[HN Gopher] Why to care about privacy after years of sharing data
___________________________________________________________________
Why to care about privacy after years of sharing data
Author : Bright_Machine
Score : 194 points
Date : 2022-04-03 13:40 UTC (9 hours ago)
(HTM) web link (blog.thenewoil.org)
(TXT) w3m dump (blog.thenewoil.org)
| grammers wrote:
| It's definitely worth the hassle to reduce data - even though I
| believe it's impossible to go dark completely.
|
| Whenever possible I try to not use Big Tech. My choice: Firefox,
| Tutanota, DuckDuckGo.
| philjohn wrote:
| The thing is, "big tech" aren't really the really scary data
| collectors, the data brokers are.
|
| They buy details from your supermarket, health insurer etc. And
| yet people here don't often bring them up.
| iamdamian wrote:
| I agree that data brokers are underscrutinized and probably the
| least ethical of the companies who make money from user data.
|
| I didn't realize that they could buy my data from a health
| insurer--where can I read more about this?
| wolverine876 wrote:
| The value of data declines over time, often rapidly. Think about
| what a business would pay for current user data, data one year
| old, data five years old, etc.; who buys five year old data? I
| suppose it depends on the application. Imagine how your life
| changes over time, an accumulation of small and large changes.
| Data on your health, finances, social network, interests,
| politics, activities, etc. was different 1 year ago, 5 years ago,
| etc.
|
| The question seems like a justification for what many want to do,
| which is just close their eyes to the problems and not put the
| energy into resisting the tide toward compliance and giving power
| to government/corporations; it's easier, right now, to give up,
| and despair and powerlessness are normalized - instead of
| quitting being at least a bit shameful, it's cynically embraced,
| flauted as rebellious.
| freebuju wrote:
| You are just wrong. Some of your data such as health data stays
| constant throughout your life. Especially for guys living with
| chronic conditions. Your key identifiers stay the same too. E.g
| your phone number etc. These are then used to re-establish your
| advertising identity. This theory that old data declines in
| value couldn't be more wrong given that the "old" data is never
| deleted. Just waiting to find its original purpose.
| antiframe wrote:
| Yes, but the value of the data _has_ declined. If I am a
| business I would not pay the same amount or more for five-
| year-old data. Some portion of that dataset will be bad data.
| Some of the subjects will have had died, for example.
|
| Decline does not mean zero, but the point is older data is
| less valuable. So, making your data leaking footprint smaller
| today will still provide you value (not infinite value
| though) as time goes on.
| freebuju wrote:
| Sure, the more recent data will always have a higher value
| if you are looking at massive datasets.
|
| But I think if you look at this problem from an individual
| perspective. Key data that is unique to them doesn't change
| most of the time. Say a target person has dental issues and
| you have their phone number. There is a high chance that in
| 5 years from now, they still may require dental services
| and their phone number hasn't changed. They may have moved
| jobs, neighborhoods etc. in between but their need for
| dental service has remained constant and probably will into
| the future.
|
| Let me give you another example. Say you want to run for
| public office, and in your young adult life some of your
| social media pages had questionable posts/media. Is this
| data any less valuable to your competition running for the
| same office?
|
| I may be taking a different approach with this but a lot of
| nuances get lost in the numbers.
|
| My point is once the data is out there on the internet, it
| can be hard to control it and/or assign value to it.
| anothersullivan wrote:
| You can change your phone number though. What if you change
| it so frequently that it's no longer a key identifier? Why
| not have a system where you can receive phone calls without a
| phone number? I believe some of the solution here is to stop
| having globally unique identifiers.
| wolverine876 wrote:
| That cherry-picks examples, phone numbers and chronic
| conditions. We can think of plenty more that change. (Even
| phone numbers change sometimes.)
| freebuju wrote:
| Sure. But what if those two data points are the only things
| I need to tag and target you.
| bdominy wrote:
| Identity theft, scams, robocalls, spam, etc. all get started by
| harvesting people's personal information. It's a commodity
| hackers trade for big bucks. The question is how to protect
| yourself? I use end-to-end encryption wherever possible, so
| WhatsApp for chats and Neucards for contact sharing. It makes
| collecting my data much tougher.
| BlueTemplar wrote:
| I don't see how you can trust WhatsApp when it's closed source
| and owned by Facebook ?
