> gets more than 1 million installs, or a website with more than 1 million users,
Incorrect, that would only be true if they collected and stored personal info on their users. Hopefully we see more apps and websites stop collecting this info, or a minimum started purging the data (i.e if you visited a site 1 time 5 years go they should not still have your data but many do)
> (12) PERSONAL INFORMATION.
—The term 6 ‘‘personal information’’ means any information,
re-gardless of how the information is collected, in-ferred,
or obtained that is reasonably linkable to a
specific consumer or consumer device.
So if you use an email address for your users to log in, or even a username, you are collecting personal information based on the vague nomenclature of this law. Device IDs might be the case too (though I think Apple at least now gives a per-app id, which means it can't be linked to external sources much now iirc).
That's analogous to a construction already in place in California privacy law, which is more prescriptive and onerous than this law is, so it's hard to make the argument that this federal act would wreck the startup ecosystem.
You are posting like this is a bad thing, I think it is great, companies need to be held accountable for gobbling up personal data, and should be discouraged from collecting anything including email addresses, I get enough spam thank you.
A lot of people can be tracked down by their online aliases unless the person has gone through a lot of work to make sure they keep their aliases separate (which isn't as easy as it sounds). That means that by definition most aliases and usernames can be googled to find a specific person and thus would fall under personal information according to the law.
You think email addresses are bad but the masses hate having to remember usernames. Emails aren't used for logins because of marketing (all those systems already had email verification in addition to usernames, thus email was required). Furthermore, without an email it becomes impossible to recover your account if you forget your password. If the app has no personal information and email and you forget your password (which most general users do) then it's impossible to recover your account.
So this law isn't going to discourage companies from collecting your email address, it just has the potential to add burdens to companies that end up with 1 million signups (even for a free website).
You have said alot of words none of which changes my opinion.
Using email as either Verification or Username has always been a lazy and insecure and should stop.
If normies can not recover their candy crush account and need to sign up for a new one in order to protect privacy i am find with that if companies like King stop collecting data
I am security and privacy first, convenience and "free" are about 1000000000000000 on my list of importance. If a lot of free sites die that is price we pay for better data security and privacy. i am fine with that.
This has nothing to do with me... if more people would like me Facebook, Twitter, etc would not exist at all, and Google would have a massively different business model more like when they started then what they have become.
I do however want ownership over my data, and the right to demand these companies tell me what they collect on me (often with out my permission see Facebooks Shadow Profiles on people that do not have accounts) and right to demand they delete said data.
If you don't put the information out there, then they won't have it. It's a simple cause and effect relationship. Not giving up this information will likely cause you to not be able to use some services, however you have no inherent right to access services run by private parties. They are offered to you under certain conditions, and if you choose not to comply with those conditions, you are free to not use the service. With regard to "shadow profiles," simply use incognito mode if you are this worried about it.
Let's be clear that this law won't pass, certainly not as it is written. In the US, it's perfectly legal for websites to track your behavior. Should you object to this, you have a simple remedy: use incognito mode.
Incorrect, that would only be true if they collected and stored personal info on their users. Hopefully we see more apps and websites stop collecting this info, or a minimum started purging the data (i.e if you visited a site 1 time 5 years go they should not still have your data but many do)