I used to have a large online presence pre-Snowden leaks and was signed up to hundreds of services, some even in my legal name. Gradually I attempted to 'go dark' and delete all those accounts, which was tedious, but worth it.
There's two extremes to being online: you can wear your heart on your shirt sleeve and post under your legal name, and share details about your private life, or you can be a ghost and leave no traces, or at least minimize your footprint.
There is this thing: some people are just so famous online, that reverting back to some private mode is nearly impossible for them. They're so out there and involved with so many services, that 'going dark' for them would be very difficult, but there are steps you can take to minimize your footprint. It's not too late to take those initial steps.
I encourage everyone to attempt to 'go dark' gradually and make it very expensive for people to dox you. If you turn it into a game, it's even better. I said it was tedious, but honestly I kind of like becoming a ghost. I'm so opaque to big tech now, that it must really piss them off, including dragnet surveillance.
It's not a life for everyone however, and sometimes I have to participate in big tech like using my smartphone to do online banking, or buying something on Amazon, but 99% of my activities online are all more-or-less anonymous and private now, and I'm happy with that.
I think there's an accessible middle ground for most people.
My first suggestion would be to get every account in a password manager like 1Password. In addition to the obvious security benefits, this creates a record of where all your accounts are. For the average person it'll take time for them to remember everything (and they'll realize ones they forgot) - having a place for it all to get documented is the first step.
Once you have that, the next step is to go through every account and close the ones you don't need. After that, go into the ones you do need and modify the settings to disable as much of the tracking as possible.
I'd also suggest people sign up for deleteme: https://joindeleteme.com/ since these public data collectors can't be stopped without continued effort and I don't think there will be laws to stop them anytime soon.
For more technical users, I'd suggest they get their own domain and use fastmail with aliased emails for each account - but realistically regular people will not do that.
There are also advantages to having a public presence online (both professional and personal) - the issue isn't so much that you need to be 100% dark, it's that your public presence should be under your own control. One of the reasons I'm excited about Urbit is because it has the potential to give this control back in a way that could actually work.
I think culturally we also need to be more understanding of people making mistakes as the grow up and saying stupid things as they learn, but that's somewhat of an orthogonal issue so I'll leave it there.
DeleteMe's privacy policy and terms of service (both at https://joindeleteme.com/legal/ ) don't seem very reasonable for a company that claims to be in the service of privacy. The website asks for all sorts of personal information at signup and stores it all for use later, with no real promises that they won't do something malicious. (Although the privacy policy currently says they won't sell your data right back to Google, they also retain the right to change the policy at any time for any reason...)
They need that information to actually carry out the service you're requesting of them (namely going around to all these shitty data brokers and going through their intentionally arduous processes to request removal).
In order to do that they need to know the info to query against and remove.
I can understand why someone wouldn't want to do that, but of the available options for this kind of thing I thought it was the best one.
> I think there's an accessible middle ground for most people.
It doesn't even need to be a middle ground. Even the least effort is
enough.
Think about smoking, drinking and other risky behaviour.
I make a similar plea and argument in Digital Vegan [1] as is made in
the blog post. Like plenty of other thinkers now (Newport, Doctorow,
Kingsnorth, Vaidhyanathan, Kardaras, Tufekci, Rushkoff, Lanier, Véliz
and Oddell) I framed surveillance capitalism, social media and
smartphone addiction as a public health issue. This is now the
dominant emerging frame.
People who use drugs and alcohol use the same sunk-cost fallacy:
"Hey, I've been doing this for years now, what's the point in
quitting?"
The point is that ANY reduction offers an immediate health benefit.
You don't have to become an Olympic athlete to eat a little healthier
and exercise a tiny bit more.
By the same token, any improvement to your digital lifestyle is worth
making - whether that's refusing to give personal data, not
participating in the "cashless" society, buying quality, durable
digital goods that reduce e-waste, getting a dumb phone or quitting
social media... they all count.
That's why I think the diet metaphor is very powerful.
> any improvement to your digital lifestyle is worth making
>> Are they, though?
Yes
>> What tangible benefit does one actually get from refusing to give
out personal data one doesn't care about?
Being loved and respected, and more successful in life. People who
care about themselves are generally better liked and so gain social
advantages. Self-care does not mean being selfish. If you treat
yourself like someone you are responsible for, others see that you are
the kind of person who can care for them too.
You should care about every part of your person, including your data,
as if it were your literal personal hygiene.
