"May"? This is exactly how the January 6th protestors were identified.
I'm no VIP, so its unlikely anyone would stumble across my name. However that typically can't be used as a defense for such a policy.
I suppose it can be used as a defense if you want to claim your device prioritizes privacy and security. Its not a valid defense, but profit doesn't really care about being logically sound.
Tangentially, it's interesting that the US declassifies things and they become publicly available.
Um, "selling"?
That's an, uh, interesting, characterization of what's likely going on.
I'm not sure companies have a lot of choice in what's going to happen to their data here in the US despite what they tell us. (In fact, I'd bet they don't have much of a choice what happens to their data in any country they do business in.) Maybe a few of the hardcore companies take it to court. But, OH! That's right! In the US we've got FISA courts for this kind of thing, so it's illegal for us to know anything about any of that either.
Oh well. Pity that I guess. Carry on citizens. Nothing to see here.
On a serious note, never put anything on the digital record that you would be unwilling to have entered as evidence against you in open court. Full stop. I don't care what assurances you get from companies about security, or privacy, or end to end encryption. You just shouldn't do it.
It helps to think of it this way, if it touches your phone or the internet in any way, it's part of the public record. No matter what app you were using. So be cognizant of that, it can come back to bite you 10 years later in ways you never would have imagined.
It being for sale means anyone can be doing it which might be a framing that would be more alarming to the law-and-order types.
But really you need a two prong solution:
1) restrict this from being collected and compiled in the first place, eliminate the ability to default to this tracking unless someone opts out
2) restrict the government's ability to use or acquire through non-market-based means. The claim here is that there's already restrictions on this vs directly surveiling, but I haven't seen directly which specific restrictions those are for buying off-the-shelf info and the article doesn't specify.
There are very really no companies that I trust to keep my data safe for 10, 20, 50 years. Leadership changes, ownership changes, etc. We have to cut it off at the source.
They will then go all shocked pikachu face then the government assault team in their door step taking them way... how can this bee they were the good ones.. they were on the "right side of history"...
Welcome to the system, everyone's a victim Doesn't matter if you're red or blue it hates you all
As an example, a company called Dataminr sells views of Twitter to a bunch of government entities. Those views include things like fires, flash mobs, explosions, riots, etc.
> In France, the Senate just approved a controversial provision to a justice bill that would allow law enforcement to secretly activate cameras and microphones on a suspect’s devices. This type of surveillance would be activated without notifying the owner of the device. The same provision would also allow agencies easier access to geolocation data to track suspected criminals ... Critics are urging French parliamentarians to dismiss the controversial provisions. And it’s not too late – the update to the bill must still be approved in the National Assembly, the more powerful lower house of the Parliament.
Any startup employees working directly on technology trade secrets or otherwise non-public intellectual property should enable iOS Lockdown Mode.
Thanks to years of invasive online targeting, bulk data breaches and mobile phone network structural insecurity, it has never been cheaper to screen for higher-than-average-value targets with digital assets that can be exfiltrated. Since targeting costs have fallen, it is profitable to target employees below the C-suite, e.g. those in strategic or development roles who routinely need to access sensitive information and digital assets.
This applies to enterprise, mobile and WFH environments, e.g. leveraging mobile phone foothold to reach other devices like a home router.
How about "more alarming to the lawmakers?"
Someone could show that movement info, for example, is available for sale on a legislator. Or a legislator's spouse or child.
Now do you see the problem, oh you who write the laws?
From the conclusion:
U) Third, as part of this set of policies and procedures, and/or as a complement to it, the IC (Intelligence Community) should develop more precise sensitivity and privacy-protecting guidance for CAI (Commercially Available Information). Again, we offer several suggestions for the development of such guidance.
“I’ve been warning for years that if using a credit card to buy an Americans’ personal information voids their Fourth Amendment rights, then traditional checks and balances for government surveillance will crumble,” Ron Wyden, a US senator from Oregon, says.
I continue to try to highlight the degree to which the 2nd ammendmennt is quoted versus the 4th ammendment The 4th being much much more relvent to the current state of affairs.
Surely someone is already doing this? It wouldn't be especially expensive, but even if it were we could probably crowdfund it easily enough.
When both sides really agree on something, it's amazing how fast it gets done. Which, of course, is why there are people trying to hard to keep both sides from ever agreeing.
I guess what I'm saying is, your suggestion would be a good idea, but the security apparatus figured it out before you did a long time ago. See ABSCAM for instance.
The entity that orchestrated that outing, with the accompanying simple purchase of location data, etc. was a Roman Catholic newspaper known for high-quality investigative pieces. https://www.pillarcatholic.com/p/pillar-investigates-usccb-g...
If such incriminating data is so easily procured against just one guy using a gay hookup app, imagine the treasure troves of data that could be wielded against Members of Congress and other people in power. Even in the absence of wrongdoing, I still don't think that public figures would enjoy having the public know their every move, every minute of every day, but the reality is that all the apps they run are phoning home and uploading that data constantly, unceasingly, and it's all for sale.
The data came from Google and included GPS data.
Either way, I don't think that matters. My point is that tech companies store data that can be used to identify everyone present at a specific location and timeframe, and that data is easily available to the government. There's no "may" about it.
If you rent a locker, and the terms of the rental agreement say that the person you're renting from has access to the locker for any reason, then the cops do not need a warrant to ask the lessor to open the locker, only a warrant to coerce the lessor to open the locker.
If the lessor is willing to let anybody take a picture of what is in the locker for $5, then the government doing so isn't abusing its special privilege.
In practice, most people do not understand the ramifications of the things they agreed to that put this data out there (if they even read it!) and in many cases did not have reasonable alternatives to the services that they signed up for.
On the other hand I understand what the post you're replying to is saying, even if it's not said extremely well. There is an enormous online narrative with a lot of money and power behind it trying to normalize the most violent and anti-democratic parts of the right wing of American politics and using that to drive views, clicks, and votes.
I'm normally not someone to clutch pearls and will be the first one to acknowledge that the vast majority of Americans are just decent enough people trying to figure out how to keep fed, healthy, and safe. But the tendency toward fascism in the human animal is something we need vigilance against, as demonstrated over and over again in human history.
The people who attempted to violently attack the seat of democratically elected power in this country were not protestors. There were protestors outside, but the people who crossed the line to breaking and entering, assault, and terrorism were not protestors.
At the same time: I sympathize with LE and intelligence service operators that have their heart in the right place and that would just like to be able to do their jobs in a hostile and hard to navigate digital environment. Tech moves so much faster than they can keep up with.
https://www.dni.gov/files/ODNI/documents/assessments/ODNI-De...
That's why information in government hands can be more dangerous than in corporate. A good example is when Nazis occupied Holland they used governmental data on religion (collected to properly allocate funds for places of worship) to track jews and send them to the camps.
So data in corporate hands is bad, but governmental data can be even worse.
Having data on everyone and then only using it against people they want to use it against is exactly what the Stasi did. Obviously this is their dream come true --just a little to late for them.
