
Why is it so hard to convince people to care about privacy? - walterbell
http://www.theguardian.com/technology/2015/oct/02/why-is-it-so-hard-to-convince-people-to-care-about-privacy?CMP=share_btn_tw
======
onion2k
A huge part of the problem is that we taught users the wrong thing when the
web was in its infancy. The lesson was "Look for the padlock" to check your
connection is securely running over SSL. That was, and is, only half the
story. You can't just defend against a man-in-the-middle attack and assume
_everything else_ is secure. We should have been telling users only to share
the bare minimum of their data, to use encryption, to use systems that enable
them to revoke access to their data (although that would be a very hard
problem now, let alone in 2003).

Ideally we should persuade the web industry to adopt a system for users to
check how their data is being stored, who has access, and any relevant code
should be opened for an audit by an independent expert group once a website
hits a critical mass of users.

That's probably a somewhat unattainable goal though.

