There's a micro-industry of journalists who teach users how to express their consent, even if vendors use a dark-pattern privacy UX. If less than 0.01% know to request a non-existent option, more may choose that option once it exists and they have been educated on the benefits. Witness the rise of ad-blocking and past industry attempts like "Do Not Track" and "Do Not Call".
Ad Blocking stops ads from being shoved in your face. There's an obvious and immediate benefit to every user who tries it.
Do Not Call stops annoying phone calls from interrupting you. Again, people demand it, because it makes a real difference in their lives.
Do Not Track, on the other hand, seems to be a total flop. (In FireFox, 8% adoption rate and falling; in other browsers, presumably even worse.) I don't see how you could refer to "the rise of Do Not Track" with a straight face. This is due in large part to the fact that the vast majority of people aren't particularly interested in making the ads they see less relevant and don't really care about whether a website is giving them an anonymous cookie.
There's a long history behind the collective implementation failure of "Do Not Track". The point is that there was stakeholder demand for the feature, even if the demand was to avoid regulation, or even if the implementation was botched.
Which stackholders? I've never seen demand for DNT by the advertisers, it was an initiative by two researchers working for Mozilla and the ACLU, and which was then taken on by the W3C. From what I can tell, the industry mostly ignored it.
"We first met to discuss Do Not Track over 2 years ago. We have now held 10 in-person meetings and 78 conference calls. We have exchanged 7,148 emails. And those boggling figures reflect just the official fora."
From what I can tell, an initiative by some consumer advocates (under the umbrella of the W3C) made enough noise and got a few people from some companies to join a mailing list and do a few conference calls. Most of the major ad companies (Quantcast, KISSMetrics, etc) didn't even join the group. Predictably, since the industry has no interest in advancing the issue, the group died without achieving anything.
TL;DR: It was stressing to have to deal with all the illegal or harmful (for victims) stuff posted on 4chan which people then got angry over that it got removed. Some hackers were looking for his personal information and posting it if they found. The site is also expensive with no profit model. And finally, if something actually did happen to him, there was nobody who could take over. This move put other people in charge. The fappening and gamergate incidents were the straw that broke the camel's back after the most stressful month yet.
I only know about the Netherlands, but European might be similar:
- When an organization collects data about you, they are forced to tell you about it (unless they're police or something I guess) and tell you what they are going to do with it. In Dutch this is called the "Informatieplicht persoonsgegevens".
- Upon reasonable request, an organization must give you all information they can reasonably give you. "Reasonably" means, given a normal amount of effort. If they need to contact the garbage collectors and dig up an old cassette they threw away years ago, that is unreasonable to ask. They may also charge a fee, but the limit is quite low I think.
- You can ask an organization to correct or remove your personally identifiable information if you have a good reason or if they have no reason not to. For example if you ask to remove your IP address from logs and they want to keep it for security purposes for 4 weeks, their argument sounds pretty reasonable (unless you have some better reason).
- They cannot keep personally identifiable information for longer than necessary. For example, log files from the web server may be kept for security purposes, but if you have ten year old log files, that is too long to be reasonable for that purpose and is thus illegal.
One thing I've always wondered about is how applicable this is to foreign organizations with websites accessible from the Netherlands. I've heard some people say that for companies with customers in the Netherlands, Dutch law applies and those customers have the above rights. Nobody seems to comply with that, though. Another thing I've heard is that if they have an office here, that office can be held to our laws. I should look that up some time.
> I mean, I wish I could support all the FOSS I use, but I'd go broke pretty quick. :(
Yeah I seem to have that a lot as well.
What I figured a while ago, in summary, is this: we will always use more than we can contribute back. As a silly example, I am grateful for the invention of the wheel but in no way could I pay someone back (living or dead) for every single thing like that. The important thing is that we do something. Contribute either with time and skill or with money to a few projects you care about and which you feel can actually use your help. That's still tricky, though, I wouldn't know which of the 2100 installed apt-get packages need my support the most, but realizing this (rather than feeling indebted) gives me some peace of mind.
Same of course. Elsewhere in this thread (9 hours before your posts):
> Hi! I shot the video. We had some problems with the mic hookup on stage so I was using a mic all the way back at the camera that wasn't nearly as directional as I hoped. Apologies to everyone's eardrums !
Cool, it works quite well. Get the feeling it's being hammered though, with 500ms GETs in the UK for a Dutch site (would expect 40ms) and 24000ms pageloads (onready; simulated browser; costs quite a few resources). It randomly works well though, giving accurate results I mean. Overall they seem representative.
What I found very interesting is the dns test. My personal blog loads in just over a second in south america (hosted at home in the Netherlands), makes sense. DNS however is as fast in south America as here! I guess someone visited the site and it got cached. Other places, e.g. India, gave normal results (i.e. what you'd expect, limited by the speed of light), no recent visitors there I guess.
> Ads served via a centralized vendor can be blocked trivially, and people are choosing to block them. You can make a whole lot of arguments about ethics, or you can just admit that it's a broken business model.
Uhm, no, you could say that about a million things to dismiss it as unimportant and "just do it".