Whether my choice of words implied the level of ideological purity that you wished to see has nothing to do with that.
it didn't start at gps data from google... it went from public posts on facebook to the email and phone number account associated with that to the google account associated with that to the gps data associated with the google account. if you show me them using a reach around route to get that gps data and persecute peaceful protestors that haven't been suspected of criminal activity then i do agree it's troubling. if you want me to agree that the government is not within their rights seek evidence via normal, judge approved, subpoenas to investigate/prosecute people storming the capital and doing legitimate crimes then i disagree. you need probable cause and that bar should be fairly high.
J6 was one of the first cases where mass surveillance paired with ad tracking and tower pings were used in combination for mass arrests.
We did not see this when the George Floyd riots occurred Despite the fact federal buildings were attacked yet it was brought out for this. It's very indicative of the existence of a police state that chooses its targets in a politically expedient way.
What we saw the government do and the fact the alleged conspirators have largely not been charged with anything but rather left to rot should terrify anyone. Just because you aren't the target today doesnt mean you won't be tomorrow.
The typical powerful west European countries are corrupt to the core and when people feel we are better off than in the US (self congratulatory posts are common) it's generally lack of political awareness and involvement more than anything.
if your computing devices have cameras and microphones, disconnect them.
do not use credit cards or online payment systems. cash, grass, or ass.
... and they'll still know anything they care to about you; and failing that will make up anything they need, should anyone with access to the levers of power decide that you are a worthy target, for whatever reason.
If you have the wherewithal to protect yourself from the unsavory underworld types who will inevitably come after you for revealing things they'd just as soon keep secret.
There's a reason you only see the government doing this kind of thing.
> investigators obtained GPS and other cell phone records from Google via a search warrant
Search warrants are and remain the correct tool for the government to get this data. What this article is worrying about is the fact that sometimes the government simply purchases this data without any sign off from a judge. That's where constitutional protections are eroded.
Your outrage is misplaced until such time when the government can buy this data from Google without a search warrant.
Freedom of movement, association, speech, religion, bodily autonomy and more... All down the drain.
All you need is a bit of collision between government media and tech and you're golden.
But my point is that the article implies that there's some uncertainty as to whether this data can be used to identify everyone present at a place and time, and there isn't. It has been done before.
Reuters CLEAR has no clear opt out and is being sold as "prevention" (precog). https://legal.thomsonreuters.com/en/products/clear-investiga...
LexisNexis https://optout.lexisnexis.com/
Exactis has no clear opt out. https://www.exactis.com/about-us/
PeekYou https://www.peekyou.com/about/contact/ccpa_optout/do_not_sel...
> Your outrage is misplaced until such time when the government can buy this data from Google without a search warrant.
Whatever outrage you read into my comments, I assure you it's not there. If you're looking for a fight, look elsewhere.
Also, the OP article is about the government doing exactly that. So if I was outraged, it would be well placed, according to you.
I figure either he was shown some very strong and classified evidence that the data the NSA had been collecting was critical to protecting the people even while it violated their constitutional rights and freedoms or else he was shown how much dirt they have on him and his family and he was blackmailed into publicly declaring his love for NSA spying and handing them more tools to collect data while making only a few token changes.
Stronger: this being for sale means that it's already being purchased by someone.
Really the scoop to this piece is just "The CIA engages in open source intelligence", which sort of a "duh" kind of thing. If there's intelligence value in a product on the open market, of course they're going to consider buying it.
If it shouldn't be for sale it shouldn't be for sale. Let's fix that, not try to pretend that we're OK if Putin or Xi buys it but not the CIA.
Just pass privacy rights. Backing into a solution with copyright is unnecessarily messy. Nobody wants to deal with a lifetime of the courts deciding on the status of personal data seized in a bankruptcy proceeding or hypothecated to foreign investors.
That's spot on, and your analogy is a good one, except that in the realm of personal information, no warrant is required in the US.
There is quite a bit of law and numerous court decisions around this process in the US.
That jurisprudence is more generally called the Third-Party Doctrine[0]:
The third-party doctrine is a United States legal doctrine that holds that
people who voluntarily give information to third parties—such as banks, phone
companies, internet service providers (ISPs), and e-mail servers—have "no
reasonable expectation of privacy" in that information. A lack of privacy
protection allows the United States government to obtain information from
third parties without a legal warrant and without otherwise complying with
the Fourth Amendment prohibition against search and seizure without probable
cause and a judicial search warrant.[1]
Edit: To clarify, I disagree with this doctrine and would love to see limitations on data retention periods as well as warrant requirements for access to such data.
If a protest doesn't make the news what's the point?
The kicker in all this is that the taxpayers are literally paying for this. We are paying to give the government our own data.
https://en.wikipedia.org/wiki/Bellingcat
https://www.goodreads.com/book/show/54680228-we-are-bellingc...
You may not have accounts there but rest uneasy that unless your family and friends respect your privacy and right to informed consent, photos of you are getting processed for face recognition and location without you having to do much other than say "queso" for the photos.
The OP article doesn't match the document it describes, which says that the government authorized 5 searches of this data in the past 2.5 years.
The George Floyd protests were far more policed: twenty-five protestors died; around 14k were arrested. [1]
Hard to say any 1/6er suffered a similar fate, despite their significantly more egregious apparent crimes.
The fact that it is currently legal to harvest this data and the fact that it is currently legal for the government to purchase it should have no bearing on whether they should be able to in the future.
Further, there is a serious question with regards to the extent to which these businesses had the actual informed consent of their users. Do people fully understand that their information will be sold to data brokers? Do they understand that the government will be able to purchase said info with our money (and possibly use this information to incarcerate them)? The latter is almost certainly no, which is why the government fought so hard to keep it a secret.
I'm still trying to see a reason why the common man hates that the citizens protest the government, or cares so much for the corrupt elite of either party. The government is not your friend. If the Floyd protests went to Washington it could have been less 1996 and more MLK.
Acquisition of a per-device, client-side signal is orders of magnitude more expensive than bulk purchasing the data of millions of individuals.
True, but it's even worse than that. Many of those who do understand it, simply don't care ("nothing to hide", "nothing to fear", etc.).
The allure of a "free" service that everyone else uses is enough to abandon any expectation of privacy, and consciously come up with arguments that it doesn't matter.
How hard can it be to combine one more database entry into a deanonymisation process?
First, a question: how does the government (or any buyer) determine that the data they are buying is genuine?
Second: Assuming that there's really no good way, then there's something you can do. Somebody could simply run lots of ChatGPT style models to generate a flood of nonsense but plausible-looking data about everyone on the planet. Flood the Internet with it. Compile it into lists and offer them for sale. Cheap!
Once there's so much nonsense data out there, then provenance becomes more valuable. It becomes less useful to just buy random data.
Doesn't solve the actual problem of privacy, but it might help in the short run.
https://en.wikipedia.org/wiki/George_Floyd_protests_in_Washi....
Somehow they managed to avoid breaking into the Capitol building and rifling through the offices of Congresscritters.
Creating tradeable property rights is older than web3. (Web3's innovation was turbocharging securitization by skipping the step of finding something worth securitizing.) The question is whether, and to what extent, we want personal data to be a market good. It currently is.
