Hacker News new | past | comments | ask | show | jobs | submit login

This is a great list. SO many times people have said to me, "Let them track me, I've got nothing to hide." And you hit them with a few things off this list and they immediately change their mind. There should be a tinurl for website I can send people to that shows a simple list of all the ways personal information can be used.

> There should be a tinurl for website I can send people to that shows a simple list of all the ways personal information can be used.

I just now set up a small site for it at https://whynottrack.com/! It's open source -- GitHub link in the footer -- so anyone can PR changes / reasons / etc.


Thanks :D

I think this list makes a case for better sharing/access controls but I can see applications for most of the things listed here. I might just want the insights for myself but not want to share it with anyone or my data being sold without my consent e.g. monitor and improve my sleeping habits, monitor my expenditure by tracking my restaurant and shopping habits, my health data and/or insights into it. Maybe not your spouse but some parents might want to keep track of what their kids do online. I know people who want to have the ability to find/track the location of family members etc.

I suppose calls for better regulation, purpose oriented data collection and stricter enforcement and penalties but by no means does simply don't track/collect data is an answer where there are actual practical applications.

don't track/collect data

Only two of your examples (parental controls and location sharing) require any kind of network, and those could be done with a private VPN running at home.

The design of cloud-based services is purely for convenience and collection. Sometimes if the collection can be controlled, the convenience is worth it, but every beneficial algorithm could be run locally.

The funny thing is that the rise of cloud computing coincides with the rise of really powerful cheap personal computation, you'd think it would be the opposite.

What "the cloud" offers that personal servers don't is:

- Reliability. The cloud is available with little or no downtime, to 5-8 nines (5 minutes to 1/3 of a second of downtime per year). Each nine costs roughly 10x the previous one.

- Bandwidth. Residential service may work for your own personal file transfer needs, but if you're sharing to the world, even a modest degree of traffic results in a hug-of-death.

- Security. Ideally, cloud systems are managed and monitored against network attacks, as well as affording physical security practices.

- Updates. This becomes Somebody Else's Problem.

- Ongoing development. Dittos.

It's not that these aren't addressible by individuals, but it's a lot of effort to do so, and at population levels, people are simply unlikely to be able or willing to do so. A small percentage, yes. The vast majority? No.

Raw compute power is a tiny fraction of the concerns involved in service hosting.

I'm not so sure about that.

Smartphones are a massive leap forward in low-power/energy-efficiency, but my 2013 desktop machine (KGPE-D16) still creams every smartphone ever manufactured on any metric other than power consumption.

I'm kinda tired of hearing nontechnical people congratulate themselves on having a "supercomputer" in their pocket.

Compared to the supercomputers of the 1980s (if I remember right my dad had an old copy of Journal of the American Meteorological Society I found as a kid, with an ad for Cray talking about one gigaflop being state of the art), they're not wrong.

Nobody calls graphing calculators "supercomputers" even though that's what they would've been in the 1960s.

An example here for "run locally" would be Apple Health, which uses end-to-end encryption to sync data between your devices, does all the analytics stuff locally, and has a extensive permissions scheme for voluntary sharing of info with doctors or research programs.

I think these concerns still need to be translated into real world repercussions before the average person is convinced. Right now it is certainly creepy, but does it really have a negative impact on my life for a company to know these things?

I remember an interview with Edward Snowden where it was shown how little people cared about privacy. The interviewer then translated the concern into "the gov can see your dick pics". That was a no-no for most people

It was John Oliver, great episode by the way. https://youtu.be/XEVlyP4_11M?t=1382

> "Let them track me, I've got nothing to hide."

Interestingly, this attitude used to be default even here on Hacker News ~5 years ago. I am so glad to see it's changing. Why I'm finding this interesting? Because this audience always knew what's going on even without layman articles like this, but did not care for some reason. This shows how just knowing isn't enough sometimes. Public sentiment matters.

I think HN rules are still behind the times. One of the rules discourages multiple accounts, in an attempt to create a community. OTOH: a longer paper trail means more easy to identify. This is why I create a new account every few months. Since I cannot delete old posts to "cover my tracks", I have no choice if I want to use the site. Maybe I just shouldn't use HN. I dunno. I learn a lot from discussions, but I don't always tell the truth because I don't want to be traced.

I've got some sympathy with this viewpoint, and have used HN myself under a pseudonym I take pains not to associate with my real-world identity.

But at the same time, the practice of regularly and routinely recycling user identities is ... well, it really does prevent the formation of a community.

The most toxic community I'd ever encountered was a supposedly "kinder and gentler Reddit", the late and unlamented Imzy. A core feature was that individuals could spin up a new pseudonym on each individual thread.

The result was both absolutely disorienting and gave rise to vicious bandwagon and brigade attacks.

Whatever problem Imzy was trying to solve, that was the wrong solution.

(I'm aware that chans often follow a similar tactic, and that ... they tend not to engender highly constructive behaviours.)

On the other hand, Twitter may be one of the greatest evils with regard to social media, and is well populated with non-anonymous accounts.

And of course, HN stands at odds with this theory as well. No one "knows" me on HN. I don't have a reputation, or a real identity, and I'm cordial enough. (I hope) HN enforces conduct, and this enforcement is not defeated by anonymity.

Another take is that those running HN know what kind of forum they want (one that promotes community) and understand and accept that trade-off. 'dang has written about this at length, so I think that's very likely the case.

That's not one you're willing to make and you adjust your behavior accordingly. HN can't be all things to all people. And that's okay.

You clearly find some value in HN as it is because you continue to use it. Something to consider: changes you might like to see may very well change the community as a whole to make it less a place you want to be. Hard to say, without running the experiment, but one of the hazards is that running the experiment could irreparably damage/change HN. And rebooting it would be likely nigh impossible. (If it were easy, we'd all create the fora we wanted.)

And public sentiment is not the same everywhere - for instance, the US tends to be more suspicious of government than of (large, public) corporations whereas elsewhere it's the complete opposite.

Yes, great list. But salary and bank balance should probably be added.

But salary and bank balance should probably be added.

ADP is one of the largest paycheck processors in the United States. But almost no one realizes that if their paycheck comes through ADP, their salary information is being sold. Remember, this is also a company that knows when you've been hired, fired, has your Social Security Number, and a lot of other very personal financial information. According to a New York Times article from a few years ago, ADP is selling you out worse than even the cell phone companies. Yet, there was zero uproar about it that I noticed.

As for bank balances, I was very surprised to learn recently that bank balances are not part of credit scoring. I have a substantial amount of emergency savings. The last time I pulled my credit reports, it wasn't on any of them.

Bank information does appear in some other lesser know reporting agencies - but savings aren’t “credit” so it’s understandable they don’t appear on a credit report.

I feel like there should be more outcry for credit bureaus and ISPs having even more life-affecting information than what is listed.

Framing seems to matter. If someone was following you all around town and you could physically see them taking notes I don't know a single person that wouldn't feel uncomfortable with this. But as soon as you can't see that person, people care less. But we all essentially have a world class private investigator following us at all times and this is a bit weird to think about.

> SO many times people have said to me

I'm sure that's happened.

> to some legal agreement almost no one has the time to read or expertise to understand in its full implications... New Declaration of Human Rights

In the same breath: complain about long documents that no one reads, propose authoring an unenforceable, even longer document that no one will read.

True, no one reads the constitution or charter of human rights - way too long, unenforceable and niche. /s

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact