFxfgR7046nYd-jU@j-JuC0^5g~3(lN`
zjaMVxa^yKMr>Gd0^)f8V#CdDGrifx&C56Jd+|O#w>u+2v7^v9743qG^tFG5l8J%Y<
zW!KQY)b_BR$&Wq`Mo{B-^4i06f3(1{n6H-i9-;3LKxOFk_WceD()X{oxi5$R04MFZ
z!OrphcMS+t^#Su_#?uPZt?%*IqowO&597FL`(?v%;pNFi+ajGIBOcgA3id}z2Y>iRG)|sNs>0np5#Mny{01zadH4;Bs`Pl-y!z;y+98Nzs
zh!&}oNX0N#W*Hbm2pu~A0F^*sn()8eF~Gsa^?5uo%W)xbzD7)DM_*54fA?3>`zEv1*lUj6UY{C1nte(#d@IxdQurQE)lIKIj4{BolX4n7SGBC5&nYWWYzdhD^3
zk2UIPghoMnAMLNPeZR%`K7TudgB~pWtVl~P2M8>uDpVe>5?a4;zCQy&1
z@#9_$2Ws*?$^tP4B81g_1~te4+(ZGSj*@HboA&`#0THascvQ@hRKP-wsd8Pw@RRxqKxrT3Sq7(aN@LE#CLvEs
zK($I|a+8-EFqam-us(Grg6okq~H+H6Z|Ciz`LRTgmG-qJXk8QlNwN
z8TyEeTmjeN(xM@=(!zJl3)r}%Si4-g%jRF
z?kdtq^6F-urVhmoR00$d#^96M!{b0K2`I%P+nNgjy1)%-8EQ2+p_vR<8U+?rupK&h
zbfQE;EHDTTN*$F(-CAWwS@5MY1v5YoR0u}a?E$e$12Xm8q&A&lPI6h}?z=D$OC;<{d
zB!DgRq!@q`F6b;2$zL&B7#8mVvY#_OGyQe*bAqGn5hD;YfXw2va2JZ1_1=A
z)4X-5ltBhOcKW6bK|`~y*HIJoO^g_w1W__WNOtn>Km!E%5O$kIiq4)L>EEj!cCW3^XOc8y~5dV@A4gM&ui-f6WJZ5y?`ZJYgnA7R_;KIjrm1Yjkb{vS$gm`CvDU|=>(Z8p&axHp@ZG;B;+v6zrBWHT!i~~N
z1d}jkOng7YRYVspO7X5Arg?5;iA{#)0!Z3J9YpKYML7o}g>&1_l0u4sCs7*fRticG
zWD3QvH&h=`o53ZBtl_8vPj-BDuy`R*KPznxNdL;8Vdc8YgE>u)gnw7d#()C0a-5snpM
zS3qPde=M#;E~C%3X8ocM%ua6ME+l;IJ*FL^72Ti
z^wo;BpKCXobh-HHrAOlhjSWx7pDmd;Ws!*hkRNHR5sK4N=GwfowSP#>;8F4}n%
zDv%qKZP$aSu(qUr6>$e0`)tV-3A1U)#A;ZR18Do_xNJo2Vq7#jE{UjPlB{nfSdhh(F$bi1Z(wR;7IMcIufuX=s{jB15Cwo0
zpa4)QD;PLha&A&UpHWPCL6LBDwPXwrsmC$7{He)VaYd1K?Ey@IX_?a6*0E-yf|1xd
znO`vgl5agKOAgBI^6pNllJH0xXa&g;;}B+!fC_>`oPyDC7;3&bk9@Nb4MZ@yQY+)z=
z0MMx<$L=GjHRweC8zuhxo)E?V0O~#iiop8jH%HItw0`pUA4`wuse(b1+SSwTb~Q=L
zES+~aoA3MnBVzBpsv=_6-la&)gjg|(Dk-Y=s!^&$Y-+`5P!(#|-m~_ewW=tJ4wTkt
zjcVWDe2(Am|L1v*-|L(lNSUUk&O>n&i!Y{CIJAOY}xu(Ap
zAs|$c@>o4~!VK%P@xYPc=2;p7O1=+n18u2#7wH5ncLL
zeAVX3FOJjnri-FWQGUB_Evt=36?+u9fq&nV%^u!)DH-iQGN;4}O4`{gFZ*uFQPX!U
z7^Ky5<8}J+0G|BQL#LpVL!VySt6rxkPZI?`vz=bZDAd$oLpaX9Ju;hE)BT;xasDga
z&-Td^k!9O7FjsP6I`CzM>JuV#6HSMuPjT8juFL^@lfn!|`qF*dI(V0uuUTn;jYR5=
