> First, the right to have personal data minimized. Companies should challenge themselves to strip identifying information from customer data or avoid collecting it in the first place. Second, the right to knowledge—to know what data is being collected and why. Third, the right to access. Companies should make it easy for you to access, correct and delete your personal data. And fourth, the right to data security, without which trust is impossible.
This all sounds nice, but it requires a large level of trust in the companies doing as they say. How do we verify that certain data isn't being collected, that the data I delete is actually forever deleted, and that security standards are up to snuff? The FTC, as he suggests? Now the level of trust shifts to the FTC. How has their track record been? And the consequences of breaking the law, what would they be? As it is, companies engaged in shady practices seem to get less than a slap on the wrist.
Well, not to sound too dour, it is at least sounds like a step in the right direction.
I agree, it does sound like a step in the right direction.
Here’s how I look at the issue you have with trust in companies and regulatory bodies: I cannot imagine a world (inhabited by humans) without bureaucratic inefficiency and corruption inherent to the systems that organize large societies. It's like a law of social thermodynamics. We should continually strive to fight against the chaos and bad behavior, but at some level we have to understand that as long as humans are humans, /those/ efforts (e.g. anti-corruption legislation) will be marred by bureaucracy and corruption (e.g. lobbyists influencing anti-corruption legislation), like a recursive glitch in the matrix. If you can recognize the challenges that introduces, but be at peace with it, you can stay focused on what "steps in the right direction" we can make.
Is this really about privacy? I'm skeptical that Apple doesn't track the hell out of me; I think they just want to sell more phones and don't want others to track us.
Instead, I think this is about asymmetric, non-negotiable contracts. Think about it.
Sure, I "consented" to the Apple EULA just like I "consented" to be tracked by all these websites. This brings up 2 points:
Fairness - Can this really be a fair contract if there is a vast power difference between the parties and a lack of alternatives?
Transparency - details hidden in the fineprint (50 page EULA or on a cookie consent form only available a click away)
I'm not usually one for govt regulation, but that seems the only solution here.
This all sounds nice, but it requires a large level of trust in the companies doing as they say. How do we verify that certain data isn't being collected, that the data I delete is actually forever deleted, and that security standards are up to snuff? The FTC, as he suggests? Now the level of trust shifts to the FTC. How has their track record been? And the consequences of breaking the law, what would they be? As it is, companies engaged in shady practices seem to get less than a slap on the wrist.
Well, not to sound too dour, it is at least sounds like a step in the right direction.