
EFF’s “Spying on Students” Report Highlights Tech Companies’ Data Collection - DiabloD3
https://www.eff.org/press/releases/effs-spying-students-report-highlights-tech-companies-data-collection-parents
======
Icedcool
This is yet another example of a need for some level of a bill of rights for
our online lives/information.

Something that guarantee's proper and fair usage, with privacy. The decision
making of which I'm sure would be a long and deep debate.

If someone stuck an rfid tag in your ear, and tracked where you moved and what
you did, I would expect some compensation for that information. Yet we get
cookies attached to our browsers, we are profiled and tagged to watch
everything that we do online.

The de-regulation of the consumer information protection is important in that
it is bringing attention to a bigger issue. The ISP's just want to do the same
thing other companies have been doing all along.

~~~
ocdtrekkie
One of the things that strikes me as so crazy we don't have this here in the
US, is the UN considers it a _basic human right[1]_.

[1] [http://www.un.org/en/universal-declaration-human-
rights/](http://www.un.org/en/universal-declaration-human-rights/)

~~~
refurb
The UN can make whatever they want a right. They don't really have any way to
enforce these rights.

~~~
ocdtrekkie
This is true, and I wasn't claiming anything further. However, according to
Wikipedia, the United States was one of the 48 countries who voted to proclaim
the Universal Declaration of Human Rights. There were 8 abstentions, but none
opposed.

The Universal Declaration of Human Rights is a document which is globally
accepted, therefore, to represent what human rights should be. The fact that
the US, the supposed "land of the free", falls short of this, is just
particularly sad.

------
hackuser
I agree with the EFF's position but what the EFF, I, and others with the same
point of view lack is an elevator pitch on the harm of losing privacy (or the
benefits of privacy). The EFF and I generally assume know the risk is well-
known, but it's not. When people ask me, 'what's the harm?' or 'so what?', I
don't have an effective answer prepared.

So what is an _effective_ answer? Requirements: Short, high-impact, memorable
(it must spread), crystal clear for the completely non-technical, not easily
refuted.

~~~
mysterydip
In my opinion: it's permanent. Simple as that. Even if the info is harmless in
isolation today, any new bit that can be identified as you becomes part of
your aggregate.

Ten years from now, or tomorrow, People You Don't Like could be in charge of
any given agency or company, and deny you things then based on what you did
today that was perfectly legal or ethical.

There are more extrapolations from that but it should be enough to be short
but get the gears turning.

~~~
dhimes
Nobody cares. What I hear? "So what?"

~~~
pdkl95
Insurance companies mining as much data as possible to find reasons to deny
claims. There is a very good chance that they will be (are already?) able to
infer prohibited information to raise prices.

If they are concerned with racial issues (or similar), try pointing out how
data analysis can hide institutional racism (or other biases) - even
unintentionally - into the algorithms behind finance, criminal
sentencing/parole, future employment opportunities, _etc_.

Even if none of that happens to apply, there are two big reasons they should
care. First, the unknown. In the circus we call our current political
environment, do they really want a future $POLITICAL_ENEMY to have a detailed
map of who they are, what they do, what they like, where they move during the
day and who was with them (COTRAVELER), and anything else modern machine
learning techniques can find?

The final reason is... because it isn't always about them. _Other_ people
might be in worse situations and it's important to stand with them by
_normalizing_ sufficient privacy. In his essay[1] on why he wrote PGP, Philip
Zimmermann said

>> "What if everyone believed that law-abiding citizens should use postcards
for their mail? If a nonconformist tried to assert his privacy by using an
envelope for his mail, it would draw suspicion. Perhaps the authorities would
open his mail to see what he's hiding. Fortunately, we don't live in that kind
of world, because everyone protects most of their mail with envelopes. So no
one draws suspicion by asserting their privacy with an envelope. There's
safety in numbers. Analogously, it would be nice if everyone routinely used
encryption for all their email, innocent or not, so that no one drew suspicion
by asserting their email privacy with encryption. Think of it as a form of
solidarity."

This is similar to the concept of _herd immunity_ [2] with vaccines. Vaccines
are not 100% protection and some people cannot take them for various reasons.
Those people still benefit from the general vaccine use producing fewer
opportunities for infection. Similarly, when enough people protect their
privacy, there is less incentive to abuse data thanks to lower profits and
increased political costs.