They're not going through all this effort just to sit on all the data.
Going further, it must be clarified that the whole point of doing things this way is that people do not understand it. The people who want to surveil everyone could either do it illegally and get in trouble, or create an inscrutable bureaucratic system that so sufficiently obscures what they are doing that they get the same results along with a legal cover if they are discovered. If we did have privacy laws that prevented this, they would just collect it illegally. This is absolutely not to say that privacy laws are pointless (they would be helpful) but that we must understand this situation not as an accident, but as the slow creation of a class of people who want to exercise power over us and have been getting their way.
1/6 hurt Trump, and the Floyd riots hurt the BLM cause. If only either of them did something positive with the attention. One affected me and the people around me, the other could have happened on Mars to billionaire reptiles. I couldn't care less for those elites.
> turbocharging securitization by skipping the step of finding something worth securitizing
U.S. v. Miller [1], which established the third-party doctrine, turned on whether "the business records of the banks" to which the defendant could "assert neither ownership nor possession" could be accessed by subpoena versus court-authorized warrant. (The context turns on bank records. Smith v. Maryland [2] expands it to "phone numbers [conveyed] to the telephone company.")
This seems trivially fixable with legislation. Requests made by the government to third parties in respect of specific persons' non-public (even if not strictly confidential) records require court approval or the first party's consent. Also, easier than trying to expand he definition of "houses, papers, and effects" [3] to cover our data in various clouds: defining, in statute, that there is a legitimate and reasonable expectation of privacy in the phone numbers one dials to speak to or message with another person or persons, e-mails one sends to a small group of people, handles one provides a messaging service marketed as encrypted, and articles (e.g. documents, photos and work products) uploaded to a third party's server for personal use.
[1] https://tile.loc.gov/storage-services/service/ll/usrep/usrep...
[2] https://tile.loc.gov/storage-services/service/ll/usrep/usrep...
[3] https://constitution.congress.gov/constitution/amendment-4/
> DIA currently provides funding to another agency that purchases commercially available geolocation metadata aggregated from smartphones. The data DIA receives is global in scope and is not identified as “U.S. location data” or “foreign location data” by the vendor at the time it is provisioned to DIA. DIA processes the location data as it arrives to identify U.S. location data points that it segregates in a separate database. DIA personnel can only query the U.S. location database when authorized through a specific process requiring approval from the Office of General Counsel (OGC), Office of Oversight and Compliance (OOC), and DIA senior leadership. Permission to query the U.S. device location data has been granted five times in the past two-and-a-half years for authorized purposes.
It's worth noting that they do collect the data up front, and only querying it is restricted. But I suppose having to follow due process for that part is better than nothing.
Law says don't collect the data through surveillance. Law doesn't say "don't buy it from people selling it willingly" - probably nobody anticipated that, because... it sounds kinda stupid if you don't know how we got here... yet here we are.
So instead of trying to lawyerball it to make courts declare that it somehow falls under current restrictions, based on intent vs the actual words, we just need to update the damn laws.
Broadly speaking, for a 2A advocate, every 2A conversation is also a conversation about 4A, 1A, 9A, etc. For example, the track record of the government on the Bill of Rights is seen as a rationale for staunchly protecting 2A. And the inverse: they feel the elimination of 2A will only clear the way for the complete disregard of the other Amendments.
Broadly speaking, those opposed to 2A think it highly unlikely that the state would ever side against the people in a "developed" nation in any meaningful way* (in contradiction with not just the history of states across time, but very contemporary examples in other countries).
But as Adam Michnik said, "the crucial distinction between systems...was no longer ideological. The main political difference was between those who did, and those who did not, believe that the citizen could - or should - be the property of the state." This observation from the 80's(?) in Eastern Europe becomes more relevant to the United States as the years go by, it seems. I'm writing this comment in a post about the US government building a massive data warehouse on its citizens, while coming out of the experience of the COVID years and in the context of the expose of the US government using the media corporations for public discourse censorship.
* Yes, I know there are grey areas in the middle and nuances to arguments, principally boiling down to moderation ("we just want common sense regulation"), gaslighting ("nobody wants to take your guns"), and futility ("you need an F-15 not an AR-15 to fight the government"), etc. Again, the comments above are intentionally broad to illustrate the contrast in political philosophy.
But yes, as a strong 2A advocate, I agree that the incursions on the other Amendments need more coverage. I would go so far as to say it's part and parcel to every 2A conversation.
Let me tell you what companies can do: they can make lists and pass it privately around to deny you gainful employment, loans, investment, etc. They can also sell it to the government, subverting privacy and due process rights.
Ownership as a concept doesn't really apply so well to digital things because they are infinitely copy-able. I can have something digital, and you can have it too.
There's certainly a need for better privacy laws which applies to PII but that doesn't really need to be conflated with copyright and ownership.
I don't disagree with your overall point, but the government being allowed to buy this data can create the market for the data in the first place, even if no one else wanted the data.
If you are hiding information that would cause people not to do business with you that is almost fraud.
Just, Devil's Advocate, but, yeah, why can't it be both?
So for example if all data between a user and a service is e2e and also legally considered property of the user then the org can explicitly borrow or buy that data for money from the individual- should they choose.
The user also has the default status of transparency around data collection, No data is stored unless paid for and fails secure.
This is a plausible ethical data centric design.
That's what privacy is missing. But get the right ad agencies on it to put together some good scare campaigns and maybe.
Gmail launched in 2004.
The Patriot act was signed in to law in October 2001.
Bill Binney blew the whistle on illegal NSA mass data collection of email, web browsing, and cell phone records in 2002.
Hard to pinpoint when smartphones became mainstream, though as a point of reference the iPhone was launched in 2007.
So clearly the NSA was trying to do dragnet surveillance of the internet well before gmail or the widespread use of smartphones.
A quote from the Bill Binney wikipedia page: "Binney has also been publicly critical of the NSA for spying on U.S. citizens, saying of its expanded surveillance after the September 11, 2001 attacks that 'it's better than anything that the KGB, the Stasi, or the Gestapo and SS ever had'"
https://en.wikipedia.org/wiki/Gmail
https://en.wikipedia.org/wiki/Patriot_Act
https://en.wikipedia.org/wiki/William_Binney_(intelligence_o...
What you need to do is pick an entity that has the information you desire, and recursively enumerate the graph of all business deals which involve the sale of that information (their downstreams, effectively). After that, you do OSINT to map out all of the employees of every organization that has access to these databases. After you have mapped out these tens of thousands of individuals and their likely social graphs, all you have to do is pay one of them a relatively small sum to do a query on your behalf.
Meh. If that's the case, why bother caring at all? Bring it on!
The first is the automatic civil penalty for copying copyrighted music recordings. If you're caught and proven liable, the dollar amount of damages don't need to be debated -- they're pre-determined.
The second is the concept that mere possession of certain kinds of information (unspeakable pornography) is a criminal offense.
I think some combinations of these concepts could create a bounty system for victims to collect on the abuse of their personal information: 1) Improper possession is inherently illegal. 2) Offer for sale or transfer of the information carries an automatic civil penalty.