zFb0h01#P-cszk0B^l%?_0n_;AnO#n0a=OM&JaRoHgZ0`Nvn
zxxY8Is@ywfy+F$IE)f7s1`RSy`vtEJQB$7vGd=;wDB^4wrgSMv+`h7o(O^m2*uX+V
z91D~~FdyHfGA*=&?Ym&2gq|9t$Qg*O=X|!J6`d|YF8`7SkcaW?zuKuk$b9DTsqlz~er(S)bHw
zI~hw^mANskC?Q~?(&{FM~S|Qe%7vU-$z`)-7ZlYoAZ&FMF{>{x`l
zDDt>UxI&%v5jucDvqIfw)?pxA2JI?4`nAPu4EI4d8LJ}8qLxrx_AGIWc>?heYjS|7
z2N{ec0`2_~?6OuCox6oR9U1J*fGVdd?JP5P%8B5yIe_B<${W7_K}WKn
z*kM2fI}N?5See0+D!mOWZN8$Tk)FkErD7W}WxL~>j=y1MBQ>e(>E$;sY}(Oq0#L7P
zpp3D<@mcF%9+!bcGAGWpVuXe-igp2zS!O%(<&y5~$Qv~lFNVoPG0=I4IAs;KkO@*f
zo?f+LN{vSxqPe@<=0rloM$DR+*Id#mGr5#Fr;tkCRWG9+-iu}va??WWJH4^^iA?Xa
z;WsAkv6m=s5hP&2lGf}@>n@2YkOc$~>EU1ZZo!ZBRx|s$(XP<+O^qsqhk7pf#<|G%
zH(6kzK;)%epOp#BI8HL1k)O36D;iud>M)R*Zu7oh={9{F<-2((vxloa7mDJkxuqDZ
zG@PXOg)y{Pc1Wmrg?8k710#YtUe$;yp*~4f*GBoE#vy%-CD#&x=`aD}PK!kd^~c+E
zWP&b|D@-%_S1(;M&7Hjf{{bXnPp1
zUL0CN2BG9DcQfWy>?q)b=VIbt@^2%$y`p-92qA4LLdss7>}wn*HqOGa9})x@3tHY}
zsM&u(bH9_1#R+DQ6n1Hw#wswt=ppKVSc7ZbmFI?Azp3ra^Sx_Vf0K*#u-tg&^3NMEvn*`peHC5soc-h_TZ@Czwg
za>`ub$g)-qIlu0FxANCBXIu`?O>Qw43^(u{h}n9p{s*xFf_5U0whxix*1AEtJ4j&@
zf@M!DwqyZ&&v9c#C#~Fnenbtc=k6V|izBnW*OgyDU(-cX_Hn!Yuqyp_!P4;c7`Y}a
z!M#h8OzTi@%=i75?oMzYJSDs{0pmfVFJ}C&YTvO5OXRHq{{NfQ|8FZZ~&BnuNzZ0
zfHhlehsH%KHKjgHYN-wGKt0PIy|xEet`zDa%<0804P%q)aP#J|WmG!#o`*|;u3s5{
zFC+E1I5+&5Jvs
zUwBwa!LsdmR~zbjWy;g#YTE1Y)-M^b4JLoJ=^clUhp=b8CNs9hiKOho{D15l)%XH-
zPMO-dbOKRRmMKnH(CjVX(PS2hmUeS{~9QMnRa&
zWMIKndI+DmFHU_?n`Z}T;oeD~zkkOYpIW;@rxLrllY`4k1m_>(=|?gj&;R{1FZZ~0
z^A0nu$*k~Q3qBWa-t~;1q?UjoT6%Eo@bgTOERa3ciUjoE5~va#VJJ&T2XJ3r9Q`nw>$gVX>GG%vBTX*$f@plPd>L$l`yK~G2v3ph~
z_DJ$@bob#6@6@~Um{XOke)Fv1G&K9oAx}ra0LbvTZhRJ!qyLgAU&b0b1MZ>ieo}wj
zzH<}GeeBF!B}wtvP(Of_k%lj#^+3Iuapr>_(g)H=$ZdJFn?xTqr
zq5brwGdW2fzw86e)m>>X170jYfIe=>ApW?Htu79K(AXbzco80`x(vfB)fIHfAG{Ux
zaoQ;^6iciPMP*~81iWcx&ZP}Hq%Kz8UzzZLFL4dG1DGfy#r^}7k95}cbUAGvX;w!5
zPVIMCdZ~eyp9FMKH`s$}mXa-toWpngY`NZl`eX^txW)HHk{YynA~9qu>Y(-G72VVF
z)`#1*7KtT}R)yTlJ)3Sl7d|u!wVG9G+mm1Ied{j?e@9uR&2$>8Y{owRJJ5S}fA&dK