|
| (Who, furthermore, _already_ violated their promise made when
| buying WhatsApp to not use the phone numbers and contact books
| they got from them for their other services.)
| bdominy wrote:
| They care about end-to-end encryption and let me use the app
| after I denied them access to my contacts. Signal is another
| possibility, but I don't like they require my phone number to
| make an account.
| meerita wrote:
| Well, in the beginning I wasn't aware of the entire privacy
| topic. But now I am and I don't want any big corpo to censor me
| just because they already have all my life in a database.
| spansoa wrote:
| I used to have a large online presence pre-Snowden leaks and was
| signed up to hundreds of services, some even in my legal name.
| Gradually I attempted to 'go dark' and delete all those accounts,
| which was tedious, but worth it.
|
| There's two extremes to being online: you can wear your heart on
| your shirt sleeve and post under your legal name, and share
| details about your private life, or you can be a ghost and leave
| no traces, or at least minimize your footprint.
|
| There is this thing: some people are just so famous online, that
| reverting back to some private mode is nearly impossible for
| them. They're so out there and involved with so many services,
| that 'going dark' for them would be very difficult, but there are
| steps you can take to minimize your footprint. It's not too late
| to take those initial steps.
|
| I encourage everyone to attempt to 'go dark' gradually and make
| it very expensive for people to dox you. If you turn it into a
| game, it's even better. I said it was tedious, but honestly I
| kind of like becoming a ghost. I'm so opaque to big tech now,
| that it must really piss them off, including dragnet
| surveillance.
|
| It's not a life for everyone however, and sometimes I have to
| participate in big tech like using my smartphone to do online
| banking, or buying something on Amazon, but 99% of my activities
| online are all more-or-less anonymous and private now, and I'm
| happy with that.
| suifbwish wrote:
| One problem with going dark is a lot of people forgot all the
| accounts they have signed up for.
| cxcorp wrote:
| I feel that using a password manager makes it easier.
| Although, it definitely took some time back when I started
| using one to dig through the services I had registered for
| from my emails.
| ranger_danger wrote:
| My biggest source of "being exposed" has been due to the car I
| drive being unique, which in turn causes people to post
| pictures of it online, where corrupt local cops who are part of
| those forums end up posting my name and address online for
| people to stalk or try to steal the car/rob me/whatever. Do you
| have any tips for combating this besides getting rid of the car
| entirely? Keep in mind the operators of these forums do not
| care who their users dox, and always win any lawsuits/DMCA/etc
| filed against them (similar to kiwifarms).
| fossuser wrote:
| I think there's an accessible middle ground for most people.
|
| My first suggestion would be to get every account in a password
| manager like 1Password. In addition to the obvious security
| benefits, this creates a record of where all your accounts are.
| For the average person it'll take time for them to remember
| everything (and they'll realize ones they forgot) - having a
| place for it all to get documented is the first step.
|
| Once you have that, the next step is to go through every
| account and close the ones you don't need. After that, go into
| the ones you do need and modify the settings to disable as much
| of the tracking as possible.
|
| I'd also suggest people sign up for deleteme:
| https://joindeleteme.com/ since these public data collectors
| can't be stopped without continued effort and I don't think
| there will be laws to stop them anytime soon.
|
| For more technical users, I'd suggest they get their own domain
| and use fastmail with aliased emails for each account - but
| realistically regular people will not do that.
|
| There are also advantages to having a public presence online
| (both professional and personal) - the issue isn't so much that
| you need to be 100% dark, it's that your public presence should
| be under your own control. One of the reasons I'm excited about
| Urbit is because it has the potential to give this control back
| in a way that could actually work.
|
| I think culturally we also need to be more understanding of
| people making mistakes as the grow up and saying stupid things
| as they learn, but that's somewhat of an orthogonal issue so
| I'll leave it there.
| nonrandomstring wrote:
| > I think there's an accessible middle ground for most
| people.
|
| It doesn't even need to be a middle ground. Even the least
| effort is enough.
|
| Think about smoking, drinking and other risky behaviour.
