Main Area and Open Discussion > Living Room
Privacy (collected references)
IainB:
Original post:2018-06-28Last updated:2018-11-16Privacy - especially in the "Internet Age" - is something that has the potential sometimes (often?) to be overlooked/ignored or abused:
* Sometimes the personal privacy of oneself may be overlooked/ignored by individuals who might not realise the relevance/importance of their own right to personal privacy - or that of members of society in general - people who probably might care a lot more if they were more aware (less ignorant) of some of the potential and wider ramifications/implications of privacy issues.
* Sometimes the personal privacy of others may be overlooked/ignored or abused by people, government functions and corporations who are focused on, or being driven by objectives which may be incompatible with the rights to personal privacy of others.
So I thought it might be useful to create a "Privacy thread" to collect/collate some salient privacy-related points that we come across and provide some kind of index to same.
About Privacy:
* This discussion thread.
* The NEED for privacy:
* Three Reasons Why the "Nothing to Hide" Argument is Flawed.
* I’ve Got Nothing to Hide” and Other Misunderstandings of Privacy.____________________________________________
DNS-related: :Thmbsup:
* CloudFlare launches privacy oriented DNS servers
* DNSCrypt (to be added).
DonationCoder forum (DCF) and user privacy:
* DCF Privacy Policy (FAQ) - comprehensive summary and detail.
* GDPR (EU General Data Protection Regulation, 2018) implemented for DC forum (announced 2018-05-24).
* Search DCF Site: for "privacy" - https://duckduckgo.com/site:donationcoder.com/forum/_privacy
GDPR (EU General Data Protection Regulation, 2018): :Thmbsup:
* California passes its own GDPR (2018-06-29)
* GDPR implemented for DC forum (announced 2018-05-24).
* MEGA - General Data Protection Regulation Disclosure.
Government-authorised privacy breaches: :down:
* US NSA (National Security Agency) + "Five Eyes" nations (SnowdenGate) - Knight to queen's bishop 3 - Snowden charged with espionage.
Search engines and websites that are apparently committed to preserving the user's full right to privacy:
* Abine.com
* DuckDuckGo
* https://duckduckgo.com/newsletter
* https://reddit.com/r/duckduckgo
* https://spreadprivacy.com/
* HAT (Hub of All Things).
* LastPass.com
Search engines and websites that apparently rely on tracking/utilising the user's personal data/metadata to maintain their marketing and/or revenue streams:
* Facebook.com - and most other "social networking" sites and their assets.
* Google.com - including Google search engine and most of its other assets - i.e., "free" and paid services.
* Google enforces its ownership of user data.
* Microsoft.com - including Bing search engine and most of its other assets - i.e., "free" and paid services like LinkedIn.com.
* Just about any website that insists that you "Subscribe" by providing your ID.
Software:
* Abine.com - apps and browser extensions - Passwords, Payments, & Privacy.
* Windows 10 Privacy Concerns.
Tips & Tricks:
* 8 Steps to Secure Your Facebook Privacy Settings
* 10 tips recommended for teachers' privacy sanitisation.
Vested interests antithetical with Privacy regulation:
* See corporate interests referred to here - California passes its own GDPR (2018-06-29)
* Re: Privacy: IT companies intend to profit from your loss of privacy?
- includes: Twitter, Facebook, and Google are Fighting Internet Privacy Laws
IainB:
This was the post I read today (2018-06-28) on the DuckDuckGo blog that caused me to start this thread. The whole ethos of DuckDuckGo is based on privacy, so it does not have an axe to grind, but it does differentiate its services because of that. I thought the post raised some valid, cogent and thought-provoking points. I've copied the post below in its entirety, together with embedded hyperlinks, rather than just provided the link, because it would seem worthy of discussion in and of itself.
(Copied below sans embedded images.)
Three Reasons Why the "Nothing to Hide" Argument is Flawed
27 JUNE 2018/PRIVACY
Over the years, we at DuckDuckGo have often heard a flawed counter-argument to online privacy: “Why should I care? I have nothing to hide.”
As Internet privacy has become more mainstream, this argument is rightfully fading away. However, it’s still floating around and so we wanted to take a moment to explain three key reasons why it's flawed.
1) Privacy isn’t about hiding information; privacy is about protecting information, and surely you have information that you’d like to protect.
* Do you close the door when you go to the bathroom? Would you give your bank account information to anyone? Do you want all your search and browsing history made public? Of course not.
* Simply put, everyone wants to keep certain things private and you can easily illustrate that by asking people to let you make all their emails, texts, searches, financial information, medical information, etc. public. Very few people will say yes.
2) Privacy is a fundamental right and you don't need to prove the necessity of fundamental rights to anyone.