ztC5VnhT!7csaNZSzb&l-rtgM@V@xw5ZgTvjyi~b$_tqM-Tb;u1_X0PyFI!)jz!*5MUjb;U`en#H$fcj>;}BZxcr58&0)I~Sotk<}L<85OB)!6|T3
z`mF62A-@1s`%;K(=Za(JPvU}?L8v2~wgRvRjUq=sDt)#E6nv3zgr#vZLU2MB0mxx$
z24M_p;{+Tow)j0?u$iv1fI=KIMpIaQuc%73L{^uD|16Iuy=W4?dS`)7&9UaqZT#Y}
z8ETBr!VD5-#cL)!M8wiYM=UZ=#k6RDmy%}>N_zRSJReLZ`Dp*3`erjdas!t!0+2<3
z7~YGTER-T+>Dc=%H*J7@8DWjjEYY$SuM7`)+vbCC(hPqr9V)ygDtxW==Kyk?g|u^V
z0C5g8D+e{~+Vcy0OYTJFuYvt8;v$ajtQ3j7zY|r8h1XjTJBZKItF`e1H`a;rx+@V`
zG_tkog&iQ#7}XJuk@*JC;Dt$(F*Tca9pTE~bw7M7ZPYc*a-e#0h<2UEW5D_O*@A!bUO|>?T|YJRuCZW{=2R#(%}K%+ansX^g^gwCS(q5ROw@_YlaR
z)AH;k(i%P5CsGpfZE)7{5
zLSfle#Ne|ni`lP8{x*rbd)Xf|O2_5dh*6xB&2zIt4z!NoOosPP01)33o?`gEnOK>l
zn6NHQmMed^rc(aIlVHtFnWQQT7zLBa*K@`tj6$bw7j!thiv88XyxMqW20H)@0!i#2
zR;3Umqfe-F8n9wPnb6~rDOvlugSZg
zN4VvMe||HUJg}l5!m>I2+JBubNZWAVAmwe4QxVkLZ0yZvt4x8B6fiRdAW(yrS+byf
z;yuXms|omF6e1gVpmo$U9lv8sFA#|R*&T{z#KxS@sE(X&Vs-h`=Ky#k1({@
z(oXII;&r8=Zai7xnD;gofbJ(8Wz-`;duszFIHP|baZXv&D#F^e9Z;6lmx=UR0aQ4@
ziFqf$sgav8NkZcVk4!T8WTNW5VPmnF@whtNL-1}X2NLNt#g4=1rLNg+84HO@Mj%{`
zCw4}3Y^Zy_e!Z!PN*GQ8Kr6wWF%R~3qT35)vVu887rC#TUs-OwqBs_BIvR`S!DrecWK0aXDdhGaWUI?X{mN$z620CByr-f7j0_6I(8
zH_NjEDo=~~9TW1nH5YXFTq?b+kS8CiU_i~3gg8l8qKr9TkgBhB6GUgnKqpyfZFG28
zp9a54WDkF`ong$8Lqf$ItcFt=`XzF|So2*PrwLqSaX-NVaz#FlEB5&ySxXddU{ltD
zad2iCO*Z9uA|luP!`pEF3z0<~BZ+LbKUm?+(lRX_69*#osgREzFo}Rj_Fx$L=2{D%
zrv(^{klid(aD!l&&VAIzs{2@zpS@e-+F8x@3t?B3kJSNZwhPE-$oA!*&nH^SUOxBG
zETlsDTh2fa-No*FllBe8(kvJT6d2u*l9W^O#It
zGe#2}K8yK{TRNAKRJA%fk((ixVlIS#f^i=FMmMd1Vlv9O_4_)u0-$wo(~igkWdTPQ
zwbWdh>BMR0h-gQH);E4CB@4u&QebPoc@LDW)ROyIB{2se3pok^aj1HxHSv2;+75ik
zyUhc5S>By+?t>x8BtK{=D_x9s#qE>8ETkxj(7Kwv$YX=QMFE%7ZO^}&^lslu9SfBz
z$6dZy50$H*?Amj`xQ5l$eS;UD)N$-`sf)$7Q!en{?ZjNvs@(T|5N@C9bgN@1C&fR&9mS^Ma^yN1Lc{PrEXUJu?D8jQ(y|#9S!~7Q88Znav
zwhH_NyV0BS593{*+WZFGRV5_)Ta4~j#}9iEEzQ^gRba7tKybBD_5&As1|yMN2qZ?z
ztG$2BF_41SbJ^2o;(1Bz^zPS{5YF61cYdYXF2A6xq^*G4#+lNnl#FL`rN6+_qmC(I
zeysoiZS7-Go4+ZJGVL#?xIAui|JhR}Z_U1M%hEa+VEsn)esARYuiw4i_F}I^)z_^?
zpd!FZK6q-Aa-CN3H&W8+sA7!Vy^XG7sh2q~)*LpE9NzbFpZq-0dLzVR-s`5N9=_eF
z_UHEx1iHDf8i7=r7TevqiGTkqTIPiUdRB&
zV2e2tAMwNg`sy0t*@P&>h*}^?4viEB
z6jCZKw}rg{KIHo0FIvBMVRnxlO0GP1QnGHhl@e45$Qcujt_n~lQ)8A1eUnQ+PG;FX
z3Ra^?4|mND(%f|+Xg=ZBZypgF7Y_w9U4d^e_Z4duI`ieh-+mU
zSW<6g<^`KiGZW%*o?I~vGY^WA6L_j-0d-Q)rgLkfhl4#ZFs&L&Th}p{1b|`%IJHeA
zh=pWs_s6pzJ=8-}e)Y+X>JlD;Y92)v2#qtT&_bBo5iEyRHoPXJ#
z+l7q>#%kY{$ugg{p{-&K2IK$tT8*sSaKtVdKwi*xi@s6T3Nu3{3qE7vN?Z=CaRJCk
zb=}EIniF@8b7IHOsk}PY2(vUq8PPvRfv#Um4GdJrHON1;vakk5vo{)fs!B9gMFtut
z9=90rP_py+8hC2A->3xZoD8gg4
zyjvD(TT4hKlGJB6D=MLblON_1yiDe(Cn765kPOL>s6MJ|T4CQs1u@oQ9-b&6dZ8w>-Vn0*m+T6Qkj}(VwEk?hdwi4
zaGI0+l&GGnO01M9)ux+7C1xI1$bn=xH!5z-eLzCTWl3}A)8)WxvF!H|m334nY*J_Jn`DfWkPU-dC&|!C0{2oE&@$4wE%cp!Ez*!-n%@&H3Uxm
zRZbDV(wCu{}(tTC}?CbO(H;z(Gl?45wZTYIWr
zLyUaBes~eF%bZu0La{}&*f)=?dJaQm^{I5vnk@Dqg_`R@$a^@0P)@}J(221X+K?@1
z3SSeH&!PdLe5J%3G1!FBbkDwL5&VrW-lo^_w7f*U#q2Y)>!Z)cc%vzXTAJ=Nmido+
zR*GXHGAwl|@~p^kqU1d|5Wuf?U8M)0$t&lgYN^Vr6t_jQ=kvsg*c1e&rRX{+Y6hv_
z^%7gU?^X(h5r-#Pk!mD(CyOC7%i-GIIH=QwoK>;?=bj}@J8&NT`;<&lvR4bMT#+rY
zgpx>}eQKq2AFB7Yvh9Yfwlp&~o@g5|I(dFy?y
za`NopMZ50XADMv2lnAXK%LxZQOuw|A-CYVqKb6~Uzj>U0Q&Z^0!l2#hl?|JObaGsB
zUqJh{iH~t@zs?F3gkk!bM#sd8U-urFaOK2r3O&&U+97RkE})wA^40rk-RfGIHva(U
z^CL|y9;oi!*AZLFG&b5&vTr*MkLyMMguNeh7=GVC(ZPI+%1#m$lte5gDQ9M9S+N>wp9C)^}cXQ
zALZNKsy#6Qh5
z{OJy~$!Peo7Un?&^0WZfcJ4+6;PZV}Ur!0PU`0q=GPUO`PI(QLJ)_4pz-(C_$fJ@)
zC$_$#EZOLaXwgAK7gduv;k5}uT4`_ejxEssV|f2)uv+xb~M1QOqW)lyJSgmDnhmgZ01G%
zfTptVV?69-pD>_oF1eFei^F|7DIed`xJ%~-y|3itu*2~PrrhPxS=0r>$V(WrAuBB2
zT`X0#uN0u=e_-Y0IlKJ(h*MwZhw^}ZfD+Vd#$f9eD!P4OowJ*KnC8$Lp*+nij^$|d!K5E#6|E~d{Wl5JZl$()pB+Umov!0k;2}rouTPe#?&ND7P1og0nIT|3R}gYE<9{VUU6L=T81jLlFj<$5Z3xYghtZq
