When I go shopping, or even to my doctor now, I leave my phone in my car.
I work very hard to not let my phone be required for as many transactions as possible, and write my most important and private thoughts by hand on paper instead of in my phone.
People think I'm crazy and paranoid, but their cell phone is probably still tracking me along with store cameras or whatever other BS invasive companies can concoct (less accurately), so at least it's someone else's fault now, rather than being my own.
I'll eagerly look forward to getting my $1.39 from the class action suits once the lawyers all get paid.
The joke about the $1.39 made me laugh, but it also made me wonder:
At what point will there be a tipping point where the pitchforks come out and the general public's "patience" with regulation catching up to this crap begins to unravel and actual violence or "direct action" begins to occur against these actors?
Because while we're focused on individual political officials actions as a distraction, these types of warehouses are getting bigger and bigger, making more and more money for the owners, and becoming used more and more for malicious activities.
> what point will there be a tipping point where the pitchforks come out and the general public's "patience" with regulation catching up to this crap begins to unravel and actual violence or "direct action" begins to occur against these actors?
There is no public consensus on this. American voters are fine with free, ad-supported software. They’re fine with surveillance in exchange for convenience.
They likely don’t understand the cost. Personally or systemically. But a combination of digital-privacy thought leaders (a) overlapping with communities embracing political nihilism, (b) experiencing a filter bubble where popular support is perceived where there is none and (c) having been corrupted (politically speaking) by crypto has stymied policy progress.
There are no pitchforks. There is no angry mob. To the degree there is consensus overseas, it arises from nationalism with respect to security (India) or competitiveness (Europe).
> There is no public consensus on this. American voters are fine with free, ad-supported software. They’re fine with surveillance in exchange for convenience.
Is that true though? When Apple made tracking opt-in, pretty much everyone refused. I think that's a clear indicator that the overwhelming majority do want privacy, and if they're actually given a choice, most will probably take it.
The issue about not understanding the cost is real, but that's not unprecedented. There was a time when most people didn't understand the cost of cigarettes and tobacco, but that problem was solved through government intervention.
Edit: to clarify, I said the tracking is “opt-in”, but it’s not a default. iOS explicitly asks you to choose between tracking or no tracking. It does not assume any default.
> When Apple made tracking opt-in, pretty much everyone refused. I think that's a clear indicator that the overwhelming majority do want privacy
Americans want privacy. There isn't consensus around the acceptable level of tradeoffs [1][2].
> was a time when most people didn't understand the cost of cigarettes and tobacco, but that problem was solved through government intervention
In 1964, the Surgeon General's Advisory Committee marked a turning point for smoking in America [3]. The Tobacco MSA was entered into in 1998 [4], by when most smokers recognized their habit as an addiction. The government intervention followed evidencing harm, public discussion and massive changes in public behavior. We are still in the first phase for ad-funded tech.
While Apple is in general better at privacy than Google (better can be far away from good), I think an Android user can theoretically be better protected. It just needs a lot of attention. But he would at least be able to do something against the "exceptions for the manufacturer". A locked down environment will always be comparably insecure. Not that Android phones aren't locked down...
> When Apple made tracking opt-in, pretty much everyone refused. I think that's a clear indicator that the overwhelming majority do want privacy, and if they're actually given a choice, most will probably take it.
I've seen this or equivalent statements a lot in discussion related to privacy, tracking, and the ios ecosystem. However, I don't think the results show what you're saying they do. All I see is that people accept the default behaviour of their devices. Unfortunately, there's no mobile ecosystem where you can easily opt out of tracking to compare to.
Yes, I would add though that the option that's perceived as closest to "Do nothing/Add nothing/Skip" will get extra perception points as closer to default.
> When Apple made tracking opt-in, pretty much everyone refused. I think that's a clear indicator that the overwhelming majority do want privacy...
Or it could be a clear indicator that people will leave the defaults where they are, which is why there have been figurative wars over getting a particular browser to be the default browser of an operating system.
> Is that true though? When Apple made tracking opt-in, pretty much everyone refused. I think that's a clear indicator that the overwhelming majority do want privacy, and if they're actually given a choice, most will probably take it.
Is it? Or is it a clear indication that most people will stick with whatever the default option handed to them is?
Of course giving the option to opt out without consequences will entice people to opt out. But what if the software stops working unless you pay for it after you opt out? That changes everything.
Then the question is no longer "Am I okay with tracking if I can shut it off and everything's still the same," but becomes "Am I okay with tracking if it means I don't have to pay for the software or service?"
That’s true. I think that will be the real test for the market.
Appstores/marketplaces will need to clearly show which apps are free without tracking so that consumers are aware that there are privacy-respecting alternatives, and don’t feel like they have no choice.
However, there’s also the issue that the definition of “tracking” and “privacy” is too vague. If Google or Facebook offered a paid service with privacy, I personally still wouldn’t trust them to not collect data on me.
Why should people have to buy extra services for a non free piece of hardware just to remain ad free on that hardware? Apple is double dipping here (probably triple dipping if you also include AppStore fees and charges).
People want to be able to own the things they buy, without further nonsense.
If you don't want to pay for the operating system, just buy some hardware and put Linux on it. Apple isn't double dipping because their OS isn't free, and nor is their hardware. They are different units of the same company, and both units have to pay their staff.
To whit, anywhere the software is provided "free" it is actually just included in the price. It is no coincidence they don't let you upgrade the actual version of that software without paying (or jail breaking as the case may be). Most phones and tablets are kept at whatever version you bought them at, by design.
If you buy a hardware firewall, you still have to pay for its software and maintenance. If you buy a car, you still have to buy winter tires at the appropriate time of year, and pay for the car's regular checkup. For tires, you even may have to pay for yearly rotation, balancing, etc. This business model shows up in many variants all over the place. Different divisions or people work on something, it's a separate pay item.
It also doesn't help when companies try things that can produce relevant ads for a user without tracking the users themselves, and they get blocked at every turn.
For example, Twitter allows you to prune a list of ad subjects. You can add and subtract to that list. This could effectively reduce the need for tracking, but people reflexively block the ad accounts, rendering any form of ad campaign ineffective.
I'm not saying that's the answer, btw. It may be, or it may not be. I am saying though, that people are so used to blocking ads and not paying, that finding solutions to keep online companies viable is extraordinarily difficult without tracking.
If Twitter turned around and told everyone who did that, that they have to pay for a subscription, they'd quickly go out of business.
>Is that true though? When Apple made tracking opt-in, pretty much everyone refused. I think that's a clear indicator that the overwhelming majority do want privacy, and if they're actually given a choice, most will probably take it.
That option already existed in the settings. People couldn't be bothered to go set it because they don't really care.
> They likely don’t understand the cost. Personally or systemically.
How would you explain the cost to someone? Most of the discourse seems to boil down to some mix of "it's creepy" and "it could be used for a nefarious purpose", which is not super convincing.
For most commercial surveillance, I can't. Provable harm from the Equifax breach remains unquantified. We're only beginning to discuss those data for e.g. Facebook and teenagers. To give analogy, we're in the 1960s on the smoking-regulation timeline [1].
It is very difficult. In most cases people aren't affected. Those that might understand the need for privacy are those that lost their jobs because of posting on social media or being naked in the wrong place. Currently the data that is shared between ad networks is rarely public, but embarrassing information could be found everywhere and what is considered as such might change with time. Is isn't just the access log of your head of state to youporn or something like that, it is also the info about trivial consumption choices that can come back at you.
Legislators made it far worse because they demanded additional data to be saved for "security purposes". So not even here people are informed about the problem. On the contrary, we regularly have old farts making everything much worse.
Frankly, those that believe they can save some bucks when they share their data probably aren't the best to understand the larger picture. The data is valuable for different purposes but it is also difficult to put a price tag on it.
What was the cost of the Cambridge Analytica scandal to the average user?
There were a lot of people in the data set, certainly, but how many can quantify damages?
If anything the Cambridge Analytica scandal was (disturbing) "win" for privacy loss: a lot of the Cambridge Analytica demographics markers were baked into the Facebook ad platform and became standard ad demographics soon after. The Cambridge Analytica scandal as played out looked like Facebook was stamping out bad privacy practices using its platform, but the real message was Facebook eliminating a competitor to their ad business by eliminating their access to Facebook's data. Lucky for Facebook the PR mostly stuck with the face value of "stamping out bad privacy practices", but even a lot of the people that saw/realized it was simply Facebook eliminating a competitor have mostly shrugged and continued to use Facebook (though Facebook did add some opt-outs at that much more modest uproar, versus all the loud thundering noise Cambridge Analytica got).