|
| I make a similar plea and argument in Digital Vegan [1] as is
| made in the blog post. Like plenty of other thinkers now
| (Newport, Doctorow, Kingsnorth, Vaidhyanathan, Kardaras,
| Tufekci, Rushkoff, Lanier, Veliz and Oddell) I framed
| surveillance capitalism, social media and smartphone
| addiction as a public health issue. This is now the dominant
| emerging frame.
|
| People who use drugs and alcohol use the same sunk-cost
| fallacy:
|
| "Hey, I've been doing this for years now, what's the point in
| quitting?"
|
| The point is that _ANY_ reduction offers an immediate health
| benefit. You don 't have to become an Olympic athlete to eat
| a little healthier and exercise a tiny bit more.
|
| By the same token, any improvement to your digital lifestyle
| is worth making - whether that's refusing to give personal
| data, not participating in the "cashless" society, buying
| quality, durable digital goods that reduce e-waste, getting a
| dumb phone or quitting social media... they all count.
|
| That's why I think the diet metaphor is very powerful.
|
| [1] https://digitalvegan.net
| ccooffee wrote:
| DeleteMe's privacy policy and terms of service (both at
| https://joindeleteme.com/legal/ ) don't seem very reasonable
| for a company that claims to be in the service of privacy.
| The website asks for all sorts of personal information at
| signup and stores it all for use later, with no real promises
| that they won't do something malicious. (Although the privacy
| policy currently says they won't sell your data right back to
| Google, they also retain the right to change the policy at
| any time for any reason...)
| fossuser wrote:
| Yeah - it's a tradeoff.
|
| They need that information to actually carry out the
| service you're requesting of them (namely going around to
| all these shitty data brokers and going through their
| intentionally arduous processes to request removal).
|
| In order to do that they need to know the info to query
| against and remove.
|
| I can understand why someone wouldn't want to do that, but
| of the available options for this kind of thing I thought
| it was the best one.
| noasaservice wrote:
| HN itself is one such black-hole of data permanentness.
|
| They do not support deletion of your data, modifying of your data
| after 1h, and are what I would describe as a data-tarpit. Nor do
| they support any of the European privacy directives.
|
| Sure, they're in the US, but they should definitely be forward-
| thinking about this stuff - The writing's on the wall.
|
| It's why I create junk accounts and abandon them after a bit.
| Then again, this too is the endemic problem with how silicon
| valley is run.
| dredmorbius wrote:
| _Can I delete my account?_
|
| _We try not to delete entire account histories because that
| would gut the threads the account had participated in. However,
| we care about protecting individual users and take care of
| privacy requests every day, so if we can help, please email
| hn@ycombinator.com. We don 't want anyone to get in trouble
| from anything they posted to HN._
|
| https://news.ycombinator.com/newsfaq.html
|
| See also: https://news.ycombinator.com/item?id=23623799
| Aeolun wrote:
| I think there is a bit of a problem with the initial analogy in
| the proceeding in the wrong direction won't get me where I want
| to go.
|
| For most people, privacy isn't a goal in itself.
| ls65536 wrote:
| Privacy may not be a goal in itself, but it sure would be
| painful to wake up one day and realise one has given it up for
| perhaps more trivial and ephemeral "benefits" along the way,
| especially if this took place relatively slowly over many
| years. Privacy (among other things like personal freedom,
| health, etc.) really seems to be one of those things many
| people take for granted until they realise they have lost it,
| or willingly gave it up, not able to easily get it back, only
| then realising how important it was in hindsight.
| nicbou wrote:
| The best way to get the point across: think about sending
| nudes. Once they're sent, there is no recalling them, even if
| your relationship goes south or they end up in the wrong
| hands.
|
| It's the same for all that data about you out there. If
| anyone who accesses your data goes rogue or leaks it, it's
| hanging over your head forever.
|
| It could be that this data will be judged against changing
| standards, so that your once innocuous behaviour is now
| considered bad. It could be that your data is misinterpreted
| and the judgement used against you.
|
| Once you get bitten, it's too late.
| judge2020 wrote:
| For this to matter there will have to be a turning point
| event that causes masses of people to re-think their privacy.
| The NSA reveal didn't do much because nobody was financially
| or socially affected; maybe if the dataset itself was leaked
| and anyone could search it, we'd see real repercussions and
| changes made to stop any sort of surveillance (think the
| Congresspeople being personally affected by the data leak),
| but that didn't happen. The only thing that comes close is
| the Equifax breach, and no citizen can avoid working with
| them with how everything from home purchases/apartment leases
| to auto loans relies on their databases.
| Clubber wrote:
| I think most people are busy just trying to make ends meet.
| I have a family member who said, "Obama fixed the NSA
| thing." I also read where the Patriot Act expires, so they
| aren't doing it anymore.
| ChuckNorris89 wrote:
| _> I think most people are busy just trying to make ends
| meet._
|
| This, or are plugged in too tightly into the various
| digital dopamine dispensers to care about the flip sides.
| FreeHugs wrote:
| Thought experiment:
|
| What if we just continue like we did in the last two decades?
|
| Would there be any real harm if we simply returned to the pre
| "cookie banner world" of the internet?
| peppermint_tea wrote:
| the internet is more than browsers and http, we have email,
| irc, sftp, torrents and lots of other cool stuff that I would
| hate to see centralized in the hands of a few private companies
| and serve to the masses with browser, mandatory https and
| google tag manager all in order to track people behaviors.
|
| I feel like promoting alternatives is a better idea than
| participating in the creation of a dystopian future for the
| generations to come.
|
| out of question for me to just "let it slide", we have too much
| to loose here
| goodpoint wrote:
| Ever heard of Cambridge Analytica and brexit?
| BiteCode_dev wrote:
| Why do you think there is so much outrage on the internet these
| days ? It's a consequence of 2 decades of optimizing for
| engagement, because they make money not by providing a product
| people pay once and use at their will, but a product that gets
| a minuscule amount of cash any time someone does something with
| it.
|
| And this ad based system only works if you spy a lot on people.
|
| Everything is affected by this: the vaccine opposition in the
| covid crisis, the presidential election... Everything.
| philjohn wrote:
| I'd argue that the outrage began far before the internet, it
| goes back to moral panics of yesteryear, and outrage being
| peddled on talk radio.
| wintermutestwin wrote:
| 1. Some amount of yesterday's data is "yesterday's news"
|
| 2. Any reduction of data theft is progress
|
| 3. As a greybeard, I care more about the next and future
| generation's loss of privacy and impending totalitarian
| enslavement.
|
| In a capitalistic system, people should be able to charge what
| they want for their commodities. My data is worth more than the
| thieves could pay.
| shadowgovt wrote:
| Aren't you handing that data out for free by using their
| servers?
|
| Seems like you aren't happy with the price they charge for
| access.
| wintermutestwin wrote:
| I believe that is a disingenuous argument:
|
| 1. The monopolistic position of many of these service
| providers drastically limits the ability to choose
| alternatives and creates social and economic hardships for
| those who would avoid the use of these services altogether.
| For example, my ISP lobbied my government to allow them to
| steal my data. I have exactly one choice of ISP.
|
| 2. When we look back on the colonizers handing the natives
| trinkets in exchange for land, we consider that egregious
| theft. Most people lack any real understanding of the price
| that they are paying for these services and the intrinsic
| value of their data. They also lack an understanding of how
| this data can and will be used against them now and in the
| future.
|
| 3. And what about the data thieves who build shadow profiles
| on people who have not signed up for their services? (e.g.
| Facecrook)
| shadowgovt wrote:
| Competition is always one click way on the internet. The
| "monopolistic" practices would not be sufficient if people
| actually cared enough to stand up an alternative that
| respected your privacy.
|
| The market does not care enough about its own privacy to
| justify those alternatives. DDG has been available for
| years... It's doing fine, and it's a great alternative to
| Google, but it's not doing the gangbusters that one would
| expect if people weren't mostly satisfied with the privacy
| trade off.
|
| And personally, I think it's extremely elitist for us to
| assume that we can better evaluate the privacy / service
| trade-off than most users can. Comparing the average user
| to a native being taken advantage of by European colonials
| is a view terribly dismissive of people's self-
| determination.
| jdfedgon wrote:
| I like the blog post and the thought experiment. However, I wish
| the author wouldn't have stopped with the reasoning and would
| have stressed his arguments further.
|
| Example where his reasoning in the article is coming short, one
| might answer: Yes, I wanted to go to store a, and yes, after my
| 'highway hypnosis' I went or was brought to store b instead. So
| what? It doesn't really matter if I go shopping in store a or b.
