
The Government Protects Our Food and Cars. Why Not Our Data? - troydavis
https://www.nytimes.com/2019/11/02/sunday-review/data-protection-privacy.html
======
bognition
Probably because the threat is relatively new. It took hundreds of thousands
of deaths and decades to get us to the current mandated safety standards for
cars. It’s going to take a while for tech to catch up.

~~~
dyarosla
Heck, most people in government simply don’t even understand the issue, let
alone figuring out how to solve it.

AFAIK only one US 2020 presidential candidate atm is even talking about data
rights.

~~~
qrbLPHiKpiux
This is a good argument for term limits. The old timer's holding on to their
power is not doing anyone any good.

~~~
gpm
Term limits don't seem to stop old timers from getting elected though, they
just mean a variety of old timers get elected.

(Not that there aren't other good reasons to prefer a variety of politicians
getting elected over a single one)

------
mbostleman
Because our food and our cars are something made by someone else that we will
buy in the future, at which point the government’s involvement ceases. “Our”
data is something that is generated by us, about us, and is ongoing. The last
thing some of us want is the government even having access to it much less
charged with “protecting” it.

~~~
notacoward
This "directionality" is the first thing I thought of too. Unlike these other
things, data originates with the consumer. Also, the transfer between consumer
and platform usually does not include a financial component so it's not
"commerce" in the usual sense. The issues involved are just as important
despite these differences, the need (however great or small) for regulation
doesn't change either, but such differences definitely affect what kinds of
regulation might be appropriate or how they might be applied.

------
jonbronson
Largley because of a paralyzed legislative branch, heavily indebted to
corporate donors, compounded by a polarized public that is largely too
distracted to focus on this fundamental problem.

~~~
K0SM0S
Plot twist: zooming out of the USA, you've just described most countries.

Incidentally, _countries_ as a concept may greatly distract the so-fragmented
public from many a no less fundamental problem...

------
djohnston
These days I can't help but read every NYT piece as a desperate plea to the
govt for a rescue operation from its tech usurper.

Also, the govt is demonstrably worse at protecting information than any FAANG,
and they are all abiding by GDPR which is the right regulation IMO

~~~
Despegar
GDPR is literally the government protecting people's privacy and data. That's
what this article is advocating for.

~~~
djohnston
In practice, aren't FAANG giving same protections to Americans? I know they
didn't have to, but I thought they would since it would be easier to maintain
in long run

~~~
ilovetux
This argument only holds if it wouldn't affect their profit.

------
Fakira
Because some of us want our government not to protect our Food and Cars as
well. Data is one area where humanity has made the fastest progress compared
to Cars and Food.

~~~
bumby
Care to elaborate? Outside of unleaded gas, most externalities in the car
industry seem to progress slowly in the absence of regulation.

Technology in cars can be rapid but seems to ignore those externalities

~~~
microcolonel
> _Technology in cars can be rapid but seems to ignore those externalities_

Many regulated risks in automobiles are not _external_ , which is I think
where they're out of bounds. I think a certain amount of regulation to ensure
consumers are informed of the _internal_ risks of an automobile is reasonable;
but the government really oughtn't tell you how safe your car must be _for
you_. _Externalities_ , as you say, are the appropriate domain of regulation.

For some people, it may be preferable to have better fuel economy at a lower
price (i.e. Honda can make the Honda Insight again) even if the operator risk
is higher; but they should not be allowed to drive a vehicle without adequate
stopping, acceleration, and speed, or one which poses excessive risk to fire
and rescue workers, other motorists, or pedestrians, or has excessive
emissions in their use case.

Right now, emissions regulations on automobiles focus on manufacturer fleet
emissions (which is an unabashed pro-incumbent regulation), and emissions on a
fixed test cycle; but this means you can pay for the privilege of being in the
upper section of a fleet's emissions. Similar with the regulations on stopping
speed, acceleration, and pedestrian safety: it seems to often depend on the
class of vehicle, and so you can pay for the privilege of worse safety
externalities.

~~~
bumby
I think the issue is one of pragmatism. CAFE standards are meant to be an
average to allow some vehicles to be designed to meet very different end use
needs. Same with the test beds. There's definitely room for improvement.

My point was that automotive manufacturers are not particularly incentivized
to improve on areas that don't align with their bottom line. Are you
advocating for more regulation in terms of performance parameters?

~~~
microcolonel
> _Are you advocating for more regulation in terms of performance parameters?_

I'm saying I'd prefer consistent (between vehicle classes) regulation of
performance parameters which have externalities; and the abolition of non-
normalized fleet-based targets (since they privilege the largest
manufacturers). If the goal is to reduce external risk, the threshold of
acceptable risk should be the same for all motorists as a matter of fairness.

A possible alternative to CAFE is a specialized cap and trade market. I get
that they did think a bit about this stuff when they implemented it, but I
feel like it has weird effects in practice, especially when gaming it enters
medium-long term corporate strategy.

I think it would be spectacular if inefficiency was purchased on a per-vehicle
or per-lot basis from manufacturers who exceed the target, and efficiency was
sold in turn to those. Not sure how these transactions would be cleared, but
I'm sure something reasonable could be worked out. This would do away with
adjustments/exemptions based on vehicle footprint (CAFE targets currently
differ based on mean vehicle footprint).

~~~
bumby
I think I agree in an idealized sense, but also think if this approach was
taken it would decimate the ability to create certain vehicles, especially
those used in heavy-duty applications. I don't know the history of CAFE
standards but it may very well have been a practical choice...either get some
form of progress or dig our heels in on an idealized version that never gets
adopted.

------
deltron3030
Maybe because of population growth. Food and car failure is directly linked to
mass deaths and diseases, potentially decreasing the population, free data
flow is linked to better business decisions, and therefore wealth for starting
families, potentially increasing the population.

So if population growth is your priority as nation, it could make sense to
allow free data flow if you ignore potential long term side effects that could
counter this.

The downsides of free data flow and the permanence of personal data are mostly
affecting the mental health of people which could result in more deaths from
drug abuse and other self destructive behaviors, or even civil wars long term.

This of course could contradict free data flow as a viable strategy for long
term population growth.

A battle between short and long term politics, with long term politics being
clearly at a disadvantage because they're less obvious and harder to
predict/measure, and harder to sell in political campaigns.

------
einpoklum
If the US government protected your food, people would not be sold so much
crap full of carcinogenic additives or cooked up in chemical vats.

As for cars - the government protects car _manufacturers_, if at all. And
that's also in the form of "anti-protection" of public transport...

Finally - how would the US government protect your data if it's intent on
getting its hands on a copy of as much of it as it can, then mining it and
searching it for various purposes? (Snowden revelations)

PS - The firewall blocks me :-(

------
geoalchimista
Because that would grant the government the power that enables it to become a
worse perpetrator even than the big tech?

~~~
BurningFrog
I think Snowden showed the government already is a much worse data privacy
perpetrator.

------
Nasrudith
That is a confusion if shared words being assumes in the same meaning. Data
protection is fundamentally nothing like car or food safety. The other two can
literally directly kill you. Data also acts "at a distance". If I smash a cooy
of your car or poison a copy of your lunch it won't harm you in any way. Not
so if sensitive information leaks.

Not to mention the abuse potential is fundamentally massively different. It
isn't apples to oranges but apples to formica countertops

~~~
Despegar
Financial products exist only in databases and they can't kill you, yet
they're heavily regulated for good reason.

~~~
otterley
That’s because the data there counts the amount of money they owe their
customers.

------
dependenttypes
"Data protection" goes against the spirit of free software and it is similar
to patents and copyright.

------
megablast
> The Government Protects Our Food and Cars.

I wish they would stop protecting cars and start protecting people. 40,000 die
every single year due to cars, and over 4 million injured or disabled.

------
Gys
Many people die in car accidents and die from food poisoning. How many people
die each year from unprotected data?

Disclaimer: cannot read the article

------
Tycho
The great public works of the 21st century, the Hoover Dams of our time, will
be privacy-preserving digital infrastructure.

------
lacampbell
Why not our information? Nationalise the New York Times!

~~~
libbyc5
I've seen one instance where the NYT seemed to recognized their complicity in
the problem

[https://www.nytimes.com/2019/09/18/opinion/data-privacy-
trac...](https://www.nytimes.com/2019/09/18/opinion/data-privacy-
tracking.html)

I was pretty proud of them then

------
seer
I know that HN’s libertarian views often conflict with the top down EU
bureaucracy. But when I heard about GDPR here in europe I thought to myself -
that looks very close to what all those people have been wishing for - and its
actually here now.

It remains to be seen if it holds up in practice what it offers in spirit. But
the idea that companies are forced to think about my personal data as if it
was payment credentials, with similar rigor, and penalties, just sounds so
awesome to me as a customer.

In the EU personal data _is_ protected as if its cars, food, trains or planes.
And honestly its great :)

------
ddingus
One would wonder.

I am pro this idea. I am not sure it can be done via technical means alone.

But, govt is super dysfunctional too.

We, as people, have work to do in the US.

------
tomohawk
The Office of Personnel Management (OPM) could not even protect the
information of people with security clearances.

[https://en.wikipedia.org/wiki/Office_of_Personnel_Management...](https://en.wikipedia.org/wiki/Office_of_Personnel_Management_data_breach)

Trey Gowdy's questioning of the people in charge of the OPM is a classic:

[https://www.youtube.com/watch?v=AK-
zEGjxuAA](https://www.youtube.com/watch?v=AK-zEGjxuAA)

~~~
pstuart
The GOP is anti-government and spares no chance to demonstrate that.

That doesn't forgive the failure, but instead of saying "let's fix it then",
the answer is always: private enterprise!

~~~
tomohawk
Other than Trey Gowdy being a member of the GOP, not sure what you're
criticizing here. His line of questioning was not partisan, and got to the
heart of the matter - their lack of competence and ability to follow
regulations and/or written contracts.

The OPM had a serious data breach, and demonstrated a marked lack of ability
to do their job. To date, they have not been held accountable, unless you
count the stern questioning.

What remedy would you prescribe to fix OPM? How would you hold them
accountable?

~~~
pstuart
The NSA ostensibly provides "cybersecurity" support and services -- they
should be partners in securing government infrastructure. Maybe they were with
OMB (but clearly not enough).

Accountability is good and should happen. Thus far we've seen very little
accountability for data breaches in the private sector, so they're not alone.

I don't know the answer as to how to make accountability _really_ work in
general -- because it becomes game theory of how to create that space without
becoming paralyzed by fear to act.

