When I go shopping, or even to my doctor now, I leave my phone in my car.
I work very hard to not let my phone be required for as many transactions as possible, and write my most important and private thoughts by hand on paper instead of in my phone.
People think I'm crazy and paranoid, but their cell phone is probably still tracking me along with store cameras or whatever other BS invasive companies can concoct (less accurately), so at least it's someone else's fault now, rather than being my own.
I'll eagerly look forward to getting my $1.39 from the class action suits once the lawyers all get paid.
The joke about the $1.39 made me laugh, but it also made me wonder:
At what point will there be a tipping point where the pitchforks come out and the general public's "patience" with regulation catching up to this crap begins to unravel and actual violence or "direct action" begins to occur against these actors?
Because while we're focused on individual political officials actions as a distraction, these types of warehouses are getting bigger and bigger, making more and more money for the owners, and becoming used more and more for malicious activities.
> what point will there be a tipping point where the pitchforks come out and the general public's "patience" with regulation catching up to this crap begins to unravel and actual violence or "direct action" begins to occur against these actors?
There is no public consensus on this. American voters are fine with free, ad-supported software. They’re fine with surveillance in exchange for convenience.
They likely don’t understand the cost. Personally or systemically. But a combination of digital-privacy thought leaders (a) overlapping with communities embracing political nihilism, (b) experiencing a filter bubble where popular support is perceived where there is none and (c) having been corrupted (politically speaking) by crypto has stymied policy progress.
There are no pitchforks. There is no angry mob. To the degree there is consensus overseas, it arises from nationalism with respect to security (India) or competitiveness (Europe).
> There is no public consensus on this. American voters are fine with free, ad-supported software. They’re fine with surveillance in exchange for convenience.
Is that true though? When Apple made tracking opt-in, pretty much everyone refused. I think that's a clear indicator that the overwhelming majority do want privacy, and if they're actually given a choice, most will probably take it.
The issue about not understanding the cost is real, but that's not unprecedented. There was a time when most people didn't understand the cost of cigarettes and tobacco, but that problem was solved through government intervention.
Edit: to clarify, I said the tracking is “opt-in”, but it’s not a default. iOS explicitly asks you to choose between tracking or no tracking. It does not assume any default.
> When Apple made tracking opt-in, pretty much everyone refused. I think that's a clear indicator that the overwhelming majority do want privacy
Americans want privacy. There isn't consensus around the acceptable level of tradeoffs [1][2].
> was a time when most people didn't understand the cost of cigarettes and tobacco, but that problem was solved through government intervention
In 1964, the Surgeon General's Advisory Committee marked a turning point for smoking in America [3]. The Tobacco MSA was entered into in 1998 [4], by when most smokers recognized their habit as an addiction. The government intervention followed evidencing harm, public discussion and massive changes in public behavior. We are still in the first phase for ad-funded tech.
While Apple is in general better at privacy than Google (better can be far away from good), I think an Android user can theoretically be better protected. It just needs a lot of attention. But he would at least be able to do something against the "exceptions for the manufacturer". A locked down environment will always be comparably insecure. Not that Android phones aren't locked down...
> When Apple made tracking opt-in, pretty much everyone refused. I think that's a clear indicator that the overwhelming majority do want privacy, and if they're actually given a choice, most will probably take it.
I've seen this or equivalent statements a lot in discussion related to privacy, tracking, and the ios ecosystem. However, I don't think the results show what you're saying they do. All I see is that people accept the default behaviour of their devices. Unfortunately, there's no mobile ecosystem where you can easily opt out of tracking to compare to.
Yes, I would add though that the option that's perceived as closest to "Do nothing/Add nothing/Skip" will get extra perception points as closer to default.
> When Apple made tracking opt-in, pretty much everyone refused. I think that's a clear indicator that the overwhelming majority do want privacy...
Or it could be a clear indicator that people will leave the defaults where they are, which is why there have been figurative wars over getting a particular browser to be the default browser of an operating system.
> Is that true though? When Apple made tracking opt-in, pretty much everyone refused. I think that's a clear indicator that the overwhelming majority do want privacy, and if they're actually given a choice, most will probably take it.
Is it? Or is it a clear indication that most people will stick with whatever the default option handed to them is?
Of course giving the option to opt out without consequences will entice people to opt out. But what if the software stops working unless you pay for it after you opt out? That changes everything.
Then the question is no longer "Am I okay with tracking if I can shut it off and everything's still the same," but becomes "Am I okay with tracking if it means I don't have to pay for the software or service?"
That’s true. I think that will be the real test for the market.
