

Schneier on Security : Privacy and Control - billswift
http://www.schneier.com/blog/archives/2010/04/privacy_and_con.html

======
rfreytag
This seems like a fundamental flaw in the client-server model when hosting
social/personal information. The server host must pay the electric bill (3rd
party) leading to a natural conflict with the interests of the user.

I'd like to think that there is a market rather than regulatory solution. But
the story of Zero Knowledge Systems
(<http://en.wikipedia.org/wiki/Radialpoint#History>) shows that retail privacy
did not find a market during the DotCom boom. Perhaps highly sensitive social
network content will change that.

------
mrcharles
I would like to see some privacy laws that effectively stated that:

1) All privacy settings must be easy to find, and govern the level of privacy
of all aspects of communication.

2) All use of your data on a given service must be disclosed in plain English
on an easy to find part of the site.

3) All sites are required to have a "scrub" feature that a user can use to
delete all data associated with him from the service.

I am often concerned by how much of my info is out there, even though I try to
control it as much as possible. I don't want to slide to the side of being the
equivalent of an internet hermit, however. But sometimes you really don't have
a choice, it's either be a hermit or let advertisers have your information.

Wish that would change.

~~~
jpwatts
Regarding your point #3: how would "scrub" work with interconnected user data?
Comment threads like this one are a good example; my comment is dependent on
yours for context. Should you be able to delete your data and leave my comment
dangling? If so, should your deletion cascade to my related data? Shouldn't I
have a say in that?

~~~
mrcharles
Certainly that's a grey area, but I don't see why such posts couldn't just
replace the user with "Unknown User" and leave the actual data there.
Definitely there'd be a problem with conversations when some posts disappear.
But I should still be able to detach myself from those things.

~~~
kngspook
This becomes a bigger problem when you're dealing with quoting.

Suppose I wrote something like: "As MrCharles said above, it's a grey area,
but...".

So then what? Do we scrub all mentions of your username down the thread? What
about typos?

Don't get me wrong -- I'm all for a scrubbing mechanism -- but it's a
complicated problem.

------
gyardley
"I don't want you using anything I might have done here to make money," said
the guy who just got a bunch of not-free-to-create, not-free-to-serve content
for nothing.

We can bemoan the current state of things all we like, but people still need
to be paid for their time. The only real effect of the type of privacy
legislation Schneier advocates would be to make explicit and thorough opt-in
mandatory in order to access most content - the average individual would
effectively have less privacy than they did before the legislation.

------
Dellort
Why is it that this Schneier guy is mentioned on HN all the time? If it's not
Schneier it's this Paul Graham, both of which I have never heard of and that I
suspect don't even exist.

~~~
sketerpot
You hear about them on here "all the time", and yet you've never heard of
them? How does that work?

~~~
Dellort
Well except for here. This Paul Graham persona must be some kind of inside
joke here.