My biggest source of "being exposed" has been due to the car I drive being unique, which in turn causes people to post pictures of it online, where corrupt local cops who are part of those forums end up posting my name and address online for people to stalk or try to steal the car/rob me/whatever. Do you have any tips for combating this besides getting rid of the car entirely? Keep in mind the operators of these forums do not care who their users dox, and always win any lawsuits/DMCA/etc filed against them (similar to kiwifarms).
Honestly, move and consider getting a new rig. Unless your story gets traction with nationwide news or you get the governor's attention, these guys act with impunity.
Out of curiosity...are you displaying a "Fuck the Police" kind of message, or do you have a bunch of aftermarket parts that makes you distinctive?
I think there's a big difference between what you choose to share about yourself and what gets taken from you without your knowledge and/or permission. You don't have to "go dark" to remain private. The problem is the massive dragnet of data collection that happens behind our backs!
Could you offer any practical specific tips for going dark as thoroughly as you describe, or guides that you especially recommend? Honestly curious. It's not difficult to find advice for digital privacy online, but finding advice that's genuinely good and useful can be trickier.
I feel that using a password manager makes it easier. Although, it definitely took some time back when I started using one to dig through the services I had registered for from my emails.
This is a cool article. I like the narrative of "Change to a life where you are in control of your direction."
I am probably the most privacy conscious person of my friends (not that I do a particularly good job of it), so I spent lots of time thinking about how to communicate about privacy in a way that is effective. [We're all mid-twenties, for context.] The main issue, I find, is that people just mostly don't care.
That being said, most of my friends do relate (and dislike) the loss of agency that comes with giving your brain to an algorithmic feed that decides what you eat. The narrative of "control your life and decisions" would be an effective piece of rhetoric, I think!
The other argument I've found really effective is one that convinced me after reading Edward Snowden's memoir Permanent Record. A sketch of the point:
Person 1: privacy matters.
Person 2: I don't care about privacy, because I don't have anything to hide.
Person 1: Historically, the folks who were hurt because of a lack of privacy weren't us (young professionals), but rather the civil rights movement in the 1960s and the Vietnam anti-war movement, etc. Privacy is about protecting those people who the government/institutions/etc already squash down.
It's an argument that comes from Permanent Record, pretty much, and I think for me it is the most compelling reason that I care about privacy! Not as much for myself (although that's nice), but mostly for the people that privacy protects who really need it.
In my experience, it goes over very well, as people can see that privacy isn't just about doomsday preppers not wanting anyone to know where they bury their gold, but rather about protecting those people who need/deserve/would benefit from protection!
P.S. I'd recommend reading Permanent Record. I was only 15 or so when all that stuff went down, and really didn't know anything about it except "Snowden good or bad idk," but the book is a fantastically interesting and well-written story. I think he's kinda awesome.
> Ignoring our own privacy, shouldn't we protect those people who the government/institutions/etc already squash down?
And this should resonate even among the individualistic and self-interested who might believe they're unaffected, as those who aren't "squashed down" right now would be wise to not get caught in the thinking that the set of people affected today by certain state, corporate and institutional actions is immutable. "They would never do it to us" (along with the often heard "it could never happen here") is one of the most dangerous ways of discounting problems affecting "others" in the present. When you see people, either as individuals or as groups, being treated a certain way by those with greater power, remember that this could just as easily also be you in the future.
It resonates with that crowd to a point. They don’t like it when it functions to protect people they don’t consider part of their tribe. Basically, it only resonates if it protects them, and they’re happy to sacrifice that if it means “the other guy” didn’t get anything. It’s hard to discuss mutual benefit with a group that believes everything is zero-sum.
> the folks who were hurt because of a lack of privacy weren't us (young professionals), but rather the civil rights movement in the 1960s and the Vietnam anti-war movement
In the second world war, the germans went into the municipal buildings, raided the census data and eliminated everyone who wrote the "wrong" religion in the census data.
I think this is why Europeans care more about privacy than Americans. It's not only about why it should matter, but also it shouldn't be weaponized.
(Don't take this seriously): Suppose your country was under attack and foreign troops invaded. They take you and say: "Well, well, it seems you're a javascript programmer according to your linkedin profile... We don't like javascript"
That was WWII, privacy is also weaponized today. Rogue regimes will use whatever is put online to harass or even assassinate people in other countries.
>Person 2: I don't care about privacy, because I don't have anything to hide.
Because of this person's lack of caring, they don't realize that it's not just their privacy that they are sacrificing. By sharing their contacts, they just gave up all of the privacy of those people as well without so much as a hesitation of thought. The person who does care about privacy has 0 chance because of the careless actions of others.
This is why I never give permission to apps to access my contacts. I wish Apple would have better protections than just a simple permission ask, when once granted, apps can do whatever they want with all of that data.
