this post was submitted on 11 Aug 2023
551 points (94.2% liked)
Asklemmy
43948 readers
520 users here now
A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
People here don't know anything about tech regulation or privacy even though they pretend to and almost every criticism I see is just straight up wrong. And I'm a data engineer who works in tech focused on privacy.
I have a feeling this is the case for any technical subject that happens to be diiscussed on social media. Mostly everything I read about my own domain of expertise is often flat out wrong, but repeated with such confidence and appeal to authority that it makes you wonder what else here is wrong.
Duning Kruger baby!
Yep, it is always those with just enough knowledge to be dangerous. Some guy who watched a youtube video, took a 101 class, or just started in the field. It is crazy really, and of course it is very hard to convince those people of anything because sometime the wiser, non-newbie opinion will seem overkill to them since they believe the issue to be very simple and clear-cut.
What do you believe are the best practices to protect ones privacy would be, regardless of complexity (something extremely effective, but not necessarily easy to set up/use)?
Reject society, become a hermit, and move to the woods off grid, because otherwise you can't.
Sure, you can refuse to sign up for every big tech company that does targeted advertising, but if you want to participate in society at some point you'll need to join a financial institution and you'll probably need insurance. I've worked in insurance and by nature the data collected is way more personal and intrusive than anything needed for targeted advertising, but they can fly under the radar because everyone is laser focused on targeted advertising tech companies right now. Imo the most concerning data leaks of our time have been financial institutions like Equifax, which everyone forgot about almost immediately, but we're still obsessing over which of your personal preferences Google knows.
But for the vast majority of people, none if this really matters, because on a personal level nobody actually gives a shit about you.
I'll end it with a disclaimer that there are exceptions (e.g. if you're looking for an out of state abortion in America use E2E encrypted apps) and overall I do think privacy regulations like the GDPR and CCPA have made good progress across the industry into keeping sensitive data safe, but the community on Lemmy is looking for big tech blood that they'll never get.
idk I mostly agree with you. Although, how do the insurance companies collect that information? I know there's car insurance apps that sense how good your driving is, but other than that is it mostly just datamining of publicly available documents etc like those background check or people finder sites do?
I worked in Canadian health benefits, everything you submit is data. Not just your SIN and address, but which drugs you're on, which paramedicals you use, all that good stuff.
When I signed up for life insurance they came and took my blood to run tests too, that's pretty personal lol.
at least you mostly know what data insurance companies get though, with tech its somewhere between all of your internet activity ever, and nothing because its too expensive.
personally it seems worth it to me to avoid large tech companies simply because I have the time to deal with some lost convenience, and if they are storing everything then they will have less on me, and if they aren't, well I've learned loads about IT, and its been kinda fun.
Even talking about it at all on non e2ee apps can get you caught, not just "hey doc.." but even "hey ma, I'm gonna.." Know what though? We can expand this to any crime, seditious materials, not wanting the contents of your messages to be stored in perpetuity in case something like abortion laws change or databases get hacked or seized. And not every country is the US btw, some people in this world need Tor to access Facebook without being sent to Lake Laogai. Not to mention, the NSA, FBI, and CIA, love that they can buy your data in bulk, they don't want to go back to needing warrants, personally, I like warrants, as they have to at least ask a judge and it at least ostensibly has to be for a reason, as opposed to "here's $50 gimme data." Btw while we're talking about buying data, did you hear about the fact that you can buy life360 data for a neighborhood at $45, and this data tells you when people usually leave the house/come back from work, and you or me could buy this data and use it to rob every life360 user in the neighborhood. Sure we don't know who we're robbing, but we do know that it's 2pm and nobody will be home for another 4hr.
If you don't like or need privacy, please post your credit card numbers, exp date, sec code, full address, and SSN, medical records, and leave that door unlocked for me, but trying to convince me there's no reason to be mad about it or to try and limit the scope of their warrantless surveillance ain't gonna work, it is a problem that needs fixing, not apathy.