Appstores/marketplaces will need to clearly show which apps are free without tracking so that consumers are aware that there are privacy-respecting alternatives, and don’t feel like they have no choice.
However, there’s also the issue that the definition of “tracking” and “privacy” is too vague. If Google or Facebook offered a paid service with privacy, I personally still wouldn’t trust them to not collect data on me.
Why should people have to buy extra services for a non free piece of hardware just to remain ad free on that hardware? Apple is double dipping here (probably triple dipping if you also include AppStore fees and charges).
People want to be able to own the things they buy, without further nonsense.
If you don't want to pay for the operating system, just buy some hardware and put Linux on it. Apple isn't double dipping because their OS isn't free, and nor is their hardware. They are different units of the same company, and both units have to pay their staff.
To whit, anywhere the software is provided "free" it is actually just included in the price. It is no coincidence they don't let you upgrade the actual version of that software without paying (or jail breaking as the case may be). Most phones and tablets are kept at whatever version you bought them at, by design.
If you buy a hardware firewall, you still have to pay for its software and maintenance. If you buy a car, you still have to buy winter tires at the appropriate time of year, and pay for the car's regular checkup. For tires, you even may have to pay for yearly rotation, balancing, etc. This business model shows up in many variants all over the place. Different divisions or people work on something, it's a separate pay item.
It also doesn't help when companies try things that can produce relevant ads for a user without tracking the users themselves, and they get blocked at every turn.
For example, Twitter allows you to prune a list of ad subjects. You can add and subtract to that list. This could effectively reduce the need for tracking, but people reflexively block the ad accounts, rendering any form of ad campaign ineffective.
I'm not saying that's the answer, btw. It may be, or it may not be. I am saying though, that people are so used to blocking ads and not paying, that finding solutions to keep online companies viable is extraordinarily difficult without tracking.
If Twitter turned around and told everyone who did that, that they have to pay for a subscription, they'd quickly go out of business.
>Is that true though? When Apple made tracking opt-in, pretty much everyone refused. I think that's a clear indicator that the overwhelming majority do want privacy, and if they're actually given a choice, most will probably take it.
That option already existed in the settings. People couldn't be bothered to go set it because they don't really care.
> They likely don’t understand the cost. Personally or systemically.
How would you explain the cost to someone? Most of the discourse seems to boil down to some mix of "it's creepy" and "it could be used for a nefarious purpose", which is not super convincing.
For most commercial surveillance, I can't. Provable harm from the Equifax breach remains unquantified. We're only beginning to discuss those data for e.g. Facebook and teenagers. To give analogy, we're in the 1960s on the smoking-regulation timeline [1].
It is very difficult. In most cases people aren't affected. Those that might understand the need for privacy are those that lost their jobs because of posting on social media or being naked in the wrong place. Currently the data that is shared between ad networks is rarely public, but embarrassing information could be found everywhere and what is considered as such might change with time. Is isn't just the access log of your head of state to youporn or something like that, it is also the info about trivial consumption choices that can come back at you.
Legislators made it far worse because they demanded additional data to be saved for "security purposes". So not even here people are informed about the problem. On the contrary, we regularly have old farts making everything much worse.
Frankly, those that believe they can save some bucks when they share their data probably aren't the best to understand the larger picture. The data is valuable for different purposes but it is also difficult to put a price tag on it.
What was the cost of the Cambridge Analytica scandal to the average user?
There were a lot of people in the data set, certainly, but how many can quantify damages?
If anything the Cambridge Analytica scandal was (disturbing) "win" for privacy loss: a lot of the Cambridge Analytica demographics markers were baked into the Facebook ad platform and became standard ad demographics soon after. The Cambridge Analytica scandal as played out looked like Facebook was stamping out bad privacy practices using its platform, but the real message was Facebook eliminating a competitor to their ad business by eliminating their access to Facebook's data. Lucky for Facebook the PR mostly stuck with the face value of "stamping out bad privacy practices", but even a lot of the people that saw/realized it was simply Facebook eliminating a competitor have mostly shrugged and continued to use Facebook (though Facebook did add some opt-outs at that much more modest uproar, versus all the loud thundering noise Cambridge Analytica got).
It may have influenced the result of the 2016 US presidential election.
IIRC, the Trump used that data set to send targeted ads to ~90M independent and republican voters. Independents got ads attacking Clinton and emphasizing prominent Trump supporters. Republicans got turnout-oriented ads.
Provided he won by less than 100k votes (and lost the popular vote), the cost to the median US citizen was likely quite large.
I didn’t know the same demographic markers had been baked into the platform. This is very concerning.
Cambridge Analytica had no way to buy Facebook ads, which were the primary platform of these micro-targeted ads during the campaign, specific to people in the gathered data they had without Facebook platform support. Facebook ads never had an API that you could just give it user IDs or emails and target them specifically (and one would hope that Facebook would eye any such ad campaign with suspicion even before scandals like Cambridge Analytica). Cambridge Analytica had to encourage Facebook to add most of its same demographic markers into the platform to pull that off. That's definitely one of those "it takes two to Tango" sort of things where if it wasn't in Facebook's platform, how did they target those ads in 2016?
Certainly they cross-compiled that data with other ad systems and phone lists and who knows what else, but given the scandal with respect to that specific campaign was primarily about their micro-targeted Facebook ad buys, Facebook is still left culpable as the platform owner at the end of the day.
But I'm of the belief that micro-targeted ads should be illegal in general, and all of the micro-targeting enabling ad platforms seriously questioned for what they've enabled in the last decade or so. The fact that they are generally acceptable and multi-billion dollar revenue generators is its own reminder of what this thread is about that the average person doesn't seem to care about all of these invasive data privacy issues.
I didn't know FB had been actively involved in the process, I thought they had just been criminally negligent regarding the amount of data third parties were allowed to gather.
> the average person doesn't seem to care about all of these invasive data privacy issues.
I know, anecdotally, I became half a pariah in my family for refusing to register and share pics of my kids on WhatsApp. That was after the FB purchase, but before they changed the terms of service. I didn't trust FB, and was ultimately proven right.
Semi-related to that, when Facebook did finally roll out it's opt out from certain ad demographics tools in I want to say 2018-ish they included a view of your own demographics (if you could find your way through Facebook's maze of Privacy Settings with many corridors all alike), a Slack I was in at the time and I went through all of our personal demographics and one lasting result of that conversation was renaming one of the channels to #friendsofexpats because "Friend of Expats" was the creepiest, almost threatening sounding demographic tag that we all seemed to share (among other creepy, almost threatening demographic tags that don't actually sound useful to non-evil advertising). Because that was memorialized in a channel name that one has stuck with me since.
This is true. Even Snowden's revelations didn't have much effect outside of tech circles. US congress even got away with passing a law to retroactively make some of the revealed illegal spying on Americans legal. The public either does not care or feels impotent.
Governments love corporate surveillance as it allows them a source of data without having to worry about scrutiny they might face by collecting the data directly.
It feels hopeless that surveillance capitalism will ever be able to be reigned in.
> Snowden's revelations didn't have much effect outside of tech circles
This is not true. There were lasting changes in public perceptions around the surveillance of Americans [1]. And bulk collection under the Patriot Act was repealed [2]. That is far from complete, but it's also far from nothing.
The reforms to bulk data collection were immediately after the revelations.
Congress has been continuing/expanding surveillance in the years since. But, perhaps not to the degree they would have without Snowden's revelations? I want to believe that Snowden's great sacrifice made lasting changes, but I don't think the evidence supports it.
E.g.,
> Congress extends patriot act section 702 spying powers (2018)
> With practically no public notice and no public hearings, the House of Representatives passed the College Transparency Act (CTA) on Feb. 4, 2022, by slipping it into a much larger unrelated bill called the America Competes Act, intended to better position the United States to compete with China. (2022)
> creation of a comprehensive data system that would include the personal information of every student enrolled in college or another higher education institution, and track them after their [sic] graduate.
> Congress retroactively legalized some of the spying
Extensions of §§ 702 and 215 didn't roll back the reforms in the USA Freedom Act [1], which was a hodgepodge of intelligence reauthorizations and admittedly minor reforms. (But reforms nonetheless.)
> House of Representatives passed the College Transparency Act (CTA) on Feb. 4, 2022, by slipping it into a much larger unrelated bill called the America Competes Act
Anyone claiming CTA was slipped into the ACA wasn't watching the ball. I first heard about it around 2021 [2], which was itself a re-introduction of an earlier bill. It went through discussions across two administrations. The only opposition was from higher ed, who didn't want the record keeping burden.
"It feels hopeless that surveillance capitalism will ever be able to be reigned in. "
It will likely by some combination of:
1. starts to impact the 1% (e.g. Congresswoman Feinstein didn't care about privacy a whole lot until she found out the NSA may have been bugging HER, etc)
2. an active interest in counter-measures (up to and including not buying or dismantling IoT options; people are already on forums in growing numbers looking for 'dumb' appliances and looking to hoard car parts to keep the ICE cars rolling indefinitely if possible)
3. a second Cambridge Analytical with any measurable, discrete, bad outcomes that follow (e.g. someone uses breach data to stalk a person, a group of shareholders get fleeced [aka see 1])
There is no silver bullet here in my view. A confluence of events will at some point likely hit critical mass and force it. Almost no one thought data sovereignty regulation would take off, but GDPR, CCPA, and a growing list of similars have proven that was a misstep on the part of tech to avoid a balkanized regulatory universe, but they simply could not agree to give up on iota of adtech dollars....so they will lose it by endless smaller cuts. The legal/compliance industry will reap those profits instead.
> There are no pitchforks. There is no angry mob. To the degree there is consensus overseas, they arise from nationalist impulses with respect to security (India) or competitiveness (Europe).
If only the "anti-vax" mob could have been motivated towards upholding Internet privacy... We'd perhaps have a far more relevant and meaningful protest in the U.S.
> if only the "anti-vax" mob could have been motivated towards upholding Internet privacy
They’re a natural demographic! But connecting to them requires showmanship, crossing a partisan line for some, and bridging to the anti-Big Tech crowd. No easy work.
Correct, and this is where full-throated advocacy for government intervention is necessary. At this stage, not even for a change in practice -- simply an across the board disclosure of what the practices are, trade secrets/capitalism/ etc be darned.
I've thought about this many times, and my answer is: when there is a massive, at-scale leak of seriously disruptive personal information. Think Google search history, medical files, or databases of credit card transactions. When it takes enough peoples' lives off the normal track, people will finally be fed up.
Also the Equifax breach seriously messed up people's credit, work life, and daily lives.
Given Equifax's one job is to protect people's credit you would have hoped they'd have gotten more than a slap on the wrist of a class action lawsuit. At the very least, you would have expected their clients (banks) to have had trust issues in remaining their clients and something of a long term impact on their revenue. (It's done nothing but grow its revenue since the data breach.)
What's really rich about the Equifax breach screwing up people's credit is that Equifax also makes up the credit ratings. It's the corporate equivalent of "nice reputation you have there, would be a shame if something happened to it" type of protection racket. And before anyone accuses me of hyperbole remember that Equifax themselves call it "identity theft protection”.
Obviously I was being hyperbolic, which is partly why I emphasized it. Though this list doesn't actually read to me as being anything more than "monetizing everything they can even remotely related credit ratings". It's not really a different "product" selling credit ratings for their intended purpose to banks and selling them to non-bank businesses for looser moral purposes, is it?
The north american credit rating agencies have seen numerous leaks of immensely disruptive personal information. This happened so many times that there are talk show episodes about it.
This happened. The vast majority of people do not care or do not have time to care.
I love how you brought up this meme (which used to be a consensus opinion fwict ~2009) and it immediately got discredit with multiple examples! Clearly this is not a way forward ("waiting for others to be outraged" - guess what? They already are!! You are all just too coward to change your behaviour) we /must/ move to FOSS and p2p, all energy should go towards solving the tragedy of the commons in cyberspace and then the resulting communication structures will help us solve our issues in meatspace. Anything else is just wishful thinking or waiting for the tools to be available from the programmer class.
John Oliver claimed that he did that 4 months ago -- buying sensitive data about members of Congress, but once he got his YouTube views, he dropped the topic. Controlled opposition.
The best way for us as individuals to regain power and protest over misuse and collection of our data is to defiantly and deliberately "corrupt" that ill gotten data...
Go into really kinky sex shops and just browse around... Go to Chuck E Cheese and crash a kid's birthday party and jump in the ball pit (especially if you don't have kids). Buy diabetic socks, especially when you don't need them, or even lingerie for the opposite gender from Target. Host wild phone conversations with your friends in a nonsensical language, and do it as much as possible... Cover your front phone camera with black tape when it's not in use... Talk frequently about the opposite of what your real plans are directly into every microphone placed on every Internet connected device... Never use the same password you use on important resources for social media...
Adopt a great new pseudonym, and never verify yourself on any of your social media accounts, they can't demand that info, they're not the Government.
Fundamentally, AdNauseam's approach is the correct one: corrupted data is far worse for adtech than missing data. Highly suggest installing AdNauseam, and then applying its ideas to your everyday life. Maybe occasionally buy things with friends' credit cards, then pay them back in cash?
> Fundamentally, AdNauseam's approach is the correct one: corrupted data is far worse for adtech than missing data.
No chance. No one cares if the data they have on you is accurate or not, least of all ad companies. They'll happily push ads at you all day and it doesn't matter to them what they're for. Companies will continue to use that false data to force you to pay more. An employer who refuses to hire you because of a false understanding of your spending habits or political views will never know the difference and neither will you. You'll just not get the job, you won't know why.
