A critical reflection on GDPR
-
@onyx said in A critical reflection on GDPR:
@hardwaregeek said in A critical reflection on GDPR:
Yes, you could definitely have your name/number unlisted. You had to pay an extra fee to keep it private, though.
And I thought T-Com charging extra for caller ID info over here was the stupidest way for a telco to squeeze extra cash out of people. You had to pay for a company to not do something? The fuck?
Welcome to America, where the rule is "If we CAN charge them for it, we WILL charge them for it"
-
@laoc said in A critical reflection on GDPR:
@blakeyrat said in A critical reflection on GDPR:
That's because "the Nazis take over New York in 2018 and want to locate all the Jews" is fucking ridiculous.
That's funny right after all the whargarbling about the literal holocaust about to be perpetrated on gun owners.
Yeah, it is kind of funny to confuse an obvious step in the direction of admitted tyranny with private companies looking at which web sites someone goes to.
-
@boomzilla said in A critical reflection on GDPR:
That's because "the Nazis take over New York in 2018 and want to locate all the Jews" is fucking ridiculous.
That's funny right after all the whargarbling about the literal holocaust about to be perpetrated on gun owners.
Yeah, it is kind of funny to co
nfusempare an obvious step in the direction of admitted tyranny with private companies looking at which web sites someone goes to.Coming up next: we'll look at how Google is in cahoots with the Feminazis to brutally suppress free speech and Big Media parrots everything spouted by the Liberal Elites!
-
@laoc said in A critical reflection on GDPR:
@boomzilla said in A critical reflection on GDPR:
That's because "the Nazis take over New York in 2018 and want to locate all the Jews" is fucking ridiculous.
That's funny right after all the whargarbling about the literal holocaust about to be perpetrated on gun owners.
Yeah, it is kind of funny to co
nfusempare an obvious step in the direction of admitted tyranny with private companies looking at which web sites someone goes to.Coming up next: we'll look at how Google is in cahoots with the Feminazis to brutally suppress free speech and Big Media parrots everything spouted by the Liberal Elites!
OK!
-
@laoc said in A critical reflection on GDPR:
Sorry, I didn't mean to say it was your whargarbling. I think @Polygeekery, who for some reason seems to agree with you here, posted that link to Eric S. Raymond frothing from the mouth.
Now I think you have me confused with someone else.
-
@e4tmyl33t said in A critical reflection on GDPR:
@onyx said in A critical reflection on GDPR:
@hardwaregeek said in A critical reflection on GDPR:
Yes, you could definitely have your name/number unlisted. You had to pay an extra fee to keep it private, though.
And I thought T-Com charging extra for caller ID info over here was the stupidest way for a telco to squeeze extra cash out of people. You had to pay for a company to not do something? The fuck?
Welcome to America, where the rule is "If we CAN charge them for it, we WILL charge them for it"
Same thing in Australia. Until relatively recently, Telstra demanded a monthly fee to not have your landline number listed. Funny thing is, you weren't actually paying for an unlisted number, you were paying for a "private number." In addition to not listing your number, it also hid your caller ID when you called people, which may not even be something you wanted but for some reason the two completely unrelated services were grouped into one.
Supposedly it was possible to get a free unlisted number if you escalated it high enough but it never was an official thing. Given that this is Telstra, both malice and utter incompetence are equally likely.
-
@laoc said in A critical reflection on GDPR:
"Hey, here's this user's HIV status and location, we trust you to only use it for Good™"
But that's already illegal, so. We don't need a new law. If Google has that information (especially if they got it from a third-party cookie hit somehow-- can you even imagine a plausible scenario where that could occur?-- someone else made an enormous HIPAA violation.)
@laoc said in A critical reflection on GDPR:
Meanwhile, the question:
Do you think a peeping tom harms anyone?
Goes unanswered.
That's because I'm thinking about it. It's a good question. Obviously society has decided yes it has.
But again: that's besides the point. How is Google going to get nude pictures from third-party cookies? We're talking about cookies here. Although it seems to be impossible for the paranoid people who don't like cookies to stick to the one topic long enough to explain why.
-
@onyx said in A critical reflection on GDPR:
You had to pay for a company to not do something?
I think the idea was that printing all names, addresses, and phone numbers in the directory was the default. If you wanted non-default processing (phone number but no address, only first initial instead of name, no listing at all), you had to pay for the special handling of your account.