It may have influenced the result of the 2016 US presidential election.
IIRC, the Trump used that data set to send targeted ads to ~90M independent and republican voters. Independents got ads attacking Clinton and emphasizing prominent Trump supporters. Republicans got turnout-oriented ads.
Provided he won by less than 100k votes (and lost the popular vote), the cost to the median US citizen was likely quite large.
I didn’t know the same demographic markers had been baked into the platform. This is very concerning.
Cambridge Analytica had no way to buy Facebook ads, which were the primary platform of these micro-targeted ads during the campaign, specific to people in the gathered data they had without Facebook platform support. Facebook ads never had an API that you could just give it user IDs or emails and target them specifically (and one would hope that Facebook would eye any such ad campaign with suspicion even before scandals like Cambridge Analytica). Cambridge Analytica had to encourage Facebook to add most of its same demographic markers into the platform to pull that off. That's definitely one of those "it takes two to Tango" sort of things where if it wasn't in Facebook's platform, how did they target those ads in 2016?
Certainly they cross-compiled that data with other ad systems and phone lists and who knows what else, but given the scandal with respect to that specific campaign was primarily about their micro-targeted Facebook ad buys, Facebook is still left culpable as the platform owner at the end of the day.
But I'm of the belief that micro-targeted ads should be illegal in general, and all of the micro-targeting enabling ad platforms seriously questioned for what they've enabled in the last decade or so. The fact that they are generally acceptable and multi-billion dollar revenue generators is its own reminder of what this thread is about that the average person doesn't seem to care about all of these invasive data privacy issues.
I didn't know FB had been actively involved in the process, I thought they had just been criminally negligent regarding the amount of data third parties were allowed to gather.
> the average person doesn't seem to care about all of these invasive data privacy issues.
I know, anecdotally, I became half a pariah in my family for refusing to register and share pics of my kids on WhatsApp. That was after the FB purchase, but before they changed the terms of service. I didn't trust FB, and was ultimately proven right.
Semi-related to that, when Facebook did finally roll out it's opt out from certain ad demographics tools in I want to say 2018-ish they included a view of your own demographics (if you could find your way through Facebook's maze of Privacy Settings with many corridors all alike), a Slack I was in at the time and I went through all of our personal demographics and one lasting result of that conversation was renaming one of the channels to #friendsofexpats because "Friend of Expats" was the creepiest, almost threatening sounding demographic tag that we all seemed to share (among other creepy, almost threatening demographic tags that don't actually sound useful to non-evil advertising). Because that was memorialized in a channel name that one has stuck with me since.
This is true. Even Snowden's revelations didn't have much effect outside of tech circles. US congress even got away with passing a law to retroactively make some of the revealed illegal spying on Americans legal. The public either does not care or feels impotent.
Governments love corporate surveillance as it allows them a source of data without having to worry about scrutiny they might face by collecting the data directly.
It feels hopeless that surveillance capitalism will ever be able to be reigned in.
> Snowden's revelations didn't have much effect outside of tech circles
This is not true. There were lasting changes in public perceptions around the surveillance of Americans [1]. And bulk collection under the Patriot Act was repealed [2]. That is far from complete, but it's also far from nothing.
The reforms to bulk data collection were immediately after the revelations.
Congress has been continuing/expanding surveillance in the years since. But, perhaps not to the degree they would have without Snowden's revelations? I want to believe that Snowden's great sacrifice made lasting changes, but I don't think the evidence supports it.
E.g.,
> Congress extends patriot act section 702 spying powers (2018)
> With practically no public notice and no public hearings, the House of Representatives passed the College Transparency Act (CTA) on Feb. 4, 2022, by slipping it into a much larger unrelated bill called the America Competes Act, intended to better position the United States to compete with China. (2022)
> creation of a comprehensive data system that would include the personal information of every student enrolled in college or another higher education institution, and track them after their [sic] graduate.
> Congress retroactively legalized some of the spying
Extensions of §§ 702 and 215 didn't roll back the reforms in the USA Freedom Act [1], which was a hodgepodge of intelligence reauthorizations and admittedly minor reforms. (But reforms nonetheless.)
> House of Representatives passed the College Transparency Act (CTA) on Feb. 4, 2022, by slipping it into a much larger unrelated bill called the America Competes Act
Anyone claiming CTA was slipped into the ACA wasn't watching the ball. I first heard about it around 2021 [2], which was itself a re-introduction of an earlier bill. It went through discussions across two administrations. The only opposition was from higher ed, who didn't want the record keeping burden.
"It feels hopeless that surveillance capitalism will ever be able to be reigned in. "
It will likely by some combination of:
1. starts to impact the 1% (e.g. Congresswoman Feinstein didn't care about privacy a whole lot until she found out the NSA may have been bugging HER, etc)
2. an active interest in counter-measures (up to and including not buying or dismantling IoT options; people are already on forums in growing numbers looking for 'dumb' appliances and looking to hoard car parts to keep the ICE cars rolling indefinitely if possible)
3. a second Cambridge Analytical with any measurable, discrete, bad outcomes that follow (e.g. someone uses breach data to stalk a person, a group of shareholders get fleeced [aka see 1])
There is no silver bullet here in my view. A confluence of events will at some point likely hit critical mass and force it. Almost no one thought data sovereignty regulation would take off, but GDPR, CCPA, and a growing list of similars have proven that was a misstep on the part of tech to avoid a balkanized regulatory universe, but they simply could not agree to give up on iota of adtech dollars....so they will lose it by endless smaller cuts. The legal/compliance industry will reap those profits instead.
> There are no pitchforks. There is no angry mob. To the degree there is consensus overseas, they arise from nationalist impulses with respect to security (India) or competitiveness (Europe).
If only the "anti-vax" mob could have been motivated towards upholding Internet privacy... We'd perhaps have a far more relevant and meaningful protest in the U.S.
> if only the "anti-vax" mob could have been motivated towards upholding Internet privacy
They’re a natural demographic! But connecting to them requires showmanship, crossing a partisan line for some, and bridging to the anti-Big Tech crowd. No easy work.
Correct, and this is where full-throated advocacy for government intervention is necessary. At this stage, not even for a change in practice -- simply an across the board disclosure of what the practices are, trade secrets/capitalism/ etc be darned.
I've thought about this many times, and my answer is: when there is a massive, at-scale leak of seriously disruptive personal information. Think Google search history, medical files, or databases of credit card transactions. When it takes enough peoples' lives off the normal track, people will finally be fed up.
Also the Equifax breach seriously messed up people's credit, work life, and daily lives.
Given Equifax's one job is to protect people's credit you would have hoped they'd have gotten more than a slap on the wrist of a class action lawsuit. At the very least, you would have expected their clients (banks) to have had trust issues in remaining their clients and something of a long term impact on their revenue. (It's done nothing but grow its revenue since the data breach.)
What's really rich about the Equifax breach screwing up people's credit is that Equifax also makes up the credit ratings. It's the corporate equivalent of "nice reputation you have there, would be a shame if something happened to it" type of protection racket. And before anyone accuses me of hyperbole remember that Equifax themselves call it "identity theft protection”.
Obviously I was being hyperbolic, which is partly why I emphasized it. Though this list doesn't actually read to me as being anything more than "monetizing everything they can even remotely related credit ratings". It's not really a different "product" selling credit ratings for their intended purpose to banks and selling them to non-bank businesses for looser moral purposes, is it?
The north american credit rating agencies have seen numerous leaks of immensely disruptive personal information. This happened so many times that there are talk show episodes about it.
This happened. The vast majority of people do not care or do not have time to care.
I love how you brought up this meme (which used to be a consensus opinion fwict ~2009) and it immediately got discredit with multiple examples! Clearly this is not a way forward ("waiting for others to be outraged" - guess what? They already are!! You are all just too coward to change your behaviour) we /must/ move to FOSS and p2p, all energy should go towards solving the tragedy of the commons in cyberspace and then the resulting communication structures will help us solve our issues in meatspace. Anything else is just wishful thinking or waiting for the tools to be available from the programmer class.
John Oliver claimed that he did that 4 months ago -- buying sensitive data about members of Congress, but once he got his YouTube views, he dropped the topic. Controlled opposition.
The best way for us as individuals to regain power and protest over misuse and collection of our data is to defiantly and deliberately "corrupt" that ill gotten data...
Go into really kinky sex shops and just browse around... Go to Chuck E Cheese and crash a kid's birthday party and jump in the ball pit (especially if you don't have kids). Buy diabetic socks, especially when you don't need them, or even lingerie for the opposite gender from Target. Host wild phone conversations with your friends in a nonsensical language, and do it as much as possible... Cover your front phone camera with black tape when it's not in use... Talk frequently about the opposite of what your real plans are directly into every microphone placed on every Internet connected device... Never use the same password you use on important resources for social media...
Adopt a great new pseudonym, and never verify yourself on any of your social media accounts, they can't demand that info, they're not the Government.
Fundamentally, AdNauseam's approach is the correct one: corrupted data is far worse for adtech than missing data. Highly suggest installing AdNauseam, and then applying its ideas to your everyday life. Maybe occasionally buy things with friends' credit cards, then pay them back in cash?
> Fundamentally, AdNauseam's approach is the correct one: corrupted data is far worse for adtech than missing data.
No chance. No one cares if the data they have on you is accurate or not, least of all ad companies. They'll happily push ads at you all day and it doesn't matter to them what they're for. Companies will continue to use that false data to force you to pay more. An employer who refuses to hire you because of a false understanding of your spending habits or political views will never know the difference and neither will you. You'll just not get the job, you won't know why.
The data collected on you will be used against you no matter how accurate it is. Feeding the system "corrupt data" is still just handing them ammo to hit you with. It will always be better for you to avoid handing them data at all.
That's not a coherent response to my point - I have no idea what you're trying to say here.
> No one cares if the data they have on you is accurate or not, least of all ad companies.
This is wildly, factually incorrect. There's literally no reason for anyone to gather data if it's going to be consistently inaccurate. In the case of ad companies, they want correct data because they think it allows them to target ads better - they definitely care about accuracy.
> They'll happily push ads at you all day and it doesn't matter to them what they're for.
This is irrelevant. The problem of "I'm being shown ads" is completely orthogonal to the problem of "an organization is collecting a bunch of personal data about me". My comment was explicitly about the latter, yours is about the former and so shouldn't be a response to mine.
> An employer who refuses to hire you because of a false understanding of your spending habits or political views
That's an edge case that's easily worked around - just make your noise-introducer not add hazardous content.
> The data collected on you will be used against you no matter how accurate it is.
You're assuming that the data collected is actually useful as a weapon, and there's no reason to assume that. Your noise-detector could just add interests in a bunch of different products (avoiding the hazardous ones) - very low risk, and very confusing for an adtech company.
> It will always be better for you to avoid handing them data at all.
This is true in theory, but unfortunately very difficult in practice. Ad Nauseam's approach is the realistic, pragmatic one that survives contact with reality.
> In the case of ad companies, they want correct data because they think it allows them to target ads better - they definitely care about accuracy.
If they cared, at all, they'd provide a means for people to confirm the accuracy of the assumptions they make about you and correct mistakes. They also wouldn't bother with buying from data brokers who gather data from any number of unreliable sources. It's quantity over quality every time.
I'm not even sure ad companies actually think all the data allows them to better target ads or even that targeted ads are preferable. They have to convince their clients of that though. Really all they care about is pushing ads and collecting money.
> just make your noise-introducer not add hazardous content.
Good luck. There are an endless number of things that might prejudice someone against you. Your lifestyle, your politics, your religion, the people you associate with, your sexual history, your hobbies, your medical conditions, etc. The longer you go filling your dossier with random information the more likely it is that you'll end up hitting one of them.
> You're assuming that the data collected is actually useful as a weapon,
No one is collecting your data for your benefit. It is always to benefit themselves at your expense. Every scrap of data that is taken from you will be leveraged against you or sold to someone else on the promise that it could be.
The reason there is a multi-billion dollar a year industry around buying and selling the most mundane aspects of your life is because it gives others huge advantages over you. It allows them to take more of your money, to punish you, to erode your ability to enact change, and to manipulate you into supporting positions favorable to them.
The data they collect allows them to do this no matter how inaccurate their assumptions about you are. You may not 'deserve' to be targeted by an extremist group who got your name and address from a data broker, but they'll still punish you for what they think you are or have done. You might not have as much money as your dossier suggests, but a store is going to raise their prices for you based on that data anyway while charging your neighbor less. You might not actually eat out as often, but your health insurance rates are still going up if the insurance company gets the wrong idea. You might not have actually been looking up rope, hacksaws, tarps, and duct tape on November 12th, but the police will still question you if they see it in your search history and will gladly throw you behind bars if they think you'll be easy to convict for the crime.
Ad Nauseam's approach fails to have any meaningful impact on the outcome. You'll still get abused and be taken advantage of, just sometimes it will be for the wrong reasons.
You can't always avoid giving any data away, but stuffing your dossier with more and more data (no matter how random or inaccurate) will always be worse for you.
> Every scrap of data that is taken from you will be leveraged against you
False, because if I feed false & non-incriminating pieces of data to a surveillance system - which is not an edge case, but the exact idea that we are arguing about in this thread - then it will not be leveraged against me, and in fact it will decrease the amount of leverage that the system has against me.
> or sold to someone else on the promise that it could be
Right, at which point it will make that system worse, as well.
> The reason there is a multi-billion dollar a year industry around buying and selling the most mundane aspects of your life is because it gives others huge advantages over you. It allows them to take more of your money, to punish you, to erode your ability to enact change, and to manipulate you into supporting positions favorable to them.
Yes, I know this, and the point of feeding fake data is to prevent people from doing this. There's no point in putting this in, because that isn't the interesting part of the discussion, it's whether fake data actually works. Why do you keep putting completely irrelevant material into your comments?
> The data they collect allows them to do this no matter how inaccurate their assumptions about you are.
No. No no no. This is false. "Inaccurate data", just by itself, is worthless. It doesn't do anything. It's only inaccurate data along specific dimensions ("incriminating" data) that actually matters, and it's straightforward (if not easy) to "shape" the fake data that you feed to surveillance systems to that which is simultaneously (a) damaging to ad systems and (b) not incriminating at all.
And the rest of this paragraph? Pure speculation. You cannot make a connection between these kinds of negative outcomes and Ad Nauseam (and related techniques) because it has never happened.
> Ad Nauseam's approach fails to have any meaningful impact on the outcome.
You have precisely zero evidence for this, and I have counter-evidence: Google specifically banned Ad Nauseam from the Chrome Store[1], which is very good evidence for the fact that it is effective in ways that adblockers and anti-fingerprinting tools are not.
Your entire comment is filled with ridiculous assertions, completely irrelevant tangents, illogical leaps, and pure speculation. None of it lines up with reality.
> You cannot make a connection between these kinds of negative outcomes and Ad Nauseam (and related techniques) because it has never happened...Your entire comment is filled with ridiculous assertions, completely irrelevant tangents, illogical leaps, and pure speculation. None of it lines up with reality.
I clearly can't convince you, but I strongly encourage you to educate yourself if you honestly think none of the things I described have ever happened or could ever happen. Pretty much all of it is happening and/or has happened.
Stores changing prices on a per person basis based on their data?
"For example, ZipRecruiter, an online employment marketplace, indicates that it could increase profits by 84% by experimenting with personalized prices (Wallheimer 2018). Other players, such as travel sites (e.g., Orbitz, Hotel Tonight; DeAmicis 2015; Mattioli 2012), retailers (e.g., Amazon.com, Home Depot, Staples; Streitfeld 2000; Valentino-DeVries et al. 2012), and even grocery stores (e.g., Safeway; Clifford 2012) have also reportedly begun implementing personalized prices for their customers based on individual characteristics." (https://link.springer.com/article/10.1057/s41272-019-00224-3)
Other fun ways stores use your data to discriminate against you? They can tell you their return policy is that they don't accept returns or have a very short return window while the next person who walks in the door gets told their return policy is extremely generous. Some even use it to decide how long to leave you on hold, bumping you down to the bottom of the queue when someone with a better "consumer reputation" calls in.
Health insurance rates being influenced by big data? There has been going on for a long time and there's a massive push to increase it.
"Insurers contend they use the information to spot health issues in their clients — and flag them so they get services they need. And companies like LexisNexis say the data shouldn’t be used to set prices. But as a research scientist from one company told me: “I can’t say it hasn’t happened.” (https://www.propublica.org/article/health-insurers-are-vacuu...)
Police using search histories to fish for suspects?
Seriously, all of this stuff is happening. The vast majority of the ways the data you hand over to companies are being used against you happen without your ever being made aware of it, but be assured that your life has already been impacted by the data you've provided and you will be dealing with the fall out of that data being out there for the rest of your life. Adding more data to that pile, accurate or not, will only hurt you.
Google banning Ad Nauseam is not proof that it will save you. Google is in the ad business and it's possible they banned it because they objected to the concept, thought it could have hurt the perception that their data was accurate, had concerns about how it would impact payouts, or any other reason, but it would do nothing to prevent any of the abuses described above and actually opens you up to more risk.
It's not like anyone is throwing out the file they have on you because there might be a mistake in it. Data brokers get paid the same no matter how accurate their data is. Feel free to get yourself flagged as being/doing more and more random things on top of all the real data you give up if you like, but I hope that you'll give it some real thought because it can, is, and will be used against you, and all that data (real or not) never ever goes away.
I've had my comments and posts here turned into comedic bits and skits many times by certain YouTube channels (ehem)... Never got credit or a check for any it though. :P
Because we’ve allowed media to become entertainment and the internet killed print, and as a society we’ve lost the ability to sway the population with anything approaching fact.
Media always was entertainment. Internet is just print v2.0. As a society, we never were able to sway the population with facts.
If you look at the history you will see the same things happening over and over again. That doesn't mean we shouldn't fight for what is right, just don't be discouraged if the effect is less than desired.
The pitchforks are already out, as part of the larger anti- technocratic/bureaucracy movement. Unfortunately, as that movement has gained popularity, its energy has been captured by Trumpism with its siren song of simplistic not-even-wrong answers. I'm not singling out Trumpism here, despite its seemingly exceptional virulence. Basically every political movement gets coopted and neutered this way in the US, once it gains enough popularity. There's money to be made, after all.
"When I go shopping, or even to my doctor now, I leave my phone in my car."
I don't blame you, I go one step further, I use a rooted deGoogled phone with location defaulted to off and all apps with few exceptions such as browsers are specifically denied access to the internet. Even then I use multiple browsers for different jobs/sites with JavaScript defaulted to off. Oh, and I nearly forgot to mention the phone's VPN-type firewall.
When I go shopping I mostly use cash even for large purchases say up to $1k or so (I'll actively go to an auto teller and withdraw cash first rather than use my cards). I keep online purchases to an absolute minimum and when I do I make them with 'corporate' type cards.
I don't see this as paranoia, rather it's common sense. Anyone, who runs a logcat log-displaying program on a rooted smartphone without additional privacy protection steps being taken is astounded - in fact horrified - at the amount information that's being stolen from one. The log entries flash past in their thousands much faster than it's possible for anyone to ever read them.
I've little to hide and my lifestyle is really pretty boring and ordinary but I'm absolutely affronted how this situation developed without proper laws being in place or enacted (not long ago the privacy of telephone circuits was considered sacrosanct and laws rigorously protected us from being monitored).
In the grand scheme of things I recognize that my efforts are pretty futile but at least I gain some satisfaction in trying to combat the bastards.
I don't quite understand why the general attitude of the population to maintaining one's privacy has considerably lessened in recent decades, and similarly why existing privacy laws are not being upheld as they once were.
The CCP hasn't come arrest me for speaking against a government official and the Saudi government hasn't arrested me for dancing and the Australian government hasn't arrested me for participating in a protest, etc...
One day soon all Americans will start facing consequences for even benign actions and then they will care.
Or the National Security Law is enforced in an extraditial manner as it's written.
(Also, don't forget the US has extratraditial laws with punishment involving crimes of abuse and crimes of having unreported money in other countries [i.e. being american and working for a company+living in say the UK])
I get the metaphor, but this is a myth. A frog, like you, will absolutely jump out of the water as soon as the temperature gets uncomfortable, let alone lethal.
I know, donkey's years ago a teacher demonstrated the fact in the school's science lab much to the horror and chagrin of some students and to the gruesome delight of others. Within a few seconds the frog jumped out completly unharmed.
No doubt today such experiments would be completely banned not to mention that anyone who dared tried it would experience the full wrath of Peta brought down upon him/her.
> rooted deGoogled phone with location defaulted to off and all apps
asking for a friend, she wants to know how to do this, she is very privacy conscious.
> I nearly forgot to mention the phone's VPN-type firewall.
also she wonders what vpn service you use here
> logcat log-displaying program on a rooted smartphone without additional privacy protection steps being taken is astounded
and one last thing she wants to know is how would you do this for a windows 10 laptop? can you hook it up to some raspberry pi device that can monitor outgoing and incoming packets? I suspect its rooted but people keep telling her how its impossible to trojan windows 10.
> one's privacy has considerably lessened in recent decades,
just to add my piece, people have been collectively brainwashed to place lot of value to essentially phantom points, be it instagram likes, followers on twitter, retweets and crypto. they are willing to go above and beyond to do the surveillance voluntarily.
I watched a piece on instagram thieves who chuckled how easy their victims make their job for them by showing off what they've got and when they are away from home. I imagine this is the same for people who believe they are building a startup legally.
Remember the quote from the biggest social media creator: "They trust me dumb **s"
Re rooted deGoogled phone. This is a huge topic and I cannot do it justice here. I suggest you look up the principles of phone rooting and or go to a repterable site on the subject such as XDA Developers.
Re: VPN, see my comment below to zen_1..
Re: Windows, yes, it's possible with routers and even a Raspberry Pi but it's equally complex and very different indeed to that of an Android phone.
Finally, I could have largey expanded my reasons for why I failed to fully understand the reasons why values within the population have changed in respect of privacy but I don't have the wherewithal to do it justice in the space available.
GrapheneOS on any pixel phone is my goto. It's way easier to install a custom ROM now than back in the day, anyone can do it if they can follow instructions (and reseat their phone cable if the process stalls after a phone reboot)
some banking apps don't work but apart from that it's 100% functional
> vpn
Mullvad (Sweden based) and Proton (Switzerland based) are two VPNs with a good reputation imo.
I'm sorry if I didn't explain the firewall VPN stuff well. Android lets one set up VPNs so firewalls exploit the concept to divert traffic from apps to a nul-VPN, apps think they've access to the internet but their traffic doesn't go anywhere.
This satisfies apps that demand such access, they'll still work on the premise that they have internet access, it's just that it's down all the time.
One such firewall app is Karma FW, it's available on Google's app store - and if you think you'd be violating your privacy even further by going there then use the Aurora Store app to spoof the download. As it violates Google's terms of service you have to get it from F-Droid's repository.
I haven't run into apps like that before. I've always just denied the network permission or used AFWall+ (when rooted) to block network access from apps I don't want phoning home
The trouble with that (even on a rooted phone) is that the Google Play Services app collects info on everything, it's the most pernicious of any app. You only have to do the slightest thing on your phone and you can watch the size of its data file grow, thus routing its internet access to a VPN firewall is essential.
Unfortunately, Play Services uses the internet for various necessary functions. The only truly satisfactory solution is to remove it altogether and replace it with GApps which is a sort of 'clone' with the anti-privacy stuff removed.
GrapheneOS supports installing Play services as a sandboxed unprivileged app [1] where you can revoke its network permissions and manually restore them if needed. I should know, it's what I do :).
If I could avoid using google software completely, I would, but this is the second best option IMO.
> is microG still a viable alternative to GApps or is there something else that’s taken its place?
microG is still viable afaik, but I prefer GrapheneOS's sandboxed google play approach since it's much more feature complete, and supports e.g. my 2fa hardware key, while that's currently missing from microG.
> The ROM community, especially those that cared about privacy, was quite small few years ago, especially for non-Pixel devices
Yeah Pixel devices are still the only ones you can expect to be supported by GrapheneOS and CalyxOS etc..., for anything else I think your best bet is to install LineageOS(formerly cyanogenmod) and microG if you can accept the current https://github.com/microg/GmsCore/wiki/Implementation-Status
no worries think its pretty obvious what to do with here.
curious to know if some external firewall running on raspberry pi that sits between windows 10 desktop and the wifi exists. it would be ideal for inspecting network traffic
> I'll eagerly look forward to getting my $1.39 from the class action suits once the lawyers all get paid.
If you sign up for the $1.39, that's an admission of using an Oracle product, which allows them to force you to do a licensing audit. I hope you don't have any old JREs.
You are not crazy nor paranoid. You are just ahead of others. Those of us who take the precautions have heard it or ask ourselves the same thing quite often. I no longer use a SIM with my phone running a custom OS. I pay cash and wear a mask in stores to thwart the facial recognition. None of this is an inconvenience to me but rather a more liberated way of life.
You're paranoid in the sense that you're making a conscious effort to prevent someone else doing something that doesn't harm you in any way.
Wait until you find out the shit they put into your water, your air, your food and your mind through mass media. You'll end up living in the woods if you take your trail of thought to its logical conclusion.
So either you're already in the woods, and then you'd not be on HackerNews, or you're playing 'I'm making a difference by drinking through a metal straw that I carry around to save the planet'.
This defeatist "give up civilization or accept all it's evils as inevitable" is a very simplistic way of seeing it. Open society will always have a chance of improving as long as some people are paying attention to something that interests them and making some effort.
The /e/os distribution bundles MicroG, which Lineage has flatly refused to consider.
MicroG pretends to be Google Mobile Services, allowing more apps to run. It requires signature-spoofing, which is a major architectural change to Android.
There is absolutely no reassurance of any privacy any more. Several VPN providers have been caught for leaking data to corporations over time as well. There are too many points where any software can be compromised, e.g. the APIs and libraries required by any application, to ensure proper privacy.
It's wiretapping conducted on everyone using devices they purchased by private companies (that uphold no responsibility for proper use or securing the data) without any justifiable cause... God help you these days if you do warrant a wire tap, but at least the Government is usually a bit more secure and regulated concerning storage and use of that data.
You can use Google to push targeted messaging to people based on the dossiers you collect.
They don’t sell the dossier, but they can leverage it. In many cases they can make inferences without the dossier. For example, you can target anti-opioid or anti-extremist materials at people identified as risks.
For example, you can target every pregnant woman in a geography and score her risk of giving birth to a child with an opioid addiction. That child will cost a health insurer ~$2M, so targeted ads that convert to intervention are very high value.
Where it gets weird is you can reverse engineer the dossier at scale. You can target very specific conditions without google “selling” that data to you. If you’re a 50 year old male searching for divorce attorneys who moved 6 times, the context of searching for “pain killers” or “target range” may have a different context than if you’re an 18 year old athlete booking a cabin in rural Maine.
I thought the context (parent comment) was enough. Parent is concerned to the point of leaving the phone before going to the doctor. It is well-known that Android (the non-de-Googled version) actively tracks your location [1].
This is how we collectively got here: "This product doesn't work for me, I want something that does." We collectively asked for more product/service diversity, more on-demand personalization and lower prices and we got it.
We need to accept that the attention/surveillance economy is a natural outcome of high volume personalized markets. I did my undergraduate thesis on "Nash equilibria to predict consumer decision making under uncertainty" under Dr. Bruce Lister WELL before machine learning was even a core field of Computer Science.
People, individuals, you and me, demand increasing determinism from other stochastic humans so that we can better predict and manage our relationships with them. A corporation has the same instinct, so they are doing the reasonable thing and collecting data in order to predict the next state in the Markov Decision Process that is you.
Every major technology (and some non-technology) corporation either has built or is building a similar system to optimize you for their system. People have chosen by a HUGE MARGIN to join these systems because the non-hidden benefits outweigh the hidden risks. For the people that recognize the externalities some are pushing back (like these lawyers), but most people don't even know this is happening and honestly don't care because you get benefits from it.
The only thing shocking about this is that Larry said the quiet part out loud
Your comment makes little sense to me on many levels, but I strongly object to your assertion that "people have chosen by a HUGE MARGIN to join these systems". Oracle can not have possibly amassed consent from 5 billion individuals to mine data on them. People have certainly not opted-in for this kind of surveillance in exchange for "product diversity" or "lower prices." These objectionable consumer surveillance databases are being amassed and maintained regardless of whether they actually benefit the people in them or not.
Oracle can not have possibly amassed consent from 5 billion individuals to mine data on them
I would actually claim that not only did they consent, they did so in a legally binding way through the terms of service (that they didn't read).
I'm as guilty as everyone else here, but the fact is there are options to keep yourself out of these systems if you want to - nobody is forcing you to use a credit card or be on the internet.
Does it mean you will miss out on things that make life easier, faster, healthier, cheaper etc..? YES it does!
That is entirely my point though. We are trading convenience and consumption for privacy willingly.
> I would actually claim that not only did they consent, they did so in a legally binding way through the terms of service (that they didn't read).
Those 5 billion people don't all come from the same jurisdiction.
Under GDPR, no consent for trading your data can come through an implicit, coerced action like consenting to terms of services.
Under German law, clauses of terms of services are invalid if they aren't what a reasonable consumer would expect.
> I'm as guilty as everyone else here, but the fact is there are options to keep yourself out of these systems if you want to - nobody is forcing you to use a credit card or be on the internet.
I'd argue that having Internet access is quickly approaching the status of a human right (or should be), and buying things only is also getting increasingly common.
Thing is, there doesn't have to be this amount of data collection just to browse the Internet and buy things only.
I'm also not sure if lots of companies having dossiers on me is actually improving my experience anywhere. It seems likely they'll just use it sell me crap that I don't really want or need, simply by them being very persuasive and me having limited will power.
I was in a cafe the other day. They had some QR code based ordering system. After we'd chosen what to order, the system asked for my phone number. Stupidly I entered my number correctly. I can't prove that they sold my data, but I've gotten about 3-4 spam texts via imessage since I was in the cafe.
> Does it mean you will miss out on things that make life easier, faster, healthier, cheaper etc..? YES it does!
I don't think having my data passed around between multinationals is ethical, necessary or value adding in any way. At least not value adding to me! The cafe experience was totally fine when I ordered via a menu. And it works fine via our phones without the part where my privacy data gets sold to soulless companies for a few pennies.
Honestly I think the EU has the right of it in banning this stuff outright. Its disgusting, non consensual and sociopathic. Everyone involved should be ashamed of yourselves.
How can the customer demand anything with respect to surveillance if it's not clear that it's happening? Just because a certain advertising mechanism is more effective than others doesn't mean that consumers are "demanding" that advertising mechanism, especially if the data collection part of it is obfuscated from the consumer.
I don't claim that people are demanding advertising
I am claiming the people demand free/cheap products that fit their exact demands to be immediately delivered to them
The way that companies are solving "free or cheap" is by having someone else pay for the service on your behalf. There are only a few mechanisms for this that are "win-win" theoretically and advertising is the one that is the most popular.
In order for advertising to be useful it needs to be targeted and attributable and it has to be fungible across advertisers. Therefore if you want to be able to create an ad-market to keep your product free/cheap then you need to offer the highest granularity predictions for your advertising dollar - hence why we have extremely granular ad systems.
Because in most companies the PR team is near the bottom of the list of influence. Only slightly above coders. Certainly well below bean counters, salesfolk, and anyone with a TLA.
The models are as good as their underlying assumptions. Economics is definitely guilty of pretending fancy (for a layman) mathematical models "prove" things and disregarding the messiness of the real life. You've shown it yourself by saying "the Markov Decision Process which is you".
I've done both financial econ and biology/genomics and I by far prefer the latter as a field. It is not to say that biology research doesn't have flaws but at least everyone understands the mathematical models are only models.
The thing is, the models are actually pretty predictive at this point and are only improving.
Like scary predictive
There is no "getting worse" for the mathematics of prediction. In fact we have people in this thread saying to actually behave randomly in order to fool the systems.
So, you know, we actually figured out how to improve iteratively and it's increasing in speed of improvement of prediction
I don't dispute that. However the fact that predictive models work does not prove that people have choice and conciously choose to forego privacy. Look at apple/android there are huge scale effects/entry barriers at play so it's very hard for a more privacy-oriented competitor to emerge. Another thing is that people certainly don't understand how much data they provide and to what extent they are profiled.
It is possible to not be involved in the ad-economy, millions of people do it everyday. I would guess that most of these millions are old, illiterate, or are very poor, but you can do it without being any of those things.
This population of people are not on the internet, they don't use credit cards, they don't have a cell phone. They work for cash, live in the same city they were born in etc..
You and I are actively choosing not to live like that, when in fact it is a completely possible, reasonable way to live and by the way we have been living like that for basically all but the last few decades.
What about the data being collected has relevance to "product/service diversity" "on demand personalization" and lower prices?
Especially "lower prices"?
This data doesn't help lower prices, and prices haven't lowered. Corporate profits are through the roof while wages for all but the top 10-20% have flatlined or gone down when adjusted for inflation/cost of living. Savings and home ownership rates are the lowest in half a century. Etc etc.
1. It absolutely helped "lower" prices because you never pay anything for the services that are built around ad-networks from the start, specifically social media. Do you think 1.39 billion people would pay $8 a month to use tik-tok (12BN rev/1.39B users)? No chance. The entire conceit of the consumer venture landscape since 2012 is: "How do you build a community on the back of VC money which forms the data source for your ad-network?"
2. There are certainly companies now that get the benefit from the data without "passing the savings on to consumers" but they are saving money in their costs.
The problem is that this is not a clear and present trade off that people can consent to. When choosing an object on collecting data, lets go with a fairly noxious and bad example BMW, you can't have a clear understanding about how you accelerate, your speed, pictures from your car, etc are valuable.
At the time of purchase you are coerced into a market where things are unequally priced out, and even if it's told to you that you must accept that you give out your data. It doesn't make it clear about how far that goes, how it's stored, who it's sold to and correlated with etc.
"The user has to accept this" is a very authoritarian thing for you to say and to blame everyone here for.
And running those databases were Sun machines. Sun's CEO, Scott McNealy's famous comment, "You have no privacy; get over it," is all the more ominous in light of this. The fact that corporations now have all the data on us just brings them into parity with the government.
So that's who Eric Schmidt (Google/Alphabet CEO/chairman
2001-2017) learned this from. He was at Sun in various high-level leadership positions in 1983-1997.
"If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place" - Eric Schmidt (2009)
lol, as it if were some kind of competition. The reality is the surveillance state knows no real boundaries. The federal intelligence agencies can get whatever they want with little or no friction. Most requests don't even rise to the level of a NSL, which is the "sudo" of "give me all your data on X". In reality there is a range of cooperative behaviors anywhere from a payments system to wholly owned subsidiary to warrant. The government loves the innovation that the private surveillance market has come up with. It's a buffet at this point.
The endgame of having total access to peoples' private behavior to manipulate them for profit is not a CIA game. To my knowledge it's not a pattern to do a short stint in intel and then go into business to exploit the information you gathered. No this is different. This is the essence of the threat to democracy and to widespread economic opportunity, since it creates and insurmountable advantage for people with this information. Historically, power sharing doesn't survive when the balance of power is lost between narrow interests and the broader population. That balance is a rarity which is why so many civilizations throughout history settled into broadly 'disincensitivized' populations. If the US loses it, it would lose what makes it special.
I don't see a problem with behavioral analytics. Anyone can do it, it's not going to break us. What will is one or two organizations having exclusive access to our behavior and using that info to create a competitive advantage. So I think Apple is moving in that direction more than anyone else. Meta provides demographic info to any advertisers who sign up to use its service and so is not a threat to economic opportunity at all IMO.
Every big enough company is like that. They are the stereotypical paperclip machines. They only do something apparently moral thing if not doing that would impact profits.
Oracle is lawnmower, it doesn't hate you, it doesn't have feelings, Oracle is as mindless and soulless as a lawnmower, however instead of mowing the lawn it makes money.
Oracle doesn't have feelings, it is for all intents and purposes the Borg.
Except the Borg don't have individuality whereas the people at Oracle do. I'm tired of pretending that, say, individual human SEs are not responsible for their work because they're just doing what a corporation demands.
Fine, you can try to hold the developers responsible.. somehow.
Except it won't mean anything. Because someone will just fill their shoes after they leave. There's enough money to make that possible. And in fact it's the companies doing the most icky things that have the most money to just go hire more. That's where the revenue firehose is.
When I was at Google, it was internal culture for Googlers to raise a fuss about a lot of things all the time -- despite the company being an advertising company there was a general uneasiness about crossing various "lines in the sand". There was a very active internal dissent culture, on "memegen" and the weekly TGIF all-hands, and so on. It was broadly acceptible to stand up at TGIF and politely take Larry to task on some thing that was seen as crossing this line in the sand. It happened all the time.
Over time the company just got better and better at evading responsibility to this pitchfork crowd. After all, they had investors to satisfy. And the "line in the sand" just got further and further out, and what was seen as "creepy" and "not Googley" and against company principles just got more and more watered down.
And if you walked away from that (like I did, not that I was of any importance)? Google has plenty of money to go hire new SWEs.
The answer has to be regulation that sits above and beyond the corporations. Nationwide or global standards of behaviour, enforced by law, that set basic ground rules for what is permissible in the market. How we get there from here, I don't know. Some jurisdictions have been better about this than others.
> Because someone will just fill their shoes after they leave.
The fact that dictators are usually replaced by dictators doesn't mean dictators aren't actually the problem. This is akin to the common argument that other, bad people are also doing the same thing that I'm doing, therefore what I'm doing is good, or at least morally neutral.
Just because there are people just as bad as you that can replace you doesn't make you not bad.
> The answer has to be regulation that sits above and beyond the corporations. Nationwide or global standards of behaviour, enforced by law, that set basic ground rules for what is permissible in the market.
We say this as if the institutions that would define and enforce this behavior aren't subject to the same self-interest as Google management. Soon, plenty of them will be ex-Google (and other tech) management, to which they'll return after delivering.
What "we" need to do is dismantle and descope large institutions. But since there's really no "we" what we each need to do is protect ourselves from these institutions by creating smaller federated defensive institutions of narrower scope, and treating the Googles and the USAs of the world like the weather, or more accurately like natural disasters or invasive species.
> Except the Borg don't have individuality whereas the people at Oracle do.
Sadly we know that groupthink is a thing and that many people seek conformity over conflict and correctness. You can safely assume that anyone working for Oracle is a mindless Borg drone out for more money without any care what they destroy to reach that goal. They are still guilty as hell but from a general apathy and not some active choice to be evil.
I think you don't understand how Oracle works to put in perspective a 18th century Russian serf probably has more capability to influence his environment than does an SE at Oracle. You really need to look at the talk posted, an SE at Oracle is nothing more than a cog in a machine. Trust me the SE's at Oracle could do everything in their power to make some change happen in oracle and it would be similar to a gnat farting to try and change the direction a cruise liner is heading.
The 'lawnmower' is capitalism as a whole, not just Oracle.
It is an incentive system which maximizes on only one kind of efficiency.
Consumers and investors are not capable of making collective / aggregate market decisions on any criterion other than profit.
Moral judgements play no part in it. Explicitly not so, in fact.
The individual agents in this structure are merely transitory carriers of a larger overriding process. Even if as large as Oracle or Google or whatever.
You could make Oracle go away but the logic remains. The hydra has many heads.
the conventional counter-argument to that is that anything we care about can be valued, which in turn can be monetized, so everything under (and including) the sun can be compared and optimized for in a decentralized way.
that's much harder (and perhaps P=NP impossible) to do in practice for qualitative aspects of life (e.g., love, wonder, beauty, etc.), which is why we have such an imbalance of valuing things that are easier to value (food, machines, services, etc.).
You really need to watch the video but TL:DR is that Oracle isn't per say evil, it just chases profit like a lawnmower cuts grass.
If you get your foot cut off by the lawnmower, it isn't the lawnmowers fault as it wasn't out to get you, just out to cut grass.
The same is 'true' of Oracle wrt them chasing profit. If you stand between them and profit, that is your fault if you get hurt as you always know what Oracle is going to do in that situation.
Oracle is people. Both in some abstract legal sense and in a literal sense: its a group of people doing things.
As such they are accountable for their actions - what sort of utter stupidity is this "oh but since the word corporation is involved we don't need to hold people accountable" bullshit you are spewing?
Not really fitting. Oracle is just a group of people. If you take away the rider, a lawnmower is still a lawnmower. If you take away the employees oracle entirely ceases to exist. You can't hand wave their moral responsibilities as humans.
Number 2 is not necessary. Oracle will make it evil, it doesn't have to come externally.
And... now that I said it, number 1 is also not necessary, Oracle will take their profits from bribed markets or courts if they need, it doesn't have to come from a normal market relation.
I think the lawsuit is probably referring to BlueKai which was a company Oracle bought in 2014. I’m not even sure if they are the biggest third party DMP out there
I'm going to have to ask you to put quotes around "engineering".
Had a colleague that interned at Oracle and was proud of how he learned to make better Powerpoint slidesets there.
His tips included "Always make slide headings full sentences including full stops". He would rename a slide titled "System architecture overview" to "The system architecture is distributed in four microservices.". (This would be above the chart showing the actual architecture)
Turns out Oracle execs famously print out slidesets, don't read them, but do read the headings, so this was what he had to do to ..."succeed".
Wow, that's the exact opposite advice I got doing an internship for an oil company a decade ago. They emphasized shorter (and hidden + animated bullet) points so that audience has to listen and engage with you, the presenter. Otherwise they just read your slides and put their brain in park.
I'd take the oil companies suggestions to heart, not Oracle's.
> Otherwise they just read your slides and put their brain in park.
I believe this is the point of the strategy. Imagine the presenter is hired in as a consultant, but the audience are the ones footing the bill without any knowledge of the actual work, timeline, etc. involved.
All they want is a white dude in a shirt, tie and suit to talk a lot and sound smart. The easier it is to convince the audience of that, the more suitable to purpose the presentation is.
Yeah, Oracle built some of the best Database and Datawarehouses and kicked serious ass. There is a reason it powered almost all fortune 500 companies in the 90s to pretty much 2015.
I based my half-joking statement on knowing exactly one colleague who worked at Oracle who couldn't program his way out of a wet paper bag, but could give you a 2-hour presentation with encompassing 80 slides on how many consultants you should hire to investigate the role of paper bags in your company.
Better communication to your audience is an important engineering skill. Although I don't think headings should universally be full sentances, having the top level detail could be useful: System Architecture - Four Microservices could be much more useful than just System Architecture.
One of the defining moments in my view of the industry was discovering, some 10 years ago, that Oracle’s client side library are still using 8-character function names internally.
With enough data, you can model user behavior pretty accurately. But you can also use the same data to train models that generate valid user behavior patterns.
The ad industry is very profitable, but it seems to hang in the balance. Ads are effective as long as data you use to segment users are accurate. What happens if data becomes corrupted? Something like "This Person Does Not Exist" [0], but for user data. Your user behavior just remarkably similar to your actual behavior, but you can filter out the sensitive parts.
I'd love to see someone come up with a program or little gadget you can solder to the "smart"-things, and actual usage telemetry will train a locally deployed model that generates user behavior data that is indistinguishable from real user data, only it doesn't say anything about you.
I’m doubtful about this lawsuit. Talk of “dossiers” is extremely hyperbolic.
For those not familiar with it, Oracle’s data platform is effectively a supermarket, stocking the freshest data indexed by “audience” - behavioural interest groups. This data comes from “data providers” - companies who hold data on the behaviours of specific audiences and (are supposed to) have the right to sell it on. They are paid a commission on each sale.
Once you understand this then the lawsuit makes less sense - it’s like suing Safeway because you don’t like the ingredients of Cheez-Its. Now, there’s more to it than that, of course, but “some data providers in the marketplace may have issues” is very different from “Oracle has lawless stack of 5bn of dossiers”.
You're correct that the data comes from data providers. What you may not know is how both Oracle and Salesforce implemented these products: They create a common identifier and copy all the audiences / attributes from the data providers in to the Oracle / Salesforce data cloud.
So they indeed did not collect most of the data themselves (although Oracle owns a few of the biggest data sources...), but they are the ones that have a central database with 5 billion+ identifiers in it and tens of thousands of attributes for each identifier. So they are really not as innocent as you suggest they are.
When someone wants to use the data, that customer pays Oracle. So it's Oracle selling the dataset. That they then pay a fee to some of the data sources really doesn't change that. Especially not since they own several of the data sources themselves.
Yes, that’s right. But because it’s behavioural data for targeting ads, most of it ages-out within 90 days, so it’s a lot more like a product on a supermarket shelf than a “dossier”. Most people aren’t familiar with how ad tech works and so when the first thing they encounter is a gross misrepresentation of what happens then we get knee jerk responses to that instead of a more nuanced reflection on the details.
If a picture of Larry Ellison in front of a thirty foot screen with the title "Oracle Data Cloud: 5 billion consumer profiles in database; largest consumer identity graph in the world" isn't enough evidence that they're storing and providing access to consumer dossiers, then what would be?
Lol, that’s Larry’s marketing material. Database = store shelves. Likewise Safeway has thousands of products on its shelves - they don’t make any of them, not even the ones with their brand on.
Well, no that’s for the court to decide. And it’s a civil suit so no illegality here. This suit takes a very creative interpretation of California privacy law, let’s look at one representative cause for action:
> Oracle also collects minute details about Plaintiffs’ and Class Members’ offline activities, including their brick-and-mortar purchases and location information. By its very nature, Plaintiffs and Class members cannot be aware of or consent to this conduct.
This is exactly what I mean by suing Safeway because of a problem with Cheeze-Its. Aptly in this example the actual entity collecting and selling your data could be a grocery store - That’s who you should sue if you’re bothered by, you know, them selling your data.
This is already deployed. My current employer (at least, my local branch) has some not-mandatory-but-actually-yes-mandatory "training" followed by tests where they do track your eyeball and you are penalised if you look away (they also disallow alt-tabbing, screenshots and many other basic operations). They are losing a lot of people (including me, very soon) and this is one of the main reasons, but I don't think they have any intention to stop, since this shit has probably been decided several levels above the line managers, who are the ones seeing the mess but don't have much decision power about it.
I'd like to think that this insanity will be stopped relatively soon, since tech workers are still in high demand, so people mostly don't put up with this shit. For the vast majority of workers, who don't have that luxury, I don't think they will be able to get rid of this kind of software.
I don't own any kind of mobile device, and many, many times in my life have I gotten the raised eyebrows with a puzzled "you as a computer scientist don't have a phone??". I usually I don't say it out loud but in my head the answer is always "because I am a computer scientist I don't have a phone".
I've often wondered why I'm in such a tiny minority even among my CS peers...
Then again, at least over here in Europe, new cars will mandatorily have tracking devices built in, so perhaps my whole effort was kinda moot to begin with.
OK, so, hypothetically (really, hypothetically), someone caught my eye on the street, so I decided to face recognize them to get their real name and home address, then bought up access to all their credit card statements and their social media friends list. Next, I misrepresented myself to ingratiate myself with their friends, all in order to exploit them financially. I did some other stuff, like track their car, which let me infer all sorts of juicy things about their personal health and private life.
I openly bragged about this on data-broker sites, and shared their info (for money) with people with similar interests. They had different end goals in mind, but I don't know what they were, so that's not on me right?
Anyway, I managed to net $8 for my trouble, but got caught and they successfully sued me.
Should I expect the damages to be more or less than the per-person pay out this lawsuit is likely to generate? How is what Oracle did any different?
I presume iPhones and "regular" Android phones are the main pipes that fill these databases.
It may not be of dire consequence to most of us regular people, but it surprises me that banks, political institutes, corporations, and even governments around the world happily let their people use these phones for work.
- Public records (property records, dmv, etc.)
- Financial institutions/companies (plaid, banks, credit bureau, mortgage providers, reward credit cards, automotive loan providers, etc.)
- Loyalty program (macy/nordstorms, safeway, vons, walgreens, etc.)
- Warranty providers (appliance & car warranty registrations), etc..
People and media get riled up about Google and Facebook but the data that they have on me is pretty coarse and pales in comparison to what DataLogix, which is a company that Oracle acquired, and other companies have been able to build. We are not rational when it comes to these arguments.
That's fair but arguably the value exchange of searching for something and being served ads for that is significantly better than me signing up for a mortgage and now being bombarded by ads for life insurance.
Alternative narrative: Google and Facebook are directly threatening news media while DataLogix isn't and therefore doesn't get the attention that it ought to get.
A lot of applications sell user data. Like menstrual cycle for Flo, seropositive status for Grindr. A lot of apps sell your location data.
Plus there is a very overlooked category of corporate software selling data, like payrolls. This can be used to target you better (eg can you afford that product). Another example is Salesforce selling consumer data to marketing departments: https://www.salesforce.com/products/marketing-cloud/data-sha...
BlueKai/pixel tracking iirc is a core part, the rest of it is stuff like Bluetooth receivers on top of grocery isles while you have your Bluetooth on, etc.
Are we really referring to data records as dossiers now? I think of a dossier as a record of things like suspected infidelity or membership in a dangerous political group. Do credit ratings and purchase history really rate as a dossier?
Based on the information in the article, Oracle profiles provide enough information to uncover infidelity and membership in political groups. In particular, they track purchase history, physical location and online telemetry.
Their marketing information explicitly says they use the above to build social graphs of consumer profiles. You'd have to be pretty paranoid to prevent that from linking you to your hypothetical mistress and militia buddies.
You'd need to not carry a phone, pay with cash, stay masked (that's easy now, I guess) and avoid using a car with a built in cell modem or legible license plates. If Cory Doctorow is to be believed, gait tracking is also a thing now, so rotate through walking with thumb tacks and rocks in one or the other shoe.
Even then, you're still thoroughly in Death Note territory where you'll accidentally feed a few (information theoretic) bits of information to the database every once in a while.
Don't you get it.. the dangerous political group is just normal people..
Haven't you been to an airport? or survived this covid period? The fear is proportional to the advantage.
If there's a 1000$ behind a door that costs 500$ to open then you open it no? Then the people who own everything must raise the price of opening the door or they'll have mutiny on their hands. We've seen the price steadily go up and it's not a coincidence.
Others have said it, but despite all this tracking I rarely see relevant advertising that is even close to targeting me, not on the web, not in my inbox, not on my TV, and not in my mail's box.