* You should have the right to free speech even if you feel you have nothing important to say right now. You should have the right to assemble even if you feel you have nothing to protest right now. These should be fundamental rights just like the right to privacy.
* And for good reason. Think of commonplace scenarios in which privacy is crucial and desirable like intimate conversations, medical procedures, and voting. We change our behavior when we're being watched, which is made obvious when voting; hence, an argument can be made that privacy in voting underpins democracy.
3) Lack of privacy creates significant harms that everyone wants to avoid.
* You need privacy to avoid unfortunately common threats like identity theft, manipulation through ads, discrimination based on your personal information, harassment, the filter bubble, and many other real harms that arise from invasions of privacy.
* In addition, what many people don’t realize is that several small pieces of your personal data can be put together to reveal much more about you than you would think is possible. For example, an analysis conducted by MIT researchers found that “just four fairly vague pieces of information — the dates and locations of four purchases — are enough to identify 90 percent of the people in a data set recording three months of credit-card transactions by 1.1 million users.”
It’s critical to remember that privacy isn't just about protecting a single and seemingly insignificant piece of personal data, which is often what people think about when they say, “I have nothing to hide.” For example, some may say they don't mind if a company knows their email address while others might say they don't care if a company knows where they shop online.
However, these small pieces of personal data are increasingly aggregated by advertising platforms like Google and Facebook to form a more complete picture of who you are, what you do, where you go, and with whom you spend time. And those large data profiles can then lead much more easily to significant privacy harms. If that feels creepy, it’s because it is.
We can't stress enough that your privacy shouldn’t be taken for granted. The ‘I have nothing to hide’ response does just that, implying that government and corporate surveillance should be acceptable as the default.
Privacy should be the default. We are setting a new standard of trust online and believe getting the privacy you want online should be as easy as closing the blinds.
For more privacy advice, follow us on Twitter & get our privacy crash course.
Dax the duck
We are the Internet privacy company that lets you take control of your information, without any tradeoffs. Welcome to the Duck Side!
(Read more.)
--- End quote ---
Deozaan:
Three Reasons Why the "Nothing to Hide" Argument is Flawed
--- End quote ---
-IainB (June 28, 2018, 01:02 AM)
--- End quote ---
Here's a more in depth paper on the subject:
"I've Got Nothing to Hide" and Other Misunderstandings of Privacy by Daniel J. Solove
Disclaimer: I haven't taken the time to read it yet, so I can't speak to its contents.
anandcoral:
Long time ago, I upgraded to Win10 and it insist on online login and updating my os at it own whims. I started using Android mobile is always connected to my email to big brother and it knows what I type in keyboard. My laptop is ever connected to internet and many programs just update and throw ads and make merry to themselves.
Now I do not have much energy or time to even think of privacy. Obviously I do keep watch behind my back when I am doing online bank transaction.
Regards,
Anand
IainB:
This post at TheRegister signals extremely good news for the privacy of the general public user of the Internet. The post is also rather enlightening: (my emphasis)
(Copied below sans embedded hyperlinks/images.)
Google weeps as its home state of California passes its own GDPR
The right to view and delete personal info is here – and you'll be amazed to hear why the law passed so fast
By Kieren McCarthy in San Francisco 29 Jun 2018 at 20:0213 Reg comments
Uh oh, someone just got some bad news
California has become the first state in the US to pass a data privacy law – with governor Jerry Brown signing the California Consumer Privacy Act of 2018 into law on Thursday.
The legislation will give new rights to the state's 40 million inhabitants, including the ability to view the data that companies hold on them and, critically, request that it be deleted and not sold to third parties. It's not too far off Europe's GDPR.
Any company that holds data on more than 50,000 people is subject to the law, and each violation carries a hefty $7,500 fine. Needless to say, the corporations that make a big chunk of their profits from selling their users' information are not overly excited about the new law.
"We think there's a set of ramifications that's really difficult to understand," said a Google spokesperson, adding: "User privacy needs to be thoughtfully balanced against legitimate business needs."
Likewise tech industry association the Internet Association complainedthat "policymakers work to correct the inevitable, negative policy and compliance ramifications this last-minute deal will create."
So far no word from Facebook, which put 1.5 billion users on a boat to California back in April in order to avoid Europe's similar data privacy regulations.
Don't worry if you are surprised by the sudden news that California, the home of Silicon Valley, has passed a new information privacy law – because everyone else is too. And this being the US political system there is, of course, an entirely depressing reason for that.
Another part of the statement by the Internet Association put some light on the issue: "Data regulation policy is complex and impacts every sector of the economy, including the internet industry," it argues. "That makes the lack of public discussion and process surrounding this far-reaching bill even more concerning. The circumstances of this bill are specific to California."
