Hacker News new | past | comments | ask | show | jobs | submit login

Well, it is extremely naive to think that Facebook does not use all the data they get about you. Then again, most people are very naive about this kind of everyday technology.

That's just your perspective. I live in the Germany where we have very strong data protection laws. Is it natural for people to assume that these laws are broken at such a large scale? And that abuse goes completely unchallenged for years?

Data protection laws are so strong in Germany that they let registration offices sell your data if you don't explicitly opt out. Most people don't even know whats going on and that they have to opt out to avoid that. Or German credit scoring institutions, who are allowed collect data about you even if you don't have any mutual agreement with them.

German credit scoring institutions collect data on behalf of banks, insurances, etc., and you need to consent that they send data to the credit scoring company. So you are actually consenting. If you never give consent to any such party, the scoring company must not store data about you (and most probably won't, they are tightly observed by data protection agencies).

It will become interesting with GDPR, when customers start to revoke their consent to exchange data with credit scoring companies.

I guess he wants to hint you to the fact that the "Einwohnermeldeamt" is allowed to sell your data to a "Addresshändler", see https://www.teltarif.de/datenweitergabe-adresse-einwohnermel...

Yes, that is a legitimate complaint.

I was only referring to the remark about credit scoring companies which I believe to be wrong

I agree with you that not everything is perfect in Germany with respect to data protection. Not even close. However, our data protection laws are uncontroversially stronger than elsewhere (specifically compared to the US), and I'm almost certain that the courts will find that Facebook violated them.

Maybe, but what sucks about Germany and the EU is the arbitrary nature of many laws, enabling them to selectively punish those who don't play their game. By not being able to define clear boundaries, you give them the power to rule over who can succeed and who not. Data is what fuels businesses in the end.

> but what sucks about Germany and the EU is the arbitrary nature of many laws,

In what way is the law used arbitrarily? I would like some sources for this claim.

AFAIK the law in the US is much more arbitrary in the sense that a lot of it is case law. Until such a case has been before a jury, and jurisprudence has been established it's basically a coin toss.

The thing that may feel arbitrary is simply the fact the laws in Europe actually enforce privacy, whereas a company, and people, form the US expect that these laws are teethless.

This registration office law has finally been changed to opt-in just this year.

> Is it natural for people to assume that these laws are broken at such a large scale?

Across international boundaries where those laws may be difficult to enforce because other countries are not in sync with them? Hell yes. Call me cynical, but...

> Is it natural for people to assume that these laws are broken at such a large scale? And that abuse goes completely unchallenged for years?

In Germany where data-leaks (which are a symptom of insufficient data protection) at telecommunication providers seem to happen on the regular, with no (reported) punishment as a result, yes I think that is a bit naive.

If you're dealing with large companies, it is. You should assume that. I have no doubt every major company in the world is covering up some serious crimes constantly. And FB has been egregious and it has been covered by the news. Also, why do you expect German laws to protect you from an American company?

More specifically, I think many people are naive about how it can be applied to their lives.

Every company tracks you. From what you purchase at target, to broad pattern behavior tracking on the web via ad companies, I think most people know their being tracked at various stages for various reasons.

However, is it bad that target knows I like to buy grass fed beef? Probably not. It reveals some things about me, but I am far less concerned, as are most I imagine. This same mindset is what fuels people when they don't care what FB/etc is doing. Not that it's right/wrong, but I think people don't care who knows about their lunch or catpics. Thinking that's all that FB could gain out of it.

Humans in general are really bad at thinking long term. Nothing bad happens immediately when you sign up to FB, when you post personal information, when they sell your data, etc. For a lot of FB users, it might be 20 years before they regret their actions. That's just a hard feedback cycle for people.

You must probably don't know how powerfull this analytics are. Is it possible to correlate and infer all kind of data, based on other signals, what kind of person are you.

For example if you drive a bicycle and eat beef, most likely you have a certain income, have a certain family type ( you use same IP!! ) , which means you might have a certain political view and concerns. And this is where targeted manipulation is active, they can drive you in a certain direction. Psychology at it's best.

This is how you win an election.

Agree completely. Does it say much more than my job though? My car? my public travel patterns? etc. There's a reasonable about of information about me that I expect cameras on every corner to know.

Giving my information to FB/etc though? That's another story.

It's both naivety and lack of understanding, which as I've said before is by far the #1 problem with getting people to want more privacy.

It's really not that they "don't care" about privacy, even if they themselves think that's what it is. They usually say that because they don't understand the 1,000 horrific ways in which that data about them could be exploited, from personal blackmail situations, to identity fraud, to manipulating elections, to using it against them in court in a possible future conflict with law enforcement, and in many other situations.

I've seen people who are typically quite "anti-privacy" because "they want to benefit from Alexa, Google Assistant" and other such gimmicks, and "aren't scared" if Google or Amazon holds their data, because after all it's not the government holding it (ha! good one).

But now they've deleted their Facebook accounts, because they're finally beginning to understand the implications of these companies holding all of this data about them and how it could be abused. And it's still early days. It's only going to get worse from here, as we see more such abuses using Facebook, Google, Amazon's data, carriers', and other data hoarders' data.

Most people are extremely nontechnical and are inadvertently ignorant rather than naive.

People that don’t have jobs working with data, who are not technical or mathematical, aren’t going to know.

Are people not taught about "stranger danger" as kids anymore? Why do they just trust that someone won't abuse the information that they hand over?

That isn’t what this article is about.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact