
The opt-out illusion: how we have acquiesced to losing our privacy - jrepinc
https://www.the-tls.co.uk/articles/the-opt-out-illusion/
======
jgacook
I have been mulling cancelling my Facebook account for a while now. Today as I
was browsing I saw several Scientology ads. I know Facebook doesn't have an
agenda per se - you have the money, they have the adspace - but I was still
struck by the brazenness of advertising something whose ethical dubiousness
has been so thoroughly publicized.

Facebook will never change unless they are forced to. We have signed away
perhaps one of the most important experiments ever in digital social
networking to a behemoth that chips away at your humanity the longer you stay
on it. People who think I'm being dramatic almost always underestimate exactly
how much data Facebook, Google, et al. collect on you and the extent to which
they use it to manipulate you emotionally or with your wallet. Every facet of
Facebook is designed to coerce you into an addiction that results in you
spending more and more time on the site while you consume ever more
advertising content.

These enormous tech companies are kind of like the fast food of the Internet.
They have erased individuality and served us an experience that is mass
produced and shrink wrapped for our convenience. It's delicious and addictive,
but we keep being told lies about the quality and safety of what we are
consuming. We've become so reliant on it we've forgotten how to cook, if
you'll extend the metaphor.

I increasingly hate a lot of the what the Internet is. I always feel watched
and directed to the point where I have trouble trusting what I'm reading, like
watching manufactured drama in a reality TV show. I'm planning on setting up
my own website as an expressive space where I can go to be creative and try to
consume thoughtful content and (hopefully) make thoughtful content for people
in return. I'm hoping there's a world of expressiveness and fun to be had in
interacting with people on the Internet on one's own terms.

Hope it turns out well!

~~~
JumpCrisscross
> _I have been mulling cancelling my Facebook account for a while now_

Going cold turkey is never easy. If you're having trouble withdrawing,
consider what I did over the past few years:

1\. Turn off notifications for the Facebook app on your phone; _then_

2\. Turn off notifications for the Facebook Messenger, Instagram, _et cetera_
apps on your phone; _next_

3\. Delete the Facebook app from your phone; _then_

4\. Delete the Facebook Messenger, Instagram, _et cetera_ apps from your
phone; _and finally_

5\. Log out of Facebook on your desktop.

It took me 2 years to go through from step 1 to step 5. It has made me happier
and more productive. I still have a Facebook account. But the friction of
grabbing my laptop and logging in forces me to consider "is this what I want
to do? Or am I thoughtlessly reaching for the crack pipe?" (It's been over a
year since I've cared to log into Facebook. Feels more like trudging through
spam in an old e-mail inbox, now, than anything compelling.)

~~~
smichel17
When I deleted my account, I went through one additional step:

6\. Delete your account. Create a new account under a pseudonym. Add a single
friend, who can add you to group chats.

At this point, you should have a near-empty news feed; Facebook is only for
staying in touch with the group (eg, not missing out on social events) until
people have gotten used to texting you to invite you to things.

You won't be able to comment on anything public because if your account gets
reported as a fake, you'll be locked out of the account unless you provide ID
(which of course you can't do, since it's not your real name).

~~~
yakireev
Nope, that won't work. Facebook will ask you for a phone number _and_ for a
selfie. It will then match both against their databases, and ask you for an ID
if there is none.

You can get a "burner" phone number and even a physical phone (that's what I
do for whatsapp), but you can't have a burner face to make selfies.

...so now I don't have a FB account at all, and it is _very_ inconvenient.

~~~
heartbeats
Since when? I've never been asked for a selfie.

If you must, it doesn't seem like a big problem still. Go to
thispersondoesnotexist.com, hit F5 a few times to find a nice portrait, then
Google "driver license template" and apply basic Photoshop skills.

~~~
yakireev
It probably means you're using your real name and/or your real phone number.
Or have an established account with photos of you.

I did not check if images from thispersondoesnotexist.com would work to pass
the selfie check, but my guess is that they wouldn't. A professional portrait
of someone from a Western country who has never been seen on any photos
Facebook owns, not even in the background? That's a red flag. Also, my guess
is that Facebook knows about that page and takes precautions.

Anyway, if Facebook tries _that_ hard to make sure I'm not there, why should I
join?

~~~
heartbeats
I'm using a psuedonym but my real phone number. I don't see what they would
compare it to though. It might as well just be a burner phone.

I do not believe they check it; if you provide an ID scan, it's good enough.

Because you have no choice but to join.

------
TheOperator
>But the pop-up won’t let us pass without clicking “agree”. Opting out is an
illusion.

I mean this is a weird way to phrase it but you definitely cannot participate
in modern society without hindering yourself in various meaningful ways if you
do not "opt-in" to giving up your privacy. "Opt-in" requirements have
consequently struck me as "privacy theatre" which mostly irritates.

I don't see any solution for the current privacy situation other than
regulation and enough liability attached to data breaches to make hoarding
customer data a good way to go bankrupt.

~~~
thaumasiotes
>> But the pop-up won’t let us pass without clicking “agree”. Opting out is an
illusion.

You can generally just delete the popup from the DOM.

~~~
dorgo
Idea for an addon: delete popups, delete overlays, fix scrolling ( which is
often broken after deleting popups ). Is it possible to earn money with
addons?

~~~
TeMPOraL
> _Is it possible to earn money with addons?_

Sure, if you lack your spine and moral compass. The business model is as
follows:

1) Make a free add-on and have it gain popularity.

Then, either:

2a) Inject malicious code into it that delivers malware/advertisements, making
you money.

or:

2b) Sell your add-on to a third party that will do 2a). If your add-on is
popular enough, potential buyers will come to you themselves.

Other than that, no, I don't think you can monetize an add-on directly.

------
mc3
Ironically this page sent a payload to a domain call permuative.com, without
my permission.

This payload contains user events e.g. how long I read the article, a user
identity guid (presumably a fingerprint of my browser), my isp name

~~~
blaser-waffle
HN is ycombinator, which are the people who helped make reddit happen. Is it
really that big of a surprise they're doing stuff like this?

~~~
gadabout
I am not defending HN/YC here, but the user's noted irony is referring to TFN,
located at the-tls.co.uk, not talking about HN/YC.

~~~
mc3
Thanks that is what I meant. Sorry to confuse people.

By the way HN by the way seems to be the nicest site in terms of privacy,
simplicity and page load times.

------
inthreedee
The tone of the article dips a bit too far into sensationalism and fear
mongering for my taste. While the concerns expressed are absolutely
legitimate, I grow weary of people spreading fear for the sake of fear (or
worse, clicks) without any mention of what we can do to protect ourselves.
Spreading fear and then calling people to action based on that fear is not
really leading us down a good path.

I've noticed the effects of this reaching normal people. It can be
debilitating when they're spoon-fed fear without a corresponding dose of
digital safety education. They're afraid of these companies or the internet in
general but don't really know why. That kind of environment makes it all too
easy for someone with an agenda to step in and take control of the narrative,
manipulating people for their own purposes. "You're afraid. Let me tell you
why you're afraid and how I'm going to fix it. Vote for me."

~~~
Lio
The problem here is that surveillance firms _are_ out of control and there
isn’t much you can do about it.

Even if you leave their platform they won’t leave you alone. How exactly can
you stop Facebook compiling shadow profiles?

How do you stop Google Analytics without installing more of their software?

We used to be able to say no to software, now it’s all “Not Right Now”.

~~~
CaptArmchair
> there isn’t much you can do about it

1\. Support advocacy groups that defend your rights (i.e. make a donation,
become a member, participate in activities) 2\. Send letters, e-mails to or
call your representatives expressing your concerns. 3\. Attend protests when
those are organized. 4\. Use your right to vote. Make an informed decision.
5\. Educate those around you about viable options, such as they are. 6\.
Support technological efforts such as they are: document, give feedback,
report bugs, inform yourself about alternatives, use them. 7\. Inform others,
those that are also concerned, about steps 1 to 6.

Your civil and human rights are never ever self-evident or to be taken for
granted. They are not unmovable natural laws. Their existence hinges entirely
on the willingness of society at large as well as individual responsibility to
defend the basic principles and uphold the culture that underpin them.