I see...
So this bill was rushed through?
Yes, it was. And what's more it was signed in law on Thursday by Governor Brown just hours after it was passed, unanimously, by both houses in Sacramento. What led lawmakers to push through privacy legislation at almost unheard-of speed? A ballot measure.
That’s right, since early 2016, a number of dedicated individuals with the funds and legislative know-how to make data privacy a reality worked together on a ballot initiative in order to give Californians the opportunity to give themselves their own privacy rights after every other effort in Sacramento and Washington DC has been shot down by the extremely well-funded lobbyists of Big Tech and Big Cable.
Hand locking door
GDPR forgive us, it's been one month since you were enforced…
READ MORE
Real estate developer Alastair Mactaggart put about $2m of his own money into the initiative following a chance conversation with a Google engineer in his home town of Oakland in which the engineer told him: "If people just understood how much we knew about them, they’d be really worried."
Mactaggart then spoke with a fellow dad at his kid's school, a finance guy called Rick Arney who had previously worked in the California State Senate, about it. And Arney walked him through California's unusual ballot measure system where anyone in the state can put forward an initiative and if it gets sufficient support will be put on the ballot paper at the next election.
If a ballot initiative gets enough votes, it becomes law. There have been some good and some bad outcomes from this exercise in direct democracy over the years but given the fact that both Mactaggart and Arney felt that there was no way a data privacy law would make its way through the corridors of power in Sacramento in the normal way, given the enormous influence of Silicon Valley, they decided a ballot measure was the way to go.
Beware the policy wonk
One other individual is worth mentioning: Mary Stone Ross was a former CIA employee and had been legal counsel for the House of Representatives Intelligence Committee and she also lives in Oakland. Mactaggart persuaded her to join the team to craft the actual policy and make sure it could make it through the system.
Together the three of them then spend the next year talking to relevant people, from lawyers to tech experts to academics to ordinary citizens to arrive at their overall approach and draft the initiative.
And it is at that point that, to be put in bluntly, the shit hit the fan. Because the truth is that consumers – and especially Californians who tend to be more tech-savvy than the rest of the country given the concentration of tech companies in the state – understand the issues around data privacy rules and they want more rights over it.
With the initiative well structured and the policy process run professionally, the ballot measure gained the required number of supporters to get it on the ballot. And thanks to the focus groups and polls the group carried out, they were confident that come November it would pass and data privacy become law through direct democracy.
At which point, it is fair to say, Big Internet freaked out and made lots of visits to lawmakers in Sacramento who also freaked out.
The following months have seen a scurry of activity but if you want to know why the bill became law in almost record time and was signed by Governor Brown on Thursday all you need to know is this single fact: the deadline for pulling the initiative from November's ballot as last night – Thursday evening – and Mactaggart said publicly that if the bill was signed, he would do exactly that and pull his ballot measure.
Privy see
You may be wondering why Sacramento was able to get it through unanimously without dozens of Google and Facebook-funded lawmakers continually derailing the effort, especially since it was still a ballot measure. After all, the tech giants could have spent millions campaigning against the measure in a bid to make sure people didn’t vote for it.
And the truth is that they had already lined up millions of dollars to do exactly that. Except they were going to lose because, thanks to massively increased public awareness of data privacy given the recent Facebook Russian election fake news scandal and the European GDPR legislation, it was going to be very hard to push back against the issue. And it has been structured extremely well – it was, frankly, good law.
There is another critical component: laws passed through the ballot initiative are much, much harder for lawmakers to change, especially if they are well structured.
So suddenly Big Tech and Sacramento were faced with a choice: pass data privacy legislation at record speed and persuade Mactaggart to pull his ballot initiative with the chance to change it later through normal legislative procedures; or play politics as usual and be faced with the same law but one that would be much harder to change in future.
And, of course, they went with the law. And Mactaggart, to his eternal credit, agreed to pull his ballot measure in order to allow the "normal" legislative approach to achieve the same goal.
And so the California Consumer Privacy Act of 2018 is now law and today is the first day that most Californians will have heard of it. Sausage making at its finest.
Of course, Google, Facebook et al are going to spend the next decade doing everything they can trying to unravel it. And as we saw just last week, lawmakers are only too willing to do the bidding of large corporate donors. But it is much harder to put a genie back in the bottle than it is to stop it getting out. ®
Copied from: Google weeps as its home state of California passes its own GDPR • The Register - <https://www.theregister.co.uk/2018/06/29/california_data_privacy_law/>
--- End quote ---
Navigation
[0] Message Index
[#] Next page
Go to full version