It's what I hate about whatsapp, I have to use it so I have it installed on my phone but I have to jump through so many hoops to properly isolate it from my contacts.
Unfortunately, I can't not have it, it's too entrenched because most people do not care about privacy.
I don't think everyone changes as fast as the data can get stale. Humans are both creatures of habit and agents of change. For the former, this data is still relevant and ads can do their jobs. For the latter, the data is stale and ads do not convert. Age may be a huge factor here.
I do believe in data privacy. Mostly from the lens of not living in a future world where data removes an individual's critical thinking ability and engagement of new experiences. This is already pretty true in corporate america & reliance on technology like map apps instead of getting lost like the article mentions.
For ads, I think we have to accept the reality of the world such as Jerry Mander did in 1978:
“If you accept the existence of advertising, you accept a system designed to persuade and to dominate minds by interfering in people's thinking patterns. You also accept that the system will be used by the sorts of people who like to influence people and are good at it. No person who did not wish to dominate others would choose to use advertising, or choosing it, succeed in it. So the basic nature of advertising and all technologies created to serve it will be consistent with this purpose, will encourage this behaviour in society, and will tend to push social evolution in this direction.” - Four Arguments for the Elimination of Television by Jerry Mander
Co founder of deleteme here. Ama. Fyi to the thread posters, Deleteme removes customer data by default after 6 months. Happy to hear views on what we could do better and examples of companies operating to high standards as well. Thx!
Life is an iterated game. I can see an appeal in living in a video-game kind of world where your counterparty to each interaction treats it as fresh, doesn't even really have an interior experience while it's happening, and forgets it immediately after. I can also see downsides. But that's besides the point. We don't live in that world. In our universe, interaction is a two way street. Both parties to an interaction have an interior experience of it, and that experience contributes to memory (both literal records and subtle formation of impressions/intuitions), and those memories shape the next experience.
The framings "your privacy," "your data," "stealing" are interesting and provocative in some cases but I see the more extreme forms of this as pining for a world in which you are the only stateful or intelligent agent. We have never lived in that world, and I don't share your conviction that we obviously or morally ought to.
I have much less of an issue when a company runs analytics on the information gained from each time I order from them. It's when they continue to follow you across the internet to keep tabs on you when you are not using their site. It's not much different than having someone like a private investigator shadow you every where you go in real life taking detailed notes. You don't know who's paying the PI, you don't know to what purpose they are investigating, but there's just nothing you can do about. Only the internet tracking continues to follow in places where the PI can't go. It's just flat out creepy
HN itself is one such black-hole of data permanentness.
They do not support deletion of your data, modifying of your data after 1h, and are what I would describe as a data-tarpit. Nor do they support any of the European privacy directives.
Sure, they're in the US, but they should definitely be forward-thinking about this stuff - The writing's on the wall.
It's why I create junk accounts and abandon them after a bit. Then again, this too is the endemic problem with how silicon valley is run.
We try not to delete entire account histories because that would gut the threads the account had participated in. However, we care about protecting individual users and take care of privacy requests every day, so if we can help, please email hn@ycombinator.com. We don't want anyone to get in trouble from anything they posted to HN.
This has the same energy as "Click here to create account, but do a whole bunch outside the account to delete it".
It's like NYT doing the scammy "pay online, but cancel after calling on business hours to a retention specialist, and they may also just ignore your *request*"
The simple answer: put this in the website, not some email that may or may not actually request anything.
If I'm trying to keep my self anonymous-ish, Why do YOU think email is the best way to do that?
This should be in-app as a request or an action I can self-execute. "Email us" is the New York Times model of "buy online, but deal with hours of phone-hell"
I've pointedly avoided revealing my meatspace identity. Though simultaneously cultivating some manner of pseudonymous reputation.
There are numerous other anonymous / pseudonymous members, and throwaway usernames are supported for that reason though discouraged in general use, to cultivate community.
The value of data declines over time, often rapidly. Think about what a business would pay for current user data, data one year old, data five years old, etc.; who buys five year old data? I suppose it depends on the application. Imagine how your life changes over time, an accumulation of small and large changes. Data on your health, finances, social network, interests, politics, activities, etc. was different 1 year ago, 5 years ago, etc.
The question seems like a justification for what many want to do, which is just close their eyes to the problems and not put the energy into resisting the tide toward compliance and giving power to government/corporations; it's easier, right now, to give up, and despair and powerlessness are normalized - instead of quitting being at least a bit shameful, it's cynically embraced, flauted as rebellious.