The data collected on you will be used against you no matter how accurate it is. Feeding the system "corrupt data" is still just handing them ammo to hit you with. It will always be better for you to avoid handing them data at all.
That's not a coherent response to my point - I have no idea what you're trying to say here.
> No one cares if the data they have on you is accurate or not, least of all ad companies.
This is wildly, factually incorrect. There's literally no reason for anyone to gather data if it's going to be consistently inaccurate. In the case of ad companies, they want correct data because they think it allows them to target ads better - they definitely care about accuracy.
> They'll happily push ads at you all day and it doesn't matter to them what they're for.
This is irrelevant. The problem of "I'm being shown ads" is completely orthogonal to the problem of "an organization is collecting a bunch of personal data about me". My comment was explicitly about the latter, yours is about the former and so shouldn't be a response to mine.
> An employer who refuses to hire you because of a false understanding of your spending habits or political views
That's an edge case that's easily worked around - just make your noise-introducer not add hazardous content.
> The data collected on you will be used against you no matter how accurate it is.
You're assuming that the data collected is actually useful as a weapon, and there's no reason to assume that. Your noise-detector could just add interests in a bunch of different products (avoiding the hazardous ones) - very low risk, and very confusing for an adtech company.
> It will always be better for you to avoid handing them data at all.
This is true in theory, but unfortunately very difficult in practice. Ad Nauseam's approach is the realistic, pragmatic one that survives contact with reality.
> In the case of ad companies, they want correct data because they think it allows them to target ads better - they definitely care about accuracy.
If they cared, at all, they'd provide a means for people to confirm the accuracy of the assumptions they make about you and correct mistakes. They also wouldn't bother with buying from data brokers who gather data from any number of unreliable sources. It's quantity over quality every time.
I'm not even sure ad companies actually think all the data allows them to better target ads or even that targeted ads are preferable. They have to convince their clients of that though. Really all they care about is pushing ads and collecting money.
> just make your noise-introducer not add hazardous content.
Good luck. There are an endless number of things that might prejudice someone against you. Your lifestyle, your politics, your religion, the people you associate with, your sexual history, your hobbies, your medical conditions, etc. The longer you go filling your dossier with random information the more likely it is that you'll end up hitting one of them.
> You're assuming that the data collected is actually useful as a weapon,
No one is collecting your data for your benefit. It is always to benefit themselves at your expense. Every scrap of data that is taken from you will be leveraged against you or sold to someone else on the promise that it could be.
The reason there is a multi-billion dollar a year industry around buying and selling the most mundane aspects of your life is because it gives others huge advantages over you. It allows them to take more of your money, to punish you, to erode your ability to enact change, and to manipulate you into supporting positions favorable to them.
The data they collect allows them to do this no matter how inaccurate their assumptions about you are. You may not 'deserve' to be targeted by an extremist group who got your name and address from a data broker, but they'll still punish you for what they think you are or have done. You might not have as much money as your dossier suggests, but a store is going to raise their prices for you based on that data anyway while charging your neighbor less. You might not actually eat out as often, but your health insurance rates are still going up if the insurance company gets the wrong idea. You might not have actually been looking up rope, hacksaws, tarps, and duct tape on November 12th, but the police will still question you if they see it in your search history and will gladly throw you behind bars if they think you'll be easy to convict for the crime.
Ad Nauseam's approach fails to have any meaningful impact on the outcome. You'll still get abused and be taken advantage of, just sometimes it will be for the wrong reasons.
You can't always avoid giving any data away, but stuffing your dossier with more and more data (no matter how random or inaccurate) will always be worse for you.
> Every scrap of data that is taken from you will be leveraged against you
False, because if I feed false & non-incriminating pieces of data to a surveillance system - which is not an edge case, but the exact idea that we are arguing about in this thread - then it will not be leveraged against me, and in fact it will decrease the amount of leverage that the system has against me.
> or sold to someone else on the promise that it could be
Right, at which point it will make that system worse, as well.
> The reason there is a multi-billion dollar a year industry around buying and selling the most mundane aspects of your life is because it gives others huge advantages over you. It allows them to take more of your money, to punish you, to erode your ability to enact change, and to manipulate you into supporting positions favorable to them.
Yes, I know this, and the point of feeding fake data is to prevent people from doing this. There's no point in putting this in, because that isn't the interesting part of the discussion, it's whether fake data actually works. Why do you keep putting completely irrelevant material into your comments?
> The data they collect allows them to do this no matter how inaccurate their assumptions about you are.
No. No no no. This is false. "Inaccurate data", just by itself, is worthless. It doesn't do anything. It's only inaccurate data along specific dimensions ("incriminating" data) that actually matters, and it's straightforward (if not easy) to "shape" the fake data that you feed to surveillance systems to that which is simultaneously (a) damaging to ad systems and (b) not incriminating at all.