So, when it comes to defending your rights, safeguarding them boils down to
one brutally simple question: how hard are you willing to pull your weight?

------
jwr
Oh, the irony of this article slamming me in the face with a sleazy "We need
your consent" dialog with intentionally confusing options and sub-dialogs...

My "consent" is being forced out of me so that roughly ~100 (at a first
glance) "partners" can invade my privacy and learn about my browsing habits.

By the way, if you are a programmer and you implement those sleazy dialogs,
think about your life choices.

~~~
fmajid
On the positive side, the Quantcast cookie popups now offer a choice between
"Accept All" and "Reject All".

Previously they offered "Accept All" or "Click here to enter our deliberately
confusing rat's warren of options".

I wonder if the French DPA's announcement that they will start cracking down
on dark patterns like this was the impetus for the change.

~~~
lima
What about "accept cookies or pay" like some newspapers do? Is that okay?

~~~
Nursie
No, one must provide the same service with or without tracking.

------
sleavey
I either get rid of cookie/tracking popups from the DOM (using e.g. Nuke
Anything on Firefox, or developer tools) and use a bookmarklet to reenable
scrolling or I open private browsing and accept all the junk they want to
give. My browsing is basically unaffected beyond the 5 seconds it takes to do
the above, and I am successfully opting out of privacy invasion. Unfortunately
this isn't simple enough for the average person to do so they'll continue to
be the bait for these companies.

The irony of the text that says "we care about your privacy" while
simultaneously hiding the "deny all" button is profound.

------
wackget
Is that... a _loading screen_ for a text-based news website? Christ.

~~~
identity0
Funny how a text based website doesn't work without JS.

~~~
brachi
It's amazing how many sites won't even load nor give you a warning when you
just opt out of JS (e.g. by using an addon like NoScript). Even very big ones,
like twitch.

~~~
TheOperator
I don't see how you could remove JS from twitch without gutting a huge chunk
of the functionality.

~~~
mjevans
Do it like they did in the good old days when JS was new and couldn't be
relied upon to exist.

Don't rely upon it to exist.

Serve up well marked content, CSS that might format it nicely, and JavaScript
that allows some types of per-validation to happen client side but only as a
means of making a page nicer. The server side should STILL perform all data
validation, normalization, and verification (assume someone will craft their
own form submission).

~~~
yjftsjthsd-h
No, Twitch specifically. It's an interactive chat and live video streaming
application that happens to be built out of web tech. If you don't have AJAX,
you could maybe-kinda-sorta kludge it together out of forms and video
elements, but it'd degrade _hard_ , and need to be built completely different
from the normally-interactive version.

~~~
mjevans
I was thinking of Twitter for some reason.

Twitch could be done with a native app... the phone versions SHOULD be done
with such if they aren't.

~~~
Kaze404
How is installing a native application a viable alternative to javascript?
Presumably, if you're blocking the latter is because you don't want to run
untrusted code on your device.

~~~
mjevans
Twitch does have an IRC gateway, so it's possible to use your own application
for chat.

As another poster commented, the video aspect can be fulfilled with a number
of different methods, and I don't see any technical reason a standard couldn't
be followed to allow for arbitrary clients to handle that interaction as well.

------
ppod
Starting an article about facebook privacy concerns with comparisons to the
Stasi and typhoid just turns me off straight away. This kind of thing is so
tired, not to mention insulting to actual victims of the Stasi.

------
mumblemumble
Like the YouTube video says, this sort of thing is really as simple as tea:

[https://www.youtube.com/watch?v=pZwvrxVavnQ](https://www.youtube.com/watch?v=pZwvrxVavnQ)

------
Maascamp
Just wish these articles would address the amount of content and utility we
get in exchange for our data (instead of our money) and speak to the trade-
off. Until we find a better way to financially support all of the things we
consume on the web, I'm not sure I see anything changing.

------
sneak
> _we supposedly have control, but “no cookies at all, ever” is not an option_

I browse the web with cookies off for sites by default. It's an option in
almost every browser.