And why should they be prevented? If a random stalker can pay for info about you, shouldn't your government be able to? Why cripple the state and enable the creeps?
Profiling has always been interesting to me from a commercial perspective, too. I used to have access to a database that would tell me if a certain sports fan was a gay republican, because the cookie-based mass-site-collection profile-generator needed to be able to tell advertisers what kinds of users they were selling ads to. I thought it was wild that you never needed to create an account for us to mostly-uniquely identify you. And that was 15 years ago.
Don't like it? A small handful of states have data privacy laws now. Tell your reps your state needs one too, and a federal one for good measure.
This won't happen, our security state is built on private surveillance and partnerships between law enforcement and private surveillance companies.
Whether we like it or not, the intelligence and security apparatus feel like we need China-style surveillance, because terrorists/spies/civil unrest/FOMO/etc, and we're getting it one way or another. It's either outright illegal, or legally questionable, for the government to do exactly what the CCP has, but there's the loophole illustrated in the OP. Private companies are allowed to surveil Americans, and they're free to choose whether or not they share the data they collect with law enforcement.
Now we have companies like Amazon partnering with thousands of law enforcement agencies[1] to advertise[2], deploy and monitor Americans via their products like Ring. Amazon is free to share whatever data they collect from you whenever they want[3]. They can share your data with law enforcement without warrants and they don't even have to let you know that they did so[4].
The article in the OP goes into how phone records are being used to track people's locations, as well. As much as I'd like to, I can't see this genie being put back in the bottle.
[1] https://www.theverge.com/2021/1/31/22258856/amazon-ring-part...
[2] https://www.businessinsider.com/amazon-ring-require-police-a...
[3] https://www.cnn.com/2022/07/14/tech/amazon-ring-police-foota...
[4] https://www.wired.com/story/amazon-ring-police-videos-securi...
The cure is simple: software WITH ANYTHING AROUND (toolchains, docs, interfaces for the hw etc) must be open by law. So government in Democracies if Citizens allow that can potentially do something accepted by the majority BUT there are no black box on sale.
Secondly remember a thing: if someone can do something, anyone potentially can, anyone means also the enemy of the one doing something in the first place.
And if this data includes sufficient identifying info, they should be able to identify me as a US citizen. Even phone number would be enough, since I think that and my US social security number are together in various public data breach datasets.
(Yes, my US phone number should be generating foreign location data. I have two eSIMs simultaneously active, one US and one foreign. For odd reasons I don’t think I have proper roaming working for the US number where I am now, but it does work via Wi-Fi calling which does share the country info with the carrier - and I have had international roaming working at other times.)
Why should my SSN indicate citizenship, some might wonder? SSA certainly knows I was granted my SSN years ago as a newborn citizen, and the Department of State knows I hold a current US passport and have never relinquished my US citizenship.
Without said clearance, all they could tell me was they scraped the open internet and built profiles on citizens, and then would surface this info in an easily searchable interface. I declined getting clearance and going deeper than that.
If some random ass company in Cleveland is doing contract work equivalent to the things Snowden exposed, it’s happening everywhere else, and nobody has a damn clue. This was after Snowden exposed Prism.
We’re fucked.
But in all seriousness, you should know it is actually possible to use data towards good aims. Policy makers can use data to produce better answers to questions exploring issues like poverty, disease, crime, financial literacy, etc. Setting up a massive survey is slow and extremely expensive, and that makes it extremely hard to iterate on findings. Getting answers years quicker makes it possible for the government to develop better policies, and that's a good thing. Sure the Nazis were evil, and information enabled the Nazis to be more efficient and effective at implementing evil policies. But an un/less-informed government isn't a goal to strive for. Good government implementing good policies is a goal worth striving for, as there are some problems that can only be addressed at government scale.
Considering I know what kind of data is available, I sincerely doubt this is what is happening. Does that mean, that it's all super evil bad bad stuff, nah, but it is exploitable for evil for sure.
In highly competitive markets people use stupid things to deny people opportunities.
The stuff those profiles, etc include though, and what they try to determine about us citizens... That's for us to never know. Could be, vulnerable subjects for psychological experiments, predictions as to whether someone is a criminal, terrorist, etc, could be blackmail for purposes of gaining leverage, probably all fueled by some janky ass ML algorithms. Who knows, that's the joy of it I guess, we never will.
This is mostly the wrong side of the coin. You have it right.
If you create data anywhere, assume some govt will eventually get a copy
In reality that data will sit there unreviewed in 99.9999% of cases.
Just hope you’re not in that 0.0001%
I believe AI and LLMs will change that, unfortunately.
There were tens of thousands of arrest during BLM. The national guard were sent in. Undercover agents of the government were throwing people into unmarked vehicles. The people at J6 walked home with love and well wishes from the standing president of The United States government. However, they were dumb enough to bring tracking devices and fully document themselves committing treason. That doesn't point to some deep state agenda, it's just plain idiocy.
Joseph Cox’s reporting on the geolocation/tracking shit the US Gov buys up really highlights the direct link between consumer tracking (to sell them shit) and government intrusion into privacy.
Please let me know how to buy bulk consumer data from Google/Microsoft/Apple/Amazon/etc-ad platform.
Ad-Tech isn't the ones selling data; they want to be high up in the value chain. Your ISP/phone company _is_ literally selling your geo-location and data (internet) usage.
The leadership of the PRC with help from sensetime and other industrial leaders have a working and well tested comprehensive domestic individual tracking system in production. It’s been working well over a decade at this point.
I'm not disputing a data broker sells data; I'm claiming that ad-platforms don't.
In general, those companies aren't interested in bundling up data on users and selling it to third parties because the data itself is the nest egg. They go out of their way to, if anything, provide services for anonymous matching of interested parties to users they've collected data on, but not in a way that lets those parties pull the data back out.
I find the motives of adtech darker than those of intelligence, especially when adtech intersects with dark patterns and driving addiction. I’ve seen what this can do to people, especially teens but adults too.
Intelligence at least nominally is supposed to be protecting me. Yes I realize there’s corruption and loose cannon agendas, but those are not its official reason to exist. Adtech on the other hand has the explicit goal of making me addicted, dumb, and poor. The corruption and ill intent isn’t an aberration due to poor oversight. It’s the point of the whole endeavor.
Even worse it targets my kids. Modern parenting is an endless battle to keep the kids out of obvious adtech and social media addiction funnels.
If the intelligence community is trying to buy from adtech, it’s because adtech is actually ahead in these areas. The darkest programs in intelligence history like MKUltra are less effective than what can be achieved with a smart phone, a dopamine loop, cute videos, and notifications.
Unfortunately from what I see in history it's not usually until people are having trouble feeding their families that the people seize power back from government and short of that nothing will change. Ideological movements not related to our Maslow's-hierarchy-of-needs do come up and cause change but they're the exception and I'm not holding my breath.
HN crowd is more enlightened than most and I still see widespread hook-line-and-sinker consumption of 100% corrupt corporate media narratives on here.