And the rest of this paragraph? Pure speculation. You cannot make a connection between these kinds of negative outcomes and Ad Nauseam (and related techniques) because it has never happened.
> Ad Nauseam's approach fails to have any meaningful impact on the outcome.
You have precisely zero evidence for this, and I have counter-evidence: Google specifically banned Ad Nauseam from the Chrome Store[1], which is very good evidence for the fact that it is effective in ways that adblockers and anti-fingerprinting tools are not.
Your entire comment is filled with ridiculous assertions, completely irrelevant tangents, illogical leaps, and pure speculation. None of it lines up with reality.
> You cannot make a connection between these kinds of negative outcomes and Ad Nauseam (and related techniques) because it has never happened...Your entire comment is filled with ridiculous assertions, completely irrelevant tangents, illogical leaps, and pure speculation. None of it lines up with reality.
I clearly can't convince you, but I strongly encourage you to educate yourself if you honestly think none of the things I described have ever happened or could ever happen. Pretty much all of it is happening and/or has happened.
Stores changing prices on a per person basis based on their data?
"For example, ZipRecruiter, an online employment marketplace, indicates that it could increase profits by 84% by experimenting with personalized prices (Wallheimer 2018). Other players, such as travel sites (e.g., Orbitz, Hotel Tonight; DeAmicis 2015; Mattioli 2012), retailers (e.g., Amazon.com, Home Depot, Staples; Streitfeld 2000; Valentino-DeVries et al. 2012), and even grocery stores (e.g., Safeway; Clifford 2012) have also reportedly begun implementing personalized prices for their customers based on individual characteristics." (https://link.springer.com/article/10.1057/s41272-019-00224-3)
Other fun ways stores use your data to discriminate against you? They can tell you their return policy is that they don't accept returns or have a very short return window while the next person who walks in the door gets told their return policy is extremely generous. Some even use it to decide how long to leave you on hold, bumping you down to the bottom of the queue when someone with a better "consumer reputation" calls in.
Health insurance rates being influenced by big data? There has been going on for a long time and there's a massive push to increase it.
"Insurers contend they use the information to spot health issues in their clients — and flag them so they get services they need. And companies like LexisNexis say the data shouldn’t be used to set prices. But as a research scientist from one company told me: “I can’t say it hasn’t happened.” (https://www.propublica.org/article/health-insurers-are-vacuu...)
Police using search histories to fish for suspects?
Seriously, all of this stuff is happening. The vast majority of the ways the data you hand over to companies are being used against you happen without your ever being made aware of it, but be assured that your life has already been impacted by the data you've provided and you will be dealing with the fall out of that data being out there for the rest of your life. Adding more data to that pile, accurate or not, will only hurt you.
Google banning Ad Nauseam is not proof that it will save you. Google is in the ad business and it's possible they banned it because they objected to the concept, thought it could have hurt the perception that their data was accurate, had concerns about how it would impact payouts, or any other reason, but it would do nothing to prevent any of the abuses described above and actually opens you up to more risk.
It's not like anyone is throwing out the file they have on you because there might be a mistake in it. Data brokers get paid the same no matter how accurate their data is. Feel free to get yourself flagged as being/doing more and more random things on top of all the real data you give up if you like, but I hope that you'll give it some real thought because it can, is, and will be used against you, and all that data (real or not) never ever goes away.
I've had my comments and posts here turned into comedic bits and skits many times by certain YouTube channels (ehem)... Never got credit or a check for any it though. :P
Because we’ve allowed media to become entertainment and the internet killed print, and as a society we’ve lost the ability to sway the population with anything approaching fact.
Media always was entertainment. Internet is just print v2.0. As a society, we never were able to sway the population with facts.
If you look at the history you will see the same things happening over and over again. That doesn't mean we shouldn't fight for what is right, just don't be discouraged if the effect is less than desired.
The pitchforks are already out, as part of the larger anti- technocratic/bureaucracy movement. Unfortunately, as that movement has gained popularity, its energy has been captured by Trumpism with its siren song of simplistic not-even-wrong answers. I'm not singling out Trumpism here, despite its seemingly exceptional virulence. Basically every political movement gets coopted and neutered this way in the US, once it gains enough popularity. There's money to be made, after all.
"When I go shopping, or even to my doctor now, I leave my phone in my car."
I don't blame you, I go one step further, I use a rooted deGoogled phone with location defaulted to off and all apps with few exceptions such as browsers are specifically denied access to the internet. Even then I use multiple browsers for different jobs/sites with JavaScript defaulted to off. Oh, and I nearly forgot to mention the phone's VPN-type firewall.