-
@hardwaregeek said in A critical reflection on GDPR:
If you wanted non-default processing (phone number but no address, only first initial instead of name, no listing at all), you had to pay for the special handling of your account.
Maybe we should start charging to take people off mailing lists...
-
@onyx said in A critical reflection on GDPR:
@hardwaregeek said in A critical reflection on GDPR:
If you wanted non-default processing (phone number but no address, only first initial instead of name, no listing at all), you had to pay for the special handling of your account.
Maybe we should start charging to take people off mailing lists...
That sort of thing tends to lead to the rest of us charging for being on the mailing list in the first place…
-
@blakeyrat said in A critical reflection on GDPR:
@laoc said in A critical reflection on GDPR:
"Hey, here's this user's HIV status and location, we trust you to only use it for Good™"
But that's already illegal, so. We don't need a new law. If Google has that information (especially if they got it from a third-party cookie hit somehow-- can you even imagine a plausible scenario where that could occur?-- someone else made an enormous HIPAA violation.)
If they were a "covered entity" under HIPAA, which Grindr is not:
Niam Yaraghi, an assistant professor at the University of Connecticut's School of Business and a nonresident fellow at the Brookings Institution who has examined the sharing of patients' health care information, said Grindr likely didn't break the law.
He said federal Health Insurance Portability and Accountability Act — or HIPAA — bars medical providers and their business associates from disclosing patients' health records. However, that law doesn't apply to private businesses who aren't in the medical world, he said.@laoc said in A critical reflection on GDPR:
Meanwhile, the question:
Do you think a peeping tom harms anyone?
Goes unanswered.
That's because I'm thinking about it. It's a good question. Obviously society has decided yes it has.
And what do you think?
But again: that's besides the point. How is Google going to get nude pictures from third-party cookies? We're talking about cookies here.
Go ask your girlfriend if she considers her cookie private or shareable with unknown third parties.
aside, I think we don't have to go into details of how those cookies work to identify users across sites for the express purpose of being able to build a database of personal interests across many sites.
Now I don't know about you, but me being pissed off about a voyeur is one thing, but there is a lot more information than the looks of my dick that I consider absolutely nobody else's business. Whether I research 0days, substance dependency, or visit a suicide help forum or the Lactating Latina Midget MILFs section on pr0nhub, other people are not to keep tabs on that, as little as on anybody's political orientation.
-
@laoc said in A critical reflection on GDPR:
Lactating Latina Midget MILFs section on pr0nhub
Porn habits are brought up a lot as a concern but my impression is that the ad networks used by those sites are not often the same as the ad networks used by mainstream sites due to those networks' policies. Also I think that concern is exactly what led to the creation of incognito/InPrivate.
-
@heterodox said in A critical reflection on GDPR:
Lactating Latina Midget MILFs section on pr0nhub
Porn habits are brought up a lot as a concern but my impression is that the ad networks used by those sites are not often the same as the ad networks used by mainstream sites due to those networks' policies.
If you could trust the ad networks to be distinct entities that never overlap nor merge business, would that put you at ease? The other things I mentioned may be even more sensitive depending on your life.
Also I think that concern is exactly what led to the creation of incognito/InPrivate.
… which doesn't work all that well against browser profiling and other denaonymization techniques.
-
@laoc said in A critical reflection on GDPR:
If they were a "covered entity" under HIPAA, which Grindr is not:
Well people volunteered the information. So natch, people can do whatever the fuck they want with their own information.
@laoc said in A critical reflection on GDPR:
aside, I think we don't have to go into details of how those cookies work to identify users across sites for the express purpose of being able to build a database of personal interests across many sites.
This is the part that's pissing me off.
I understand that there is a database of personal interests across many sites as I've posted here several times. That has nothing to do with the question, which is, for the 347 millionth time:
How are people harmed by this?
"I feel vaguely paranoid sometimes while using Facebook" is not harm. Where is the harm? Why when I ask this question do people keep answering other questions?
Look, here's how the conversation is going. There's a black bear in the zoo.
You: "Look that bear is very large and dangerous."
Me: "Ok but has it hurt anybody?"
You: "Look it has sharp claws and teeth."
Me: "Yeah, but there's also a huge moat and fence and they feed it like 5 times a day, so."
You: "It has a scary growl!"
Me: "So it has harmed you? Or...?"
You: "The bear is very big!"
Me. "But has it actually hurt anybo--"
You: "Bears have claws!
etc.Then there was the even dumber branch where it went:
Me: "Can you think of a single plausible scenario where you, standing here outside the bear paddock, could be harmed by that bear?"