You are just wrong. Some of your data such as health data stays constant throughout your life. Especially for guys living with chronic conditions. Your key identifiers stay the same too. E.g your phone number etc. These are then used to re-establish your advertising identity. This theory that old data declines in value couldn't be more wrong given that the "old" data is never deleted. Just waiting to find its original purpose.
Yes, but the value of the data has declined. If I am a business I would not pay the same amount or more for five-year-old data. Some portion of that dataset will be bad data. Some of the subjects will have had died, for example.
Decline does not mean zero, but the point is older data is less valuable. So, making your data leaking footprint smaller today will still provide you value (not infinite value though) as time goes on.
Sure, the more recent data will always have a higher value if you are looking at massive datasets.
But I think if you look at this problem from an individual perspective. Key data that is unique to them doesn't change most of the time. Say a target person has dental issues and you have their phone number. There is a high chance that in 5 years from now, they still may require dental services and their phone number hasn't changed. They may have moved jobs, neighborhoods etc. in between but their need for dental service has remained constant and probably will into the future.
Let me give you another example. Say you want to run for public office, and in your young adult life some of your social media pages had questionable posts/media. Is this data any less valuable to your competition running for the same office?
I may be taking a different approach with this but a lot of nuances get lost in the numbers.
My point is once the data is out there on the internet, it can be hard to control it and/or assign value to it.
You can change your phone number though. What if you change it so frequently that it's no longer a key identifier? Why not have a system where you can receive phone calls without a phone number? I believe some of the solution here is to stop having globally unique identifiers.
Burner numbers are close, but if you use the same one for all your contacts it still becomes an identifier, even if you rotate it. An alternative is a proxy service where you get issued a unique pin for each person-to-person connection, so the same phone number gets used by multiple parties. Those both use the existing phone network in better ways. With a VoIP system you don't need numbers, you just don't want to trade them for usernames or some other global identifier. I implemented one approach with Severus, but I'm also looking for alternatives that increase privacy.
Cherry picked examples are proof that the OP is wrong, at least to an extent, and that there exists data that doesn't change or changes slow enough to be re-tagged (and this poses the issue in question).
Proof of existence is enough to invalidate a claim of non-existence, even if it doesn't hold for any condition in the world.
No comments were made in the context of logic, so the logical forms don't apply. Personally I'm interested in the long-term value of data and not a logic contest - I'm interested in the territory, not a particular map of it.
Interesting thought. I wonder if the value of the time in a person's life spent without having their data tracked, sold and used to influence their thought and decisions doesn't increase over time like an investment. So let's say they were not under heavy surveillance and sway from such a system for one year 5 years ago... Could that year away have given them a base formation of better adjusted mental health habits that helps them more today because it happened earlier in life than it would have if they had been free of it for only the past year, after 4 years more of continued privacy and attention degradation? I bet this is especially poignant when neuroplasticity is considered.
Optimistically, this would mean any resistance made today hurts the state-corp alliance hard now, and benefits the human being especially hard later, giving courage to make efforts for the long game.
Privacy may not be a goal in itself, but it sure would be painful to wake up one day and realise one has given it up for perhaps more trivial and ephemeral "benefits" along the way, especially if this took place relatively slowly over many years. Privacy (among other things like personal freedom, health, etc.) really seems to be one of those things many people take for granted until they realise they have lost it, or willingly gave it up, not able to easily get it back, only then realising how important it was in hindsight.
The best way to get the point across: think about sending nudes. Once they’re sent, there is no recalling them, even if your relationship goes south or they end up in the wrong hands.
It’s the same for all that data about you out there. If anyone who accesses your data goes rogue or leaks it, it’s hanging over your head forever.
It could be that this data will be judged against changing standards, so that your once innocuous behaviour is now considered bad. It could be that your data is misinterpreted and the judgement used against you.
For this to matter there will have to be a turning point event that causes masses of people to re-think their privacy. The NSA reveal didn’t do much because nobody was financially or socially affected; maybe if the dataset itself was leaked and anyone could search it, we’d see real repercussions and changes made to stop any sort of surveillance (think the Congresspeople being personally affected by the data leak), but that didn’t happen. The only thing that comes close is the Equifax breach, and no citizen can avoid working with them with how everything from home purchases/apartment leases to auto loans relies on their databases.
I think most people are busy just trying to make ends meet. I have a family member who said, "Obama fixed the NSA thing." I also read where the Patriot Act expires, so they aren't doing it anymore.
I like the blog post and the thought experiment. However, I wish the author wouldn't have stopped with the reasoning and would have stressed his arguments further.
