I honestly don't think privacy legislation would make much headway, simply for the reason that vast majority of people outside of the HackerNews crowd don't care about it.
When people say they care about privacy, most of the time they mean they care about anonymity, as in privacy from people who knows them personally. They don't want their internet search history to be known by friends or family or coworkers, but they probably have no qualm if it's just data being sent to large corporate service providers.
That's why people would continue to trade personal info for conveniences for the foreseeable future, and as long as corporations maintain public anonymity for those data the most we'll ever see are temporary public outrages.
>When people say they care about privacy, most of the time they mean they care about anonymity, as in privacy from people who knows them personally. They don't want their internet search history to be known by friends or family or coworkers, but they probably have no qualm if it's just data being sent to large corporate service providers.
>That's why people would continue to trade personal info for conveniences for the foreseeable future, and as long as corporations maintain public anonymity for those data the most we'll ever see are temporary public outrages.
Absolutely agree. We've had no shortage of privacy related issues surfaced in the mainstream media, likely most notably Snowden's leaks. Some in the media made a concerted effort to make people understand just how grave the situation was, for example Colbert letting everyone know, on air, that they can access the dick pics you've sent people privately.
People heard it, digested it briefly, shrugged their shoulders and continued on without regard. In fact, people have become worse with their private information than ever before:
- People are now sending their DNA to private companies, with no care for the T&Cs involved, in exchange for utterly shallow, almost irrelevant genetic history infographics.
- People are wearing "wearables" that are reporting their heart rate, activity levels, sleep quality, etc. to private companies.
- People are opening their homes up to 24/7 surveillance with always on, always listening "smart home" devices.
- Many more people than ever are posting naked photos/videos of themselves on Reddit, Snapchat, etc., hosted on sites whose owners they have no clue of, ran by staff they have no idea of, etc.
They were told the risks, they did not care and so will be given, and will deserve, zero sympathy when something comes out highlighting the abuses enabled by some of the above. "We didn't know!" does not cut it anymore.
How do the ethics line up for an insurance company analyzing data from your wearables and seeing a data point that indicates a significant increase in the chance of a heart attack? Do they tell you and pay for preemptive care? Do they drop you as a customer? How many people have to die vs survive a heart attack to make warning you vs hoping you die the most profitable option?
In the US, insurance companies are required to provide you with insurance, and the insurance must cost only a certain percentage more than insurance for the healthiest (youngest) people. This is effectively a subsidy from people not likely to need healthcare (young) to people likely to need healthcare (old). Aka Medicare or nationalized healthcare in other countries.
This website has a nice table showing the adjustment factors.
NJ has a nice pdf explaining age rating factors, showing that early 20s is the benchmark, and even though people in 50s and 60s use much more than 3x the healthcare people in early 20s do, the premium is capped at 3x of those in early 20s.
As an aside, when people complain in the US that the ACA law increased their healthcare costs, what they are complaining about is having to pay for other people’s healthcare. Other than increase supply of healthcare (doctors, medicines, etc), there is no solution to bringing costs down.
This, exactly this.
I have been trying to convert a bunch of my non-tech social network to start using privacy respecting services (DDG/Signal/Tutanota primarily) and have seen more of apathy than pushback. People seem to have no qualms about their search history/messaging being analyzed/indexed/used for targeting as long as they can keep using those services free.
Honestly, until they experience first-hand a totalitarian government weaponizing their information they won't care. Even then, only that generation - well the survivors of that generation - will care. It's not enough to ponder about how much more deadly the Soviets could have been, or reading about what China is doing. For most people, if it's not happening to them immediately and directly, they just don't care.
Tutanota has a subpar UI/UX, and people like shiny. You won't get the masses with that.
DDG is valiant, but doesn't give the same "read my mind" feeling that Google has people used to. I see few people stick with it due to this.
Signal has proven itself as a great product in many ways, but people opt for the convenience that other messengers provide. The Signal crew seems to understand this, though, and slowly be working towards ways to match that. They'll (eventually, IMO) succeed for this reason - more "privacy respecting" entities need to take this route and understand that you will not get users or attention solely on espousing privacy rights.
My personal experience has been that people often don't know the extent of the data recorded and stored by corporations. For instance, someone (young and otherwise smart) simply refused to believe me when I told them that Google maps estimates traffic by tracking the location of every car using Google maps [1]. They thought Google was using live satellites imagery to estimate traffic.
[1] Didn't even mention the part about Google possibly tracking your location even if you don't use maps.
They might not but being concerned with that type of a thing comes with a deeper more committed understanding of why we might want to care about it can you take away the government is accountable for a lot of layers of our existence which we might not daily care about but are absolutely critical
> (US sites comply by region blocking GDPR covered users).
The only thing they comply with is their own paranoia. The GDPR doesn't even apply to US companies if they don't specifically target EU users.
I wouldn't be surprised if many sites were only violating the GDPR because they show those "cookie notices" which completely miss the point and don't help with compliance but could be considered catering to EU users.
It’s making headway right now, in the form of CCPA and GDPR. CCPA sets it up so masses of people can have a simple way to not only opt out of data collection but also delete data.