When I go shopping I mostly use cash even for large purchases say up to $1k or so (I'll actively go to an auto teller and withdraw cash first rather than use my cards). I keep online purchases to an absolute minimum and when I do I make them with 'corporate' type cards.
I don't see this as paranoia, rather it's common sense. Anyone, who runs a logcat log-displaying program on a rooted smartphone without additional privacy protection steps being taken is astounded - in fact horrified - at the amount information that's being stolen from one. The log entries flash past in their thousands much faster than it's possible for anyone to ever read them.
I've little to hide and my lifestyle is really pretty boring and ordinary but I'm absolutely affronted how this situation developed without proper laws being in place or enacted (not long ago the privacy of telephone circuits was considered sacrosanct and laws rigorously protected us from being monitored).
In the grand scheme of things I recognize that my efforts are pretty futile but at least I gain some satisfaction in trying to combat the bastards.
I don't quite understand why the general attitude of the population to maintaining one's privacy has considerably lessened in recent decades, and similarly why existing privacy laws are not being upheld as they once were.
The CCP hasn't come arrest me for speaking against a government official and the Saudi government hasn't arrested me for dancing and the Australian government hasn't arrested me for participating in a protest, etc...
One day soon all Americans will start facing consequences for even benign actions and then they will care.
Or the National Security Law is enforced in an extraditial manner as it's written.
(Also, don't forget the US has extratraditial laws with punishment involving crimes of abuse and crimes of having unreported money in other countries [i.e. being american and working for a company+living in say the UK])
I get the metaphor, but this is a myth. A frog, like you, will absolutely jump out of the water as soon as the temperature gets uncomfortable, let alone lethal.
I know, donkey's years ago a teacher demonstrated the fact in the school's science lab much to the horror and chagrin of some students and to the gruesome delight of others. Within a few seconds the frog jumped out completly unharmed.
No doubt today such experiments would be completely banned not to mention that anyone who dared tried it would experience the full wrath of Peta brought down upon him/her.
> rooted deGoogled phone with location defaulted to off and all apps
asking for a friend, she wants to know how to do this, she is very privacy conscious.
> I nearly forgot to mention the phone's VPN-type firewall.
also she wonders what vpn service you use here
> logcat log-displaying program on a rooted smartphone without additional privacy protection steps being taken is astounded
and one last thing she wants to know is how would you do this for a windows 10 laptop? can you hook it up to some raspberry pi device that can monitor outgoing and incoming packets? I suspect its rooted but people keep telling her how its impossible to trojan windows 10.
> one's privacy has considerably lessened in recent decades,
just to add my piece, people have been collectively brainwashed to place lot of value to essentially phantom points, be it instagram likes, followers on twitter, retweets and crypto. they are willing to go above and beyond to do the surveillance voluntarily.
I watched a piece on instagram thieves who chuckled how easy their victims make their job for them by showing off what they've got and when they are away from home. I imagine this is the same for people who believe they are building a startup legally.
Remember the quote from the biggest social media creator: "They trust me dumb **s"
Re rooted deGoogled phone. This is a huge topic and I cannot do it justice here. I suggest you look up the principles of phone rooting and or go to a repterable site on the subject such as XDA Developers.
Re: VPN, see my comment below to zen_1..
Re: Windows, yes, it's possible with routers and even a Raspberry Pi but it's equally complex and very different indeed to that of an Android phone.
Finally, I could have largey expanded my reasons for why I failed to fully understand the reasons why values within the population have changed in respect of privacy but I don't have the wherewithal to do it justice in the space available.
GrapheneOS on any pixel phone is my goto. It's way easier to install a custom ROM now than back in the day, anyone can do it if they can follow instructions (and reseat their phone cable if the process stalls after a phone reboot)
some banking apps don't work but apart from that it's 100% functional
> vpn
Mullvad (Sweden based) and Proton (Switzerland based) are two VPNs with a good reputation imo.
I'm sorry if I didn't explain the firewall VPN stuff well. Android lets one set up VPNs so firewalls exploit the concept to divert traffic from apps to a nul-VPN, apps think they've access to the internet but their traffic doesn't go anywhere.
This satisfies apps that demand such access, they'll still work on the premise that they have internet access, it's just that it's down all the time.
One such firewall app is Karma FW, it's available on Google's app store - and if you think you'd be violating your privacy even further by going there then use the Aurora Store app to spoof the download. As it violates Google's terms of service you have to get it from F-Droid's repository.
I haven't run into apps like that before. I've always just denied the network permission or used AFWall+ (when rooted) to block network access from apps I don't want phoning home
The trouble with that (even on a rooted phone) is that the Google Play Services app collects info on everything, it's the most pernicious of any app. You only have to do the slightest thing on your phone and you can watch the size of its data file grow, thus routing its internet access to a VPN firewall is essential.
Unfortunately, Play Services uses the internet for various necessary functions. The only truly satisfactory solution is to remove it altogether and replace it with GApps which is a sort of 'clone' with the anti-privacy stuff removed.
GrapheneOS supports installing Play services as a sandboxed unprivileged app [1] where you can revoke its network permissions and manually restore them if needed. I should know, it's what I do :).
If I could avoid using google software completely, I would, but this is the second best option IMO.
> is microG still a viable alternative to GApps or is there something else that’s taken its place?
microG is still viable afaik, but I prefer GrapheneOS's sandboxed google play approach since it's much more feature complete, and supports e.g. my 2fa hardware key, while that's currently missing from microG.
> The ROM community, especially those that cared about privacy, was quite small few years ago, especially for non-Pixel devices
Yeah Pixel devices are still the only ones you can expect to be supported by GrapheneOS and CalyxOS etc..., for anything else I think your best bet is to install LineageOS(formerly cyanogenmod) and microG if you can accept the current https://github.com/microg/GmsCore/wiki/Implementation-Status
no worries think its pretty obvious what to do with here.
curious to know if some external firewall running on raspberry pi that sits between windows 10 desktop and the wifi exists. it would be ideal for inspecting network traffic
> I'll eagerly look forward to getting my $1.39 from the class action suits once the lawyers all get paid.
If you sign up for the $1.39, that's an admission of using an Oracle product, which allows them to force you to do a licensing audit. I hope you don't have any old JREs.
You are not crazy nor paranoid. You are just ahead of others. Those of us who take the precautions have heard it or ask ourselves the same thing quite often. I no longer use a SIM with my phone running a custom OS. I pay cash and wear a mask in stores to thwart the facial recognition. None of this is an inconvenience to me but rather a more liberated way of life.
You're paranoid in the sense that you're making a conscious effort to prevent someone else doing something that doesn't harm you in any way.
Wait until you find out the shit they put into your water, your air, your food and your mind through mass media. You'll end up living in the woods if you take your trail of thought to its logical conclusion.
So either you're already in the woods, and then you'd not be on HackerNews, or you're playing 'I'm making a difference by drinking through a metal straw that I carry around to save the planet'.
This defeatist "give up civilization or accept all it's evils as inevitable" is a very simplistic way of seeing it. Open society will always have a chance of improving as long as some people are paying attention to something that interests them and making some effort.
The /e/os distribution bundles MicroG, which Lineage has flatly refused to consider.
MicroG pretends to be Google Mobile Services, allowing more apps to run. It requires signature-spoofing, which is a major architectural change to Android.
There is absolutely no reassurance of any privacy any more. Several VPN providers have been caught for leaking data to corporations over time as well. There are too many points where any software can be compromised, e.g. the APIs and libraries required by any application, to ensure proper privacy.
It's wiretapping conducted on everyone using devices they purchased by private companies (that uphold no responsibility for proper use or securing the data) without any justifiable cause... God help you these days if you do warrant a wire tap, but at least the Government is usually a bit more secure and regulated concerning storage and use of that data.
You can use Google to push targeted messaging to people based on the dossiers you collect.
They don’t sell the dossier, but they can leverage it. In many cases they can make inferences without the dossier. For example, you can target anti-opioid or anti-extremist materials at people identified as risks.
For example, you can target every pregnant woman in a geography and score her risk of giving birth to a child with an opioid addiction. That child will cost a health insurer ~$2M, so targeted ads that convert to intervention are very high value.
Where it gets weird is you can reverse engineer the dossier at scale. You can target very specific conditions without google “selling” that data to you. If you’re a 50 year old male searching for divorce attorneys who moved 6 times, the context of searching for “pain killers” or “target range” may have a different context than if you’re an 18 year old athlete booking a cabin in rural Maine.
I thought the context (parent comment) was enough. Parent is concerned to the point of leaving the phone before going to the doctor. It is well-known that Android (the non-de-Googled version) actively tracks your location [1].
I work very hard to not let my phone be required for as many transactions as possible, and write my most important and private thoughts by hand on paper instead of in my phone.
People think I'm crazy and paranoid, but their cell phone is probably still tracking me along with store cameras or whatever other BS invasive companies can concoct (less accurately), so at least it's someone else's fault now, rather than being my own.
I'll eagerly look forward to getting my $1.39 from the class action suits once the lawyers all get paid.