| The important thing is - I am at a store now and can start my
| shopping.
|
| If we evaluate that from an ethical point of view then we would
| have to ask about emancipation and sovereignty in regard to the
| choices we make, and where that fine line is, where it really
| starts to matter, if we go for store a or b.
| falcolas wrote:
| Simply because it sometimes takes governments years to act on
| industry abuses (giving time for market correction, etc) doesn't
| mean the government should not act.
|
| Information based industries are absolutely abusing their access
| to our personal information, and they're refusing to self
| correct. The governments of the world are now stepping in to
| correct that.
|
| To be blunt, the corporations have only themselves to blame.
| narush wrote:
| This is a cool article. I like the narrative of "Change to a life
| where you are in control of your direction."
|
| I am probably the most privacy conscious person of my friends
| (not that I do a particularly good job of it), so I spent lots of
| time thinking about how to communicate about privacy in a way
| that is effective. [We're all mid-twenties, for context.] The
| main issue, I find, is that people just mostly don't care.
|
| That being said, most of my friends do relate (and dislike) the
| loss of agency that comes with giving your brain to an
| algorithmic feed that decides what you eat. The narrative of
| "control your life and decisions" would be an effective piece of
| rhetoric, I think!
|
| The other argument I've found really effective is one that
| convinced me after reading Edward Snowden's memoir Permanent
| Record. A sketch of the point:
|
| Person 1: privacy matters. Person 2: I don't care about privacy,
| because I don't have anything to hide. Person 1: Historically,
| the folks who were hurt because of a lack of privacy weren't us
| (young professionals), but rather the civil rights movement in
| the 1960s and the Vietnam anti-war movement, etc. Privacy is
| about protecting those people who the government/institutions/etc
| already squash down.
|
| It's an argument that comes from Permanent Record, pretty much,
| and I think for me it is the most compelling reason that I care
| about privacy! Not as much for myself (although that's nice), but
| mostly for the people that privacy protects who really need it.
|
| In my experience, it goes over very well, as people can see that
| privacy isn't just about doomsday preppers not wanting anyone to
| know where they bury their gold, but rather about protecting
| those people who need/deserve/would benefit from protection!
|
| P.S. I'd recommend reading Permanent Record. I was only 15 or so
| when all that stuff went down, and really didn't know anything
| about it except "Snowden good or bad idk," but the book is a
| fantastically interesting and well-written story. I think he's
| kinda awesome.
| nocturnial wrote:
| > the folks who were hurt because of a lack of privacy weren't
| us (young professionals), but rather the civil rights movement
| in the 1960s and the Vietnam anti-war movement
|
| In the second world war, the germans went into the municipal
| buildings, raided the census data and eliminated everyone who
| wrote the "wrong" religion in the census data.
|
| I think this is why Europeans care more about privacy than
| Americans. It's not only about why it should matter, but also
| it shouldn't be weaponized.
|
| (Don't take this seriously): Suppose your country was under
| attack and foreign troops invaded. They take you and say:
| "Well, well, it seems you're a javascript programmer according
| to your linkedin profile... We don't like javascript"
|
| That was WWII, privacy is also weaponized today. Rogue regimes
| will use whatever is put online to harass or even assassinate
| people in other countries.
| xenonite wrote:
| And then it will be strange if someone suddenly cares about
| privacy. "There must be some reason."
| rapnie wrote:
| Explaining social cooling might also work with your friends:
|
| https://news.ycombinator.com/item?id=24627363
| dylan604 wrote:
| >Person 2: I don't care about privacy, because I don't have
| anything to hide.
|
| Because of this person's lack of caring, they don't realize
| that it's not just their privacy that they are sacrificing. By
| sharing their contacts, they just gave up all of the privacy of
| those people as well without so much as a hesitation of
| thought. The person who does care about privacy has 0 chance
| because of the careless actions of others.
| bdominy wrote:
| This is why I never give permission to apps to access my
| contacts. I wish Apple would have better protections than
| just a simple permission ask, when once granted, apps can do
| whatever they want with all of that data.
| nicolas_t wrote:
| It's what I hate about whatsapp, I have to use it so I have
| it installed on my phone but I have to jump through so many
| hoops to properly isolate it from my contacts.
|
| Unfortunately, I can't not have it, it's too entrenched
| because most people do not care about privacy.