Example where his reasoning in the article is coming short, one might answer: Yes, I wanted to go to store a, and yes, after my 'highway hypnosis' I went or was brought to store b instead. So what? It doesn't really matter if I go shopping in store a or b. The important thing is - I am at a store now and can start my shopping.
If we evaluate that from an ethical point of view then we would have to ask about emancipation and sovereignty in regard to the choices we make, and where that fine line is, where it really starts to matter, if we go for store a or b.
Identity theft, scams, robocalls, spam, etc. all get started by harvesting people’s personal information. It’s a commodity hackers trade for big bucks. The question is how to protect yourself? I use end-to-end encryption wherever possible, so WhatsApp for chats and Neucards for contact sharing. It makes collecting my data much tougher.
I don't see how you can trust WhatsApp when it's closed source and owned by Facebook ?
(Who, furthermore, already violated their promise made when buying WhatsApp to not use the phone numbers and contact books they got from them for their other services.)
They care about end-to-end encryption and let me use the app after I denied them access to my contacts. Signal is another possibility, but I don't like they require my phone number to make an account.
Simply because it sometimes takes governments years to act on industry abuses (giving time for market correction, etc) doesn’t mean the government should not act.
Information based industries are absolutely abusing their access to our personal information, and they’re refusing to self correct. The governments of the world are now stepping in to correct that.
To be blunt, the corporations have only themselves to blame.
1. The monopolistic position of many of these service providers drastically limits the ability to choose alternatives and creates social and economic hardships for those who would avoid the use of these services altogether. For example, my ISP lobbied my government to allow them to steal my data. I have exactly one choice of ISP.
2. When we look back on the colonizers handing the natives trinkets in exchange for land, we consider that egregious theft. Most people lack any real understanding of the price that they are paying for these services and the intrinsic value of their data. They also lack an understanding of how this data can and will be used against them now and in the future.
3. And what about the data thieves who build shadow profiles on people who have not signed up for their services? (e.g. Facecrook)
Competition is always one click way on the internet. The "monopolistic" practices would not be sufficient if people actually cared enough to stand up an alternative that respected your privacy.
The market does not care enough about its own privacy to justify those alternatives. DDG has been available for years... It's doing fine, and it's a great alternative to Google, but it's not doing the gangbusters that one would expect if people weren't mostly satisfied with the privacy trade off.
And personally, I think it's extremely elitist for us to assume that we can better evaluate the privacy / service trade-off than most users can. Comparing the average user to a native being taken advantage of by European colonials is a view terribly dismissive of people's self-determination.
One useful regulation might be to prevent neutering the functionality of a product if the user does not elect to share their data. Unless those data are part and parcel of the core functionality, choosing not to share should not prevent receiving software updates, etc.
Well, in the beginning I wasn't aware of the entire privacy topic. But now I am and I don't want any big corpo to censor me just because they already have all my life in a database.
I’m sorry to break it to you, but the issue is not the cookie banners but the fact that website share your personal information with thousand of entities and brokers. You do not need a cookie banner if you do not track your users beyond what is needed for the website to work.
Why do you think there is so much outrage on the internet these days ? It's a consequence of 2 decades of optimizing for engagement, because they make money not by providing a product people pay once and use at their will, but a product that gets a minuscule amount of cash any time someone does something with it.
And this ad based system only works if you spy a lot on people.
Everything is affected by this: the vaccine opposition in the covid crisis, the presidential election... Everything.
the internet is more than browsers and http, we have email, irc, sftp, torrents and lots of other cool stuff that I would hate to see centralized in the hands of a few private companies and serve to the masses with browser, mandatory https and google tag manager all in order to track people behaviors.
I feel like promoting alternatives is a better idea than participating in the creation of a dystopian future for the generations to come.
out of question for me to just "let it slide", we have too much to loose here
There's two extremes to being online: you can wear your heart on your shirt sleeve and post under your legal name, and share details about your private life, or you can be a ghost and leave no traces, or at least minimize your footprint.
There is this thing: some people are just so famous online, that reverting back to some private mode is nearly impossible for them. They're so out there and involved with so many services, that 'going dark' for them would be very difficult, but there are steps you can take to minimize your footprint. It's not too late to take those initial steps.
I encourage everyone to attempt to 'go dark' gradually and make it very expensive for people to dox you. If you turn it into a game, it's even better. I said it was tedious, but honestly I kind of like becoming a ghost. I'm so opaque to big tech now, that it must really piss them off, including dragnet surveillance.
It's not a life for everyone however, and sometimes I have to participate in big tech like using my smartphone to do online banking, or buying something on Amazon, but 99% of my activities online are all more-or-less anonymous and private now, and I'm happy with that.