This comment is just filled with the misinformation I'm taking about
What exactly is misinfo?
Edit: Downvote, but not expound upon your point? Seems to me that is a tacit admission of a lack of truth. Especially considering everything I referenced is known to be true, not some conspiracy theory, if all you've said is "misinformation" but can't explain how I'll have to trust the sources.
https://www.theverge.com/2021/12/9/22820381/tile-life360-location-tracking-data-privacy
https://arstechnica.com/tech-policy/2023/07/instead-of-obtaining-a-warrant-the-nsa-would-like-to-keep-buying-your-data/
https://www.npr.org/2022/08/12/1117092169/nebraska-cops-used-facebook-messages-to-investigate-an-alleged-illegal-abortion
No, that's not how E2EE works.
They can't, this is illegal in the majority of first world countries.
Life360 only shares aggregated data with 3rd parties, not personal data.
Lol no it doesn't
Never said I don't need or like privacy, it's literally my job and I'm quite passionate about it. I said people here share bullshit misinformation, which you just did. Your sources prove absolutely none of your claims.
Uhh, yeah it is. E2ee (with keys controlled by the users) does "work" by keeping your conversation data encrypted (assuming the encryption isn't cracked and the keys aren't held by attacker). Messages that are not e2ee are not encrypted, so they can be read without breaking the encryption they don't have simply by obtaining a warrant or in some cases simply requesting (by the government).
It literally is "the whole point" of e2ee, that is how it works.
They can and do. Have another link.
From the text:
I disagree, I think that knowing my every move throughout the day is personal, whether they know my name or not, they know where I sleep, they know where I work, they know where I hang out, that is pretty personal. Not to mention if you know who lives in "House A" and you buy the location data for the area "House A" is in, you have just deanonymized them and can now use it for stalking purposes.
https://www.businessinsider.com/life360-family-safety-app-sells-user-location-data-report-2021-12?op=1
You sure about that?
Listen you say you do this for a living, but you provide no sources debunking the claims, the DHS isn't even denying they do it, their lawyer is claiming it is legal, they literally admit it, idk what else to tell you man, it looks like they do. From the life 360 TOS:
They literally admit to selling location data, even if it is "de-identified" that still means my home address can be easily figured out, my name isn't the problem, the problem is the "precise location data" they admit to selling. Sorry my dude but it all seems to be the case.
Misread your initial comment, sure, messaging apps without E2EE can turn over your messages, this was never a topic of conversation.
And I don't need to debunk claims that were never proven to begin with. That's not how this works.
Admission is good enough for proof in my book, barring coercion which I don't think the DHS lawyer or life360 was being subjected to at the time. If they aren't doing it why should they lie and say they are? Furthermore, you assert that it is "illegal" for them to buy the data, the DHS lawyer disagrees, so does the US Government (here's the NBC article I got that from), in this US Government document, and frankly it does seem to be a loophole. Can you direct me to the law preventing federal agencies from buying data from data brokers? If it is in fact illegal, there is a law somewhere that says so, can you point me to that?
You're wrong my dude.
Edit: Back to downvoting with no argument, eh? I'm starting to think you're one of these feds trying to gaslight me tbh.
Jesus man, I'm not sitting around waiting to reply to your comments, this is not a real time conversation, this is social media, get used to latency for fucks sake. Yeah sure, I'm secretly a federal agent tasked with spreading evil agendas across Lemmy, whatever.
It just seems to be your MO, downvote and say "nuh uh" but otherwise provide nothing of value beyond "trust me bro I'm a doctor." Have fun with your psyops or whatever you're doing trying to convince people privacy isn't something they should strive for and to just let the stalking corporations and government entities have everything they want because insurance can see your medical records or whatever the fuck you were on about, I'm done here, I've sufficiently proven my point and you've nothing to back yours, begone.
Nobody owes you a conversation on here
Ya mama
So your whole rant is false?
Because of exceptions? No