| ls65536 wrote:
| > Ignoring our own privacy, shouldn't we protect those people
| who the government/institutions/etc already squash down?
|
| And this should resonate even among the individualistic and
| self-interested who might believe they're unaffected, as those
| who aren't "squashed down" right now would be wise to not get
| caught in the thinking that the set of people affected today by
| certain state, corporate and institutional actions is
| immutable. "They would never do it to us" (along with the often
| heard "it could never happen here") is one of the most
| dangerous ways of discounting problems affecting "others" in
| the present. When you see people, either as individuals or as
| groups, being treated a certain way by those with greater
| power, remember that this could just as easily also be you in
| the future.
| BolexNOLA wrote:
| It resonates with that crowd to a point. They don't like it
| when it functions to protect people they don't consider part
| of their tribe. Basically, it only resonates if it protects
| them, and they're happy to sacrifice that if it means "the
| other guy" didn't get anything. It's hard to discuss mutual
| benefit with a group that believes everything is zero-sum.
| ouid wrote:
| If you're being served ads on the internet, just install ublock
| origin.
| slvrspoon wrote:
| Co founder of deleteme here. Ama. Fyi to the thread posters,
| Deleteme removes customer data _by default_ after 6 months. Happy
| to hear views on what we could do better and examples of
| companies operating to high standards as well. Thx!
| thenerdhead wrote:
| I don't think everyone changes as fast as the data can get stale.
| Humans are both creatures of habit and agents of change. For the
| former, this data is still relevant and ads can do their jobs.
| For the latter, the data is stale and ads do not convert. Age may
| be a huge factor here.
|
| I do believe in data privacy. Mostly from the lens of not living
| in a future world where data removes an individual's critical
| thinking ability and engagement of new experiences. This is
| already pretty true in corporate america & reliance on technology
| like map apps instead of getting lost like the article mentions.
|
| For ads, I think we have to accept the reality of the world such
| as Jerry Mander did in 1978:
|
| "If you accept the existence of advertising, you accept a system
| designed to persuade and to dominate minds by interfering in
| people's thinking patterns. You also accept that the system will
| be used by the sorts of people who like to influence people and
| are good at it. No person who did not wish to dominate others
| would choose to use advertising, or choosing it, succeed in it.
| So the basic nature of advertising and all technologies created
| to serve it will be consistent with this purpose, will encourage
| this behaviour in society, and will tend to push social evolution
| in this direction." - Four Arguments for the Elimination of
| Television by Jerry Mander
| dredmorbius wrote:
| Mander is strongly recommended reading.
|
| _Four Arguments for the Elimination of Television_
|
| https://www.worldcat.org/title/four-arguments-for-the-elimin...
|
| https://archive.org/search.php?query=mander+Four+arguments+f...
|
| http://libgen.rs/book/index.php?md5=F119513A778FC924D7ED96B4...
| closeparen wrote:
| Life is an iterated game. I can see an appeal in living in a
| video-game kind of world where your counterparty to each
| interaction treats it as fresh, doesn't even really have an
| interior experience while it's happening, and forgets it
| immediately after. I can also see downsides. But that's besides
| the point. We don't live in that world. In our universe,
| interaction is a two way street. Both parties to an interaction
| have an interior experience of it, and that experience
| contributes to memory (both literal records and subtle formation
| of impressions/intuitions), and those memories shape the next
| experience.
|
| The framings "your privacy," "your data," "stealing" are
| interesting and provocative in some cases but I see the more
| extreme forms of this as pining for a world in which you are the
| only stateful or intelligent agent. We have never lived in that
| world, and I don't share your conviction that we _obviously_ or
| _morally_ ought to.
| dylan604 wrote:
| I have much less of an issue when a company runs analytics on
| the information gained from each time I order from them. It's
| when they continue to follow you across the internet to keep
| tabs on you when you are not using their site. It's not much
| different than having someone like a private investigator
| shadow you every where you go in real life taking detailed
| notes. You don't know who's paying the PI, you don't know to
| what purpose they are investigating, but there's just nothing
| you can do about. Only the internet tracking continues to
| follow in places where the PI can't go. It's just flat out
| creepy
___________________________________________________________________
(page generated 2022-04-03 23:00 UTC)