I even have my YouTubetv set to allow personalized ads but the inserted Google ads are still just mass market ads for cars, movies, and insurance.
Is that what you say when Dennis Rodman throws Pippen into the stands? This is a thread about a lawsuit after all, the games rules have apparently been violated.
Potential loss of privacy is inherent upon any data driven economy generally or use of centralized database specifically unless there are specific laws in place to guarantee privacy protections that provide a clear path to enforcement with devastating penalties.
You have to incentivize businesses, as data storage entities, by destroying their financial solvency upon the face of privacy violations or privacy will always remain a discarded nuisance much like accessibility.
Apparently some of them see no reason that they should feel shame. See comments on this article from yesterday. A person who used to work at Google in the Adwords group comments extensively on the thread. It was eye opening for me.
Edit: Note, they have edited some of their comments like their previous response to a comment, "Could it be that you can not understand the harms because you actively took part in creating this reality? I know it's condescending, but it's also human nature. Nobody likes to acknowledge he is a part of something harmful, and to deal with this cognitive dissonance we can put on very powerful blinders." where the previous response was "lol (and something the the effect of, no I don't care)".
Hypocritically people bitch about intrusive data collection from governments and yet simultaneously give away the same data, and encourage others to do the same, and more to private companies knowing that data will be weaponized against them. As such it’s almost impossible to take any opinion promoting commercial violations of privacy seriously.
Yeah, wow. That guy is the definition of that Uptain Sinclaire quote, "It is difficult to get a man to understand something, when his salary depends upon his not understanding it!"
I look for Oracle-specific traffic on VB and there's no telemetry or anything like that, which is surprising. I'm more concerned about malware escaping sandboxes when analyzing malware than Oracle spying on me through VB
If privacy is so obviously dead, why stay private? If the battle is You vs Team of Engineers Specifically Trying To Spy On You you are always going to lose. So why even try?
Because I'm mostly winning the battle. These people are reduced to performing facial recognition and plate recognition in-person. No active cell modem in the car, no smartphone, and a free-software-only machine emitting just the bytes required to make this post over onion routing.
Fellow humans, there are alternatives to being tracked via cell phone! Your neck need not be under anyone's boot! You don't even need to give up any functionality:
Data service:
The simplest thing is to buy a prepaid SIM and top it off with cash. The lovely people over at /r/nocontract maintain a big spreadsheet so you can filter by various properties of the available contracts.
Another way to go is to pay for a postpaid plan with a virtual credit card (VCC) like at privacy.com. It won't be linked to your name at the telco, but of course privacy.com knows who you are. There is also Abine Blur, and some others.
Yet a third way to go, which is nascent, is buy an eSIM with crypto. You can also buy prepaid VCCs with crypto.
All these methods make you /pseudo/nymous, but obviously you're still identifiable by subscriber number and possibly IMEI, to put aside correlational things like your traffic profile. You can help this problem by routing everything through a VPN. Then you're pseudonymous but the cell carrier knows nothing about you other than that you use a VPN. Pay for the VPN with crypto. Of course now the VPN provider knows your traffic, but you're much more anonymous to them than you are to a telco. You make your choices. Defense in depth. Etc.
OS:
GrapheneOS: https://grapheneos.org/ Very much like Calyx, but extra-hardened and with no MicroG. No involvement with Google at all by default. You can make a secondary profile in which you install Google Play Services to set up an environment where you can run unprivileged Play services + whatever crapware you need that requires them. Unprivileged here means it's like any other app: if you don't give it access to your location, it won't know where you are. If you end the profile session when you leave, Play Services stops running and stops talking to Google.
CalyxOS: https://calyxos.org/ Privacy-respecting Android distribution that replaces Google spyware with MicroG, so you can have your cake and eat it too. Most everything will work as you're used to, but it does still talk to Google to make that happen.
LineageOS: https://lineageos.org/ The successor to CyanogenMod, will work with many different phones. More privacy and control than stock Android.
There are also many others: Sailfish, Replicant, e
Hardware:
CalyxOS and GrapheneOS run best on Pixel 3, 3a, 3XL, 4, 4a, 4XL, 5, 6, 6a. The path of least resistance is to get one of these phones and run CalyxOS (if there is an app you need to use that needs Google services like Firebase Cloud Messaging...note that many that can use FCM will run fine without), otherwise run GrapheneOS.
I can understand that it sounds like a big deal to you ("...optimize my life..."), but it's a very small change. Once it's set up you won't even think about it, promise.
As for why, it's a good question. I think it's because I don't want to live in a world where it's impossible to do the "wrong" thing, or even think the "wrong" thing. Our legal system has evolved to be effective in a world where it's very hard to observe what people are actually doing or saying, and I fear a quick transition to ubiquitous surveillance will mean rigid enforcement of laws that were never meant to be enforced rigidly. In a world with ubiquitous surveillance, how do you get marijuana or gay sex legalized? How do you change things?
There's also the problem of concentration of power. The surveillance network we've built would be the envy of the Stasi, and we as a species are only just learning what can be done with it. I fear a small group of people will be able to seize and hold on to a lot of power.
So, these are reasons to care. But it doesn't really respond to your point, which is more like: "What's the immediate benefit?". There is one in that it's a great way to subtly signal that you're technologically competent in situations where that's important, but beyond that there probably isn't one. It's just costs. It's costs I gladly pay, though, because I want to raise the likelihood of a better world in the coming years. The present value of that better world over the one where I do nothing makes the investment worth it.
Idealism is a thing. People do things because they believe in them, that the world will be “better”.
You dont have to agree with other opinions but dont call them “incredibly stupid”.
on a related note - I picked up a ten year old Mac laptop here in California, let the Chrome browser update itself so HTTPS will work, did a google search for a research paper PDF, and at the bottom of the search page it clearly said -- CityName,ZipCode based on your last activity. Login (the city and zip where I live and sometimes use a Google chromebook for YouTube)
this older Mac laptop is not a google computer, no google account active, not logged in. That is a profile indicator, adding to my "dossier." How is this OK now?
It seems to me that's pretty much the "current" location, since it's the "last used location to call google", which you just did when you did your search.
If you're using Chrome, you shouldn't be complaining about surveillance. That browser literally identifies everything you do on the internet with a single ID, fed directly to Google. At that point I don't think your IP geolocation is the largest infringement of your personal privacy.
agree - and, the startling part is that I am not signed in to an account.. I "use Chrome" but the behavior and records association is behaving like I am signed into an account
I believe Chrome uses a dark pattern where signing into a Google account also signs you into the Google account in Chrome. One of many reasons not to use it.
When you visit a website it gets your IP address. It can look up a geolocation database to narrow down the IP to a city/region. You can use an anonymous VPN if you want to prevent this.
At first I was happy to see this trending as I thought this was going to talk about what I believe.
What I believe: The reasons humans are the way we are is because of how natural selection favors survival of those who are better at propagating their genes. All other behaviors tie back to that single need. That criteria are the reasons why we don't want to be "turned off" with a switch. A computer does not evolve in the same way; they don't have that same prime directive. The idea that a computer should be asked if it's ok to be turned off is applying aspects of human condition, sentiency, to an entity to which it does not apply.
One can argue that there's no way to prevent the possibility of humans eventually applying such an attribute to an entity that we've created only because that's all we know how to do. In other words, computers won't take over because one day they wake up and become sentient. It will happen because we have decided they should behave exactly as we expect a sentient being ought to behave . Thus, it becomes that way by definition.
This article was disappointing -- it went in an entirely different direction. That the math doesn't add up? Really? You can't figure out the math so it can never be done? Kinda hard to take seriously, tbh.
Time to get the rest of the other Big Tech surveillance machines created by Apple Inc., Meta Platforms Inc., Twitter Inc., Microsoft Corp, Amazon.com Inc., and especially, Alphabet Inc.
To downvoters: So you want more worldwide surveillance from the Big Tech companies then? Do you trust them not to abuse or collect more of your sensitive data like your passwords, phone numbers, location, etc? That includes TikTok's US 'secure cloud provider', Oracle Inc.
Looks like there are lots of users here that are too scared to admit or confess helping the current tech dystopia that they are creating.
This lawsuit can only be a good thing in clamping down on the daily mass surveillance done by these companies.
I work very hard to not let my phone be required for as many transactions as possible, and write my most important and private thoughts by hand on paper instead of in my phone.
People think I'm crazy and paranoid, but their cell phone is probably still tracking me along with store cameras or whatever other BS invasive companies can concoct (less accurately), so at least it's someone else's fault now, rather than being my own.
I'll eagerly look forward to getting my $1.39 from the class action suits once the lawyers all get paid.