You: "Well what if Nazis took over New York City and made a policy that all zoo visitors should be thrown into the bear paddock!"You can see how it's been a frustrating conversation.
@laoc said in A critical reflection on GDPR:
If you could trust the ad networks to be distinct entities that never overlap nor merge business, would that put you at ease?
You already can, for the record. Legit ad networks never touch porn in any form.
-
@e4tmyl33t said in A critical reflection on GDPR:
@onyx said in A critical reflection on GDPR:
@hardwaregeek said in A critical reflection on GDPR:
Yes, you could definitely have your name/number unlisted. You had to pay an extra fee to keep it private, though.
And I thought T-Com charging extra for caller ID info over here was the stupidest way for a telco to squeeze extra cash out of people. You had to pay for a company to not do something? The fuck?
Welcome to America, where the rule is "If we CAN charge them for it, we WILL charge them for it"
It works the same in Europe. It's just that there's less things you can charge people for in Europe. For example, you can't charge them for roaming within EU.
-
@blakeyrat yes, there aren't and won't be any large groups of nazis in NYC in foreseeable future. But nazis aren't the only group who'd love to put down whole communities - whether it's ethnic group, voters of a particular party, or whatever they divide society by. I definitely wouldn't want BLM, Antifa or other SJW group to know where I live and that I find racist jokes funny. And even if it's very unlikely right now for them to obtain such data, it's very likely that a database having all the necessary data exists and is owned by private entity that can - legally or illegaly (but they'll never face the consequences because nobody will know) - give it to anyone at anytime, and even if they have no desire to do so now, they might have a change of heart or a change of ownership. Very unlikely, but so is war in Europe, and both would impact me personally in roughly the same way - and yet people don't think worrying about potential war in Europe is absolutely crazy.
-
@gąska said in A critical reflection on GDPR:
I definitely wouldn't want BLM, Antifa or other SJW group to know where I live and that I find racist jokes funny.
Fine; but how do they get this information from third party cookies?
-
@blakeyrat shit, I fell for your trolling again.
-
@gąska What trolling? I just want an answer my question.
-
@blakeyrat you asked me how they could get this information. I answered it. But you ignored it and pretended your question never got answered. Then I answered it again, and again, and then other people chimed in and also answered this question, but you keep pretending no one did. It's been like a week already; I'm tired of answering the same question over and over again, especially since I know you'll ignore the answer again.
-
@gąska said in A critical reflection on GDPR:
I'm tired of answering the same question over and over again, especially since I know you'll ignore the answer again.
But you're not answering the questions his shoulder aliens are asking.
More seriously, apparently @blakeyrat is saying (I don't want to put words in Blakey's mouth, but it sure seems like he's saying) that a reasonably foreseeable potential for harm is completely irrelevant unless that harm has already occurred. The rest of us (at least a sizable number of us, anyway, and I'm in this camp, obviously) are arguing that some potential harms are sufficiently harmful that they are worth anticipating and preventing, even if they seem unlikely. Some of us also believe that some kinds of invasion of privacy are inherently harmful, even if it is difficult to articulate a specific harm.
I think most, if not all, of us would agree that a 1984-esque state that knows everything about you — what you buy, where you shop, what you sell, what you read, who you make love to, what you talk about with your lover afterward — is a Bad Thing™. A lot of us think that a private, non-state entity that knows everything about you is just as bad, if not worse.
-
@hardwaregeek said in A critical reflection on GDPR:
Some of us also believe that some kinds of invasion of privacy are inherently harmful, even if it is difficult to articulate a specific harm.
Just for the record: I'm not one of them. I think data collection is bad because of harmful things it might lead to, not that it does harm in itself.
-
@blakeyrat said in A critical reflection on GDPR:
Me: "Ok but has it hurt anybody?"
Me: "Yeah, but there's also a huge moat and fence and they feed it like 5 times a day, so."
Me: "So it has harmed you? Or...?"
Me. "But has it actually hurt anybo--"Have you considered that GDPR is an attempt to be the moat and fence? Why does the zoo in your situation need them?
-
@blakeyrat said in A critical reflection on GDPR:
If they were a "covered entity" under HIPAA, which Grindr is not:
Well people volunteered the information. So natch, people can do whatever the fuck they want with their own information.
What's your argument now? Before it was that we don't need a new law because that kind of data misuse was already illegal under HIPAA. As it turned out that wasn't so, now it seems to be that we don't need a new law because if people volunteer information for any purpose it's legitimate to use it for any other purpose. What is it?
aside, I think we don't have to go into details of how those cookies work to identify users across sites for the express purpose of being able to build a database of personal interests across many sites.
This is the part that's pissing me off.
I understand that there is a database of personal interests across many sites as I've posted here several times.
Good to hear, as you seemed to be hung up on the cookies and that harm has to come from the cookies themselves.
That has nothing to do with the question, which is, for the 347 millionth time:
How are people harmed by this?"I feel vaguely paranoid sometimes while using Facebook" is not harm. Where is the harm? Why when I ask this question do people keep answering other questions?
Instead of putting words into people's mouths and inventing inane conversations you should really finish thinking about the question whether you think there's harm in non-consensual voyeurism.
Not to distract you from that, but I also consider spam a form of harm; and if you don't cringe at political profiling like this, I have scant hope.
@laoc said in A critical reflection on GDPR:
If you could trust the ad networks to be distinct entities that never overlap nor merge business, would that put you at ease?
You already can, for the record. Legit ad networks never touch porn in any form.
Your hedging with "legit", to get around the question of legality (both kinds are legal obviously) doesn't change the fact that
a) in a non-negligible number of cases site designers who do porn and non-porn sites and already do business with ad networks who admit porn sites use those same networks for all their sites for convenience
b) there's no way for even a moderately technical user to see what kind of ad network a site is using, much less before visiting it.So no, even disregarding future business mergers you can not.
-
Speaking of 1984 and data misuse:
Facebook Gave Device Makers Deep Access to Data on Users and Friends (Published 2018)
The company formed data-sharing partnerships with Apple, Samsung and dozens of other device makers, raising new concerns about its privacy protections.
Facebook’s view that the device makers are not outsiders lets the partners go even further, The Times found: They can obtain data about a user’s Facebook friends, even those who have denied Facebook permission to share information with any third parties.
“It’s like having door locks installed, only to find out that the locksmith also gave keys to all of his friends so they can come in and rifle through your stuff without having to ask you for permission,” said Ashkan Soltani, a research and privacy consultant who formerly served as the F.T.C.’s chief technologist.
-
@blakeyrat said in A critical reflection on GDPR:
@gąska What trolling? I just want an answer my question.
If people talk about the harm, you say "You're not answering my question; how do they get this information from third party cookies?" and rant about how nobody is sticking to the point.
If people talk about the compilation of data, you say "You're not answering my question; where is the actual harm?" and rant about how nobody is sticking to the point.
So it's not hard to see why some people think you are trolling.
-
@scarlet_manuka said in A critical reflection on GDPR:
If people talk about the harm, you say "You're not answering my question; how do they get this information from third party cookies?" and rant about how nobody is sticking to the point.
If people talk about the compilation of data, you say "You're not answering my question; where is the actual harm?" and rant about how nobody is sticking to the point.Right.
@scarlet_manuka said in A critical reflection on GDPR:
So it's not hard to see why some people think you are trolling.
They can think what they want; but the two replies you posted above are genuinely legit, because so far nobody's told me what harm can come from third party cookie tracking, which is the only thing I want to know.
-
This post is deleted!
-
@laoc said in A critical reflection on GDPR:
What's your argument now? Before it was that we don't need a new law because that kind of data misuse was already illegal under HIPAA. As it turned out that wasn't so, now it seems to be that we don't need a new law because if people volunteer information for any purpose it's legitimate to use it for any other purpose. What is it?
The “fun” part is that there have been studies that managed to make neural networks that could predict — and with pretty high accuracy — information that people typically want to keep fairly highly protected (e.g., sexual orientation and related preferences, some political views) on the basis of information that is readily available to operators of social networks and larger advertising networks (likes, viewing patterns). That's where everything gets messy, as the natural response is to increase the regulation of those networks on the grounds that the aggregate information they have is sensitive, an outcome that they're desperate to avoid (and willing to spend big to achieve, in
bribepolitical contribution terms).I expect the fallout from this to be entertaining in a “Oh god, why is the world burning down to the bedrock?!” way.
-
@blakeyrat said in A critical reflection on GDPR:
They can think what they want; but the two replies you posted above are genuinely legit, because so far nobody's told me what harm can come from third party cookie tracking, which is the only thing I want to know.
Whover doxxed @blakeyrat a while back, would you mind posting his email address again? As he doesn't think spam does any harm, I'd like a few African widows with cancer and vendors of health products to get to know him.
-
@laoc said in A critical reflection on GDPR:
As he doesn't think spam does any harm
That's quite the strawman. I see no evidence of that in this thread.
-
@heterodox said in A critical reflection on GDPR:
@laoc said in A critical reflection on GDPR:
As he doesn't think spam does any harm
That's quite the strawman. I see no evidence of that in this thread.
I directly answered his question "How are people harmed by this?" with an article detailing how cross-site tracking causes spam. When he rehashes the usual "so far nobody's told me what harm can come from third party cookie tracking", I can only assume that I consider spam harmful but he doesn't.
-
About being careless with data ...
In seconds, we faked our way into a political campaign, got unsecured voter data
Data analytics firm says this is normal: "It's the way that campaigns are run."
I'm not saying GDPR fixes shit but it at least makes an attempt
-
@boomzilla said in A critical reflection on GDPR:
I think that's a dishonest comparison. You might as well say that stores shouldn't know what I bought from them.
I will say that. They have no business with that information. They definitely have a legitimate need to know what has been bought from them, for inventory management purposes, but the only purpose in associating individual people with purchases is to track and analyze their purchasing history.
-
@codejunkie said in A critical reflection on GDPR:
I'd have to say that, as per usual, GDPR is the result of politicians trying to solve the wrong problem with the wrong solution.
Yes, this exactly.
As I said above when someone said that the GDPR was something that needed to happen, something needed to happen but this was not it!
-
European Commission behind new GDPR law not 'GDPR compliant'
The European Commission's “embarrassing” data breach comes after companies rushed to meet the May 25 deadline which saw the EU’s new GDPR law come into force.
-
@laoc said in A critical reflection on GDPR:
@blakeyrat said in A critical reflection on GDPR:
They can think what they want; but the two replies you posted above are genuinely legit, because so far nobody's told me what harm can come from third party cookie tracking, which is the only thing I want to know.
Whover doxxed @blakeyrat a while back, would you mind posting his email address again? As he doesn't think spam does any harm, I'd like a few African widows with cancer and vendors of health products to get to know him.
Oh, it's obviously fuck@you.com .
-
@masonwheeler said in A critical reflection on GDPR:
European Commission behind new GDPR law not 'GDPR compliant'
The European Commission's “embarrassing” data breach comes after companies rushed to meet the May 25 deadline which saw the EU’s new GDPR law come into force.
Is that JackSepticEye?
-
@tsaukpaetra said in A critical reflection on GDPR:
Is that JackSepticEye?
No idea. It kind of looks like that one actor, whose name escapes me at the moment. The guy who played Sylar on Heroes and Spock on the Star Trek reboot movies...
-
-
@e4tmyl33t said in A critical reflection on GDPR:
@tsaukpaetra said in A critical reflection on GDPR:
Is that JackSepticEye?
It is indeed.
Yay! External validation! Score one for non-deterministic facial recognition!
-
How can Santa keep his lists when the GDPR is around?
For my non-European readers, here is an excerpt of what the GDPR means: (emphasis mine) The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all
-
@coldandtired Some people take this santa thing way too serious.
-
@pleegwat said in A critical reflection on GDPR:
@coldandtired Some people take this
santaEurope thing way too serious.
-
@masonwheeler said in A critical reflection on GDPR:
@boomzilla said in A critical reflection on GDPR:
I think that's a dishonest comparison. You might as well say that stores shouldn't know what I bought from them.
I will say that. They have no business with that information. They definitely have a legitimate need to know what has been bought from them, for inventory management purposes, but the only purpose in associating individual people with purchases is to track and analyze their purchasing history.
Then don't buy anything from them. Problem solved.
-
@polygeekery said in A critical reflection on GDPR:
Then don't buy anything from them. Problem solved.
Quick, how many unspoken assumptions can you spot in that glib statement?
-
@masonwheeler the point is that you gave them the information. If you have such an issue with them building a profile on you, don't do business with them. Or pay cash.
-
@polygeekery Still with all the same unspoken assumptions, which can still be just as wrong just as easily...
-
@masonwheeler said in A critical reflection on GDPR:
@polygeekery Still with all the same unspoken assumptions, which can still be just as wrong just as easily...
Does this post actually have a point?
-
@bb36e That he's trying to take a best-case scenario and treat it as a general rule, and if he'd spend a couple moments to actually think about the implications he'd see that reality is nowhere near that simple.
