Edit, Also incredibly relevant: https://news.ycombinator.com/item?id=21461957
a very simple solution to this, don't keep the data once you've provided a service to the customer. Or anonymize it and scrub any association.
It's never a question of "we don't have the resources to protect your data". The conclusion should be, if you don't have the ability to protect your customers you don't get to harvest their information.
Idk how we get there, whether it be through the courts, Congress, or some other way. I think getting rid of third party doctrine will do more towards this goal than most people realize, but it has to be in a way that treats any data acquired by government as if it were collected by the government, to 4th amendment levels of scrutiny.
But if things are going to change, major liability on government and private sector will have to be the result, unless we want eventual relapse.
And barring that, they'll just suck it all up anyway in secret and claim immunity from oversight due to undefined national security reasons.
Ring seems hell bent not only on promoting universal awareness of such data, but monopolizing the means of access.
Interestingly, their transparency report claims they've received 7 requests from law enforcement, and denied all of them.. shows they're willing to put up somewhat of a fight at least.
If case law is set by the little guy losing, it doesn't matter how much money 23 and me is throwing at their cases.
I bet really common.
This Golden State Killer case was the biggest public relations boon to police wanting access to these DNA. In general the public wants rapists and killers to be caught. I think the public thinks that if these people don't care enough about their privacy to send DNA samples to a private company (that is not a health care company), then they should not object if police use that information to catch killers and rapists.
>Asked if there was evidence the database had already faced concerted attacks, scraping, or scanning, Rogers said, “I don’t want to get into it.”
>“Not that I am aware of,” he added. “I don’t know.”
>Rogers declined to comment on whether he’d been approached by national security officials about the site.
Good luck trying to destroy a digital record at this point.
Edit, Referenced: https://www.technologyreview.com/s/614642/dna-database-gedma...
I think policy was only for a murder, and he personally approved access for a non-lethal stabbing, or something similar.
People, like my siblings and mother, see this as a game. They see no problem with giving a private company access to their most uniquely identifying information. They'd likely hand over their fingerprints and retina scans for a free photo of themselves doing it. My mother shreds every piece of mail but jumped on 23andme without hesitation.
The world has become dumber and less concerned with personal information than some weird shared social experience. I'm not worried about the feds getting my data (ish) as much as I am about Bad Actors in the future. (I still very much want the government out of my business and personal life though.)
But, should it be a problem? Shouldn't we have a basic right to privacy?
We get sold on the need for police to catch "Murderers". But then its "attempted murder". Later it's "attempted violent crimes" 1). Will anyone be surprised when it starts being used by debt collectors to harass you or your relatives?
How long after that before someone figures out how to use it to efficiently ID people with early dementia and to they can target and swindle them?