Continuing the story, lets say we have a company and I'll make up another name for them: Scroogle. Scroogle operates a popular website and collects your location whenever your phone connects to the website. Scroogle does not sell this data to the USG.
Which company is complicit in the widespread sale of data? Perizon has it's own data ingest system separate from Scroogles. It's always been separate and it's been operating for decades; Scroogle is not complicit in Perizon's decisions.
--
Now, there is certainly an arguement that Scroogle shouldn't collect all the data it does. But lets be calling a Spade a Spade here; Perizon is the company that fits your description.
Some journalist was like, "what happens if I go to [VHS Rental Store] and ask for the list of videos a supreme court nominee rented". And the store gave him the list and he subsequently published it and then congress panicked as they knew their rental history could be next.
[1]: https://en.wikipedia.org/wiki/Video_Privacy_Protection_Act
> I believe AI and LLMs will change that, unfortunately.
Maybe. It'll be a race between one set of AI to generate lots of content, and a different set of AI to analyze it all.
It's not obvious to me that the side doing the analyzing will win out.
I was an early employee at Disqus (YC S07). I helped build its 3rd party commenting plugin, because I had a blog and believed in distributed discussion. I genuinely believe the company did too (the founders, the employees, etc.). But eventually the rubber hits the road, and Disqus was sold years later to Zeta Global [1], a “data-driven marketing company”.
As long as you have a database in the cloud with a non-trivial amount of user data, you don’t really have control over what becomes of it.
[1] https://techcrunch.com/2017/12/05/zeta-global-acquires-comme...
Absolutely absurd statement. Palantir doesn't run concentration camps.
This is America, tons of people are buying ungodly amounts of guns and ammo right now. Only like 0.1% of them will ever shoot up a school (95% of them will just use it on deer and shooting ranges, and 5% will either kill themselves or have it stolen by criminals who will use it for carjackings), and courts will strike down the FBI going after people for buying ammo
Wow, I hadn't heard Google changed their mission statement. /s
How do I know? I briefly worked for a company that enabled this. I didn’t stay.
People -- and I will call out my fellow Americans in this -- don't seem to really care until it directly affects them and in significantly adverse ways. Up until that point, the attitude seems to be "I can still get by" and by the time that's not true, it's generations too late. But, hey, as long as you got yours, why should you care about your neighbor, right?
I think in the public sphere, many don't think of Big Tech as privacy intruders, even with Facebook's public failures, many continue to use their services. I'm not sure if most people care or don't care. But when Apple took the initiative to limit 3rd party cookies by asking it's users directly whether they wanted to allow it or not, the majority chose not to allow it. Which shows people don't want their data to be tracked.
On a related note, I don't think I've ever clicked on a banner ad on a site, or any twitter/youtube ad, etc. There's certainly an element of marketing that's brand awareness. But all the other metrics about click rates, and purchase intent, etc- I have no idea how this all adds up to the massive numbers that Big tech pulls in from ads on the Internet.
https://www.dni.gov/index.php/newsroom/reports-publications/...
Most shooters had mental issues that went ignored or were swept under the rug by the adults that were supposed to help.
> Only like 0.1% of them will ever shoot up a school
This is still at least two orders of magnitude larger than the real number. It's what the people who wants to take legally-owned firearms away want to the public to think.
It smells.
In 1998 I sat in a meeting at the oldest data broker in the country where someone gleefully explained how they could predict menstrual cycles from consumer purchase data and use that for targeted ads optimized weekly for emotional state and all other known personal preferences. This isn't something invented by FB and Google. They're the noobs in this world.
Step 1: become a U.S. Spy Agency.
I have no doubt that out of all the websites in existence some collect your location and sell it to any bidders. My point is that if you focus on the actual ad-platforms the behavior of selling location data is not what they do. If you have a problem with people selling location data you should be focusing on people selling location data and not some nebulous "ad-tech". Perizon does not validate if you're using the location data to catch criminals, sell shoes, or find your wife to beat her to death. Even without "ad-tech" Perizon still has a financial incentive to sell your data.
Feeds into what "system".
Do you really think Google/Amazon/Apple/etc are handing over your Name+Phone number to say Spokeo [1]? I just don't think you get it. Your phone company is the one that is selling your data to anybody not FAANG.
It's easy to say some "ad-tech" are doing X, but actually get a whiteboard out and start with say Google and list what products of theirs collect what data. Then list the process by which say the USG buys its from Google. I'm very interested in what names for the processes are going to be because I really doubt you'll find any for the ad-platforms.
A part of me still routinely wants Jon Stewart to move to Tennessee and run for the Turtle’s Congressional seat, on a platform of veteran and emergency worker welfare if nothing else.
Why not both?
Is Snowden some kind of 4d chess false flag? lol ....
[1]: https://www.theverge.com/2013/10/30/5046958/nsa-secretly-tap...
Which privacy are you talking about. I feel like you have some idea in mind, but that statement can be read numerous ways.
No, adtech has the explicit goal of increasing revenue by increasing impressions on ads. Whether you become addicted, dumb, and/or poor as a result is considered an acceptable risk.
Who already is in that 0.0001% and how have they already been abusing that data?
sure you do, as long as you remain in charge. once you sell it, of course you don't really have control. duh. but to say just because data exists means you can't decide what to do or not to do with it is absurd
True, but it was never this granular on this mass of a scale. I remember joking as a kid about the Nielson families that would kill a TV show because they went out to dinner instead of watching TV that night. The extrapolation that was applied to those kinds of numbers were always ripe for bad interpretation. The same thing can be said about polling numbers. The granularity is what makes modern day "ad tech" or tracking in general so damn dangerous in its accuracy
https://transparencyreport.google.com/user-data/overview?use...
And this is just the stuff they're public about. Also interesting to note that while they classify some of these as "warrants" or whatever else, they don't actually say whether it simply originated from a warrant, or whether they were legally obligated to comply due to the warrant.
Over the years it's been millions of accounts, and the data they gather from those millions of accounts also creates a vivid image of tens or hundreds of millions of other accounts.
Can't get the warrant to get the user data for some given person? No problem, get a reason to have a warrant for all 5,295 people she's ever communicated to over Google services. It effectively services as a warrant for her data specifically at that point.
come now, all of that data is much too big for a zip drive. you'd need a jazz at least
Well, if you don't exactly this happens. But somehow when there is minuscule effort required to keep your freedoms there are always a plenty of people wanting to throw it away instead.
What if I told you that the NSA has been doing that for the last 20 years?[0]
https://en.wikipedia.org/wiki/Social_cycle_theory#:~:text=Po....
The parent comment said “every single person in adtech is complicit”.
Most employees do not possess that level of agency about what happens to their work.
Well, except of course, the US constitution:
The right of the people to be secure in their persons, houses, papers, and effects
Well, except of course, the US constitution:
The right of the people to be secure in their persons, houses, papers, and effects
I agree - faang/etc do not need to sell the data outside their walled garden but there are tons of vendors with sdks in millions of apps and pixels on millions of websites that have considerable location/user data. It’s easy to find how to buy + activate that data which is the point I wanted to make.
> As long as you have a database in the cloud with a non-trivial amount of user data, you don’t really have control over what becomes of it.
Who I work for and what I do is the agency. If I want to better influence what happens to my work, I can make sure my work doesn't have this abuse incentive.
But in practice, almost everyone with these databases with significant amount of data is working for an entity with shareholders and creditors. It's much harder to stay in control forever in that world, especially if your company is not perpetually successful. Companies decline or fold all the time. Then they get sold off.
How much plausible deniability of all of this stuff that can be happily plugged into the Google, etc, APIs and tools should we extend to the big players? I'm sure there are plenty of people at all those companies who know that the data connection integrations they provide aren't only getting first-party, originally-sourced data. Google's ad platform doesn't need to explicitly get their hands dirty tying all the threads together for you or maintain a singular massive database of everything, they just need to supply enough hooks to let all the OTHER companies do it. Which is probably good in that everyone's ad-hoc attempt is probably less-accurate than Google could do on their own... but all that data is still floating around and it all originally got connected to use to target ads in these systems.
EDIT: And if you extend it to the publishing arms (e.g. Youtube or MSN or whatever) than I'd bet many of the big players in ad serving have other departments that are running integrations with some of those data aggregation platforms. They know how the game works for sure.
I have a hunch that we've been giving these agencies too much credit this whole time
Every time there's an unmitigated act of terror makes me think: the intelligence community is either malicious (a crazy rabbit hole to go down) or incompetent
And also there's the problem of searching, like finding a needle in an ocean
In this site there's a trend to treat Europe as a monolithic entity and pretend it's awesome. Any criticism gets taken as "Americuns" being ignorant and europe is awesome.
In reality, I see a lot of unwillingness to accept the political reality and pretend "we are better than USA" via political apathy and coping.
People react negatively when you point out polítical facts they don't want to see. It's easier to look at USA with an air of superiority. This also happens the other way around, of course, but HN demographics make one more typical.
The idea that this data can be collected and kept safe at all is fiction. Even if the legal framework is in place to prohibit selling or misusing it there will always be bad actors and compromised employees willing to subvert any controls you care to implement. Even something as simple as hijacking phone numbers happens at massive scale because both call center and retail cellular employees are so easy to fool or buy off.
FWIW I agree with you on corrupt corporate media. Consolidation has put a vast amount of media in just a few people's hands. Those extremely rich people don't want anyone telling them what to do and have bought a lot of deregulation especially of campaign finance so they can use the purse strings to control policy.
In the US the political parties used to have a tighter reign on things because they were the money funnel and party leaders were at least subject to party elections so at some level politicians who didn't do something to advance the party platform approved by the party's members would lose funding. That whole system has more or less been smashed to pieces. Politicians need to make the supposedly "arm's length" PACs and other groups happy. Groups directly funded by a handful of very rich people. Voters at large and within the party are less and less relevant.
As an example, Apple complied with 90% of government requests for user data: https://www.businessinsider.com/apple-complies-percent-us-go...
The US gov has trampled on essentially every right we were taught about in 4th grade schoolhouse rock. They infiltrated and spied on Muslims in Minnesota [1] and before that had an entire program of spying on any activist at all. Before that they put entire races (Germans and Japanese) in internment camps and SCOTUS said it was fine. Hell, they even bombed people in Philadelphia.
My point is, exploiting the 3rd party doctrine to spy on Americans might be out of step with your conception of America and what you think it should be, but it’s not out of step with the historical reality of America.
[1] https://www.nytimes.com/2021/09/01/magazine/fbi-terrorism-te...
It sounds like you just aren't aware of how deep a rabbit-hole the ad-tech space is. Google gets to be the relatively-clean "platform" at the top, but they don't exist independently of the rest of the industry.
"With thousands of attributes on more than 300 million consumers and 126 million households, ConsumerView data provides a deeper understanding of your customers, resulting in more actionable insights across channels."
https://www.experian.com/assets/dataselect/brochures/consume...
"When a user enters a venue and dwells for at least two minutes, our Pilgrim technology records all of the signals available on the phone. It then matches that person to confirmed signals from our panel of 13 billion in order to register a visit. Utilizing stop detection technology and dwell time is crucial for reporting visits because we are capturing true visits as opposed to someone driving by or sitting in traffic nearby."
https://location.foursquare.com/visits/docs/how-does-visits-...
"Cross-device targeting is a method of advertising where you display ads on various devices belonging to one user from the target audience.
An average user uses the internet on three different devices. They look at their smartphone first thing in the morning, work on their PC, surf the internet on their tablet on their way home, and drift off to sleep with their TV streaming turned on. Imagine that you can display your relevant ad on each of their devices, with your message following the user throughout their day."
https://www.onaudience.com/resources/what-is-cross-device-ta...
... and many many many many many many others.
If you want to be more cynical, how many of those "seizures of power" result in positive change vs neutral or negative? Even setting aside whoever dies in the revolution itself?
I don't trust anyone pushing for revolution vs organized campaigning within the system because of how often it just doesn't work for the better.
Add thicker doors. Remove entrances. Add metal detectors. Guard those doors. It’s not foolproof but if shooters start getting stopped at the entrance maybe kids can stop being slaughtered.
What is US Gov actually going to do with the data? Worse case very small numbers of citizens might be quietly leaned on to stop whatever proscribed behaviours they're engaged in; of the very very few who might continue to persist, I guess they may be dealt with in some other way - terrible of course, but the absolute numbers of these citizens must be small...therefore a price worth paying if everyone else on aggregate has increased security?
Lets not forget that these spy agencies report to democratically elected politicians who are ultimately public servants we can vote out. This is not like one of those authoritarian states
The people being referred to in the above comment aren't people who have thought in any depth about the issue of privacy and the boundaries that should be put in place to prevent abuse of violation of individual privacy and come to a contrary opinion. It's about people who are so completely heads down in their tiny vision of work and life that they've never really thought about the issue and only see things like "individual right to privacy" as annoying roadblocks they have to deal with to do what they're paid to do.
The annoyance and frustration is with the apathy towards and issue, not with contradictory opinions.
People don't study history and so we're doomed to repeat it. The reason why the Nazi holocaust of jews was most effective in the Netherlands is because of how incredible that country's record keeping was. You could argue that the violation of privacy might not be terribly abused today, but the people in charge today won't be in charge forever.
The Government rather not let anybody outside know what their current target group is.
Even the data that is collected by Facebook + Google, are mostly non consensual and we don't know what they do with it. Or it's like the classic gun to your head, to use our "free" services aka, if you don't pay for it, you are the customer.
Supposedly China has ramped up regulations on corporate surveillance recently, implementing new restrictions on data that companies can store. That doesn’t mean the Chinese are free from surveillance.
What protections against mass surveillance does a person in the EU have?
We are reading about this now because of publicly released self reporting, that's oversight!