z4rm!I9Z){HRgI}xcA#1S$q^csx0_!&SoR|n%|^Ky>IKyLA+A*BH+@=OKG)d`OWl0s
z9zSgh(ynCtx2^d17MhXFREfDme}o>$te>ei>KN-X@F02a@Wd+C3U5oU8zuDUNe#`D
zUYrf54wn>gIalSv4u=$@F9A;3@^e{Y6Y79bd|khqvVdr-_Xft;#JOxCQTdk61iqJ2*$D4-I2}ed!^om;~)p
zodi)ZmQ;OWY8X2uVYt_Sv`qCSji)31~A!%Q9MVA8cNIF2rX6;`;eHYJdU?LlHp1lNnsJrZ~J_zlm6y`
zRO5IGC|y0cYW{Ntgf&dllbMH4XqRC(r3j&H!OQ2#k-#c1Pe};&TMOba$KFlBjX$B)
z#7euE6iT!knW#Q&gO&(@vRgB{tXSbMEs1HdOhmHhlNM*Y&y98oAL)ytS%m-4J=01t3&X-UPms>&{A8B(
zB1o8NWQq%Qh(^Aa#zb;;eWh~3QsSlkv=<=NLDR$EhQKA+J_cgxzSa$_hAOcNtyWlY
zJk1#^lS?c4B_i7M-P2eb`>X@{;Y%^6aqo+Ec=D_xgQv27>~v{mS7PF?@hAn3BhX~;x0NI5Cr(r
z=AV$Z)O;M2r7g}@aIuI-`7^zt2TrJnUw6X;qq}N~sywaz_tN4RMrb_zbKR%~d6!Lc$fp>f%o3u#0%!B7qqofvnD%{5*%ob
zL=8HlaB+P}?wePKt?u}}BiXlTQFG6GHKc+ytiBjUU?wu=^vr%mQPSfI6!AC!-IJ(*
zz>AGcSxg>J2sK`sp_~34_!FSq60ZvsI%`2P#=vq9eMj=G<}xtQmTcV|Iritdn}B?9
zoWc_j3~Yb%{6ByMwfbCCFaaVd<1FjOA%@~v)bCuNAURIWh3;KAe1F@yG
zsWjfAjOtK3+XMWwk_V5P)jE5WQP`S88ALx>8X65f`!huTB07UOk{%>bt
zua_?RT(7Iw>c>;m2Bmt^N%#gMqXXq&IyXdx929=A>+O(57rQ?JfxnpPS@<65v>osm
zdpJJTK4THDK3Sj1=Ob!(Ra^M+hY2K4rwQ9VepXKvcEWvmJ;k$@Ho7@9MDy~&b824u
z;e(IL55)E}5w&vibhOfKYoW)f=Ck>;SyR8<_C4e4q83Upt&JX^pT4E)Dz9!oW0Cr~
z{MP3jW&6H}F8ls*x*FwuCc9I`hWm^StZ-$e;_RCIbaJnHaQ>8yr`-rorM#W(-$|!k
z7^>o%+O=Mw_F#jVYkO|bX!-~C=dVyXum~bdS?#P&n-fCGE&W)&V>;R76gti2uG
zb`H4y9-nS`>0g(@&?0LjF!6Si`0up`D1X$Eo@#dd$@{C1U+0Ifwvd(ngs_$cR)2^&JMl2W{QC`
zVpdkP12V*CY`mf@5X6>vghD8!M=NtJFFdf;TC_Yt-YasB#0p5au;l0-
zw&7hwu#96Rcq)q>E5L0gRvdoZyN_AjF3bK!6(gAR|oOuVAg
zW@zF%rxX1*-ALLZ{yP)8oe#7Hc?npe#XN-h$O4`@K^<$GEA*Mg1Y)_)DjDZT%=n_o
zZio_K2Yj=VaQQ$8t-GQX;*`mSOJ`gKWj+(X!G=aZKrYgd@3kPK>;EdBqS(phBi(W@
zBC?{wK3j?lV#P`dh*Jk&dXOMWo^T7kxp@TbT+JsrUt07VfSVb!m2EC68{qAbv+qv8
zA;#19giKV#olrFIzbeUP4rTN{LM6o;Cz#o~q)Y8w&<231XlN_X+B!QLi$t#S3P(wy
zs=zRUynI`p(|9PvxWDICV;yvxb%>r#;enGcG=G?L#0?+M
zS!}4;&*|XqEykobM*AUTw-DXHJ0fR91l6d|$9mKfpCeQ~y(lpMGT}df9gN5FUH9CU
znW(03#bJT-Fh92E&HSQ}37@R}_dOhtlFJE@bCS90
zz5bgh%T&l45V_F6(^$$3Xx_)bG6S4y1#x(@pVoBVgg8q2>0ULF>143@D1epPvY_ax
zt{8APaK4OQ)qpAPKLAs5nFX!QEoP1czN|qv`1`?9IW8w1UjLm>FT(gU?}~une^>k7
zYwI0JyoN-mUcYHT#Pq-V8Z?v;<;%2;4G;dXk7M;NGR)|NtJC109vl~=rc)I+H?P1D
zrpiu`F56=6Ukdslt%J7N?s2e&EE2=);|&qH+S^Fy_1DZh{MsrgoxgL}8jX^TV_RsO
zdAS9pzD?vr6K`ZF!#}ewEb{jql$I3>ejf7=9}f9>h}x0u0X(`4|-IYmAn%in-$$
zFy6pNb@$Lt_kSOL$V4Noq_V1pjG|kedp*zcaD8_O5A2m|O~NfkDW2Z-S>bb1K1+RP
z=T1MZCtaXOvgsn0N3dqG^i+g#Ex~d_2=x%LstU<2X!>Jr-F~{}(`m)@olFojlg`tG
zzaCM3dr*6Laym??dDQ)z2dd2%1?mHuK3xLf0|kZT+$dN71#*qk%*B+R4~2R^Q~wW8
zDk?Mh>&oX#0gw8s;(_ITsDd{eXr20|h`1q&8A#F-gUB!xW&lbWalU&uMCb3M3p+6`
zu&fg0k`3rp{4^$-syg2p!jwwZ>7p>E5iQ^w6YlEFP^Of!fiJ7`xnMA8Kr8{^&0Md@
zAO8uZOJA>3Mt_!;B8!Frm}btGu{<=K06AYVhcXDnHK#1V4e0f9LoNBAB1y2L9m4Ny
zhBD|wGk*1cTUpDrVXw8XQSlja9lX&HN=a5n`1gMPpGm$$@Z@hy@K%q2S4Y`SB>wU%
z8)cwOriiu?J~(1d?aBKuFCMY>QJl$9Jno1XJ-qDc3pn{K_9^%+m%{Vp{@$OpUH9*g
zt<94kPd~b4E+4e}Z~u>a^4OQRJ~wrx@IO*@O?sH@e*f+ID9o+cU%b=10JN7jU^{%d
zlKWRrg8ncubM@E9kaeJfsb2al#cAzOI>!znyu6tXYwxY);Y~>bUYG%
zlP2_Nr;}3klab5cccHx3p6&*yLJn}dO^0TxlKqoUiEH$Tt8xoXy1U-fhPm?ZCe~PN
z`e_$LO$!abB?J(wZJKUX?U=W(=P*;-*7rKbx{I|~;(An?vrT=&ACve@M@}>(3F+}w
z-a3`ved~WqKS-RW8(J10?~-)Qx%y*~42A!!LLwa+eS%2lp%~O#0gg0B4P{f-$-Sj3
z!^^WQ?F0fqcl}==iHQP5>D^$?$}QO|&A?R#*E?Pqqjvjekk~UT(LmT5o2HV9BQ3O)
z9XJF~>pSwbU><6uLD~LVKDLz8H-uCE2RNF0LW_O8k;h_Zq?9;kf=eJzgsZ3PPH`uj
zdQfY_qlQZ8VnO6!