[1]
[https://www.philzimmermann.com/EN/essays/WhyIWrotePGP.html](https://www.philzimmermann.com/EN/essays/WhyIWrotePGP.html)

[2]
[https://en.wikipedia.org/wiki/Herd_immunity](https://en.wikipedia.org/wiki/Herd_immunity)

~~~
dhimes
I've made the "insurance companies" argument before, most recently with the
isp regulation rollback (visit webmd and watch your rates go up). I just can't
sell it (but I don't seem to be able to sell much of anything, sadly- that's a
different story lol).

Do you know of any evidence where that has happened? I wanted to say that
those things they blamed on Obamacare were actually because they were posting
pictures of themselves at barbeques on facebook- but it's hyperbole to my
knowledge.

The "getting rid of envelopes for mail" argument might work on some.

------
pizzetta
While the right to be forgotten can recall "sanitization" or some kind of
censorship, kids should be able to have their histories and everything
associated with them pre-adulthood expunged. As kids we all did silly and
regrettable things. It'll be a shame if we allow those things to follow people
thought-out their lives.

As kids we're exploring all kinds of ideas --some good, some regrettable, but
we should be able to explore them without fear these crumbs of exploration
will follow us in to the future as if we were fully mature and aware as we
explored ideas.

~~~
jstanley
> As kids we're exploring all kinds of ideas --some good, some regrettable,
> but we should be able to explore them without fear these crumbs of
> exploration will follow us in to the future as if we were fully mature and
> aware as we explored ideas.

Why shouldn't everybody be allowed to explore ideas without consequence?

~~~
pizzetta
When you are a kid you can get into the wrong crowd and easily want to explore
stupid things (bullying, drugs, bias, prejudice, etc.) Adults don't have the
luxury or excuse of youth to say, "it was a stupid thing to say, but my
thoughts were immature and my mind and self are still developing". There are
some things that one as an adult should not "get away with" where non-adults
should, in my estimation.

~~~
Silhouette
_Adults don 't have the luxury or excuse of youth to say, "it was a stupid
thing to say, but my thoughts were immature and my mind and self are still
developing"._

Perhaps we should, at least more than we do in practice today. I'm not sure
enforcing conservative views or limiting open debate on controversial subjects
is good for either the individuals involved or society as a whole.

------
liquidise
One thing that is rarely mentioned in the online privacy discussion is how it
stands to influence elections in 20 years.

Right now we take ideological issue with statements of candidates past
preachers or professors. Imagine when a simple leak will spill every horrible
thing a candidate said during their teenage years to friends on Facebook
messenger or aim. It will be a lagging indicator of privacy policy, but one
that stands to influence American politics in a couple of decades.

~~~
_iao
That already doesn't matter. Trump openly said he molested women.. No one
cares apparently.

~~~
Silhouette
Lots of people cared. Just not quite enough or in the right parts of the US,
unfortunately.

------
squozzer
Finally, a "for the children" argument that doesn't take away rights. Given
the situation, my emotional state is hopeful, but not sanguine.

~~~
Bartweiss
...before this, I'm not sure I've _ever_ seen a "for the children" argument
that supported individual rights. And perhaps worse, I never even noticed
until this moment.

It's a bit funny, I regularly argue for youth rights, but standard "for the
children" arguments are purely rights-restrictive.

------
trendia
When the telecoms wanted Congress to lift that pesky ISP consumer information
protection, they argued that the regulations allowed Google to get ahead while
they were left in the dust. Will educational companies lobby for the same kind
of freedom?

~~~
pryelluw
I used to work in EdTech. One of the most common issues school admins told me
face to face was how big tech corps were storing all of the students data with
merely a promise to not exploit it. Its one ofnthe few great advertising
opportunities that are left and companies are itching to get to it.

------
mirimir
I'm reminded of Cambridge Analytics' claims about profiles for everyone in the
US. So now profiles will include stuff from parents' social media: prenatal
sonograms, baby pictures, first step videos, etc. Also logs from interactions
with toys. And their social media. Plus the educational records.

I can't imagine that will work out well for them :(

------
Animats
If you have access to a school-provided tablet, see if it's doing a MITM on
SSL/TLS connections. Go to some web site like a big bank, and examine the
site's certificate in detail.