I agree, but I don't want anyone to think blame should be shared equally (not that I think you were suggesting this, but that others could interpret it this way). I also don't think that being complicit in an act equates to sharing blame. There is accountable complacency and unaccountable. This is more why it is important to think about how our work can be abused. It always will be abused, and you'll never be able to figure out all the creative ways that they can be. But that doesn't mean you shouldn't try. Intentional ignorance is accountable complacency. Everything is on a spectrum: complacency, blame, abuse, ignorance, etc. We do need to be careful in how we discretize the bins, and make sure we don't binarize. There's unwilling and unwitting complacency, and that should be accounted for. A lot does matter about how much control you have, as you said. But I also think recognition matters: if you realize that the tool will/is being abused then complacency is more explicit/accountable.
Things are easy to see post hoc, and we can always think "what if." I hope that, given what you wrote, you don't blame yourself. But now you, and others, have better tools to predict potential abuse. After all, the road to hell is paved with good intentions (the road to heaven is paved of the same stuff, which is why it is hard to distinguish).
The US?
Anyone who has worked with the IC knows that USPER data is highly controlled and targeting citizens requires layers upon layers of approvals and reviews. They collect every bit of data because having it and not needing it is obviously better than needing it and not having it.
Think of it this way: there is probably tons of data your employer has that you don't have access to. But just because HR has a record of how much they pay the receptionist doesn't imply everyone in the company is digging around in that data.
Fortifying schools. OMG.
Where is this coming from? Where's it going?
I think this goes in both directions. That some believe that America's exceptionalism is in non-spying (as you suggest) as well as the exceptionalism is that America does unprecedented spying on its citizens. I think that we let one of these two sides dominate the general conversations obfuscate the reality. People pro America will point to China, Russia, or any common "bad guys." Anti-America will point to abuses by America. The problem is that both evidences are valid, but that we binarize the situation. There's different levels of intrusiveness and abuse.
I say this because it all this makes your comment difficult to interpret. Our comments aren't books and often aren't monolithic. So it is difficult to tell if you are just pointing out issues that America has, which is in line with the article, or if you are specifically giving others a pass because "everyone else does it." Different readers have different priors and with a comment like this I think we'll see many different (and reasonable) interpretations.
Fwiw, I don't think many on the left or right (excluding the tails) would be happy about the government spying on its own citizens. I'm afraid we pick cases that fit our narrative for abuse and let others slide because they fit our narrative for justification. Not that this is particularly unique, but does make resolving the issues more convoluted than we give them credit for.
As for American exceptionalism, I'd say that at least one thing is clear: America's problems are more well known than that of other countries. The great American past time is criticizing America. The size economic dominance, and military dominance also makes these issues globally known[0]. Size is often a good reason to take focus, as big players often set the stage and standards. Other countries may be more transparent about their transgressions, but they may not easily permeate through their borders. So I think it is exceptional that America's transgressions are more apparent.
--- To the main point ---
I think that in a spectrum, that surveillance capitalism is better than explicit state surveillance programs, but I think both are unacceptable. I'd argue that surveillance capitalism even has bad consequences for your own country, as it means that adversaries can buy the same data that your own government can. That this can create more chaos as the information has utility to both sides. It is unclear if this chaos is better than a single actor with a clear and significant power/information imbalance, but I think it might be.
[0] As an example, since you brought up Japanese internment camps (by America) but I don't think many realize that similar internment camps existed in the UK, Australia, Canada and many other countries. Many with even higher percentages of Japanese interned than in America, though not in raw numbers. Similarly many Axis powers had internment camps and Ally powers had camps for Germans and Italians, who were generally interned at a lower rate (but in some countries these had a higher rate of longer established residency. So it's complicated). This is clearly not an excuse of the internment camps (I'm explicitly calling these transgressions) but rather an example that the American transgressions are more well known. I think nearly every American is aware of the atrocities of our Japanese internment camps as well as many non-Americans, but I do not think either group is well aware of the other camps. But it is also perfectly reasonable that this is the case.
there's a lot more to having start up culture than getting investment daddies.
This applies to all US citizens - they are not secure either.
This has been the case, increasingly so, for my entire life and has driven my passion to join this industry to fix this insecurity which can technically be fixed, but the model is off where TPMs instead treat the device owner as the "untrusted" party.
So.... now what?
Absent this, one of three conditions exist:
1. There is no monopoly. In which case violence is widespread, and there is no state.
2. There is no legitimacy. In which case violence is capricious.
3. Some non-state power or agent assumes the monopoly on legitimate violence. In which case it becomes, by definition The State.
The state's claim is to legitimacy. A capricious exercise would be an abrogation of legitimacy
Weber, Max (1978). Roth, Guenther; Wittich, Claus (eds.). Economy and Society. Berkeley: U. California Press. p. 54.
<https://archive.org/details/economysociety00webe/page/54/mod...>
There's an excellent explanation of the common misunderstanding in this episode of the Talking Politics podcast: <https://play.acast.com/s/history-of-ideas/weberonleadership>
The misleading and abbreviated form that's frequently found online seems to have originated with Rothbard in the 1960s, and was further popularised by Nozick in the 1970s. It's now falsely accepted as a truth when in fact it is a gross misrepresentation and obscures the core principles Weber advanced.
In your comment, what you confuse is capacity for violence (inherent in all actors, state, individual, corporate, or non-governmental institutional, with numerous extant examples of each) with the Weberian definition of a monopoly on the legitimate claim to violence. In practice, enacting violence on virtually any actor will engender some counterveiling response, though the effectiveness will vary greatly depending on the comparative power and/or disinhibition of the entity responding.
There are numerous examples of private corporations or non-governmental actors engaging in violence, with or without state support or sanction. There are the 100 million souls lost, respectively, to the British East India Company's occupation and administration (as a private entity, with military powers) of India, of the transatlantic slave trade by numerous private commercial operators, and of the genocide against the indigenous populations of the Americas, again much by privately-chartered corporations (as the original British colonies were). There are extant mercenary forces such as Constellis (formerly Academi, formerly Xe, formerly Blackwater) in the US, or the Wagner Group presently transacting genocide in Ukraine. There are oil companies who have initiated coups, paramilitary actions, and assassinations throughout the world. There is the Pinkerton Agency, still extant, and with a storied role in violence against labour and civil rights movements. There are railroads, with their own (private) police forces, which are in fact registered as law enforcement despite being nongovernmental.
The truth is that there is no clean distinction between State and Private use of force, lethal or otherwise. What there is in government is, one hopes, legitimacy and accountability to the citizenry rather than to creditors and investors.
If we have no problem with privacy, it shouldn't be illegal to wear a mask in public.
We haven’t reached the pinnacle of surveillance capitalism yet either. Very soon every customer will be profiled instantly as they enter the store based on facial recognition systems. Treating people differently based on protected characteristics is illegal, but remembering that they were kicked out of a club in LA to deny them services or jobs in NYC a decade later is not. These blacklist systems can be used to deny basic services even if you’re not in prison, have no transparency, and no accountability. And unlike government there is little recourse. You can’t vote on the decisions of Mastercard or Chase.
It is almost as if that is an acceptable price to pay, to some. For what,exactly?
You can’t win 100% of the time, so you’ll miss some and people will be rightfully mad you missed
You also can’t talk about most wins or - more frequently - events prevented/mitigated
Finally, it only takes a few bad actors in the govt to destroy long term public trust and we’ve had decades of lackluster at best leadership
So add all that up and there’s never going to be positive news about the IC
1. Nature of Trust: I think depending on how much you trust your government that views on state surveillance are going to change and similarly how you trust corporations. We should definitely acknowledge this because it plays a major factor. I believe your stance is from that of trust for government but distrust of corporations. Personally I distrust both (American). The two slight advantages I see to surveillance capitalism are that the collected data is distributed and that it is easier to poison the well. In the competitive corporate setting they _tend_ to not sell the data but rather access to the tools to process the data. (To be clear, both forms exist) If the data could be bought then it gives their competition advantages. So there's a weird incentive to keep that data locked tight (think Google & Facebook as opposed to Equifax). The hope is that no single entity can collect enough information. As for poisoning the well, I'd assume that this would almost always be illegal for a state surveillance program but difficult to sue in a corporate setting. I believe that it is also easier to fine or punish a single actor in the state case -- especially since they need to set examples -- while a corporate case they will likely not pursue as this is expensive unless you create and distribute tools. But maybe that's a bad assumption.
2. Abuse potential: This is the argument that I think privacy maximizers focus on and do not budge or even recognize the usefulness of surveillance (you got to understand if you want to prevent it). Personally I see democracies as perpetual balancing acts and naturally unstable. But that the benefits outweigh the costs. The issue, often called 'Turnkey Tyranny", is that a single bad actor can be democratically elected and then abuse that power (we've heard this, I'll move on in a sec). We don't have to point to Hitler, but we can even point to the abuse that the parent discussed with respect to the Patriot Act which we saw used and arguably abused under the Bush, Obama, and Trump administrations. Surveillance creep seems more pervasive within a government system, to me, as what I've seen is that once something is in place it is hard to remove. On the other hand, in a corporate setting you can move a lot faster. For example, Apple and WhatsApp/Facebook are both on privacy kicks, promoting their encryption. We all know that there's still collection, but the positioning themselves as privacy preserving has kicked off a competition in the other direction while we haven't seen such a movement in the US government (personally I wouldn't say GDPR is strong and that the EU articles are easily circumvented). That's a clear double edged sword but does feel like it can respond to user sentiment faster (one of the big differences in capitalism vs communism is market response and I see corollaries here). On the other hand I've continuously seen my government try to remove encryption and even attempt to hid it under the guise of universally hated things (child porn and terrorism). Essentially I see laws/regulations as more sticky than corporate decisions. Combine that with the above hope for distribution, I think there is less potential for abuse. The final factor we need to include is that a state can do more harm to a citizen than a corporate entity can.
For your specific cases about a bike being stolen or the common one about the feeling of safety walking down the street, especially at night, I think there are other correlating factors that we can't ignore. While we see examples of bikes being returned and bad guys quickly caught I'm not convinced these are statistically higher or primarily dependent on the surveillance itself. Perception obviously plays a role: perception of risk to commit crime as well as perception of likelihood of victimization. One of the most interesting statistics I see (I probably spend an unhealthy amount of time thinking about these numbers lol) is that Americans perceive crime as increasing year over year while there is a dramatic trend downwards[0,1,2,3]. Though I'll be honest in that [0] notes that less than half of crimes are reporter of solved, but the lowest rates are with sexual violence and we have been seeing a steady increase in reporting (likely related to MeToo and other such movements). But I also am having trouble finding estimates of under-reporting for other countries so this might be related to my original comment about America's failures being more in the open or possibly bad googling. I can at least state that from personal experience I have little fear in leaving my door unlocked and often friends comment at how crazy and careless I am but despite having lived in areas with perceived high crime rates (I look them up) I have yet to have had anything taken from my household. I will say that bike theft is common in my area, but the homeless rate is high and that's an easy to pawn item and probably a better indicator of a different problem (a confounding variable) than actual safety (which I'm mostly thinking is violent crime).
Sorry for the wall. I hope I didn't repeat too much that is argued to oblivion.
[0] https://www.pewresearch.org/short-reads/2020/11/20/facts-abo...
[1] https://news.gallup.com/poll/1603/crime.aspx
[2] https://www.pewresearch.org/short-reads/2022/10/31/violent-c...
[3] https://news.gallup.com/poll/404048/record-high-perceive-loc...
I’ve lived in the US for a good amount of time, and have lived in Singapore and China for extended periods. My perception of both Singapore and China are that they are extremely safe. On top of that, the government of Singapore is functional and accessible in ways Americans are unfamiliar with (leading to further distrust of government). Singapore also has a reputation for being extremely non-corrupt. Both the US and China have a good deal of corruption but of different kinds. There was a great Freakonomics episode on this.
With respect to trusting government vs corporate power, we can only trust corporations to do one thing: maximize profit. Their interests only happen to align with ours to a first order approximation.
I definitely agree with the sentiment around what we can trust corporations to do. I feel that my main issue is that we can't trust governments to do anything. So that at least decreases entropy? The multi-agent part seems to help too, but this is also a simple model. Maybe my views would be different if I had similar lived experiences. I did enjoy that Freakanomics episode.
Mostly my belief is that things are complicated and people tend to oversimplify and that oversimplification leads to obscurification, which leads to substantial power imbalances. Which I a part I differ from many is that this can be done without directed action and that players that benefit don't need to actively collude (aka: no conspiracies required).
That data center isn’t there because they ran out of space for CDRs.
Make it a huge PITA to keep this kind of data in the first place.
If everyone nationally submits a FOIA record to every agency which might be keeping data on them, it quickly will become un-economical to keep data on anyone but persons of interest.
For people who are targeted or in risk of being targeted by three letter agencies, it’s a different story.
It’s so easy for any three letter agency to install a mole or buy someone in those open-source projects like GrapheneOS, for example to publish compromised binaries. The best option is always to not use anything connected to the cell (GSM, 4G, 5G etc.) network and carry all comms encrypted over internet, with pre-exchanged secret keys and preferably over a network like I2P and over public Wi-Fis. You can use I2P outproxies to connect to visible (normal) internet. I do NOT recommend Tor, there were reports of Tor being compromised and it’s too suspiciously popular to be trustable IMHO. Pay attention to CCTV cameras as well, don’t sit in a mall to connect its public Wi-Fi. All these things obviously introduce a lot of friction to your communications, but if you are such a high-value person you should have set up your network of people accordingly beforehand as well, to relay messages and such. QubesOS is a good OS for such people. If you have the means, custom device solutions to communicate over radio with encryption is by far the best option you can have, especially for receiving critical comms on time. This only leaves the risk of triangulation when you transmit, but you must be a really high value target for this to happen. And you can always still use internet as I described to transmit.
Don’t ask how I know all this.
It is an acceptable price for some people. You just have to look at the sheer number of shootings. We have more mass shootings than calendar days in a year in the US. This is normal. This is how things should be.
>For what,exactly?
The right to keep whatever guns they want in whatever quantity. They value that more than actual humans. But given which crowd is noisier about their gun enthusiasm and fascist tendencies of dehumanizing everyone who isn't WASP, that shouldn't come as a surprise.